X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;f=src%2Fsyscheckd%2Fconfig.c;h=0ee30e4113ea5c7194f6d462f717301cc49b3f51;hb=6ef2f786c6c8ead94841b5f93baf9f43421f08c8;hp=9b57837e9b41f02e25042a535487b69d5e0131e0;hpb=914feba5d54f979cd5d7e69c349c3d01f630042a;p=ossec-hids.git

diff --git a/src/syscheckd/config.c b/src/syscheckd/config.c
index 9b57837..0ee30e4 100755
--- a/src/syscheckd/config.c
+++ b/src/syscheckd/config.c
@@ -1,11 +1,12 @@
-/* @(#) $Id: config.c,v 1.32 2009/11/04 15:19:00 dcid Exp $ */
+/* @(#) $Id: ./src/syscheckd/config.c, 2011/09/08 dcid Exp $
+ */
 
 /* Copyright (C) 2009 Trend Micro Inc.
  * All right reserved.
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 3) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software
  * Foundation
  */
 
@@ -14,6 +15,8 @@
 #include "syscheck.h"
 #include "config/config.h"
 
+char *SYSCHECK_EMPTY[] = { NULL };
+
 int Read_Syscheck_Config(char * cfgfile)
 {
     int modules = 0;
@@ -35,7 +38,10 @@ int Read_Syscheck_Config(char * cfgfile)
     syscheck.registry = NULL;
     syscheck.reg_fp = NULL;
     #endif
+    syscheck.prefilter_cmd = NULL;
+
 
+    debug2("%s: Reading Configuration [%s]", "syscheckd", cfgfile);
 
     /* Reading config */
     if(ReadConfig(modules, cfgfile, &syscheck, NULL) < 0)
@@ -43,18 +49,36 @@ int Read_Syscheck_Config(char * cfgfile)
 
 
     #ifdef CLIENT
+    debug2("%s: Reading Client Configuration [%s]", "syscheckd", cfgfile);
+
     /* Reading shared config */
     modules|= CAGENT_CONFIG;
     ReadConfig(modules, AGENTCONFIG, &syscheck, NULL);
     #endif
-              
 
+
+    #ifndef WIN32
     /* We must have at least one directory to check */
     if(!syscheck.dir || syscheck.dir[0] == NULL)
     {
         return(1);
     }
-                                        
+
+    #else
+    /* We must have at least one directory or registry key to check. Since
+       it's possible on Windows to have syscheck enabled but only monitoring
+       either the filesystem or the registry, both lists must be valid,
+       even if empty.
+     */
+    if(!syscheck.dir) syscheck.dir = SYSCHECK_EMPTY;
+    if(!syscheck.registry) syscheck.registry = SYSCHECK_EMPTY;
+
+    if((syscheck.dir[0] == NULL) && (syscheck.registry[0] == NULL))
+    {
+        return(1);
+    }
+    #endif
+
 
     return(0);
 }