Date: Tue, 14 Aug 2007 08:45:03 GMT From: dongmei <dongmei@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 125131 for review Message-ID: <200708140845.l7E8j33I086100@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=125131 Change 125131 by dongmei@dongmei2007 on 2007/08/14 08:44:27 add the support for lively audit log reading Affected files ... .. //depot/projects/soc2007/dongmei-auditanalyzer/Makefile#3 edit .. //depot/projects/soc2007/dongmei-auditanalyzer/capture.c#1 add .. //depot/projects/soc2007/dongmei-auditanalyzer/capture.h#1 add .. //depot/projects/soc2007/dongmei-auditanalyzer/gtk/menu.c#3 edit .. //depot/projects/soc2007/dongmei-auditanalyzer/tfile.c#3 edit .. //depot/projects/soc2007/dongmei-auditanalyzer/tfile.h#2 edit Differences ... ==== //depot/projects/soc2007/dongmei-auditanalyzer/Makefile#3 (text+ko) ==== @@ -3,15 +3,15 @@ .PATH: ${.CURDIR}/gtk .PATH: ${.CURDIR}/image -SOURCES = main.c menu.c list_view.c tree_view.c file_dlg.c gui_utils.c simple_dialog.c trail_file_dlg.c filesystem.c buffer.c except.c file_access.c strerror.c tfile.c tsess.c file_util.c +SOURCES = main.c menu.c list_view.c tree_view.c file_dlg.c gui_utils.c simple_dialog.c trail_file_dlg.c filesystem.c buffer.c except.c file_access.c strerror.c tfile.c tsess.c file_util.c capture.c OBJS = ${SOURCES:.c=.o} CFLAGS = `pkg-config gtk+-2.0 --cflags` -D_U_="" -LDADD = `pkg-config gtk+-2.0 --libs` -lbsm +LDADD = `pkg-config gtk+-2.0 gthread-2.0 --libs` -lbsm CC = gcc PACKAGE = auanalyzer all: ${OBJS} - ${CC} -o ${PACKAGE} ${OBJS} ${LDADD} + ${CC} -g -o ${PACKAGE} ${OBJS} ${LDADD} .c.o: ${CC} ${CFLAGS} -c $< @@ -19,3 +19,4 @@ rm ${PACKAGE} ${OBJS} # end of file +#gthread-2.0 ==== //depot/projects/soc2007/dongmei-auditanalyzer/gtk/menu.c#3 (text+ko) ==== @@ -2,7 +2,7 @@ #include <string.h> #include "compat_macros.h" #include "trail_file_dlg.h" - +#include "../capture.h" #define GTK_MENU_FUNC(a) ((GtkItemFactoryCallback)(a)) /* main menu */ @@ -33,6 +33,11 @@ // ITEM_FACTORY_ENTRY("/View/log _Details", NULL, tree_view_show_cb, 0, "<CheckItem>", NULL), // ITEM_FACTORY_ENTRY("/View/log _Bytes", NULL, byte_view_show_cb, 0, "<CheckItem>", NULL), ITEM_FACTORY_ENTRY("/_Capture", NULL, NULL, 0, "<Branch>", NULL), + ITEM_FACTORY_STOCK_ENTRY("/Capture/_Start...", "<control>O", capture_start_cb, + 0, GTK_STOCK_OPEN), + ITEM_FACTORY_STOCK_ENTRY("/Capture/_Stop...", "<control>O", capture_stop_cb, + 0, GTK_STOCK_OPEN), + ITEM_FACTORY_ENTRY("/_Analyze", NULL, NULL, 0, "<Branch>", NULL), ITEM_FACTORY_ENTRY("/_Statistics", NULL, NULL, 0, "<Branch>", NULL), ITEM_FACTORY_ENTRY("/_Help", NULL, NULL, 0, "<Branch>", NULL) ==== //depot/projects/soc2007/dongmei-auditanalyzer/tfile.c#3 (text+ko) ==== @@ -8,11 +8,20 @@ #include <bsm/libbsm.h> #include "exceptions.h" #include "gtk/tree_view.h" +#include <stdbool.h> /* Update the progress bar this many times when reading a file. */ #define N_PROGBAR_UPDATES 100 #define RECORD_DATA_CHUNK_SIZE 1024 +extern bool fstop; +typedef struct _carg carg; +struct _carg { + trailer_file *tf; + gint64 offset; + u_char *buf; + int reclen; +}; static guint32 cum_bytes = 0; void @@ -108,11 +117,46 @@ return CF_ERROR; } +tf_status_t +tf_open_auditpipe(trailer_file *tf, gboolean is_tempfile, int *err) +{ + gchar *err_info; + tsess *ts; -void -record_list_append_test(tokenstr_t *data,gint32 number) -{ - printf("%d\n",data->tt.hdr32.size); + ts=tsess_open_online(err,&err_info,FALSE); + if (ts==NULL) + goto fail; + + tf_reset_state(tf); + /* We're about to start reading the file. */ + tf->state = FILE_READ_IN_PROGRESS; + + tf->f_datalen = 0; + + /* Set the file name because we need it to set the follow stream filter. + XXX - is that still true? We need it for other reasons, though, + in any case. */ + tf->filename = g_strdup(DEFAULT_AUDIT_TRAIL); + + /* Indicate whether it's a permanent or temporary file. */ + tf->is_tempfile = is_tempfile; + + /* If it's a temporary capture buffer file, mark it as not saved. */ + tf->user_saved = !is_tempfile; + + tf->count = 0; + + tf->rlist_chunk = g_mem_chunk_new("record_data_chunk", + sizeof(record_data), + RECORD_DATA_CHUNK_SIZE * sizeof(record_data), + G_ALLOC_AND_FREE); + g_assert(tf->rlist_chunk); + tf->ts=ts; + return CF_OK; + +fail: + return CF_ERROR; + } /* */ @@ -173,7 +217,9 @@ tf->count++; rdata->num = tf->count; + gdk_threads_enter(); add_record_to_record_list(rdata,tf); + gdk_threads_leave(); return 0; } @@ -182,7 +228,86 @@ { main_window_exit(); } +/* read in a new record */ +/* returns the row of the new record in the record list or -1 if not displayed */ +int read_record_thread(carg *arg) +{ + record_data *rdata; + record_data *rlist_end; + int recsize=0; + //Allocate the next list entry, and add it to the list. + rdata = g_mem_chunk_alloc(arg->tf->rlist_chunk); + rdata->num = 0; + rdata->next = NULL; + rdata->prev = NULL; + rdata->record_len = arg->reclen; + + recsize=arg->reclen*sizeof(u_char); + if (arg->buf == NULL) + return (-1); + rdata->buf=(u_char *) malloc(recsize); + memcpy(rdata->buf,arg->buf,recsize); + + rdata->file_off = arg->offset; + + //construct double link list record_data + + rlist_end =arg->tf->rlist_end; + rdata->prev = rlist_end; + if (rlist_end != NULL) + rlist_end->next = rdata; + else + arg->tf->rlist = rdata; + arg->tf->rlist_end = rdata; + + arg->tf->count++; + rdata->num = arg->tf->count; + gdk_threads_enter(); + add_record_to_record_list(rdata,arg->tf); + gdk_threads_leave(); + return 0; + +} +/* +int read_record_thread(trailer_file *tf,gint64 offset,u_char *buf,int reclen) +{ + record_data *rdata; + record_data *rlist_end; + int recsize=0; + // Allocate the next list entry, and add it to the list. + rdata = g_mem_chunk_alloc(tf->rlist_chunk); + rdata->num = 0; + rdata->next = NULL; + rdata->prev = NULL; + rdata->record_len = reclen; + recsize=reclen*sizeof(u_char); + if (buf == NULL) + return (-1); + rdata->buf=(u_char *) malloc(recsize); + memcpy(rdata->buf,buf,recsize); + + rdata->file_off = offset; + + //construct double link list record_data + + rlist_end =tf->rlist_end; + rdata->prev = rlist_end; + if (rlist_end != NULL) + rlist_end->next = rdata; + else + tf->rlist = rdata; + tf->rlist_end = rdata; + + tf->count++; + rdata->num = tf->count; + gdk_threads_enter(); + add_record_to_record_list(rdata,tf); + gdk_threads_leave(); + return 0; + +} +*/ tf_read_status_t tf_read(trailer_file *tf) { @@ -265,6 +390,92 @@ } else return CF_READ_OK; } + +tf_read_status_t +tf_read_auditpipe(trailer_file *tf) +{ + int err=0; + gchar *err_info; + const gchar *name_ptr; + const char *errmsg; + char errmsg_errno[1024+1]; + gchar err_str[2048+1]; + gint64 data_offset; + gboolean stop_flag; + gint64 size, file_pos; + GTimeVal start_time; + gchar status_str[100]; + + cum_bytes=0; + printf("1\n"); + name_ptr = get_basename(tf->filename); + + /* Find the size of the file. */ + size = tsess_file_size(tf->ts, NULL); + printf("size=%d\n",size); + stop_flag = FALSE; + g_get_current_time(&start_time); + + u_char *buf; + tokenstr_t tok; + int reclen; + data_offset=0; + while ((reclen = au_read_rec(tf->ts->fh, &buf)) != -1 && !fstop) { + data_offset = data_offset+reclen; + TRY { + printf("%d\n",reclen); + gdk_threads_enter(); + read_record(tf,data_offset,buf,reclen); + gdk_threads_leave(); + free(buf); + } + CATCH(OutOfMemoryError) { + gpointer dialog; + + dialog = simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, + "%sOut Of Memory!%s\n" + "\n" + "Sorry, but Wireshark has to terminate now!\n" + "\n" + "Some infos / workarounds can be found at:\n" + "http://wiki.wireshark.org/KnownBugs/OutOfMemory", + simple_dialog_primary_start(), simple_dialog_primary_end()); + /* we have to terminate, as we cannot recover from the memory error */ + simple_dialog_set_cb(dialog, outofmemory_cb, NULL); + while(1) { + main_window_update(); + /* XXX - how to avoid a busy wait? */ + /* Sleep(100); */ + }; + break; + } + ENDTRY; + } + /* We're done reading sequentially through the file. */ + tf->state = FILE_READ_DONE; + + tf->current_record = tf->first_displayed; + + if (err != 0) { + /* Put up a message box noting that the read failed somewhere along + the line. Don't throw out the stuff we managed to read, though, + if any. */ + switch (err) { + default: + g_snprintf(errmsg_errno, sizeof(errmsg_errno), + "An error occurred while reading the" + " capture file: %s.", strerror(err)); + errmsg = errmsg_errno; + break; + } + g_snprintf(err_str, sizeof err_str, errmsg); + simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, err_str); + return CF_READ_ERROR; + } else + return CF_READ_OK; + +} + /* Select the record on a given num. */ void tf_select_record(trailer_file *tf, int num) ==== //depot/projects/soc2007/dongmei-auditanalyzer/tfile.h#2 (text+ko) ==== @@ -52,3 +52,5 @@ CF_READ_ABORTED /**< operation aborted by user */ } tf_read_status_t; +tf_read_status_t tf_read_auditpipe(trailer_file *tf); +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200708140845.l7E8j33I086100>