source-git / aide

Clone
Source Code
GIT

Blame src/be.c

c8 c8s master
  1.   5e8d2a71b5a56a29dd192172b0b661f83a859336
  2.   src
  3.   be.c
Blob History Raw
Packit Service 5e8d2a 
/* aide, Advanced Intrusion Detection Environment
Packit Service 5e8d2a 
 *
Packit Service 5e8d2a 
 * Copyright (C) 1999-2003,2005,2006,2010,2011,2013 Rami Lehti, Pablo
Packit Service 5e8d2a 
 * Virolainen, Richard van den Berg, Hannes von Haugwitz
Packit Service 5e8d2a 
 * $Header$
Packit Service 5e8d2a 
 *
Packit Service 5e8d2a 
 * This program is free software; you can redistribute it and/or
Packit Service 5e8d2a 
 * modify it under the terms of the GNU General Public License as
Packit Service 5e8d2a 
 * published by the Free Software Foundation; either version 2 of the
Packit Service 5e8d2a 
 * License, or (at your option) any later version.
Packit Service 5e8d2a 
 *
Packit Service 5e8d2a 
 * This program is distributed in the hope that it will be useful, but
Packit Service 5e8d2a 
 * WITHOUT ANY WARRANTY; without even the implied warranty of
Packit Service 5e8d2a 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Packit Service 5e8d2a 
 * General Public License for more details.
Packit Service 5e8d2a 
 *
Packit Service 5e8d2a 
 * You should have received a copy of the GNU General Public License
Packit Service 5e8d2a 
 * along with this program; if not, write to the Free Software
Packit Service 5e8d2a 
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
Packit Service 5e8d2a 
 */
Packit Service 5e8d2a
Packit Service 5e8d2a 
#include "aide.h"
Packit Service 5e8d2a 
#include <string.h>
Packit Service 5e8d2a 
#include <stdio.h>
Packit Service 5e8d2a 
#include <stdlib.h>
Packit Service 5e8d2a 
#include <stdarg.h>
Packit Service 5e8d2a 
#include <unistd.h>
Packit Service 5e8d2a 
#include <errno.h>
Packit Service 5e8d2a 
#include "db_config.h"
Packit Service 5e8d2a 
#include "db_file.h"
Packit Service 5e8d2a 
#include "report.h"
Packit Service 5e8d2a 
#include "util.h"
Packit Service 5e8d2a 
#ifdef WITH_CURL
Packit Service 5e8d2a 
#include "fopen.h"
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
#include "be.h"
Packit Service 5e8d2a
Packit Service 5e8d2a 
#ifdef WITH_PSQL
Packit Service 5e8d2a 
#include "libpq-fe.h"
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
/*for locale support*/
Packit Service 5e8d2a 
#include "locale-aide.h"
Packit Service 5e8d2a 
/*for locale support*/
Packit Service 5e8d2a
Packit Service 5e8d2a 
#ifdef WITH_PSQL
Packit Service 5e8d2a 
static int be_sql_readinit(psql_data* ret) {
Packit Service 5e8d2a 
  /* Yes.. we don't want to know about two first result..
Packit Service 5e8d2a 
     and we want no memoryleaking.
Packit Service 5e8d2a 
  */
Packit Service 5e8d2a 
  int i,j,nFields;
Packit Service 5e8d2a 
  char* s;
Packit Service 5e8d2a 
  char declare []="DECLARE aidecursor CURSOR FOR select * from ";
Packit Service 5e8d2a
Packit Service 5e8d2a 
  s = (char*)malloc(strlen(declare)+strlen(ret->table)+1);
Packit Service 5e8d2a 
  s[0]=0;
Packit Service 5e8d2a 
  s=strcat(s,declare);
Packit Service 5e8d2a 
  s=strcat(s,ret->table);
Packit Service 5e8d2a
Packit Service 5e8d2a 
  ret->res=PQexec(ret->conn,s);
Packit Service 5e8d2a
Packit Service 5e8d2a 
  if (!ret->res || PQresultStatus(ret->res) != PGRES_COMMAND_OK) {
Packit Service 5e8d2a
Packit Service 5e8d2a 
    if (ret->res!=NULL) {
Packit Service 5e8d2a 
      error(255,"Psql error: %s\n",PQresStatus(PQresultStatus(ret->res)));
Packit Service 5e8d2a 
      PQclear(ret->res);
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
    return RETFAIL;
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a 
  PQclear(ret->res);
Packit Service 5e8d2a
Packit Service 5e8d2a 
  ret -> res = PQexec(ret->conn, "FETCH ALL in aidecursor");
Packit Service 5e8d2a
Packit Service 5e8d2a 
  if (!ret->res || PQresultStatus(ret->res) != PGRES_TUPLES_OK)
Packit Service 5e8d2a 
    {
Packit Service 5e8d2a 
      error(0, "FETCH ALL command didn't return tuples properly\n");
Packit Service 5e8d2a 
      PQclear(ret->res);
Packit Service 5e8d2a 
      abort();
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a
Packit Service 5e8d2a
Packit Service 5e8d2a 
  /* first, print out the attribute names */
Packit Service 5e8d2a 
  nFields = PQnfields(ret->res);
Packit Service 5e8d2a 
  for (i = 0; i < nFields; i++)
Packit Service 5e8d2a 
    error(255,"%-15s", PQfname(ret->res, i));
Packit Service 5e8d2a 
  error(255,"\n\n");
Packit Service 5e8d2a
Packit Service 5e8d2a
Packit Service 5e8d2a 
  for(i=0;i
Packit Service 5e8d2a 
    ret->des[i]=PQfnumber(ret->res,db_names[i]);
Packit Service 5e8d2a 
    if (ret->des[i]!=-1) {
Packit Service 5e8d2a 
      error(255,"Field %i,%s \n",ret->des[i],db_names[i]);
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a
Packit Service 5e8d2a 
  ret->curread=0;
Packit Service 5e8d2a 
  ret->maxread=PQntuples(ret->res);
Packit Service 5e8d2a 
  /* And now we know how many fields we have.. */
Packit Service 5e8d2a
Packit Service 5e8d2a 
  error(0,"%i tuples\n",ret->maxread);
Packit Service 5e8d2a
Packit Service 5e8d2a 
  return RETOK;
Packit Service 5e8d2a
Packit Service 5e8d2a 
}
Packit Service 5e8d2a
Packit Service 5e8d2a 
static char* get_first_value(char** in){
Packit Service 5e8d2a 
  int i=0;
Packit Service 5e8d2a 
  char* ret = (*in);
Packit Service 5e8d2a 
  while((*in)[i]!=':' && (*in)[i]!='\0') {
Packit Service 5e8d2a 
    i++;
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a 
  if ((*in)[i]!='\0') { /* Lets not go beond the sting.. */
Packit Service 5e8d2a 
    (*in)[i]='\0';
Packit Service 5e8d2a 
    (*in)+=i+1;
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a 
  return ret;
Packit Service 5e8d2a 
}
Packit Service 5e8d2a
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a
Packit Service 5e8d2a 
FILE* be_init(int inout,url_t* u,int iszipped)
Packit Service 5e8d2a 
{
Packit Service 5e8d2a 
  FILE* fh=NULL;
Packit Service 5e8d2a 
  long a=0;
Packit Service 5e8d2a 
  char* err=NULL;
Packit Service 5e8d2a 
  int fd;
Packit Service 5e8d2a 
#if HAVE_FCNTL && HAVE_FTRUNCATE
Packit Service 5e8d2a 
  struct flock fl;
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a
Packit Service 5e8d2a 
  if (u==NULL) {
Packit Service 5e8d2a 
    return NULL;
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a
Packit Service 5e8d2a 
  switch (u->type) {
Packit Service 5e8d2a 
  case url_file : {
Packit Service 5e8d2a 
    u->value = expand_tilde(u->value);
Packit Service 5e8d2a 
    error(200,_("Opening file \"%s\" for %s\n"),u->value,inout?"r":"w+");
Packit Service 5e8d2a 
#if HAVE_FCNTL && HAVE_FTRUNCATE
Packit Service 5e8d2a 
    fd=open(u->value,inout?O_RDONLY:O_CREAT|O_RDWR,0666);
Packit Service 5e8d2a 
#else
Packit Service 5e8d2a 
    fd=open(u->value,inout?O_RDONLY:O_CREAT|O_RDWR|O_TRUNC,0666);
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
    error(255,"Opened file \"%s\" with fd=%i\n",u->value,fd);
Packit Service 5e8d2a 
    if(fd==-1) {
Packit Service 5e8d2a 
      error(0,_("Couldn't open file %s for %s"),u->value,
Packit Service 5e8d2a 
	    inout?"reading\n":"writing\n");
Packit Service 5e8d2a 
      return NULL;
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
#if HAVE_FCNTL && HAVE_FTRUNCATE
Packit Service 5e8d2a 
    if(!inout) {
Packit Service 5e8d2a 
      fl.l_type = F_WRLCK;
Packit Service 5e8d2a 
      fl.l_whence = SEEK_SET;
Packit Service 5e8d2a 
      fl.l_start = 0;
Packit Service 5e8d2a 
      fl.l_len = 0;
Packit Service 5e8d2a 
      if (fcntl(fd, F_SETLK, &fl) == -1) {
Packit Service 5e8d2a 
	if (fcntl(fd, F_SETLK, &fl) == -1)
Packit Service 5e8d2a 
	  error(0,_("File %s is locked by another process.\n"),u->value);
Packit Service 5e8d2a 
	else
Packit Service 5e8d2a 
	  error(0,_("Cannot get lock for file %s"),u->value);
Packit Service 5e8d2a 
	return NULL;
Packit Service 5e8d2a 
      }
Packit Service 5e8d2a 
      if(ftruncate(fd,0)==-1)
Packit Service 5e8d2a 
	error(0,_("Error truncating file %s"),u->value);
Packit Service 5e8d2a
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
#ifdef WITH_ZLIB
Packit Service 5e8d2a 
    if(iszipped && !inout){
Packit Service 5e8d2a 
      fh=gzdopen(fd,"wb9");
Packit Service 5e8d2a 
      if(fh==NULL){
Packit Service 5e8d2a 
	error(0,_("Couldn't open file %s for %s"),u->value,
Packit Service 5e8d2a 
	      inout?"reading\n":"writing\n");
Packit Service 5e8d2a 
      }
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
    else{
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
      fh=fdopen(fd,inout?"r":"w+");
Packit Service 5e8d2a 
      if(fh==NULL){
Packit Service 5e8d2a 
	error(0,_("Couldn't open file %s for %s"),u->value,
Packit Service 5e8d2a 
	      inout?"reading\n":"writing\n");
Packit Service 5e8d2a 
      }
Packit Service 5e8d2a 
#ifdef WITH_ZLIB
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
    return fh;
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
  case url_stdout : {
Packit Service 5e8d2a 
#ifdef WITH_ZLIB
Packit Service 5e8d2a 
    if(iszipped){
Packit Service 5e8d2a 
      return gzdopen(fileno(stdout),"wb");
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
    else{
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
    return stdout;
Packit Service 5e8d2a 
#ifdef WITH_ZLIB
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a 
  case url_stdin : {
Packit Service 5e8d2a 
#ifdef WITH_ZLIB
Packit Service 5e8d2a 
    if(iszipped){
Packit Service 5e8d2a 
      return gzdopen(fileno(stdin),"r");
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
    else{
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
      return stdin;
Packit Service 5e8d2a 
#ifdef WITH_ZLIB
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a 
  case url_stderr : {
Packit Service 5e8d2a 
#ifdef WITH_ZLIB
Packit Service 5e8d2a 
    if(iszipped){
Packit Service 5e8d2a 
      return gzdopen(fileno(stderr),"wb");
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
    else{
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
      return stderr;
Packit Service 5e8d2a 
#ifdef WITH_ZLIB
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a 
  case url_fd : {
Packit Service 5e8d2a 
    a=strtol(u->value,&err,10);
Packit Service 5e8d2a 
    if(*err!='\0'||errno==ERANGE){
Packit Service 5e8d2a 
      error(0,"Illegal file descriptor value:%s\n",u->value);
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
#ifdef WITH_ZLIB
Packit Service 5e8d2a 
    if(iszipped && !inout){
Packit Service 5e8d2a 
      fh=gzdopen(a,"w");
Packit Service 5e8d2a 
      if(fh==NULL){
Packit Service 5e8d2a 
	error(0,"Couldn't reopen file descriptor %li\n",a);
Packit Service 5e8d2a 
      }
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
    else{
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
      fh=fdopen(a,inout?"r":"w");
Packit Service 5e8d2a 
      if(fh==NULL){
Packit Service 5e8d2a 
	error(0,"Couldn't reopen file descriptor %li\n",a);
Packit Service 5e8d2a 
      }
Packit Service 5e8d2a 
#ifdef WITH_ZLIB
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
    return fh;
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a 
#ifdef WITH_PSQL
Packit Service 5e8d2a 
  case url_sql : {
Packit Service 5e8d2a 
    char *pghost, *pgport, *pgoptions, *pgtty, *dbName, *login, *pwd;
Packit Service 5e8d2a 
    char *tmp,*tmp2;
Packit Service 5e8d2a
Packit Service 5e8d2a 
    psql_data* ret = (psql_data*) malloc(sizeof(psql_data)*1);
Packit Service 5e8d2a
Packit Service 5e8d2a 
    if (ret==NULL) {
Packit Service 5e8d2a 
      error(0,"Not enough memory for postgres sql connection\n");
Packit Service 5e8d2a 
      return ret;
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a
Packit Service 5e8d2a 
    tmp=strdup(u->value);
Packit Service 5e8d2a 
    tmp2=tmp;
Packit Service 5e8d2a
Packit Service 5e8d2a 
    pgtty=NULL;pgoptions=NULL;
Packit Service 5e8d2a
Packit Service 5e8d2a 
    if ((pghost=get_first_value(&tmp)) == NULL) {
Packit Service 5e8d2a 
      error(0,"Must define host for Postgres sql connection\n");
Packit Service 5e8d2a 
      free(tmp2);
Packit Service 5e8d2a 
      return NULL;
Packit Service 5e8d2a 
    } else {
Packit Service 5e8d2a 
      error(100,"Psql host is %s\n",pghost);
Packit Service 5e8d2a 
      if ((pgport=get_first_value(&tmp)) == NULL) {
Packit Service 5e8d2a 
	error(0,"Must define port for Postgres sql connection\n");
Packit Service 5e8d2a 
	free(tmp2);
Packit Service 5e8d2a 
	return NULL;
Packit Service 5e8d2a 
      } else {
Packit Service 5e8d2a 
	error(100,"Psql port is %s\n",pgport);
Packit Service 5e8d2a 
	if ((dbName=get_first_value(&tmp)) == NULL) {
Packit Service 5e8d2a 
	  error(0,"Must define name for database for Postgres sql connection\n");
Packit Service 5e8d2a 
	  free(tmp2);
Packit Service 5e8d2a 
	  return NULL;
Packit Service 5e8d2a 
	} else {
Packit Service 5e8d2a 
	  error(100,"Psql db is %s\n",dbName);
Packit Service 5e8d2a 
	  if ((login=get_first_value(&tmp)) == NULL) {
Packit Service 5e8d2a 
	    error(0,"Must define login for Postgres sql connection\n");
Packit Service 5e8d2a 
	    free(tmp2);
Packit Service 5e8d2a 
	    return NULL;
Packit Service 5e8d2a 
	  } else {
Packit Service 5e8d2a 
	    error(100,"Psql login is %s\n",login);
Packit Service 5e8d2a 
	    if ((pwd=get_first_value(&tmp)) == NULL) {
Packit Service 5e8d2a 
	      error(0,"Must define password for database for Postgres sql connection\n");
Packit Service 5e8d2a 
	      free(tmp2);
Packit Service 5e8d2a 
	      return NULL;
Packit Service 5e8d2a 
	    } else {
Packit Service 5e8d2a 
	      error(100,"Psql passwd is %s\n",pwd);
Packit Service 5e8d2a 
	      if ((ret->table=get_first_value(&tmp))==NULL) {
Packit Service 5e8d2a 
		error(0,"Must define table for sql..\n");
Packit Service 5e8d2a 
		free(tmp2);
Packit Service 5e8d2a 
		return NULL;
Packit Service 5e8d2a 
	      } else {
Packit Service 5e8d2a 
		if (ret->table[0]=='\0') {
Packit Service 5e8d2a 
		  error(0,"Must define table for sql..\n");
Packit Service 5e8d2a 
		  free(tmp2);
Packit Service 5e8d2a 
		  return NULL;
Packit Service 5e8d2a 
		} else {
Packit Service 5e8d2a 
		  /* everything went ok.. */
Packit Service 5e8d2a 
		}
Packit Service 5e8d2a 
	      }
Packit Service 5e8d2a 
	    }
Packit Service 5e8d2a 
	  }
Packit Service 5e8d2a 
	}
Packit Service 5e8d2a 
      }
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a
Packit Service 5e8d2a 
    if (login[0] == '\0' ) {
Packit Service 5e8d2a 
      login = NULL;
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
    if (pwd[0] == '\0' ) {
Packit Service 5e8d2a 
      pwd = NULL;
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a
Packit Service 5e8d2a 
    ret->conn = PQsetdbLogin(pghost,pgport,pgoptions,pgtty,dbName,login,pwd);
Packit Service 5e8d2a 
    if (PQstatus(ret->conn) == CONNECTION_BAD){
Packit Service 5e8d2a 
      error(0,"Postgres sql error during connection\n");
Packit Service 5e8d2a 
      free(tmp2);
Packit Service 5e8d2a 
      return NULL;
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
    /* Otherwise we would become to situation that name of table would
Packit Service 5e8d2a 
       be freeed
Packit Service 5e8d2a 
    */
Packit Service 5e8d2a 
    ret->table = strdup(ret->table);
Packit Service 5e8d2a
Packit Service 5e8d2a 
    /* And now we have made a connection to database..
Packit Service 5e8d2a 
       Next thing we do is to begin a new transaction block */
Packit Service 5e8d2a
Packit Service 5e8d2a 
    ret->res = PQexec(ret->conn, "BEGIN");
Packit Service 5e8d2a
Packit Service 5e8d2a 
    if (!ret->res || PQresultStatus(ret->res) != PGRES_COMMAND_OK) {
Packit Service 5e8d2a 
      error(0,"BEGIN command failed... \n");
Packit Service 5e8d2a 
      PQclear(ret->res);
Packit Service 5e8d2a 
      free(ret);
Packit Service 5e8d2a 
      ret=NULL;
Packit Service 5e8d2a 
    } else {
Packit Service 5e8d2a 
      PQclear(ret->res);
Packit Service 5e8d2a 
      if ((inout?be_sql_readinit(ret):RETOK)!=RETOK) {
Packit Service 5e8d2a 
	error(255,"Something went wrong with sql backend init.\n");
Packit Service 5e8d2a 
	return NULL;
Packit Service 5e8d2a 
      }
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
    free(tmp2);
Packit Service 5e8d2a 
    return ret;
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
#ifdef WITH_CURL
Packit Service 5e8d2a 
  case url_http:
Packit Service 5e8d2a 
  case url_https:
Packit Service 5e8d2a 
  case url_ftp:
Packit Service 5e8d2a 
    {
Packit Service 5e8d2a 
      error(200,_("Opening curl \"%s\" for %s\n"),u->value,inout?"r":"w+");
Packit Service 5e8d2a 
      if (iszipped) {
Packit Service 5e8d2a 
	return NULL;
Packit Service 5e8d2a 
      }
Packit Service 5e8d2a 
      return url_fopen(u->value,inout?"r":"w+");
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
#endif /* WITH CURL */
Packit Service 5e8d2a 
  default:{
Packit Service 5e8d2a 
    error(0,"Unsupported backend: %i", u->type);
Packit Service 5e8d2a 
    return NULL;
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a 
  /* Not reached */
Packit Service 5e8d2a 
  return NULL;
Packit Service 5e8d2a
Packit Service 5e8d2a 
}
Packit Service 5e8d2a
Packit Service 5e8d2a 
const char* aide_key_8=CONFHMACKEY_08;
Packit Service 5e8d2a 
const char* db_key_8=DBHMACKEY_08;

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation