[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ossec-cvs] ossec-hids: sendmsg.c (NEW) ar-forward.c (HEAD) manager.c (HEAD) remoted.h (HEAD) secure.c (HEAD) [dcid]
Module name: ossec-hids
Changes by: dcid 07/09/13 23:38:19
Modified files:
ar-forward.c manager.c remoted.h secure.c
Added files:
sendmsg.c
Log message:
Description: More updates to the automatic reload of keys. Changing default monitored files on Windows...
Reviewed by: dcid
Bug:
--- NEW FILE: sendmsg.c ---
/* @(#) $Id: sendmsg.c,v 1.1 2007/09/14 02:38:19 dcid Exp $ */
/* Copyright (C) 2005-2007 Daniel B. Cid <dcid@xxxxxxxxx>
* All right reserved.
*
* This program is a free software; you can redistribute it
* and/or modify it under the terms of the GNU General Public
* License (version 3) as published by the FSF - Free Software
* Foundation
*/
#include "shared.h"
#include <pthread.h>
#include "remoted.h"
#include "os_net/os_net.h"
/* pthread send_msg mutex */
pthread_mutex_t sendmsg_mutex;
/* pthread key update mutex */
pthread_mutex_t keyupdate_mutex;
/* void keyupdate_init()
* Initializes mutex.
*/
void keyupdate_init()
{
/* Initializing mutex */
pthread_mutex_init(&keyupdate_mutex, NULL);
}
/* void void key_lock()
* void key_unlock()
* Locks/unlocks the update mutex.
*/
void key_lock()
{
if(pthread_mutex_lock(&keyupdate_mutex) != 0)
{
merror(MUTEX_ERROR, ARGV0);
}
}
void key_unlock()
{
if(pthread_mutex_unlock(&keyupdate_mutex) != 0)
{
merror(MUTEX_ERROR, ARGV0);
}
}
/* check_keyupdate()
* Check for key updates.
*/
int check_keyupdate()
{
/* Checking key for updates. */
if(!OS_CheckUpdateKeys(&keys))
{
return(0);
}
key_lock();
/* Locking before using */
if(pthread_mutex_lock(&sendmsg_mutex) != 0)
{
key_unlock();
merror(MUTEX_ERROR, ARGV0);
return(0);
}
if(OS_UpdateKeys(&keys))
{
if(pthread_mutex_unlock(&sendmsg_mutex) != 0)
{
merror(MUTEX_ERROR, ARGV0);
}
key_unlock();
return(1);
}
if(pthread_mutex_unlock(&sendmsg_mutex) != 0)
{
merror(MUTEX_ERROR, ARGV0);
}
key_unlock();
return(0);
}
/* send_msg_init():
* Initializes send_msg.
*/
void send_msg_init()
{
/* Initializing mutex */
pthread_mutex_init(&sendmsg_mutex, NULL);
}
/* send_msg()
* Send message to an agent.
* Returns -1 on error
*/
int send_msg(int agentid, char *msg)
{
int msg_size;
char crypt_msg[OS_MAXSTR +1];
/* If we don't have the agent id, ignore it */
if(keys.keyentries[agentid]->rcvd < (time(0) - (2*NOTIFY_TIME)))
{
return(-1);
}
msg_size = CreateSecMSG(&keys, msg, crypt_msg, agentid);
if(msg_size == 0)
{
merror(SEC_ERROR,ARGV0);
return(-1);
}
/* Locking before using */
if(pthread_mutex_lock(&sendmsg_mutex) != 0)
{
merror(MUTEX_ERROR, ARGV0);
return(-1);
}
/* Sending initial message */
if(sendto(logr.sock, crypt_msg, msg_size, 0,
(struct sockaddr *)&keys.keyentries[agentid]->peer_info,
logr.peer_size) < 0)
{
merror(SEND_ERROR,ARGV0, keys.keyentries[agentid]->id);
}
/* Unlocking mutex */
if(pthread_mutex_unlock(&sendmsg_mutex) != 0)
{
merror(MUTEX_ERROR, ARGV0);
return(-1);
}
return(0);
}
/* EOF */
Index: ar-forward.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/remoted/ar-forward.c,v
diff -u -r1.23 -r1.24
--- ar-forward.c 13 Sep 2007 02:28:51 -0000 1.23
+++ ar-forward.c 14 Sep 2007 02:38:19 -0000 1.24
@@ -1,11 +1,11 @@
/* @(#) $Id$ */
-/* Copyright (C) 2005,2006 Daniel B. Cid <dcid@xxxxxxxxx>
+/* Copyright (C) 2005-2007 Daniel B. Cid <dcid@xxxxxxxxx>
* All right reserved.
*
* This program is a free software; you can redistribute it
* and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 3) as published by the FSF - Free Software
* Foundation
*/
@@ -17,10 +17,6 @@
#include "os_net/os_net.h"
-/* pthread send_msg mutex */
-pthread_mutex_t sendmsg_mutex;
-
-
/** void *AR_Forward(void *arg) v0.1
* Start of a new thread. Only returns
@@ -62,6 +58,7 @@
/* Getting the location */
location = msg;
+
/* Location is going to be the agent name */
tmp_str = strchr(msg, ')');
if(!tmp_str)
@@ -135,6 +132,10 @@
tmp_str);
+ /* Lock use of keys */
+ key_lock();
+
+
/* Sending to ALL agents */
if(ar_location & ALL_AGENTS)
{
@@ -150,6 +151,7 @@
agent_id = OS_IsAllowedName(&keys, location);
if(agent_id < 0)
{
+ key_unlock();
merror(AR_NOAGENT_ERROR, ARGV0, location);
continue;
}
@@ -166,77 +168,20 @@
if(agent_id < 0)
{
+ key_unlock();
merror(AR_NOAGENT_ERROR, ARGV0, ar_agent_id);
continue;
}
send_msg(agent_id, msg_to_send);
}
+
+ /* Lock use of keys */
+ key_unlock();
}
}
}
-void send_msg_init()
-{
- /* Initializing mutex */
- pthread_mutex_init(&sendmsg_mutex, NULL);
-}
-
-
-/* send_msg:
- * Send message to an agent.
- * Returns -1 on error
- */
-int send_msg(int agentid, char *msg)
-{
- int msg_size;
- char crypt_msg[OS_MAXSTR +1];
-
-
- /* If we don't have the agent id, ignore it */
- if(keys.keyentries[agentid]->rcvd < (time(0) - (2*NOTIFY_TIME)))
- {
- return(-1);
- }
-
-
- msg_size = CreateSecMSG(&keys, msg, crypt_msg, agentid);
- if(msg_size == 0)
- {
- merror(SEC_ERROR,ARGV0);
- return(-1);
- }
-
-
- /* Locking before using */
- if(pthread_mutex_lock(&sendmsg_mutex) != 0)
- {
- merror(MUTEX_ERROR, ARGV0);
- return(-1);
- }
-
-
- /* Sending initial message */
- if(sendto(logr.sock, crypt_msg, msg_size, 0,
- (struct sockaddr *)&keys.keyentries[agentid]->peer_info,
- logr.peer_size) < 0)
- {
- merror(SEND_ERROR,ARGV0, keys.keyentries[agentid]->id);
- }
-
-
- /* Unlocking mutex */
- if(pthread_mutex_unlock(&sendmsg_mutex) != 0)
- {
- merror(MUTEX_ERROR, ARGV0);
- return(-1);
- }
-
-
- return(0);
-}
-
-
/* EOF */
Index: manager.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/remoted/manager.c,v
diff -u -r1.37 -r1.38
--- manager.c 13 Sep 2007 02:28:51 -0000 1.37
+++ manager.c 14 Sep 2007 02:38:19 -0000 1.38
@@ -220,22 +220,11 @@
int i = 0;
char file[OS_SIZE_1024 +1];
char buf[OS_SIZE_1024 +1];
- char crypt_msg[OS_MAXSTR +1];
-
- int msg_size;
FILE *fp;
- /* If rcvd is not set, do not send (agent didn't connect to me yet */
- if(keys.keyentries[agentid]->rcvd < (time(0) - (2*NOTIFY_TIME)))
- {
- return(-1);
- }
-
-
snprintf(file, OS_SIZE_1024, "%s/%s",SHAREDCFG_DIR, name);
-
fp = fopen(file, "r");
if(!fp)
{
@@ -248,43 +237,21 @@
snprintf(buf, OS_SIZE_1024, "%s%s%s %s\n",
CONTROL_HEADER, FILE_UPDATE_HEADER, sum, name);
- msg_size = CreateSecMSG(&keys, buf, crypt_msg, agentid);
- if(msg_size == 0)
+ if(send_msg(agentid, buf) == -1)
{
merror(SEC_ERROR,ARGV0);
fclose(fp);
return(-1);
}
- /* Sending initial message */
- if(sendto(logr.sock, crypt_msg, msg_size, 0,
- (struct sockaddr *)&keys.keyentries[agentid]->peer_info,
- logr.peer_size) < 0)
- {
- fclose(fp);
- merror(SEND_ERROR,ARGV0, keys.keyentries[agentid]->id);
- return(-1);
- }
-
/* Sending the file content */
while(fgets(buf, OS_SIZE_1024 , fp) != NULL)
{
- msg_size = CreateSecMSG(&keys, buf, crypt_msg, agentid);
-
- if(msg_size == 0)
+ if(send_msg(agentid, buf) == -1)
{
- fclose(fp);
merror(SEC_ERROR,ARGV0);
- return(-1);
- }
-
- if(sendto(logr.sock, crypt_msg, msg_size, 0,
- (struct sockaddr *)&keys.keyentries[agentid]->peer_info,
- logr.peer_size) < 0)
- {
fclose(fp);
- merror(SEND_ERROR,ARGV0, keys.keyentries[agentid]->id);
return(-1);
}
@@ -301,26 +268,14 @@
/* Sending the message to close the file */
snprintf(buf, OS_SIZE_1024, "%s%s", CONTROL_HEADER, FILE_CLOSE_HEADER);
-
- msg_size = CreateSecMSG(&keys, buf, crypt_msg, agentid);
- if(msg_size == 0)
+ if(send_msg(agentid, buf) == -1)
{
merror(SEC_ERROR,ARGV0);
fclose(fp);
return(-1);
}
-
- /* Sending final message */
- if(sendto(logr.sock, crypt_msg, msg_size, 0,
- (struct sockaddr *)&keys.keyentries[agentid]->peer_info,
- logr.peer_size) < 0)
- {
- merror(SEND_ERROR,ARGV0, keys.keyentries[agentid]->id);
- fclose(fp);
- return(-1);
- }
-
+
fclose(fp);
return(0);
@@ -344,13 +299,12 @@
msg_ack[OS_FLSIZE] = '\0';
-
+
/* Startup message -- communicate back to the agent */
if(strcmp(msg, HC_STARTUP) == 0)
{
snprintf(msg_ack, OS_FLSIZE, "%s%s", CONTROL_HEADER, HC_ACK);
send_msg(agentid, msg_ack);
-
return;
}
@@ -376,10 +330,13 @@
/* Writting to the agent file */
+ key_lock();
snprintf(agent_file, OS_SIZE_1024, "%s/%s-%s",
AGENTINFO_DIR,
keys.keyentries[agentid]->name,
keys.keyentries[agentid]->ip->ip);
+ key_unlock();
+
fp = fopen(agent_file, "w");
if(fp)
@@ -518,7 +475,6 @@
pthread_cond_wait(&awake_mutex, &lastmsg_mutex);
}
-
/* Unlocking mutex */
if(pthread_mutex_unlock(&lastmsg_mutex) != 0)
{
@@ -579,13 +535,15 @@
/* manager_init: Should be called before anything here */
-void manager_init()
+void manager_init(int isUpdate)
{
int i;
_stime = time(0);
+
+ f_files();
c_files();
- debug1("%s: DEBUG: Starting manager_unit", ARGV0);
+ debug1("%s: DEBUG: Running manager_unit", ARGV0);
for(i=0;i<MAX_AGENTS;i++)
{
@@ -594,9 +552,12 @@
}
/* Initializing mutexes */
- pthread_mutex_init(&lastmsg_mutex, NULL);
- pthread_cond_init(&awake_mutex, NULL);
-
+ if(isUpdate == 0)
+ {
+ pthread_mutex_init(&lastmsg_mutex, NULL);
+ pthread_cond_init(&awake_mutex, NULL);
+ }
+
modified_agentid = -1;
return;
Index: remoted.h
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/remoted/remoted.h,v
diff -u -r1.14 -r1.15
--- remoted.h 13 Sep 2007 02:28:51 -0000 1.14
+++ remoted.h 14 Sep 2007 02:38:19 -0000 1.15
@@ -43,7 +43,7 @@
void *AR_Forward(void *arg);
/* Initialize the manager */
-void manager_init();
+void manager_init(int isUpdate);
/* Wait for messages from the agent to analyze */
void *wait_for_msgs(void *none);
@@ -56,6 +56,14 @@
/* Initializing send_msg */
void send_msg_init();
+
+int check_keyupdate();
+
+void key_lock();
+
+void key_unlock();
+
+void keyupdate_init();
/*** Global variables ***/
Index: secure.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/remoted/secure.c,v
diff -u -r1.20 -r1.21
--- secure.c 13 Sep 2007 02:28:51 -0000 1.20
+++ secure.c 14 Sep 2007 02:38:19 -0000 1.21
@@ -5,7 +5,7 @@
*
* This program is a free software; you can redistribute it
* and/or modify it under the terms of the GNU General Public
- * License (version 2) as published by the FSF - Free Software
+ * License (version 3) as published by the FSF - Free Software
* Foundation
*/
@@ -42,8 +42,12 @@
send_msg_init();
+ /* Initializing key mutex. */
+ keyupdate_init();
+
+
/* Initializing manager */
- manager_init();
+ manager_init(0);
/* Creating Ar forwarder thread */
@@ -137,8 +141,20 @@
agentid = OS_IsAllowedDynamicID(&keys, buffer +1, srcip);
if(agentid == -1)
{
- merror(ENC_IP_ERROR, __local_name, srcip);
- continue;
+ if(check_keyupdate())
+ {
+ agentid = OS_IsAllowedDynamicID(&keys, buffer +1, srcip);
+ if(agentid == -1)
+ {
+ merror(ENC_IP_ERROR, ARGV0, srcip);
+ continue;
+ }
+ }
+ else
+ {
+ merror(ENC_IP_ERROR, ARGV0, srcip);
+ continue;
+ }
}
}
else
@@ -146,8 +162,20 @@
agentid = OS_IsAllowedIP(&keys, srcip);
if(agentid < 0)
{
- merror(DENYIP_ERROR,ARGV0,srcip);
- continue;
+ if(check_keyupdate())
+ {
+ agentid = OS_IsAllowedIP(&keys, srcip);
+ if(agentid == -1)
+ {
+ merror(DENYIP_ERROR,ARGV0,srcip);
+ continue;
+ }
+ }
+ else
+ {
+ merror(DENYIP_ERROR,ARGV0,srcip);
+ continue;
+ }
}
tmp_msg = buffer;
}
@@ -194,7 +222,6 @@
ErrorExit(QUEUE_FATAL, ARGV0, DEFAULTQUEUE);
}
}
-
}
}
OSSEC home |
Main Index |
Thread Index
OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.