sip/eve: convert to jsonbuilder

5 years ago · 6a70d6bb6e
parent e9a3415fc2
commit 6a70d6bb6e
5 changed files with 47 additions and 54 deletions
--- a/rust/cbindgen.toml
+++ b/rust/cbindgen.toml
@ -71,7 +71,10 @@ documentation_style = "doxy"
 # found but otherwise don't appear to be used by the public API.
 #
 # default: []
-include = ["AppLayerGetTxIterTuple"]
+include = [
    "AppLayerGetTxIterTuple",
    "SIPState",
 ]
 # A list of items to not include in the generated bindings
 # default: []
--- a/rust/src/sip/log.rs
+++ b/rust/src/sip/log.rs
@ -17,41 +17,38 @@
 // written by Giuseppe Longo <giuseppe@glongo.it>
-use crate::json::*;
+use crate::jsonbuilder::{JsonBuilder, JsonError};
-use crate::sip::sip::{SIPState, SIPTransaction};
+use crate::sip::sip::SIPTransaction;
-#[no_mangle]
+fn log(tx: &SIPTransaction, js: &mut JsonBuilder) -> Result<(), JsonError> {
-pub extern "C" fn rs_sip_log_json(_state: &mut SIPState, tx: &mut SIPTransaction) -> *mut JsonT {
+    js.open_object("sip")?;
-    let js = Json::object();
+
-
+    if let Some(req) = &tx.request {
-    match tx.request {
+        js.set_string("method", &req.method)?
-        Some(ref req) => {
+            .set_string("uri", &req.path)?
-            js.set_string("method", &req.method);
+            .set_string("version", &req.version)?;
            js.set_string("uri", &req.path);
            js.set_string("version", &req.version);
        }
        None => {}
    }
-    match tx.request_line {
+
-        Some(ref req_line) => {
+    if let Some(req_line) = &tx.request_line {
-            js.set_string("request_line", &req_line);
+        js.set_string("request_line", &req_line)?;
        }
        None => {}
    }
-    match tx.response {
+
-        Some(ref resp) => {
+    if let Some(resp) = &tx.response {
-            js.set_string("version", &resp.version);
+        js.set_string("version", &resp.version)?
-            js.set_string("code", &resp.code);
+            .set_string("code", &resp.code)?
-            js.set_string("reason", &resp.reason);
+            .set_string("reason", &resp.reason)?;
        }
        None => {}
    }
-    match tx.response_line {
+
-        Some(ref resp_line) => {
+    if let Some(resp_line) = &tx.response_line {
-            js.set_string("response_line", &resp_line);
+        js.set_string("response_line", &resp_line)?;
        }
        None => {}
    }
-    return js.unwrap();
+    js.close()?;
    Ok(())
 }
 #[no_mangle]
 pub extern "C" fn rs_sip_log_json(tx: &mut SIPTransaction, js: &mut JsonBuilder) -> bool {
    log(tx, js).is_ok()
 }
--- a/src/output-json-alert.c
+++ b/src/output-json-alert.c
@ -531,11 +531,7 @@ static int AlertJson(ThreadVars *tv, JsonAlertLogThread *aft, const Packet *p)
                    }
                    break;
                case ALPROTO_SIP:
-                    hjs = JsonSIPAddMetadata(p->flow, pa->tx_id);
+                    JsonSIPAddMetadata(jb, p->flow, pa->tx_id);
                    if (hjs) {
                        jb_set_jsont(jb, "sip", hjs);
                        json_decref(hjs);
                    }
                    break;
                case ALPROTO_RFB:
                    hjs = JsonRFBAddMetadata(p->flow, pa->tx_id);
--- a/src/output-json-sip.c
+++ b/src/output-json-sip.c
@ -59,17 +59,15 @@ typedef struct LogSIPLogThread_ {
    MemBuffer          *buffer;
 } LogSIPLogThread;
-json_t *JsonSIPAddMetadata(const Flow *f, uint64_t tx_id)
+void JsonSIPAddMetadata(JsonBuilder *js, const Flow *f, uint64_t tx_id)
 {
    SIPState *state = FlowGetAppState(f);
    if (state) {
        SIPTransaction *tx = AppLayerParserGetTx(f->proto, ALPROTO_SIP, state, tx_id);
        if (tx) {
-            return rs_sip_log_json(state, tx);
+            rs_sip_log_json(tx, js);
        }
    }
    return NULL;
 }
 static int JsonSIPLogger(ThreadVars *tv, void *thread_data,
@ -77,29 +75,28 @@ static int JsonSIPLogger(ThreadVars *tv, void *thread_data,
 {
    SIPTransaction *siptx = tx;
    LogSIPLogThread *thread = thread_data;
    json_t *js, *sipjs;
-    js = CreateJSONHeader(p, LOG_DIR_PACKET, "sip", NULL);
+    JsonBuilder *js = CreateEveHeader((Packet *)p, LOG_DIR_PACKET, "sip", NULL);
    if (unlikely(js == NULL)) {
-        return TM_ECODE_FAILED;
+        return TM_ECODE_OK;
    }
    EveAddCommonOptions(&thread->siplog_ctx->cfg, p, f, js);
-    JsonAddCommonOptions(&thread->siplog_ctx->cfg, p, f, js);
+    if (!rs_sip_log_json(siptx, js)) {
-
+        goto error;
-    sipjs = rs_sip_log_json(state, siptx);
+    }
-    if (unlikely(sipjs == NULL)) {
+    if (!jb_close(js)) {
-      goto error;
+        goto error;
    }
    json_object_set_new(js, "sip", sipjs);
    MemBufferReset(thread->buffer);
-    OutputJSONBuffer(js, thread->siplog_ctx->file_ctx, &thread->buffer);
+    OutputJsonBuilderBuffer(js, thread->siplog_ctx->file_ctx, &thread->buffer);
    jb_free(js);
    json_decref(js);
    return TM_ECODE_OK;
 error:
-    json_decref(js);
+    jb_free(js);
    return TM_ECODE_FAILED;
 }
--- a/src/output-json-sip.h
+++ b/src/output-json-sip.h
@ -26,6 +26,6 @@
 void JsonSIPLogRegister(void);
-json_t *JsonSIPAddMetadata(const Flow *f, uint64_t tx_id);
+void JsonSIPAddMetadata(JsonBuilder *js, const Flow *f, uint64_t tx_id);
 #endif /* __OUTPUT_JSON_SIP_H__ */