/* This function inits the counters */
void destroy_counters(void)
{
sd.changes = 0UL;
sd.crypto = 0UL;
sd.acct_changes = 0UL;
sd.good_logins = 0UL;
sd.bad_logins = 0UL;
sd.good_auth = 0UL;
sd.bad_auth = 0UL;
sd.events = 0UL;
sd.avcs = 0UL;
sd.mac = 0UL;
sd.failed_syscalls = 0UL;
sd.anomalies = 0UL;
sd.responses = 0UL;
slist_clear(&sd.users);
slist_clear(&sd.terms);
slist_clear(&sd.files);
slist_clear(&sd.hosts);
slist_clear(&sd.exes);
slist_clear(&sd.avc_objs);
slist_clear(&sd.keys);
ilist_clear(&sd.pids);
ilist_clear(&sd.sys_list);
ilist_clear(&sd.anom_list);
ilist_create(&sd.mac_list);
ilist_clear(&sd.resp_list);
ilist_create(&sd.crypto_list);
}
/**
Ordered local closest node lookup
@return k neighbors in a list
*/
struct ilist*
KDA_Closest(KDA_ID object_id)
{
NOTE_FX(object_id);
struct ilist* result = ilist_create();
int d = XOR(self->id, object_id);
ilist_add(result, d, self);
for (int i = 0; i < KDA_SPACE_SIZE; i++)
{
for (struct list_item* item = k_bucket[i]->head;
item; item = item->next)
{
KDA_Neighbor* neighbor = (KDA_Neighbor*) item->data;
d = XOR(neighbor->id, object_id);
if (result->size < k)
{
ilist_ordered_insert(result, d, neighbor);
}
else if (d < result->tail->key)
{
ilist_ordered_insert(result, d, neighbor);
ilist_pop(result);
}
}
}
return result;
}
int main(void)
{
int i = 0;
ilist e;
int_node *node;
ilist_create(&e);
ilist_add_if_uniq(&e, 6, 0);
ilist_add_if_uniq(&e, 5, 0);
ilist_add_if_uniq(&e, 7, 0);
ilist_add_if_uniq(&e, 1, 0);
ilist_add_if_uniq(&e, 8, 0);
ilist_add_if_uniq(&e, 2, 0);
ilist_add_if_uniq(&e, 9, 0);
ilist_add_if_uniq(&e, 0, 0);
ilist_add_if_uniq(&e, 4, 0);
ilist_add_if_uniq(&e, 3, 0);
ilist_first(&e);
do {
node = ilist_get_cur(&e);
if (i != node->num) {
printf("Test failed - i:%d != num:%d\n", i, node->num);
return 1;
}
i++;
} while ((node = ilist_next(&e)));
ilist_clear(&e);
printf("ilist test passed\n");
return 0;
}
static int convert_str_to_msg(const char *optarg)
{
int tmp, retval = 0;
if (isdigit(optarg[0])) {
errno = 0;
tmp = strtoul(optarg, NULL, 10);
if (errno) {
fprintf(stderr,
"Numeric message type conversion error (%s) for %s\n",
strerror(errno), optarg);
retval = -1;
}
} else {
tmp = audit_name_to_msg_type(optarg);
if (tmp < 0)
retval = -1;
}
if (retval == 0) {
if (event_type == NULL) {
event_type = malloc(sizeof(ilist));
if (event_type == NULL)
return -1;
ilist_create(event_type);
}
ilist_append(event_type, tmp, 1, 0);
}
return retval;
}
/*
* Set everything to its default value
*/
void clear_config(prelude_conf_t *config)
{
config->profile = strdup("auditd");
config->avcs = E_YES;
config->avcs_act = A_IDMEF;
config->logins = E_YES;
config->logins_act = A_IDMEF;
config->login_failure_max = E_YES;
config->login_failure_max_act = A_IDMEF;
config->login_session_max = E_YES;
config->login_session_max_act = A_IDMEF;
config->login_location = E_YES;
config->login_location_act = A_IDMEF;
config->login_time = E_YES;
config->login_time_act = A_IDMEF;
config->abends = E_YES;
config->abends_act = A_IDMEF;
config->promiscuous = E_YES;
config->promiscuous_act = A_IDMEF;
config->mac_status = E_YES;
config->mac_status_act = A_IDMEF;
config->group_auth = E_YES;
config->group_auth_act = A_IDMEF;
config->watched_acct = E_YES;
config->watched_acct_act = A_IDMEF;
config->watched_syscall = E_YES;
config->watched_syscall_act = A_IDMEF;
config->watched_file = E_YES;
config->watched_file_act = A_IDMEF;
config->watched_exec = E_YES;
config->watched_exec_act = A_IDMEF;
config->watched_mk_exe = E_YES;
config->watched_mk_exe_act = A_IDMEF;
config->tty = E_NO;
config->tty_act = A_IDMEF;
ilist_create(&config->watched_accounts);
}
int main(void)
{
int i = 0;
ilist e;
int_node *node;
ilist_create(&e);
// This first test checks to see if list is
// created in a numeric order
ilist_add_if_uniq(&e, 6, 0);
ilist_add_if_uniq(&e, 5, 0);
ilist_add_if_uniq(&e, 7, 0);
ilist_add_if_uniq(&e, 1, 0);
ilist_add_if_uniq(&e, 8, 0);
ilist_add_if_uniq(&e, 2, 0);
ilist_add_if_uniq(&e, 9, 0);
ilist_add_if_uniq(&e, 0, 0);
ilist_add_if_uniq(&e, 4, 0);
ilist_add_if_uniq(&e, 3, 0);
ilist_first(&e);
do {
node = ilist_get_cur(&e);
if (i != node->num) {
printf("Test failed - i:%d != num:%d\n", i, node->num);
return 1;
}
i++;
} while ((node = ilist_next(&e)));
ilist_clear(&e);
puts("starting sort test");
// Now test to see if the sort function works
// Fill the list exactly backwards
ilist_add_if_uniq(&e, 3, 0);
ilist_add_if_uniq(&e, 3, 0);
ilist_add_if_uniq(&e, 4, 0);
ilist_add_if_uniq(&e, 3, 0);
ilist_add_if_uniq(&e, 4, 0);
ilist_add_if_uniq(&e, 2, 0);
ilist_add_if_uniq(&e, 4, 0);
ilist_add_if_uniq(&e, 2, 0);
ilist_add_if_uniq(&e, 4, 0);
ilist_add_if_uniq(&e, 1, 0);
ilist_sort_by_hits(&e);
i = 0;
ilist_first(&e);
do {
node = ilist_get_cur(&e);
if (node->hits != (4-i)) {
printf("Sort test failed - i:%d != ihits:%d\n", i, node->hits);
return 1;
}
i++;
} while ((node = ilist_next(&e)));
ilist_clear(&e);
printf("ilist tests passed\n");
return 0;
}
