X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;f=src%2Fheaders%2Fsec.h;h=c26f109ad01177c9dfa5091beec80371cc8465e3;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=290cc3e3f145d1cd6d206b52946e47ac32f948a8;hpb=914feba5d54f979cd5d7e69c349c3d01f630042a;p=ossec-hids.git

diff --git a/src/headers/sec.h b/src/headers/sec.h
old mode 100755
new mode 100644
index 290cc3e..c26f109
--- a/src/headers/sec.h
+++ b/src/headers/sec.h
@@ -1,122 +1,111 @@
-/* @(#) $Id: sec.h,v 1.20 2009/06/24 17:06:26 dcid Exp $ */
-
 /* Copyright (C) 2009 Trend Micro Inc.
  * All right reserved.
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 3) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
 
-
 #ifndef __SEC_H
 #define __SEC_H
 
+#include <time.h>
 
-/* Unique key for each agent. */
-typedef struct _keyentry
-{
-    unsigned int rcvd;
+/* Unique key for each agent */
+typedef struct _keyentry {
+    time_t rcvd;
     unsigned int local;
     unsigned int keyid;
     unsigned int global;
-    
+
     char *id;
     char *key;
     char *name;
 
     os_ip *ip;
-    struct sockaddr_in peer_info;
+    struct sockaddr_storage peer_info;
     FILE *fp;
-}keyentry;
+} keyentry;
 
-
-/* Key storage. */
-typedef struct _keystore
-{
+/* Key storage */
+typedef struct _keystore {
     /* Array with all the keys */
     keyentry **keyentries;
-    
-    
-    /* Hashes, based on the id/ip to lookup the keys. */
-    void *keyhash_id;
-    void *keyhash_ip;
 
+    /* Hashes, based on the ID/IP to look up the keys */
+    OSHash *keyhash_id;
+    OSHash *keyhash_ip;
 
     /* Total key size */
-    int keysize;
+    unsigned int keysize;
 
     /* Key file stat */
-    int file_change;
-}keystore;
-
-
+    time_t file_change;
+} keystore;
 
 /** Function prototypes -- key management **/
 
-/* Checks if the authentication keys are present */
-int OS_CheckKeys();
+/* Check if the authentication keys are present */
+int OS_CheckKeys(void);
+
+void OS_PassEmptyKeyfile(void);
 
 /* Read the keys */
-void OS_ReadKeys(keystore *keys);
+void OS_ReadKeys(keystore *keys) __attribute((nonnull));
 
-/* Frees the auth keys. */
-void OS_FreeKeys(keystore *keys);
+/* Free the auth keys */
+void OS_FreeKeys(keystore *keys) __attribute((nonnull));
 
-/* Checks if key changed. */
-int OS_CheckUpdateKeys(keystore *keys);
-  
-/* Update the keys if they changed on the system. */
-int OS_UpdateKeys(keystore *keys);
+/* Check if key changed */
+int OS_CheckUpdateKeys(const keystore *keys) __attribute((nonnull));
 
+/* Update the keys if they changed on the system */
+int OS_UpdateKeys(keystore *keys) __attribute((nonnull));
 
-/* Starts counter for all agents */
-void OS_StartCounter(keystore *keys);
+/* Start counter for all agents */
+void OS_StartCounter(keystore *keys) __attribute((nonnull));
 
-/* Remove counter for id. */
-void OS_RemoveCounter(char *id);
+/* Remove counter for id */
+void OS_RemoveCounter(const char *id) __attribute((nonnull));
 
+/* Configure to pass if keys file is empty */
+void OS_PassEmptyKeyfile();
 
 /** Function prototypes -- agent authorization **/
 
-/* Checks if the ip is allowed */
-int OS_IsAllowedIP(keystore *keys, char *srcip);
+/* Check if the IP is allowed */
+int OS_IsAllowedIP(keystore *keys, const char *srcip) __attribute((nonnull(1)));
 
-/* Checks if the id is allowed */
-int OS_IsAllowedID(keystore *keys, char *id);
+/* Check if the ID is allowed */
+int OS_IsAllowedID(keystore *keys, const char *id) __attribute((nonnull(1)));
 
-/* Checks if name is valid */
-int OS_IsAllowedName(keystore *keys, char *name);
+/* Check if the name is valid */
+int OS_IsAllowedName(const keystore *keys, const char *name) __attribute((nonnull));
 
 /* Check if the id is valid and dynamic */
-int OS_IsAllowedDynamicID(keystore *keys, char *id, char *srcip);
-
+int OS_IsAllowedDynamicID(keystore *keys, const char *id, const char *srcip) __attribute((nonnull(1)));
 
 
 /** Function prototypes -- send/recv messages **/
 
-/* Decrypt and decompress a remote message. */
-char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext, 
-                 int id, int buffer_size);
-
-/* Creates an ossec message (encrypts and compress) */
-int CreateSecMSG(keystore *keys, char *msg, char *msg_encrypted, int id);
-
+/* Decrypt and decompress a remote message */
+char *ReadSecMSG(keystore *keys, char *buffer, char *cleartext,
+                 int id, unsigned int buffer_size) __attribute((nonnull));
 
+/* Create an OSSEC message (encrypt and compress) */
+size_t CreateSecMSG(const keystore *keys, const char *msg, char *msg_encrypted, unsigned int id) __attribute((nonnull));
 
 
 /** Remote IDs directories and internal definitions */
 #ifndef WIN32
-    #define RIDS_DIR        "/queue/rids"
+#define RIDS_DIR        "/queue/rids"
 #else
-    #define RIDS_DIR        "rids"
+#define RIDS_DIR        "rids"
 #endif
 
 #define SENDER_COUNTER  "sender_counter"
-#define KEYSIZE         128 
-
+#define KEYSIZE         128
 
-#endif
+#endif /* __SEC_H */
 
-/* EOF */