X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Faddagent%2Fvalidate.c;h=60dec16391fb4ba49736d76cff27c469d11e45f5;hp=344e4ee79cf799b269944a022b08b95bf0b4753a;hb=6ef2f786c6c8ead94841b5f93baf9f43421f08c8;hpb=301048b51990573e58a30dc4a5bb4ec285cad554 diff --git a/src/addagent/validate.c b/src/addagent/validate.c index 344e4ee..60dec16 100755 --- a/src/addagent/validate.c +++ b/src/addagent/validate.c @@ -1,4 +1,5 @@ -/* @(#) $Id$ */ +/* @(#) $Id: ./src/addagent/validate.c, 2011/09/08 dcid Exp $ + */ /* Copyright (C) 2009 Trend Micro Inc. * All rights reserved. @@ -12,20 +13,90 @@ #include "manage_agents.h" +#include "os_crypto/md5/md5_op.h" + +char *OS_AddNewAgent(char *name, char *ip, char *id, char *key) +{ + int i = 0; + FILE *fp; + int rand1; + os_md5 md1; + os_md5 md2; + char str1[STR_SIZE +1]; + char str2[STR_SIZE +1]; + char *muname = NULL; + char *finals = NULL; + + char nid[9]; + + + #ifndef WIN32 + #ifdef __OpenBSD__ + srandomdev(); + #else + srandom(time(0) + getpid() + getppid()); + #endif + #else + srandom(time(0) + getpid()); + #endif + + rand1 = random(); + muname = getuname(); + + snprintf(str1, STR_SIZE, "%d%s%d%s",(int)time(0), name, rand1, muname); + snprintf(str2, STR_SIZE, "%s%s%ld", ip, id, (long int)random()); + OS_MD5_Str(str1, md1); + OS_MD5_Str(str2, md2); + + + nid[8] = '\0'; + if(id == NULL) + { + i = 1024; + snprintf(nid, 6, "%d", i); + while(IDExist(nid)) + { + i++; + snprintf(nid, 6, "%d", i); + if(i >= 4000) + { + return(NULL); + } + } + id = nid; + } + + fp = fopen(KEYSFILE_PATH,"a"); + if(!fp) + { + return(NULL); + } + + os_calloc(2048, sizeof(char), finals); + if (ip == NULL){ + snprintf(finals, 2048, "%s %s any %s%s",id, name, md1,md2); + } else { + snprintf(finals, 2048, "%s %s %s %s%s",id, name, ip, md1,md2); + } + fprintf(fp, "%s\n",finals); + + fclose(fp); + return(finals); +} int OS_IsValidID(char *id) { int id_len = 0; int i = 0; - - /* ID must not be null */ + + /* ID must not be null */ if(!id) return(0); id_len = strlen(id); - /* Check ID length, it should contain max. 5 characters */ + /* Check ID length, it should contain max. 8 characters */ if (id_len > 8) return(0); @@ -35,7 +106,7 @@ int OS_IsValidID(char *id) if(!(isdigit((int)id[i]))) return(0); } - + return(1); } @@ -85,7 +156,7 @@ char *getFullnameById(char *id) { continue; } - + ip = strchr(name, ' '); if(ip) { @@ -107,7 +178,7 @@ char *getFullnameById(char *id) snprintf(final_str, FILE_SIZE -1, "%s-%s", name, ip); fclose(fp); - return(final_str); + return(final_str); } } } @@ -124,18 +195,22 @@ int IDExist(char *id) FILE *fp; char line_read[FILE_SIZE +1]; line_read[FILE_SIZE] = '\0'; - - /* ID must not be null */ + + /* ID must not be null */ if(!id) return(0); - fp = fopen(AUTH_FILE, "r"); + if(isChroot()) + fp = fopen(AUTH_FILE, "r"); + else + fp = fopen(KEYSFILE_PATH, "r"); + if(!fp) return(0); - + fseek(fp, 0, SEEK_SET); fgetpos(fp, &fp_pos); - + while(fgets(line_read,FILE_SIZE -1, fp) != NULL) { char *name; @@ -145,7 +220,7 @@ int IDExist(char *id) fgetpos(fp, &fp_pos); continue; } - + name = strchr(line_read, ' '); if(name) { @@ -180,7 +255,7 @@ int OS_IsValidName(char *u_name) /* check if it contains any non-alphanumeric characters */ for(i = 0; i < strlen(u_name); i++) { - if(!isalnum((int)u_name[i]) && (u_name[i] != '-') && + if(!isalnum((int)u_name[i]) && (u_name[i] != '-') && (u_name[i] != '_') && (u_name[i] != '.')) return(0); } @@ -202,7 +277,11 @@ int NameExist(char *u_name) (*u_name == '\n')) return(0); - fp = fopen(AUTH_FILE, "r"); + if(isChroot()) + fp = fopen(AUTH_FILE, "r"); + else + fp = fopen(KEYSFILE_PATH, "r"); + if(!fp) return(0); @@ -228,7 +307,7 @@ int NameExist(char *u_name) { continue; } - + ip = strchr(name, ' '); if(ip) { @@ -261,16 +340,16 @@ int print_agents(int print_status, int active_only, int csv_output) return(0); fseek(fp, 0, SEEK_SET); - + memset(line_read,'\0',FILE_SIZE); - + while(fgets(line_read, FILE_SIZE -1, fp) != NULL) { char *name; if(line_read[0] == '#') continue; - + name = strchr(line_read, ' '); if(name) { @@ -284,7 +363,7 @@ int print_agents(int print_status, int active_only, int csv_output) { continue; } - + ip = strchr(name, ' '); if(ip) { @@ -299,7 +378,7 @@ int print_agents(int print_status, int active_only, int csv_output) printf(PRINT_AVAILABLE); total++; - + if(print_status) { int agt_status = get_agent_status(name, ip); @@ -307,15 +386,15 @@ int print_agents(int print_status, int active_only, int csv_output) { continue; } - + if(csv_output) { - printf("%s,%s,%s,%s,\n", line_read, name, ip, - print_agent_status(agt_status)); + printf("%s,%s,%s,%s,\n", line_read, name, ip, + print_agent_status(agt_status)); } else { - printf(PRINT_AGENT_STATUS, line_read, name, ip, + printf(PRINT_AGENT_STATUS, line_read, name, ip, print_agent_status(agt_status)); } } @@ -324,7 +403,7 @@ int print_agents(int print_status, int active_only, int csv_output) printf(PRINT_AGENT, line_read, name, ip); } } - + } } } @@ -336,7 +415,7 @@ int print_agents(int print_status, int active_only, int csv_output) char *aip = NULL; DIR *dirp; struct dirent *dp; - + if(!csv_output) { printf("\nList of agentless devices:\n"); @@ -379,8 +458,8 @@ int print_agents(int print_status, int active_only, int csv_output) fclose(fp); if(total) return(1); - - return(0); + + return(0); }