github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-10-01 03:57:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring on the audit logs implementation

Browse Source 
Among of other things, it is now supporting shared file locks between
different process.
This commit is contained in:
Felipe Zimmerle
2016-12-14 10:09:53 -03:00
parent 9707d46e45
commit 2e9a35c358
24 changed files with 661 additions and 260 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/audit_log/writer/https.cc
View File

@@ -25,7 +25,7 @@
#include <fstream>
#include <mutex>
#include "src/audit_log/audit_log.h"
#include "modsecurity/audit_log.h"
#include "modsecurity/transaction.h"
#include "src/utils/md5.h"
#include "src/utils/https_client.h"
@@ -40,12 +40,12 @@ Https::~Https() {
}
bool Https::init() {
bool Https::init(std::string *error) {
return true;
}
bool Https::write(Transaction *transaction, int parts) {
bool Https::write(Transaction *transaction, int parts, std::string *error) {
Utils::HttpsClient m_http_client;
transaction->debug(7, "Sending logs to: " + m_audit->m_path1);

23
src/audit_log/writer/https.h
View File

@@ -22,7 +22,7 @@
#ifndef SRC_AUDIT_LOG_WRITER_HTTPS_H_
#define SRC_AUDIT_LOG_WRITER_HTTPS_H_
#include "src/audit_log/writer.h"
#include "src/audit_log/writer/writer.h"
#include "modsecurity/transaction.h"
#ifdef __cplusplus
@@ -32,27 +32,16 @@ namespace audit_log {
namespace writer {
/** @ingroup ModSecurity_CPP_API */
class Https : public audit_log::Writer {
class Https : public Writer {
public:
explicit Https(audit_log::AuditLog *audit)
: audit_log::Writer(audit) { }
: audit_log::writer::Writer(audit) { }
~Https() override;
void refCountIncrease() override {
m_refereceCount++;
}
void refCountDecreaseAndCheck() override {
m_refereceCount--;
if (m_refereceCount == 0) {
delete this;
}
}
bool init() override;
bool write(Transaction *transaction, int parts) override;
bool init(std::string *error) override;
bool write(Transaction *transaction, int parts,
std::string *error) override;
};
} // namespace writer

104
src/audit_log/writer/parallel.cc
View File

@@ -25,7 +25,7 @@
#include <fstream>
#include <mutex>
#include "src/audit_log/audit_log.h"
#include "modsecurity/audit_log.h"
#include "modsecurity/transaction.h"
#include "src/utils/system.h"
#include "src/utils/md5.h"
@@ -36,17 +36,9 @@ namespace audit_log {
namespace writer {
std::mutex g_writeMutex;
Parallel::~Parallel() {
if (log1.is_open()) {
log1.close();
}
if (log2.is_open()) {
log2.close();
}
utils::SharedFiles::getInstance().close(m_audit->m_path1);
utils::SharedFiles::getInstance().close(m_audit->m_path2);
}
@@ -80,68 +72,106 @@ inline std::string Parallel::logFilePath(time_t *t,
}
bool Parallel::init() {
/** TODO:: Check if the directory exists. */
/** TODO:: Checking if we have permission to write in the target dir */
bool Parallel::init(std::string *error) {
bool ret = true;
if (!m_audit->m_path1.empty()) {
log1.open(m_audit->m_path1, std::fstream::out | std::fstream::app);
ret = utils::SharedFiles::getInstance().open(m_audit->m_path1, error);
if (!ret) {
return false;
}
}
if (!m_audit->m_path2.empty()) {
log2.open(m_audit->m_path2, std::fstream::out | std::fstream::app);
ret = utils::SharedFiles::getInstance().open(m_audit->m_path2, error);
if (!ret) {
return false;
}
}
if (m_audit->m_storage_dir.empty() == false) {
if (utils::createDir(m_audit->m_storage_dir,
m_audit->getDirectoryPermission(), error) == false) {
return false;
}
}
return true;
}
bool Parallel::write(Transaction *transaction, int parts) {
std::lock_guard<std::mutex> guard(g_writeMutex);
bool Parallel::write(Transaction *transaction, int parts, std::string *error) {
FILE *fp;
int fd;
std::string log = transaction->toJSON(parts);
std::string fileName = logFilePath(&transaction->m_timeStamp,
YearMonthDayDirectory | YearMonthDayAndTimeDirectory
| YearMonthDayAndTimeFileName);
bool ret;
std::string logPath = m_audit->m_storage_dir;
fileName = logPath + fileName + "-" + transaction->m_id;
if (logPath.empty()) {
return false;
error->assign("Log path is not valid.");
return false;
}
utils::createDir((logPath +
ret = utils::createDir((logPath +
logFilePath(&transaction->m_timeStamp, YearMonthDayDirectory)).c_str(),
m_audit->m_directoryPermission);
utils::createDir((logPath +
m_audit->getDirectoryPermission(),
error);
if (ret == false) {
return false;
}
ret = utils::createDir((logPath +
logFilePath(&transaction->m_timeStamp, YearMonthDayDirectory
| YearMonthDayAndTimeDirectory)).c_str(),
m_audit->m_directoryPermission);
m_audit->getDirectoryPermission(),
error);
if (ret == false) {
return false;
}
fd = open(fileName.c_str(), O_CREAT | O_WRONLY, m_audit->m_filePermission);
fd = open(fileName.c_str(), O_CREAT | O_WRONLY,
m_audit->getFilePermission());
if (fd < 0) {
error->assign("Not able to open: " + fileName + ". " \
+ strerror(errno));
return false;
}
fp = fdopen(fd, "w");
fwrite(log.c_str(), log.length(), 1, fp);
fclose(fp);
if (log1.is_open() && log2.is_open()) {
log2 << transaction->toOldAuditLogFormatIndex(fileName, log.length(),
Utils::Md5::hexdigest(log));
log2.flush();
if (m_audit->m_path1.empty() == false
&& m_audit->m_path2.empty() == false) {
std::string msg = transaction->toOldAuditLogFormatIndex(fileName,
log.length(), Utils::Md5::hexdigest(log));
ret = utils::SharedFiles::getInstance().write(m_audit->m_path2, msg,
error);
if (ret == false) {
return false;
}
}
if (log1.is_open() && !log2.is_open()) {
log1 << transaction->toOldAuditLogFormatIndex(fileName, log.length(),
Utils::Md5::hexdigest(log));
log1.flush();
if (m_audit->m_path1.empty() == false
&& m_audit->m_path2.empty() == true) {
std::string msg = transaction->toOldAuditLogFormatIndex(fileName,
log.length(), Utils::Md5::hexdigest(log));
ret = utils::SharedFiles::getInstance().write(m_audit->m_path1, msg,
error);
if (ret == false) {
return false;
}
}
if (!log1.is_open() && log2.is_open()) {
log2 << transaction->toOldAuditLogFormatIndex(fileName, log.length(),
Utils::Md5::hexdigest(log));
log2.flush();
if (m_audit->m_path1.empty() == true
&& m_audit->m_path2.empty() == false) {
std::string msg = transaction->toOldAuditLogFormatIndex(fileName,
log.length(), Utils::Md5::hexdigest(log));
ret = utils::SharedFiles::getInstance().write(m_audit->m_path2, msg,
error);
if (ret == false) {
return false;
}
}
return true;

26
src/audit_log/writer/parallel.h
View File

@@ -18,8 +18,10 @@
#ifndef SRC_AUDIT_LOG_WRITER_PARALLEL_H_
#define SRC_AUDIT_LOG_WRITER_PARALLEL_H_
#include "src/audit_log/writer.h"
#include "src/audit_log/writer/writer.h"
#include "modsecurity/transaction.h"
#include "modsecurity/audit_log.h"
#include "src/utils/shared_files.h"
#ifdef __cplusplus
@@ -28,26 +30,16 @@ namespace audit_log {
namespace writer {
/** @ingroup ModSecurity_CPP_API */
class Parallel : public audit_log::Writer {
class Parallel : public Writer {
public:
explicit Parallel(AuditLog *audit)
: audit_log::Writer(audit) { }
: audit_log::writer::Writer(audit) { }
~Parallel() override;
bool init() override;
bool write(Transaction *transaction, int parts) override;
bool init(std::string *error) override;
bool write(Transaction *transaction, int parts,
std::string *error) override;
void refCountIncrease() override {
m_refereceCount++;
}
void refCountDecreaseAndCheck() override {
m_refereceCount--;
if (m_refereceCount == 0) {
delete this;
}
}
/**
*
@@ -72,8 +64,6 @@ class Parallel : public audit_log::Writer {
YearMonthDayAndTimeFileName = 8,
};
std::ofstream log1;
std::ofstream log2;
inline std::string logFilePath(time_t *t, int part);
};

25
src/audit_log/writer/serial.cc
View File

@@ -15,9 +15,7 @@
#include "src/audit_log/writer/serial.h"
// #include <mutex>
#include "src/audit_log/audit_log.h"
#include "modsecurity/audit_log.h"
namespace modsecurity {
namespace audit_log {
@@ -26,7 +24,7 @@ namespace writer {
Serial::~Serial() {
m_log.close();
utils::SharedFiles::getInstance().close(m_audit->m_path1);
}
@@ -42,25 +40,20 @@ void Serial::generateBoundary(std::string *boundary) {
}
bool Serial::init() {
m_log.open(m_audit->m_path1, std::fstream::out | std::fstream::app);
return true;
bool Serial::init(std::string *error) {
return utils::SharedFiles::getInstance().open(m_audit->m_path1, error);
}
bool Serial::write(Transaction *transaction, int parts) {
bool Serial::write(Transaction *transaction, int parts, std::string *error) {
std::string boundary;
std::string msg;
generateBoundary(&boundary);
msg = transaction->toOldAuditLogFormat(parts, "-" + boundary + "--");
// serialLoggingMutex.lock();
m_log << transaction->toOldAuditLogFormat(parts, "-" + boundary + "--");
m_log.flush();
// serialLoggingMutex.unlock();
return true;
return utils::SharedFiles::getInstance().write(m_audit->m_path1, msg,
error);
}
} // namespace writer

32
src/audit_log/writer/serial.h
View File

@@ -22,8 +22,10 @@
#ifndef SRC_AUDIT_LOG_WRITER_SERIAL_H_
#define SRC_AUDIT_LOG_WRITER_SERIAL_H_
#include "src/audit_log/writer.h"
#include "src/audit_log/writer/writer.h"
#include "src/utils/shared_files.h"
#include "modsecurity/transaction.h"
#include "modsecurity/audit_log.h"
#ifdef __cplusplus
@@ -33,37 +35,21 @@ namespace writer {
#define SERIAL_AUDIT_LOG_BOUNDARY_LENGTH 8
/** @ingroup ModSecurity_CPP_API */
class Serial : public audit_log::Writer {
class Serial : public Writer {
public:
explicit Serial(audit_log::AuditLog *audit)
: audit_log::Writer(audit) { }
: audit_log::writer::Writer(audit) { }
~Serial() override;
void refCountIncrease() override {
m_refereceCount++;
}
void refCountDecreaseAndCheck() override {
/*
m_refereceCount--;
if (m_refereceCount == 0) {
*/
delete this;
/*
/}
*/
}
bool init() override;;
bool write(Transaction *transaction, int parts) override;
bool init(std::string *error) override;
bool write(Transaction *transaction, int parts,
std::string *error) override;
private:
std::ofstream m_log;
void generateBoundary(std::string *boundary);
};

30
src/audit_log/writer/writer.cc Normal file
View File

@@ -0,0 +1,30 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "src/audit_log/writer/writer.h"
#include <string>
#include "modsecurity/audit_log.h"
namespace modsecurity {
namespace audit_log {
namespace writer {
} // namespace writer
} // namespace audit_log
} // namespace modsecurity

79
src/audit_log/writer/writer.h Normal file
View File

@@ -0,0 +1,79 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifndef SRC_AUDIT_LOG_WRITER_WRITER_H_
#define SRC_AUDIT_LOG_WRITER_WRITER_H_
#include <stdio.h>
#include <sys/ipc.h>
#include <sys/shm.h>
#include <sys/types.h>
#include <iostream>
#include <string>
#include <map>
#include <cstring>
#include "modsecurity/transaction.h"
#include "modsecurity/audit_log.h"
namespace modsecurity {
namespace audit_log {
namespace writer {
/** @ingroup ModSecurity_CPP_API */
class Writer {
public:
explicit Writer(AuditLog *audit)
: m_audit(audit),
m_refereceCount(1) { }
virtual ~Writer() { }
virtual bool init(std::string *error) = 0;
virtual bool write(Transaction *transaction, int parts,
std::string *error) = 0;
void refCountIncrease() {
m_refereceCount++;
}
bool refCountDecreaseAndCheck() {
m_refereceCount--;
if (m_refereceCount == 0) {
delete this;
return true;
}
return false;
}
protected:
AuditLog *m_audit;
int m_refereceCount;
};
} // namespace writer
} // namespace audit_log
} // namespace modsecurity
#endif // SRC_AUDIT_LOG_WRITER_WRITER_H_