1 /* @(#) $Id: ./src/config/global-config.c, 2011/09/08 dcid Exp $
4 /* Copyright (C) 2009 Trend Micro Inc.
7 * This program is a free software; you can redistribute it
8 * and/or modify it under the terms of the GNU General Public
9 * License (version 2) as published by the FSF - Free Software
13 /* Functions to handle the configuration files
18 #include "os_net/os_net.h"
19 #include "global-config.h"
20 #include "mail-config.h"
23 void AssignIgnore_Global(char **ignores, void *configp)
27 Config = (_Config *)configp;
30 Config->syscheck_ignore = ignores;
35 /* GlobalConfSK v0.1: 2006/04/26
36 * v0.1 Getting the ignore fields.
38 int Read_GlobalSK(XML_NODE node, void *configp, void *mailp)
42 char *xml_ignore = "ignore";
43 char *xml_auto_ignore = "auto_ignore";
44 char *xml_alert_new_files = "alert_new_files";
48 Config = (_Config *)configp;
51 /* Shouldn't be here if !Config */
56 /* Getting right white_size */
57 if(Config && Config->syscheck_ignore)
60 ww = Config->syscheck_ignore;
73 merror(XML_ELEMNULL, ARGV0);
76 else if(!node[i]->content)
78 merror(XML_VALUENULL, ARGV0, node[i]->element);
81 else if(strcmp(node[i]->element,xml_auto_ignore) == 0)
83 if(strcmp(node[i]->content, "yes") == 0)
85 Config->syscheck_auto_ignore = 1;
87 else if(strcmp(node[i]->content, "no") == 0)
89 Config->syscheck_auto_ignore = 0;
93 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
97 else if(strcmp(node[i]->element,xml_alert_new_files) == 0)
99 if(strcmp(node[i]->content, "yes") == 0)
101 Config->syscheck_alert_new = 1;
103 else if(strcmp(node[i]->content, "no") == 0)
105 Config->syscheck_alert_new = 0;
109 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
113 else if(strcmp(node[i]->element,xml_ignore) == 0)
116 Config->syscheck_ignore =
117 realloc(Config->syscheck_ignore, sizeof(char *)*ign_size);
118 if(!Config->syscheck_ignore)
120 merror(MEM_ERROR, ARGV0);
124 os_strdup(node[i]->content,Config->syscheck_ignore[ign_size -2]);
125 Config->syscheck_ignore[ign_size -1] = NULL;
134 /* GlobalConf v0.2: 2005/03/03
135 * v0.2: Changing to support the new OS_XML
137 int Read_Global(XML_NODE node, void *configp, void *mailp)
141 /* White list size */
143 int hostname_white_size = 1;
147 /* XML definitions */
148 char *xml_mailnotify = "email_notification";
149 char *xml_logall = "logall";
150 char *xml_integrity = "integrity_checking";
151 char *xml_rootcheckd = "rootkit_detection";
152 char *xml_hostinfo = "host_information";
153 char *xml_picviz = "picviz_output";
154 char *xml_picviz_socket = "picviz_socket";
155 char *xml_prelude = "prelude_output";
156 char *xml_prelude_profile = "prelude_profile";
157 char *xml_prelude_log_level = "prelude_log_level";
158 char *xml_zeromq_output = "zeromq_output";
159 char *xml_zeromq_output_uri = "zeromq_uri";
160 char *xml_stats = "stats";
161 char *xml_memorysize = "memory_size";
162 char *xml_white_list = "white_list";
163 char *xml_compress_alerts = "compress_alerts";
164 char *xml_custom_alert_output = "custom_alert_output";
166 char *xml_emailto = "email_to";
167 char *xml_emailfrom = "email_from";
168 char *xml_emailidsname = "email_idsname";
169 char *xml_smtpserver = "smtp_server";
170 char *xml_mailmaxperhour = "email_maxperhour";
174 char *xml_geoip_db_path = "geoip_db_path";
175 char *xml_geoip6_db_path = "geoip6_db_path";
181 Config = (_Config *)configp;
182 Mail = (MailConfig *)mailp;
184 /* Getting right white_size */
185 if(Config && Config->white_list)
188 ww = Config->white_list;
197 /* Getting right white_size */
198 if(Config && Config->hostname_white_list)
201 ww = Config->hostname_white_list;
205 hostname_white_size++;
210 /* Getting mail_to size */
224 if(!node[i]->element)
226 merror(XML_ELEMNULL, ARGV0);
229 else if(!node[i]->content)
231 merror(XML_VALUENULL, ARGV0, node[i]->element);
234 else if(strcmp(node[i]->element, xml_custom_alert_output) == 0)
238 Config->custom_alert_output= 1;
239 os_strdup(node[i]->content, Config->custom_alert_output_format);
242 /* Mail notification */
243 else if(strcmp(node[i]->element, xml_mailnotify) == 0)
245 if(strcmp(node[i]->content, "yes") == 0)
247 if(Config) Config->mailnotify = 1;
248 if(Mail) Mail->mn = 1;
250 else if(strcmp(node[i]->content, "no") == 0)
252 if(Config) Config->mailnotify = 0;
253 if(Mail) Mail->mn = 0;
257 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
262 else if(strcmp(node[i]->element, xml_picviz) == 0)
264 if(strcmp(node[i]->content, "yes") == 0)
266 if(Config) Config->picviz = 1;
268 else if(strcmp(node[i]->content, "no") == 0)
270 if(Config) Config->picviz = 0;
274 merror(XML_VALUEERR,ARGV0,node[i]->element, node[i]->content);
278 else if(strcmp(node[i]->element, xml_picviz_socket) == 0)
282 os_strdup(node[i]->content, Config->picviz_socket);
285 /* Prelude support */
286 else if(strcmp(node[i]->element, xml_prelude) == 0)
288 if(strcmp(node[i]->content, "yes") == 0)
290 if(Config) Config->prelude = 1;
292 else if(strcmp(node[i]->content, "no") == 0)
294 if(Config) Config->prelude = 0;
298 merror(XML_VALUEERR,ARGV0,node[i]->element, node[i]->content);
302 else if(strcmp(node[i]->element, xml_prelude_profile) == 0)
306 Config->prelude_profile = strdup(node[i]->content);
309 else if(strcmp(node[i]->element, xml_prelude_log_level) == 0)
311 if(!OS_StrIsNum(node[i]->content))
313 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
319 Config->prelude_log_level = atoi(node[i]->content);
323 else if(strcmp(node[i]->element, xml_zeromq_output) == 0)
325 if(strcmp(node[i]->content, "yes") == 0)
327 if(Config) Config->zeromq_output = 1;
329 else if(strcmp(node[i]->content, "no") == 0)
331 if(Config) Config->zeromq_output = 0;
335 merror(XML_VALUEERR,ARGV0,node[i]->element, node[i]->content);
339 else if(strcmp(node[i]->element, xml_zeromq_output_uri) == 0)
343 Config->zeromq_output_uri = strdup(node[i]->content);
347 else if(strcmp(node[i]->element, xml_logall) == 0)
349 if(strcmp(node[i]->content, "yes") == 0)
350 { if(Config) Config->logall = 1;}
351 else if(strcmp(node[i]->content, "no") == 0)
352 {if(Config) Config->logall = 0;}
355 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
359 /* compress alerts */
360 else if(strcmp(node[i]->element, xml_compress_alerts) == 0)
362 /* removed from here -- compatility issues only */
365 else if(strcmp(node[i]->element, xml_integrity) == 0)
367 if(!OS_StrIsNum(node[i]->content))
369 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
374 Config->integrity = atoi(node[i]->content);
378 else if(strcmp(node[i]->element, xml_rootcheckd) == 0)
380 if(!OS_StrIsNum(node[i]->content))
382 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
387 Config->rootcheck = atoi(node[i]->content);
391 else if(strcmp(node[i]->element, xml_hostinfo) == 0)
393 if(!OS_StrIsNum(node[i]->content))
395 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
400 Config->hostinfo = atoi(node[i]->content);
404 else if(strcmp(node[i]->element, xml_stats) == 0)
406 if(!OS_StrIsNum(node[i]->content))
408 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
413 Config->stats = atoi(node[i]->content);
416 else if(strcmp(node[i]->element, xml_memorysize) == 0)
418 if(!OS_StrIsNum(node[i]->content))
420 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
425 Config->memorysize = atoi(node[i]->content);
429 else if(strcmp(node[i]->element, xml_white_list) == 0)
431 /* Windows do not need it */
434 char *ip_address_regex =
435 "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/?"
436 "([0-9]{0,2}|[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})$";
438 if(Config && OS_PRegex(node[i]->content, ip_address_regex))
442 realloc(Config->white_list, sizeof(os_ip *)*white_size);
443 if(!Config->white_list)
445 merror(MEM_ERROR, ARGV0);
449 os_calloc(1, sizeof(os_ip), Config->white_list[white_size -2]);
450 Config->white_list[white_size -1] = NULL;
452 if(!OS_IsValidIP(node[i]->content,
453 Config->white_list[white_size -2]))
455 merror(INVALID_IP, ARGV0,
460 /* Adding hostname */
463 hostname_white_size++;
464 Config->hostname_white_list =
465 realloc(Config->hostname_white_list,
466 sizeof(OSMatch *)*hostname_white_size);
468 if(!Config->hostname_white_list)
470 merror(MEM_ERROR, ARGV0);
475 Config->hostname_white_list[hostname_white_size -2]);
476 Config->hostname_white_list[hostname_white_size -1] = NULL;
480 Config->hostname_white_list[hostname_white_size -2],
483 merror(REGEX_COMPILE, ARGV0, node[i]->content,
484 Config->hostname_white_list
485 [hostname_white_size -2]->error);
495 * email_to, email_from, idsname, smtp_Server and maxperhour.
496 * We will use a separate structure for that.
498 else if(strcmp(node[i]->element, xml_emailto) == 0)
501 if(!OS_PRegex(node[i]->content, "[a-zA-Z0-9\\._-]+@[a-zA-Z0-9\\._-]"))
503 merror("%s: ERROR: Invalid Email address: %s.", ARGV0, node[i]->content);
511 Mail->to = realloc(Mail->to, sizeof(char *)*mailto_size);
514 merror(MEM_ERROR, ARGV0);
518 os_strdup(node[i]->content, Mail->to[mailto_size - 2]);
519 Mail->to[mailto_size - 1] = NULL;
522 else if(strcmp(node[i]->element, xml_emailfrom) == 0)
530 os_strdup(node[i]->content, Mail->from);
533 else if(strcmp(node[i]->element, xml_emailidsname) == 0)
541 os_strdup(node[i]->content, Mail->idsname);
544 else if(strcmp(node[i]->element, xml_smtpserver) == 0)
547 if(Mail && (Mail->mn))
549 Mail->smtpserver = OS_GetHost(node[i]->content, 5);
550 if(!Mail->smtpserver)
552 merror(INVALID_SMTP, ARGV0, node[i]->content);
558 else if(strcmp(node[i]->element, xml_mailmaxperhour) == 0)
562 if(!OS_StrIsNum(node[i]->content))
564 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
567 Mail->maxperhour = atoi(node[i]->content);
569 if((Mail->maxperhour <= 0) || (Mail->maxperhour > 9999))
571 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
577 /* GeoIP v4 DB location */
578 else if(strcmp(node[i]->element, xml_geoip_db_path) == 0)
582 os_strdup(node[i]->content, Config->geoip_db_path);
585 /* GeoIP v6 DB location */
586 else if(strcmp(node[i]->element, xml_geoip6_db_path) == 0)
590 os_strdup(node[i]->content, Config->geoip6_db_path);
596 merror(XML_INVELEM, ARGV0, node[i]->element);