Changeset 149
- Timestamp:
- Jan 7, 2008, 8:52:13 PM (17 years ago)
- Location:
- trunk
- Files:
-
- 26 edited
-
Makefile.in (modified) (1 diff)
-
configure.ac (modified) (1 diff)
-
depend.dep (modified) (2 diffs)
-
depend.sum (modified) (1 diff)
-
docs/Changelog (modified) (1 diff)
-
docs/MANUAL-2_3.html.tar (modified) ( previous)
-
include/samhain.h (modified) (3 diffs)
-
include/sh_mem.h (modified) (1 diff)
-
include/sh_suidchk.h (modified) (1 diff)
-
include/sh_unix.h (modified) (1 diff)
-
include/sh_utils.h (modified) (4 diffs)
-
include/sh_utmp.h (modified) (1 diff)
-
include/slib.h (modified) (2 diffs)
-
src/cutest_sh_hash.c (modified) (3 diffs)
-
src/samhain.c (modified) (7 diffs)
-
src/sh_hash.c (modified) (81 diffs)
-
src/sh_mem.c (modified) (12 diffs)
-
src/sh_modules.c (modified) (2 diffs)
-
src/sh_mounts.c (modified) (2 diffs)
-
src/sh_portcheck.c (modified) (53 diffs)
-
src/sh_suidchk.c (modified) (3 diffs)
-
src/sh_unix.c (modified) (3 diffs)
-
src/sh_userfiles.c (modified) (1 diff)
-
src/sh_utils.c (modified) (2 diffs)
-
src/sh_utmp.c (modified) (2 diffs)
-
test/testrun_1e.sh (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/Makefile.in
r147 r149 1647 1647 sh_tiger1_64.o: $(srcsrc)/sh_tiger1_64.c Makefile config_xor.h 1648 1648 sh_tiger2_64.o: $(srcsrc)/sh_tiger2_64.c Makefile config_xor.h 1649 sh_hash.o: $(srcsrc)/sh_hash.c Makefile config_xor.h $(srcinc)/sh_hash.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_tiger.h $(srcinc)/sh_gpg.h $(srcinc)/sh_unix.h $(srcinc)/sh_files.h $(srcinc)/sh_ignore.h $(srcinc)/sh_ forward.h $(srcinc)/sh_hash.h1649 sh_hash.o: $(srcsrc)/sh_hash.c Makefile config_xor.h $(srcinc)/sh_hash.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_tiger.h $(srcinc)/sh_gpg.h $(srcinc)/sh_unix.h $(srcinc)/sh_files.h $(srcinc)/sh_ignore.h $(srcinc)/sh_pthread.h $(srcinc)/sh_forward.h $(srcinc)/sh_hash.h 1650 1650 sh_mail.o: $(srcsrc)/sh_mail.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_mail.h $(srcinc)/sh_utils.h $(srcinc)/sh_fifo.h $(srcinc)/sh_tools.h $(srcinc)/sh_pthread.h $(srcinc)/sh_static.h $(srcinc)/sh_tools.h 1651 1651 sh_mem.o: $(srcsrc)/sh_mem.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h $(srcinc)/sh_mem.h $(srcinc)/sh_pthread.h -
trunk/configure.ac
r148 r149 13 13 dnl start 14 14 dnl 15 AM_INIT_AUTOMAKE(samhain, 2.4. 1a)15 AM_INIT_AUTOMAKE(samhain, 2.4.2) 16 16 AC_CANONICAL_HOST 17 17 -
trunk/depend.dep
r147 r149 13 13 sh_tiger1_64.o: $(srcsrc)/sh_tiger1_64.c Makefile config_xor.h 14 14 sh_tiger2_64.o: $(srcsrc)/sh_tiger2_64.c Makefile config_xor.h 15 sh_hash.o: $(srcsrc)/sh_hash.c Makefile config_xor.h $(srcinc)/sh_hash.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_tiger.h $(srcinc)/sh_gpg.h $(srcinc)/sh_unix.h $(srcinc)/sh_files.h $(srcinc)/sh_ignore.h $(srcinc)/sh_ forward.h $(srcinc)/sh_hash.h15 sh_hash.o: $(srcsrc)/sh_hash.c Makefile config_xor.h $(srcinc)/sh_hash.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_tiger.h $(srcinc)/sh_gpg.h $(srcinc)/sh_unix.h $(srcinc)/sh_files.h $(srcinc)/sh_ignore.h $(srcinc)/sh_pthread.h $(srcinc)/sh_forward.h $(srcinc)/sh_hash.h 16 16 sh_mail.o: $(srcsrc)/sh_mail.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_mail.h $(srcinc)/sh_utils.h $(srcinc)/sh_fifo.h $(srcinc)/sh_tools.h $(srcinc)/sh_pthread.h $(srcinc)/sh_static.h $(srcinc)/sh_tools.h 17 17 sh_mem.o: $(srcsrc)/sh_mem.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h $(srcinc)/sh_mem.h $(srcinc)/sh_pthread.h … … 58 58 sh_prelink.o: $(srcsrc)/sh_prelink.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_tiger.h $(srcinc)/sh_extern.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h 59 59 sh_static.o: $(srcsrc)/sh_static.c Makefile config_xor.h $(srcinc)/sh_pthread.h 60 sh_portcheck.o: $(srcsrc)/sh_portcheck.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_mem.h $(srcinc)/sh_calls.h $(srcinc)/sh_utils.h $(srcinc)/sh_modules.h $(srcinc)/sh_pthread.h $(srcinc)/CuTest.h 61 sh_processcheck.o: $(srcsrc)/sh_processcheck.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_modules.h $(srcinc)/sh_processcheck.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_extern.h $(srcinc)/sh_calls.h $(srcinc)/sh_pthread.h $(srcinc)/CuTest.h 60 62 sh_prelude_old.o: $(srcsrc)/sh_prelude_old.c Makefile config_xor.h $(srcinc)/slib.h $(srcinc)/sh_mem.h $(srcinc)/sh_cat.h $(srcinc)/sh_error_min.h $(srcinc)/sh_prelude.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h 63 sh_pthread.o: $(srcsrc)/sh_pthread.c Makefile config_xor.h $(srcinc)/sh_pthread.h $(srcinc)/sh_calls.h $(srcinc)/sh_modules.h 61 64 kern_head.o: $(srcsrc)/kern_head.c Makefile config.h $(srcinc)/kern_head.h $(srcinc)/kern_head.h 62 sh_async.o: $(srcsrc)/sh_async.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_calls.h $(srcinc)/sh_error.h63 sh_processcheck.o: $(srcsrc)/sh_processcheck.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_modules.h $(srcinc)/sh_processcheck.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_extern.h $(srcinc)/sh_calls.h $(srcinc)/sh_pthread.h $(srcinc)/CuTest.h64 sh_portcheck.o: $(srcsrc)/sh_portcheck.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_mem.h $(srcinc)/sh_calls.h $(srcinc)/sh_utils.h $(srcinc)/sh_modules.h $(srcinc)/sh_pthread.h $(srcinc)/CuTest.h65 sh_pthread.o: $(srcsrc)/sh_pthread.c Makefile config_xor.h $(srcinc)/sh_pthread.h $(srcinc)/sh_calls.h $(srcinc)/sh_modules.h -
trunk/depend.sum
r147 r149 1 1 5413141151 1156805991 -
trunk/docs/Changelog
r147 r149 1 2.4.2: 2 * make sh_hash.c thread-safe 3 * remove plenty of tiny allocations 4 * improve sh_mem_dump 5 * modify port check to run as thread 6 * fix unsetting of sh_thread_pause_flag (was too early) 7 8 2.4.1a: 9 * fix overwrite of ErrFlags (functionality bug) 10 1 11 2.4.1: 2 12 * security fix: regression in the seeding routine for the PRNG -
trunk/include/samhain.h
r143 r149 48 48 */ 49 49 #define SOCKPASS_MAX 14 50 #define USER_MAX 20 51 #define GROUP_MAX 20 52 #define TIM_MAX 32 53 50 #define USER_MAX 20 51 #define GROUP_MAX 20 52 #define TIM_MAX 32 53 54 #define CMODE_SIZE 11 55 56 #define ATTRBUF_SIZE 16 57 #define ATTRBUF_USED 12 54 58 55 59 /* The number of bytes in a key, … … 159 163 #define SET_SH_FFLAG_SUIDCHK(a) ((a) |= SH_FFLAG_SUIDCHK) 160 164 #define CLEAR_SH_FFLAG_SUIDCHK(a) ((a) &= ~SH_FFLAG_SUIDCHK) 161 162 165 163 166 … … 340 343 341 344 #if defined(__GNUC__) && (__GNUC__ >= 4) 342 #define SH_GNUC_NULL_TERMINATED __attribute__((__sentinel__)) 343 #else 344 #define SH_GNUC_NULL_TERMINATED 345 #endif 345 #define SH_GNUC_SENTINEL __attribute__((__sentinel__)) 346 #else 347 #define SH_GNUC_SENTINEL 348 #endif 349 350 #if defined(__GNUC__) && (__GNUC__ >= 3) 351 #undef SH_GNUC_PURE 352 #define SH_GNUC_PURE __attribute__((pure)) 353 #undef SH_GNUC_CONST 354 #define SH_GNUC_CONST __attribute__((const)) 355 #undef SH_GNUC_NORETURN 356 #define SH_GNUC_NORETURN __attribute__((noreturn)) 357 #undef SH_GNUC_MALLOC 358 #define SH_GNUC_MALLOC __attribute__((malloc)) 359 #else 360 #undef SH_GNUC_PURE 361 #define SH_GNUC_PURE 362 #undef SH_GNUC_CONST 363 #define SH_GNUC_CONST 364 #undef SH_GNUC_NORETURN 365 #define SH_GNUC_NORETURN 366 #undef SH_GNUC_MALLOC 367 #define SH_GNUC_MALLOC 368 #endif 369 346 370 347 371 /* The semantics of the built-in are that it is expected that expr == const -
trunk/include/sh_mem.h
r1 r149 38 38 #else 39 39 40 #if defined(__GNUC__) && (__GNUC__ >= 3) 41 #undef SH_GNUC_MALLOC 42 #define SH_GNUC_MALLOC __attribute__((malloc)) 43 #else 44 #undef SH_GNUC_MALLOC 45 #define SH_GNUC_MALLOC 46 #endif 40 47 41 48 void sh_mem_free (/*@only@*//*@out@*//*@null@*/ void * a); 42 /*@only@*//*@notnull@*/void * sh_mem_malloc (size_t size) ;49 /*@only@*//*@notnull@*/void * sh_mem_malloc (size_t size) SH_GNUC_MALLOC; 43 50 44 51 #define SH_FREE(a) sh_mem_free(a) -
trunk/include/sh_suidchk.h
r140 r149 6 6 7 7 #ifdef SH_USE_SUIDCHK 8 int sh_suidchk_init (struct mod_type * arg);9 int sh_suidchk_timer (time_t tcurrent);10 int sh_suidchk_check (void);11 int sh_suidchk_end (void);12 int sh_suidchk_ free_schedule(void);8 int sh_suidchk_init (struct mod_type * arg); 9 int sh_suidchk_timer (time_t tcurrent); 10 int sh_suidchk_check (void); 11 int sh_suidchk_end (void); 12 int sh_suidchk_reconf (void); 13 13 14 14 int sh_suidchk_set_activate (const char * c); -
trunk/include/sh_unix.h
r132 r149 120 120 #if defined(__linux__) || defined(HAVE_STAT_FLAGS) 121 121 unsigned long attributes; 122 char c_attributes[ 16];123 #endif 124 char c_mode[ 11];122 char c_attributes[ATTRBUF_SIZE]; 123 #endif 124 char c_mode[CMODE_SIZE]; 125 125 uid_t owner; 126 126 char c_owner[USER_MAX+2]; -
trunk/include/sh_utils.h
r138 r149 64 64 /* returns allocated memory 65 65 */ 66 char * sh_util_strdup (const char * str) ;66 char * sh_util_strdup (const char * str) SH_GNUC_MALLOC; 67 67 68 68 /* returns allocated memory 69 69 */ 70 char * sh_util_strdup_l (const char * str, size_t len) ;70 char * sh_util_strdup_l (const char * str, size_t len) SH_GNUC_MALLOC; 71 71 72 72 /* returns pointer within str … … 119 119 /* read a hexchar, return int value (0-15) 120 120 */ 121 int sh_util_hexchar( char c ) ;121 int sh_util_hexchar( char c ) SH_GNUC_CONST; 122 122 123 123 /* change verifier … … 159 159 * Argument list must be NULL terminated. 160 160 */ 161 char * sh_util_strconcat (const char * arg1, ...) SH_GNUC_ NULL_TERMINATED;161 char * sh_util_strconcat (const char * arg1, ...) SH_GNUC_MALLOC SH_GNUC_SENTINEL; 162 162 163 163 /* check if string is numeric only 164 164 */ 165 int sh_util_isnum (c har *str);165 int sh_util_isnum (const char *str) SH_GNUC_PURE; 166 166 167 167 /* init a key w/random string … … 176 176 /* returns freshly allocated memory, return value should be free'd 177 177 */ 178 char * sh_util_safe_name (const char * name) ;178 char * sh_util_safe_name (const char * name) SH_GNUC_MALLOC SH_GNUC_PURE; 179 179 180 180 /* check max size of printf result string -
trunk/include/sh_utmp.h
r140 r149 6 6 7 7 #ifdef SH_USE_UTMP 8 int sh_utmp_init (struct mod_type * arg);9 int sh_utmp_timer (time_t tcurrent);10 int sh_utmp_check (void);11 int sh_utmp_end (void);12 int sh_utmp_ null(void);8 int sh_utmp_init (struct mod_type * arg); 9 int sh_utmp_timer (time_t tcurrent); 10 int sh_utmp_check (void); 11 int sh_utmp_end (void); 12 int sh_utmp_reconf (void); 13 13 14 14 int sh_utmp_set_login_activate (const char * c); -
trunk/include/slib.h
r138 r149 63 63 #define SH_PWBUF_SIZE 4096 64 64 65 66 #if defined(__GNUC__) && (__GNUC__ >= 3) 67 #undef SL_GNUC_CONST 68 #define SL_GNUC_CONST __attribute__((const)) 69 #else 70 #undef SH_GNUC_CONST 71 #define SH_GNUC_CONST 72 #endif 65 73 66 74 /* … … 405 413 /* Overflow tests 406 414 */ 407 int sl_ok_muli (int a, int b) ;408 int sl_ok_divi (int a, int b) ;409 int sl_ok_addi (int a, int b) ;410 int sl_ok_subi (int a, int b) ;411 412 int sl_ok_muls (size_t a, size_t b) ;413 int sl_ok_adds (size_t a, size_t b) ;415 int sl_ok_muli (int a, int b) SL_GNUC_CONST; 416 int sl_ok_divi (int a, int b) SL_GNUC_CONST; 417 int sl_ok_addi (int a, int b) SL_GNUC_CONST; 418 int sl_ok_subi (int a, int b) SL_GNUC_CONST; 419 420 int sl_ok_muls (size_t a, size_t b) SL_GNUC_CONST; 421 int sl_ok_adds (size_t a, size_t b) SL_GNUC_CONST; 414 422 415 423 -
trunk/src/cutest_sh_hash.c
r76 r149 5 5 #include "CuTest.h" 6 6 7 extern char * quote_string (const char * str );8 extern char * unquote_string (const char * str );7 extern char * quote_string (const char * str, size_t len); 8 extern char * unquote_string (const char * str, size_t len); 9 9 10 10 void Test_quote_string_ok (CuTest *tc) { … … 19 19 char out2[] = "=0A=3Dfoo=0Aba=3Dr=0Atest=3D=0A"; 20 20 21 ret = quote_string(inp1 );21 ret = quote_string(inp1, strlen(inp1)); 22 22 CuAssertPtrNotNull(tc, ret); 23 23 CuAssertStrEquals(tc, out1, ret); 24 24 25 ret = quote_string(inp2 );25 ret = quote_string(inp2,strlen(inp2)); 26 26 CuAssertPtrNotNull(tc, ret); 27 27 CuAssertStrEquals(tc, out2, ret); … … 45 45 char inp3[] = "=00=3Dfoo=0Aba=3Dr=0Atest=3D=0A"; 46 46 47 ret = unquote_string(inp1 );47 ret = unquote_string(inp1, strlen(inp1)); 48 48 CuAssertPtrNotNull(tc, ret); 49 49 CuAssertStrEquals(tc, out1, ret); 50 50 51 ret = unquote_string(inp2 );51 ret = unquote_string(inp2, strlen(inp2)); 52 52 CuAssertPtrNotNull(tc, ret); 53 53 CuAssertStrEquals(tc, out2, ret); 54 54 55 ret = unquote_string(inp3 );55 ret = unquote_string(inp3, strlen(inp3)); 56 56 CuAssertPtrNotNull(tc, ret); 57 57 CuAssertStrEquals(tc, out3, ret); -
trunk/src/samhain.c
r145 r149 818 818 if (0 != stat(SH_INSTALL_PATH, &buf)) 819 819 { 820 dummy = pidlist;820 dummy = (pid_t *)pidlist; 821 821 free(dummy); 822 822 return NULL; … … 827 827 if (NULL == (dp = opendir("/proc"))) 828 828 { 829 dummy = pidlist;829 dummy = (pid_t *)pidlist; 830 830 free(dummy); 831 831 return NULL; … … 858 858 859 859 closedir(dp); 860 return pidlist;860 return (pid_t *)pidlist; 861 861 } 862 862 #else … … 1755 1755 for (modnum = 0; modList[modnum].name != NULL; ++modnum) 1756 1756 { 1757 if (modList[modnum].initval >= SH_MOD_ACTIVE) 1758 (void) modList[modnum].mod_reconf(); 1757 /* sh_thread_pause_flag is true, and we block in lock 1758 * until check has returned, so we are sure check will 1759 * not run until sh_thread_pause_flag is set to false 1760 */ 1761 /* if (modList[modnum].initval >= SH_MOD_ACTIVE) */ 1762 (void) modList[modnum].mod_reconf(); 1759 1763 } 1760 1764 #endif … … 1801 1805 } 1802 1806 1803 sh_thread_pause_flag = S_FALSE;1804 1807 1805 1808 /* --- Initialize modules. --- … … 1832 1835 } 1833 1836 } 1837 1838 /* module is properly set up now 1839 */ 1840 sh_thread_pause_flag = S_FALSE; 1834 1841 1835 1842 --sig_raised; … … 2069 2076 sh_hash_writeout (); 2070 2077 2078 /* no-op unless MEM_LOG is defined in sh_mem.c 2079 */ 2080 #ifdef MEM_DEBUG 2081 sh_mem_dump (); 2082 #endif 2083 2071 2084 /* no loop if not daemon 2072 2085 */ -
trunk/src/sh_hash.c
r137 r149 57 57 #include "sh_files.h" 58 58 #include "sh_ignore.h" 59 #include "sh_pthread.h" 59 60 60 61 #if defined(SH_WITH_CLIENT) … … 69 70 #define FIL__ _("sh_hash.c") 70 71 72 SH_MUTEX_STATIC(mutex_hash,PTHREAD_MUTEX_INITIALIZER); 73 74 const char notalink[2] = { '-', '\0' }; 75 71 76 static char * all_items (file_type * theFile, char * fileHash, int is_new); 72 77 73 78 #define QUOTE_CHAR '=' 74 79 75 char * unquote_string (const char * str )80 char * unquote_string (const char * str, size_t len) 76 81 { 77 82 int i = 0, t1, t2; 78 83 char * tmp = NULL; 79 size_t l en, l2, j, k = 0;84 size_t l2, j, k = 0; 80 85 81 86 SL_ENTER(_("unquote_string")); … … 83 88 if (str != NULL) 84 89 { 85 len = sl_strlen(str);86 90 l2 = len - 2; 87 91 tmp = SH_ALLOC(len + 1); … … 116 120 } 117 121 118 static char i2h[2]; 119 120 char * int2hex (unsigned char i) 122 123 static char * int2hex (unsigned char i, char * i2h) 121 124 { 122 125 static char hexchars[] = "0123456789ABCDEF"; … … 129 132 130 133 131 char * quote_string (const char * str )134 char * quote_string (const char * str, size_t len) 132 135 { 133 136 char * tmp; 134 137 char * tmp2; 135 size_t len, l2, j, i = 0, k = 0; 138 size_t l2, j, i = 0, k = 0; 139 char i2h[2]; 136 140 137 141 SL_ENTER(_("quote_string")); … … 141 145 SL_RETURN(NULL, _("quote_string")); 142 146 } 143 144 len = sl_strlen(str);145 147 146 148 for (j = 0; j < len; ++j) … … 164 166 if (str[j] == '\n') 165 167 { 166 tmp2 = int2hex((unsigned char) '\n' ); /* was 'n', fixed in 1.5.4 */168 tmp2 = int2hex((unsigned char) '\n', i2h); /* was 'n', fixed in 1.5.4 */ 167 169 tmp[k] = QUOTE_CHAR; ++k; 168 170 tmp[k] = tmp2[0]; ++k; … … 171 173 else if (str[j] == QUOTE_CHAR) 172 174 { 173 tmp2 = int2hex((unsigned char) QUOTE_CHAR );175 tmp2 = int2hex((unsigned char) QUOTE_CHAR, i2h); 174 176 tmp[k] = QUOTE_CHAR; ++k; 175 177 tmp[k] = tmp2[0]; ++k; … … 249 251 250 252 typedef struct store_info { 251 /* 252 char fullpath[MAX_PATH_STORE+2]; 253 char linkpath[MAX_PATH_STORE+2]; 254 */ 253 255 254 UINT32 mode; 256 255 UINT32 linkmode; … … 270 269 #if defined(__linux__) 271 270 UINT32 attributes; 272 char c_attributes[ 16];271 char c_attributes[ATTRBUF_SIZE]; 273 272 #endif 274 273 #else 275 274 /* #if defined(__linux__) */ 276 275 UINT32 attributes; 277 char c_attributes[ 16];276 char c_attributes[ATTRBUF_SIZE]; 278 277 /* endif */ 279 278 #endif … … 281 280 char c_owner[USER_MAX+2]; 282 281 char c_group[GROUP_MAX+2]; 283 char c_mode[ 11];282 char c_mode[CMODE_SIZE]; 284 283 char checksum[KEY_LEN+1]; 285 284 } sh_filestore_t; … … 351 350 { 352 351 file_type * theFile; 353 #if defined(__linux__) || defined(HAVE_STAT_FLAGS)354 int i = 16;355 #endif356 352 357 353 SL_ENTER(_("sh_hash_create_ft")); … … 362 358 theFile->mode = p->theFile.mode; 363 359 #if defined(__linux__) || defined(HAVE_STAT_FLAGS) 364 sl_strlcpy(theFile->c_attributes, p->theFile.c_attributes, i /* 16 */);360 sl_strlcpy(theFile->c_attributes, p->theFile.c_attributes, ATTRBUF_SIZE); 365 361 theFile->attributes = p->theFile.attributes; 366 362 #endif … … 431 427 char * str; 432 428 char hashbuf[KEYBUF_SIZE]; 429 int retval = 0; 433 430 434 431 /* -------- find the entry for the file ---------------- */ 432 433 SH_MUTEX_LOCK(mutex_hash); 435 434 436 435 if (sl_strlen(fullpath) <= MAX_PATH_STORE) … … 443 442 ); 444 443 if (p == NULL) 445 return -1; 444 { 445 retval = -1; 446 goto unlock_and_return; 447 } 446 448 447 449 theFile = sh_hash_create_ft (p, fileHash); … … 455 457 SH_FREE(theFile->attr_string); 456 458 SH_FREE(theFile); 457 return 0; 459 460 unlock_and_return: 461 SH_MUTEX_UNLOCK(mutex_hash); 462 return retval; 458 463 } 459 464 … … 564 569 if (p->linkpath) 565 570 { 566 SH_FREE(p->linkpath); 571 if (p->linkpath != notalink) 572 SH_FREE(p->linkpath); 567 573 p->linkpath = NULL; 568 574 } … … 624 630 625 631 SL_ENTER(_("sh_hash_unvisited")); 632 633 SH_MUTEX_LOCK(mutex_hash); 626 634 for (i = 0; i < TABSIZE; ++i) 627 635 { … … 629 637 hash_unvisited (i, tab[i], tab[i], level); 630 638 } 639 SH_MUTEX_UNLOCK(mutex_hash); 640 631 641 SL_RET0(_("hash_unvisited")); 632 642 } … … 655 665 if (p->linkpath) 656 666 { 657 SH_FREE(p->linkpath); 667 if (p->linkpath != notalink) 668 SH_FREE(p->linkpath); 658 669 p->linkpath = NULL; 659 670 } … … 721 732 q = p->next; 722 733 SH_FREE(p->fullpath); 723 if(p->linkpath )734 if(p->linkpath && p->linkpath != notalink) 724 735 SH_FREE(p->linkpath); 725 736 if(p->attr_string) … … 768 779 } 769 780 n = strlen(line); 770 if (n > 1) {781 if (n > 0) { 771 782 --n; 772 783 line[n] = '\0'; /* remove terminating '\n' */ … … 947 958 */ 948 959 i = sh_hash_getline (sh_fin_fd, line, size); 949 if (i < 0 )960 if (i <= 0 ) 950 961 { 951 962 SH_FREE(line); … … 961 972 } 962 973 963 tmp = unquote_string (line );974 tmp = unquote_string (line, i); 964 975 len = sl_strlen(tmp)+1; 965 976 fullpath = SH_ALLOC(len); … … 973 984 */ 974 985 i = sh_hash_getline (sh_fin_fd, line, size); 975 if (i < 0 )986 if (i <= 0 ) 976 987 { 977 988 SH_FREE(line); … … 988 999 } 989 1000 990 tmp = unquote_string (line); 991 len = sl_strlen(tmp)+1; 992 linkpath = SH_ALLOC(len); 993 (void) sl_strlcpy (linkpath, tmp, len); 1001 tmp = unquote_string (line, i); 1002 1003 if ( tmp && tmp[0] == '-' && 1004 (tmp[1] == '\0' || (tmp[1] == '\n' && tmp[2] == '\0'))) 1005 { 1006 linkpath = (char *)notalink; 1007 } 1008 else 1009 { 1010 len = sl_strlen(tmp)+1; 1011 linkpath = SH_ALLOC(len); 1012 (void) sl_strlcpy (linkpath, tmp, len); 1013 if (len > 1 && linkpath[len-2] == '\n') 1014 linkpath[len-2] = '\0'; 1015 } 1016 994 1017 if (tmp) 995 1018 SH_FREE(tmp); 996 if (linkpath[len-2] == '\n')997 linkpath[len-2] = '\0';998 1019 999 1020 /* Read next record -- Part Four -- attr_string … … 1002 1023 { 1003 1024 i = sh_hash_getline (sh_fin_fd, line, size); 1004 if (i < 0 )1025 if (i <= 0 ) 1005 1026 { 1006 1027 SH_FREE(line); 1007 1028 SH_FREE(fullpath); 1008 SH_FREE(linkpath); 1029 if (linkpath != notalink) 1030 SH_FREE(linkpath); 1009 1031 SH_FREE(p); 1010 1032 dlog(1, FIL__, __LINE__, … … 1018 1040 } 1019 1041 1020 tmp = unquote_string (line );1042 tmp = unquote_string (line, i); 1021 1043 1022 1044 len = sl_strlen(tmp)+1; … … 1044 1066 1045 1067 1046 if (ft.c_mode[0] == 'l' )1068 if (ft.c_mode[0] == 'l' && linkpath != notalink) 1047 1069 { 1048 1070 sh_do_decode(linkpath, sl_strlen(linkpath)); … … 1122 1144 SL_ENTER(_("sh_hash_init")); 1123 1145 1124 if (IsInit == 1) 1125 SL_RET0(_("sh_hash_init")); 1126 1127 for (i = 0; i < TABSIZE; ++i) 1128 tab[i] = NULL; 1146 SH_MUTEX_LOCK(mutex_hash); 1147 1148 if (IsInit == 1) 1149 { 1150 goto unlock_and_return; 1151 } 1129 1152 1130 1153 #if defined(SH_WITH_CLIENT) … … 1290 1313 sh_hash_setdataent(fd, line, MAX_PATH_STORE, file_path('D', 'R')); 1291 1314 1315 for (i = 0; i < TABSIZE; ++i) 1316 tab[i] = NULL; 1317 1292 1318 while (1) 1293 1319 { … … 1308 1334 break; 1309 1335 } 1336 1337 /* Initialization completed. 1338 */ 1339 IsInit = 1; 1310 1340 1311 1341 if (line != NULL) … … 1318 1348 fd = -1; 1319 1349 1320 /* --- Initialization done successfully. --- 1321 */ 1322 IsInit = 1; 1350 unlock_and_return: 1351 SH_MUTEX_UNLOCK(mutex_hash); 1323 1352 SL_RET0(_("sh_hash_init")); 1324 1353 } … … 1334 1363 1335 1364 SL_ENTER(_("sh_hash_hashdelete")); 1365 SH_MUTEX_LOCK(mutex_hash); 1336 1366 1337 1367 if (IsInit == 0) 1338 SL_RET0(_("sh_hash_hashdelete")); 1368 goto unlock_and_exit; 1369 1339 1370 for (i = 0; i < TABSIZE; ++i) 1340 1371 if (tab[i] != NULL) … … 1344 1375 } 1345 1376 IsInit = 0; 1377 1378 unlock_and_exit: 1379 SH_MUTEX_UNLOCK(mutex_hash); 1346 1380 SL_RET0(_("sh_hash_hashdelete")); 1347 1381 } … … 1385 1419 1386 1420 1387 void sh_hash_pushdata(file_type * buf, char * fileHash)1421 static void sh_hash_pushdata_int (file_type * buf, char * fileHash) 1388 1422 { 1389 1423 static long p_count = 0; … … 1394 1428 size_t tmp_len = 0; 1395 1429 size_t old_len = 0; 1430 size_t path_len = 0; 1396 1431 1397 1432 sh_filestore_t p; … … 1411 1446 #endif 1412 1447 1413 SL_ENTER(_("sh_hash_pushdata "));1448 SL_ENTER(_("sh_hash_pushdata_int")); 1414 1449 1415 1450 fullpath = SH_ALLOC(MAX_PATH_STORE+1); … … 1432 1467 _("Writing database to stdout with update"), 1433 1468 sh.prg_name, 1434 _("sh_hash_pushdata "));1469 _("sh_hash_pushdata_int")); 1435 1470 aud_exit(FIL__, __LINE__, EXIT_FAILURE); 1436 1471 } … … 1443 1478 _("Writing database to stdout when suid"), 1444 1479 sh.prg_name, 1445 _("sh_hash_pushdata "));1480 _("sh_hash_pushdata_int")); 1446 1481 aud_exit(FIL__, __LINE__, EXIT_FAILURE); 1447 1482 } 1448 1483 1449 1484 1450 if ((pushdata_ stdout == S_FALSE) &&1485 if ((pushdata_isfirst == 1) && (pushdata_stdout == S_FALSE) && 1451 1486 ( (NULL == file_path('D', 'W')) || 1452 1487 (0 == sl_strcmp(file_path('D', 'W'), _("REQ_FROM_SERVER"))) )) … … 1457 1492 _("No local path for database specified"), 1458 1493 sh.prg_name, 1459 _("sh_hash_pushdata "));1494 _("sh_hash_pushdata_int")); 1460 1495 aud_exit(FIL__, __LINE__, EXIT_FAILURE); 1461 1496 } 1462 1497 1463 1498 1464 if ((pushdata_ stdout == S_FALSE) && (pushdata_isfirst == 1))1499 if ((pushdata_isfirst == 1) && (pushdata_stdout == S_FALSE)) 1465 1500 { 1466 1501 /* Warn that file already exists; file_path != NULL here because … … 1488 1523 sh_error_handle((-1), FIL__, __LINE__, pushdata_fd, MSG_E_ACCESS, 1489 1524 geteuid(), file_path('D', 'W')); 1490 SL_RET0(_("sh_hash_pushdata "));1525 SL_RET0(_("sh_hash_pushdata_int")); 1491 1526 } 1492 1527 if ( SL_ISERROR(status = sl_forward(pushdata_fd))) … … 1495 1530 SH_FREE(linkpath); 1496 1531 sh_error_handle((-1), FIL__, __LINE__, status, MSG_E_SUBGPATH, 1497 _("Fast forward failed"), _("sh_hash_pushdata "),1532 _("Fast forward failed"), _("sh_hash_pushdata_int"), 1498 1533 file_path('D', 'W')); 1499 SL_RET0(_("sh_hash_pushdata "));1534 SL_RET0(_("sh_hash_pushdata_int")); 1500 1535 } 1501 1536 } … … 1511 1546 sh_error_handle((-1), FIL__, __LINE__, pushdata_fd, MSG_E_ACCESS, 1512 1547 geteuid(), file_path('D', 'W')); 1513 SL_RET0(_("sh_hash_pushdata "));1548 SL_RET0(_("sh_hash_pushdata_int")); 1514 1549 } 1515 1550 line = SH_ALLOC(MAX_PATH_STORE+1); … … 1521 1556 SH_FREE(linkpath); 1522 1557 SH_FREE(line); 1523 SL_RET0(_("sh_hash_pushdata "));1558 SL_RET0(_("sh_hash_pushdata_int")); 1524 1559 } 1525 1560 SH_FREE(line); … … 1533 1568 sh_do_encode(buf->fullpath, old_len); 1534 1569 #endif 1535 tmp = quote_string(buf->fullpath );1570 tmp = quote_string(buf->fullpath, old_len); 1536 1571 tmp_len = sl_strlen(tmp); 1537 1572 #if defined(SH_STEALTH) … … 1563 1598 } 1564 1599 1600 path_len = sl_strlen(fullpath); 1565 1601 #if defined(SH_STEALTH) 1566 sh_do_encode(fullpath, sl_strlen(fullpath));1567 #endif 1568 1569 tmp = quote_string(fullpath );1602 sh_do_encode(fullpath, path_len); 1603 #endif 1604 1605 tmp = quote_string(fullpath, path_len); 1570 1606 if (tmp) { 1571 1607 sl_strlcpy(fullpath, tmp, MAX_PATH_STORE+1); … … 1580 1616 sh_do_encode(buf->linkpath, old_len); 1581 1617 #endif 1582 tmp = quote_string(buf->linkpath );1618 tmp = quote_string(buf->linkpath, old_len); 1583 1619 tmp_len = sl_strlen(tmp); 1584 1620 #if defined(SH_STEALTH) … … 1601 1637 if (tmp) SH_FREE(tmp); 1602 1638 1639 path_len = sl_strlen(linkpath); 1603 1640 #if defined(SH_STEALTH) 1604 sh_do_encode(linkpath, sl_strlen(linkpath));1605 #endif 1606 tmp = quote_string(linkpath );1641 sh_do_encode(linkpath, path_len); 1642 #endif 1643 tmp = quote_string(linkpath, path_len); 1607 1644 if (tmp) 1608 1645 { … … 1618 1655 sh_do_encode(buf->attr_string, old_len); 1619 1656 #endif 1620 tmp = quote_string(buf->attr_string );1657 tmp = quote_string(buf->attr_string, old_len); 1621 1658 if (tmp) 1622 1659 { … … 1634 1671 if (attr_string) 1635 1672 p.mark |= REC_FLAGS_ATTR; 1636 sl_strlcpy(p.c_mode, buf->c_mode, 11);1673 sl_strlcpy(p.c_mode, buf->c_mode, CMODE_SIZE); 1637 1674 sl_strlcpy(p.c_group, buf->c_group, GROUP_MAX+1); 1638 1675 sl_strlcpy(p.c_owner, buf->c_owner, USER_MAX+1); … … 1641 1678 } 1642 1679 #if defined(__linux__) || defined(HAVE_STAT_FLAGS) 1643 sl_strlcpy(p.c_attributes, buf->c_attributes, 13);1644 #else 1645 for (i = 0; i < 12; ++i) p.c_attributes[i] = '-';1646 p.c_attributes[ 12] = '\0';1680 sl_strlcpy(p.c_attributes, buf->c_attributes, ATTRBUF_SIZE); 1681 #else 1682 for (i = 0; i < ATTRBUF_USED; ++i) p.c_attributes[i] = '-'; 1683 p.c_attributes[ATTRBUF_USED] = '\0'; 1647 1684 #endif 1648 1685 … … 1778 1815 SH_FREE(attr_string); 1779 1816 1780 SL_RET0(_("sh_hash_pushdata")); 1781 } 1817 SL_RET0(_("sh_hash_pushdata_int")); 1818 } 1819 1820 SH_MUTEX_STATIC(mutex_writeout,PTHREAD_MUTEX_INITIALIZER); 1821 1822 void sh_hash_pushdata (file_type * buf, char * fileHash) 1823 { 1824 SH_MUTEX_LOCK(mutex_writeout); 1825 sh_hash_pushdata_int (buf, fileHash); 1826 SH_MUTEX_UNLOCK(mutex_writeout); 1827 return; 1828 } 1829 1782 1830 1783 1831 int sh_hash_writeout() … … 1797 1845 } 1798 1846 1847 SH_MUTEX_LOCK(mutex_writeout); 1799 1848 if (!SL_ISERROR(pushdata_fd)) 1800 1849 { … … 1804 1853 pushdata_isfirst = 1; 1805 1854 1855 1856 SH_MUTEX_LOCK(mutex_hash); 1806 1857 for (i = 0; i < TABSIZE; ++i) 1807 1858 { … … 1809 1860 { 1810 1861 f = sh_hash_create_ft (p, fileHash); 1811 sh_hash_pushdata (f, fileHash);1862 sh_hash_pushdata_int (f, fileHash); 1812 1863 if (f->attr_string) 1813 1864 SH_FREE(f->attr_string); … … 1815 1866 } 1816 1867 } 1868 SH_MUTEX_UNLOCK(mutex_hash); 1817 1869 1818 1870 if (!SL_ISERROR(pushdata_fd)) … … 1822 1874 } 1823 1875 pushdata_isfirst = 1; 1876 SH_MUTEX_UNLOCK(mutex_writeout); 1824 1877 1825 1878 SL_RETURN (0, _("sh_hash_writeout")); … … 1842 1895 SL_RETURN( (NULL), _("sh_hash_have_it_int")); 1843 1896 1844 if (IsInit != 1)1845 sh_hash_init();1846 1897 if (sl_strlen(newname) <= MAX_PATH_STORE) 1847 1898 p = hashsearch(newname); … … 1851 1902 if (p == NULL) 1852 1903 SL_RETURN( (NULL), _("sh_hash_have_it_int")); 1853 /* 1854 if (p->allignore == S_FALSE && 1855 (p->modi_mask & MODI_CHK) != 0 && 1856 (p->modi_mask & MODI_MOD) != 0) 1857 SL_RETURN( (1), _("sh_hash_have_it")); 1858 */ 1904 1859 1905 SL_RETURN( (p), _("sh_hash_have_it_int")); 1860 1906 } … … 1862 1908 int sh_hash_have_it (char * newname) 1863 1909 { 1864 sh_file_t * p = sh_hash_have_it_int (newname); 1865 1866 if (!p) return (-1); 1867 if ((!SH_FFLAG_ALLIGNORE_SET(p->fflags)) && 1868 (p->modi_mask & MODI_CHK) != 0 && 1869 (p->modi_mask & MODI_MOD) != 0) 1870 return 1; 1871 return 0; 1910 sh_file_t * p; 1911 int retval = 0; 1912 1913 if (IsInit != 1) 1914 sh_hash_init(); 1915 1916 SH_MUTEX_LOCK(mutex_hash); 1917 p = sh_hash_have_it_int (newname); 1918 1919 if (!p) 1920 retval = (-1); 1921 else if ((!SH_FFLAG_ALLIGNORE_SET(p->fflags)) && 1922 (p->modi_mask & MODI_CHK) != 0 && 1923 (p->modi_mask & MODI_MOD) != 0) 1924 retval = 1; 1925 SH_MUTEX_UNLOCK(mutex_hash); 1926 1927 return retval; 1872 1928 } 1873 1929 1874 1930 int sh_hash_get_it (char * newname, file_type * tmpFile) 1875 1931 { 1876 sh_file_t * p = sh_hash_have_it_int (newname); 1877 if (!p) 1878 return (-1); 1879 sl_strlcpy(tmpFile->fullpath, p->fullpath, PATH_MAX); 1880 sl_strlcpy(tmpFile->linkpath, p->linkpath, PATH_MAX); 1881 tmpFile->size = p->theFile.size; 1882 tmpFile->mtime = p->theFile.mtime; 1883 tmpFile->ctime = p->theFile.ctime; 1884 1885 tmpFile->attr_string = NULL; 1886 return 0; 1932 sh_file_t * p; 1933 int retval = -1; 1934 1935 if (IsInit != 1) 1936 sh_hash_init(); 1937 1938 SH_MUTEX_LOCK(mutex_hash); 1939 p = sh_hash_have_it_int (newname); 1940 if (p) 1941 { 1942 sl_strlcpy(tmpFile->fullpath, p->fullpath, PATH_MAX); 1943 sl_strlcpy(tmpFile->linkpath, p->linkpath, PATH_MAX); 1944 tmpFile->size = p->theFile.size; 1945 tmpFile->mtime = p->theFile.mtime; 1946 tmpFile->ctime = p->theFile.ctime; 1947 tmpFile->attr_string = NULL; 1948 retval = 0; 1949 } 1950 SH_MUTEX_UNLOCK(mutex_hash); 1951 1952 return retval; 1887 1953 } 1888 1954 1889 1955 int sh_hash_getflags (char * filename) 1890 1956 { 1891 sh_file_t * p = sh_hash_have_it_int (filename); 1892 if (!p) 1893 return (-1); 1894 return (p->fflags); 1957 sh_file_t * p; 1958 int retval = -1; 1959 1960 if (IsInit != 1) 1961 sh_hash_init(); 1962 1963 SH_MUTEX_LOCK(mutex_hash); 1964 p = sh_hash_have_it_int (filename); 1965 if (p) 1966 retval = p->fflags; 1967 SH_MUTEX_UNLOCK(mutex_hash); 1968 return retval; 1895 1969 } 1896 1970 1897 1971 int sh_hash_setflags (char * filename, int flags) 1898 1972 { 1899 sh_file_t * p = sh_hash_have_it_int (filename); 1900 if (!p) 1901 return (-1); 1902 p->fflags = flags; 1903 return 0; 1973 sh_file_t * p; 1974 int retval = -1; 1975 1976 if (IsInit != 1) 1977 sh_hash_init(); 1978 1979 SH_MUTEX_LOCK(mutex_hash); 1980 p = sh_hash_have_it_int (filename); 1981 if (p) 1982 { 1983 p->fflags = flags; 1984 retval = 0; 1985 } 1986 SH_MUTEX_UNLOCK(mutex_hash); 1987 return retval; 1904 1988 } 1905 1989 … … 1908 1992 void sh_hash_addflag (char * filename, int flag_to_set) 1909 1993 { 1910 int fflags = sh_hash_getflags(filename); 1911 1912 if (fflags >= 0) 1913 { 1914 fflags |= flag_to_set; 1915 sh_hash_setflags(filename, fflags); 1916 } 1994 sh_file_t * p; 1995 1996 if (IsInit != 1) 1997 sh_hash_init(); 1998 1999 SH_MUTEX_LOCK(mutex_hash); 2000 p = sh_hash_have_it_int (filename); 2001 if (p) 2002 { 2003 p->fflags |= flag_to_set; 2004 } 2005 SH_MUTEX_UNLOCK(mutex_hash); 1917 2006 return; 1918 2007 } … … 1929 2018 sh_file_t * p; 1930 2019 char hashbuf[KEYBUF_SIZE]; 2020 int retval = -1; 1931 2021 1932 2022 SL_ENTER(_("sh_hash_set_visited_int")); … … 1934 2024 if (newname == NULL) 1935 2025 SL_RETURN((-1), _("sh_hash_set_visited_int")); 2026 1936 2027 if (IsInit != 1) 1937 2028 sh_hash_init(); 2029 2030 SH_MUTEX_LOCK(mutex_hash); 1938 2031 1939 2032 if (sl_strlen(newname) <= MAX_PATH_STORE) … … 1943 2036 hashbuf, sizeof(hashbuf))); 1944 2037 1945 if (p == NULL) 1946 SL_RETURN((-1), _("sh_hash_set_visited_int")); 1947 1948 if (flag == SH_FFLAG_CHECKED) 1949 { 1950 CLEAR_SH_FFLAG_REPORTED(p->fflags); 1951 CLEAR_SH_FFLAG_VISITED(p->fflags); 1952 SET_SH_FFLAG_CHECKED(p->fflags); 1953 } 1954 else 1955 { 1956 SET_SH_FFLAG_VISITED(p->fflags); 1957 CLEAR_SH_FFLAG_CHECKED(p->fflags); 1958 if (flag == SH_FFLAG_REPORTED) 1959 SET_SH_FFLAG_REPORTED(p->fflags); 2038 if (p) 2039 { 2040 if (flag == SH_FFLAG_CHECKED) 2041 { 2042 CLEAR_SH_FFLAG_REPORTED(p->fflags); 2043 CLEAR_SH_FFLAG_VISITED(p->fflags); 2044 SET_SH_FFLAG_CHECKED(p->fflags); 2045 } 1960 2046 else 1961 CLEAR_SH_FFLAG_REPORTED(p->fflags); 1962 } 1963 SL_RETURN((0), _("sh_hash_set_visited_int")); 2047 { 2048 SET_SH_FFLAG_VISITED(p->fflags); 2049 CLEAR_SH_FFLAG_CHECKED(p->fflags); 2050 if (flag == SH_FFLAG_REPORTED) 2051 SET_SH_FFLAG_REPORTED(p->fflags); 2052 else 2053 CLEAR_SH_FFLAG_REPORTED(p->fflags); 2054 } 2055 retval = 0; 2056 } 2057 2058 SH_MUTEX_UNLOCK(mutex_hash); 2059 SL_RETURN((retval), _("sh_hash_set_visited_int")); 1964 2060 } 1965 2061 … … 2590 2686 if (p) 2591 2687 { 2688 SH_MUTEX_LOCK(mutex_hash); 2592 2689 hashinsert (p); 2593 2690 p->modi_mask = theFile->check_mask; 2691 SH_MUTEX_UNLOCK(mutex_hash); 2594 2692 } 2595 2693 … … 2633 2731 char hashbuf[KEYBUF_SIZE]; 2634 2732 2733 int retval = 0; 2734 2635 2735 SL_ENTER(_("sh_hash_compdata")); 2636 2736 … … 2646 2746 2647 2747 /* -------- find the entry for the file ---------------- */ 2748 2749 SH_MUTEX_LOCK(mutex_hash); 2648 2750 2649 2751 if (sl_strlen(theFile->fullpath) <= MAX_PATH_STORE) … … 2675 2777 } 2676 2778 2677 if (p)2678 {2679 SET_SH_FFLAG_VISITED(p->fflags);2680 CLEAR_SH_FFLAG_CHECKED(p->fflags);2681 }2682 2683 2779 if (sh.flag.reportonce == S_TRUE) 2684 2780 SET_SH_FFLAG_REPORTED(theFile->file_reported); … … 2687 2783 { 2688 2784 p = sh_hash_push_int(theFile, fileHash); 2689 hashinsert (p);2690 2785 if (p) 2691 p->modi_mask = theFile->check_mask; 2786 { 2787 hashinsert (p); 2788 p->modi_mask = theFile->check_mask; 2789 } 2692 2790 } 2693 2791 … … 2697 2795 { 2698 2796 p = sh_hash_push_int(theFile, fileHash); 2699 hashinsert (p);2700 2797 if (p) 2701 p->modi_mask = theFile->check_mask; 2798 { 2799 hashinsert (p); 2800 p->modi_mask = theFile->check_mask; 2801 } 2702 2802 } 2703 2803 else 2704 2804 { 2705 SL_RETURN(1, _("sh_hash_compdata")); 2805 retval = 1; 2806 goto unlock_and_return; 2706 2807 } 2707 2808 } 2708 2709 SL_RETURN(0, _("sh_hash_compdata")); 2710 } 2711 else 2712 { 2713 p->modi_mask = theFile->check_mask; 2714 } 2809 2810 goto unlock_and_return; 2811 } 2812 2813 p->modi_mask = theFile->check_mask; 2715 2814 2716 2815 /* initialize change_code */ … … 3251 3350 if (sh.flag.reportonce == S_TRUE && sh.flag.update == S_FALSE) 3252 3351 { 3253 if (p->linkpath != NULL )3352 if (p->linkpath != NULL && p->linkpath != notalink) 3254 3353 SH_FREE(p->linkpath); 3255 p->linkpath = sh_util_strdup(theFile->linkpath); 3354 if (theFile->linkpath[0] == '-' && theFile->linkpath[1] == '\0') 3355 p->linkpath = (char *)notalink; 3356 else 3357 p->linkpath = sh_util_strdup(theFile->linkpath); 3256 3358 } 3257 3359 #endif … … 3331 3433 SET_SH_FFLAG_VISITED(p->fflags); 3332 3434 CLEAR_SH_FFLAG_CHECKED(p->fflags); 3333 SL_RETURN(1, _("sh_hash_compdata")); 3435 retval = 1; 3436 goto unlock_and_return; 3334 3437 } 3335 3438 else /* if (sh.flag.reportonce == S_TRUE) */ … … 3362 3465 if (theFile->c_mode[0] == 'l') 3363 3466 { 3364 if (p->linkpath != NULL )3467 if (p->linkpath != NULL && p->linkpath != notalink) 3365 3468 SH_FREE(p->linkpath); 3366 3469 p->linkpath = sh_util_strdup(theFile->linkpath); … … 3368 3471 else 3369 3472 { 3370 if (p->linkpath != NULL ) {3473 if (p->linkpath != NULL && p->linkpath != notalink) { 3371 3474 p->linkpath[0] = '-'; 3372 3475 p->linkpath[1] = '\0'; 3373 3476 } else { 3374 p->linkpath = SH_ALLOC(2); 3375 p->linkpath[0] = '-'; 3376 p->linkpath[1] = '\0'; 3477 p->linkpath = (char *)notalink; 3377 3478 } 3378 3479 } … … 3402 3503 CLEAR_SH_FFLAG_CHECKED(p->fflags); 3403 3504 3404 SL_RETURN(0, _("sh_hash_compdata")); 3505 unlock_and_return: 3506 3507 SH_MUTEX_UNLOCK(mutex_hash); 3508 SL_RETURN(retval, _("sh_hash_compdata")); 3405 3509 } 3406 3510 … … 3415 3519 SL_RETURN(0, _("sh_hash_compdata")); 3416 3520 3521 SH_MUTEX_LOCK_UNSAFE(mutex_hash); 3417 3522 for (i = 0; i < TABSIZE; ++i) 3418 3523 { … … 3420 3525 CLEAR_SH_FFLAG_ALLIGNORE(p->fflags); 3421 3526 } 3527 SH_MUTEX_UNLOCK_UNSAFE(mutex_hash); 3422 3528 SL_RETURN (0, _("sh_hash_compdata")); 3423 3529 } … … 3440 3546 sh_hash_init(); 3441 3547 3548 SH_MUTEX_LOCK_UNSAFE(mutex_hash); 3442 3549 for (i = 0; i < TABSIZE; ++i) 3443 3550 { … … 3450 3557 } 3451 3558 } 3559 SH_MUTEX_UNLOCK_UNSAFE(mutex_hash); 3452 3560 SL_RETURN ((0), _("hash_remove_tree")); 3453 3561 } … … 3469 3577 int set_full_detail (const char * c) 3470 3578 { 3579 (void) c; 3471 3580 ListFullDetail = S_TRUE; 3472 /* warning: unused parameter `c' */ 3473 if (c) 3474 return 0; 3475 else 3476 return 0; 3581 return 0; 3477 3582 } 3478 3583 3479 3584 int set_list_delimited (const char * c) 3480 3585 { 3586 (void) c; 3481 3587 ListFullDetail = S_TRUE; 3482 3588 ListWithDelimiter = S_TRUE; 3483 /* warning: unused parameter `c' */ 3484 if (c) 3485 return 0; 3486 else 3487 return 0; 3488 } 3489 3490 /* Always quote the string, except if it is empty. Qoute quotes by 3589 return 0; 3590 } 3591 3592 /* Always quote the string, except if it is empty. Quote quotes by 3491 3593 * doubling them. 3492 3594 */ -
trunk/src/sh_mem.c
r144 r149 47 47 #undef FIL__ 48 48 #define FIL__ _("sh_mem.c") 49 static int eblock = 0;50 49 51 50 #ifdef MEM_DEBUG … … 74 73 unsigned long Mem_Current = 0, Mem_Max = 0; 75 74 76 #if 077 #define MEM_DETAILS78 #endif79 80 #ifdef MEM_DETAILS81 int max_upto_032 = 0;82 int max_upto_064 = 0;83 int max_upto_128 = 0;84 int max_upto_256 = 0;85 int max_upto_512 = 0;86 int max_upto_1024 = 0;87 int max_upto_4096 = 0;88 int max_upto_inf = 0;89 90 int now_upto_032 = 0;91 int now_upto_064 = 0;92 int now_upto_128 = 0;93 int now_upto_256 = 0;94 int now_upto_512 = 0;95 int now_upto_1024 = 0;96 int now_upto_4096 = 0;97 int now_upto_inf = 0;98 99 int tot_upto_032 = 0;100 int tot_upto_064 = 0;101 int tot_upto_128 = 0;102 int tot_upto_256 = 0;103 int tot_upto_512 = 0;104 int tot_upto_1024 = 0;105 int tot_upto_4096 = 0;106 int tot_upto_inf = 0;107 #endif108 109 75 #ifdef HAVE_PTHREAD 110 76 SH_MUTEX_RECURSIVE(mutex_mem); 111 77 #endif 112 78 79 /* define MEM_LOG to an absolute filename to enable this */ 113 80 #ifdef MEM_LOG 114 81 void sh_mem_dump () 115 82 { 116 83 memlist_t * this = memlist; 117 118 119 84 FILE * fd; 120 85 … … 123 88 124 89 fd = fopen(MEM_LOG, "w"); 90 if (!fd) 91 { 92 perror(MEM_LOG); 93 _exit(EXIT_FAILURE); 94 } 125 95 126 96 while (this != NULL) 127 97 { 128 fprintf (fd, "%20s %5d %ld\n", this->file, this->line, this->size); 98 fprintf (fd, "## %20s %5d %ld\n", this->file, this->line, this->size); 99 fprintf (fd, "%10p %8ld\n", (void *)this->address, this->size); 129 100 this = this->next; 130 101 } 131 102 fclose(fd); 132 SH_MUTEX_RECURSIVE_UNLOCK(mutex_mem); 133 return; 103 104 SH_MUTEX_RECURSIVE_UNLOCK(mutex_mem); 105 _exit(EXIT_SUCCESS); 134 106 } 135 107 #else … … 162 134 Mem_Max, Mem_Current); 163 135 164 #ifdef MEM_DETAILS165 fprintf(stderr, "\n");166 fprintf(stderr, "__SIZE_____TOTAL___MAXIMUM___\n");167 fprintf(stderr, " 32 %6d %6d\n", tot_upto_032, max_upto_032);168 fprintf(stderr, " 64 %6d %6d\n", tot_upto_064, max_upto_064);169 fprintf(stderr, " 128 %6d %6d\n", tot_upto_128, max_upto_128);170 fprintf(stderr, " 256 %6d %6d\n", tot_upto_256, max_upto_256);171 fprintf(stderr, " 512 %6d %6d\n", tot_upto_512, max_upto_512);172 fprintf(stderr, " 1024 %6d %6d\n", tot_upto_1024, max_upto_1024);173 fprintf(stderr, " 4096 %6d %6d\n", tot_upto_4096, max_upto_4096);174 fprintf(stderr, " inf %6d %6d\n", tot_upto_inf, max_upto_inf);175 fprintf(stderr, "\n");176 #endif177 178 136 this = memlist; 179 137 … … 199 157 SH_MUTEX_RECURSIVE_INIT(mutex_mem); 200 158 SH_MUTEX_RECURSIVE_LOCK(mutex_mem); 159 201 160 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_MSTAMP, 202 161 Mem_Max, Mem_Current); … … 229 188 } 230 189 231 /* if (nerr > 0) abort(); */232 190 233 191 SH_MUTEX_RECURSIVE_UNLOCK(mutex_mem); … … 249 207 if ( the_realAddress == NULL ) 250 208 { 251 if (eblock == 0) 252 { 253 eblock = 1; 254 (void) safe_logger (0, 0, NULL); 255 eblock = 0; 256 } 209 (void) safe_logger (0, 0, NULL); 210 257 211 /* use _exit() rather than exit() - we malloc() in atexit() functions 258 212 */ 259 _exit ( 42);213 _exit (EXIT_FAILURE); 260 214 } 261 215 … … 274 228 Max_Alloc_Count = Now_Alloc_Count; 275 229 276 #ifdef MEM_DETAILS277 if (size <= 32)278 {279 ++now_upto_032;280 ++tot_upto_032;281 if (now_upto_032 > max_upto_032) max_upto_032 = now_upto_032;282 }283 else if (size <= 64)284 {285 ++now_upto_064;286 ++tot_upto_064;287 if (now_upto_064 > max_upto_064) max_upto_064 = now_upto_064;288 }289 else if (size <= 128)290 {291 ++now_upto_128;292 ++tot_upto_128;293 if (now_upto_128 > max_upto_128) max_upto_128 = now_upto_128;294 }295 else if (size <= 256)296 {297 ++now_upto_256;298 ++tot_upto_256;299 if (now_upto_256 > max_upto_256) max_upto_256 = now_upto_256;300 }301 else if (size <= 512)302 {303 ++now_upto_512;304 ++tot_upto_512;305 if (now_upto_512 > max_upto_512) max_upto_512 = now_upto_512;306 }307 else if (size <= 1024)308 {309 ++now_upto_1024;310 ++tot_upto_1024;311 if (now_upto_1024 > max_upto_1024) max_upto_1024 = now_upto_1024;312 }313 else if (size <= 4096)314 {315 ++now_upto_4096;316 ++tot_upto_4096;317 if (now_upto_4096 > max_upto_4096) max_upto_4096 = now_upto_4096;318 }319 else320 {321 ++now_upto_inf;322 ++tot_upto_inf;323 if (now_upto_inf > max_upto_inf) max_upto_inf = now_upto_inf;324 325 fprintf(stderr, "\n___BIGSIZE___");326 fprintf(stderr, " %6d -> %16s %10d \n", size, file, line);327 fprintf(stderr, "\n");328 329 }330 #endif331 332 230 Mem_Current += size; 333 231 Mem_Max = ( (Mem_Current > Mem_Max) ? Mem_Current : Mem_Max); … … 337 235 if ( this == NULL) 338 236 { 339 if (eblock == 0) 340 { 341 eblock = 1; 342 (void) safe_logger(0, 0, NULL); 343 eblock = 0; 344 } 345 _exit(42); 237 (void) safe_logger(0, 0, NULL); 238 239 _exit(EXIT_FAILURE); 346 240 } 347 241 else … … 374 268 SH_MUTEX_RECURSIVE_INIT(mutex_mem); 375 269 SH_MUTEX_RECURSIVE_LOCK(mutex_mem); 270 376 271 if ( a == NULL ) 377 272 { … … 424 319 --Now_Alloc_Count; 425 320 426 #ifdef MEM_DETAILS427 if (size <= 32)428 --now_upto_032;429 else if (size <= 64)430 --now_upto_064;431 else if (size <= 128)432 --now_upto_128;433 else if (size <= 256)434 --now_upto_256;435 else if (size <= 512)436 --now_upto_512;437 else if (size <= 1024)438 --now_upto_1024;439 else if (size <= 4096)440 --now_upto_4096;441 else442 --now_upto_inf;443 #endif444 445 321 Mem_Current -= size; 446 322 out: … … 475 351 theAddress = malloc(size); 476 352 477 if ( theAddress == NULL )478 { 479 if (eblock == 0)480 { 481 eblock = 1; 482 (void) safe_logger(0, 0, NULL); 483 eblock = 0;484 } 353 if ( theAddress != NULL ) 354 { 355 SL_RETURN( theAddress, _("sh_mem_malloc")); 356 } 357 else 358 { 359 (void) safe_logger(0, 0, NULL); 360 485 361 /* use _exit() rather than exit() - we malloc() in atexit() 486 362 */ 487 _exit (42); 488 } 489 /* memset (theAddress, 0, 1); *//* needs testing */ 490 491 SL_RETURN( theAddress, _("sh_mem_malloc")); 492 } 493 #endif 363 _exit (EXIT_FAILURE); 364 } 365 } 366 #endif -
trunk/src/sh_modules.c
r142 r149 26 26 sh_utmp_check, 27 27 sh_utmp_end, 28 sh_utmp_ null,28 sh_utmp_reconf, 29 29 30 30 N_("[Utmp]"), … … 90 90 sh_suidchk_check, 91 91 sh_suidchk_end, 92 sh_suidchk_ free_schedule,92 sh_suidchk_reconf, 93 93 94 94 N_("[SuidCheck]"), -
trunk/src/sh_mounts.c
r140 r149 263 263 264 264 /* Module reconfiguration 265 * Run on receipt of a HUP. Right now this is identical to _end(), but it may266 * not always be. */265 * Run on receipt of a HUP. 266 */ 267 267 int sh_mounts_reconf() 268 268 { … … 270 270 sh_mounts_mnt_free(mountlist); 271 271 mountlist = NULL; 272 273 /* re-set defaults 274 */ 275 ShMountsActive = S_FALSE; 276 ShMountsInterval = 86400; 277 ShMountsSevMnt = 7; 278 ShMountsSevOpt = 7; 279 272 280 SL_RETURN( (0), _("sh_mounts_null")); 273 281 } -
trunk/src/sh_portcheck.c
r140 r149 80 80 #define SH_PORT_OPT 2 81 81 #define SH_PORT_IGN 3 82 #define SH_PORT_BLACKLIST 4 82 83 83 84 #define SH_PORT_MISS 0 … … 87 88 #define SH_PORT_NOREPT 0 88 89 #define SH_PORT_REPORT 1 90 91 #define SH_PROTO_TCP 0 92 #define SH_PROTO_UDP 1 93 #define SH_PROTO_STR(a) (((a) == IPPROTO_TCP) ? _("tcp") : _("udp")) 89 94 90 95 struct sh_portentry { … … 101 106 static struct sh_portentry * portlist_udp = NULL; 102 107 108 struct sh_port { 109 int port; 110 struct in_addr haddr; 111 struct sh_port * next; 112 }; 113 114 static struct sh_port * blacklist_tcp = NULL; 115 static struct sh_port * blacklist_udp = NULL; 116 103 117 #define SH_PORTCHK_INTERVAL 300 104 118 … … 117 131 #include "sh_pthread.h" 118 132 133 SH_MUTEX_STATIC(mutex_port_check, PTHREAD_MUTEX_INITIALIZER); 134 119 135 static int sh_portchk_severity = SH_ERR_SEVERE; 120 136 #endif … … 132 148 static int sh_portchk_add_optional (const char * str); 133 149 150 /* Exported interface to add blacklisted ports as 'iface:portlist' 151 */ 152 static int sh_portchk_add_blacklist (const char * str); 153 134 154 /* Exported interface to add an ethernet interface 135 155 */ 136 156 static int sh_portchk_add_interface (const char * str); 137 157 158 /* verify whether port/interface is blacklisted (do not check) 159 */ 160 static int sh_portchk_is_blacklisted(int port, struct in_addr haddr, int proto); 138 161 139 162 #ifndef TEST_ONLY … … 148 171 if (val <= 0) 149 172 { 173 SH_MUTEX_LOCK(mutex_thread_nolog); 150 174 sh_error_handle ((-1), FIL__, __LINE__, EINVAL, MSG_EINVALS, 151 175 _("port check interval"), c); 176 SH_MUTEX_UNLOCK(mutex_thread_nolog); 152 177 retval = -1; 153 178 } … … 196 221 }, 197 222 { 223 N_("portcheckskip"), 224 sh_portchk_add_blacklist, 225 }, 226 { 198 227 N_("portcheckactive"), 199 228 sh_portchk_set_active, … … 232 261 233 262 234 static char * check_services (int port, char *proto);263 static char * check_services (int port, int proto); 235 264 236 265 #ifdef TEST_ONLY … … 249 278 #endif 250 279 251 static void sh_portchk_add_to_list ( char *proto,280 static void sh_portchk_add_to_list (int proto, 252 281 int port, struct in_addr haddr, char * service, 253 282 int flag, int status) … … 257 286 if (portchk_debug) 258 287 fprintf(stderr, _("add to list: port %d/%s %d %d (%s)\n"), 259 port, proto, flag, status, service ? service : _("undef"));288 port, SH_PROTO_STR(proto), flag, status, service ? service : _("undef")); 260 289 261 290 new->port = port; … … 270 299 else 271 300 new->service = NULL; 272 if ( 0 == strcmp(proto, "tcp"))301 if (proto == IPPROTO_TCP) 273 302 { 274 303 new->next = portlist_tcp; … … 322 351 } 323 352 353 static struct sh_port * sh_portchk_kill_blacklist (struct sh_port * head) 354 { 355 if (head) 356 { 357 if (head->next) 358 sh_portchk_kill_blacklist (head->next); 359 360 SH_FREE(head); 361 } 362 return NULL; 363 } 364 324 365 /* check the list of open ports for any that are marked as UNKN 325 366 */ 326 static void sh_portchk_check_list (struct sh_portentry ** head, char *proto, int report)367 static void sh_portchk_check_list (struct sh_portentry ** head, int proto, int report) 327 368 { 328 369 struct sh_portentry * ptr = *head; … … 334 375 if (portchk_debug && report) 335 376 fprintf(stderr, _("check list: port %d/%s %d %d\n"), 336 ptr->port, proto, ptr->flag, ptr->status);377 ptr->port, SH_PROTO_STR(proto), ptr->flag, ptr->status); 337 378 338 379 if (ptr->status == SH_PORT_UNKN) … … 343 384 { 344 385 snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceMissing] port %s:%d/%s (%s)"), 345 ptr->interface, ptr->port, proto,386 ptr->interface, ptr->port, SH_PROTO_STR(proto), 346 387 ptr->service ? ptr->service : check_services(ptr->port, proto)); 347 388 #ifdef TEST_ONLY … … 350 391 #else 351 392 if (report == SH_PORT_REPORT) 352 sh_error_handle(sh_portchk_severity, FIL__, __LINE__, 0, 353 MSG_PORT_REPORT, errbuf); 393 { 394 SH_MUTEX_LOCK(mutex_thread_nolog); 395 sh_error_handle(sh_portchk_severity, FIL__, __LINE__, 0, 396 MSG_PORT_REPORT, errbuf); 397 SH_MUTEX_UNLOCK(mutex_thread_nolog); 398 } 354 399 #endif 355 400 } … … 361 406 if (portchk_debug && report) 362 407 fprintf(stderr, _("removing: port %d/%s %d %d\n"), 363 ptr->port, proto, ptr->flag, ptr->status);408 ptr->port, SH_PROTO_STR(proto), ptr->flag, ptr->status); 364 409 365 410 if (ptr == *head) … … 399 444 400 445 401 static struct sh_portentry * sh_portchk_get_from_list ( char *proto, int port,446 static struct sh_portentry * sh_portchk_get_from_list (int proto, int port, 402 447 struct in_addr haddr, char * service) 403 448 { … … 407 452 sl_strlcpy (iface_all, _("0.0.0.0"), sizeof(iface_all)); 408 453 409 if ( 0 == strcmp(proto, "tcp"))454 if (proto == IPPROTO_TCP) 410 455 portlist = portlist_tcp; 411 456 else … … 439 484 440 485 441 static void sh_portchk_cmp_to_list ( char *proto, int port, struct in_addr haddr, char * service)486 static void sh_portchk_cmp_to_list (int proto, int port, struct in_addr haddr, char * service) 442 487 { 443 488 struct sh_portentry * portent; … … 452 497 { 453 498 snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceNew] port %s:%d/%s (%s)"), 454 inet_ntoa(haddr), port, proto, service);499 inet_ntoa(haddr), port, SH_PROTO_STR(proto), service); 455 500 #ifdef TEST_ONLY 456 501 fprintf(stderr, _("open port: %s:%d/%s (%s)\n"), 457 inet_ntoa(haddr), port, proto, service); 458 #else 502 inet_ntoa(haddr), port, SH_PROTO_STR(proto), service); 503 #else 504 SH_MUTEX_LOCK(mutex_thread_nolog); 459 505 sh_error_handle(sh_portchk_severity, FIL__, __LINE__, 0, 460 506 MSG_PORT_REPORT, errbuf); 507 SH_MUTEX_UNLOCK(mutex_thread_nolog); 461 508 #endif 462 509 /* … … 468 515 { 469 516 snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceRestarted] port %s:%d/%s to %d/%s (%s)"), 470 inet_ntoa(haddr), portent->port, proto, port, proto, service);517 inet_ntoa(haddr), portent->port, SH_PROTO_STR(proto), port, SH_PROTO_STR(proto), service); 471 518 #ifdef TEST_ONLY 472 519 fprintf(stderr, _("service: %s\n"), errbuf); 473 520 #else 521 SH_MUTEX_LOCK(mutex_thread_nolog); 474 522 sh_error_handle(sh_portchk_severity, FIL__, __LINE__, 0, 475 523 MSG_PORT_REPORT, errbuf); 524 SH_MUTEX_UNLOCK(mutex_thread_nolog); 476 525 #endif 477 526 … … 481 530 { 482 531 snprintf (errbuf, sizeof(errbuf), _("POLICY [ServicePortSwitch] port %s:%d/%s to %d/%s (%s)"), 483 inet_ntoa(haddr), portent->port, proto, port, proto, service);532 inet_ntoa(haddr), portent->port, SH_PROTO_STR(proto), port, SH_PROTO_STR(proto), service); 484 533 #ifdef TEST_ONLY 485 534 fprintf(stderr, _("service: %s\n"), errbuf); 486 535 #else 536 SH_MUTEX_LOCK(mutex_thread_nolog); 487 537 sh_error_handle(sh_portchk_severity, FIL__, __LINE__, 0, 488 538 MSG_PORT_REPORT, errbuf); 539 SH_MUTEX_UNLOCK(mutex_thread_nolog); 489 540 #endif 490 541 portent->port = port; … … 501 552 { 502 553 snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceNew] port %s:%d/%s (%s)"), 503 inet_ntoa(haddr), port, proto, check_services(port, proto));554 inet_ntoa(haddr), port, SH_PROTO_STR(proto), check_services(port, proto)); 504 555 #ifdef TEST_ONLY 505 556 fprintf(stderr, _("open port: %s:%d/%s (%s)\n"), 506 inet_ntoa(haddr), port, proto, check_services(port, proto)); 507 #else 557 inet_ntoa(haddr), port, SH_PROTO_STR(proto), check_services(port, proto)); 558 #else 559 SH_MUTEX_LOCK(mutex_thread_nolog); 508 560 sh_error_handle(sh_portchk_severity, FIL__, __LINE__, 0, 509 561 MSG_PORT_REPORT, errbuf); 562 SH_MUTEX_UNLOCK(mutex_thread_nolog); 510 563 #endif 511 564 … … 517 570 { 518 571 snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceRestarted] port %s:%d/%s (%s)"), 519 inet_ntoa(haddr), port, proto, check_services(port, proto));572 inet_ntoa(haddr), port, SH_PROTO_STR(proto), check_services(port, proto)); 520 573 #ifdef TEST_ONLY 521 574 fprintf(stderr, _("port : %s\n"), errbuf); 522 575 #else 576 SH_MUTEX_LOCK(mutex_thread_nolog); 523 577 sh_error_handle(sh_portchk_severity, FIL__, __LINE__, 0, 524 578 MSG_PORT_REPORT, errbuf); 579 SH_MUTEX_UNLOCK(mutex_thread_nolog); 525 580 #endif 526 581 … … 541 596 * Returns NULL on failure 542 597 */ 543 static char * check_services (int port, char *proto)598 static char * check_services (int port, int proto) 544 599 { 545 600 static char buf[256]; 546 struct servent * service = getservbyport(htons(port), proto);601 struct servent * service = getservbyport(htons(port), SH_PROTO_STR(proto)); 547 602 548 603 if (service && service->s_name && service->s_name[0] != '\0') … … 630 685 sl_snprintf(errmsg, sizeof(errmsg), _("check port: %5d/udp on %15s: %s"), 631 686 port, inet_ntoa(haddr), sh_error_message(errno, errbuf, sizeof(errbuf))); 687 SH_MUTEX_LOCK(mutex_thread_nolog); 632 688 sh_error_handle((-1), FIL__, __LINE__, nerr, MSG_E_SUBGEN, 633 689 errmsg, _("connect")); 690 SH_MUTEX_UNLOCK(mutex_thread_nolog); 634 691 #endif 635 692 } … … 666 723 p = check_rpc_list (port, &sinr, IPPROTO_UDP); 667 724 668 sh_portchk_cmp_to_list ( "udp", port, haddr, p ? p : NULL);725 sh_portchk_cmp_to_list (IPPROTO_UDP, port, haddr, p ? p : NULL); 669 726 670 727 /* If not an RPC service, try to get name from /etc/services 671 728 */ 672 729 if (!p) 673 p = check_services(port, "udp");730 p = check_services(port, IPPROTO_UDP); 674 731 675 732 if (portchk_debug) … … 722 779 sl_snprintf(errmsg, sizeof(errmsg), _("check port: %5d/tcp on %15s: %s"), 723 780 port, inet_ntoa(haddr), sh_error_message(errno, errbuf, sizeof(errbuf))); 781 SH_MUTEX_LOCK(mutex_thread_nolog); 724 782 sh_error_handle((-1), FIL__, __LINE__, nerr, MSG_E_SUBGEN, 725 783 errmsg, _("connect")); 784 SH_MUTEX_UNLOCK(mutex_thread_nolog); 726 785 #endif 727 786 } … … 732 791 p = check_rpc_list (port, &sinr, IPPROTO_TCP); 733 792 734 sh_portchk_cmp_to_list ( "tcp", port, haddr, p ? p : NULL);793 sh_portchk_cmp_to_list (IPPROTO_TCP, port, haddr, p ? p : NULL); 735 794 736 795 /* If not an RPC service, try to get name from /etc/services 737 796 */ 738 797 if (!p) 739 p = check_services(port, "tcp");798 p = check_services(port, IPPROTO_TCP); 740 799 741 800 if (portchk_debug) … … 815 874 #endif 816 875 817 int sh_portchk_init (struct mod_type * arg)876 static int sh_portchk_init_internal (void) 818 877 { 819 878 struct hostent * hent; 820 879 int i = 0; 821 880 char errbuf[256]; 822 (void) arg;823 881 824 882 if (portchk_debug) … … 831 889 return -1; 832 890 891 SH_MUTEX_LOCK(mutex_port_check); 833 892 if (iface_initialized == 0) 834 893 { … … 852 911 sl_snprintf(errbuf, sizeof(errbuf), _("interface: %s"), 853 912 inet_ntoa(iface_list.iface[i])); 913 SH_MUTEX_LOCK(mutex_thread_nolog); 854 914 sh_error_handle(SH_ERR_INFO, FIL__, __LINE__, 0, MSG_E_SUBGEN, 855 915 errbuf, _("sh_portchk_init")); 856 } 916 SH_MUTEX_UNLOCK(mutex_thread_nolog); 917 } 918 SH_MUTEX_UNLOCK(mutex_port_check); 857 919 858 920 return 0; 859 921 } 922 923 int sh_portchk_init (struct mod_type * arg) 924 { 925 if (sh_portchk_active == S_FALSE) 926 return SH_MOD_FAILED; 927 if (!portchk_hostname) 928 return SH_MOD_FAILED; 929 930 #ifdef HAVE_PTHREAD 931 if (arg != NULL && arg->initval < 0 && 932 (sh.flag.isdaemon == S_TRUE || sh.flag.loop == S_TRUE)) 933 { 934 if (0 == sh_pthread_create(sh_threaded_module_run, (void *)arg)) 935 return SH_MOD_THREAD; 936 else 937 return SH_MOD_FAILED; 938 } 939 #endif 940 return sh_portchk_init_internal(); 941 } 942 943 860 944 861 945 #if !defined(TEST_ONLY) 862 946 int sh_portchk_reconf () 863 947 { 948 SH_MUTEX_LOCK(mutex_port_check); 864 949 iface_initialized = 0; 865 866 950 sh_portchk_active = 1; 867 951 sh_portchk_check_udp = 1; 952 sh_portchk_interval = SH_PORTCHK_INTERVAL; 868 953 869 954 portlist_udp = sh_portchk_kill_list (portlist_udp); 870 955 portlist_tcp = sh_portchk_kill_list (portlist_tcp); 956 957 blacklist_udp = sh_portchk_kill_blacklist (blacklist_udp); 958 blacklist_tcp = sh_portchk_kill_blacklist (blacklist_tcp); 959 SH_MUTEX_UNLOCK(mutex_port_check); 871 960 return 0; 872 961 } … … 903 992 while (i < iface_list.used) 904 993 { 994 haddr.s_addr = iface_list.iface[i].s_addr; 995 996 if (0 != sh_portchk_is_blacklisted(port, haddr, protocol)) 997 { 998 ++i; continue; 999 } 1000 905 1001 if ((sock = socket(AF_INET, type, protocol)) < 0 ) 906 1002 { … … 909 1005 perror(_("socket")); 910 1006 #else 1007 SH_MUTEX_LOCK(mutex_thread_nolog); 911 1008 sh_error_handle((-1), FIL__, __LINE__, errno, MSG_E_SUBGEN, 912 1009 sh_error_message(errno, errbuf, sizeof(errbuf)), _("socket")); 1010 SH_MUTEX_UNLOCK(mutex_thread_nolog); 1011 ++i; 1012 continue; 913 1013 #endif 914 1014 } … … 920 1020 perror(_("setsockopt")); 921 1021 #else 1022 SH_MUTEX_LOCK(mutex_thread_nolog); 922 1023 sh_error_handle((-1), FIL__, __LINE__, errno, MSG_E_SUBGEN, 923 1024 sh_error_message(errno, errbuf, sizeof(errbuf)),_("setsockopt")); 924 #endif 925 } 926 927 memcpy (&(haddr.s_addr), &(iface_list.iface[i].s_addr), sizeof(in_addr_t)); 1025 SH_MUTEX_UNLOCK(mutex_thread_nolog); 1026 #endif 1027 ++i; 1028 continue; 1029 } 1030 928 1031 929 1032 if (protocol == IPPROTO_TCP) … … 982 1085 perror(_("socket")); 983 1086 #else 1087 SH_MUTEX_LOCK(mutex_thread_nolog); 984 1088 sh_error_handle((-1), FIL__, __LINE__, errno, MSG_E_SUBGEN, 985 1089 sh_error_message(errno, errbuf, sizeof(errbuf)), _("socket")); 986 #endif 1090 SH_MUTEX_UNLOCK(mutex_thread_nolog); 1091 #endif 1092 continue; 987 1093 } 988 1094 if ( setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, … … 993 1099 perror(_("setsockopt")); 994 1100 #else 1101 SH_MUTEX_LOCK(mutex_thread_nolog); 995 1102 sh_error_handle((-1), FIL__, __LINE__, errno, MSG_E_SUBGEN, 996 1103 sh_error_message(errno, errbuf, sizeof(errbuf)),_("setsockopt")); 997 #endif 1104 SH_MUTEX_UNLOCK(mutex_thread_nolog); 1105 #endif 1106 continue; 998 1107 } 999 1108 … … 1027 1136 perror(_("bind")); 1028 1137 #else 1138 SH_MUTEX_LOCK(mutex_thread_nolog); 1029 1139 sh_error_handle((-1), FIL__, __LINE__, errno, MSG_E_SUBGEN, 1030 1140 sh_error_message(errno, errbuf, sizeof(errbuf)), _("bind")); 1141 SH_MUTEX_UNLOCK(mutex_thread_nolog); 1031 1142 #endif 1032 1143 } … … 1067 1178 1068 1179 sl_snprintf(errbuf, sizeof(errbuf), _("interface: %s"), inet_ntoa(haddr)); 1180 SH_MUTEX_LOCK(mutex_thread_nolog); 1069 1181 sh_error_handle(SH_ERR_INFO, FIL__, __LINE__, 0, MSG_E_SUBGEN, 1070 1182 errbuf, _("sh_portchk_add_interface")); 1183 SH_MUTEX_UNLOCK(mutex_thread_nolog); 1071 1184 1072 1185 memcpy (&(iface_list.iface[iface_list.used].s_addr), &(haddr.s_addr), sizeof(in_addr_t)); … … 1076 1189 } 1077 1190 1191 /* verify whether port/interface is blacklisted (do not check) 1192 */ 1193 static int sh_portchk_is_blacklisted(int port, struct in_addr haddr, int proto) 1194 { 1195 struct sh_port * head; 1196 1197 if (proto == IPPROTO_TCP) 1198 head = blacklist_tcp; 1199 else 1200 head = blacklist_udp; 1201 1202 while (head) 1203 { 1204 if (head->port == port) 1205 { 1206 if ((head->haddr.s_addr == 0) || (head->haddr.s_addr == haddr.s_addr)) 1207 return 1; 1208 else 1209 return 0; 1210 } 1211 head = head->next; 1212 } 1213 return 0; 1214 } 1215 1216 1217 static int sh_portchk_blacklist(int port, struct in_addr haddr, int proto) 1218 { 1219 struct sh_port * black; 1220 struct sh_port * head; 1221 1222 if (proto == IPPROTO_TCP) 1223 head = blacklist_tcp; 1224 else 1225 head = blacklist_udp; 1226 1227 black = head; 1228 1229 while (black) 1230 { 1231 if (black->port == port && head->haddr.s_addr == haddr.s_addr) 1232 return -1; 1233 black = black->next; 1234 } 1235 black = SH_ALLOC (sizeof(struct sh_port)); 1236 black->port = port; 1237 black->haddr.s_addr = haddr.s_addr; 1238 black->next = head; 1239 1240 if (proto == IPPROTO_TCP) 1241 blacklist_tcp = black; 1242 else 1243 blacklist_udp = black; 1244 return 0; 1245 } 1246 1078 1247 1079 1248 /* Subroutine to add a required or optional port/service … … 1082 1251 { 1083 1252 char buf[256]; 1084 char proto[4];1253 int proto; 1085 1254 char * p; 1086 1255 char * endptr; … … 1098 1267 return -1; 1099 1268 if (0 == strcmp(p, _("/tcp"))) 1100 sl_strlcpy(proto, _("tcp"), sizeof(proto));1101 else if (0 == strcmp(p, _("/udp"))) 1102 sl_strlcpy(proto, _("udp"), sizeof(proto));1269 proto = IPPROTO_TCP; 1270 else if (0 == strcmp(p, _("/udp"))) 1271 proto = IPPROTO_UDP; 1103 1272 else 1104 1273 return -1; … … 1106 1275 *p = '\0'; 1107 1276 port = strtoul(buf, &endptr, 0); 1277 1278 /* Blacklisted ports 1279 */ 1280 if (*endptr == '\0' && port <= 65535 && type == SH_PORT_BLACKLIST) 1281 return (sh_portchk_blacklist(port, haddr, proto)); 1108 1282 1109 1283 if (*endptr != '\0') … … 1115 1289 { 1116 1290 #ifdef TEST_ONLY 1117 fprintf(stderr, "** WARNING: duplicate port definition %s/%s\n", buf, proto); 1118 #else 1291 fprintf(stderr, "** WARNING: duplicate port definition %s/%s\n", buf, SH_PROTO_STR(proto)); 1292 #else 1293 SH_MUTEX_LOCK(mutex_thread_nolog); 1119 1294 sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, 0, MSG_E_SUBGEN, 1120 1295 _("duplicate port definition"), _("sh_portchk_add_required_port_generic")); 1296 SH_MUTEX_UNLOCK(mutex_thread_nolog); 1121 1297 #endif 1122 1298 return -1; … … 1131 1307 { 1132 1308 #ifdef TEST_ONLY 1133 fprintf(stderr, "** WARNING: duplicate port definition %lu/%s\n", port, proto); 1134 #else 1309 fprintf(stderr, "** WARNING: duplicate port definition %lu/%s\n", port, SH_PROTO_STR(proto)); 1310 #else 1311 SH_MUTEX_LOCK(mutex_thread_nolog); 1135 1312 sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, 0, MSG_E_SUBGEN, 1136 1313 _("duplicate port definition"), _("sh_portchk_add_required_port_generic")); 1314 SH_MUTEX_UNLOCK(mutex_thread_nolog); 1137 1315 #endif 1138 1316 return -1; … … 1151 1329 size_t len; 1152 1330 size_t ll = 0; 1331 int status; 1153 1332 1154 1333 char * interface = NULL; … … 1213 1392 while (p) 1214 1393 { 1215 if (-1 == sh_portchk_add_required_port_generic (p, interface, type)) 1394 status = sh_portchk_add_required_port_generic (p, interface, type); 1395 1396 if (-1 == status) 1216 1397 { 1217 1398 SH_FREE(interface); … … 1251 1432 } 1252 1433 1434 /* User interface to add ports that should not be checked as 'iface:portlist' 1435 */ 1436 static int sh_portchk_add_blacklist (const char * str) 1437 { 1438 return sh_portchk_add_required_generic (str, SH_PORT_BLACKLIST); 1439 } 1440 1253 1441 /* Interface to run port check 1254 1442 */ … … 1257 1445 int min_port = 0; 1258 1446 1447 SH_MUTEX_LOCK(mutex_port_check); 1259 1448 if (sh_portchk_active != S_FALSE) 1260 1449 { … … 1266 1455 fprintf(stderr, "** WARNING not scanning ports < 1024\n"); 1267 1456 #else 1457 SH_MUTEX_LOCK(mutex_thread_nolog); 1268 1458 sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, 0, MSG_E_SUBGEN, 1269 1459 _("not scanning ports below 1024"), _("sh_portchk_check")); 1460 SH_MUTEX_UNLOCK(mutex_thread_nolog); 1270 1461 #endif 1271 1462 } … … 1273 1464 sh_portchk_scan_ports_udp(min_port, -1); 1274 1465 sh_portchk_scan_ports_tcp(min_port, -1); 1275 sh_portchk_check_list (&portlist_tcp, "tcp", SH_PORT_REPORT);1466 sh_portchk_check_list (&portlist_tcp, IPPROTO_TCP, SH_PORT_REPORT); 1276 1467 if (sh_portchk_check_udp == 1) 1277 sh_portchk_check_list (&portlist_udp, "udp", SH_PORT_REPORT); 1278 } 1468 sh_portchk_check_list (&portlist_udp, IPPROTO_UDP, SH_PORT_REPORT); 1469 } 1470 SH_MUTEX_UNLOCK(mutex_port_check); 1279 1471 return 0; 1280 1472 } … … 1292 1484 CuAssertTrue(tc, 0 != inet_aton("127.0.0.1", &haddr_local)); 1293 1485 1294 sh_portchk_add_to_list ( "tcp", 8000, haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN);1295 1296 portent = sh_portchk_get_from_list( "tcp", 8000, haddr_local, NULL);1486 sh_portchk_add_to_list (IPPROTO_TCP, 8000, haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN); 1487 1488 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, NULL); 1297 1489 CuAssertPtrNotNull(tc, portent); 1298 1490 … … 1302 1494 CuAssertTrue(tc, portent->flag == SH_PORT_NOT); 1303 1495 1304 sh_portchk_check_list (&portlist_tcp, "tcp", SH_PORT_NOREPT);1496 sh_portchk_check_list (&portlist_tcp, IPPROTO_TCP, SH_PORT_NOREPT); 1305 1497 1306 1498 CuAssertTrue(tc, NULL == portlist_tcp); 1307 1499 1308 sh_portchk_add_to_list ( "tcp", 8000, haddr_local, NULL, SH_PORT_REQ, SH_PORT_UNKN);1309 sh_portchk_add_to_list ( "tcp", 8001, haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN);1310 sh_portchk_add_to_list ( "tcp", 8002, haddr_local, NULL, SH_PORT_REQ, SH_PORT_UNKN);1311 sh_portchk_add_to_list ( "tcp", 8003, haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN);1312 sh_portchk_add_to_list ( "tcp", 8004, haddr_local, NULL, SH_PORT_IGN, SH_PORT_UNKN);1313 sh_portchk_add_to_list ( "tcp", -1, haddr_local, "foo1", SH_PORT_NOT, SH_PORT_UNKN);1314 sh_portchk_add_to_list ( "tcp", -1, haddr_local, "foo2", SH_PORT_REQ, SH_PORT_UNKN);1315 sh_portchk_add_to_list ( "tcp", -1, haddr_local, "foo3", SH_PORT_NOT, SH_PORT_UNKN);1316 sh_portchk_add_to_list ( "tcp", -1, haddr_local, "foo4", SH_PORT_REQ, SH_PORT_UNKN);1317 sh_portchk_add_to_list ( "tcp", -1, haddr_local, "foo5", SH_PORT_IGN, SH_PORT_UNKN);1318 1319 sh_portchk_check_list (&portlist_tcp, "tcp", SH_PORT_NOREPT);1500 sh_portchk_add_to_list (IPPROTO_TCP, 8000, haddr_local, NULL, SH_PORT_REQ, SH_PORT_UNKN); 1501 sh_portchk_add_to_list (IPPROTO_TCP, 8001, haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN); 1502 sh_portchk_add_to_list (IPPROTO_TCP, 8002, haddr_local, NULL, SH_PORT_REQ, SH_PORT_UNKN); 1503 sh_portchk_add_to_list (IPPROTO_TCP, 8003, haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN); 1504 sh_portchk_add_to_list (IPPROTO_TCP, 8004, haddr_local, NULL, SH_PORT_IGN, SH_PORT_UNKN); 1505 sh_portchk_add_to_list (IPPROTO_TCP, -1, haddr_local, "foo1", SH_PORT_NOT, SH_PORT_UNKN); 1506 sh_portchk_add_to_list (IPPROTO_TCP, -1, haddr_local, "foo2", SH_PORT_REQ, SH_PORT_UNKN); 1507 sh_portchk_add_to_list (IPPROTO_TCP, -1, haddr_local, "foo3", SH_PORT_NOT, SH_PORT_UNKN); 1508 sh_portchk_add_to_list (IPPROTO_TCP, -1, haddr_local, "foo4", SH_PORT_REQ, SH_PORT_UNKN); 1509 sh_portchk_add_to_list (IPPROTO_TCP, -1, haddr_local, "foo5", SH_PORT_IGN, SH_PORT_UNKN); 1510 1511 sh_portchk_check_list (&portlist_tcp, IPPROTO_TCP, SH_PORT_NOREPT); 1320 1512 1321 1513 CuAssertPtrNotNull(tc, portlist_tcp); 1322 1514 1323 portent = sh_portchk_get_from_list( "tcp", 8000, haddr_local, NULL);1515 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, NULL); 1324 1516 CuAssertPtrNotNull(tc, portent); 1325 1517 1326 portent = sh_portchk_get_from_list( "tcp", 8001, haddr_local, NULL);1518 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8001, haddr_local, NULL); 1327 1519 CuAssertTrue(tc, NULL == portent); 1328 1520 1329 portent = sh_portchk_get_from_list( "tcp", 8002, haddr_local, NULL);1521 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8002, haddr_local, NULL); 1330 1522 CuAssertPtrNotNull(tc, portent); 1331 1523 1332 portent = sh_portchk_get_from_list( "tcp", 8003, haddr_local, NULL);1524 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8003, haddr_local, NULL); 1333 1525 CuAssertTrue(tc, NULL == portent); 1334 1526 1335 portent = sh_portchk_get_from_list( "tcp", 8004, haddr_local, NULL);1527 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8004, haddr_local, NULL); 1336 1528 CuAssertPtrNotNull(tc, portent); 1337 1529 1338 portent = sh_portchk_get_from_list( "tcp", 8000, haddr_local, "foo1");1530 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, "foo1"); 1339 1531 CuAssertTrue(tc, NULL == portent); 1340 1532 1341 portent = sh_portchk_get_from_list( "tcp", 8000, haddr_local, "foo2");1533 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, "foo2"); 1342 1534 CuAssertPtrNotNull(tc, portent); 1343 1535 CuAssertTrue(tc, 0 == strcmp(portent->service, "foo2")); 1344 1536 1345 portent = sh_portchk_get_from_list( "tcp", 8000, haddr_local, "foo3");1537 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, "foo3"); 1346 1538 CuAssertTrue(tc, NULL == portent); 1347 1539 1348 portent = sh_portchk_get_from_list( "tcp", 8000, haddr_local, "foo4");1540 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, "foo4"); 1349 1541 CuAssertPtrNotNull(tc, portent); 1350 1542 CuAssertTrue(tc, 0 == strcmp(portent->service, "foo4")); 1351 1543 1352 portent = sh_portchk_get_from_list( "tcp", 8000, haddr_local, "foo5");1544 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, "foo5"); 1353 1545 CuAssertPtrNotNull(tc, portent); 1354 1546 CuAssertTrue(tc, 0 == strcmp(portent->service, "foo5")); 1547 1548 CuAssertTrue(tc, 0 == sh_portchk_blacklist(666, haddr_local, IPPROTO_TCP)); 1549 CuAssertTrue(tc, 0 != sh_portchk_blacklist(666, haddr_local, IPPROTO_TCP)); 1550 CuAssertTrue(tc, 0 == sh_portchk_blacklist(667, haddr_local, IPPROTO_TCP)); 1551 CuAssertTrue(tc, 0 == sh_portchk_blacklist(668, haddr_local, IPPROTO_TCP)); 1552 CuAssertTrue(tc, 0 == sh_portchk_blacklist(666, haddr_local, IPPROTO_UDP)); 1553 CuAssertTrue(tc, 0 != sh_portchk_blacklist(666, haddr_local, IPPROTO_UDP)); 1554 CuAssertTrue(tc, 0 == sh_portchk_blacklist(667, haddr_local, IPPROTO_UDP)); 1555 CuAssertTrue(tc, 0 == sh_portchk_blacklist(668, haddr_local, IPPROTO_UDP)); 1556 1557 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(668, haddr_local, IPPROTO_UDP)); 1558 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(667, haddr_local, IPPROTO_UDP)); 1559 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(666, haddr_local, IPPROTO_UDP)); 1560 CuAssertTrue(tc, 0 == sh_portchk_is_blacklisted(665, haddr_local, IPPROTO_UDP)); 1561 1562 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(668, haddr_local, IPPROTO_TCP)); 1563 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(667, haddr_local, IPPROTO_TCP)); 1564 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(666, haddr_local, IPPROTO_TCP)); 1565 CuAssertTrue(tc, 0 == sh_portchk_is_blacklisted(665, haddr_local, IPPROTO_TCP)); 1355 1566 #else 1356 1567 (void) tc; /* fix compiler warning */ -
trunk/src/sh_suidchk.c
r143 r149 164 164 165 165 extern unsigned long sh_files_maskof (int class); 166 167 static void set_defaults (void) 168 { 169 ShSuidchkActive = S_TRUE; 170 ShSuidchkInterval = 7200; 171 ShSuidchkFps = 0; 172 ShSuidchkNosuid = S_FALSE; 173 ShSuidchkYield = S_FALSE; 174 ShSuidchkQEnable = S_FALSE; 175 ShSuidchkQMethod = SH_Q_CHANGEPERM; 176 ShSuidchkQDelete = S_FALSE; 177 ShSuidchkSeverity = SH_ERR_SEVERE; 178 if (ShSuidchkExclude != NULL) 179 SH_FREE(ShSuidchkExclude); 180 ShSuidchkExclude = NULL; 181 ExcludeLen = 0; 182 183 FileLimNow = 0; 184 FileLimStart = 0; 185 FileLimNum = 0; 186 FileLimTotal = 0; 187 188 return; 189 } 166 190 167 191 /* Recursively descend into the directory to make sure that … … 1320 1344 1321 1345 1322 intsh_suidchk_free_schedule ()1346 static void sh_suidchk_free_schedule () 1323 1347 { 1324 1348 sh_schedule_t * current = ShSuidchkSched; … … 1332 1356 } 1333 1357 ShSuidchkSched = NULL; 1334 return 0; 1358 return; 1359 } 1360 1361 int sh_suidchk_reconf () 1362 { 1363 sh_suidchk_free_schedule(); 1364 set_defaults(); 1335 1365 } 1336 1366 -
trunk/src/sh_unix.c
r143 r149 2881 2881 int sh_unix_get_ftype(char * fullpath) 2882 2882 { 2883 char c_mode[ 16];2883 char c_mode[CMODE_SIZE]; 2884 2884 struct stat buf; 2885 2885 ShFileType type; … … 3449 3449 /* --- Determine file type. --- 3450 3450 */ 3451 memset (theFile->c_mode, '-', 10);3452 theFile->c_mode[ 10] = '\0';3453 3454 memset (theFile->link_c_mode, '-', 10);3455 theFile->link_c_mode[ 10] = '\0';3451 memset (theFile->c_mode, '-', CMODE_SIZE-1); 3452 theFile->c_mode[CMODE_SIZE-1] = '\0'; 3453 3454 memset (theFile->link_c_mode, '-', CMODE_SIZE-1); 3455 theFile->link_c_mode[CMODE_SIZE-1] = '\0'; 3456 3456 3457 3457 sh_unix_getinfo_type (&buf, &type, theFile->c_mode); … … 3462 3462 /* --- Determine file attributes. --- 3463 3463 */ 3464 memset (theFile->c_attributes, '-', 12);3465 theFile->c_attributes[ 12] = '\0';3464 memset (theFile->c_attributes, '-', ATTRBUF_SIZE); 3465 theFile->c_attributes[ATTRBUF_USED] = '\0'; 3466 3466 theFile->attributes = 0; 3467 3467 -
trunk/src/sh_userfiles.c
r140 r149 390 390 userFiles = NULL; 391 391 392 ShUserfilesActive = S_TRUE; 393 392 394 SL_RETURN(0, _("sh_userfiles_reconf")); 393 395 } -
trunk/src/sh_utils.c
r148 r149 2020 2020 } 2021 2021 2022 int sh_util_isnum (c har *str)2023 { 2024 c har *p = str;2022 int sh_util_isnum (const char *str) 2023 { 2024 const char *p = str; 2025 2025 2026 2026 SL_ENTER(_("sh_util_isnum")); … … 2036 2036 } 2037 2037 2038 char * sh_util_strconcat (const char * arg1, ...) 2038 char * sh_util_strconcat (const char * arg1, ...) 2039 2039 { 2040 2040 size_t length, l2; -
trunk/src/sh_utmp.c
r144 r149 227 227 }; 228 228 229 int sh_utmp_null() 230 { 231 return 0; 232 } 233 234 229 static void set_defaults(void) 230 { 231 ShUtmpLoginSolo = SH_ERR_INFO; 232 ShUtmpLoginMulti = SH_ERR_WARN; 233 ShUtmpLogout = SH_ERR_INFO; 234 ShUtmpActive = S_TRUE; 235 ShUtmpInterval = 300; 236 return; 237 } 235 238 236 239 … … 535 538 * can be re-enabled. 536 539 */ 537 ShUtmpActive = S_TRUE;540 set_defaults(); 538 541 init_done = 0; 539 542 SL_RETURN( (0), _("sh_utmp_end")); 543 } 544 545 int sh_utmp_reconf() 546 { 547 set_defaults(); 548 return 0; 540 549 } 541 550 -
trunk/test/testrun_1e.sh
r128 r149 23 23 export BUILDOPTS 24 24 25 MAXTEST=3; export MAXTEST 25 MAXTEST=4; export MAXTEST 26 27 PORTPOLICY_4=" 28 [ReadOnly] 29 file=${BASE} 30 [PortCheck] 31 PortCheckActive = yes 32 PortCheckUDP = no 33 " 34 35 chk_portdata_4 () { 36 one_sec_sleep 37 38 egrep 'CRIT.*POLICY \[ServiceNew\]' $LOGFILE >/dev/null 2>&1 39 if [ $? -eq 0 ]; then 40 41 [ -z "$verbose" ] || log_msg_fail "Open ports"; 42 return 1 43 fi 44 } 45 46 refine_portpolicy_4 () 47 { 48 cat "$LOGFILE" | grep ServiceNew | sed 's/.*port //' | awk '{ print $1 }' | \ 49 while read line; do 50 echo "PortCheckSkip=$line" >>"${RCFILE}" 51 done 52 echo "PortCheckIgnore=2026/tcp" >>"${RCFILE}" 53 echo "PortCheckIgnore=2027/udp" >>"${RCFILE}" 54 echo "PortCheckIgnore=2028/tcp" >>"${RCFILE}" 55 echo "PortCheckIgnore=2029/udp" >>"${RCFILE}" 56 } 26 57 27 58 PORTPOLICY_3=" … … 50 81 echo "PortCheckIgnore=$line" >>"${RCFILE}" 51 82 done 52 echo "PortCheckIgnore=2026 " >>"${RCFILE}"53 echo "PortCheckIgnore=2027 " >>"${RCFILE}"54 echo "PortCheckIgnore=2028 " >>"${RCFILE}"55 echo "PortCheckIgnore=2029 " >>"${RCFILE}"83 echo "PortCheckIgnore=2026/tcp" >>"${RCFILE}" 84 echo "PortCheckIgnore=2027/udp" >>"${RCFILE}" 85 echo "PortCheckIgnore=2028/tcp" >>"${RCFILE}" 86 echo "PortCheckIgnore=2029/udp" >>"${RCFILE}" 56 87 } 57 88
Note:
See TracChangeset
for help on using the changeset viewer.
