Fix tests and maybe perf improvements

CSdread · Sep 15, 2016 · 60cc585 · 60cc585
1 parent 2336a27
commit 60cc585
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 28 deletions.
diff --git a/audit_test.go b/audit_test.go
@@ -63,7 +63,7 @@ func Test_main(t *testing.T) {
 }
 
 func Benchmark_MultiPacketMessage(b *testing.B) {
-	marshaller := NewAuditMarshaller(NewAuditWriter(&noopWriter{}, 1), false, false, 1)
+	marshaller := NewAuditMarshaller(NewAuditWriter(&noopWriter{}, 1), false, false, 1, []AuditFilter{})
 
 	data := make([][]byte, 6)
 

diff --git a/marshaller_test.go b/marshaller_test.go
@@ -17,7 +17,7 @@ func TestMarshallerConstants(t *testing.T) {
 
 func TestAuditMarshaller_Consume(t *testing.T) {
 	w := &bytes.Buffer{}
-	m := NewAuditMarshaller(NewAuditWriter(w, 1), false, false, 0)
+	m := NewAuditMarshaller(NewAuditWriter(w, 1), false, false, 0, []AuditFilter{})
 
 	// Flush group on 1320
 	m.Consume(&syscall.NetlinkMessage{
@@ -125,7 +125,7 @@ func TestAuditMarshaller_completeMessage(t *testing.T) {
 	t.Skip()
 	return
 	lb, elb := hookLogger()
-	m := NewAuditMarshaller(NewAuditWriter(&FailWriter{}, 1), false, false, 0)
+	m := NewAuditMarshaller(NewAuditWriter(&FailWriter{}, 1), false, false, 0, []AuditFilter{})
 
 	m.Consume(&syscall.NetlinkMessage{
 		Header: syscall.NlMsghdr{

diff --git a/parser.go b/parser.go
@@ -9,8 +9,10 @@ import (
 	"time"
 )
 
-var uidMap = map[string]user.User{}
+var uidMap = map[string]string{}
 var headerEndChar = []byte{")"[0]}
+var headerSepChar = byte(':')
+var spaceChar = byte(' ')
 
 const (
 	HEADER_MIN_LENGTH = 7               // Minimum length of an audit header
@@ -71,7 +73,7 @@ func parseAuditHeader(msg *syscall.NetlinkMessage) (time string, seq int) {
 	header := string(msg.Data[:headerStop])
 	if header[:HEADER_START_POS] == "audit(" {
 		//TODO: out of range check, possibly fully binary?
-		sep := strings.IndexByte(header, ":"[0])
+		sep := strings.IndexByte(header, headerSepChar)
 		time = header[HEADER_START_POS:sep]
 		seq, _ = strconv.Atoi(header[sep+1:])
 
@@ -97,7 +99,7 @@ func (amg *AuditMessageGroup) AddMessage(am *AuditMessage) {
 	}
 }
 
-// Find all `uid=` occurences in a message and adds the username to the UidMap object
+// Find all `uid=` occurrences in a message and adds the username to the UidMap object
 func (amg *AuditMessageGroup) mapUids(am *AuditMessage) {
 	data := am.Data
 	start := 0
@@ -110,7 +112,7 @@ func (amg *AuditMessageGroup) mapUids(am *AuditMessage) {
 
 		// Progress the start point beyon the = sign
 		start += 4
-		if end = strings.IndexByte(data[start:], " "[0]); end < 0 {
+		if end = strings.IndexByte(data[start:], spaceChar); end < 0 {
 			// There was no ending space, maybe the uid is at the end of the line
 			end = len(data) - start
 
@@ -149,7 +151,7 @@ func (amg *AuditMessageGroup) findSyscall(am *AuditMessage) {
 
 	// Progress the start point beyond the = sign
 	start += 8
-	if end = strings.IndexByte(data[start:], " "[0]); end < 0 {
+	if end = strings.IndexByte(data[start:], spaceChar); end < 0 {
 		// There was no ending space, maybe the syscall id is at the end of the line
 		end = len(data) - start
 
@@ -166,18 +168,16 @@ func (amg *AuditMessageGroup) findSyscall(am *AuditMessage) {
 func getUsername(uid string) string {
 	uname := "UNKNOWN_USER"
 
-	//Make sure we have a uid element to work with.
-	//Give a default value in case we don't find something.
+	// Make sure we have a uid element to work with.
+	// Give a default value in case we don't find something.
 	if lUser, ok := uidMap[uid]; ok {
-		uname = lUser.Username
+		uname = lUser
 	} else {
 		lUser, err := user.LookupId(uid)
 		if err == nil {
 			uname = lUser.Username
-			uidMap[uid] = *lUser
-		} else {
-			uidMap[uid] = user.User{Username: uname}
 		}
+		uidMap[uid] = uname
 	}
 
 	return uname

diff --git a/parser_test.go b/parser_test.go
@@ -2,7 +2,6 @@ package main
 
 import (
 	"github.com/stretchr/testify/assert"
-	"os/user"
 	"syscall"
 	"testing"
 	"time"
@@ -35,9 +34,9 @@ func TestNewAuditMessage(t *testing.T) {
 }
 
 func TestAuditMessageGroup_AddMessage(t *testing.T) {
-	uidMap = make(map[string]user.User, 0)
-	uidMap["0"] = user.User{Username: "hi"}
-	uidMap["1"] = user.User{Username: "nope"}
+	uidMap = make(map[string]string, 0)
+	uidMap["0"] = "hi"
+	uidMap["1"] = "nope"
 
 	amg := &AuditMessageGroup{
 		Seq:           1,
@@ -77,7 +76,7 @@ func TestAuditMessageGroup_AddMessage(t *testing.T) {
 }
 
 func TestNewAuditMessageGroup(t *testing.T) {
-	uidMap = make(map[string]user.User, 0)
+	uidMap = make(map[string]string, 0)
 	m := &AuditMessage{
 		Type:      uint16(1300),
 		Seq:       1019,
@@ -96,30 +95,30 @@ func TestNewAuditMessageGroup(t *testing.T) {
 }
 
 func Test_getUsername(t *testing.T) {
-	uidMap = make(map[string]user.User, 0)
+	uidMap = make(map[string]string, 0)
 	assert.Equal(t, "root", getUsername("0"), "0 should be root you animal")
 	assert.Equal(t, "UNKNOWN_USER", getUsername("-1"), "Expected UNKNOWN_USER")
 
 	val, ok := uidMap["0"]
 	if !ok {
 		t.Fatal("Expected the uid mapping to be cached")
 	}
-	assert.Equal(t, "root", val.Username)
+	assert.Equal(t, "root", val)
 
 	val, ok = uidMap["-1"]
 	if !ok {
 		t.Fatal("Expected the uid mapping to be cached")
 	}
-	assert.Equal(t, "UNKNOWN_USER", val.Username)
+	assert.Equal(t, "UNKNOWN_USER", val)
 }
 
 func TestAuditMessageGroup_mapUids(t *testing.T) {
-	uidMap = make(map[string]user.User, 0)
-	uidMap["0"] = user.User{Username: "hi"}
-	uidMap["1"] = user.User{Username: "there"}
-	uidMap["2"] = user.User{Username: "fun"}
-	uidMap["3"] = user.User{Username: "test"}
-	uidMap["99999"] = user.User{Username: "derp"}
+	uidMap = make(map[string]string, 0)
+	uidMap["0"] = "hi"
+	uidMap["1"] = "there"
+	uidMap["2"] = "fun"
+	uidMap["3"] = "test"
+	uidMap["99999"] = "derp"
 
 	amg := &AuditMessageGroup{
 		Seq:           1,