From e397c34d2a6c7c1e4c116fd2363cb173e32eb2a2 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 30 Jun 2009 15:21:15 +0200 Subject: finished transition to using inputName property ... plus some celanup and adding minor missing functionality (the rule debug info again tell the property name, not just number). --- runtime/msg.c | 273 +++++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 176 insertions(+), 97 deletions(-) (limited to 'runtime/msg.c') diff --git a/runtime/msg.c b/runtime/msg.c index 47b4ed85..fd0cbcdc 100644 --- a/runtime/msg.c +++ b/runtime/msg.c @@ -295,6 +295,175 @@ getInputName(msg_t *pM, uchar **ppsz, int *plen) ENDfunc } + +/* map a property name (string) to a property ID */ +rsRetVal propNameToID(cstr_t *pCSPropName, propid_t *pPropID) +{ + uchar *pName; + DEFiRet; + + assert(pCSPropName != NULL); + assert(pPropID != NULL); + pName = rsCStrGetSzStrNoNULL(pCSPropName); + + /* sometimes there are aliases to the original MonitoWare + * property names. These come after || in the ifs below. */ + if(!strcmp((char*) pName, "msg")) { + *pPropID = PROP_MSG; + } else if(!strcmp((char*) pName, "timestamp") + || !strcmp((char*) pName, "timereported")) { + *pPropID = PROP_TIMESTAMP; + } else if(!strcmp((char*) pName, "hostname") || !strcmp((char*) pName, "source")) { + *pPropID = PROP_HOSTNAME; + } else if(!strcmp((char*) pName, "syslogtag")) { + *pPropID = PROP_SYSLOGTAG; + } else if(!strcmp((char*) pName, "rawmsg")) { + *pPropID = PROP_RAWMSG; + /* enable this, if someone actually uses UxTradMsg, delete after some time has + * passed and nobody complained -- rgerhards, 2009-06-16 + } else if(!strcmp((char*) pName, "uxtradmsg")) { + pRes = getUxTradMsg(pMsg); + */ + } else if(!strcmp((char*) pName, "inputname")) { + *pPropID = PROP_INPUTNAME; + } else if(!strcmp((char*) pName, "fromhost")) { + *pPropID = PROP_FROMHOST; + } else if(!strcmp((char*) pName, "fromhost-ip")) { + *pPropID = PROP_FROMHOST_IP; + } else if(!strcmp((char*) pName, "pri")) { + *pPropID = PROP_PRI; + } else if(!strcmp((char*) pName, "pri-text")) { + *pPropID = PROP_PRI_TEXT; + } else if(!strcmp((char*) pName, "iut")) { + *pPropID = PROP_IUT; + } else if(!strcmp((char*) pName, "syslogfacility")) { + *pPropID = PROP_SYSLOGFACILITY; + } else if(!strcmp((char*) pName, "syslogfacility-text")) { + *pPropID = PROP_SYSLOGFACILITY_TEXT; + } else if(!strcmp((char*) pName, "syslogseverity") || !strcmp((char*) pName, "syslogpriority")) { + *pPropID = PROP_SYSLOGSEVERITY; + } else if(!strcmp((char*) pName, "syslogseverity-text") || !strcmp((char*) pName, "syslogpriority-text")) { + *pPropID = PROP_SYSLOGSEVERITY_TEXT; + } else if(!strcmp((char*) pName, "timegenerated")) { + *pPropID = PROP_TIMEGENERATED; + } else if(!strcmp((char*) pName, "programname")) { + *pPropID = PROP_PROGRAMNAME; + } else if(!strcmp((char*) pName, "protocol-version")) { + *pPropID = PROP_PROTOCOL_VERSION; + } else if(!strcmp((char*) pName, "structured-data")) { + *pPropID = PROP_STRUCTURED_DATA; + } else if(!strcmp((char*) pName, "app-name")) { + *pPropID = PROP_APP_NAME; + } else if(!strcmp((char*) pName, "procid")) { + *pPropID = PROP_PROCID; + } else if(!strcmp((char*) pName, "msgid")) { + *pPropID = PROP_MSGID; + /* here start system properties (those, that do not relate to the message itself */ + } else if(!strcmp((char*) pName, "$now")) { + *pPropID = PROP_SYS_NOW; + } else if(!strcmp((char*) pName, "$year")) { + *pPropID = PROP_SYS_YEAR; + } else if(!strcmp((char*) pName, "$month")) { + *pPropID = PROP_SYS_MONTH; + } else if(!strcmp((char*) pName, "$day")) { + *pPropID = PROP_SYS_DAY; + } else if(!strcmp((char*) pName, "$hour")) { + *pPropID = PROP_SYS_HOUR; + } else if(!strcmp((char*) pName, "$hhour")) { + *pPropID = PROP_SYS_HHOUR; + } else if(!strcmp((char*) pName, "$qhour")) { + *pPropID = PROP_SYS_QHOUR; + } else if(!strcmp((char*) pName, "$minute")) { + *pPropID = PROP_SYS_MINUTE; + } else if(!strcmp((char*) pName, "$myhostname")) { + *pPropID = PROP_SYS_MYHOSTNAME; + } else { + *pPropID = PROP_INVALID; + iRet = RS_RET_VAR_NOT_FOUND; + } + + RETiRet; +} + + +/* map a property ID to a name string (useful for displaying) */ +uchar *propIDToName(propid_t propID) +{ + switch(propID) { + case PROP_MSG: + return UCHAR_CONSTANT("msg"); + case PROP_TIMESTAMP: + return UCHAR_CONSTANT("timestamp"); + case PROP_HOSTNAME: + return UCHAR_CONSTANT("hostname"); + case PROP_SYSLOGTAG: + return UCHAR_CONSTANT("syslogtag"); + case PROP_RAWMSG: + return UCHAR_CONSTANT("rawmsg"); + /* enable this, if someone actually uses UxTradMsg, delete after some time has + * passed and nobody complained -- rgerhards, 2009-06-16 + case PROP_UXTRADMSG: + pRes = getUxTradMsg(pMsg); + break; + */ + case PROP_INPUTNAME: + return UCHAR_CONSTANT("inputname"); + case PROP_FROMHOST: + return UCHAR_CONSTANT("fromhost"); + case PROP_FROMHOST_IP: + return UCHAR_CONSTANT("fromhost-ip"); + case PROP_PRI: + return UCHAR_CONSTANT("pri"); + case PROP_PRI_TEXT: + return UCHAR_CONSTANT("pri-text"); + case PROP_IUT: + return UCHAR_CONSTANT("iut"); + case PROP_SYSLOGFACILITY: + return UCHAR_CONSTANT("syslogfacility"); + case PROP_SYSLOGFACILITY_TEXT: + return UCHAR_CONSTANT("syslogfacility-text"); + case PROP_SYSLOGSEVERITY: + return UCHAR_CONSTANT("syslogseverity"); + case PROP_SYSLOGSEVERITY_TEXT: + return UCHAR_CONSTANT("syslogseverity-text"); + case PROP_TIMEGENERATED: + return UCHAR_CONSTANT("timegenerated"); + case PROP_PROGRAMNAME: + return UCHAR_CONSTANT("programname"); + case PROP_PROTOCOL_VERSION: + return UCHAR_CONSTANT("protocol-version"); + case PROP_STRUCTURED_DATA: + return UCHAR_CONSTANT("structured-data"); + case PROP_APP_NAME: + return UCHAR_CONSTANT("app-name"); + case PROP_PROCID: + return UCHAR_CONSTANT("procid"); + case PROP_MSGID: + return UCHAR_CONSTANT("msgid"); + case PROP_SYS_NOW: + return UCHAR_CONSTANT("$NOW"); + case PROP_SYS_YEAR: + return UCHAR_CONSTANT("$YEAR"); + case PROP_SYS_MONTH: + return UCHAR_CONSTANT("$MONTH"); + case PROP_SYS_DAY: + return UCHAR_CONSTANT("$DAY"); + case PROP_SYS_HOUR: + return UCHAR_CONSTANT("$HOUR"); + case PROP_SYS_HHOUR: + return UCHAR_CONSTANT("$HHOUR"); + case PROP_SYS_QHOUR: + return UCHAR_CONSTANT("$QHOUR"); + case PROP_SYS_MINUTE: + return UCHAR_CONSTANT("$MINUTE"); + case PROP_SYS_MYHOSTNAME: + return UCHAR_CONSTANT("$MYHOSTNAME"); + default: + return UCHAR_CONSTANT("*invalid property id*"); + } +} + + /* The following functions will support advanced output module * multithreading, once this is implemented. Currently, we * include them as hooks only. The idea is that we need to guard @@ -1606,18 +1775,22 @@ static int getAPPNAMELen(msg_t *pM, bool bLockMutex) return (pM->pCSAPPNAME == NULL) ? 0 : rsCStrLen(pM->pCSAPPNAME); } -/* rgerhards 2008-09-10: set pszInputName in msg object +/* rgerhards 2008-09-10: set pszInputName in msg object. This calls AddRef() + * on the property, because this must be done in all current cases and there + * is no case expected where this may not be necessary. * rgerhards, 2009-06-16 */ void MsgSetInputName(msg_t *pThis, prop_t *inputName) { assert(pThis != NULL); + prop.AddRef(inputName); if(pThis->pInputName != NULL) prop.Destruct(&pThis->pInputName); pThis->pInputName = inputName; } +#if 0 /* to be removed soon: work-around for those tht can not natively generate an * input name. * rgerhards, 2009-06-29 @@ -1635,6 +1808,7 @@ void MsgSetInputNameStr(msg_t *pThis, uchar *psz, int len) MsgSetInputName(pThis, pProp); prop.Destruct(&pProp); } +#endif /* rgerhards 2004-11-16: set pszRcvFrom in msg object */ @@ -1903,7 +2077,7 @@ char *MsgGetProp(msg_t *pMsg, struct templateEntry *pTpe, short iOffs; BEGINfunc -dbgprintf("XXXX: msgGetProp for %d\n", propID); +dbgprintf("XXXX: msgGetProp for %s\n", propIDToName(propID)); assert(pMsg != NULL); assert(pbMustBeFreed != NULL); @@ -1939,10 +2113,7 @@ dbgprintf("XXXX: msgGetProp for %d\n", propID); break; */ case PROP_INPUTNAME: -RUNLOG; getInputName(pMsg, ((uchar**) &pRes), &bufLen); -RUNLOG; -RUNLOG_VAR("%p", pRes); break; case PROP_FROMHOST: pRes = (char*) getRcvFrom(pMsg); @@ -2670,97 +2841,6 @@ finalize_it: RETiRet; } - -/* map a property name (string) to a property ID */ -rsRetVal propNameToID(cstr_t *pCSPropName, propid_t *pPropID) -{ - uchar *pName; - DEFiRet; - - assert(pCSPropName != NULL); - assert(pPropID != NULL); - pName = rsCStrGetSzStrNoNULL(pCSPropName); - - /* sometimes there are aliases to the original MonitoWare - * property names. These come after || in the ifs below. */ - if(!strcmp((char*) pName, "msg")) { - *pPropID = PROP_MSG; - } else if(!strcmp((char*) pName, "timestamp") - || !strcmp((char*) pName, "timereported")) { - *pPropID = PROP_TIMESTAMP; - } else if(!strcmp((char*) pName, "hostname") || !strcmp((char*) pName, "source")) { - *pPropID = PROP_HOSTNAME; - } else if(!strcmp((char*) pName, "syslogtag")) { - *pPropID = PROP_SYSLOGTAG; - } else if(!strcmp((char*) pName, "rawmsg")) { - *pPropID = PROP_RAWMSG; - /* enable this, if someone actually uses UxTradMsg, delete after some time has - * passed and nobody complained -- rgerhards, 2009-06-16 - } else if(!strcmp((char*) pName, "uxtradmsg")) { - pRes = getUxTradMsg(pMsg); - */ - } else if(!strcmp((char*) pName, "inputname")) { - *pPropID = PROP_INPUTNAME; - } else if(!strcmp((char*) pName, "fromhost")) { - *pPropID = PROP_FROMHOST; - } else if(!strcmp((char*) pName, "fromhost-ip")) { - *pPropID = PROP_FROMHOST_IP; - } else if(!strcmp((char*) pName, "pri")) { - *pPropID = PROP_PRI; - } else if(!strcmp((char*) pName, "pri-text")) { - *pPropID = PROP_PRI_TEXT; - } else if(!strcmp((char*) pName, "iut")) { - *pPropID = PROP_IUT; - } else if(!strcmp((char*) pName, "syslogfacility")) { - *pPropID = PROP_SYSLOGFACILITY; - } else if(!strcmp((char*) pName, "syslogfacility-text")) { - *pPropID = PROP_SYSLOGFACILITY_TEXT; - } else if(!strcmp((char*) pName, "syslogseverity") || !strcmp((char*) pName, "syslogpriority")) { - *pPropID = PROP_SYSLOGSEVERITY; - } else if(!strcmp((char*) pName, "syslogseverity-text") || !strcmp((char*) pName, "syslogpriority-text")) { - *pPropID = PROP_SYSLOGSEVERITY_TEXT; - } else if(!strcmp((char*) pName, "timegenerated")) { - *pPropID = PROP_TIMEGENERATED; - } else if(!strcmp((char*) pName, "programname")) { - *pPropID = PROP_PROGRAMNAME; - } else if(!strcmp((char*) pName, "protocol-version")) { - *pPropID = PROP_PROTOCOL_VERSION; - } else if(!strcmp((char*) pName, "structured-data")) { - *pPropID = PROP_STRUCTURED_DATA; - } else if(!strcmp((char*) pName, "app-name")) { - *pPropID = PROP_APP_NAME; - } else if(!strcmp((char*) pName, "procid")) { - *pPropID = PROP_PROCID; - } else if(!strcmp((char*) pName, "msgid")) { - *pPropID = PROP_MSGID; - /* here start system properties (those, that do not relate to the message itself */ - } else if(!strcmp((char*) pName, "$now")) { - *pPropID = PROP_SYS_NOW; - } else if(!strcmp((char*) pName, "$year")) { - *pPropID = PROP_SYS_YEAR; - } else if(!strcmp((char*) pName, "$month")) { - *pPropID = PROP_SYS_MONTH; - } else if(!strcmp((char*) pName, "$day")) { - *pPropID = PROP_SYS_DAY; - } else if(!strcmp((char*) pName, "$hour")) { - *pPropID = PROP_SYS_HOUR; - } else if(!strcmp((char*) pName, "$hhour")) { - *pPropID = PROP_SYS_HHOUR; - } else if(!strcmp((char*) pName, "$qhour")) { - *pPropID = PROP_SYS_QHOUR; - } else if(!strcmp((char*) pName, "$minute")) { - *pPropID = PROP_SYS_MINUTE; - } else if(!strcmp((char*) pName, "$myhostname")) { - *pPropID = PROP_SYS_MYHOSTNAME; - } else { - *pPropID = PROP_INVALID; - iRet = RS_RET_VAR_NOT_FOUND; - } - - RETiRet; -} - - /* This function can be used as a generic way to set properties. * We have to handle a lot of legacy, so our return value is not always * 100% correct (called functions do not always provide one, should @@ -2802,7 +2882,6 @@ rsRetVal MsgSetProperty(msg_t *pThis, var_t *pProp) CHKiRet(prop.Construct(&myProp)); CHKiRet(prop.SetString(myProp, rsCStrGetSzStrNoNULL(pProp->val.pStr), rsCStrLen(pProp->val.pStr))); CHKiRet(prop.ConstructFinalize(myProp)); - prop.AddRef(myProp); MsgSetInputName(pThis, myProp); prop.Destruct(&myProp); } else if(isProp("pszRcvFromIP")) { -- cgit