source: trunk/include/sh_hash.h@ 512

Last change on this file since 512 was 481, checked in by katerina, 9 years ago

Enhancements and fixes for tickets #374, #375, #376, #377, #378, and #379.

File size: 5.4 KB
RevLine 
[1]1/* SAMHAIN file system integrity testing */
2/* Copyright (C) 1999 Rainer Wichmann */
3/* */
4/* This program is free software; you can redistribute it */
5/* and/or modify */
6/* it under the terms of the GNU General Public License as */
7/* published by */
8/* the Free Software Foundation; either version 2 of the License, or */
9/* (at your option) any later version. */
10/* */
11/* This program is distributed in the hope that it will be useful, */
12/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
13/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
14/* GNU General Public License for more details. */
15/* */
16/* You should have received a copy of the GNU General Public License */
17/* along with this program; if not, write to the Free Software */
18/* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
19
20
21#ifndef SH_HASH_H
22#define SH_HASH_H
23
24#include <limits.h>
25
26#include "samhain.h"
27#include "sh_unix.h"
28#include "sh_error.h"
29
[481]30/* the report_checkflags flag
31 */
32int get_report_checkflags();
33
34/* whether to report checkflags
35 */
36int set_report_checkflags(const char * c);
37
[356]38/* convert to policy string
39 */
40const char * sh_hash_getpolicy(int class);
41
[1]42/* format a uint64
43 */
[170]44char * sh_hash_size_format(void);
[1]45
46/* report on a missing file
47 */
48int hashreport_missing( char *fullpath, int level);
49
[481]50/* remove internal db record for a file (checks for some flags).
[305]51 */
52void sh_hash_remove (const char * path);
53
[481]54/* remove internal db record for a file
[1]55 */
[481]56void sh_hash_remove_unconditional (const char * path);
[1]57
[481]58/* Insert a "null" record in-memory (representing a missing file).
[1]59 */
[481]60void sh_hash_insert_null(char * str);
[1]61
[481]62#ifdef SH_DBIO_INT_H
63/* Check for "null" record
64 */
65int sh_hash_is_null_record(sh_filestore_t * theFile);
66#endif
67
[205]68/* Dont report on ctm/mtm change for directories
69 */
70int sh_hash_loosedircheck(const char * str);
71
[169]72/* List database content for a single file
73 */
74int set_list_file (const char * c);
75
[481]76/* Set the path of that file
77 */
78char * get_list_file();
79
[1]80/* List database content with full detail
81 */
[20]82int set_full_detail (const char * c);
[1]83
84/* List database content with full detail, comma delimited
85 */
[20]86int set_list_delimited (const char * c);
[1]87
88/* Read the database from disk.
89 */
90void sh_hash_init (void);
91
[481]92/* Check init status
93 */
94int sh_hash_get_initialized();
95
96/* Read the database from disk and fill sh.data.hash with checksum.
97 */
98void sh_hash_init_and_checksum();
99
100/* Set status to 'database is read in'.
101 */
102void sh_hash_set_initialized();
103
[1]104/* Check whether a file is present in the database.
105 */
[294]106int sh_hash_have_it (const char * newname);
[1]107
108/* Get a file if it is present in the database.
[294]109 * If fileHash != NULL also return checksum.
[1]110 */
[294]111int sh_hash_get_it (const char * newname, file_type * tmpFile, char * fileHash);
[1]112
113/* Delete the database from memory.
114 */
115void sh_hash_hashdelete (void);
116
117/* Insert a file into the database.
118 */
119void sh_hash_pushdata (file_type * buf, char * fileHash);
120
121/* reset sh_hash_pushdata to use 'update' in daemon mode
122 */
[170]123void sh_hash_pushdata_reset (void);
[1]124
125/* Insert a file into the in-memory database.
126 */
127void sh_hash_pushdata_memory (file_type * theFile, char * fileHash);
128
[115]129/* Get file flags from in-memory database
130 */
131int sh_hash_getflags (char * filename);
132
133/* Set file flags in in-memory database
134 */
135int sh_hash_setflags (char * filename, int flags);
136
137/* Set a file flag in in-memory database
138 */
[458]139void sh_hash_set_flag (char * filename, int flag);
[115]140
[458]141/* Unset a file flag in in-memory database
142 */
143void sh_hash_clear_flag (char * filename, int flag_to_set);
144
[1]145/* Compare a file with its status in the database.
146 */
147int sh_hash_compdata (int class, file_type * theFile, char * fileHash,
148 char * policy_override, int severity_override);
149
150/* Search for files in the database that have been deleted from disk.
151 */
152void sh_hash_unvisited (ShErrLevel level);
153
[294]154/* Search for unvisited entries in the database, custom error handler.
155 */
156void sh_hash_unvisited_custom (char prefix, void(*handler)(const char * key));
157
[1]158/* Set a file's status to 'visited'. This is required for
159 * files that should be ignored, and may be present in the
160 * database, but not on disk.
161 */
162int sh_hash_set_visited (char * newname);
163
164/* As above, but only set the 'visited' flag
165 */
166int sh_hash_set_visited_true (char * newname);
167
168/* cause the record to be deleted without a 'missing' message
169 */
170int sh_hash_set_missing (char * newname);
171
172/* Make a complete directory tree invisible
173 */
174int hash_remove_tree (char * s);
175
176/* Make every entry visible
177 */
178int hash_full_tree (void);
179
[294]180/* Insert data.
181 * 'key' -> path
182 * 'str' -> binary with size 'size'
[1]183 */
[294]184struct store2db {
185 UINT64 val0;
186 UINT64 val1;
187 UINT64 val2;
188 UINT64 val3;
189 char checksum[KEY_LEN+1];
190 unsigned char * str;
191 int size;
192};
[1]193
[294]194void sh_hash_push2db (const char * key, struct store2db * save);
195
196
[1]197/* Retrieve data
198 */
[294]199char * sh_hash_db2pop (const char * key, struct store2db * get);
[1]200
[294]201
[1]202/* Write out database
203 */
[170]204int sh_hash_writeout(void);
[1]205#endif
Note: See TracBrowser for help on using the repository browser.