sip/eve: convert to jsonbuilder

5 years ago · 6a70d6bb6e
parent e9a3415fc2
commit 6a70d6bb6e
5 changed files with 47 additions and 54 deletions
--- a/rust/cbindgen.toml
+++ b/rust/cbindgen.toml
@ -71,7 +71,10 @@ documentation_style = "doxy"
 # found but otherwise don't appear to be used by the public API.
 #
 # default: []
-include = ["AppLayerGetTxIterTuple"]
+include = [
+    "AppLayerGetTxIterTuple",
+    "SIPState",
+]

 # A list of items to not include in the generated bindings
 # default: []
--- a/rust/src/sip/log.rs
+++ b/rust/src/sip/log.rs
@ -17,41 +17,38 @@

 // written by Giuseppe Longo <giuseppe@glongo.it>

-use crate::json::*;
-use crate::sip::sip::{SIPState, SIPTransaction};
+use crate::jsonbuilder::{JsonBuilder, JsonError};
+use crate::sip::sip::SIPTransaction;

-#[no_mangle]
-pub extern "C" fn rs_sip_log_json(_state: &mut SIPState, tx: &mut SIPTransaction) -> *mut JsonT {
-    let js = Json::object();
-
-    match tx.request {
-        Some(ref req) => {
-            js.set_string("method", &req.method);
-            js.set_string("uri", &req.path);
-            js.set_string("version", &req.version);
-        }
-        None => {}
-    }
-    match tx.request_line {
-        Some(ref req_line) => {
-            js.set_string("request_line", &req_line);
-        }
-        None => {}
-    }
-    match tx.response {
-        Some(ref resp) => {
-            js.set_string("version", &resp.version);
-            js.set_string("code", &resp.code);
-            js.set_string("reason", &resp.reason);
+fn log(tx: &SIPTransaction, js: &mut JsonBuilder) -> Result<(), JsonError> {
+    js.open_object("sip")?;
+
+    if let Some(req) = &tx.request {
+        js.set_string("method", &req.method)?
+            .set_string("uri", &req.path)?
+            .set_string("version", &req.version)?;
    }
-        None => {}
+
+    if let Some(req_line) = &tx.request_line {
+        js.set_string("request_line", &req_line)?;
    }
-    match tx.response_line {
-        Some(ref resp_line) => {
-            js.set_string("response_line", &resp_line);
+
+    if let Some(resp) = &tx.response {
+        js.set_string("version", &resp.version)?
+            .set_string("code", &resp.code)?
+            .set_string("reason", &resp.reason)?;
    }
-        None => {}
+
+    if let Some(resp_line) = &tx.response_line {
+        js.set_string("response_line", &resp_line)?;
    }

-    return js.unwrap();
+    js.close()?;
+
+    Ok(())
+}
+
+#[no_mangle]
+pub extern "C" fn rs_sip_log_json(tx: &mut SIPTransaction, js: &mut JsonBuilder) -> bool {
+    log(tx, js).is_ok()
 }
--- a/src/output-json-alert.c
+++ b/src/output-json-alert.c
@ -531,11 +531,7 @@ static int AlertJson(ThreadVars *tv, JsonAlertLogThread *aft, const Packet *p)
                    }
                    break;
                case ALPROTO_SIP:
-                    hjs = JsonSIPAddMetadata(p->flow, pa->tx_id);
-                    if (hjs) {
-                        jb_set_jsont(jb, "sip", hjs);
-                        json_decref(hjs);
-                    }
+                    JsonSIPAddMetadata(jb, p->flow, pa->tx_id);
                    break;
                case ALPROTO_RFB:
                    hjs = JsonRFBAddMetadata(p->flow, pa->tx_id);
--- a/src/output-json-sip.c
+++ b/src/output-json-sip.c
@ -59,17 +59,15 @@ typedef struct LogSIPLogThread_ {
    MemBuffer          *buffer;
 } LogSIPLogThread;

-json_t *JsonSIPAddMetadata(const Flow *f, uint64_t tx_id)
+void JsonSIPAddMetadata(JsonBuilder *js, const Flow *f, uint64_t tx_id)
 {
    SIPState *state = FlowGetAppState(f);
    if (state) {
        SIPTransaction *tx = AppLayerParserGetTx(f->proto, ALPROTO_SIP, state, tx_id);
        if (tx) {
-            return rs_sip_log_json(state, tx);
+            rs_sip_log_json(tx, js);
        }
    }
-
-    return NULL;
 }

 static int JsonSIPLogger(ThreadVars *tv, void *thread_data,
@ -77,29 +75,28 @@ static int JsonSIPLogger(ThreadVars *tv, void *thread_data,
 {
    SIPTransaction *siptx = tx;
    LogSIPLogThread *thread = thread_data;
-    json_t *js, *sipjs;

-    js = CreateJSONHeader(p, LOG_DIR_PACKET, "sip", NULL);
+    JsonBuilder *js = CreateEveHeader((Packet *)p, LOG_DIR_PACKET, "sip", NULL);
    if (unlikely(js == NULL)) {
-        return TM_ECODE_FAILED;
+        return TM_ECODE_OK;
    }
+    EveAddCommonOptions(&thread->siplog_ctx->cfg, p, f, js);

-    JsonAddCommonOptions(&thread->siplog_ctx->cfg, p, f, js);
-
-    sipjs = rs_sip_log_json(state, siptx);
-    if (unlikely(sipjs == NULL)) {
+    if (!rs_sip_log_json(siptx, js)) {
+        goto error;
+    }
+    if (!jb_close(js)) {
        goto error;
    }
-    json_object_set_new(js, "sip", sipjs);

    MemBufferReset(thread->buffer);
-    OutputJSONBuffer(js, thread->siplog_ctx->file_ctx, &thread->buffer);
+    OutputJsonBuilderBuffer(js, thread->siplog_ctx->file_ctx, &thread->buffer);
+    jb_free(js);

-    json_decref(js);
    return TM_ECODE_OK;

 error:
-    json_decref(js);
+    jb_free(js);
    return TM_ECODE_FAILED;
 }

--- a/src/output-json-sip.h
+++ b/src/output-json-sip.h
@ -26,6 +26,6 @@

 void JsonSIPLogRegister(void);

-json_t *JsonSIPAddMetadata(const Flow *f, uint64_t tx_id);
+void JsonSIPAddMetadata(JsonBuilder *js, const Flow *f, uint64_t tx_id);

 #endif /* __OUTPUT_JSON_SIP_H__ */