int probe_main(probe_ctx *ctx, void *arg)
{
SEXP_t *item_sexp;
item_sexp = probe_item_creat ("process_item", NULL, NULL);
probe_item_setstatus (item_sexp, SYSCHAR_STATUS_NOT_COLLECTED);
probe_item_collect(ctx, item_sexp);
return 0;
}
static int read_environment(SEXP_t *pid_ent, SEXP_t *name_ent, probe_ctx *ctx)
{
int err = 1, pid, fd;
bool empty;
size_t env_name_size;
SEXP_t *env_name, *env_value, *item, *pid_sexp;
DIR *d;
struct dirent *d_entry;
char *buffer, env_file[256], *null_char;
ssize_t buffer_used;
size_t buffer_size;
d = opendir("/proc");
if (d == NULL) {
dE("Can't read /proc: errno=%d, %s.\n", errno, strerror (errno));
return PROBE_EACCESS;
}
if ((buffer = oscap_realloc(NULL, BUFFER_SIZE)) == NULL) {
dE("Can't allocate memory");
closedir(d);
return PROBE_EFAULT;
}
buffer_size = BUFFER_SIZE;
while ((d_entry = readdir(d))) {
if (strspn(d_entry->d_name, "0123456789") != strlen(d_entry->d_name))
continue;
pid = atoi(d_entry->d_name);
pid_sexp = SEXP_number_newi_32(pid);
if (probe_entobj_cmp(pid_ent, pid_sexp) != OVAL_RESULT_TRUE) {
SEXP_free(pid_sexp);
continue;
}
SEXP_free(pid_sexp);
sprintf(env_file, "/proc/%d/environ", pid);
if ((fd = open(env_file, O_RDONLY)) == -1) {
dE("Can't open \"%s\": errno=%d, %s.\n", env_file, errno, strerror (errno));
item = probe_item_create(
OVAL_INDEPENDENT_ENVIRONMENT_VARIABLE58, NULL,
"pid", OVAL_DATATYPE_INTEGER, (int64_t)pid,
NULL
);
probe_item_setstatus(item, SYSCHAR_STATUS_ERROR);
probe_item_add_msg(item, OVAL_MESSAGE_LEVEL_ERROR,
"Can't open \"%s\": errno=%d, %s.", env_file, errno, strerror (errno));
probe_item_collect(ctx, item);
continue;
}
empty = true;
if ((buffer_used = read(fd, buffer, buffer_size - 1)) > 0) {
empty = false;
}
while (! empty) {
while (! (null_char = memchr(buffer, 0, buffer_used))) {
ssize_t s;
if ((size_t)buffer_used >= buffer_size) {
buffer_size += BUFFER_SIZE;
buffer = oscap_realloc(buffer, buffer_size);
if (buffer == NULL) {
dE("Can't allocate memory");
exit(ENOMEM);
}
}
s = read(fd, buffer + buffer_used, buffer_size - buffer_used);
if (s <= 0) {
empty = true;
buffer[buffer_used++] = 0;
}
else {
buffer_used += s;
}
}
do {
char *eq_char = strchr(buffer, '=');
if (eq_char == NULL) {
/* strange but possible:
* $ strings /proc/1218/environ
/dev/input/event0 /dev/input/event1 /dev/input/event4 /dev/input/event3
*/
buffer_used -= null_char + 1 - buffer;
memmove(buffer, null_char + 1, buffer_used);
continue;
}
env_name_size = eq_char - buffer;
env_name = SEXP_string_new(buffer, env_name_size);
env_value = SEXP_string_newf("%s", buffer + env_name_size + 1);
if (probe_entobj_cmp(name_ent, env_name) == OVAL_RESULT_TRUE) {
item = probe_item_create(
OVAL_INDEPENDENT_ENVIRONMENT_VARIABLE58, NULL,
"pid", OVAL_DATATYPE_INTEGER, (int64_t)pid,
"name", OVAL_DATATYPE_SEXP, env_name,
"value", OVAL_DATATYPE_SEXP, env_value,
NULL);
probe_item_collect(ctx, item);
err = 0;
}
SEXP_free(env_name);
SEXP_free(env_value);
buffer_used -= null_char + 1 - buffer;
memmove(buffer, null_char + 1, buffer_used);
} while ((null_char = memchr(buffer, 0, buffer_used)));
}
close(fd);
}
closedir(d);
oscap_free(buffer);
if (err) {
SEXP_t *msg = probe_msg_creatf(OVAL_MESSAGE_LEVEL_ERROR,
"Can't find process with requested PID.");
probe_cobj_add_msg(probe_ctx_getresult(ctx), msg);
SEXP_free(msg);
err = 0;
}
return err;
}
static int file_cb (const char *p, const char *f, void *ptr)
{
char path_buffer[PATH_MAX];
SEXP_t *item, xattr_name;
struct cbargs *args = (struct cbargs *) ptr;
const char *st_path;
ssize_t xattr_count = -1;
char *xattr_buf = NULL;
size_t xattr_buflen = 0, i;
if (f == NULL) {
st_path = p;
} else {
snprintf (path_buffer, sizeof path_buffer, "%s/%s", p, f);
st_path = path_buffer;
}
SEXP_init(&xattr_name);
do {
/* estimate the size of the buffer */
xattr_count = llistxattr(st_path, NULL, 0);
if (xattr_count == 0)
return (0);
if (xattr_count < 0) {
dI("FAIL: llistxattr(%s, %p, %zu): errno=%u, %s.", errno, strerror(errno));
return 0;
}
/* allocate space for xattr names */
xattr_buflen = xattr_count;
xattr_buf = oscap_realloc(xattr_buf, sizeof(char) * xattr_buflen);
/* fill the buffer */
xattr_count = llistxattr(st_path, xattr_buf, xattr_buflen);
/* check & retry if needed */
} while (errno == ERANGE);
if (xattr_count < 0) {
dI("FAIL: llistxattr(%s, %p, %zu): errno=%u, %s.", errno, strerror(errno));
oscap_free(xattr_buf);
}
/* update lastpath if needed */
if (!SEXP_emptyp(&gr_lastpath)) {
if (SEXP_strcmp(&gr_lastpath, p) != 0) {
SEXP_free_r(&gr_lastpath);
SEXP_string_new_r(&gr_lastpath, p, strlen(p));
}
} else
SEXP_string_new_r(&gr_lastpath, p, strlen(p));
i = 0;
/* collect */
do {
SEXP_string_new_r(&xattr_name, xattr_buf + i, strlen(xattr_buf +i));
if (probe_entobj_cmp(args->attr_ent, &xattr_name) == OVAL_RESULT_TRUE) {
ssize_t xattr_vallen = -1;
char *xattr_val = NULL;
xattr_vallen = lgetxattr(st_path, xattr_buf + i, NULL, 0);
retry_value:
if (xattr_vallen >= 0) {
// Check possible buffer overflow
if (sizeof(char) * (xattr_vallen + 1) <= sizeof(char) * xattr_vallen) {
dE("Attribute is too long.");
abort();
}
// Allocate buffer, '+1' is for trailing '\0'
xattr_val = oscap_realloc(xattr_val, sizeof(char) * (xattr_vallen + 1));
// we don't want to override space for '\0' by call of 'lgetxattr'
// we pass only 'xattr_vallen' instead of 'xattr_vallen + 1'
xattr_vallen = lgetxattr(st_path, xattr_buf + i, xattr_val, xattr_vallen);
if (xattr_vallen < 0 || errno == ERANGE)
goto retry_value;
xattr_val[xattr_vallen] = '\0';
item = probe_item_create(OVAL_UNIX_FILEEXTENDEDATTRIBUTE, NULL,
"filepath", OVAL_DATATYPE_STRING, f == NULL ? NULL : st_path,
"path", OVAL_DATATYPE_SEXP, &gr_lastpath,
"filename", OVAL_DATATYPE_STRING, f == NULL ? "" : f,
"attribute_name", OVAL_DATATYPE_SEXP, &xattr_name,
"value", OVAL_DATATYPE_STRING, xattr_val,
NULL);
oscap_free(xattr_val);
} else {
dI("FAIL: lgetxattr(%s, %s, NULL, 0): errno=%u, %s.", errno, strerror(errno));
item = probe_item_create(OVAL_UNIX_FILEEXTENDEDATTRIBUTE, NULL, NULL);
probe_item_setstatus(item, SYSCHAR_STATUS_ERROR);
if (xattr_val != NULL)
oscap_free(xattr_val);
}
probe_item_collect(args->ctx, item); /* XXX: handle ENOMEM */
}
SEXP_free_r(&xattr_name);
/* skip to next name */
while (i < xattr_buflen && xattr_buf[i] != '\0')
++i;
++i;
} while (xattr_buf + i < xattr_buf + xattr_buflen - 1);
oscap_free(xattr_buf);
return (0);
}
static int filehash_cb (const char *p, const char *f, probe_ctx *ctx, oval_schema_version_t over)
{
SEXP_t *itm;
char pbuf[PATH_MAX+1];
size_t plen, flen;
bool include_filepath;
int fd;
if (f == NULL)
return (0);
/*
* Prepare path
*/
plen = strlen (p);
flen = strlen (f);
if (plen + flen + 1 > PATH_MAX)
return (-1);
memcpy (pbuf, p, sizeof (char) * plen);
if (p[plen - 1] != FILE_SEPARATOR) {
pbuf[plen] = FILE_SEPARATOR;
++plen;
}
memcpy (pbuf + plen, f, sizeof (char) * flen);
pbuf[plen+flen] = '\0';
include_filepath = oval_schema_version_cmp(over, OVAL_SCHEMA_VERSION(5.6)) >= 0;
/*
* Open the file
*/
fd = open (pbuf, O_RDONLY);
if (fd < 0) {
strerror_r (errno, pbuf, PATH_MAX);
pbuf[PATH_MAX] = '\0';
itm = probe_item_create(OVAL_INDEPENDENT_FILE_HASH, NULL,
"filepath", OVAL_DATATYPE_STRING, include_filepath ? pbuf : NULL,
"path", OVAL_DATATYPE_STRING, p,
"filename", OVAL_DATATYPE_STRING, f,
NULL
);
probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
"Can't open \"%s\": errno=%d, %s.", pbuf, errno, strerror (errno));
probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
} else {
uint8_t md5_dst[16];
size_t md5_dstlen = sizeof md5_dst;
char md5_str[(sizeof md5_dst * 2) + 1];
uint8_t sha1_dst[20];
size_t sha1_dstlen = sizeof sha1_dst;
char sha1_str[(sizeof sha1_dst * 2) + 1];
/*
* Compute hash values
*/
if (crapi_mdigest_fd (fd, 2,
CRAPI_DIGEST_MD5, md5_dst, &md5_dstlen,
CRAPI_DIGEST_SHA1, sha1_dst, &sha1_dstlen) != 0)
{
close (fd);
return (-1);
}
close (fd);
md5_str[0] = '\0';
sha1_str[0] = '\0';
mem2hex (md5_dst, md5_dstlen, md5_str, sizeof md5_str);
mem2hex (sha1_dst, sha1_dstlen, sha1_str, sizeof sha1_str);
/*
* Create and add the item
*/
itm = probe_item_create(OVAL_INDEPENDENT_FILE_HASH, NULL,
"filepath", OVAL_DATATYPE_STRING, include_filepath ? pbuf : NULL,
"path", OVAL_DATATYPE_STRING, p,
"filename", OVAL_DATATYPE_STRING, f,
"md5", OVAL_DATATYPE_STRING, md5_str,
"sha1", OVAL_DATATYPE_STRING, sha1_str,
NULL);
if (md5_dstlen == 0 || sha1_dstlen == 0)
probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
if (md5_dstlen == 0)
probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
"Unable to compute md5 hash value of \"%s\".", pbuf);
if (sha1_dstlen == 0)
probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
"Unable to compute sha1 hash value of \"%s\".", pbuf);
}
probe_item_collect(ctx, itm);
return (0);
}
static int filehash58_cb (const char *p, const char *f, const char *h, probe_ctx *ctx)
{
SEXP_t *itm;
char pbuf[PATH_MAX+1];
size_t plen, flen;
int fd;
if (f == NULL)
return (0);
/*
* Prepare path
*/
plen = strlen (p);
flen = strlen (f);
if (plen + flen + 1 > PATH_MAX)
return (-1);
memcpy (pbuf, p, sizeof (char) * plen);
if (p[plen - 1] != FILE_SEPARATOR) {
pbuf[plen] = FILE_SEPARATOR;
++plen;
}
memcpy (pbuf + plen, f, sizeof (char) * flen);
pbuf[plen+flen] = '\0';
/*
* Open the file
*/
fd = open (pbuf, O_RDONLY);
if (fd < 0) {
strerror_r (errno, pbuf, PATH_MAX);
pbuf[PATH_MAX] = '\0';
itm = probe_item_create (OVAL_INDEPENDENT_FILE_HASH58, NULL,
"filepath", OVAL_DATATYPE_STRING, pbuf,
"path", OVAL_DATATYPE_STRING, p,
"filename", OVAL_DATATYPE_STRING, f,
"hash_type",OVAL_DATATYPE_STRING, h,
NULL);
probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
"Can't open \"%s\": errno=%d, %s.", pbuf, errno, strerror (errno));
probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
} else {
uint8_t hash_dst[1025];
size_t hash_dstlen = sizeof hash_dst;
char hash_str[2051];
crapi_alg_t hash_type;
hash_type = oscap_string_to_enum(CRAPI_ALG_MAP, h);
hash_dstlen = oscap_string_to_enum(CRAPI_ALG_MAP_SIZE, h);
/*
* Compute hash value
*/
if (crapi_mdigest_fd (fd, 1, hash_type, hash_dst, &hash_dstlen) != 0) {
close (fd);
return (-1);
}
close (fd);
hash_str[0] = '\0';
mem2hex (hash_dst, hash_dstlen, hash_str, sizeof hash_str);
/*
* Create and add the item
*/
itm = probe_item_create(OVAL_INDEPENDENT_FILE_HASH58, NULL,
"filepath", OVAL_DATATYPE_STRING, pbuf,
"path", OVAL_DATATYPE_STRING, p,
"filename", OVAL_DATATYPE_STRING, f,
"hash_type",OVAL_DATATYPE_STRING, h,
"hash", OVAL_DATATYPE_STRING, hash_str,
NULL);
if (hash_dstlen == 0) {
probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
"Unable to compute %s hash value of \"%s\".", h, pbuf);
probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
}
}
probe_item_collect(ctx, itm);
return (0);
}
int probe_main(probe_ctx *ctx, void *mutex)
{
LDAP *ldp;
LDAPMessage *ldpres, *entry;
SEXP_t *se_ldap_behaviors = NULL, *se_relative_dn = NULL;
SEXP_t *se_suffix = NULL, *se_attribute = NULL;
SEXP_t *sa_scope, *sv_op;
SEXP_t *item;
SEXP_t *probe_in;
char *relative_dn = NULL;
char *suffix = NULL, *xattribute = NULL;
char *uri_list, *uri, *uri_save, *attr;
int scope;
char base[2048];
char *attrs[3];
bool a_pattern_match = false, rdn_pattern_match = false;
/* runtime */
#if defined(PROBE_LDAP_MUTEX)
assume_r(mutex != NULL, PROBE_EINIT);
#endif
probe_in = probe_ctx_getobject(ctx);
se_ldap_behaviors = probe_obj_getent(probe_in, "behaviors", 1);
if (se_ldap_behaviors != NULL) {
sa_scope = probe_ent_getattrval(se_ldap_behaviors, "scope");
SEXP_free(se_ldap_behaviors);
if (sa_scope == NULL) {
dE("Atrribute `scope' is missing!");
return (PROBE_ENOATTR);
}
if (!SEXP_stringp(sa_scope)) {
dE("Invalid value type of the `scope' attribute.");
SEXP_free(sa_scope);
return (PROBE_EINVAL);
}
if (SEXP_strcmp(sa_scope, "ONE") == 0)
scope = LDAP_SCOPE_ONELEVEL;
else if (SEXP_strcmp(sa_scope, "BASE") == 0)
scope = LDAP_SCOPE_BASE;
else if (SEXP_strcmp(sa_scope, "SUBTREE") == 0)
scope = LDAP_SCOPE_SUBTREE;
else {
dE("Invalid value of the `scope' attribute.");
SEXP_free(sa_scope);
return (PROBE_EINVAL);
}
SEXP_free(sa_scope);
} else
scope = LDAP_SCOPE_BASE;
#define get_string(dst, se_dst, obj, ent_name) \
do { \
SEXP_t *__sval; \
\
__sval = probe_obj_getentval (obj, ent_name, 1); \
\
if (__sval != NULL) { \
(dst) = SEXP_string_cstr (__sval); \
\
if ((dst) == NULL) { \
SEXP_free(__sval); \
return (PROBE_EINVAL); \
} \
\
(se_dst) = __sval; \
} else { \
return (PROBE_ENOATTR); \
} \
} while (0)
get_string(suffix, se_suffix, probe_in, "suffix");
get_string(relative_dn, se_relative_dn, probe_in, "relative_dn");
get_string(xattribute, se_attribute, probe_in, "attribute");
if ((sv_op = probe_ent_getattrval(se_relative_dn, "operation")) != NULL) {
if (SEXP_number_geti_32(sv_op) == OVAL_OPERATION_PATTERN_MATCH)
rdn_pattern_match = true;
SEXP_free(sv_op);
}
if ((sv_op = probe_ent_getattrval(se_attribute, "operation")) != NULL) {
if (SEXP_number_geti_32(sv_op) == OVAL_OPERATION_PATTERN_MATCH)
a_pattern_match = true;
SEXP_free(sv_op);
}
/*
* Construct the attribute array for ldap_search_*
*
* nil -> "1.1"
* .* -> "*"
* "foo" -> "foo"
*/
attrs[0] = "objectClass";
if (xattribute == NULL)
attrs[1] = strdup("1.1"); /* no attibutes */
else if (a_pattern_match)
attrs[1] = strdup("*"); /* collect all, we'll filter them afterwards */
else
attrs[1] = xattribute; /* no pattern match, use the string directly */
attrs[2] = NULL;
/*
* Construct `base'
*/
assume_r(((relative_dn ? strlen(relative_dn) : 0) +
( suffix ? strlen(suffix) : 0) + 2) < (sizeof base/sizeof(char)),
PROBE_ERANGE);
if (relative_dn != NULL) {
strcpy(base, relative_dn);
strcat(base, ",");
strcat(base, suffix);
} else
strcpy(base, suffix);
/*
* Get URIs
*/
if (ldap_get_option(NULL, LDAP_OPT_URI, &uri_list) != LDAP_OPT_SUCCESS) {
item = probe_item_creat("ldap57_item", NULL, NULL);
probe_item_setstatus(item, SYSCHAR_STATUS_ERROR);
probe_item_collect(ctx, item);
dE("ldap_get_option failed");
goto fail0;
}
/*
* Query each URI
*/
for (;;) {
char *entry_dn = NULL;
if ((uri = strtok_r(uri_list, " ,", &uri_save)) == NULL)
break;
ldp = NULL;
if (ldap_initialize(&ldp, uri) != LDAP_SUCCESS)
continue;
if (ldap_search_ext_s(ldp, base, scope, NULL, attrs, 0,
NULL /* serverctrls */,
NULL /* clientctrls */,
NULL /* timeout */,
0, &ldpres) != LDAP_SUCCESS)
{
item = probe_item_creat("ldap57_item", NULL, NULL);
probe_item_setstatus(item, SYSCHAR_STATUS_ERROR);
probe_item_collect(ctx, item);
dE("ldap_search_ext_s failed");
goto fail0;
}
entry = ldap_first_entry(ldp, ldpres);
entry_dn = ldap_get_dn(ldp, entry);
while (entry != NULL) {
BerElement *berelm = NULL;
attr = ldap_first_attribute(ldp, entry, &berelm);
/* XXX: pattern match filter */
while (attr != NULL) {
SEXP_t *se_value = NULL;
ber_tag_t bertag = LBER_DEFAULT;
ber_len_t berlen = 0;
Sockbuf *berbuf = NULL;
SEXP_t se_tmp_mem;
berbuf = ber_sockbuf_alloc();
/*
* Prepare the value (record) entity. Collect only
* primitive (i.e. simple) types.
*/
se_value = probe_ent_creat1("value", NULL, NULL);
probe_ent_setdatatype(se_value, OVAL_DATATYPE_RECORD);
/*
* XXX: does ber_get_next() return LBER_ERROR after the last value?
*/
while ((bertag = ber_get_next(berbuf, &berlen, berelm)) != LBER_ERROR) {
SEXP_t *field = NULL;
oval_datatype_t field_type = OVAL_DATATYPE_UNKNOWN;
switch(bertag & LBER_ENCODING_MASK) {
case LBER_PRIMITIVE:
dI("Found primitive value, bertag = %u", bertag);
break;
case LBER_CONSTRUCTED:
dW("Don't know how to handle LBER_CONSTRUCTED values");
/* FALLTHROUGH */
default:
dW("Skipping attribute value, bertag = %u", bertag);
continue;
}
assume_d(bertag & LBER_PRIMITIVE, NULL);
switch(bertag & LBER_BIG_TAG_MASK) {
case LBER_BOOLEAN:
{ /* LDAPTYPE_BOOLEAN */
ber_int_t val = -1;
if (ber_get_boolean(berelm, &val) == LBER_ERROR) {
dW("ber_get_boolean: LBER_ERROR");
/* XXX: set error status on field */
continue;
}
assume_d(val != -1, NULL);
field = probe_ent_creat1("field", NULL, SEXP_number_newb_r(&se_tmp_mem, (bool)val));
field_type = OVAL_DATATYPE_BOOLEAN;
SEXP_free_r(&se_tmp_mem);
} break;
case LBER_INTEGER:
{ /* LDAPTYPE_INTEGER */
ber_int_t val = -1;
if (ber_get_int(berelm, &val) == LBER_ERROR) {
dW("ber_get_int: LBER_ERROR");
/* XXX: set error status on field */
continue;
}
field = probe_ent_creat1("field", NULL, SEXP_number_newi_r(&se_tmp_mem, (int)val));
field_type = OVAL_DATATYPE_INTEGER;
SEXP_free_r(&se_tmp_mem);
} break;
case LBER_BITSTRING:
/* LDAPTYPE_BIT_STRING */
dW("LBER_BITSTRING: not implemented");
continue;
case LBER_OCTETSTRING:
{ /*
* LDAPTYPE_PRINTABLE_STRING
* LDAPTYPE_NUMERIC_STRING
* LDAPTYPE_DN_STRING
* LDAPTYPE_BINARY (?)
*/
char *val = NULL;
if (ber_get_stringa(berelm, &val) == LBER_ERROR) {
dW("ber_get_stringa: LBER_ERROR");
/* XXX: set error status on field */
continue;
}
assume_d(val != NULL, NULL);
field = probe_ent_creat1("field", NULL, SEXP_string_new_r(&se_tmp_mem, val, strlen(val)));
field_type = OVAL_DATATYPE_STRING;
SEXP_free_r(&se_tmp_mem);
ber_memfree(val);
} break;
case LBER_NULL:
/* XXX: no equivalent LDAPTYPE_? or empty */
dI("LBER_NULL: skipped");
continue;
case LBER_ENUMERATED:
/* XXX: no equivalent LDAPTYPE_? */
dW("Don't know how to handle LBER_ENUMERATED type");
continue;
default:
dW("Unknown attribute value type, bertag = %u", bertag);
continue;
}
if (field != NULL) {
assume_d(field_type != OVAL_DATATYPE_UNKNOWN, NULL);
probe_ent_setdatatype(field, field_type);
probe_ent_attr_add(field, "name", SEXP_string_new_r(&se_tmp_mem, attr, strlen(attr)));
SEXP_list_add(se_value, field);
SEXP_free_r(&se_tmp_mem);
SEXP_free(field);
}
}
ber_sockbuf_free(berbuf);
/*
* Create the item
*/
item = probe_item_create(OVAL_INDEPENDENT_LDAP57, NULL,
"suffix", OVAL_DATATYPE_STRING, suffix,
"relative_dn", OVAL_DATATYPE_STRING, relative_dn, /* XXX: pattern match */
"attribute", OVAL_DATATYPE_STRING, attr,
"object_class", OVAL_DATATYPE_STRING, "",
"ldaptype", OVAL_DATATYPE_STRING, "",
NULL);
SEXP_list_add(item, se_value);
SEXP_free(se_value);
probe_item_collect(ctx, item);
attr = ldap_next_attribute(ldp, entry, berelm);
}
ber_free(berelm, 0);
ldap_memfree(entry_dn);
entry = ldap_next_entry(ldp, entry);
entry_dn = ldap_get_dn(ldp, entry);
}
/*
* Close the LDAP connection and free resources
*/
ldap_unbind_ext_s(ldp, NULL, NULL);
}
ldap_memfree(uri_list);
fail0:
SEXP_free(se_suffix);
SEXP_free(se_relative_dn);
SEXP_free(se_attribute);
free(suffix);
free(relative_dn);
free(attrs[1]); /* attribute */
return (0);
}
static int filehash_cb (const char *p, const char *f, void *ptr, const SEXP_t *filters)
{
SEXP_t *itm, *r0, *r1;
SEXP_t *cobj = (SEXP_t *) ptr;
char pbuf[PATH_MAX+1];
size_t plen, flen;
int fd;
if (f == NULL)
return (0);
/*
* Prepare path
*/
plen = strlen (p);
flen = strlen (f);
if (plen + flen + 1 > PATH_MAX)
return (-1);
memcpy (pbuf, p, sizeof (char) * plen);
if (p[plen - 1] != FILE_SEPARATOR) {
pbuf[plen] = FILE_SEPARATOR;
++plen;
}
memcpy (pbuf + plen, f, sizeof (char) * flen);
pbuf[plen+flen] = '\0';
/*
* Open the file
*/
fd = open (pbuf, O_RDONLY);
if (fd < 0) {
itm = probe_item_create(OVAL_INDEPENDENT_FILE_MD5, NULL,
"filepath", OVAL_DATATYPE_STRING, pbuf,
"path", OVAL_DATATYPE_STRING, p,
"filename", OVAL_DATATYPE_STRING, f,
NULL);
probe_item_add_msg(itm, OVAL_MESSAGE_LEVEL_ERROR,
"Can't get context for %s: %s\n", pbuf, strerror(errno));
probe_item_setstatus(itm, SYSCHAR_STATUS_ERROR);
} else {
uint8_t md5_dst[16];
size_t md5_dstlen = sizeof md5_dst;
char md5_str[32+1];
/*
* Compute hash values
*/
if (crapi_digest_fd (fd, CRAPI_DIGEST_MD5, &md5_dst, &md5_dstlen) != 0)
{
close (fd);
return (-1);
}
close (fd);
mem2hex (md5_dst, sizeof md5_dst, md5_str, sizeof md5_str);
/*
* Create and add the item
*/
itm = probe_item_create(OVAL_INDEPENDENT_FILE_MD5, NULL,
"filepath", OVAL_DATATYPE_STRING, pbuf,
"path", OVAL_DATATYPE_STRING, p,
"filename", OVAL_DATATYPE_STRING, f,
"md5", OVAL_DATATYPE_STRING, md5_str,
NULL);
}
probe_cobj_add_item(cobj, itm, filters);
SEXP_free (itm);
return (0);
}
