1#!/usr/bin/perl
2
3
4# MemTimeBase.pm, distributed as part of Snortsnarf v021111.1
5# Author: James Hoagland, Silicon Defense (hoagland@SiliconDefense.com)
6# copyright (c) 2001 by Silicon Defense (http://www.silicondefense.com/)
7# Released under GNU General Public License, see the COPYING file included
8# with the distribution or http://www.silicondefense.com/software/snortsnarf/
9# for details.
10
11# MemTimeBase is a base class to implements part of the Packet and Alert API
12# it provides the methods utime, year, month, day, tod_text, tod, and time_cmp
13# this assumes an object instance that it gets is a hash reference with
14#   the fields 'utime', 'year', 'month', 'day', and 'tod_text' possibly
15#   defined.
16# if utime is requested by not stored in 'utime', 'utime' is dervied from
17#   the other 5 fields (using localtime())
18# if information stored in one of the 5 non-'utime' fields is requested,
19#   it is derived from 'utime' and stored
20
21# Please send complaints, kudos, and especially improvements and bugfixes to
22# hoagland@SiliconDefense.com.  As described in GNU General Public License, no
23# warranty is expressed for this program.
24
25
26package MemTimeBase;
27
28# Packet and Alert API routines
29
30sub utime {
31    unless (defined($_[0]->{'utime'})) { # calculate utime from other time fields and store it
32        return undef unless defined($_[0]->{'tod_text'}) && defined($_[0]->{'day'}) && defined($_[0]->{'month'}) && defined($_[0]->{'year'});
33
34        # we have all necessary fields to calculate utime
35        use Time::JulianDay;
36        my ($hour,$min,$secs)= split(':',$_[0]->{'tod_text'});
37        my $isecs= int($secs);
38        $_[0]->{'utime'}= jd_timelocal($secs,$min,$hour,$_[0]->{'day'},$_[0]->{'month'}-1,$_[0]->{'year'}-1900)+($secs-$isecs);
39    }
40    return $_[0]->{'utime'};
41}
42
43sub year {
44    $_[0]->_expand_utime_locally() if (!defined($_[0]->{'year'}) && defined($_[0]->{'utime'}));
45    return $_[0]->{'year'}
46}
47
48sub month {
49    $_[0]->_expand_utime_locally() if (!defined($_[0]->{'month'}) && defined($_[0]->{'utime'}));
50    return $_[0]->{'month'}
51}
52
53sub day {
54    $_[0]->_expand_utime_locally() if (!defined($_[0]->{'day'}) && defined($_[0]->{'utime'}));
55    return $_[0]->{'day'}
56}
57
58sub tod_text {
59    $_[0]->_expand_utime_locally() if (!defined($_[0]->{'tod_text'}) && defined($_[0]->{'utime'}));
60    return $_[0]->{'tod_text'}
61}
62
63sub tod {
64    $_[0]->_expand_utime_locally() if (!defined($_[0]->{'tod_text'}) && defined($_[0]->{'utime'}));
65    return split(':',$_[0]->{'tod_text'});
66}
67
68sub time_cmp {
69    return $_[0]->utime() <=> $_[1]->utime();
70}
71
72
73# private function to fill in 'year', 'month', 'date', and 'tod_text' from utime using localtime()
74sub _expand_utime_locally {
75	#print STDOUT "_expand_utime_locally: utime= ",$_[0]->{'utime'},"\n";
76    # calculate time fields from utime using localtime()
77    my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst)= localtime($_[0]->{'utime'});
78    $_[0]->{'year'}= $year+1900;
79    $_[0]->{'month'}= $mon+1;
80    $_[0]->{'day'}= $mday;
81    $_[0]->{'tod_text'}= sprintf("%02d:%02d:",$hour,$min);
82    $_[0]->{'tod_text'}.= '0' if $sec < 10.0 && $sec !~ /^0/; # pad 0 if needed
83    $_[0]->{'tod_text'}.= $sec;
84}
85
861;
87