void GetInterfaceInfo(void) { int fd, len, i, j; struct ifreq ifbuf[512], ifr, *ifp; struct ifconf list; struct sockaddr_in *sin; struct hostent *hp; char *sp; char ip[CF_MAXVARSIZE]; char name[CF_MAXVARSIZE]; Debug("GetInterfaceInfo()\n"); if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) { CfLog(cferror, "Couldn't open socket", "socket"); exit(1); } list.ifc_len = sizeof(ifbuf); list.ifc_req = ifbuf; #ifdef SIOCGIFCONF if (ioctl(fd, SIOCGIFCONF, &list) == -1 || (list.ifc_len < (sizeof(struct ifreq)))) #else if (ioctl(fd, OSIOCGIFCONF, &list) == -1 || (list.ifc_len < (sizeof(struct ifreq)))) #endif { CfLog(cferror, "Couldn't get interfaces", "ioctl"); exit(1); } for (j = 0, len = 0, ifp = list.ifc_req; len < list.ifc_len; len+=SIZEOF_IFREQ(*ifp), j++, ifp=&ifbuf[j]) { if (ifp->ifr_addr.sa_family == 0) { continue; } Verbose("Interface %d: %s\n", j+1, ifp->ifr_name); if(g_underscore_classes) { snprintf(g_vbuff, CF_BUFSIZE, "_net_iface_%s", CanonifyName(ifp->ifr_name)); } else { snprintf(g_vbuff, CF_BUFSIZE, "net_iface_%s", CanonifyName(ifp->ifr_name)); } AddClassToHeap(g_vbuff); if (ifp->ifr_addr.sa_family == AF_INET) { strncpy(ifr.ifr_name, ifp->ifr_name, sizeof(ifp->ifr_name)); if (ioctl(fd,SIOCGIFFLAGS,&ifr) == -1) { CfLog(cferror, "No such network device", "ioctl"); close(fd); return; } /* * Used to check if interface was "up" if ((ifr.ifr_flags & * IFF_UP) && !(ifr.ifr_flags & IFF_LOOPBACK)) Now check * whether it is configured ... */ if ((ifr.ifr_flags & IFF_BROADCAST) && !(ifr.ifr_flags & IFF_LOOPBACK)) { sin=(struct sockaddr_in *)&ifp->ifr_addr; snprintf(name, CF_MAXVARSIZE-1, "ipv4[%s]", CanonifyName(ifp->ifr_name)); AddMacroValue(g_contextid, name, inet_ntoa(sin->sin_addr)); if ((hp = gethostbyaddr((char *)&(sin->sin_addr.s_addr), sizeof(sin->sin_addr.s_addr), AF_INET)) == NULL) { Debug("Host information for %s not found\n", inet_ntoa(sin->sin_addr)); } else { if (hp->h_name != NULL) { Debug("Adding hostip %s..\n", inet_ntoa(sin->sin_addr)); AddClassToHeap(CanonifyName(inet_ntoa(sin->sin_addr))); Debug("Adding hostname %s..\n", hp->h_name); AddClassToHeap(CanonifyName(hp->h_name)); for (i=0; hp->h_aliases[i] != NULL; i++) { Debug("Adding alias %s..\n", hp->h_aliases[i]); AddClassToHeap(CanonifyName(hp->h_aliases[i])); } /* Old style compat */ strcpy(ip,inet_ntoa(sin->sin_addr)); AppendItem(&g_ipaddresses, ip, ""); for (sp = ip+strlen(ip)-1; *sp != '.'; sp--) { } *sp = '\0'; AddClassToHeap(CanonifyName(ip)); /* New style */ strcpy(ip, "ipv4_"); strcat(ip, inet_ntoa(sin->sin_addr)); AddClassToHeap(CanonifyName(ip)); for (sp = ip+strlen(ip)-1; (sp > ip); sp--) { if (*sp == '.') { *sp = '\0'; AddClassToHeap(CanonifyName(ip)); } } } } } } ifp = (struct ifreq *)((char *)ifp + SIZEOF_IFREQ(*ifp)); } close(fd); }
int CheckForModule(char *actiontxt,char *args) { struct stat statbuf; char line[CF_BUFSIZE],command[CF_EXPANDSIZE],name[CF_MAXVARSIZE],content[CF_BUFSIZE],ebuff[CF_EXPANDSIZE],*sp; FILE *pp; int print; if (NOMODULES) { return false; } if (*actiontxt == '/') { snprintf(OUTPUT,CF_BUFSIZE,"Absolute module path (%s) should be named relative to the authorized module directory",actiontxt); CfLog(cferror,OUTPUT,""); } if (GetMacroValue(CONTEXTID,"moduledirectory")) { ExpandVarstring("$(moduledirectory)",ebuff,NULL); } else { snprintf(ebuff,CF_BUFSIZE,"%s/modules",VLOCKDIR); } AddSlash(ebuff); strcat(ebuff,actiontxt); if (stat(ebuff,&statbuf) == -1) { snprintf(OUTPUT,CF_BUFSIZE*2,"(Plug-in %s not found)",ebuff); Banner(OUTPUT); return false; } if ((statbuf.st_uid != 0) && (statbuf.st_uid != getuid())) { snprintf(OUTPUT,CF_BUFSIZE*2,"Module %s was not owned by uid=%d executing cfagent\n",ebuff,getuid()); CfLog(cferror,OUTPUT,""); return false; } snprintf(OUTPUT,CF_BUFSIZE*2,"Plug-in `%s\'",actiontxt); Banner(OUTPUT); strcat(ebuff," "); if (BufferOverflow(ebuff,args)) { snprintf(OUTPUT,CF_BUFSIZE*2,"Culprit: class list for module (shouldn't happen)\n" ); CfLog(cferror,OUTPUT,""); return false; } strcat(ebuff,args); ExpandVarstring(ebuff,command,NULL); Verbose("Exec module [%s]\n",command); if ((pp = cfpopen(command,"r")) == NULL) { snprintf(OUTPUT,CF_BUFSIZE*2,"Couldn't open pipe from %s\n",actiontxt); CfLog(cferror,OUTPUT,"cfpopen"); return false; } while (!feof(pp)) { if (ferror(pp)) /* abortable */ { snprintf(OUTPUT,CF_BUFSIZE*2,"Shell command pipe %s\n",actiontxt); CfLog(cferror,OUTPUT,"ferror"); break; } ReadLine(line,CF_BUFSIZE,pp); if (strlen(line) > CF_BUFSIZE - 80) { snprintf(OUTPUT,CF_BUFSIZE*2,"Line from module %s is too long to be sensible\n",actiontxt); CfLog(cferror,OUTPUT,""); break; } if (ferror(pp)) /* abortable */ { snprintf(OUTPUT,CF_BUFSIZE*2,"Shell command pipe %s\n",actiontxt); CfLog(cferror,OUTPUT,"ferror"); break; } print = false; for (sp = line; *sp != '\0'; sp++) { if (! isspace((int)*sp)) { print = true; break; } } switch (*line) { case '+': Verbose("Activated classes: %s\n",line+1); CheckClass(line+1,command); AddMultipleClasses(line+1); break; case '-': Verbose("Deactivated classes: %s\n",line+1); CheckClass(line+1,command); NegateCompoundClass(line+1,&VNEGHEAP); break; case '=': content[0] = '\0'; sscanf(line+1,"%[^=]=%[^\n]",name,content); Verbose("Defined Macro: %s, Value: %s\n",name,content); AddMacroValue(CONTEXTID,name,content); break; default: if (print) { snprintf(OUTPUT,CF_BUFSIZE,"%s: %s\n",actiontxt,line); CfLog(cferror,OUTPUT,""); } } } cfpclose(pp); return true; }