source-git / aide

Clone
Source Code
GIT

Blame src/error.c

c8 c8s master
  1.   57cbf72f701a331f17c954848d94d6b6ccc8d984
  2.   src
  3.   error.c
Blob History Raw
Packit Service 5e8d2a 
/* aide, Advanced Intrusion Detection Environment
Packit Service 5e8d2a 
 *
Packit Service 5e8d2a 
 * Copyright (C) 1999-2006 Rami Lehti, Pablo Virolainen, Mike
Packit Service 5e8d2a 
 * Markley, Richard van den Berg
Packit Service 5e8d2a 
 * $Header$
Packit Service 5e8d2a 
 *
Packit Service 5e8d2a 
 * This program is free software; you can redistribute it and/or
Packit Service 5e8d2a 
 * modify it under the terms of the GNU General Public License as
Packit Service 5e8d2a 
 * published by the Free Software Foundation; either version 2 of the
Packit Service 5e8d2a 
 * License, or (at your option) any later version.
Packit Service 5e8d2a 
 *
Packit Service 5e8d2a 
 * This program is distributed in the hope that it will be useful, but
Packit Service 5e8d2a 
 * WITHOUT ANY WARRANTY; without even the implied warranty of
Packit Service 5e8d2a 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Packit Service 5e8d2a 
 * General Public License for more details.
Packit Service 5e8d2a 
 *
Packit Service 5e8d2a 
 * You should have received a copy of the GNU General Public License
Packit Service 5e8d2a 
 * along with this program; if not, write to the Free Software
Packit Service 5e8d2a 
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
Packit Service 5e8d2a 
 */
Packit Service 5e8d2a
Packit Service 5e8d2a 
#include "aide.h"
Packit Service 5e8d2a
Packit Service 5e8d2a 
#include <string.h>
Packit Service 5e8d2a 
#include <stdio.h>
Packit Service 5e8d2a 
#include <stdlib.h>
Packit Service 5e8d2a 
#include <stdarg.h>
Packit Service 5e8d2a
Packit Service 5e8d2a 
#ifdef HAVE_SYSLOG
Packit Service 5e8d2a 
#include <syslog.h>
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a
Packit Service 5e8d2a 
#include "report.h"
Packit Service 5e8d2a 
#include "list.h"
Packit Service 5e8d2a 
#include "be.h"
Packit Service 5e8d2a 
/*for locale support*/
Packit Service 5e8d2a 
#include "locale-aide.h"
Packit Service 5e8d2a 
/*for locale support*/
Packit Service 5e8d2a 
#include "util.h"
Packit Service 5e8d2a
Packit Service 57cbf7 
#define MAX_BUFFER_SIZE 1024
Packit Service 57cbf7 
static char syslog_buffer[MAX_BUFFER_SIZE+1];
Packit Service 57cbf7
Packit Service 5e8d2a 
int cmp_url(url_t* url1,url_t* url2){
Packit Service 5e8d2a
Packit Service 5e8d2a 
  return ((url1->type==url2->type)&&(strcmp(url1->value,url2->value)==0));
Packit Service 5e8d2a
Packit Service 5e8d2a 
}
Packit Service 5e8d2a
Packit Service 5e8d2a 
int error_init(url_t* url,int initial)
Packit Service 5e8d2a 
{
Packit Service 5e8d2a 
  list* r=NULL;
Packit Service 5e8d2a 
  FILE* fh=NULL;
Packit Service 57cbf7 
  int   sfac;
Packit Service 57cbf7
Packit Service 57cbf7 
  memset(syslog_buffer, 0, MAX_BUFFER_SIZE+1);
Packit Service 5e8d2a
Packit Service 5e8d2a 
  if (url->type==url_database) {
Packit Service 5e8d2a 
    conf->report_db++;
Packit Service 5e8d2a 
    return RETOK;
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a
Packit Service 5e8d2a 
  if(initial==1){
Packit Service 5e8d2a 
    if (url->type==url_syslog) {
Packit Service 5e8d2a 
      conf->report_syslog++;
Packit Service 5e8d2a 
#ifdef HAVE_SYSLOG
Packit Service 5e8d2a 
      conf->initial_report_url=url;
Packit Service 5e8d2a 
      conf->initial_report_fd=NULL;
Packit Service 5e8d2a 
      sfac=syslog_facility_lookup(url->value);
Packit Service 5e8d2a 
      openlog(AIDE_IDENT,AIDE_LOGOPT, sfac);
Packit Service 5e8d2a
Packit Service 5e8d2a 
      return RETOK;
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
#ifndef HAVE_SYSLOG
Packit Service 5e8d2a 
      error(0,_("This binary has no syslog support\n"));
Packit Service 5e8d2a 
      exit(INVALID_ARGUMENT_ERROR);
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
    fh=be_init(0,url,0);
Packit Service 5e8d2a 
    if(fh!=NULL){
Packit Service 5e8d2a 
      conf->initial_report_fd=fh;
Packit Service 5e8d2a 
      conf->initial_report_url=url;
Packit Service 5e8d2a 
      return RETOK;
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
    error(0,_("Cannot open %s for writing\n"),url->value);
Packit Service 5e8d2a 
    exit(INVALID_ARGUMENT_ERROR);
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a
Packit Service 5e8d2a 
  if(conf->verbose_level>=200){
Packit Service 5e8d2a 
    error(5,_("WARNING: Debug output enabled\n"));
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a
Packit Service 5e8d2a 
  for(r=conf->report_url;r;r=r->next){
Packit Service 5e8d2a
Packit Service 5e8d2a 
    if (cmp_url((url_t*)r->data,url)) {
Packit Service 5e8d2a
Packit Service 5e8d2a 
      error(5,_("WARNING: Already have report output %s\n"),url->value);
Packit Service 5e8d2a 
      return RETOK;
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a
Packit Service 5e8d2a
Packit Service 5e8d2a 
  if (url->type==url_syslog) {
Packit Service 5e8d2a 
    conf->report_syslog++;
Packit Service 5e8d2a 
#ifdef HAVE_SYSLOG
Packit Service 5e8d2a 
    /* If you add support for facility changing in config
Packit Service 5e8d2a 
       consider multiple calls of openlog.
Packit Service 5e8d2a 
       This openlog MUST NOT mess up initial errorsto openlog.
Packit Service 5e8d2a 
       RvdB 22/1/2006: the 2 openlog calls where the same before my
Packit Service 5e8d2a 
       change, and they are still the same, I assume I did not brake anything
Packit Service 5e8d2a 
    */
Packit Service 5e8d2a 
    sfac=syslog_facility_lookup(url->value);
Packit Service 5e8d2a 
    if(conf->report_syslog<2)
Packit Service 5e8d2a 
      openlog(AIDE_IDENT,AIDE_LOGOPT, sfac);
Packit Service 5e8d2a
Packit Service 5e8d2a 
    return RETOK;
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
#ifndef HAVE_SYSLOG
Packit Service 5e8d2a 
    error(0,_("This binary has no syslog support\n"));
Packit Service 5e8d2a 
    return RETFAIL;
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a
Packit Service 5e8d2a 
  fh=be_init(0,url,0);
Packit Service 5e8d2a 
  if(fh!=NULL) {
Packit Service 5e8d2a 
    conf->report_fd=list_append(conf->report_fd,(void*)fh);
Packit Service 5e8d2a 
    conf->report_url=list_append(conf->report_url,(void*)url);
Packit Service 5e8d2a 
    return RETOK;
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a
Packit Service 5e8d2a 
  error(0,_("Cannot open %s for writing\n"),url->value);
Packit Service 5e8d2a
Packit Service 5e8d2a 
  return RETFAIL;
Packit Service 5e8d2a
Packit Service 5e8d2a 
}
Packit Service 5e8d2a
Packit Service 5e8d2a 
void error(int errorlevel,char* error_msg,...)
Packit Service 5e8d2a 
{
Packit Service 5e8d2a 
  va_list ap;
Packit Service 5e8d2a 
  int retval=0;
Packit Service 5e8d2a 
  list* r=NULL;
Packit Service 5e8d2a
Packit Service 5e8d2a 
  if(conf->verbose_level==-1){
Packit Service 5e8d2a 
    if(5
Packit Service 5e8d2a 
      return;
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
  }else{
Packit Service 5e8d2a 
    if(conf->verbose_level
Packit Service 5e8d2a 
      return;
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a
Packit Service 5e8d2a
Packit Service 5e8d2a 
  if(conf->use_initial_errorsto){
Packit Service 5e8d2a 
    /* We are still using the initial errorsto */
Packit Service 5e8d2a 
    va_start(ap, error_msg);
Packit Service 5e8d2a 
    if(conf->initial_report_url==NULL){
Packit Service 5e8d2a 
      /* Error called before error_init(url,1)
Packit Service 5e8d2a 
	 This most likely means that parsing compiled in initial
Packit Service 5e8d2a 
	 report url failed.
Packit Service 5e8d2a 
       */
Packit Service 5e8d2a 
      vfprintf(stderr,error_msg,ap);
Packit Service 5e8d2a 
      va_end(ap);
Packit Service 5e8d2a 
      fprintf(stderr,
Packit Service 5e8d2a 
	      "Initial report url broken. Reconfigure and recompile.\n");
Packit Service 5e8d2a 
      exit(INVALID_ARGUMENT_ERROR);
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
#ifdef HAVE_SYSLOG
Packit Service 5e8d2a 
    if(conf->initial_report_url->type==url_syslog){
Packit Service 57cbf7
Packit Service 57cbf7 
      char buff[MAX_BUFFER_SIZE+1];
Packit Service 57cbf7 
      vsnprintf(buff,MAX_BUFFER_SIZE,error_msg,ap);
Packit Service 57cbf7 
      size_t buff_len = strlen(buff);
Packit Service 57cbf7
Packit Service 57cbf7 
      char result_buff[MAX_BUFFER_SIZE+1];
Packit Service 57cbf7 
#pragma GCC diagnostic push
Packit Service 57cbf7 
#pragma GCC diagnostic ignored "-Wformat-truncation"
Packit Service 57cbf7 
      snprintf(result_buff, MAX_BUFFER_SIZE, "%s%s", syslog_buffer, buff);
Packit Service 57cbf7 
#pragma GCC diagnostic pop
Packit Service 57cbf7
Packit Service 57cbf7 
      if(buff[buff_len-1] == '\n'){
Packit Service 57cbf7 
        syslog(SYSLOG_PRIORITY,"%s",result_buff);
Packit Service 57cbf7 
        memset(syslog_buffer, 0, MAX_BUFFER_SIZE+1);
Packit Service 57cbf7 
      } else {
Packit Service 57cbf7 
        memcpy(syslog_buffer, result_buff, MAX_BUFFER_SIZE);
Packit Service 57cbf7 
      }
Packit Service 57cbf7
Packit Service 5e8d2a 
      va_end(ap);
Packit Service 5e8d2a 
      return;
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
    vfprintf(conf->initial_report_fd,error_msg,ap);
Packit Service 5e8d2a 
    va_end(ap);
Packit Service 5e8d2a 
    return;
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a
Packit Service 5e8d2a 
#ifdef HAVE_SYSLOG
Packit Service 5e8d2a 
  if (conf->report_syslog!=0) {
Packit Service 57cbf7 
    va_start(ap, error_msg);
Packit Service 57cbf7
Packit Service 57cbf7 
    char buff[MAX_BUFFER_SIZE+1];
Packit Service 57cbf7 
    vsnprintf(buff,MAX_BUFFER_SIZE,error_msg,ap);
Packit Service 57cbf7 
    size_t buff_len = strlen(buff);
Packit Service 57cbf7
Packit Service 57cbf7 
    char result_buff[MAX_BUFFER_SIZE+1];
Packit Service 57cbf7 
#pragma GCC diagnostic push
Packit Service 57cbf7 
#pragma GCC diagnostic ignored "-Wformat-truncation"
Packit Service 57cbf7 
    snprintf(result_buff, MAX_BUFFER_SIZE, "%s%s", syslog_buffer, buff);
Packit Service 57cbf7 
#pragma GCC diagnostic pop
Packit Service 57cbf7
Packit Service 57cbf7 
    if(buff[buff_len-1] == '\n'){
Packit Service 57cbf7 
      syslog(SYSLOG_PRIORITY,"%s",result_buff);
Packit Service 57cbf7 
      memset(syslog_buffer, 0, MAX_BUFFER_SIZE+1);
Packit Service 57cbf7 
    } else {
Packit Service 57cbf7 
      memcpy(syslog_buffer, result_buff, MAX_BUFFER_SIZE);
Packit Service 57cbf7 
    }
Packit Service 5e8d2a 
    va_end(ap);
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a
Packit Service 5e8d2a
Packit Service 5e8d2a 
#ifdef WITH_DBERROR
Packit Service 5e8d2a 
  if (conf->report_db!=0 && ( conf->db_out!=NULL
Packit Service 5e8d2a 
#ifdef WITH_ZLIB
Packit Service 5e8d2a 
			      || conf->db_gzout
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a 
			      )) {
Packit Service 5e8d2a 
    db_line line;
Packit Service 5e8d2a 
    int len;
Packit Service 5e8d2a 
    memset(&line,0,sizeof(db_line));
Packit Service 5e8d2a 
    line.filename=(char*)malloc(3);
Packit Service 5e8d2a 
    if (line.filename!=NULL) {
Packit Service 5e8d2a 
      va_start(ap,error_msg);
Packit Service 5e8d2a 
      len=vsnprintf(line.filename,2,error_msg,ap);
Packit Service 5e8d2a 
      va_end(ap);
Packit Service 5e8d2a 
      free(line.filename);
Packit Service 5e8d2a 
      line.filename=malloc(len+2);
Packit Service 5e8d2a 
      line.filename[0]='#';
Packit Service 5e8d2a 
      if (line.filename!=NULL) {
Packit Service 5e8d2a 
	line.attr=DB_FILENAME;
Packit Service 5e8d2a 
        va_start(ap,error_msg);
Packit Service 5e8d2a 
	len=vsnprintf(line.filename+1,len+1,error_msg,ap);
Packit Service 5e8d2a 
        va_end(ap);
Packit Service 5e8d2a 
	db_writeline(&line,conf);
Packit Service 5e8d2a 
	free(line.filename);
Packit Service 5e8d2a 
      }
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a 
#endif
Packit Service 5e8d2a
Packit Service 5e8d2a 
  for(r=conf->report_fd;r;r=r->next){
Packit Service 5e8d2a 
    va_start(ap, error_msg);
Packit Service 5e8d2a 
    retval=vfprintf((FILE*)r->data, error_msg,ap);
Packit Service 5e8d2a 
    va_end(ap);
Packit Service 5e8d2a 
    if(retval==0){
Packit Service 5e8d2a 
      va_start(ap, error_msg);
Packit Service 5e8d2a 
      retval=vfprintf((FILE*)r->data, error_msg,ap);
Packit Service 5e8d2a 
      va_end(ap);
Packit Service 5e8d2a 
      if(retval==0){
Packit Service 5e8d2a 
	exit(ERROR_WRITING_ERROR);
Packit Service 5e8d2a 
      }
Packit Service 5e8d2a 
    }
Packit Service 5e8d2a 
  }
Packit Service 5e8d2a
Packit Service 5e8d2a 
  return;
Packit Service 5e8d2a 
}
Packit Service 5e8d2a
Packit Service 5e8d2a 
const char* aide_key_0=CONFHMACKEY_00;
Packit Service 5e8d2a 
const char* db_key_0=DBHMACKEY_00;

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation