X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;ds=sidebyside;f=src%2Fheaders%2Fvalidate_op.h;h=562dc780f769401f8d8e1559fba4c9c50d8c704c;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=ade6afa846e73be64d15638e198651328d842370;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b;p=ossec-hids.git diff --git a/src/headers/validate_op.h b/src/headers/validate_op.h old mode 100755 new mode 100644 index ade6afa..562dc78 --- a/src/headers/validate_op.h +++ b/src/headers/validate_op.h @@ -1,6 +1,3 @@ -/* @(#) $Id: ./src/headers/validate_op.h, 2011/09/08 dcid Exp $ - */ - /* Copyright (C) 2009 Trend Micro Inc. * All rights reserved. * @@ -10,121 +7,88 @@ * Foundation */ -/* Part of the OSSEC HIDS - * Available at http://www.ossec.net - */ - - #ifndef __VALIDATE_H - #define __VALIDATE_H /* IP structure */ -typedef struct _os_ip -{ +typedef struct _os_ip { char *ip; - unsigned int ip_address; - unsigned int netmask; + struct sockaddr_storage ss; + unsigned int prefixlength; }os_ip; +/* Run-time definitions */ +int getDefine_Int(const char *high_name, const char *low_name, int min, int max) __attribute__((nonnull)); -/* Getting the netmask based on the integer value. */ -int getNetmask(int mask, char *strmask, int size); - - -/* Run time definitions. */ -int getDefine_Int(char *high_name, char *low_name, int min, int max); - - - -/** int OS_IPFound(char *ip_address, os_ip *that_ip) - * Checks if ip_address is present at that_ip. - * Returns 1 on success or 0 on failure. +/* Check if IP_address is present at that_ip + * Returns 1 on success or 0 on failure */ -int OS_IPFound(char *ip_address, os_ip *that_ip); - - +int OS_IPFound(const char *ip_address, const os_ip *that_ip) __attribute__((nonnull)); -/** int OS_IPFoundList(char *ip_address, char **list_of_ips) - * Checks if ip_address is present on the "list_of_ips". +/* Check if IP_address is present in the list_of_ips * Returns 1 on success or 0 on failure. * The list MUST be NULL terminated */ -int OS_IPFoundList(char *ip_address, os_ip **list_of_ips); +int OS_IPFoundList(const char *ip_address, os_ip **list_of_ips) __attribute__((nonnull)); - - -/** int OS_IsValidIP(char *ip) - * Validates if an ip address is in the right - * format. - * Returns 0 if doesn't match or 1 if it does (or 2 if it has a cidr). - * ** On success this function may modify the value of ip_address +/* Validate if an IP address is in the right format + * Returns 0 if doesn't match or 1 if it does (or 2 if it has a CIDR) + * WARNING: On success this function may modify the value of IP_address */ -int OS_IsValidIP(char *ip_address, os_ip *final_ip); +int OS_IsValidIP(const char *ip_address, os_ip *final_ip); +/** int sacmp(struct sockaddr *sa1, struct sockaddr *sa2, int prefixlength) + * Compares two sockaddrs up to prefixlength. + * Returns 0 if doesn't match or 1 if they do. + */ +int sacmp(struct sockaddr *sa1, struct sockaddr *sa2, int prefixlength); /** Time range validations **/ -/** char *OS_IsValidTime(char *time_str) - * Validates if a time is in an acceptable format - * for ossec. - * Returns 0 if doesn't match or a valid string for - * ossec usage in success. - * ** On success this function may modify the value of date +/* Validate if a time is in an acceptable format for OSSEC + * Returns 0 if doesn't match or a valid string for OSSEC usage in success. + * WARNING: On success this function may modify the value of date + * * Acceptable formats: - * hh:mm - hh:mm (24 hour format) - * !hh:mm -hh:mm (24 hour format) - * hh - hh (24 hour format) - * hh:mm am - hh:mm pm (12 hour format) - * hh am - hh pm (12 hour format) + * hh:mm - hh:mm (24 hour format) + * !hh:mm -hh:mm (24 hour format) + * hh - hh (24 hour format) + * hh:mm am - hh:mm pm (12 hour format) + * hh am - hh pm (12 hour format) */ -char *OS_IsValidTime(char *time_str); +char *OS_IsValidTime(const char *time_str); -/* Same as above, but only accepts a unique time, not a range. */ -char *OS_IsValidUniqueTime(char *time_str); +/* Same as above, but only accepts a unique time, not a range */ +char *OS_IsValidUniqueTime(const char *time_str) __attribute__((nonnull)); - - -/** int OS_IsonTime(char *time_str, char *ossec_time) - * Must be a valid string, called after OS_IsValidTime. - * Returns 1 on success or 0 on failure. +/* Must be a valid string, called after OS_IsValidTime + * Returns 1 on success or 0 on failure */ -int OS_IsonTime(char *time_str, char *ossec_time); - -/* Same as above, but checks if time is the same or has passed a specified one. */ -int OS_IsAfterTime(char *time_str, char *ossec_time); - +int OS_IsonTime(const char *time_str, const char *ossec_time) __attribute__((nonnull)); +/* Same as above, but checks if time is the same or has passed a specified one */ +int OS_IsAfterTime(const char *time_str, const char *ossec_time) __attribute__((nonnull)); /** Day validations **/ +/* Check if the specified week day is in the range */ +int OS_IsonDay(int week_day, const char *ossec_day) __attribute__((nonnull)); -/** int OS_IsonDay(int week_day, char *ossec_day) - * Checks if the specified week day is in the - * range. - */ -int OS_IsonDay(int week_day, char *ossec_day); - - -/** char *OS_IsValidDay(char *day_str) - * Validates if an day is in an acceptable format - * for ossec. - * Returns 0 if doesn't match or a valid string for - * ossec usage in success. - * ** On success this function may modify the value of date +/* Validate if a day is in an acceptable format for OSSEC + * Returns 0 if doesn't match or a valid string for ossec usage in success + * WARNING: On success this function may modify the value of date + * * Acceptable formats: - * weekdays, weekends, monday, tuesday, thursday,.. - * monday,tuesday - * mon,tue wed + * weekdays, weekends, monday, tuesday, thursday,.. + * monday,tuesday + * mon,tue wed */ -char *OS_IsValidDay(char *day_str); - +char *OS_IsValidDay(const char *day_str); /* Macros */ -/* Checks if the ip is a single host, not a network with a netmask */ -#define isSingleHost(x) (x->netmask == 0xFFFFFFFF) +/* Check if the IP is a single host, not a network with a netmask */ +#define isSingleHost(x) ((x->ss.ss_family == AF_INET) ? (x->prefixlength == 32) : (x->prefixlength == 128)) #endif -/* EOF */