/* int Start_win32_Syscheck() * syscheck main for windows */ int Start_win32_Syscheck() { int r = 0; char *cfg = DEFAULTCPATH; /* Zeroing the structure */ syscheck.workdir = DEFAULTDIR; /* Checking if the configuration is present */ if(File_DateofChange(cfg) < 0) ErrorExit(NO_CONFIG, ARGV0, cfg); /* Read syscheck config */ if((r = Read_Syscheck_Config(cfg)) < 0) { ErrorExit(CONFIG_ERROR, ARGV0, cfg); } /* Disabled */ else if((r == 1) || (syscheck.disabled == 1)) { if(!syscheck.dir) { merror(SK_NO_DIR, ARGV0); dump_syscheck_entry(&syscheck, "", 0, 0, NULL); } else if(!syscheck.dir[0]) { merror(SK_NO_DIR, ARGV0); } syscheck.dir[0] = NULL; if(!syscheck.registry) { dump_syscheck_entry(&syscheck, "", 0, 1, NULL); } syscheck.registry[0] = NULL; merror("%s: WARN: Syscheck disabled.", ARGV0); } /* Reading internal options */ read_internal(); /* Rootcheck config */ if(rootcheck_init(0) == 0) { syscheck.rootcheck = 1; } else { syscheck.rootcheck = 0; merror("%s: WARN: Rootcheck module disabled.", ARGV0); } /* Printing options */ r = 0; while(syscheck.registry[r] != NULL) { verbose("%s: INFO: Monitoring registry entry: '%s'.", ARGV0, syscheck.registry[r]); r++; } r = 0; while(syscheck.dir[r] != NULL) { verbose("%s: INFO: Monitoring directory: '%s'.", ARGV0, syscheck.dir[r]); r++; } /* Start up message */ verbose(STARTUP_MSG, ARGV0, getpid()); /* Some sync time */ sleep(syscheck.tsleep + 10); /* Waiting if agent started properly. */ os_wait(); start_daemon(); exit(0); }
/* syscheck main for Windows */ int Start_win32_Syscheck() { int debug_level = 0; int r = 0; char *cfg = DEFAULTCPATH; /* Read internal options */ read_internal(debug_level); debug1(STARTED_MSG, ARGV0); /* Check if the configuration is present */ if (File_DateofChange(cfg) < 0) { ErrorExit(NO_CONFIG, ARGV0, cfg); } /* Read syscheck config */ if ((r = Read_Syscheck_Config(cfg)) < 0) { ErrorExit(CONFIG_ERROR, ARGV0, cfg); } else if ((r == 1) || (syscheck.disabled == 1)) { /* Disabled */ if (!syscheck.dir) { merror(SK_NO_DIR, ARGV0); dump_syscheck_entry(&syscheck, "", 0, 0, NULL); } else if (!syscheck.dir[0]) { merror(SK_NO_DIR, ARGV0); } syscheck.dir[0] = NULL; if (!syscheck.registry) { dump_syscheck_entry(&syscheck, "", 0, 1, NULL); } syscheck.registry[0].entry = NULL; merror("%s: WARN: Syscheck disabled.", ARGV0); } /* Rootcheck config */ if (rootcheck_init(0) == 0) { syscheck.rootcheck = 1; } else { syscheck.rootcheck = 0; merror("%s: WARN: Rootcheck module disabled.", ARGV0); } /* Print options */ r = 0; while (syscheck.registry[r].entry != NULL) { verbose("%s: INFO: Monitoring registry entry: '%s%s'.", ARGV0, syscheck.registry[r].entry, syscheck.registry[r].arch == ARCH_64BIT ? " [x64]" : ""); r++; } /* Print directories to be monitored */ r = 0; while (syscheck.dir[r] != NULL) { char optstr[ 100 ]; verbose("%s: INFO: Monitoring directory: '%s', with options %s.", ARGV0, syscheck.dir[r], syscheck_opts2str(optstr, sizeof( optstr ), syscheck.opts[r])); r++; } /* Print ignores. */ if(syscheck.ignore) for (r = 0; syscheck.ignore[r] != NULL; r++) verbose("%s: INFO: ignoring: '%s'", ARGV0, syscheck.ignore[r]); /* Print files with no diff. */ if (syscheck.nodiff){ r = 0; while (syscheck.nodiff[r] != NULL) { verbose("%s: INFO: No diff for file: '%s'", ARGV0, syscheck.nodiff[r]); r++; } } /* Start up message */ verbose(STARTUP_MSG, ARGV0, getpid()); /* Some sync time */ sleep(syscheck.tsleep + 10); /* Wait if agent started properly */ os_wait(); start_daemon(); exit(0); }
int main(int argc, char **argv) { int c,r; int test_config = 0,run_foreground = 0; char *cfg = DEFAULTCPATH; /* Zeroing the structure */ syscheck.workdir = NULL; /* Setting the name */ OS_SetName(ARGV0); while((c = getopt(argc, argv, "VtdhfD:c:")) != -1) { switch(c) { case 'V': print_version(); break; case 'h': help(ARGV0); break; case 'd': nowDebug(); break; case 'f': run_foreground = 1; break; case 'D': if(!optarg) ErrorExit("%s: -D needs an argument",ARGV0); syscheck.workdir = optarg; break; case 'c': if(!optarg) ErrorExit("%s: -c needs an argument",ARGV0); cfg = optarg; break; case 't': test_config = 1; break; default: help(ARGV0); break; } } /* Checking if the configuration is present */ if(File_DateofChange(cfg) < 0) ErrorExit(NO_CONFIG, ARGV0, cfg); /* Read syscheck config */ if((r = Read_Syscheck_Config(cfg)) < 0) { ErrorExit(CONFIG_ERROR, ARGV0, cfg); } else if((r == 1) || (syscheck.disabled == 1)) { if(!syscheck.dir) { if(!test_config) merror(SK_NO_DIR, ARGV0); dump_syscheck_entry(&syscheck, "", 0, 0, NULL); } else if(!syscheck.dir[0]) { if(!test_config) merror(SK_NO_DIR, ARGV0); } syscheck.dir[0] = NULL; if(!test_config) { merror("%s: WARN: Syscheck disabled.", ARGV0); } } /* Reading internal options */ read_internal(); /* Rootcheck config */ if(rootcheck_init(test_config) == 0) { syscheck.rootcheck = 1; } else { syscheck.rootcheck = 0; merror("%s: WARN: Rootcheck module disabled.", ARGV0); } /* Exit if testing config */ if(test_config) exit(0); /* Setting default values */ if(syscheck.workdir == NULL) syscheck.workdir = DEFAULTDIR; if(!run_foreground) { nowDaemon(); goDaemon(); } /* Initial time to settle */ sleep(syscheck.tsleep + 2); /* Connect to the queue */ if((syscheck.queue = StartMQ(DEFAULTQPATH,WRITE)) < 0) { merror(QUEUE_ERROR, ARGV0, DEFAULTQPATH, strerror(errno)); sleep(5); if((syscheck.queue = StartMQ(DEFAULTQPATH,WRITE)) < 0) { /* more 10 seconds of wait.. */ merror(QUEUE_ERROR, ARGV0, DEFAULTQPATH, strerror(errno)); sleep(10); if((syscheck.queue = StartMQ(DEFAULTQPATH,WRITE)) < 0) ErrorExit(QUEUE_FATAL,ARGV0,DEFAULTQPATH); } } /* Start the signal handling */ StartSIG(ARGV0); /* Creating pid */ if(CreatePID(ARGV0, getpid()) < 0) merror(PID_ERROR,ARGV0); /* Start up message */ verbose(STARTUP_MSG, ARGV0, (int)getpid()); if(syscheck.rootcheck) { verbose(STARTUP_MSG, "ossec-rootcheck", (int)getpid()); } /* Printing directories to be monitored. */ r = 0; while(syscheck.dir[r] != NULL) { verbose("%s: INFO: Monitoring directory: '%s'.", ARGV0, syscheck.dir[r]); r++; } /* Checking directories set for real time. */ r = 0; while(syscheck.dir[r] != NULL) { if(syscheck.opts[r] & CHECK_REALTIME) { #ifdef USEINOTIFY verbose("%s: INFO: Directory set for real time monitoring: " "'%s'.", ARGV0, syscheck.dir[r]); #elif WIN32 verbose("%s: INFO: Directory set for real time monitoring: " "'%s'.", ARGV0, syscheck.dir[r]); #else verbose("%s: WARN: Ignoring flag for real time monitoring on " "directory: '%s'.", ARGV0, syscheck.dir[r]); #endif } r++; } /* Some sync time */ sleep(syscheck.tsleep + 10); /* Start the daemon */ start_daemon(); return(0); }
/* Syscheck unix main */ int main(int argc, char **argv) { int c, r; int debug_level = 0; int test_config = 0, run_foreground = 0; const char *cfg = DEFAULTCPATH; /* Set the name */ OS_SetName(ARGV0); while ((c = getopt(argc, argv, "Vtdhfc:")) != -1) { switch (c) { case 'V': print_version(); break; case 'h': help_syscheckd(); break; case 'd': nowDebug(); debug_level ++; break; case 'f': run_foreground = 1; break; case 'c': if (!optarg) { ErrorExit("%s: -c needs an argument", ARGV0); } cfg = optarg; break; case 't': test_config = 1; break; default: help_syscheckd(); break; } } /* Read internal options */ read_internal(debug_level); debug1(STARTED_MSG, ARGV0); /* Check if the configuration is present */ if (File_DateofChange(cfg) < 0) { ErrorExit(NO_CONFIG, ARGV0, cfg); } /* Read syscheck config */ if ((r = Read_Syscheck_Config(cfg)) < 0) { ErrorExit(CONFIG_ERROR, ARGV0, cfg); } else if ((r == 1) || (syscheck.disabled == 1)) { if (!syscheck.dir) { if (!test_config) { merror(SK_NO_DIR, ARGV0); } dump_syscheck_entry(&syscheck, "", 0, 0, NULL); } else if (!syscheck.dir[0]) { if (!test_config) { merror(SK_NO_DIR, ARGV0); } } syscheck.dir[0] = NULL; if (!test_config) { merror("%s: WARN: Syscheck disabled.", ARGV0); } } /* Rootcheck config */ if (rootcheck_init(test_config) == 0) { syscheck.rootcheck = 1; } else { syscheck.rootcheck = 0; merror("%s: WARN: Rootcheck module disabled.", ARGV0); } /* Exit if testing config */ if (test_config) { exit(0); } /* Setup libmagic */ #ifdef USE_MAGIC init_magic(&magic_cookie); #endif if (!run_foreground) { nowDaemon(); goDaemon(); } /* Initial time to settle */ sleep(syscheck.tsleep + 2); /* Connect to the queue */ if ((syscheck.queue = StartMQ(DEFAULTQPATH, WRITE)) < 0) { merror(QUEUE_ERROR, ARGV0, DEFAULTQPATH, strerror(errno)); sleep(5); if ((syscheck.queue = StartMQ(DEFAULTQPATH, WRITE)) < 0) { /* more 10 seconds of wait */ merror(QUEUE_ERROR, ARGV0, DEFAULTQPATH, strerror(errno)); sleep(10); if ((syscheck.queue = StartMQ(DEFAULTQPATH, WRITE)) < 0) { ErrorExit(QUEUE_FATAL, ARGV0, DEFAULTQPATH); } } } /* Start signal handling */ StartSIG(ARGV0); /* Create pid */ if (CreatePID(ARGV0, getpid()) < 0) { ErrorExit(PID_ERROR, ARGV0); } /* Start up message */ verbose(STARTUP_MSG, ARGV0, (int)getpid()); if (syscheck.rootcheck) { verbose(STARTUP_MSG, "ossec-rootcheck", (int)getpid()); } /* Print directories to be monitored */ r = 0; while (syscheck.dir[r] != NULL) { char optstr[ 100 ]; verbose("%s: INFO: Monitoring directory: '%s', with options %s.", ARGV0, syscheck.dir[r], syscheck_opts2str(optstr, sizeof( optstr ), syscheck.opts[r])); r++; } /* Print ignores. */ if(syscheck.ignore) for (r = 0; syscheck.ignore[r] != NULL; r++) verbose("%s: INFO: ignoring: '%s'", ARGV0, syscheck.ignore[r]); /* Print files with no diff. */ if (syscheck.nodiff){ r = 0; while (syscheck.nodiff[r] != NULL) { verbose("%s: INFO: No diff for file: '%s'", ARGV0, syscheck.nodiff[r]); r++; } } /* Check directories set for real time */ r = 0; while (syscheck.dir[r] != NULL) { if (syscheck.opts[r] & CHECK_REALTIME) { #ifdef INOTIFY_ENABLED verbose("%s: INFO: Directory set for real time monitoring: " "'%s'.", ARGV0, syscheck.dir[r]); #elif defined(WIN32) verbose("%s: INFO: Directory set for real time monitoring: " "'%s'.", ARGV0, syscheck.dir[r]); #else verbose("%s: WARN: Ignoring flag for real time monitoring on " "directory: '%s'.", ARGV0, syscheck.dir[r]); #endif } r++; } /* Some sync time */ sleep(syscheck.tsleep + 10); /* Start the daemon */ start_daemon(); }
/* Read directories attributes */ static int read_attr(syscheck_config *syscheck, const char *dirs, char **g_attrs, char **g_values) { const char *xml_check_all = "check_all"; const char *xml_check_sum = "check_sum"; const char *xml_check_sha1sum = "check_sha1sum"; const char *xml_check_md5sum = "check_md5sum"; const char *xml_check_size = "check_size"; const char *xml_check_owner = "check_owner"; const char *xml_check_group = "check_group"; const char *xml_check_perm = "check_perm"; const char *xml_check_mtime = "check_mtime"; const char *xml_check_inode = "check_inode"; const char *xml_real_time = "realtime"; const char *xml_report_changes = "report_changes"; const char *xml_restrict = "restrict"; char *restrictfile = NULL; char **dir; char *tmp_str; dir = OS_StrBreak(',', dirs, MAX_DIR_SIZE); /* Max number */ char **dir_org = dir; int ret = 0, i; /* Dir can not be null */ if (dir == NULL) { return (0); } while (*dir) { int j = 0; int opts = 0; char *tmp_dir; char **attrs = NULL; char **values = NULL; tmp_dir = *dir; restrictfile = NULL; /* Remove spaces at the beginning */ while (*tmp_dir == ' ') { tmp_dir++; } /* Remove spaces at the end */ tmp_str = strchr(tmp_dir, ' '); if (tmp_str) { tmp_str++; /* Check if it is really at the end */ if ((*tmp_str == '\0') || (*tmp_str == ' ')) { tmp_str--; *tmp_str = '\0'; } } /* Get the options */ if (!g_attrs || !g_values) { merror(SYSCHECK_NO_OPT, __local_name, dirs); ret = 0; goto out_free; } attrs = g_attrs; values = g_values; while (*attrs && *values) { /* Check all */ if (strcmp(*attrs, xml_check_all) == 0) { if (strcmp(*values, "yes") == 0) { opts |= CHECK_MD5SUM; opts |= CHECK_SHA1SUM; opts |= CHECK_PERM; opts |= CHECK_SIZE; opts |= CHECK_OWNER; opts |= CHECK_GROUP; opts |= CHECK_MTIME; opts |= CHECK_INODE; } else if (strcmp(*values, "no") == 0) { opts &= ~ ( CHECK_MD5SUM | CHECK_SHA1SUM | CHECK_PERM | CHECK_SIZE | CHECK_OWNER | CHECK_GROUP | CHECK_MTIME | CHECK_INODE ); } else { merror(SK_INV_OPT, __local_name, *values, *attrs); ret = 0; goto out_free; } } /* Check sum */ else if (strcmp(*attrs, xml_check_sum) == 0) { if (strcmp(*values, "yes") == 0) { opts |= CHECK_MD5SUM; opts |= CHECK_SHA1SUM; } else if (strcmp(*values, "no") == 0) { opts &= ~ ( CHECK_MD5SUM | CHECK_SHA1SUM ); } else { merror(SK_INV_OPT, __local_name, *values, *attrs); ret = 0; goto out_free; } } /* Check md5sum */ else if (strcmp(*attrs, xml_check_md5sum) == 0) { if (strcmp(*values, "yes") == 0) { opts |= CHECK_MD5SUM; } else if (strcmp(*values, "no") == 0) { opts &= ~ CHECK_MD5SUM; } else { merror(SK_INV_OPT, __local_name, *values, *attrs); ret = 0; goto out_free; } } /* Check sha1sum */ else if (strcmp(*attrs, xml_check_sha1sum) == 0) { if (strcmp(*values, "yes") == 0) { opts |= CHECK_SHA1SUM; } else if (strcmp(*values, "no") == 0) { opts &= ~ CHECK_SHA1SUM; } else { merror(SK_INV_OPT, __local_name, *values, *attrs); ret = 0; goto out_free; } } /* Check permission */ else if (strcmp(*attrs, xml_check_perm) == 0) { if (strcmp(*values, "yes") == 0) { opts |= CHECK_PERM; } else if (strcmp(*values, "no") == 0) { opts &= ~ CHECK_PERM; } else { merror(SK_INV_OPT, __local_name, *values, *attrs); ret = 0; goto out_free; } } /* Check size */ else if (strcmp(*attrs, xml_check_size) == 0) { if (strcmp(*values, "yes") == 0) { opts |= CHECK_SIZE; } else if (strcmp(*values, "no") == 0) { opts &= ~ CHECK_SIZE; } else { merror(SK_INV_OPT, __local_name, *values, *attrs); ret = 0; goto out_free; } } /* Check owner */ else if (strcmp(*attrs, xml_check_owner) == 0) { if (strcmp(*values, "yes") == 0) { opts |= CHECK_OWNER; } else if (strcmp(*values, "no") == 0) { opts &= ~ CHECK_OWNER; } else { merror(SK_INV_OPT, __local_name, *values, *attrs); ret = 0; goto out_free; } } /* Check group */ else if (strcmp(*attrs, xml_check_group) == 0) { if (strcmp(*values, "yes") == 0) { opts |= CHECK_GROUP; } else if (strcmp(*values, "no") == 0) { opts &= ~ CHECK_GROUP; } else { merror(SK_INV_OPT, __local_name, *values, *attrs); ret = 0; goto out_free; } } /* Check modification time */ else if (strcmp(*attrs, xml_check_mtime) == 0) { if (strcmp(*values, "yes") == 0) { opts |= CHECK_MTIME; } else if (strcmp(*values, "no") == 0) { opts &= ~ CHECK_MTIME; } else { merror(SK_INV_OPT, __local_name, *values, *attrs); ret = 0; goto out_free; } } /* Check inode */ else if (strcmp(*attrs, xml_check_inode) == 0) { if (strcmp(*values, "yes") == 0) { opts |= CHECK_INODE; } else if (strcmp(*values, "no") == 0) { opts &= ~ CHECK_INODE; } else { merror(SK_INV_OPT, __local_name, *values, *attrs); ret = 0; goto out_free; } } else if (strcmp(*attrs, xml_real_time) == 0) { if (strcmp(*values, "yes") == 0) { opts |= CHECK_REALTIME; } else if (strcmp(*values, "no") == 0) { opts &= ~ CHECK_REALTIME; } else { merror(SK_INV_OPT, __local_name, *values, *attrs); ret = 0; goto out_free; } } else if (strcmp(*attrs, xml_report_changes) == 0) { if (strcmp(*values, "yes") == 0) { opts |= CHECK_SEECHANGES; } else if (strcmp(*values, "no") == 0) { opts &= ~ CHECK_SEECHANGES; } else { merror(SK_INV_OPT, __local_name, *values, *attrs); ret = 0; goto out_free; } } else if (strcmp(*attrs, xml_restrict) == 0) { if (restrictfile) { free(restrictfile); restrictfile = NULL; } os_strdup(*values, restrictfile); } else { merror(SK_INV_ATTR, __local_name, *attrs); ret = 0; goto out_free; } attrs++; values++; } /* You must have something set */ if (opts == 0) { merror(SYSCHECK_NO_OPT, __local_name, dirs); ret = 0; goto out_free; } /* Add directory - look for the last available */ j = 0; while (syscheck->dir && syscheck->dir[j]) { /* Duplicate entry */ if (strcmp(syscheck->dir[j], tmp_dir) == 0) { merror(SK_DUP, __local_name, tmp_dir); ret = 1; goto out_free; } j++; } /* Check for glob */ /* The mingw32 builder used by travis.ci can't find glob.h * Yet glob must work on actual win32. */ #ifndef __MINGW32__ if (strchr(tmp_dir, '*') || strchr(tmp_dir, '?') || strchr(tmp_dir, '[')) { int gindex = 0; glob_t g; if (glob(tmp_dir, 0, NULL, &g) != 0) { merror(GLOB_ERROR, __local_name, tmp_dir); ret = 1; goto out_free; } if (g.gl_pathv[0] == NULL) { merror(GLOB_NFOUND, __local_name, tmp_dir); ret = 1; goto out_free; } while (g.gl_pathv[gindex]) { dump_syscheck_entry(syscheck, g.gl_pathv[gindex], opts, 0, restrictfile); gindex++; } globfree(&g); } else { dump_syscheck_entry(syscheck, tmp_dir, opts, 0, restrictfile); } #else dump_syscheck_entry(syscheck, tmp_dir, opts, 0, restrictfile); #endif if (restrictfile) { free(restrictfile); restrictfile = NULL; } /* Next entry */ dir++; } ret = 1; out_free: i = 0; while (dir_org[i]) { free(dir_org[i++]); } free(dir_org); free(restrictfile); return ret; }
/* Read Windows registry configuration */ int read_reg(syscheck_config *syscheck, char *entries, int arch) { int i; char **entry; char *tmp_str; /* Get each entry separately */ entry = OS_StrBreak(',', entries, MAX_DIR_SIZE); /* Max number */ if (entry == NULL) { return (0); } while (*entry) { char *tmp_entry; tmp_entry = *entry; /* Remove spaces at the beginning */ while (*tmp_entry == ' ') { tmp_entry++; } /* Remove spaces at the end */ tmp_str = strchr(tmp_entry, ' '); if (tmp_str) { tmp_str++; /* Check if it is really at the end */ if ((*tmp_str == '\0') || (*tmp_str == ' ')) { tmp_str--; *tmp_str = '\0'; } } /* Add entries - look for the last available */ i = 0; while (syscheck->registry && syscheck->registry[i].entry) { int str_len_i; int str_len_dir; str_len_dir = strlen(tmp_entry); str_len_i = strlen(syscheck->registry[i].entry); if (str_len_dir > str_len_i) { str_len_dir = str_len_i; } /* Duplicated entry */ if (syscheck->registry[i].arch == arch && strcmp(syscheck->registry[i].entry, tmp_entry) == 0) { merror(SK_DUP, __local_name, tmp_entry); return (1); } i++; } /* Add new entry */ dump_syscheck_entry(syscheck, tmp_entry, arch, 1, NULL); /* Next entry */ entry++; } return (1); }
/* Read directories attributes */ int read_attr(config *syscheck, char *dirs, char **g_attrs, char **g_values) { char *xml_check_all = "check_all"; char *xml_check_sum = "check_sum"; char *xml_check_sha1sum = "check_sha1sum"; char *xml_check_md5sum = "check_md5sum"; char *xml_check_size = "check_size"; char *xml_check_owner = "check_owner"; char *xml_check_group = "check_group"; char *xml_check_perm = "check_perm"; char *xml_real_time = "realtime"; char *xml_report_changes = "report_changes"; char *xml_restrict = "restrict"; char *restrictfile = NULL; char **dir; char *tmp_str; dir = OS_StrBreak(',', dirs, MAX_DIR_SIZE); /* Max number */ char **dir_org = dir; int ret = 0, i; /* Dir can not be null */ if(dir == NULL) { return(0); } /* Doing it for each directory */ while(*dir) { int i = 0; int opts = 0; char *tmp_dir; char **attrs = NULL; char **values = NULL; tmp_dir = *dir; restrictfile = NULL; /* Removing spaces at the beginning */ while(*tmp_dir == ' ') { tmp_dir++; } /* Removing spaces at the end */ tmp_str = strchr(tmp_dir, ' '); if(tmp_str) { tmp_str++; /* Checking if it is really at the end */ if((*tmp_str == '\0') || (*tmp_str == ' ')) { tmp_str--; *tmp_str = '\0'; } } /* Getting the options */ if(!g_attrs || !g_values) { merror(SYSCHECK_NO_OPT, ARGV0, dirs); ret = 0; goto out_free; } attrs = g_attrs; values = g_values; while(*attrs && *values) { /* Checking all */ if(strcmp(*attrs, xml_check_all) == 0) { if(strcmp(*values, "yes") == 0) { opts|=CHECK_MD5SUM; opts|=CHECK_SHA1SUM; opts|=CHECK_PERM; opts|=CHECK_SIZE; opts|=CHECK_OWNER; opts|=CHECK_GROUP; } else if(strcmp(*values, "no") == 0) { } else { merror(SK_INV_OPT, ARGV0, *values, *attrs); ret = 0; goto out_free; } } /* Checking sum */ else if(strcmp(*attrs, xml_check_sum) == 0) { if(strcmp(*values, "yes") == 0) { opts|=CHECK_MD5SUM; opts|=CHECK_SHA1SUM; } else if(strcmp(*values, "no") == 0) { } else { merror(SK_INV_OPT, ARGV0, *values, *attrs); ret = 0; goto out_free; } } /* Checking md5sum */ else if(strcmp(*attrs, xml_check_md5sum) == 0) { if(strcmp(*values, "yes") == 0) { opts|=CHECK_MD5SUM; } else if(strcmp(*values, "no") == 0) { } else { merror(SK_INV_OPT, ARGV0, *values, *attrs); ret = 0; goto out_free; } } /* Checking sha1sum */ else if(strcmp(*attrs, xml_check_sha1sum) == 0) { if(strcmp(*values, "yes") == 0) { opts|=CHECK_SHA1SUM; } else if(strcmp(*values, "no") == 0) { } else { merror(SK_INV_OPT, ARGV0, *values, *attrs); ret = 0; goto out_free; } } /* Checking permission */ else if(strcmp(*attrs, xml_check_perm) == 0) { if(strcmp(*values, "yes") == 0) { opts|=CHECK_PERM; } else if(strcmp(*values, "no") == 0) { } else { merror(SK_INV_OPT, ARGV0, *values, *attrs); ret = 0; goto out_free; } } /* Checking size */ else if(strcmp(*attrs, xml_check_size) == 0) { if(strcmp(*values, "yes") == 0) { opts|=CHECK_SIZE; } else if(strcmp(*values, "no") == 0) { } else { merror(SK_INV_OPT, ARGV0, *values, *attrs); ret = 0; goto out_free; } } /* Checking owner */ else if(strcmp(*attrs, xml_check_owner) == 0) { if(strcmp(*values, "yes") == 0) { opts|=CHECK_OWNER; } else if(strcmp(*values, "no") == 0) { } else { merror(SK_INV_OPT, ARGV0, *values, *attrs); ret = 0; goto out_free; } } /* Checking group */ else if(strcmp(*attrs, xml_check_group) == 0) { if(strcmp(*values, "yes") == 0) { opts|=CHECK_GROUP; } else if(strcmp(*values, "no") == 0) { } else { merror(SK_INV_OPT, ARGV0, *values, *attrs); ret = 0; goto out_free; } } else if(strcmp(*attrs, xml_real_time) == 0) { if(strcmp(*values, "yes") == 0) { opts|=CHECK_REALTIME; } else if(strcmp(*values, "no") == 0) { } else { merror(SK_INV_OPT, ARGV0, *values, *attrs); ret = 0; goto out_free; } } else if(strcmp(*attrs, xml_report_changes) == 0) { if(strcmp(*values, "yes") == 0) { opts|=CHECK_SEECHANGES; } else if(strcmp(*values, "no") == 0) { } else { merror(SK_INV_OPT, ARGV0, *values, *attrs); ret = 0; goto out_free; } } else if(strcmp(*attrs, xml_restrict) == 0) { os_strdup(*values, restrictfile); } else { merror(SK_INV_ATTR, ARGV0, *attrs); ret = 0; goto out_free; } attrs++; values++; } /* You must have something set */ if(opts == 0) { merror(SYSCHECK_NO_OPT, ARGV0, dirs); if(restrictfile) free(restrictfile); ret = 0; goto out_free; } /* Adding directory - looking for the last available */ i = 0; while(syscheck->dir && syscheck->dir[i]) { int str_len_i; int str_len_dir; str_len_dir = strlen(tmp_dir); str_len_i = strlen(syscheck->dir[i]); if(str_len_dir > str_len_i) { str_len_dir = str_len_i; } /* Duplicate entry */ if(strcmp(syscheck->dir[i], tmp_dir) == 0) { merror(SK_DUP, ARGV0, tmp_dir); ret = 1; goto out_free; } i++; } /* Checking for glob. */ #ifndef WIN32 if(strchr(tmp_dir, '*') || strchr(tmp_dir, '?') || strchr(tmp_dir, '[')) { int gindex = 0; glob_t g; if(glob(tmp_dir, 0, NULL, &g) != 0) { merror(GLOB_ERROR, ARGV0, tmp_dir); ret = 1; goto out_free; } if(g.gl_pathv[0] == NULL) { merror(GLOB_NFOUND, ARGV0, tmp_dir); ret = 1; goto out_free; } while(g.gl_pathv[gindex]) { dump_syscheck_entry(syscheck, g.gl_pathv[gindex], opts, 0, restrictfile); gindex++; } globfree(&g); } else { dump_syscheck_entry(syscheck, tmp_dir, opts, 0, restrictfile); } #else dump_syscheck_entry(syscheck, tmp_dir, opts, 0, restrictfile); #endif if(restrictfile) { free(restrictfile); restrictfile = NULL; } /* Next entry */ dir++; } ret = 1; out_free: i = 0; while(dir_org[i]) free(dir_org[i++]); free(dir_org); return ret; }
int read_reg(config *syscheck, char *entries) { int i; char **entry; char *tmp_str; /* Getting each entry separately */ entry = OS_StrBreak(',', entries, MAX_DIR_SIZE); /* Max number */ /* entry can not be null */ if(entry == NULL) { return(0); } /* Doing it for each Entry */ while(*entry) { char *tmp_entry; tmp_entry = *entry; /* Removing spaces at the beginning */ while(*tmp_entry == ' ') { tmp_entry++; } /* Removing spaces at the end */ tmp_str = strchr(tmp_entry, ' '); if(tmp_str) { tmp_str++; /* Checking if it is really at the end */ if((*tmp_str == '\0') || (*tmp_str == ' ')) { tmp_str--; *tmp_str = '\0'; } } /* Adding entries - looking for the last available */ i = 0; while(syscheck->registry && syscheck->registry[i]) { int str_len_i; int str_len_dir; str_len_dir = strlen(tmp_entry); str_len_i = strlen(syscheck->registry[i]); if(str_len_dir > str_len_i) { str_len_dir = str_len_i; } /* Duplicated entry */ if(strcmp(syscheck->registry[i], tmp_entry) == 0) { merror(SK_DUP, ARGV0, tmp_entry); return(1); } i++; } /* Adding new entry */ dump_syscheck_entry(syscheck, tmp_entry, 0, 1, NULL); /* Next entry */ entry++; } return(1); }