3 /* Copyright (C) 2009 Trend Micro Inc.
6 * This program is a free software; you can redistribute it
7 * and/or modify it under the terms of the GNU General Public
8 * License (version 3) as published by the FSF - Free Software
22 ListNode *global_listnode;
23 ListRule *global_listrule;
27 ListNode *_OS_AddList(ListNode *new_listnode);
30 /* Create the ListRule */
31 void OS_CreateListsList()
33 global_listnode = NULL;
34 global_listrule = NULL;
39 /* Get first listnode */
40 ListNode *OS_GetFirstList()
42 ListNode *listnode_pt = global_listnode;
47 ListRule *OS_GetFirstListRule()
49 ListRule *listrule_pt = global_listrule;
53 void OS_ListLoadRules()
55 ListRule *lrule = global_listrule;
60 lrule->db = OS_FindList(lrule->filename);
67 ListRule *_OS_AddListRule(ListRule *new_listrule)
70 if(global_listrule == NULL)
72 global_listrule = new_listrule;
76 ListRule *last_list_rule = global_listrule;
77 while(last_list_rule->next != NULL)
79 last_list_rule = last_list_rule->next;
81 last_list_rule->next = new_listrule;
83 return(global_listrule);
88 /* Add a list in the chain */
89 ListNode *_OS_AddList(ListNode *new_listnode)
91 if(global_listnode == NULL)
94 global_listnode = new_listnode;
98 /* Adding new list to the end */
99 ListNode *last_list_node = global_listnode;
101 while(last_list_node->next != NULL)
103 last_list_node = last_list_node->next;
105 last_list_node->next = new_listnode;
108 return(global_listnode);
111 /* External AddList */
112 int OS_AddList(ListNode *new_listnode)
114 _OS_AddList(new_listnode);
118 ListNode *_OS_FindList(ListNode *_listnode, char *listname)
120 ListNode *last_list_node = OS_GetFirstList();
121 if (last_list_node != NULL) {
124 if (strcmp(last_list_node->txt_filename, listname) == 0 ||
125 strcmp(last_list_node->cdb_filename, listname) == 0)
127 /* Found first match returning */
128 return(last_list_node);
130 last_list_node = last_list_node->next;
131 } while (last_list_node != NULL);
136 ListNode *OS_FindList(char *listname)
138 ListNode *matched = NULL;
139 matched = _OS_FindList(global_listnode, listname);
143 ListRule *OS_AddListRule(ListRule *first_rule_list,
149 ListRule *new_rulelist_pt = NULL;
150 new_rulelist_pt = (ListRule *)calloc(1,sizeof(ListRule));
151 new_rulelist_pt->field = field;
152 new_rulelist_pt->next = NULL;
153 new_rulelist_pt->matcher = matcher;
154 new_rulelist_pt->lookup_type = lookup_type;
155 new_rulelist_pt->filename = listname;
156 if((new_rulelist_pt->db = OS_FindList(listname)) == NULL)
157 new_rulelist_pt->loaded = 0;
159 new_rulelist_pt->loaded = 1;
160 if(first_rule_list == NULL)
162 debug1("Adding First rulelist item: filename: %s field: %d lookup_type: %d",
163 new_rulelist_pt->filename,
164 new_rulelist_pt->field,
165 new_rulelist_pt->lookup_type);
166 first_rule_list = new_rulelist_pt;
170 while(first_rule_list->next)
172 first_rule_list = first_rule_list->next;
174 debug1("Adding rulelist item: filename: %s field: %d lookup_type: %d",
175 new_rulelist_pt->filename,
176 new_rulelist_pt->field,
177 new_rulelist_pt->lookup_type);
178 first_rule_list->next = new_rulelist_pt;
180 return first_rule_list;
183 int _OS_CDBOpen(ListNode *lnode)
186 if (lnode->loaded != 1)
188 if((fd = open(lnode->cdb_filename, O_RDONLY)) == -1)
190 merror(OPEN_ERROR, ARGV0, lnode->cdb_filename, strerror (errno));
193 cdb_init(&lnode->cdb, fd);
199 int OS_DBSearchKeyValue(ListRule *lrule, char *key)
204 if (lrule->db!= NULL)
206 if(_OS_CDBOpen(lrule->db) == -1) return 0;
207 if(cdb_find(&lrule->db->cdb, key, strlen(key)) > 0 ) {
208 vpos = cdb_datapos(&lrule->db->cdb);
209 vlen = cdb_datalen(&lrule->db->cdb);
211 cdb_read(&lrule->db->cdb, val, vlen, vpos);
212 result = OSMatch_Execute(val, vlen, lrule->matcher);
224 int OS_DBSeachKey(ListRule *lrule, char *key)
226 if (lrule->db != NULL)
228 if(_OS_CDBOpen(lrule->db) == -1) return -1;
229 if( cdb_find(&lrule->db->cdb, key, strlen(key)) > 0 ) return 1;
234 int OS_DBSeachKeyAddress(ListRule *lrule, char *key)
238 if (lrule->db != NULL)
240 if(_OS_CDBOpen(lrule->db) == -1) return -1;
241 //snprintf(_ip,128,"%s",key);
242 //XXX Breka apart string on the . boundtrys a loop over to longest match.
244 if( cdb_find(&lrule->db->cdb, key, strlen(key)) > 0 ) {
250 os_strdup(key, tmpkey);
251 while(strlen(tmpkey) > 0)
253 if(tmpkey[strlen(tmpkey) - 1] == '.')
255 if( cdb_find(&lrule->db->cdb, tmpkey, strlen(tmpkey)) > 0 ) {
260 tmpkey[strlen(tmpkey) - 1] = '\0';
268 int OS_DBSearch(ListRule *lrule, char *key)
270 //XXX - god damn hack!!! Jeremy Rossi
271 if (lrule->loaded == 0)
273 lrule->db = OS_FindList(lrule->filename);
276 switch(lrule->lookup_type)
278 case LR_STRING_MATCH:
279 //debug1("LR_STRING_MATCH");
280 if(OS_DBSeachKey(lrule, key) == 1)
285 case LR_STRING_NOT_MATCH:
286 //debug1("LR_STRING_NOT_MATCH");
287 if(OS_DBSeachKey(lrule, key) == 1)
292 case LR_STRING_MATCH_VALUE:
293 //debug1("LR_STRING_MATCH_VALUE");
297 case LR_ADDRESS_MATCH:
298 //debug1("LR_ADDRESS_MATCH");
299 return OS_DBSeachKeyAddress(lrule, key);
301 case LR_ADDRESS_NOT_MATCH:
302 //debug1("LR_ADDRESS_NOT_MATCH");
303 if(OS_DBSeachKeyAddress(lrule, key) == 0)
308 case LR_ADDRESS_MATCH_VALUE:
309 //debug1("LR_ADDRESS_MATCH_VALUE");
314 debug1("lists_list.c::OS_DBSearch should never hit default");