Support to JSON stuff on serial logging

2025-09-29 19:24:29 +03:00 · 2017-10-03 20:50:02 +00:00
parent 2988c5bb07
commit 63bef3d142
16 changed files with 7388 additions and 7223 deletions
--- a/src/audit_log/audit_log.cc
+++ b/src/audit_log/audit_log.cc
@@ -129,6 +129,10 @@ bool AuditLog::setFilePath2(const std::basic_string<char>& path) {
    return true;
 }

+bool AuditLog::setFormat(AuditLogFormat fmt) {
+    this->m_format = fmt;
+    return true;
+}

 int AuditLog::addParts(int parts, const std::string& new_parts) {
    PARTS_CONSTAINS('A', AAuditLogPart)
@@ -349,6 +353,10 @@ bool AuditLog::merge(AuditLog *from, std::string *error) {
        m_parts = from->m_parts;
    }

+    if (from->m_format != NotSetAuditLogFormat) {
+        m_format = from->m_format;
+    }
+
    return init(error);
 }

--- a/src/audit_log/writer/parallel.cc
+++ b/src/audit_log/writer/parallel.cc
@@ -103,12 +103,21 @@ bool Parallel::init(std::string *error) {

 bool Parallel::write(Transaction *transaction, int parts, std::string *error) {
    int fd;
-    std::string log = transaction->toJSON(parts);
+    std::string log;
    std::string fileName = logFilePath(&transaction->m_timeStamp,
        YearMonthDayDirectory | YearMonthDayAndTimeDirectory
        | YearMonthDayAndTimeFileName);
    bool ret;

+    if (transaction->m_rules->m_auditLog->m_format ==
+            audit_log::AuditLog::JSONAuditLogFormat) {
+        log = transaction->toJSON(parts);
+    } else {
+        std::string boundary;
+        generateBoundary(&boundary);
+        log = transaction->toOldAuditLogFormat(parts, "-" + boundary + "--");
+    }
+
    std::string logPath = m_audit->m_storage_dir;
    fileName = logPath + fileName + "-" + transaction->m_id;

--- a/src/audit_log/writer/parallel.h
+++ b/src/audit_log/writer/parallel.h
@@ -22,6 +22,7 @@
 #include "modsecurity/transaction.h"
 #include "modsecurity/audit_log.h"
 #include "src/utils/shared_files.h"
+#include "modsecurity/rules.h"

 #ifdef __cplusplus

--- a/src/audit_log/writer/serial.cc
+++ b/src/audit_log/writer/serial.cc
@@ -28,29 +28,22 @@ Serial::~Serial() {
 }


-void Serial::generateBoundary(std::string *boundary) {
-    static const char alphanum[] =
-        "0123456789"
-        "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-        "abcdefghijklmnopqrstuvwxyz";
-
-    for (int i = 0; i < SERIAL_AUDIT_LOG_BOUNDARY_LENGTH; ++i) {
-        boundary->append(1, alphanum[rand() % (sizeof(alphanum) - 1)]);
-    }
-}
-
-
 bool Serial::init(std::string *error) {
    return utils::SharedFiles::getInstance().open(m_audit->m_path1, error);
 }


 bool Serial::write(Transaction *transaction, int parts, std::string *error) {
-    std::string boundary;
    std::string msg;

-    generateBoundary(&boundary);
-    msg = transaction->toOldAuditLogFormat(parts, "-" + boundary + "--");
+    if (transaction->m_rules->m_auditLog->m_format ==
+            audit_log::AuditLog::JSONAuditLogFormat) {
+        msg = transaction->toJSON(parts);
+    } else {
+        std::string boundary;
+        generateBoundary(&boundary);
+        msg = transaction->toOldAuditLogFormat(parts, "-" + boundary + "--");
+    }

    return utils::SharedFiles::getInstance().write(m_audit->m_path1, msg,
        error);
--- a/src/audit_log/writer/serial.h
+++ b/src/audit_log/writer/serial.h
@@ -26,6 +26,7 @@
 #include "src/utils/shared_files.h"
 #include "modsecurity/transaction.h"
 #include "modsecurity/audit_log.h"
+#include "modsecurity/rules.h"

 #ifdef __cplusplus

@@ -33,8 +34,6 @@ namespace modsecurity {
 namespace audit_log {
 namespace writer {

-#define SERIAL_AUDIT_LOG_BOUNDARY_LENGTH 8
-

 /** @ingroup ModSecurity_CPP_API */
 class Serial : public Writer {
@@ -49,7 +48,6 @@ class Serial : public Writer {
    bool write(Transaction *transaction, int parts,
        std::string *error) override;

-    void generateBoundary(std::string *boundary);
 };

 }  // namespace writer
--- a/src/audit_log/writer/writer.cc
+++ b/src/audit_log/writer/writer.cc
@@ -23,7 +23,16 @@ namespace modsecurity {
 namespace audit_log {
 namespace writer {

+void Writer::generateBoundary(std::string *boundary) {
+    static const char alphanum[] =
+        "0123456789"
+        "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+        "abcdefghijklmnopqrstuvwxyz";

+    for (int i = 0; i < SERIAL_AUDIT_LOG_BOUNDARY_LENGTH; ++i) {
+        boundary->append(1, alphanum[rand() % (sizeof(alphanum) - 1)]);
+    }
+}

 }  // namespace writer
 }  // namespace audit_log
--- a/src/audit_log/writer/writer.h
+++ b/src/audit_log/writer/writer.h
@@ -31,13 +31,13 @@
 #include "modsecurity/transaction.h"
 #include "modsecurity/audit_log.h"

+#define SERIAL_AUDIT_LOG_BOUNDARY_LENGTH 8

 namespace modsecurity {
 namespace audit_log {
 namespace writer {


-
 /** @ingroup ModSecurity_CPP_API */
 class Writer {
 public:
@@ -51,6 +51,7 @@ class Writer {
    virtual bool write(Transaction *transaction, int parts,
        std::string *error) = 0;

+    void generateBoundary(std::string *boundary);

    void refCountIncrease() {
        m_refereceCount++;