src/config/rootcheck-config.c

   1 /*   $OSSEC, rootcheck-config.c, v0.1, 2005/09/30, Daniel B. Cid$   */
   2
   3 /* Copyright (C) 2009 Trend Micro Inc.
   4  * All right reserved.
   5  *
   6  * This program is a free software; you can redistribute it
   7  * and/or modify it under the terms of the GNU General Public
   8  * License (version 2) as published by the FSF - Free Software
   9  * Foundation
  10  */
  11
  12
  13 #include "shared.h"
  14 #include "rootcheck-config.h"
  15
  16
  17 /* Read_Rootcheck: Reads the rootcheck config
  18  */
  19 int Read_Rootcheck(XML_NODE node, void *configp, void *mailp)
  20 {
  21     int i = 0;
  22
  23     rkconfig *rootcheck;
  24
  25     /* XML Definitions */
  26     char *xml_rootkit_files = "rootkit_files";
  27     char *xml_rootkit_trojans = "rootkit_trojans";
  28     char *xml_winaudit = "windows_audit";
  29     char *xml_unixaudit = "system_audit";
  30     char *xml_winapps = "windows_apps";
  31     char *xml_winmalware = "windows_malware";
  32     char *xml_scanall = "scanall";
  33     char *xml_readall = "readall";
  34     char *xml_time = "frequency";
  35     char *xml_disabled = "disabled";
  36     char *xml_base_dir = "base_directory";
  37     char *xml_ignore = "ignore";
  38
  39
  40     rootcheck = (rkconfig *)configp;
  41
  42     while(node[i])
  43     {
  44         if(!node[i]->element)
  45         {
  46             merror(XML_ELEMNULL, ARGV0);
  47             return(OS_INVALID);
  48         }
  49         else if(!node[i]->content)
  50         {
  51             merror(XML_VALUENULL, ARGV0, node[i]->element);
  52             return(OS_INVALID);
  53         }
  54
  55         /* Getting frequency */
  56         else if(strcmp(node[i]->element,xml_time) == 0)
  57         {
  58             if(!OS_StrIsNum(node[i]->content))
  59             {
  60                 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
  61                 return(OS_INVALID);
  62             }
  63
  64             rootcheck->time = atoi(node[i]->content);
  65         }
  66         /* getting scan all */
  67         else if(strcmp(node[i]->element,xml_scanall) == 0)
  68         {
  69             if(strcmp(node[i]->content, "yes") == 0)
  70                 rootcheck->scanall = 1;
  71             else if(strcmp(node[i]->content, "no") == 0)
  72                 rootcheck->scanall = 0;
  73             else
  74             {
  75                 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
  76                 return(OS_INVALID);
  77             }
  78         }
  79         else if(strcmp(node[i]->element, xml_disabled) == 0)
  80         {
  81             if(strcmp(node[i]->content, "yes") == 0)
  82                 rootcheck->disabled = 1;
  83             else if(strcmp(node[i]->content, "no") == 0)
  84                 rootcheck->disabled = 0;
  85             else
  86             {
  87                 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
  88                 return(OS_INVALID);
  89             }
  90         }
  91         else if(strcmp(node[i]->element,xml_readall) == 0)
  92         {
  93             if(strcmp(node[i]->content, "yes") == 0)
  94                 rootcheck->readall = 1;
  95             else if(strcmp(node[i]->content, "no") == 0)
  96                 rootcheck->readall = 0;
  97             else
  98             {
  99                 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
 100                 return(OS_INVALID);
 101             }
 102         }
 103         else if(strcmp(node[i]->element,xml_rootkit_files) == 0)
 104         {
 105             os_strdup(node[i]->content, rootcheck->rootkit_files);
 106         }
 107         else if(strcmp(node[i]->element,xml_rootkit_trojans) == 0)
 108         {
 109             os_strdup(node[i]->content, rootcheck->rootkit_trojans);
 110         }
 111         else if(strcmp(node[i]->element, xml_winaudit) == 0)
 112         {
 113             os_strdup(node[i]->content, rootcheck->winaudit);
 114         }
 115         else if(strcmp(node[i]->element, xml_unixaudit) == 0)
 116         {
 117             int j = 0;
 118             while(rootcheck->unixaudit && rootcheck->unixaudit[j])
 119                 j++;
 120
 121             os_realloc(rootcheck->unixaudit, sizeof(char *)*(j+2),
 122                        rootcheck->unixaudit);
 123             rootcheck->unixaudit[j] = NULL;
 124             rootcheck->unixaudit[j + 1] = NULL;
 125
 126             os_strdup(node[i]->content, rootcheck->unixaudit[j]);
 127         }
 128         else if(strcmp(node[i]->element, xml_ignore) == 0)
 129         {
 130             int j = 0;
 131             while(rootcheck->ignore && rootcheck->ignore[j])
 132                 j++;
 133
 134             os_realloc(rootcheck->ignore, sizeof(char *)*(j+2),
 135                        rootcheck->ignore);
 136             rootcheck->ignore[j] = NULL;
 137             rootcheck->ignore[j + 1] = NULL;
 138
 139             os_strdup(node[i]->content, rootcheck->ignore[j]);
 140         }
 141         else if(strcmp(node[i]->element, xml_winmalware) == 0)
 142         {
 143             os_strdup(node[i]->content, rootcheck->winmalware);
 144         }
 145         else if(strcmp(node[i]->element, xml_winapps) == 0)
 146         {
 147             os_strdup(node[i]->content, rootcheck->winapps);
 148         }
 149         else if(strcmp(node[i]->element, xml_base_dir) == 0)
 150         {
 151             os_strdup(node[i]->content, rootcheck->basedir);
 152         }
 153         else
 154         {
 155             merror(XML_INVELEM, ARGV0, node[i]->element);
 156             return(OS_INVALID);
 157         }
 158         i++;
 159     }
 160     return(0);
 161 }
 162
 163 /* EOF */