source: trunk/include/sh_dbIO_int.h@ 496

Last change on this file since 496 was 481, checked in by katerina, 9 years ago

Enhancements and fixes for tickets #374, #375, #376, #377, #378, and #379.

File size: 4.6 KB
RevLine 
[481]1/* SAMHAIN file system integrity testing */
2/* Copyright (C) 2015 Rainer Wichmann */
3/* */
4/* This program is free software; you can redistribute it */
5/* and/or modify */
6/* it under the terms of the GNU General Public License as */
7/* published by */
8/* the Free Software Foundation; either version 2 of the License, or */
9/* (at your option) any later version. */
10/* */
11/* This program is distributed in the hope that it will be useful, */
12/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
13/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
14/* GNU General Public License for more details. */
15/* */
16/* You should have received a copy of the GNU General Public License */
17/* along with this program; if not, write to the Free Software */
18/* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
19
20
21#ifndef SH_DBIO_INT_H
22#define SH_DBIO_INT_H
23
24#define SH_DEADFILE 0x44454144
25
26typedef struct store_info_old {
27
28 UINT32 mode;
29 UINT32 linkmode;
30
31 UINT64 dev;
32 UINT64 rdev;
33
34 UINT32 hardlinks;
35 UINT32 ino;
36
37 UINT64 size;
38 UINT64 atime;
39 UINT64 mtime;
40 UINT64 ctime;
41
42 UINT32 owner;
43 UINT32 group;
44
45 UINT32 attributes;
46
47 char c_attributes[ATTRBUF_SIZE]; /* 16 = 2*UINT64 */
48
49 unsigned short mark;
50 char c_owner[USER_MAX+2];
51 char c_group[GROUP_MAX+2];
52 char c_mode[CMODE_SIZE];
53 char checksum[KEY_LEN+1];
54
55} sh_filestore_old_t;
56
57typedef struct store_info {
58
59 UINT32 mode;
60 UINT32 linkmode;
61
62 UINT64 dev;
63 UINT64 rdev;
64
65 UINT32 hardlinks;
66 UINT32 ino;
67
68 UINT64 size;
69 UINT64 atime;
70 UINT64 mtime;
71 UINT64 ctime;
72
73 UINT32 owner;
74 UINT32 group;
75
76 UINT32 attributes;
77
78 char c_attributes[ATTRBUF_SIZE]; /* 16 = 2*UINT64 */
79
80 unsigned short mark;
81 char c_owner[USER_MAX+2];
82 char c_group[GROUP_MAX+2];
83 char c_mode[CMODE_SIZE];
84 char checksum[KEY_LEN+1];
85
86 /* If 'checkflags' is elsewhere, the compiler would still use
87 * a 6-byte padding to align the whole struct to an 8-byte boundary.
88 * ipad, opad: make explicit what the compiler does on a 64-byte system.
89 */
90 char ipad[2];
91 UINT32 checkflags;
92 char opad[4];
93
94} sh_filestore_t;
95
96typedef struct file_info {
97 sh_filestore_t theFile;
98 char * fullpath;
99 char * linkpath;
100 char * attr_string;
101 int fflags;
102 unsigned long modi_mask;
103 struct file_info * next;
104} sh_file_t;
105
106//* must fit an int */
107#define TABSIZE 65536
108
109/* must fit an unsigned short */
110/* changed for V0.8, as the */
111/* database format has changed */
112/* changed again for V0.9 */
113/* #define REC_MAGIC 19 */
114/* changed again for V1.3 */
115/* #define REC_MAGIC 20 */
116/* changed again for V1.4 */
117/* #define REC_MAGIC 21 */
118#define OLD_REC_MAGIC 21
119/* changed again for V3.2 */
120#define REC_MAGIC 22
121
122#define REC_FLAGS_ATTR (1<<8)
123#define REC_FLAGS_MASK 0xFF00
124
125/* Insert into database table
126 */
127void hashinsert (sh_file_t * tab[TABSIZE], sh_file_t * s);
128
129/* Internal conversion function
130 */
131file_type * sh_hash_create_ft (const sh_file_t * p, char * fileHash);
132
133/* Print what's in the link path
134 */
135int sh_hash_printcontent(char * linkpath);
136
137/* List database entry
138 */
139void sh_hash_list_db_entry (sh_file_t * p);
140
141/* get the location of the default/main database table
142 */
143sh_file_t ** get_default_data_table();
144
145/* Write whole database
146 */
147int sh_dbIO_writeout(sh_file_t * mtab[TABSIZE], const char * outpath, int truncate);
148
149/* Load from the default source into hash table 'tab'
150 */
151int sh_dbIO_load_db(sh_file_t * tab[TABSIZE]);
152
153/* Load from the file 'filepath' into hash table 'tab'
154 */
155int sh_dbIO_load_db_file(sh_file_t * tab[TABSIZE], const char * filepath);
156
157#endif
Note: See TracBrowser for help on using the repository browser.