/* * Whatever the manuals might say, you cannot get IPV6 interface * configuration from the ioctls. This seems to be implemented in a non * standard way across OSes BSDi has done getifaddrs(), solaris 8 has a * new ioctl, Stevens book shows the suggestion which has not been * implemented... */ void GetV6InterfaceInfo(void) { FILE *pp; char buffer[CF_BUFSIZE]; Verbose("Trying to locate my IPv6 address\n"); switch (g_vsystemhardclass) { case cfnt: /* NT cannot do this */ break; default: if ((pp = cfpopen("/sbin/ifconfig -a", "r")) == NULL) { Verbose("Could not find interface info\n"); return; } while (!feof(pp)) { fgets(buffer, CF_BUFSIZE, pp); if (StrStr(buffer, "inet6")) { struct Item *ip,*list = NULL; char *sp; list = SplitStringAsItemList(buffer, ' '); for (ip = list; ip != NULL; ip=ip->next) { for (sp = ip->name; *sp != '\0'; sp++) { /* Remove CIDR mask */ if (*sp == '/') { *sp = '\0'; } } if (IsIPV6Address(ip->name) && (strcmp(ip->name, "::1") != 0)) { Verbose("Found IPv6 address %s\n", ip->name); AppendItem(&g_ipaddresses, ip->name, ""); AddClassToHeap(CanonifyName(ip->name)); } } DeleteItemList(list); } } fclose(pp); break; } }
static void FindV6InterfacesInfo(void) { FILE *pp = NULL; char buffer[CF_BUFSIZE]; /* Whatever the manuals might say, you cannot get IPV6 interface configuration from the ioctls. This seems to be implemented in a non standard way across OSes BSDi has done getifaddrs(), solaris 8 has a new ioctl, Stevens book shows the suggestion which has not been implemented... */ CfOut(OUTPUT_LEVEL_VERBOSE, "", "Trying to locate my IPv6 address\n"); #if defined(__CYGWIN__) /* NT cannot do this */ return; #elif defined(__hpux) if ((pp = cf_popen("/usr/sbin/ifconfig -a", "r")) == NULL) { CfOut(OUTPUT_LEVEL_VERBOSE, "", "Could not find interface info\n"); return; } #elif defined(_AIX) if ((pp = cf_popen("/etc/ifconfig -a", "r")) == NULL) { CfOut(OUTPUT_LEVEL_VERBOSE, "", "Could not find interface info\n"); return; } #else if ((pp = cf_popen("/sbin/ifconfig -a", "r")) == NULL) { CfOut(OUTPUT_LEVEL_VERBOSE, "", "Could not find interface info\n"); return; } #endif /* Don't know the output format of ifconfig on all these .. hope for the best*/ while (!feof(pp)) { buffer[0] = '\0'; if (fgets(buffer, CF_BUFSIZE, pp) == NULL) { if (strlen(buffer)) { UnexpectedError("Failed to read line from stream"); } } if (ferror(pp)) /* abortable */ { break; } if (strcasestr(buffer, "inet6")) { Item *ip, *list = NULL; char *sp; list = SplitStringAsItemList(buffer, ' '); for (ip = list; ip != NULL; ip = ip->next) { for (sp = ip->name; *sp != '\0'; sp++) { if (*sp == '/') /* Remove CIDR mask */ { *sp = '\0'; } } if ((IsIPV6Address(ip->name)) && ((strcmp(ip->name, "::1") != 0))) { CfOut(OUTPUT_LEVEL_VERBOSE, "", "Found IPv6 address %s\n", ip->name); AppendItem(&IPADDRESSES, ip->name, ""); HardClass(ip->name); } } DeleteItemList(list); } } cf_pclose(pp); }
int MatchClasses(EvalContext *ctx, ServerConnectionState *conn) { char recvbuffer[CF_BUFSIZE]; Item *classlist = NULL, *ip; int count = 0; while (true && (count < 10)) /* arbitrary check to avoid infinite loop, DoS attack */ { count++; if (ReceiveTransaction(&conn->conn_info, recvbuffer, NULL) == -1) { Log(LOG_LEVEL_VERBOSE, "Unable to read data from network. (ReceiveTransaction: %s)", GetErrorStr()); return false; } Log(LOG_LEVEL_DEBUG, "Got class buffer '%s'", recvbuffer); if (strncmp(recvbuffer, CFD_TERMINATOR, strlen(CFD_TERMINATOR)) == 0) { if (count == 1) { Log(LOG_LEVEL_DEBUG, "No classes were sent, assuming no restrictions..."); return true; } break; } classlist = SplitStringAsItemList(recvbuffer, ' '); for (ip = classlist; ip != NULL; ip = ip->next) { Log(LOG_LEVEL_VERBOSE, "Checking whether class %s can be identified as me...", ip->name); if (IsDefinedClass(ctx, ip->name, NULL)) { Log(LOG_LEVEL_DEBUG, "Class '%s' matched, accepting...", ip->name); DeleteItemList(classlist); return true; } { ClassTableIterator *iter = EvalContextClassTableIteratorNewGlobal(ctx, NULL, true, true); Class *cls = NULL; while ((cls = ClassTableIteratorNext(iter))) { char *expr = ClassRefToString(cls->ns, cls->name); bool match = StringMatchFull(ip->name, expr); free(expr); if (match) { Log(LOG_LEVEL_DEBUG, "Class matched regular expression '%s', accepting...", ip->name); DeleteItemList(classlist); return true; } } ClassTableIteratorDestroy(iter); } if (strncmp(ip->name, CFD_TERMINATOR, strlen(CFD_TERMINATOR)) == 0) { Log(LOG_LEVEL_VERBOSE, "No classes matched, rejecting...."); ReplyNothing(conn); DeleteItemList(classlist); return false; } } } ReplyNothing(conn); Log(LOG_LEVEL_VERBOSE, "No classes matched, rejecting...."); DeleteItemList(classlist); return false; }
void Unix_FindV6InterfaceInfo(void) { FILE *pp = NULL; char buffer[CF_BUFSIZE]; /* Whatever the manuals might say, you cannot get IPV6 interface configuration from the ioctls. This seems to be implemented in a non standard way across OSes BSDi has done getifaddrs(), solaris 8 has a new ioctl, Stevens book shows the suggestion which has not been implemented... */ CfOut(cf_verbose, "", "Trying to locate my IPv6 address\n"); switch (VSYSTEMHARDCLASS) { case cfnt: /* NT cannot do this */ return; case irix: case irix4: case irix64: if ((pp = cf_popen("/usr/etc/ifconfig -a", "r")) == NULL) { CfOut(cf_verbose, "", "Could not find interface info\n"); return; } break; case hp: if ((pp = cf_popen("/usr/sbin/ifconfig -a", "r")) == NULL) { CfOut(cf_verbose, "", "Could not find interface info\n"); return; } break; case aix: if ((pp = cf_popen("/etc/ifconfig -a", "r")) == NULL) { CfOut(cf_verbose, "", "Could not find interface info\n"); return; } break; default: if ((pp = cf_popen("/sbin/ifconfig -a", "r")) == NULL) { CfOut(cf_verbose, "", "Could not find interface info\n"); return; } } /* Don't know the output format of ifconfig on all these .. hope for the best*/ while (!feof(pp)) { fgets(buffer, CF_BUFSIZE - 1, pp); if (ferror(pp)) /* abortable */ { break; } if (strcasestr(buffer, "inet6")) { Item *ip, *list = NULL; char *sp; list = SplitStringAsItemList(buffer, ' '); for (ip = list; ip != NULL; ip = ip->next) { for (sp = ip->name; *sp != '\0'; sp++) { if (*sp == '/') /* Remove CIDR mask */ { *sp = '\0'; } } if (IsIPV6Address(ip->name) && (strcmp(ip->name, "::1") != 0)) { CfOut(cf_verbose, "", "Found IPv6 address %s\n", ip->name); AppendItem(&IPADDRESSES, ip->name, ""); NewClass(ip->name); } } DeleteItemList(list); } } cf_pclose(pp); }
void EraseAverages() { int i; DBT key,value; struct Item *list = NULL; Verbose("\nLooking through current database %s\n",FILENAME); list = SplitStringAsItemList(ERASE,','); if ((ERRNO = db_create(&DBP,NULL,0)) != 0) { Verbose("Couldn't create average database %s\n",FILENAME); exit(1); } #ifdef CF_OLD_DB if ((ERRNO = (DBP->open)(DBP,FILENAME,NULL,DB_BTREE,DB_CREATE,0644)) != 0) #else if ((ERRNO = (DBP->open)(DBP,NULL,FILENAME,NULL,DB_BTREE,DB_CREATE,0644)) != 0) #endif { Verbose("Couldn't open average database %s\n",FILENAME); DBP->err(DBP,ERRNO,NULL); exit(1); } memset(&key,0,sizeof(key)); memset(&value,0,sizeof(value)); for (i = 0; i < CF_OBSERVABLES; i++) { FPE[i] = FPQ[i] = NULL; } for (NOW = CF_MONDAY_MORNING; NOW < CF_MONDAY_MORNING+CF_WEEK; NOW += CF_MEASURE_INTERVAL) { memset(&key,0,sizeof(key)); memset(&value,0,sizeof(value)); memset(&ENTRY,0,sizeof(ENTRY)); strcpy(TIMEKEY,GenTimeKey(NOW)); key.data = TIMEKEY; key.size = strlen(TIMEKEY)+1; if ((ERRNO = DBP->get(DBP,NULL,&key,&value,0)) != 0) { if (ERRNO != DB_NOTFOUND) { DBP->err(DBP,ERRNO,NULL); exit(1); } } if (value.data != NULL) { memcpy(&ENTRY,value.data,sizeof(ENTRY)); for (i = 0; i < CF_OBSERVABLES; i++) { if (IsItemIn(list,OBS[i][0])) { /* Set history but not most recent to zero */ ENTRY.Q[i].expect = 0; ENTRY.Q[i].var = 0; } } value.data = &ENTRY; if ((ERRNO = DBP->put(DBP,NULL,&key,&value,0)) != 0) { DBP->err(DBP,ERRNO,NULL); exit(1); } } } DBP->close(DBP,0); }