/* Search the DB for any entry related to the file being received */ static int DB_Search(const char *f_name, char *c_sum, Eventinfo *lf) { int p = 0; size_t sn_size; int agent_id; char *saved_sum; char *saved_name; FILE *fp; SyscheckSum oldsum; SyscheckSum newsum; /* Get db pointer */ fp = DB_File(lf->location, &agent_id); if (!fp) { merror("%s: Error handling integrity database.", ARGV0); sdb.db_err++; lf->data = NULL; return (0); } /* Read the integrity file and search for a possible entry */ if (fgetpos(fp, &sdb.init_pos) == -1) { merror("%s: Error handling integrity database (fgetpos).", ARGV0); return (0); } /* Loop over the file */ while (fgets(sdb.buf, OS_MAXSTR, fp) != NULL) { /* Ignore blank lines and lines with a comment */ if (sdb.buf[0] == '\n' || sdb.buf[0] == '#') { fgetpos(fp, &sdb.init_pos); /* Get next location */ continue; } /* Get name */ saved_name = strchr(sdb.buf, ' '); if (saved_name == NULL) { merror("%s: Invalid integrity message in the database.", ARGV0); fgetpos(fp, &sdb.init_pos); /* Get next location */ continue; } *saved_name = '\0'; saved_name++; /* New format - with a timestamp */ if (*saved_name == '!') { saved_name = strchr(saved_name, ' '); if (saved_name == NULL) { merror("%s: Invalid integrity message in the database", ARGV0); fgetpos(fp, &sdb.init_pos); /* Get next location */ continue; } saved_name++; } /* Remove newline from saved_name */ sn_size = strlen(saved_name); sn_size -= 1; if (saved_name[sn_size] == '\n') { saved_name[sn_size] = '\0'; } /* If name is different, go to next one */ if (strcmp(f_name, saved_name) != 0) { /* Save current location */ fgetpos(fp, &sdb.init_pos); continue; } saved_sum = sdb.buf; /* First three bytes are for frequency check */ saved_sum += 3; /* Checksum match, we can just return and keep going */ if (strcmp(saved_sum, c_sum) == 0) { lf->data = NULL; return (0); } debug2("Agent: %d, location: <%s>, file: <%s>, sum: <%s>, saved: <%s>", agent_id, lf->location, f_name, c_sum, saved_sum); /* If we reached here, the checksum of the file has changed */ if (saved_sum[-3] == '!') { p++; if (saved_sum[-2] == '!') { p++; if (saved_sum[-1] == '!') { p++; } else if (saved_sum[-1] == '?') { p += 2; } } } /* Check the number of changes */ if (!Config.syscheck_auto_ignore) { sdb.syscheck_dec->id = sdb.id1; } else { switch (p) { case 0: sdb.syscheck_dec->id = sdb.id1; break; case 1: sdb.syscheck_dec->id = sdb.id2; break; case 2: sdb.syscheck_dec->id = sdb.id3; break; default: lf->data = NULL; return (0); break; } } /* Add new checksum to the database */ /* Commenting the file entry and adding a new one later */ if (fsetpos(fp, &sdb.init_pos)) { merror("%s: Error handling integrity database (fsetpos).", ARGV0); return (0); } fputc('#', fp); /* Add the new entry at the end of the file */ fseek(fp, 0, SEEK_END); fprintf(fp, "%c%c%c%s !%ld %s\n", '!', p >= 1 ? '!' : '+', p == 2 ? '!' : (p > 2) ? '?' : '+', c_sum, (long int)lf->time, f_name); fflush(fp); switch (DecodeSum(&newsum, c_sum)) { case -1: merror("%s: ERROR: Couldn't decode syscheck sum from log.", ARGV0); lf->data = NULL; return 0; case 0: switch (DecodeSum(&oldsum, saved_sum)) { case -1: merror("%s: ERROR: Couldn't decode syscheck sum from database.", ARGV0); lf->data = NULL; return 0; case 0: FillEvent(lf, f_name, &newsum); /* Generate size message */ if (!oldsum.size || !newsum.size || strcmp(oldsum.size, newsum.size) == 0) { sdb.size[0] = '\0'; } else { snprintf(sdb.size, OS_FLSIZE, "Size changed from '%s' to '%s'\n", oldsum.size, newsum.size); os_strdup(oldsum.size, lf->size_before); } /* Permission message */ if (oldsum.perm == newsum.perm) { sdb.perm[0] = '\0'; } else if (oldsum.perm > 0 && newsum.perm > 0) { snprintf(sdb.perm, OS_FLSIZE, "Permissions changed from " "'%c%c%c%c%c%c%c%c%c' " "to '%c%c%c%c%c%c%c%c%c'\n", (oldsum.perm & S_IRUSR) ? 'r' : '-', (oldsum.perm & S_IWUSR) ? 'w' : '-', (oldsum.perm & S_ISUID) ? 's' : (oldsum.perm & S_IXUSR) ? 'x' : '-', (oldsum.perm & S_IRGRP) ? 'r' : '-', (oldsum.perm & S_IWGRP) ? 'w' : '-', (oldsum.perm & S_ISGID) ? 's' : (oldsum.perm & S_IXGRP) ? 'x' : '-', (oldsum.perm & S_IROTH) ? 'r' : '-', (oldsum.perm & S_IWOTH) ? 'w' : '-', (oldsum.perm & S_ISVTX) ? 't' : (oldsum.perm & S_IXOTH) ? 'x' : '-', (newsum.perm & S_IRUSR) ? 'r' : '-', (newsum.perm & S_IWUSR) ? 'w' : '-', (newsum.perm & S_ISUID) ? 's' : (newsum.perm & S_IXUSR) ? 'x' : '-', (newsum.perm & S_IRGRP) ? 'r' : '-', (newsum.perm & S_IWGRP) ? 'w' : '-', (newsum.perm & S_ISGID) ? 's' : (newsum.perm & S_IXGRP) ? 'x' : '-', (newsum.perm & S_IROTH) ? 'r' : '-', (newsum.perm & S_IWOTH) ? 'w' : '-', (newsum.perm & S_ISVTX) ? 't' : (newsum.perm & S_IXOTH) ? 'x' : '-'); lf->perm_before = oldsum.perm; } /* Ownership message */ if (!newsum.uid || !oldsum.uid || strcmp(newsum.uid, oldsum.uid) == 0) { sdb.owner[0] = '\0'; } else { if (oldsum.uname && newsum.uname) { snprintf(sdb.owner, OS_FLSIZE, "Ownership was '%s (%s)', now it is '%s (%s)'\n", oldsum.uname, oldsum.uid, newsum.uname, newsum.uid); os_strdup(oldsum.uname, lf->uname_before); } else snprintf(sdb.owner, OS_FLSIZE, "Ownership was '%s', " "now it is '%s'\n", oldsum.uid, newsum.uid); os_strdup(oldsum.uid, lf->owner_before); } /* Group ownership message */ if (!newsum.gid || !oldsum.gid || strcmp(newsum.gid, oldsum.gid) == 0) { sdb.gowner[0] = '\0'; } else { if (oldsum.gname && newsum.gname) { snprintf(sdb.owner, OS_FLSIZE, "Group ownership was '%s (%s)', now it is '%s (%s)'\n", oldsum.gname, oldsum.gid, newsum.gname, newsum.gid); os_strdup(oldsum.gname, lf->gname_before); } else snprintf(sdb.gowner, OS_FLSIZE, "Group ownership was '%s', " "now it is '%s'\n", oldsum.gid, newsum.gid); os_strdup(oldsum.gid, lf->gowner_before); } /* MD5 message */ if (!newsum.md5 || !oldsum.md5 || strcmp(newsum.md5, oldsum.md5) == 0) { sdb.md5[0] = '\0'; } else { snprintf(sdb.md5, OS_FLSIZE, "Old md5sum was: '%s'\n" "New md5sum is : '%s'\n", oldsum.md5, newsum.md5); os_strdup(oldsum.md5, lf->md5_before); } /* SHA-1 message */ if (!newsum.sha1 || !oldsum.sha1 || strcmp(newsum.sha1, oldsum.sha1) == 0) { sdb.sha1[0] = '\0'; } else { snprintf(sdb.sha1, OS_FLSIZE, "Old sha1sum was: '%s'\n" "New sha1sum is : '%s'\n", oldsum.sha1, newsum.sha1); os_strdup(oldsum.sha1, lf->sha1_before); } /* Modification time message */ if (oldsum.mtime && newsum.mtime && oldsum.mtime != newsum.mtime) { char *old_ctime = strdup(ctime(&oldsum.mtime)); char *new_ctime = strdup(ctime(&newsum.mtime)); old_ctime[strlen(old_ctime) - 1] = '\0'; new_ctime[strlen(new_ctime) - 1] = '\0'; snprintf(sdb.mtime, OS_FLSIZE, "Old modification time was: '%s', now it is '%s'\n", old_ctime, new_ctime); lf->mtime_before = oldsum.mtime; free(old_ctime); free(new_ctime); } else { sdb.mtime[0] = '\0'; } /* Inode message */ if (oldsum.inode && newsum.inode && oldsum.inode != newsum.inode) { snprintf(sdb.mtime, OS_FLSIZE, "Old inode was: '%ld', now it is '%ld'\n", oldsum.inode, newsum.inode); lf->inode_before = oldsum.inode; } else { sdb.inode[0] = '\0'; } /* Provide information about the file */ snprintf(sdb.comment, OS_MAXSTR, "Integrity checksum changed for: " "'%.756s'\n" "%s" "%s" "%s" "%s" "%s" "%s" "%s%s", f_name, sdb.size, sdb.perm, sdb.owner, sdb.gowner, sdb.md5, sdb.sha1, lf->data == NULL ? "" : "What changed:\n", lf->data == NULL ? "" : lf->data ); if (lf->data) os_strdup(lf->data, lf->diff); lf->event_type = FIM_MODIFIED; if (wdb_insert_fim(lf->agent_id ? atoi(lf->agent_id) : 0, lf->location, f_name, "modified", &newsum, (long int)lf->time) < 0) { merror("%s: ERROR: Couldn't insert FIM event into database.", ARGV0); debug1("%s: DEBUG: Agent: '%s', file: '%s'", ARGV0, lf->agent_id ? lf->agent_id : "0", f_name); } break; case 1: /* If file was re-added, do not compare changes */ sdb.syscheck_dec->id = sdb.idn; lf->event_type = FIM_READDED; FillEvent(lf, f_name, &newsum); snprintf(sdb.comment, OS_MAXSTR, "File '%.756s' was re-added.", f_name); if (wdb_insert_fim(lf->agent_id ? atoi(lf->agent_id) : 0, lf->location, f_name, "readded", &newsum, (long int)lf->time) < 0) { merror("%s: ERROR: Couldn't insert FIM event into database.", ARGV0); debug1("%s: DEBUG: Agent: '%s', file: '%s'", ARGV0, lf->agent_id ? lf->agent_id : "0", f_name); } break; } break; case 1: /* File deleted */ sdb.syscheck_dec->id = sdb.idd; os_strdup(f_name, lf->filename); lf->event_type = FIM_DELETED; snprintf(sdb.comment, OS_MAXSTR, "File '%.756s' was deleted. Unable to retrieve " "checksum.", f_name); if (wdb_insert_fim(lf->agent_id ? atoi(lf->agent_id) : 0, lf->location, f_name, "deleted", NULL, (long int)lf->time) < 0) { merror("%s: ERROR: Couldn't insert FIM event into database.", ARGV0); debug1("%s: DEBUG: Agent: '%s', file: '%s'", ARGV0, lf->agent_id ? lf->agent_id : "0", f_name); } } /* Create a new log message */ free(lf->full_log); os_strdup(sdb.comment, lf->full_log); lf->log = lf->full_log; lf->data = NULL; /* Set decoder */ lf->decoder_info = sdb.syscheck_dec; return (1); } /* Continue */ /* If we reach here, this file is not present in our database */ fseek(fp, 0, SEEK_END); fprintf(fp, "+++%s !%ld %s\n", c_sum, (long int)lf->time, f_name); fflush(fp); /* Insert row in SQLite DB*/ switch (DecodeSum(&newsum, c_sum)) { case -1: merror("%s: ERROR: Couldn't decode syscheck sum from log.", ARGV0); break; case 0: lf->event_type = FIM_ADDED; if (wdb_insert_fim(lf->agent_id ? atoi(lf->agent_id) : 0, lf->location, f_name, "added", &newsum, (long int)lf->time) < 0) { merror("%s: ERROR: Couldn't insert FIM event into database.", ARGV0); debug1("%s: DEBUG: Agent: '%s', file: '%s'", ARGV0, lf->agent_id ? lf->agent_id : "0", f_name); } /* Alert if configured to notify on new files */ if ((Config.syscheck_alert_new == 1) && DB_IsCompleted(agent_id)) { sdb.syscheck_dec->id = sdb.idn; FillEvent(lf, f_name, &newsum); /* New file message */ snprintf(sdb.comment, OS_MAXSTR, "New file '%.756s' " "added to the file system.", f_name); /* Create a new log message */ free(lf->full_log); os_strdup(sdb.comment, lf->full_log); lf->log = lf->full_log; /* Set decoder */ lf->decoder_info = sdb.syscheck_dec; lf->data = NULL; return (1); } break; case 1: merror("%s: WARN: Missing file entry.", ARGV0); break; } lf->data = NULL; return (0); }
static void wpa_init_conf(struct eapol_test_data *e, struct wpa_supplicant *wpa_s, const char *authsrv, int port, const char *secret, const char *cli_addr) { struct hostapd_radius_server *as; int res; wpa_s->bssid[5] = 1; os_memcpy(wpa_s->own_addr, e->own_addr, ETH_ALEN); e->own_ip_addr.s_addr = htonl((127 << 24) | 1); os_strlcpy(wpa_s->ifname, "test", sizeof(wpa_s->ifname)); e->radius_conf = os_zalloc(sizeof(struct hostapd_radius_servers)); assert(e->radius_conf != NULL); e->radius_conf->num_auth_servers = 1; as = os_zalloc(sizeof(struct hostapd_radius_server)); assert(as != NULL); #if defined(CONFIG_NATIVE_WINDOWS) || defined(CONFIG_ANSI_C_EXTRA) { int a[4]; u8 *pos; sscanf(authsrv, "%d.%d.%d.%d", &a[0], &a[1], &a[2], &a[3]); pos = (u8 *) &as->addr.u.v4; *pos++ = a[0]; *pos++ = a[1]; *pos++ = a[2]; *pos++ = a[3]; } #else /* CONFIG_NATIVE_WINDOWS or CONFIG_ANSI_C_EXTRA */ if (inet_aton(authsrv, &as->addr.u.v4) < 0) { wpa_printf(MSG_ERROR, "Invalid IP address '%s'", authsrv); assert(0); } #endif /* CONFIG_NATIVE_WINDOWS or CONFIG_ANSI_C_EXTRA */ as->addr.af = AF_INET; as->port = port; as->shared_secret = (u8 *) os_strdup(secret); as->shared_secret_len = os_strlen(secret); e->radius_conf->auth_server = as; e->radius_conf->auth_servers = as; e->radius_conf->msg_dumps = 1; if (cli_addr) { if (hostapd_parse_ip_addr(cli_addr, &e->radius_conf->client_addr) == 0) e->radius_conf->force_client_addr = 1; else { wpa_printf(MSG_ERROR, "Invalid IP address '%s'", cli_addr); assert(0); } } e->radius = radius_client_init(wpa_s, e->radius_conf); assert(e->radius != NULL); res = radius_client_register(e->radius, RADIUS_AUTH, ieee802_1x_receive_auth, e); assert(res == 0); }
static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, struct hostapd_config *conf) { struct hostapd_bss_config *bss = conf->bss[0]; conf->driver = wpa_s->driver; os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency, &conf->channel); if (conf->hw_mode == NUM_HOSTAPD_MODES) { wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", ssid->frequency); return -1; } wpa_supplicant_conf_ap_ht(wpa_s, ssid, conf); if (ieee80211_is_dfs(ssid->frequency) && wpa_s->conf->country[0]) { conf->ieee80211h = 1; conf->ieee80211d = 1; conf->country[0] = wpa_s->conf->country[0]; conf->country[1] = wpa_s->conf->country[1]; } #ifdef CONFIG_P2P if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G && (ssid->mode == WPAS_MODE_P2P_GO || ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) { /* Remove 802.11b rates from supported and basic rate sets */ int *list = os_malloc(4 * sizeof(int)); if (list) { list[0] = 60; list[1] = 120; list[2] = 240; list[3] = -1; } conf->basic_rates = list; list = os_malloc(9 * sizeof(int)); if (list) { list[0] = 60; list[1] = 90; list[2] = 120; list[3] = 180; list[4] = 240; list[5] = 360; list[6] = 480; list[7] = 540; list[8] = -1; } conf->supported_rates = list; } bss->isolate = !wpa_s->conf->p2p_intra_bss; bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk; if (ssid->p2p_group) { os_memcpy(bss->ip_addr_go, wpa_s->parent->conf->ip_addr_go, 4); os_memcpy(bss->ip_addr_mask, wpa_s->parent->conf->ip_addr_mask, 4); os_memcpy(bss->ip_addr_start, wpa_s->parent->conf->ip_addr_start, 4); os_memcpy(bss->ip_addr_end, wpa_s->parent->conf->ip_addr_end, 4); } #endif /* CONFIG_P2P */ if (ssid->ssid_len == 0) { wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); return -1; } os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); bss->ssid.ssid_len = ssid->ssid_len; bss->ssid.ssid_set = 1; bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid; if (ssid->auth_alg) bss->auth_algs = ssid->auth_alg; if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) bss->wpa = ssid->proto; bss->wpa_key_mgmt = ssid->key_mgmt; bss->wpa_pairwise = ssid->pairwise_cipher; if (ssid->psk_set) { bin_clear_free(bss->ssid.wpa_psk, sizeof(*bss->ssid.wpa_psk)); bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); if (bss->ssid.wpa_psk == NULL) return -1; os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); bss->ssid.wpa_psk->group = 1; } else if (ssid->passphrase) { bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || ssid->wep_key_len[2] || ssid->wep_key_len[3]) { struct hostapd_wep_keys *wep = &bss->ssid.wep; int i; for (i = 0; i < NUM_WEP_KEYS; i++) { if (ssid->wep_key_len[i] == 0) continue; wep->key[i] = os_malloc(ssid->wep_key_len[i]); if (wep->key[i] == NULL) return -1; os_memcpy(wep->key[i], ssid->wep_key[i], ssid->wep_key_len[i]); wep->len[i] = ssid->wep_key_len[i]; } wep->idx = ssid->wep_tx_keyidx; wep->keys_set = 1; } if (ssid->ap_max_inactivity) bss->ap_max_inactivity = ssid->ap_max_inactivity; if (ssid->dtim_period) bss->dtim_period = ssid->dtim_period; else if (wpa_s->conf->dtim_period) bss->dtim_period = wpa_s->conf->dtim_period; if (ssid->beacon_int) conf->beacon_int = ssid->beacon_int; else if (wpa_s->conf->beacon_int) conf->beacon_int = wpa_s->conf->beacon_int; #ifdef CONFIG_P2P if (wpa_s->conf->p2p_go_ctwindow > conf->beacon_int) { wpa_printf(MSG_INFO, "CTWindow (%d) is bigger than beacon interval (%d) - avoid configuring it", wpa_s->conf->p2p_go_ctwindow, conf->beacon_int); conf->p2p_go_ctwindow = 0; } else { conf->p2p_go_ctwindow = wpa_s->conf->p2p_go_ctwindow; } #endif /* CONFIG_P2P */ if ((bss->wpa & 2) && bss->rsn_pairwise == 0) bss->rsn_pairwise = bss->wpa_pairwise; bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise, bss->rsn_pairwise); if (bss->wpa && bss->ieee802_1x) bss->ssid.security_policy = SECURITY_WPA; else if (bss->wpa) bss->ssid.security_policy = SECURITY_WPA_PSK; else if (bss->ieee802_1x) { int cipher = WPA_CIPHER_NONE; bss->ssid.security_policy = SECURITY_IEEE_802_1X; bss->ssid.wep.default_len = bss->default_wep_key_len; if (bss->default_wep_key_len) cipher = bss->default_wep_key_len >= 13 ? WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; bss->wpa_group = cipher; bss->wpa_pairwise = cipher; bss->rsn_pairwise = cipher; } else if (bss->ssid.wep.keys_set) { int cipher = WPA_CIPHER_WEP40; if (bss->ssid.wep.len[0] >= 13) cipher = WPA_CIPHER_WEP104; bss->ssid.security_policy = SECURITY_STATIC_WEP; bss->wpa_group = cipher; bss->wpa_pairwise = cipher; bss->rsn_pairwise = cipher; } else { bss->ssid.security_policy = SECURITY_PLAINTEXT; bss->wpa_group = WPA_CIPHER_NONE; bss->wpa_pairwise = WPA_CIPHER_NONE; bss->rsn_pairwise = WPA_CIPHER_NONE; } if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) && (bss->wpa_group == WPA_CIPHER_CCMP || bss->wpa_group == WPA_CIPHER_GCMP || bss->wpa_group == WPA_CIPHER_CCMP_256 || bss->wpa_group == WPA_CIPHER_GCMP_256)) { /* * Strong ciphers do not need frequent rekeying, so increase * the default GTK rekeying period to 24 hours. */ bss->wpa_group_rekey = 86400; } #ifdef CONFIG_IEEE80211W if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) bss->ieee80211w = ssid->ieee80211w; #endif /* CONFIG_IEEE80211W */ #ifdef CONFIG_WPS /* * Enable WPS by default for open and WPA/WPA2-Personal network, but * require user interaction to actually use it. Only the internal * Registrar is supported. */ if (bss->ssid.security_policy != SECURITY_WPA_PSK && bss->ssid.security_policy != SECURITY_PLAINTEXT) goto no_wps; if (bss->ssid.security_policy == SECURITY_WPA_PSK && (!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) || !(bss->wpa & 2))) goto no_wps; /* WPS2 does not allow WPA/TKIP-only * configuration */ bss->eap_server = 1; if (!ssid->ignore_broadcast_ssid) bss->wps_state = 2; bss->ap_setup_locked = 2; if (wpa_s->conf->config_methods) bss->config_methods = os_strdup(wpa_s->conf->config_methods); os_memcpy(bss->device_type, wpa_s->conf->device_type, WPS_DEV_TYPE_LEN); if (wpa_s->conf->device_name) { bss->device_name = os_strdup(wpa_s->conf->device_name); bss->friendly_name = os_strdup(wpa_s->conf->device_name); } if (wpa_s->conf->manufacturer) bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); if (wpa_s->conf->model_name) bss->model_name = os_strdup(wpa_s->conf->model_name); if (wpa_s->conf->model_number) bss->model_number = os_strdup(wpa_s->conf->model_number); if (wpa_s->conf->serial_number) bss->serial_number = os_strdup(wpa_s->conf->serial_number); if (is_nil_uuid(wpa_s->conf->uuid)) os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); else os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1; no_wps: #endif /* CONFIG_WPS */ if (wpa_s->max_stations && wpa_s->max_stations < wpa_s->conf->max_num_sta) bss->max_num_sta = wpa_s->max_stations; else bss->max_num_sta = wpa_s->conf->max_num_sta; bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; if (wpa_s->conf->ap_vendor_elements) { bss->vendor_elements = wpabuf_dup(wpa_s->conf->ap_vendor_elements); } return 0; }
/*--------------------------------------------------------------------------*/ BOOL InitializeJVM(void) { BOOL bOK = FALSE; char *sciPath = NULL; sciPath = getSCI(); if (!startJVM(sciPath)) { #ifdef _MSC_VER MessageBox(NULL, gettext("\nScilab cannot open JVM library.\n"), gettext("Error"), MB_ICONEXCLAMATION | MB_OK); #else fprintf(stderr, _("\nScilab cannot open JVM library.\n")); #endif } else { DoLoadLibrarypathInEtc(sciPath); DoLoadClasspathInEtc(sciPath); if (!createMainScilabObject()) { char *errorMsg = os_strdup(gettext("\nScilab cannot create Scilab Java Main-Class (we have not been able to find the main Scilab class. Check if the Scilab and thirdparty packages are available).\n")); if (IsFromJava()) { char *errorMsg2 = gettext("If Scilab is used from Java, make sure that your IDE (ex: Netbeans, etc) is not adding extra dependencies which could not be found at runtime.\n"); char *tempMsg = (char*)MALLOC(sizeof(char) * (strlen(errorMsg) + strlen(errorMsg2) + 1)); if (tempMsg) { strcpy(tempMsg, errorMsg); strcat(tempMsg, errorMsg2); FREE(errorMsg); errorMsg = tempMsg; } } #ifdef _MSC_VER MessageBox(NULL, errorMsg, gettext("Error"), MB_ICONEXCLAMATION | MB_OK); #else fprintf(stderr, "%s", errorMsg); #endif if (errorMsg) { FREE(errorMsg); errorMsg = NULL; } } else { bOK = TRUE; } } if (sciPath) { FREE(sciPath); sciPath = NULL; } if (!bOK) { exit(1); } return TRUE; }
struct wowlan_triggers * wpa_get_wowlan_triggers(const char *wowlan_triggers, const struct wpa_driver_capa *capa) { struct wowlan_triggers *triggers; char *start, *end, *buf; int last; if (!wowlan_triggers) return NULL; buf = os_strdup(wowlan_triggers); if (buf == NULL) return NULL; triggers = os_zalloc(sizeof(*triggers)); if (triggers == NULL) goto out; #define CHECK_TRIGGER(trigger) \ wpa_check_wowlan_trigger(start, #trigger, \ capa->wowlan_triggers.trigger, \ &triggers->trigger) start = buf; while (*start != '\0') { while (isblank(*start)) start++; if (*start == '\0') break; end = start; while (!isblank(*end) && *end != '\0') end++; last = *end == '\0'; *end = '\0'; if (!CHECK_TRIGGER(any) && !CHECK_TRIGGER(disconnect) && !CHECK_TRIGGER(magic_pkt) && !CHECK_TRIGGER(gtk_rekey_failure) && !CHECK_TRIGGER(eap_identity_req) && !CHECK_TRIGGER(four_way_handshake) && !CHECK_TRIGGER(rfkill_release)) { wpa_printf(MSG_DEBUG, "Unknown/unsupported wowlan trigger '%s'", start); os_free(triggers); triggers = NULL; goto out; } if (last) break; start = end + 1; } #undef CHECK_TRIGGER out: os_free(buf); return triggers; }
/** alert_data *GetAlertData(FILE *fp) * Returns alert data for the file specified */ alert_data *GetAlertData(int flag, FILE *fp) { int _r = 0, log_size = 0, issyscheck = 0; char *p; char *alertid = NULL; char *date = NULL; char *comment = NULL; char *location = NULL; char *srcip = NULL; char *dstip = NULL; char *user = NULL; char *group = NULL; char *filename = NULL; char *old_md5 = NULL; char *new_md5 = NULL; char *old_sha1 = NULL; char *new_sha1 = NULL; char **log = NULL; #ifdef GEOIP char *geoipdatasrc = NULL; char *geoipdatadst = NULL; #endif int level, rule, srcport = 0, dstport = 0; char str[OS_BUFFER_SIZE+1]; str[OS_BUFFER_SIZE]='\0'; while(fgets(str, OS_BUFFER_SIZE, fp) != NULL) { /* Enf of alert */ if(strcmp(str, "\n") == 0 && log_size > 0) { /* Found in here */ if(_r == 2) { alert_data *al_data; os_calloc(1, sizeof(alert_data), al_data); al_data->alertid = alertid; al_data->level = level; al_data->rule = rule; al_data->location = location; al_data->comment = comment; al_data->group = group; al_data->log = log; al_data->srcip = srcip; al_data->srcport = srcport; al_data->dstip = dstip; al_data->dstport = dstport; al_data->user = user; al_data->date = date; al_data->filename = filename; #ifdef GEOIP al_data->geoipdatasrc = geoipdatasrc; al_data->geoipdatadst = geoipdatadst; #endif al_data->old_md5 = old_md5; al_data->new_md5 = new_md5; al_data->old_sha1 = old_sha1; al_data->new_sha1 = new_sha1; return(al_data); } _r = 0; } /* Checking for the header */ if(strncmp(ALERT_BEGIN, str, ALERT_BEGIN_SZ) == 0) { char *m; int z = 0; p = str + ALERT_BEGIN_SZ + 1; m = strstr(p, ":"); if (!m) { continue; } z = strlen(p) - strlen(m); os_realloc(alertid, (z + 1)*sizeof(char *), alertid); strncpy(alertid, p, z); alertid[z] = '\0'; /* Searching for email flag */ p = strchr(p, ' '); if(!p) { continue; } p++; /* Checking for the flags */ if((flag & CRALERT_MAIL_SET) && (strncmp(ALERT_MAIL, p, ALERT_MAIL_SZ) != 0)) { continue; } p = strchr(p, '-'); if(p) { p++; os_strdup(p, group); /* Cleaning new line from group */ os_clearnl(group, p); if(group != NULL && strstr(group, "syscheck") != NULL) { issyscheck = 1; } } /* Searching for active-response flag */ _r = 1; continue; } if(_r < 1) continue; /*** Extract information from the event ***/ /* r1 means: 2006 Apr 13 16:15:17 /var/log/auth.log */ if(_r == 1) { /* Clear new line */ os_clearnl(str, p); p = strchr(str, ':'); if(p) { p = strchr(p, ' '); if(p) { *p = '\0'; p++; } else { /* If p is null it is because strchr failed */ merror("ZZZ: 1() Merror date or location not NULL"); _r = 0; goto l_error; } } /* If not, str is date and p is the location */ if(date || location) merror("ZZZ Merror date or location not NULL"); os_strdup(str, date); os_strdup(p, location); _r = 2; log_size = 0; continue; } else if(_r == 2) { /* Rule begin */ if(strncmp(RULE_BEGIN, str, RULE_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + RULE_BEGIN_SZ; rule = atoi(p); p = strchr(p, ' '); if(p) { p++; p = strchr(p, ' '); if(p) p++; } if(!p) goto l_error; level = atoi(p); /* Getting the comment */ p = strchr(p, '\''); if(!p) goto l_error; p++; os_strdup(p, comment); /* Must have the closing \' */ p = strrchr(comment, '\''); if(p) { *p = '\0'; } else { goto l_error; } } /* srcip */ else if(strncmp(SRCIP_BEGIN, str, SRCIP_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + SRCIP_BEGIN_SZ; os_strdup(p, srcip); } #ifdef GEOIP /* GeoIP Source Location */ else if (strncmp(GEOIP_BEGIN_SRC, str, GEOIP_BEGIN_SRC_SZ) == 0) { os_clearnl(str,p); p = str + GEOIP_BEGIN_SRC_SZ; os_strdup(p, geoipdatasrc); } #endif /* srcport */ else if(strncmp(SRCPORT_BEGIN, str, SRCPORT_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + SRCPORT_BEGIN_SZ; srcport = atoi(p); } /* dstip */ else if(strncmp(DSTIP_BEGIN, str, DSTIP_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + DSTIP_BEGIN_SZ; os_strdup(p, dstip); } #ifdef GEOIP /* GeoIP Destination Location */ else if (strncmp(GEOIP_BEGIN_DST, str, GEOIP_BEGIN_DST_SZ) == 0) { os_clearnl(str,p); p = str + GEOIP_BEGIN_DST_SZ; os_strdup(p, geoipdatadst); } #endif /* dstport */ else if(strncmp(DSTPORT_BEGIN, str, DSTPORT_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + DSTPORT_BEGIN_SZ; dstport = atoi(p); } /* username */ else if(strncmp(USER_BEGIN, str, USER_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + USER_BEGIN_SZ; os_strdup(p, user); } /* Old MD5 */ else if(strncmp(OLDMD5_BEGIN, str, OLDMD5_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + OLDMD5_BEGIN_SZ; os_strdup(p, old_md5); } /* New MD5 */ else if(strncmp(NEWMD5_BEGIN, str, NEWMD5_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + NEWMD5_BEGIN_SZ; os_strdup(p, new_md5); } /* Old SHA1 */ else if(strncmp(OLDSHA1_BEGIN, str, OLDSHA1_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + OLDSHA1_BEGIN_SZ; os_strdup(p, old_sha1); } /* New SHA1 */ else if(strncmp(NEWSHA1_BEGIN, str, NEWSHA1_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + NEWSHA1_BEGIN_SZ; os_strdup(p, new_sha1); } /* It is a log message */ else if(log_size < 20) { os_clearnl(str,p); if(str != NULL && issyscheck == 1) { if(strncmp(str, "Integrity checksum changed for: '",33) == 0) { filename = strdup(str+33); if(filename) { filename[strlen(filename) -1] = '\0'; } } issyscheck = 0; } os_realloc(log, (log_size +2)*sizeof(char *), log); os_strdup(str, log[log_size]); log_size++; log[log_size] = NULL; } } continue; l_error: /* Freeing the memory */ _r = 0; if(date) { free(date); date = NULL; } if(location) { free(location); location = NULL; } if(comment) { free(comment); comment = NULL; } if(srcip) { free(srcip); srcip = NULL; } #ifdef GEOIP if(geoipdatasrc) { free(geoipdatasrc); geoipdatasrc = NULL; } if(geoipdatadst) { free(geoipdatadst); geoipdatadst = NULL; } #endif if(user) { free(user); user = NULL; } if(filename) { free(filename); filename = NULL; } if(group) { free(group); group = NULL; } if(old_md5) { free(old_md5); old_md5 = NULL; } if(new_md5) { free(new_md5); new_md5 = NULL; } if(old_sha1) { free(old_sha1); old_sha1 = NULL; } if(new_sha1) { free(new_sha1); new_sha1 = NULL; } while(log_size > 0) { log_size--; if(log[log_size]) { free(log[log_size]); log[log_size] = NULL; } } } if(alertid) { free(alertid); alertid = NULL; } /* We need to clean end of file before returning */ clearerr(fp); return(NULL); }
static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, struct hostapd_config *conf) { struct hostapd_bss_config *bss = &conf->bss[0]; int pairwise; conf->driver = wpa_s->driver; os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); if (ssid->frequency == 0) { /* default channel 11 */ conf->hw_mode = HOSTAPD_MODE_IEEE80211G; conf->channel = 11; } else if (ssid->frequency >= 2412 && ssid->frequency <= 2472) { conf->hw_mode = HOSTAPD_MODE_IEEE80211G; conf->channel = (ssid->frequency - 2407) / 5; } else if ((ssid->frequency >= 5180 && ssid->frequency <= 5240) || (ssid->frequency >= 5745 && ssid->frequency <= 5825)) { conf->hw_mode = HOSTAPD_MODE_IEEE80211A; conf->channel = (ssid->frequency - 5000) / 5; } else { wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", ssid->frequency); return -1; } /* TODO: enable HT40 if driver supports it; * drop to 11b if driver does not support 11g */ #ifdef CONFIG_IEEE80211N /* * Enable HT20 if the driver supports it, by setting conf->ieee80211n. * Using default config settings for: conf->ht_op_mode_fixed, * conf->ht_capab, conf->secondary_channel, conf->require_ht */ if (wpa_s->hw.modes) { struct hostapd_hw_modes *mode = NULL; int i; for (i = 0; i < wpa_s->hw.num_modes; i++) { if (wpa_s->hw.modes[i].mode == conf->hw_mode) { mode = &wpa_s->hw.modes[i]; break; } } if (mode && mode->ht_capab) conf->ieee80211n = 1; } #endif /* CONFIG_IEEE80211N */ #ifdef CONFIG_P2P if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) { /* Remove 802.11b rates from supported and basic rate sets */ int *list = os_malloc(4 * sizeof(int)); if (list) { list[0] = 60; list[1] = 120; list[2] = 240; list[3] = -1; } conf->basic_rates = list; list = os_malloc(9 * sizeof(int)); if (list) { list[0] = 60; list[1] = 90; list[2] = 120; list[3] = 180; list[4] = 240; list[5] = 360; list[6] = 480; list[7] = 540; list[8] = -1; } conf->supported_rates = list; } bss->isolate = !wpa_s->conf->p2p_intra_bss; #endif /* CONFIG_P2P */ if (ssid->ssid_len == 0) { wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); return -1; } os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); bss->ssid.ssid[ssid->ssid_len] = '\0'; bss->ssid.ssid_len = ssid->ssid_len; bss->ssid.ssid_set = 1; if (ssid->auth_alg) bss->auth_algs = ssid->auth_alg; if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) bss->wpa = ssid->proto; bss->wpa_key_mgmt = ssid->key_mgmt; bss->wpa_pairwise = ssid->pairwise_cipher; if (ssid->passphrase) { bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); } else if (ssid->psk_set) { os_free(bss->ssid.wpa_psk); bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); if (bss->ssid.wpa_psk == NULL) return -1; os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); bss->ssid.wpa_psk->group = 1; } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || ssid->wep_key_len[2] || ssid->wep_key_len[3]) { struct hostapd_wep_keys *wep = &bss->ssid.wep; int i; for (i = 0; i < NUM_WEP_KEYS; i++) { if (ssid->wep_key_len[i] == 0) continue; wep->key[i] = os_malloc(ssid->wep_key_len[i]); if (wep->key[i] == NULL) return -1; os_memcpy(wep->key[i], ssid->wep_key[i], ssid->wep_key_len[i]); wep->len[i] = ssid->wep_key_len[i]; } wep->idx = ssid->wep_tx_keyidx; wep->keys_set = 1; } /* Select group cipher based on the enabled pairwise cipher suites */ pairwise = 0; if (bss->wpa & 1) pairwise |= bss->wpa_pairwise; if (bss->wpa & 2) { if (bss->rsn_pairwise == 0) bss->rsn_pairwise = bss->wpa_pairwise; pairwise |= bss->rsn_pairwise; } if (pairwise & WPA_CIPHER_TKIP) bss->wpa_group = WPA_CIPHER_TKIP; else bss->wpa_group = WPA_CIPHER_CCMP; if (bss->wpa && bss->ieee802_1x) bss->ssid.security_policy = SECURITY_WPA; else if (bss->wpa) bss->ssid.security_policy = SECURITY_WPA_PSK; else if (bss->ieee802_1x) { int cipher = WPA_CIPHER_NONE; bss->ssid.security_policy = SECURITY_IEEE_802_1X; bss->ssid.wep.default_len = bss->default_wep_key_len; if (bss->default_wep_key_len) cipher = bss->default_wep_key_len >= 13 ? WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; bss->wpa_group = cipher; bss->wpa_pairwise = cipher; bss->rsn_pairwise = cipher; } else if (bss->ssid.wep.keys_set) { int cipher = WPA_CIPHER_WEP40; if (bss->ssid.wep.len[0] >= 13) cipher = WPA_CIPHER_WEP104; bss->ssid.security_policy = SECURITY_STATIC_WEP; bss->wpa_group = cipher; bss->wpa_pairwise = cipher; bss->rsn_pairwise = cipher; } else { bss->ssid.security_policy = SECURITY_PLAINTEXT; bss->wpa_group = WPA_CIPHER_NONE; bss->wpa_pairwise = WPA_CIPHER_NONE; bss->rsn_pairwise = WPA_CIPHER_NONE; } #ifdef CONFIG_WPS /* * Enable WPS by default for open and WPA/WPA2-Personal network, but * require user interaction to actually use it. Only the internal * Registrar is supported. */ if (bss->ssid.security_policy != SECURITY_WPA_PSK && bss->ssid.security_policy != SECURITY_PLAINTEXT) goto no_wps; #ifdef CONFIG_WPS2 if (bss->ssid.security_policy == SECURITY_WPA_PSK && (!(pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2))) goto no_wps; /* WPS2 does not allow WPA/TKIP-only * configuration */ #endif /* CONFIG_WPS2 */ bss->eap_server = 1; bss->wps_state = 2; bss->ap_setup_locked = 2; if (wpa_s->conf->config_methods) bss->config_methods = os_strdup(wpa_s->conf->config_methods); os_memcpy(bss->device_type, wpa_s->conf->device_type, WPS_DEV_TYPE_LEN); if (wpa_s->conf->device_name) { bss->device_name = os_strdup(wpa_s->conf->device_name); bss->friendly_name = os_strdup(wpa_s->conf->device_name); } if (wpa_s->conf->manufacturer) bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); if (wpa_s->conf->model_name) bss->model_name = os_strdup(wpa_s->conf->model_name); if (wpa_s->conf->model_number) bss->model_number = os_strdup(wpa_s->conf->model_number); if (wpa_s->conf->serial_number) bss->serial_number = os_strdup(wpa_s->conf->serial_number); if (is_nil_uuid(wpa_s->conf->uuid)) os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); else os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); no_wps: #endif /* CONFIG_WPS */ if (wpa_s->max_stations && wpa_s->max_stations < wpa_s->conf->max_num_sta) bss->max_num_sta = wpa_s->max_stations; else bss->max_num_sta = wpa_s->conf->max_num_sta; bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; return 0; }
/*-------------------------------------------------------------------------------------*/ char *strsub(const char* input_string, const char* string_to_search, const char* replacement_string) { const char *occurrence_str = NULL; char* result_str = NULL; char *replacedString = NULL; int count = 0, len = 0; if (input_string == NULL) { return NULL; } if (string_to_search == NULL || replacement_string == NULL) { return os_strdup(input_string); } occurrence_str = strstr (input_string, string_to_search); if (occurrence_str == NULL) { return os_strdup(input_string); } if (strlen (replacement_string) > strlen (string_to_search)) { count = 0; len = (int)strlen (string_to_search); if (len) { occurrence_str = input_string; while (occurrence_str != NULL && *occurrence_str != '\0') { occurrence_str = strstr (occurrence_str, string_to_search); if (occurrence_str != NULL) { occurrence_str += len; count++; } } } len = count * ((int)strlen(replacement_string) - (int)strlen(string_to_search)) + (int)strlen(input_string); } else { len = (int)strlen(input_string); } replacedString = (char*)MALLOC (sizeof(char) * (len + 1)); if (replacedString == NULL) { return NULL; } occurrence_str = input_string; result_str = replacedString; len = (int)strlen (string_to_search); while (*occurrence_str != '\0') { if (*occurrence_str == string_to_search[0] && strncmp (occurrence_str, string_to_search, len) == 0) { const char *N = NULL; N = replacement_string; while (*N != '\0') { *result_str++ = *N++; } occurrence_str += len; } else { *result_str++ = *occurrence_str++; } } *result_str = '\0'; return replacedString; }/*-------------------------------------------------------------------------------------*/
/** * eap_peer_select_phase2_methods - Select phase 2 EAP method * @config: Pointer to the network configuration * @prefix: 'phase2' configuration prefix, e.g., "auth=" * @types: Buffer for returning allocated list of allowed EAP methods * @num_types: Buffer for returning number of allocated EAP methods * Returns: 0 on success, -1 on failure * * This function is used to parse EAP method list and select allowed methods * for Phase2 authentication. */ int eap_peer_select_phase2_methods(struct eap_peer_config *config, const char *prefix, struct eap_method_type **types, size_t *num_types) { char *start, *pos, *buf; struct eap_method_type *methods = NULL, *_methods; u8 method; size_t num_methods = 0, prefix_len; if (config == NULL || config->phase2 == NULL) goto get_defaults; start = buf = os_strdup(config->phase2); if (buf == NULL) return -1; prefix_len = os_strlen(prefix); while (start && *start != '\0') { int vendor; pos = os_strstr(start, prefix); if (pos == NULL) break; if (start != pos && *(pos - 1) != ' ') { start = pos + prefix_len; continue; } start = pos + prefix_len; pos = os_strchr(start, ' '); if (pos) *pos++ = '\0'; method = eap_get_phase2_type(start, &vendor); if (vendor == EAP_VENDOR_IETF && method == EAP_TYPE_NONE) { wpa_printf(MSG_ERROR, "TLS: Unsupported Phase2 EAP " "method '%s'", start); } else { num_methods++; _methods = os_realloc(methods, num_methods * sizeof(*methods)); if (_methods == NULL) { os_free(methods); os_free(buf); return -1; } methods = _methods; methods[num_methods - 1].vendor = vendor; methods[num_methods - 1].method = method; } start = pos; } os_free(buf); get_defaults: if (methods == NULL) methods = eap_get_phase2_types(config, &num_methods); if (methods == NULL) { wpa_printf(MSG_ERROR, "TLS: No Phase2 EAP methods available"); return -1; } wpa_hexdump(MSG_DEBUG, "TLS: Phase2 EAP types", (u8 *) methods, num_methods * sizeof(struct eap_method_type)); *types = methods; *num_types = num_methods; return 0; }
/* FW_Log: v0.1, 2005/12/30 */ int FW_Log(Eventinfo *lf) { /* If we don't have the srcip or the * action, there is no point in going * forward over here */ if(!lf->action || !lf->srcip || !lf->dstip || !lf->srcport || !lf->dstport || !lf->protocol) { return(0); } /* Setting the actions */ switch(*lf->action) { /* discard, drop, deny, */ case 'd': case 'D': /* reject, */ case 'r': case 'R': /* block */ case 'b': case 'B': os_free(lf->action); os_strdup("DROP", lf->action); break; /* Closed */ case 'c': case 'C': /* Teardown */ case 't': case 'T': os_free(lf->action); os_strdup("CLOSED", lf->action); break; /* allow, accept, */ case 'a': case 'A': /* pass/permitted */ case 'p': case 'P': /* open */ case 'o': case 'O': os_free(lf->action); os_strdup("ALLOW", lf->action); break; default: if(OSMatch_Execute(lf->action,strlen(lf->action),&FWDROPpm)) { os_free(lf->action); os_strdup("DROP", lf->action); } if(OSMatch_Execute(lf->action,strlen(lf->action),&FWALLOWpm)) { os_free(lf->action); os_strdup("ALLOW", lf->action); } else { os_free(lf->action); os_strdup("UNKNOWN", lf->action); } break; } /* log to file */ fprintf(_fflog, "%d %s %02d %s %s%s%s %s %s %s:%s->%s:%s\n", lf->year, lf->mon, lf->day, lf->hour, lf->hostname != lf->location?lf->hostname:"", lf->hostname != lf->location?"->":"", lf->location, lf->action, lf->protocol, lf->srcip, lf->srcport, lf->dstip, lf->dstport); fflush(_fflog); return(1); }
/*-------------------------------------------------------------------------------------*/ char *strsub(const char* input_string, const char* string_to_search, const char* replacement_string) { const char *occurrence_str = NULL; char* result_str = NULL; char *replacedString = NULL; int count = 0, len = 0; if (input_string == NULL) { return NULL; } if (string_to_search == NULL || replacement_string == NULL) { return os_strdup(input_string); } occurrence_str = strstr (input_string, string_to_search); if (occurrence_str == NULL) { return os_strdup(input_string); } if (strlen (replacement_string) > strlen (string_to_search)) { count = 0; len = (int)strlen (string_to_search); if (len) { occurrence_str = input_string; while (occurrence_str != NULL && *occurrence_str != '\0') { occurrence_str = strstr (occurrence_str, string_to_search); if (occurrence_str != NULL) { occurrence_str += len; count++; } } } len = count * ((int)strlen(replacement_string) - (int)strlen(string_to_search)) + (int)strlen(input_string); } else { len = (int)strlen(input_string); } replacedString = (char*)MALLOC (sizeof(char) * (len + 1)); if (replacedString == NULL) { return NULL; } occurrence_str = input_string; result_str = replacedString; len = (int)strlen (string_to_search); while (*occurrence_str != '\0') { if (*occurrence_str == string_to_search[0] && strncmp (occurrence_str, string_to_search, len) == 0) { const char *N = NULL; N = replacement_string; while (*N != '\0') { *result_str++ = *N++; } occurrence_str += len; } else { *result_str++ = *occurrence_str++; } } *result_str = '\0'; return replacedString; }/*-------------------------------------------------------------------------------------*/ char *strsub_reg(const char* input_string, const char* string_to_search, const char* replacement_string, int *ierr) { pcre_error_code w = PCRE_FINISHED_OK; int Output_Start = 0; int Output_End = 0; char *replacedString = NULL; wchar_t *wcreplacedString = NULL; wchar_t *wcreplacement_string = NULL; wchar_t *wcinput_string = NULL; int len = 0; *ierr = (int)PCRE_FINISHED_OK; if (input_string == NULL) { return NULL; } if (string_to_search == NULL || replacement_string == NULL) { return os_strdup(input_string); } w = pcre_private((char*)input_string, (char*)string_to_search, &Output_Start, &Output_End, NULL, NULL); if (w != PCRE_FINISHED_OK) { *ierr = (int)w; return os_strdup(input_string); } wcreplacement_string = to_wide_string((char*)replacement_string); wcinput_string = to_wide_string((char*)input_string); if (wcreplacement_string == NULL) { FREE(wcinput_string); *ierr = (int)NOT_ENOUGH_MEMORY_FOR_VECTOR; return os_strdup(input_string); } len = (int)wcslen(wcreplacement_string) + (int)wcslen(wcinput_string); wcreplacedString = (wchar_t*)MALLOC (sizeof(wchar_t) * (len + 1)); if (wcreplacedString == NULL) { FREE(replacement_string); FREE(wcinput_string); return NULL; } { /* converts to wide characters */ wchar_t *wctail = NULL; int wcOutput_Start = 0; int wcOutput_End = 0; char * strOutput_Start = os_strdup(input_string); char * strOutput_End = os_strdup(input_string); wchar_t *wcstrOutput_Start = NULL; wchar_t *wcstrOutput_End = NULL; /* calculates positions with wide characters */ strOutput_Start[Output_Start] = '\0'; strOutput_End[Output_End] = '\0'; wcstrOutput_Start = to_wide_string(strOutput_Start); wcstrOutput_End = to_wide_string(strOutput_End); FREE(strOutput_Start); FREE(strOutput_End); if (wcstrOutput_Start) { wcOutput_Start = (int)wcslen(wcstrOutput_Start); FREE(wcstrOutput_Start); } else { wcOutput_Start = 0; } if (wcstrOutput_End) { wcOutput_End = (int)wcslen(wcstrOutput_End); FREE(wcstrOutput_End); } else { wcOutput_End = 0; } wcsncpy(wcreplacedString, wcinput_string, wcOutput_Start); wcreplacedString[wcOutput_Start] = L'\0'; wcscat(wcreplacedString, wcreplacement_string); wctail = wcinput_string + wcOutput_End; wcscat(wcreplacedString, wctail); replacedString = wide_string_to_UTF8(wcreplacedString); FREE(wcreplacedString); } FREE(wcinput_string); FREE(wcreplacement_string); return replacedString; }
/* * Class: org_opensplice_dds_dcps_FooTypeSupportImpl * Method: jniRegisterType * Signature: (Ljava/lang/Object;LDDS/DomainParticipant;Ljava/lang/String;)I */ JNIEXPORT jint JNICALL SAJ_FUNCTION(jniRegisterType) ( JNIEnv *env, jclass object, jobject TypeSupport, jobject participant, jstring type_alias, jstring org_pName, jstring tgt_pName) { const char *typeAlias; const char *typeName; const os_char* tmp; os_char* orgPName; os_char* tgtPName; jint result; jclass typeSupportClass; jfieldID copyCache_fid; c_metaObject typeMeta; saj_copyCache copyCache; /* Convert type_alias */ if (type_alias != NULL) { typeAlias = (*env)->GetStringUTFChars (env, type_alias, 0); } else { typeAlias = NULL; } if (org_pName != NULL) { tmp = (*env)->GetStringUTFChars (env, org_pName, 0); if(0 == strcmp(tmp, "null")) { orgPName = NULL; } else { orgPName = os_strdup(tmp); } (*env)->ReleaseStringUTFChars (env, org_pName, tmp); } else { orgPName = NULL; } if (tgt_pName != NULL) { tmp = (*env)->GetStringUTFChars (env, tgt_pName, 0); if(0 == strcmp(tmp, "null")) { tgtPName = NULL; } else { tgtPName = os_strdup(tmp); } (*env)->ReleaseStringUTFChars (env, tgt_pName, tmp); } else { tgtPName = NULL; } /* Call GAPI register type function */ result = gapi_fooTypeSupport_register_type ( (gapi_fooTypeSupport)saj_read_gapi_address (env, TypeSupport), (gapi_domainParticipant)saj_read_gapi_address (env, participant), (gapi_string)typeAlias); if (result == GAPI_RETCODE_OK) { typeName = gapi_typeSupport_get_type_name ((gapi_typeSupport)saj_read_gapi_address (env, TypeSupport)); typeMeta = (c_metaObject)gapi_domainParticipant_get_type_metadescription ( (gapi_domainParticipant)saj_read_gapi_address (env, participant), typeName); if (typeMeta) { copyCache = saj_copyCacheNew (env, typeMeta, orgPName, tgtPName); if (copyCache) { typeSupportClass = (*env)->GetObjectClass (env, TypeSupport); copyCache_fid = (*env)->GetFieldID (env, typeSupportClass, "copyCache", "J"); (*env)->SetLongField (env, TypeSupport, copyCache_fid, (jlong)(PA_ADDRCAST)copyCache); } else { result = GAPI_RETCODE_ERROR; } } else { result = GAPI_RETCODE_ERROR; } } /* Release used strings */ if (typeAlias != NULL) { (*env)->ReleaseStringUTFChars (env, type_alias, typeAlias); } if(tgtPName) { os_free(tgtPName); } if(orgPName) { os_free(orgPName); } return (jint)result; }
char * os_rel2abs_path(const char *rel_path) { return os_strdup(rel_path); //return NULL; /* strdup(rel_path) can be used here */ }
void FillEvent(Eventinfo *lf, const char *f_name, const SyscheckSum *sum) { os_strdup(f_name, lf->filename); os_strdup(sum->size, lf->size_after); lf->perm_after = sum->perm; os_strdup(sum->uid, lf->owner_after); os_strdup(sum->gid, lf->gowner_after); os_strdup(sum->md5, lf->md5_after); os_strdup(sum->sha1, lf->sha1_after); if (sum->uname) os_strdup(sum->uname, lf->uname_after); if (sum->gname) os_strdup(sum->gname, lf->gname_after); lf->mtime_after = sum->mtime; lf->inode_after = sum->inode; /* Fields */ os_strdup(f_name, lf->fields[SCK_FILE]); os_strdup(sum->size, lf->fields[SCK_SIZE]); os_calloc(7, sizeof(char), lf->fields[SCK_PERM]); snprintf(lf->fields[SCK_PERM], 7, "%06o", sum->perm); os_strdup(sum->uid, lf->fields[SCK_UID]); os_strdup(sum->gid, lf->fields[SCK_GID]); os_strdup(sum->md5, lf->fields[SCK_MD5]); os_strdup(sum->sha1, lf->fields[SCK_SHA1]); if (sum->uname) os_strdup(sum->uname, lf->fields[SCK_UNAME]); if (sum->gname) os_strdup(sum->gname, lf->fields[SCK_GNAME]); if (sum->inode) { os_calloc(20, sizeof(char), lf->fields[SCK_INODE]); snprintf(lf->fields[SCK_INODE], 20, "%ld", sum->inode); } }
os_int32 ut_dirOutNew( const os_char *name) { os_int32 result; os_result status; char dirName[OS_PATH_MAX]; struct os_stat statBuf; os_uint32 i; memset(dirName, 0, OS_PATH_MAX); if (name) { result = 1; for (i = 0; i < strlen(name) && result; i++) { if ((name[i] == OS_FILESEPCHAR) && (i != 0)) { status = os_stat(dirName, &statBuf); if (status != os_resultSuccess) { os_mkdir(dirName, S_IRWXU | S_IRWXG | S_IRWXO); status = os_stat(dirName, &statBuf); } if (!OS_ISDIR (statBuf.stat_mode)) { #ifdef WIN32 if ((strlen(dirName) == 2) && (dirName[1] == ':')) { /*This is a device like for instance: 'C:'*/ } else { printf("'%s' is not a directory\n", dirName); result = 0; ut_outputdir = NULL; } #else printf("'%s' is not a directory\n", dirName); result = 0; ut_outputdir = NULL; #endif } } dirName[i] = name[i]; } if (result) { if (dirName[i-1] != OS_FILESEPCHAR) { status = os_stat(dirName, &statBuf); if (status != os_resultSuccess) { os_mkdir(dirName, S_IRWXU | S_IRWXG | S_IRWXO); status = os_stat(dirName, &statBuf); } ut_outputdir = os_strdup(name); if (!OS_ISDIR(statBuf.stat_mode)) { #ifdef WIN32 if ((strlen(dirName) == 2) && (dirName[1] == ':')) { /*This is a device like for instance: 'C:'. Check if it exists...*/ dirName[2] = OS_FILESEPCHAR; status = os_stat(dirName, &statBuf); if (status == os_resultFail) { printf("'%s' is not available", dirName); result = 0; ut_outputdir = NULL; } } else { printf("'%s' is not a directory.\n", ut_outputdir); result = 0; ut_outputdir = NULL; } #else printf("'%s' is not a directory\n", dirName); result = 0; ut_outputdir = NULL; #endif } } else { ut_outputdir = (os_char *)os_malloc(strlen(name)+1); snprintf(ut_outputdir, strlen(name), "%s", name); } } } else { result = 0; ut_outputdir = NULL; } if (result) { status = os_access(ut_outputdir, 2); /* Check whether dir is writable */ if (status != os_resultSuccess) { #ifdef WIN32 if ((strlen(dirName) == 2) && (dirName[1] == ':')) { /*This is a device like for instance: 'C:'. Check if it exists...*/ dirName[2] = OS_FILESEPCHAR; status = os_stat(dirName, &statBuf); if (status == os_resultFail) { printf("'%s' cannot be found", dirName); result = 0; ut_outputdir = NULL; } } else { printf("Specified output directory '%s' is not writable.\n", ut_outputdir); result = 0; ut_outputdir = NULL; } #else printf("Specified output directory '%s' is not writable.\n", ut_outputdir); result = 0; ut_outputdir = NULL; #endif } } return result; }
static int eapol_auth_conf_clone(struct eapol_auth_config *dst, struct eapol_auth_config *src) { dst->ctx = src->ctx; dst->eap_reauth_period = src->eap_reauth_period; dst->wpa = src->wpa; dst->individual_wep_key_len = src->individual_wep_key_len; dst->eap_server = src->eap_server; dst->ssl_ctx = src->ssl_ctx; dst->msg_ctx = src->msg_ctx; dst->eap_sim_db_priv = src->eap_sim_db_priv; os_free(dst->eap_req_id_text); dst->pwd_group = src->pwd_group; dst->pbc_in_m1 = src->pbc_in_m1; dst->server_id = src->server_id; dst->server_id_len = src->server_id_len; if (src->eap_req_id_text) { dst->eap_req_id_text = os_malloc(src->eap_req_id_text_len); if (dst->eap_req_id_text == NULL) return -1; os_memcpy(dst->eap_req_id_text, src->eap_req_id_text, src->eap_req_id_text_len); dst->eap_req_id_text_len = src->eap_req_id_text_len; } else { dst->eap_req_id_text = NULL; dst->eap_req_id_text_len = 0; } if (src->pac_opaque_encr_key) { dst->pac_opaque_encr_key = os_malloc(16); if (dst->pac_opaque_encr_key == NULL) goto fail; os_memcpy(dst->pac_opaque_encr_key, src->pac_opaque_encr_key, 16); } else dst->pac_opaque_encr_key = NULL; if (src->eap_fast_a_id) { dst->eap_fast_a_id = os_malloc(src->eap_fast_a_id_len); if (dst->eap_fast_a_id == NULL) goto fail; os_memcpy(dst->eap_fast_a_id, src->eap_fast_a_id, src->eap_fast_a_id_len); dst->eap_fast_a_id_len = src->eap_fast_a_id_len; } else dst->eap_fast_a_id = NULL; if (src->eap_fast_a_id_info) { dst->eap_fast_a_id_info = os_strdup(src->eap_fast_a_id_info); if (dst->eap_fast_a_id_info == NULL) goto fail; } else dst->eap_fast_a_id_info = NULL; dst->eap_fast_prov = src->eap_fast_prov; dst->pac_key_lifetime = src->pac_key_lifetime; dst->pac_key_refresh_time = src->pac_key_refresh_time; dst->eap_sim_aka_result_ind = src->eap_sim_aka_result_ind; dst->tnc = src->tnc; dst->wps = src->wps; dst->fragment_size = src->fragment_size; os_free(dst->erp_domain); if (src->erp_domain) { dst->erp_domain = os_strdup(src->erp_domain); if (dst->erp_domain == NULL) goto fail; } else { dst->erp_domain = NULL; } dst->erp_send_reauth_start = src->erp_send_reauth_start; dst->erp = src->erp; return 0; fail: eapol_auth_conf_free(dst); return -1; }
/* OS_CleanMSG v0.3: 2006/03/04 * Format a received message in the * Eventinfo structure. */ int OS_CleanMSG(char *msg, Eventinfo *lf) { int loglen; char *pieces; struct tm *p; /* The message is formated in the following way: * id:location:message. */ /* Ignoring the id of the message in here */ msg+=2; /* Setting pieces as the message */ pieces = strchr(msg, ':'); if(!pieces) { merror(FORMAT_ERROR, ARGV0); return(-1); } *pieces = '\0'; pieces++; os_strdup(msg, lf->location); /* Getting the log length */ loglen = strlen(pieces) + 1; /* Assigning the values in the strucuture (lf->full_log) */ os_malloc((2*loglen) +1, lf->full_log); /* Setting the whole message at full_log */ strncpy(lf->full_log, pieces, loglen); /* Log is the one used for parsing in the decoders and rules */ lf->log = lf->full_log+loglen; strncpy(lf->log, pieces, loglen); /* check if month contains an umlaut and repair * umlaute are non-ASCII and use 2 slots in the char array * repair to only one slot so we can detect the correct date format in the next step * ex: Mär 02 17:30:52 */ if (pieces[1] == (char) 195) { if (pieces[2] == (char) 164) { pieces[0] = '\0'; pieces[1] = 'M'; pieces[2] = 'a'; pieces++; } } /* Checking for the syslog date format. * ( ex: Dec 29 10:00:01 * or 2007-06-14T15:48:55-04:00 for syslog-ng isodate * or 2009-05-22T09:36:46.214994-07:00 for rsyslog ) */ if( ( (loglen > 17) && (pieces[3] == ' ') && (pieces[6] == ' ') && (pieces[9] == ':') && (pieces[12] == ':') && (pieces[15] == ' ') && (lf->log+=16) ) || ( (loglen > 33) && (pieces[4] == '-') && (pieces[7] == '-') && (pieces[10] == 'T') && (pieces[13] == ':') && (pieces[16] == ':') && ( ((pieces[22] == ':') && (pieces[25] == ' ') && (lf->log+=26)) || ((pieces[19] == '.') && (pieces[29] == ':') && (lf->log+=32)) ) ) ) { /* Checking for an extra space in here */ if(*lf->log == ' ') lf->log++; /* Hostname */ pieces = lf->hostname = lf->log; /* Checking for a valid hostname */ while(isValidChar(*pieces) == 1) { pieces++; } /* Checking if it is a syslog without hostname (common on Solaris. */ if(*pieces == ':' && pieces[1] == ' ') { /* Getting solaris 8/9 messages without hostname. * In these cases, the process_name should be there. * http://www.ossec.net/wiki/index.php/Log_Samples_Solaris */ lf->program_name = lf->hostname; lf->hostname = NULL; /* Ending the program name string. */ *pieces = '\0'; pieces+=2; lf->log = pieces; } /* Extracting the hostname */ else if(*pieces != ' ') { /* Invalid hostname */ lf->hostname = NULL; pieces = NULL; } else { /* Ending the hostname string */ *pieces = '\0'; /* Moving pieces to the beginning of the log message */ pieces++; lf->log = pieces; /* Getting program_name */ lf->program_name = pieces; /* Extracting program_name */ /* Valid names: * p_name: * p_name[pid]: * p_name[pid]: [ID xx facility.severity] * auth|security:info p_name: * */ while(isValidChar(*pieces) == 1) { pieces++; } /* Checking for the first format: p_name: */ if((*pieces == ':') && (pieces[1] == ' ')) { *pieces = '\0'; pieces+=2; } /* Checking for the second format: p_name[pid]: */ else if((*pieces == '[') && (isdigit((int)pieces[1]))) { *pieces = '\0'; pieces+=2; while(isdigit((int)*pieces)) pieces++; if((*pieces == ']')&& (pieces[1] == ':')&& (pieces[2] == ' ')) { pieces+=3; } /* Some systems are not terminating the program name with * the ':'. Working around this in here.. */ else if((*pieces == ']') && (pieces[1] == ' ')) { pieces+=2; } else { /* Fixing for some weird log formats. */ pieces--; while(isdigit((int)*pieces)) { pieces--; } if(*pieces == '\0') *pieces = '['; pieces = NULL; lf->program_name = NULL; } } /* AIX syslog. */ else if((*pieces == '|') && islower((int)pieces[1])) { pieces+=2; /* Removing facility */ while(isalnum((int)*pieces)) pieces++; if(*pieces == ':') { /* Removing severity. */ pieces++; while(isalnum((int)*pieces)) pieces++; if(*pieces == ' ') { pieces++; lf->program_name = pieces; /* Getting program name again. */ while(isValidChar(*pieces) == 1) pieces++; /* Checking for the first format: p_name: */ if((*pieces == ':') && (pieces[1] == ' ')) { *pieces = '\0'; pieces+=2; } /* Checking for the second format: p_name[pid]: */ else if((*pieces == '[') && (isdigit((int)pieces[1]))) { *pieces = '\0'; pieces+=2; while(isdigit((int)*pieces)) pieces++; if((*pieces == ']') && (pieces[1] == ':') && (pieces[2] == ' ')) { pieces+=3; } else { pieces = NULL; } } } else { pieces = NULL; lf->program_name = NULL; } } /* Invalid AIX. */ else { pieces = NULL; lf->program_name = NULL; } } else { pieces = NULL; lf->program_name = NULL; } } /* Removing [ID xx facility.severity] */ if(pieces) { /* Setting log after program name */ lf->log = pieces; if((pieces[0] == '[') && (pieces[1] == 'I') && (pieces[2] == 'D') && (pieces[3] == ' ')) { pieces+=4; /* Going after the ] */ pieces = strchr(pieces, ']'); if(pieces) { pieces+=2; lf->log = pieces; } } } /* Getting program name size */ if(lf->program_name) { lf->p_name_size = strlen(lf->program_name); } } /* xferlog date format * Mon Apr 17 18:27:14 2006 1 64.160.42.130 */ else if((loglen > 28) && (pieces[3] == ' ')&& (pieces[7] == ' ')&& (pieces[10] == ' ')&& (pieces[13] == ':')&& (pieces[16] == ':')&& (pieces[19] == ' ')&& (pieces[24] == ' ')&& (pieces[26] == ' ')) { /* Moving log to the beginning of the message */ lf->log+=24; } /* Checking for snort date format * ex: 01/28-09:13:16.240702 [**] */ else if( (loglen > 24) && (pieces[2] == '/') && (pieces[5] == '-') && (pieces[8] == ':') && (pieces[11]== ':') && (pieces[14]== '.') && (pieces[21] == ' ') ) { lf->log+=23; } /* Checking for suricata (new) date format * ex: 01/28/1979-09:13:16.240702 [**] */ else if( (loglen > 26) && (pieces[2] == '/') && (pieces[5] == '/') && (pieces[10] == '-') && (pieces[13] == ':') && (pieces[16]== ':') && (pieces[19]== '.') && (pieces[26] == ' ') ) { lf->log+=28; } /* Checking for apache log format */ /* [Fri Feb 11 18:06:35 2004] [warn] */ else if( (loglen > 27) && (pieces[0] == '[') && (pieces[4] == ' ') && (pieces[8] == ' ') && (pieces[11]== ' ') && (pieces[14]== ':') && (pieces[17]== ':') && (pieces[20]== ' ') && (pieces[25]== ']') ) { lf->log+=27; } /* Checking for the osx asl log format. * Examples: * [Time 2006.12.28 15:53:55 UTC] [Facility auth] [Sender sshd] [PID 483] [Message error: PAM: Authentication failure for username from 192.168.0.2] [Level 3] [UID -2] [GID -2] [Host Hostname] * [Time 2006.11.02 14:02:11 UTC] [Facility auth] [Sender sshd] [PID 856] [Message refused connect from 59.124.44.34] [Level 4] [UID -2] [GID -2] [Host robert-wyatts-emac] */ else if((loglen > 26) && (pieces[0] == '[') && (pieces[1] == 'T') && (pieces[5] == ' ') && (pieces[10] == '.') && (pieces[13] == '.') && (pieces[16] == ' ') && (pieces[19] == ':')) { /* Do not read more than 1 message entry -> log tampering */ short unsigned int done_message = 0; /* Removing the date */ lf->log+=25; /* Getting the desired values */ pieces = strchr(lf->log, '['); while(pieces) { pieces++; /* Getting the sender (set to program name) */ if((strncmp(pieces, "Sender ", 7) == 0) && (lf->program_name == NULL)) { pieces+=7; lf->program_name = pieces; /* Getting the closing brackets */ pieces = strchr(pieces, ']'); if(pieces) { *pieces = '\0'; /* Setting program_name size */ lf->p_name_size = strlen(lf->program_name); pieces++; } /* Invalid program name */ else { lf->program_name = NULL; break; } } /* Getting message */ else if((strncmp(pieces, "Message ", 8) == 0) && (done_message == 0)) { pieces+=8; done_message = 1; lf->log = pieces; /* Getting the closing brackets */ pieces = strchr(pieces, ']'); if(pieces) { *pieces = '\0'; pieces++; } /* Invalid log closure */ else { break; } } /* Getting hostname */ else if(strncmp(pieces, "Host ", 5) == 0) { pieces+=5; lf->hostname = pieces; /* Getting the closing brackets */ pieces = strchr(pieces, ']'); if(pieces) { *pieces = '\0'; pieces++; } /* Invalid hostname */ else { lf->hostname = NULL; } break; } /* Getting next entry */ pieces = strchr(pieces, '['); } } /* Checking for squid date format * 1140804070.368 11623 * seconds from 00:00:00 1970-01-01 UTC */ else if((loglen > 32) && (pieces[0] == '1') && (isdigit((int)pieces[1])) && (isdigit((int)pieces[2])) && (isdigit((int)pieces[3])) && (pieces[10] == '.') && (isdigit((int)pieces[13])) && (pieces[14] == ' ') && ((pieces[21] == ' ')||(pieces[22] == ' '))) { lf->log+=14; /* We need to start at the size of the event */ while(*lf->log == ' ') { lf->log++; } } /* Every message must be in the format * hostname->location or * (agent) ip->location. */ /* Setting hostname for local messages */ if(lf->location[0] == '(') { /* Messages from an agent */ lf->hostname = lf->location; } else if(lf->hostname == NULL) { lf->hostname = __shost; } /* Setting up the event data */ lf->time = c_time; p = localtime(&c_time); /* Assign hour, day, year and month values */ lf->day = p->tm_mday; lf->year = p->tm_year+1900; strncpy(lf->mon,month[p->tm_mon],3); snprintf(lf->hour, 9, "%02d:%02d:%02d", p->tm_hour, p->tm_min, p->tm_sec); /* Setting the global hour/weekday */ __crt_hour = p->tm_hour; __crt_wday = p->tm_wday; #ifdef TESTRULE if(!alert_only) { print_out("**Phase 1: Completed pre-decoding."); print_out(" full event: '%s'", lf->full_log); print_out(" hostname: '%s'", lf->hostname); print_out(" program_name: '%s'", lf->program_name); print_out(" log: '%s'", lf->log); } #endif return(0); }
struct eapol_state_machine * eapol_auth_alloc(struct eapol_authenticator *eapol, const u8 *addr, int flags, const struct wpabuf *assoc_wps_ie, const struct wpabuf *assoc_p2p_ie, void *sta_ctx, const char *identity, const char *radius_cui) { struct eapol_state_machine *sm; struct eap_config eap_conf; if (eapol == NULL) return NULL; sm = os_zalloc(sizeof(*sm)); if (sm == NULL) { wpa_printf(MSG_DEBUG, "IEEE 802.1X state machine allocation " "failed"); return NULL; } sm->radius_identifier = -1; os_memcpy(sm->addr, addr, ETH_ALEN); sm->flags = flags; sm->eapol = eapol; sm->sta = sta_ctx; /* Set default values for state machine constants */ sm->auth_pae_state = AUTH_PAE_INITIALIZE; sm->quietPeriod = AUTH_PAE_DEFAULT_quietPeriod; sm->reAuthMax = AUTH_PAE_DEFAULT_reAuthMax; sm->be_auth_state = BE_AUTH_INITIALIZE; sm->serverTimeout = BE_AUTH_DEFAULT_serverTimeout; sm->reauth_timer_state = REAUTH_TIMER_INITIALIZE; sm->reAuthPeriod = eapol->conf.eap_reauth_period; sm->reAuthEnabled = eapol->conf.eap_reauth_period > 0 ? TRUE : FALSE; sm->auth_key_tx_state = AUTH_KEY_TX_NO_KEY_TRANSMIT; sm->key_rx_state = KEY_RX_NO_KEY_RECEIVE; sm->ctrl_dir_state = CTRL_DIR_IN_OR_BOTH; sm->portControl = Auto; if (!eapol->conf.wpa && (eapol->default_wep_key || eapol->conf.individual_wep_key_len > 0)) sm->keyTxEnabled = TRUE; else sm->keyTxEnabled = FALSE; if (eapol->conf.wpa) sm->portValid = FALSE; else sm->portValid = TRUE; os_memset(&eap_conf, 0, sizeof(eap_conf)); eap_conf.eap_server = eapol->conf.eap_server; eap_conf.ssl_ctx = eapol->conf.ssl_ctx; eap_conf.msg_ctx = eapol->conf.msg_ctx; eap_conf.eap_sim_db_priv = eapol->conf.eap_sim_db_priv; eap_conf.pac_opaque_encr_key = eapol->conf.pac_opaque_encr_key; eap_conf.eap_fast_a_id = eapol->conf.eap_fast_a_id; eap_conf.eap_fast_a_id_len = eapol->conf.eap_fast_a_id_len; eap_conf.eap_fast_a_id_info = eapol->conf.eap_fast_a_id_info; eap_conf.eap_fast_prov = eapol->conf.eap_fast_prov; eap_conf.pac_key_lifetime = eapol->conf.pac_key_lifetime; eap_conf.pac_key_refresh_time = eapol->conf.pac_key_refresh_time; eap_conf.eap_sim_aka_result_ind = eapol->conf.eap_sim_aka_result_ind; eap_conf.tnc = eapol->conf.tnc; eap_conf.wps = eapol->conf.wps; eap_conf.assoc_wps_ie = assoc_wps_ie; eap_conf.assoc_p2p_ie = assoc_p2p_ie; eap_conf.peer_addr = addr; eap_conf.fragment_size = eapol->conf.fragment_size; eap_conf.pwd_group = eapol->conf.pwd_group; eap_conf.pbc_in_m1 = eapol->conf.pbc_in_m1; eap_conf.server_id = eapol->conf.server_id; eap_conf.server_id_len = eapol->conf.server_id_len; eap_conf.erp = eapol->conf.erp; sm->eap = eap_server_sm_init(sm, &eapol_cb, &eap_conf); if (sm->eap == NULL) { eapol_auth_free(sm); return NULL; } sm->eap_if = eap_get_interface(sm->eap); eapol_auth_initialize(sm); if (identity) { sm->identity = (u8 *) os_strdup(identity); if (sm->identity) sm->identity_len = os_strlen(identity); } if (radius_cui) sm->radius_cui = wpabuf_alloc_copy(radius_cui, os_strlen(radius_cui)); sm->acct_multi_session_id_lo = eapol->acct_multi_session_id_lo++; if (eapol->acct_multi_session_id_lo == 0) eapol->acct_multi_session_id_hi++; sm->acct_multi_session_id_hi = eapol->acct_multi_session_id_hi; return sm; }
struct wpa_config * wpa_config_read(const char *name) { FILE *f; char buf[256], *pos; int errors = 0, line = 0; struct wpa_ssid *ssid, *tail = NULL, *head = NULL; struct wpa_config *config; int id = 0; config = wpa_config_alloc_empty(NULL, NULL); if (config == NULL) return NULL; wpa_printf(MSG_DEBUG, "Reading configuration file '%s'", name); f = fopen(name, "r"); if (f == NULL) { os_free(config); return NULL; } while (wpa_config_get_line(buf, sizeof(buf), f, &line, &pos)) { if (os_strcmp(pos, "network={") == 0) { ssid = wpa_config_read_network(f, &line, id++); if (ssid == NULL) { wpa_printf(MSG_ERROR, "Line %d: failed to " "parse network block.", line); #ifndef WPA_IGNORE_CONFIG_ERRORS errors++; #endif continue; } if (head == NULL) { head = tail = ssid; } else { tail->next = ssid; tail = ssid; } if (wpa_config_add_prio_network(config, ssid)) { wpa_printf(MSG_ERROR, "Line %d: failed to add " "network block to priority list.", line); errors++; continue; } } else if (os_strncmp(pos, "blob-base64-", 12) == 0) { char *bname = pos + 12, *name_end; struct wpa_config_blob *blob; name_end = os_strchr(bname, '='); if (name_end == NULL) { wpa_printf(MSG_ERROR, "Line %d: no blob name " "terminator", line); errors++; continue; } *name_end = '\0'; blob = wpa_config_read_blob(f, &line, bname); if (blob == NULL) { wpa_printf(MSG_ERROR, "Line %d: failed to read" " blob %s", line, bname); errors++; continue; } wpa_config_set_blob(config, blob); #ifdef CONFIG_CTRL_IFACE } else if (os_strncmp(pos, "ctrl_interface=", 15) == 0) { os_free(config->ctrl_interface); config->ctrl_interface = os_strdup(pos + 15); wpa_printf(MSG_DEBUG, "ctrl_interface='%s'", config->ctrl_interface); } else if (os_strncmp(pos, "ctrl_interface_group=", 21) == 0) { os_free(config->ctrl_interface_group); config->ctrl_interface_group = os_strdup(pos + 21); wpa_printf(MSG_DEBUG, "ctrl_interface_group='%s' " "(DEPRECATED)", config->ctrl_interface_group); #endif /* CONFIG_CTRL_IFACE */ } else if (os_strncmp(pos, "eapol_version=", 14) == 0) { config->eapol_version = atoi(pos + 14); if (config->eapol_version < 1 || config->eapol_version > 2) { wpa_printf(MSG_ERROR, "Line %d: Invalid EAPOL " "version (%d): '%s'.", line, config->eapol_version, pos); errors++; continue; } wpa_printf(MSG_DEBUG, "eapol_version=%d", config->eapol_version); } else if (os_strncmp(pos, "ap_scan=", 8) == 0) { config->ap_scan = atoi(pos + 8); wpa_printf(MSG_DEBUG, "ap_scan=%d", config->ap_scan); } else if (os_strncmp(pos, "fast_reauth=", 12) == 0) { config->fast_reauth = atoi(pos + 12); wpa_printf(MSG_DEBUG, "fast_reauth=%d", config->fast_reauth); } else if (os_strncmp(pos, "opensc_engine_path=", 19) == 0) { os_free(config->opensc_engine_path); config->opensc_engine_path = os_strdup(pos + 19); wpa_printf(MSG_DEBUG, "opensc_engine_path='%s'", config->opensc_engine_path); } else if (os_strncmp(pos, "pkcs11_engine_path=", 19) == 0) { os_free(config->pkcs11_engine_path); config->pkcs11_engine_path = os_strdup(pos + 19); wpa_printf(MSG_DEBUG, "pkcs11_engine_path='%s'", config->pkcs11_engine_path); } else if (os_strncmp(pos, "pkcs11_module_path=", 19) == 0) { os_free(config->pkcs11_module_path); config->pkcs11_module_path = os_strdup(pos + 19); wpa_printf(MSG_DEBUG, "pkcs11_module_path='%s'", config->pkcs11_module_path); } else if (os_strncmp(pos, "driver_param=", 13) == 0) { os_free(config->driver_param); config->driver_param = os_strdup(pos + 13); wpa_printf(MSG_DEBUG, "driver_param='%s'", config->driver_param); } else if (os_strncmp(pos, "dot11RSNAConfigPMKLifetime=", 27) == 0) { config->dot11RSNAConfigPMKLifetime = atoi(pos + 27); wpa_printf(MSG_DEBUG, "dot11RSNAConfigPMKLifetime=%d", config->dot11RSNAConfigPMKLifetime); } else if (os_strncmp(pos, "dot11RSNAConfigPMKReauthThreshold=", 34) == 0) { config->dot11RSNAConfigPMKReauthThreshold = atoi(pos + 34); wpa_printf(MSG_DEBUG, "dot11RSNAConfigPMKReauthThreshold=%d", config->dot11RSNAConfigPMKReauthThreshold); } else if (os_strncmp(pos, "dot11RSNAConfigSATimeout=", 25) == 0) { config->dot11RSNAConfigSATimeout = atoi(pos + 25); wpa_printf(MSG_DEBUG, "dot11RSNAConfigSATimeout=%d", config->dot11RSNAConfigSATimeout); } else if (os_strncmp(pos, "update_config=", 14) == 0) { config->update_config = atoi(pos + 14); wpa_printf(MSG_DEBUG, "update_config=%d", config->update_config); } else if (os_strncmp(pos, "load_dynamic_eap=", 17) == 0) { char *so = pos + 17; int ret; wpa_printf(MSG_DEBUG, "load_dynamic_eap=%s", so); ret = eap_peer_method_load(so); if (ret == -2) { wpa_printf(MSG_DEBUG, "This EAP type was " "already loaded - not reloading."); } else if (ret) { wpa_printf(MSG_ERROR, "Line %d: Failed to " "load dynamic EAP method '%s'.", line, so); errors++; } } else { wpa_printf(MSG_ERROR, "Line %d: Invalid configuration " "line '%s'.", line, pos); errors++; continue; } } fclose(f); config->ssid = head; wpa_config_debug_dump_networks(config); #ifndef WPA_IGNORE_CONFIG_ERRORS if (errors) { wpa_config_free(config); config = NULL; head = NULL; } #endif return config; }
// ============================================================================= static int sci_csvDefault_one_rhs(char *fname, void* pvApiCtx) { int iErr = 0; char *fieldname = NULL; char *fieldvalue = NULL; fieldname = csv_getArgumentAsString(pvApiCtx, 1, fname, &iErr); if (iErr) { freeVar(&fieldname, &fieldvalue); return 0; } if (strcmp(fieldname, SEPARATOR_FIELDNAME) == 0) { fieldvalue = os_strdup(getCsvDefaultSeparator()); } else if (strcmp(fieldname, DECIMAL_FIELDNAME) == 0) { fieldvalue = os_strdup(getCsvDefaultDecimal()); } else if (strcmp(fieldname, CONVERSION_FIELDNAME) == 0) { fieldvalue = os_strdup(getCsvDefaultConversion()); } else if (strcmp(fieldname, PRECISION_FIELDNAME) == 0) { fieldvalue = os_strdup(getCsvDefaultPrecision()); } else if (strcmp(fieldname, COMMENTSREGEXP_FIELDNAME) == 0) { fieldvalue = os_strdup(getCsvDefaultCommentsRegExp()); } else if (strcmp(fieldname, EOL_FIELDNAME) == 0) { const char *currentEol = getCsvDefaultEOL(); if (currentEol) { if (strcmp(currentEol, MACOS9_EOL) == 0) { fieldvalue = os_strdup(MACOS9_EOL_STRING); } else if (strcmp(currentEol, WINDOWS_EOL) == 0) { fieldvalue = os_strdup(WINDOWS_EOL_STRING); } else if (strcmp(currentEol, LINUX_EOL) == 0) { fieldvalue = os_strdup(LINUX_EOL_STRING); } else { fieldvalue = os_strdup("ERROR"); } } else { fieldvalue = os_strdup("ERROR"); } } else if (strcmp(fieldname, ENCODING_FIELDNAME) == 0) { fieldvalue = os_strdup(getCsvDefaultEncoding()); } else if (strcmp(fieldname, BLANK_FIELDNAME) == 0) { fieldvalue = os_strdup(getCsvDefaultCsvIgnoreBlankLine()); } else if (strcmp(fieldname, RESET_PARAMATERS) == 0) { freeVar(&fieldname, &fieldvalue); setCsvDefaultReset(); createEmptyMatrix(pvApiCtx, Rhs + 1); LhsVar(1) = Rhs + 1; PutLhsVar(); return 0; } else { Scierror(999, _("%s: Wrong value for input argument #%d: '%s', '%s', '%s', '%s', '%s' or '%s' expected.\n"), fname, 1, SEPARATOR_FIELDNAME, DECIMAL_FIELDNAME, CONVERSION_FIELDNAME, COMMENTSREGEXP_FIELDNAME, EOL_FIELDNAME, BLANK_FIELDNAME); freeVar(&fieldname, &fieldvalue); return 0; } createSingleString(pvApiCtx, Rhs + 1, fieldvalue); freeVar(&fieldname, &fieldvalue); LhsVar(1) = Rhs + 1; PutLhsVar(); return 0; }
/** int rk_check_file(char *value, char *pattern) */ int rk_check_file(char *file, char *pattern) { char *split_file; int full_negate = 0; int pt_result = 0; FILE *fp; char buf[OS_SIZE_2048 +1]; /* If string is null, we don't match */ if(file == NULL) { return(0); } /* Checking if the file is divided */ split_file = strchr(file, ','); if(split_file) { *split_file = '\0'; split_file++; } /* Getting each file */ do { /* If we don't have a pattern, just check if the file/dir is there */ if(pattern == NULL) { if(is_file(file)) { int i = 0; char _b_msg[OS_SIZE_1024 +1]; _b_msg[OS_SIZE_1024] = '\0'; snprintf(_b_msg, OS_SIZE_1024, " File: %s.", file); /* Already present. */ if(_is_str_in_array(rootcheck.alert_msg, _b_msg)) { return(1); } while(rootcheck.alert_msg[i] && (i < 255)) i++; if(!rootcheck.alert_msg[i]) os_strdup(_b_msg, rootcheck.alert_msg[i]); return(1); } } else { full_negate = pt_check_negate(pattern); /* Checking for a content in the file */ debug1("checking file: %s", file); fp = fopen(file, "r"); if(fp) { debug1(" starting new file: %s", file); buf[OS_SIZE_2048] = '\0'; while(fgets(buf, OS_SIZE_2048, fp) != NULL) { char *nbuf; /* Removing end of line */ nbuf = strchr(buf, '\n'); if(nbuf) { *nbuf = '\0'; } #ifdef WIN32 /* Removing end of line */ nbuf = strchr(buf, '\r'); if(nbuf) { *nbuf = '\0'; } #endif /* Matched */ pt_result = pt_matches(buf, pattern); debug1("Buf == \"%s\"", buf); debug1("Pattern == \"%s\"", pattern); debug1("pt_result == %d and full_negate == %d", pt_result, full_negate); if((pt_result == 1 && full_negate == 0) ) { debug1("alerting file %s on line %s", file, buf); int i = 0; char _b_msg[OS_SIZE_1024 +1]; /* Closing the file before dealing with the alert. */ fclose(fp); /* Generating the alert itself. */ _b_msg[OS_SIZE_1024] = '\0'; snprintf(_b_msg, OS_SIZE_1024, " File: %s.", file); /* Already present. */ if(_is_str_in_array(rootcheck.alert_msg, _b_msg)) { return(1); } while(rootcheck.alert_msg[i] && (i < 255)) i++; if(!rootcheck.alert_msg[i]) os_strdup(_b_msg, rootcheck.alert_msg[i]); return(1); } else if((pt_result == 0 && full_negate == 1) ) { /* found a full+negate match so no longer need to search * break out of loop and amke sure the full negate does * not alertin */ debug1("found a complete match for full_negate"); full_negate = 0; break; } } fclose(fp); if(full_negate == 1) { debug1("full_negate alerting - file %s",file); int i = 0; char _b_msg[OS_SIZE_1024 +1]; /* Generating the alert itself. */ _b_msg[OS_SIZE_1024] = '\0'; snprintf(_b_msg, OS_SIZE_1024, " File: %s.", file); /* Already present. */ if(_is_str_in_array(rootcheck.alert_msg, _b_msg)) { return(1); } while(rootcheck.alert_msg[i] && (i < 255)) i++; if(!rootcheck.alert_msg[i]) os_strdup(_b_msg, rootcheck.alert_msg[i]); return(1); } } } if(split_file) { file = split_file; split_file = strchr(split_file, ','); if(split_file) { split_file++; } } }while(split_file); return(0); }
// ============================================================================= static int sci_csvDefault_no_rhs(char *fname, void* pvApiCtx) { int sizeArray = NUMBER_FIELD * 2; char **arrayOut = (char**)MALLOC(sizeof(char*) * sizeArray); if (arrayOut) { SciErr sciErr; int nbRows = NUMBER_FIELD; int nbCols = 2; const char *currentEol = getCsvDefaultEOL(); arrayOut[0] = os_strdup(SEPARATOR_FIELDNAME); arrayOut[1] = os_strdup(DECIMAL_FIELDNAME); arrayOut[2] = os_strdup(CONVERSION_FIELDNAME); arrayOut[3] = os_strdup(PRECISION_FIELDNAME); arrayOut[4] = os_strdup(COMMENTSREGEXP_FIELDNAME); arrayOut[5] = os_strdup(EOL_FIELDNAME); arrayOut[6] = os_strdup(ENCODING_FIELDNAME); arrayOut[7] = os_strdup(BLANK_FIELDNAME); arrayOut[8] = os_strdup(getCsvDefaultSeparator()); arrayOut[9] = os_strdup(getCsvDefaultDecimal()); arrayOut[10] = os_strdup(getCsvDefaultConversion()); arrayOut[11] = os_strdup(getCsvDefaultPrecision()); arrayOut[12] = os_strdup(getCsvDefaultCommentsRegExp()); if (currentEol) { if (strcmp(currentEol, MACOS9_EOL) == 0) { arrayOut[13] = os_strdup(MACOS9_EOL_STRING); } else if (strcmp(currentEol, WINDOWS_EOL) == 0) { arrayOut[13] = os_strdup(WINDOWS_EOL_STRING); } else if (strcmp(currentEol, LINUX_EOL) == 0) { arrayOut[13] = os_strdup(LINUX_EOL_STRING); } else { arrayOut[13] = os_strdup("ERROR"); } } else { arrayOut[13] = os_strdup("ERROR"); } arrayOut[14] = os_strdup(getCsvDefaultEncoding()); arrayOut[15] = os_strdup(getCsvDefaultCsvIgnoreBlankLine()); sciErr = createMatrixOfString(pvApiCtx, Rhs + 1, nbRows, nbCols, arrayOut); freeArrayOfString(arrayOut, sizeArray); if (sciErr.iErr) { printError(&sciErr, 0); return 0; } LhsVar(1) = Rhs + 1; PutLhsVar(); } else { Scierror(999, _("%s: Memory allocation error.\n"), fname); } return 0; }
int main(int argc, char *argv[]) { int warning_displayed = 0; int c; int daemonize = 0; if (os_program_init()) return -1; for (;;) { c = getopt(argc, argv, "a:BhG:i:p:v"); if (c < 0) break; switch (c) { case 'a': action_file = optarg; break; case 'B': daemonize = 1; break; case 'G': ping_interval = atoi(optarg); break; case 'h': usage(); return 0; case 'v': printf("%s\n", hostapd_cli_version); return 0; case 'i': os_free(ctrl_ifname); ctrl_ifname = os_strdup(optarg); break; case 'p': ctrl_iface_dir = optarg; break; default: usage(); return -1; } } interactive = (argc == optind) && (action_file == NULL); if (interactive) { printf("%s\n\n%s\n\n", hostapd_cli_version, hostapd_cli_license); } if (eloop_init()) return -1; for (;;) { if (ctrl_ifname == NULL) { struct dirent *dent; DIR *dir = opendir(ctrl_iface_dir); if (dir) { while ((dent = readdir(dir))) { if (os_strcmp(dent->d_name, ".") == 0 || os_strcmp(dent->d_name, "..") == 0) continue; printf("Selected interface '%s'\n", dent->d_name); ctrl_ifname = os_strdup(dent->d_name); break; } closedir(dir); } } ctrl_conn = hostapd_cli_open_connection(ctrl_ifname); if (ctrl_conn) { if (warning_displayed) printf("Connection established.\n"); break; } if (!interactive) { perror("Failed to connect to hostapd - " "wpa_ctrl_open"); return -1; } if (!warning_displayed) { printf("Could not connect to hostapd - re-trying\n"); warning_displayed = 1; } os_sleep(1, 0); continue; } if (interactive || action_file) { if (wpa_ctrl_attach(ctrl_conn) == 0) { hostapd_cli_attached = 1; } else { printf("Warning: Failed to attach to hostapd.\n"); if (action_file) return -1; } } if (daemonize && os_daemonize(pid_file)) return -1; if (interactive) hostapd_cli_interactive(); else if (action_file) hostapd_cli_action(ctrl_conn); else wpa_request(ctrl_conn, argc - optind, &argv[optind]); os_free(ctrl_ifname); eloop_destroy(); hostapd_cli_cleanup(); return 0; }
void generate_reports(int cday, int cmon, int cyear, const struct tm *p) { int s = 0; if(!mond.smtpserver) { return; } if(mond.reports) { int twait = 0; int childcount = 0; while(mond.reports[s]) { pid_t pid; if(mond.reports[s]->emailto == NULL) { s++; continue; } /* We create a new process to run the report and send the email. * To avoid crashing monitord if something goes wrong. */ pid = fork(); if(pid < 0) { merror("%s: ERROR: Fork failed. cause: %d - %s", ARGV0, errno, strerror(errno)); s++; continue; } else if(pid == 0) { char fname[256]; char aname[256]; fname[255] = '\0'; aname[255] = '\0'; snprintf(fname, 255, "/logs/.report-%d.log", getpid()); merror("%s: INFO: Starting daily reporting for '%s'", ARGV0, mond.reports[s]->title); mond.reports[s]->r_filter.fp = fopen(fname, "w+"); if(!mond.reports[s]->r_filter.fp) { merror("%s: ERROR: Unable to open temporary reports file.", ARGV0); s++; continue; } /* Opening the log file. */ snprintf(aname, 255, "%s/%d/%s/ossec-%s-%02d.log", ALERTS, cyear, monthss[cmon], "alerts", cday); os_strdup(aname, mond.reports[s]->r_filter.filename); /* Starting report */ os_ReportdStart(&mond.reports[s]->r_filter); fflush(mond.reports[s]->r_filter.fp); if(ftell(mond.reports[s]->r_filter.fp) < 10) { merror("%s: INFO: Report '%s' empty.", ARGV0, mond.reports[s]->title); } else if(OS_SendCustomEmail(mond.reports[s]->emailto, mond.reports[s]->title, mond.smtpserver, mond.emailfrom, mond.emailidsname, mond.reports[s]->r_filter.fp, p) != 0) { merror("%s: WARN: Unable to send report email.", ARGV0); } fclose(mond.reports[s]->r_filter.fp); unlink(fname); free(mond.reports[s]->r_filter.filename); mond.reports[s]->r_filter.filename = NULL; exit(0); } else { /* Sleep between each report. Time is not important in here. */ sleep(20); childcount++; } s++; } while (childcount) { int wp; wp = waitpid((pid_t) -1, NULL, WNOHANG); if (wp < 0) { merror(WAITPID_ERROR, ARGV0, errno, strerror(errno)); } else if(wp == 0) { /* If there is still any report left, sleep 5 and try again.*/ sleep(5); twait++; if(twait > 2) { merror("%s: WARN: Report taking too long to complete. Waiting for it to finish...", ARGV0); sleep(10); if(twait > 10) { merror("%s: WARN: Report took too long. Moving on...", ARGV0); break; } } } else { childcount--; } } } return; }
int main(int argc, char *argv[]) { struct wpa_global global; struct wpa_supplicant wpa_s; int c, ret = 1, wait_for_monitor = 0, save_config = 0; char *as_addr = "127.0.0.1"; int as_port = 1812; char *as_secret = "radius"; char *cli_addr = NULL; char *conf = NULL; int timeout = 30; char *pos; struct extra_radius_attr *p = NULL, *p1; if (os_program_init()) return -1; hostapd_logger_register_cb(hostapd_logger_cb); os_memset(&eapol_test, 0, sizeof(eapol_test)); eapol_test.connect_info = "CONNECT 11Mbps 802.11b"; os_memcpy(eapol_test.own_addr, "\x02\x00\x00\x00\x00\x01", ETH_ALEN); eapol_test.pcsc_pin = "1234"; wpa_debug_level = 0; wpa_debug_show_keys = 1; for (;;) { c = getopt(argc, argv, "a:A:c:C:eM:nN:o:p:P:r:R:s:St:W"); if (c < 0) break; switch (c) { case 'a': as_addr = optarg; break; case 'A': cli_addr = optarg; break; case 'c': conf = optarg; break; case 'C': eapol_test.connect_info = optarg; break; case 'e': eapol_test.req_eap_key_name = 1; break; case 'M': if (hwaddr_aton(optarg, eapol_test.own_addr)) { usage(); return -1; } break; case 'n': eapol_test.no_mppe_keys++; break; case 'o': if (eapol_test.server_cert_file) fclose(eapol_test.server_cert_file); eapol_test.server_cert_file = fopen(optarg, "w"); if (eapol_test.server_cert_file == NULL) { printf("Could not open '%s' for writing\n", optarg); return -1; } break; case 'p': as_port = atoi(optarg); break; case 'P': eapol_test.pcsc_pin = optarg; break; case 'r': eapol_test.eapol_test_num_reauths = atoi(optarg); break; case 'R': eapol_test.pcsc_reader = optarg; break; case 's': as_secret = optarg; break; case 'S': save_config++; break; case 't': timeout = atoi(optarg); break; case 'W': wait_for_monitor++; break; case 'N': p1 = os_zalloc(sizeof(*p1)); if (p1 == NULL) break; if (!p) eapol_test.extra_attrs = p1; else p->next = p1; p = p1; p->type = atoi(optarg); pos = os_strchr(optarg, ':'); if (pos == NULL) { p->syntax = 'n'; p->data = NULL; break; } pos++; if (pos[0] == '\0' || pos[1] != ':') { printf("Incorrect format of attribute " "specification\n"); break; } p->syntax = pos[0]; p->data = pos + 2; break; default: usage(); return -1; } } if (argc > optind && os_strcmp(argv[optind], "scard") == 0) { return scard_test(&eapol_test); } if (argc > optind && os_strcmp(argv[optind], "sim") == 0) { return scard_get_triplets(&eapol_test, argc - optind - 1, &argv[optind + 1]); } if (conf == NULL) { usage(); printf("Configuration file is required.\n"); return -1; } if (eap_register_methods()) { wpa_printf(MSG_ERROR, "Failed to register EAP methods"); return -1; } if (eloop_init()) { wpa_printf(MSG_ERROR, "Failed to initialize event loop"); return -1; } os_memset(&global, 0, sizeof(global)); os_memset(&wpa_s, 0, sizeof(wpa_s)); wpa_s.global = &global; eapol_test.wpa_s = &wpa_s; dl_list_init(&wpa_s.bss); dl_list_init(&wpa_s.bss_id); wpa_s.conf = wpa_config_read(conf, NULL); if (wpa_s.conf == NULL) { printf("Failed to parse configuration file '%s'.\n", conf); return -1; } if (wpa_s.conf->ssid == NULL) { printf("No networks defined.\n"); return -1; } if (eapol_test.pcsc_reader) { os_free(wpa_s.conf->pcsc_reader); wpa_s.conf->pcsc_reader = os_strdup(eapol_test.pcsc_reader); } wpa_init_conf(&eapol_test, &wpa_s, as_addr, as_port, as_secret, cli_addr); wpa_s.ctrl_iface = wpa_supplicant_ctrl_iface_init(&wpa_s); if (wpa_s.ctrl_iface == NULL) { printf("Failed to initialize control interface '%s'.\n" "You may have another eapol_test process already " "running or the file was\n" "left by an unclean termination of eapol_test in " "which case you will need\n" "to manually remove this file before starting " "eapol_test again.\n", wpa_s.conf->ctrl_interface); return -1; } if (wpa_supplicant_scard_init(&wpa_s, wpa_s.conf->ssid)) return -1; if (test_eapol(&eapol_test, &wpa_s, wpa_s.conf->ssid)) return -1; if (wpas_init_ext_pw(&wpa_s) < 0) return -1; if (wait_for_monitor) wpa_supplicant_ctrl_iface_wait(wpa_s.ctrl_iface); eloop_register_timeout(timeout, 0, eapol_test_timeout, &eapol_test, NULL); eloop_register_timeout(0, 0, send_eap_request_identity, &wpa_s, NULL); eloop_register_signal_terminate(eapol_test_terminate, &wpa_s); eloop_register_signal_reconfig(eapol_test_terminate, &wpa_s); eloop_run(); eloop_cancel_timeout(eapol_test_timeout, &eapol_test, NULL); eloop_cancel_timeout(eapol_sm_reauth, &eapol_test, NULL); if (eapol_test_compare_pmk(&eapol_test) == 0 || eapol_test.no_mppe_keys) ret = 0; if (eapol_test.auth_timed_out) ret = -2; if (eapol_test.radius_access_reject_received) ret = -3; if (save_config) wpa_config_write(conf, wpa_s.conf); test_eapol_clean(&eapol_test, &wpa_s); eap_peer_unregister_methods(); #ifdef CONFIG_AP eap_server_unregister_methods(); #endif /* CONFIG_AP */ eloop_destroy(); if (eapol_test.server_cert_file) fclose(eapol_test.server_cert_file); printf("MPPE keys OK: %d mismatch: %d\n", eapol_test.num_mppe_ok, eapol_test.num_mppe_mismatch); if (eapol_test.num_mppe_mismatch) ret = -4; if (ret) printf("FAILURE\n"); else printf("SUCCESS\n"); os_program_deinit(); return ret; }
/*--------------------------------------------------------------------------*/ int sci_fftw_flags(char *fname, void* pvApiCtx) { /* declaration of variables to store scilab parameters address */ static int m1 = 0, n1 = 0; char **Str1 = NULL; char **Str3 = NULL; unsigned int uiVar1 = 0; int* piDataOut = NULL; int* piAddr1 = NULL; int* piLen = NULL; int iType = 0; /* please update me ! */ static int nb_flag = 22; static char *Str[] = { /* documented flags */ "FFTW_MEASURE", "FFTW_DESTROY_INPUT", "FFTW_UNALIGNED", "FFTW_CONSERVE_MEMORY", "FFTW_EXHAUSTIVE", "FFTW_PRESERVE_INPUT", "FFTW_PATIENT", "FFTW_ESTIMATE", /* undocumented beyond-guru flags */ "FFTW_ESTIMATE_PATIENT", "FFTW_BELIEVE_PCOST", "FFTW_NO_DFT_R2HC", "FFTW_NO_NONTHREADED", "FFTW_NO_BUFFERING", "FFTW_NO_INDIRECT_OP", "FFTW_ALLOW_LARGE_GENERIC", "FFTW_NO_RANK_SPLITS", "FFTW_NO_VRANK_SPLITS", "FFTW_NO_VRECURSE", "FFTW_NO_SIMD", "FFTW_NO_SLOW", "FFTW_NO_FIXED_RADIX_LARGE_N", "FFTW_ALLOW_PRUNING" }; static unsigned flagt[] = { /* documented flags */ FFTW_MEASURE, FFTW_DESTROY_INPUT, FFTW_UNALIGNED, FFTW_CONSERVE_MEMORY, FFTW_EXHAUSTIVE, FFTW_PRESERVE_INPUT, FFTW_PATIENT, FFTW_ESTIMATE, /* undocumented beyond-guru flags */ FFTW_ESTIMATE_PATIENT, FFTW_BELIEVE_PCOST, FFTW_NO_DFT_R2HC, FFTW_NO_NONTHREADED, FFTW_NO_BUFFERING, FFTW_NO_INDIRECT_OP, FFTW_ALLOW_LARGE_GENERIC, FFTW_NO_RANK_SPLITS, FFTW_NO_VRANK_SPLITS, FFTW_NO_VRECURSE, FFTW_NO_SIMD, FFTW_NO_SLOW, FFTW_NO_FIXED_RADIX_LARGE_N, FFTW_ALLOW_PRUNING }; unsigned flagv = 0; int i = 0, j = 0; SciErr sciErr; CheckInputArgument(pvApiCtx, 0, 1); if (nbInputArgument(pvApiCtx) == 0) { // nothing } else { //get variable address of the input argument sciErr = getVarAddressFromPosition(pvApiCtx, 1, &piAddr1); if (sciErr.iErr) { printError(&sciErr, 0); return 1; } getVarType(pvApiCtx, piAddr1, &iType); switch (iType) { case sci_ints: { /* int */ int iPrecision = 0; int* pi32Data = NULL; unsigned int* pui32Data = NULL; getMatrixOfIntegerPrecision(pvApiCtx, piAddr1, &iPrecision); if (iPrecision != SCI_INT32 && iPrecision != SCI_UINT32) { Scierror(999, _("%s: Wrong type for input argument #%d: A int32 expected.\n"), fname, 1); return 1; } if (iPrecision == SCI_INT32) { sciErr = getMatrixOfInteger32(pvApiCtx, piAddr1, &m1, &n1, &pi32Data); uiVar1 = (unsigned int)pi32Data[0]; } else { sciErr = getMatrixOfUnsignedInteger32(pvApiCtx, piAddr1, &m1, &n1, &pui32Data); uiVar1 = pui32Data[0]; } if (sciErr.iErr) { Scierror(999, _("%s: Can not read input argument #%d.\n"), fname, 1); printError(&sciErr, 0); return 1; } break; } case sci_matrix: { /* double */ double* pdblData = NULL; sciErr = getMatrixOfDouble(pvApiCtx, piAddr1, &m1, &n1, &pdblData); if (sciErr.iErr) { Scierror(999, _("%s: Can not read input argument #%d.\n"), fname, 1); printError(&sciErr, 0); return 1; } uiVar1 = (unsigned int)pdblData[0]; break; } case sci_strings: { /* string */ //fisrt call to retrieve dimensions sciErr = getMatrixOfString(pvApiCtx, piAddr1, &m1, &n1, NULL, NULL); if (sciErr.iErr) { printError(&sciErr, 0); return 1; } piLen = (int*)MALLOC(sizeof(int) * m1 * n1); //second call to retrieve length of each string sciErr = getMatrixOfString(pvApiCtx, piAddr1, &m1, &n1, piLen, NULL); if (sciErr.iErr) { free(piLen); printError(&sciErr, 0); return 1; } Str1 = (char**)MALLOC(sizeof(char*) * m1 * n1); for (i = 0 ; i < m1 * n1 ; i++) { Str1[i] = (char*)MALLOC(sizeof(char) * (piLen[i] + 1));//+ 1 for null termination } //third call to retrieve data sciErr = getMatrixOfString(pvApiCtx, piAddr1, &m1, &n1, piLen, Str1); if (sciErr.iErr) { free(piLen); freeArrayOfString(Str1, m1 * n1); printError(&sciErr, 0); return 1; } for (j = 0; j < m1 * n1; j++) { for (i = 0; i < nb_flag; i++) { if (strcmp(Str1[j], Str[i]) == 0) { break; } } if (i == nb_flag) { free(piLen); freeArrayOfString(Str1, m1 * n1); Scierror(999, _("%s: Wrong values for input argument #%d: FFTW flag expected.\n"), fname, 1); return 0; } else { if (i > 0) { flagv = ( flagv | (1U << (i - 1)) ); } } } uiVar1 = (unsigned int)flagv; free(piLen); freeArrayOfString(Str1, m1 * n1); m1 = 1; n1 = 1; break; } default: Scierror(53, _("%s: Wrong type for input argument #%d.\n"), fname, 1); return 1; } if (m1 != 1 || n1 != 1) { Scierror(999, _("%s: Wrong size for input argument #%d: %d-by-%d matrix expected.\n"), fname, 1, 1, 1); return 1; } setCurrentFftwFlags(uiVar1); } /* return value of Sci_Plan.flags in position 2 */ sciErr = allocMatrixOfInteger32(pvApiCtx, nbInputArgument(pvApiCtx) + 2, 1, 1, &piDataOut); if (sciErr.iErr) { printError(&sciErr, 0); Scierror(999, _("%s: No more memory.\n"), fname); return 1; } piDataOut[0] = (int) getCurrentFftwFlags(); /*Test for only FFTW_MEASURE*/ if (getCurrentFftwFlags() == 0) { j = 1; if ((Str3 = (char **)MALLOC(sizeof(char *))) == NULL) { Scierror(999, _("%s: No more memory.\n"), fname); return 1; } Str3[0] = os_strdup(Str[0]); if (Str3[0] == NULL) { Scierror(999, _("%s: No more memory.\n"), fname); FREE(Str3); return 1; } } else { j = 0; for (i = 1; i < nb_flag; i++) { if ((getCurrentFftwFlags() & flagt[i]) == flagt[i]) { j++; if (Str3) { Str3 = (char **)REALLOC(Str3, sizeof(char *) * j); } else { Str3 = (char **)MALLOC(sizeof(char *) * j); } if (Str3 == NULL) { Scierror(999, _("%s: No more memory.\n"), fname); return 1; } Str3[j - 1] = os_strdup(Str[i]); if (Str3[j - 1] == NULL) { Scierror(999, _("%s: No more memory.\n"), fname); freeArrayOfString(Str3, j); return 1; } } } } if (Str3 == NULL) { Scierror(999, _("%s: Failed to generate the planner name.\n"), fname); return 1; } /* Create the string matrix as return of the function */ sciErr = createMatrixOfString(pvApiCtx, nbInputArgument(pvApiCtx) + 3, j, 1, Str3); freeArrayOfString(Str3, j); // Data have been copied into Scilab memory if (sciErr.iErr) { printError(&sciErr, 0); return 1; } AssignOutputVariable(pvApiCtx, 1) = nbInputArgument(pvApiCtx) + 2; AssignOutputVariable(pvApiCtx, 2) = nbInputArgument(pvApiCtx) + 3; ReturnArguments(pvApiCtx); return 0; }
int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, const struct tls_connection_params *params) { int ret; if (conn == NULL || params == NULL) return -1; os_free(conn->subject_match); conn->subject_match = NULL; if (params->subject_match) { conn->subject_match = os_strdup(params->subject_match); if (conn->subject_match == NULL) return -1; } os_free(conn->altsubject_match); conn->altsubject_match = NULL; if (params->altsubject_match) { conn->altsubject_match = os_strdup(params->altsubject_match); if (conn->altsubject_match == NULL) return -1; } /* TODO: gnutls_certificate_set_verify_flags(xcred, flags); * to force peer validation(?) */ if (params->ca_cert) { conn->verify_peer = 1; ret = gnutls_certificate_set_x509_trust_file( conn->xcred, params->ca_cert, GNUTLS_X509_FMT_PEM); if (ret < 0) { wpa_printf(MSG_DEBUG, "Failed to read CA cert '%s' " "in PEM format: %s", params->ca_cert, gnutls_strerror(ret)); ret = gnutls_certificate_set_x509_trust_file( conn->xcred, params->ca_cert, GNUTLS_X509_FMT_DER); if (ret < 0) { wpa_printf(MSG_DEBUG, "Failed to read CA cert " "'%s' in DER format: %s", params->ca_cert, gnutls_strerror(ret)); return -1; } } if (params->flags & TLS_CONN_ALLOW_SIGN_RSA_MD5) { gnutls_certificate_set_verify_flags( conn->xcred, GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5); } #if LIBGNUTLS_VERSION_NUMBER >= 0x020800 if (params->flags & TLS_CONN_DISABLE_TIME_CHECKS) { gnutls_certificate_set_verify_flags( conn->xcred, GNUTLS_VERIFY_DISABLE_TIME_CHECKS); } #endif /* LIBGNUTLS_VERSION_NUMBER >= 0x020800 */ } if (params->client_cert && params->private_key) { /* TODO: private_key_passwd? */ ret = gnutls_certificate_set_x509_key_file( conn->xcred, params->client_cert, params->private_key, GNUTLS_X509_FMT_PEM); if (ret < 0) { wpa_printf(MSG_DEBUG, "Failed to read client cert/key " "in PEM format: %s", gnutls_strerror(ret)); ret = gnutls_certificate_set_x509_key_file( conn->xcred, params->client_cert, params->private_key, GNUTLS_X509_FMT_DER); if (ret < 0) { wpa_printf(MSG_DEBUG, "Failed to read client " "cert/key in DER format: %s", gnutls_strerror(ret)); return ret; } } } else if (params->private_key) { int pkcs12_ok = 0; #ifdef PKCS12_FUNCS /* Try to load in PKCS#12 format */ #if LIBGNUTLS_VERSION_NUMBER >= 0x010302 ret = gnutls_certificate_set_x509_simple_pkcs12_file( conn->xcred, params->private_key, GNUTLS_X509_FMT_DER, params->private_key_passwd); if (ret != 0) { wpa_printf(MSG_DEBUG, "Failed to load private_key in " "PKCS#12 format: %s", gnutls_strerror(ret)); return -1; } else pkcs12_ok = 1; #endif /* LIBGNUTLS_VERSION_NUMBER >= 0x010302 */ #endif /* PKCS12_FUNCS */ if (!pkcs12_ok) { wpa_printf(MSG_DEBUG, "GnuTLS: PKCS#12 support not " "included"); return -1; } } conn->params_set = 1; ret = gnutls_credentials_set(conn->session, GNUTLS_CRD_CERTIFICATE, conn->xcred); if (ret < 0) { wpa_printf(MSG_INFO, "Failed to configure credentials: %s", gnutls_strerror(ret)); } return ret; }
char * idl_constLiteralImage ( idl_constLiteral constLiteral) { return os_strdup (constLiteral->valueImage); }
/* __chash: Creates the final key. */ static void __chash(keystore *keys, const char *id, const char *name, char *ip, const char *key) { os_md5 filesum1; os_md5 filesum2; char *tmp_str; char _finalstr[KEYSIZE]; /* Allocating for the whole structure */ keys->keyentries =(keyentry **)realloc(keys->keyentries, (keys->keysize+2)*sizeof(keyentry *)); if(!keys->keyentries) { ErrorExit(MEM_ERROR, __local_name, errno, strerror(errno)); } os_calloc(1, sizeof(keyentry), keys->keyentries[keys->keysize]); /* Setting configured values for id */ os_strdup(id, keys->keyentries[keys->keysize]->id); OSHash_Add(keys->keyhash_id, keys->keyentries[keys->keysize]->id, keys->keyentries[keys->keysize]); /* agent ip */ os_calloc(1, sizeof(os_ip), keys->keyentries[keys->keysize]->ip); if(OS_IsValidIP(ip, keys->keyentries[keys->keysize]->ip) == 0) { ErrorExit(INVALID_IP, __local_name, ip); } /* We need to remove the "/" from the cidr */ if((tmp_str = strchr(keys->keyentries[keys->keysize]->ip->ip, '/')) != NULL) { *tmp_str = '\0'; } OSHash_Add(keys->keyhash_ip, keys->keyentries[keys->keysize]->ip->ip, keys->keyentries[keys->keysize]); /* agent name */ os_strdup(name, keys->keyentries[keys->keysize]->name); /* Initializing the variables */ keys->keyentries[keys->keysize]->rcvd = 0; keys->keyentries[keys->keysize]->local = 0; keys->keyentries[keys->keysize]->keyid = keys->keysize; keys->keyentries[keys->keysize]->global = 0; keys->keyentries[keys->keysize]->fp = NULL; /** Generating final symmetric key **/ /* MD5 from name, id and key */ OS_MD5_Str(name, filesum1); OS_MD5_Str(id, filesum2); /* Generating new filesum1 */ snprintf(_finalstr, sizeof(_finalstr)-1, "%s%s", filesum1, filesum2); /* Using just half of the first md5 (name/id) */ OS_MD5_Str(_finalstr, filesum1); filesum1[15] = '\0'; filesum1[16] = '\0'; /* Second md is just the key */ OS_MD5_Str(key, filesum2); /* Generating final key */ //memset(_finalstr,'\0', sizeof(_finalstr)); snprintf(_finalstr, 49, "%s%s", filesum2, filesum1); /* Final key is 48 * 4 = 192bits */ os_strdup(_finalstr, keys->keyentries[keys->keysize]->key); /* Cleaning final string from memory */ memset_secure(_finalstr,'\0', sizeof(_finalstr)); /* ready for next */ keys->keysize++; return; }
static void * eap_fast_init(struct eap_sm *sm) { struct eap_fast_data *data; u8 ciphers[7] = { TLS_CIPHER_ANON_DH_AES128_SHA, TLS_CIPHER_AES128_SHA, TLS_CIPHER_RSA_DHE_AES128_SHA, TLS_CIPHER_RC4_SHA, TLS_CIPHER_RSA_DHE_AES256_SHA, TLS_CIPHER_AES256_SHA, TLS_CIPHER_NONE }; data = os_zalloc(sizeof(*data)); if (data == NULL) return NULL; data->fast_version = EAP_FAST_VERSION; data->force_version = -1; if (sm->user && sm->user->force_version >= 0) { data->force_version = sm->user->force_version; wpa_printf(MSG_DEBUG, "EAP-FAST: forcing version %d", data->force_version); data->fast_version = data->force_version; } data->state = START; if (eap_server_tls_ssl_init(sm, &data->ssl, 0, EAP_TYPE_FAST)) { wpa_printf(MSG_INFO, "EAP-FAST: Failed to initialize SSL."); eap_fast_reset(sm, data); return NULL; } if (tls_connection_set_cipher_list(sm->ssl_ctx, data->ssl.conn, ciphers) < 0) { wpa_printf(MSG_INFO, "EAP-FAST: Failed to set TLS cipher " "suites"); eap_fast_reset(sm, data); return NULL; } if (tls_connection_set_session_ticket_cb(sm->ssl_ctx, data->ssl.conn, eap_fast_session_ticket_cb, data) < 0) { wpa_printf(MSG_INFO, "EAP-FAST: Failed to set SessionTicket " "callback"); eap_fast_reset(sm, data); return NULL; } if (sm->pac_opaque_encr_key == NULL) { wpa_printf(MSG_INFO, "EAP-FAST: No PAC-Opaque encryption key " "configured"); eap_fast_reset(sm, data); return NULL; } os_memcpy(data->pac_opaque_encr, sm->pac_opaque_encr_key, sizeof(data->pac_opaque_encr)); if (sm->eap_fast_a_id == NULL) { wpa_printf(MSG_INFO, "EAP-FAST: No A-ID configured"); eap_fast_reset(sm, data); return NULL; } data->srv_id = os_malloc(sm->eap_fast_a_id_len); if (data->srv_id == NULL) { eap_fast_reset(sm, data); return NULL; } os_memcpy(data->srv_id, sm->eap_fast_a_id, sm->eap_fast_a_id_len); data->srv_id_len = sm->eap_fast_a_id_len; if (sm->eap_fast_a_id_info == NULL) { wpa_printf(MSG_INFO, "EAP-FAST: No A-ID-Info configured"); eap_fast_reset(sm, data); return NULL; } data->srv_id_info = os_strdup(sm->eap_fast_a_id_info); if (data->srv_id_info == NULL) { eap_fast_reset(sm, data); return NULL; } /* PAC-Key lifetime in seconds (hard limit) */ data->pac_key_lifetime = sm->pac_key_lifetime; /* * PAC-Key refresh time in seconds (soft limit on remaining hard * limit). The server will generate a new PAC-Key when this number of * seconds (or fewer) of the lifetime remains. */ data->pac_key_refresh_time = sm->pac_key_refresh_time; return data; }