3 /* Copyright (C) 2009 Trend Micro Inc.
6 * This program is a free software; you can redistribute it
7 * and/or modify it under the terms of the GNU General Public
8 * License (version 2) as published by the FSF - Free Software
13 * Available at http://www.ossec.net
19 char *ip_address_regex =
20 "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/?"
21 "([0-9]{0,2}|[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})$";
28 /* Read the file and return a string the matches the following
29 * format: high_name.low_name.
30 * If return is not null, value must be free.
32 static char *_read_file(char *high_name, char *low_name, char *defines_file)
35 char def_file[OS_FLSIZE +1];
36 char buf[OS_SIZE_1024 +1];
44 snprintf(def_file,OS_FLSIZE,"%s", defines_file);
48 snprintf(def_file,OS_FLSIZE,"%s%s",DEFAULTDIR, defines_file);
51 snprintf(def_file,OS_FLSIZE,"%s", defines_file);
55 fp = fopen(def_file, "r");
58 if(strcmp(defines_file, OSSEC_LDEFINES) != 0)
60 merror(FOPEN_ERROR, __local_name, def_file);
66 if(!high_name || !low_name)
68 merror(NULL_ERROR, __local_name);
74 buf[OS_SIZE_1024] = '\0';
75 while(fgets(buf, OS_SIZE_1024 , fp) != NULL)
77 /* Commented or blank lines */
78 if(buf[0] == '#' || buf[0] == ' ' || buf[0] == '\n')
83 /* Messages not formatted correctly */
84 buf_pt = strchr(buf, '.');
87 merror(FGETS_ERROR, __local_name, def_file, buf);
91 /* Checking for the high name */
92 *buf_pt = '\0'; buf_pt++;
93 if(strcmp(buf, high_name) != 0)
100 /* Getting the equal */
101 buf_pt = strchr(buf_pt, '=');
104 merror(FGETS_ERROR, __local_name, def_file, buf);
108 /* Checking for the low name */
109 *buf_pt = '\0'; buf_pt++;
110 if(strcmp(tmp_buffer, low_name) != 0)
115 /* Removing new lines or anything that we cause errors */
116 tmp_buffer = strrchr(buf_pt, '\n');
122 tmp_buffer = strrchr(buf_pt, '\r');
128 os_strdup(buf_pt, ret);
139 /* Getting the netmask based on the integer value. */
140 int getNetmask(int mask, char *strmask, int size)
148 snprintf(strmask, size, "/any");
154 if(htonl(_netmasks[i]) == mask)
156 snprintf(strmask, size, "/%d", i);
166 /* Initialize netmasks -- took from snort util.c */
171 _netmasks[1] = 0x80000000;
172 _netmasks[2] = 0xC0000000;
173 _netmasks[3] = 0xE0000000;
174 _netmasks[4] = 0xF0000000;
175 _netmasks[5] = 0xF8000000;
176 _netmasks[6] = 0xFC000000;
177 _netmasks[7] = 0xFE000000;
178 _netmasks[8] = 0xFF000000;
179 _netmasks[9] = 0xFF800000;
180 _netmasks[10] = 0xFFC00000;
181 _netmasks[11] = 0xFFE00000;
182 _netmasks[12] = 0xFFF00000;
183 _netmasks[13] = 0xFFF80000;
184 _netmasks[14] = 0xFFFC0000;
185 _netmasks[15] = 0xFFFE0000;
186 _netmasks[16] = 0xFFFF0000;
187 _netmasks[17] = 0xFFFF8000;
188 _netmasks[18] = 0xFFFFC000;
189 _netmasks[19] = 0xFFFFE000;
190 _netmasks[20] = 0xFFFFF000;
191 _netmasks[21] = 0xFFFFF800;
192 _netmasks[22] = 0xFFFFFC00;
193 _netmasks[23] = 0xFFFFFE00;
194 _netmasks[24] = 0xFFFFFF00;
195 _netmasks[25] = 0xFFFFFF80;
196 _netmasks[26] = 0xFFFFFFC0;
197 _netmasks[27] = 0xFFFFFFE0;
198 _netmasks[28] = 0xFFFFFFF0;
199 _netmasks[29] = 0xFFFFFFF8;
200 _netmasks[30] = 0xFFFFFFFC;
201 _netmasks[31] = 0xFFFFFFFE;
202 _netmasks[32] = 0xFFFFFFFF;
207 * Gets an integer definition. This function always return on
208 * success or exit on error.
210 int getDefine_Int(char *high_name, char *low_name, int min, int max)
217 /* We first try to read from the local define file. */
218 value = _read_file(high_name, low_name, OSSEC_LDEFINES);
221 value = _read_file(high_name, low_name, OSSEC_DEFINES);
223 ErrorExit(DEF_NOT_FOUND, __local_name, high_name, low_name);
229 if(!isdigit((int)*pt))
231 ErrorExit(INV_DEF, __local_name, high_name, low_name, value);
237 if((ret < min) || (ret > max))
239 ErrorExit(INV_DEF, __local_name, high_name, low_name, value);
242 /* Clearing memory */
249 /** int OS_IPFound(char *ip_address, os_ip *that_ip)
250 * Checks if ip_address is present at that_ip.
251 * Returns 1 on success or 0 on failure.
253 int OS_IPFound(char *ip_address, os_ip *that_ip)
258 /* Extracting ip address */
259 if((net.s_addr = inet_addr(ip_address)) <= 0)
264 /* If negate is set */
265 if(that_ip->ip[0] == '!')
270 /* Checking if ip is in thatip & netmask */
271 if((net.s_addr & that_ip->netmask) == that_ip->ip_address)
281 /** int OS_IPFoundList(char *ip_address, os_ip **list_of_ips)
282 * Checks if ip_address is present on the "list_of_ips".
283 * Returns 1 on success or 0 on failure.
284 * The list MUST be NULL terminated
286 int OS_IPFoundList(char *ip_address, os_ip **list_of_ips)
291 /* Extracting ip address */
292 if((net.s_addr = inet_addr(ip_address)) <= 0)
299 os_ip *l_ip = *list_of_ips;
301 if(l_ip->ip[0] == '!')
306 if((net.s_addr & l_ip->netmask) == l_ip->ip_address)
317 /** int OS_IsValidIP(char *ip)
318 * Validates if an ip address is in the right
320 * Returns 0 if doesn't match or 1 if it is an ip or 2 an ip with cidr.
321 * ** On success this function may modify the value of ip_address
323 int OS_IsValidIP(char *ip_address, os_ip *final_ip)
325 unsigned int nmask = 0;
334 /* Assigning the ip address */
337 os_strdup(ip_address, final_ip->ip);
340 if(*ip_address == '!')
346 /* checking against the basic regex */
347 if(!OS_PRegex(ip_address, ip_address_regex))
349 if(strcmp(ip_address, "any") != 0)
356 if(strcmp(ip_address, "any") != 0)
361 while(*tmp_ip != '\0')
375 if(dots < 3 || dots > 6)
382 /* Getting the cidr/netmask if available */
383 tmp_str = strchr(ip_address,'/');
393 if(strlen(tmp_str) <= 2)
395 cidr = atoi(tmp_str);
396 if((cidr >= 0) && (cidr <= 32))
400 nmask = _netmasks[cidr];
401 nmask = htonl(nmask);
415 if(strcmp(tmp_str, "255.255.255.255") == 0)
417 nmask = htonl(_netmasks[32]);
421 if((nmask = inet_addr(ip_address)) <= 0)
428 if((net.s_addr = inet_addr(ip_address)) <= 0)
430 if(strcmp("0.0.0.0", ip_address) == 0)
442 final_ip->ip_address = net.s_addr & nmask;
443 final_ip->netmask = nmask;
452 /* No cidr available */
458 if(strcmp("any", ip_address) == 0)
463 else if((net.s_addr = inet_addr(ip_address)) <= 0)
470 final_ip->ip_address = net.s_addr;
475 final_ip->netmask = htonl(_netmasks[nmask]);
478 /* Ip without cidr */
487 /* Should never reach here */
492 /** int OS_IsonTime(char *time_str, char *ossec_time)
493 * Must be a valid string, called after OS_IsValidTime.
494 * Returns 1 on success or 0 on failure.
496 int OS_IsonTime(char *time_str, char *ossec_time)
500 if(*ossec_time == '!')
506 /* Comparing against min/max value */
507 if((strncmp(time_str, ossec_time, 5) >= 0)&&
508 (strncmp(time_str, ossec_time+5,5) <= 0))
517 /** char *OS_IsValidTime(char *time_str)
518 * Validates if a time is in an acceptable format
520 * Returns 0 if doesn't match or a valid string for
521 * ossec usage in success.
522 * ** On success this function may modify the value of date
523 * Acceptable formats:
524 * hh:mm - hh:mm (24 hour format)
525 * !hh:mm -hh:mm (24 hour format)
526 * hh - hh (24 hour format)
527 * hh:mm am - hh:mm pm (12 hour format)
528 * hh am - hh pm (12 hour format)
530 #define RM_WHITE(x)while(*x == ' ')x++;
531 char *__gethour(char *str, char *ossec_hour)
537 /* Invalid time format */
538 if(!isdigit((int)*str))
540 merror(INVALID_TIME, __local_name, str);
548 /* Getting a valid hour */
549 if(chour < 0 || chour >= 24)
551 merror(INVALID_TIME, __local_name, str);
556 /* Going after the hour */
557 while(isdigit((int)*str))
566 merror(INVALID_TIME, __local_name, str);
575 if((!isdigit((int)*str)||
576 !isdigit((int)*(str +1))) && isdigit((int)*(str +2)))
578 merror(INVALID_TIME, __local_name, str);
586 /* Removing spaces */
589 if((*str == 'a') || (*str == 'A'))
592 if((*str == 'm') || (*str == 'M'))
594 snprintf(ossec_hour, 6, "%02d:%02d", chour, cmin);
599 else if((*str == 'p') || (*str == 'P'))
602 if((*str == 'm') || (*str == 'M'))
606 /* New hour must be valid */
607 if(chour < 0 || chour >= 24)
609 merror(INVALID_TIME, __local_name, str);
613 snprintf(ossec_hour, 6, "%02d:%02d", chour, cmin);
621 snprintf(ossec_hour, 6, "%02d:%02d", chour, cmin);
626 merror(INVALID_TIME, __local_name, str);
631 char *OS_IsValidTime(char *time_str)
638 /* Must be not null */
643 /* Clearing memory */
644 memset(first_hour, '\0', 7);
645 memset(second_hour, '\0', 7);
648 /* Removing white spaces */
652 /* Checking for negative */
658 /* We may have white spaces after the '!' */
663 /* Getting first hour */
664 time_str = __gethour(time_str, first_hour);
668 /* Removing white spaces */
678 /* Removing white spaces */
681 /* Getting second hour */
682 time_str = __gethour(time_str, second_hour);
687 if(*time_str != '\0')
692 os_calloc(13, sizeof(char), ret);
694 /* Fixing dump hours */
695 if(strcmp(first_hour,second_hour) > 0)
697 snprintf(ret, 12, "!%s%s", second_hour, first_hour);
701 /* For the normal times */
702 snprintf(ret, 12, "%c%s%s", ng == 0?'.':'!', first_hour, second_hour);
708 /** int OS_IsAfterTime(char *time_str, char *ossec_time)
709 * Checks if the current time is the same or has passed the
712 int OS_IsAfterTime(char *time_str, char *ossec_time)
714 /* Unique times can't have a !. */
715 if(*ossec_time == '!')
721 /* Comparing against min/max value */
722 if(strncmp(time_str, ossec_time, 5) >= 0)
732 /** char *OS_IsValidUniqueTime(char *time_str)
733 * Creates a unique time, not a range. Must be used with OS_IsAfterTime.
735 char *OS_IsValidUniqueTime(char *time_str)
742 memset(mytime, '\0', 128 +1);
743 snprintf(mytime, 128, "%s-%s", time_str, time_str);
746 return(OS_IsValidTime(mytime));
751 /** int OS_IsonDay(int week_day, char *ossec_day)
752 * Checks if the specified week day is in the
755 int OS_IsonDay(int week_day, char *ossec_day)
760 if(ossec_day[7] == '!')
763 if(week_day < 0 || week_day > 7)
768 /* It is on the right day */
769 if(ossec_day[week_day] == 1)
777 /** char *OS_IsValidDay(char *day_str)
778 * Validates if an day is in an acceptable format
780 * Returns 0 if doesn't match or a valid string for
781 * ossec usage in success.
782 * ** On success this function may modify the value of date
783 * Acceptable formats:
784 * weekdays, weekends, monday, tuesday, thursday,..
788 #define RM_SEP(x)while((*x == ' ') || (*x == ','))x++;
789 #define IS_SEP(x) (*x == ' ' || *x == ',')
790 char *OS_IsValidDay(char *day_str)
794 char day_ret[9] = {0,0,0,0,0,0,0,0,0};
797 "sunday", "sun", "monday", "mon", "tuesday", "tue",
798 "wednesday", "wed", "thursday", "thu", "friday",
799 "fri", "saturday", "sat", "weekdays", "weekends", NULL
801 int days_int[] = {0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,8};
803 /* Must be a valid string */
810 /* checking for negatives */
817 while(*day_str != '\0')
822 if(strncasecmp(day_str, days[i], strlen(days[i])) == 0)
834 else if(days_int[i] == 8)
841 day_ret[days_int[i]] = 1;
850 merror(INVALID_DAY, __local_name, day_str);
854 day_str += strlen(days[i]);
861 else if(*day_str == '\0')
865 merror(INVALID_DAY, __local_name, day_str);
870 /* Assigning values */
871 os_calloc(9, sizeof(char), ret);
874 /* Setting nevative */
881 /* Checking if some is checked */
887 /* At least one day must be checked */
891 merror(INVALID_DAY, __local_name, day_str);
projects / ossec-hids.git / blob