3 /* Copyright (C) 2009 Trend Micro Inc.
6 * This program is a free software; you can redistribute it
7 * and/or modify it under the terms of the GNU General Public
8 * License (version 2) as published by the FSF - Free Software
12 /* Functions to handle the configuration files
17 #include "global-config.h"
21 static int cmpr(const void *a, const void *b) {
22 /*printf("%s - %s\n", *(char **)a, *(char **)b);*/
23 return strcmp(*(char **)a, *(char **)b);
26 static int file_in_list(int list_size, char *f_name, char *d_name, char **alist)
29 for(i=0; i<(list_size-1); i++)
31 if((strcmp(alist[i], f_name) == 0 || strcmp(alist[i], d_name) == 0))
39 int Read_Rules(XML_NODE node, void *configp, void *mailp)
45 int decoders_size = 1;
48 char path[PATH_MAX +2];
49 char f_name[PATH_MAX +2];
58 char *xml_rules_include = "include";
59 char *xml_rules_rule = "rule";
60 char *xml_rules_rules_dir = "rule_dir";
61 char *xml_rules_lists = "list";
62 char *xml_rules_lists_dir = "list_dir";
63 char *xml_rules_decoders = "decoder";
64 char *xml_rules_decoders_dir = "decoder_dir";
68 Config = (_Config *)configp;
74 merror(XML_ELEMNULL, ARGV0);
77 else if(!node[i]->content)
79 merror(XML_VALUENULL, ARGV0, node[i]->element);
82 /* Mail notification */
83 else if((strcmp(node[i]->element, xml_rules_include) == 0) ||
84 (strcmp(node[i]->element, xml_rules_rule) == 0))
87 Config->includes = realloc(Config->includes,
88 sizeof(char *)*rules_size);
91 merror(MEM_ERROR, ARGV0);
95 os_strdup(node[i]->content,Config->includes[rules_size -2]);
96 Config->includes[rules_size -1] = NULL;
97 debug1("adding rule: %s", node[i]->content);
99 else if(strcmp(node[i]->element, xml_rules_decoders) == 0)
102 Config->decoders = realloc(Config->decoders,
103 sizeof(char *)*decoders_size);
104 if(!Config->decoders)
106 merror(MEM_ERROR, ARGV0);
110 os_strdup(node[i]->content,Config->decoders[decoders_size -2]);
111 Config->decoders[decoders_size -1] = NULL;
112 debug1("adding decoder: %s", node[i]->content);
114 else if(strcmp(node[i]->element, xml_rules_lists) == 0)
117 Config->lists = realloc(Config->lists,
118 sizeof(char *)*lists_size);
121 merror(MEM_ERROR, ARGV0);
124 os_strdup(node[i]->content,Config->lists[lists_size -2]);
125 Config->lists[lists_size -1] = NULL;
128 else if(strcmp(node[i]->element, xml_rules_lists) == 0)
131 Config->lists = realloc(Config->lists,
132 sizeof(char *)*lists_size);
135 merror(MEM_ERROR, ARGV0);
138 os_strdup(node[i]->content,Config->lists[lists_size -2]);
139 Config->lists[lists_size -1] = NULL;
142 else if(strcmp(node[i]->element, xml_rules_decoders_dir) == 0)
145 if(node[i]->attributes && node[i]->values)
147 while(node[i]->attributes[att_count])
149 if((strcasecmp(node[i]->attributes[att_count], "pattern") == 0))
151 if(node[i]->values[att_count])
153 if(!OSRegex_Compile(node[i]->values[att_count], ®ex, 0))
155 merror(CONFIG_ERROR, ARGV0, "pattern in decoders_dir does not compile");
156 merror("%s: ERROR: Regex would not compile", ARGV0);
166 OSRegex_Compile(".xml$", ®ex, 0);
170 snprintf(path,PATH_MAX +1,"%s", node[i]->content);
172 snprintf(path,PATH_MAX +1,"%s/%s", DEFAULTDIR, node[i]->content);
175 f_name[PATH_MAX +1] = '\0';
179 start_point = decoders_size- 1;
180 while((entry = readdir(dfd)) != NULL)
182 snprintf(f_name, PATH_MAX +1, "%s/%s", node[i]->content, entry->d_name);
184 /* Just ignore . and .. */
185 if((strcmp(entry->d_name,".") == 0) || (strcmp(entry->d_name,"..") == 0))
188 /* no dups allowed */
189 if(file_in_list(decoders_size, f_name, entry->d_name, Config->decoders))
192 if(OSRegex_Execute(f_name, ®ex))
195 Config->decoders= realloc(Config->decoders, sizeof(char *)*decoders_size);
196 if(!Config->decoders)
198 merror(MEM_ERROR, ARGV0);
202 os_strdup(f_name, Config->decoders[decoders_size -2]);
203 Config->decoders[decoders_size -1] = NULL;
204 debug1("adding decoder: %s", f_name);
208 debug1("Regex does not match \"%s\"", f_name);
213 /* Sort just then newly added items */
214 qsort(Config->decoders + start_point , decoders_size- start_point -1, sizeof(char *), cmpr);
217 debug1("decoders_size %d", decoders_size);
218 for(ii=0;ii<decoders_size-1;ii++)
219 debug1("- %s", Config->decoders[ii]);
221 else if(strcmp(node[i]->element, xml_rules_rules_dir) == 0)
223 if(node[i]->attributes && node[i]->values)
225 while(node[i]->attributes[att_count])
227 if((strcasecmp(node[i]->attributes[att_count], "pattern") == 0))
229 if(node[i]->values[att_count])
231 if(!OSRegex_Compile(node[i]->values[att_count], ®ex, 0))
233 merror(CONFIG_ERROR, ARGV0, "pattern in rules_dir does not compile");
234 merror("%s: ERROR: Regex would not compile", ARGV0);
244 OSRegex_Compile(".xml$", ®ex, 0);
248 snprintf(path,PATH_MAX +1,"%s", node[i]->content);
250 snprintf(path,PATH_MAX +1,"%s/%s", DEFAULTDIR, node[i]->content);
253 f_name[PATH_MAX +1] = '\0';
257 start_point = rules_size - 1;
258 while((entry = readdir(dfd)) != NULL)
260 snprintf(f_name, PATH_MAX +1, "%s/%s", node[i]->content, entry->d_name);
262 /* Just ignore . and .. */
263 if((strcmp(entry->d_name,".") == 0) || (strcmp(entry->d_name,"..") == 0))
266 /* no dups allowed */
267 if(file_in_list(rules_size, f_name, entry->d_name, Config->includes))
270 if(OSRegex_Execute(f_name, ®ex))
273 Config->includes = realloc(Config->includes, sizeof(char *)*rules_size);
274 if(!Config->includes)
276 merror(MEM_ERROR, ARGV0);
280 os_strdup(f_name, Config->includes[rules_size -2]);
281 Config->includes[rules_size -1] = NULL;
282 debug1("adding rule: %s", f_name);
286 debug1("Regex does not match \"%s\"", f_name);
291 /* Sort just then newly added items */
292 qsort(Config->includes + start_point , rules_size - start_point -1, sizeof(char *), cmpr);
297 merror(XML_INVELEM, ARGV0, node[i]->element);
projects / ossec-hids.git / blob