projects
/
ossec-hids.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Imported Upstream version 2.7
[ossec-hids.git]
/
src
/
win32
/
win_agent.c
diff --git
a/src/win32/win_agent.c
b/src/win32/win_agent.c
index
0c01224
..
c2b80ca
100755
(executable)
--- a/
src/win32/win_agent.c
+++ b/
src/win32/win_agent.c
@@
-1,4
+1,5
@@
-/* @(#) $Id$ */
+/* @(#) $Id: ./src/win32/win_agent.c, 2011/11/01 dcid Exp $
+ */
/* Copyright (C) 2009 Trend Micro Inc.
* All rights reserved.
/* Copyright (C) 2009 Trend Micro Inc.
* All rights reserved.
@@
-8,7
+9,7
@@
* License (version 2) as published by the FSF - Free Software
* Foundation.
*
* License (version 2) as published by the FSF - Free Software
* Foundation.
*
- * License details at the LICENSE file included with OSSEC or
+ * License details at the LICENSE file included with OSSEC or
* online at: http://www.ossec.net/en/licensing.html
*/
* online at: http://www.ossec.net/en/licensing.html
*/
@@
-79,8
+80,8
@@
int main(int argc, char **argv)
/* Find where I'm */
mypath[OS_MAXSTR] = '\0';
myfile[OS_MAXSTR] = '\0';
/* Find where I'm */
mypath[OS_MAXSTR] = '\0';
myfile[OS_MAXSTR] = '\0';
-
-
+
+
/* mypath is going to be the whole path of the file */
strncpy(mypath, argv[0], OS_MAXSTR);
tmpstr = strrchr(mypath, '\\');
/* mypath is going to be the whole path of the file */
strncpy(mypath, argv[0], OS_MAXSTR);
tmpstr = strrchr(mypath, '\\');
@@
-101,8
+102,8
@@
int main(int argc, char **argv)
getcwd(mypath, OS_MAXSTR -1);
strncat(mypath, "\\", OS_MAXSTR - (strlen(mypath) + 2));
strncat(mypath, myfile, OS_MAXSTR - (strlen(mypath) + 2));
getcwd(mypath, OS_MAXSTR -1);
strncat(mypath, "\\", OS_MAXSTR - (strlen(mypath) + 2));
strncat(mypath, myfile, OS_MAXSTR - (strlen(mypath) + 2));
-
-
+
+
if(argc > 1)
{
if(strcmp(argv[1], "install-service") == 0)
if(argc > 1)
{
if(strcmp(argv[1], "install-service") == 0)
@@
-147,6
+148,7
@@
int main(int argc, char **argv)
int local_start()
{
int debug_level;
int local_start()
{
int debug_level;
+ int accept_manager_commands = 0;
char *cfg = DEFAULTCPATH;
WSADATA wsaData;
DWORD threadID;
char *cfg = DEFAULTCPATH;
WSADATA wsaData;
DWORD threadID;
@@
-169,9
+171,12
@@
int local_start()
nowDebug();
debug_level--;
}
nowDebug();
debug_level--;
}
-
-
-
+ accept_manager_commands = getDefine_Int("logcollector",
+ "remote_commands", 0, 1);
+
+
+
+
/* Configuration file not present */
if(File_DateofChange(cfg) < 0)
ErrorExit("%s: Configuration file '%s' not found",ARGV0,cfg);
/* Configuration file not present */
if(File_DateofChange(cfg) < 0)
ErrorExit("%s: Configuration file '%s' not found",ARGV0,cfg);
@@
-182,7
+187,7
@@
int local_start()
{
ErrorExit("%s: WSAStartup() failed", ARGV0);
}
{
ErrorExit("%s: WSAStartup() failed", ARGV0);
}
-
+
/* Read agent config */
debug1("%s: DEBUG: Reading agent configuration.", ARGV0);
/* Read agent config */
debug1("%s: DEBUG: Reading agent configuration.", ARGV0);
@@
-194,7
+199,7
@@
int local_start()
/* Reading logcollector config file */
debug1("%s: DEBUG: Reading logcollector configuration.", ARGV0);
/* Reading logcollector config file */
debug1("%s: DEBUG: Reading logcollector configuration.", ARGV0);
- if(LogCollectorConfig(cfg) < 0)
+ if(LogCollectorConfig(cfg, accept_manager_commands) < 0)
{
ErrorExit(CONFIG_ERROR, ARGV0, cfg);
}
{
ErrorExit(CONFIG_ERROR, ARGV0, cfg);
}
@@
-205,7
+210,7
@@
int local_start()
{
ErrorExit(AG_NOKEYS_EXIT, ARGV0);
}
{
ErrorExit(AG_NOKEYS_EXIT, ARGV0);
}
-
+
/* If there is not file to monitor, create a clean entry
/* If there is not file to monitor, create a clean entry
@@
-230,14
+235,14
@@
int local_start()
{
logr->execdq = -1;
}
{
logr->execdq = -1;
}
-
-
+
+
/* Reading keys */
verbose(ENC_READ, ARGV0);
/* Reading keys */
verbose(ENC_READ, ARGV0);
-
+
OS_ReadKeys(&keys);
OS_StartCounter(&keys);
OS_ReadKeys(&keys);
OS_StartCounter(&keys);
- os_write_agent_info(keys.keyentries[0]->name, NULL, keys.keyentries[0]->id);
+ os_write_agent_info(keys.keyentries[0]->name, NULL, keys.keyentries[0]->id, NULL);
/* Initial random numbers */
/* Initial random numbers */
@@
-261,47
+266,47
@@
int local_start()
/* Starting syscheck thread */
/* Starting syscheck thread */
- if(CreateThread(NULL,
- 0,
- (LPTHREAD_START_ROUTINE)skthread,
- NULL,
- 0,
+ if(CreateThread(NULL,
+ 0,
+ (LPTHREAD_START_ROUTINE)skthread,
+ NULL,
+ 0,
(LPDWORD)&threadID) == NULL)
{
merror(THREAD_ERROR, ARGV0);
}
(LPDWORD)&threadID) == NULL)
{
merror(THREAD_ERROR, ARGV0);
}
-
+
/* Checking if server is connected */
os_setwait();
/* Checking if server is connected */
os_setwait();
-
+
start_agent(1);
start_agent(1);
-
+
os_delwait();
/* Sending integrity message for agent configs */
intcheck_file(cfg, "");
intcheck_file(OSSEC_DEFINES, "");
os_delwait();
/* Sending integrity message for agent configs */
intcheck_file(cfg, "");
intcheck_file(OSSEC_DEFINES, "");
-
+
/* Starting receiver thread */
/* Starting receiver thread */
- if(CreateThread(NULL,
- 0,
- (LPTHREAD_START_ROUTINE)receiver_thread,
- NULL,
- 0,
+ if(CreateThread(NULL,
+ 0,
+ (LPTHREAD_START_ROUTINE)receiver_thread,
+ NULL,
+ 0,
(LPDWORD)&threadID2) == NULL)
{
merror(THREAD_ERROR, ARGV0);
}
(LPDWORD)&threadID2) == NULL)
{
merror(THREAD_ERROR, ARGV0);
}
-
-
+
+
/* Sending agent information message */
send_win32_info(time(0));
/* Sending agent information message */
send_win32_info(time(0));
-
-
+
+
/* Startting logcollector -- main process here */
LogCollectorStart();
/* Startting logcollector -- main process here */
LogCollectorStart();
@@
-314,27
+319,27
@@
int local_start()
int SendMSG(int queue, char *message, char *locmsg, char loc)
{
int _ssize;
int SendMSG(int queue, char *message, char *locmsg, char loc)
{
int _ssize;
-
+
time_t cu_time;
time_t cu_time;
-
+
char *pl;
char tmpstr[OS_MAXSTR+2];
char crypt_msg[OS_MAXSTR +2];
char *pl;
char tmpstr[OS_MAXSTR+2];
char crypt_msg[OS_MAXSTR +2];
-
- DWORD dwWaitResult;
+
+ DWORD dwWaitResult;
tmpstr[OS_MAXSTR +1] = '\0';
crypt_msg[OS_MAXSTR +1] = '\0';
debug2("%s: DEBUG: Attempting to send message to server.", ARGV0);
tmpstr[OS_MAXSTR +1] = '\0';
crypt_msg[OS_MAXSTR +1] = '\0';
debug2("%s: DEBUG: Attempting to send message to server.", ARGV0);
-
+
/* Using a mutex to synchronize the writes */
while(1)
{
dwWaitResult = WaitForSingleObject(hMutex, 1000000L);
/* Using a mutex to synchronize the writes */
while(1)
{
dwWaitResult = WaitForSingleObject(hMutex, 1000000L);
- if(dwWaitResult != WAIT_OBJECT_0)
+ if(dwWaitResult != WAIT_OBJECT_0)
{
switch(dwWaitResult)
{
{
switch(dwWaitResult)
{
@@
-345,8
+350,8
@@
int SendMSG(int queue, char *message, char *locmsg, char loc)
case WAIT_ABANDONED:
merror("%s: Error waiting mutex (abandoned).", ARGV0);
return(0);
case WAIT_ABANDONED:
merror("%s: Error waiting mutex (abandoned).", ARGV0);
return(0);
- default:
- merror("%s: Error waiting mutex.", ARGV0);
+ default:
+ merror("%s: Error waiting mutex.", ARGV0);
return(0);
}
}
return(0);
}
}
@@
-359,7
+364,7
@@
int SendMSG(int queue, char *message, char *locmsg, char loc)
cu_time = time(0);
cu_time = time(0);
-
+
#ifndef ONEWAY
/* Check if the server has responded */
#ifndef ONEWAY
/* Check if the server has responded */
@@
-441,12
+446,12
@@
int SendMSG(int queue, char *message, char *locmsg, char loc)
{
int curr_rip = logr->rip_id;
merror("%s: INFO: Trying next server ip in "
{
int curr_rip = logr->rip_id;
merror("%s: INFO: Trying next server ip in "
- "line: '%s'.",
+ "line: '%s'.",
ARGV0,
logr->rip[logr->rip_id + 1] != NULL?
logr->rip[logr->rip_id + 1]:
logr->rip[0]);
ARGV0,
logr->rip[logr->rip_id + 1] != NULL?
logr->rip[logr->rip_id + 1]:
logr->rip[0]);
-
+
connect_server(logr->rip_id +1);
if(logr->rip_id != curr_rip)
connect_server(logr->rip_id +1);
if(logr->rip_id != curr_rip)
@@
-474,7
+479,7
@@
int SendMSG(int queue, char *message, char *locmsg, char loc)
}
}
}
}
- verbose(AG_CONNECTED, ARGV0, logr->rip[logr->rip_id],
+ verbose(AG_CONNECTED, ARGV0, logr->rip[logr->rip_id],
logr->port);
verbose(SERVER_UP, ARGV0);
}
logr->port);
verbose(SERVER_UP, ARGV0);
}
@@
-495,7
+500,7
@@
int SendMSG(int queue, char *message, char *locmsg, char loc)
}
}
-
+
/* locmsg cannot have the C:, as we use it as delimiter */
pl = strchr(locmsg, ':');
if(pl)
/* locmsg cannot have the C:, as we use it as delimiter */
pl = strchr(locmsg, ':');
if(pl)
@@
-508,9
+513,9
@@
int SendMSG(int queue, char *message, char *locmsg, char loc)
pl = locmsg;
}
pl = locmsg;
}
-
+
debug2("%s: DEBUG: Sending message to server: '%s'", ARGV0, message);
debug2("%s: DEBUG: Sending message to server: '%s'", ARGV0, message);
-
+
snprintf(tmpstr,OS_MAXSTR,"%c:%s:%s", loc, pl, message);
_ssize = CreateSecMSG(&keys, tmpstr, crypt_msg, 0);
snprintf(tmpstr,OS_MAXSTR,"%c:%s:%s", loc, pl, message);
_ssize = CreateSecMSG(&keys, tmpstr, crypt_msg, 0);
@@
-522,9
+527,9
@@
int SendMSG(int queue, char *message, char *locmsg, char loc)
merror(SEC_ERROR,ARGV0);
if(!ReleaseMutex(hMutex))
{
merror(SEC_ERROR,ARGV0);
if(!ReleaseMutex(hMutex))
{
- merror("%s: Error releasing mutex.", ARGV0);
+ merror("%s: Error releasing mutex.", ARGV0);
}
}
-
+
return(-1);
}
return(-1);
}
@@
-539,7
+544,7
@@
int SendMSG(int queue, char *message, char *locmsg, char loc)
{
merror("%s: Error releasing mutex.", ARGV0);
}
{
merror("%s: Error releasing mutex.", ARGV0);
}
- return(0);
+ return(0);
}
}
@@
-548,12
+553,12
@@
int StartMQ(char * path, short int type)
{
/* Connecting to the server. */
connect_server(0);
{
/* Connecting to the server. */
connect_server(0);
-
+
if((path == NULL) && (type == 0))
{
return(0);
}
if((path == NULL) && (type == 0))
{
return(0);
}
-
+
return(0);
}
return(0);
}
@@
-599,8
+604,8
@@
void send_win32_info(time_t curr_time)
__win32_shared_time = __win32_curr_time;
}
__win32_shared_time = __win32_curr_time;
}
-
-
+
+
/* get shared files */
if(!__win32_shared)
{
/* get shared files */
if(!__win32_shared)
{