|
Packit Service |
5e8d2a |
/* aide, Advanced Intrusion Detection Environment
|
|
Packit Service |
5e8d2a |
*
|
|
Packit Service |
5e8d2a |
* Copyright (C) 1999-2006,2010-2013,2015,2016 Rami Lehti, Pablo Virolainen,
|
|
Packit Service |
5e8d2a |
* Mike Markley, Richard van den Berg, Hannes von Haugwitz
|
|
Packit Service |
5e8d2a |
* $Header$
|
|
Packit Service |
5e8d2a |
*
|
|
Packit Service |
5e8d2a |
* This program is free software; you can redistribute it and/or
|
|
Packit Service |
5e8d2a |
* modify it under the terms of the GNU General Public License as
|
|
Packit Service |
5e8d2a |
* published by the Free Software Foundation; either version 2 of the
|
|
Packit Service |
5e8d2a |
* License, or (at your option) any later version.
|
|
Packit Service |
5e8d2a |
*
|
|
Packit Service |
5e8d2a |
* This program is distributed in the hope that it will be useful, but
|
|
Packit Service |
5e8d2a |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit Service |
5e8d2a |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit Service |
5e8d2a |
* General Public License for more details.
|
|
Packit Service |
5e8d2a |
*
|
|
Packit Service |
5e8d2a |
* You should have received a copy of the GNU General Public License
|
|
Packit Service |
5e8d2a |
* along with this program; if not, write to the Free Software
|
|
Packit Service |
5e8d2a |
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
Packit Service |
5e8d2a |
*/
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
#include "aide.h"
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
#include <sys/types.h>
|
|
Packit Service |
5e8d2a |
#include <sys/stat.h>
|
|
Packit Service |
5e8d2a |
#include <stdio.h>
|
|
Packit Service |
5e8d2a |
#include <stdlib.h>
|
|
Packit Service |
5e8d2a |
#include <errno.h>
|
|
Packit Service |
5e8d2a |
#include <signal.h>
|
|
Packit Service |
5e8d2a |
#include <sys/types.h>
|
|
Packit Service |
5e8d2a |
#include <dirent.h>
|
|
Packit Service |
5e8d2a |
#include <time.h>
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
#if HAVE_UNISTD_H
|
|
Packit Service |
5e8d2a |
#include <unistd.h>
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
#include "md.h"
|
|
Packit Service |
5e8d2a |
#include "commandconf.h"
|
|
Packit Service |
5e8d2a |
#include "compare_db.h"
|
|
Packit Service |
5e8d2a |
#include "db_config.h"
|
|
Packit Service |
5e8d2a |
#include "db_file.h"
|
|
Packit Service |
5e8d2a |
#include "do_md.h"
|
|
Packit Service |
5e8d2a |
#include "report.h"
|
|
Packit Service |
5e8d2a |
#include "gen_list.h"
|
|
Packit Service |
5e8d2a |
#include "getopt.h"
|
|
Packit Service |
5e8d2a |
#include "list.h"
|
|
Packit Service |
5e8d2a |
#include "util.h"
|
|
Packit Service |
5e8d2a |
#include "base64.h"
|
|
Packit Service |
5e8d2a |
/*for locale support*/
|
|
Packit Service |
5e8d2a |
#include "locale-aide.h"
|
|
Packit Service |
5e8d2a |
/*for locale support*/
|
|
Packit Service |
5e8d2a |
db_config* conf;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
#ifndef MAXHOSTNAMELEN
|
|
Packit Service |
5e8d2a |
#define MAXHOSTNAMELEN 256
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
static void usage(int exitvalue)
|
|
Packit Service |
5e8d2a |
{
|
|
Packit Service |
5e8d2a |
fprintf(stderr,
|
|
Packit Service |
5e8d2a |
_("Aide " AIDEVERSION" \n\n"
|
|
Packit Service |
5e8d2a |
"Usage: aide [options] command\n\n"
|
|
Packit Service |
5e8d2a |
"Commands:\n"
|
|
Packit Service |
5e8d2a |
" -i, --init\t\tInitialize the database\n"
|
|
Packit Service |
5e8d2a |
" -C, --check\t\tCheck the database\n"
|
|
Packit Service |
5e8d2a |
" -u, --update\t\tCheck and update the database non-interactively\n"
|
|
Packit Service |
5e8d2a |
" -E, --compare\t\tCompare two databases\n\n"
|
|
Packit Service |
5e8d2a |
"Miscellaneous:\n"
|
|
Packit Service |
5e8d2a |
" -D, --config-check\tTest the configuration file\n"
|
|
Packit Service |
5e8d2a |
" -v, --version\t\tShow version of AIDE and compilation options\n"
|
|
Packit Service |
5e8d2a |
" -h, --help\t\tShow this help message\n\n"
|
|
Packit Service |
5e8d2a |
"Options:\n"
|
|
Packit Service |
5e8d2a |
" -c [cfgfile]\t--config=[cfgfile]\tGet config options from [cfgfile]\n"
|
|
Packit Service |
5e8d2a |
" -l [REGEX]\t--limit=[REGEX]\t\tLimit command to entries matching [REGEX]\n"
|
|
Packit Service |
5e8d2a |
" -B \"OPTION\"\t--before=\"OPTION\"\tBefore configuration file is read define OPTION\n"
|
|
Packit Service |
5e8d2a |
" -A \"OPTION\"\t--after=\"OPTION\"\tAfter configuration file is read define OPTION\n"
|
|
Packit Service |
5e8d2a |
" -r [reporter]\t--report=[reporter]\tWrite report output to [reporter] url\n"
|
|
Packit Service |
5e8d2a |
" -V[level]\t--verbose=[level]\tSet debug message level to [level]\n"
|
|
Packit Service |
5e8d2a |
"\n")
|
|
Packit Service |
5e8d2a |
);
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
exit(exitvalue);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
static void print_version(void)
|
|
Packit Service |
5e8d2a |
{
|
|
Packit Service |
5e8d2a |
fprintf(stderr,
|
|
Packit Service |
5e8d2a |
"Aide " AIDEVERSION "\n\n"
|
|
Packit Service |
5e8d2a |
"Compiled with the following options:\n\n" AIDECOMPILEOPTIONS "\n");
|
|
Packit Service |
5e8d2a |
exit(0);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
static int read_param(int argc,char**argv)
|
|
Packit Service |
5e8d2a |
{
|
|
Packit Service |
5e8d2a |
int option = -1;
|
|
Packit Service |
5e8d2a |
char* err=NULL;
|
|
Packit Service |
5e8d2a |
int i=0;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
static struct option options[] =
|
|
Packit Service |
5e8d2a |
{
|
|
Packit Service |
5e8d2a |
{ "help", no_argument, NULL, 'h' },
|
|
Packit Service |
5e8d2a |
{ "verbose", optional_argument, NULL, 'V'},
|
|
Packit Service |
5e8d2a |
{ "version", no_argument, NULL, 'v'},
|
|
Packit Service |
5e8d2a |
{ "config", required_argument, NULL, 'c'},
|
|
Packit Service |
5e8d2a |
{ "before", required_argument, NULL, 'B'},
|
|
Packit Service |
5e8d2a |
{ "after", required_argument, NULL, 'A'},
|
|
Packit Service |
5e8d2a |
{ "report", required_argument, NULL, 'r'},
|
|
Packit Service |
5e8d2a |
{ "init", no_argument, NULL, 'i'},
|
|
Packit Service |
5e8d2a |
{ "check", no_argument, NULL, 'C'},
|
|
Packit Service |
5e8d2a |
{ "update", no_argument, NULL, 'u'},
|
|
Packit Service |
5e8d2a |
{ "config-check", no_argument, NULL, 'D'},
|
|
Packit Service |
5e8d2a |
{ "limit", required_argument, NULL, 'l'},
|
|
Packit Service |
5e8d2a |
{ "compare", no_argument, NULL, 'E'},
|
|
Packit Service |
5e8d2a |
{ NULL,0,NULL,0 }
|
|
Packit Service |
5e8d2a |
};
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
while(1){
|
|
Packit Service |
5e8d2a |
option = getopt_long(argc, argv, "hV::vc:B:A:r:iCuDE", options, &i);
|
|
Packit Service |
5e8d2a |
if(option==-1)
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
switch(option)
|
|
Packit Service |
5e8d2a |
{
|
|
Packit Service |
5e8d2a |
case 'h':{
|
|
Packit Service |
5e8d2a |
usage(0);
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
case 'v':{
|
|
Packit Service |
5e8d2a |
print_version();
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
case 'V':{
|
|
Packit Service |
5e8d2a |
if(optarg!=NULL){
|
|
Packit Service |
5e8d2a |
conf->verbose_level=strtol(optarg,&err,10);
|
|
Packit Service |
5e8d2a |
if(*err!='\0' || conf->verbose_level>255 || conf->verbose_level<0 ||
|
|
Packit Service |
5e8d2a |
errno==ERANGE){
|
|
Packit Service |
5e8d2a |
error(0, _("Illegal verbosity level:%s\n"),optarg);
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
error(230,_("Setting verbosity to %s\n"),optarg);
|
|
Packit Service |
5e8d2a |
}else{
|
|
Packit Service |
5e8d2a |
conf->verbose_level=20;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
case 'c':{
|
|
Packit Service |
5e8d2a |
if(optarg!=NULL){
|
|
Packit Service |
5e8d2a |
conf->config_file=optarg;
|
|
Packit Service |
5e8d2a |
}else{
|
|
Packit Service |
5e8d2a |
error(0,_("No config-file name given!\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
case 'B': {
|
|
Packit Service |
5e8d2a |
if (optarg!=NULL) {
|
|
Packit Service |
5e8d2a |
int errorno=commandconf('B',optarg);
|
|
Packit Service |
5e8d2a |
if (errorno!=0){
|
|
Packit Service |
5e8d2a |
error(0,_("Configuration error in before statement:%s\n"),optarg);
|
|
Packit Service |
5e8d2a |
exit(INVALID_CONFIGURELINE_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
} else {
|
|
Packit Service |
5e8d2a |
error(0,_("-B must have a parameter\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
case 'A': {
|
|
Packit Service |
5e8d2a |
if (optarg!=NULL) {
|
|
Packit Service |
5e8d2a |
int errorno=commandconf('A',optarg);
|
|
Packit Service |
5e8d2a |
if (errorno!=0){
|
|
Packit Service |
5e8d2a |
error(0,_("Configuration error in after statement:%s\n"),optarg);
|
|
Packit Service |
5e8d2a |
exit(INVALID_CONFIGURELINE_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
} else {
|
|
Packit Service |
5e8d2a |
error(0,_("-A must have a parameter\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
case 'l': {
|
|
Packit Service |
5e8d2a |
if (optarg!=NULL) {
|
|
Packit Service |
5e8d2a |
const char* pcre_error;
|
|
Packit Service |
5e8d2a |
int pcre_erroffset;
|
|
Packit Service |
5e8d2a |
conf->limit=malloc(strlen(optarg)+1);
|
|
Packit Service |
5e8d2a |
strcpy(conf->limit,optarg);
|
|
Packit Service |
5e8d2a |
if((conf->limit_crx=pcre_compile(conf->limit, PCRE_ANCHORED, &pcre_error, &pcre_erroffset, NULL)) == NULL) {
|
|
Packit Service |
5e8d2a |
error(0,_("Error in limit regexp '%s' at %i: %s\n"), conf->limit, pcre_erroffset, pcre_error);
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
error(200,_("Limit set to '%s'\n"), conf->limit);
|
|
Packit Service |
5e8d2a |
} else {
|
|
Packit Service |
5e8d2a |
error(0,_("-l must have an argument\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
case 'r': {
|
|
Packit Service |
5e8d2a |
if(optarg!=NULL) {
|
|
Packit Service |
5e8d2a |
do_repurldef(optarg);
|
|
Packit Service |
5e8d2a |
}else {
|
|
Packit Service |
5e8d2a |
error(0,_("-r must have an argument\n"));
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
case 'i': {
|
|
Packit Service |
5e8d2a |
if(conf->action==0){
|
|
Packit Service |
5e8d2a |
conf->action=DO_INIT;
|
|
Packit Service |
5e8d2a |
}else {
|
|
Packit Service |
5e8d2a |
error(0,
|
|
Packit Service |
5e8d2a |
_("Cannot have multiple commands on a single commandline.\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
};
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
case 'C': {
|
|
Packit Service |
5e8d2a |
if(conf->action==0){
|
|
Packit Service |
5e8d2a |
conf->action=DO_COMPARE;
|
|
Packit Service |
5e8d2a |
}else {
|
|
Packit Service |
5e8d2a |
error(0,
|
|
Packit Service |
5e8d2a |
_("Cannot have multiple commands on a single commandline.\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
};
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
case 'u': {
|
|
Packit Service |
5e8d2a |
if(conf->action==0){
|
|
Packit Service |
5e8d2a |
conf->action=DO_INIT|DO_COMPARE;
|
|
Packit Service |
5e8d2a |
}else {
|
|
Packit Service |
5e8d2a |
error(0,
|
|
Packit Service |
5e8d2a |
_("Cannot have multiple commands on a single commandline.\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
};
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
case 'E': {
|
|
Packit Service |
5e8d2a |
if(conf->action==0){
|
|
Packit Service |
5e8d2a |
conf->action=DO_DIFF;
|
|
Packit Service |
5e8d2a |
}else {
|
|
Packit Service |
5e8d2a |
error(0,
|
|
Packit Service |
5e8d2a |
_("Cannot have multiple commands on a single commandline.\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
};
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
case 'D': {
|
|
Packit Service |
5e8d2a |
conf->config_check=1;
|
|
Packit Service |
5e8d2a |
break;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
default:
|
|
Packit Service |
5e8d2a |
error(0,_("Unknown option given. Exiting\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
if(optind
|
|
Packit Service |
5e8d2a |
error(0,_("Extra parameters given\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
return RETOK;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
static void setdefaults_before_config()
|
|
Packit Service |
5e8d2a |
{
|
|
Packit Service |
5e8d2a |
char* urlstr=INITIALERRORSTO;
|
|
Packit Service |
5e8d2a |
url_t* u=NULL;
|
|
Packit Service |
5e8d2a |
char* s=(char*)malloc(sizeof(char)*MAXHOSTNAMELEN+1);
|
|
Packit Service |
5e8d2a |
DB_ATTR_TYPE X;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
/*
|
|
Packit Service |
5e8d2a |
Set up the hostname
|
|
Packit Service |
5e8d2a |
*/
|
|
Packit Service |
5e8d2a |
conf=(db_config*)malloc(sizeof(db_config));
|
|
Packit Service |
5e8d2a |
conf->defsyms=NULL;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
if (gethostname(s,MAXHOSTNAMELEN)==-1) {
|
|
Packit Service |
5e8d2a |
error(0,_("Couldn't get hostname"));
|
|
Packit Service |
5e8d2a |
free(s);
|
|
Packit Service |
5e8d2a |
} else {
|
|
Packit Service |
c89282 |
// s=(char*)realloc((void*)s,strlen(s)+1);
|
|
Packit Service |
5e8d2a |
do_define("HOSTNAME",s);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
/* Setting some defaults */
|
|
Packit Service |
57cbf7 |
conf->syslog_format=0;
|
|
Packit Service |
5e8d2a |
conf->report_db=0;
|
|
Packit Service |
5e8d2a |
conf->tree=NULL;
|
|
Packit Service |
5e8d2a |
conf->config_check=0;
|
|
Packit Service |
5e8d2a |
conf->verbose_level=-1;
|
|
Packit Service |
5e8d2a |
conf->database_add_metadata=1;
|
|
Packit Service |
5e8d2a |
conf->report_detailed_init=0;
|
|
Packit Service |
5e8d2a |
conf->report_base16=0;
|
|
Packit Service |
5e8d2a |
conf->report_quiet=0;
|
|
Packit Service |
5e8d2a |
conf->use_initial_errorsto=1;
|
|
Packit Service |
5e8d2a |
conf->report_url=NULL;
|
|
Packit Service |
5e8d2a |
conf->report_fd=NULL;
|
|
Packit Service |
5e8d2a |
conf->report_syslog=0;
|
|
Packit Service |
5e8d2a |
conf->report_db=0;
|
|
Packit Service |
5e8d2a |
#ifdef WITH_E2FSATTRS
|
|
Packit Service |
5e8d2a |
conf->report_ignore_e2fsattrs = 0UL;
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
u=parse_url(urlstr);
|
|
Packit Service |
5e8d2a |
error_init(u,1);
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->config_file=CONFIG_FILE;
|
|
Packit Service |
5e8d2a |
conf->config_version=NULL;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
#ifdef WITH_ACL
|
|
Packit Service |
5e8d2a |
conf->no_acl_on_symlinks=0; /* zero means don't do ACLs on symlinks */
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
#ifdef WITH_MHASH
|
|
Packit Service |
5e8d2a |
conf->do_configmd=0;
|
|
Packit Service |
5e8d2a |
conf->confmd=NULL;
|
|
Packit Service |
5e8d2a |
conf->confhmactype=CONFIGHMACTYPE;
|
|
Packit Service |
5e8d2a |
conf->old_confmdstr=NULL;
|
|
Packit Service |
5e8d2a |
conf->dbhmactype=DBHMACTYPE;
|
|
Packit Service |
5e8d2a |
conf->dbnewmd=NULL;
|
|
Packit Service |
5e8d2a |
conf->dboldmd=NULL;
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->do_dbnewmd=0;
|
|
Packit Service |
5e8d2a |
conf->do_dboldmd=0;
|
|
Packit Service |
5e8d2a |
conf->old_dbnewmdstr=NULL;
|
|
Packit Service |
5e8d2a |
conf->old_dboldmdstr=NULL;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->db_out_order=(DB_FIELD*)malloc(sizeof(DB_FIELD)*db_unknown);
|
|
Packit Service |
5e8d2a |
conf->db_out_size=1;
|
|
Packit Service |
5e8d2a |
conf->db_out_order[0]=db_filename;
|
|
Packit Service |
5e8d2a |
conf->symlinks_found=0;
|
|
Packit Service |
5e8d2a |
conf->db_in_size=0;
|
|
Packit Service |
5e8d2a |
conf->db_in_order=NULL;
|
|
Packit Service |
5e8d2a |
conf->db_in_url=NULL;
|
|
Packit Service |
5e8d2a |
conf->db_in=NULL;
|
|
Packit Service |
5e8d2a |
conf->db_new_size=0;
|
|
Packit Service |
5e8d2a |
conf->db_new_order=NULL;
|
|
Packit Service |
5e8d2a |
conf->db_new_url=NULL;
|
|
Packit Service |
5e8d2a |
conf->db_new=NULL;
|
|
Packit Service |
5e8d2a |
conf->db_out_url=NULL;
|
|
Packit Service |
5e8d2a |
conf->db_out=NULL;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->mdc_in=NULL;
|
|
Packit Service |
5e8d2a |
conf->mdc_out=NULL;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->line_db_in=NULL;
|
|
Packit Service |
5e8d2a |
conf->line_db_out=NULL;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->db_attrs = 0;
|
|
Packit Service |
5e8d2a |
#if defined(WITH_MHASH) || defined(WITH_GCRYPT)
|
|
Packit Service |
d27706 |
conf->db_attrs |= get_available_crypto();
|
|
Packit Service |
5e8d2a |
#ifdef WITH_MHASH
|
|
Packit Service |
5e8d2a |
conf->db_attrs |= DB_GOST;
|
|
Packit Service |
5e8d2a |
#ifdef HAVE_MHASH_WHIRLPOOL
|
|
Packit Service |
5e8d2a |
conf->db_attrs |= DB_WHIRLPOOL;
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
#ifdef WITH_ZLIB
|
|
Packit Service |
5e8d2a |
conf->db_gzin=0;
|
|
Packit Service |
5e8d2a |
conf->db_gznew=0;
|
|
Packit Service |
5e8d2a |
conf->gzip_dbout=0;
|
|
Packit Service |
5e8d2a |
conf->db_gzout=0;
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->action=0;
|
|
Packit Service |
5e8d2a |
conf->catch_mmap=0;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->warn_dead_symlinks=0;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->grouped=1;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->summarize_changes=1;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->root_prefix="";
|
|
Packit Service |
5e8d2a |
conf->root_prefix_length=0;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->limit=NULL;
|
|
Packit Service |
5e8d2a |
conf->limit_crx=NULL;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->selrxlst=NULL;
|
|
Packit Service |
5e8d2a |
conf->equrxlst=NULL;
|
|
Packit Service |
5e8d2a |
conf->negrxlst=NULL;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->groupsyms=NULL;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->start_time=time(&(conf->start_time));
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
do_groupdef("ANF",DB_NEWFILE);
|
|
Packit Service |
5e8d2a |
do_groupdef("ARF",DB_RMFILE);
|
|
Packit Service |
5e8d2a |
do_groupdef("p",DB_PERM);
|
|
Packit Service |
5e8d2a |
do_groupdef("i",DB_INODE);
|
|
Packit Service |
5e8d2a |
do_groupdef("I",DB_CHECKINODE);
|
|
Packit Service |
5e8d2a |
do_groupdef("n",DB_LNKCOUNT);
|
|
Packit Service |
5e8d2a |
do_groupdef("u",DB_UID);
|
|
Packit Service |
5e8d2a |
do_groupdef("g",DB_GID);
|
|
Packit Service |
5e8d2a |
do_groupdef("l",DB_LINKNAME);
|
|
Packit Service |
5e8d2a |
do_groupdef("s",DB_SIZE);
|
|
Packit Service |
5e8d2a |
do_groupdef("S",DB_SIZEG);
|
|
Packit Service |
5e8d2a |
do_groupdef("b",DB_BCOUNT);
|
|
Packit Service |
5e8d2a |
do_groupdef("m",DB_MTIME);
|
|
Packit Service |
5e8d2a |
do_groupdef("c",DB_CTIME);
|
|
Packit Service |
5e8d2a |
do_groupdef("a",DB_ATIME);
|
|
Packit Service |
5e8d2a |
#if defined(WITH_MHASH) || defined(WITH_GCRYPT)
|
|
Packit Service |
5e8d2a |
do_groupdef("md5",DB_MD5);
|
|
Packit Service |
5e8d2a |
do_groupdef("tiger",DB_TIGER);
|
|
Packit Service |
5e8d2a |
do_groupdef("haval",DB_HAVAL);
|
|
Packit Service |
5e8d2a |
do_groupdef("crc32",DB_CRC32);
|
|
Packit Service |
5e8d2a |
do_groupdef("sha1",DB_SHA1);
|
|
Packit Service |
5e8d2a |
do_groupdef("rmd160",DB_RMD160);
|
|
Packit Service |
5e8d2a |
do_groupdef("sha256",DB_SHA256);
|
|
Packit Service |
5e8d2a |
do_groupdef("sha512",DB_SHA512);
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
#ifdef WITH_ACL
|
|
Packit Service |
5e8d2a |
do_groupdef("acl",DB_ACL);
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
#ifdef WITH_XATTR
|
|
Packit Service |
5e8d2a |
do_groupdef("xattrs",DB_XATTRS);
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
#ifdef WITH_SELINUX
|
|
Packit Service |
5e8d2a |
do_groupdef("selinux",DB_SELINUX);
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
#ifdef WITH_MHASH
|
|
Packit Service |
5e8d2a |
do_groupdef("gost",DB_GOST);
|
|
Packit Service |
5e8d2a |
#ifdef HAVE_MHASH_WHIRLPOOL
|
|
Packit Service |
5e8d2a |
do_groupdef("whirlpool",DB_WHIRLPOOL);
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
do_groupdef("ftype",DB_FTYPE);
|
|
Packit Service |
5e8d2a |
#ifdef WITH_E2FSATTRS
|
|
Packit Service |
5e8d2a |
do_groupdef("e2fsattrs",DB_E2FSATTRS);
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
X=0LLU;
|
|
Packit Service |
5e8d2a |
#ifdef WITH_ACL
|
|
Packit Service |
5e8d2a |
X|=DB_ACL;
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
#ifdef WITH_SELINUX
|
|
Packit Service |
5e8d2a |
X|=DB_SELINUX;
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
#ifdef WITH_XATTR
|
|
Packit Service |
5e8d2a |
X|=DB_XATTRS;
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
#ifdef WITH_E2FSATTRS
|
|
Packit Service |
5e8d2a |
X|=DB_E2FSATTRS;
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
do_groupdef("R",DB_PERM|DB_FTYPE|DB_INODE|DB_LNKCOUNT|DB_UID|DB_GID|DB_SIZE|
|
|
Packit Service |
5e8d2a |
DB_LINKNAME|DB_MTIME|DB_CTIME
|
|
Packit Service |
5e8d2a |
#if defined(WITH_MHASH) || defined(WITH_GCRYPT)
|
|
Packit Service |
5e8d2a |
|DB_MD5
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
|X);
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
do_groupdef("L",DB_PERM|DB_FTYPE|DB_INODE|DB_LNKCOUNT|DB_UID|DB_GID|DB_LINKNAME|X);
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
do_groupdef(">",DB_PERM|DB_FTYPE|DB_INODE|DB_LNKCOUNT|DB_UID|DB_GID|DB_SIZEG|
|
|
Packit Service |
5e8d2a |
DB_LINKNAME|X);
|
|
Packit Service |
5e8d2a |
do_groupdef("X",X);
|
|
Packit Service |
5e8d2a |
do_groupdef("E",0);
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
static void setdefaults_after_config()
|
|
Packit Service |
5e8d2a |
{
|
|
Packit Service |
5e8d2a |
if(conf->db_in_url==NULL){
|
|
Packit Service |
5e8d2a |
url_t* u=NULL;
|
|
Packit Service |
5e8d2a |
u=(url_t*)malloc(sizeof(url_t));
|
|
Packit Service |
5e8d2a |
u->type=url_file;
|
|
Packit Service |
5e8d2a |
u->value=DEFAULT_DB;
|
|
Packit Service |
5e8d2a |
conf->db_in_url=u;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
if(conf->db_out_url==NULL){
|
|
Packit Service |
5e8d2a |
url_t* u=NULL;
|
|
Packit Service |
5e8d2a |
u=(url_t*)malloc(sizeof(url_t));
|
|
Packit Service |
5e8d2a |
u->type=url_file;
|
|
Packit Service |
5e8d2a |
u->value=DEFAULT_DB_OUT;
|
|
Packit Service |
5e8d2a |
conf->db_out_url=u;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
if(conf->report_url==NULL){
|
|
Packit Service |
5e8d2a |
url_t* u=NULL;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
/* Don't free this one because conf->report_url needs it */
|
|
Packit Service |
5e8d2a |
u=(url_t*)malloc(sizeof(url_t));
|
|
Packit Service |
5e8d2a |
u->type=url_stdout;
|
|
Packit Service |
5e8d2a |
u->value="";
|
|
Packit Service |
5e8d2a |
error_init(u,0);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
if(conf->action==0){
|
|
Packit Service |
5e8d2a |
conf->action=DO_COMPARE;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
if(conf->verbose_level==-1){
|
|
Packit Service |
5e8d2a |
conf->verbose_level=5;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
57cbf7 |
if(conf->syslog_format==1){
|
|
Packit Service |
57cbf7 |
conf->verbose_level=0;
|
|
Packit Service |
57cbf7 |
}
|
|
Packit Service |
57cbf7 |
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
int main(int argc,char**argv)
|
|
Packit Service |
5e8d2a |
{
|
|
Packit Service |
5e8d2a |
int errorno=0;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
#ifdef USE_LOCALE
|
|
Packit Service |
5e8d2a |
setlocale(LC_ALL,"");
|
|
Packit Service |
5e8d2a |
bindtextdomain(PACKAGE,LOCALEDIR);
|
|
Packit Service |
5e8d2a |
textdomain(PACKAGE);
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
umask(0177);
|
|
Packit Service |
5e8d2a |
init_sighandler();
|
|
Packit Service |
5e8d2a |
setdefaults_before_config();
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
8ed9d9 |
#if WITH_GCRYPT
|
|
Packit Service |
8ed9d9 |
error(255,"Gcrypt library initialization\n");
|
|
Packit Service |
8ed9d9 |
/*
|
|
Packit Service |
8ed9d9 |
* Initialize libgcrypt as per
|
|
Packit Service |
8ed9d9 |
* http://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html
|
|
Packit Service |
8ed9d9 |
*
|
|
Packit Service |
8ed9d9 |
*
|
|
Packit Service |
8ed9d9 |
*/
|
|
Packit Service |
8ed9d9 |
gcry_control(GCRYCTL_SET_ENFORCED_FIPS_FLAG, 0);
|
|
Packit Service |
8ed9d9 |
gcry_control(GCRYCTL_INIT_SECMEM, 1);
|
|
Packit Service |
8ed9d9 |
|
|
Packit Service |
8ed9d9 |
if(!gcry_check_version(GCRYPT_VERSION)) {
|
|
Packit Service |
8ed9d9 |
error(0,"libgcrypt version mismatch\n");
|
|
Packit Service |
8ed9d9 |
exit(VERSION_MISMATCH_ERROR);
|
|
Packit Service |
8ed9d9 |
}
|
|
Packit Service |
8ed9d9 |
|
|
Packit Service |
8ed9d9 |
gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
|
|
Packit Service |
8ed9d9 |
#endif /* WITH_GCRYPT */
|
|
Packit Service |
8ed9d9 |
|
|
Packit Service |
8ed9d9 |
|
|
Packit Service |
5e8d2a |
if(read_param(argc,argv)==RETFAIL){
|
|
Packit Service |
5e8d2a |
error(0, _("Invalid argument\n") );
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
errorno=commandconf('C',conf->config_file);
|
|
Packit Service |
c89282 |
if (errorno==RETFAIL){
|
|
Packit Service |
c89282 |
error(0,_("Configuration error\n"));
|
|
Packit Service |
c89282 |
exit(INVALID_CONFIGURELINE_ERROR);
|
|
Packit Service |
c89282 |
}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
errorno=commandconf('D',"");
|
|
Packit Service |
5e8d2a |
if (errorno==RETFAIL){
|
|
Packit Service |
5e8d2a |
error(0,_("Configuration error\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_CONFIGURELINE_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
setdefaults_after_config();
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
/*
|
|
Packit Service |
5e8d2a |
This won't actualy work, because conf->tree is not constructed.
|
|
Packit Service |
5e8d2a |
Now we construct it. And we have THE tree.
|
|
Packit Service |
5e8d2a |
*/
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
conf->tree=gen_tree(conf->selrxlst,conf->negrxlst,conf->equrxlst);
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
/* Let's do some sanity checks for the config */
|
|
Packit Service |
5e8d2a |
if(cmpurl(conf->db_in_url,conf->db_out_url)==RETOK){
|
|
Packit Service |
5e8d2a |
error(4,_("WARNING:Input and output database urls are the same.\n"));
|
|
Packit Service |
5e8d2a |
if((conf->action&DO_INIT)&&(conf->action&DO_COMPARE)){
|
|
Packit Service |
5e8d2a |
error(0,_("Input and output database urls cannot be the same "
|
|
Packit Service |
5e8d2a |
"when doing database update\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
if(conf->action&DO_DIFF){
|
|
Packit Service |
5e8d2a |
error(0,_("Both input databases cannot be the same "
|
|
Packit Service |
5e8d2a |
"when doing database compare\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
};
|
|
Packit Service |
5e8d2a |
if((conf->action&DO_DIFF)&&(!(conf->db_new_url)||!(conf->db_in_url))){
|
|
Packit Service |
5e8d2a |
error(0,_("Must have both input databases defined for "
|
|
Packit Service |
5e8d2a |
"database compare.\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
if (conf->action&(DO_INIT|DO_COMPARE) && conf->root_prefix_length > 0) {
|
|
Packit Service |
5e8d2a |
DIR *dir;
|
|
Packit Service |
5e8d2a |
if((dir = opendir(conf->root_prefix)) != NULL) {
|
|
Packit Service |
5e8d2a |
closedir(dir);
|
|
Packit Service |
5e8d2a |
} else {
|
|
Packit Service |
5e8d2a |
char* er=strerror(errno);
|
|
Packit Service |
5e8d2a |
if (er!=NULL) {
|
|
Packit Service |
5e8d2a |
error(0,"opendir() for root prefix %s failed: %s\n", conf->root_prefix,er);
|
|
Packit Service |
5e8d2a |
} else {
|
|
Packit Service |
5e8d2a |
error(0,"opendir() for root prefix %s failed: %i\n", conf->root_prefix,errno);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
#ifdef WITH_MHASH
|
|
Packit Service |
c89282 |
byte* dig=NULL;
|
|
Packit Service |
c89282 |
char* digstr=NULL;
|
|
Packit Service |
c89282 |
|
|
Packit Service |
5e8d2a |
if(conf->config_check&&FORCECONFIGMD){
|
|
Packit Service |
5e8d2a |
error(0,"Can't give config checksum when compiled with --enable-forced_configmd\n");
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
if((conf->do_configmd||conf->config_check)&& conf->confmd!=0){
|
|
Packit Service |
5e8d2a |
/* The patch automatically adds a newline so will also have to add it. */
|
|
Packit Service |
5e8d2a |
if(newlinelastinconfig==0){
|
|
Packit Service |
5e8d2a |
mhash(conf->confmd,"\n",1);
|
|
Packit Service |
5e8d2a |
};
|
|
Packit Service |
5e8d2a |
mhash(conf->confmd, NULL,0);
|
|
Packit Service |
5e8d2a |
dig=(byte*)malloc(sizeof(byte)*mhash_get_block_size(conf->confhmactype));
|
|
Packit Service |
5e8d2a |
mhash_deinit(conf->confmd,(void*)dig);
|
|
Packit Service |
5e8d2a |
digstr=encode_base64(dig,mhash_get_block_size(conf->confhmactype));
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
if(!conf->config_check||FORCECONFIGMD){
|
|
Packit Service |
5e8d2a |
if(strncmp(digstr,conf->old_confmdstr,strlen(digstr))!=0){
|
|
Packit Service |
5e8d2a |
/* FIXME Don't use error and add configurability */
|
|
Packit Service |
5e8d2a |
error(0,_("Config checksum mismatch\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
} else {
|
|
Packit Service |
5e8d2a |
if(FORCECONFIGMD){
|
|
Packit Service |
5e8d2a |
error(0,_("Config checksum not found. Exiting..\n"));
|
|
Packit Service |
5e8d2a |
exit(INVALID_ARGUMENT_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
conf->use_initial_errorsto=0;
|
|
Packit Service |
5e8d2a |
if (!conf->config_check) {
|
|
Packit Service |
5e8d2a |
if(conf->action&DO_INIT){
|
|
Packit Service |
5e8d2a |
if(db_init(DB_WRITE)==RETFAIL) {
|
|
Packit Service |
5e8d2a |
exit(IO_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
/* FIXME db_out_order info should be taken from tree/config */
|
|
Packit Service |
5e8d2a |
/* update_db_out_order(-1); OOPS. It was allready done by append_rxlist
|
|
Packit Service |
5e8d2a |
:) */
|
|
Packit Service |
5e8d2a |
if(db_writespec(conf)==RETFAIL){
|
|
Packit Service |
5e8d2a |
error(0,_("Error while writing database. Exiting..\n"));
|
|
Packit Service |
5e8d2a |
exit(IO_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
if((conf->action&DO_INIT)||(conf->action&DO_COMPARE)){
|
|
Packit Service |
5e8d2a |
if(db_init(DB_DISK)==RETFAIL)
|
|
Packit Service |
5e8d2a |
exit(IO_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
if((conf->action&DO_COMPARE)||(conf->action&DO_DIFF)){
|
|
Packit Service |
5e8d2a |
if(db_init(DB_OLD)==RETFAIL)
|
|
Packit Service |
5e8d2a |
exit(IO_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
if(conf->action&DO_DIFF){
|
|
Packit Service |
5e8d2a |
if(db_init(DB_NEW)==RETFAIL)
|
|
Packit Service |
5e8d2a |
exit(IO_ERROR);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
populate_tree(conf->tree);
|
|
Packit Service |
5e8d2a |
db_close();
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
exit(gen_report(conf->tree));
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
}else {
|
|
Packit Service |
5e8d2a |
#ifdef WITH_MHASH
|
|
Packit Service |
5e8d2a |
if(conf->confmd){
|
|
Packit Service |
5e8d2a |
error(0,"Config checked. Use the following to patch your config file.\n");
|
|
Packit Service |
5e8d2a |
error(0,"0a1\n");
|
|
Packit Service |
5e8d2a |
if(newlinelastinconfig==1){
|
|
Packit Service |
5e8d2a |
error(0,"> @@begin_config %s\n%lia%li\n> @@end_config\n",digstr,conf_lineno-1,conf_lineno+1);
|
|
Packit Service |
5e8d2a |
}else {
|
|
Packit Service |
5e8d2a |
error(0,"> @@begin_config %s\n%lia%li\n> @@end_config\n",digstr,conf_lineno,conf_lineno+2);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
free(dig);
|
|
Packit Service |
5e8d2a |
free(digstr);
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
#endif
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
8ed9d9 |
#ifdef WITH_GCRYPT
|
|
Packit Service |
8ed9d9 |
gcry_control(GCRYCTL_TERM_SECMEM, 0);
|
|
Packit Service |
8ed9d9 |
#endif /* WITH_GCRYPT */
|
|
Packit Service |
5e8d2a |
return RETOK;
|
|
Packit Service |
5e8d2a |
}
|
|
Packit Service |
5e8d2a |
const char* aide_key_3=CONFHMACKEY_03;
|
|
Packit Service |
5e8d2a |
const char* db_key_3=DBHMACKEY_03;
|
|
Packit Service |
5e8d2a |
|
|
Packit Service |
5e8d2a |
// vi: ts=8 sw=8
|