1 /* Copyright (C) 2009 Trend Micro Inc.
4 * This program is a free software; you can redistribute it
5 * and/or modify it under the terms of the GNU General Public
6 * License (version 2) as published by the FSF - Free Software
11 #include "remote-config.h"
15 /* Reads remote config */
16 int Read_Remote(XML_NODE node, void *d1, __attribute__((unused)) void *d2)
20 unsigned int allow_size = 1;
21 unsigned int deny_size = 1;
25 /*** XML Definitions ***/
27 /* Allowed and denied IPS */
28 const char *xml_allowips = "allowed-ips";
29 const char *xml_denyips = "denied-ips";
32 const char *xml_remote_port = "port";
33 const char *xml_remote_proto = "protocol";
34 const char *xml_remote_ipv6 = "ipv6";
35 const char *xml_remote_connection = "connection";
36 const char *xml_remote_lip = "local_ip";
40 /* Getting allowed-ips */
42 while (logr->allowips[allow_size - 1]) {
47 /* Getting denied-ips */
49 while (logr->denyips[deny_size - 1]) {
54 /* conn and port must not be null */
56 os_calloc(1, sizeof(int), logr->conn);
60 os_calloc(1, sizeof(char *), logr->port);
64 os_calloc(1, sizeof(int), logr->proto);
68 os_calloc(1, sizeof(int), logr->ipv6);
72 os_calloc(1, sizeof(char *), logr->lip);
77 while (logr->conn[pl] != 0) {
81 /* Add space for the last null connection/port */
82 logr->port = (char **) realloc(logr->port, sizeof(char *) * (pl + 2));
83 logr->conn = (int *) realloc(logr->conn, sizeof(int) * (pl + 2));
84 logr->proto = (int *) realloc(logr->proto, sizeof(int) * (pl + 2));
85 logr->ipv6 = (int *) realloc(logr->ipv6, sizeof(int) * (pl + 2));
86 logr->lip = (char **) realloc(logr->lip, sizeof(char *) * (pl + 2));
87 if (!logr->port || !logr->conn || !logr->proto || !logr->ipv6 || !logr->lip) {
88 ErrorExit(MEM_ERROR, __local_name, errno, strerror(errno));
91 logr->port[pl] = NULL;
97 logr->port[pl + 1] = NULL;
98 logr->conn[pl + 1] = 0;
99 logr->proto[pl + 1] = 0;
100 logr->ipv6[pl + 1] = 0;
101 logr->lip[pl + 1] = NULL;
104 if (!node[i]->element) {
105 merror(XML_ELEMNULL, __local_name);
107 } else if (!node[i]->content) {
108 merror(XML_VALUENULL, __local_name, node[i]->element);
110 } else if (strcasecmp(node[i]->element, xml_remote_connection) == 0) {
111 if (strcmp(node[i]->content, "syslog") == 0) {
112 logr->conn[pl] = SYSLOG_CONN;
113 } else if (strcmp(node[i]->content, "secure") == 0) {
114 logr->conn[pl] = SECURE_CONN;
116 merror(XML_VALUEERR, __local_name, node[i]->element, node[i]->content);
119 } else if (strcasecmp(node[i]->element, xml_remote_port) == 0) {
120 if (!OS_StrIsNum(node[i]->content)) {
121 merror(XML_VALUEERR, __local_name, node[i]->element, node[i]->content);
124 os_strdup(node[i]->content,logr->port[pl]);
125 portnum = atoi(node[i]->content);
127 if (portnum <= 0 || portnum > 65535) {
128 merror(PORT_ERROR, __local_name, portnum);
131 } else if (strcasecmp(node[i]->element, xml_remote_proto) == 0) {
132 if (strcasecmp(node[i]->content, "tcp") == 0) {
133 logr->proto[pl] = IPPROTO_TCP;
134 } else if (strcasecmp(node[i]->content, "udp") == 0) {
135 logr->proto[pl] = IPPROTO_UDP;
137 merror(XML_VALUEERR, __local_name, node[i]->element,
141 } else if (strcasecmp(node[i]->element, xml_remote_ipv6) == 0) {
142 if (strcasecmp(node[i]->content, "yes") == 0) {
145 } else if (strcasecmp(node[i]->element, xml_remote_lip) == 0) {
146 os_strdup(node[i]->content, logr->lip[pl]);
147 if (OS_IsValidIP(logr->lip[pl], NULL) != 1) {
148 merror(INVALID_IP, __local_name, node[i]->content);
151 } else if (strcmp(node[i]->element, xml_allowips) == 0) {
153 logr->allowips = (os_ip **) realloc(logr->allowips, sizeof(os_ip *)*allow_size);
154 if (!logr->allowips) {
155 merror(MEM_ERROR, __local_name, errno, strerror(errno));
159 os_calloc(1, sizeof(os_ip), logr->allowips[allow_size - 2]);
160 logr->allowips[allow_size - 1] = NULL;
162 if (!OS_IsValidIP(node[i]->content, logr->allowips[allow_size - 2])) {
163 merror(INVALID_IP, __local_name, node[i]->content);
166 } else if (strcmp(node[i]->element, xml_denyips) == 0) {
168 logr->denyips = (os_ip **) realloc(logr->denyips, sizeof(os_ip *)*deny_size);
169 if (!logr->denyips) {
170 merror(MEM_ERROR, __local_name, errno, strerror(errno));
174 os_calloc(1, sizeof(os_ip), logr->denyips[deny_size - 2]);
175 logr->denyips[deny_size - 1] = NULL;
176 if (!OS_IsValidIP(node[i]->content, logr->denyips[deny_size - 2])) {
177 merror(INVALID_IP, __local_name, node[i]->content);
181 merror(XML_INVELEM, __local_name, node[i]->element);
187 /* conn must be set */
188 if (logr->conn[pl] == 0) {
189 merror(CONN_ERROR, __local_name);
193 /* Set port in here */
194 if (logr->port[pl] == NULL) {
195 if (logr->conn[pl] == SECURE_CONN) {
196 logr->port[pl] = DEFAULT_SECURE;
198 logr->port[pl] = DEFAULT_SYSLOG;
202 /* Set default protocol */
203 if (logr->proto[pl] == 0) {
204 logr->proto[pl] = IPPROTO_UDP;
207 /* Secure connections only run on UDP */
208 if ((logr->conn[pl] == SECURE_CONN) && (logr->proto[pl] == IPPROTO_TCP)) {
209 logr->proto[pl] = IPPROTO_UDP;