X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Fremoted%2Fsyslogtcp.c;h=f7d8d1d46f78cb2e632f4bcdd1f2c127f6336035;hp=d4944c01b2a953f257a9ce953a1ede2908d0d026;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b diff --git a/src/remoted/syslogtcp.c b/src/remoted/syslogtcp.c old mode 100755 new mode 100644 index d4944c0..f7d8d1d --- a/src/remoted/syslogtcp.c +++ b/src/remoted/syslogtcp.c @@ -1,6 +1,3 @@ -/* @(#) $Id: ./src/remoted/syslogtcp.c, 2011/09/08 dcid Exp $ - */ - /* Copyright (C) 2009 Trend Micro Inc. * All right reserved. * @@ -10,71 +7,55 @@ * Foundation */ - - #include "shared.h" #include "os_net/os_net.h" - #include "remoted.h" - -/* OS_IPNotAllowed, v0.1, 2005/02/11 - * Checks if an IP is not allowed. - */ +/* Checks if an IP is not allowed */ static int OS_IPNotAllowed(char *srcip) { - if(logr.denyips != NULL) - { - if(OS_IPFoundList(srcip, logr.denyips)) - { - return(1); + if (logr.denyips != NULL) { + if (OS_IPFoundList(srcip, logr.denyips)) { + return (1); } } - if(logr.allowips != NULL) - { - if(OS_IPFoundList(srcip, logr.allowips)) - { - return(0); + if (logr.allowips != NULL) { + if (OS_IPFoundList(srcip, logr.allowips)) { + return (0); } } - /* If the ip is not allowed, it will be denied */ - return(1); + /* If the IP is not allowed, it will be denied */ + return (1); } - -/** void HandleClient() v0,1 - * Handle each client - */ +/* Handle each client */ static void HandleClient(int client_socket, char *srcip) { int sb_size = OS_MAXSTR; int r_sz = 0; - char buffer[OS_MAXSTR +2]; - char storage_buffer[OS_MAXSTR +2]; - char tmp_buffer[OS_MAXSTR +2]; + char buffer[OS_MAXSTR + 2]; + char storage_buffer[OS_MAXSTR + 2]; + char tmp_buffer[OS_MAXSTR + 2]; char *buffer_pt = NULL; /* Create PID file */ - if(CreatePID(ARGV0, getpid()) < 0) - { - ErrorExit(PID_ERROR,ARGV0); + if (CreatePID(ARGV0, getpid()) < 0) { + ErrorExit(PID_ERROR, ARGV0); } - /* Initializing some variables */ - memset(buffer, '\0', OS_MAXSTR +2); - memset(storage_buffer, '\0', OS_MAXSTR +2); - memset(tmp_buffer, '\0', OS_MAXSTR +2); + /* Initialize some variables */ + memset(buffer, '\0', OS_MAXSTR + 2); + memset(storage_buffer, '\0', OS_MAXSTR + 2); + memset(tmp_buffer, '\0', OS_MAXSTR + 2); - while(1) - { + while (1) { /* If we fail, we need to return and close the socket */ - if((r_sz = OS_RecvTCPBuffer(client_socket, buffer, OS_MAXSTR -2)) < 0) - { + if ((r_sz = OS_RecvTCPBuffer(client_socket, buffer, OS_MAXSTR - 2)) < 0) { close(client_socket); DeletePID(ARGV0); return; @@ -82,11 +63,9 @@ static void HandleClient(int client_socket, char *srcip) /* We must have a new line at the end */ buffer_pt = strchr(buffer, '\n'); - if(!buffer_pt) - { + if (!buffer_pt) { /* Buffer is full */ - if((sb_size - r_sz) <= 2) - { + if ((sb_size - r_sz) <= 2) { merror("%s: Full buffer receiving from: '%s'", ARGV0, srcip); sb_size = OS_MAXSTR; storage_buffer[0] = '\0'; @@ -98,18 +77,17 @@ static void HandleClient(int client_socket, char *srcip) continue; } - /* Seeing if we received more then just one message */ - if(*(buffer_pt +1) != '\0') - { + /* See if we received more than just one message */ + if (*(buffer_pt + 1) != '\0') { *buffer_pt = '\0'; buffer_pt++; strncpy(tmp_buffer, buffer_pt, OS_MAXSTR); } - /* Storing everything on the storage_buffer */ - /* Checking if buffer will be full */ - if((sb_size - r_sz) <= 2) - { + /* Store everything in the storage_buffer + * Check if buffer will be full + */ + if ((sb_size - r_sz) <= 2) { merror("%s: Full buffer receiving from: '%s'.", ARGV0, srcip); sb_size = OS_MAXSTR; storage_buffer[0] = '\0'; @@ -119,136 +97,123 @@ static void HandleClient(int client_socket, char *srcip) strncat(storage_buffer, buffer, sb_size); - - /* Removing carriage returns too */ + /* Remove carriage returns too */ buffer_pt = strchr(storage_buffer, '\r'); - if(buffer_pt) + if (buffer_pt) { *buffer_pt = '\0'; + } - - /* Removing syslog header */ - if(storage_buffer[0] == '<') - { - buffer_pt = strchr(storage_buffer+1, '>'); - if(buffer_pt) - { + /* Remove syslog header */ + if (storage_buffer[0] == '<') { + buffer_pt = strchr(storage_buffer + 1, '>'); + if (buffer_pt) { buffer_pt++; - } - else - { + } else { buffer_pt = storage_buffer; } - } - else - { + } else { buffer_pt = storage_buffer; } + /* Send to the queue */ + if (SendMSG(logr.m_queue, buffer_pt, srcip, SYSLOG_MQ) < 0) { + merror(QUEUE_ERROR, ARGV0, DEFAULTQUEUE, strerror(errno)); - /* Sending to the queue */ - if(SendMSG(logr.m_queue, buffer_pt, srcip,SYSLOG_MQ) < 0) - { - merror(QUEUE_ERROR,ARGV0,DEFAULTQUEUE, strerror(errno)); - if((logr.m_queue = StartMQ(DEFAULTQUEUE,WRITE)) < 0) - { - ErrorExit(QUEUE_FATAL,ARGV0,DEFAULTQUEUE); + if ((logr.m_queue = StartMQ(DEFAULTQUEUE, WRITE)) < 0) { + ErrorExit(QUEUE_FATAL, ARGV0, DEFAULTQUEUE); } } - /* Cleaning up the buffers */ - if(tmp_buffer[0] != '\0') - { + /* Clean up the buffers */ + if (tmp_buffer[0] != '\0') { strncpy(storage_buffer, tmp_buffer, OS_MAXSTR); - sb_size = OS_MAXSTR - (strlen(storage_buffer) +1); + sb_size = OS_MAXSTR - (strlen(storage_buffer) + 1); tmp_buffer[0] = '\0'; - } - else - { + } else { storage_buffer[0] = '\0'; sb_size = OS_MAXSTR; } } } - -/** void HandleSyslogTCP() v0.2 - * Handle syslog tcp connections - */ +/* Handle syslog TCP connections */ void HandleSyslogTCP() { - int client_socket = 0; - int st_errors = 0; int childcount = 0; + char srcip[IPSIZE + 1]; + fd_set fdsave, fdwork; /* select() work areas */ + int fdmax; /* max socket number + 1 */ + int sock; /* active socket */ - char srcip[IPSIZE +1]; - - /* Initializing some variables */ + /* Initialize some variables */ memset(srcip, '\0', IPSIZE + 1); + /* initialize select() save area */ + fdsave = logr.netinfo->fdset; + fdmax = logr.netinfo->fdmax; /* value preset to max fd + 1 */ /* Connecting to the message queue * Exit if it fails. */ - if((logr.m_queue = StartMQ(DEFAULTQUEUE,WRITE)) < 0) - { - ErrorExit(QUEUE_FATAL,ARGV0, DEFAULTQUEUE); + if ((logr.m_queue = StartMQ(DEFAULTQUEUE, WRITE)) < 0) { + ErrorExit(QUEUE_FATAL, ARGV0, DEFAULTQUEUE); } - - /* Infinit loop in here */ - while(1) - { - /* Waiting for the childs .. */ - while (childcount) - { + while (1) { + /* Wait for the children */ + while (childcount) { int wp; - wp = waitpid((pid_t) -1, NULL, WNOHANG); - if (wp < 0) - merror(WAITPID_ERROR, ARGV0); + wp = waitpid((pid_t) - 1, NULL, WNOHANG); + if (wp < 0) { + merror(WAITPID_ERROR, ARGV0, errno, strerror(errno)); + } /* if = 0, we still need to wait for the child process */ - else if (wp == 0) + else if (wp == 0) { break; - else + } else { childcount--; + } } - - /* Accepting new connections */ - client_socket = OS_AcceptTCP(logr.sock, srcip, IPSIZE); - if(client_socket < 0) - { - st_errors++; - } - - /* Checking if IP is allowed here */ - if(OS_IPNotAllowed(srcip)) - { - merror(DENYIP_WARN,ARGV0,srcip); - close(client_socket); - } - - - /* Forking to deal with new client */ - if(fork() == 0) - { - HandleClient(client_socket, srcip); - exit(0); - } - else - { - childcount++; - - /* Closing client socket, since the child is handling it */ - close(client_socket); - continue; - } - - /* The parent process should not reach here */ - return; - } + /* process connections through select() for multiple sockets */ + fdwork = fdsave; + if (select (fdmax, &fdwork, NULL, NULL, NULL) < 0) { + ErrorExit("ERROR: Call to syslogtcp select() failed, errno %d - %s", + errno, strerror (errno)); + } + + /* read through socket list for active socket */ + for (sock = 0; sock <= fdmax; sock++) { + if (FD_ISSET (sock, &fdwork)) { + + /* Accept new connections */ + int client_socket = OS_AcceptTCP(sock, srcip, IPSIZE); + if (client_socket < 0) { + merror("%s: WARN: Accepting tcp connection from client failed.", ARGV0); + continue; + } + + /* Check if IP is allowed here */ + if (OS_IPNotAllowed(srcip)) { + merror(DENYIP_WARN, ARGV0, srcip); + close(client_socket); + continue; + } + + /* Fork to deal with new client */ + if (fork() == 0) { + HandleClient(client_socket, srcip); + exit(0); + } else { + childcount++; + + /* Close client socket, since the child is handling it */ + close(client_socket); + continue; + } + } /* if socket active */ + } /* for() loop on available sockets */ + } /* while(1) loop for messages */ } - - -/* EOF */