[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ossec-cvs] ossec-hids: Makefile (HEAD) ar-forward.c (HEAD) manager.c (HEAD) remoted.h (HEAD) secure.c (HEAD) [dcid]
Module name: ossec-hids
Changes by: dcid 07/09/12 23:28:52
Modified files:
Makefile ar-forward.c manager.c remoted.h secure.c
Log message:
Description: Adding support for reloading the agent keys without restarting. Adding a few more rules and some fixes.
Reviewed by: dcid
Bug:
Index: Makefile
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/remoted/Makefile,v
diff -u -r1.7 -r1.8
--- Makefile 16 Jun 2006 22:27:36 -0000 1.7
+++ Makefile 13 Sep 2007 02:28:51 -0000 1.8
@@ -7,7 +7,7 @@
include ../Config.Make
-rlog_OBJS = *.c ${OS_CONFIG} ${OS_ZLIB} ${OS_SHARED} ${OS_NET} ${OS_XML} ${OS_REGEX} ${OS_CRYPTO} ${TEXTRA}
+rlog_OBJS = *.c ${OS_CONFIG} ${OS_ZLIB} ${OS_CRYPTO} ${OS_SHARED} ${OS_NET} ${OS_XML} ${OS_REGEX} ${TEXTRA}
remoted:
${CC} ${CFLAGS} ${rlog_OBJS} -o ${NAME}
Index: ar-forward.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/remoted/ar-forward.c,v
diff -u -r1.22 -r1.23
--- ar-forward.c 24 Mar 2007 01:20:11 -0000 1.22
+++ ar-forward.c 13 Sep 2007 02:28:51 -0000 1.23
@@ -147,7 +147,7 @@
/* Send to the remote agent that generated the event */
else if((ar_location & REMOTE_AGENT) && (location != NULL))
{
- agent_id = IsAllowedName(&keys, location);
+ agent_id = OS_IsAllowedName(&keys, location);
if(agent_id < 0)
{
merror(AR_NOAGENT_ERROR, ARGV0, location);
@@ -162,7 +162,7 @@
{
ar_location++;
- agent_id = IsAllowedID(&keys, ar_agent_id);
+ agent_id = OS_IsAllowedID(&keys, ar_agent_id);
if(agent_id < 0)
{
@@ -195,7 +195,7 @@
/* If we don't have the agent id, ignore it */
- if(keys.rcvd[agentid] < (time(0) - (2*NOTIFY_TIME)))
+ if(keys.keyentries[agentid]->rcvd < (time(0) - (2*NOTIFY_TIME)))
{
return(-1);
}
@@ -219,10 +219,10 @@
/* Sending initial message */
if(sendto(logr.sock, crypt_msg, msg_size, 0,
- (struct sockaddr *)&keys.peer_info[agentid],
- logr.peer_size) < 0)
+ (struct sockaddr *)&keys.keyentries[agentid]->peer_info,
+ logr.peer_size) < 0)
{
- merror(SEND_ERROR,ARGV0, keys.ids[agentid]);
+ merror(SEND_ERROR,ARGV0, keys.keyentries[agentid]->id);
}
Index: manager.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/remoted/manager.c,v
diff -u -r1.36 -r1.37
--- manager.c 5 Sep 2007 22:12:46 -0000 1.36
+++ manager.c 13 Sep 2007 02:28:51 -0000 1.37
@@ -228,7 +228,7 @@
/* If rcvd is not set, do not send (agent didn't connect to me yet */
- if(keys.rcvd[agentid] < (time(0) - (2*NOTIFY_TIME)))
+ if(keys.keyentries[agentid]->rcvd < (time(0) - (2*NOTIFY_TIME)))
{
return(-1);
}
@@ -258,11 +258,11 @@
/* Sending initial message */
if(sendto(logr.sock, crypt_msg, msg_size, 0,
- (struct sockaddr *)&keys.peer_info[agentid],
- logr.peer_size) < 0)
+ (struct sockaddr *)&keys.keyentries[agentid]->peer_info,
+ logr.peer_size) < 0)
{
fclose(fp);
- merror(SEND_ERROR,ARGV0, keys.ids[agentid]);
+ merror(SEND_ERROR,ARGV0, keys.keyentries[agentid]->id);
return(-1);
}
@@ -280,11 +280,11 @@
}
if(sendto(logr.sock, crypt_msg, msg_size, 0,
- (struct sockaddr *)&keys.peer_info[agentid],
- logr.peer_size) < 0)
+ (struct sockaddr *)&keys.keyentries[agentid]->peer_info,
+ logr.peer_size) < 0)
{
fclose(fp);
- merror(SEND_ERROR,ARGV0, keys.ids[agentid]);
+ merror(SEND_ERROR,ARGV0, keys.keyentries[agentid]->id);
return(-1);
}
@@ -312,13 +312,14 @@
/* Sending final message */
if(sendto(logr.sock, crypt_msg, msg_size, 0,
- (struct sockaddr *)&keys.peer_info[agentid],
- logr.peer_size) < 0)
+ (struct sockaddr *)&keys.keyentries[agentid]->peer_info,
+ logr.peer_size) < 0)
{
- merror(SEND_ERROR,ARGV0, keys.ids[agentid]);
+ merror(SEND_ERROR,ARGV0, keys.keyentries[agentid]->id);
fclose(fp);
return(-1);
}
+
fclose(fp);
@@ -360,7 +361,7 @@
if(!msg)
{
merror("%s: Invalid message from '%s' (uname)",ARGV0,
- keys.ips[agentid]->ip);
+ keys.keyentries[agentid]->ip->ip);
return;
}
@@ -377,8 +378,8 @@
/* Writting to the agent file */
snprintf(agent_file, OS_SIZE_1024, "%s/%s-%s",
AGENTINFO_DIR,
- keys.name[agentid],
- keys.ips[agentid]->ip);
+ keys.keyentries[agentid]->name,
+ keys.keyentries[agentid]->ip->ip);
fp = fopen(agent_file, "w");
if(fp)
@@ -407,7 +408,7 @@
{
merror("%s: Invalid message from '%s' (strchr \\n)",
ARGV0,
- keys.ips[agentid]->ip);
+ keys.keyentries[agentid]->ip->ip);
break;
}
@@ -419,7 +420,7 @@
{
merror("%s: Invalid message from '%s' (strchr ' ')",
ARGV0,
- keys.ips[agentid]->ip);
+ keys.keyentries[agentid]->ip->ip);
break;
}
Index: remoted.h
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/remoted/remoted.h,v
diff -u -r1.13 -r1.14
--- remoted.h 28 Aug 2006 18:45:27 -0000 1.13
+++ remoted.h 13 Sep 2007 02:28:51 -0000 1.14
@@ -60,7 +60,7 @@
/*** Global variables ***/
-keystruct keys;
+keystore keys;
remoted logr;
#endif
Index: secure.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/remoted/secure.c,v
diff -u -r1.19 -r1.20
--- secure.c 5 Sep 2007 22:12:46 -0000 1.19
+++ secure.c 13 Sep 2007 02:28:51 -0000 1.20
@@ -70,7 +70,8 @@
/* Reading authentication keys */
- ReadKeys(&keys, 0);
+ OS_ReadKeys(&keys);
+ OS_StartCounter(&keys);
/* setting up peer size */
@@ -133,7 +134,7 @@
tmp_msg++;
recv_b-=2;
- agentid = IsAllowedDynamicID(&keys, buffer +1, srcip);
+ agentid = OS_IsAllowedDynamicID(&keys, buffer +1, srcip);
if(agentid == -1)
{
merror(ENC_IP_ERROR, __local_name, srcip);
@@ -142,7 +143,7 @@
}
else
{
- agentid = IsAllowedIP(&keys, srcip);
+ agentid = OS_IsAllowedIP(&keys, srcip);
if(agentid < 0)
{
merror(DENYIP_ERROR,ARGV0,srcip);
@@ -166,8 +167,8 @@
if(IsValidHeader(tmp_msg))
{
/* We need to save the peerinfo if it is a control msg */
- memcpy(&keys.peer_info[agentid], &peer_info, peer_size);
- keys.rcvd[agentid] = time(0);
+ memcpy(&keys.keyentries[agentid]->peer_info,&peer_info, peer_size);
+ keys.keyentries[agentid]->rcvd = time(0);
save_controlmsg(agentid, tmp_msg);
@@ -176,8 +177,8 @@
/* Generating srcmsg */
- snprintf(srcmsg, OS_FLSIZE, "(%s) %s", keys.name[agentid],
- keys.ips[agentid]->ip);
+ snprintf(srcmsg, OS_FLSIZE,"(%s) %s",keys.keyentries[agentid]->name,
+ keys.keyentries[agentid]->ip->ip);
/* If we can't send the message, try to connect to the
OSSEC home |
Main Index |
Thread Index
OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.