自学教程：C++ ABORT_FINALIZE函数代码示例

/* Prepare a module for unloading. * This is currently a dummy, to be filled when we have a plug-in * interface - rgerhards, 2007-08-09 * rgerhards, 2007-11-21: * When this function is called, all instance-data must already have * been destroyed. In the case of output modules, this happens when the * rule set is being destroyed. When we implement other module types, we * need to think how we handle it there (and if we have any instance data). * rgerhards, 2008-03-10: reject unload request if the module has a reference * count > 0. */static rsRetValmodPrepareUnload(modInfo_t *pThis){	DEFiRet;	void *pModCookie;	assert(pThis != NULL);	if(pThis->uRefCnt > 0) {		dbgprintf("rejecting unload of module '%s' because it has a refcount of %d/n",			  pThis->pszName, pThis->uRefCnt);		ABORT_FINALIZE(RS_RET_MODULE_STILL_REFERENCED);	}	CHKiRet(pThis->modGetID(&pModCookie));	pThis->modExit(); /* tell the module to get ready for unload */	CHKiRet(unregCfSysLineHdlrs4Owner(pModCookie));finalize_it:	RETiRet;}

/* sets the correct allow root pointer based on provided type * rgerhards, 2008-12-01 */static rsRetValsetAllowRoot(struct AllowedSenders **ppAllowRoot, uchar *pszType){	DEFiRet;	if(!strcmp((char*)pszType, "UDP"))		*ppAllowRoot = pAllowedSenders_UDP;	else if(!strcmp((char*)pszType, "TCP"))		*ppAllowRoot = pAllowedSenders_TCP;#ifdef USE_GSSAPI	else if(!strcmp((char*)pszType, "GSS"))		*ppAllowRoot = pAllowedSenders_GSS;#endif	else {		dbgprintf("program error: invalid allowed sender ID '%s', denying.../n", pszType);		ABORT_FINALIZE(RS_RET_CODE_ERR); /* everything is invalid for an invalid type */	}finalize_it:	RETiRet;}

/* add a counter to an object * ctrName is duplicated, caller must free it if requried * NOTE: The counter is READ-ONLY and MUST NOT be modified (most * importantly, it must not be initialized, so the caller must * ensure the counter is properly initialized before AddCounter() * is called. */static rsRetValaddManagedCounter(statsobj_t *pThis, const uchar *ctrName, statsCtrType_t ctrType, int8_t flags, void *pCtr,ctr_t **entryRef, int8_t linked){	ctr_t *ctr;	DEFiRet;	*entryRef = NULL;	CHKmalloc(ctr = calloc(1, sizeof(ctr_t)));	ctr->next = NULL;	ctr->prev = NULL;	if((ctr->name = ustrdup(ctrName)) == NULL) {		DBGPRINTF("addCounter: OOM in strdup()/n");		ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY);	}	ctr->flags = flags;	ctr->ctrType = ctrType;	switch(ctrType) {	case ctrType_IntCtr:		ctr->val.pIntCtr = (intctr_t*) pCtr;		break;	case ctrType_Int:		ctr->val.pInt = (int*) pCtr;		break;	}	if (linked) {		addCtrToList(pThis, ctr);	}	*entryRef = ctr;finalize_it:	if (iRet != RS_RET_OK) {		if (ctr != NULL) {			free(ctr->name);			free(ctr);		}	}	RETiRet;}

static rsRetValdoLastMessageRepeatedNTimes(ratelimit_t *ratelimit, smsg_t *pMsg, smsg_t **ppRepMsg){	int bNeedUnlockMutex = 0;	DEFiRet;	if(ratelimit->bThreadSafe) {		pthread_mutex_lock(&ratelimit->mut);		bNeedUnlockMutex = 1;	}	if( ratelimit->pMsg != NULL &&	    getMSGLen(pMsg) == getMSGLen(ratelimit->pMsg) &&	    !ustrcmp(getMSG(pMsg), getMSG(ratelimit->pMsg)) &&	    !strcmp(getHOSTNAME(pMsg), getHOSTNAME(ratelimit->pMsg)) &&	    !strcmp(getPROCID(pMsg, LOCK_MUTEX), getPROCID(ratelimit->pMsg, LOCK_MUTEX)) &&	    !strcmp(getAPPNAME(pMsg, LOCK_MUTEX), getAPPNAME(ratelimit->pMsg, LOCK_MUTEX))) {		ratelimit->nsupp++;		DBGPRINTF("msg repeated %d times/n", ratelimit->nsupp);		/* use current message, so we have the new timestamp		 * (means we need to discard previous one) */		msgDestruct(&ratelimit->pMsg);		ratelimit->pMsg = pMsg;		ABORT_FINALIZE(RS_RET_DISCARDMSG);	} else {/* new message, do "repeat processing" & save it */		if(ratelimit->pMsg != NULL) {			if(ratelimit->nsupp > 0) {				*ppRepMsg = ratelimitGenRepMsg(ratelimit);				ratelimit->nsupp = 0;			}			msgDestruct(&ratelimit->pMsg);		}		ratelimit->pMsg = MsgAddRef(pMsg);	}finalize_it:	if(bNeedUnlockMutex)		pthread_mutex_unlock(&ratelimit->mut);	RETiRet;}

/* init function (must be called once) */rsRetValdnscacheInit(void){    DEFiRet;    if((dnsCache.ht = create_hashtable(100, hash_from_key_fn, key_equals_fn,                                       (void(*)(void*))entryDestruct)) == NULL) {        DBGPRINTF("dnscache: error creating hash table!/n");        ABORT_FINALIZE(RS_RET_ERR); // TODO: make this degrade, but run!    }    dnsCache.nEntries = 0;    pthread_rwlock_init(&dnsCache.rwlock, NULL);    CHKiRet(objGetObjInterface(&obj)); /* this provides the root pointer for all other queries */    CHKiRet(objUse(glbl, CORE_COMPONENT));    CHKiRet(objUse(errmsg, CORE_COMPONENT));    CHKiRet(objUse(prop, CORE_COMPONENT));    prop.Construct(&staticErrValue);    prop.SetString(staticErrValue, (uchar*)"???", 3);    prop.ConstructFinalize(staticErrValue);finalize_it:    RETiRet;}

/* TODO: handle multiple blocks * test-read END record; if present, store offset, else unbounded (current active block) * when decrypting, check if bound is reached. If yes, split into two blocks, get new IV for * second one. */rsRetValrsgcryDecrypt(gcryfile pF, uchar *buf, size_t *len){	gcry_error_t gcryError;	DEFiRet;		if(pF->bytesToBlkEnd != -1)		pF->bytesToBlkEnd -= *len;	gcryError = gcry_cipher_decrypt(pF->chd, buf, *len, NULL, 0);	if(gcryError) {		DBGPRINTF("gcry_cipher_decrypt failed:  %s/%s/n",			gcry_strsource(gcryError),			gcry_strerror(gcryError));		ABORT_FINALIZE(RS_RET_ERR);	}	removePadding(buf, len);	// TODO: remove dbgprintf once things are sufficently stable -- rgerhards, 2013-05-16	dbgprintf("libgcry: decrypted, bytesToBlkEnd %lld, buffer is now '%50.50s'/n", (long long) pF->bytesToBlkEnd, buf);finalize_it:	RETiRet;}

/* Problem with the warnings: they seem to stem back from the way the API is structured */static rsRetValgetIFIPAddr(uchar *szif, int family, uchar *pszbuf, int lenBuf){	struct ifaddrs * ifaddrs = NULL;	struct ifaddrs * ifa;	void * pAddr;	DEFiRet; 	if(getifaddrs(&ifaddrs) != 0) {		ABORT_FINALIZE(RS_RET_ERR);	}	for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) {		if(strcmp(ifa->ifa_name, (char*)szif))			continue;		if(   (family == AF_INET6 || family == AF_UNSPEC)		   && ifa->ifa_addr->sa_family == AF_INET6) {			pAddr = &((struct sockaddr_in6 *)ifa->ifa_addr)->sin6_addr;			inet_ntop(AF_INET6, pAddr, (char*)pszbuf, lenBuf);			break;		} else if(/*   (family == AF_INET || family == AF_UNSPEC)		         &&*/ ifa->ifa_addr->sa_family == AF_INET) {			pAddr = &((struct sockaddr_in *)ifa->ifa_addr)->sin_addr;			inet_ntop(AF_INET, pAddr, (char*)pszbuf, lenBuf);			break;		} 	}	if(ifaddrs != NULL)		freeifaddrs(ifaddrs);	if(ifa == NULL)		iRet = RS_RET_NOT_FOUND;finalize_it:	RETiRet;}

/* construct from CStr object. only the counted string is * copied, not the szString. * rgerhards 2005-10-18 */rsRetVal rsCStrConstructFromCStr(cstr_t **ppThis, cstr_t *pFrom){	DEFiRet;	cstr_t *pThis;	assert(ppThis != NULL);	rsCHECKVALIDOBJECT(pFrom, OIDrsCStr);	CHKiRet(rsCStrConstruct(&pThis));	pThis->iBufSize = pThis->iStrLen = pFrom->iStrLen;	if((pThis->pBuf = (uchar*) MALLOC(sizeof(uchar) * pThis->iStrLen)) == NULL) {		RSFREEOBJ(pThis);		ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY);	}	/* copy properties */	memcpy(pThis->pBuf, pFrom->pBuf, pThis->iStrLen);	*ppThis = pThis;finalize_it:	RETiRet;}

/* construct from sz string * rgerhards 2005-09-15 */rsRetVal rsCStrConstructFromszStr(cstr_t **ppThis, uchar *sz){	DEFiRet;	cstr_t *pThis;	assert(ppThis != NULL);	CHKiRet(rsCStrConstruct(&pThis));	pThis->iBufSize = pThis->iStrLen = strlen((char *) sz);	if((pThis->pBuf = (uchar*) MALLOC(sizeof(uchar) * pThis->iStrLen)) == NULL) {		RSFREEOBJ(pThis);		ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY);	}	/* we do NOT need to copy the /0! */	memcpy(pThis->pBuf, sz, pThis->iStrLen);	*ppThis = pThis;finalize_it:	RETiRet;}

eiWriteIV(gcryfile gf, const uchar *const iv){	static const char hexchars[16] =	   {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};	unsigned iSrc, iDst;	char hex[4096];	DEFiRet;	if(gf->blkLength > sizeof(hex)/2) {		DBGPRINTF("eiWriteIV: crypto block len way too large, aborting "			  "write");		ABORT_FINALIZE(RS_RET_ERR);	}	for(iSrc = iDst = 0 ; iSrc < gf->blkLength ; ++iSrc) {		hex[iDst++] = hexchars[iv[iSrc]>>4];		hex[iDst++] = hexchars[iv[iSrc]&0x0f];	}	iRet = eiWriteRec(gf, "IV:", 3, hex, gf->blkLength*2);finalize_it:	RETiRet;}

/* find a function inside the function registry * The caller provides a cstr_t with the function name and receives * a function pointer back. If no function is found, an RS_RET_UNKNW_FUNC * error is returned. So if the function returns with RS_RET_OK, the caller * can savely assume the function pointer is valid. * rgerhards, 2009-04-06 */static rsRetValfindRSFunction(cstr_t *pcsName, prsf_t *prsf){	rsf_entry_t *pEntry;	rsf_entry_t *pFound;	DEFiRet;	assert(prsf != NULL);	/* find function by list walkthrough.  */	pFound = NULL;	for(pEntry = funcRegRoot ; pEntry != NULL && pFound == NULL ; pEntry = pEntry->pNext)		if(!rsCStrCStrCmp(pEntry->pName, pcsName))			pFound = pEntry;	if(pFound == NULL)		ABORT_FINALIZE(RS_RET_UNKNW_FUNC);	*prsf = pFound->rsf;finalize_it:	RETiRet;}

/* construct from es_str_t string * rgerhards 2010-12-03 */rsRetValcstrConstructFromESStr(cstr_t **ppThis, es_str_t *str){	DEFiRet;	cstr_t *pThis;	CHKiRet(rsCStrConstruct(&pThis));	pThis->iStrLen = es_strlen(str);	pThis->iBufSize = pThis->iStrLen + 1;	if((pThis->pBuf = (uchar*) MALLOC(pThis->iBufSize)) == NULL) {		RSFREEOBJ(pThis);		ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY);	}	/* we do NOT need to copy the /0! */	memcpy(pThis->pBuf, es_getBufAddr(str), pThis->iStrLen);	*ppThis = pThis;finalize_it:	RETiRet;}

/* extract a username and return its uid. * rgerhards, 2007-07-17 */static rsRetVal doGetUID(uchar **pp, rsRetVal (*pSetHdlr)(void*, uid_t), void *pVal){	struct passwd *ppwBuf;	struct passwd pwBuf;	DEFiRet;	uchar szName[256];	char stringBuf[2048];	/* I hope this is large enough... */	assert(pp != NULL);	assert(*pp != NULL);	if(getSubString(pp, (char*) szName, sizeof(szName), ' ')  != 0) {		errmsg.LogError(0, RS_RET_NOT_FOUND, "could not extract user name");		ABORT_FINALIZE(RS_RET_NOT_FOUND);	}	getpwnam_r((char*)szName, &pwBuf, stringBuf, sizeof(stringBuf), &ppwBuf);	if(ppwBuf == NULL) {		errmsg.LogError(0, RS_RET_NOT_FOUND, "ID for user '%s' could not be found or error", (char*)szName);		iRet = RS_RET_NOT_FOUND;	} else {		if(pSetHdlr == NULL) {			/* we should set value directly to var */			*((uid_t*)pVal) = ppwBuf->pw_uid;		} else {			/* we set value via a set function */			CHKiRet(pSetHdlr(pVal, ppwBuf->pw_uid));		}		dbgprintf("uid %d obtained for user '%s'/n", (int) ppwBuf->pw_uid, szName);	}	skipWhiteSpace(pp); /* skip over any whitespace */finalize_it:	RETiRet;}

/** Construct a RELP sess instance *  the pSrv parameter may be set to NULL if the session object is for a client. */relpRetValrelpSessConstruct(relpSess_t **ppThis, relpEngine_t *pEngine, relpSrv_t *pSrv){	relpSess_t *pThis;	ENTER_RELPFUNC;	assert(ppThis != NULL);	RELPOBJ_assert(pEngine, Engine);	if((pThis = calloc(1, sizeof(relpSess_t))) == NULL) {		ABORT_FINALIZE(RELP_RET_OUT_OF_MEMORY);	}	RELP_CORE_CONSTRUCTOR(pThis, Sess);	pThis->pEngine = pEngine;	/* use Engine's command enablement states as default */	pThis->stateCmdSyslog = pEngine->stateCmdSyslog;	pThis->pSrv = pSrv;	pThis->txnr = 1; /* txnr start at 1 according to spec */	pThis->timeout = 10; /* TODO: make configurable */	pThis->sizeWindow = RELP_DFLT_WINDOW_SIZE; /* TODO: make configurable */	pThis->maxDataSize = RELP_DFLT_MAX_DATA_SIZE;	CHKRet(relpSendqConstruct(&pThis->pSendq, pThis->pEngine));	pthread_mutex_init(&pThis->mutSend, NULL);	*ppThis = pThis;finalize_it:	if(iRet != RELP_RET_OK) {		if(pThis != NULL) {			relpSessDestruct(&pThis);		}	}	LEAVE_RELPFUNC;}

/* The following function writes the current log entry * to an established database connection. */rsRetVal writeDB(uchar *psz, instanceData *pData){	DEFiRet;	dbi_result dbiRes = NULL;	ASSERT(psz != NULL);	ASSERT(pData != NULL);	/* see if we are ready to proceed */	if(pData->conn == NULL) {		CHKiRet(initConn(pData, 0));	}	/* try insert */	if((dbiRes = dbi_conn_query(pData->conn, (const char*)psz)) == NULL) {		/* error occured, try to re-init connection and retry */		closeConn(pData); /* close the current handle */		CHKiRet(initConn(pData, 0)); /* try to re-open */		if((dbiRes = dbi_conn_query(pData->conn, (const char*)psz)) == NULL) { /* re-try insert */			/* we failed, giving up for now */			reportDBError(pData, 0);			closeConn(pData); /* free ressources */			ABORT_FINALIZE(RS_RET_SUSPENDED);		}	}finalize_it:	if(iRet == RS_RET_OK) {		pData->uLastDBErrno = 0; /* reset error for error supression */	}	if(dbiRes != NULL)		dbi_result_free(dbiRes);	RETiRet;}

/* llDestroyRootElt - destroy the root element but otherwise * keeps this list intact.  -- rgerhards, 2007-08-03 */rsRetVal llDestroyRootElt(linkedList_t *pThis){	DEFiRet;	llElt_t *pPrev;		if(pThis->pRoot == NULL) {		ABORT_FINALIZE(RS_RET_EMPTY_LIST);	}	pPrev = pThis->pRoot;	if(pPrev->pNext == NULL) {		/* it was the only list element */		pThis->pLast = NULL;		pThis->pRoot = NULL;	} else {		/* there are other list elements */		pThis->pRoot = pPrev->pNext;	}	CHKiRet(llDestroyElt(pThis, pPrev));finalize_it:	RETiRet;}

rsRetVallookupProcessCnf(struct cnfobj *o){	struct cnfparamvals *pvals;	lookup_t *lu;	short i;	DEFiRet;	pvals = nvlstGetParams(o->nvlst, &modpblk, NULL);	if(pvals == NULL) {		ABORT_FINALIZE(RS_RET_MISSING_CNFPARAMS);	}	DBGPRINTF("lookupProcessCnf params:/n");	cnfparamsPrint(&modpblk, pvals);		CHKiRet(lookupNew(&lu));	for(i = 0 ; i < modpblk.nParams ; ++i) {		if(!pvals[i].bUsed)			continue;		if(!strcmp(modpblk.descr[i].name, "file")) {			CHKmalloc(lu->filename = (uchar*)es_str2cstr(pvals[i].val.d.estr, NULL));		} else if(!strcmp(modpblk.descr[i].name, "name")) {			CHKmalloc(lu->name = (uchar*)es_str2cstr(pvals[i].val.d.estr, NULL));		} else {			dbgprintf("lookup_table: program error, non-handled "			  "param '%s'/n", modpblk.descr[i].name);		}	}	CHKiRet(lookupReadFile(lu));	DBGPRINTF("lookup table '%s' loaded from file '%s'/n", lu->name, lu->filename);finalize_it:	cnfparamvalsDestruct(pvals, &modpblk);	RETiRet;}

static inline rsRetValRunSelect(tcpsrv_t *pThis, nsd_epworkset_t workset[], size_t sizeWorkset){	DEFiRet;	int nfds;	int i;	int iWorkset;	int iTCPSess;	int bIsReady;	nssel_t *pSel = NULL;	rsRetVal localRet;	ISOBJ_TYPE_assert(pThis, tcpsrv);	/* this is an endless loop - it is terminated by the framework canelling	 * this thread. Thus, we also need to instantiate a cancel cleanup handler	 * to prevent us from leaking anything. -- rgerhards, 20080-04-24	 */	pthread_cleanup_push(RunCancelCleanup, (void*) &pSel);	while(1) {		CHKiRet(nssel.Construct(&pSel));		if(pThis->pszDrvrName != NULL)			CHKiRet(nssel.SetDrvrName(pSel, pThis->pszDrvrName));		CHKiRet(nssel.ConstructFinalize(pSel));		/* Add the TCP listen sockets to the list of read descriptors. */		for(i = 0 ; i < pThis->iLstnCurr ; ++i) {			CHKiRet(nssel.Add(pSel, pThis->ppLstn[i], NSDSEL_RD));		}		/* do the sessions */		iTCPSess = TCPSessGetNxtSess(pThis, -1);		while(iTCPSess != -1) {			/* TODO: access to pNsd is NOT really CLEAN, use method... */			CHKiRet(nssel.Add(pSel, pThis->pSessions[iTCPSess]->pStrm, NSDSEL_RD));			/* now get next... */			iTCPSess = TCPSessGetNxtSess(pThis, iTCPSess);		}		/* wait for io to become ready */		CHKiRet(nssel.Wait(pSel, &nfds));		if(glbl.GetGlobalInputTermState() == 1)			break; /* terminate input! */		iWorkset = 0;		for(i = 0 ; i < pThis->iLstnCurr ; ++i) {			if(glbl.GetGlobalInputTermState() == 1)				ABORT_FINALIZE(RS_RET_FORCE_TERM);			CHKiRet(nssel.IsReady(pSel, pThis->ppLstn[i], NSDSEL_RD, &bIsReady, &nfds));			if(bIsReady) {				workset[iWorkset].id = i;				workset[iWorkset].pUsr = (void*) pThis->ppLstn; /* this is a flag to indicate listen sock */				++iWorkset;				if(iWorkset >= (int) sizeWorkset) {					processWorkset(pThis, NULL, iWorkset, workset);					iWorkset = 0;				}				//DBGPRINTF("New connect on NSD %p./n", pThis->ppLstn[i]);				//SessAccept(pThis, pThis->ppLstnPort[i], &pNewSess, pThis->ppLstn[i]);				--nfds; /* indicate we have processed one */			}		}		/* now check the sessions */		iTCPSess = TCPSessGetNxtSess(pThis, -1);		while(nfds && iTCPSess != -1) {			if(glbl.GetGlobalInputTermState() == 1)				ABORT_FINALIZE(RS_RET_FORCE_TERM);			localRet = nssel.IsReady(pSel, pThis->pSessions[iTCPSess]->pStrm, NSDSEL_RD, &bIsReady, &nfds);			if(bIsReady || localRet != RS_RET_OK) {				workset[iWorkset].id = iTCPSess;				workset[iWorkset].pUsr = (void*) pThis->pSessions[iTCPSess];				++iWorkset;				if(iWorkset >= (int) sizeWorkset) {					processWorkset(pThis, NULL, iWorkset, workset);					iWorkset = 0;				}				--nfds; /* indicate we have processed one */			}			iTCPSess = TCPSessGetNxtSess(pThis, iTCPSess);		}		if(iWorkset > 0)			processWorkset(pThis, NULL, iWorkset, workset);		/* we need to copy back close descriptors */		CHKiRet(nssel.Destruct(&pSel));finalize_it: /* this is a very special case - this time only we do not exit the function,	      * because that would not help us either. So we simply retry it. Let's see	      * if that actually is a better idea. Exiting the loop wasn't we always	      * crashed, which made sense (the rest of the engine was not prepared for	      * that) -- rgerhards, 2008-05-19	      */		if(pSel != NULL) { /* cleanup missing? happens during err exit! */			nssel.Destruct(&pSel);		}	}	/* note that this point is usually not reached */	pthread_cleanup_pop(1); /* remove cleanup handler *///.........这里部分代码省略.........

/* Accept new TCP connection; make entry in session table. If there * is no more space left in the connection table, the new TCP * connection is immediately dropped. * ppSess has a pointer to the newly created session, if it succeeds. * If it does not succeed, no session is created and ppSess is * undefined. If the user has provided an OnSessAccept Callback, * this one is executed immediately after creation of the  * session object, so that it can do its own initialization. * rgerhards, 2008-03-02 */static rsRetValSessAccept(tcpsrv_t *pThis, tcpLstnPortList_t *pLstnInfo, tcps_sess_t **ppSess, netstrm_t *pStrm){	DEFiRet;	tcps_sess_t *pSess = NULL;	netstrm_t *pNewStrm = NULL;	int iSess = -1;	struct sockaddr_storage *addr;	uchar *fromHostFQDN = NULL;	prop_t *fromHostIP;	ISOBJ_TYPE_assert(pThis, tcpsrv);	assert(pLstnInfo != NULL);	CHKiRet(netstrm.AcceptConnReq(pStrm, &pNewStrm));	/* Add to session list */	iSess = TCPSessTblFindFreeSpot(pThis);	if(iSess == -1) {		errno = 0;		errmsg.LogError(0, RS_RET_MAX_SESS_REACHED, "too many tcp sessions - dropping incoming request");		ABORT_FINALIZE(RS_RET_MAX_SESS_REACHED);	}	if(pThis->bUseKeepAlive) {	        CHKiRet(netstrm.SetKeepAliveProbes(pNewStrm, pThis->iKeepAliveProbes));	        CHKiRet(netstrm.SetKeepAliveTime(pNewStrm, pThis->iKeepAliveTime));	        CHKiRet(netstrm.SetKeepAliveIntvl(pNewStrm, pThis->iKeepAliveIntvl));		CHKiRet(netstrm.EnableKeepAlive(pNewStrm));	}	/* we found a free spot and can construct our session object */	CHKiRet(tcps_sess.Construct(&pSess));	CHKiRet(tcps_sess.SetTcpsrv(pSess, pThis));	CHKiRet(tcps_sess.SetLstnInfo(pSess, pLstnInfo));	if(pThis->OnMsgReceive != NULL)		CHKiRet(tcps_sess.SetOnMsgReceive(pSess, pThis->OnMsgReceive));	/* get the host name */	CHKiRet(netstrm.GetRemoteHName(pNewStrm, &fromHostFQDN));	CHKiRet(netstrm.GetRemoteIP(pNewStrm, &fromHostIP));	CHKiRet(netstrm.GetRemAddr(pNewStrm, &addr));	/* TODO: check if we need to strip the domain name here -- rgerhards, 2008-04-24 */	/* Here we check if a host is permitted to send us messages. If it isn't, we do not further	 * process the message but log a warning (if we are configured to do this).	 * rgerhards, 2005-09-26	 */	if(!pThis->pIsPermittedHost((struct sockaddr*) addr, (char*) fromHostFQDN, pThis->pUsr, pSess->pUsr)) {		DBGPRINTF("%s is not an allowed sender/n", fromHostFQDN);		if(glbl.GetOption_DisallowWarning()) {			errno = 0;			errmsg.LogError(0, RS_RET_HOST_NOT_PERMITTED, "TCP message from disallowed sender %s discarded", fromHostFQDN);		}		ABORT_FINALIZE(RS_RET_HOST_NOT_PERMITTED);	}	/* OK, we have an allowed sender, so let's continue, what	 * means we can finally fill in the session object.	 */	CHKiRet(tcps_sess.SetHost(pSess, fromHostFQDN));	fromHostFQDN = NULL; /* we handed this string over */	CHKiRet(tcps_sess.SetHostIP(pSess, fromHostIP));	CHKiRet(tcps_sess.SetStrm(pSess, pNewStrm));	pNewStrm = NULL; /* prevent it from being freed in error handler, now done in tcps_sess! */	CHKiRet(tcps_sess.SetMsgIdx(pSess, 0));	CHKiRet(tcps_sess.ConstructFinalize(pSess));	/* check if we need to call our callback */	if(pThis->pOnSessAccept != NULL) {		CHKiRet(pThis->pOnSessAccept(pThis, pSess));	}	*ppSess = pSess;	if(!pThis->bUsingEPoll)		pThis->pSessions[iSess] = pSess;	pSess = NULL; /* this is now also handed over */finalize_it:	if(iRet != RS_RET_OK) {		if(pSess != NULL)			tcps_sess.Destruct(&pSess);		if(pNewStrm != NULL)			netstrm.Destruct(&pNewStrm);		free(fromHostFQDN);	}	RETiRet;}

/** * Parse a TIMESTAMP-3164. The pTime parameter * is guranteed to be updated only if a new valid timestamp * could be obtained (restriction added 2008-09-16 by rgerhards). This * also means the caller *must* provide a valid (probably current)  * timstamp in pTime when calling this function. a 3164 timestamp contains * only partial information and only that partial information is updated. * So the "output timestamp" is a valid timestamp only if the "input * timestamp" was valid, too. The is actually an optimization, as it * permits us to use a pre-aquired timestamp and thus avoids to do * a (costly) time() call. Thanks to David Lang for insisting on * time() call reduction ;). * This method now also checks the maximum string length it is passed. * If a *valid* timestamp is found, the string length is decremented * by the number of characters processed. If it is not a valid timestamp, * the length is kept unmodified. -- rgerhards, 2009-09-23 */static rsRetValParseTIMESTAMP3164(struct syslogTime *pTime, uchar** ppszTS, int *pLenStr){	/* variables to temporarily hold time information while we parse */	int month;	int day;	int year = 0; /* 0 means no year provided */	int hour; /* 24 hour clock */	int minute;	int second;	/* end variables to temporarily hold time information while we parse */	int lenStr;	uchar *pszTS;	DEFiRet;	assert(ppszTS != NULL);	pszTS = *ppszTS;	assert(pszTS != NULL);	assert(pTime != NULL);	assert(pLenStr != NULL);	lenStr = *pLenStr;	/* If we look at the month (Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, Dec),	 * we may see the following character sequences occur:	 *	 * J(an/u(n/l)), Feb, Ma(r/y), A(pr/ug), Sep, Oct, Nov, Dec	 *	 * We will use this for parsing, as it probably is the	 * fastest way to parse it.	 *	 * 2009-08-17: we now do case-insensitive comparisons, as some devices obviously do not	 * obey to the RFC-specified case. As we need to guess in any case, we can ignore case	 * in the first place -- rgerhards	 *	 * 2005-07-18, well sometimes it pays to be a bit more verbose, even in C...	 * Fixed a bug that lead to invalid detection of the data. The issue was that	 * we had an if(++pszTS == 'x') inside of some of the consturcts below. However,	 * there were also some elseifs (doing the same ++), which than obviously did not	 * check the orginal character but the next one. Now removed the ++ and put it	 * into the statements below. Was a really nasty bug... I didn't detect it before	 * june, when it first manifested. This also lead to invalid parsing of the rest	 * of the message, as the time stamp was not detected to be correct. - rgerhards	 */	if(lenStr < 3)		ABORT_FINALIZE(RS_RET_INVLD_TIME);	switch(*pszTS++)	{	case 'j':	case 'J':		if(*pszTS == 'a' || *pszTS == 'A') {			++pszTS;			if(*pszTS == 'n' || *pszTS == 'N') {				++pszTS;				month = 1;			} else				ABORT_FINALIZE(RS_RET_INVLD_TIME);		} else if(*pszTS == 'u' || *pszTS == 'U') {			++pszTS;			if(*pszTS == 'n' || *pszTS == 'N') {				++pszTS;				month = 6;			} else if(*pszTS == 'l' || *pszTS == 'L') {				++pszTS;				month = 7;			} else				ABORT_FINALIZE(RS_RET_INVLD_TIME);		} else			ABORT_FINALIZE(RS_RET_INVLD_TIME);		break;	case 'f':	case 'F':		if(*pszTS == 'e' || *pszTS == 'E') {			++pszTS;			if(*pszTS == 'b' || *pszTS == 'B') {				++pszTS;				month = 2;			} else				ABORT_FINALIZE(RS_RET_INVLD_TIME);		} else			ABORT_FINALIZE(RS_RET_INVLD_TIME);		break;	case 'm'://.........这里部分代码省略.........

/** * Parse a TIMESTAMP-3339. * updates the parse pointer position. The pTime parameter * is guranteed to be updated only if a new valid timestamp * could be obtained (restriction added 2008-09-16 by rgerhards). * This method now also checks the maximum string length it is passed. * If a *valid* timestamp is found, the string length is decremented * by the number of characters processed. If it is not a valid timestamp, * the length is kept unmodified. -- rgerhards, 2009-09-23 */static rsRetValParseTIMESTAMP3339(struct syslogTime *pTime, uchar** ppszTS, int *pLenStr){	uchar *pszTS = *ppszTS;	/* variables to temporarily hold time information while we parse */	int year;	int month;	int day;	int hour; /* 24 hour clock */	int minute;	int second;	int secfrac;	/* fractional seconds (must be 32 bit!) */	int secfracPrecision;	char OffsetMode;	/* UTC offset + or - */	char OffsetHour;	/* UTC offset in hours */	int OffsetMinute;	/* UTC offset in minutes */	int lenStr;	/* end variables to temporarily hold time information while we parse */	DEFiRet;	assert(pTime != NULL);	assert(ppszTS != NULL);	assert(pszTS != NULL);	lenStr = *pLenStr;	year = srSLMGParseInt32(&pszTS, &lenStr);	/* We take the liberty to accept slightly malformed timestamps e.g. in 	 * the format of 2003-9-1T1:0:0. This doesn't hurt on receiving. Of course,	 * with the current state of affairs, we would never run into this code	 * here because at postion 11, there is no "T" in such cases ;)	 */	if(lenStr == 0 || *pszTS++ != '-')		ABORT_FINALIZE(RS_RET_INVLD_TIME);	--lenStr;	month = srSLMGParseInt32(&pszTS, &lenStr);	if(month < 1 || month > 12)		ABORT_FINALIZE(RS_RET_INVLD_TIME);	if(lenStr == 0 || *pszTS++ != '-')		ABORT_FINALIZE(RS_RET_INVLD_TIME);	--lenStr;	day = srSLMGParseInt32(&pszTS, &lenStr);	if(day < 1 || day > 31)		ABORT_FINALIZE(RS_RET_INVLD_TIME);	if(lenStr == 0 || *pszTS++ != 'T')		ABORT_FINALIZE(RS_RET_INVLD_TIME);	--lenStr;	hour = srSLMGParseInt32(&pszTS, &lenStr);	if(hour < 0 || hour > 23)		ABORT_FINALIZE(RS_RET_INVLD_TIME);	if(lenStr == 0 || *pszTS++ != ':')		ABORT_FINALIZE(RS_RET_INVLD_TIME);	--lenStr;	minute = srSLMGParseInt32(&pszTS, &lenStr);	if(minute < 0 || minute > 59)		ABORT_FINALIZE(RS_RET_INVLD_TIME);	if(lenStr == 0 || *pszTS++ != ':')		ABORT_FINALIZE(RS_RET_INVLD_TIME);	--lenStr;	second = srSLMGParseInt32(&pszTS, &lenStr);	if(second < 0 || second > 60)		ABORT_FINALIZE(RS_RET_INVLD_TIME);	/* Now let's see if we have secfrac */	if(lenStr > 0 && *pszTS == '.') {		--lenStr;		uchar *pszStart = ++pszTS;		secfrac = srSLMGParseInt32(&pszTS, &lenStr);		secfracPrecision = (int) (pszTS - pszStart);	} else {		secfracPrecision = 0;		secfrac = 0;	}	/* check the timezone */	if(lenStr == 0)		ABORT_FINALIZE(RS_RET_INVLD_TIME);	if(*pszTS == 'Z') {		--lenStr;		pszTS++; /* eat Z */		OffsetMode = 'Z';		OffsetHour = 0;		OffsetMinute = 0;	} else if((*pszTS == '+') || (*pszTS == '-')) {//.........这里部分代码省略.........

static rsRetVal omsnmp_sendsnmp(wrkrInstanceData_t *pWrkrData, uchar *psz){	DEFiRet;	netsnmp_pdu    *pdu = NULL;	oid             enterpriseoid[MAX_OID_LEN];	size_t          enterpriseoidlen = MAX_OID_LEN;	oid				oidSyslogMessage[MAX_OID_LEN];	size_t			oLen = MAX_OID_LEN;	int             status;	char            *trap = NULL;	const char		*strErr = NULL;	instanceData *pData;	pData = pWrkrData->pData;	/* Init SNMP Session if necessary */	if (pWrkrData->snmpsession == NULL) {		CHKiRet(omsnmp_initSession(pWrkrData));	}		/* String should not be NULL */	ASSERT(psz != NULL);	dbgprintf( "omsnmp_sendsnmp: ENTER - Syslogmessage = '%s'/n", (char*)psz);	/* If SNMP Version1 is configured !*/	if(pWrkrData->snmpsession->version == SNMP_VERSION_1) {		pdu = snmp_pdu_create(SNMP_MSG_TRAP);		/* Set enterprise */		if(!snmp_parse_oid(pData->szEnterpriseOID == NULL ? "1.3.6.1.4.1.3.1.1" : (char*)pData->szEnterpriseOID,				   enterpriseoid, &enterpriseoidlen )) {			strErr = snmp_api_errstring(snmp_errno);			errmsg.LogError(0, RS_RET_DISABLE_ACTION, "omsnmp_sendsnmp: Parsing EnterpriseOID "					"failed '%s' with error '%s' /n", pData->szSyslogMessageOID, strErr);			ABORT_FINALIZE(RS_RET_DISABLE_ACTION);		}		pdu->enterprise = (oid *) MALLOC(enterpriseoidlen * sizeof(oid));		memcpy(pdu->enterprise, enterpriseoid, enterpriseoidlen * sizeof(oid));		pdu->enterprise_length = enterpriseoidlen;		/* Set Traptype */		pdu->trap_type = pData->iTrapType; 				/* Set SpecificType */		pdu->specific_type = pData->iSpecificType;		/* Set Updtime */		pdu->time = get_uptime();	}	/* If SNMP Version2c is configured !*/	else if (pWrkrData->snmpsession->version == SNMP_VERSION_2c) 	{		long sysuptime;		char csysuptime[20];				/* Create PDU */		pdu = snmp_pdu_create(SNMP_MSG_TRAP2);				/* Set uptime */		sysuptime = get_uptime();		snprintf( csysuptime, sizeof(csysuptime) , "%ld", sysuptime);		trap = csysuptime;		snmp_add_var(pdu, objid_sysuptime, sizeof(objid_sysuptime) / sizeof(oid), 't', trap);		/* Now set the SyslogMessage Trap OID */		if ( snmp_add_var(pdu, objid_snmptrap, sizeof(objid_snmptrap) / sizeof(oid), 'o',			pData->szSnmpTrapOID == NULL ?  "1.3.6.1.4.1.19406.1.2.1" : (char*) pData->szSnmpTrapOID			) != 0) {			strErr = snmp_api_errstring(snmp_errno);			errmsg.LogError(0, RS_RET_DISABLE_ACTION, "omsnmp_sendsnmp: Adding trap OID failed '%s' with error '%s' /n", pData->szSnmpTrapOID, strErr);			ABORT_FINALIZE(RS_RET_DISABLE_ACTION);		}	}	/* SET TRAP PARAMETER for SyslogMessage! *//*	dbgprintf( "omsnmp_sendsnmp: SyslogMessage '%s'/n", psz );*/	/* First create new OID object */	if (snmp_parse_oid(pData->szSyslogMessageOID == NULL ?			    "1.3.6.1.4.1.19406.1.1.2.1" : (char*)pData->szSyslogMessageOID,				oidSyslogMessage, &oLen)) {		int iErrCode = snmp_add_var(pdu, oidSyslogMessage, oLen, 's', (char*) psz);		if (iErrCode) {			const char *str = snmp_api_errstring(iErrCode);			errmsg.LogError(0, RS_RET_DISABLE_ACTION,  "omsnmp_sendsnmp: Invalid SyslogMessage OID, error code '%d' - '%s'/n", iErrCode, str );			ABORT_FINALIZE(RS_RET_DISABLE_ACTION);		}	} else {		strErr = snmp_api_errstring(snmp_errno);		errmsg.LogError(0, RS_RET_DISABLE_ACTION, "omsnmp_sendsnmp: Parsing SyslogMessageOID failed '%s' with error '%s' /n", pData->szSyslogMessageOID, strErr);		ABORT_FINALIZE(RS_RET_DISABLE_ACTION);	}	/* Send the TRAP */	status = snmp_send(pWrkrData->snmpsession, pdu) == 0;	if (status)	{		/* Debug Output! */		int iErrorCode = pWrkrData->snmpsession->s_snmp_errno;//.........这里部分代码省略.........

static rsRetVal rcvData(){	DEFiRet;		if(!listenerList) {		listenerList = zlist_new();		if(!listenerList) {			errmsg.LogError(0, NO_ERRCODE, "could not allocate list");			ABORT_FINALIZE(RS_RET_ERR);		}	}	zactor_t *authActor;	zcert_t *serverCert;	if(runModConf->authenticator == 1) {		authActor = zactor_new(zauth, NULL);		zstr_sendx(authActor, "CURVE", runModConf->clientCertPath, NULL);		zsock_wait(authActor);	} 	instanceConf_t *inst;	for(inst = runModConf->root; inst != NULL; inst=inst->next) {		CHKiRet(addListener(inst));	}		zpoller_t *poller = zpoller_new(NULL);	if(!poller) {		errmsg.LogError(0, NO_ERRCODE, "could not create poller");			ABORT_FINALIZE(RS_RET_ERR);	}	DBGPRINTF("imczmq: created poller/n");	struct listener_t *pData;	pData = zlist_first(listenerList);	if(!pData) {		errmsg.LogError(0, NO_ERRCODE, "imczmq: no listeners were "						"started, input not activated./n");		ABORT_FINALIZE(RS_RET_NO_RUN);	}	while(pData) {		int rc = zpoller_add(poller, pData->sock);		if(rc != 0) {			errmsg.LogError(0, NO_ERRCODE, "imczmq: could not add "						"socket to poller, input not activated./n");			ABORT_FINALIZE(RS_RET_NO_RUN);		}		pData = zlist_next(listenerList);	}	zframe_t *frame;	zsock_t *which = (zsock_t *)zpoller_wait(poller, -1);	while(which) {		if (zpoller_terminated(poller)) {				break;		}		pData = zlist_first(listenerList);		while(pData->sock != which) {			pData = zlist_next(listenerList);		}			if(which == pData->sock) {			DBGPRINTF("imczmq: found matching socket/n");		}		frame = zframe_recv(which);		char *buf = zframe_strdup(frame);		if(buf == NULL) {			DBGPRINTF("imczmq: null buffer/n");			continue;		}		smsg_t *pMsg;		if(msgConstruct(&pMsg) == RS_RET_OK) {			MsgSetRawMsg(pMsg, buf, strlen(buf));			MsgSetInputName(pMsg, s_namep);			MsgSetHOSTNAME(pMsg, glbl.GetLocalHostName(), ustrlen(glbl.GetLocalHostName()));			MsgSetRcvFrom(pMsg, glbl.GetLocalHostNameProp());			MsgSetRcvFromIP(pMsg, glbl.GetLocalHostIP());			MsgSetMSGoffs(pMsg, 0);			MsgSetFlowControlType(pMsg, eFLOWCTL_NO_DELAY);			MsgSetRuleset(pMsg, pData->ruleset);			pMsg->msgFlags = NEEDS_PARSING | PARSE_HOSTNAME;			submitMsg2(pMsg);		}		free(buf);		which = (zsock_t *)zpoller_wait(poller, -1);	}finalize_it:	zframe_destroy(&frame);	zpoller_destroy(&poller);	pData = zlist_first(listenerList);	while(pData) {		zsock_destroy(&pData->sock);		free(pData->ruleset);		pData = zlist_next(listenerList);	}	zlist_destroy(&listenerList);//.........这里部分代码省略.........

/* note: widely-deployed json_c 0.9 does NOT support incremental * parsing. In order to keep compatible with e.g. Ubuntu 12.04LTS, * we read the file into one big memory buffer and parse it at once. * While this is not very elegant, it will not pose any real issue * for "reasonable" lookup tables (and "unreasonably" large ones * will probably have other issues as well...). */static rsRetVallookupReadFile(lookup_t *pThis){	struct json_tokener *tokener = NULL;	struct json_object *json = NULL;	int eno;	char errStr[1024];	char *iobuf = NULL;	int fd;	ssize_t nread;	struct stat sb;	DEFiRet;	if(stat((char*)pThis->filename, &sb) == -1) {		eno = errno;		errmsg.LogError(0, RS_RET_FILE_NOT_FOUND,			"lookup table file '%s' stat failed: %s",			pThis->filename, rs_strerror_r(eno, errStr, sizeof(errStr)));		ABORT_FINALIZE(RS_RET_FILE_NOT_FOUND);	}	CHKmalloc(iobuf = malloc(sb.st_size));	if((fd = open((const char*) pThis->filename, O_RDONLY)) == -1) {		eno = errno;		errmsg.LogError(0, RS_RET_FILE_NOT_FOUND,			"lookup table file '%s' could not be opened: %s",			pThis->filename, rs_strerror_r(eno, errStr, sizeof(errStr)));		ABORT_FINALIZE(RS_RET_FILE_NOT_FOUND);	}	tokener = json_tokener_new();	nread = read(fd, iobuf, sb.st_size);	if(nread != (ssize_t) sb.st_size) {		eno = errno;		errmsg.LogError(0, RS_RET_READ_ERR,			"lookup table file '%s' read error: %s",			pThis->filename, rs_strerror_r(eno, errStr, sizeof(errStr)));		ABORT_FINALIZE(RS_RET_READ_ERR);	}	json = json_tokener_parse_ex(tokener, iobuf, sb.st_size);	if(json == NULL) {		errmsg.LogError(0, RS_RET_JSON_PARSE_ERR,			"lookup table file '%s' json parsing error",			pThis->filename);		ABORT_FINALIZE(RS_RET_JSON_PARSE_ERR);	}	free(iobuf); /* early free to sever resources*/	iobuf = NULL; /* make sure no double-free */	/* got json object, now populate our own in-memory structure */	CHKiRet(lookupBuildTable(pThis, json));finalize_it:	free(iobuf);	if(tokener != NULL)		json_tokener_free(tokener);	if(json != NULL)		json_object_put(json);	RETiRet;}

/* construct an offers list from the offers contained in a frame. The frame's * Read Next pointer must be positioned at the first character of the offer. * rgerhards, 2008-03-25 */relpRetValrelpOffersConstructFromFrame(relpOffers_t **ppOffers, relpFrame_t *pFrame){	relpOffers_t *pOffers = NULL;	relpOffer_t *pOffer;	relpRetVal localRet;	unsigned char c;	size_t iName;	size_t iVal;	unsigned char szFeatNam[RELP_MAX_OFFER_FEATURENAME+1];	unsigned char szFeatVal[RELP_MAX_OFFER_FEATUREVALUE+1];	ENTER_RELPFUNC;	assert(ppOffers != NULL);	RELPOBJ_assert(pFrame, Frame);	CHKRet(relpOffersConstruct(&pOffers, pFrame->pEngine));	/* now process the command data */	localRet = relpFrameGetNextC(pFrame, &c);	while(localRet == RELP_RET_OK) {		/* command name */		iName = 0;		while(iName < RELP_MAX_OFFER_FEATURENAME && c != '=' && localRet == RELP_RET_OK) {			szFeatNam[iName++] = c;			localRet = relpFrameGetNextC(pFrame, &c);		}		szFeatNam[iName] = '/0'; /* space is reserved for this! */		CHKRet(relpOfferAdd(&pOffer, szFeatNam, pOffers));		/* and now process the values (if any) */		while(localRet == RELP_RET_OK && c != '/n') {			localRet = relpFrameGetNextC(pFrame, &c); /* eat the "=" or "," */			iVal = 0;			while(   iVal < RELP_MAX_OFFER_FEATUREVALUE && localRet == RELP_RET_OK			      && c != ',' && c != '/n' ) {				szFeatVal[iVal++] = c;				localRet = relpFrameGetNextC(pFrame, &c);			}			if(iVal > 0) { /* only set feature if one is actually given */				szFeatVal[iVal] = '/0'; /* space is reserved for this */				CHKRet(relpOfferValueAdd(szFeatVal, 0, pOffer));			}		}		if(localRet == RELP_RET_OK && c == '/n')			localRet = relpFrameGetNextC(pFrame, &c); /* eat '/n' */	}	if(localRet != RELP_RET_END_OF_DATA)		ABORT_FINALIZE(localRet);	*ppOffers = pOffers;finalize_it:	if(iRet != RELP_RET_OK) {		if(pOffers != NULL)			relpOffersDestruct(&pOffers);	}	LEAVE_RELPFUNC;}

/* create as string with the complete offers. The string is dynamically * allocated and passed to the caller. The caller is responsible for * freeing it. This function always allocates a sufficiently large * string (TODO: ensure that!). A string my be prepended to the offers * block (this is for rsp status). If that is not desired, the param * must be NULL, in which case its length is simply ignored (suggest to use * 0 in that case). * rgerhards, 2008-03-24 */relpRetValrelpOffersToString(relpOffers_t *pThis, unsigned char *pszHdr, size_t lenHdr,		   unsigned char **ppszOffers, size_t *plenStr){	unsigned char *pszOffers = NULL;	size_t iStr;	size_t currSize;	size_t iAlloc;	relpOffer_t *pOffer;	relpOfferValue_t *pOfferVal;	ENTER_RELPFUNC;	assert(ppszOffers != NULL);	RELPOBJ_assert(pThis, Offers);	if(pszHdr != NULL && lenHdr > 4096)		iAlloc = 4096 + lenHdr;	else		iAlloc = 4096;	if((pszOffers = malloc(iAlloc)) == NULL) {		ABORT_FINALIZE(RELP_RET_OUT_OF_MEMORY);	}	currSize = iAlloc;	iAlloc = 4096;	/* check if we need to prepend anything */	if(pszHdr == NULL) {		iStr = 0; /* no, start at the beginning */	} else {		memcpy((char*)pszOffers, (char*)pszHdr, lenHdr);		iStr = lenHdr;	}	for(pOffer = pThis->pRoot ; pOffer != NULL ; pOffer = pOffer->pNext) {		/* we use -3 in the realloc-guard ifs so that we have space for constants following! */		if(currSize - iStr - 3 < strlen((char*)pOffer->szName)) {			if((pszOffers = realloc(pszOffers, currSize + iAlloc)) == NULL) {				ABORT_FINALIZE(RELP_RET_OUT_OF_MEMORY);				currSize += iAlloc;			}		}		strcpy((char*)pszOffers+iStr, (char*)pOffer->szName);		iStr += strlen((char*)pOffer->szName);		pszOffers[iStr++] = '=';		for(pOfferVal = pOffer->pValueRoot ; pOfferVal != NULL ; pOfferVal = pOfferVal->pNext) {			if(currSize - iStr - 3 < strlen((char*)pOfferVal->szVal)) {				if((pszOffers = realloc(pszOffers, currSize + iAlloc)) == NULL) {					ABORT_FINALIZE(RELP_RET_OUT_OF_MEMORY);					currSize += iAlloc;				}			}			strcpy((char*)pszOffers+iStr, (char*)pOfferVal->szVal);			iStr += strlen((char*)pOfferVal->szVal);			if(pOfferVal->pNext != NULL)				pszOffers[iStr++] = ',';		}		if(pOffer->pNext != NULL)			pszOffers[iStr++] = '/n';	}	*ppszOffers = pszOffers;	*plenStr = iStr;finalize_it:	if(iRet != RELP_RET_OK) {		if(pszOffers != NULL)			free(pszOffers);	}	LEAVE_RELPFUNC;}

resolveAddr(struct sockaddr_storage *addr, dnscache_entry_t *etry){	DEFiRet;	int error;	sigset_t omask, nmask;	struct addrinfo hints, *res;	char szIP[80]; /* large enough for IPv6 */	char fqdnBuf[NI_MAXHOST];	rs_size_t fqdnLen;	rs_size_t i;		error = mygetnameinfo((struct sockaddr *)addr, SALEN((struct sockaddr *)addr),			    (char*) szIP, sizeof(szIP), NULL, 0, NI_NUMERICHOST);	if(error) {		dbgprintf("Malformed from address %s/n", gai_strerror(error));		ABORT_FINALIZE(RS_RET_INVALID_SOURCE);	}	if(!glbl.GetDisableDNS()) {		sigemptyset(&nmask);		sigaddset(&nmask, SIGHUP);		pthread_sigmask(SIG_BLOCK, &nmask, &omask);		error = mygetnameinfo((struct sockaddr *)addr, SALEN((struct sockaddr *) addr),				    fqdnBuf, NI_MAXHOST, NULL, 0, NI_NAMEREQD);		if(error == 0) {			memset (&hints, 0, sizeof (struct addrinfo));			hints.ai_flags = AI_NUMERICHOST;			/* we now do a lookup once again. This one should fail,			 * because we should not have obtained a non-numeric address. If			 * we got a numeric one, someone messed with DNS!			 */			if(getaddrinfo (fqdnBuf, NULL, &hints, &res) == 0) {				uchar szErrMsg[1024];				freeaddrinfo (res);				/* OK, we know we have evil. The question now is what to do about				 * it. One the one hand, the message might probably be intended				 * to harm us. On the other hand, losing the message may also harm us.				 * Thus, the behaviour is controlled by the $DropMsgsWithMaliciousDnsPTRRecords				 * option. If it tells us we should discard, we do so, else we proceed,				 * but log an error message together with it.				 * time being, we simply drop the name we obtained and use the IP - that one				 * is OK in any way. We do also log the error message. rgerhards, 2007-07-16		 		 */		 		if(glbl.GetDropMalPTRMsgs() == 1) {					snprintf((char*)szErrMsg, sizeof(szErrMsg),						 "Malicious PTR record, message dropped "						 "IP = /"%s/" HOST = /"%s/"",						 szIP, fqdnBuf);					LogError(0, RS_RET_MALICIOUS_ENTITY, "%s", szErrMsg);					pthread_sigmask(SIG_SETMASK, &omask, NULL);					ABORT_FINALIZE(RS_RET_MALICIOUS_ENTITY);				}				/* Please note: we deal with a malicous entry. Thus, we have crafted				 * the snprintf() below so that all text is in front of the entry - maybe				 * it contains characters that make the message unreadable				 * (OK, I admit this is more or less impossible, but I am paranoid...)				 * rgerhards, 2007-07-16				 */				snprintf((char*)szErrMsg, sizeof(szErrMsg),					 "Malicious PTR record (message accepted, but used IP "					 "instead of PTR name: IP = /"%s/" HOST = /"%s/"",					 szIP, fqdnBuf);				LogError(0, NO_ERRCODE, "%s", szErrMsg);				error = 1; /* that will trigger using IP address below. */			} else {/* we have a valid entry, so let's create the respective properties */				fqdnLen = strlen(fqdnBuf);				prop.CreateStringProp(&etry->fqdn, (uchar*)fqdnBuf, fqdnLen);				for(i = 0 ; i < fqdnLen ; ++i)					fqdnBuf[i] = tolower(fqdnBuf[i]);				prop.CreateStringProp(&etry->fqdnLowerCase, (uchar*)fqdnBuf, fqdnLen);			}		}		pthread_sigmask(SIG_SETMASK, &omask, NULL);	}finalize_it:	if(iRet != RS_RET_OK) {		strcpy(szIP, "?error.obtaining.ip?");		error = 1; /* trigger hostname copies below! */	}	/* we need to create the inputName property (only once during our lifetime) */	prop.CreateStringProp(&etry->ip, (uchar*)szIP, strlen(szIP));	if(error || glbl.GetDisableDNS()) {		dbgprintf("Host name for your address (%s) unknown/n", szIP);		prop.AddRef(etry->ip);		etry->fqdn = etry->ip;		prop.AddRef(etry->ip);		etry->fqdnLowerCase = etry->ip;	}	setLocalHostName(etry);//.........这里部分代码省略.........

rsRetVal parsAddrWithBits(rsParsObj *pThis, struct NetAddr **pIP, int *pBits){	register uchar *pC;	uchar *pszIP;	uchar *pszTmp;	struct addrinfo hints, *res = NULL;	cstr_t *pCStr;	DEFiRet;	rsCHECKVALIDOBJECT(pThis, OIDrsPars);	assert(pIP != NULL);	assert(pBits != NULL);	CHKiRet(cstrConstruct(&pCStr));	parsSkipWhitespace(pThis);	pC = rsCStrGetBufBeg(pThis->pCStr) + pThis->iCurrPos;	/* we parse everything until either '/', ',' or	 * whitespace. Validity will be checked down below.	 */	while(pThis->iCurrPos < rsCStrLen(pThis->pCStr)	      && *pC != '/' && *pC != ',' && !isspace((int)*pC)) {		if((iRet = cstrAppendChar(pCStr, *pC)) != RS_RET_OK) {			cstrDestruct (&pCStr);			FINALIZE;		}		++pThis->iCurrPos;		++pC;	}		/* We got the string, let's finish it...  */	if((iRet = cstrFinalize(pCStr)) != RS_RET_OK) {		cstrDestruct(&pCStr);		FINALIZE;	}	/* now we have the string and must check/convert it to	 * an NetAddr structure.	 */	  	CHKiRet(cstrConvSzStrAndDestruct(pCStr, &pszIP, 0));	*pIP = calloc(1, sizeof(struct NetAddr));		if (*((char*)pszIP) == '[') {		pszTmp = (uchar*)strchr ((char*)pszIP, ']');		if (pszTmp == NULL) {			free (pszIP);			ABORT_FINALIZE(RS_RET_INVALID_IP);		}		*pszTmp = '/0';		memset (&hints, 0, sizeof (struct addrinfo));		hints.ai_family = AF_INET6;#		ifdef AI_ADDRCONFIG			hints.ai_flags  = AI_ADDRCONFIG | AI_NUMERICHOST;#		else			hints.ai_flags  = AI_NUMERICHOST;#		endif				switch(getaddrinfo ((char*)pszIP+1, NULL, &hints, &res)) {		case 0: 			(*pIP)->addr.NetAddr = MALLOC (res->ai_addrlen);			memcpy ((*pIP)->addr.NetAddr, res->ai_addr, res->ai_addrlen);			freeaddrinfo (res);			break;		case EAI_NONAME:			F_SET((*pIP)->flags, ADDR_NAME|ADDR_PRI6);			(*pIP)->addr.HostWildcard = strdup ((const char*)pszIP+1);			break;		default:			free (pszIP);			free (*pIP);			ABORT_FINALIZE(RS_RET_ERR);		}				if(*pC == '/') {			/* mask bits follow, let's parse them! */			++pThis->iCurrPos; /* eat slash */			if((iRet = parsInt(pThis, pBits)) != RS_RET_OK) {				free (pszIP);				free (*pIP);				FINALIZE;			}			/* we need to refresh pointer (changed by parsInt()) */			pC = rsCStrGetBufBeg(pThis->pCStr) + pThis->iCurrPos;		} else {			/* no slash, so we assume a single host (/128) */			*pBits = 128;		}	} else { /* now parse IPv4 */		memset (&hints, 0, sizeof (struct addrinfo));		hints.ai_family = AF_INET;#		ifdef AI_ADDRCONFIG			hints.ai_flags  = AI_ADDRCONFIG | AI_NUMERICHOST;#		else			hints.ai_flags  = AI_NUMERICHOST;#		endif				switch(getaddrinfo ((char*)pszIP, NULL, &hints, &res)) {//.........这里部分代码省略.........