Date: Wed, 28 Jul 2010 08:21:35 GMT From: Sergio Ligregni <ligregni@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 181467 for review Message-ID: <201007280821.o6S8LZaf009145@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@181467?ac=10 Change 181467 by ligregni@ligPhenom on 2010/07/26 04:37:28 Modifications made because of MidTerm Affected files ... .. //depot/projects/soc2010/disaudit/damasterd.c#5 edit .. //depot/projects/soc2010/disaudit/damasterd.h#5 delete .. //depot/projects/soc2010/disaudit/msocket_work.c#5 edit .. //depot/projects/soc2010/disaudit/shipd.c#8 edit .. //depot/projects/soc2010/disaudit/shipd.h#8 delete .. //depot/projects/soc2010/disaudit/ssocket_work.c#6 edit .. //depot/projects/soc2010/disaudit/ssocket_work.h#6 edit Differences ... ==== //depot/projects/soc2010/disaudit/damasterd.c#5 (text+ko) ==== @@ -27,22 +27,43 @@ /*** INCLUDES ***/ -#include "damasterd.h" +#include "msocket_work.h" +#include "utils.h" + +#include <ctype.h> +#include <dirent.h> #include <fcntl.h> -#include "msocket_work.h" +#include <stdarg.h> #include <stdio.h> #include <stdlib.h> #include <string.h> -#include <dirent.h> #include <syslog.h> -#include <stdarg.h> +#include <time.h> +#include <unistd.h> + #include <sys/types.h> -#include <sys/md5.h> +#include <sha256.h> +#include <sys/socket.h> #include <sys/stat.h> -#include <time.h> + +#include <netinet/in.h> +#include <netdb.h> + +#include <arpa/inet.h> + +#define AUDIT_DAMASTERD_FILE "/etc/security/damasterd_control" /*** DECLARATIONS ***/ +/* local prototypes */ +static int check_files_equal(char *pathslave, char *md5slave, char *hostname, + char *path, char *fullpath); +static int do_master_daemon(); +static int get_parameters(); +static int process_request(int sfd, struct sockaddr *clientinfo); +static int receive_trail(int sfd, struct sockaddr *clientinfo); +static int search_trail(int sfd, struct sockaddr *clientinfo); + /* Directory settings took from audit_control */ char slave_trails_dir[MAX_DIR_SIZE + 1]; char *ptr_std; @@ -54,9 +75,6 @@ /* Port number */ int port_number; -/* The destination of the messages are controlled by this variable */ -int debug; - /* * The searching for a trail by it's name, * or by it's name & origin host, this is for example, @@ -71,20 +89,24 @@ */ int lookup_host; -/* Socket buffer management */ -char buffer[MAX_BUF_SIZE + 1]; -int brecv; - +/* + * DAMasterD + * Distributed Audit Master Daemon + * + * This program runs on a master system, in order + * to receive the trails (and perform the appropiate naming + * and pathing) from the slave systems, when not runs with + * debug option, it daemonize itself + */ +int main(int argc, char *argv[]) { char cl_opt; - int last = 0; debug = 0; while ((cl_opt = getopt(argc, argv, "dl")) != -1) - switch (cl_opt) - { + switch (cl_opt) { case 'd': /* Debug option */ debug = 1; @@ -92,24 +114,24 @@ } /* If not debugging, daemonize the program */ - if (debug == 0 && daemon(0,0) != 0) - { + if (debug == 0 && daemon(0,0) != 0) { perror("Can't daemonize, exiting!"); exit(1); } /* Set the directory path, the host address, the panic level */ - if (get_parameters() == -1) - { + if (get_parameters() == -1) { to_log("Can't get the parameters to work!"); exit(1); } ptr_std = slave_trails_dir + strlen(slave_trails_dir); - /* There is no shipd enabled and it wasn't called by AUDIT (normally the unique way to get 'last' on) */ - if (panic_level == 0) - { + /* + * There is no shipd enabled and it wasn't called by AUDIT (normally + * the unique way to get 'last' on). + */ + if (panic_level == 0) { to_log("DAMasterd disabled"); exit(0); } @@ -117,57 +139,40 @@ if (do_master_daemon() == -1) exit(1); - return 0; + return (0); } -void -to_log(char *message) -{ -return; - if (debug) - perror(message); - else - syslog(LOG_ERR, "%s", message); -} - - +static int do_master_daemon() { int socketfd, newsockfd, childpid; char message[256]; - char client_host[256]; struct sockaddr clientinfo; - if ((socketfd = init_socket(port_number)) < 0) - { - sprintf(message, "Error initializing socket on port %d", port_number); + if ((socketfd = init_socket(port_number)) < 0) { + sprintf(message, "Error initializing socket on port %d", + port_number); to_log(message); - return -1; + return (-1); } - while (1) - { + while (1) { newsockfd = accept_connection(socketfd, &clientinfo); - if (newsockfd < 0) - { + if (newsockfd < 0) { sprintf(message, "Error accepting client connections"); to_log(message); - return -1; + return (-1); } - if (!debug && (childpid = fork()) < 0) - { + if (!debug && (childpid = fork()) < 0) { to_log("Error forking the process"); - return -1; - } - else if (debug || childpid == 0) - { - if (process_request(newsockfd, &clientinfo) == -1) - { + return (-1); + } else if (debug || childpid == 0) { + if (process_request(newsockfd, &clientinfo) == -1) { to_log("Error processing client's request"); - return -1; + return (-1); } if (!debug) close(socketfd); @@ -178,22 +183,26 @@ usleep(1000); } - return 0; + return (0); } +static int get_parameters() { - /* GSoC: using an special file, intended to include this values at audit_control */ - FILE *fpars = fopen("/etc/security/damasterd_control", "r"); + /* + * GSoC: using an special file, intended to include this values at + * audit_control + */ + FILE *fpars = fopen(AUDIT_DAMASTERD_FILE, "r"); char sslave_dirs[10]; char lkup_host[10]; if (!fpars) - return -1; + return (-1); if (feof(fpars)) - return -1; + return (-1); fscanf(fpars, "%s", slave_trails_dir); fscanf(fpars, "%s", sslave_dirs); @@ -211,114 +220,128 @@ else lookup_host = 0; - return 0; + return (0); } +static int process_request(int sfd, struct sockaddr *clientinfo) { int res = 0; char opt[2]; - get_from_socket(sfd, opt); + get_from_socket(sfd, opt, sizeof (opt)); while (res != -1) { switch(opt[0]) { - case '0': /* The process is finished */ + case '0': + /* The process is finished */ return 0; break; - case '1': /* The request is about searching for a file */ + case '1': + /* The request is about searching for a file */ res = search_trail(sfd, clientinfo); break; - case '2': /* The request is about receiving a trail */ + case '2': + /* The request is about receiving a trail */ res = receive_trail(sfd, clientinfo); break; default: to_log("Can't understand user's request!"); } - get_from_socket(sfd, opt); + get_from_socket(sfd, opt, sizeof (opt)); } close(sfd); - return res; + return (res); } +static int search_trail(int sfd, struct sockaddr *clientinfo) { DIR *dp; struct dirent *dirp; struct stat statbuf; - char fullpath[MAX_PATH_SIZE + 1]; char *ptr; char hbuf[NI_MAXHOST+1]; - char message[MAX_PATH_SIZE + 50]; + char message[MAX_PATH_SIZE + MESSAGE_DESC_SIZE]; char hostname[NI_MAXHOST+1]; - char pathslave[MAX_TRAILPATH_SIZE+1], md5slave[33]; + char pathslave[MAX_TRAILPATH_SIZE+1], sha256slave[SHA256_SIZE]; char dirpath[MAX_DIR_SIZE+1]; char found_trail[] = "n"; - get_from_socket(sfd, pathslave); - get_from_socket(sfd, md5slave); + get_from_socket(sfd, pathslave, sizeof (pathslave)); + get_from_socket(sfd, sha256slave, sizeof (sha256slave)); - strcpy(hostname, inet_ntoa(((struct sockaddr_in *) clientinfo)->sin_addr)); + strlcpy(hostname, + inet_ntoa(((struct sockaddr_in *) clientinfo)->sin_addr), + sizeof (hostname)); - if (getnameinfo(clientinfo, clientinfo->sa_len, hbuf, sizeof(hbuf), NULL, 0, NI_NAMEREQD)) + if (getnameinfo(clientinfo, clientinfo->sa_len, hbuf, sizeof(hbuf), + NULL, 0, NI_NAMEREQD)) to_log("Couldn't resolve hostname, using IP address"); else - strcpy(hostname, hbuf); + strlcpy(hostname, hbuf, sizeof (hostname)); - sprintf(message, "Looking for \"%s\" from \"%s\" with MD5: \"%s\"", pathslave, hostname, md5slave); + snprintf(message, sizeof(message), + "Looking for \"%s\" from \"%s\" with SHA256: \"%s\"", pathslave, + hostname, sha256slave); to_log(message); - strcpy(dirpath, slave_trails_dir); + strlcpy(dirpath, slave_trails_dir, sizeof (dirpath)); - if (slave_dirs) - { - strcat(dirpath, "/"); - strcat(dirpath, hostname); + if (slave_dirs) { + strlcat(dirpath, "/", sizeof (dirpath)); + strlcat(dirpath, hostname, sizeof (dirpath)); } - /* Setting the fullpath to search */ - /* Fancy way to use the fullpath */ - strcpy(fullpath, dirpath); - ptr = fullpath + strlen(fullpath); - *ptr = '/'; - *(++ptr) = 0; - - if ( !(dp = opendir(dirpath)) ) - { + if ( !(dp = opendir(dirpath)) ) { to_log("Can't open slave trails' directory"); send_to_socket(sfd, "n"); - return 1; + return (1); } - /* We must count the elements (just the valid ones, this is: the trails) of the directory */ - while (strcmp(found_trail, "y") && (dirp = readdir(dp)) != NULL ) - if (strcmp(dirp->d_name, ".") && strcmp(dirp->d_name, "..")) /* We have other than . or .. */ - { - strcpy(ptr, dirp->d_name); + /* + * We must count the elements (just the valid ones, this is: the + * trails) of the directory. + */ + while ('n' == found_trail[0] && (dirp = readdir(dp)) != NULL ) + if (strcmp(dirp->d_name, ".") && strcmp(dirp->d_name, "..")) { + /* We have other than . or .. */ + + asprintf(&ptr, "%s/%s", dirpath, dirp->d_name); - if ( stat(fullpath, &statbuf) < 0 ) + if ( stat(ptr, &statbuf) < 0 ) { to_log("Stat error!"); return -1; } - if (S_ISDIR(statbuf.st_mode) == 0) /* It's not a directory */ - if ( check_files_equal(pathslave, md5slave, hostname, dirp->d_name, fullpath) ) /* Check that the trails are the same name + MD5 */ - strcpy(found_trail, "y"); + if (S_ISDIR(statbuf.st_mode) == 0) { + /* It's not a directory */ + if ( check_files_equal(pathslave, sha256slave, + hostname, dirp->d_name, ptr) ) { + /* + * Check that the trails are the same + * name + SHA256 + */ + found_trail[0] = 'y'; + } + } + free(ptr); } closedir(dp); - sprintf(message, "The search for %s resulted: %s\n", pathslave, found_trail[0] == 'y' ? "YES" : "NO"); + snprintf(message, sizeof (message), "The search for %s resulted: %s\n", + pathslave, ('y' == found_trail[0]) ? "YES" : "NO"); send_to_socket(sfd, found_trail); - return 1; + return (1); } /* @@ -329,103 +352,82 @@ * of the trails name */ -check_files_equal(char *pathslave, char *md5slave, char *hostname, char *path, char *fullpath) +static int +check_files_equal(char *pathslave, char *sha256slave, char *hostname, char *path, + char *fullpath) { char path_to_find[strlen(pathslave) + strlen(hostname) + 2]; - strcpy(path_to_find, pathslave); + strlcpy(path_to_find, pathslave, sizeof (path_to_find)); if (lookup_host) { - strcat(path_to_find, "."); - strcat(path_to_find, hostname); + strlcat(path_to_find, ".", sizeof (path_to_find)); + strlcat(path_to_find, hostname, sizeof (path_to_find)); } if (!strncmp(path, path_to_find, strlen(path_to_find))) { - char *md5 = (char *) malloc (sizeof(char) * 33); - md5 = MD5File(fullpath, md5); + char *sha256 = (char *) malloc (sizeof(char) * SHA256_SIZE); + sha256 = SHA256_File(fullpath, sha256); - if (!strcmp(md5, md5slave)) - return 1; + if (!strcmp(sha256, sha256slave)) + return (1); - free(md5); + free(sha256); } - return 0; + return (0); } -void -send_to_socket(int sfd, char *data) -{ - int len = strlen(data); - - send(sfd, &len, sizeof(int), 0); - send(sfd, data, len, 0); -} - -void -get_from_socket(int sfd, char *dest) -{ - int len, left; - char *ptr; - brecv = recv(sfd, buffer, sizeof(int), 0); - strncpy((char *) &len, buffer, sizeof(int)); - - left = len; - ptr = dest; - - while (left > 0) - { - brecv = recv(sfd, buffer, min(MAX_BUF_SIZE, left), 0); - buffer[brecv] = 0; - strcpy(ptr, buffer); - ptr += brecv; - left -= brecv; - } -} - +static int receive_trail(int sfd, struct sockaddr *clientinfo) { DIR *dp; char fullpath[MAX_PATH_SIZE + 1]; char hbuf[NI_MAXHOST+1]; - char message[MAX_PATH_SIZE + 50]; + char message[MAX_PATH_SIZE + MESSAGE_DESC_SIZE]; char hostname[NI_MAXHOST+1]; char pathslave[MAX_TRAILPATH_SIZE+1]; char dirpath[MAX_DIR_SIZE+1]; + char buffer[MAX_BUF_SIZE + 1]; + int brecv; time_t mtime; struct tm *ltime; unsigned file_size; int fd, bwrtn, bread; - get_from_socket(sfd, pathslave); + get_from_socket(sfd, pathslave, sizeof (pathslave)); - strcpy(hostname, inet_ntoa(((struct sockaddr_in *) clientinfo)->sin_addr)); + strlcpy(hostname, + inet_ntoa(((struct sockaddr_in *) clientinfo)->sin_addr), + sizeof (hostname)); - if (getnameinfo(clientinfo, clientinfo->sa_len, hbuf, sizeof(hbuf), NULL, 0, NI_NAMEREQD)) + if (getnameinfo(clientinfo, clientinfo->sa_len, hbuf, sizeof(hbuf), + NULL, 0, NI_NAMEREQD)) to_log("Couldn't resolve hostname, using IP address"); else - strcpy(hostname, hbuf); + strlcpy(hostname, hbuf, sizeof (hostname)); - sprintf(message, "Receiving \"%s\" from \"%s\"", pathslave, hostname); + snprintf(message, sizeof (message), "Receiving \"%s\" from \"%s\"", + pathslave, hostname); to_log(message); - strcpy(dirpath, slave_trails_dir); + strlcpy(dirpath, slave_trails_dir, sizeof (dirpath)); - if ( !(dp = opendir(dirpath)) ) - { - to_log("Can't open Slave trails dir, please create it or change the value at config files!"); - return -1; + if ( !(dp = opendir(dirpath)) ) { + to_log("Can't open Slave trails dir, please create it or" + " change the value at config files!"); + return (-1); } closedir(dp); if (slave_dirs) { - strcat(dirpath, "/"); - strcat(dirpath, hostname); + strlcat(dirpath, "/", sizeof (dirpath)); + strlcat(dirpath, hostname, sizeof (dirpath)); } if ( !(dp = opendir(dirpath)) ) @@ -440,75 +442,64 @@ else closedir(dp); - strcat(dirpath, "/"); + strlcat(dirpath, "/", sizeof (dirpath)); mtime = time(NULL); ltime = gmtime(&mtime); - sprintf(fullpath, "%s%s.%s.%04d%02d%02d%02d%02d%02d", - dirpath, - pathslave, - hostname, - ltime->tm_year + 1900, - ltime->tm_mon + 1, - ltime->tm_mday, - ltime->tm_hour, - ltime->tm_min, - ltime->tm_sec); - sprintf(message, "Create: %s", fullpath); + snprintf(fullpath, sizeof(fullpath), "%s%s.%s.%04d%02d%02d%02d%02d%02d", + dirpath, pathslave, hostname, ltime->tm_year + 1900, + ltime->tm_mon + 1, ltime->tm_mday, ltime->tm_hour, ltime->tm_min, + ltime->tm_sec); + snprintf(message, sizeof (message), "Create: %s", fullpath); to_log(message); /* We get the trail size */ recv(sfd, &file_size, sizeof(file_size), 0); fd = open(fullpath, O_CREAT | O_WRONLY); - if (fd < 0) - { + if (fd < 0) { to_log("Can't create the trail at master system"); - return -1; + return (-1); } - while (file_size) - { + while (file_size) { brecv = recv(sfd, &bread, sizeof(bread), 0); - if (brecv < 0) - { + if (brecv < 0) { to_log("Error receiving the file"); - return -1; + return (-1); } brecv = recv(sfd, buffer, bread, 0); - if (brecv < 0) - { + if (brecv < 0) { to_log("Error receiving the file"); - return -1; + return (-1); } else if (brecv == 0) break; bwrtn = write(fd, buffer, brecv); - if (bwrtn < 0 || bwrtn != brecv) - { + if (bwrtn < 0 || bwrtn != brecv) { to_log("Error writting the file"); - return -1; + return (-1); } file_size -= brecv; } - sprintf(message, "Master got: %s", fullpath); + snprintf(message, sizeof (message), "Master got: %s", fullpath); + to_log(message); close(fd); /* Change the permissions to be the same than the local trails */ - if (chmod(fullpath, S_IRUSR | S_IRGRP) < 0) - { + if (chmod(fullpath, S_IRUSR | S_IRGRP) < 0) { to_log("Error changing permissions"); - return -1; + return (-1); } - return 0; + return (0); } ==== //depot/projects/soc2010/disaudit/msocket_work.c#5 (text+ko) ==== @@ -25,16 +25,22 @@ * */ -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <arpa/inet.h> +#include "utils.h" + #include <netdb.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> +#include <sys/types.h> +#include <sys/socket.h> + +#include <netinet/in.h> + +#include <arpa/inet.h> + +int init_socket(int port) { struct sockaddr_in sockaddr; @@ -45,7 +51,7 @@ if (sockfd < 0) { to_log("Cannot create socket!"); - return -1; + return (-1); } bzero(&sockaddr, sizeof(sockaddr)); @@ -57,18 +63,19 @@ if (bind(sockfd, (struct sockaddr *) &sockaddr, sizeof(sockaddr)) < 0) { to_log("Cannot bind to port"); - return -1; + return (-1); } listen(sockfd, 500); - return sockfd; + return (sockfd); } +int accept_connection(int sfd, struct sockaddr *clientinfo) { struct sockaddr_in clientaddr; - int clientlen = sizeof(clientaddr); + socklen_t clientlen = sizeof(clientaddr); int retval = 0; retval = accept(sfd, (struct sockaddr *) &clientaddr, &clientlen); @@ -76,6 +83,6 @@ if (retval >= 0) memcpy(clientinfo, &clientaddr, sizeof(struct sockaddr)); - return retval; + return (retval); } ==== //depot/projects/soc2010/disaudit/shipd.c#8 (text+ko) ==== @@ -27,36 +27,79 @@ /*** INCLUDES ***/ -#include "shipd.h" #include "ssocket_work.h" +#include "utils.h" + +#include <ctype.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <dirent.h> #include <syslog.h> #include <stdarg.h> +#include <unistd.h> + #include <sys/types.h> -#include <sys/md5.h> +#include <sha256.h> #include <sys/stat.h> +#define PANIC_DATE 2 +#define PANIC_ALL 3 + +#define DEL_FIRST 1 +#define DEL_LAST 2 +#define DEL_ALL 3 + +#define AUDIT_SHIPD_FILE "/etc/security/shipd_control" + + /*** DECLARATIONS ***/ +/* Trail Entries */ +typedef struct s_trail_entry +{ + char name[MAX_TRAILPATH_SIZE + 1]; + int found; + struct s_trail_entry *next; +} trail_entry; + /* Directory settings took from audit_control */ char audit_trails_dir[MAX_DIR_SIZE + 1]; char master_host[MAX_HOST_SIZE + 1]; +/*** local prototypes ***/ +static int add_trail_entry(trail_entry **root, char *name); +static int cmp_trails (const void *A, const void *B); +static void delete_trail_entry(trail_entry **root, int criteria, int number); +static void do_daemon(); +static void do_daemon_date(); +static void do_daemon_all(); +static void do_last(); +static int get_last_trail(char *path, size_t path_size); +static int get_parameters(); +static int is_audit_trail(char *path); +static int is_in_master(trail_entry *cur, int *first_found); +static void pll(trail_entry *root); +static int send_trail(trail_entry *cur); + /* The level of trust the shipping process will have (0 means disabled) */ int panic_level; /* The frequency the daemon will be checking the master's trail list */ int msec_freq; -/* Two main things to be set by this variable, if daemonize or not, and the destination of the messages */ -int debug; - /* Port number */ int port_number; +/* + * ShipD + * Shipping Daemon + * + * This program is checking, according to the panic_level variable + * the audit trail directories and send the trails to a master + * system, when no runs with debug option, it daemonize itself + */ +int main (int argc, char *argv[]) { char cl_opt; @@ -65,53 +108,67 @@ debug = 0; while ((cl_opt = getopt(argc, argv, "dl")) != -1) - switch (cl_opt) - { + switch (cl_opt) { case 'd': /* Debug option */ debug = 1; break; case 'l': - /* Last trail (when called by AUDIT when it closes the trail) */ + /* + * Last trail (when called by AUDIT when it + * closes the trail). + */ last = 1; break; } /* If not debugging, daemonize the program */ - if (debug == 0 && daemon(0,0) != 0) - { + if (debug == 0 && daemon(0,0) != 0) { perror("Can't daemonize, exiting!"); exit(1); } /* Set the directory path, the host address, the panic level */ - if (get_parameters() == -1) - { + if (get_parameters() == -1) { to_log("Can't get the parameters to work!"); exit(1); } - /* There is no shipd enabled and it wasn't called by AUDIT (normally the unique way to get 'last' on) */ - if (panic_level < 2 && last == 0) - { + /* + * There is no shipd enabled and it wasn't called by AUDIT (normally + * the unique way to get 'last' on). + */ + if (panic_level < 2 && last == 0) { to_log("Shipd disabled"); exit(0); } - /* This means that the daemon will only search for the last closed trail and send to the master system */ - if (last == 1) + /* + * This means that the daemon will only search for the last closed + * trail and send to the master system. + */ + if (last == 1) { do_last(); - else /* Otherwise, we will perform a permanent listing checking and sync them */ + } else { + /* + * Otherwise, we will perform a permanent listing checking and + * sync them. + */ do_daemon(); + } - return 0; + return (0); } +static int get_parameters() { - /* GSoC: using an special file, intended to include this values at audit_control */ - FILE *fpars = fopen("/etc/security/shipd_control", "r"); + /* + * GSoC: using an special file, intended to include this values at + * audit_control. + */ + FILE *fpars = fopen(AUDIT_SHIPD_FILE, "r"); if (!fpars) return -1; @@ -119,6 +176,10 @@ if (feof(fpars)) return -1; + /* + * XXX This parsing of the shipd_control file might need to be + * reworked a bit. -sson. + */ fscanf(fpars, "%s", audit_trails_dir); fscanf(fpars, "%s", master_host); fscanf(fpars, "%d", &panic_level); @@ -127,43 +188,34 @@ fclose(fpars); - return 0; -} - -void -to_log(char *message) -{ -return; - if (debug) - perror(message); - else - syslog(LOG_ERR, "%s", message); + return (0); } /* * Look for the last closed trail and - * send it + * send it. */ -void +static void do_last() { char last_trail[MAX_TRAILPATH_SIZE + 1]; - char message[MAX_PATH_SIZE + 30]; + char message[MAX_PATH_SIZE + MESSAGE_DESC_SIZE]; trail_entry *root = NULL; - if (get_last_trail(last_trail) == -1) + if (get_last_trail(last_trail, sizeof (last_trail)) == -1) to_log("Nothing to send!"); - sprintf(message, "Will send \"%s\" to %s", last_trail, master_host); + snprintf(message, sizeof (message), "Will send \"%s\" to %s", + last_trail, master_host); to_log(message); add_trail_entry(&root, last_trail); - if (send_trail(root) == -1) + if (send_trail(root) == -1) { to_log("Error sending the last trail"); - else - { - sprintf(message, "Successfully sent \"%s\" to %s", last_trail, master_host); + } else { + snprintf(message, sizeof (message), + "Successfully sent \"%s\" to %s", last_trail, master_host); to_log(message); } @@ -175,64 +227,76 @@ * closed trail in meaning of lexicographic * order (that is also a chronological one) */ -get_last_trail(char *path) +static int +get_last_trail(char *path, size_t path_size) { DIR *dp; struct dirent *dirp; struct stat statbuf; - char fullpath[MAX_PATH_SIZE + 1]; char *ptr; *path = 0; - if ( !(dp = opendir(audit_trails_dir)) ) - { + if ( !(dp = opendir(audit_trails_dir)) ) { to_log("Can't open directory"); return -1; } - strcpy(fullpath, audit_trails_dir); - ptr = fullpath + strlen(fullpath); - *ptr = '/'; - *(++ptr) = 0; + /* + * Here we will pass through the entire directory and get the path of + * the latest closed trail. + */ + while ( (dirp = readdir(dp)) != NULL ) + if (strcmp(dirp->d_name, ".") && strcmp(dirp->d_name, "..")) { + /* We have other than . or .. */ - /* Here we will pass through the entire directory and get the path of the latest closed trail */ + asprintf(&ptr, "%s/%s", audit_trails_dir, dirp->d_name); - while ( (dirp = readdir(dp)) != NULL ) - if (strcmp(dirp->d_name, ".") && strcmp(dirp->d_name, "..")) /* We have other than . or .. */ - { - strcpy(ptr, dirp->d_name); >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201007280821.o6S8LZaf009145>