X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Fremoted%2Fsyslog.c;h=d581bfd4383953c2c28426da1bb52e5a6edf1324;hp=7011aa8b592cd3ebe1f3f510a2d9cd3cf9017489;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b diff --git a/src/remoted/syslog.c b/src/remoted/syslog.c old mode 100755 new mode 100644 index 7011aa8..d581bfd --- a/src/remoted/syslog.c +++ b/src/remoted/syslog.c @@ -1,6 +1,3 @@ -/* @(#) $Id: ./src/remoted/syslog.c, 2011/09/08 dcid Exp $ - */ - /* Copyright (C) 2009 Trend Micro Inc. * All right reserved. * @@ -10,136 +7,123 @@ * Foundation */ - - #include "shared.h" #include "os_net/os_net.h" - #include "remoted.h" +/* Prototypes */ +static int OS_IPNotAllowed(const char *srcip); -/* OS_IPNotAllowed, v0.1, 2005/02/11 - * Checks if an IP is not allowed. - */ -static int OS_IPNotAllowed(char *srcip) +/* Check if an IP is not allowed */ +static int OS_IPNotAllowed(const char *srcip) { - if(logr.denyips != NULL) - { - if(OS_IPFoundList(srcip, logr.denyips)) - { - return(1); + if (logr.denyips != NULL) { + if (OS_IPFoundList(srcip, logr.denyips)) { + return (1); } } - if(logr.allowips != NULL) - { - if(OS_IPFoundList(srcip, logr.allowips)) - { - return(0); + if (logr.allowips != NULL) { + if (OS_IPFoundList(srcip, logr.allowips)) { + return (0); } } - /* If the ip is not allowed, it will be denied */ - return(1); + /* If the IP is not allowed, it will be denied */ + return (1); } - -/** void HandleSyslog() v0.2 - * Handle syslog connections - */ +/* Handle syslog connections */ void HandleSyslog() { - char buffer[OS_SIZE_1024 +2]; - char srcip[IPSIZE +1]; - + char buffer[OS_SIZE_1024 + 2]; + char srcip[IPSIZE + 1]; char *buffer_pt = NULL; - - int recv_b; - - struct sockaddr_in peer_info; + ssize_t recv_b; + struct sockaddr_storage peer_info; socklen_t peer_size; + fd_set fdsave, fdwork; /* select() work areas */ + int fdmax; /* max socket number + 1 */ + int sock; /* active socket */ - - /* setting peer size */ + /* Set peer size */ peer_size = sizeof(peer_info); + /* Initialize some variables */ + memset(buffer, '\0', OS_SIZE_1024 + 2); - /* Initializing some variables */ - memset(buffer, '\0', OS_SIZE_1024 +2); - + /* initialize select() save area */ + fdsave = logr.netinfo->fdset; + fdmax = logr.netinfo->fdmax; /* value preset to max fd + 1 */ - /* Connecting to the message queue + /* Connect to the message queue * Exit if it fails. */ - if((logr.m_queue = StartMQ(DEFAULTQUEUE,WRITE)) < 0) - { - ErrorExit(QUEUE_FATAL,ARGV0, DEFAULTQUEUE); + if ((logr.m_queue = StartMQ(DEFAULTQUEUE, WRITE)) < 0) { + ErrorExit(QUEUE_FATAL, ARGV0, DEFAULTQUEUE); } - - /* Infinite loop in here */ - while(1) - { - /* Receiving message */ - recv_b = recvfrom(logr.sock, buffer, OS_SIZE_1024, 0, - (struct sockaddr *)&peer_info, &peer_size); - - /* Nothing received */ - if(recv_b <= 0) - continue; - - - /* null terminating the message */ - buffer[recv_b] = '\0'; - - - /* Removing new line */ - if(buffer[recv_b -1] == '\n') - { - buffer[recv_b -1] = '\0'; - } - - /* Setting the source ip */ - strncpy(srcip, inet_ntoa(peer_info.sin_addr), IPSIZE); - srcip[IPSIZE] = '\0'; - - - /* Removing syslog header */ - if(buffer[0] == '<') - { - buffer_pt = strchr(buffer+1, '>'); - if(buffer_pt) - { - buffer_pt++; - } - else - { - buffer_pt = buffer; - } - } - else - { - buffer_pt = buffer; - } - - /* Checking if IP is allowed here */ - if(OS_IPNotAllowed(srcip)) - { - merror(DENYIP_WARN,ARGV0,srcip); + /* Infinite loop */ + while (1) { + /* process connections through select() for multiple sockets */ + fdwork = fdsave; + if (select (fdmax, &fdwork, NULL, NULL, NULL) < 0) { + ErrorExit("ERROR: Call to syslog select() failed, errno %d - %s", + errno, strerror (errno)); } - else if(SendMSG(logr.m_queue, buffer_pt, srcip, - SYSLOG_MQ) < 0) - { - merror(QUEUE_ERROR,ARGV0,DEFAULTQUEUE, strerror(errno)); - if((logr.m_queue = StartMQ(DEFAULTQUEUE,READ)) < 0) - { - ErrorExit(QUEUE_FATAL,ARGV0,DEFAULTQUEUE); - } - } - } + /* read through socket list for active socket */ + for (sock = 0; sock <= fdmax; sock++) { + if (FD_ISSET (sock, &fdwork)) { + + /* Receive message */ + recv_b = recvfrom(sock, buffer, OS_SIZE_1024, 0, + (struct sockaddr *)&peer_info, &peer_size); + + /* Nothing received */ + if (recv_b <= 0) { + continue; + } + + /* Null-terminate the message */ + buffer[recv_b] = '\0'; + + /* Remove newline */ + if (buffer[recv_b - 1] == '\n') { + buffer[recv_b - 1] = '\0'; + } + + /* Set the source IP */ + satop((struct sockaddr *) &peer_info, srcip, IPSIZE); + srcip[IPSIZE] = '\0'; + + /* Remove syslog header */ + if (buffer[0] == '<') { + buffer_pt = strchr(buffer + 1, '>'); + if (buffer_pt) { + buffer_pt++; + } else { + buffer_pt = buffer; + } + } else { + buffer_pt = buffer; + } + + /* Check if IP is allowed here */ + if (OS_IPNotAllowed(srcip)) { + merror(DENYIP_WARN, ARGV0, srcip); + continue; + } + + if (SendMSG(logr.m_queue, buffer_pt, srcip, SYSLOG_MQ) < 0) { + merror(QUEUE_ERROR, ARGV0, DEFAULTQUEUE, strerror(errno)); + + if ((logr.m_queue = StartMQ(DEFAULTQUEUE, WRITE)) < 0) { + ErrorExit(QUEUE_FATAL, ARGV0, DEFAULTQUEUE); + } + } + } /* if socket active */ + } /* for() loop on sockets */ + } /* while(1) loop for messages */ } - - -/* EOF */