X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Frootcheck%2Fcheck_open_ports.c;h=447e959fbf9c56d0c83fc19845b47943616ff31a;hp=519c2c45efa79801238c90a72a4068a8e9c5b919;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b

diff --git a/src/rootcheck/check_open_ports.c b/src/rootcheck/check_open_ports.c
old mode 100755
new mode 100644
index 519c2c4..447e959
--- a/src/rootcheck/check_open_ports.c
+++ b/src/rootcheck/check_open_ports.c
@@ -1,6 +1,3 @@
-/* @(#) $Id: ./src/rootcheck/check_open_ports.c, 2011/09/08 dcid Exp $
- */
-
 /* Copyright (C) 2009 Trend Micro Inc.
  * All right reserved.
  *
@@ -10,130 +7,147 @@
  * Foundation
  */
 
-
 #include "shared.h"
-#include "headers/defs.h"
 #include "headers/debug_op.h"
-
+#include "headers/defs.h"
 #include "rootcheck.h"
 
+#ifndef OSSECHIDS
+
+/* Prototypes */
+static int  connect_to_port(int proto, int port);
+static void try_to_access_ports(void);
+
+/* Global variables */
+static int  _ports_open;
+static int  open_ports_size;
+static char open_ports_str[OS_SIZE_1024 + 1];
 
-int _ports_open;
-int open_ports_size;
-char open_ports_str[OS_SIZE_1024 + 1];
 
-/* connect_to_port */
-int connect_to_port(int proto, int port)
+static int connect_to_port(int proto, int port)
 {
     int rc = 0;
-
     int ossock;
     struct sockaddr_in server;
+    struct sockaddr_in6 server6;
+#ifdef WIN32
+    int salen = sizeof(struct sockaddr_in6);
+#endif
 
-    if(proto == IPPROTO_UDP)
-    {
-        if((ossock = socket(PF_INET,SOCK_DGRAM,IPPROTO_UDP)) < 0)
-            return(0);
-    }
-    else if(proto == IPPROTO_TCP)
-    {
-        if((ossock = socket(PF_INET,SOCK_STREAM,IPPROTO_TCP)) < 0)
-            return(0);
-    }
-    else
-    {
-    	return (0);
+
+    if (proto == IPPROTO_UDP) {
+        if ((ossock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
+            return (0);
+        }
+    } else if (proto == IPPROTO_TCP) {
+        if ((ossock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) < 0) {
+            return (0);
+        }
+    } else {
+        return (0);
     }
 
     memset(&server, 0, sizeof(server));
-    server.sin_family = AF_INET;
-    server.sin_port = htons( port );
+    server.sin_family      = AF_INET;
+    server.sin_port        = htons(port);
     server.sin_addr.s_addr = inet_addr("127.0.0.1");
 
-    if(connect(ossock, (struct sockaddr *)&server, sizeof(server)) == 0)
-    {
+    if (connect(ossock, (struct sockaddr *)&server, sizeof(server)) == 0) {
         rc = 1;
     }
 
     close(ossock);
 
-    return(rc);
+    /* repeat for IPv6 */
+    if (proto == IPPROTO_UDP) {
+        if ((ossock = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP)) < 0) {
+            return(0);
+        }
+    } else if (proto == IPPROTO_TCP) {
+        if ((ossock = socket(PF_INET6, SOCK_STREAM, IPPROTO_TCP)) < 0) {
+            return(0);
+        }
+    }
+
+    memset(&server6, 0, sizeof(server6));
+#ifdef WIN32
+    WSAStringToAddress("::1", AF_INET6, NULL, (LPSOCKADDR) &server6,
+                       (LPINT) &salen);
+#else
+    server6.sin6_family = AF_INET6;
+    inet_pton(AF_INET6, "::1", &server6.sin6_addr.s6_addr);
+#endif
+    server6.sin6_port = htons( port );
+
+    if(connect(ossock, (struct sockaddr *)&server6, sizeof(server6)) == 0) {
+        rc = 1;
+    }
+
+    close(ossock);
+
+    return (rc);
 }
 
-/* try_to_access_ports */
-void try_to_access_ports()
+static void try_to_access_ports()
 {
     int i;
 
-    for(i = 0; i<= 65535; i++)
-    {
-        if(total_ports_tcp[i] && connect_to_port(IPPROTO_TCP, i))
-        {
+    for (i = 0; i <= 65535; i++) {
+        if (total_ports_tcp[i] && connect_to_port(IPPROTO_TCP, i)) {
             char port_proto[64];
 
-            if(_ports_open == 0)
-            {
+            if (_ports_open == 0) {
                 snprintf(port_proto, 64, "\n      %d (tcp),", i);
-            }
-            else
-            {
+            } else {
                 snprintf(port_proto, 64, "%d (tcp),", i);
             }
             strncat(open_ports_str, port_proto, open_ports_size);
-            open_ports_size -= strlen(port_proto) +1;
+            open_ports_size -= strlen(port_proto) + 1;
 
             _ports_open++;
         }
-        if(total_ports_udp[i] && connect_to_port(IPPROTO_UDP, i))
-        {
+
+        if (total_ports_udp[i] && connect_to_port(IPPROTO_UDP, i)) {
             char port_proto[64];
 
-            if(_ports_open == 0)
-            {
+            if (_ports_open == 0) {
                 snprintf(port_proto, 64, "\n      %d (udp),", i);
-            }
-            else
-            {
+            } else {
                 snprintf(port_proto, 64, "%d (udp),", i);
             }
 
             strncat(open_ports_str, port_proto, open_ports_size);
-            open_ports_size -= strlen(port_proto) +1;
+            open_ports_size -= strlen(port_proto) + 1;
 
             _ports_open++;
         }
 
-        if(_ports_open >= 4)
-        {
+        if (_ports_open >= 4) {
             _ports_open = 0;
         }
     }
 
 }
+#endif
 
-
-/*  check_open_ports: v0.1
- *  Check all open ports
- */
 void check_open_ports()
 {
-    memset(open_ports_str, '\0', OS_SIZE_1024 +1);
+#ifndef OSSECHIDS
+    memset(open_ports_str, '\0', OS_SIZE_1024 + 1);
     open_ports_size = OS_SIZE_1024 - 1;
     _ports_open = 0;
 
-    #ifndef OSSECHIDS
     snprintf(open_ports_str, OS_SIZE_1024, "The following ports are open:");
-    open_ports_size-=strlen(open_ports_str) +1;
+    open_ports_size -= strlen(open_ports_str) + 1;
 
     /* Testing All ports */
     try_to_access_ports();
 
-    open_ports_str[strlen(open_ports_str) -1] = '\0';
+    open_ports_str[strlen(open_ports_str) - 1] = '\0';
 
     notify_rk(ALERT_OK, open_ports_str);
 
-    #endif
+#endif
     return;
 }
 
-/* EOF */