[Snort-devel] Barnyard Patch: Postgres Support

J.Mann jon at ...2131...
Tue Feb 24 15:44:11 EST 2004


Please find attached a patch for Barnyard which implements
Postgres support:

  $ patch -p1 < barnyard-postgres-support.diff
  $ ./configure --enable-postgres
  $ perl -p -i -e 's/LDFLAGS = (.*)/LDFLAGS = -lpq $1/' src/Makefile
  $ make

A few notes:

* Postgres does not support the technique used by Barnyards
  Mysql code to obtain the rowID after an INSERT.

  Some code has been refactored to make a SELECT after INSERTs
  rather than rely on the Mysql only feature.

* INSERTs into "tcphdr" include a default "tcp_flags" entry of 0.
  This is because Postgres will choke if one is not provided. 
  (ala the schema: NOT NULL)
 
* INSERTs into "sensor" include a default "last_cid" entry of 0.
  This is because Postgres will choke if one is not provided. 
  (ala the schema: NOT NULL)

Regards,

Jon Mann


-- 
Jon Mann
Countersnipe UK
Email: jon at ...2131...
-------------- next part --------------
diff -Naur barnyard-0.1.0.orig/src/output-plugins/op_acid_db.c barnyard-0.1.0/src/output-plugins/op_acid_db.c
--- barnyard-0.1.0.orig/src/output-plugins/op_acid_db.c	2002-12-21 17:23:03.000000000 +0000
+++ barnyard-0.1.0/src/output-plugins/op_acid_db.c	2004-02-24 22:50:02.000000000 +0000
@@ -39,7 +39,7 @@
 #endif /* ENABLE_MYSQL */
 
 #ifdef ENABLE_POSTGRES
-
+#include <libpq-fe.h>
 #endif /* ENABLE_POSTGRES */
 
 /*  D A T A   S T R U C T U R E S  **************************************/
@@ -59,7 +59,7 @@
     MYSQL *mysql;
 #endif /* ENABLE_MYSQL */
 #ifdef ENABLE_POSTGRES
-
+    PGconn *pq;
 #endif /* ENABLE_POSTGRES */
 } AcidDbOpData;
 
@@ -84,12 +84,23 @@
 int DbClose(AcidDbOpData *data);
 int DbConnect(AcidDbOpData *data);
 u_int32_t AcidDbGetNextCid(AcidDbOpData *data);
+
 u_int32_t AcidDbGetSensorId(AcidDbOpData *data);
+unsigned int AcidDbLookupSensorId(AcidDbOpData *op_data);
+
 int AcidDbCheckSchemaVersion(AcidDbOpData *data);
+
 u_int32_t AcidDbGetSigId(AcidDbOpData *, Sid *, ClassType *, 
         unsigned int priority);
+unsigned int AcidDbLookupSigId(AcidDbOpData *op_data, Sid *sid);
+
 unsigned int GetAcidDbClassId(AcidDbOpData *data, ClassType *class_type);
+unsigned int AcidDbLookupClassId(AcidDbOpData *op_data, ClassType *class_type);
+
 int InsertSigReferences(AcidDbOpData *, ReferenceData *, unsigned int sig_id);
+unsigned int AcidDbLookupReferenceSystemId(AcidDbOpData *op_data, ReferenceData *ref);
+unsigned int AcidDbLookupReferenceId(AcidDbOpData *op_data, ReferenceData *ref, unsigned int ref_system_id);
+
 int InsertIPData(AcidDbOpData *data, Packet *p);
 int InsertICMPData(AcidDbOpData *data, Packet *p);
 int InsertUDPData(AcidDbOpData *data, Packet *p);
@@ -97,7 +108,7 @@
 int InsertPayloadData(AcidDbOpData *data, Packet *p);
 
 int SelectAsUInt(AcidDbOpData *data, char *sql, unsigned int *result);
-int Insert(AcidDbOpData *data, char *sql, unsigned int *row_id);
+int Insert(AcidDbOpData *data, char *sql);
 int BeginTransaction(AcidDbOpData *);
 int EndTransaction(AcidDbOpData *);
 int AbortTransaction(AcidDbOpData *);
@@ -112,8 +123,8 @@
 #ifdef ENABLE_POSTGRES
 int PostgresConnect( );
 int PostgresClose( );
-int PostgresSelectAsUInt(  , char *sql, unsigned int *result);
-int PostgresInsert(  , char *sql, unsigned int *row_id);
+int PostgresSelectAsUInt(PGconn *pq, char *sql, unsigned int *result);
+int PostgresInsert(PGconn *pq, char *sql);
 #endif /* ENABLE_POSTGRES */
 
 /* Global variables */
@@ -272,7 +283,7 @@
                 timestamp) < MAX_QUERY_SIZE)
     {
         //LogMessage("SQL: %s\n", sql_buffer);
-        Insert(op_data, sql_buffer, NULL);     /* XXX: Error checking */
+        Insert(op_data, sql_buffer);     /* XXX: Error checking */
     }
     /* insert data into the ip header table */
     if(snprintf(sql_buffer, MAX_QUERY_SIZE,
@@ -281,19 +292,19 @@
             op_data->sensor_id, op_data->event_id, record->sip,
             record->dip, record->protocol) < MAX_QUERY_SIZE)
     {
-        Insert(op_data, sql_buffer, NULL); /* XXX: Error checking */
+        Insert(op_data, sql_buffer); /* XXX: Error checking */
     }
     /* build the protocol specific header information */
     switch(record->protocol)
     {
         case IPPROTO_TCP:
             if(snprintf(sql_buffer, MAX_QUERY_SIZE,
-                    "INSERT INTO tcphdr (sid, cid, tcp_sport, tcp_dport) "
-                    "VALUES('%u', '%u', '%u', '%u')", 
+                    "INSERT INTO tcphdr (sid, cid, tcp_sport, tcp_dport, tcp_flags) "
+                    "VALUES('%u', '%u', '%u', '%u', '0')", 
                     op_data->sensor_id, op_data->event_id, record->sp,
                     record->dp) < MAX_QUERY_SIZE)
             {
-                Insert(op_data, sql_buffer, NULL); /* XXX: Error checking */
+                Insert(op_data, sql_buffer); /* XXX: Error checking */
             }
             break;
         case IPPROTO_UDP:
@@ -303,7 +314,7 @@
                     op_data->sensor_id, op_data->event_id, record->sp,
                     record->dp) < MAX_QUERY_SIZE)
             {
-                Insert(op_data, sql_buffer, NULL);  /* XXX: Error checking */
+                Insert(op_data, sql_buffer);  /* XXX: Error checking */
             }
             break;
         case IPPROTO_ICMP:
@@ -313,7 +324,7 @@
                     op_data->sensor_id, op_data->event_id, record->sp,
                     record->dp) < MAX_QUERY_SIZE)
             {
-                Insert(op_data, sql_buffer, NULL); /* XXX: Error Checking */
+                Insert(op_data, sql_buffer); /* XXX: Error Checking */
             }
             break;
     }
@@ -365,7 +376,7 @@
             timestamp) < MAX_QUERY_SIZE)
     {
         //LogMessage("SQL: %s\n", sql_buffer);
-        Insert(op_data, sql_buffer, NULL);  /* XXX: Error checking */
+        Insert(op_data, sql_buffer);  /* XXX: Error checking */
     }
     /* decode the packet */
     DecodeEthPkt(&p, &record->log.pkth, record->pkt + 2);
@@ -425,7 +436,7 @@
                 p->iph->ip_ttl,
                 htons(p->iph->ip_csum)) < MAX_QUERY_SIZE)
         {
-            Insert(op_data, sql_buffer, NULL);  /* XXX: Error Checking */
+            Insert(op_data, sql_buffer);  /* XXX: Error Checking */
         }
         /* XXX: IP Options not handled */
     }
@@ -438,7 +449,7 @@
                 ntohl(p->iph->ip_src.s_addr), ntohl(p->iph->ip_dst.s_addr), 
                 p->iph->ip_proto) < MAX_QUERY_SIZE)
         {
-            Insert(op_data, sql_buffer, NULL);  /* XXX: Error Checking */
+            Insert(op_data, sql_buffer);  /* XXX: Error Checking */
         }
     }
     return 0;
@@ -457,7 +468,7 @@
                 p->dp, ntohs(p->udph->uh_len), 
                 ntohs(p->udph->uh_chk)) < MAX_QUERY_SIZE)
         {
-            Insert(op_data, sql_buffer, NULL);  /* XXX: Error Checking */
+            Insert(op_data, sql_buffer);  /* XXX: Error Checking */
         }
     }
     else
@@ -469,7 +480,7 @@
                 op_data->sensor_id, op_data->event_id, p->sp,
                 p->dp) < MAX_QUERY_SIZE)
         {
-            Insert(op_data, sql_buffer, NULL);  /* XXX: Error Checking */
+            Insert(op_data, sql_buffer);  /* XXX: Error Checking */
         }
     }
     return 0;
@@ -494,19 +505,19 @@
                 ntohs(p->tcph->th_win), ntohs(p->tcph->th_sum),
                 ntohs(p->tcph->th_urp)) < MAX_QUERY_SIZE)
         {
-            Insert(op_data, sql_buffer, NULL);  /* XXX: Error checking */
+            Insert(op_data, sql_buffer);  /* XXX: Error checking */
         }
         /* XXX: TCP Options not handled */
     }
     else
     {
         if(snprintf(sql_buffer, MAX_QUERY_SIZE,
-                "INSERT INTO tcphdr (sid, cid, tcp_sport, tcp_dport) "
-                "VALUES('%u', '%u', '%u', '%u')", 
+                "INSERT INTO tcphdr (sid, cid, tcp_sport, tcp_dport, tcp_flags) "
+                "VALUES('%u', '%u', '%u', '%u', '0')", 
                 op_data->sensor_id, op_data->event_id, p->sp,
                 p->dp) < MAX_QUERY_SIZE)
         {
-            Insert(op_data, sql_buffer, NULL);  /* XXX: Error checking */
+            Insert(op_data, sql_buffer);  /* XXX: Error checking */
         }
     }
     return 0;
@@ -532,7 +543,7 @@
                     htons(p->icmph->icmp_hun.ih_idseq.icd_seq)) 
                     < MAX_QUERY_SIZE)
             {
-                Insert(op_data, sql_buffer, NULL);  /* XXX: Error checking */
+                Insert(op_data, sql_buffer);  /* XXX: Error checking */
             }
         }
         else
@@ -544,7 +555,7 @@
                     p->icmph->icmp_code, ntohs(p->icmph->icmp_csum))
                     < MAX_QUERY_SIZE)
             {
-                Insert(op_data, sql_buffer, NULL);  /* XXX: Error Checking */
+                Insert(op_data, sql_buffer);  /* XXX: Error Checking */
             }
         }
     }
@@ -557,7 +568,7 @@
                 op_data->sensor_id, op_data->event_id, p->icmph->icmp_type,
                 p->icmph->icmp_code) < MAX_QUERY_SIZE)
         {
-            Insert(op_data, sql_buffer, NULL);  /* XXX: Error Checking */
+            Insert(op_data, sql_buffer);  /* XXX: Error Checking */
         }
     }
     return 0;
@@ -574,7 +585,7 @@
                 "VALUES('%u', '%u', '%s')", op_data->sensor_id, 
                 op_data->event_id, hex_payload) < MAX_QUERY_SIZE)
         {
-            Insert(op_data, sql_buffer, NULL);  /* XXX: Error Checking */
+            Insert(op_data, sql_buffer);  /* XXX: Error Checking */
         }
         free(hex_payload);
     }
@@ -614,6 +625,37 @@
         pv.filter = strdup("");
     }
 
+    sensor_id = AcidDbLookupSensorId(op_data);
+
+    if(sensor_id == 0)
+    {
+        /* insert sensor information */
+        if(snprintf(sql_buffer, MAX_QUERY_SIZE, "INSERT INTO sensor(hostname, "
+                    "interface, filter, detail, encoding, last_cid) VALUES('%s', "
+                    "'%s', '%s', '%u', '0', '0')", pv.hostname, pv.interface,
+                    pv.filter, op_data->detail)
+                < MAX_QUERY_SIZE)
+        {
+            Insert(op_data, sql_buffer); 
+            /* XXX: Error checking */
+        }
+        else
+        {
+            FatalError("Error building SQL Query\n");
+        }
+
+        sensor_id = AcidDbLookupSensorId(op_data);
+    }
+
+    LogMessage("sensor_id == %u\n", sensor_id);
+    
+    return sensor_id;
+}
+
+unsigned int AcidDbLookupSensorId(AcidDbOpData *op_data) 
+{
+    unsigned int sensor_id = 0;
+
     /* XXX: need to escape strings */
     if(snprintf(sql_buffer, MAX_QUERY_SIZE, 
                 "SELECT sid FROM sensor WHERE hostname='%s' AND interface='%s' "
@@ -625,32 +667,16 @@
         {
             FatalError("Database Error\n");
         }
-        if(sensor_id == 0)
-        {
-            /* insert sensor information */
-            if(snprintf(sql_buffer, MAX_QUERY_SIZE, "INSERT INTO sensor(hostname, "
-                        "interface, filter, detail, encoding) VALUES('%s', "
-                        "'%s', '%s', '%u', '0')", pv.hostname, pv.interface,
-                        pv.filter, op_data->detail)
-                    < MAX_QUERY_SIZE)
-            {
-                Insert(op_data, sql_buffer, &sensor_id); 
-                /* XXX: Error checking */
-            }
-            else
-            {
-                FatalError("Error building SQL Query\n");
-            }
-        }
-        LogMessage("sensor_id == %u\n", sensor_id);
     }
     else
     {
         FatalError("Error building SQL Query\n");
     } 
+
     return sensor_id;
 }
 
+
 /* Retrieves the next acid_cid to use for inserting into the database for this
  * sensor
  */
@@ -690,13 +716,11 @@
 {
     unsigned int sig_id;
     unsigned int class_id;
-    if(snprintf(sql_buffer, MAX_QUERY_SIZE,
-            "SELECT sig_id FROM signature WHERE sig_name='%s' AND sig_rev=%u "
-            "AND sig_sid=%u", sid->msg, sid->rev, sid->sid) < MAX_QUERY_SIZE)
-    {
-        if(SelectAsUInt(op_data, sql_buffer, &sig_id) > 0)
-            return sig_id;
-    }
+    
+    sig_id = AcidDbLookupSigId(op_data, sid);
+
+    if (sig_id > 0) return sig_id;
+    
     /* if not found, insert a new record */
     //BeginTransaction(op_data);  /* XXX: Error checking */
     if(class_type)
@@ -711,33 +735,79 @@
             "sig_rev, sig_sid) VALUES('%s', '%u', '%u', '%u', '%u')",
             sid->msg, class_id, priority, sid->rev, sid->sid) < MAX_QUERY_SIZE)
     {
-        Insert(op_data, sql_buffer, &sig_id); /* XXX: Error checking */
+        Insert(op_data, sql_buffer); /* XXX: Error checking */
     }
-    
+   
+    sig_id = AcidDbLookupSigId(op_data, sid);
+
     InsertSigReferences(op_data, sid->ref, sig_id);
     
     //EndTransaction(op_data); /* XXX: Error checking */
     return sig_id;
 }
 
+
+unsigned int AcidDbLookupSigId(AcidDbOpData *op_data, Sid *sid) 
+{
+    unsigned int sig_id = 0;
+
+    if(snprintf(sql_buffer, MAX_QUERY_SIZE,
+            "SELECT sig_id FROM signature WHERE sig_name='%s' AND sig_rev=%u "
+            "AND sig_sid=%u", sid->msg, sid->rev, sid->sid) < MAX_QUERY_SIZE)
+    {
+        if (SelectAsUInt(op_data, sql_buffer, &sig_id) == -1)
+        {
+            FatalError("Database Error\n");
+        }
+    }
+    else
+    {
+        FatalError("Error building SQL Query\n");
+    } 
+
+    return sig_id;
+}
+
 /* looks up the acid class_id since it does not use the standard snort ids */
 unsigned int GetAcidDbClassId(AcidDbOpData *op_data, ClassType *class_type)
 {
     unsigned int class_id = 0;
+
+    class_id = AcidDbLookupClassId(op_data, class_type);
+
+    if (class_id > 0) return class_id;
+
+    /* if not found insert a new record */
     if(snprintf(sql_buffer, MAX_QUERY_SIZE,
-            "SELECT sig_class_id FROM sig_class WHERE sig_class_name='%s'",
+            "INSERT INTO sig_class(sig_class_name) VALUES('%s')", 
             class_type->type) < MAX_QUERY_SIZE)
     {
-        if(SelectAsUInt(op_data, sql_buffer, &class_id) > 0)
-            return class_id;
+        Insert(op_data, sql_buffer); /* XXX: Error checking */
     }
-    /* if not found insert a new record */
+
+    class_id = AcidDbLookupClassId(op_data, class_type);
+ 
+    return class_id;
+}
+
+unsigned int AcidDbLookupClassId(AcidDbOpData *op_data, ClassType *class_type)
+{
+    unsigned int class_id = 0;
+
     if(snprintf(sql_buffer, MAX_QUERY_SIZE,
-            "INSERT INTO sig_class(sig_class_name) VALUES('%s')", 
+            "SELECT sig_class_id FROM sig_class WHERE sig_class_name='%s'",
             class_type->type) < MAX_QUERY_SIZE)
     {
-        Insert(op_data, sql_buffer, &class_id); /* XXX: Error checking */
+        if (SelectAsUInt(op_data, sql_buffer, &class_id) == -1)
+        {
+            FatalError("Database Error\n");
+        }
     }
+    else
+    {
+        FatalError("Error building SQL Query\n");
+    } 
+
     return class_id;
 }
 
@@ -750,45 +820,48 @@
     
     while(ref != NULL)
     {
+        ref_system_id = AcidDbLookupReferenceSystemId(op_data, ref); 
 
-        /* GET the ref_system_id */
-        if(snprintf(sql_buffer, MAX_QUERY_SIZE,
-                "SELECT ref_system_id FROM reference_system WHERE "
-                "ref_system_name='%s'", ref->system) < MAX_QUERY_SIZE)
+        if (ref_system_id == 0)
         {
-            if(SelectAsUInt(op_data, sql_buffer, &ref_system_id) == 0)
+            if(snprintf(sql_buffer, MAX_QUERY_SIZE,
+                "INSERT INTO reference_system(ref_system_name) "
+                "VALUES('%s')",
+                ref->system) < MAX_QUERY_SIZE)
             {
-                /* if not found */
-                if(snprintf(sql_buffer, MAX_QUERY_SIZE,
-                    "INSERT INTO reference_system(ref_system_name) "
-                    "VALUES('%s')",
-                    ref->system) < MAX_QUERY_SIZE)
-                {
-                    Insert(op_data, sql_buffer, &ref_system_id); 
-                    /* XXX: Error checking */
-                }
+                Insert(op_data, sql_buffer); 
+                /* XXX: Error checking */
             }
-        }
+            else
+            {
+                FatalError("Error building SQL Query\n");
+            } 
 
+            ref_system_id = AcidDbLookupReferenceSystemId(op_data, ref);
+        }
 
         /* Get the reference id */
         /* does this reference exist yet? */
-        if(snprintf(sql_buffer, MAX_QUERY_SIZE,
-                "SELECT ref_id FROM reference WHERE ref_system_id=%u AND "
-                "ref_tag='%s'", ref_system_id, ref->id) < MAX_QUERY_SIZE)
+
+        ref_id = AcidDbLookupReferenceId(op_data, ref, ref_system_id);
+
+        if(ref_id == 0)
         {
-            if(SelectAsUInt(op_data, sql_buffer, &ref_id) == 0)
+            /* if not found */
+            if(snprintf(sql_buffer, MAX_QUERY_SIZE,
+                "INSERT INTO reference(ref_system_id, ref_tag) "
+                "VALUES('%u', '%s')", ref_system_id, ref->id) 
+                    < MAX_QUERY_SIZE)
             {
-                /* if not found */
-                if(snprintf(sql_buffer, MAX_QUERY_SIZE,
-                    "INSERT INTO reference(ref_system_id, ref_tag) "
-                    "VALUES('%u', '%s')", ref_system_id, ref->id) 
-                        < MAX_QUERY_SIZE)
-                {
-                    Insert(op_data, sql_buffer, &ref_id); 
-                    /* XXX: Error checking */
-                }
+                Insert(op_data, sql_buffer); 
+                /* XXX: Error checking */
             }
+            else
+            {
+                FatalError("Error building SQL Query\n");
+            }
+
+            ref_id = AcidDbLookupReferenceId(op_data, ref, ref_system_id);
         }
 
         /* INSERT record into the sig_reference join table */    
@@ -797,7 +870,7 @@
                 "VALUES('%u', '%u', '%u')", sig_id, ref_seq, ref_id) 
                 < MAX_QUERY_SIZE)
         {
-            Insert(op_data, sql_buffer, NULL); /* XXX: Error checking */
+            Insert(op_data, sql_buffer); /* XXX: Error checking */
         }
 
         ++ref_seq;
@@ -806,6 +879,50 @@
     return 0;
 }
 
+
+unsigned int AcidDbLookupReferenceSystemId(AcidDbOpData *op_data, ReferenceData *ref)
+{
+    unsigned int ref_system_id = 0;
+
+    /* GET the ref_system_id */
+    if(snprintf(sql_buffer, MAX_QUERY_SIZE,
+            "SELECT ref_system_id FROM reference_system WHERE "
+            "ref_system_name='%s'", ref->system) < MAX_QUERY_SIZE)
+    {
+        if(SelectAsUInt(op_data, sql_buffer, &ref_system_id) == -1)
+        {
+            FatalError("Database Error\n");
+        }
+    }
+    else
+    {
+        FatalError("Error building SQL Query\n");
+    } 
+
+    return ref_system_id;
+}
+
+unsigned int AcidDbLookupReferenceId(AcidDbOpData *op_data, ReferenceData *ref, unsigned int ref_system_id)
+{
+    unsigned int ref_id = 0;
+        
+    if(snprintf(sql_buffer, MAX_QUERY_SIZE,
+            "SELECT ref_id FROM reference WHERE ref_system_id=%u AND "
+            "ref_tag='%s'", ref_system_id, ref->id) < MAX_QUERY_SIZE)
+    {
+        if(SelectAsUInt(op_data, sql_buffer, &ref_id) == -1)
+        {
+            FatalError("Database Error\n");   
+        }
+    }
+    else
+    {
+        FatalError("Error building SQL Query\n");
+    }
+
+    return ref_id;
+}
+
 AcidDbOpData *AcidDbOpParseArgs(char *args)
 {
     AcidDbOpData *op_data;
@@ -971,17 +1088,17 @@
     }
 }
 
-int Insert(AcidDbOpData *op_data, char *sql, unsigned int *row_id)
+int Insert(AcidDbOpData *op_data, char *sql)
 {
     switch(op_data->flavor)
     {
 #ifdef ENABLE_MYSQL
         case FLAVOR_MYSQL:
-            return MysqlInsert(op_data->mysql, sql, row_id);
+            return MysqlInsert(op_data->mysql, sql);
 #endif
 #ifdef ENABLE_POSTGRES
         case FLAVOR_POSTGRES:
-            return PostgresInsert(op_data->pq, sql, result);
+            return PostgresInsert(op_data->pq, sql);
 #endif /* ENABLE_POSTGRES */
         default:
             FatalError("Database flavor not supported\n");
@@ -995,11 +1112,11 @@
     {
 #ifdef ENABLE_MYSQL
         case FLAVOR_MYSQL:
-            return MysqlInsert(op_data->mysql, "BEGIN", NULL);
+            return MysqlInsert(op_data->mysql, "BEGIN");
 #endif
 #ifdef ENABLE_POSTGRES
         case FLAVOR_POSTGRES:
-            return PostgresInsert(op_data->pq, "BEGIN", NULL);
+            return PostgresInsert(op_data->pq, "BEGIN");
 #endif /* ENABLE_POSTGRES */
         default:
             FatalError("Database flavor not supported\n");
@@ -1013,11 +1130,11 @@
     {
 #ifdef ENABLE_MYSQL
         case FLAVOR_MYSQL:
-            return MysqlInsert(op_data->mysql, "COMMIT", NULL);
+            return MysqlInsert(op_data->mysql, "COMMIT");
 #endif
 #ifdef ENABLE_POSTGRES
         case FLAVOR_POSTGRES:
-            return PostgresInsert(op_data->pq, "COMMIT", NULL);
+            return PostgresInsert(op_data->pq, "COMMIT");
 #endif /* ENABLE_POSTGRES */
         default:
             FatalError("Database flavor not supported\n");
@@ -1031,11 +1148,11 @@
     {
 #ifdef ENABLE_MYSQL
         case FLAVOR_MYSQL:
-            return MysqlInsert(op_data->mysql, "ROLLBACK", NULL);
+            return MysqlInsert(op_data->mysql, "ROLLBACK");
 #endif
 #ifdef ENABLE_POSTGRES
         case FLAVOR_POSTGRES:
-            return PostgresInsert(op_data->pq, "ROLLBACK", NULL);
+            return PostgresInsert(op_data->pq, "ROLLBACK");
 #endif /* ENABLE_POSTGRES */
         default:
             FatalError("Database flavor not supported\n");
@@ -1125,7 +1242,7 @@
     return rval;
 }
 
-int MysqlInsert(MYSQL *mysql, char *sql, unsigned int *row_id)
+int MysqlInsert(MYSQL *mysql, char *sql)
 {
     if(MysqlExecuteQuery(mysql, sql) != 0)
     {
@@ -1134,8 +1251,6 @@
         return -1;
     }
 
-    if(row_id != NULL)
-        *row_id = mysql_insert_id(mysql);
     return 0;
 }
 #endif
@@ -1143,24 +1258,71 @@
 #ifdef ENABLE_POSTGRES
 int PostgresConnect(AcidDbOpData *op_data)
 {
+    op_data->pq = PQsetdbLogin(op_data->server, 
+                    NULL, 
+                    NULL, 
+                    NULL, 
+                    op_data->database, 
+                    op_data->user, 
+                    op_data->password ); 
+
+    if (PQstatus(op_data->pq) == CONNECTION_BAD)
+    {
+        FatalError("Failed to connect to database %s:%s@%s/%s: %s\n",
+                op_data->user, op_data->password, op_data->server, 
+                op_data->database, PQerrorMessage(op_data->pq));
+    }
 
     return 0;
 }
 
-int PostgresClose( )
+int PostgresClose(PGconn *pq)
 {
-    
+    PQfinish(pq);
+    return 0;
 }
 
-int PostgresSelectAsUInt( , char *sql, unsigned int *result)
+int PostgresSelectAsUInt(PGconn *pq , char *sql, unsigned int *result)
 {
+    PGresult *res;
+    int rval = 0;
+    
+    res = PQexec(pq, sql);
+
+    if (!res || PQresultStatus(res) != PGRES_TUPLES_OK)
+    {
+        /* XXX: should really just return up the chain */
+        FatalError("Error (%s) executing query: %s\n", PQerrorMessage(pq), sql);
+        return -1;
+    }
+
+    if (PQntuples(res) > 0) {
+
+        if (PQgetvalue(res, 0, 0) == NULL)
+            *result =  0;
+        else
+            *result = atoi(PQgetvalue(res, 0, 0));
+        
+        rval = 1;
+    }
+    
+    PQclear(res);
+    return rval;
 
-    return 0;
 }
 
-int PostgresInsert(, char *sql, unsigned int *row_id)
+int PostgresInsert(PGconn *pq, char *sql)
 {
+    PGresult *res;
+    
+    res = PQexec(pq, sql);
 
+    if (!res || PQresultStatus(res) != PGRES_COMMAND_OK)
+    {
+        /* XXX: should really just return up the chain */
+        FatalError("Error (%s) executing query: %s\n", PQerrorMessage(pq), sql);
+        return -1;
+    }
 
     return 0;
 }
diff -Naur barnyard-0.1.0.orig/src/output-plugins/op_plugbase.c barnyard-0.1.0/src/output-plugins/op_plugbase.c
--- barnyard-0.1.0.orig/src/output-plugins/op_plugbase.c	2002-12-02 20:51:38.000000000 +0000
+++ barnyard-0.1.0/src/output-plugins/op_plugbase.c	2004-02-24 22:51:26.000000000 +0000
@@ -24,9 +24,14 @@
 #include "op_logdump.h"
 #include "op_alert_syslog.h"
 #include "op_log_pcap.h"
+
 #ifdef ENABLE_MYSQL
 #include "op_acid_db.h"
+#elif defined (ENABLE_POSTGRES)
+#include "op_acid_db.h"
 #endif
+
+
 #include "op_alert_csv.h"
 
 
@@ -44,6 +49,8 @@
     LogPcapOpInit();
 #ifdef ENABLE_MYSQL
     AcidDbOpInit();
+#elif defined (ENABLE_POSTGRES)
+    AcidDbOpInit();
 #endif
     AlertCSVOpInit();
     return;


More information about the Snort-devel mailing list