diff options
| author | laforge <laforge> | 2000-11-16 17:20:52 +0000 |
|---|---|---|
| committer | laforge <laforge> | 2000-11-16 17:20:52 +0000 |
| commit | 100b59f4bd207ac36aca39b6f011efbb132fe1cf (patch) | |
| tree | 51a1d8514176d93520244899568cc86d0738d96e /ulogd/extensions/ulogd_PWSNIFF.c | |
| parent | bdc6755964040e6aee4ec8e6fd7fdf1ab73d455a (diff) | |
Major update. Almost everything has changed.
- no more dynamic allocations at runtime - only once at startup
- less list traversal through interpreter and key hashes
- output plugins can request only certain results!
Diffstat (limited to 'ulogd/extensions/ulogd_PWSNIFF.c')
| -rw-r--r-- | ulogd/extensions/ulogd_PWSNIFF.c | 42 |
1 files changed, 20 insertions, 22 deletions
diff --git a/ulogd/extensions/ulogd_PWSNIFF.c b/ulogd/extensions/ulogd_PWSNIFF.c index f8e1327..cc0f19e 100644 --- a/ulogd/extensions/ulogd_PWSNIFF.c +++ b/ulogd/extensions/ulogd_PWSNIFF.c @@ -1,11 +1,11 @@ -/* ulogd_PWSNIFF.c, Version $Revision: 1.1 $ +/* ulogd_PWSNIFF.c, Version $Revision: 1.2 $ * * ulogd logging interpreter for POP3 / FTP like plaintext passwords. * * (C) 2000 by Harald Welte <laforge@gnumonks.org> * This software is released under the terms of GNU GPL * - * $Id: ulogd_PWSNIFF.c,v 1.1 2000/08/17 08:03:22 laforge Exp $ + * $Id: ulogd_PWSNIFF.c,v 1.2 2000/09/22 06:54:33 laforge Exp $ * */ @@ -46,15 +46,14 @@ static char *_get_next_blank(char* begp, char *endp) return NULL; } -static ulog_iret_t *_interp_pwsniff(ulog_packet_msg_t *pkt) +static ulog_iret_t *_interp_pwsniff(ulog_interpreter_t *ip, ulog_packet_msg_t *pkt) { struct iphdr *iph = (struct iphdr *) pkt->payload; void *protoh = (u_int32_t *)iph + iph->ihl; struct tcphdr *tcph = protoh; u_int32_t tcplen = ntohs(iph->tot_len) - iph->ihl * 4; unsigned char *ptr, *begp, *pw_begp, *endp, *pw_endp; - ulog_iret_t *ret = NULL; - ulog_iret_t *ret2; + ulog_iret_t *ret = ip->result; int len, pw_len, i, cont = 0; len = pw_len = 0; @@ -94,37 +93,36 @@ static ulog_iret_t *_interp_pwsniff(ulog_packet_msg_t *pkt) } if (len) { - ret = alloc_ret(ULOGD_RET_STRING, "pwsniff.user"); - ret->value.ptr = (char *) malloc(len+1); - if (!ret->value.ptr) { + ret[0].value.ptr = (char *) malloc(len+1); + ret[0].flags |= ULOGD_RETF_VALID; + if (!ret[0].value.ptr) { ulogd_error("_interp_pwsniff: OOM (size=%u)\n", len); - free(ret); return NULL; } - strncpy(ret->value.ptr, begp, len); - *((char *)ret->value.ptr + len + 1) = '\0'; + strncpy(ret[0].value.ptr, begp, len); + *((char *)ret[0].value.ptr + len + 1) = '\0'; } if (pw_len) { - ret2 = alloc_ret(ULOGD_RET_STRING,"pwsniff.pass"); - ret2->value.ptr = (char *) malloc(pw_len+1); - if (!ret2->value.ptr){ + ret[1].value.ptr = (char *) malloc(pw_len+1); + ret[1].flags |= ULOGD_RETF_VALID; + if (!ret[1].value.ptr){ ulogd_error("_interp_pwsniff: OOM (size=%u)\n", pw_len); - free(ret2); return NULL; } - strncpy(ret2->value.ptr, pw_begp, pw_len); - *((char *)ret2->value.ptr + pw_len + 1) = '\0'; + strncpy(ret[1].value.ptr, pw_begp, pw_len); + *((char *)ret[1].value.ptr + pw_len + 1) = '\0'; - if (ret) - ret->next = ret2; - else - ret = ret2; } return ret; } + +static ulog_iret_t pwsniff_rets[] = { + { NULL, NULL, 0, ULOGD_RET_STRING, ULOGD_RETF_FREE, "pwsniff.user", 0 }, + { NULL, NULL, 0, ULOGD_RET_STRING, ULOGD_RETF_FREE, "pwsniff.pass", 0 }, +}; static ulog_interpreter_t base_ip[] = { - { NULL, "pwsniff", &_interp_pwsniff }, + { NULL, "pwsniff", 0, &_interp_pwsniff, 2, &pwsniff_rets }, { NULL, "", NULL }, }; void _base_reg_ip(void) |