1 /* @(#) $Id: ./src/os_maild/os_maild_client.c, 2011/09/08 dcid Exp $
4 /* Copyright (C) 2009 Trend Micro Inc.
7 * This program is a free software; you can redistribute it
8 * and/or modify it under the terms of the GNU General Public
9 * License (version 2) as published by the FSF - Free Software
19 #include "config/config.h"
24 * Receive a Message on the Mail queue
25 * v0,2: Using the new file-queue.
27 MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p,
28 MailConfig *Mail, MailMsg **msg_sms)
30 int i = 0, body_size = OS_MAXSTR -3, log_size, sms_set = 0,donotgroup = 0;
31 char logs[OS_MAXSTR + 1];
34 char geoip_msg_src[OS_SIZE_1024 +1];
35 char geoip_msg_dst[OS_SIZE_1024 +1];
44 /* Get message if available */
45 al_data = Read_FileMon(fileq, p, mail_timeout);
50 /* If e-mail came correctly, generate the e-mail body/subject */
51 os_calloc(1,sizeof(MailMsg), mail);
52 os_calloc(BODY_SIZE, sizeof(char), mail->body);
53 os_calloc(SUBJECT_SIZE, sizeof(char), mail->subject);
56 /* Generating the logs */
58 logs[OS_MAXSTR] = '\0';
60 while(al_data->log[i])
62 log_size = strlen(al_data->log[i]) + 4;
64 /* If size left is small than the size of the log, stop it */
65 if(body_size <= log_size)
70 strncat(logs, al_data->log[i], body_size);
71 strncat(logs, "\r\n", body_size);
72 body_size -= log_size;
78 log_size = strlen(al_data->old_md5) + 16 + 4;
79 if(body_size > log_size)
81 strncat(logs, "Old md5sum was: ", 16);
82 strncat(logs, al_data->old_md5, body_size);
83 strncat(logs, "\r\n", 4);
84 body_size -= log_size;
89 log_size = strlen(al_data->new_md5) + 16 + 4;
90 if(body_size > log_size)
92 strncat(logs, "New md5sum is : ", 16);
93 strncat(logs, al_data->new_md5, body_size);
94 strncat(logs, "\r\n", 4);
95 body_size -= log_size;
98 if (al_data->old_sha1)
100 log_size = strlen(al_data->old_sha1) + 17 + 4;
101 if(body_size > log_size)
103 strncat(logs, "Old sha1sum was: ", 17);
104 strncat(logs, al_data->old_sha1, body_size);
105 strncat(logs, "\r\n", 4);
106 body_size -= log_size;
109 if (al_data->new_sha1)
111 log_size = strlen(al_data->new_sha1) + 17 + 4;
112 if(body_size > log_size)
114 strncat(logs, "New sha1sum is : ", 17);
115 strncat(logs, al_data->new_sha1, body_size);
116 strncat(logs, "\r\n", 4);
117 body_size -= log_size;
123 subject_host = strchr(al_data->location, '>');
127 *subject_host = '\0';
130 /* We have two subject options - full and normal */
131 if(Mail->subject_full)
133 /* Option for a clean full subject (without ossec in the name) */
135 snprintf(mail->subject, SUBJECT_SIZE -1, MAIL_SUBJECT_FULL2,
140 snprintf(mail->subject, SUBJECT_SIZE -1, MAIL_SUBJECT_FULL,
148 snprintf(mail->subject, SUBJECT_SIZE -1, MAIL_SUBJECT,
154 /* fixing subject back */
161 /* Get GeoIP information */
163 if (al_data->geoipdatasrc) {
164 snprintf(geoip_msg_src, OS_SIZE_1024, "Src Location: %s\r\n", al_data->geoipdatasrc);
166 geoip_msg_src[0] = '\0';
168 if (al_data->geoipdatadst) {
169 snprintf(geoip_msg_dst, OS_SIZE_1024, "Dst Location: %s\r\n", al_data->geoipdatadst);
171 geoip_msg_dst[0] = '\0';
175 geoip_msg_src[0] = '\0';
176 geoip_msg_dst[0] = '\0';
182 snprintf(mail->body, BODY_SIZE -1, MAIL_BODY,
192 snprintf(mail->body, BODY_SIZE -1, MAIL_BODY,
200 debug2("OS_RecvMailQ: mail->body[%s]", mail->body);
202 /* Checking for granular email configs */
206 while(Mail->gran_to[i] != NULL)
210 /* Looking if location is set */
211 if(Mail->gran_location[i])
213 if(OSMatch_Execute(al_data->location,
214 strlen(al_data->location),
215 Mail->gran_location[i]))
226 /* Looking for the level */
227 if(Mail->gran_level[i])
229 if(al_data->level >= Mail->gran_level[i])
241 /* Looking for rule id */
245 while(Mail->gran_id[i][id_i] != 0)
247 if(Mail->gran_id[i][id_i] == al_data->rule)
254 /* If we found, id is going to be a valid rule */
255 if(Mail->gran_id[i][id_i])
267 /* Looking for the group */
268 if(Mail->gran_group[i])
270 if(OSMatch_Execute(al_data->group,
271 strlen(al_data->group),
272 Mail->gran_group[i]))
284 /* If we got in here, it is because everything
285 * matched. Set this e-mail to be used.
289 if(Mail->gran_format[i] == SMS_FORMAT)
291 Mail->gran_set[i] = SMS_FORMAT;
293 /* Setting the SMS flag */
299 if(Mail->gran_format[i] == FORWARD_NOW)
302 Mail->gran_set[i] = FULL_FORMAT;
304 else if(Mail->gran_format[i] == DONOTGROUP)
306 Mail->priority = DONOTGROUP;
307 Mail->gran_set[i] = DONOTGROUP;
312 Mail->gran_set[i] = FULL_FORMAT;
321 /* If DONOTGROUP is set, we can't assign the new subject */
324 /* Getting highest level for alert */
325 if(_g_subject[0] != '\0')
327 if(_g_subject_level < al_data->level)
329 strncpy(_g_subject, mail->subject, SUBJECT_SIZE);
330 _g_subject_level = al_data->level;
335 strncpy(_g_subject, mail->subject, SUBJECT_SIZE);
336 _g_subject_level = al_data->level;
341 /* If sms is set, create the sms output */
344 MailMsg *msg_sms_tmp;
346 /* Allocate memory for sms */
347 os_calloc(1,sizeof(MailMsg), msg_sms_tmp);
348 os_calloc(BODY_SIZE, sizeof(char), msg_sms_tmp->body);
349 os_calloc(SUBJECT_SIZE, sizeof(char), msg_sms_tmp->subject);
351 snprintf(msg_sms_tmp->subject, SUBJECT_SIZE -1, SMS_SUBJECT,
357 strncpy(msg_sms_tmp->body, logs, 128);
358 msg_sms_tmp->body[127] = '\0';
360 /* Assigning msg_sms */
361 *msg_sms = msg_sms_tmp;
366 /* Clearing the memory */
367 FreeAlertData(al_data);