void WinTimeoutRun(int curr_time)
{
/* Checking if there is any timeouted command to execute. */
timeout_node = OSList_GetFirstNode(timeout_list);
while(timeout_node)
{
timeout_data *list_entry;
list_entry = (timeout_data *)timeout_node->data;
/* Timeouted */
if((curr_time - list_entry->time_of_addition) >
list_entry->time_to_block)
{
ExecCmd_Win32(list_entry->command[0]);
/* Deletecurrently node already sets the pointer to next */
OSList_DeleteCurrentlyNode(timeout_list);
timeout_node = OSList_GetCurrentlyNode(timeout_list);
/* Clearing the memory */
FreeTimeoutEntry(list_entry);
}
else
{
timeout_node = OSList_GetNextNode(timeout_list);
}
}
}
/* is_process: Check is a process is running.
*/
int is_process(char *value, void *p_list_p)
{
OSList *p_list = (OSList *)p_list_p;
OSListNode *l_node;
if(p_list == NULL)
{
return(0);
}
if(!value)
{
return(0);
}
l_node = OSList_GetFirstNode(p_list);
while(l_node)
{
Proc_Info *pinfo;
pinfo = (Proc_Info *)l_node->data;
/* Checking if value matches */
if(pt_matches(pinfo->p_path, value))
{
int i = 0;
char _b_msg[OS_SIZE_1024 +1];
_b_msg[OS_SIZE_1024] = '\0';
snprintf(_b_msg, OS_SIZE_1024, " Process: %s.",
pinfo->p_path);
/* Already present. */
if(_is_str_in_array(rootcheck.alert_msg, _b_msg))
{
return(1);
}
while(rootcheck.alert_msg[i] && (i< 255))
i++;
if(!rootcheck.alert_msg[i])
os_strdup(_b_msg, rootcheck.alert_msg[i]);
return(1);
}
l_node = OSList_GetNextNode(p_list);
}
return(0);
}
/* del_plist:. Deletes the process list
*/
int del_plist(void *p_list_p)
{
OSList *p_list = (OSList *)p_list_p;
OSListNode *l_node;
OSListNode *p_node = NULL;
if(p_list == NULL)
{
return(0);
}
l_node = OSList_GetFirstNode(p_list);
while(l_node)
{
Proc_Info *pinfo;
pinfo = (Proc_Info *)l_node->data;
if(pinfo->p_name)
{
free(pinfo->p_name);
}
if(pinfo->p_path)
{
free(pinfo->p_path);
}
free(l_node->data);
if(p_node)
{
free(p_node);
p_node = NULL;
}
p_node = l_node;
l_node = OSList_GetNextNode(p_list);
}
if(p_node)
{
free(p_node);
p_node = NULL;
}
free(p_list);
return(1);
}
/**
* Shutdowns execd properly.
*/
static void execd_shutdown(int sig)
{
/* Removing pending active responses. */
merror(EXEC_SHUTDOWN, ARGV0);
timeout_node = OSList_GetFirstNode(timeout_list);
while(timeout_node)
{
timeout_data *list_entry;
list_entry = (timeout_data *)timeout_node->data;
ExecCmd(list_entry->command);
/* Delete currently node - already sets the pointer to next */
OSList_DeleteCurrentlyNode(timeout_list);
timeout_node = OSList_GetCurrentlyNode(timeout_list);
}
#ifndef WIN32
HandleSIG(sig);
#endif
}
/** int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
* Generates a list with all active responses.
*/
int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
{
FILE *fp;
int i = 0;
int r_ar = 0;
int l_ar = 0;
int rpt = 0;
/* Xml options */
char *xml_ar_command = "command";
char *xml_ar_location = "location";
char *xml_ar_agent_id = "agent_id";
char *xml_ar_rules_id = "rules_id";
char *xml_ar_rules_group = "rules_group";
char *xml_ar_level = "level";
char *xml_ar_timeout = "timeout";
char *xml_ar_disabled = "disabled";
char *xml_ar_repeated = "repeated_offenders";
char *tmp_location;
/* Currently active response */
active_response *tmp_ar;
/* Opening shared ar file */
fp = fopen(DEFAULTARPATH, "a");
if(!fp)
{
merror(FOPEN_ERROR, ARGV0, DEFAULTARPATH);
return(-1);
}
chmod(DEFAULTARPATH, 0444);
/* Allocating for the active-response */
tmp_ar = calloc(1, sizeof(active_response));
if(!tmp_ar)
{
merror(MEM_ERROR, ARGV0);
return(-1);
}
/* Initializing variables */
tmp_ar->name = NULL;
tmp_ar->command = NULL;
tmp_ar->location = 0;
tmp_ar->timeout = 0;
tmp_ar->level = 0;
tmp_ar->agent_id = NULL;
tmp_ar->rules_id = NULL;
tmp_ar->rules_group = NULL;
tmp_ar->ar_cmd = NULL;
tmp_location = NULL;
/* Searching for the commands */
while(node[i])
{
if(!node[i]->element)
{
merror(XML_ELEMNULL, ARGV0);
return(OS_INVALID);
}
else if(!node[i]->content)
{
merror(XML_VALUENULL, ARGV0, node[i]->element);
return(OS_INVALID);
}
/* Command */
if(strcmp(node[i]->element, xml_ar_command) == 0)
{
tmp_ar->command = strdup(node[i]->content);
}
/* Target */
else if(strcmp(node[i]->element, xml_ar_location) == 0)
{
tmp_location = strdup(node[i]->content);
}
else if(strcmp(node[i]->element, xml_ar_agent_id) == 0)
{
tmp_ar->agent_id = strdup(node[i]->content);
}
else if(strcmp(node[i]->element, xml_ar_rules_id) == 0)
{
tmp_ar->rules_id = strdup(node[i]->content);
}
else if(strcmp(node[i]->element, xml_ar_rules_group) == 0)
{
tmp_ar->rules_group = strdup(node[i]->content);
}
else if(strcmp(node[i]->element, xml_ar_level) == 0)
{
/* Level must be numeric */
if(!OS_StrIsNum(node[i]->content))
{
merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
return(OS_INVALID);
}
tmp_ar->level = atoi(node[i]->content);
/* Making sure the level is valid */
if((tmp_ar->level < 0) || (tmp_ar->level > 20))
{
merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
return(OS_INVALID);
}
}
else if(strcmp(node[i]->element, xml_ar_timeout) == 0)
{
tmp_ar->timeout = atoi(node[i]->content);
}
else if(strcmp(node[i]->element, xml_ar_disabled) == 0)
{
if(strcmp(node[i]->content, "yes") == 0)
{
ar_flag = -1;
}
else if(strcmp(node[i]->content, "no") == 0)
{
/* Don't do anything if disabled is set to "no" */
}
else
{
merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
return(OS_INVALID);
}
}
else if(strcmp(node[i]->element, xml_ar_repeated) == 0)
{
/* Nothing - we deal with it on execd. */
rpt = 1;
}
else
{
merror(XML_INVELEM, ARGV0, node[i]->element);
return(OS_INVALID);
}
i++;
}
/* Checking if ar is disabled */
if(ar_flag == -1)
{
fclose(fp);
return(0);
}
/* Command and location must be there */
if(!tmp_ar->command || !tmp_location)
{
if(rpt == 1)
{
fclose(fp);
return(0);
}
merror(AR_MISS, ARGV0);
return(-1);
}
/* analysisd */
if(OS_Regex("AS|analysisd|analysis-server|server", tmp_location))
{
tmp_ar->location|= AS_ONLY;
}
if(OS_Regex("local", tmp_location))
{
tmp_ar->location|= REMOTE_AGENT;
}
if(OS_Regex("defined-agent", tmp_location))
{
if(!tmp_ar->agent_id)
{
merror(AR_DEF_AGENT, ARGV0);
return(-1);
}
tmp_ar->location|= SPECIFIC_AGENT;
}
if(OS_Regex("all|any", tmp_location))
{
tmp_ar->location|=ALL_AGENTS;
}
/* If we didn't set any value for the location */
if(tmp_ar->location == 0)
{
merror(AR_INV_LOC, ARGV0, tmp_location);
return(-1);
}
/* cleaning tmp_location */
free(tmp_location);
tmp_location = NULL;
/* Checking if command name is valid */
{
OSListNode *my_commands_node;
my_commands_node = OSList_GetFirstNode(d1);
while(my_commands_node)
{
ar_command *my_command;
my_command = (ar_command *)my_commands_node->data;
if(strcmp(my_command->name, tmp_ar->command) == 0)
{
tmp_ar->ar_cmd = my_command;
break;
}
my_commands_node = OSList_GetNextNode(d1);
}
/* Didn't find a valid command */
if(tmp_ar->ar_cmd == NULL)
{
merror(AR_INV_CMD, ARGV0, tmp_ar->command);
return(-1);
}
}
/* Checking if timeout is allowed */
if(tmp_ar->timeout && !tmp_ar->ar_cmd->timeout_allowed)
{
merror(AR_NO_TIMEOUT, ARGV0, tmp_ar->ar_cmd->name);
return(-1);
}
/* d1 is the active response list */
if(!OSList_AddData(d2, (void *)tmp_ar))
{
merror(LIST_ADD_ERROR, ARGV0);
return(-1);
}
/* Setting a unique active response name */
tmp_ar->name = calloc(OS_FLSIZE +1, sizeof(char));
if(!tmp_ar->name)
{
ErrorExit(MEM_ERROR, ARGV0);
}
snprintf(tmp_ar->name, OS_FLSIZE, "%s%d",
tmp_ar->ar_cmd->name,
tmp_ar->timeout);
/* Adding to shared file */
fprintf(fp, "%s - %s - %d\n",
tmp_ar->name,
tmp_ar->ar_cmd->executable,
tmp_ar->timeout);
/* Setting the configs to start the right queues */
if(tmp_ar->location & AS_ONLY)
{
l_ar = 1;
}
if(tmp_ar->location & ALL_AGENTS)
{
r_ar = 1;
}
if(tmp_ar->location & REMOTE_AGENT)
{
r_ar = 1;
l_ar = 1;
}
if(tmp_ar->location & SPECIFIC_AGENT)
{
r_ar = 1;
}
/* Setting the configuration for the active response */
if(r_ar && (!(ar_flag & REMOTE_AR)))
{
ar_flag|= REMOTE_AR;
}
if(l_ar && (!(ar_flag & LOCAL_AR)))
{
ar_flag|= LOCAL_AR;
}
/* Closing shared file for active response */
fclose(fp);
/* Done over here */
return(0);
}
/** void WinExecdRun(char *exec_msg)
*/
void WinExecdRun(char *exec_msg)
{
time_t curr_time;
int i,j;
int timeout_value;
int added_before = 0;
char **timeout_args;
char *tmp_msg = NULL;
char *name;
char *command;
char *cmd_user;
char *cmd_ip;
char buffer[OS_MAXSTR + 1];
timeout_data *timeout_entry;
/* Currently time */
curr_time = time(0);
/* Getting application name */
name = exec_msg;
/* Zeroing the name */
tmp_msg = strchr(exec_msg, ' ');
if(!tmp_msg)
{
merror(EXECD_INV_MSG, ARGV0, exec_msg);
return;
}
*tmp_msg = '\0';
tmp_msg++;
/* Getting user. */
cmd_user = tmp_msg;
tmp_msg = strchr(tmp_msg, ' ');
if(!tmp_msg)
{
merror(EXECD_INV_MSG, ARGV0, cmd_user);
return;
}
*tmp_msg = '\0';
tmp_msg++;
/* Getting ip. */
cmd_ip = tmp_msg;
tmp_msg = strchr(tmp_msg, ' ');
if(!tmp_msg)
{
merror(EXECD_INV_MSG, ARGV0, cmd_ip);
return;
}
*tmp_msg = '\0';
tmp_msg++;
/* Getting the command to execute (valid name) */
command = GetCommandbyName(name, &timeout_value);
if(!command)
{
ReadExecConfig();
command = GetCommandbyName(name, &timeout_value);
if(!command)
{
merror(EXEC_INV_NAME, ARGV0, name);
return;
}
}
/* Command not present. */
if(command[0] == '\0')
return;
/* Allocating memory for the timeout argument */
os_calloc(MAX_ARGS+2, sizeof(char *), timeout_args);
/* Adding initial variables to the timeout cmd */
snprintf(buffer, OS_MAXSTR, "\"%s\" %s \"%s\" \"%s\" \"%s\"",
command, DELETE_ENTRY, cmd_user, cmd_ip, tmp_msg);
os_strdup(buffer, timeout_args[0]);
timeout_args[1] = NULL;
/* Getting size for the strncmp */
i = 0, j = 0;
while(buffer[i] != '\0')
{
if(buffer[i] == ' ')
j++;
i++;
if(j == 4)
break;
}
/* Check this command was already executed. */
timeout_node = OSList_GetFirstNode(timeout_list);
added_before = 0;
while(timeout_node)
{
timeout_data *list_entry;
list_entry = (timeout_data *)timeout_node->data;
if(strncmp(list_entry->command[0], timeout_args[0], i) == 0)
{
/* Means we executed this command before
* and we don't need to add it again.
*/
added_before = 1;
/* updating the timeout */
list_entry->time_of_addition = curr_time;
break;
}
/* Continue with the next entry in timeout list*/
timeout_node = OSList_GetNextNode(timeout_list);
}
/* If it wasn't added before, do it now */
if(!added_before)
{
snprintf(buffer, OS_MAXSTR, "\"%s\" %s \"%s\" \"%s\" \"%s\"", command,
ADD_ENTRY, cmd_user, cmd_ip, tmp_msg);
/* executing command */
ExecCmd_Win32(buffer);
/* We don't need to add to the list if the timeout_value == 0 */
if(timeout_value)
{
/* Creating the timeout entry */
os_calloc(1, sizeof(timeout_data), timeout_entry);
timeout_entry->command = timeout_args;
timeout_entry->time_of_addition = curr_time;
timeout_entry->time_to_block = timeout_value;
/* Adding command to the timeout list */
if(!OSList_AddData(timeout_list, timeout_entry))
{
merror(LIST_ADD_ERROR, ARGV0);
FreeTimeoutEntry(timeout_entry);
}
}
/* If no timeout, we still need to free it in here */
else
{
char **ss_ta = timeout_args;
while(*timeout_args)
{
os_free(*timeout_args);
*timeout_args = NULL;
timeout_args++;
}
os_free(ss_ta);
}
}
/* We didn't add it to the timeout list */
else
{
char **ss_ta = timeout_args;
/* Clear the timeout arguments */
while(*timeout_args)
{
os_free(*timeout_args);
*timeout_args = NULL;
timeout_args++;
}
os_free(ss_ta);
}
}
/* Prints related entries. */
int _os_report_print_related(int print_related, OSList *st_data)
{
OSListNode *list_entry;
alert_data *list_aldata;
alert_data *saved_aldata;
list_entry = OSList_GetFirstNode(st_data);
while(list_entry)
{
saved_aldata = (alert_data *)list_entry->data;
/* Removing duplicates. */
list_entry = list_entry->prev;
while(list_entry)
{
if(print_related & REPORT_REL_LOCATION)
{
list_aldata = (alert_data *)list_entry->data;
if(strcmp(list_aldata->location, saved_aldata->location) == 0)
{
break;
}
}
else if(print_related & REPORT_REL_GROUP)
{
list_aldata = (alert_data *)list_entry->data;
if(strcmp(list_aldata->group, saved_aldata->group) == 0)
{
break;
}
}
else if(print_related & REPORT_REL_RULE)
{
list_aldata = (alert_data *)list_entry->data;
if(list_aldata->rule == saved_aldata->rule)
{
break;
}
}
else if(print_related & REPORT_REL_USER)
{
list_aldata = (alert_data *)list_entry->data;
if(list_aldata->user == NULL || saved_aldata->user == NULL)
{
}
else if(strcmp(list_aldata->user, saved_aldata->user) == 0)
{
break;
}
}
else if(print_related & REPORT_REL_SRCIP)
{
list_aldata = (alert_data *)list_entry->data;
if(list_aldata->srcip == NULL || saved_aldata->srcip == NULL)
{
}
else if(strcmp(list_aldata->srcip, saved_aldata->srcip) == 0)
{
break;
}
}
else if(print_related & REPORT_REL_LEVEL)
{
list_aldata = (alert_data *)list_entry->data;
if(list_aldata->level == saved_aldata->level)
{
break;
}
}
else if(print_related & REPORT_REL_FILE)
{
list_aldata = (alert_data *)list_entry->data;
if(list_aldata->filename == NULL || saved_aldata->filename == NULL)
{
}
else if(strcmp(list_aldata->filename, saved_aldata->filename) == 0)
{
break;
}
}
list_entry = list_entry->prev;
}
if(!list_entry)
{
if(print_related & REPORT_REL_LOCATION)
l_print_out(" location: '%s'", saved_aldata->location);
else if(print_related & REPORT_REL_GROUP)
l_print_out(" group: '%s'", saved_aldata->group);
else if(print_related & REPORT_REL_RULE)
l_print_out(" rule: '%d'", saved_aldata->rule);
else if((print_related & REPORT_REL_SRCIP) && saved_aldata->srcip)
l_print_out(" srcip: '%s'", saved_aldata->srcip);
else if((print_related & REPORT_REL_USER) && saved_aldata->user)
l_print_out(" user: '******'", saved_aldata->user);
else if(print_related & REPORT_REL_LEVEL)
l_print_out(" level: '%d'", saved_aldata->level);
else if((print_related & REPORT_REL_FILE) && saved_aldata->filename)
l_print_out(" filename: '%s'", saved_aldata->filename);
}
list_entry = OSList_GetNextNode(st_data);
}
return(0);
}
/** void ExecdStart(int q) v0.2
* Main function on the execd. Does all the data receiving ,etc.
*/
static void ExecdStart(int q)
{
int i, childcount = 0;
time_t curr_time;
char buffer[OS_MAXSTR + 1];
char *tmp_msg = NULL;
char *name;
char *command;
char *cmd_args[MAX_ARGS +2];
/* Select */
fd_set fdset;
struct timeval socket_timeout;
/* Clearing the buffer */
memset(buffer, '\0', OS_MAXSTR +1);
/* Initializing the cmd arguments */
for(i = 0; i<= MAX_ARGS +1; i++)
{
cmd_args[i] = NULL;
}
/* Creating list for timeout */
timeout_list = OSList_Create();
if(!timeout_list)
{
ErrorExit(LIST_ERROR, ARGV0);
}
if(repeated_offenders_timeout[0] != 0)
{
repeated_hash = OSHash_Create();
}
else
{
repeated_hash = NULL;
}
/* Main loop. */
while(1)
{
int timeout_value;
int added_before = 0;
char **timeout_args;
timeout_data *timeout_entry;
/* Cleaning up any child. */
while (childcount)
{
int wp;
wp = waitpid((pid_t) -1, NULL, WNOHANG);
if (wp < 0)
{
merror(WAITPID_ERROR, ARGV0, errno, strerror(errno));
break;
}
/* if = 0, we still need to wait for the child process */
else if (wp == 0)
{
break;
}
/* Child completed if wp > 0 */
else
{
childcount--;
}
}
/* Getting currently time */
curr_time = time(0);
/* Checking if there is any timeouted command to execute. */
timeout_node = OSList_GetFirstNode(timeout_list);
while(timeout_node)
{
timeout_data *list_entry;
list_entry = (timeout_data *)timeout_node->data;
/* Timeouted */
if((curr_time - list_entry->time_of_addition) >
list_entry->time_to_block)
{
ExecCmd(list_entry->command);
/* Deletecurrently node already sets the pointer to next */
OSList_DeleteCurrentlyNode(timeout_list);
timeout_node = OSList_GetCurrentlyNode(timeout_list);
/* Clearing the memory */
FreeTimeoutEntry(list_entry);
childcount++;
}
else
{
timeout_node = OSList_GetNextNode(timeout_list);
}
}
/* Setting timeout to EXECD_TIMEOUT */
socket_timeout.tv_sec = EXECD_TIMEOUT;
socket_timeout.tv_usec= 0;
/* Setting FD values */
FD_ZERO(&fdset);
FD_SET(q, &fdset);
/* Adding timeout */
if(select(q+1, &fdset, NULL, NULL, &socket_timeout) == 0)
{
/* Timeout .. */
continue;
}
/* Checking for error */
if(!FD_ISSET(q, &fdset))
{
merror(SELECT_ERROR, ARGV0, errno, strerror(errno));
continue;
}
/* Receiving the message */
if(OS_RecvUnix(q, OS_MAXSTR, buffer) == 0)
{
merror(QUEUE_ERROR, ARGV0, EXECQUEUEPATH, strerror(errno));
continue;
}
/* Currently time */
curr_time = time(0);
/* Getting application name */
name = buffer;
/* Zeroing the name */
tmp_msg = strchr(buffer, ' ');
if(!tmp_msg)
{
merror(EXECD_INV_MSG, ARGV0, buffer);
continue;
}
*tmp_msg = '\0';
tmp_msg++;
/* Getting the command to execute (valid name) */
command = GetCommandbyName(name, &timeout_value);
if(!command)
{
ReadExecConfig();
command = GetCommandbyName(name, &timeout_value);
if(!command)
{
merror(EXEC_INV_NAME, ARGV0, name);
continue;
}
}
/* Command not present. */
if(command[0] == '\0')
continue;
/* Allocating memory for the timeout argument */
os_calloc(MAX_ARGS+2, sizeof(char *), timeout_args);
/* Adding initial variables to the cmd_arg and to the timeout cmd */
cmd_args[0] = command;
cmd_args[1] = ADD_ENTRY;
os_strdup(command, timeout_args[0]);
os_strdup(DELETE_ENTRY, timeout_args[1]);
cmd_args[2] = NULL;
timeout_args[2] = NULL;
/* Getting the arguments. */
i = 2;
while(i < (MAX_ARGS -1))
{
cmd_args[i] = tmp_msg;
cmd_args[i+1] = NULL;
tmp_msg = strchr(tmp_msg, ' ');
if(!tmp_msg)
{
timeout_args[i] = strdup(cmd_args[i]);
timeout_args[i+1] = NULL;
break;
}
*tmp_msg = '\0';
tmp_msg++;
timeout_args[i] = strdup(cmd_args[i]);
timeout_args[i+1] = NULL;
i++;
}
/* Check this command was already executed. */
timeout_node = OSList_GetFirstNode(timeout_list);
added_before = 0;
/* Checking for the username and ip argument */
if(!timeout_args[2] || !timeout_args[3])
{
added_before = 1;
merror("%s: Invalid number of arguments.", ARGV0);
}
while(timeout_node)
{
timeout_data *list_entry;
list_entry = (timeout_data *)timeout_node->data;
if((strcmp(list_entry->command[3], timeout_args[3]) == 0) &&
(strcmp(list_entry->command[0], timeout_args[0]) == 0))
{
/* Means we executed this command before
* and we don't need to add it again.
*/
added_before = 1;
/* updating the timeout */
list_entry->time_of_addition = curr_time;
if(repeated_offenders_timeout[0] != 0 &&
repeated_hash != NULL &&
strncmp(timeout_args[3],"-", 1) != 0)
{
char *ntimes = NULL;
char rkey[256];
rkey[255] = '\0';
snprintf(rkey, 255, "%s%s", list_entry->command[0],
timeout_args[3]);
if((ntimes = (char *) OSHash_Get(repeated_hash, rkey)))
{
int ntimes_int = 0;
int i2 = 0;
int new_timeout = 0;
ntimes_int = atoi(ntimes);
while(repeated_offenders_timeout[i2] != 0)
{
i2++;
}
if(ntimes_int >= i2)
{
new_timeout = repeated_offenders_timeout[i2 - 1]*60;
}
else
{
free(ntimes); // In hash_op.c, data belongs to caller
os_calloc(10, sizeof(char), ntimes);
new_timeout = repeated_offenders_timeout[ntimes_int]*60;
ntimes_int++;
snprintf(ntimes, 9, "%d", ntimes_int);
OSHash_Update(repeated_hash,rkey,ntimes);
}
list_entry->time_to_block = new_timeout;
}
}
break;
}
/* Continue with the next entry in timeout list*/
timeout_node = OSList_GetNextNode(timeout_list);
}
/* If it wasn't added before, do it now */
if(!added_before)
{
/* executing command */
ExecCmd(cmd_args);
/* We don't need to add to the list if the timeout_value == 0 */
if(timeout_value)
{
char *ntimes;
char rkey[256];
rkey[255] = '\0';
snprintf(rkey, 255, "%s%s", timeout_args[0],
timeout_args[3]);
if(repeated_hash != NULL)
{
if((ntimes = (char *) OSHash_Get(repeated_hash, rkey)))
{
int ntimes_int = 0;
int i2 = 0;
int new_timeout = 0;
ntimes_int = atoi(ntimes);
while(repeated_offenders_timeout[i2] != 0)
{
i2++;
}
if(ntimes_int >= i2)
{
new_timeout = repeated_offenders_timeout[i2 - 1]*60;
}
else
{
os_calloc(10, sizeof(char), ntimes);
new_timeout = repeated_offenders_timeout[ntimes_int]*60;
ntimes_int++;
snprintf(ntimes, 9, "%d", ntimes_int);
OSHash_Update(repeated_hash, rkey, ntimes);
}
timeout_value = new_timeout;
}
else
{
/* Adding to the repeated offenders list. */
OSHash_Add(repeated_hash,
rkey, strdup("0"));
}
}
/* Creating the timeout entry */
os_calloc(1, sizeof(timeout_data), timeout_entry);
timeout_entry->command = timeout_args;
timeout_entry->time_of_addition = curr_time;
timeout_entry->time_to_block = timeout_value;
/* Adding command to the timeout list */
if(!OSList_AddData(timeout_list, timeout_entry))
{
merror(LIST_ADD_ERROR, ARGV0);
FreeTimeoutEntry(timeout_entry);
}
}
/* If no timeout, we still need to free it in here */
else
{
char **ss_ta = timeout_args;
while(*timeout_args)
{
os_free(*timeout_args);
*timeout_args = NULL;
timeout_args++;
}
os_free(ss_ta);
}
childcount++;
}
/* We didn't add it to the timeout list */
else
{
char **ss_ta = timeout_args;
/* Clear the timeout arguments */
while(*timeout_args)
{
os_free(*timeout_args);
*timeout_args = NULL;
timeout_args++;
}
os_free(ss_ta);
}
/* Some cleanup */
while(i > 0)
{
cmd_args[i] = NULL;
i--;
}
}
}