char *OS_AddNewAgent(const char *name, const char *ip, const char *id)
{
FILE *fp;
os_md5 md1;
os_md5 md2;
char str1[STR_SIZE + 1];
char str2[STR_SIZE + 1];
char *muname;
char *finals;
char nid[9];
srandom_init();
muname = getuname();
snprintf(str1, STR_SIZE, "%d%s%d%s", (int)time(0), name, (int)random(), muname);
snprintf(str2, STR_SIZE, "%s%s%ld", ip, id, (long int)random());
OS_MD5_Str(str1, md1);
OS_MD5_Str(str2, md2);
free(muname);
nid[8] = '\0';
if (id == NULL) {
int i = 1024;
snprintf(nid, 6, "%d", i);
while (IDExist(nid)) {
i++;
snprintf(nid, 6, "%d", i);
if (i >= (MAX_AGENTS + 1024)) {
return (NULL);
}
}
id = nid;
}
fp = fopen(KEYSFILE_PATH, "a");
if (!fp) {
return (NULL);
}
os_calloc(2048, sizeof(char), finals);
if (ip == NULL) {
snprintf(finals, 2048, "%s %s any %s%s", id, name, md1, md2);
} else {
snprintf(finals, 2048, "%s %s %s %s%s", id, name, ip, md1, md2);
}
fprintf(fp, "%s\n", finals);
fclose(fp);
return (finals);
}
/* extract base64 for a specific agent */
int k_extract(char *cmdextract)
{
FILE *fp;
char *user_input;
char *b64_enc;
char line_read[FILE_SIZE +1];
char n_id[USER_SIZE +1];
if(cmdextract)
{
user_input = cmdextract;
if(!IDExist(user_input))
{
printf(NO_ID, user_input);
exit(1);
}
}
else
{
if(!print_agents(0, 0, 0))
{
printf(NO_AGENT);
printf(PRESS_ENTER);
read_from_user();
return(0);
}
do
{
printf(EXTRACT_KEY);
fflush(stdout);
user_input = read_from_user();
/* quit */
if(strcmp(user_input, QUIT) == 0)
return(0);
if(!IDExist(user_input))
printf(NO_ID, user_input);
} while(!IDExist(user_input));
}
/* Trying to open the auth file */
fp = fopen(AUTH_FILE, "r");
if(!fp)
{
ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE);
}
fsetpos(fp, &fp_pos);
memset(n_id, '\0', USER_SIZE +1);
strncpy(n_id, user_input, USER_SIZE -1);
if(fgets(line_read, FILE_SIZE, fp) == NULL)
{
printf(ERROR_KEYS);
fclose(fp);
exit(1);
}
chomp(line_read);
b64_enc = encode_base64(strlen(line_read),line_read);
if(b64_enc == NULL)
{
printf(EXTRACT_ERROR);
fclose(fp);
exit(1);
}
printf(EXTRACT_MSG, n_id, b64_enc);
if(!cmdextract)
{
printf("\n" PRESS_ENTER);
read_from_user();
}
free(b64_enc);
fclose(fp);
return(0);
}
/* Bulk generate client keys from file */
int k_bulkload(const char *cmdbulk)
{
int i = 1;
FILE *fp, *infp;
char str1[STR_SIZE + 1];
char str2[STR_SIZE + 1];
os_md5 md1;
os_md5 md2;
char line[FILE_SIZE + 1];
char name[FILE_SIZE + 1];
char id[FILE_SIZE + 1];
char ip[FILE_SIZE + 1];
char delims[] = ",";
char *token = NULL;
/* Check if we can open the input file */
printf("Opening: [%s]\n", cmdbulk);
infp = fopen(cmdbulk, "r");
if (!infp) {
perror("Failed.");
ErrorExit(FOPEN_ERROR, ARGV0, cmdbulk, errno, strerror(errno));
}
/* Check if we can open the auth_file */
fp = fopen(AUTH_FILE, "a");
if (!fp) {
ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno));
}
fclose(fp);
while (fgets(line, FILE_SIZE - 1, infp) != NULL) {
os_ip c_ip;
c_ip.ip = NULL;
if (1 >= strlen(trimwhitespace(line))) {
continue;
}
memset(ip, '\0', FILE_SIZE + 1);
token = strtok(line, delims);
strncpy(ip, trimwhitespace(token), FILE_SIZE - 1);
memset(name, '\0', FILE_SIZE + 1);
token = strtok(NULL, delims);
strncpy(name, trimwhitespace(token), FILE_SIZE - 1);
#ifndef WIN32
if (chmod(AUTH_FILE, 0440) == -1) {
ErrorExit(CHMOD_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno));
}
#endif
/* Set time 2 */
time2 = time(0);
srandom_init();
rand1 = random();
/* Zero strings */
memset(str1, '\0', STR_SIZE + 1);
memset(str2, '\0', STR_SIZE + 1);
/* Check the name */
if (!OS_IsValidName(name)) {
printf(INVALID_NAME, name);
continue;
}
/* Search for name -- no duplicates */
if (NameExist(name)) {
printf(ADD_ERROR_NAME, name);
continue;
}
if (!OS_IsValidIP(ip, &c_ip)) {
printf(IP_ERROR, ip);
continue;
}
/* Default ID */
i = MAX_AGENTS + 32512;
snprintf(id, 8, "%03d", i);
while (!IDExist(id)) {
i--;
snprintf(id, 8, "%03d", i);
/* No key present, use id 0 */
if (i <= 0) {
i = 0;
break;
}
}
snprintf(id, 8, "%03d", i + 1);
if (!OS_IsValidID(id)) {
printf(INVALID_ID, id);
goto cleanup;
}
/* Search for ID KEY -- no duplicates */
if (IDExist(id)) {
printf(NO_DEFAULT, i + 1);
goto cleanup;
}
printf(AGENT_INFO, id, name, ip);
fflush(stdout);
time3 = time(0);
rand2 = random();
fp = fopen(AUTH_FILE, "a");
if (!fp) {
ErrorExit(FOPEN_ERROR, ARGV0, KEYS_FILE, errno, strerror(errno));
}
#ifndef WIN32
if (chmod(AUTH_FILE, 0440) == -1) {
ErrorExit(CHMOD_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno));
}
#endif
/* Random 1: Time took to write the agent information
* Random 2: Time took to choose the action
* Random 3: All of this + time + pid
* Random 4: MD5 all of this + the name, key and IP
* Random 5: Final key
*/
snprintf(str1, STR_SIZE, "%d%s%d", (int)(time3 - time2), name, (int)rand1);
snprintf(str2, STR_SIZE, "%d%s%s%d", (int)(time2 - time1), ip, id, (int)rand2);
OS_MD5_Str(str1, md1);
OS_MD5_Str(str2, md2);
snprintf(str1, STR_SIZE, "%s%d%d%d", md1, (int)getpid(), (int)random(),
(int)time3);
OS_MD5_Str(str1, md1);
fprintf(fp, "%s %s %s %s%s\n", id, name, c_ip.ip, md1, md2);
fclose(fp);
printf(AGENT_ADD);
restart_necessary = 1;
cleanup:
free(c_ip.ip);
};
fclose(infp);
return (0);
}
/* Extract base64 for a specific agent */
int k_extract(const char *cmdextract)
{
FILE *fp;
char *user_input;
char *b64_enc;
char line_read[FILE_SIZE + 1];
char n_id[USER_SIZE + 1];
if (cmdextract) {
user_input = strdup(cmdextract);
FormatID(user_input);
if (!IDExist(user_input)) {
printf(NO_ID, user_input);
exit(1);
}
} else {
if (!print_agents(0, 0, 0)) {
printf(NO_AGENT);
printf(PRESS_ENTER);
read_from_user();
return (0);
}
while (1) {
printf(EXTRACT_KEY);
fflush(stdout);
user_input = read_from_user();
/* quit */
if (strcmp(user_input, QUIT) == 0) {
return (0);
}
FormatID(user_input);
if (IDExist(user_input)) {
break;
} else {
printf(NO_ID, user_input);
}
}
}
/* Try to open the auth file */
fp = fopen(AUTH_FILE, "r");
if (!fp) {
ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno));
}
if (fsetpos(fp, &fp_pos)) {
merror("%s: Can not set fileposition.", ARGV0);
exit(1);
}
memset(n_id, '\0', USER_SIZE + 1);
strncpy(n_id, user_input, USER_SIZE - 1);
if (fgets(line_read, FILE_SIZE, fp) == NULL) {
printf(ERROR_KEYS);
fclose(fp);
exit(1);
}
chomp(line_read);
b64_enc = encode_base64(strlen(line_read), line_read);
if (b64_enc == NULL) {
printf(EXTRACT_ERROR);
fclose(fp);
exit(1);
}
printf(EXTRACT_MSG, n_id, b64_enc);
if (!cmdextract) {
printf("\n" PRESS_ENTER);
read_from_user();
}
free(b64_enc);
fclose(fp);
return (0);
}
char *OS_AddNewAgent(char *name, char *ip, char *id, char *key)
{
int i = 0;
FILE *fp;
int rand1;
os_md5 md1;
os_md5 md2;
char str1[STR_SIZE +1];
char str2[STR_SIZE +1];
char *muname = NULL;
char *finals = NULL;
char nid[9];
#ifndef WIN32
#ifdef __OpenBSD__
srandomdev();
#else
srandom(time(0) + getpid() + getppid());
#endif
#else
srandom(time(0) + getpid());
#endif
rand1 = random();
muname = getuname();
snprintf(str1, STR_SIZE, "%d%s%d%s",(int)time(0), name, rand1, muname);
snprintf(str2, STR_SIZE, "%s%s%ld", ip, id, (long int)random());
OS_MD5_Str(str1, md1);
OS_MD5_Str(str2, md2);
free(muname);
nid[8] = '\0';
if(id == NULL)
{
i = 1024;
snprintf(nid, 6, "%d", i);
while(IDExist(nid))
{
i++;
snprintf(nid, 6, "%d", i);
if(i >= 4000)
{
return(NULL);
}
}
id = nid;
}
fp = fopen(KEYSFILE_PATH,"a");
if(!fp)
{
return(NULL);
}
os_calloc(2048, sizeof(char), finals);
if (ip == NULL){
snprintf(finals, 2048, "%s %s any %s%s",id, name, md1,md2);
} else {
snprintf(finals, 2048, "%s %s %s %s%s",id, name, ip, md1,md2);
}
fprintf(fp, "%s\n",finals);
fclose(fp);
return(finals);
}
int add_agent()
{
int i = 1;
FILE *fp;
char str1[STR_SIZE + 1];
char str2[STR_SIZE + 1];
os_md5 md1;
os_md5 md2;
char *user_input;
char *_name;
char *_id;
char *_ip;
char name[FILE_SIZE + 1];
char id[FILE_SIZE + 1];
char ip[FILE_SIZE + 1];
os_ip *c_ip;
/* Check if we can open the auth_file */
fp = fopen(AUTH_FILE, "a");
if (!fp) {
ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno));
}
fclose(fp);
/* Allocate for c_ip */
os_calloc(1, sizeof(os_ip), c_ip);
#ifndef WIN32
if (chmod(AUTH_FILE, 0440) == -1) {
ErrorExit(CHMOD_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno));
}
#endif
/* Set time 2 */
time2 = time(0);
rand1 = random();
/* Zero strings */
memset(str1, '\0', STR_SIZE + 1);
memset(str2, '\0', STR_SIZE + 1);
printf(ADD_NEW);
/* Get the name */
memset(name, '\0', FILE_SIZE + 1);
do {
printf(ADD_NAME);
fflush(stdout);
/* Read the agent's name from user environment. If it is invalid
* we should force user to provide a name from input device.
*/
_name = getenv("OSSEC_AGENT_NAME");
if (_name == NULL || NameExist(_name) || !OS_IsValidName(_name)) {
_name = read_from_user();
}
if (strcmp(_name, QUIT) == 0) {
return (0);
}
strncpy(name, _name, FILE_SIZE - 1);
/* Check the name */
if (!OS_IsValidName(name)) {
printf(INVALID_NAME, name);
}
/* Search for name -- no duplicates */
if (NameExist(name)) {
printf(ADD_ERROR_NAME, name);
}
} while (NameExist(name) || !OS_IsValidName(name));
/* Get IP */
memset(ip, '\0', FILE_SIZE + 1);
do {
printf(ADD_IP);
fflush(stdout);
/* Read IP address from user's environment. If that IP is invalid,
* force user to provide IP from input device */
_ip = getenv("OSSEC_AGENT_IP");
if (_ip == NULL || !OS_IsValidIP(_ip, c_ip)) {
_ip = read_from_user();
}
/* Quit */
if (strcmp(_ip, QUIT) == 0) {
return (0);
}
strncpy(ip, _ip, FILE_SIZE - 1);
if (!OS_IsValidIP(ip, c_ip)) {
printf(IP_ERROR, ip);
_ip = NULL;
}
} while (!_ip);
do {
/* Default ID */
i = MAX_AGENTS + 32512;
snprintf(id, 8, "%03d", i);
while (!IDExist(id)) {
i--;
snprintf(id, 8, "%03d", i);
/* No key present, use id 0 */
if (i <= 0) {
i = 0;
break;
}
}
snprintf(id, 8, "%03d", i + 1);
/* Get ID */
printf(ADD_ID, id);
fflush(stdout);
/* Get Agent ID from environment. If 0, use default ID. If null,
* get from user input. If value from environment is invalid,
* we force user to specify an ID from the terminal. Otherwise,
* our program goes to infinite loop.
*/
_id = getenv("OSSEC_AGENT_ID");
if (_id == NULL || IDExist(_id) || !OS_IsValidID(_id)) {
_id = read_from_user();
}
/* If user specified 0 as Agent ID, he meant use default value.
* NOTE: a bad condition can cause infinite loop.
*/
if (strcmp(_id, "0") == 0) {
strncpy(_id, id, FILE_SIZE - 1);
}
/* Quit */
if (strcmp(_id, QUIT) == 0) {
return (0);
}
if (_id[0] != '\0') {
strncpy(id, _id, FILE_SIZE - 1);
}
if (!OS_IsValidID(id)) {
printf(INVALID_ID, id);
}
/* Search for ID KEY -- no duplicates */
if (IDExist(id)) {
printf(ADD_ERROR_ID, id);
}
} while (IDExist(id) || !OS_IsValidID(id));
printf(AGENT_INFO, id, name, ip);
fflush(stdout);
do {
printf(ADD_CONFIRM);
/* Confirmation by an environment variable. The valid value is y/Y.
* If the user provides anything other string, it is considered as
* n/N; please note that the old code only accepts y/Y/n/N. So if
* the variable OSSEC_ACTION_CONFIRMED is 'foobar', the program will
* go into an infinite loop.
*/
user_input = getenv("OSSEC_ACTION_CONFIRMED");
if (user_input == NULL) {
user_input = read_from_user();
}
/* If user accepts to add */
if (user_input[0] == 'y' || user_input[0] == 'Y') {
time3 = time(0);
rand2 = random();
fp = fopen(AUTH_FILE, "a");
if (!fp) {
ErrorExit(FOPEN_ERROR, ARGV0, KEYS_FILE, errno, strerror(errno));
}
#ifndef WIN32
chmod(AUTH_FILE, 0440);
#endif
/* Random 1: Time took to write the agent information
* Random 2: Time took to choose the action
* Random 3: All of this + time + pid
* Random 4: Md5 all of this + the name, key and IP
* Random 5: Final key
*/
snprintf(str1, STR_SIZE, "%d%s%d", (int)(time3 - time2), name, (int)rand1);
snprintf(str2, STR_SIZE, "%d%s%s%d", (int)(time2 - time1), ip, id, (int)rand2);
OS_MD5_Str(str1, md1);
OS_MD5_Str(str2, md2);
snprintf(str1, STR_SIZE, "%s%d%d%d", md1, (int)getpid(), (int)random(),
(int)time3);
OS_MD5_Str(str1, md1);
fprintf(fp, "%s %s %s %s%s\n", id, name, c_ip->ip, md1, md2);
fclose(fp);
printf(AGENT_ADD);
restart_necessary = 1;
break;
} else { /* if(user_input[0] == 'n' || user_input[0] == 'N') */
printf(ADD_NOT);
break;
}
} while (1);
return (0);
}
int remove_agent()
{
FILE *fp;
char *user_input;
char u_id[FILE_SIZE + 1];
int id_exist;
u_id[FILE_SIZE] = '\0';
if (!print_agents(0, 0, 0)) {
printf(NO_AGENT);
return (0);
}
do {
printf(REMOVE_ID);
fflush(stdout);
user_input = getenv("OSSEC_AGENT_ID");
if (user_input == NULL) {
user_input = read_from_user();
} else {
printf("%s\n", user_input);
}
if (strcmp(user_input, QUIT) == 0) {
return (0);
}
strncpy(u_id, user_input, FILE_SIZE);
id_exist = IDExist(user_input);
if (!id_exist) {
printf(NO_ID, user_input);
/* Exit here if we are using environment variables
* and our ID does not exist
*/
if (getenv("OSSEC_AGENT_ID")) {
return (1);
}
}
} while (!id_exist);
do {
printf(REMOVE_CONFIRM);
fflush(stdout);
user_input = getenv("OSSEC_ACTION_CONFIRMED");
if (user_input == NULL) {
user_input = read_from_user();
} else {
printf("%s\n", user_input);
}
/* If user confirms */
if (user_input[0] == 'y' || user_input[0] == 'Y') {
/* Get full agent name */
char *full_name = getFullnameById(u_id);
if (!full_name) {
printf(NO_ID, u_id);
return (1);
}
fp = fopen(AUTH_FILE, "r+");
if (!fp) {
free(full_name);
ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno));
}
#ifndef WIN32
chmod(AUTH_FILE, 0440);
#endif
/* Remove the agent, but keep the id */
fsetpos(fp, &fp_pos);
fprintf(fp, "%s #*#*#*#*#*#*#*#*#*#*#", u_id);
fclose(fp);
/* Remove counter for ID */
delete_agentinfo(full_name);
OS_RemoveCounter(u_id);
free(full_name);
full_name = NULL;
printf(REMOVE_DONE, u_id);
restart_necessary = 1;
break;
} else { /* if(user_input[0] == 'n' || user_input[0] == 'N') */
printf(REMOVE_NOT);
break;
}
} while (1);
return (0);
}
char *OS_AddNewAgent(const char *name, const char *ip, const char *id)
{
FILE *fp;
os_md5 md1;
os_md5 md2;
char str1[STR_SIZE + 1];
char str2[STR_SIZE + 1];
char *muname;
char *finals;
char nid[9] = { '\0' };
srandom_init();
muname = getuname();
snprintf(str1, STR_SIZE, "%d%s%d%s", (int)time(0), name, (int)random(), muname);
snprintf(str2, STR_SIZE, "%s%s%ld", ip, id, (long int)random());
OS_MD5_Str(str1, md1);
OS_MD5_Str(str2, md2);
free(muname);
if (id == NULL) {
#ifdef REUSE_ID
int i = 1024;
snprintf(nid, 6, "%d", i);
while (IDExist(nid)) {
i++;
snprintf(nid, 6, "%d", i);
if (i >= (MAX_AGENTS + 1024))
return (NULL);
}
#else
char nid_p[9] = { '\0' };
int i = AUTHD_FIRST_ID;
int j = MAX_AGENTS + AUTHD_FIRST_ID;
int m = (i + j) / 2;
snprintf(nid, 8, "%d", m);
snprintf(nid_p, 8, "%d", m - 1);
/* Dichotomic search */
while (1) {
if (IDExist(nid)) {
if (m == i)
return NULL;
i = m;
} else if (!IDExist(nid_p) && m > i )
j = m;
else
break;
m = (i + j) / 2;
snprintf(nid, 8, "%d", m);
snprintf(nid_p, 8, "%d", m - 1);
}
#endif
id = nid;
}
fp = fopen(AUTH_FILE, "a");
if (!fp) {
return (NULL);
}
os_calloc(2048, sizeof(char), finals);
if (ip == NULL) {
snprintf(finals, 2048, "%s %s any %s%s", id, name, md1, md2);
} else {
snprintf(finals, 2048, "%s %s %s %s%s", id, name, ip, md1, md2);
}
fprintf(fp, "%s\n", finals);
fclose(fp);
OS_AddAgentTimestamp(id, name, ip, time(0));
return (finals);
}
int OS_RemoveAgent(const char *u_id) {
FILE *fp;
int id_exist;
char *full_name;
long fp_seek;
size_t fp_read;
char *buffer;
char buf_curline[OS_BUFFER_SIZE];
struct stat fp_stat;
id_exist = IDExist(u_id);
if (!id_exist)
return 0;
full_name = getFullnameById(u_id);
fp = fopen(AUTH_FILE, "r");
if (!fp)
return 0;
chmod(AUTH_FILE, 0440);
if (stat(AUTH_FILE, &fp_stat) < 0) {
fclose(fp);
return 0;
}
buffer = malloc(fp_stat.st_size + 1);
if (!buffer) {
fclose(fp);
return 0;
}
fsetpos(fp, &fp_pos);
fp_seek = ftell(fp);
fseek(fp, 0, SEEK_SET);
fp_read = fread(buffer, sizeof(char), fp_seek, fp);
if (!fgets(buf_curline, OS_BUFFER_SIZE - 2, fp)) {
return 0;
}
#ifndef REUSE_ID
char *ptr_name = strchr(buf_curline, ' ');
if (!ptr_name) {
free(buffer);
fclose(fp);
return 0;
}
ptr_name++;
memmove(ptr_name + 1, ptr_name, strlen(ptr_name) + 1);
*ptr_name = '!';
size_t curline_len = strlen(buf_curline);
memcpy(buffer + fp_read, buf_curline, curline_len);
fp_read += curline_len;
#endif
if (!feof(fp))
fp_read += fread(buffer + fp_read, sizeof(char), fp_stat.st_size, fp);
fclose(fp);
fp = fopen(AUTH_FILE, "w");
if (!fp) {
free(buffer);
return 0;
}
fwrite(buffer, sizeof(char), fp_read, fp);
fclose(fp);
free(buffer);
if (full_name)
delete_agentinfo(full_name);
/* Remove counter for ID */
OS_RemoveCounter(u_id);
OS_RemoveAgentTimestamp(u_id);
return 1;
}
/* remove an agent */
int remove_agent()
{
FILE *fp;
char *user_input;
char u_id[FILE_SIZE +1];
u_id[FILE_SIZE] = '\0';
if(!print_agents(0, 0, 0))
{
printf(NO_AGENT);
return(0);
}
do
{
printf(REMOVE_ID);
fflush(stdout);
user_input = getenv("OSPATROL_AGENT_ID");
if (user_input == NULL || !IDExist(user_input)) {
user_input = read_from_user();
}
if(strcmp(user_input, QUIT) == 0)
return(0);
strncpy(u_id, user_input, FILE_SIZE);
if(!IDExist(user_input))
{
printf(NO_ID, user_input);
}
} while(!IDExist(user_input));
do
{
printf(REMOVE_CONFIRM);
fflush(stdout);
user_input = getenv("OSPATROL_ACTION_CONFIRMED");
if (user_input == NULL) {
user_input = read_from_user();
}
/* If user confirm */
if(user_input[0] == 'y' || user_input[0] == 'Y')
{
/* Getting full agent name */
char *full_name = getFullnameById(u_id);
if(!full_name)
{
ErrorExit(MEM_ERROR, ARGV0);
}
fp = fopen(AUTH_FILE, "r+");
if(!fp)
{
free(full_name);
ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE);
}
#ifndef WIN32
chmod(AUTH_FILE, 0440);
#endif
/* Removing the agent, but keeping the id. */
fsetpos(fp, &fp_pos);
fprintf(fp, "%s #*#*#*#*#*#*#*#*#*#*#", u_id);
fclose(fp);
/* Remove counter for id */
delete_agentinfo(full_name);
OS_RemoveCounter(u_id);
free(full_name);
full_name = NULL;
printf(REMOVE_DONE, u_id);
restart_necessary = 1;
break;
}
else /* if(user_input[0] == 'n' || user_input[0] == 'N') */
{
printf(REMOVE_NOT);
break;
}
} while(1);
return(0);
}
