[ossec-dev] ossec-hids: exec.c (HEAD) [dcid]

[OSSEC CVS <cvs-commit@xxxxxxxxx>]

Module name:	ossec-hids
Changes by:	dcid	06/09/16 12:48:52

Modified files:
	exec.c

Log message:
Description: Fixing issue with active response and unused parameters.
Reviewed by: dcid
Bug:

Index: exec.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/analysisd/alerts/exec.c,v
diff -u -r1.23 -r1.24
--- exec.c	12 Sep 2006 02:04:33 -0000	1.23
+++ exec.c	16 Sep 2006 15:48:52 -0000	1.24
@@ -36,11 +36,12 @@
 {
     char exec_msg[OS_SIZE_1024 +1];
     char *ip;
+    char *user;
     char *location;
 
 
     /* Cleaning the IP */
-    if(lf->srcip)
+    if(lf->srcip && (ar->ar_cmd->expect & SRCIP))
     {
         ip = strrchr(lf->srcip, ':');
         if(ip)
@@ -64,9 +65,20 @@
     }
     else
     {
-        ip = "";
+        ip = "-";
     }
    
+   
+    /* Getting username */
+    if(lf->user && (ar->ar_cmd->expect & USERNAME))
+    {
+        user = lf->user;
+    }
+    else
+    {
+        user = "-";
+    }
+
 
     /* active response on the server. 
      * The response must be here, if the ar->location is set to AS
@@ -82,7 +94,7 @@
         snprintf(exec_msg, OS_SIZE_1024,
                 "%s %s %s",
                 ar->name,
-                lf->user == NULL?"null":lf->user,
+                user,
                 ip);
 
         if(OS_SendUnix(*execq, exec_msg, 0) < 0)
@@ -113,7 +125,7 @@
                 (ar->location & SPECIFIC_AGENT)?SPECIFIC_AGENT_C:NONE_C,
                 ar->agent_id,
                 ar->name,
-                lf->user == NULL?"null":lf->user,
+                user,
                 ip);
        
         if(OS_SendUnix(*arq, exec_msg, 0) < 0)