diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/sh_calls.h | 4 | ||||
-rw-r--r-- | include/sh_cat.h | 6 | ||||
-rw-r--r-- | include/sh_dbIO.h | 8 | ||||
-rw-r--r-- | include/sh_dbIO_int.h | 2 | ||||
-rw-r--r-- | include/sh_files.h | 3 | ||||
-rw-r--r-- | include/sh_gpg_chksum.h | 53 | ||||
-rw-r--r-- | include/sh_ipvx.h | 2 | ||||
-rw-r--r-- | include/sh_sig.h (renamed from include/sh_gpg.h) | 26 | ||||
-rw-r--r-- | include/sh_string.h | 4 | ||||
-rw-r--r-- | include/sh_subuid.h | 24 | ||||
-rw-r--r-- | include/sh_utils.h | 4 | ||||
-rw-r--r-- | include/sh_xfer.h | 4 | ||||
-rw-r--r-- | include/slib.h | 5 |
13 files changed, 74 insertions, 71 deletions
diff --git a/include/sh_calls.h b/include/sh_calls.h index 7af5e08..a48ad88 100644 --- a/include/sh_calls.h +++ b/include/sh_calls.h @@ -75,8 +75,8 @@ long int retry_connect(const char * file, int line, long int retry_aud_dup2 (const char * file, int line, int fd, int fd2); long int retry_aud_execve (const char * file, int line, - const char *dateiname, char * argv[], - char *envp[]); + const char *dateiname, char *const argv[], + char *const envp[]); long int retry_aud_dup (const char * file, int line, int fd); long int retry_aud_chdir (const char * file, int line, diff --git a/include/sh_cat.h b/include/sh_cat.h index 0096206..806c7fd 100644 --- a/include/sh_cat.h +++ b/include/sh_cat.h @@ -75,7 +75,8 @@ enum { MSG_CHECK_0, MSG_CHECK_1, MSG_CHECK_2, - MSG_STAMP, + MSG_STAMP, + MSG_DCLOSE, MSG_D_START, MSG_D_DSTART, @@ -227,7 +228,8 @@ enum { MSG_TCP_EZERO, MSG_TCP_EBGN, - MSG_TCP_CREG, + MSG_TCP_CREG, + MSG_TCP_AREG, MSG_TCP_FAUTH, MSG_TCP_TIMOUT, diff --git a/include/sh_dbIO.h b/include/sh_dbIO.h index bbb316a..f06a588 100644 --- a/include/sh_dbIO.h +++ b/include/sh_dbIO.h @@ -58,4 +58,12 @@ int sh_dbIO_load_delta(); int sh_dbIO_list_binary (const char * c); int sh_dbIO_list_filter (const char * c); +/* alternative rootfs */ + +int sh_dbIO_init_rootfs (const char * rootfs); +size_t sh_dbIO_get_rootfs_len(); +char * sh_dbIO_rootfs_prepend(char * path); +char * sh_dbIO_rootfs_strip(char * path); +char * sh_dbIO_rootfs_strip_link(char * path); + #endif diff --git a/include/sh_dbIO_int.h b/include/sh_dbIO_int.h index 7dfd01d..4595852 100644 --- a/include/sh_dbIO_int.h +++ b/include/sh_dbIO_int.h @@ -21,7 +21,7 @@ #ifndef SH_DBIO_INT_H #define SH_DBIO_INT_H -#define SH_DEADFILE 0x44454144 +#define SH_DEADFILE 65535 typedef struct store_info_old { diff --git a/include/sh_files.h b/include/sh_files.h index c51c68e..15ad551 100644 --- a/include/sh_files.h +++ b/include/sh_files.h @@ -23,7 +23,8 @@ void sh_audit_mark (const char * file); void sh_audit_commit (); void sh_audit_delete_all (); -char * sh_audit_fetch (char * file, time_t mtime, time_t ctime, char * result, size_t rsize); +int sh_audit_set_flags(const char * str); +char * sh_audit_fetch (char * file, time_t mtime, time_t ctime, time_t atime, char * result, size_t rsize); struct sh_dirent { char * sh_d_name; diff --git a/include/sh_gpg_chksum.h b/include/sh_gpg_chksum.h deleted file mode 100644 index e5c31f0..0000000 --- a/include/sh_gpg_chksum.h +++ /dev/null @@ -1,53 +0,0 @@ -#ifndef CHKSUM_H -#define CHKSUM_H -char gpgchk[50]; -gpgchk[0] = '4'; -gpgchk[1] = '0'; -gpgchk[2] = '7'; -gpgchk[3] = '8'; -gpgchk[4] = '4'; -gpgchk[5] = '6'; -gpgchk[6] = '0'; -gpgchk[7] = '1'; -gpgchk[8] = '7'; -gpgchk[9] = '5'; -gpgchk[10] = 'D'; -gpgchk[11] = '0'; -gpgchk[12] = '1'; -gpgchk[13] = 'B'; -gpgchk[14] = '4'; -gpgchk[15] = '4'; -gpgchk[16] = 'B'; -gpgchk[17] = '5'; -gpgchk[18] = 'E'; -gpgchk[19] = '3'; -gpgchk[20] = 'A'; -gpgchk[21] = '4'; -gpgchk[22] = '0'; -gpgchk[23] = 'E'; -gpgchk[24] = '4'; -gpgchk[25] = '4'; -gpgchk[26] = '0'; -gpgchk[27] = '1'; -gpgchk[28] = '6'; -gpgchk[29] = '3'; -gpgchk[30] = '3'; -gpgchk[31] = '3'; -gpgchk[32] = 'C'; -gpgchk[33] = 'F'; -gpgchk[34] = '3'; -gpgchk[35] = 'C'; -gpgchk[36] = '5'; -gpgchk[37] = '6'; -gpgchk[38] = 'A'; -gpgchk[39] = '7'; -gpgchk[40] = 'A'; -gpgchk[41] = 'B'; -gpgchk[42] = 'D'; -gpgchk[43] = '9'; -gpgchk[44] = '1'; -gpgchk[45] = '9'; -gpgchk[46] = '6'; -gpgchk[47] = '6'; -gpgchk[48] = '\0'; -#endif diff --git a/include/sh_ipvx.h b/include/sh_ipvx.h index 4231044..03eae9c 100644 --- a/include/sh_ipvx.h +++ b/include/sh_ipvx.h @@ -47,7 +47,7 @@ int sh_ipvx_set_port(struct sh_sockaddr * ss, int port); /* Get the port */ -int sh_ipvx_get_port(struct sockaddr * ss, int sa_family); +int sh_ipvx_get_port(struct sh_sockaddr * ss); /* Save a sockaddress */ diff --git a/include/sh_gpg.h b/include/sh_sig.h index c6a1394..e3815c2 100644 --- a/include/sh_gpg.h +++ b/include/sh_sig.h @@ -17,30 +17,38 @@ /* along with this program; if not, write to the Free Software */ /* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -#if (defined(WITH_GPG) || defined(WITH_PGP)) +#if defined(WITH_SIG) -#ifndef SH_GPG_H -#define SH_GPG_H +#ifndef SH_SIG_H +#define SH_SIG_H -#define SIG_CONF 1 -#define SIG_DATA 2 +typedef enum { + SIG_CONF, + SIG_DATA +} ShSigFile; /* Top level function to verify file. */ -SL_TICKET sh_gpg_extract_signed(SL_TICKET fd); +SL_TICKET sh_sig_extract_signed(SL_TICKET fd); +SL_TICKET sh_sig_extract_signed_data(SL_TICKET fd); /* this function exits if configuration file * and/or database cannot be verified; otherwise returns 0 */ -int sh_gpg_check_sign (long file, int what); +int sh_sig_check_signature (SL_TICKET file, ShSigFile what); + +int sh_sig_msg_start(const char * line); +int sh_sig_msg_startdata(const char * line); +int sh_sig_msg_end(const char * line); +int sh_sig_data_end(const char * line); /* log successful startup */ -void sh_gpg_log_startup (void); +void sh_sig_log_startup (void); #endif -/* #ifdef WITH_GPG */ +/* #ifdef WITH_SIG */ #endif diff --git a/include/sh_string.h b/include/sh_string.h index a0da6c2..dfa0cdb 100644 --- a/include/sh_string.h +++ b/include/sh_string.h @@ -67,6 +67,8 @@ size_t sh_string_read_cont(sh_string * s, FILE * fp, size_t maxlen, char *cont); * The number of fields is returned in 'nfields', their * lengths in 'lengths'. * A single delimiter will return two empty fields. + * The returned array is allocated memory, and its fields + * are modified parts of the 'line' parameter. */ char ** split_array(char *line, unsigned int * nfields, char delim, size_t * lengths); @@ -77,6 +79,8 @@ char ** split_array(char *line, unsigned int * nfields, * The number of fields is returned in nfields. * An empty string will return zero fields. * If nfields < actual fields, last string will be remainder. + * The returned array is allocated memory, and its fields + * are modified parts of the 'line' parameter. */ char ** split_array_ws(char *line, unsigned int * nfields, size_t * lengths); diff --git a/include/sh_subuid.h b/include/sh_subuid.h new file mode 100644 index 0000000..cedd0dd --- /dev/null +++ b/include/sh_subuid.h @@ -0,0 +1,24 @@ +/* SAMHAIN file system integrity testing */ +/* Copyright (C) 2018 Rainer Wichmann */ +/* */ +/* This program is free software; you can redistribute it */ +/* and/or modify */ +/* it under the terms of the GNU General Public License as */ +/* published by */ +/* the Free Software Foundation; either version 2 of the License, or */ +/* (at your option) any later version. */ +/* */ +/* This program is distributed in the hope that it will be useful, */ +/* but WITHOUT ANY WARRANTY; without even the implied warranty of */ +/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */ +/* GNU General Public License for more details. */ +/* */ +/* You should have received a copy of the GNU General Public License */ +/* along with this program; if not, write to the Free Software */ +/* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ + +/* These functions return NULL if the subuid/subgid is not found; + * else the user/group name is returned (needs to be copied). + */ +char * sh_get_subuid (unsigned long subuid); +char * sh_get_subgid (unsigned long subgid); diff --git a/include/sh_utils.h b/include/sh_utils.h index 2f4519c..986c6ab 100644 --- a/include/sh_utils.h +++ b/include/sh_utils.h @@ -178,9 +178,9 @@ char * sh_util_dirname(const char * fullpath); /* returns freshly allocated memory, return value should be free'd */ -char * sh_util_safe_name (const char * name) SH_GNUC_MALLOC SH_GNUC_PURE; +char * sh_util_safe_name (const char * name) SH_GNUC_MALLOC; -char * sh_util_safe_name_keepspace (const char * name) SH_GNUC_MALLOC SH_GNUC_PURE; +char * sh_util_safe_name_keepspace (const char * name) SH_GNUC_MALLOC; /* check max size of printf result string */ diff --git a/include/sh_xfer.h b/include/sh_xfer.h index f4d6108..c041828 100644 --- a/include/sh_xfer.h +++ b/include/sh_xfer.h @@ -83,6 +83,10 @@ int sh_xfer_set_interface(const char * c); */ void sh_xfer_html_write(void); +/* register an alias + */ +int sh_xfer_register_alias (const char * str); + /* register a client */ int sh_xfer_register_client (const char * str); diff --git a/include/slib.h b/include/slib.h index 9ca3608..fe9ae65 100644 --- a/include/slib.h +++ b/include/slib.h @@ -107,6 +107,7 @@ typedef long int SL_TICKET; /* Unique ID for opened files. */ #define SL_EREAD -1036 /* Read error. Check errno. */ #define SL_EWRITE -1037 /* Write error. Check errno. */ #define SL_ESYNC -1038 /* Write error. Check errno. */ +#define SL_ECLOSE -1039 /* Close error. Check errno. */ #define SL_EBADNAME -1040 /* Invalid name. */ #define SL_ESTAT -1041 /* stat of file failed. Check errno. */ @@ -225,6 +226,7 @@ extern "C" { * robust strn[case]cmp replacement */ int sl_strncmp(const char * a, const char * b, size_t n); + int sl_ts_strncmp(const char * a, const char * b, size_t n); int sl_strncasecmp(const char * a, const char * b, size_t n); @@ -437,6 +439,9 @@ extern "C" { int sl_read_timeout_fd (int fd, void * buf, size_t count, int timeout, int is_nonblocking); + int sl_read_timeout_fd_once (int fd, void * buf, + size_t count, int timeout, int is_nonblocking); + int sl_read_timeout (SL_TICKET ticket, void * buf, size_t count, int timeout, int is_nonblocking); |