[ossec-cvs] ossec-hids: hash_op.h (HEAD) sec.h (HEAD) shared.h (HEAD) [dcid]

[OSSEC CVS <cvs-commit@xxxxxxxxx>]

Module name:	ossec-hids
Changes by:	dcid	07/09/12 23:28:51

Modified files:
	hash_op.h sec.h shared.h

Log message:
Description: Adding support for reloading the agent keys without restarting. Adding a few more rules and some fixes.
Reviewed by: dcid
Bug:

Index: hash_op.h
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/headers/hash_op.h,v
diff -u -r1.1 -r1.2
--- hash_op.h	17 Aug 2007 00:03:24 -0000	1.1
+++ hash_op.h	13 Sep 2007 02:28:50 -0000	1.2
@@ -49,6 +49,14 @@
 OSHash *OSHash_Create();
 
 
+
+/** void *OSHash_Free(OSHash *self)
+ * Frees the memory used by the hash.
+ */
+void *OSHash_Free(OSHash *self);
+  
+
+
 /** void OSHash_Add(OSHash *hash, char *key, void *data)
  * Returns 0 on error.
  * Returns 1 on duplicated key (not added)

Index: sec.h
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/headers/sec.h,v
diff -u -r1.15 -r1.16
--- sec.h	7 Jul 2007 03:11:47 -0000	1.15
+++ sec.h	13 Sep 2007 02:28:50 -0000	1.16
@@ -5,7 +5,7 @@
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 3) as published by the FSF - Free Software
  * Foundation
  */
 
@@ -14,51 +14,102 @@
 #define __SEC_H
 
 
-/* Key structure. */
-typedef struct _keystruct
+/* Unique key for each agent. */
+typedef struct _keyentry
 {
-    char **ids;
-    char **keys;
-    os_ip **ips;
-    char **name;
-    struct sockaddr_in *peer_info;
-    FILE **fps;
-    unsigned int *global;
-    unsigned int *local;
-    unsigned int *rcvd;
+    unsigned int rcvd;
+    unsigned int local;
+    unsigned int keyid;
+    unsigned int global;
+    
+    char *id;
+    char *key;
+    char *name;
+
+    os_ip *ip;
+    struct sockaddr_in peer_info;
+    FILE *fp;
+}keyentry;
 
+
+/* Key storage. */
+typedef struct _keystore
+{
+    /* Array with all the keys */
+    keyentry **keyentries;
+    
+    
+    /* Hashes, based on the id/ip to lookup the keys. */
+    void *keyhash_id;
+    void *keyhash_ip;
+
+
+    /* Total key size */
     int keysize;
-}keystruct;
+
+    /* Key file stat */
+    int file_change;
+}keystore;
+
 
 
+/** Function prototypes -- key management **/
+
 /* int CheckKeys(): Checks if the authentication keys are present */
-int CheckKeys();
+int OS_CheckKeys();
 
 /* Read the keys */
-void ReadKeys(keystruct *keys, int just_read);
+void OS_ReadKeys(keystore *keys);
 
-/* Decrypt and decompress a ossec message. */
-char *ReadSecMSG(keystruct *keys, char *buffer, char *cleartext, 
-                                  int id, int buffer_size);
+/* Frees the auth keys. */
+void OS_FreeKeys(keystore *keys);
+  
 
-/* Creates an ossec message (encrypts and compress) */
-int CreateSecMSG(keystruct *keys, char *msg, char *msg_encrypted,
-                                  int id);
+/* Starts counter for all agents */
+void OS_StartCounter(keystore *keys);
+
+/* Remove counter for id. */
+void OS_RemoveCounter(char *id);
+
+
+/** Function prototypes -- agent authorization **/
 
 /* Checks if the ip is allowed */
-int IsAllowedIP(keystruct *keys, char *srcip);
+int OS_IsAllowedIP(keystore *keys, char *srcip);
 
 /* Checks if the id is allowed */
-int IsAllowedID(keystruct *keys, char *id);
+int OS_IsAllowedID(keystore *keys, char *id);
 
-/* Checks for a valid name */
-int IsAllowedName(keystruct *keys, char *name);
+/* Checks if name is valid */
+int OS_IsAllowedName(keystore *keys, char *name);
 
 /* Check if the id is valid and dynamic */
-int IsAllowedDynamicID(keystruct *keys, char *id, char *srcip);
+int OS_IsAllowedDynamicID(keystore *keys, char *id, char *srcip);
+
+
+
+/** Function prototypes -- send/recv messages **/
+
+/* Decrypt and decompress a remote message. */
+char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext, 
+                 int id, int buffer_size);
+
+/* Creates an ossec message (encrypts and compress) */
+int CreateSecMSG(keystore *keys, char *msg, char *msg_encrypted, int id);
+
+
+
+
+/** Remote IDs directories and internal definitions */
+#ifndef WIN32
+    #define RIDS_DIR        "/queue/rids"
+#else
+    #define RIDS_DIR        "rids"
+#endif
+
+#define SENDER_COUNTER  "sender_counter"
+#define KEYSIZE         128 
 
-/* Remove counter for id. */
-void RemoveCounter(char *id);
 
 #endif
 

Index: shared.h
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/headers/shared.h,v
diff -u -r1.38 -r1.39
--- shared.h	7 Sep 2007 21:45:05 -0000	1.38
+++ shared.h	13 Sep 2007 02:28:50 -0000	1.39
@@ -18,6 +18,7 @@
  *  The stack smashing protector defeats some BoF via: gcc -fstack-protector
  *  Reference: http://gcc.gnu.org/onlinedocs/gcc-4.1.2/cpp.pdf
  */
+ 
 #if defined(__GNUC__) && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 1) && (__GNUC_PATCHLEVEL__ >= 2)) || \
                           ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 2)) || \
                            (__GNUC__ >= 5))