struct radius_attr_hdr *radius_msg_add_attr(struct radius_msg *msg, u8 type, const u8 *data, size_t data_len) { size_t buf_needed; struct radius_attr_hdr *attr; if (data_len > RADIUS_MAX_ATTR_LEN) { fd_log_debug("radius_msg_add_attr: too long attribute (%lu bytes)", (unsigned long) data_len); return NULL; } buf_needed = msg->buf_used + sizeof(*attr) + data_len; if (msg->buf_size < buf_needed) { /* allocate more space for message buffer */ unsigned char *nbuf; size_t nlen = msg->buf_size; while (nlen < buf_needed) nlen *= 2; nbuf = os_realloc(msg->buf, nlen); if (nbuf == NULL) return NULL; msg->buf = nbuf; msg->hdr = (struct radius_hdr *) msg->buf; os_memset(msg->buf + msg->buf_size, 0, nlen - msg->buf_size); msg->buf_size = nlen; } attr = (struct radius_attr_hdr *) (msg->buf + msg->buf_used); attr->type = type; attr->length = sizeof(*attr) + data_len; if (data_len > 0) os_memcpy(attr + 1, data, data_len); msg->buf_used += sizeof(*attr) + data_len; if (radius_msg_add_attr_to_array(msg, attr)) return NULL; return attr; }
static int radius_msg_add_attr_to_array(struct radius_msg *msg, struct radius_attr_hdr *attr) { if (msg->attr_used >= msg->attr_size) { struct radius_attr_hdr **nattrs; int nlen = msg->attr_size * 2; nattrs = os_realloc(msg->attrs, nlen * sizeof(*msg->attrs)); if (nattrs == NULL) return -1; msg->attrs = nattrs; msg->attr_size = nlen; } msg->attrs[msg->attr_used++] = attr; return 0; }
/* Mark rules that match specific group (for if_matched_group) */ int OS_MarkGroup(RuleNode *r_node, RuleInfo *orig_rule) { /* If no r_node is given, get first node */ if (r_node == NULL) { r_node = OS_GetFirstRule(); } while (r_node) { if (OSMatch_Execute(r_node->ruleinfo->group, strlen(r_node->ruleinfo->group), orig_rule->if_matched_group)) { unsigned int rule_g = 0; if (r_node->ruleinfo->group_prev_matched) { while (r_node->ruleinfo->group_prev_matched[rule_g]) { rule_g++; } } os_realloc(r_node->ruleinfo->group_prev_matched, (rule_g + 2)*sizeof(OSList *), r_node->ruleinfo->group_prev_matched); r_node->ruleinfo->group_prev_matched[rule_g] = NULL; r_node->ruleinfo->group_prev_matched[rule_g + 1] = NULL; /* Set the size */ r_node->ruleinfo->group_prev_matched_sz = rule_g + 1; r_node->ruleinfo->group_prev_matched[rule_g] = orig_rule->group_search; } /* Check if the child has a rule */ if (r_node->child) { OS_MarkGroup(r_node->child, orig_rule); } r_node = r_node->next; } return (0); }
static void add_str(void *ctx_ptr, const char *fmt, ...) { struct str_buf *str = ctx_ptr; va_list ap; char *n; int len; n = os_realloc(str->buf, str->len + MAX_STR + 2); if (n == NULL) return; str->buf = n; va_start(ap, fmt); len = vsnprintf(str->buf + str->len, MAX_STR, fmt, ap); va_end(ap); if (len >= MAX_STR) len = MAX_STR - 1; str->len += len; str->buf[str->len] = '\0'; }
static PRInt32 nss_io_send(PRFileDesc *fd, const void *buf, PRInt32 amount, PRIntn flags, PRIntervalTime timeout) { struct tls_connection *conn = (struct tls_connection *) fd->secret; u8 *nbuf; wpa_printf(MSG_DEBUG, "NSS: I/O %s", __func__); wpa_hexdump(MSG_MSGDUMP, "NSS: I/O send data", buf, amount); nbuf = os_realloc(conn->push_buf, conn->push_buf_len + amount); if (nbuf == NULL) { wpa_printf(MSG_ERROR, "NSS: Failed to allocate memory for the " "data to be sent"); return PR_FAILURE; } os_memcpy(nbuf + conn->push_buf_len, buf, amount); conn->push_buf = nbuf; conn->push_buf_len += amount; return amount; }
int radius_msg_add_attr_to_array(struct radius_msg *msg, struct radius_attr_hdr *attr) { if (msg->attr_used >= msg->attr_size) { size_t *nattr_pos; int nlen = msg->attr_size * 2; nattr_pos = os_realloc(msg->attr_pos, nlen * sizeof(*msg->attr_pos)); if (nattr_pos == NULL) return -1; msg->attr_pos = nattr_pos; msg->attr_size = nlen; } msg->attr_pos[msg->attr_used++] = (unsigned char *) attr - msg->buf; return 0; }
int eloop_register_read_sock(int sock, eloop_sock_handler handler, void *eloop_data, void *user_data) { WSAEVENT event; struct eloop_sock *tmp; if (eloop_prepare_handles()) return -1; event = WSACreateEvent(); if (event == WSA_INVALID_EVENT) { printf("WSACreateEvent() failed: %d\n", WSAGetLastError()); return -1; } if (WSAEventSelect(sock, event, FD_READ)) { printf("WSAEventSelect() failed: %d\n", WSAGetLastError()); WSACloseEvent(event); return -1; } tmp = os_realloc(eloop.readers, (eloop.reader_count + 1) * sizeof(struct eloop_sock)); if (tmp == NULL) { WSAEventSelect(sock, event, 0); WSACloseEvent(event); return -1; } tmp[eloop.reader_count].sock = sock; tmp[eloop.reader_count].eloop_data = eloop_data; tmp[eloop.reader_count].user_data = user_data; tmp[eloop.reader_count].handler = handler; tmp[eloop.reader_count].event = event; eloop.reader_count++; eloop.readers = tmp; if (sock > eloop.max_sock) eloop.max_sock = sock; eloop.reader_table_changed = 1; return 0; }
int eloop_register_signal(int sig, eloop_signal_handler handler, void *user_data) { struct eloop_signal *tmp; tmp = (struct eloop_signal *) os_realloc(eloop.signals, (eloop.signal_count + 1) * sizeof (struct eloop_signal)); if (tmp == NULL) return -1; tmp[eloop.signal_count].sig = sig; tmp[eloop.signal_count].user_data = user_data; tmp[eloop.signal_count].handler = handler; tmp[eloop.signal_count].signaled = 0; eloop.signal_count++; eloop.signals = tmp; signal(sig, eloop_handle_signal); return 0; }
/** * wpa_config_add_prio_network - Add a network to priority lists * @config: Configuration data from wpa_config_read() * @ssid: Pointer to the network configuration to be added to the list * Returns: 0 on success, -1 on failure * * This function is used to add a network block to the priority list of * networks. This must be called for each network when reading in the full * configuration. In addition, this can be used indirectly when updating * priorities by calling wpa_config_update_prio_list(). */ int wpa_config_add_prio_network(struct wpa_config *config, struct wpa_ssid *ssid) { int prio; struct wpa_ssid *prev, **nlist; /* * Add to an existing priority list if one is available for the * configured priority level for this network. */ for (prio = 0; prio < config->num_prio; prio++) { prev = config->pssid[prio]; if (prev->priority == ssid->priority) { while (prev->pnext) prev = prev->pnext; prev->pnext = ssid; return 0; } } /* First network for this priority - add a new priority list */ nlist = os_realloc(config->pssid, (config->num_prio + 1) * sizeof(struct wpa_ssid *)); if (nlist == NULL) return -1; for (prio = 0; prio < config->num_prio; prio++) { if (nlist[prio]->priority < ssid->priority) break; } os_memmove(&nlist[prio + 1], &nlist[prio], (config->num_prio - prio) * sizeof(struct wpa_ssid *)); nlist[prio] = ssid; config->num_prio++; config->pssid = nlist; return 0; }
int circle_register_signal(int sig, circle_signal_handler handler, void *user_data) { struct circle_signal *tmp; tmp = (struct circle_signal *) os_realloc(circle.signals, (circle.signal_count + 1) * sizeof(struct circle_signal)); if (tmp == NULL) return -1; tmp[circle.signal_count].sig = sig; tmp[circle.signal_count].user_data = user_data; tmp[circle.signal_count].handler = handler; tmp[circle.signal_count].signaled = 0; circle.signal_count++; circle.signals = tmp; signal(sig, circle_handle_signal); return 0; }
char * idl_constExpressionImage ( idl_constExpression constExpression) { char *image = NULL; char *operandImage = NULL; int i; int newLen; if (c_iterLength (constExpression->operands) == 1) { /* Unary operator */ operandImage = idl_operandImage (idl_operand(c_iterObject (constExpression->operands, 0))); newLen = strlen (operatorImage(constExpression->kind)) + strlen (operandImage) + 3; image = os_malloc (newLen); snprintf (image, newLen, "(%s%s)", operatorImage(constExpression->kind), operandImage); os_free (operandImage); } else { /* Binary operator */ for (i = 0; i < c_iterLength (constExpression->operands); i++) { operandImage = idl_operandImage (idl_operand(c_iterObject (constExpression->operands, i))); if (image == NULL) { newLen = strlen (operandImage) + 2; image = os_malloc (newLen); os_strncpy (image, "(", newLen); } else { newLen = strlen (image) + strlen (operatorImage(constExpression->kind)) + strlen (operandImage) + 4; image = os_realloc (image, newLen); strncat (image, " ", newLen); os_strncat (image, operatorImage(constExpression->kind), newLen); strncat (image, " ", newLen); } os_strncat (image, operandImage, newLen); os_free (operandImage); } strncat (image, ")", newLen); } return image; }
int storage_add_spof_group(storage_t *storage, spof_id_t spof_id, spof_group_t **sg) { uint32_t i; spof_group_t *new_spof_groups; EXA_ASSERT(storage != NULL); EXA_ASSERT(sg != NULL); *sg = NULL; if (!SPOF_ID_IS_VALID(spof_id)) return -EINVAL; for (i = 0; i < storage->num_spof_groups; i++) if (storage->spof_groups[i].spof_id == spof_id) return -EEXIST; if (storage->num_spof_groups == EXA_MAX_NODES_NUMBER) return -ENOSPC; new_spof_groups = os_realloc(storage->spof_groups, (storage->num_spof_groups + 1) * sizeof(spof_group_t)); if (new_spof_groups == NULL) return -ENOMEM; spof_group_init(&new_spof_groups[storage->num_spof_groups]); new_spof_groups[storage->num_spof_groups].spof_id = spof_id; *sg = &new_spof_groups[storage->num_spof_groups]; storage->spof_groups = new_spof_groups; storage->num_spof_groups++; return 0; }
static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx) { struct hostapd_data *hapd = eloop_ctx; struct sta_info *sta = timeout_ctx; unsigned int timeout, sec, usec; u8 *trans_id, *nbuf; if (sta->sa_query_count > 0 && ap_check_sa_query_timeout(hapd, sta)) return; nbuf = os_realloc(sta->sa_query_trans_id, (sta->sa_query_count + 1) * WLAN_SA_QUERY_TR_ID_LEN); if (nbuf == NULL) return; if (sta->sa_query_count == 0) { /* Starting a new SA Query procedure */ os_get_time(&sta->sa_query_start); } trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; sta->sa_query_trans_id = nbuf; sta->sa_query_count++; os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN); timeout = hapd->conf->assoc_sa_query_retry_timeout; sec = ((timeout / 1000) * 1024) / 1000; usec = (timeout % 1000) * 1024; eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta); hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, HOSTAPD_LEVEL_DEBUG, "association SA Query attempt %d", sta->sa_query_count); #ifdef NEED_AP_MLME ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id); #endif /* NEED_AP_MLME */ }
int hostapd_register_probereq_cb(struct hostapd_data *hapd, int (*cb)(void *ctx, const u8 *sa, const u8 *da, const u8 *bssid, const u8 *ie, size_t ie_len, int ssi_signal), void *ctx) { struct hostapd_probereq_cb *n; n = os_realloc(hapd->probereq_cb, (hapd->num_probereq_cb + 1) * sizeof(struct hostapd_probereq_cb)); if (n == NULL) return -1; hapd->probereq_cb = n; n = &hapd->probereq_cb[hapd->num_probereq_cb]; hapd->num_probereq_cb++; n->cb = cb; n->ctx = ctx; return 0; }
int dump_syscheck_entry(syscheck_config *syscheck, const char *entry, int vals, int reg, const char *restrictfile) { unsigned int pl = 0; if (reg == 1) { #ifdef WIN32 if (syscheck->registry == NULL) { os_calloc(2, sizeof(registry), syscheck->registry); syscheck->registry[pl + 1].entry = NULL; syscheck->registry[pl].arch = vals; os_strdup(entry, syscheck->registry[pl].entry); } else { while (syscheck->registry[pl].entry != NULL) { pl++; } os_realloc(syscheck->registry, (pl + 2) * sizeof(registry), syscheck->registry); syscheck->registry[pl + 1].entry = NULL; syscheck->registry[pl].arch = vals; os_strdup(entry, syscheck->registry[pl].entry); } #endif } else { if (syscheck->dir == NULL) { os_calloc(2, sizeof(char *), syscheck->dir); syscheck->dir[pl + 1] = NULL; os_strdup(entry, syscheck->dir[pl]); os_calloc(2, sizeof(int), syscheck->opts); syscheck->opts[pl + 1] = 0; syscheck->opts[pl] = vals; os_calloc(2, sizeof(OSMatch *), syscheck->filerestrict); syscheck->filerestrict[pl] = NULL; syscheck->filerestrict[pl + 1] = NULL; } else { while (syscheck->dir[pl] != NULL) { pl++; } os_realloc(syscheck->dir, (pl + 2) * sizeof(char *), syscheck->dir); syscheck->dir[pl + 1] = NULL; os_strdup(entry, syscheck->dir[pl]); os_realloc(syscheck->opts, (pl + 2) * sizeof(int), syscheck->opts); syscheck->opts[pl + 1] = 0; syscheck->opts[pl] = vals; os_realloc(syscheck->filerestrict, (pl + 2) * sizeof(OSMatch *), syscheck->filerestrict); syscheck->filerestrict[pl] = NULL; syscheck->filerestrict[pl + 1] = NULL; } if (restrictfile) { os_calloc(1, sizeof(OSMatch), syscheck->filerestrict[pl]); if (!OSMatch_Compile(restrictfile, syscheck->filerestrict[pl], 0)) { OSMatch *ptm; ptm = syscheck->filerestrict[pl]; merror(REGEX_COMPILE, __local_name, restrictfile, ptm->error); free(syscheck->filerestrict[pl]); syscheck->filerestrict[pl] = NULL; } } } return (1); }
int Read_CReports(XML_NODE node, void *config, void *config2) { int i = 0,s = 0; /* XML definitions */ char *xml_title = "title"; char *xml_type = "type"; char *xml_categories = "category"; char *xml_group = "group"; char *xml_rule = "rule"; char *xml_level = "level"; char *xml_location = "location"; char *xml_showlogs = "showlogs"; char *xml_srcip = "srcip"; char *xml_user = "******"; char *xml_frequency = "frequency"; char *xml_email = "email_to"; monitor_config *mon_config = (monitor_config *)config; /* Getting any configured entry. */ if(mon_config->reports) { while(mon_config->reports[s]) s++; } /* Allocating the memory for the config. */ os_realloc(mon_config->reports, (s + 2) * sizeof(report_config *), mon_config->reports); os_calloc(1, sizeof(report_config), mon_config->reports[s]); mon_config->reports[s + 1] = NULL; /* Zeroing the elements. */ mon_config->reports[s]->title = NULL; mon_config->reports[s]->args = NULL; mon_config->reports[s]->relations = NULL; mon_config->reports[s]->type = NULL; mon_config->reports[s]->emailto = NULL; mon_config->reports[s]->r_filter.group = NULL; mon_config->reports[s]->r_filter.rule = NULL; mon_config->reports[s]->r_filter.level = NULL; mon_config->reports[s]->r_filter.location = NULL; mon_config->reports[s]->r_filter.srcip = NULL; mon_config->reports[s]->r_filter.user = NULL; mon_config->reports[s]->r_filter.related_group = 0; mon_config->reports[s]->r_filter.related_rule = 0; mon_config->reports[s]->r_filter.related_level = 0; mon_config->reports[s]->r_filter.related_location = 0; mon_config->reports[s]->r_filter.related_srcip = 0; mon_config->reports[s]->r_filter.related_user = 0; mon_config->reports[s]->r_filter.report_name = NULL; mon_config->reports[s]->r_filter.show_alerts = 0; /* Reading the XML. */ while(node[i]) { if(!node[i]->element) { merror(XML_ELEMNULL, __local_name); return(OS_INVALID); } else if(!node[i]->content) { merror(XML_VALUENULL, __local_name, node[i]->element); return(OS_INVALID); } else if(strcmp(node[i]->element, xml_title) == 0) { if(!mon_config->reports[s]->title) { os_strdup(node[i]->content, mon_config->reports[s]->title); } } else if(strcmp(node[i]->element, xml_type) == 0) { if(strcmp(node[i]->content, "email") == 0) { if(!mon_config->reports[s]->type) { os_strdup(node[i]->content, mon_config->reports[s]->type); } } else { merror(XML_VALUEERR, __local_name,node[i]->element,node[i]->content); } } else if(strcmp(node[i]->element, xml_frequency) == 0) { } else if(strcmp(node[i]->element, xml_showlogs) == 0) { if(strcasecmp(node[i]->content, "yes") == 0) { mon_config->reports[s]->r_filter.show_alerts = 1; } } else if(strcmp(node[i]->element, xml_categories) == 0) { char *ncat = NULL; _filter_arg(node[i]->content); os_strdup(node[i]->content, ncat); if(os_report_configfilter("group", ncat, &mon_config->reports[s]->r_filter, REPORT_FILTER) < 0) { merror(CONFIG_ERROR, __local_name, "user argument"); } } else if((strcmp(node[i]->element, xml_group) == 0)|| (strcmp(node[i]->element, xml_rule) == 0)|| (strcmp(node[i]->element, xml_level) == 0)|| (strcmp(node[i]->element, xml_location) == 0)|| (strcmp(node[i]->element, xml_srcip) == 0)|| (strcmp(node[i]->element, xml_user) == 0)) { int reportf = REPORT_FILTER; char *ncat = NULL; _filter_arg(node[i]->content); if(node[i]->attributes && node[i]->values) { if(node[i]->attributes[0] && node[i]->values[0]) { if(strcmp(node[i]->attributes[0], "type") == 0) { if(strcmp(node[i]->values[0], "relation") == 0) { reportf = REPORT_RELATED; } else { merror("%s: WARN: Invalid value for 'relation' attribute: '%s'. (ignored).", __local_name, node[i]->values[0]); i++; continue; } } else { merror("%s: WARN: Invalid attribute: %s (ignored). ", __local_name, node[i]->attributes[0]); i++; continue; } } } os_strdup(node[i]->content, ncat); if(os_report_configfilter(node[i]->element, ncat, &mon_config->reports[s]->r_filter, reportf) < 0) { merror("%s: Invalid filter: %s:%s (ignored).", __local_name, node[i]->element, node[i]->content); } } else if(strcmp(node[i]->element, xml_email) == 0) { mon_config->reports[s]->emailto = os_AddStrArray(node[i]->content, mon_config->reports[s]->emailto); } else { merror(XML_INVELEM, __local_name, node[i]->element); return(OS_INVALID); } i++; } /* Setting proper report type. */ mon_config->reports[s]->r_filter.report_type = REPORT_TYPE_DAILY; if(mon_config->reports[s]->emailto == NULL) { if(mon_config->reports[s]->title) merror("%s: No \"email to\" configured for the report '%s'. Ignoring it.", __local_name, mon_config->reports[s]->title); else merror("%s: No \"email to\" and title configured for report. Ignoring it.", __local_name); } if(!mon_config->reports[s]->title) { os_strdup("OSSEC Report (unnamed)", mon_config->reports[s]->title); } mon_config->reports[s]->r_filter.report_name = mon_config->reports[s]->title; return(0); }
const u8 * eap_tls_data_reassemble( struct eap_sm *sm, struct eap_ssl_data *data, const u8 *in_data, size_t in_len, size_t *out_len, int *need_more_input) { u8 *buf; *need_more_input = 0; if (data->tls_in_left > in_len || data->tls_in) { if (data->tls_in_len + in_len == 0) { os_free(data->tls_in); data->tls_in = NULL; data->tls_in_len = 0; wpa_printf(MSG_WARNING, "SSL: Invalid reassembly " "state: tls_in_left=%lu tls_in_len=%lu " "in_len=%lu", (unsigned long) data->tls_in_left, (unsigned long) data->tls_in_len, (unsigned long) in_len); return NULL; } if (data->tls_in_len + in_len > 65536) { /* Limit length to avoid rogue servers from causing * large memory allocations. */ os_free(data->tls_in); data->tls_in = NULL; data->tls_in_len = 0; wpa_printf(MSG_INFO, "SSL: Too long TLS fragment (size" " over 64 kB)"); return NULL; } buf = os_realloc(data->tls_in, data->tls_in_len + in_len); if (buf == NULL) { os_free(data->tls_in); data->tls_in = NULL; data->tls_in_len = 0; wpa_printf(MSG_INFO, "SSL: Could not allocate memory " "for TLS data"); return NULL; } os_memcpy(buf + data->tls_in_len, in_data, in_len); data->tls_in = buf; data->tls_in_len += in_len; if (in_len > data->tls_in_left) { wpa_printf(MSG_INFO, "SSL: more data than TLS message " "length indicated"); data->tls_in_left = 0; return NULL; } data->tls_in_left -= in_len; if (data->tls_in_left > 0) { wpa_printf(MSG_DEBUG, "SSL: Need %lu bytes more input " "data", (unsigned long) data->tls_in_left); *need_more_input = 1; return NULL; } } else { data->tls_in_left = 0; data->tls_in = os_malloc(in_len ? in_len : 1); if (data->tls_in == NULL) return NULL; os_memcpy(data->tls_in, in_data, in_len); data->tls_in_len = in_len; } *out_len = data->tls_in_len; return data->tls_in; }
/** * eap_peer_select_phase2_methods - Select phase 2 EAP method * @config: Pointer to the network configuration * @prefix: 'phase2' configuration prefix, e.g., "auth=" * @types: Buffer for returning allocated list of allowed EAP methods * @num_types: Buffer for returning number of allocated EAP methods * Returns: 0 on success, -1 on failure * * This function is used to parse EAP method list and select allowed methods * for Phase2 authentication. */ int eap_peer_select_phase2_methods(struct eap_peer_config *config, const char *prefix, struct eap_method_type **types, size_t *num_types) { char *start, *pos, *buf; struct eap_method_type *methods = NULL, *_methods; u8 method; size_t num_methods = 0, prefix_len; if (config == NULL || config->phase2 == NULL) goto get_defaults; start = buf = os_strdup(config->phase2); if (buf == NULL) return -1; prefix_len = os_strlen(prefix); while (start && *start != '\0') { int vendor; pos = os_strstr(start, prefix); if (pos == NULL) break; if (start != pos && *(pos - 1) != ' ') { start = pos + prefix_len; continue; } start = pos + prefix_len; pos = os_strchr(start, ' '); if (pos) *pos++ = '\0'; method = eap_get_phase2_type(start, &vendor); if (vendor == EAP_VENDOR_IETF && method == EAP_TYPE_NONE) { wpa_printf(MSG_ERROR, "TLS: Unsupported Phase2 EAP " "method '%s'", start); } else { num_methods++; _methods = os_realloc(methods, num_methods * sizeof(*methods)); if (_methods == NULL) { os_free(methods); os_free(buf); return -1; } methods = _methods; methods[num_methods - 1].vendor = vendor; methods[num_methods - 1].method = method; } start = pos; } os_free(buf); get_defaults: if (methods == NULL) methods = eap_get_phase2_types(config, &num_methods); if (methods == NULL) { wpa_printf(MSG_ERROR, "TLS: No Phase2 EAP methods available"); return -1; } wpa_hexdump(MSG_DEBUG, "TLS: Phase2 EAP types", (u8 *) methods, num_methods * sizeof(struct eap_method_type)); *types = methods; *num_types = num_methods; return 0; }
static int wpa_config_parse_eap(const struct parse_data *data, struct wpa_ssid *ssid, int line, const char *value) { int last, errors = 0; char *start, *end, *buf; struct eap_method_type *methods = NULL, *tmp; size_t num_methods = 0; buf = os_strdup(value); if (buf == NULL) return -1; start = buf; while (*start != '\0') { while (*start == ' ' || *start == '\t') start++; if (*start == '\0') break; end = start; while (*end != ' ' && *end != '\t' && *end != '\0') end++; last = *end == '\0'; *end = '\0'; tmp = methods; methods = os_realloc(methods, (num_methods + 1) * sizeof(*methods)); if (methods == NULL) { os_free(tmp); os_free(buf); return -1; } methods[num_methods].method = eap_peer_get_type( start, &methods[num_methods].vendor); if (methods[num_methods].vendor == EAP_VENDOR_IETF && methods[num_methods].method == EAP_TYPE_NONE) { wpa_printf(MSG_ERROR, "Line %d: unknown EAP method " "'%s'", line, start); wpa_printf(MSG_ERROR, "You may need to add support for" " this EAP method during wpa_supplicant\n" "build time configuration.\n" "See README for more information."); errors++; } else if (methods[num_methods].vendor == EAP_VENDOR_IETF && methods[num_methods].method == EAP_TYPE_LEAP) ssid->leap++; else ssid->non_leap++; num_methods++; if (last) break; start = end + 1; } os_free(buf); tmp = methods; methods = os_realloc(methods, (num_methods + 1) * sizeof(*methods)); if (methods == NULL) { os_free(tmp); return -1; } methods[num_methods].vendor = EAP_VENDOR_IETF; methods[num_methods].method = EAP_TYPE_NONE; num_methods++; wpa_hexdump(MSG_MSGDUMP, "eap methods", (u8 *) methods, num_methods * sizeof(*methods)); ssid->eap.eap_methods = methods; return errors ? -1 : 0; }
int Read_Syscheck(XML_NODE node, void *configp, void *mailp) { int i = 0; /* XML Definitions */ char *xml_directories = "directories"; char *xml_registry = "windows_registry"; char *xml_time = "frequency"; char *xml_scanday = "scan_day"; char *xml_scantime = "scan_time"; char *xml_ignore = "ignore"; char *xml_registry_ignore = "registry_ignore"; char *xml_auto_ignore = "auto_ignore"; char *xml_alert_new_files = "alert_new_files"; char *xml_disabled = "disabled"; char *xml_scan_on_start = "scan_on_start"; char *xml_prefilter_cmd = "prefilter_cmd"; /* Configuration example <directories check_all="yes">/etc,/usr/bin</directories> <directories check_owner="yes" check_group="yes" check_perm="yes" check_sum="yes">/var/log</directories> */ config *syscheck; syscheck = (config *)configp; while(node[i]) { if(!node[i]->element) { merror(XML_ELEMNULL, ARGV0); return(OS_INVALID); } else if(!node[i]->content) { merror(XML_VALUENULL, ARGV0, node[i]->element); return(OS_INVALID); } /* Getting directories */ else if(strcmp(node[i]->element,xml_directories) == 0) { char dirs[OS_MAXSTR]; #ifdef WIN32 ExpandEnvironmentStrings(node[i]->content, dirs, sizeof(dirs) -1); #else strncpy(dirs, node[i]->content, sizeof(dirs) -1); #endif if(!read_attr(syscheck, dirs, node[i]->attributes, node[i]->values)) { return(OS_INVALID); } } /* Getting windows registry */ else if(strcmp(node[i]->element,xml_registry) == 0) { #ifdef WIN32 if(!read_reg(syscheck, node[i]->content)) { return(OS_INVALID); } #endif } /* Getting frequency */ else if(strcmp(node[i]->element,xml_time) == 0) { if(!OS_StrIsNum(node[i]->content)) { merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); return(OS_INVALID); } syscheck->time = atoi(node[i]->content); } /* Getting scan time */ else if(strcmp(node[i]->element,xml_scantime) == 0) { syscheck->scan_time = OS_IsValidUniqueTime(node[i]->content); if(!syscheck->scan_time) { merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); return(OS_INVALID); } } /* Getting scan day */ else if(strcmp(node[i]->element,xml_scanday) == 0) { syscheck->scan_day = OS_IsValidDay(node[i]->content); if(!syscheck->scan_day) { merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); return(OS_INVALID); } } /* Getting if xml_scan_on_start. */ else if(strcmp(node[i]->element, xml_scan_on_start) == 0) { if(strcmp(node[i]->content, "yes") == 0) syscheck->scan_on_start = 1; else if(strcmp(node[i]->content, "no") == 0) syscheck->scan_on_start = 0; else { merror(XML_VALUEERR,ARGV0, node[i]->element, node[i]->content); return(OS_INVALID); } } /* Getting if disabled. */ else if(strcmp(node[i]->element,xml_disabled) == 0) { if(strcmp(node[i]->content, "yes") == 0) syscheck->disabled = 1; else if(strcmp(node[i]->content, "no") == 0) syscheck->disabled = 0; else { merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); return(OS_INVALID); } } /* Getting file/dir ignore */ else if(strcmp(node[i]->element,xml_ignore) == 0) { int ign_size = 0; /* For Windows, we attempt to expand environment variables. */ #ifdef WIN32 char *new_ig = NULL; os_calloc(2048, sizeof(char), new_ig); ExpandEnvironmentStrings(node[i]->content, new_ig, 2047); free(node[i]->content); node[i]->content = new_ig; #endif /* Adding if regex */ if(node[i]->attributes && node[i]->values) { if(node[i]->attributes[0] && node[i]->values[0] && (strcmp(node[i]->attributes[0], "type") == 0) && (strcmp(node[i]->values[0], "sregex") == 0)) { OSMatch *mt_pt; if(!syscheck->ignore_regex) { os_calloc(2, sizeof(OSMatch *),syscheck->ignore_regex); syscheck->ignore_regex[0] = NULL; syscheck->ignore_regex[1] = NULL; } else { while(syscheck->ignore_regex[ign_size] != NULL) ign_size++; os_realloc(syscheck->ignore_regex, sizeof(OSMatch *)*(ign_size +2), syscheck->ignore_regex); syscheck->ignore_regex[ign_size +1] = NULL; } os_calloc(1, sizeof(OSMatch), syscheck->ignore_regex[ign_size]); if(!OSMatch_Compile(node[i]->content, syscheck->ignore_regex[ign_size], 0)) { mt_pt = (OSMatch *)syscheck->ignore_regex[ign_size]; merror(REGEX_COMPILE, ARGV0, node[i]->content, mt_pt->error); return(0); } } else { merror(SK_INV_ATTR, ARGV0, node[i]->attributes[0]); return(OS_INVALID); } } /* Adding if simple entry -- checking for duplicates */ else if(!os_IsStrOnArray(node[i]->content, syscheck->ignore)) { if(!syscheck->ignore) { os_calloc(2, sizeof(char *), syscheck->ignore); syscheck->ignore[0] = NULL; syscheck->ignore[1] = NULL; } else { while(syscheck->ignore[ign_size] != NULL) ign_size++; os_realloc(syscheck->ignore, sizeof(char *)*(ign_size +2), syscheck->ignore); syscheck->ignore[ign_size +1] = NULL; } os_strdup(node[i]->content,syscheck->ignore[ign_size]); } } /* Getting registry ignore list */ else if(strcmp(node[i]->element,xml_registry_ignore) == 0) { #ifdef WIN32 int ign_size = 0; /* Adding if regex */ if(node[i]->attributes && node[i]->values) { if(node[i]->attributes[0] && node[i]->values[0] && (strcmp(node[i]->attributes[0], "type") == 0) && (strcmp(node[i]->values[0], "sregex") == 0)) { OSMatch *mt_pt; if(!syscheck->registry_ignore_regex) { os_calloc(2, sizeof(OSMatch *), syscheck->registry_ignore_regex); syscheck->registry_ignore_regex[0] = NULL; syscheck->registry_ignore_regex[1] = NULL; } else { while(syscheck->registry_ignore_regex[ign_size] !=NULL) ign_size++; os_realloc(syscheck->registry_ignore_regex, sizeof(OSMatch *)*(ign_size +2), syscheck->registry_ignore_regex); syscheck->registry_ignore_regex[ign_size +1] = NULL; } os_calloc(1, sizeof(OSMatch), syscheck->registry_ignore_regex[ign_size]); if(!OSMatch_Compile(node[i]->content, syscheck->registry_ignore_regex[ign_size], 0)) { mt_pt = (OSMatch *) syscheck->registry_ignore_regex[ign_size]; merror(REGEX_COMPILE, ARGV0, node[i]->content, mt_pt->error); return(0); } } else { merror(SK_INV_ATTR, ARGV0, node[i]->attributes[0]); return(OS_INVALID); } } /* We do not add duplicated entries */ else if(!os_IsStrOnArray(node[i]->content, syscheck->registry_ignore)) { if(!syscheck->registry_ignore) { os_calloc(2, sizeof(char *), syscheck->registry_ignore); syscheck->registry_ignore[0] = NULL; syscheck->registry_ignore[1] = NULL; } else { while(syscheck->registry_ignore[ign_size] != NULL) ign_size++; os_realloc(syscheck->registry_ignore, sizeof(char *)*(ign_size +2), syscheck->registry_ignore); syscheck->registry_ignore[ign_size +1] = NULL; } os_strdup(node[i]->content,syscheck->registry_ignore[ign_size]); } #endif } else if(strcmp(node[i]->element,xml_auto_ignore) == 0) { /* auto_ignore is not read here. */ } else if(strcmp(node[i]->element,xml_alert_new_files) == 0) { /* alert_new_files option is not read here. */ } else if(strcmp(node[i]->element,xml_prefilter_cmd) == 0) { char cmd[OS_MAXSTR]; struct stat statbuf; #ifdef WIN32 ExpandEnvironmentStrings(node[i]->content, cmd, sizeof(cmd) -1); #else strncpy(cmd, node[i]->content, sizeof(cmd)-1); #endif if (strlen(cmd) > 0) { char statcmd[OS_MAXSTR]; char *ix; strncpy(statcmd, cmd, sizeof(statcmd)-1); if (NULL != (ix = strchr(statcmd, ' '))) { *ix = '\0'; } if (stat(statcmd, &statbuf) == 0) { // More checks needed (perms, owner, etc.) os_calloc(1, strlen(cmd)+1, syscheck->prefilter_cmd); strncpy(syscheck->prefilter_cmd, cmd, strlen(cmd)); } else { merror(XML_VALUEERR,ARGV0, node[i]->element, node[i]->content); return(OS_INVALID); } } } else { merror(XML_INVELEM, ARGV0, node[i]->element); return(OS_INVALID); } i++; } return(0); }
/** alert_data *GetAlertData(FILE *fp) * Returns alert data for the file specified */ alert_data *GetAlertData(int flag, FILE *fp) { int _r = 0, log_size = 0, issyscheck = 0; char *p; char *alertid = NULL; char *date = NULL; char *comment = NULL; char *location = NULL; char *srcip = NULL; char *dstip = NULL; char *user = NULL; char *group = NULL; char *filename = NULL; char *old_md5 = NULL; char *new_md5 = NULL; char *old_sha1 = NULL; char *new_sha1 = NULL; char **log = NULL; #ifdef GEOIP char *geoipdatasrc = NULL; char *geoipdatadst = NULL; #endif int level, rule, srcport = 0, dstport = 0; char str[OS_BUFFER_SIZE+1]; str[OS_BUFFER_SIZE]='\0'; while(fgets(str, OS_BUFFER_SIZE, fp) != NULL) { /* Enf of alert */ if(strcmp(str, "\n") == 0 && log_size > 0) { /* Found in here */ if(_r == 2) { alert_data *al_data; os_calloc(1, sizeof(alert_data), al_data); al_data->alertid = alertid; al_data->level = level; al_data->rule = rule; al_data->location = location; al_data->comment = comment; al_data->group = group; al_data->log = log; al_data->srcip = srcip; al_data->srcport = srcport; al_data->dstip = dstip; al_data->dstport = dstport; al_data->user = user; al_data->date = date; al_data->filename = filename; #ifdef GEOIP al_data->geoipdatasrc = geoipdatasrc; al_data->geoipdatadst = geoipdatadst; #endif al_data->old_md5 = old_md5; al_data->new_md5 = new_md5; al_data->old_sha1 = old_sha1; al_data->new_sha1 = new_sha1; return(al_data); } _r = 0; } /* Checking for the header */ if(strncmp(ALERT_BEGIN, str, ALERT_BEGIN_SZ) == 0) { char *m; int z = 0; p = str + ALERT_BEGIN_SZ + 1; m = strstr(p, ":"); if (!m) { continue; } z = strlen(p) - strlen(m); os_realloc(alertid, (z + 1)*sizeof(char *), alertid); strncpy(alertid, p, z); alertid[z] = '\0'; /* Searching for email flag */ p = strchr(p, ' '); if(!p) { continue; } p++; /* Checking for the flags */ if((flag & CRALERT_MAIL_SET) && (strncmp(ALERT_MAIL, p, ALERT_MAIL_SZ) != 0)) { continue; } p = strchr(p, '-'); if(p) { p++; os_strdup(p, group); /* Cleaning new line from group */ os_clearnl(group, p); if(group != NULL && strstr(group, "syscheck") != NULL) { issyscheck = 1; } } /* Searching for active-response flag */ _r = 1; continue; } if(_r < 1) continue; /*** Extract information from the event ***/ /* r1 means: 2006 Apr 13 16:15:17 /var/log/auth.log */ if(_r == 1) { /* Clear new line */ os_clearnl(str, p); p = strchr(str, ':'); if(p) { p = strchr(p, ' '); if(p) { *p = '\0'; p++; } else { /* If p is null it is because strchr failed */ merror("ZZZ: 1() Merror date or location not NULL"); _r = 0; goto l_error; } } /* If not, str is date and p is the location */ if(date || location) merror("ZZZ Merror date or location not NULL"); os_strdup(str, date); os_strdup(p, location); _r = 2; log_size = 0; continue; } else if(_r == 2) { /* Rule begin */ if(strncmp(RULE_BEGIN, str, RULE_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + RULE_BEGIN_SZ; rule = atoi(p); p = strchr(p, ' '); if(p) { p++; p = strchr(p, ' '); if(p) p++; } if(!p) goto l_error; level = atoi(p); /* Getting the comment */ p = strchr(p, '\''); if(!p) goto l_error; p++; os_strdup(p, comment); /* Must have the closing \' */ p = strrchr(comment, '\''); if(p) { *p = '\0'; } else { goto l_error; } } /* srcip */ else if(strncmp(SRCIP_BEGIN, str, SRCIP_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + SRCIP_BEGIN_SZ; os_strdup(p, srcip); } #ifdef GEOIP /* GeoIP Source Location */ else if (strncmp(GEOIP_BEGIN_SRC, str, GEOIP_BEGIN_SRC_SZ) == 0) { os_clearnl(str,p); p = str + GEOIP_BEGIN_SRC_SZ; os_strdup(p, geoipdatasrc); } #endif /* srcport */ else if(strncmp(SRCPORT_BEGIN, str, SRCPORT_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + SRCPORT_BEGIN_SZ; srcport = atoi(p); } /* dstip */ else if(strncmp(DSTIP_BEGIN, str, DSTIP_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + DSTIP_BEGIN_SZ; os_strdup(p, dstip); } #ifdef GEOIP /* GeoIP Destination Location */ else if (strncmp(GEOIP_BEGIN_DST, str, GEOIP_BEGIN_DST_SZ) == 0) { os_clearnl(str,p); p = str + GEOIP_BEGIN_DST_SZ; os_strdup(p, geoipdatadst); } #endif /* dstport */ else if(strncmp(DSTPORT_BEGIN, str, DSTPORT_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + DSTPORT_BEGIN_SZ; dstport = atoi(p); } /* username */ else if(strncmp(USER_BEGIN, str, USER_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + USER_BEGIN_SZ; os_strdup(p, user); } /* Old MD5 */ else if(strncmp(OLDMD5_BEGIN, str, OLDMD5_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + OLDMD5_BEGIN_SZ; os_strdup(p, old_md5); } /* New MD5 */ else if(strncmp(NEWMD5_BEGIN, str, NEWMD5_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + NEWMD5_BEGIN_SZ; os_strdup(p, new_md5); } /* Old SHA1 */ else if(strncmp(OLDSHA1_BEGIN, str, OLDSHA1_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + OLDSHA1_BEGIN_SZ; os_strdup(p, old_sha1); } /* New SHA1 */ else if(strncmp(NEWSHA1_BEGIN, str, NEWSHA1_BEGIN_SZ) == 0) { os_clearnl(str,p); p = str + NEWSHA1_BEGIN_SZ; os_strdup(p, new_sha1); } /* It is a log message */ else if(log_size < 20) { os_clearnl(str,p); if(str != NULL && issyscheck == 1) { if(strncmp(str, "Integrity checksum changed for: '",33) == 0) { filename = strdup(str+33); if(filename) { filename[strlen(filename) -1] = '\0'; } } issyscheck = 0; } os_realloc(log, (log_size +2)*sizeof(char *), log); os_strdup(str, log[log_size]); log_size++; log[log_size] = NULL; } } continue; l_error: /* Freeing the memory */ _r = 0; if(date) { free(date); date = NULL; } if(location) { free(location); location = NULL; } if(comment) { free(comment); comment = NULL; } if(srcip) { free(srcip); srcip = NULL; } #ifdef GEOIP if(geoipdatasrc) { free(geoipdatasrc); geoipdatasrc = NULL; } if(geoipdatadst) { free(geoipdatadst); geoipdatadst = NULL; } #endif if(user) { free(user); user = NULL; } if(filename) { free(filename); filename = NULL; } if(group) { free(group); group = NULL; } if(old_md5) { free(old_md5); old_md5 = NULL; } if(new_md5) { free(new_md5); new_md5 = NULL; } if(old_sha1) { free(old_sha1); old_sha1 = NULL; } if(new_sha1) { free(new_sha1); new_sha1 = NULL; } while(log_size > 0) { log_size--; if(log[log_size]) { free(log[log_size]); log[log_size] = NULL; } } } if(alertid) { free(alertid); alertid = NULL; } /* We need to clean end of file before returning */ clearerr(fp); return(NULL); }
/* Build a textual representation of the provided scope stack taking the C++ keyword identifier translation into account. Further the function equals "idl_scopeStack". */ c_char * idl_scopeStackISOCxx2( idl_scope scope, const char *scopeSepp, const char *name) { c_long si; c_long sz; c_char *scopeStack; c_char *Id; si = 0; sz = idl_scopeStackSize(scope); if (si < sz) { /* The scope stack is not empty */ /* Copy the first scope element name */ scopeStack = os_strdup(scopeSepp);/* start with the seperator */ Id = idl_ISOCxx2Id(idl_scopeElementName(idl_scopeIndexed(scope, si))); scopeStack = os_realloc(scopeStack, strlen(scopeStack)+strlen(scopeSepp)+strlen(Id)+1); os_strcat(scopeStack, Id); os_free(Id); si++; while (si < sz) { /* Translate the scope name to a C++ identifier */ Id = idl_ISOCxx2Id(idl_scopeElementName(idl_scopeIndexed(scope, si))); /* allocate space for the current scope stack + the separator and the next scope name */ /* QAC EXPECT 5007; will not use wrapper */ scopeStack = os_realloc(scopeStack, strlen(scopeStack)+strlen(scopeSepp)+strlen(Id)+1); /* Concatenate the separator */ /* QAC EXPECT 5007; will not use wrapper */ os_strcat(scopeStack, scopeSepp); /* Concatenate the scope name */ /* QAC EXPECT 5007; will not use wrapper */ os_strcat(scopeStack, Id); os_free(Id); si++; } if (name) { /* A user identifier is specified */ /* Translate the user identifier to a C++ identifier */ Id = idl_ISOCxx2Id(name); /* allocate space for the current scope stack + the separator and the user identifier */ /* QAC EXPECT 5007; will not use wrapper */ scopeStack = os_realloc(scopeStack, strlen(scopeStack)+strlen(scopeSepp)+strlen(Id)+1); /* Concatenate the separator */ /* QAC EXPECT 5007; will not use wrapper */ os_strcat(scopeStack, scopeSepp); /* Concatenate the user identifier */ /* QAC EXPECT 5007; will not use wrapper */ os_strcat(scopeStack, Id); os_free(Id); } } else { /* The stack is empty */ if (name) { /* A user identifier is specified */ scopeStack = idl_ISOCxx2Id(name); } else { /* make the stack represenation empty */ scopeStack = os_strdup(""); } } /* return the scope stack representation */ return scopeStack; }
void* realloc(void* ptr, size_t size) { size = ((size + 3) & ~((size_t)0x3)); return os_realloc(ptr, size); }
int Read_CSyslog(XML_NODE node, void *config, void *config2) { int i = 0,s = 0; /* XML definitions */ char *xml_syslog_server = "server"; char *xml_syslog_port = "port"; char *xml_syslog_format = "format"; char *xml_syslog_level = "level"; char *xml_syslog_id = "rule_id"; char *xml_syslog_group = "group"; char *xml_syslog_location = "event_location"; GeneralConfig *gen_config = (GeneralConfig *)config; SyslogConfig **syslog_config = (SyslogConfig **)gen_config->data; /* Getting Granular mail_to size */ if(syslog_config) { while(syslog_config[s]) s++; } /* Allocating the memory for the config. */ os_realloc(syslog_config, (s + 2) * sizeof(SyslogConfig *), syslog_config); os_calloc(1, sizeof(SyslogConfig), syslog_config[s]); syslog_config[s + 1] = NULL; /* Zeroing the elements. */ syslog_config[s]->server = NULL; syslog_config[s]->rule_id = NULL; syslog_config[s]->group = NULL; syslog_config[s]->location = NULL; syslog_config[s]->level = 0; syslog_config[s]->port = "514"; syslog_config[s]->format = DEFAULT_CSYSLOG; /* local 0 facility (16) + severity 4 - warning. --default */ syslog_config[s]->priority = (16 * 8) + 4; while(node[i]) { if(!node[i]->element) { merror(XML_ELEMNULL, ARGV0); return(OS_INVALID); } else if(!node[i]->content) { merror(XML_VALUENULL, ARGV0, node[i]->element); return(OS_INVALID); } else if(strcmp(node[i]->element, xml_syslog_level) == 0) { if(!OS_StrIsNum(node[i]->content)) { merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); return(OS_INVALID); } syslog_config[s]->level = atoi(node[i]->content); } else if(strcmp(node[i]->element, xml_syslog_port) == 0) { if(!OS_StrIsNum(node[i]->content)) { merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); return(OS_INVALID); } os_strdup(node[i]->content, syslog_config[s]->port); } else if(strcmp(node[i]->element, xml_syslog_server) == 0) { os_strdup(node[i]->content, syslog_config[s]->server); } else if(strcmp(node[i]->element, xml_syslog_id) == 0) { int r_id = 0; char *str_pt = node[i]->content; while(*str_pt != '\0') { /* We allow spaces in between */ if(*str_pt == ' ') { str_pt++; continue; } /* If is digit, we get the value * and search for the next digit * available */ else if(isdigit((int)*str_pt)) { int id_i = 0; r_id = atoi(str_pt); debug1("%s: DEBUG: Adding '%d' to syslog alerting", ARGV0, r_id); if(syslog_config[s]->rule_id) { while(syslog_config[s]->rule_id[id_i]) id_i++; } os_realloc(syslog_config[s]->rule_id, (id_i +2) * sizeof(int), syslog_config[s]->rule_id); syslog_config[s]->rule_id[id_i + i] = 0; syslog_config[s]->rule_id[id_i] = r_id; str_pt = strchr(str_pt, ','); if(str_pt) { str_pt++; } else { break; } } /* Checking for duplicate commas */ else if(*str_pt == ',') { str_pt++; continue; } else { break; } } } else if(strcmp(node[i]->element, xml_syslog_format) == 0) { if(strcmp(node[i]->content, "default") == 0) { /* Default is full format */ } else if (strcmp(node[i]->content, "cef") == 0) { /* Enable the CEF format */ syslog_config[s]->format = CEF_CSYSLOG; } else if (strcmp(node[i]->content, "json") == 0) { /* Enable the JSON format */ syslog_config[s]->format = JSON_CSYSLOG; } else if (strcmp(node[i]->content, "splunk") == 0) { /* Enable the Splunk Key/Value format */ syslog_config[s]->format = SPLUNK_CSYSLOG; } else { merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); return(OS_INVALID); } } else if(strcmp(node[i]->element, xml_syslog_location) == 0) { os_calloc(1, sizeof(OSMatch),syslog_config[s]->location); if(!OSMatch_Compile(node[i]->content, syslog_config[s]->location, 0)) { merror(REGEX_COMPILE, ARGV0, node[i]->content, syslog_config[s]->location->error); return(-1); } } else if(strcmp(node[i]->element, xml_syslog_group) == 0) { os_calloc(1, sizeof(OSMatch),syslog_config[s]->group); if(!OSMatch_Compile(node[i]->content, syslog_config[s]->group, 0)) { merror(REGEX_COMPILE, ARGV0, node[i]->content, syslog_config[s]->group->error); return(-1); } } else { merror(XML_INVELEM, ARGV0, node[i]->element); return(OS_INVALID); } i++; } /* We must have at least one entry set */ if(!syslog_config[s]->server) { merror(XML_INV_CSYSLOG, ARGV0); return(OS_INVALID); } gen_config->data = syslog_config; return(0); }
/* Create the structure with the files and checksums */ static void c_files() { DIR *dp; struct dirent *entry; os_md5 md5sum; unsigned int f_size = 0; f_sum = NULL; /* Create merged file */ os_realloc(f_sum, (f_size + 2) * sizeof(file_sum *), f_sum); os_calloc(1, sizeof(file_sum), f_sum[f_size]); f_sum[f_size]->mark = 0; f_sum[f_size]->name = NULL; f_sum[f_size]->sum[0] = '\0'; MergeAppendFile(SHAREDCFG_FILE, NULL); f_size++; /* Open directory */ dp = opendir(SHAREDCFG_DIR); if (!dp) { merror("%s: Error opening directory: '%s': %s ", ARGV0, SHAREDCFG_DIR, strerror(errno)); return; } /* Read directory */ while ((entry = readdir(dp)) != NULL) { char tmp_dir[512]; /* Ignore . and .. */ if ((strcmp(entry->d_name, ".") == 0) || (strcmp(entry->d_name, "..") == 0)) { continue; } snprintf(tmp_dir, 512, "%s/%s", SHAREDCFG_DIR, entry->d_name); /* Leave the shared config file for later */ if (strcmp(tmp_dir, SHAREDCFG_FILE) == 0) { continue; } if (OS_MD5_File(tmp_dir, md5sum, OS_TEXT) != 0) { merror("%s: Error accessing file '%s'", ARGV0, tmp_dir); continue; } f_sum = (file_sum **)realloc(f_sum, (f_size + 2) * sizeof(file_sum *)); if (!f_sum) { ErrorExit(MEM_ERROR, ARGV0, errno, strerror(errno)); } f_sum[f_size] = (file_sum *) calloc(1, sizeof(file_sum)); if (!f_sum[f_size]) { ErrorExit(MEM_ERROR, ARGV0, errno, strerror(errno)); } strncpy(f_sum[f_size]->sum, md5sum, 32); os_strdup(entry->d_name, f_sum[f_size]->name); f_sum[f_size]->mark = 0; MergeAppendFile(SHAREDCFG_FILE, tmp_dir); f_size++; } if (f_sum != NULL) { f_sum[f_size] = NULL; } closedir(dp); if (OS_MD5_File(SHAREDCFG_FILE, md5sum, OS_TEXT) != 0) { merror("%s: Error accessing file '%s'", ARGV0, SHAREDCFG_FILE); f_sum[0]->sum[0] = '\0'; } strncpy(f_sum[0]->sum, md5sum, 32); os_strdup(SHAREDCFG_FILENAME, f_sum[0]->name); return; }
void* realloc(void* ptr, size_t size) { return os_realloc(ptr, size); }
int Read_Localfile(XML_NODE node, void *d1, void *d2) { int pl = 0; int i = 0; int glob_set = 0; #ifndef WIN32 int glob_offset = 0; #endif /* XML Definitions */ char *xml_localfile_location = "location"; char *xml_localfile_command = "command"; char *xml_localfile_logformat = "log_format"; char *xml_localfile_frequency = "frequency"; char *xml_localfile_alias = "alias"; logreader *logf; logreader_config *log_config; log_config = (logreader_config *)d1; /* If config is not set, we need to create it */ if(!log_config->config) { os_calloc(2, sizeof(logreader), log_config->config); logf = log_config->config; logf[0].file = NULL; logf[0].command = NULL; logf[0].alias = NULL; logf[0].logformat = NULL; logf[1].file = NULL; logf[1].command = NULL; logf[1].alias = NULL; logf[1].logformat = NULL; } else { logf = log_config->config; while(logf[pl].file != NULL) { pl++; } /* Allocating more memory */ os_realloc(logf, (pl +2)*sizeof(logreader), log_config->config); logf = log_config->config; logf[pl +1].file = NULL; logf[pl +1].command = NULL; logf[pl +1].alias = NULL; logf[pl +1].logformat = NULL; } logf[pl].file = NULL; logf[pl].command = NULL; logf[pl].alias = NULL; logf[pl].logformat = NULL; logf[pl].fp = NULL; logf[pl].ffile = NULL; logf[pl].djb_program_name = NULL; logf[pl].ign = 360; /* Searching for entries related to files */ i = 0; while(node[i]) { if(!node[i]->element) { merror(XML_ELEMNULL, ARGV0); return(OS_INVALID); } else if(!node[i]->content) { merror(XML_VALUENULL, ARGV0, node[i]->element); return(OS_INVALID); } else if(strcmp(node[i]->element,xml_localfile_command) == 0) { /* We don't accept remote commands from the manager - just in case. */ if(log_config->agent_cfg == 1 && log_config->accept_remote == 0) { merror("%s: Remote commands are not accepted from the manager. " "Ignoring it on the agent.conf", ARGV0); logf[pl].file = NULL; logf[pl].ffile = NULL; logf[pl].command = NULL; logf[pl].alias = NULL; logf[pl].logformat = NULL; logf[pl].fp = NULL; return(OS_INVALID); } os_strdup(node[i]->content, logf[pl].file); logf[pl].command = logf[pl].file; } else if(strcmp(node[i]->element,xml_localfile_frequency) == 0) { if(strcmp(node[i]->content, "hourly") == 0) { logf[pl].ign = 3600; } else if(strcmp(node[i]->content, "daily") == 0) { logf[pl].ign = 86400; } else { if(!OS_StrIsNum(node[i]->content)) { merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); return(OS_INVALID); } logf[pl].ign = atoi(node[i]->content); } } else if(strcmp(node[i]->element,xml_localfile_location) == 0) { #ifdef WIN32 /* Expand variables on Windows. */ if(strchr(node[i]->content, '%')) { int expandreturn = 0; char newfile[OS_MAXSTR +1]; newfile[OS_MAXSTR] = '\0'; expandreturn = ExpandEnvironmentStrings(node[i]->content, newfile, OS_MAXSTR); if((expandreturn > 0) && (expandreturn < OS_MAXSTR)) { free(node[i]->content); os_strdup(newfile, node[i]->content); } } #endif /* This is a glob*. * We will call this file multiple times until * there is no one else available. */ #ifndef WIN32 /* No windows support for glob */ if(strchr(node[i]->content, '*') || strchr(node[i]->content, '?') || strchr(node[i]->content, '[')) { glob_t g; /* Setting ot the first entry of the glob */ if(glob_set == 0) glob_set = pl +1; if(glob(node[i]->content, 0, NULL, &g) != 0) { merror(GLOB_ERROR, ARGV0, node[i]->content); os_strdup(node[i]->content, logf[pl].file); i++; continue; } /* Checking for the last entry */ if((g.gl_pathv[glob_offset]) == NULL) { /* Checking when nothing is found. */ if(glob_offset == 0) { merror(GLOB_NFOUND, ARGV0, node[i]->content); return(OS_INVALID); } i++; continue; } /* Checking for strftime on globs too. */ if(strchr(g.gl_pathv[glob_offset], '%')) { struct tm *p; time_t l_time = time(0); char lfile[OS_FLSIZE + 1]; size_t ret; p = localtime(&l_time); lfile[OS_FLSIZE] = '\0'; ret = strftime(lfile, OS_FLSIZE, g.gl_pathv[glob_offset], p); if(ret == 0) { merror(PARSE_ERROR, ARGV0, g.gl_pathv[glob_offset]); return(OS_INVALID); } os_strdup(g.gl_pathv[glob_offset], logf[pl].ffile); os_strdup(g.gl_pathv[glob_offset], logf[pl].file); } else { os_strdup(g.gl_pathv[glob_offset], logf[pl].file); } glob_offset++; globfree(&g); /* Now we need to create another file entry */ pl++; os_realloc(logf, (pl +2)*sizeof(logreader), log_config->config); logf = log_config->config; logf[pl].file = NULL; logf[pl].alias = NULL; logf[pl].logformat = NULL; logf[pl].fp = NULL; logf[pl].ffile = NULL; logf[pl +1].file = NULL; logf[pl +1].alias = NULL; logf[pl +1].logformat = NULL; /* We can not increment the file count in here */ continue; } else if(strchr(node[i]->content, '%')) #else if(strchr(node[i]->content, '%')) #endif /* WIN32 */ /* We need the format file (based on date) */ { struct tm *p; time_t l_time = time(0); char lfile[OS_FLSIZE + 1]; size_t ret; p = localtime(&l_time); lfile[OS_FLSIZE] = '\0'; ret = strftime(lfile, OS_FLSIZE, node[i]->content, p); if(ret == 0) { merror(PARSE_ERROR, ARGV0, node[i]->content); return(OS_INVALID); } os_strdup(node[i]->content, logf[pl].ffile); os_strdup(node[i]->content, logf[pl].file); } /* Normal file */ else { os_strdup(node[i]->content, logf[pl].file); } } /* Getting log format */ else if(strcasecmp(node[i]->element,xml_localfile_logformat) == 0) { os_strdup(node[i]->content, logf[pl].logformat); if(strcmp(logf[pl].logformat, "syslog") == 0) { } else if(strcmp(logf[pl].logformat, "generic") == 0) { } else if(strcmp(logf[pl].logformat, "snort-full") == 0) { } else if(strcmp(logf[pl].logformat, "snort-fast") == 0) { } else if(strcmp(logf[pl].logformat, "apache") == 0) { } else if(strcmp(logf[pl].logformat, "iis") == 0) { } else if(strcmp(logf[pl].logformat, "squid") == 0) { } else if(strcmp(logf[pl].logformat, "nmapg") == 0) { } else if(strcmp(logf[pl].logformat, "mysql_log") == 0) { } else if(strcmp(logf[pl].logformat, "ossecalert") == 0) { } else if(strcmp(logf[pl].logformat, "mssql_log") == 0) { } else if(strcmp(logf[pl].logformat, "postgresql_log") == 0) { } else if(strcmp(logf[pl].logformat, "djb-multilog") == 0) { } else if(strcmp(logf[pl].logformat, "syslog-pipe") == 0) { } else if(strcmp(logf[pl].logformat, "command") == 0) { } else if(strcmp(logf[pl].logformat, "full_command") == 0) { } else if(strncmp(logf[pl].logformat, "multi-line", 10) == 0) { int x = 0; logf[pl].logformat+=10; while(logf[pl].logformat[0] == ' ') logf[pl].logformat++; if(logf[pl].logformat[0] != ':') { merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); return(OS_INVALID); } logf[pl].logformat++; while(*logf[pl].logformat == ' ') logf[pl].logformat++; while(logf[pl].logformat[x] >= '0' && logf[pl].logformat[x] <= '9') x++; while(logf[pl].logformat[x] == ' ') x++; if(logf[pl].logformat[x] != '\0') { merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); return(OS_INVALID); } } else if(strcmp(logf[pl].logformat, EVENTLOG) == 0) { } else { merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content); return(OS_INVALID); } } else if(strcasecmp(node[i]->element,xml_localfile_alias) == 0) { os_strdup(node[i]->content, logf[pl].alias); } else { merror(XML_INVELEM, ARGV0, node[i]->element); return(OS_INVALID); } i++; } /* Validating glob entries */ if(glob_set) { char *format; /* Getting log format */ if(logf[pl].logformat) { format = logf[pl].logformat; } else if(logf[glob_set -1].logformat) { format = logf[glob_set -1].logformat; } else { merror(MISS_LOG_FORMAT, ARGV0); return(OS_INVALID); } /* The last entry is always null on glob */ pl--; /* Setting format for all entries */ for(i = (glob_set -1); i<= pl; i++) { /* Every entry must be valid */ if(!logf[i].file) { merror(MISS_FILE, ARGV0); return(OS_INVALID); } if(logf[i].logformat == NULL) { logf[i].logformat = format; } } } /* Missing log format */ if(!logf[pl].logformat) { merror(MISS_LOG_FORMAT, ARGV0); return(OS_INVALID); } /* Missing file */ if(!logf[pl].file) { merror(MISS_FILE, ARGV0); return(OS_INVALID); } /* Verifying a valid event log config */ if(strcmp(logf[pl].logformat, EVENTLOG) == 0) { if((strcmp(logf[pl].file, "Application") != 0)&& (strcmp(logf[pl].file, "System") != 0)&& (strcmp(logf[pl].file, "Security") != 0)) { /* Invalid event log */ merror(NSTD_EVTLOG, ARGV0, logf[pl].file); return(0); } } if((strcmp(logf[pl].logformat, "command") == 0)|| (strcmp(logf[pl].logformat, "full_command") == 0)) { if(!logf[pl].command) { merror("%s: ERROR: Missing 'command' argument. " "This option will be ignored.", ARGV0); } } return(0); }
/* httpread_read_handler -- called when socket ready to read * * Note: any extra data we read past end of transmitted file is ignored; * if we were to support keeping connections open for multiple files then * this would have to be addressed. */ static void httpread_read_handler(int sd, void *eloop_ctx, void *sock_ctx) { struct httpread *h = sock_ctx; int nread; char *rbp; /* pointer into read buffer */ char *hbp; /* pointer into header buffer */ char *bbp; /* pointer into body buffer */ char readbuf[HTTPREAD_READBUF_SIZE]; /* temp use to read into */ if (httpread_debug >= 20) wpa_printf(MSG_DEBUG, "ENTER httpread_read_handler(%p)", h); /* read some at a time, then search for the interal * boundaries between header and data and etc. */ nread = read(h->sd, readbuf, sizeof(readbuf)); if (nread < 0) goto bad; if (nread == 0) { /* end of transmission... this may be normal * or may be an error... in some cases we can't * tell which so we must assume it is normal then. */ if (!h->got_hdr) { /* Must at least have completed header */ wpa_printf(MSG_DEBUG, "httpread premature eof(%p)", h); goto bad; } if (h->chunked || h->got_content_length) { /* Premature EOF; e.g. dropped connection */ wpa_printf(MSG_DEBUG, "httpread premature eof(%p) %d/%d", h, h->body_nbytes, h->content_length); goto bad; } /* No explicit length, hopefully we have all the data * although dropped connections can cause false * end */ if (httpread_debug >= 10) wpa_printf(MSG_DEBUG, "httpread ok eof(%p)", h); h->got_body = 1; goto got_file; } rbp = readbuf; /* Header consists of text lines (terminated by both CR and LF) * and an empty line (CR LF only). */ if (!h->got_hdr) { hbp = h->hdr + h->hdr_nbytes; /* add to headers until: * -- we run out of data in read buffer * -- or, we run out of header buffer room * -- or, we get double CRLF in headers */ for (;;) { if (nread == 0) goto get_more; if (h->hdr_nbytes == HTTPREAD_HEADER_MAX_SIZE) { goto bad; } *hbp++ = *rbp++; nread--; h->hdr_nbytes++; if (h->hdr_nbytes >= 4 && hbp[-1] == '\n' && hbp[-2] == '\r' && hbp[-3] == '\n' && hbp[-4] == '\r' ) { h->got_hdr = 1; *hbp = 0; /* null terminate */ break; } } /* here we've just finished reading the header */ if (httpread_hdr_analyze(h)) { wpa_printf(MSG_DEBUG, "httpread bad hdr(%p)", h); goto bad; } if (h->max_bytes == 0) { if (httpread_debug >= 10) wpa_printf(MSG_DEBUG, "httpread no body hdr end(%p)", h); goto got_file; } if (h->got_content_length && h->content_length == 0) { if (httpread_debug >= 10) wpa_printf(MSG_DEBUG, "httpread zero content length(%p)", h); goto got_file; } } /* Certain types of requests never have data and so * must be specially recognized. */ if (!os_strncasecmp(h->hdr, "SUBSCRIBE", 9) || !os_strncasecmp(h->hdr, "UNSUBSCRIBE", 11) || !os_strncasecmp(h->hdr, "HEAD", 4) || !os_strncasecmp(h->hdr, "GET", 3)) { if (!h->got_body) { if (httpread_debug >= 10) wpa_printf(MSG_DEBUG, "httpread NO BODY for sp. type"); } h->got_body = 1; goto got_file; } /* Data can be just plain binary data, or if "chunked" * consists of chunks each with a header, ending with * an ending header. */ if (!h->got_body) { /* Here to get (more of) body */ /* ensure we have enough room for worst case for body * plus a null termination character */ if (h->body_alloc_nbytes < (h->body_nbytes + nread + 1)) { char *new_body; int new_alloc_nbytes; if (h->body_nbytes >= h->max_bytes) goto bad; new_alloc_nbytes = h->body_alloc_nbytes + HTTPREAD_BODYBUF_DELTA; /* For content-length case, the first time * through we allocate the whole amount * we need. */ if (h->got_content_length && new_alloc_nbytes < (h->content_length + 1)) new_alloc_nbytes = h->content_length + 1; if ((new_body = os_realloc(h->body, new_alloc_nbytes)) == NULL) goto bad; h->body = new_body; h->body_alloc_nbytes = new_alloc_nbytes; } /* add bytes */ bbp = h->body + h->body_nbytes; for (;;) { int ncopy; /* See if we need to stop */ if (h->chunked && h->in_chunk_data == 0) { /* in chunk header */ char *cbp = h->body + h->chunk_start; if (bbp-cbp >= 2 && bbp[-2] == '\r' && bbp[-1] == '\n') { /* end of chunk hdr line */ /* hdr line consists solely * of a hex numeral and CFLF */ if (!isxdigit(*cbp)) goto bad; h->chunk_size = strtoul(cbp, NULL, 16); /* throw away chunk header * so we have only real data */ h->body_nbytes = h->chunk_start; bbp = cbp; if (h->chunk_size == 0) { /* end of chunking */ /* trailer follows */ h->in_trailer = 1; if (httpread_debug >= 20) wpa_printf( MSG_DEBUG, "httpread end chunks(%p)", h); break; } h->in_chunk_data = 1; /* leave chunk_start alone */ } } else if (h->chunked) { /* in chunk data */ if ((h->body_nbytes - h->chunk_start) == (h->chunk_size + 2)) { /* end of chunk reached, * new chunk starts */ /* check chunk ended w/ CRLF * which we'll throw away */ if (bbp[-1] == '\n' && bbp[-2] == '\r') { } else goto bad; h->body_nbytes -= 2; bbp -= 2; h->chunk_start = h->body_nbytes; h->in_chunk_data = 0; h->chunk_size = 0; /* just in case */ } } else if (h->got_content_length && h->body_nbytes >= h->content_length) { h->got_body = 1; if (httpread_debug >= 10) wpa_printf( MSG_DEBUG, "httpread got content(%p)", h); goto got_file; } if (nread <= 0) break; /* Now transfer. Optimize using memcpy where we can. */ if (h->chunked && h->in_chunk_data) { /* copy up to remainder of chunk data * plus the required CR+LF at end */ ncopy = (h->chunk_start + h->chunk_size + 2) - h->body_nbytes; } else if (h->chunked) { /*in chunk header -- don't optimize */ *bbp++ = *rbp++; nread--; h->body_nbytes++; continue; } else if (h->got_content_length) { ncopy = h->content_length - h->body_nbytes; } else { ncopy = nread; } /* Note: should never be 0 */ if (ncopy > nread) ncopy = nread; os_memcpy(bbp, rbp, ncopy); bbp += ncopy; h->body_nbytes += ncopy; rbp += ncopy; nread -= ncopy; } /* body copy loop */ } /* !got_body */ if (h->chunked && h->in_trailer) { /* If "chunked" then there is always a trailer, * consisting of zero or more non-empty lines * ending with CR LF and then an empty line w/ CR LF. * We do NOT support trailers except to skip them -- * this is supported (generally) by the http spec. */ bbp = h->body + h->body_nbytes; for (;;) { int c; if (nread <= 0) break; c = *rbp++; nread--; switch (h->trailer_state) { case trailer_line_begin: if (c == '\r') h->trailer_state = trailer_empty_cr; else h->trailer_state = trailer_nonempty; break; case trailer_empty_cr: /* end empty line */ if (c == '\n') { h->trailer_state = trailer_line_begin; h->in_trailer = 0; if (httpread_debug >= 10) wpa_printf( MSG_DEBUG, "httpread got content(%p)", h); h->got_body = 1; goto got_file; } h->trailer_state = trailer_nonempty; break; case trailer_nonempty: if (c == '\r') h->trailer_state = trailer_nonempty_cr; break; case trailer_nonempty_cr: if (c == '\n') h->trailer_state = trailer_line_begin; else h->trailer_state = trailer_nonempty; break; } } } goto get_more; bad: /* Error */ wpa_printf(MSG_DEBUG, "httpread read/parse failure (%p)", h); (*h->cb)(h, h->cookie, HTTPREAD_EVENT_ERROR); return; get_more: return; got_file: if (httpread_debug >= 10) wpa_printf(MSG_DEBUG, "httpread got file %d bytes type %d", h->body_nbytes, h->hdr_type); /* Null terminate for convenience of some applications */ if (h->body) h->body[h->body_nbytes] = 0; /* null terminate */ h->got_file = 1; /* Assume that we do NOT support keeping connection alive, * and just in case somehow we don't get destroyed right away, * unregister now. */ if (h->sd_registered) eloop_unregister_sock(h->sd, EVENT_TYPE_READ); h->sd_registered = 0; /* The application can destroy us whenever they feel like... * cancel timeout. */ if (h->to_registered) eloop_cancel_timeout(httpread_timeout_handler, NULL, h); h->to_registered = 0; (*h->cb)(h, h->cookie, HTTPREAD_EVENT_FILE_READY); }
int main(int argc, char *argv[]) { int c, i; struct wpa_interface *ifaces, *iface; int iface_count, exitcode = -1; struct wpa_params params; struct wpa_global *global; if (os_program_init()) return -1; os_memset(¶ms, 0, sizeof(params)); params.wpa_debug_level = MSG_INFO; iface = ifaces = os_zalloc(sizeof(struct wpa_interface)); if (ifaces == NULL) return -1; iface_count = 1; wpa_supplicant_fd_workaround(); for (;;) { c = getopt(argc, argv, "b:Bc:C:D:dg:hi:KLNp:P:qtuvwW"); if (c < 0) break; switch (c) { case 'b': iface->bridge_ifname = optarg; break; case 'B': params.daemonize++; break; case 'c': iface->confname = optarg; break; case 'C': iface->ctrl_interface = optarg; break; case 'D': iface->driver = optarg; break; case 'd': #ifdef CONFIG_NO_STDOUT_DEBUG printf("Debugging disabled with " "CONFIG_NO_STDOUT_DEBUG=y build time " "option.\n"); goto out; #else /* CONFIG_NO_STDOUT_DEBUG */ params.wpa_debug_level--; break; #endif /* CONFIG_NO_STDOUT_DEBUG */ case 'g': params.ctrl_interface = optarg; break; case 'h': usage(); goto out; case 'i': iface->ifname = optarg; break; case 'K': params.wpa_debug_show_keys++; break; case 'L': license(); goto out; case 'p': iface->driver_param = optarg; break; case 'P': os_free(params.pid_file); params.pid_file = os_rel2abs_path(optarg); break; case 'q': params.wpa_debug_level++; break; case 't': params.wpa_debug_timestamp++; break; #ifdef CONFIG_CTRL_IFACE_DBUS case 'u': params.dbus_ctrl_interface = 1; break; #endif /* CONFIG_CTRL_IFACE_DBUS */ case 'v': printf("%s\n", wpa_supplicant_version); goto out; case 'w': params.wait_for_interface++; break; case 'W': params.wait_for_monitor++; break; case 'N': iface_count++; iface = os_realloc(ifaces, iface_count * sizeof(struct wpa_interface)); if (iface == NULL) goto out; ifaces = iface; iface = &ifaces[iface_count - 1]; os_memset(iface, 0, sizeof(*iface)); break; default: usage(); goto out; } } exitcode = 0; global = wpa_supplicant_init(¶ms); if (global == NULL) { printf("Failed to initialize wpa_supplicant\n"); exitcode = -1; goto out; } for (i = 0; exitcode == 0 && i < iface_count; i++) { if ((ifaces[i].confname == NULL && ifaces[i].ctrl_interface == NULL) || ifaces[i].ifname == NULL) { if (iface_count == 1 && (params.ctrl_interface || params.dbus_ctrl_interface)) break; usage(); exitcode = -1; break; } if (wpa_supplicant_add_iface(global, &ifaces[i]) == NULL) exitcode = -1; } if (exitcode == 0) exitcode = wpa_supplicant_run(global); wpa_supplicant_deinit(global); out: os_free(ifaces); os_free(params.pid_file); os_program_deinit(); return exitcode; }
u8 * wpa_sm_write_assoc_resp_ies(struct wpa_state_machine *sm, u8 *pos, size_t max_len, int auth_alg, const u8 *req_ies, size_t req_ies_len) { u8 *end, *mdie, *ftie, *rsnie = NULL, *r0kh_id, *subelem = NULL; size_t mdie_len, ftie_len, rsnie_len = 0, r0kh_id_len, subelem_len = 0; int res; struct wpa_auth_config *conf; struct rsn_ftie *_ftie; struct wpa_ft_ies parse; u8 *ric_start; u8 *anonce, *snonce; if (sm == NULL) return pos; conf = &sm->wpa_auth->conf; if (sm->wpa_key_mgmt != WPA_KEY_MGMT_FT_IEEE8021X && sm->wpa_key_mgmt != WPA_KEY_MGMT_FT_PSK) return pos; end = pos + max_len; if (auth_alg == WLAN_AUTH_FT) { /* * RSN (only present if this is a Reassociation Response and * part of a fast BSS transition) */ res = wpa_write_rsn_ie(conf, pos, end - pos, sm->pmk_r1_name); if (res < 0) return pos; rsnie = pos; rsnie_len = res; pos += res; } /* Mobility Domain Information */ res = wpa_write_mdie(conf, pos, end - pos); if (res < 0) return pos; mdie = pos; mdie_len = res; pos += res; /* Fast BSS Transition Information */ if (auth_alg == WLAN_AUTH_FT) { subelem = wpa_ft_gtk_subelem(sm, &subelem_len); r0kh_id = sm->r0kh_id; r0kh_id_len = sm->r0kh_id_len; anonce = sm->ANonce; snonce = sm->SNonce; #ifdef CONFIG_IEEE80211W if (sm->mgmt_frame_prot) { u8 *igtk; size_t igtk_len; u8 *nbuf; igtk = wpa_ft_igtk_subelem(sm, &igtk_len); if (igtk == NULL) { os_free(subelem); return pos; } nbuf = os_realloc(subelem, subelem_len + igtk_len); if (nbuf == NULL) { os_free(subelem); os_free(igtk); return pos; } subelem = nbuf; os_memcpy(subelem + subelem_len, igtk, igtk_len); subelem_len += igtk_len; os_free(igtk); } #endif /* CONFIG_IEEE80211W */ } else { r0kh_id = conf->r0_key_holder; r0kh_id_len = conf->r0_key_holder_len; anonce = NULL; snonce = NULL; } res = wpa_write_ftie(conf, r0kh_id, r0kh_id_len, anonce, snonce, pos, end - pos, subelem, subelem_len); os_free(subelem); if (res < 0) return pos; ftie = pos; ftie_len = res; pos += res; os_free(sm->assoc_resp_ftie); sm->assoc_resp_ftie = os_malloc(ftie_len); if (sm->assoc_resp_ftie) os_memcpy(sm->assoc_resp_ftie, ftie, ftie_len); _ftie = (struct rsn_ftie *) (ftie + 2); if (auth_alg == WLAN_AUTH_FT) _ftie->mic_control[1] = 3; /* Information element count */ ric_start = pos; if (wpa_ft_parse_ies(req_ies, req_ies_len, &parse) == 0 && parse.ric) { pos = wpa_ft_process_ric(pos, end, parse.ric, parse.ric_len); if (auth_alg == WLAN_AUTH_FT) _ftie->mic_control[1] += ieee802_11_ie_count(ric_start, pos - ric_start); } if (ric_start == pos) ric_start = NULL; if (auth_alg == WLAN_AUTH_FT && wpa_ft_mic(sm->PTK.kck, sm->addr, sm->wpa_auth->addr, 6, mdie, mdie_len, ftie, ftie_len, rsnie, rsnie_len, ric_start, ric_start ? pos - ric_start : 0, _ftie->mic) < 0) wpa_printf(MSG_DEBUG, "FT: Failed to calculate MIC"); return pos; }