1 /* @(#) $Id: ./src/addagent/manage_keys.c, 2011/09/08 dcid Exp $
4 /* Copyright (C) 2009 Trend Micro Inc.
7 * This program is a free software; you can redistribute it
8 * and/or modify it under the terms of the GNU General Public
9 * License (version 2) as published by the FSF - Free Software
12 * License details at the LICENSE file included with OSSEC or
13 * online at: http://www.ossec.net/en/licensing.html
17 #include "manage_agents.h"
18 #include "os_crypto/md5/md5_op.h"
21 /* b64 function prototypes */
22 char *decode_base64(const char *src);
23 char *encode_base64(int size, char *src);
25 char *trimwhitespace(char *str)
30 while(isspace(*str)) str++;
32 if(*str == 0) // All spaces?
35 // Trim trailing space
36 end = str + strlen(str) - 1;
37 while(end > str && isspace(*end)) end--;
39 // Write new null terminator
46 int k_import(char *cmdimport)
52 char *name; char *ip; char *tmp_key;
54 char line_read[FILE_SIZE +1];
63 PROCESS_INFORMATION pi;
68 /* Parsing user argument. */
71 user_input = cmdimport;
77 user_input = getenv("OSSEC_AGENT_KEY");
78 if (user_input == NULL) {
79 user_input = read_from_user();
85 if(strcmp(user_input, QUIT) == 0)
88 b64_dec = decode_base64(user_input);
98 memset(line_read, '\0', FILE_SIZE +1);
99 strncpy(line_read, b64_dec, FILE_SIZE);
102 name = strchr(b64_dec, ' ');
103 if(name && strlen(line_read) < FILE_SIZE)
107 ip = strchr(name, ' ');
113 tmp_key = strchr(ip, ' ');
122 printf(AGENT_INFO, b64_dec, name, ip);
129 user_input = getenv("OSSEC_ACTION_CONFIRMED");
130 if (user_input == NULL) {
131 user_input = read_from_user();
134 if(user_input[0] == 'y' || user_input[0] == 'Y')
136 fp = fopen(KEYS_FILE,"w");
139 ErrorExit(FOPEN_ERROR, ARGV0, KEYS_FILE);
141 fprintf(fp,"%s\n",line_read);
145 chmod(KEYS_FILE, 0440);
147 /* Get cmd location from environment */
148 comspec = getenv("COMSPEC");
149 if (comspec == NULL || strncmp(comspec, "", strlen(comspec) == 0))
151 if(unlink(KEYS_FILE))
153 verbose(AGENT_DELETE_ERROR, KEYS_FILE);
155 ErrorExit(COMPSEC_ERROR);
158 /* Build cacls command */
159 cacls = "echo y|cacls \"%s\" /T /G Administrators:f";
160 caclslen = strlen(cacls) + strlen(KEYS_FILE);
161 char caclscmd[caclslen];
162 snprintf(caclscmd, caclslen, cacls, KEYS_FILE);
164 /* Build final command */
165 cmdlen = strlen(comspec) + 5 + caclslen;
167 snprintf(cmd, cmdlen, "%s /c %s", comspec, caclscmd);
169 /* Log command being run */
170 log2file("%s: INFO: Running the following command (%s)", ARGV0, cmd);
172 ZeroMemory(&si, sizeof(si));
174 ZeroMemory(&pi, sizeof(pi));
176 if(!CreateProcess(NULL, cmd, NULL, NULL, FALSE, CREATE_NO_WINDOW, NULL, NULL,
179 if(unlink(KEYS_FILE))
181 verbose(AGENT_DELETE_ERROR, KEYS_FILE);
183 ErrorExit(PROC_ERROR, cmd);
186 /* Wait until process exits */
187 WaitForSingleObject(pi.hProcess, INFINITE);
189 /* Get exit code from command */
190 result = GetExitCodeProcess(pi.hProcess, &exit_code);
192 /* Close process and thread */
193 CloseHandle(pi.hProcess);
194 CloseHandle(pi.hThread);
198 if(unlink(KEYS_FILE))
200 verbose(AGENT_DELETE_ERROR, KEYS_FILE);
202 ErrorExit(RESULT_ERROR, cmd, GetLastError());
207 if(unlink(KEYS_FILE))
209 verbose(AGENT_DELETE_ERROR, KEYS_FILE);
211 ErrorExit(CACLS_ERROR, cmd, exit_code);
215 /* Removing sender counter. */
216 OS_RemoveCounter("sender");
221 restart_necessary = 1;
224 else /* if(user_input[0] == 'n' || user_input[0] == 'N') */
226 printf("%s", ADD_NOT);
241 /* extract base64 for a specific agent */
242 int k_extract(char *cmdextract)
247 char line_read[FILE_SIZE +1];
248 char n_id[USER_SIZE +1];
253 user_input = cmdextract;
255 if(!IDExist(user_input))
257 printf(NO_ID, user_input);
264 if(!print_agents(0, 0, 0))
276 user_input = read_from_user();
279 if(strcmp(user_input, QUIT) == 0)
282 if(!IDExist(user_input))
283 printf(NO_ID, user_input);
285 } while(!IDExist(user_input));
289 /* Trying to open the auth file */
290 fp = fopen(AUTH_FILE, "r");
293 ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE);
296 fsetpos(fp, &fp_pos);
298 memset(n_id, '\0', USER_SIZE +1);
299 strncpy(n_id, user_input, USER_SIZE -1);
302 if(fgets(line_read, FILE_SIZE, fp) == NULL)
311 b64_enc = encode_base64(strlen(line_read),line_read);
314 printf(EXTRACT_ERROR);
319 printf(EXTRACT_MSG, n_id, b64_enc);
322 printf("\n" PRESS_ENTER);
332 /* Bulk generate client keys from file */
333 int k_bulkload(char *cmdbulk)
337 char str1[STR_SIZE +1];
338 char str2[STR_SIZE +1];
342 char line[FILE_SIZE+1];
343 char name[FILE_SIZE +1];
344 char id[FILE_SIZE +1];
345 char ip[FILE_SIZE+1];
350 /* Checking if we can open the input file */
351 printf("Opening: [%s]\n", cmdbulk);
352 infp = fopen(cmdbulk,"r");
356 ErrorExit(FOPEN_ERROR, ARGV0, cmdbulk);
360 /* Checking if we can open the auth_file */
361 fp = fopen(AUTH_FILE,"a");
364 ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE);
368 /* Allocating for c_ip */
369 os_calloc(1, sizeof(os_ip), c_ip);
371 while(fgets(line, FILE_SIZE - 1, infp) != NULL)
373 if (1 >= strlen(trimwhitespace(line)))
376 memset(ip, '\0', FILE_SIZE +1);
377 token = strtok(line, delims);
378 strncpy(ip, trimwhitespace(token),FILE_SIZE -1);
380 memset(name, '\0', FILE_SIZE +1);
381 token = strtok(NULL, delims);
382 strncpy(name, trimwhitespace(token),FILE_SIZE -1);
385 chmod(AUTH_FILE, 0440);
392 /* Source is time1+ time2 +pid + ppid */
397 srandom(time2 + time1 + getpid() + getppid());
400 srandom(time2 + time1 + getpid());
406 /* Zeroing strings */
407 memset(str1,'\0', STR_SIZE +1);
408 memset(str2,'\0', STR_SIZE +1);
412 if(!OS_IsValidName(name))
414 printf(INVALID_NAME,name);
418 /* Search for name -- no duplicates */
421 printf(ADD_ERROR_NAME, name);
426 if(!OS_IsValidIP(ip, c_ip))
428 printf(IP_ERROR, ip);
433 i = MAX_AGENTS + 32512;
434 snprintf(id, 8, "%03d", i);
438 snprintf(id, 8, "%03d", i);
440 /* No key present, use id 0 */
447 snprintf(id, 8, "%03d", i+1);
449 if(!OS_IsValidID(id))
451 printf(INVALID_ID, id);
455 /* Search for ID KEY -- no duplicates */
458 printf(NO_DEFAULT, i+1);
462 printf(AGENT_INFO, id, name, ip);
469 fp = fopen(AUTH_FILE,"a");
472 ErrorExit(FOPEN_ERROR, ARGV0, KEYS_FILE);
475 chmod(AUTH_FILE, 0440);
479 /* Random 1: Time took to write the agent information.
480 * Random 2: Time took to choose the action.
481 * Random 3: All of this + time + pid
482 * Random 4: Md5 all of this + the name, key and ip
483 * Random 5: Final key
486 snprintf(str1, STR_SIZE, "%d%s%d",time3-time2, name, rand1);
487 snprintf(str2, STR_SIZE, "%d%s%s%d", time2-time1, ip, id, rand2);
489 OS_MD5_Str(str1, md1);
490 OS_MD5_Str(str2, md2);
492 snprintf(str1, STR_SIZE, "%s%d%d%d",md1,(int)getpid(), (int)random(),
494 OS_MD5_Str(str1, md1);
496 //fprintf(fp,"%s %s %s %s%s\n",id, name, ip, md1,md2);
497 fprintf(fp,"%s %s %s %s%s\n",id, name, c_ip->ip, md1,md2);
502 restart_necessary = 1;