Changeset 226

Timestamp:

Apr 18, 2009, 5:55:37 PM (16 years ago)

Author:

katerina

Message:

Fix for ticket #151 (incorrect hostname insertion into db when relaying).

Location:

trunk

Files:

• configure.ac (modified) (1 diff)
• docs/Changelog (modified) (1 diff)
• src/sh_database.c (modified) (3 diffs)
• src/sh_utils.c (modified) (2 diffs)
• test/testrun_2a.sh (modified) (1 diff)
• test/testrun_2c.sh (modified) (9 diffs)

trunk/configure.ac

@@ -12 +12 @@
 dnl start
 dnl
-AM_INIT_AUTOMAKE(samhain, 2.5.4)
+AM_INIT_AUTOMAKE(samhain, 2.5.5)
 AC_DEFINE([SAMHAIN], 1, [Application is samhain])
 AC_CANONICAL_HOST

trunk/docs/Changelog

@@ -1 @@
-2.5.4:
+2.5.5:
+        * fix for incorrect handling of hostnames in database insertion
+          (reported by byron)
+        
+2.5.4 (04-03-2009):
         * fix for incorrect input check in SRP implementation (discovered
           by Thomas Ptacek)

trunk/src/sh_database.c

@@ -1766 +1766 @@
 /* recursively enter linked list of messages into database, last first
  */
-long sh_database_insert_rec (dbins * curr, int depth)
+long sh_database_insert_rec (dbins * curr, int depth, char * host)
 {
   unsigned long    id = 0;
-  dbins * prev;
 
   SL_ENTER(_("sh_database_insert_rec"));
@@ -1775 +1774 @@
   if (curr->next)
     {
+      /*
       prev = curr->next;
       sl_strlcpy(prev->host, curr->host, 64);
       id = sh_database_insert_rec (curr->next, (depth + 1));
-    }
+      */
+      ++depth;
+      id = sh_database_insert_rec (curr->next, depth, curr->host);
+    }
+
+  if (host) 
+    sl_strlcpy(curr->host, host, 64);
 
   if (id != 0)                       /* this is a server wrapper          */
@@ -1818 +1824 @@
   /* recursively enter the linked list into the database
    */
-  (void) sh_database_insert_rec (db_entry, 0);
+  (void) sh_database_insert_rec (db_entry, 0, NULL);
 
   SL_RETURN(0, _("sh_database_insert"));

trunk/src/sh_utils.c

@@ -2107 +2107 @@
 
   
-size_t sh_util_base64_enc (unsigned char * out, const unsigned char * instr, 
+size_t sh_util_base64_enc (unsigned char * out, 
+                           const unsigned char * instr, 
                            size_t lin)
 {
@@ -2171 +2172 @@
 }
 
-size_t sh_util_base64_dec (unsigned char *out, const unsigned char *in, 
+size_t sh_util_base64_dec (unsigned char *out, 
+                           const unsigned char *in, 
                            size_t lin)
 {

trunk/test/testrun_2a.sh

@@ -229 +229 @@
         chmod 644 ./rc.${ALTHOST}
         chmod 644 ./file.${ALTHOST}
+
+        echo $SHPW > ./testpw
 }
 

trunk/test/testrun_2c.sh

@@ -19 +19 @@
 # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 #
+LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE
+RCFILE="$PW_DIR/testrc_2";  export RCFILE
+HTML="$PW_DIR/yule.html";  export HTML
 
 SERVER_BUILDOPTS="--quiet  $TRUST --enable-xml-log --enable-debug --enable-network=server --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2 --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-logserver=${SH_LOCALHOST}  --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-database=mysql"; export SERVER_BUILDOPTS
@@ -24 +27 @@
 CLIENT_BUILDOPTS="--quiet  $TRUST --prefix=$PW_DIR --with-tmp-dir=$PW_DIR --localstatedir=$PW_DIR --enable-network=client --disable-mail --disable-external-scripts --enable-login-watch --enable-xml-log --enable-db-reload --with-logserver=localhost --with-config-file=REQ_FROM_SERVER$PW_DIR/testrc_2 --with-data-file=REQ_FROM_SERVER$PW_DIR/.samhain_file --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock"; export CLIENT_BUILDOPTS
 
-MAXTEST=3; export MAXTEST
+MAXTEST=4; export MAXTEST
+
+do_test_1_c () {
+
+        [ -z "$verbose" ] || { 
+            echo; 
+            echo "${S}Start Server${E}: ./yule -l info -p none &"; 
+            echo; 
+        }
+
+        rm -f test_log_valgrind
+
+        ${VALGRIND} ./yule.2 -q -l info -p none >/dev/null 2>>test_log_valgrind &
+        PROC_Y2=$!
+        five_sec_sleep
+
+        [ -z "$verbose" ] || { 
+            echo; 
+            echo "${S}Start Server #2${E}: ./yule.2 -l info -p none &"; 
+            echo; 
+        }
+
+        ${VALGRIND} ./yule -l info -p none -e info --bind-address=127.0.0.1 \
+            --server-port=49778 >/dev/null 2>>test_log_valgrind &
+        PROC_Y=$!
+        five_sec_sleep
+
+        [ -z "$verbose" ] || { 
+            echo; 
+            echo "${S}Start Client${E}: ./samhain.new -l none -p none -e info -t check"; 
+            echo; 
+        }
+
+        ${VALGRIND} ./samhain.new -t check -p none -l none -e info --bind-address=127.0.0.1 >/dev/null 2>>test_log_valgrind
+        if test x$? = x0; then
+            [ -z "$verbose" ] || log_msg_ok    "samhain.new -t check";
+        else
+            [ -z "$quiet" ]   && log_msg_fail  "samhain.new -t check";
+            kill $PROC_Y
+            kill $PROC_Y2
+            return 1
+        fi
+
+        kill $PROC_Y
+        kill $PROC_Y2
+        five_sec_sleep
+
+        # cp ${LOGFILE}  triple_test
+        # cp ${LOGFILE}2 triple_test_2
+
+        egrep "START(>|\").*Yule(>|\")" ${LOGFILE}2 >/dev/null 2>&1
+        if [ $? -ne 0 ]; then
+            [ -z "$verbose" ] || log_msg_fail "Server #2 start";
+            return 1
+        fi
+        egrep "remote_host.*Checking.*/bin" ${LOGFILE}2 >/dev/null 2>&1
+        if [ $? -ne 0 ]; then
+            [ -z "$verbose" ] || log_msg_fail "Client file check (relayed)";
+            return 1
+        fi
+        egrep "remote_host.*EXIT.*Samhain" ${LOGFILE}2 >/dev/null 2>&1
+        if [ $? -ne 0 ]; then
+            [ -z "$verbose" ] || log_msg_fail "Client exit (relayed)";
+            return 1
+        fi
+        egrep "EXIT.*Yule.*SIGTERM" ${LOGFILE}2 >/dev/null 2>&1
+        if [ $? -ne 0 ]; then
+            [ -z "$verbose" ] || log_msg_fail "Server #2 exit";
+            return 1
+        fi
+
+
+        egrep "START(>|\").*Yule(>|\")" $LOGFILE >/dev/null 2>&1
+        if [ $? -ne 0 ]; then
+            [ -z "$verbose" ] || log_msg_fail "Server start";
+            return 1
+        fi
+        egrep "NEW CLIENT" $LOGFILE >/dev/null 2>&1
+        if [ $? -ne 0 ]; then
+            [ -z "$verbose" ] || log_msg_fail "Client connect";
+            return 1
+        fi
+        egrep "remote_host.*Checking.*/bin" $LOGFILE >/dev/null 2>&1
+        if [ $? -ne 0 ]; then
+            [ -z "$verbose" ] || log_msg_fail "Client file check";
+            return 1
+        fi
+        egrep "remote_host.*EXIT.*Samhain" $LOGFILE >/dev/null 2>&1
+        if [ $? -ne 0 ]; then
+            [ -z "$verbose" ] || log_msg_fail "Client exit";
+            return 1
+        fi
+        egrep "EXIT.*Yule.*SIGTERM" $LOGFILE >/dev/null 2>&1
+        if [ $? -ne 0 ]; then
+            [ -z "$verbose" ] || log_msg_fail "Server exit";
+            return 1
+        fi
+
+        [ -z "$VALGRIND" ] || {
+            tmp=`cat test_log_valgrind 2>/dev/null | wc -l`;
+            if [ $tmp -ne 0 ]; then
+                [ -z "$verbose" ] || log_msg_fail "valgrind reports errors";
+                cat test_log_valgrind
+                return 1;
+            fi;
+        }
+
+        return 0
+}
 
 testrun_threesockets () {
@@ -152 +263 @@
     testrun2a_internal
     #
+    # BUILD Server 2
+    #
+    cp ./yule ./yule.orig
+
+        ${TOP_SRCDIR}/configure --quiet  $TRUST --enable-debug --enable-network=server  --enable-xml-log --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=${RCFILE}2  --with-log-file=${LOGFILE}2 --with-pid-file=$PW_DIR/.samhain_lock2 --with-html-file=${HTML}2 --with-state-dir=$PW_DIR --with-port=49778 --with-database=mysql
+        #
+        if test x$? = x0; then
+                [ -z "$verbose" ] ||     log_msg_ok "configure..."; 
+                $MAKE  > /dev/null 2>>test_log
+                if test x$? = x0; then
+                    [ -z "$verbose" ] || log_msg_ok "make..."; 
+                else
+                    [ -z "$quiet" ] &&   log_msg_fail "make..."; 
+                    return 1
+                fi
+
+        else
+                [ -z "$quiet" ] &&       log_msg_fail "configure...";
+                return 1
+        fi
+
+        cp yule yule.2 || return 1
+        #
+    cp ./yule.orig ./yule
+        #
+        SHPW=`cat ./testpw`
+
+        if test x"$SHPW" = x; then
+            [ -z "$quiet" ]   && log_msg_fail  "password not generated -- aborting"
+            return 1
+        fi
+
+        rm -f ./testpw
+
+        ./samhain_setpwd yule new $SHPW >/dev/null
+
+        if test x$? = x0; then
+            [ -z "$verbose" ] || log_msg_ok    "./samhain_setpwd yule new $SHPW";
+        else
+            [ -z "$quiet" ]   && log_msg_fail  "./samhain_setpwd yule new $SHPW";
+            return 1
+        fi
+
+
+        $MAKE clean >/dev/null || return 1
+    mv yule.new yule || return 1
+    #
     ORIGINAL="DatabaseSeverity=none"
     REPLACEMENT="DatabaseSeverity=info"
@@ -160 +318 @@
     #
     do_test_1_a
+    #
     if [ $? -ne 0 ]; then
         [ -z "$quiet" ] && log_fail 1 ${MAXTEST} "Client/server w/mysql";
@@ -171 +330 @@
         fi
     fi
+    #
+    cp testrc_2 testrc_22
+    ORIGINAL="DatabaseSeverity=none"
+    REPLACEMENT="DatabaseSeverity=info"
+    ex -s $RCFILE <<EOF
+%s/$REPLACEMENT/$ORIGINAL/g
+wq
+EOF
+    #
+    do_test_1_c
+    #
+    if [ $? -ne 0 ]; then
+        [ -z "$quiet" ] && log_fail 2 ${MAXTEST} "Client/server (relay) w/mysql";
+    else
+    #
+        check_mysql_log "${DATE}"
+        if [ $? -ne 0 ]; then
+            [ -z "$quiet" ] && log_fail 2 ${MAXTEST} "Client/server (relay) w/mysql";
+        else
+            [ -z "$quiet" ] && log_ok   2 ${MAXTEST} "Client/server (relay) w/mysql";
+        fi
+    fi
+    #
     #
     if [ -f ./yule ]; then
@@ -177 +359 @@
         netstat -pant 2>/dev/null | grep 49777 | grep yule >/dev/null 2>&1
         if [ $? -ne 0 ]; then
-            [ -z "$quiet" ] && log_fail 2 ${MAXTEST} "Client/server w/mysql";
+            [ -z "$quiet" ] && log_fail 3 ${MAXTEST} "Client/server w/mysql";
         else
             NSOCK=`netstat -pand 2>/dev/null | grep STREAM | grep yule | wc -l`
             if [ $NSOCK -ne 2 ]; then
-                [ -z "$quiet" ] && log_fail 2 ${MAXTEST} "Three sockets open";
+                [ -z "$quiet" ] && log_fail 3 ${MAXTEST} "Three sockets open";
                 netstat -pand 2>/dev/null | grep yule 
             else
-                [ -z "$quiet" ] && log_ok   2 ${MAXTEST} "Three sockets open";
+                [ -z "$quiet" ] && log_ok   3 ${MAXTEST} "Three sockets open";
             fi
         fi
@@ -190 +372 @@
         kill $PID
     else
-        log_fail 2 ${MAXTEST} "Three sockets open";
+        log_fail 3 ${MAXTEST} "Three sockets open";
     fi
     #
     GPG=`find_path gpg`
     if [ -z "$GPG" ]; then
-        log_skip 3 $MAXTEST 'gpg not found in $PATH'
+        log_skip 4 $MAXTEST 'gpg not found in $PATH'
     else
         eval "$GPG" --list-keys 0F571F6C >/dev/null 2>/dev/null
         if [ $? -ne 0 ]; then
-            log_skip 3 $MAXTEST 'public PGP key 0x0F571F6C not present'
+            log_skip 4 $MAXTEST 'public PGP key 0x0F571F6C not present'
         else
             testrun_threesockets "$GPG"
@@ -208 +390 @@
                 netstat -pant 2>/dev/null | grep 49777 | grep yule >/dev/null 2>&1
                 if [ $? -ne 0 ]; then
-                    [ -z "$quiet" ] && log_fail 3 ${MAXTEST} "Three sockets open (gpg)";
+                    [ -z "$quiet" ] && log_fail 4 ${MAXTEST} "Three sockets open (gpg)";
                 else
                     NSOCK=`netstat -pand 2>/dev/null | grep STREAM | grep yule | wc -l`
                     if [ $NSOCK -ne 2 ]; then
-                        [ -z "$quiet" ] && log_fail 3 ${MAXTEST} "Three sockets open (gpg)";
+                        [ -z "$quiet" ] && log_fail 4 ${MAXTEST} "Three sockets open (gpg)";
                         netstat -pand 2>/dev/null | grep yule 
                     else
-                        [ -z "$quiet" ] && log_ok   3 ${MAXTEST} "Three sockets open (gpg)";
+                        [ -z "$quiet" ] && log_ok   4 ${MAXTEST} "Three sockets open (gpg)";
                     fi
                 fi
@@ -221 +403 @@
                 kill $PID
             else
-                log_fail 3 ${MAXTEST} "Three sockets open (gpg)";
+                log_fail 4 ${MAXTEST} "Three sockets open (gpg)";
             fi
         fi