X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Fos_dbd%2Frules.c;fp=src%2Fos_dbd%2Frules.c;h=90649a86836aaa319d2ed7d27c34eff6b11d4613;hp=bce942aa9ef8a62eddafc4e4018ef1aab4ff9dd5;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b diff --git a/src/os_dbd/rules.c b/src/os_dbd/rules.c old mode 100755 new mode 100644 index bce942a..90649a8 --- a/src/os_dbd/rules.c +++ b/src/os_dbd/rules.c @@ -1,6 +1,3 @@ -/* @(#) $Id: ./src/os_dbd/rules.c, 2011/09/08 dcid Exp $ - */ - /* Copyright (C) 2009 Trend Micro Inc. * All rights reserved. * @@ -8,169 +5,134 @@ * and/or modify it under the terms of the GNU General Public * License (version 2) as published by the FSF - Free Software * Foundation - * - * License details at the LICENSE file included with OSSEC or - * online at: http://www.ossec.net/en/licensing.html */ - #include "dbd.h" #include "config/config.h" #include "rules_op.h" +/* Prototypes */ +static int __Groups_SelectGroup(const char *group, const DBConfig *db_config) __attribute((nonnull)); +static int __Groups_InsertGroup(const char *group, const DBConfig *db_config) __attribute((nonnull)); +static int __Groups_SelectGroupMapping(int cat_id, int rule_id, const DBConfig *db_config) __attribute((nonnull)); +static int __Groups_InsertGroupMapping(int cat_id, int rule_id, const DBConfig *db_config) __attribute((nonnull)); +static void _Groups_ReadInsertDB(RuleInfo *rule, const DBConfig *db_config) __attribute((nonnull)); +static void *_Rules_ReadInsertDB(RuleInfo *rule, void *db_config) __attribute((nonnull)); -/** int __Groups_SelectGroup(char *group, DBConfig *db_config) - * Select group (categories) from to the db. - * Returns 0 if not found. +/* Select group (categories) from the db + * Returns 0 if not found */ -int __Groups_SelectGroup(char *group, DBConfig *db_config) +static int __Groups_SelectGroup(const char *group, const DBConfig *db_config) { int result = 0; char sql_query[OS_SIZE_1024]; memset(sql_query, '\0', OS_SIZE_1024); + /* Generate SQL */ + snprintf(sql_query, OS_SIZE_1024 - 1, + "SELECT cat_id FROM " + "category WHERE cat_name = '%s'", + group); - /* Generating SQL */ - snprintf(sql_query, OS_SIZE_1024 -1, - "SELECT cat_id FROM " - "category WHERE cat_name = '%s'", - group); - - - /* Checking return code. */ result = osdb_query_select(db_config->conn, sql_query); - return(result); + return (result); } - -/** int __Groups_InsertGroup(char *group, DBConfig *db_config) - * Insert group (categories) in to the db. - */ -int __Groups_InsertGroup(char *group, DBConfig *db_config) +/* Insert group (categories) in to the db */ +static int __Groups_InsertGroup(const char *group, const DBConfig *db_config) { char sql_query[OS_SIZE_1024]; memset(sql_query, '\0', OS_SIZE_1024); - /* Generating SQL */ - snprintf(sql_query, OS_SIZE_1024 -1, - "INSERT INTO " - "category(cat_name) " - "VALUES ('%s')", - group); - + /* Generate SQL */ + snprintf(sql_query, OS_SIZE_1024 - 1, + "INSERT INTO " + "category(cat_name) " + "VALUES ('%s')", + group); - /* Checking return code. */ - if(!osdb_query_insert(db_config->conn, sql_query)) - { + if (!osdb_query_insert(db_config->conn, sql_query)) { merror(DB_GENERROR, ARGV0); } - return(0); + return (0); } - -/** int __Groups_SelectGroupMapping() - * Select group (categories) from to the db. - * Returns 0 if not found. - */ -int __Groups_SelectGroupMapping(int cat_id, int rule_id, DBConfig *db_config) +static int __Groups_SelectGroupMapping(int cat_id, int rule_id, const DBConfig *db_config) { int result = 0; char sql_query[OS_SIZE_1024]; memset(sql_query, '\0', OS_SIZE_1024); + /* Generate SQL */ + snprintf(sql_query, OS_SIZE_1024 - 1, + "SELECT id FROM signature_category_mapping " + "WHERE cat_id = '%u' AND rule_id = '%u'", + cat_id, rule_id); - /* Generating SQL */ - snprintf(sql_query, OS_SIZE_1024 -1, - "SELECT id FROM signature_category_mapping " - "WHERE cat_id = '%u' AND rule_id = '%u'", - cat_id, rule_id); - - - /* Checking return code. */ result = osdb_query_select(db_config->conn, sql_query); - return(result); + return (result); } - -/** int __Groups_InsertGroup(int cat_id, int rule_id, DBConfig *db_config) - * Insert group (categories) in to the db. - */ -int __Groups_InsertGroupMapping(int cat_id, int rule_id, DBConfig *db_config) +static int __Groups_InsertGroupMapping(int cat_id, int rule_id, const DBConfig *db_config) { char sql_query[OS_SIZE_1024]; memset(sql_query, '\0', OS_SIZE_1024); - /* Generating SQL */ - snprintf(sql_query, OS_SIZE_1024 -1, - "INSERT INTO " - "signature_category_mapping(cat_id, rule_id) " - "VALUES ('%u', '%u')", - cat_id, rule_id); + /* Generate SQL */ + snprintf(sql_query, OS_SIZE_1024 - 1, + "INSERT INTO " + "signature_category_mapping(cat_id, rule_id) " + "VALUES ('%u', '%u')", + cat_id, rule_id); - - /* Checking return code. */ - if(!osdb_query_insert(db_config->conn, sql_query)) - { + if (!osdb_query_insert(db_config->conn, sql_query)) { merror(DB_GENERROR, ARGV0); } - return(0); + return (0); } - - -/** void _Groups_ReadInsertDB(RuleInfo *rule, DBConfig *db_config) - * Insert groups (categories) in to the db. - */ -void _Groups_ReadInsertDB(RuleInfo *rule, DBConfig *db_config) +static void _Groups_ReadInsertDB(RuleInfo *rule, const DBConfig *db_config) { - /* We must insert each group separately. */ + /* We must insert each group separately */ int cat_id; char *tmp_group; char *tmp_str; - debug1("%s: DEBUG: entering _Groups_ReadInsertDB", ARGV0); - /* If group is null, just return */ - if(rule->group == NULL) - { + if (rule->group == NULL) { return; } tmp_str = strchr(rule->group, ','); tmp_group = rule->group; - /* Groups are separated by comma */ - while(tmp_group) - { - if(tmp_str) - { + while (tmp_group) { + if (tmp_str) { *tmp_str = '\0'; tmp_str++; } - /* Removing white spaces */ - while(*tmp_group == ' ') + /* Remove whitespace */ + while (*tmp_group == ' ') { tmp_group++; + } - - /* Checking for empty group */ - if(*tmp_group == '\0') - { + /* Check for empty group */ + if (*tmp_group == '\0') { tmp_group = tmp_str; - if(tmp_group) - { + if (tmp_group) { tmp_str = strchr(tmp_group, ','); } continue; @@ -178,34 +140,26 @@ void _Groups_ReadInsertDB(RuleInfo *rule, DBConfig *db_config) cat_id = __Groups_SelectGroup(tmp_group, db_config); - - /* We firt check if we have this group in the db already. - * If not, we add it. - */ - if(cat_id == 0) - { + /* Check if we have this group in the db already. If not, add it. */ + if (cat_id == 0) { __Groups_InsertGroup(tmp_group, db_config); cat_id = __Groups_SelectGroup(tmp_group, db_config); } - - /* If our cat_id is valid (not zero), we need to insert - * the mapping between the category and the rule. */ - if(cat_id != 0) - { - /* But, we first check if the mapping is already not there. */ - if(!__Groups_SelectGroupMapping(cat_id, rule->sigid, db_config)) - { + /* If cat_id is valid (not zero), insert the mapping between + * the category and the rule + */ + if (cat_id != 0) { + /* First check if the mapping is not already there */ + if (!__Groups_SelectGroupMapping(cat_id, rule->sigid, db_config)) { /* If not, we add it */ __Groups_InsertGroupMapping(cat_id, rule->sigid, db_config); } } - - /* Getting next category */ + /* Get next category */ tmp_group = tmp_str; - if(tmp_group) - { + if (tmp_group) { tmp_str = strchr(tmp_group, ','); } } @@ -213,95 +167,66 @@ void _Groups_ReadInsertDB(RuleInfo *rule, DBConfig *db_config) return; } - - -/** void *_Rules_ReadInsertDB(RuleInfo *rule, void *db_config) - * Insert rules in to the db. - */ -void *_Rules_ReadInsertDB(RuleInfo *rule, void *db_config) +/* Insert rules in to the db */ +static void *_Rules_ReadInsertDB(RuleInfo *rule, void *db_config) { - DBConfig *dbc = (DBConfig *)db_config; char sql_query[OS_SIZE_1024]; memset(sql_query, '\0', OS_SIZE_1024); - - /* Escaping strings */ + /* Escape strings */ osdb_escapestr(rule->group); osdb_escapestr(rule->comment); - - /* Checking level limit */ - if(rule->level > 20) + /* Check level limit */ + if (rule->level > 20) { rule->level = 20; - if(rule->level < 0) + } + if (rule->level < 0) { rule->level = 0; - + } debug1("%s: DEBUG: entering _Rules_ReadInsertDB()", ARGV0); - - /* Checking rule limit */ - if(rule->sigid < 0 || rule->sigid > 9999999) - { + /* Check rule limit */ + if (rule->sigid < 0 || rule->sigid > 9999999) { merror("%s: Invalid rule id: %u", ARGV0, rule->sigid); - return(NULL); + return (NULL); } - - /* Inserting group into the signature mapping */ - _Groups_ReadInsertDB(rule, db_config); - - + /* Insert group into the signature mapping */ + _Groups_ReadInsertDB(rule, (DBConfig *) db_config); debug2("%s: DEBUG: Inserting: %d", ARGV0, rule->sigid); + /* Generate SQL */ + snprintf(sql_query, OS_SIZE_1024 - 1, + "REPLACE INTO " + "signature(rule_id, level, description) " + "VALUES ('%u','%u','%s')", + rule->sigid, rule->level, + rule->comment != NULL ? rule->comment : "NULL"); - /* Generating SQL */ - snprintf(sql_query, OS_SIZE_1024 -1, - "SELECT id FROM signature " - "where rule_id = %u", - rule->sigid); - - if(osdb_query_select(dbc->conn, sql_query) == 0) - { - snprintf(sql_query, OS_SIZE_1024 -1, - "INSERT INTO " - "signature(rule_id, level, description) " - "VALUES ('%u','%u','%s')", - rule->sigid, rule->level, rule->comment); - } - else - { - snprintf(sql_query, OS_SIZE_1024 -1, - "UPDATE signature SET level='%u',description='%s' " - "WHERE rule_id='%u'", - rule->level, rule->comment,rule->sigid); - } - - - /* Checking return code. */ + /* XXX We don't actually insert!? if(!osdb_query_insert(dbc->conn, sql_query)) { merror(DB_GENERROR, ARGV0); } + */ - return(NULL); + return (NULL); } - int OS_InsertRulesDB(DBConfig *db_config) { char **rulesfiles; rulesfiles = db_config->includes; - while(rulesfiles && *rulesfiles) - { + while (rulesfiles && *rulesfiles) { debug1("%s: Reading rules file: '%s'", ARGV0, *rulesfiles); - if(OS_ReadXMLRules(*rulesfiles, _Rules_ReadInsertDB, db_config) < 0) - { + if (OS_ReadXMLRules(*rulesfiles, _Rules_ReadInsertDB, db_config) < 0) { merror(RULES_ERROR, ARGV0, *rulesfiles); - return(-1); + return (-1); } free(*rulesfiles); @@ -312,8 +237,6 @@ int OS_InsertRulesDB(DBConfig *db_config) db_config->includes = NULL; - return(0); + return (0); } - -/* EOF */