source: trunk/src/sh_ignore.c@ 383

Last change on this file since 383 was 333, checked in by katerina, 14 years ago

Add unit tests for IgnoreAdded/IgnoreDeleted configuration directives

File size: 6.0 KB
Line 
1/* SAMHAIN file system integrity testing */
2/* Copyright (C) 2003 Rainer Wichmann */
3/* */
4/* This program is free software; you can redistribute it */
5/* and/or modify */
6/* it under the terms of the GNU General Public License as */
7/* published by */
8/* the Free Software Foundation; either version 2 of the License, or */
9/* (at your option) any later version. */
10/* */
11/* This program is distributed in the hope that it will be useful, */
12/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
13/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
14/* GNU General Public License for more details. */
15/* */
16/* You should have received a copy of the GNU General Public License */
17/* along with this program; if not, write to the Free Software */
18/* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
19
20#include "config_xor.h"
21
22#ifndef NULL
23#if !defined(__cplusplus)
24#define NULL ((void*)0)
25#else
26#define NULL (0)
27#endif
28#endif
29
30#ifdef HAVE_REGEX_H
31#include <sys/types.h>
32#include <regex.h>
33#endif
34
35#include "samhain.h"
36#include "sh_mem.h"
37#include "sh_error.h"
38
39#define FIL__ _("sh_ignore.c")
40
41#if defined(SH_WITH_CLIENT) || defined(SH_STANDALONE)
42
43struct sh_ignore_list {
44#ifdef HAVE_REGEX_H
45 regex_t preg;
46#else
47 char * path;
48#endif
49 struct sh_ignore_list * next;
50};
51
52
53static struct sh_ignore_list * sh_del_ign = NULL;
54static struct sh_ignore_list * sh_new_ign = NULL;
55
56static struct sh_ignore_list * sh_ignore_add_int(struct sh_ignore_list * list,
57 const char * addpath)
58{
59 struct sh_ignore_list * new;
60#ifdef HAVE_REGEX_H
61 int status = -1;
62 char * errbuf;
63#else
64 size_t size;
65#endif
66
67 SL_ENTER(_("sh_ignore_add"));
68
69 if (addpath == NULL)
70 {
71 SL_RETURN(list, _("sh_ignore_add"));
72 }
73
74 new = SH_ALLOC(sizeof(struct sh_ignore_list));
75
76#ifdef HAVE_REGEX_H
77 status = regcomp(&(new->preg), addpath, REG_NOSUB|REG_EXTENDED);
78 if (status != 0)
79 {
80 errbuf = SH_ALLOC(BUFSIZ+2);
81 (void) regerror(status, &(new->preg), errbuf, BUFSIZ);
82 errbuf[BUFSIZ] = '\0';
83 sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_REGEX,
84 errbuf, addpath);
85 SH_FREE(errbuf);
86 SH_FREE(new);
87 SL_RETURN(list, _("sh_ignore_add"));
88 }
89#else
90 size = sl_strlen(addpath);
91 new->path = SH_ALLOC(size + 1);
92 sl_strlcpy(new->path, addpath, size+1);
93#endif
94
95 new->next = list;
96
97 SL_RETURN(new, _("sh_ignore_add"));
98}
99
100int sh_ignore_add_del (const char * addpath)
101{
102 if ((addpath == NULL) || (addpath[0] != '/'))
103 {
104 return -1;
105 }
106 sh_del_ign = sh_ignore_add_int (sh_del_ign, addpath);
107 return 0;
108}
109
110int sh_ignore_add_new (const char * addpath)
111{
112 if ((addpath == NULL) || (addpath[0] != '/'))
113 {
114 return -1;
115 }
116 sh_new_ign = sh_ignore_add_int (sh_new_ign, addpath);
117 return 0;
118}
119
120static int sh_ignore_chk_int (struct sh_ignore_list * list,
121 const char * chkpath)
122{
123 struct sh_ignore_list * new = list;
124
125 SL_ENTER(_("sh_ignore_chk"));
126
127 if (chkpath == NULL)
128 {
129 SL_RETURN(S_FALSE, _("sh_ignore_add"));
130 }
131
132 while (new)
133 {
134#ifdef HAVE_REGEX_H
135 if (0 == regexec(&(new->preg), chkpath, 0, NULL, 0))
136 {
137 SL_RETURN(S_TRUE, _("sh_ignore_add"));
138 }
139#else
140 if (0 == sl_strcmp(new->path, chkpath))
141 {
142 SL_RETURN(S_TRUE, _("sh_ignore_add"));
143 }
144#endif
145 new = new->next;
146 }
147
148 SL_RETURN(S_FALSE, _("sh_ignore_add"));
149}
150
151int sh_ignore_chk_new (const char * chkpath)
152{
153 return (sh_ignore_chk_int(sh_new_ign, chkpath));
154}
155
156int sh_ignore_chk_del (const char * chkpath)
157{
158 return (sh_ignore_chk_int(sh_del_ign, chkpath));
159}
160
161int sh_ignore_clean (void)
162{
163 struct sh_ignore_list * new;
164
165 new = sh_new_ign;
166
167 while (new)
168 {
169 sh_new_ign = new->next;
170#ifdef HAVE_REGEX_H
171 regfree (&(new->preg));
172#else
173 SH_FREE(new->path);
174#endif
175 SH_FREE(new);
176 new = sh_new_ign;
177 }
178
179 new = sh_del_ign;
180
181 while (new)
182 {
183 sh_del_ign = new->next;
184#ifdef HAVE_REGEX_H
185 regfree (&(new->preg));
186#else
187 SH_FREE(new->path);
188#endif
189 SH_FREE(new);
190 new = sh_del_ign;
191 }
192
193 return 0;
194}
195#endif
196
197#ifdef SH_CUTEST
198#include "CuTest.h"
199
200void Test_ignore_ok (CuTest *tc) {
201#if defined(SH_WITH_CLIENT) || defined(SH_STANDALONE)
202
203 int ret;
204
205 CuAssertTrue(tc, NULL == sh_del_ign);
206 CuAssertTrue(tc, NULL == sh_new_ign);
207
208 ret = sh_ignore_add_del ("/var/log/foo/.*");
209 CuAssertTrue(tc, 0 == ret);
210 CuAssertPtrNotNull(tc, sh_del_ign);
211
212 ret = sh_ignore_chk_del ("/var/log/foo/test");
213 CuAssertTrue(tc, S_TRUE == ret);
214 CuAssertTrue(tc, NULL == sh_new_ign);
215
216 ret = sh_ignore_chk_del ("/var/log/footest");
217 CuAssertTrue(tc, S_FALSE == ret);
218
219 ret = sh_ignore_chk_del ("/my/var/log/footest");
220 CuAssertTrue(tc, S_FALSE == ret);
221
222 sh_ignore_clean();
223 CuAssertTrue(tc, NULL == sh_del_ign);
224 CuAssertTrue(tc, NULL == sh_new_ign);
225
226 ret = sh_ignore_add_new ("/var/log/foo/.*");
227 CuAssertTrue(tc, 0 == ret);
228 CuAssertPtrNotNull(tc, sh_new_ign);
229 CuAssertTrue(tc, NULL == sh_del_ign);
230
231 ret = sh_ignore_chk_new ("/var/log/foo/test");
232 CuAssertTrue(tc, S_TRUE == ret);
233
234 ret = sh_ignore_chk_new ("/var/log/footest");
235 CuAssertTrue(tc, S_FALSE == ret);
236
237 ret = sh_ignore_chk_new ("/my/var/log/footest");
238 CuAssertTrue(tc, S_FALSE == ret);
239
240 sh_ignore_clean();
241 CuAssertTrue(tc, NULL == sh_new_ign);
242 CuAssertTrue(tc, NULL == sh_del_ign);
243
244#else
245 (void) tc; /* fix compiler warning */
246#endif
247 return;
248}
249/* #ifdef SH_CUTEST */
250#endif
251
Note: See TracBrowser for help on using the repository browser.