diff --git a/src/config/config.c b/src/config/config.c index cab18cf72..b95217ad1 100644 --- a/src/config/config.c +++ b/src/config/config.c @@ -41,7 +41,6 @@ static int read_main_elements(const OS_XML *xml, int modules, const char *osremote = "remote"; /* Agent Config */ const char *osclient = "client"; /* Agent Config */ const char *oscommand = "command"; /* ? Config */ - const char *osreports = "reports"; /* Server Config */ const char *osactive_response = "active-response"; /* Agent Config */ while (node[i]) { @@ -113,10 +112,6 @@ static int read_main_elements(const OS_XML *xml, int modules, if ((modules & CAR) && (ReadActiveResponses(chld_node, d1, d2) < 0)) { goto fail; } - } else if (strcmp(node[i]->element, osreports) == 0) { - if ((modules & CREPORTS) && (Read_CReports(chld_node, d1, d2) < 0)) { - goto fail; - } } else { merror(XML_INVELEM, __local_name, node[i]->element); goto fail; @@ -154,16 +149,17 @@ int ReadConfig(int modules, const char *cfgfile, void *d1, void *d2) const char *xml_agent_profile = "profile"; int xml_ret = OS_ReadXML(cfgfile, &xml); + if (xml_ret < 0) { - char *tmpcfg; - tmpcfg = strdup(cfgfile); - const char *cfg_base = basename(tmpcfg); - if((strncmp(cfg_base, "agent.conf", 10)) == 0 && xml_ret == -2) { - debug2("WARN: Cannot open %s: %s", cfgfile, xml.err); - } else { - merror(XML_ERROR, __local_name, cfgfile, xml.err, xml.err_line); - } - return (OS_INVALID); + char *tmpcfg; + tmpcfg = strdup(cfgfile); + const char *cfg_base = basename(tmpcfg); + if((strncmp(cfg_base, "agent.conf", 10)) == 0 && xml_ret == -2) { + debug2("WARN: Cannot open %s: %s", cfgfile, xml.err); + } else { + merror(XML_ERROR, __local_name, cfgfile, xml.err, xml.err_line); + } + return(OS_INVALID); } node = OS_GetElementsbyNode(&xml, NULL); diff --git a/src/config/reports-config.c b/src/config/reports-config.c deleted file mode 100644 index 4bedfee72..000000000 --- a/src/config/reports-config.c +++ /dev/null @@ -1,188 +0,0 @@ -/* Copyright (C) 2009 Trend Micro Inc. - * All right reserved. - * - * This program is a free software; you can redistribute it - * and/or modify it under the terms of the GNU General Public - * License (version 2) as published by the FSF - Free Software - * Foundation - */ - -#include "shared.h" -#include "reports-config.h" -#include "config.h" - - -/* Filter argument */ -static int _filter_arg(char *mystr) -{ - if (!mystr) { - return (0); - } - - while (*mystr) { - if ((*mystr >= 'a' && *mystr <= 'z') || - (*mystr >= 'A' && *mystr <= 'Z') || - (*mystr >= '0' && *mystr <= '9') || - *mystr == '-' || *mystr == '_' || *mystr == '.') { - mystr++; - } else { - *mystr = '-'; - mystr++; - } - } - - return (1); -} - -int Read_CReports(XML_NODE node, void *config, __attribute__((unused)) void *config2) -{ - unsigned int i = 0, s = 0; - - /* XML definitions */ - const char *xml_title = "title"; - const char *xml_type = "type"; - const char *xml_categories = "category"; - const char *xml_group = "group"; - const char *xml_rule = "rule"; - const char *xml_level = "level"; - const char *xml_location = "location"; - const char *xml_showlogs = "showlogs"; - const char *xml_srcip = "srcip"; - const char *xml_user = "user"; - const char *xml_frequency = "frequency"; - const char *xml_email = "email_to"; - - monitor_config *mon_config = (monitor_config *)config; - - /* Get any configured entry */ - if (mon_config->reports) { - while (mon_config->reports[s]) { - s++; - } - } - - /* Allocate the memory for the config */ - os_realloc(mon_config->reports, (s + 2) * sizeof(report_config *), - mon_config->reports); - os_calloc(1, sizeof(report_config), mon_config->reports[s]); - mon_config->reports[s + 1] = NULL; - - /* Zero the elements */ - mon_config->reports[s]->title = NULL; - mon_config->reports[s]->args = NULL; - mon_config->reports[s]->relations = NULL; - mon_config->reports[s]->type = NULL; - mon_config->reports[s]->emailto = NULL; - - mon_config->reports[s]->r_filter.group = NULL; - mon_config->reports[s]->r_filter.rule = NULL; - mon_config->reports[s]->r_filter.level = NULL; - mon_config->reports[s]->r_filter.location = NULL; - mon_config->reports[s]->r_filter.srcip = NULL; - mon_config->reports[s]->r_filter.user = NULL; - mon_config->reports[s]->r_filter.related_group = 0; - mon_config->reports[s]->r_filter.related_rule = 0; - mon_config->reports[s]->r_filter.related_level = 0; - mon_config->reports[s]->r_filter.related_location = 0; - mon_config->reports[s]->r_filter.related_srcip = 0; - mon_config->reports[s]->r_filter.related_user = 0; - mon_config->reports[s]->r_filter.report_name = NULL; - mon_config->reports[s]->r_filter.show_alerts = 0; - - /* Reading the XML */ - while (node[i]) { - if (!node[i]->element) { - merror(XML_ELEMNULL, __local_name); - return (OS_INVALID); - } else if (!node[i]->content) { - merror(XML_VALUENULL, __local_name, node[i]->element); - return (OS_INVALID); - } else if (strcmp(node[i]->element, xml_title) == 0) { - if (!mon_config->reports[s]->title) { - os_strdup(node[i]->content, mon_config->reports[s]->title); - } - } else if (strcmp(node[i]->element, xml_type) == 0) { - if (strcmp(node[i]->content, "email") == 0) { - if (!mon_config->reports[s]->type) { - os_strdup(node[i]->content, mon_config->reports[s]->type); - } - } else { - merror(XML_VALUEERR, __local_name, node[i]->element, node[i]->content); - } - } else if (strcmp(node[i]->element, xml_frequency) == 0) { - } else if (strcmp(node[i]->element, xml_showlogs) == 0) { - if (strcasecmp(node[i]->content, "yes") == 0) { - mon_config->reports[s]->r_filter.show_alerts = 1; - } - } else if (strcmp(node[i]->element, xml_categories) == 0) { - char *ncat = NULL; - _filter_arg(node[i]->content); - - os_strdup(node[i]->content, ncat); - - if (os_report_configfilter("group", ncat, - &mon_config->reports[s]->r_filter, REPORT_FILTER) < 0) { - merror(CONFIG_ERROR, __local_name, "user argument"); - } - } else if ((strcmp(node[i]->element, xml_group) == 0) || - (strcmp(node[i]->element, xml_rule) == 0) || - (strcmp(node[i]->element, xml_level) == 0) || - (strcmp(node[i]->element, xml_location) == 0) || - (strcmp(node[i]->element, xml_srcip) == 0) || - (strcmp(node[i]->element, xml_user) == 0)) { - int reportf = REPORT_FILTER; - char *ncat = NULL; - _filter_arg(node[i]->content); - - if (node[i]->attributes && node[i]->values) { - if (node[i]->attributes[0] && node[i]->values[0]) { - if (strcmp(node[i]->attributes[0], "type") == 0) { - if (strcmp(node[i]->values[0], "relation") == 0) { - reportf = REPORT_RELATED; - } else { - merror("%s: WARN: Invalid value for 'relation' attribute: '%s'. (ignored).", __local_name, node[i]->values[0]); - i++; - continue; - } - } else { - merror("%s: WARN: Invalid attribute: %s (ignored). ", __local_name, node[i]->attributes[0]); - i++; - continue; - } - } - } - - os_strdup(node[i]->content, ncat); - - if (os_report_configfilter(node[i]->element, ncat, - &mon_config->reports[s]->r_filter, reportf) < 0) { - merror("%s: Invalid filter: %s:%s (ignored).", __local_name, node[i]->element, node[i]->content); - } - } else if (strcmp(node[i]->element, xml_email) == 0) { - mon_config->reports[s]->emailto = os_AddStrArray(node[i]->content, mon_config->reports[s]->emailto); - } else { - merror(XML_INVELEM, __local_name, node[i]->element); - return (OS_INVALID); - } - i++; - } - - /* Set proper report type */ - mon_config->reports[s]->r_filter.report_type = REPORT_TYPE_DAILY; - - if (mon_config->reports[s]->emailto == NULL) { - if (mon_config->reports[s]->title) { - merror("%s: No \"email to\" configured for the report '%s'. Ignoring it.", __local_name, mon_config->reports[s]->title); - } else { - merror("%s: No \"email to\" and title configured for report. Ignoring it.", __local_name); - } - } - - if (!mon_config->reports[s]->title) { - os_strdup("OSSEC Report (unnamed)", mon_config->reports[s]->title); - } - mon_config->reports[s]->r_filter.report_name = mon_config->reports[s]->title; - - return (0); -} - diff --git a/src/config/reports-config.h b/src/config/reports-config.h index 5ec1bd210..8a14a5c5b 100644 --- a/src/config/reports-config.h +++ b/src/config/reports-config.h @@ -10,17 +10,7 @@ #ifndef _REPORTSCONFIG_H #define _REPORTSCONFIG_H -#include "report_op.h" - -/* Structure for the report */ -typedef struct _report_config { - char *title; - char *args; - char *relations; - char *type; - char **emailto; - report_filter r_filter; -} report_config; +//#include "report_op.h" typedef struct _monitor_config { unsigned short int day_wait; @@ -35,7 +25,6 @@ typedef struct _monitor_config { char *emailidsname; char **agents; - report_config **reports; } monitor_config; #endif /* _REPORTSCONFIG_H */ diff --git a/src/monitord/generate_reports.c b/src/monitord/generate_reports.c deleted file mode 100644 index 57c99aea4..000000000 --- a/src/monitord/generate_reports.c +++ /dev/null @@ -1,131 +0,0 @@ -/* Copyright (C) 2010 Trend Micro Inc. - * All right reserved. - * - * This program is a free software; you can redistribute it - * and/or modify it under the terms of the GNU General Public - * License (version 2) as published by the FSF - Free Software - * Foundation - */ - -#include "shared.h" -#include "monitord.h" - -static const char *(monthss[]) = {"Jan", "Feb", "Mar", "Apr", "May", "Jun", - "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" - }; - - -void generate_reports(int cday, int cmon, int cyear) -{ - int s = 0; - - if (!mond.smtpserver) { - return; - } - - if (mond.reports) { - int twait = 0; - int childcount = 0; - - while (mond.reports[s]) { - pid_t pid; - if (mond.reports[s]->emailto == NULL) { - s++; - continue; - } - - /* We create a new process to run the report and send the email. - * To avoid crashing monitord if something goes wrong. - */ - pid = fork(); - if (pid < 0) { - merror("%s: ERROR: Fork failed. cause: %d - %s", ARGV0, errno, strerror(errno)); - s++; - continue; - } else if (pid == 0) { - char fname[256]; - char aname[256]; - fname[255] = '\0'; - aname[255] = '\0'; - snprintf(fname, 255, "/logs/.report-%d.log", getpid()); - - merror("%s: INFO: Starting daily reporting for '%s'", ARGV0, mond.reports[s]->title); - mond.reports[s]->r_filter.fp = fopen(fname, "w+"); - if (!mond.reports[s]->r_filter.fp) { - merror("%s: ERROR: Unable to open temporary reports file.", ARGV0); - s++; - continue; - } - - /* Open the log file */ - snprintf(aname, 255, "%s/%d/%s/ossec-%s-%02d.log", - ALERTS, cyear, monthss[cmon], "alerts", cday); - os_strdup(aname, mond.reports[s]->r_filter.filename); - - /* Start report */ - os_ReportdStart(&mond.reports[s]->r_filter); - fflush(mond.reports[s]->r_filter.fp); - - fclose(mond.reports[s]->r_filter.fp); - - struct stat sb; - int sr; - if((sr = stat(fname, &sb)) < 0) { - merror("Cannot stat %s: %s", fname, strerror(errno)); - } - - if (sb.st_size == 0) { - merror("%s: INFO: Report '%s' empty.", ARGV0, mond.reports[s]->title); - } else if (OS_SendCustomEmail2(mond.reports[s]->emailto, - mond.reports[s]->title, - mond.smtpserver, - mond.emailfrom, - mond.emailidsname, - fname) - != 0) { - merror("%s: WARN: Unable to send report email.", ARGV0); - } - - if(unlink(fname) < 0) { - merror("%s: ERROR: Cannot unlink file %s: %s", ARGV0, fname, strerror(errno)); - } - - free(mond.reports[s]->r_filter.filename); - mond.reports[s]->r_filter.filename = NULL; - - exit(0); - } else { - /* Sleep between each report. Time is not important in here. */ - sleep(20); - childcount++; - } - - s++; - } - - while (childcount) { - int wp; - wp = waitpid((pid_t) - 1, NULL, WNOHANG); - if (wp < 0) { - merror(WAITPID_ERROR, ARGV0, errno, strerror(errno)); - } else if (wp == 0) { - /* If there is still any report left, sleep 5 and try again */ - sleep(5); - twait++; - - if (twait > 2) { - merror("%s: WARN: Report taking too long to complete. Waiting for it to finish...", ARGV0); - sleep(10); - if (twait > 10) { - merror("%s: WARN: Report took too long. Moving on...", ARGV0); - break; - } - } - } else { - childcount--; - } - } - } - return; -} - diff --git a/src/monitord/main.c b/src/monitord/main.c index fdf18e684..df7102795 100644 --- a/src/monitord/main.c +++ b/src/monitord/main.c @@ -127,48 +127,6 @@ int main(int argc, char **argv) ErrorExit(CONFIG_ERROR, ARGV0, cfg); } - /* If we have any reports configured, read smtp/emailfrom */ - if (mond.reports) { - OS_XML xml; - char *tmpsmtp; - - const char *(xml_smtp[]) = {"ossec_config", "global", "smtp_server", NULL}; - const char *(xml_from[]) = {"ossec_config", "global", "email_from", NULL}; - const char *(xml_idsname[]) = {"ossec_config", "global", "email_idsname", NULL}; - - if (OS_ReadXML(cfg, &xml) < 0) { - ErrorExit(CONFIG_ERROR, ARGV0, cfg); - } - - tmpsmtp = OS_GetOneContentforElement(&xml, xml_smtp); - mond.emailfrom = OS_GetOneContentforElement(&xml, xml_from); - mond.emailidsname = OS_GetOneContentforElement(&xml, xml_idsname); - - if (tmpsmtp && mond.emailfrom) { - mond.smtpserver = OS_GetHost(tmpsmtp, 5); - if (!mond.smtpserver) { - merror(INVALID_SMTP, ARGV0, tmpsmtp); - if (mond.emailfrom) { - free(mond.emailfrom); - } - mond.emailfrom = NULL; - merror("%s: Invalid SMTP server. Disabling email reports.", ARGV0); - } - } else { - if (tmpsmtp) { - free(tmpsmtp); - } - if (mond.emailfrom) { - free(mond.emailfrom); - } - - mond.emailfrom = NULL; - merror("%s: SMTP server or 'email from' missing. Disabling email reports.", ARGV0); - } - - OS_ClearXML(&xml); - } - /* Exit here if test config is set */ if (test_config) { exit(0); diff --git a/src/monitord/monitord.c b/src/monitord/monitord.c index 9dbbf13ae..e6b606744 100644 --- a/src/monitord/monitord.c +++ b/src/monitord/monitord.c @@ -62,9 +62,6 @@ void Monitord() /* Day changed, deal with log files */ if (today != p->tm_mday) { - /* Generate reports */ - generate_reports(today, thismonth, thisyear); - manage_files(today, thismonth, thisyear); today = p->tm_mday; diff --git a/src/monitord/monitord.h b/src/monitord/monitord.h index 3f182f8fc..3bc2725f9 100644 --- a/src/monitord/monitord.h +++ b/src/monitord/monitord.h @@ -10,22 +10,19 @@ #ifndef _MONITORD_H #define _MONITORD_H +#include "config/reports-config.h" + #ifndef ARGV0 #define ARGV0 "ossec-monitord" #endif -#include "config/reports-config.h" - /* Prototypes */ void Monitord(void) __attribute__((noreturn)); void manage_files(int cday, int cmon, int cyear); -void generate_reports(int cday, int cmon, int cyear); void monitor_agents(void); void OS_SignLog(const char *logfile, const char *logfile_old, int log_missing); void OS_CompressLog(const char *logfile); -int OS_SendCustomEmail2(char **to, char *subject, char *smtpserver, char *from, char *idsname, char *fname); - /* Global variables */ extern monitor_config mond; diff --git a/src/monitord/sendcustomemail.c b/src/monitord/sendcustomemail.c deleted file mode 100644 index f25d5d3f1..000000000 --- a/src/monitord/sendcustomemail.c +++ /dev/null @@ -1,324 +0,0 @@ -/* Copyright (C) 2009 Trend Micro Inc. - * All rights reserved. - * - * This program is a free software; you can redistribute it - * and/or modify it under the terms of the GNU General Public - * License (version 2) as published by the FSF - Free Software - * Foundation - */ - -/* Basic e-mailing operations */ - -#include "shared.h" -#include "os_net/os_net.h" - -/* Return codes (from SMTP server) */ -#define VALIDBANNER "220" -#define VALIDMAIL "250" -#define VALIDDATA "354" - -/* Default values used to connect */ -#define SMTP_DEFAULT_PORT "25" -#define HELOMSG "Helo notify.ossec.net\r\n" -#define MAILFROM "Mail From: <%s>\r\n" -#define RCPTTO "Rcpt To: <%s>\r\n" -#define DATAMSG "DATA\r\n" -#define FROM "From: OSSEC HIDS <%s>\r\n" -#define REPLYTO "Reply-To: OSSEC HIDS <%s>\r\n" -#define TO "To: <%s>\r\n" -#define CC "Cc: <%s>\r\n" -#define SUBJECT "Subject: %s\r\n" -#define ENDHEADER "\r\n" -#define ENDDATA "\r\n.\r\n" -#define QUITMSG "QUIT\r\n" -#define XHEADER "X-IDS-OSSEC: %s\r\n" - -/* Error messages - Can be translated */ -#define INTERNAL_ERROR "os_maild (1760): ERROR: Memory/configuration error" -#define BANNER_ERROR "os_sendmail(1762): WARN: Banner not received from server" -#define HELO_ERROR "os_sendmail(1763): WARN: Hello not accepted by server" -#define FROM_ERROR "os_sendmail(1764): WARN: Mail from not accepted by server" -#define TO_ERROR "os_sendmail(1765): WARN: RCPT TO not accepted by server - '%s'." -#define DATA_ERROR "os_sendmail(1766): WARN: DATA not accepted by server" -#define END_DATA_ERROR "os_sendmail(1767): WARN: End of DATA not accepted by server" - -#define MAIL_DEBUG_FLAG 0 -#define MAIL_DEBUG(x,y,z) if(MAIL_DEBUG_FLAG) merror(x,y,z) - - -int OS_SendCustomEmail2(char **to, char *subject, char *smtpserver, char *from, char *replyto, char *idsname, __attribute__((unused)) char *fname) -{ - FILE *sendmail = NULL; - int socket = -1, i = 0; - char *msg; - char snd_msg[128]; - char buffer[2049]; - - buffer[2048] = '\0'; - - if (smtpserver[0] == '/') { - sendmail = popen(smtpserver, "w"); - if (!sendmail) { - return (OS_INVALID); - } - } else { - /* Connect to the SMTP server */ - socket = OS_ConnectTCP(SMTP_DEFAULT_PORT, smtpserver); - if (socket < 0) { - return (socket); - } - - /* Receive the banner */ - msg = OS_RecvTCP(socket, OS_SIZE_1024); - if ((msg == NULL) || (!OS_Match(VALIDBANNER, msg))) { - merror(BANNER_ERROR); - if (msg) { - free(msg); - } - close(socket); - return (OS_INVALID); - } - MAIL_DEBUG("DEBUG: Received banner: '%s' %s", msg, ""); - free(msg); - - /* Send HELO message */ - OS_SendTCP(socket, HELOMSG); - msg = OS_RecvTCP(socket, OS_SIZE_1024); - if ((msg == NULL) || (!OS_Match(VALIDMAIL, msg))) { - if (msg) { - /* In some cases (with virus scans in the middle) - * we may get two banners. Check for that in here. - */ - if (OS_Match(VALIDBANNER, msg)) { - free(msg); - - /* Try again */ - msg = OS_RecvTCP(socket, OS_SIZE_1024); - if ((msg == NULL) || (!OS_Match(VALIDMAIL, msg))) { - merror("%s:%s", HELO_ERROR, msg != NULL ? msg : "null"); - if (msg) { - free(msg); - } - close(socket); - return (OS_INVALID); - } - } else { - merror("%s:%s", HELO_ERROR, msg); - free(msg); - close(socket); - return (OS_INVALID); - } - } else { - merror("%s:%s", HELO_ERROR, "null"); - close(socket); - return (OS_INVALID); - } - } - - MAIL_DEBUG("DEBUG: Sent '%s', received: '%s'", HELOMSG, msg); - free(msg); - - /* Build "Mail from" msg */ - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, MAILFROM, from); - OS_SendTCP(socket, snd_msg); - msg = OS_RecvTCP(socket, OS_SIZE_1024); - if ((msg == NULL) || (!OS_Match(VALIDMAIL, msg))) { - merror(FROM_ERROR); - if (msg) { - free(msg); - } - close(socket); - return (OS_INVALID); - } - MAIL_DEBUG("DEBUG: Sent '%s', received: '%s'", snd_msg, msg); - free(msg); - - /* Build "RCPT TO" msg */ - while (to[i]) { - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, RCPTTO, to[i]); - OS_SendTCP(socket, snd_msg); - msg = OS_RecvTCP(socket, OS_SIZE_1024); - if ((msg == NULL) || (!OS_Match(VALIDMAIL, msg))) { - merror(TO_ERROR, to[i]); - if (msg) { - free(msg); - } - close(socket); - return (OS_INVALID); - } - MAIL_DEBUG("DEBUG: Sent '%s', received: '%s'", snd_msg, msg); - free(msg); - - i++; - } - - /* Send the "DATA" msg */ - OS_SendTCP(socket, DATAMSG); - msg = OS_RecvTCP(socket, OS_SIZE_1024); - if ((msg == NULL) || (!OS_Match(VALIDDATA, msg))) { - merror(DATA_ERROR); - if (msg) { - free(msg); - } - close(socket); - return (OS_INVALID); - } - MAIL_DEBUG("DEBUG: Sent '%s', received: '%s'", DATAMSG, msg); - free(msg); - } - - /* Build "From" and "To" in the e-mail header */ - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, TO, to[0]); - - if (sendmail) { - fprintf(sendmail, "%s", snd_msg); - } else { - OS_SendTCP(socket, snd_msg); - } - - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, FROM, from); - - if (sendmail) { - fprintf(sendmail, "%s", snd_msg); - } else { - OS_SendTCP(socket, snd_msg); - } - - if (replyto) { - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, REPLYTO, replyto); - if(sendmail) { - fprintf(sendmail, "%s", snd_msg); - } else { - OS_SendTCP(socket, snd_msg); - } - - } - - /* Add CCs */ - if (to[1]) { - i = 1; - while (1) { - if (to[i] == NULL) { - break; - } - - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, TO, to[i]); - - if (sendmail) { - fprintf(sendmail, "%s", snd_msg); - } else { - OS_SendTCP(socket, snd_msg); - } - - i++; - } - } - - /* Send date */ - memset(snd_msg, '\0', 128); - time_t tm; - tm = time(NULL); - const struct tm *p; - p = localtime(&tm); - - /* Solaris doesn't have the "%z", so we set the timezone to 0 */ -#ifdef SOLARIS - strftime(snd_msg, 127, "Date: %a, %d %b %Y %T -0000\r\n", p); -#else - strftime(snd_msg, 127, "Date: %a, %d %b %Y %T %z\r\n", p); -#endif - - if (sendmail) { - fprintf(sendmail, "%s", snd_msg); - } else { - OS_SendTCP(socket, snd_msg); - } - - if (idsname) { - /* Send server name header */ - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, XHEADER, idsname); - - if (sendmail) { - fprintf(sendmail, "%s", snd_msg); - } else { - OS_SendTCP(socket, snd_msg); - } - } - - /* Send subject */ - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, SUBJECT, subject); - - if (sendmail) { - fprintf(sendmail, "%s", snd_msg); - fprintf(sendmail, ENDHEADER); - } else { - OS_SendTCP(socket, snd_msg); - OS_SendTCP(socket, ENDHEADER); - } - - - char fname2[256]; - fname2[255] = '\0'; - snprintf(fname2, 255, "/logs/.report-%d.log", getpid()); - - /* Send body */ - FILE *fp; - fp = fopen(fname2, "r"); - if(!fp) { - merror("%s: ERROR: Cannot open %s: %s", __local_name, fname2, strerror(errno)); - if(socket >= 0) { - close(socket); - } - if(sendmail) { - pclose(sendmail); - } - return(1); - } - - - while (fgets(buffer, 2048, fp) != NULL) { - if (sendmail) { - fprintf(sendmail, "%s", buffer); - } else { - OS_SendTCP(socket, buffer); - } - } - fclose(fp); - - if (sendmail) { - if (pclose(sendmail) == -1) { - merror(WAITPID_ERROR, ARGV0, errno, strerror(errno)); - } - } else { - /* Send end of data \r\n.\r\n */ - OS_SendTCP(socket, ENDDATA); - msg = OS_RecvTCP(socket, OS_SIZE_1024); - - /* Check msg, since it may be null */ - if (msg) { - free(msg); - } - - /* Quit and close socket */ - OS_SendTCP(socket, QUITMSG); - msg = OS_RecvTCP(socket, OS_SIZE_1024); - - if (msg) { - free(msg); - } - - close(socket); - } - - memset_secure(snd_msg, '\0', 128); - return (0); -} - diff --git a/src/os_maild/maild.h b/src/os_maild/maild.h index 8aeda521d..ab77550d6 100644 --- a/src/os_maild/maild.h +++ b/src/os_maild/maild.h @@ -68,7 +68,7 @@ MailMsg *OS_RecvMailQ(file_queue *fileq, struct tm *p, MailConfig *mail, /* Send an email */ int OS_Sendmail(MailConfig *mail, struct tm *p) __attribute__((nonnull)); -int OS_SendCustomEmail(char **to, char *subject, char *smtpserver, char *from, char *idsname, char *fname, const struct tm *p); +int OS_Sendsms(MailConfig *mail, struct tm *p, MailMsg *sms_msg) __attribute__((nonnull)); /* Mail timeout used by the file-queue */ extern unsigned int mail_timeout; diff --git a/src/os_maild/sendcustomemail.c b/src/os_maild/sendcustomemail.c deleted file mode 100644 index 8a31522a7..000000000 --- a/src/os_maild/sendcustomemail.c +++ /dev/null @@ -1,333 +0,0 @@ -/* Copyright (C) 2009 Trend Micro Inc. - * All rights reserved. - * - * This program is a free software; you can redistribute it - * and/or modify it under the terms of the GNU General Public - * License (version 2) as published by the FSF - Free Software - * Foundation - */ - -/* Basic e-mailing operations */ - -#include "shared.h" -#include "os_net/os_net.h" - -/* Return codes (from SMTP server) */ -#define VALIDBANNER "220" -#define VALIDMAIL "250" -#define VALIDDATA "354" - -/* Default values used to connect */ -#define SMTP_DEFAULT_PORT "25" -#define HELOMSG "Helo notify.ossec.net\r\n" -#define MAILFROM "Mail From: <%s>\r\n" -#define RCPTTO "Rcpt To: <%s>\r\n" -#define DATAMSG "DATA\r\n" -#define FROM "From: OSSEC HIDS <%s>\r\n" -#define REPLYTO "Reply-To: OSSEC HIDS <%s>\r\n" -#define TO "To: <%s>\r\n" -#define CC "Cc: <%s>\r\n" -#define SUBJECT "Subject: %s\r\n" -#define ENDHEADER "\r\n" -#define ENDDATA "\r\n.\r\n" -#define QUITMSG "QUIT\r\n" -#define XHEADER "X-IDS-OSSEC: %s\r\n" - -/* Error messages - Can be translated */ -#define INTERNAL_ERROR "os_maild (1760): ERROR: Memory/configuration error" -#define BANNER_ERROR "os_sendmail(1762): WARN: Banner not received from server" -#define HELO_ERROR "os_sendmail(1763): WARN: Hello not accepted by server" -#define FROM_ERROR "os_sendmail(1764): WARN: Mail from not accepted by server" -#define TO_ERROR "os_sendmail(1765): WARN: RCPT TO not accepted by server - '%s'." -#define DATA_ERROR "os_sendmail(1766): WARN: DATA not accepted by server" -#define END_DATA_ERROR "os_sendmail(1767): WARN: End of DATA not accepted by server" - -#define MAIL_DEBUG_FLAG 0 -#define MAIL_DEBUG(x,y,z) if(MAIL_DEBUG_FLAG) merror(x,y,z) - - -int OS_SendCustomEmail(char **to, char *subject, char *smtpserver, char *from, char *replyto, char *idsname, char *fname, const struct tm *p) -{ - FILE *sendmail = NULL; - int socket = -1, i = 0; - char *msg; - char snd_msg[128]; - char buffer[2049]; - - buffer[2048] = '\0'; - - if (smtpserver[0] == '/') { - sendmail = popen(smtpserver, "w"); - if (!sendmail) { - return (OS_INVALID); - } - } else { - /* Connect to the SMTP server */ - socket = OS_ConnectTCP(SMTP_DEFAULT_PORT, smtpserver); - if (socket < 0) { - return (socket); - } - - /* Receive the banner */ - msg = OS_RecvTCP(socket, OS_SIZE_1024); - if ((msg == NULL) || (!OS_Match(VALIDBANNER, msg))) { - merror(BANNER_ERROR); - if (msg) { - free(msg); - } - close(socket); - return (OS_INVALID); - } - MAIL_DEBUG("DEBUG: Received banner: '%s' %s", msg, ""); - free(msg); - - /* Send HELO message */ - OS_SendTCP(socket, HELOMSG); - msg = OS_RecvTCP(socket, OS_SIZE_1024); - if ((msg == NULL) || (!OS_Match(VALIDMAIL, msg))) { - if (msg) { - /* In some cases (with virus scans in the middle) - * we may get two banners. Check for that in here. - */ - if (OS_Match(VALIDBANNER, msg)) { - free(msg); - - /* Try again */ - msg = OS_RecvTCP(socket, OS_SIZE_1024); - if ((msg == NULL) || (!OS_Match(VALIDMAIL, msg))) { - merror("%s:%s", HELO_ERROR, msg != NULL ? msg : "null"); - if (msg) { - free(msg); - } - close(socket); - return (OS_INVALID); - } - } else { - merror("%s:%s", HELO_ERROR, msg); - free(msg); - close(socket); - return (OS_INVALID); - } - } else { - merror("%s:%s", HELO_ERROR, "null"); - close(socket); - return (OS_INVALID); - } - } - - MAIL_DEBUG("DEBUG: Sent '%s', received: '%s'", HELOMSG, msg); - free(msg); - - /* Build "Mail from" msg */ - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, MAILFROM, from); - OS_SendTCP(socket, snd_msg); - msg = OS_RecvTCP(socket, OS_SIZE_1024); - if ((msg == NULL) || (!OS_Match(VALIDMAIL, msg))) { - merror(FROM_ERROR); - if (msg) { - free(msg); - } - close(socket); - return (OS_INVALID); - } - MAIL_DEBUG("DEBUG: Sent '%s', received: '%s'", snd_msg, msg); - free(msg); - - /* Build "RCPT TO" msg */ - while (to[i]) { - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, RCPTTO, to[i]); - OS_SendTCP(socket, snd_msg); - msg = OS_RecvTCP(socket, OS_SIZE_1024); - if ((msg == NULL) || (!OS_Match(VALIDMAIL, msg))) { - merror(TO_ERROR, to[i]); - if (msg) { - free(msg); - } - close(socket); - return (OS_INVALID); - } - MAIL_DEBUG("DEBUG: Sent '%s', received: '%s'", snd_msg, msg); - free(msg); - - i++; - } - - /* Send the "DATA" msg */ - OS_SendTCP(socket, DATAMSG); - msg = OS_RecvTCP(socket, OS_SIZE_1024); - if ((msg == NULL) || (!OS_Match(VALIDDATA, msg))) { - merror(DATA_ERROR); - if (msg) { - free(msg); - } - close(socket); - return (OS_INVALID); - } - MAIL_DEBUG("DEBUG: Sent '%s', received: '%s'", DATAMSG, msg); - free(msg); - } - - /* Build "From" and "To" in the e-mail header */ - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, TO, to[0]); - - if (sendmail) { - fprintf(sendmail, "%s", snd_msg); - } else { - OS_SendTCP(socket, snd_msg); - } - - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, FROM, from); - - if (sendmail) { - fprintf(sendmail, "%s", snd_msg); - } else { - OS_SendTCP(socket, snd_msg); - } - - if (replyto) { - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, REPLYTO, replyto); - if(sendmail) { - fprintf(sendmail, "%s", snd_msg); - } else { - OS_SendTCP(socket, snd_msg); - } - } - - /* Add CCs */ - if (to[1]) { - i = 1; - while (1) { - if (to[i] == NULL) { - break; - } - - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, TO, to[i]); - - if (sendmail) { - fprintf(sendmail, "%s", snd_msg); - } else { - OS_SendTCP(socket, snd_msg); - } - - i++; - } - } - - /* Send date */ - memset(snd_msg, '\0', 128); - - /* Solaris doesn't have the "%z", so we set the timezone to 0 */ -#ifdef SOLARIS - strftime(snd_msg, 127, "Date: %a, %d %b %Y %T -0000\r\n", p); -#else - strftime(snd_msg, 127, "Date: %a, %d %b %Y %T %z\r\n", p); -#endif - - if (sendmail) { - fprintf(sendmail, "%s", snd_msg); - } else { - OS_SendTCP(socket, snd_msg); - } - - if (idsname) { - /* Send server name header */ - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, XHEADER, idsname); - - if (sendmail) { - fprintf(sendmail, "%s", snd_msg); - } else { - OS_SendTCP(socket, snd_msg); - } - } - - /* Send subject */ - memset(snd_msg, '\0', 128); - snprintf(snd_msg, 127, SUBJECT, subject); - - if (sendmail) { - fprintf(sendmail, "%s", snd_msg); - fprintf(sendmail, ENDHEADER); - } else { - OS_SendTCP(socket, snd_msg); - OS_SendTCP(socket, ENDHEADER); - } - - /* Send body */ - FILE *fp; - fp = fopen(fname, "r"); - if(!fp) { - merror("%s: ERROR: Cannot open %s: %s", __local_name, fname, strerror(errno)); - if(socket >= 0) { - close(socket); - } - if(sendmail) { - pclose(sendmail); - } - return(1); - } - - - struct stat sb; - int sr; - sr = stat(fname, &sb); - if(sr < 0) { - merror("Cannot stat %s: %s", fname, strerror(errno)); - } - if(sb.st_size == 0) { - merror("Report is empty"); - if(socket >= 0) { - close(socket); - } - if(sendmail) { - pclose(sendmail); - } - if(fp) { - fclose(fp); - } - return(0); - } - while (fgets(buffer, 2048, fp) != NULL) { - if (sendmail) { - fprintf(sendmail, "%s", buffer); - } else { - OS_SendTCP(socket, buffer); - } - } - fclose(fp); - - if (sendmail) { - if (pclose(sendmail) == -1) { - merror(WAITPID_ERROR, ARGV0, errno, strerror(errno)); - } - } else { - /* Send end of data \r\n.\r\n */ - OS_SendTCP(socket, ENDDATA); - msg = OS_RecvTCP(socket, OS_SIZE_1024); - - /* Check msg, since it may be null */ - if (msg) { - free(msg); - } - - /* Quit and close socket */ - OS_SendTCP(socket, QUITMSG); - msg = OS_RecvTCP(socket, OS_SIZE_1024); - - if (msg) { - free(msg); - } - - close(socket); - } - - memset_secure(snd_msg, '\0', 128); - return (0); -} -