From 4d17e58ace7e3b8cf1037521e5ed0ff4a4924025 Mon Sep 17 00:00:00 2001
From: Orion Poplawski <orion@cora.nwra.com>
Date: Jan 10 2017 20:33:16 +0000
Subject: Add upstream patch to fix fail2ban-regex with journal


---

diff --git a/2009f1c4346597dcc4fd27151d220ea4a7806fdd.patch b/2009f1c4346597dcc4fd27151d220ea4a7806fdd.patch
new file mode 100644
index 0000000..73023fe
--- /dev/null
+++ b/2009f1c4346597dcc4fd27151d220ea4a7806fdd.patch
@@ -0,0 +1,102 @@
+From 2009f1c4346597dcc4fd27151d220ea4a7806fdd Mon Sep 17 00:00:00 2001
+From: sebres <serg.brester@sebres.de>
+Date: Tue, 10 Jan 2017 10:59:53 +0100
+Subject: [PATCH] fail2ban-regex: fix for systemd-journal (see gh-1657)
+
+---
+ fail2ban/client/fail2banregex.py | 31 ++++++++++++++-----------------
+ fail2ban/server/filtersystemd.py |  8 ++++++++
+ 2 files changed, 22 insertions(+), 17 deletions(-)
+
+diff --git a/fail2ban/client/fail2banregex.py b/fail2ban/client/fail2banregex.py
+index 71f5095..13fa35d 100755
+--- a/fail2ban/client/fail2banregex.py
++++ b/fail2ban/client/fail2banregex.py
+@@ -43,12 +43,12 @@
+ from ConfigParser import NoOptionError, NoSectionError, MissingSectionHeaderError
+ 
+ try:
+-	from systemd import journal
+ 	from ..server.filtersystemd import FilterSystemd
+ except ImportError:
+-	journal = None
++	FilterSystemd = None
+ 
+ from ..version import version
++from .jailreader import JailReader
+ from .filterreader import FilterReader
+ from ..server.filter import Filter, FileContainer
+ from ..server.failregex import RegexException
+@@ -82,7 +82,7 @@ def pprint_list(l, header=None):
+ 		s = ''
+ 	output( s + "|  " + "\n|  ".join(l) + '\n`-' )
+ 
+-def journal_lines_gen(myjournal):
++def journal_lines_gen(flt, myjournal): # pragma: no cover
+ 	while True:
+ 		try:
+ 			entry = myjournal.get_next()
+@@ -90,7 +90,7 @@ def journal_lines_gen(myjournal):
+ 			continue
+ 		if not entry:
+ 			break
+-		yield FilterSystemd.formatJournalEntry(entry)
++		yield flt.formatJournalEntry(entry)
+ 
+ def get_opt_parser():
+ 	# use module docstring for help output
+@@ -513,25 +513,22 @@ def start(self, opts, args):
+ 			except IOError as e:
+ 				output( e )
+ 				return False
+-		elif cmd_log == "systemd-journal": # pragma: no cover
+-			if not journal:
++		elif cmd_log.startswith("systemd-journal"): # pragma: no cover
++			if not FilterSystemd:
+ 				output( "Error: systemd library not found. Exiting..." )
+ 				return False
+-			myjournal = journal.Reader(converters={'__CURSOR': lambda x: x})
++			output( "Use         systemd journal" )
++			output( "Use         encoding : %s" % self.encoding )
++			backend, beArgs = JailReader.extractOptions(cmd_log)
++			flt = FilterSystemd(None, **beArgs)
++			flt.setLogEncoding(self.encoding)
++			myjournal = flt.getJournalReader()
+ 			journalmatch = self._journalmatch
+ 			self.setDatePattern(None)
+ 			if journalmatch:
+-				try:
+-					for element in journalmatch:
+-						if element == "+":
+-							myjournal.add_disjunction()
+-						else:
+-							myjournal.add_match(element)
+-				except ValueError:
+-					output( "Error: Invalid journalmatch: %s" % shortstr(" ".join(journalmatch)) )
+-					return False
++				flt.addJournalMatch(journalmatch)
+ 			output( "Use    journal match : %s" % " ".join(journalmatch) )
+-			test_lines = journal_lines_gen(myjournal)
++			test_lines = journal_lines_gen(flt, myjournal)
+ 		else:
+ 			output( "Use      single line : %s" % shortstr(cmd_log) )
+ 			test_lines = [ cmd_log ]
+diff --git a/fail2ban/server/filtersystemd.py b/fail2ban/server/filtersystemd.py
+index 3023155..908112a 100644
+--- a/fail2ban/server/filtersystemd.py
++++ b/fail2ban/server/filtersystemd.py
+@@ -175,6 +175,14 @@ def uni_decode(self, x):
+ 		return v
+ 
+ 	##
++	# Get journal reader
++	#
++	# @return journal reader
++
++	def getJournalReader(self):
++		return self.__journal
++
++	##
+ 	# Format journal log entry into syslog style
+ 	#
+ 	# @param entry systemd journal entry dict
diff --git a/fail2ban.spec b/fail2ban.spec
index f2c4ab7..217157e 100644
--- a/fail2ban.spec
+++ b/fail2ban.spec
@@ -1,11 +1,14 @@
 Summary: Daemon to ban hosts that cause multiple authentication errors
 Name: fail2ban
 Version: 0.9.6
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv2+
 URL: http://fail2ban.sourceforge.net/
 Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
 #Source0: https://github.com/sebres/%{name}/archive/f2b-perfom-prepare-716-cs.tar.gz#/%{name}-test.tar.gz
+# fail2ban-regex: fix for systemd-journal
+# https://github.com/fail2ban/fail2ban/issues/1657
+Patch0: https://github.com/fail2ban/fail2ban/commit/2009f1c4346597dcc4fd27151d220ea4a7806fdd.patch
 # Give up being PartOf iptables for now
 # https://bugzilla.redhat.com/show_bug.cgi?id=1379141
 Patch2: fail2ban-partof.patch
@@ -157,6 +160,7 @@ by default.
 
 %prep
 %setup -q
+%patch0 -p1 -b .journal
 %patch2 -p1 -b .partof
 %patch3 -p1 -b .sendmail
 # Use Fedora paths
@@ -297,6 +301,9 @@ fi
 
 
 %changelog
+* Tue Jan 10 2017 Orion Poplawski <orion@cora.nwra.com> - 0.9.6-2
+- Add upstream patch to fix fail2ban-regex with journal
+
 * Fri Jan 6 2017 Orion Poplawski <orion@cora.nwra.com> - 0.9.6-1
 - Update to 0.9.6
 - Fix sendmail-auth filter (bug #1329919)