1 /* @(#) $Id: ./src/addagent/manage_keys.c, 2011/09/08 dcid Exp $
4 /* Copyright (C) 2009 Trend Micro Inc.
7 * This program is a free software; you can redistribute it
8 * and/or modify it under the terms of the GNU General Public
9 * License (version 2) as published by the FSF - Free Software
12 * License details at the LICENSE file included with OSSEC or
13 * online at: http://www.ossec.net/en/licensing.html
17 #include "manage_agents.h"
18 #include "os_crypto/md5/md5_op.h"
21 /* b64 function prototypes */
22 char *decode_base64(const char *src);
23 char *encode_base64(int size, char *src);
25 char *trimwhitespace(char *str)
30 while(isspace(*str)) str++;
32 if(*str == 0) // All spaces?
35 // Trim trailing space
36 end = str + strlen(str) - 1;
37 while(end > str && isspace(*end)) end--;
39 // Write new null terminator
46 int k_import(char *cmdimport)
52 char *name; char *ip; char *tmp_key;
54 char line_read[FILE_SIZE +1];
57 /* Parsing user argument. */
60 user_input = cmdimport;
66 user_input = getenv("OSSEC_AGENT_KEY");
67 if (user_input == NULL) {
68 user_input = read_from_user();
74 if(strcmp(user_input, QUIT) == 0)
77 b64_dec = decode_base64(user_input);
87 memset(line_read, '\0', FILE_SIZE +1);
88 strncpy(line_read, b64_dec, FILE_SIZE);
91 name = strchr(b64_dec, ' ');
92 if(name && strlen(line_read) < FILE_SIZE)
96 ip = strchr(name, ' ');
102 tmp_key = strchr(ip, ' ');
111 printf(AGENT_INFO, b64_dec, name, ip);
118 user_input = getenv("OSSEC_ACTION_CONFIRMED");
119 if (user_input == NULL) {
120 user_input = read_from_user();
123 if(user_input[0] == 'y' || user_input[0] == 'Y')
125 fp = fopen(KEYS_FILE,"w");
128 ErrorExit(FOPEN_ERROR, ARGV0, KEYS_FILE);
130 fprintf(fp,"%s\n",line_read);
133 chmod(KEYS_FILE, 0440);
136 /* Removing sender counter. */
137 OS_RemoveCounter("sender");
142 restart_necessary = 1;
145 else /* if(user_input[0] == 'n' || user_input[0] == 'N') */
147 printf("%s", ADD_NOT);
162 /* extract base64 for a specific agent */
163 int k_extract(char *cmdextract)
168 char line_read[FILE_SIZE +1];
169 char n_id[USER_SIZE +1];
174 user_input = cmdextract;
176 if(!IDExist(user_input))
178 printf(NO_ID, user_input);
185 if(!print_agents(0, 0, 0))
197 user_input = read_from_user();
200 if(strcmp(user_input, QUIT) == 0)
203 if(!IDExist(user_input))
204 printf(NO_ID, user_input);
206 } while(!IDExist(user_input));
210 /* Trying to open the auth file */
211 fp = fopen(AUTH_FILE, "r");
214 ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE);
217 fsetpos(fp, &fp_pos);
219 memset(n_id, '\0', USER_SIZE +1);
220 strncpy(n_id, user_input, USER_SIZE -1);
223 if(fgets(line_read, FILE_SIZE, fp) == NULL)
232 b64_enc = encode_base64(strlen(line_read),line_read);
235 printf(EXTRACT_ERROR);
240 printf(EXTRACT_MSG, n_id, b64_enc);
243 printf("\n" PRESS_ENTER);
253 /* Bulk generate client keys from file */
254 int k_bulkload(char *cmdbulk)
258 char str1[STR_SIZE +1];
259 char str2[STR_SIZE +1];
263 char line[FILE_SIZE+1];
264 char name[FILE_SIZE +1];
265 char id[FILE_SIZE +1];
266 char ip[FILE_SIZE+1];
271 /* Checking if we can open the input file */
272 printf("Opening: [%s]\n", cmdbulk);
273 infp = fopen(cmdbulk,"r");
277 ErrorExit(FOPEN_ERROR, ARGV0, cmdbulk);
281 /* Checking if we can open the auth_file */
282 fp = fopen(AUTH_FILE,"a");
285 ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE);
289 /* Allocating for c_ip */
290 os_calloc(1, sizeof(os_ip), c_ip);
292 while(fgets(line, FILE_SIZE - 1, infp) != NULL)
294 if (1 >= strlen(trimwhitespace(line)))
297 memset(ip, '\0', FILE_SIZE +1);
298 token = strtok(line, delims);
299 strncpy(ip, trimwhitespace(token),FILE_SIZE -1);
301 memset(name, '\0', FILE_SIZE +1);
302 token = strtok(NULL, delims);
303 strncpy(name, trimwhitespace(token),FILE_SIZE -1);
306 chmod(AUTH_FILE, 0440);
313 /* Source is time1+ time2 +pid + ppid */
318 srandom(time2 + time1 + getpid() + getppid());
321 srandom(time2 + time1 + getpid());
327 /* Zeroing strings */
328 memset(str1,'\0', STR_SIZE +1);
329 memset(str2,'\0', STR_SIZE +1);
333 if(!OS_IsValidName(name))
335 printf(INVALID_NAME,name);
339 /* Search for name -- no duplicates */
342 printf(ADD_ERROR_NAME, name);
347 if(!OS_IsValidIP(ip, c_ip))
349 printf(IP_ERROR, ip);
357 snprintf(id, 8, "%03d", i);
361 snprintf(id, 8, "%03d", i);
363 /* No key present, use id 0 */
370 snprintf(id, 8, "%03d", i+1);
372 if(!OS_IsValidID(id))
373 printf(INVALID_ID, id);
375 /* Search for ID KEY -- no duplicates */
377 printf(ADD_ERROR_ID, id);
379 } while(IDExist(id) || !OS_IsValidID(id));
381 printf(AGENT_INFO, id, name, ip);
388 fp = fopen(AUTH_FILE,"a");
391 ErrorExit(FOPEN_ERROR, ARGV0, KEYS_FILE);
394 chmod(AUTH_FILE, 0440);
398 /* Random 1: Time took to write the agent information.
399 * Random 2: Time took to choose the action.
400 * Random 3: All of this + time + pid
401 * Random 4: Md5 all of this + the name, key and ip
402 * Random 5: Final key
405 snprintf(str1, STR_SIZE, "%d%s%d",time3-time2, name, rand1);
406 snprintf(str2, STR_SIZE, "%d%s%s%d", time2-time1, ip, id, rand2);
408 OS_MD5_Str(str1, md1);
409 OS_MD5_Str(str2, md2);
411 snprintf(str1, STR_SIZE, "%s%d%d%d",md1,(int)getpid(), (int)random(),
413 OS_MD5_Str(str1, md1);
415 //fprintf(fp,"%s %s %s %s%s\n",id, name, ip, md1,md2);
416 fprintf(fp,"%s %s %s %s%s\n",id, name, c_ip->ip, md1,md2);
421 restart_necessary = 1;