X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;f=src%2Fconfig%2Fcsyslogd-config.c;fp=src%2Fconfig%2Fcsyslogd-config.c;h=6ca65d8a7c5ddfa987bf578747c9826bfb478dec;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=77d268e6694021cef6038af4e11694160631df43;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b;p=ossec-hids.git diff --git a/src/config/csyslogd-config.c b/src/config/csyslogd-config.c index 77d268e..6ca65d8 100644 --- a/src/config/csyslogd-config.c +++ b/src/config/csyslogd-config.c @@ -1,6 +1,3 @@ -/* @(#) $Id: ./src/config/csyslogd-config.c, 2011/09/08 dcid Exp $ - */ - /* Copyright (C) 2009 Trend Micro Inc. * All right reserved. * @@ -10,103 +7,80 @@ * Foundation */ -/* Functions to handle the configuration files - */ - - #include "csyslogd-config.h" #include "config.h" -int Read_CSyslog(XML_NODE node, void *config, void *config2) +int Read_CSyslog(XML_NODE node, void *config, __attribute__((unused)) void *config2) { - int i = 0,s = 0; + unsigned int i = 0, s = 0; /* XML definitions */ - char *xml_syslog_server = "server"; - char *xml_syslog_port = "port"; - char *xml_syslog_format = "format"; - char *xml_syslog_level = "level"; - char *xml_syslog_id = "rule_id"; - char *xml_syslog_group = "group"; - char *xml_syslog_location = "event_location"; - - - GeneralConfig *gen_config = (GeneralConfig *)config; - SyslogConfig **syslog_config = (SyslogConfig **)gen_config->data; - - - /* Getting Granular mail_to size */ - if(syslog_config) - { - while(syslog_config[s]) + const char *xml_syslog_server = "server"; + const char *xml_syslog_port = "port"; + const char *xml_syslog_format = "format"; + const char *xml_syslog_level = "level"; + const char *xml_syslog_id = "rule_id"; + const char *xml_syslog_group = "group"; + const char *xml_syslog_location = "location"; + const char *xml_syslog_use_fqdn = "use_fqdn"; + + struct SyslogConfig_holder *config_holder = (struct SyslogConfig_holder *)config; + SyslogConfig **syslog_config = config_holder->data; + + if (syslog_config) { + while (syslog_config[s]) { s++; + } } - - /* Allocating the memory for the config. */ + /* Allocate the memory for the config */ os_realloc(syslog_config, (s + 2) * sizeof(SyslogConfig *), syslog_config); os_calloc(1, sizeof(SyslogConfig), syslog_config[s]); syslog_config[s + 1] = NULL; - - /* Zeroing the elements. */ + /* Zero the elements */ syslog_config[s]->server = NULL; syslog_config[s]->rule_id = NULL; syslog_config[s]->group = NULL; syslog_config[s]->location = NULL; syslog_config[s]->level = 0; - syslog_config[s]->port = 514; + syslog_config[s]->port = "514"; syslog_config[s]->format = DEFAULT_CSYSLOG; + syslog_config[s]->use_fqdn = 0; /* local 0 facility (16) + severity 4 - warning. --default */ syslog_config[s]->priority = (16 * 8) + 4; - while(node[i]) - { - if(!node[i]->element) - { - merror(XML_ELEMNULL, ARGV0); - return(OS_INVALID); - } - else if(!node[i]->content) - { - merror(XML_VALUENULL, ARGV0, node[i]->element); - return(OS_INVALID); - } - else if(strcmp(node[i]->element, xml_syslog_level) == 0) - { - if(!OS_StrIsNum(node[i]->content)) - { - merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); - return(OS_INVALID); + while (node[i]) { + if (!node[i]->element) { + merror(XML_ELEMNULL, __local_name); + goto fail; + } else if (!node[i]->content) { + merror(XML_VALUENULL, __local_name, node[i]->element); + goto fail; + } else if (strcmp(node[i]->element, xml_syslog_level) == 0) { + if (!OS_StrIsNum(node[i]->content)) { + merror(XML_VALUEERR, __local_name, node[i]->element, node[i]->content); + goto fail; } - syslog_config[s]->level = atoi(node[i]->content); - } - else if(strcmp(node[i]->element, xml_syslog_port) == 0) - { - if(!OS_StrIsNum(node[i]->content)) - { - merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); - return(OS_INVALID); + syslog_config[s]->level = (unsigned int) atoi(node[i]->content); + } else if (strcmp(node[i]->element, xml_syslog_port) == 0) { + if (!OS_StrIsNum(node[i]->content)) { + merror(XML_VALUEERR, __local_name, node[i]->element, node[i]->content); + goto fail; } - syslog_config[s]->port = atoi(node[i]->content); - } - else if(strcmp(node[i]->element, xml_syslog_server) == 0) - { + os_strdup(node[i]->content, syslog_config[s]->port); + } else if (strcmp(node[i]->element, xml_syslog_server) == 0) { os_strdup(node[i]->content, syslog_config[s]->server); - } - else if(strcmp(node[i]->element, xml_syslog_id) == 0) - { - int r_id = 0; + } else if (strcmp(node[i]->element, xml_syslog_id) == 0) { + unsigned int r_id = 0; char *str_pt = node[i]->content; - while(*str_pt != '\0') - { + while (*str_pt != '\0') { /* We allow spaces in between */ - if(*str_pt == ' ') - { + if (*str_pt == ' ') { str_pt++; continue; } @@ -115,121 +89,120 @@ int Read_CSyslog(XML_NODE node, void *config, void *config2) * and search for the next digit * available */ - else if(isdigit((int)*str_pt)) - { - int id_i = 0; + else if (isdigit((int)*str_pt)) { + unsigned int id_i = 0; - r_id = atoi(str_pt); + r_id = (unsigned int) atoi(str_pt); debug1("%s: DEBUG: Adding '%d' to syslog alerting", - ARGV0, r_id); + __local_name, r_id); - if(syslog_config[s]->rule_id) - { - while(syslog_config[s]->rule_id[id_i]) + if (syslog_config[s]->rule_id) { + while (syslog_config[s]->rule_id[id_i]) { id_i++; + } } os_realloc(syslog_config[s]->rule_id, - (id_i +2) * sizeof(int), + (id_i + 2) * sizeof(unsigned int), syslog_config[s]->rule_id); - syslog_config[s]->rule_id[id_i + i] = 0; + syslog_config[s]->rule_id[id_i + 1] = 0; syslog_config[s]->rule_id[id_i] = r_id; str_pt = strchr(str_pt, ','); - if(str_pt) - { + if (str_pt) { str_pt++; - } - else - { + } else { break; } } - /* Checking for duplicate commas */ - else if(*str_pt == ',') - { + /* Check for duplicate commas */ + else if (*str_pt == ',') { str_pt++; continue; } - else - { + else { break; } } - } - else if(strcmp(node[i]->element, xml_syslog_format) == 0) - { - if(strcmp(node[i]->content, "default") == 0) - { + } else if (strcmp(node[i]->element, xml_syslog_format) == 0) { + if (strcmp(node[i]->content, "default") == 0) { /* Default is full format */ - } - else if (strcmp(node[i]->content, "cef") == 0) - { + } else if (strcmp(node[i]->content, "cef") == 0) { /* Enable the CEF format */ syslog_config[s]->format = CEF_CSYSLOG; - } - else if (strcmp(node[i]->content, "json") == 0) - { + } else if (strcmp(node[i]->content, "json") == 0) { /* Enable the JSON format */ syslog_config[s]->format = JSON_CSYSLOG; - } - else if (strcmp(node[i]->content, "splunk") == 0) - { + } else if (strcmp(node[i]->content, "splunk") == 0) { /* Enable the Splunk Key/Value format */ syslog_config[s]->format = SPLUNK_CSYSLOG; + } else { + merror(XML_VALUEERR, __local_name, node[i]->element, node[i]->content); + goto fail; } - else - { - merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); - return(OS_INVALID); - } - } - else if(strcmp(node[i]->element, xml_syslog_location) == 0) - { - os_calloc(1, sizeof(OSMatch),syslog_config[s]->location); - if(!OSMatch_Compile(node[i]->content, - syslog_config[s]->location, 0)) - { - merror(REGEX_COMPILE, ARGV0, node[i]->content, + } else if (strcmp(node[i]->element, xml_syslog_location) == 0) { + os_calloc(1, sizeof(OSMatch), syslog_config[s]->location); + if (!OSMatch_Compile(node[i]->content, + syslog_config[s]->location, 0)) { + merror(REGEX_COMPILE, __local_name, node[i]->content, syslog_config[s]->location->error); - return(-1); + goto fail; } - } - else if(strcmp(node[i]->element, xml_syslog_group) == 0) - { - os_calloc(1, sizeof(OSMatch),syslog_config[s]->group); - if(!OSMatch_Compile(node[i]->content, - syslog_config[s]->group, 0)) - { - merror(REGEX_COMPILE, ARGV0, node[i]->content, + } else if (strcmp(node[i]->element, xml_syslog_use_fqdn) == 0) { + if (strcmp(node[i]->content, "yes") == 0) { + syslog_config[s]->use_fqdn = 1; + } else if (strcmp(node[i]->content, "no") == 0) { + syslog_config[s]->use_fqdn = 0; + } else { + merror(XML_VALUEERR, __local_name, node[i]->element, node[i]->content); + goto fail; + } + } else if (strcmp(node[i]->element, xml_syslog_group) == 0) { + os_calloc(1, sizeof(OSMatch), syslog_config[s]->group); + if (!OSMatch_Compile(node[i]->content, + syslog_config[s]->group, 0)) { + merror(REGEX_COMPILE, __local_name, node[i]->content, syslog_config[s]->group->error); - return(-1); + goto fail; } - } - else - { - merror(XML_INVELEM, ARGV0, node[i]->element); - return(OS_INVALID); + } else { + merror(XML_INVELEM, __local_name, node[i]->element); + goto fail; } i++; } - /* We must have at least one entry set */ - if(!syslog_config[s]->server) - { - merror(XML_INV_CSYSLOG, ARGV0); - return(OS_INVALID); + if (!syslog_config[s]->server) { + merror(XML_INV_CSYSLOG, __local_name); + goto fail; } + config_holder->data = syslog_config; + return (0); - gen_config->data = syslog_config; - return(0); -} +fail: + i = 0; + while (syslog_config[i]) { + free(syslog_config[i]->server); + if (syslog_config[i]->group) { + OSMatch_FreePattern(syslog_config[i]->group); + } + + if (syslog_config[i]->location) { + OSMatch_FreePattern(syslog_config[i]->location); + } + + free(syslog_config[i]->rule_id); + + ++i; + } + free(syslog_config); + return (OS_INVALID); +} -/* EOF */