source: trunk/src/sh_readconf.c@ 300

Last change on this file since 300 was 290, checked in by katerina, 14 years ago

Fixes for tickets #215, #216, #217, #218, version bumped to 2.7.2
File size: 39.1 KB
Line 
1/* SAMHAIN file system integrity testing */
2/* Copyright (C) 1999, 2000 Rainer Wichmann */
3/* */
4/* This program is free software; you can redistribute it */
5/* and/or modify */
6/* it under the terms of the GNU General Public License as */
7/* published by */
8/* the Free Software Foundation; either version 2 of the License, or */
9/* (at your option) any later version. */
10/* */
11/* This program is distributed in the hope that it will be useful, */
12/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
13/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
14/* GNU General Public License for more details. */
15/* */
16/* You should have received a copy of the GNU General Public License */
17/* along with this program; if not, write to the Free Software */
18/* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
19
20#include "config_xor.h"
21
22
23#include <stdlib.h>
24#include <stdio.h>
25#include <string.h>
26#include <ctype.h>
27
28
29#include "samhain.h"
30#include "sh_calls.h"
31#include "sh_error.h"
32#include "sh_extern.h"
33#include "sh_files.h"
34#include "sh_forward.h"
35#include "sh_gpg.h"
36#include "sh_hash.h"
37#include "sh_ignore.h"
38#include "sh_database.h"
39#include "sh_mail.h"
40#include "sh_modules.h"
41#include "sh_nmail.h"
42#include "sh_prelink.h"
43#ifdef HAVE_LIBPRELUDE
44#include "sh_prelude.h"
45#endif
46#include "sh_tiger.h"
47#include "sh_tools.h"
48#include "sh_unix.h"
49#include "sh_utils.h"
50
51
52extern int set_reverse_lookup (const char * c);
53
54#undef FIL__
55#define FIL__ _("sh_readconf.c")
56
57typedef enum {
58 SH_SECTION_NONE,
59 SH_SECTION_LOG,
60 SH_SECTION_MISC,
61 SH_SECTION_ATTRIBUTES,
62 SH_SECTION_READONLY,
63 SH_SECTION_LOGFILES,
64 SH_SECTION_LOGGROW,
65 SH_SECTION_NOIGNORE,
66 SH_SECTION_ALLIGNORE,
67 SH_SECTION_USER0,
68 SH_SECTION_USER1,
69 SH_SECTION_USER2,
70 SH_SECTION_USER3,
71 SH_SECTION_USER4,
72 SH_SECTION_PRELINK,
73#if defined (SH_WITH_MAIL)
74 SH_SECTION_MAIL,
75#endif
76#if defined (SH_WITH_CLIENT)
77 SH_SECTION_CLT,
78#endif
79#ifdef WITH_EXTERNAL
80 SH_SECTION_EXTERNAL,
81#endif
82#ifdef WITH_DATABASE
83 SH_SECTION_DATABASE,
84#endif
85#if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
86 SH_SECTION_OTHER,
87#endif
88#ifdef SH_WITH_SERVER
89 SH_SECTION_CLIENTS,
90 SH_SECTION_SRV,
91#endif
92 SH_SECTION_THRESHOLD
93} ShSectionType;
94
95typedef struct str_ListSections {
96 const char * name;
97 int type;
98} sh_str_ListSections;
99
100struct str_ListSections tab_ListSections[] = {
101 { N_("[Log]"), SH_SECTION_LOG},
102 { N_("[Misc]"), SH_SECTION_MISC},
103 { N_("[Attributes]"), SH_SECTION_ATTRIBUTES},
104 { N_("[ReadOnly]"), SH_SECTION_READONLY},
105 { N_("[LogFiles]"), SH_SECTION_LOGFILES},
106 { N_("[GrowingLogFiles]"), SH_SECTION_LOGGROW},
107 { N_("[IgnoreAll]"), SH_SECTION_ALLIGNORE},
108 { N_("[IgnoreNone]"), SH_SECTION_NOIGNORE},
109 { N_("[User0]"), SH_SECTION_USER0},
110 { N_("[User1]"), SH_SECTION_USER1},
111 { N_("[User2]"), SH_SECTION_USER2},
112 { N_("[User3]"), SH_SECTION_USER3},
113 { N_("[User4]"), SH_SECTION_USER4},
114 { N_("[Prelink]"), SH_SECTION_PRELINK},
115#ifdef WITH_EXTERNAL
116 { N_("[External]"), SH_SECTION_EXTERNAL},
117#endif
118#ifdef WITH_DATABASE
119 { N_("[Database]"), SH_SECTION_DATABASE},
120#endif
121 { N_("[EventSeverity]"), SH_SECTION_THRESHOLD},
122#ifdef SH_WITH_SERVER
123 { N_("[Clients]"), SH_SECTION_CLIENTS},
124 { N_("[Server]"), SH_SECTION_SRV},
125#endif
126#if defined (SH_WITH_CLIENT)
127 { N_("[Client]"), SH_SECTION_CLT},
128#endif
129#if defined (SH_WITH_MAIL)
130 { N_("[Mail]"), SH_SECTION_MAIL},
131#endif
132 { NULL, SH_SECTION_NONE}
133};
134
135static char * sh_readconf_expand_value (const char * str)
136{
137 char * tmp = (char*)str;
138 char * out;
139
140 while (tmp && isspace((int)*tmp)) ++tmp;
141
142 if (tmp[0] == '$' && tmp[1] == '(')
143 {
144 size_t len = strlen(tmp);
145 while (isspace((int) tmp[len-1])) { tmp[len-1] = '\0'; --len; }
146 if (tmp[len-1] == ')')
147 {
148 tmp[len-1] = '\0';
149 out = sh_ext_popen_str(&tmp[2]);
150 return out;
151 }
152 }
153 return sh_util_strdup(str);
154}
155
156enum {
157 SH_RC_ANY = 0,
158 SH_RC_HOST = 1,
159 SH_RC_SYSTEM = 2,
160 SH_RC_FILE = 3,
161 SH_RC_IFACE = 4,
162 SH_RC_CMD = 5
163};
164
165
166static int sh_readconf_cond_match(char * str, int line)
167{
168 int match = 0;
169 int negate = 1;
170 int cond_type = SH_RC_ANY;
171 char myident[3*SH_MINIBUF+3];
172 struct stat buf;
173
174 char * p = str;
175
176 if (*p == '!') { negate = 0; ++p; }
177 if (*p == '$') {
178 cond_type = SH_RC_SYSTEM; ++p; /* [!]$system */
179 }
180 else { /* *p == '@' */
181
182 ++p; while (isspace((int)*p)) ++p;
183
184 if (0 != strncasecmp(p, _("if "), 3)) {
185 cond_type = SH_RC_HOST; /* [!]$host */
186 }
187
188 else {
189
190 p += 3; while (isspace((int)*p)) ++p; /* skip the 'if\s+' */
191
192 if (0 == strncasecmp(p, _("not "), 4))
193 {
194 p += 4; while (isspace((int)*p)) ++p;
195 negate = 0;
196 }
197 else if (0 == strncmp(p, _("!"), 1))
198 {
199 ++p; while (isspace((int)*p)) ++p;
200 negate = 0;
201 }
202
203 if (0 == strncasecmp(p, _("file_exists "), 12))
204 {
205 p += 12; cond_type = SH_RC_FILE;
206 }
207 else if (0 == strncasecmp(p, _("interface_exists "), 17))
208 {
209 p += 17; cond_type = SH_RC_IFACE;
210 }
211 else if (0 == strncasecmp(p, _("hostname_matches "), 17))
212 {
213 p += 17; cond_type = SH_RC_HOST;
214 }
215 else if (0 == strncasecmp(p, _("system_matches "), 15))
216 {
217 p += 15; cond_type = SH_RC_SYSTEM;
218 }
219 else if (0 == strncasecmp(p, _("command_succeeds "), 17))
220 {
221 p += 17; cond_type = SH_RC_CMD;
222 }
223 else
224 {
225 char errbuf[SH_ERRBUF_SIZE];
226 sl_snprintf(errbuf, sizeof(errbuf),
227 _("Unsupported test at line %d of configuration file"),
228 line);
229 sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, 0, MSG_E_SUBGEN,
230 errbuf,
231 _("sh_readconf_cond_match"));
232 return 0;
233 }
234 }
235 }
236
237 while (isspace((int)*p)) ++p;
238
239 switch (cond_type)
240 {
241 case SH_RC_HOST:
242 if (sl_strncmp (p, sh.host.name, strlen(sh.host.name)) == 0
243#ifdef HAVE_REGEX_H
244 || sh_util_regcmp (p, sh.host.name) == 0
245#endif
246 )
247 match = negate;
248 break;
249 case SH_RC_SYSTEM:
250 /*
251 * The system type, release, and machine.
252 */
253 sl_snprintf(myident, sizeof(myident), _("%s:%s:%s"),
254 sh.host.system, /* flawfinder: ignore */
255 sh.host.release, sh.host.machine);
256
257 if (sl_strncmp (p, myident, strlen(myident)) == 0
258#ifdef HAVE_REGEX_H
259 || sh_util_regcmp (p, myident) == 0
260#endif
261 )
262 match = negate;
263 break;
264 case SH_RC_FILE:
265 if (0 == retry_lstat(FIL__, __LINE__, p, &buf))
266 match = negate;
267 break;
268 case SH_RC_IFACE:
269 if (sh_tools_iface_is_present(p))
270 match = negate;
271 break;
272 case SH_RC_CMD:
273 if (0 == sh_unix_run_command(p))
274 match = negate;
275 break;
276 default:
277 match = 0;
278 }
279 return match;
280}
281
282static int sh_readconf_is_end (char * str)
283{
284 int retval = 0;
285
286 if (str[0] == '@' || str[0] == '$')
287 {
288 char * p = str;
289 ++p; while (isspace((int)*p)) ++p;
290 if (
291 (0 == strncasecmp (p, _("end"), 3) && (p[3] == '\0' || isspace((int)p[3]))) ||
292 (0 == strncasecmp (p, _("fi"), 2) && (p[2] == '\0' || isspace((int)p[2])))
293 )
294 {
295 return 1;
296 }
297 }
298 return retval;
299}
300
301static int sh_readconf_is_else (char * str)
302{
303 int retval = 0;
304
305 if (str[0] == '@')
306 {
307 char * p = str;
308 ++p; while (isspace((int)*p)) ++p;
309 if ( 0 == strncasecmp (p, _("else"), 4) && (p[4] == '\0' || isspace((int)p[4])) )
310 {
311 return 1;
312 }
313 }
314 return retval;
315}
316
317static int sh_readconfig_line (char * line);
318
319static ShSectionType read_mode = SH_SECTION_NONE;
320
321static int conf_line = 0;
322
323/* --- Read the configuration file. ---
324 */
325int sh_readconf_read (void)
326{
327#if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
328 /* This is for modules.
329 */
330 int modnum;
331#endif
332
333 int i;
334
335 SL_TICKET fd = -1;
336#if defined(SH_STEALTH) && !defined(SH_STEALTH_MICRO)
337 SL_TICKET fdTmp = -1;
338 SL_TICKET open_tmp (void);
339#endif
340 char * tmp;
341
342#define SH_LINE_IN 16384
343 char * line_in;
344 char * line;
345
346 /* This is for nested conditionals.
347 */
348 int cond_depth = 0;
349 int cond_excl = 0;
350
351 int local_file = 1;
352 char local_flag = 'R';
353
354#if defined(WITH_GPG) || defined(WITH_PGP)
355 int signed_content = S_FALSE;
356 int true_content = S_FALSE;
357#endif
358#if defined(SH_STEALTH) && !defined(SH_STEALTH_MICRO)
359 int hidden_count = 0;
360#endif
361 uid_t euid;
362 char hashbuf[KEYBUF_SIZE];
363
364 SL_ENTER(_("sh_readconf_read"));
365
366 /* --- Open config file, exit on failure. ---
367 */
368#if defined(SH_WITH_CLIENT)
369 if (0 == sl_strcmp(file_path('C', 'R'), _("REQ_FROM_SERVER")))
370 {
371 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_D_START);
372
373 fd = sh_forward_req_file(_("CONF"));
374
375 if (!SL_ISERROR(fd))
376 {
377 local_file = 0;
378 }
379 else if (sh.flag.checkSum != SH_CHECK_INIT)
380 {
381 aud_exit (FIL__, __LINE__, EXIT_FAILURE);
382 }
383 else
384 {
385 sh_error_handle ((-1), FIL__, __LINE__, fd, MSG_D_FAIL);
386 local_file = 1;
387 local_flag = 'I';
388 }
389 }
390#endif
391
392 /* Use a local configuration file.
393 */
394 if (local_file == 1)
395 {
396 if (0 != tf_trust_check (file_path('C', local_flag), SL_YESPRIV))
397 {
398 sl_get_euid(&euid);
399 dlog(1, FIL__, __LINE__,
400 _("The configuration file: %s is untrusted, i.e. an\nuntrusted user owns or can write to some directory in the path.\n"),
401 ( (NULL == file_path('C', local_flag))
402 ? _("(null)") : file_path('C', local_flag) ));
403 sh_error_handle ((-1), FIL__, __LINE__, EACCES, MSG_TRUST,
404 (long) euid,
405 ( (NULL == file_path('C', local_flag))
406 ? _("(null)") : file_path('C', local_flag) )
407 );
408 aud_exit (FIL__, __LINE__, EXIT_FAILURE);
409 }
410 if (SL_ISERROR(fd = sl_open_read(FIL__, __LINE__,
411 file_path('C',local_flag),SL_YESPRIV)))
412 {
413 sl_get_euid(&euid);
414 dlog(1, FIL__, __LINE__,
415 _("Could not open the local configuration file for reading because\nof the following error: %s (errnum = %ld)\nIf this is a permission problem, you need to change file permissions\nto make the file readable for the effective UID: %d\n"),
416 sl_get_errmsg(), fd, (int) euid);
417 sh_error_handle ((-1), FIL__, __LINE__, fd, MSG_NOACCESS,
418 (long) euid,
419 ( (NULL == file_path('C', local_flag))
420 ? _("(null)") : file_path('C', local_flag) )
421 );
422 aud_exit (FIL__, __LINE__, EXIT_FAILURE);
423 }
424 }
425
426 /* Compute the checksum of the open file.
427 */
428 sl_strlcpy(sh.conf.hash,
429 sh_tiger_hash(file_path('C',local_flag), fd, TIGER_NOLIM,
430 hashbuf, sizeof(hashbuf)),
431 KEY_LEN+1);
432 sl_rewind (fd);
433
434 line_in = SH_ALLOC(SH_LINE_IN);
435
436#if defined(SH_STEALTH) && !defined(SH_STEALTH_MICRO)
437 /* extract the data and copy to temporary file
438 */
439 fdTmp = open_tmp();
440
441 sh_unix_getline_stealth (0, NULL, 0); /* initialize */
442
443 while ( sh_unix_getline_stealth (fd, line_in, SH_LINE_IN-2) > 0) {
444 hidden_count++;
445 if (line_in[0] == '\n')
446 {
447 sl_write(fdTmp, line_in, 1);
448 }
449 else
450 {
451 sl_write_line(fdTmp, line_in, sl_strlen(line_in));
452 }
453#if defined(WITH_GPG) || defined(WITH_PGP)
454 if (0 == sl_strncmp(line_in, _("-----END PGP SIGNATURE-----"), 25))
455 break;
456#else
457 if (0 == sl_strncmp(line_in, _("[EOF]"), 5))
458 break;
459#endif
460 if (hidden_count > 1048576) /* arbitrary safeguard, 1024*1024 */
461 break;
462 }
463 sl_close(fd);
464 fd = fdTmp;
465 sl_rewind (fd);
466#endif
467
468
469 /* --- Start reading lines. ---
470 */
471 conf_line = 0;
472
473 while ( sh_unix_getline (fd, line_in, SH_LINE_IN-2) > 0) {
474
475 ++conf_line;
476
477 line = &(line_in[0]);
478
479 /* fprintf(stderr, "<%s>\n", line); */
480
481 /* Sun May 27 18:40:05 CEST 2001
482 */
483#if defined(WITH_GPG) || defined(WITH_PGP)
484 if (signed_content == S_FALSE)
485 {
486 if (0 == sl_strcmp(line, _("-----BEGIN PGP SIGNED MESSAGE-----")))
487 signed_content = S_TRUE;
488 else
489 continue;
490 }
491 else if (true_content == S_FALSE)
492 {
493 if (line[0] == '\n')
494 true_content = S_TRUE;
495 else
496 continue;
497 }
498 else if (signed_content == S_TRUE)
499 {
500 if (0 == sl_strcmp(line, _("-----BEGIN PGP SIGNATURE-----")))
501 break;
502 else if (0 == sl_strcmp(line, _("-----BEGIN PGP SIGNED MESSAGE-----")))
503 {
504 sh_error_handle((-1), FIL__, __LINE__, 0, MSG_E_SUBGEN,
505 _("second signed message in file"),
506 _("sh_readconf_read"));
507 dlog(1, FIL__, __LINE__,
508 _("There seems to be more than one signed message in the configuration\nfile. Please make sure there is only one signed message.\n"));
509 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EXIT_ABORT1,
510 sh.prg_name);
511 SH_FREE(line_in);
512 aud_exit (FIL__, __LINE__,EXIT_FAILURE);
513 }
514 }
515#endif
516
517 /* Skip leading white space.
518 */
519 while (isspace((int)*line)) ++line;
520
521
522 /* Skip header etc.
523 */
524 if (line[0] == '#' || line[0] == '\0' || line[0] == ';' ||
525 (line[0] == '/' && line[1] == '/'))
526 continue;
527
528 /* Clip off trailing white space.
529 */
530 tmp = line + sl_strlen( line ); --tmp;
531 while( isspace((int) *tmp ) && tmp >= line ) *tmp-- = '\0';
532
533
534 /* --- an @host/@if/$system directive -------------- */
535
536 if (line[0] == '@' || (line[0] == '!' && line[1] == '@') ||
537 line[0] == '$' || (line[0] == '!' && line[1] == '$'))
538 {
539 if (sh_readconf_is_end(line))
540 {
541 if (0 == cond_depth) {
542 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALD,
543 _("config file"),
544 (long) conf_line);
545 }
546 else {
547 if (cond_excl == cond_depth)
548 cond_excl = 0;
549 --cond_depth;
550 }
551 }
552 else if (sh_readconf_is_else(line))
553 {
554 if (0 == cond_depth) {
555 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALD,
556 _("config file"),
557 (long) conf_line);
558 }
559 else if (cond_excl == cond_depth) {
560 cond_excl = 0;
561 }
562 else if (cond_excl == 0) {
563 cond_excl = cond_depth;
564 }
565 }
566 else
567 {
568 if (sh_readconf_cond_match(line, conf_line)) {
569 ++cond_depth;
570 }
571 else {
572 ++cond_depth;
573 if (cond_excl == 0)
574 cond_excl = cond_depth;
575 }
576 }
577 continue;
578 }
579
580 /****************************************************
581 *
582 * Only carry on if this section is intended for us
583 *
584 ****************************************************/
585
586 if (cond_excl != 0) {
587 continue;
588 }
589
590 /* ------- starts a section ------------ */
591
592 else if (line[0] == '[')
593 {
594 read_mode = SH_SECTION_NONE;
595
596 if (0 == sl_strncasecmp (line, _("[EOF]"), 5)) {
597 goto nopel;
598 }
599
600 i = 0;
601
602 while (tab_ListSections[i].name != 0)
603 {
604 if (sl_strncasecmp (line, _(tab_ListSections[i].name),
605 sl_strlen(tab_ListSections[i].name)) == 0)
606 {
607 read_mode = tab_ListSections[i].type;
608 break;
609 }
610 ++i;
611 }
612
613#if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
614 if (read_mode == SH_SECTION_NONE)
615 {
616 for (modnum = 0; modList[modnum].name != NULL; ++modnum)
617 {
618 if (0 == sl_strncasecmp (line, _(modList[modnum].conf_section),
619 sl_strlen(modList[modnum].conf_section)) )
620 read_mode = SH_SECTION_OTHER;
621 }
622 }
623#endif
624 if (read_mode == SH_SECTION_NONE)
625 {
626 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALHEAD,
627 (long) conf_line);
628 }
629 }
630
631 /* --- an %schedule directive ------------ */
632
633 else if (line[0] == '%' || (line[0] == '!' && line[1] == '%'))
634 {
635#if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
636 if (line[0] == '!' && 0 == sl_strcasecmp(&(line[2]), _("SCHEDULE_TWO")))
637 set_dirList(1);
638 else if (0 == sl_strcasecmp(&(line[1]), _("SCHEDULE_TWO")))
639 set_dirList(2);
640#else
641 ;
642#endif
643 }
644
645 /* ------ no new section -------------- */
646
647
648 else if (read_mode != SH_SECTION_NONE)
649 {
650 if (0 != sh_readconfig_line (line))
651 {
652 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALCONF,
653 (long) conf_line);
654 }
655 }
656 } /* while getline() */
657
658 nopel:
659
660 if (0 != cond_depth)
661 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALDD,
662 _("config file"),
663 (long) conf_line);
664
665#if defined(WITH_GPG) || defined(WITH_PGP)
666 /* Validate signature of open file.
667 */
668 sl_rewind (fd);
669 if (0 != sh_gpg_check_sign (fd, 0, 1))
670 {
671 SH_FREE(line_in);
672 aud_exit (FIL__, __LINE__, EXIT_FAILURE);
673 }
674#endif
675
676 sl_close (fd);
677
678 sh_error_fixup();
679
680 read_mode = SH_SECTION_NONE; /* reset b/o sighup reload */
681
682 SH_FREE(line_in);
683 SL_RETURN( 0, _("sh_readconf_read"));
684}
685
686int sh_readconf_set_path (char * which, const char * what)
687{
688 int len;
689 SL_ENTER( _("sh_readconf_set_path"));
690
691 if (which == NULL || what == NULL)
692 {
693 TPT((0, FIL__, __LINE__ , _("msg=<Input error>\n")));
694 SL_RETURN( -1, _("sh_readconf_set_path"));
695 }
696
697 if (0 == sl_strcmp(what, _("AUTO")))
698 {
699 len = sl_strlen(which);
700 if ( (len + sl_strlen(sh.host.name) + 2) > SH_PATHBUF)
701 {
702 TPT((0, FIL__, __LINE__ , _("msg=<Path too large: %s:%s>\n"),
703 which, sh.host.name));
704 SL_RETURN( -1, _("sh_readconf_set_path"));
705 }
706 else
707 {
708 which[len] = ':'; which[len+1] = '\0';
709 sl_strlcat(which, sh.host.name, SH_PATHBUF);
710 }
711 }
712 else /* not auto */
713 {
714 if (sl_strlen(what) > (SH_PATHBUF-1))
715 {
716 TPT((0, FIL__, __LINE__ , _("msg=<Path too large: %s>\n"), what));
717 SL_RETURN( -1, _("sh_readconf_set_path"));
718 }
719 else
720 {
721 sl_strlcpy(which, what, SH_PATHBUF);
722 }
723 }
724 SL_RETURN( 0, _("sh_readconf_set_path"));
725}
726
727int sh_readconf_set_database_path (const char * what)
728{
729 return (sh_readconf_set_path(sh.data.path, what));
730}
731
732int sh_readconf_set_logfile_path (const char * what)
733{
734 return (sh_readconf_set_path(sh.srvlog.name, what));
735}
736
737int sh_readconf_set_lockfile_path (const char * what)
738{
739 return( sh_readconf_set_path(sh.srvlog.alt, what));
740}
741
742
743
744
745typedef enum {
746 SET_MAILTIME,
747 SET_FILETIME
748} ShTimerItem;
749
750
751int sh_readconf_setTime (const char * str, ShTimerItem what)
752{
753 unsigned long i = atoi (str);
754
755 SL_ENTER( _("sh_readconf_setTime"));
756
757 if (i < LONG_MAX)
758 {
759 if (what == SET_MAILTIME)
760 {
761 TPT((0, FIL__, __LINE__, _("msg=<Set mail timer to %ld>\n"), i));
762 sh.mailTime.alarm_interval = i;
763 }
764 else if (what == SET_FILETIME)
765 {
766 TPT((0, FIL__, __LINE__, _("msg=<Set filecheck timer to %ld>\n"),i));
767 sh.fileCheck.alarm_interval = i;
768 }
769
770 SL_RETURN( 0, _("sh_readconf_setTime"));
771 }
772 else
773 {
774 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALL,
775 _("set timer"), (long) i);
776 SL_RETURN( (-1), _("sh_readconf_setTime"));
777 }
778}
779
780int sh_readconf_setMailtime (const char * c)
781{
782 return sh_readconf_setTime (c, SET_MAILTIME);
783}
784
785int sh_readconf_setFiletime (const char * c)
786{
787 return sh_readconf_setTime (c, SET_FILETIME);
788}
789
790int sh_readconf_set_nice (const char * c)
791{
792 long val;
793
794 SL_ENTER(_("sh_readconf_set_nice"));
795
796 val = strtol (c, (char **)NULL, 10);
797 if (val < -20 || val > 20)
798 {
799 SL_RETURN((-1), _("sh_readconf_set_nice"));
800 }
801
802 val = (val < -19 ? -19 : val);
803 val = (val > 19 ? 19 : val);
804
805 sh.flag.nice = val;
806 SL_RETURN((0), _("sh_readconf_set_nice"));
807}
808
809#ifdef FANCY_LIBCAP
810int sh_readconf_setCaps(const char * c)
811{
812 int i;
813 SL_ENTER(_("sh_readconf_setCaps"));
814
815 i = sh_util_flagval(c, &sl_useCaps);
816 SL_RETURN((i), _("sh_readconf_setCaps"));
817}
818#endif
819
820typedef struct _cfg_options {
821 const char * optname;
822 ShSectionType section;
823 ShSectionType alt_section;
824 int (*func)(const char * opt);
825} cfg_options;
826
827#if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
828extern int sh_set_schedule_one(const char * str);
829extern int sh_set_schedule_two(const char * str);
830#endif
831#if defined (SH_WITH_SERVER)
832extern int sh_socket_use (const char * c);
833extern int sh_socket_uid (const char * c);
834extern int sh_socket_password (const char * c);
835#endif
836
837cfg_options ext_table[] = {
838#if defined(WITH_EXTERNAL)
839 { N_("opencommand"), SH_SECTION_EXTERNAL, SH_SECTION_NONE,
840 sh_ext_setcommand },
841 { N_("closecommand"), SH_SECTION_EXTERNAL, SH_SECTION_NONE,
842 sh_ext_close_command },
843 { N_("setcommandline"), SH_SECTION_EXTERNAL, SH_SECTION_NONE,
844 sh_ext_add_argv },
845 { N_("setchecksum"), SH_SECTION_EXTERNAL, SH_SECTION_NONE,
846 sh_ext_checksum },
847 { N_("setdefault"), SH_SECTION_EXTERNAL, SH_SECTION_NONE,
848 sh_ext_add_default },
849 { N_("setenviron"), SH_SECTION_EXTERNAL, SH_SECTION_NONE,
850 sh_ext_add_environ },
851 { N_("setdeadtime"), SH_SECTION_EXTERNAL, SH_SECTION_NONE,
852 sh_ext_deadtime },
853 { N_("settype"), SH_SECTION_EXTERNAL, SH_SECTION_NONE,
854 sh_ext_type },
855 { N_("setcredentials"), SH_SECTION_EXTERNAL, SH_SECTION_NONE,
856 sh_ext_priv },
857 { N_("setfilternot"), SH_SECTION_EXTERNAL, SH_SECTION_NONE,
858 sh_ext_add_not },
859 { N_("setfilterand"), SH_SECTION_EXTERNAL, SH_SECTION_NONE,
860 sh_ext_add_and },
861 { N_("setfilteror"), SH_SECTION_EXTERNAL, SH_SECTION_NONE,
862 sh_ext_add_or },
863 { N_("externalseverity"),SH_SECTION_LOG, SH_SECTION_EXTERNAL,
864 sh_error_set_external },
865 { N_("externalclass"), SH_SECTION_LOG, SH_SECTION_EXTERNAL,
866 sh_error_external_mask },
867#endif
868
869#if defined(WITH_DATABASE)
870 { N_("usepersistent"), SH_SECTION_DATABASE, SH_SECTION_NONE,
871 sh_database_use_persistent },
872 { N_("setdbname"), SH_SECTION_DATABASE, SH_SECTION_NONE,
873 sh_database_set_database },
874 { N_("setdbtable"), SH_SECTION_DATABASE, SH_SECTION_NONE,
875 sh_database_set_table },
876 { N_("setdbhost"), SH_SECTION_DATABASE, SH_SECTION_NONE,
877 sh_database_set_host },
878 { N_("setdbuser"), SH_SECTION_DATABASE, SH_SECTION_NONE,
879 sh_database_set_user },
880 { N_("setdbpassword"), SH_SECTION_DATABASE, SH_SECTION_NONE,
881 sh_database_set_password },
882 { N_("addtodbhash"), SH_SECTION_DATABASE, SH_SECTION_NONE,
883 sh_database_add_to_hash },
884 { N_("databaseseverity"),SH_SECTION_LOG, SH_SECTION_DATABASE,
885 sh_error_set_database },
886 { N_("databaseclass"), SH_SECTION_LOG, SH_SECTION_DATABASE,
887 sh_error_database_mask },
888 { N_("setdbservertstamp"), SH_SECTION_DATABASE, SH_SECTION_NONE,
889 set_enter_wrapper },
890#endif
891
892
893#if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
894 { N_("dir"), SH_SECTION_ATTRIBUTES, SH_SECTION_NONE,
895 sh_files_pushdir_attr },
896 { N_("file"), SH_SECTION_ATTRIBUTES, SH_SECTION_NONE,
897 sh_files_pushfile_attr },
898 { N_("dir"), SH_SECTION_READONLY, SH_SECTION_NONE,
899 sh_files_pushdir_ro },
900 { N_("file"), SH_SECTION_READONLY, SH_SECTION_NONE,
901 sh_files_pushfile_ro },
902 { N_("dir"), SH_SECTION_LOGFILES, SH_SECTION_NONE,
903 sh_files_pushdir_log },
904 { N_("file"), SH_SECTION_LOGFILES, SH_SECTION_NONE,
905 sh_files_pushfile_log },
906 { N_("dir"), SH_SECTION_LOGGROW, SH_SECTION_NONE,
907 sh_files_pushdir_glog },
908 { N_("file"), SH_SECTION_LOGGROW, SH_SECTION_NONE,
909 sh_files_pushfile_glog },
910 { N_("dir"), SH_SECTION_NOIGNORE, SH_SECTION_NONE,
911 sh_files_pushdir_noig },
912 { N_("file"), SH_SECTION_NOIGNORE, SH_SECTION_NONE,
913 sh_files_pushfile_noig },
914 { N_("dir"), SH_SECTION_ALLIGNORE, SH_SECTION_NONE,
915 sh_files_pushdir_allig },
916 { N_("file"), SH_SECTION_ALLIGNORE, SH_SECTION_NONE,
917 sh_files_pushfile_allig },
918
919 { N_("dir"), SH_SECTION_USER0, SH_SECTION_NONE,
920 sh_files_pushdir_user0 },
921 { N_("file"), SH_SECTION_USER0, SH_SECTION_NONE,
922 sh_files_pushfile_user0 },
923 { N_("dir"), SH_SECTION_USER1, SH_SECTION_NONE,
924 sh_files_pushdir_user1 },
925 { N_("file"), SH_SECTION_USER1, SH_SECTION_NONE,
926 sh_files_pushfile_user1 },
927 { N_("dir"), SH_SECTION_USER2, SH_SECTION_NONE,
928 sh_files_pushdir_user2 },
929 { N_("file"), SH_SECTION_USER2, SH_SECTION_NONE,
930 sh_files_pushfile_user2 },
931 { N_("dir"), SH_SECTION_USER3, SH_SECTION_NONE,
932 sh_files_pushdir_user3 },
933 { N_("file"), SH_SECTION_USER3, SH_SECTION_NONE,
934 sh_files_pushfile_user3 },
935 { N_("dir"), SH_SECTION_USER4, SH_SECTION_NONE,
936 sh_files_pushdir_user4 },
937 { N_("file"), SH_SECTION_USER4, SH_SECTION_NONE,
938 sh_files_pushfile_user4 },
939 { N_("dir"), SH_SECTION_PRELINK, SH_SECTION_NONE,
940 sh_files_pushdir_prelink },
941 { N_("file"), SH_SECTION_PRELINK, SH_SECTION_NONE,
942 sh_files_pushfile_prelink },
943
944 { N_("ignoreadded"), SH_SECTION_MISC, SH_SECTION_NONE,
945 sh_ignore_add_new },
946 { N_("ignoremissing"), SH_SECTION_MISC, SH_SECTION_NONE,
947 sh_ignore_add_del },
948
949 { N_("filecheckscheduleone"), SH_SECTION_MISC, SH_SECTION_NONE,
950 sh_set_schedule_one },
951 { N_("filecheckscheduletwo"), SH_SECTION_MISC, SH_SECTION_NONE,
952 sh_set_schedule_two },
953
954 { N_("usehardlinkcheck"), SH_SECTION_MISC, SH_SECTION_NONE,
955 sh_files_check_hardlinks },
956 { N_("usersrccheck"), SH_SECTION_MISC, SH_SECTION_NONE,
957 sh_files_use_rsrc },
958 { N_("hardlinkoffset"), SH_SECTION_MISC, SH_SECTION_NONE,
959 sh_files_hle_reg },
960#if defined(USE_XATTR)
961 { N_("useselinuxcheck"), SH_SECTION_MISC, SH_SECTION_NONE,
962 sh_unix_setcheckselinux },
963#endif
964#if defined(USE_ACL)
965 { N_("useaclcheck"), SH_SECTION_MISC, SH_SECTION_NONE,
966 sh_unix_setcheckacl },
967#endif
968 { N_("loosedircheck"), SH_SECTION_MISC, SH_SECTION_NONE,
969 sh_hash_loosedircheck },
970 { N_("addokchars"), SH_SECTION_MISC, SH_SECTION_NONE,
971 sh_util_obscure_ok },
972 { N_("filenamesareutf8"), SH_SECTION_MISC, SH_SECTION_NONE,
973 sh_util_obscure_utf8 },
974 { N_("setrecursionlevel"), SH_SECTION_MISC, SH_SECTION_NONE,
975 sh_files_setrecursion },
976 { N_("checksumtest"), SH_SECTION_MISC, SH_SECTION_NONE,
977 sh_util_setchecksum },
978 { N_("reportonlyonce"), SH_SECTION_MISC, SH_SECTION_NONE,
979 sh_files_reportonce },
980 { N_("reportfulldetail"), SH_SECTION_MISC, SH_SECTION_NONE,
981 sh_files_fulldetail },
982 { N_("uselocaltime"), SH_SECTION_MISC, SH_SECTION_NONE,
983 sh_unix_uselocaltime },
984
985 { N_("setnicelevel"), SH_SECTION_MISC, SH_SECTION_NONE,
986 sh_readconf_set_nice },
987
988#if defined(FANCY_LIBCAP)
989 { N_("usecaps"), SH_SECTION_MISC, SH_SECTION_NONE,
990 sh_readconf_setCaps },
991#endif
992
993 { N_("setdropcache"), SH_SECTION_MISC, SH_SECTION_NONE,
994 sl_set_drop_cache },
995
996 { N_("setiolimit"), SH_SECTION_MISC, SH_SECTION_NONE,
997 sh_unix_set_io_limit },
998
999 { N_("versionstring"), SH_SECTION_MISC, SH_SECTION_NONE,
1000 sh_hash_version_string },
1001
1002 { N_("digestalgo"), SH_SECTION_MISC, SH_SECTION_NONE,
1003 sh_tiger_hashtype },
1004
1005 { N_("redefreadonly"), SH_SECTION_MISC, SH_SECTION_NONE,
1006 sh_files_redef_readonly },
1007
1008 { N_("redeflogfiles"), SH_SECTION_MISC, SH_SECTION_NONE,
1009 sh_files_redef_logfiles },
1010
1011 { N_("redefgrowinglogfiles"), SH_SECTION_MISC, SH_SECTION_NONE,
1012 sh_files_redef_loggrow },
1013
1014 { N_("redefattributes"), SH_SECTION_MISC, SH_SECTION_NONE,
1015 sh_files_redef_attributes },
1016
1017 { N_("redefignorenone"), SH_SECTION_MISC, SH_SECTION_NONE,
1018 sh_files_redef_noignore },
1019
1020 { N_("redefignoreall"), SH_SECTION_MISC, SH_SECTION_NONE,
1021 sh_files_redef_allignore },
1022
1023 { N_("redefuser0"), SH_SECTION_MISC, SH_SECTION_NONE,
1024 sh_files_redef_user0 },
1025
1026 { N_("redefuser1"), SH_SECTION_MISC, SH_SECTION_NONE,
1027 sh_files_redef_user1 },
1028
1029 { N_("redefuser2"), SH_SECTION_MISC, SH_SECTION_NONE,
1030 sh_files_redef_user2 },
1031
1032 { N_("redefuser3"), SH_SECTION_MISC, SH_SECTION_NONE,
1033 sh_files_redef_user3 },
1034
1035 { N_("redefuser4"), SH_SECTION_MISC, SH_SECTION_NONE,
1036 sh_files_redef_user4 },
1037
1038 { N_("redefprelink"), SH_SECTION_MISC, SH_SECTION_NONE,
1039 sh_files_redef_prelink },
1040
1041
1042 { N_("setprelinkpath"), SH_SECTION_MISC, SH_SECTION_NONE,
1043 sh_prelink_set_path },
1044 { N_("setprelinkchecksum"), SH_SECTION_MISC, SH_SECTION_NONE,
1045 sh_prelink_set_hash },
1046
1047 /* client or standalone
1048 */
1049#endif
1050
1051#ifdef SH_WITH_SERVER
1052#ifdef INET_SYSLOG
1053 { N_("setudpactive"), SH_SECTION_SRV, SH_SECTION_MISC,
1054 set_syslog_active },
1055#endif
1056 { N_("setusesocket"), SH_SECTION_SRV, SH_SECTION_MISC,
1057 sh_socket_use },
1058 { N_("setsocketallowuid"), SH_SECTION_SRV, SH_SECTION_MISC,
1059 sh_socket_uid },
1060 { N_("setsocketpassword"), SH_SECTION_SRV, SH_SECTION_MISC,
1061 sh_socket_password },
1062 { N_("setstripdomain"), SH_SECTION_SRV, SH_SECTION_MISC,
1063 sh_forward_set_strip },
1064 { N_("useseparatelogs"), SH_SECTION_SRV, SH_SECTION_MISC,
1065 set_flag_sep_log },
1066 { N_("setchrootdir"), SH_SECTION_SRV, SH_SECTION_MISC,
1067 sh_unix_set_chroot },
1068 { N_("setclienttimelimit"), SH_SECTION_SRV, SH_SECTION_MISC,
1069 sh_forward_set_time_limit },
1070 { N_("setconnectiontimeout"),SH_SECTION_SRV, SH_SECTION_MISC,
1071 sh_forward_set_timeout },
1072 { N_("useclientseverity"), SH_SECTION_SRV, SH_SECTION_MISC,
1073 sh_forward_use_clt_sev },
1074 { N_("useclientclass"), SH_SECTION_SRV, SH_SECTION_MISC,
1075 sh_forward_use_clt_class },
1076 { N_("severitylookup"), SH_SECTION_SRV, SH_SECTION_MISC,
1077 sh_forward_lookup_level },
1078 { N_("setclientfromaccept"), SH_SECTION_SRV, SH_SECTION_MISC,
1079 set_socket_peer },
1080 { N_("setserverport"), SH_SECTION_SRV, SH_SECTION_MISC,
1081 sh_forward_set_port },
1082 { N_("setserverinterface"), SH_SECTION_SRV, SH_SECTION_MISC,
1083 sh_forward_set_interface },
1084 { N_("client"), SH_SECTION_CLIENTS, SH_SECTION_NONE,
1085 sh_forward_register_client },
1086#endif
1087
1088#if defined(SH_WITH_CLIENT) || defined(SH_WITH_SERVER)
1089 { N_("exportseverity"), SH_SECTION_LOG, SH_SECTION_NONE,
1090 sh_error_setexport },
1091 { N_("exportclass"), SH_SECTION_LOG, SH_SECTION_NONE,
1092 sh_error_export_mask },
1093#if defined(SH_WITH_SERVER)
1094 { N_("setlogserver"), SH_SECTION_SRV, SH_SECTION_MISC,
1095 sh_forward_setlogserver },
1096#else
1097 { N_("setlogserver"), SH_SECTION_CLT, SH_SECTION_MISC,
1098 sh_forward_setlogserver },
1099 { N_("setthrottle"), SH_SECTION_CLT, SH_SECTION_MISC,
1100 sh_forward_set_throttle_delay},
1101#endif
1102#endif
1103 { N_("setfilechecktime"), SH_SECTION_MISC, SH_SECTION_NONE,
1104 sh_readconf_setFiletime },
1105 { N_("setlooptime"), SH_SECTION_MISC, SH_SECTION_NONE,
1106 sh_util_setlooptime },
1107
1108#ifdef SH_WITH_MAIL
1109 { N_("mailseverity"), SH_SECTION_LOG, SH_SECTION_NONE,
1110 sh_error_setseverity },
1111 { N_("mailclass"), SH_SECTION_LOG, SH_SECTION_NONE,
1112 sh_error_mail_mask },
1113 { N_("setmailtime"), SH_SECTION_MAIL, SH_SECTION_MISC,
1114 sh_readconf_setMailtime },
1115 { N_("setmailnum"), SH_SECTION_MAIL, SH_SECTION_MISC,
1116 sh_mail_setNum },
1117 { N_("setmailrelay"), SH_SECTION_MAIL, SH_SECTION_MISC,
1118 sh_mail_set_relay },
1119 { N_("setmailport"), SH_SECTION_MAIL, SH_SECTION_MISC,
1120 sh_mail_set_port },
1121 { N_("mailsingle"), SH_SECTION_MAIL, SH_SECTION_MISC,
1122 sh_mail_setFlag },
1123 { N_("mailsubject"), SH_SECTION_MAIL, SH_SECTION_MISC,
1124 set_mail_subject },
1125 { N_("setmailsender"), SH_SECTION_MAIL, SH_SECTION_MISC,
1126 sh_mail_set_sender },
1127 { N_("setmailalias"), SH_SECTION_MAIL, SH_SECTION_MISC,
1128 sh_nmail_add_alias },
1129 { N_("setmailaddress"), SH_SECTION_MAIL, SH_SECTION_MISC,
1130 sh_nmail_add_recipient },
1131 { N_("closeaddress"), SH_SECTION_MAIL, SH_SECTION_MISC,
1132 sh_nmail_close_recipient },
1133 { N_("setaddrseverity"), SH_SECTION_MAIL, SH_SECTION_MISC,
1134 sh_nmail_set_severity },
1135 { N_("setmailfilternot"), SH_SECTION_MAIL, SH_SECTION_MISC,
1136 sh_nmail_add_not },
1137 { N_("setmailfilterand"), SH_SECTION_MAIL, SH_SECTION_MISC,
1138 sh_nmail_add_and },
1139 { N_("setmailfilteror"), SH_SECTION_MAIL, SH_SECTION_MISC,
1140 sh_nmail_add_or },
1141#endif
1142 { N_("setbindaddress"), SH_SECTION_MISC, SH_SECTION_NONE,
1143 sh_calls_set_bind_addr },
1144 { N_("daemon"), SH_SECTION_MISC, SH_SECTION_NONE,
1145 sh_unix_setdeamon },
1146 { N_("samhainpath"), SH_SECTION_MISC, SH_SECTION_NONE,
1147 sh_unix_self_hash },
1148 { N_("trusteduser"), SH_SECTION_MISC, SH_SECTION_NONE,
1149 tf_add_trusted_user },
1150 { N_("settimeserver"), SH_SECTION_MISC, SH_SECTION_NONE,
1151 sh_unix_settimeserver },
1152
1153 { N_("printseverity"), SH_SECTION_LOG, SH_SECTION_NONE,
1154 sh_error_setprint },
1155 { N_("printclass"), SH_SECTION_LOG, SH_SECTION_NONE,
1156 sh_error_print_mask },
1157
1158 { N_("logseverity"), SH_SECTION_LOG, SH_SECTION_NONE,
1159 sh_error_setlog },
1160 { N_("logclass"), SH_SECTION_LOG, SH_SECTION_NONE,
1161 sh_error_log_mask },
1162
1163 { N_("syslogseverity"), SH_SECTION_LOG, SH_SECTION_NONE,
1164 sh_error_set_syslog },
1165 { N_("syslogclass"), SH_SECTION_LOG, SH_SECTION_NONE,
1166 sh_error_syslog_mask },
1167#ifdef HAVE_LIBPRELUDE
1168 { N_("preludeseverity"), SH_SECTION_LOG, SH_SECTION_NONE,
1169 sh_error_set_prelude },
1170 { N_("preludeclass"), SH_SECTION_LOG, SH_SECTION_NONE,
1171 sh_error_prelude_mask },
1172 { N_("preludeprofile"), SH_SECTION_MISC, SH_SECTION_NONE,
1173 sh_prelude_set_profile },
1174 { N_("preludemaptoinfo"), SH_SECTION_MISC, SH_SECTION_NONE,
1175 sh_prelude_map_info },
1176 { N_("preludemaptolow"), SH_SECTION_MISC, SH_SECTION_NONE,
1177 sh_prelude_map_low },
1178 { N_("preludemaptomedium"), SH_SECTION_MISC, SH_SECTION_NONE,
1179 sh_prelude_map_medium },
1180 { N_("preludemaptohigh"), SH_SECTION_MISC, SH_SECTION_NONE,
1181 sh_prelude_map_high },
1182#endif
1183
1184 { N_("logcalls"), SH_SECTION_LOG, SH_SECTION_NONE,
1185 sh_aud_set_functions },
1186
1187 { N_("messageheader"), SH_SECTION_MISC, SH_SECTION_NONE,
1188 sh_error_ehead },
1189
1190 { N_("setconsole"), SH_SECTION_MISC, SH_SECTION_NONE,
1191 sh_log_set_console },
1192
1193#ifdef WITH_MESSAGE_QUEUE
1194 { N_("messagequeueactive"),SH_SECTION_MISC, SH_SECTION_NONE,
1195 enable_msgq },
1196#endif
1197
1198 { N_("setreverselookup"), SH_SECTION_MISC, SH_SECTION_NONE,
1199 set_reverse_lookup },
1200
1201 { N_("setdatabasepath"), SH_SECTION_MISC, SH_SECTION_NONE,
1202 sh_readconf_set_database_path },
1203
1204 { N_("setlogfilepath"), SH_SECTION_MISC, SH_SECTION_NONE,
1205 sh_readconf_set_logfile_path },
1206
1207 { N_("setlockfilepath"), SH_SECTION_MISC, SH_SECTION_NONE,
1208 sh_readconf_set_lockfile_path },
1209
1210 { N_("hidesetup"), SH_SECTION_MISC, SH_SECTION_NONE,
1211 sh_util_hidesetup },
1212
1213 { N_("syslogfacility"), SH_SECTION_LOG, SH_SECTION_MISC,
1214 sh_log_set_facility },
1215
1216 { N_("syslogmapstampto"), SH_SECTION_LOG, SH_SECTION_MISC,
1217 sh_log_set_stamp_priority },
1218
1219 { N_("mactype"), SH_SECTION_MISC, SH_SECTION_NONE,
1220 sh_util_sigtype },
1221
1222 { NULL, 0, 0, NULL}
1223};
1224
1225
1226
1227
1228static int sh_readconfig_line (char * line)
1229{
1230 char * key;
1231 const char * value;
1232 char * tmp;
1233 int i;
1234 int good_opt = -1;
1235
1236#if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
1237 int modnum, modkey;
1238#endif
1239
1240 static const char *dummy = N_("dummy");
1241
1242 static const char *closing[] = {
1243 N_("closecommand"),
1244 N_("closeaddress"),
1245 N_("logmonendgroup"),
1246 N_("logmonendhost"),
1247 NULL
1248 };
1249
1250 static const char *ident[] = {
1251 N_("severityreadonly"),
1252 N_("severitylogfiles"),
1253 N_("severitygrowinglogs"),
1254 N_("severityignorenone"),
1255 N_("severityignoreall"),
1256 N_("severityattributes"),
1257 N_("severitydirs"),
1258 N_("severityfiles"),
1259 N_("severitynames"),
1260 N_("severityuser0"),
1261 N_("severityuser1"),
1262 N_("severityuser2"),
1263 N_("severityuser3"),
1264 N_("severityuser4"),
1265 N_("severityprelink"),
1266 NULL
1267 };
1268
1269 static int identnum[] = {
1270 SH_ERR_T_RO,
1271 SH_ERR_T_LOGS,
1272 SH_ERR_T_GLOG,
1273 SH_ERR_T_NOIG,
1274 SH_ERR_T_ALLIG,
1275 SH_ERR_T_ATTR,
1276 SH_ERR_T_DIR,
1277 SH_ERR_T_FILE,
1278 SH_ERR_T_NAME,
1279 SH_ERR_T_USER0,
1280 SH_ERR_T_USER1,
1281 SH_ERR_T_USER2,
1282 SH_ERR_T_USER3,
1283 SH_ERR_T_USER4,
1284 SH_ERR_T_PRELINK,
1285 };
1286
1287 SL_ENTER(_("sh_readconf_line"));
1288
1289 /* convert to lowercase */
1290
1291 tmp = line;
1292 while (*tmp != '=' && *tmp != '\0')
1293 {
1294 *tmp = tolower( (int) *tmp);
1295 ++tmp;
1296 }
1297
1298 key = line;
1299
1300 /* interpret line */
1301
1302 value = strchr(line, '=');
1303
1304 if (value == NULL || (*value) == '\0')
1305 {
1306 if (key != NULL)
1307 {
1308 i = 0;
1309 while (closing[i] != NULL)
1310 {
1311 if (sl_strncmp(key,_(closing[i]),sl_strlen(closing[i])-1) == 0)
1312 {
1313 value = dummy;
1314 goto ok_novalue;
1315 }
1316 ++i;
1317 }
1318
1319 TPT(( 0, FIL__, __LINE__, _("msg=<ConfigFile: not key=value: %s>\n"),
1320 line));
1321 }
1322 SL_RETURN(good_opt, _("sh_readconf_line"));
1323 }
1324 else
1325 ++value;
1326
1327 /* skip leading whitespace
1328 */
1329 while ((*value) == ' ' || (*value) == '\t')
1330 ++value;
1331
1332 if ((*value) == '\0') /* no value */
1333 {
1334 if (key != NULL)
1335 {
1336 TPT(( 0, FIL__, __LINE__, _("msg=<ConfigFile: not key=value: %s>\n"),
1337 line));
1338 }
1339 SL_RETURN(good_opt, _("sh_readconf_line"));
1340 }
1341
1342 ok_novalue:
1343
1344 if (!sl_is_suid())
1345 {
1346 TPT(( 0, FIL__, __LINE__, _("msg=<ConfigFile: %s>\n"), line));
1347 }
1348
1349 /* Expand shell expressions. This return allocated memory which we must free.
1350 */
1351 value = sh_readconf_expand_value(value);
1352
1353 if (!value || (*value) == '\0')
1354 {
1355 TPT(( 0, FIL__, __LINE__, _("msg=<ConfigFile: empty after shell expansion: %s>\n"),
1356 line));
1357 SL_RETURN(good_opt, _("sh_readconf_line"));
1358 }
1359
1360#if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
1361 if (read_mode == SH_SECTION_OTHER)
1362 {
1363 for (modnum = 0; modList[modnum].name != NULL; ++modnum)
1364 {
1365 for (modkey = 0; modList[modnum].conf_table[modkey].the_opt != NULL;
1366 ++modkey)
1367 {
1368 if (sl_strncmp (key,
1369 _(modList[modnum].conf_table[modkey].the_opt),
1370 sl_strlen(modList[modnum].conf_table[modkey].the_opt) ) == 0)
1371 {
1372 good_opt = 0;
1373 if (0 != modList[modnum].conf_table[modkey].func(value))
1374 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALS,
1375 _(modList[modnum].conf_table[modkey].the_opt), value);
1376 if (!sl_is_suid())
1377 {
1378 TPT(( 0, FIL__, __LINE__,
1379 _("msg=<line = %s, option = %s>\n"), line,
1380 _(modList[modnum].conf_table[modkey].the_opt)));
1381 }
1382 goto outburst;
1383 }
1384 }
1385 }
1386 }
1387 outburst:
1388#endif
1389
1390
1391 if (read_mode == SH_SECTION_THRESHOLD)
1392 {
1393 i = 0;
1394 while (ident[i] != NULL) {
1395 if (sl_strncmp (key, _(ident[i]), sl_strlen(ident[i])) == 0)
1396 {
1397 good_opt = 0;
1398 sh_error_set_iv (identnum[i], value);
1399 break;
1400 }
1401 ++i;
1402 }
1403 }
1404 else
1405 {
1406 i = 0;
1407 while (ext_table[i].optname != NULL)
1408 {
1409 if ((ext_table[i].section == read_mode ||
1410 ext_table[i].alt_section == read_mode) &&
1411 sl_strncmp (key, _(ext_table[i].optname),
1412 sl_strlen(ext_table[i].optname)) == 0)
1413 {
1414 good_opt = 0;
1415 if (0 != ext_table[i].func (value))
1416 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_EINVALS,
1417 _(ext_table[i].optname), value);
1418 break;
1419 }
1420 ++i;
1421 }
1422 }
1423
1424 SH_FREE((char*)value);
1425
1426 SL_RETURN(good_opt, _("sh_readconf_line"));
1427}
1428
1429
Note: See TracBrowser for help on using the repository browser.