char *OS_AddNewAgent(const char *name, const char *ip, const char *id) { FILE *fp; os_md5 md1; os_md5 md2; char str1[STR_SIZE + 1]; char str2[STR_SIZE + 1]; char *muname; char *finals; char nid[9]; srandom_init(); muname = getuname(); snprintf(str1, STR_SIZE, "%d%s%d%s", (int)time(0), name, (int)random(), muname); snprintf(str2, STR_SIZE, "%s%s%ld", ip, id, (long int)random()); OS_MD5_Str(str1, md1); OS_MD5_Str(str2, md2); free(muname); nid[8] = '\0'; if (id == NULL) { int i = 1024; snprintf(nid, 6, "%d", i); while (IDExist(nid)) { i++; snprintf(nid, 6, "%d", i); if (i >= (MAX_AGENTS + 1024)) { return (NULL); } } id = nid; } fp = fopen(KEYSFILE_PATH, "a"); if (!fp) { return (NULL); } os_calloc(2048, sizeof(char), finals); if (ip == NULL) { snprintf(finals, 2048, "%s %s any %s%s", id, name, md1, md2); } else { snprintf(finals, 2048, "%s %s %s %s%s", id, name, ip, md1, md2); } fprintf(fp, "%s\n", finals); fclose(fp); return (finals); }
/* extract base64 for a specific agent */ int k_extract(char *cmdextract) { FILE *fp; char *user_input; char *b64_enc; char line_read[FILE_SIZE +1]; char n_id[USER_SIZE +1]; if(cmdextract) { user_input = cmdextract; if(!IDExist(user_input)) { printf(NO_ID, user_input); exit(1); } } else { if(!print_agents(0, 0, 0)) { printf(NO_AGENT); printf(PRESS_ENTER); read_from_user(); return(0); } do { printf(EXTRACT_KEY); fflush(stdout); user_input = read_from_user(); /* quit */ if(strcmp(user_input, QUIT) == 0) return(0); if(!IDExist(user_input)) printf(NO_ID, user_input); } while(!IDExist(user_input)); } /* Trying to open the auth file */ fp = fopen(AUTH_FILE, "r"); if(!fp) { ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE); } fsetpos(fp, &fp_pos); memset(n_id, '\0', USER_SIZE +1); strncpy(n_id, user_input, USER_SIZE -1); if(fgets(line_read, FILE_SIZE, fp) == NULL) { printf(ERROR_KEYS); fclose(fp); exit(1); } chomp(line_read); b64_enc = encode_base64(strlen(line_read),line_read); if(b64_enc == NULL) { printf(EXTRACT_ERROR); fclose(fp); exit(1); } printf(EXTRACT_MSG, n_id, b64_enc); if(!cmdextract) { printf("\n" PRESS_ENTER); read_from_user(); } free(b64_enc); fclose(fp); return(0); }
/* Bulk generate client keys from file */ int k_bulkload(const char *cmdbulk) { int i = 1; FILE *fp, *infp; char str1[STR_SIZE + 1]; char str2[STR_SIZE + 1]; os_md5 md1; os_md5 md2; char line[FILE_SIZE + 1]; char name[FILE_SIZE + 1]; char id[FILE_SIZE + 1]; char ip[FILE_SIZE + 1]; char delims[] = ","; char *token = NULL; /* Check if we can open the input file */ printf("Opening: [%s]\n", cmdbulk); infp = fopen(cmdbulk, "r"); if (!infp) { perror("Failed."); ErrorExit(FOPEN_ERROR, ARGV0, cmdbulk, errno, strerror(errno)); } /* Check if we can open the auth_file */ fp = fopen(AUTH_FILE, "a"); if (!fp) { ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno)); } fclose(fp); while (fgets(line, FILE_SIZE - 1, infp) != NULL) { os_ip c_ip; c_ip.ip = NULL; if (1 >= strlen(trimwhitespace(line))) { continue; } memset(ip, '\0', FILE_SIZE + 1); token = strtok(line, delims); strncpy(ip, trimwhitespace(token), FILE_SIZE - 1); memset(name, '\0', FILE_SIZE + 1); token = strtok(NULL, delims); strncpy(name, trimwhitespace(token), FILE_SIZE - 1); #ifndef WIN32 if (chmod(AUTH_FILE, 0440) == -1) { ErrorExit(CHMOD_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno)); } #endif /* Set time 2 */ time2 = time(0); srandom_init(); rand1 = random(); /* Zero strings */ memset(str1, '\0', STR_SIZE + 1); memset(str2, '\0', STR_SIZE + 1); /* Check the name */ if (!OS_IsValidName(name)) { printf(INVALID_NAME, name); continue; } /* Search for name -- no duplicates */ if (NameExist(name)) { printf(ADD_ERROR_NAME, name); continue; } if (!OS_IsValidIP(ip, &c_ip)) { printf(IP_ERROR, ip); continue; } /* Default ID */ i = MAX_AGENTS + 32512; snprintf(id, 8, "%03d", i); while (!IDExist(id)) { i--; snprintf(id, 8, "%03d", i); /* No key present, use id 0 */ if (i <= 0) { i = 0; break; } } snprintf(id, 8, "%03d", i + 1); if (!OS_IsValidID(id)) { printf(INVALID_ID, id); goto cleanup; } /* Search for ID KEY -- no duplicates */ if (IDExist(id)) { printf(NO_DEFAULT, i + 1); goto cleanup; } printf(AGENT_INFO, id, name, ip); fflush(stdout); time3 = time(0); rand2 = random(); fp = fopen(AUTH_FILE, "a"); if (!fp) { ErrorExit(FOPEN_ERROR, ARGV0, KEYS_FILE, errno, strerror(errno)); } #ifndef WIN32 if (chmod(AUTH_FILE, 0440) == -1) { ErrorExit(CHMOD_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno)); } #endif /* Random 1: Time took to write the agent information * Random 2: Time took to choose the action * Random 3: All of this + time + pid * Random 4: MD5 all of this + the name, key and IP * Random 5: Final key */ snprintf(str1, STR_SIZE, "%d%s%d", (int)(time3 - time2), name, (int)rand1); snprintf(str2, STR_SIZE, "%d%s%s%d", (int)(time2 - time1), ip, id, (int)rand2); OS_MD5_Str(str1, md1); OS_MD5_Str(str2, md2); snprintf(str1, STR_SIZE, "%s%d%d%d", md1, (int)getpid(), (int)random(), (int)time3); OS_MD5_Str(str1, md1); fprintf(fp, "%s %s %s %s%s\n", id, name, c_ip.ip, md1, md2); fclose(fp); printf(AGENT_ADD); restart_necessary = 1; cleanup: free(c_ip.ip); }; fclose(infp); return (0); }
/* Extract base64 for a specific agent */ int k_extract(const char *cmdextract) { FILE *fp; char *user_input; char *b64_enc; char line_read[FILE_SIZE + 1]; char n_id[USER_SIZE + 1]; if (cmdextract) { user_input = strdup(cmdextract); FormatID(user_input); if (!IDExist(user_input)) { printf(NO_ID, user_input); exit(1); } } else { if (!print_agents(0, 0, 0)) { printf(NO_AGENT); printf(PRESS_ENTER); read_from_user(); return (0); } while (1) { printf(EXTRACT_KEY); fflush(stdout); user_input = read_from_user(); /* quit */ if (strcmp(user_input, QUIT) == 0) { return (0); } FormatID(user_input); if (IDExist(user_input)) { break; } else { printf(NO_ID, user_input); } } } /* Try to open the auth file */ fp = fopen(AUTH_FILE, "r"); if (!fp) { ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno)); } if (fsetpos(fp, &fp_pos)) { merror("%s: Can not set fileposition.", ARGV0); exit(1); } memset(n_id, '\0', USER_SIZE + 1); strncpy(n_id, user_input, USER_SIZE - 1); if (fgets(line_read, FILE_SIZE, fp) == NULL) { printf(ERROR_KEYS); fclose(fp); exit(1); } chomp(line_read); b64_enc = encode_base64(strlen(line_read), line_read); if (b64_enc == NULL) { printf(EXTRACT_ERROR); fclose(fp); exit(1); } printf(EXTRACT_MSG, n_id, b64_enc); if (!cmdextract) { printf("\n" PRESS_ENTER); read_from_user(); } free(b64_enc); fclose(fp); return (0); }
char *OS_AddNewAgent(char *name, char *ip, char *id, char *key) { int i = 0; FILE *fp; int rand1; os_md5 md1; os_md5 md2; char str1[STR_SIZE +1]; char str2[STR_SIZE +1]; char *muname = NULL; char *finals = NULL; char nid[9]; #ifndef WIN32 #ifdef __OpenBSD__ srandomdev(); #else srandom(time(0) + getpid() + getppid()); #endif #else srandom(time(0) + getpid()); #endif rand1 = random(); muname = getuname(); snprintf(str1, STR_SIZE, "%d%s%d%s",(int)time(0), name, rand1, muname); snprintf(str2, STR_SIZE, "%s%s%ld", ip, id, (long int)random()); OS_MD5_Str(str1, md1); OS_MD5_Str(str2, md2); free(muname); nid[8] = '\0'; if(id == NULL) { i = 1024; snprintf(nid, 6, "%d", i); while(IDExist(nid)) { i++; snprintf(nid, 6, "%d", i); if(i >= 4000) { return(NULL); } } id = nid; } fp = fopen(KEYSFILE_PATH,"a"); if(!fp) { return(NULL); } os_calloc(2048, sizeof(char), finals); if (ip == NULL){ snprintf(finals, 2048, "%s %s any %s%s",id, name, md1,md2); } else { snprintf(finals, 2048, "%s %s %s %s%s",id, name, ip, md1,md2); } fprintf(fp, "%s\n",finals); fclose(fp); return(finals); }
int add_agent() { int i = 1; FILE *fp; char str1[STR_SIZE + 1]; char str2[STR_SIZE + 1]; os_md5 md1; os_md5 md2; char *user_input; char *_name; char *_id; char *_ip; char name[FILE_SIZE + 1]; char id[FILE_SIZE + 1]; char ip[FILE_SIZE + 1]; os_ip *c_ip; /* Check if we can open the auth_file */ fp = fopen(AUTH_FILE, "a"); if (!fp) { ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno)); } fclose(fp); /* Allocate for c_ip */ os_calloc(1, sizeof(os_ip), c_ip); #ifndef WIN32 if (chmod(AUTH_FILE, 0440) == -1) { ErrorExit(CHMOD_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno)); } #endif /* Set time 2 */ time2 = time(0); rand1 = random(); /* Zero strings */ memset(str1, '\0', STR_SIZE + 1); memset(str2, '\0', STR_SIZE + 1); printf(ADD_NEW); /* Get the name */ memset(name, '\0', FILE_SIZE + 1); do { printf(ADD_NAME); fflush(stdout); /* Read the agent's name from user environment. If it is invalid * we should force user to provide a name from input device. */ _name = getenv("OSSEC_AGENT_NAME"); if (_name == NULL || NameExist(_name) || !OS_IsValidName(_name)) { _name = read_from_user(); } if (strcmp(_name, QUIT) == 0) { return (0); } strncpy(name, _name, FILE_SIZE - 1); /* Check the name */ if (!OS_IsValidName(name)) { printf(INVALID_NAME, name); } /* Search for name -- no duplicates */ if (NameExist(name)) { printf(ADD_ERROR_NAME, name); } } while (NameExist(name) || !OS_IsValidName(name)); /* Get IP */ memset(ip, '\0', FILE_SIZE + 1); do { printf(ADD_IP); fflush(stdout); /* Read IP address from user's environment. If that IP is invalid, * force user to provide IP from input device */ _ip = getenv("OSSEC_AGENT_IP"); if (_ip == NULL || !OS_IsValidIP(_ip, c_ip)) { _ip = read_from_user(); } /* Quit */ if (strcmp(_ip, QUIT) == 0) { return (0); } strncpy(ip, _ip, FILE_SIZE - 1); if (!OS_IsValidIP(ip, c_ip)) { printf(IP_ERROR, ip); _ip = NULL; } } while (!_ip); do { /* Default ID */ i = MAX_AGENTS + 32512; snprintf(id, 8, "%03d", i); while (!IDExist(id)) { i--; snprintf(id, 8, "%03d", i); /* No key present, use id 0 */ if (i <= 0) { i = 0; break; } } snprintf(id, 8, "%03d", i + 1); /* Get ID */ printf(ADD_ID, id); fflush(stdout); /* Get Agent ID from environment. If 0, use default ID. If null, * get from user input. If value from environment is invalid, * we force user to specify an ID from the terminal. Otherwise, * our program goes to infinite loop. */ _id = getenv("OSSEC_AGENT_ID"); if (_id == NULL || IDExist(_id) || !OS_IsValidID(_id)) { _id = read_from_user(); } /* If user specified 0 as Agent ID, he meant use default value. * NOTE: a bad condition can cause infinite loop. */ if (strcmp(_id, "0") == 0) { strncpy(_id, id, FILE_SIZE - 1); } /* Quit */ if (strcmp(_id, QUIT) == 0) { return (0); } if (_id[0] != '\0') { strncpy(id, _id, FILE_SIZE - 1); } if (!OS_IsValidID(id)) { printf(INVALID_ID, id); } /* Search for ID KEY -- no duplicates */ if (IDExist(id)) { printf(ADD_ERROR_ID, id); } } while (IDExist(id) || !OS_IsValidID(id)); printf(AGENT_INFO, id, name, ip); fflush(stdout); do { printf(ADD_CONFIRM); /* Confirmation by an environment variable. The valid value is y/Y. * If the user provides anything other string, it is considered as * n/N; please note that the old code only accepts y/Y/n/N. So if * the variable OSSEC_ACTION_CONFIRMED is 'foobar', the program will * go into an infinite loop. */ user_input = getenv("OSSEC_ACTION_CONFIRMED"); if (user_input == NULL) { user_input = read_from_user(); } /* If user accepts to add */ if (user_input[0] == 'y' || user_input[0] == 'Y') { time3 = time(0); rand2 = random(); fp = fopen(AUTH_FILE, "a"); if (!fp) { ErrorExit(FOPEN_ERROR, ARGV0, KEYS_FILE, errno, strerror(errno)); } #ifndef WIN32 chmod(AUTH_FILE, 0440); #endif /* Random 1: Time took to write the agent information * Random 2: Time took to choose the action * Random 3: All of this + time + pid * Random 4: Md5 all of this + the name, key and IP * Random 5: Final key */ snprintf(str1, STR_SIZE, "%d%s%d", (int)(time3 - time2), name, (int)rand1); snprintf(str2, STR_SIZE, "%d%s%s%d", (int)(time2 - time1), ip, id, (int)rand2); OS_MD5_Str(str1, md1); OS_MD5_Str(str2, md2); snprintf(str1, STR_SIZE, "%s%d%d%d", md1, (int)getpid(), (int)random(), (int)time3); OS_MD5_Str(str1, md1); fprintf(fp, "%s %s %s %s%s\n", id, name, c_ip->ip, md1, md2); fclose(fp); printf(AGENT_ADD); restart_necessary = 1; break; } else { /* if(user_input[0] == 'n' || user_input[0] == 'N') */ printf(ADD_NOT); break; } } while (1); return (0); }
int remove_agent() { FILE *fp; char *user_input; char u_id[FILE_SIZE + 1]; int id_exist; u_id[FILE_SIZE] = '\0'; if (!print_agents(0, 0, 0)) { printf(NO_AGENT); return (0); } do { printf(REMOVE_ID); fflush(stdout); user_input = getenv("OSSEC_AGENT_ID"); if (user_input == NULL) { user_input = read_from_user(); } else { printf("%s\n", user_input); } if (strcmp(user_input, QUIT) == 0) { return (0); } strncpy(u_id, user_input, FILE_SIZE); id_exist = IDExist(user_input); if (!id_exist) { printf(NO_ID, user_input); /* Exit here if we are using environment variables * and our ID does not exist */ if (getenv("OSSEC_AGENT_ID")) { return (1); } } } while (!id_exist); do { printf(REMOVE_CONFIRM); fflush(stdout); user_input = getenv("OSSEC_ACTION_CONFIRMED"); if (user_input == NULL) { user_input = read_from_user(); } else { printf("%s\n", user_input); } /* If user confirms */ if (user_input[0] == 'y' || user_input[0] == 'Y') { /* Get full agent name */ char *full_name = getFullnameById(u_id); if (!full_name) { printf(NO_ID, u_id); return (1); } fp = fopen(AUTH_FILE, "r+"); if (!fp) { free(full_name); ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE, errno, strerror(errno)); } #ifndef WIN32 chmod(AUTH_FILE, 0440); #endif /* Remove the agent, but keep the id */ fsetpos(fp, &fp_pos); fprintf(fp, "%s #*#*#*#*#*#*#*#*#*#*#", u_id); fclose(fp); /* Remove counter for ID */ delete_agentinfo(full_name); OS_RemoveCounter(u_id); free(full_name); full_name = NULL; printf(REMOVE_DONE, u_id); restart_necessary = 1; break; } else { /* if(user_input[0] == 'n' || user_input[0] == 'N') */ printf(REMOVE_NOT); break; } } while (1); return (0); }
char *OS_AddNewAgent(const char *name, const char *ip, const char *id) { FILE *fp; os_md5 md1; os_md5 md2; char str1[STR_SIZE + 1]; char str2[STR_SIZE + 1]; char *muname; char *finals; char nid[9] = { '\0' }; srandom_init(); muname = getuname(); snprintf(str1, STR_SIZE, "%d%s%d%s", (int)time(0), name, (int)random(), muname); snprintf(str2, STR_SIZE, "%s%s%ld", ip, id, (long int)random()); OS_MD5_Str(str1, md1); OS_MD5_Str(str2, md2); free(muname); if (id == NULL) { #ifdef REUSE_ID int i = 1024; snprintf(nid, 6, "%d", i); while (IDExist(nid)) { i++; snprintf(nid, 6, "%d", i); if (i >= (MAX_AGENTS + 1024)) return (NULL); } #else char nid_p[9] = { '\0' }; int i = AUTHD_FIRST_ID; int j = MAX_AGENTS + AUTHD_FIRST_ID; int m = (i + j) / 2; snprintf(nid, 8, "%d", m); snprintf(nid_p, 8, "%d", m - 1); /* Dichotomic search */ while (1) { if (IDExist(nid)) { if (m == i) return NULL; i = m; } else if (!IDExist(nid_p) && m > i ) j = m; else break; m = (i + j) / 2; snprintf(nid, 8, "%d", m); snprintf(nid_p, 8, "%d", m - 1); } #endif id = nid; } fp = fopen(AUTH_FILE, "a"); if (!fp) { return (NULL); } os_calloc(2048, sizeof(char), finals); if (ip == NULL) { snprintf(finals, 2048, "%s %s any %s%s", id, name, md1, md2); } else { snprintf(finals, 2048, "%s %s %s %s%s", id, name, ip, md1, md2); } fprintf(fp, "%s\n", finals); fclose(fp); OS_AddAgentTimestamp(id, name, ip, time(0)); return (finals); }
int OS_RemoveAgent(const char *u_id) { FILE *fp; int id_exist; char *full_name; long fp_seek; size_t fp_read; char *buffer; char buf_curline[OS_BUFFER_SIZE]; struct stat fp_stat; id_exist = IDExist(u_id); if (!id_exist) return 0; full_name = getFullnameById(u_id); fp = fopen(AUTH_FILE, "r"); if (!fp) return 0; chmod(AUTH_FILE, 0440); if (stat(AUTH_FILE, &fp_stat) < 0) { fclose(fp); return 0; } buffer = malloc(fp_stat.st_size + 1); if (!buffer) { fclose(fp); return 0; } fsetpos(fp, &fp_pos); fp_seek = ftell(fp); fseek(fp, 0, SEEK_SET); fp_read = fread(buffer, sizeof(char), fp_seek, fp); if (!fgets(buf_curline, OS_BUFFER_SIZE - 2, fp)) { return 0; } #ifndef REUSE_ID char *ptr_name = strchr(buf_curline, ' '); if (!ptr_name) { free(buffer); fclose(fp); return 0; } ptr_name++; memmove(ptr_name + 1, ptr_name, strlen(ptr_name) + 1); *ptr_name = '!'; size_t curline_len = strlen(buf_curline); memcpy(buffer + fp_read, buf_curline, curline_len); fp_read += curline_len; #endif if (!feof(fp)) fp_read += fread(buffer + fp_read, sizeof(char), fp_stat.st_size, fp); fclose(fp); fp = fopen(AUTH_FILE, "w"); if (!fp) { free(buffer); return 0; } fwrite(buffer, sizeof(char), fp_read, fp); fclose(fp); free(buffer); if (full_name) delete_agentinfo(full_name); /* Remove counter for ID */ OS_RemoveCounter(u_id); OS_RemoveAgentTimestamp(u_id); return 1; }
/* remove an agent */ int remove_agent() { FILE *fp; char *user_input; char u_id[FILE_SIZE +1]; u_id[FILE_SIZE] = '\0'; if(!print_agents(0, 0, 0)) { printf(NO_AGENT); return(0); } do { printf(REMOVE_ID); fflush(stdout); user_input = getenv("OSPATROL_AGENT_ID"); if (user_input == NULL || !IDExist(user_input)) { user_input = read_from_user(); } if(strcmp(user_input, QUIT) == 0) return(0); strncpy(u_id, user_input, FILE_SIZE); if(!IDExist(user_input)) { printf(NO_ID, user_input); } } while(!IDExist(user_input)); do { printf(REMOVE_CONFIRM); fflush(stdout); user_input = getenv("OSPATROL_ACTION_CONFIRMED"); if (user_input == NULL) { user_input = read_from_user(); } /* If user confirm */ if(user_input[0] == 'y' || user_input[0] == 'Y') { /* Getting full agent name */ char *full_name = getFullnameById(u_id); if(!full_name) { ErrorExit(MEM_ERROR, ARGV0); } fp = fopen(AUTH_FILE, "r+"); if(!fp) { free(full_name); ErrorExit(FOPEN_ERROR, ARGV0, AUTH_FILE); } #ifndef WIN32 chmod(AUTH_FILE, 0440); #endif /* Removing the agent, but keeping the id. */ fsetpos(fp, &fp_pos); fprintf(fp, "%s #*#*#*#*#*#*#*#*#*#*#", u_id); fclose(fp); /* Remove counter for id */ delete_agentinfo(full_name); OS_RemoveCounter(u_id); free(full_name); full_name = NULL; printf(REMOVE_DONE, u_id); restart_necessary = 1; break; } else /* if(user_input[0] == 'n' || user_input[0] == 'N') */ { printf(REMOVE_NOT); break; } } while(1); return(0); }