Refactoring on the audit logs implementation

Among of other things, it is now supporting shared file locks between different process.
2025-09-30 11:44:32 +03:00 · 2016-12-14 10:09:53 -03:00
parent 9707d46e45
commit 2e9a35c358
24 changed files with 661 additions and 260 deletions
--- a/src/audit_log/audit_log.cc
+++ b/src/audit_log/audit_log.cc
@@ -13,7 +13,7 @@
 *
 */

-#include "src/audit_log/audit_log.h"
+#include "modsecurity/audit_log.h"

 #include <stddef.h>
 #include <stdio.h>
@@ -24,6 +24,7 @@
 #include "src/audit_log/writer/https.h"
 #include "src/audit_log/writer/parallel.h"
 #include "src/audit_log/writer/serial.h"
+#include "src/audit_log/writer/writer.h"
 #include "src/utils/regex.h"

 #define PARTS_CONSTAINS(a, c) \
@@ -38,40 +39,37 @@
          parts = parts & ~c; \
    }

+#define AL_MERGE_STRING_CONF(a, c) \
+    if (a.empty() == false) { \
+        c = a; \
+    }
+
+
 namespace modsecurity {
 namespace audit_log {

+
 AuditLog::AuditLog()
    : m_path1(""),
    m_path2(""),
    m_storage_dir(""),
-    m_filePermission(0600),
-    m_directoryPermission(0766),
-    m_parts(AAuditLogPart | BAuditLogPart | CAuditLogPart | FAuditLogPart
-            | HAuditLogPart | ZAuditLogPart),
-    m_status(OffAuditLogStatus),
-    m_type(ParallelAuditLogType),
+    m_filePermission(-1),
+    m_directoryPermission(-1),
+    m_parts(-1),
+    m_status(NotSetLogStatus),
+    m_type(NotSetAuditLogType),
    m_relevant(""),
    m_writer(NULL),
-    m_refereceCount(0) { }
+    m_refereceCount(1) { }
+

 AuditLog::~AuditLog() {
    if (m_writer) {
-        m_writer->refCountDecreaseAndCheck();
+        delete m_writer;
+        m_writer = NULL;
    }
 }

-void AuditLog::refCountIncrease() {
-    m_refereceCount++;
-}
-
-
-void AuditLog::refCountDecreaseAndCheck() {
-    m_refereceCount--;
-    if (m_refereceCount == 0) {
-        delete this;
-    }
-}

 bool AuditLog::setStorageDirMode(int permission) {
    this->m_directoryPermission = permission;
@@ -85,8 +83,24 @@ bool AuditLog::setFileMode(int permission) {
 }


-bool AuditLog::setStatus(AuditLogStatus new_status) {
-    this->m_status = new_status;
+int AuditLog::getFilePermission() {
+    if (m_filePermission == -1) {
+        return m_defaultFilePermission;
+    }
+
+    return m_filePermission;
+}
+
+int AuditLog::getDirectoryPermission() {
+    if (m_directoryPermission == -1) {
+        return m_defaultDirectoryPermission;
+    }
+
+    return m_directoryPermission;
+}
+
+bool AuditLog::setStatus(AuditLogStatus status) {
+    this->m_status = status;
    return true;
 }

@@ -172,34 +186,46 @@ bool AuditLog::setParts(const std::basic_string<char>& new_parts) {
 }


+int AuditLog::getParts() {
+    if (m_parts == -1) {
+        return m_defaultParts;
+    }
+
+    return m_parts;
+}
+
+
 bool AuditLog::setType(AuditLogType audit_type) {
    this->m_type = audit_type;
    return true;
 }


-bool AuditLog::init() {
-    if (m_type == ParallelAuditLogType) {
-        m_writer = new audit_log::writer::Parallel(this);
-    }
+
+bool AuditLog::init(std::string *error) {
    if (m_type == SerialAuditLogType) {
        m_writer = new audit_log::writer::Serial(this);
-    }
-    if (m_type == HttpsAuditLogType) {
+    } else if (m_type == HttpsAuditLogType) {
        m_writer = new audit_log::writer::Https(this);
+    } else {
+        /*
+         * if (m_type == ParallelAuditLogType
+         * || m_type == NotSetAuditLogType)
+         *
+         */
+        m_writer = new audit_log::writer::Parallel(this);
    }
-    m_writer->refCountIncrease();

-    if (m_writer == NULL || m_writer->init() == false) {
-        std::cout << "not able to open the log for write." << std::endl;
+
+    if (m_writer == NULL || m_writer->init(error) == false) {
        return false;
    }

    /* Sanity check */
    if (m_status == RelevantOnlyAuditLogStatus) {
        if (m_relevant.empty()) {
-            std::cout << "m_relevant cannot be null while status is " << \
-                "RelevantOnly" << std::endl;
+            error->assign("m_relevant cannot be null while status is set to " \
+                "RelevantOnly");
            return false;
        }
    }
@@ -256,7 +282,16 @@ bool AuditLog::saveIfRelevant(Transaction *transaction, int parts) {
    }
    transaction->debug(5, "Saving this request as part " \
            "of the audit logs.");
-    m_writer->write(transaction, parts);
+    if (m_writer == NULL) {
+        transaction->debug(1, "Internal error, audit log writer is null");
+    } else {
+        std::string error;
+        bool a = m_writer->write(transaction, parts, &error);
+        if (a == false) {
+            transaction->debug(1, "Cannot save the audit log: " + error);
+            return false;
+        }
+    }

    return true;
 }
@@ -267,5 +302,35 @@ bool AuditLog::close() {
 }


+bool AuditLog::merge(AuditLog *from, std::string *error) {
+    AL_MERGE_STRING_CONF(from->m_path1, m_path1);
+    AL_MERGE_STRING_CONF(from->m_path2, m_path2);
+    AL_MERGE_STRING_CONF(from->m_storage_dir, m_storage_dir);
+    AL_MERGE_STRING_CONF(from->m_relevant, m_relevant);
+
+    if (from->m_filePermission != -1) {
+        m_filePermission = from->m_filePermission;
+    }
+
+    if (from->m_directoryPermission != -1) {
+        m_directoryPermission = from->m_directoryPermission;
+    }
+
+    if (from->m_type != NotSetAuditLogType) {
+        m_type = from->m_type;
+    }
+
+    if (from->m_status != NotSetLogStatus) {
+        m_status = from->m_status;
+    }
+
+    if (from->m_parts != -1) {
+        m_parts = from->m_parts;
+    }
+
+    return init(error);
+}
+
+
 }  // namespace audit_log
 }  // namespace modsecurity