diff -ruBN barnyard-0.2.0/src/output-plugins/op_acid_db.c barnyard-0.2.0-caching/src/output-plugins/op_acid_db.c --- barnyard-0.2.0/src/output-plugins/op_acid_db.c 2004-04-03 13:57:32.000000000 -0600 +++ barnyard-0.2.0-caching/src/output-plugins/op_acid_db.c 2006-04-07 23:35:40.000000000 -0500 @@ -45,6 +45,14 @@ #endif /* ENABLE_POSTGRES */ /* D A T A S T R U C T U R E S **************************************/ +typedef struct _DbSignature +{ + int gen; + int sid; + int sig_id; + struct DbSignature *next; +} DbSignature; + typedef struct _OpAcidDb_Data { u_int8_t flavor; /* what flavor of db? MySQL, postgres, ... */ @@ -57,6 +65,7 @@ int sensor_id; u_int32_t event_id; int linktype; + DbSignature *sig_cache; /* db handles go here */ #ifdef ENABLE_MYSQL MYSQL *mysql; @@ -105,6 +113,11 @@ int Insert(OpAcidDb_Data *data, char *sql, unsigned int *row_id); char *EscapeString(OpAcidDb_Data *data, char *string); +DbSignature * AddDbSignature (DbSignature *dbsig, u_int32_t gen, u_int32_t sid, u_int32_t sig_id); +DbSignature * RemoveDbSignature (DbSignature *dbsig); +int FindDbSignature (DbSignature *dbsig, u_int32_t gen, u_int32_t sid, u_int32_t *sig_id); +void ClearDbSignatures (DbSignature *dbsig); + #ifdef ENABLE_MYSQL int MysqlConnect(OpAcidDb_Data *); int MysqlClose(MYSQL *mysql); @@ -195,6 +208,8 @@ if(data == NULL) FatalError("ERROR: Unable to find context for AcidDb startup!\n"); + data->sig_cache = NULL; + if(pv.verbose) { OpAcidDb_LogConfig(outputPlugin); @@ -729,7 +744,7 @@ * Returns 1 on success */ static int OpAcidDb_GetSigId(OpAcidDb_Data *op_data, char *msg, u_int32_t rev, - u_int32_t sid, u_int32_t *sig_id) + u_int32_t sid, u_int32_t gen, u_int32_t *sig_id) { int rval; char *e_message = NULL; @@ -737,6 +752,11 @@ if(!msg) msg = ""; + if(FindDbSignature(op_data->sig_cache, gen, sid, sig_id)) + { + return 1; + } + if(!(e_message = EscapeString(op_data, msg))) FatalError("Failed to escape string"); @@ -745,6 +765,10 @@ "AND sig_sid=%u", e_message, rev, sid) < MAX_QUERY_SIZE) { rval = SelectAsUInt(op_data, sql_buffer, sig_id); + if(*sig_id != 0) + { + op_data->sig_cache = AddDbSignature(op_data->sig_cache, gen, sid, *sig_id); + } free(e_message); return rval; } @@ -839,7 +863,7 @@ if(!sid) return 0; - if(OpAcidDb_GetSigId(op_data, sid->msg, sid->rev, sid->sid, &sig_id) == 1) + if(OpAcidDb_GetSigId(op_data, sid->msg, sid->rev, sid->sid, sid->gen, &sig_id) == 1) return sig_id; /* Create a new signature entry */ @@ -857,7 +881,11 @@ free(e_message); if(sig_id == -1) { - OpAcidDb_GetSigId(op_data, sid->msg, sid->rev, sid->sid, &sig_id); + OpAcidDb_GetSigId(op_data, sid->msg, sid->rev, sid->sid, sid->gen, &sig_id); + } + else + { + op_data->sig_cache = AddDbSignature(op_data->sig_cache, sid->gen, sid->sid, sig_id); } } else @@ -1196,6 +1224,78 @@ } } +DbSignature * AddDbSignature (DbSignature *dbsig, u_int32_t gen, u_int32_t sid, u_int32_t sig_id) +{ + + if(dbsig != NULL) + { + DbSignature *sig = dbsig; + while(dbsig->next != NULL) + { + dbsig = (DbSignature *)dbsig->next; + } + dbsig->next = (DbSignature *)SafeAlloc(sizeof(DbSignature)); + dbsig = (DbSignature *)dbsig->next; + dbsig->next = NULL; + dbsig->gen = gen; + dbsig->sid = sid; + dbsig->sig_id = sig_id; + return sig; + } + else + { + dbsig = (DbSignature *)SafeAlloc(sizeof(DbSignature)); + dbsig->next = NULL; + dbsig->gen = gen; + dbsig->sid = sid; + dbsig->sig_id = sig_id; + return dbsig; + } + +} + +DbSignature * RemoveDbSignature (DbSignature *dbsig) +{ + + DbSignature *sig = (DbSignature *)dbsig->next; + free(dbsig); + return sig; + +} + +int FindDbSignature (DbSignature *dbsig, u_int32_t gen, u_int32_t sid, u_int32_t *sig_id) +{ + + if(dbsig == NULL) + { + return 0; + } + + while(dbsig != NULL) + { + if(dbsig->gen == gen && dbsig->sid == sid) { + *sig_id = dbsig->sig_id; + return 1; + } + dbsig = (DbSignature *)dbsig->next; + } + + return 0; + +} + +void ClearDbSignatures (DbSignature *dbsig) +{ + + if(dbsig != NULL) + { + while(dbsig != NULL) + { + dbsig = RemoveDbSignature(dbsig); + } + } + +} #ifdef ENABLE_MYSQL int MysqlConnect(OpAcidDb_Data *op_data)