X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Fremoted%2Fmain.c;fp=src%2Fremoted%2Fmain.c;h=65900a729377cfa26928e4607994e76a1bb5e5c2;hp=e02f9bfd6ae604943e1a270aa0289aa656c82bd3;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b diff --git a/src/remoted/main.c b/src/remoted/main.c old mode 100755 new mode 100644 index e02f9bf..65900a7 --- a/src/remoted/main.c +++ b/src/remoted/main.c @@ -1,6 +1,3 @@ -/* @(#) $Id: ./src/remoted/main.c, 2011/09/08 dcid Exp $ - */ - /* Copyright (C) 2009 Trend Micro Inc. * All right reserved. * @@ -10,36 +7,56 @@ * Foundation */ - - #include "shared.h" #include "remoted.h" +/* Prototypes */ +static void help_remoted(void) __attribute__((noreturn)); + + +/* Print help statement */ +static void help_remoted() +{ + print_header(); + print_out(" %s: -[Vhdtf] [-u user] [-g group] [-c config] [-D dir]", ARGV0); + print_out(" -V Version and license message"); + print_out(" -h This help message"); + print_out(" -d Execute in debug mode. This parameter"); + print_out(" can be specified multiple times"); + print_out(" to increase the debug level."); + print_out(" -t Test configuration"); + print_out(" -f Run in foreground"); + print_out(" -u User to run as (default: %s)", REMUSER); + print_out(" -g Group to run as (default: %s)", GROUPGLOBAL); + print_out(" -c Configuration file to use (default: %s)", DEFAULTCPATH); + print_out(" -D Directory to chroot into (default: %s)", DEFAULTDIR); + print_out(" "); + exit(1); +} int main(int argc, char **argv) { - int i = 0,c = 0; - int uid = 0, gid = 0; + int i = 0, c = 0; + uid_t uid; + gid_t gid; int debug_level = 0; - int test_config = 0,run_foreground = 0; - - char *cfg = DEFAULTCPATH; - char *dir = DEFAULTDIR; - char *user = REMUSER; - char *group = GROUPGLOBAL; + int test_config = 0, run_foreground = 0; + const char *cfg = DEFAULTCPATH; + const char *dir = DEFAULTDIR; + const char *user = REMUSER; + const char *group = GROUPGLOBAL; - /* Setting the name -- must be done ASAP */ + /* Set the name */ OS_SetName(ARGV0); - - while((c = getopt(argc, argv, "Vdthfu:g:c:D:")) != -1){ - switch(c){ + while ((c = getopt(argc, argv, "Vdthfu:g:c:D:")) != -1) { + switch (c) { case 'V': print_version(); break; case 'h': - help(ARGV0); + help_remoted(); break; case 'd': nowDebug(); @@ -49,136 +66,124 @@ int main(int argc, char **argv) run_foreground = 1; break; case 'u': - if(!optarg) - ErrorExit("%s: -u needs an argument",ARGV0); + if (!optarg) { + ErrorExit("%s: -u needs an argument", ARGV0); + } user = optarg; break; case 'g': - if(!optarg) - ErrorExit("%s: -g needs an argument",ARGV0); + if (!optarg) { + ErrorExit("%s: -g needs an argument", ARGV0); + } group = optarg; break; case 't': test_config = 1; break; case 'c': - if (!optarg) + if (!optarg) { ErrorExit("%s: -c need an argument", ARGV0); + } cfg = optarg; break; case 'D': - if(!optarg) - ErrorExit("%s: -D needs an argument",ARGV0); + if (!optarg) { + ErrorExit("%s: -D needs an argument", ARGV0); + } dir = optarg; break; + default: + help_remoted(); + break; } } /* Check current debug_level * Command line setting takes precedence */ - if (debug_level == 0) - { - /* Getting debug level */ + if (debug_level == 0) { + /* Get debug level */ debug_level = getDefine_Int("remoted", "debug", 0, 2); - while(debug_level != 0) - { + while (debug_level != 0) { nowDebug(); debug_level--; } } - - debug1(STARTED_MSG,ARGV0); - + debug1(STARTED_MSG, ARGV0); /* Return 0 if not configured */ - if(RemotedConfig(cfg, &logr) < 0) - { + if (RemotedConfig(cfg, &logr) < 0) { ErrorExit(CONFIG_ERROR, ARGV0, cfg); } - /* Exit if test_config is set */ - if(test_config) + if (test_config) { exit(0); + } - if(logr.conn == NULL) - { - /* Not configured. */ + if (logr.conn == NULL) { + /* Not configured */ exit(0); } + /* Don't exit when client.keys empty (if set) */ + if (getDefine_Int("remoted", "pass_empty_keyfile", 0, 1)) { + OS_PassEmptyKeyfile(); + } + + /* Check if the user and group given are valid */ uid = Privsep_GetUser(user); gid = Privsep_GetGroup(group); - if((uid < 0)||(gid < 0)) + if (uid == (uid_t) - 1 || gid == (gid_t) - 1) { ErrorExit(USER_ERROR, ARGV0, user, group); + } + /* Setup random */ + srandom_init(); /* pid before going daemon */ i = getpid(); - - if(!run_foreground) - { + if (!run_foreground) { nowDaemon(); goDaemon(); } + /* Set new group */ + if (Privsep_SetGroup(gid) < 0) { + ErrorExit(SETGID_ERROR, ARGV0, group, errno, strerror(errno)); + } - /* Setting new group */ - if(Privsep_SetGroup(gid) < 0) - ErrorExit(SETGID_ERROR, ARGV0, group); - - /* Going on chroot */ - if(Privsep_Chroot(dir) < 0) - ErrorExit(CHROOT_ERROR,ARGV0,dir); - - + /* chroot */ + if (Privsep_Chroot(dir) < 0) { + ErrorExit(CHROOT_ERROR, ARGV0, dir, errno, strerror(errno)); + } nowChroot(); - - /* Starting the signal manipulation */ + /* Start the signal manipulation */ StartSIG(ARGV0); - - /* Creating some randoness */ - #ifdef __OpenBSD__ - srandomdev(); - #else - srandom( time(0) + getpid()+ i); - #endif - random(); - /* Start up message */ verbose(STARTUP_MSG, ARGV0, (int)getpid()); - - /* Really starting the program. */ + /* Really start the program */ i = 0; - while(logr.conn[i] != 0) - { - /* Forking for each connection handler */ - if(fork() == 0) - { + while (logr.conn[i] != 0) { + /* Fork for each connection handler */ + if (fork() == 0) { /* On the child */ - debug1("%s: DEBUG: Forking remoted: '%d'.",ARGV0, i); + debug1("%s: DEBUG: Forking remoted: '%d'.", ARGV0, i); HandleRemote(i, uid); - } - else - { + } else { i++; continue; } } - - /* Done over here */ - return(0); + return (0); } - -/* EOF */