mmrfc5424addhmac: complete initial implementation

hash is now also persisted back to structured-data rsyslog property
2025-12-20 08:30:42 +01:00 · 2013-09-25 17:15:58 +02:00 · 2013-09-25 17:15:58 +02:00 · b810f0dd3a
commit b810f0dd3a
parent c787fb9ce9
3 changed files with 25 additions and 6 deletions
--- a/plugins/mmrfc5424addhmac/mmrfc5424addhmac.c
+++ b/plugins/mmrfc5424addhmac/mmrfc5424addhmac.c
@ -240,7 +240,6 @@ skipSDID(uchar *sdbuf, int sdlen, int *rootIdx)
 		}
 		++i;
 	}
-dbgprintf("DDDD: end skip, sd-id: '%s'\n", sdbuf+i);
 	*rootIdx = i;
 }

@ -264,7 +263,6 @@ getSDID(uchar *sdbuf, int sdlen, int *rootIdx, uchar *sdid)
 done:
 	sdid[j] = '\0';
 	*rootIdx = i;
-dbgprintf("DDDD: got sd-id '%s'\n", sdid);
 }

 /* check if "our" hmac is already present */
@ -278,7 +276,6 @@ isHmacPresent(instanceData *pData, msg_t *pMsg)
 	uchar sdid[33]; /* RFC-based size limit */

 	MsgGetStructuredData(pMsg, &sdbuf, &sdlen);
-dbgprintf("DDDD: STRUCTURED-DATA is: '%s'\n", sdbuf);

 	found = 0;
 	i = 0;
@ -291,7 +288,6 @@ dbgprintf("DDDD: STRUCTURED-DATA is: '%s'\n", sdbuf);
 		skipSDID(sdbuf, sdlen, &i);
 	}

-dbgprintf("DDDD: isHmacPresent: %d\n", found);
 	return found;
 }

@ -300,16 +296,23 @@ hashMsg(instanceData *pData, msg_t *pMsg)
 {
 	uchar *pRawMsg;
 	int lenRawMsg;
+	uchar *sdbuf;
+	rs_size_t sdlen;
 	unsigned int hashlen;
 	uchar hash[EVP_MAX_MD_SIZE];
 	uchar hashPrintable[2*EVP_MAX_MD_SIZE+1];
+	uchar newsd[64*1024];	/* we assume this is sufficient... */
+	int lenNewsd;
 	DEFiRet;

+	MsgGetStructuredData(pMsg, &sdbuf, &sdlen);
 	getRawMsg(pMsg, &pRawMsg, &lenRawMsg);
 	HMAC(pData->algo, pData->key, pData->keylen,
 	     pRawMsg, lenRawMsg, hash, &hashlen);
 	hexify(hash, hashlen, hashPrintable);
-dbgprintf("DDDD: rawmsg is: '%s', hash: '%s'\n", pRawMsg, hashPrintable);
+	lenNewsd = snprintf((char*)newsd, sizeof(newsd), "[%s hash=\"%s\"]",
+		            (char*)pData->sdid, (char*)hashPrintable);
+	MsgAddToStructuredData(pMsg, newsd, lenNewsd);
 	RETiRet;
 }

@ -326,7 +329,6 @@ CODESTARTdoAction
 			uchar *pRawMsg;
 			int lenRawMsg;
 			getRawMsg(pMsg, &pRawMsg, &lenRawMsg);
-dbgprintf("DDDD: mmrfc5424addhmac: non-rfc5424 or HMAC already present: %.256s\n", pRawMsg);
 			dbgprintf("mmrfc5424addhmac: non-rfc5424 or HMAC already "
 			          "present: %.256s\n", pRawMsg);
 		}
--- a/runtime/msg.c
+++ b/runtime/msg.c
@ -4067,6 +4067,22 @@ finalize_it:
 	RETiRet;
 }

+rsRetVal
+MsgAddToStructuredData(msg_t *pMsg, uchar *toadd, rs_size_t len)
+{
+	uchar *newptr;
+	rs_size_t newlen;
+	DEFiRet;
+	newlen = pMsg->lenStrucData + len;
+	CHKmalloc(newptr = (uchar*) realloc(pMsg->pszStrucData, newlen+1));
+	pMsg->pszStrucData = newptr;
+	memcpy(pMsg->pszStrucData+pMsg->lenStrucData, toadd, len);
+	pMsg->pszStrucData[newlen] = '\0';
+	pMsg->lenStrucData = newlen;
+finalize_it:
+	RETiRet;
+}
+

 /* dummy */
 rsRetVal msgQueryInterface(void) { return RS_RET_NOT_IMPLEMENTED; }
--- a/runtime/msg.h
+++ b/runtime/msg.h
@ -168,6 +168,7 @@ void MsgSetTAG(msg_t *pMsg, uchar* pszBuf, size_t lenBuf);
 void MsgSetRuleset(msg_t *pMsg, ruleset_t*);
 rsRetVal MsgSetFlowControlType(msg_t *pMsg, flowControl_t eFlowCtl);
 rsRetVal MsgSetStructuredData(msg_t *pMsg, char* pszStrucData);
+rsRetVal MsgAddToStructuredData(msg_t *pMsg, uchar *toadd, rs_size_t len);
 void MsgGetStructuredData(msg_t *pM, uchar **pBuf, rs_size_t *len);
 rsRetVal msgSetFromSockinfo(msg_t *pThis, struct sockaddr_storage *sa);
 void MsgSetRcvFrom(msg_t *pMsg, prop_t*);