[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-dev] ossec-hids: manage_agents.c (HEAD) validate.c (HEAD) [dcid]

Module name:	ossec-hids
Changes by:	dcid	06/08/28 15:45:23

Modified files:
	manage_agents.c validate.c

Log message:
Description: Long commit.
-Increased size requirement for agent names.
-Added monitor daemon.
-Re organized client/server comminication.
-Removed false positives from rootkits.
Reviewed by: dcid (more tests needed)
Bug:

Index: manage_agents.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/addagent/manage_agents.c,v
diff -u -r1.19 -r1.20
--- manage_agents.c	10 Aug 2006 20:11:29 -0000	1.19
+++ manage_agents.c	28 Aug 2006 18:45:23 -0000	1.20
@@ -73,8 +73,8 @@
 {
     int i = 1;
     FILE *fp;
-    char str1[STR_SIZE];
-    char str2[STR_SIZE];
+    char str1[STR_SIZE +1];
+    char str2[STR_SIZE +1];
     
     os_md5 md1;
     os_md5 md2;
@@ -112,15 +112,15 @@
 
     
     /* Zeroing strings */
-    memset(str1,'\0', STR_SIZE);
-    memset(str2,'\0', STR_SIZE);
+    memset(str1,'\0', STR_SIZE +1);
+    memset(str2,'\0', STR_SIZE +1);
 
 
     printf(ADD_NEW);
 
     
     /* Getting the name */
-    memset(name, '\0', STR_SIZE);
+    memset(name, '\0', FILE_SIZE +1);
 
     do
     {
@@ -145,7 +145,7 @@
 
 
     /* Getting IP */
-    memset(ip, '\0', STR_SIZE);
+    memset(ip, '\0', FILE_SIZE +1);
 
     do
     {
@@ -237,13 +237,13 @@
          * Random 5: Final key
          */
         
-        snprintf(str1, 64, "%d%s%d",time3-time2, name, rand1);
-        snprintf(str2, 64, "%d%s%s%d", time2-time1, ip, id, rand2);
+        snprintf(str1, STR_SIZE, "%d%s%d",time3-time2, name, rand1);
+        snprintf(str2, STR_SIZE, "%d%s%s%d", time2-time1, ip, id, rand2);
 
         OS_MD5_Str(str1, md1);
         OS_MD5_Str(str2, md2);
 
-        snprintf(str1, 64, "%s%d%d%d",md1,(int)getpid(),rand(), time3);
+        snprintf(str1, STR_SIZE, "%s%d%d%d",md1,(int)getpid(),rand(), time3);
         OS_MD5_Str(str1, md1);
 
         fprintf(fp,"%s %s %s %s%s\n",id, name, ip, md1,md2);
@@ -251,13 +251,15 @@
         fclose(fp);
 
         printf(AGENT_ADD);
+        break;
       }
       else if(user_input[0] == 'n' || user_input[0] == 'N')
       {
         printf(ADD_NOT);
+        break;
       }
 
-    } while(!(user_input[0] == 'y' || user_input[0] == 'Y' || user_input[0] == 'n' || user_input[0] == 'N'));
+    } while(1);
 
     return(0);
 }
@@ -322,13 +324,15 @@
         
 
         printf(REMOVE_DONE, u_id);
+        break;
       }
       else if(user_input[0] == 'n' || user_input[0] == 'N')
       {
         printf(REMOVE_NOT);
+        break;
       }
 
-    } while(!(user_input[0] == 'y' || user_input[0] == 'Y' || user_input[0] == 'n' || user_input[0] == 'N'));
+    } while(1);
 
     return(0);
 }

Index: validate.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/addagent/validate.c,v
diff -u -r1.7 -r1.8
--- validate.c	21 Jun 2006 00:53:43 -0000	1.7
+++ validate.c	28 Aug 2006 18:45:23 -0000	1.8
@@ -26,7 +26,7 @@
     id_len = strlen(id);
 
     /* Check ID length, it should contain max. 5 characters */
-    if (id_len > 5)
+    if (id_len > 8)
       return(0);
 
     /* Check ID if it contains only numeric characters [0-9] */
@@ -91,13 +91,13 @@
     int i = 0;
 
     /* We must have something in the name */
-    if(strlen(u_name) < 2 || strlen(u_name) > 32)
+    if(strlen(u_name) < 2 || strlen(u_name) > 128)
       return(0);
 
     /* check if it contains any non-alphanumeric characters */
     for(i = 0; i < strlen(u_name); i++)
     {
-      if(!(isalnum(u_name[i])))
+      if(!isalnum(u_name[i]) && (u_name[i] != '-') && (u_name[i] != '_'))
         return(0);
     }
OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.