static int os_setdecoderids(const char *p_name) { OSDecoderNode *node; OSDecoderNode *child_node; OSDecoderInfo *nnode; node = OS_GetFirstOSDecoder(p_name); if (!node) { return (0); } do { int p_id = 0; char *tmp_name; nnode = node->osdecoder; nnode->id = getDecoderfromlist(nnode->name); /* Id cannot be 0 */ if (nnode->id == 0) { return (0); } child_node = node->child; if (!child_node) { continue; } /* Set parent id */ p_id = nnode->id; tmp_name = nnode->name; /* Also set on the child nodes */ while (child_node) { nnode = child_node->osdecoder; if (nnode->use_own_name) { nnode->id = getDecoderfromlist(nnode->name); } else { nnode->id = p_id; /* Set parent name */ free(nnode->name); nnode->name = strdup(tmp_name); } /* Id cannot be 0 */ if (nnode->id == 0) { return (0); } child_node = child_node->next; } } while ((node = node->next) != NULL); return (1); }
/* Initialize the necessary information to process the syscheck information */ void SyscheckInit() { int i = 0; sdb.db_err = 0; for (; i <= MAX_AGENTS; i++) { sdb.agent_ips[i] = NULL; sdb.agent_fps[i] = NULL; sdb.agent_cp[i][0] = '0'; } /* Clear db memory */ memset(sdb.buf, '\0', OS_MAXSTR + 1); memset(sdb.comment, '\0', OS_MAXSTR + 1); memset(sdb.size, '\0', OS_FLSIZE + 1); memset(sdb.perm, '\0', OS_FLSIZE + 1); memset(sdb.owner, '\0', OS_FLSIZE + 1); memset(sdb.gowner, '\0', OS_FLSIZE + 1); memset(sdb.md5, '\0', OS_FLSIZE + 1); memset(sdb.sha1, '\0', OS_FLSIZE + 1); memset(sdb.mtime, '\0', OS_FLSIZE + 1); memset(sdb.inode, '\0', OS_FLSIZE + 1); /* Create decoder */ os_calloc(1, sizeof(OSDecoderInfo), sdb.syscheck_dec); sdb.syscheck_dec->id = getDecoderfromlist(SYSCHECK_MOD); sdb.syscheck_dec->name = SYSCHECK_MOD; sdb.syscheck_dec->type = OSSEC_RL; sdb.syscheck_dec->fts = 0; os_calloc(Config.decoder_order_size, sizeof(char *), sdb.syscheck_dec->fields); sdb.syscheck_dec->fields[SCK_FILE] = "file"; sdb.syscheck_dec->fields[SCK_SIZE] = "size"; sdb.syscheck_dec->fields[SCK_PERM] = "perm"; sdb.syscheck_dec->fields[SCK_UID] = "uid"; sdb.syscheck_dec->fields[SCK_GID] = "gid"; sdb.syscheck_dec->fields[SCK_MD5] = "md5"; sdb.syscheck_dec->fields[SCK_SHA1] = "sha1"; sdb.syscheck_dec->fields[SCK_UNAME] = "uname"; sdb.syscheck_dec->fields[SCK_GNAME] = "gname"; sdb.syscheck_dec->fields[SCK_INODE] = "inode"; sdb.id1 = getDecoderfromlist(SYSCHECK_MOD); sdb.id2 = getDecoderfromlist(SYSCHECK_MOD2); sdb.id3 = getDecoderfromlist(SYSCHECK_MOD3); sdb.idn = getDecoderfromlist(SYSCHECK_NEW); sdb.idd = getDecoderfromlist(SYSCHECK_DEL); debug1("%s: SyscheckInit completed.", ARGV0); }
/* Initialize the necessary information to process the rootcheck information */ void RootcheckInit() { int i = 0; rk_err = 0; for (; i < MAX_AGENTS; i++) { rk_agent_ips[i] = NULL; rk_agent_fps[i] = NULL; } /* Zero decoder */ os_calloc(1, sizeof(OSDecoderInfo), rootcheck_dec); rootcheck_dec->id = getDecoderfromlist(ROOTCHECK_MOD); rootcheck_dec->type = OSSEC_RL; rootcheck_dec->name = ROOTCHECK_MOD; rootcheck_dec->fts = 0; debug1("%s: RootcheckInit completed.", ARGV0); return; }
/* SyscheckInit * Initialize the necessary information to process the syscheck information */ void SyscheckInit() { int i = 0; sdb.db_err = 0; for(;i <= MAX_AGENTS;i++) { sdb.agent_ips[i] = NULL; sdb.agent_fps[i] = NULL; sdb.agent_cp[i][0] = '0'; } /* Clearing db memory */ memset(sdb.buf, '\0', OS_MAXSTR +1); memset(sdb.comment, '\0', OS_MAXSTR +1); memset(sdb.size, '\0', OS_FLSIZE +1); memset(sdb.perm, '\0', OS_FLSIZE +1); memset(sdb.owner, '\0', OS_FLSIZE +1); memset(sdb.gowner, '\0', OS_FLSIZE +1); memset(sdb.md5, '\0', OS_FLSIZE +1); memset(sdb.sha1, '\0', OS_FLSIZE +1); /* Creating decoder */ os_calloc(1, sizeof(OSDecoderInfo), sdb.syscheck_dec); sdb.syscheck_dec->id = getDecoderfromlist(SYSCHECK_MOD); sdb.syscheck_dec->name = SYSCHECK_MOD; sdb.syscheck_dec->type = OSSEC_RL; sdb.syscheck_dec->fts = 0; sdb.id1 = getDecoderfromlist(SYSCHECK_MOD); sdb.id2 = getDecoderfromlist(SYSCHECK_MOD2); sdb.id3 = getDecoderfromlist(SYSCHECK_MOD3); sdb.idn = getDecoderfromlist(SYSCHECK_NEW); sdb.idd = getDecoderfromlist(SYSCHECK_DEL); debug1("%s: SyscheckInit completed.", ARGV0); return; }
/* Set decoder ids */ int os_setdecoderids(char *p_name) { OSDecoderNode *node; OSDecoderNode *child_node; OSDecoderInfo *nnode; node = OS_GetFirstOSDecoder(p_name); /* Return if no node... * This shouldn't happen here anyways. */ if(!node) return(0); do { int p_id = 0; char *p_name; nnode = node->osdecoder; nnode->id = getDecoderfromlist(nnode->name); /* Id can noit be 0 */ if(nnode->id == 0) { return(0); } child_node = node->child; if(!child_node) { continue; } /* Setting parent id */ p_id = nnode->id; p_name = nnode->name; /* Also setting on the child nodes */ while(child_node) { nnode = child_node->osdecoder; if(nnode->use_own_name) { nnode->id = getDecoderfromlist(nnode->name); } else { nnode->id = p_id; /* Setting parent name */ nnode->name = p_name; } /* Id can noit be 0 */ if(nnode->id == 0) { return(0); } child_node = child_node->next; } }while((node=node->next) != NULL); return(1); }