Skip to content

Commit

Permalink
Fixed -F option / Code cleanup astyle.....
Browse files Browse the repository at this point in the history
  • Loading branch information
@beave
beave committed Sep 2, 2015
1 parent e75b1f9 commit 4f726ac
Show file tree
Hide file tree
Showing 27 changed files with 616 additions and 175 deletions.
2 changes: 1 addition & 1 deletion Makefile
View file
Expand Up @@ -237,7 +237,7 @@ LIBESTR_LIBS = -L/usr/lib -lestr
LIBLOGNORM_CFLAGS =
LIBLOGNORM_LIBS = -L/usr/lib -llognorm -lestr
LIBOBJS =
LIBS = -ldnet -llognorm -lestr -ljson -lm -lpthread -lpcre
LIBS = -lcurl -ldnet -llognorm -lestr -ljson -lesmtp -lmaxminddb -lm -lpthread -lpcre
LTLIBOBJS =
MAINT = #
MAKEINFO = ${SHELL} /home/champ/code/sagan/missing makeinfo
Expand Down
8 changes: 4 additions & 4 deletions config.h
View file
Expand Up @@ -62,7 +62,7 @@
#define HAVE_INTTYPES_H 1

/* Define to 1 if you have the `curl' library (-lcurl). */
/* #undef HAVE_LIBCURL */
#define HAVE_LIBCURL 1

/* Define to 1 if you have the `dnet' library (-ldnet). */
#define HAVE_LIBDNET 1
Expand All @@ -71,7 +71,7 @@
/* #undef HAVE_LIBDUMBNET */

/* Define to 1 if you have the `esmtp' library (-lesmtp). */
/* #undef HAVE_LIBESMTP */
#define HAVE_LIBESMTP 1

/* Define to 1 if you have the `estr' library (-lestr). */
#define HAVE_LIBESTR 1
Expand All @@ -89,7 +89,7 @@
#define HAVE_LIBM 1

/* Define to 1 if you have the `maxminddb' library (-lmaxminddb). */
/* #undef HAVE_LIBMAXMINDDB */
#define HAVE_LIBMAXMINDDB 1

/* Define to 1 if you have the `pcap' library (-lpcap). */
/* #undef HAVE_LIBPCAP */
Expand Down Expand Up @@ -337,7 +337,7 @@
#define VERSION "1.0.0-RC5"

/* With Bluedot */
/* #undef WITH_BLUEDOT */
#define WITH_BLUEDOT 1

/* With Snortsam */
#define WITH_SNORTSAM 1
Expand Down
10 changes: 7 additions & 3 deletions config.status
View file
Expand Up @@ -427,7 +427,7 @@ $config_commands
Report bugs to the package provider."

ac_cs_config=""
ac_cs_config="'--enable-bluedot' '--enable-geoip2' '--enable-esmtp'"
ac_cs_version="\
config.status
configured by ./configure, generated by GNU Autoconf 2.69,
Expand Down Expand Up @@ -519,7 +519,7 @@ if $ac_cs_silent; then
fi

if $ac_cs_recheck; then
set X /bin/sh './configure' $ac_configure_extra_args --no-create --no-recursion
set X /bin/sh './configure' '--enable-bluedot' '--enable-geoip2' '--enable-esmtp' $ac_configure_extra_args --no-create --no-recursion
shift
$as_echo "running CONFIG_SHELL=/bin/sh $*" >&6
CONFIG_SHELL='/bin/sh'
Expand Down Expand Up @@ -702,7 +702,7 @@ S["build"]="x86_64-unknown-linux-gnu"
S["target_alias"]=""
S["host_alias"]=""
S["build_alias"]=""
S["LIBS"]="-ldnet -llognorm -lestr -ljson -lm -lpthread -lpcre "
S["LIBS"]="-lcurl -ldnet -llognorm -lestr -ljson -lesmtp -lmaxminddb -lm -lpthread -lpcre "
S["ECHO_T"]=""
S["ECHO_N"]="-n"
S["ECHO_C"]=""
Expand Down Expand Up @@ -875,11 +875,15 @@ D["HAVE_LIBPCRE"]=" 1"
D["HAVE_LIBPTHREAD"]=" 1"
D["HAVE_LIBM"]=" 1"
D["WITH_SYSLOG"]=" 1"
D["HAVE_LIBMAXMINDDB"]=" 1"
D["HAVE_LIBESMTP"]=" 1"
D["HAVE_LIBJSON"]=" 1"
D["HAVE_LIBESTR"]=" 1"
D["HAVE_LIBLOGNORM"]=" 1"
D["HAVE_DNET_H"]=" 1"
D["HAVE_LIBDNET"]=" 1"
D["HAVE_LIBCURL"]=" 1"
D["WITH_BLUEDOT"]=" 1"
D["WITH_SNORTSAM"]=" 1"
D["CONFIG_FILE_PATH"]=" \"/usr/local/etc/sagan.conf\""
D["PACKAGE_NAME"]=" \"sagan\""
Expand Down
32 changes: 26 additions & 6 deletions src/output-plugins/sagan-esmtp.c
View file
Expand Up @@ -71,7 +71,11 @@ int Sagan_ESMTP_Thread (_SaganEvent *Event)

if ( Event->pri > config->min_email_priority )
{
if ( debug->debugesmtp ) Sagan_Log(S_DEBUG, "Event priority (%d) is not < min_email_priority (%d)", Event->pri, config->min_email_priority);
if ( debug->debugesmtp )
{
Sagan_Log(S_DEBUG, "Event priority (%d) is not < min_email_priority (%d)", Event->pri, config->min_email_priority);
}

return(0);
}
}
Expand All @@ -82,13 +86,25 @@ int Sagan_ESMTP_Thread (_SaganEvent *Event)

if ( rulestruct[Event->found].email_flag )
{
if ( debug->debugesmtp ) Sagan_Log(S_DEBUG, "[%s, line %d] Found e-mail in rule: %s", __FILE__, __LINE__, rulestruct[Event->found].email);
if ( debug->debugesmtp )
{
Sagan_Log(S_DEBUG, "[%s, line %d] Found e-mail in rule: %s", __FILE__, __LINE__, rulestruct[Event->found].email);
}

snprintf(tmpemail, sizeof(tmpemail), "%s", rulestruct[Event->found].email);
}
else
{
if ( debug->debugesmtp ) Sagan_Log(S_DEBUG, "[%s, line %d] Found e-mail in configuration file: %s", __FILE__, __LINE__, config->sagan_esmtp_to);
if ( config->sagan_sendto_flag ) snprintf(tmpemail, sizeof(tmpemail), "%s", config->sagan_esmtp_to);
if ( debug->debugesmtp )
{
Sagan_Log(S_DEBUG, "[%s, line %d] Found e-mail in configuration file: %s", __FILE__, __LINE__, config->sagan_esmtp_to);
}

if ( config->sagan_sendto_flag )
{
snprintf(tmpemail, sizeof(tmpemail), "%s", config->sagan_esmtp_to);
}

}

if ((r = snprintf(tmpa, sizeof(tmpa),
Expand Down Expand Up @@ -224,7 +240,9 @@ fixlf( _SaganConfig *config, char *d, char *s)
int j=0;

if(d == NULL)
return 0;
{
return 0;
}

if(s == NULL)
{
Expand Down Expand Up @@ -255,7 +273,9 @@ fixlf( _SaganConfig *config, char *d, char *s)
}

if(j<MAX_EMAILSIZE)
d[j++] = '\0';
{
d[j++] = '\0';
}

return j;
}
Expand Down
10 changes: 8 additions & 2 deletions src/output-plugins/sagan-external.c
View file
Expand Up @@ -64,7 +64,10 @@ void Sagan_Ext_Thread ( _SaganEvent *Event, char *execute_script )
char *tmpref = NULL;
char tmp[6];

if ( debug->debugexternal ) Sagan_Log(S_WARN, "[%s, line %d] In sagan_ext_thread()", __FILE__, __LINE__);
if ( debug->debugexternal )
{
Sagan_Log(S_WARN, "[%s, line %d] In sagan_ext_thread()", __FILE__, __LINE__);
}

tmpref = Reference_Lookup( Event->found, 1 );

Expand Down Expand Up @@ -168,7 +171,10 @@ Syslog Priority:%s\n\

pthread_mutex_unlock( &ext_mutex );

if ( debug->debugexternal == 1 ) Sagan_Log(S_DEBUG, "[%s, line %d] Executed %s", __FILE__, __LINE__, config->sagan_extern);
if ( debug->debugexternal == 1 )
{
Sagan_Log(S_DEBUG, "[%s, line %d] Executed %s", __FILE__, __LINE__, config->sagan_extern);
}

}

8 changes: 6 additions & 2 deletions src/output-plugins/sagan-snortsam.c
View file
Expand Up @@ -262,7 +262,9 @@ int FWsamBlock(char *arg)
if(!error)
{
if( debug->debugfwsam )
Sagan_Log(S_DEBUG, "[FWsamBlock] Connected to host %s. %s IP %s", inet_ntoa(station.stationip),blockmode==FWSAM_STATUS_BLOCK?"Blocking":"Unblocking",inettoa(blockip[ipidx]));
{
Sagan_Log(S_DEBUG, "[FWsamBlock] Connected to host %s. %s IP %s", inet_ntoa(station.stationip),blockmode==FWSAM_STATUS_BLOCK?"Blocking":"Unblocking",inettoa(blockip[ipidx]));
}

/* now build the packet */
station.myseqno+=station.stationseqno; /* increase my seqno by adding agent seq no */
Expand Down Expand Up @@ -545,7 +547,9 @@ int FWsamCheckIn(FWsamStation *station)
else
{
if ( debug->debugfwsam )
Sagan_Log(S_WARN, "[FWsamCheckIn] Connected to host %s", inet_ntoa(station->stationip));
{
Sagan_Log(S_WARN, "[FWsamCheckIn] Connected to host %s", inet_ntoa(station->stationip));
}

/* now build the packet */
sampacket.endiancheck=1;
Expand Down
30 changes: 23 additions & 7 deletions src/output-plugins/sagan-unified2.c
View file
Expand Up @@ -89,7 +89,10 @@ void Unified2InitFile( void )
char filepath[1024];
char *fname_ptr;

if (config == NULL) Sagan_Log(S_ERROR, "[%s, line %d] Could not init Unified2. Config data is null", __FILE__, __LINE__ );
if (config == NULL)
{
Sagan_Log(S_ERROR, "[%s, line %d] Could not init Unified2. Config data is null", __FILE__, __LINE__ );
}

config->unified2_timestamp = (uint32_t)time(NULL);

Expand All @@ -107,7 +110,9 @@ void Unified2InitFile( void )
}

if ((config->unified2_stream = fopen(fname_ptr, "wb")) == NULL)
Sagan_Log(S_ERROR, "[%s, line %d] Cannot open file %s.", __FILE__, __LINE__, fname_ptr);
{
Sagan_Log(S_ERROR, "[%s, line %d] Cannot open file %s.", __FILE__, __LINE__, fname_ptr);
}
}


Expand Down Expand Up @@ -154,7 +159,9 @@ void Sagan_Unified2( _SaganEvent *Event )
/* Rotate if log has gotten to big */

if ((config->unified2_current + write_len) > config->unified2_limit)
Unified2RotateFile();
{
Unified2RotateFile();
}


hdr.length = htonl(sizeof(Serial_Unified2IDSEvent_legacy));
Expand Down Expand Up @@ -432,7 +439,9 @@ int SaganSnprintf(char *buf, size_t buf_size, const char *format, ...)
int ret;

if (buf == NULL || buf_size <= 0 || format == NULL)
return SAGAN_SNPRINTF_ERROR;
{
return SAGAN_SNPRINTF_ERROR;
}

/* zero first byte in case an error occurs with
* vsnprintf, so buffer is null terminated with
Expand All @@ -448,7 +457,9 @@ int SaganSnprintf(char *buf, size_t buf_size, const char *format, ...)
va_end(ap);

if (ret < 0)
return SAGAN_SNPRINTF_ERROR;
{
return SAGAN_SNPRINTF_ERROR;
}

if (buf[buf_size - 1] != '\0' || (size_t)ret >= buf_size)
{
Expand Down Expand Up @@ -508,7 +519,9 @@ static void Unified2Write( uint8_t *buf, uint32_t buf_len )

/* Nothing to write or nothing to write to */
if ((buf == NULL) || (config == NULL) || (config->unified2_stream == NULL))
return;
{
return;
}

/* Don't use fsync(). It is a total performance killer */
if (((fwcount = fwrite(buf, (size_t)buf_len, 1, config->unified2_stream)) != 1) ||
Expand Down Expand Up @@ -625,7 +638,10 @@ static void Unified2Write( uint8_t *buf, uint32_t buf_len )
}
}

if ((max_retries == 0) && (error != 0)) Sagan_Log(S_ERROR, "[%s, line %d] Maximum number of interrupts exceeded.", __FILE__, __LINE__);
if ((max_retries == 0) && (error != 0))
{
Sagan_Log(S_ERROR, "[%s, line %d] Maximum number of interrupts exceeded.", __FILE__, __LINE__);
}
}
config->unified2_current += buf_len;
}
Expand Down
7 changes: 6 additions & 1 deletion src/processors/sagan-engine.c
View file
Expand Up @@ -1052,6 +1052,7 @@ int Sagan_Engine ( _SaganProcSyslog *SaganProcSyslog_LOCAL )
afterbydst[i].count++;
after_oldtime_src = atol(timet) - afterbydst[i].utime;
afterbydst[i].utime = atol(timet);

if ( after_oldtime_src > rulestruct[b].after_seconds )
{
afterbydst[i].count=1;
Expand Down Expand Up @@ -1266,7 +1267,11 @@ int Sagan_Engine ( _SaganProcSyslog *SaganProcSyslog_LOCAL )
Sagan_Flowbit_Set(b, ip_src, ip_dst);

threadid++;
if ( threadid >= MAX_THREADS ) threadid=0;

if ( threadid >= MAX_THREADS )
{
threadid=0;
}

/* We can't use the pointers from our syslog data. If two (or more) event's
* fire at the same time, the two alerts will have corrupted information
Expand Down
31 changes: 26 additions & 5 deletions src/sagan-classifications.c
View file
Expand Up @@ -97,22 +97,43 @@ void Load_Classifications( const char *ruleset )
tmptoken = strtok_r(NULL, ":" , &saveptr);

laststring = strtok_r(tmptoken, ",", &saveptr);
if ( laststring == NULL ) Sagan_Log(S_ERROR, "[%s, line %d] The file %s at line %d is improperly formated. Abort!", __FILE__, __LINE__, ruleset, linecount);

if ( laststring == NULL )
{
Sagan_Log(S_ERROR, "[%s, line %d] The file %s at line %d is improperly formated. Abort!", __FILE__, __LINE__, ruleset, linecount);
}

Remove_Spaces(laststring);
strlcpy(classstruct[counters->classcount].s_shortname, laststring, sizeof(classstruct[counters->classcount].s_shortname));

laststring = strtok_r(NULL, ",", &saveptr);
if ( laststring == NULL ) Sagan_Log(S_ERROR, "[%s, line %d] The file %s at line %d is improperly formated. Abort!", __FILE__, __LINE__, ruleset, linecount);

if ( laststring == NULL )
{
Sagan_Log(S_ERROR, "[%s, line %d] The file %s at line %d is improperly formated. Abort!", __FILE__, __LINE__, ruleset, linecount);
}

strlcpy(classstruct[counters->classcount].s_desc, laststring, sizeof(classstruct[counters->classcount].s_desc));

laststring = strtok_r(NULL, ",", &saveptr);
if ( laststring == NULL ) Sagan_Log(S_ERROR, "[%s, line %d] The file %s at line %d is improperly formated. Abort!", __FILE__, __LINE__, ruleset, linecount);

if ( laststring == NULL )
{
Sagan_Log(S_ERROR, "[%s, line %d] The file %s at line %d is improperly formated. Abort!", __FILE__, __LINE__, ruleset, linecount);
}

strlcpy(tmpbuf2, laststring, sizeof(tmpbuf2));
classstruct[counters->classcount].s_priority=atoi(tmpbuf2);

if ( classstruct[counters->classcount].s_priority == 0 ) Sagan_Log(S_ERROR, "[%s, line %d] Classification error at line number %d in %s", __FILE__, __LINE__, linecount, ruleset);
if ( classstruct[counters->classcount].s_priority == 0 )
{
Sagan_Log(S_ERROR, "[%s, line %d] Classification error at line number %d in %s", __FILE__, __LINE__, linecount, ruleset);
}

if (debug->debugload) Sagan_Log(S_DEBUG, "[D-%d] Classification: %s|%s|%d", counters->classcount, classstruct[counters->classcount].s_shortname, classstruct[counters->classcount].s_desc, classstruct[counters->classcount].s_priority);
if (debug->debugload)
{
Sagan_Log(S_DEBUG, "[D-%d] Classification: %s|%s|%d", counters->classcount, classstruct[counters->classcount].s_shortname, classstruct[counters->classcount].s_desc, classstruct[counters->classcount].s_priority);
}

counters->classcount++;

Expand Down

0 comments on commit 4f726ac

Please sign in to comment.