From a8b603e509ad836e53626621d9a7aec62cfb0ff2 Mon Sep 17 00:00:00 2001 From: Jason Ish Date: Thu, 27 May 2021 11:46:19 -0600 Subject: [PATCH] plugins: remove internal fields The internal flag is not really used. This also reverts the behaviour of the plugin refactor of passing a ConfNode based on the plugin name instead of the eve ConfNode. --- output-eve-syslog.c | 114 ---------------------------------------- src/output-eve-syslog.c | 1 - src/output-json.c | 4 +- src/suricata-plugin.h | 2 - 4 files changed, 1 insertion(+), 120 deletions(-) delete mode 100644 output-eve-syslog.c diff --git a/output-eve-syslog.c b/output-eve-syslog.c deleted file mode 100644 index 4c06f8d461..0000000000 --- a/output-eve-syslog.c +++ /dev/null @@ -1,114 +0,0 @@ -/* vi: set et ts=4: */ -/* Copyright (C) 2021 Open Information Security Foundation - * - * You can copy, redistribute or modify this Program under the terms of - * the GNU General Public License version 2 as published by the Free - * Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * version 2 along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301, USA. - */ - -/** - * \file - * - * \author Mike Pomraning - * \author Jeff Lucovsky - * - * File-like output for logging: syslog - */ - -#ifndef OS_WIN32 -#include "suricata-plugin.h" /* errno.h, string.h, etc. */ -#include "conf.h" /* ConfNode, etc. */ -#include "output.h" /* DEFAULT_LOG_* */ -#include "output-eve-syslog.h" -#include "util-syslog.h" - -#define DEFAULT_ALERT_SYSLOG_FACILITY_STR "local0" -#define DEFAULT_ALERT_SYSLOG_FACILITY LOG_LOCAL0 -#define DEFAULT_ALERT_SYSLOG_LEVEL LOG_INFO - -#define OUTPUT_NAME "syslog" - -typedef struct Context_ { - int alert_syslog_level; -} Context; - -static int SyslogInit(ConfNode *conf, bool threaded, void **init_data) -{ - Context *context = SCCalloc(1, sizeof(Context)); - if (context == NULL) { - SCLogError(SC_ERR_MEM_ALLOC, "Unable to allocate context for %s", OUTPUT_NAME); - return -1; - } - const char *facility_s = ConfNodeLookupChildValue(conf, "facility"); - if (facility_s == NULL) { - facility_s = DEFAULT_ALERT_SYSLOG_FACILITY_STR; - } - - int facility = SCMapEnumNameToValue(facility_s, SCSyslogGetFacilityMap()); - if (facility == -1) { - SCLogWarning(SC_ERR_INVALID_ARGUMENT, - "Invalid syslog facility: \"%s\"," - " now using \"%s\" as syslog facility", - facility_s, DEFAULT_ALERT_SYSLOG_FACILITY_STR); - facility = DEFAULT_ALERT_SYSLOG_FACILITY; - } - - const char *level_s = ConfNodeLookupChildValue(conf, "level"); - if (level_s != NULL) { - int level = SCMapEnumNameToValue(level_s, SCSyslogGetLogLevelMap()); - if (level != -1) { - context->alert_syslog_level = level; - } - } - - const char *ident = ConfNodeLookupChildValue(conf, "identity"); - /* if null we just pass that to openlog, which will then - * figure it out by itself. */ - - openlog(ident, LOG_PID | LOG_NDELAY, facility); - SCLogNotice("Syslog: facility %s, level %s, ident %s", facility_s, level_s, ident); - *init_data = context; - return 0; -} - -static int SyslogWrite(const char *buffer, int buffer_len, void *init_data, void *thread_data) -{ - Context *context = init_data; - syslog(context->alert_syslog_level, "%s", (const char *)buffer); - - return 0; -} - -static void SyslogDeInit(void *init_data) -{ - if (init_data) { - closelog(); - SCFree(init_data); - } -} - -void SyslogInitialize(void) -{ - SCPluginFileType *plugin_data = SCCalloc(1, sizeof(SCPluginFileType)); - - if (plugin_data == NULL) { - FatalError(SC_ERR_MEM_ALLOC, "Unable to allocate memory for eve output %s", OUTPUT_NAME); - } - - plugin_data->internal = true; - plugin_data->name = OUTPUT_NAME; - plugin_data->Init = SyslogInit; - plugin_data->Deinit = SyslogDeInit; - plugin_data->Write = SyslogWrite; -} -#endif /* !OS_WIN32 */ diff --git a/src/output-eve-syslog.c b/src/output-eve-syslog.c index 2f0ef47f7c..7dc0ca9085 100644 --- a/src/output-eve-syslog.c +++ b/src/output-eve-syslog.c @@ -104,7 +104,6 @@ void SyslogInitialize(void) FatalError(SC_ERR_MEM_ALLOC, "Unable to allocate memory for eve file type %s", OUTPUT_NAME); } - file_type->internal = true; file_type->name = OUTPUT_NAME; file_type->Init = SyslogInit; file_type->Deinit = SyslogDeInit; diff --git a/src/output-json.c b/src/output-json.c index 226271a9f1..06da8d64d7 100644 --- a/src/output-json.c +++ b/src/output-json.c @@ -1062,10 +1062,8 @@ static int LogFileTypePrepare( return -1; } } - ConfNode *plugin_conf = ConfNodeLookupChild(conf, json_ctx->plugin->name); void *init_data = NULL; - if (json_ctx->plugin->Init(json_ctx->plugin->internal ? conf : plugin_conf, - json_ctx->file_ctx->threaded, &init_data) < 0) { + if (json_ctx->plugin->Init(conf, json_ctx->file_ctx->threaded, &init_data) < 0) { return -1; } json_ctx->file_ctx->plugin.plugin = json_ctx->plugin; diff --git a/src/suricata-plugin.h b/src/suricata-plugin.h index 1f4dad717e..dec87bb64e 100644 --- a/src/suricata-plugin.h +++ b/src/suricata-plugin.h @@ -36,7 +36,6 @@ typedef struct SCPlugin_ { const char *name; const char *license; const char *author; - const bool internal; void (*Init)(void); } SCPlugin; @@ -49,7 +48,6 @@ typedef struct SCEveFileType_ { /* The name of the output, used to specify the output in the filetype section * of the eve-log configuration. */ const char *name; - bool internal; /* Init Called on first access */ int (*Init)(ConfNode *conf, bool threaded, void **init_data); /* Write - Called on each write to the object */