-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdependencies.h
129 lines (113 loc) · 3.58 KB
/
dependencies.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
#include <time.h>
#include <sys/types.h>
#include <string.h>
#include <stdlib.h>
#include <sqlite3.h>
#include <stdbool.h>
#define debug_level 0
#define max_size 20000
#define SHA256_LEN 65
typedef struct fim_entry_data_poc {
char *path; // Duda ~~~~~~
// Checksum attributes
unsigned int size;
char * perm;
char * attributes;
char * uid;
char * gid;
char * user_name;
char * group_name;
unsigned int mtime;
unsigned long int inode;
char * hash_md5;
char * hash_sha1;
char * hash_sha256;
// Options
unsigned int mode;
time_t last_event;
int entry_type;
unsigned long int dev;
unsigned int scanned;
int options;
char * checksum;
} fim_entry_data_poc;
typedef char os_md5[33];
typedef char os_sha1[65];
typedef char os_sha256[65];
static const char *FIM_EVENT_TYPE[] = {
"added",
"deleted",
"modified"
};
static const char *FIM_EVENT_MODE[] = {
"scheduled",
"real-time",
"whodata"
};
static const char *FIM_ENTRY_TYPE[] = {
"file",
"registry"
};
typedef enum fim_entry_type {
FIM_FILE,
FIM_REGISTRY
} fim_entry_type;
typedef enum fim_event_mode {
FIM_SCHEDULED,
FIM_REALTIME,
FIM_WHODATA
} fim_event_mode;
typedef struct fim_entry_data {
// Checksum attributes
unsigned int size;
char * perm;
char * attributes;
char * uid;
char * gid;
char * user_name;
char * group_name;
unsigned int mtime;
unsigned long int inode;
os_md5 hash_md5;
os_sha1 hash_sha1;
os_sha256 hash_sha256;
// Options
fim_event_mode mode;
time_t last_event;
fim_entry_type entry_type;
unsigned long int dev;
unsigned int scanned;
int options;
os_sha1 checksum;
} fim_entry_data;
typedef struct fim_entry {
char ** path;
fim_entry_data *data;
} fim_entry;
char **os_AddStrArray(const char *str, char **array);
int w_is_file(const char * const file);
int wdb_create_file(const char *path, const char *source, const bool type, sqlite3 ** fim_db);
void mdebug1(const char *msg, ...);
void mdebug2(const char *msg, ...);
void merror(const char *msg, ...);
uid_t Privsep_GetUser(const char *name) __attribute__((nonnull));
gid_t Privsep_GetGroup(const char *name) __attribute__((nonnull));
#define os_calloc(x,y,z) ((z = (__typeof__(z)) calloc(x,y)))?(void)1:exit(1)
#define os_strdup(x,y) ((y = strdup(x)))?(void)1:exit(1)
#define w_strdup(x,y) ({ int retstr = 0; if (x) { os_strdup(x, y);} else retstr = 1; retstr;})
#define os_free(x) if(x){free(x);x=NULL;}
void free_entry_data(fim_entry_data * data);
#define wdb_finalize(x) { if (x) { sqlite3_finalize(x); x = NULL; } }
#define w_rwlock_init(x, y) { int error = pthread_rwlock_init(x, y); if (error) exit(1); }
#define w_rwlock_rdlock(x) { int error = pthread_rwlock_rdlock(x); if (error) exit(1); }
#define w_rwlock_wrlock(x) { int error = pthread_rwlock_wrlock(x); if (error) exit(1); }
#define w_rwlock_unlock(x) { int error = pthread_rwlock_unlock(x); if (error) exit(1); }
#define w_mutex_init(x, y) { int error = pthread_mutex_init(x, y); if (error) exit(1); }
#define w_mutex_lock(x) { int error = pthread_mutex_lock(x); if (error) exit(1); }
#define w_mutex_unlock(x) { int error = pthread_mutex_unlock(x); if (error) exit(1); }
void gettime(struct timespec *ts);
double time_diff(const struct timespec * a, const struct timespec * b);
int file_sha256(int fd, char sum[SHA256_LEN]);
#define w_FreeArray(x) if (x) {char **x_it = x; for (; *x_it; (x_it)++) {os_free(*x_it);}}
void free_entry(fim_entry * entry);
#define os_realloc(x,y,z) ((z = (__typeof__(z))realloc(x,y)))?(void)1:merror("memory")