2010-07-21 Dario Rodriguez <dario.rodriguez@artica.es>
* win32/pandora_agent_conf.cc, pandora_agent_conf.h: Added logic to search existing collections in config file, and checking for ".." substrings in path for security reasons. * win32/pandora_windows_service.h, pandora_windows_service.cc: Added logic to remove incoherences between collections directory and collection list of config file. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3045 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
parent
fdd9062bb5
commit
a2fec2bb0f
|
@ -1,3 +1,12 @@
|
||||||
|
2010-07-21 Dario Rodriguez <dario.rodriguez@artica.es>
|
||||||
|
|
||||||
|
* win32/pandora_agent_conf.cc, pandora_agent_conf.h: Added logic to search
|
||||||
|
existing collections in config file, and checking for ".." substrings in
|
||||||
|
path for security reasons.
|
||||||
|
* win32/pandora_windows_service.h, pandora_windows_service.cc: Added logic
|
||||||
|
to remove incoherences between collections directory and collection list
|
||||||
|
of config file.
|
||||||
|
|
||||||
2010-07-20 Dario Rodriguez <dario.rodriguez@artica.es>
|
2010-07-20 Dario Rodriguez <dario.rodriguez@artica.es>
|
||||||
|
|
||||||
* win32/pandora_agent_conf.cc, pandora_agent_conf.h: Added a variable to
|
* win32/pandora_agent_conf.cc, pandora_agent_conf.h: Added a variable to
|
||||||
|
@ -7,11 +16,11 @@
|
||||||
|
|
||||||
2010-07-16 Dario Rodriguez <dario.rodriguez@artica.es>
|
2010-07-16 Dario Rodriguez <dario.rodriguez@artica.es>
|
||||||
|
|
||||||
* misc/pandora_file.cc: fixed error that caused double free.
|
* win32/misc/pandora_file.cc: fixed error that caused double free.
|
||||||
|
|
||||||
2010-07-16 Dario Rodriguez <dario.rodriguez@artica.es>
|
2010-07-16 Dario Rodriguez <dario.rodriguez@artica.es>
|
||||||
|
|
||||||
* misc/pandora_file.cc: fixed unclosed directory with function closedir
|
* win32/misc/pandora_file.cc: fixed unclosed directory with function closedir
|
||||||
and control posible delete errors.
|
and control posible delete errors.
|
||||||
|
|
||||||
2010-07-16 Dario Rodriguez <dario.rodriguez@artica.es>
|
2010-07-16 Dario Rodriguez <dario.rodriguez@artica.es>
|
||||||
|
|
|
@ -103,8 +103,12 @@ Pandora::Pandora_Agent_Conf::setFile (string filename) {
|
||||||
aux = new Collection();
|
aux = new Collection();
|
||||||
|
|
||||||
aux->name = trim (collection_name);
|
aux->name = trim (collection_name);
|
||||||
aux->verify = 0;
|
|
||||||
collection_list->push_back (*aux);
|
/*Check for ".." substring for security issues*/
|
||||||
|
if ( collection_name.find("..") == string::npos ) {
|
||||||
|
aux->verify = 0;
|
||||||
|
collection_list->push_back (*aux);
|
||||||
|
}
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
/*Check if is a module*/
|
/*Check if is a module*/
|
||||||
|
@ -185,6 +189,28 @@ Pandora::Pandora_Agent_Conf::setCurrentCollectionVerify() {
|
||||||
collection_it->verify = 1;
|
collection_it->verify = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check is there is a collection with the same name in the list
|
||||||
|
*
|
||||||
|
* @param The name of the collection to check.
|
||||||
|
*
|
||||||
|
* @return True if there is a collection with the same name.
|
||||||
|
*/
|
||||||
|
bool
|
||||||
|
Pandora::Pandora_Agent_Conf::isInCollectionList(string name) {
|
||||||
|
list<Collection>::iterator p;
|
||||||
|
string name_md5;
|
||||||
|
for (p = collection_list->begin();p != collection_list->end();p++) {
|
||||||
|
name_md5 = p->name+".md5";
|
||||||
|
if ( (strcmp(p->name.c_str(), name.c_str()) == 0) ||
|
||||||
|
(strcmp(name_md5.c_str(), name.c_str()) == 0)){
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set iterator pointing to the first collection of the list.
|
* Set iterator pointing to the first collection of the list.
|
||||||
*
|
*
|
||||||
|
|
|
@ -61,6 +61,7 @@ namespace Pandora {
|
||||||
void goNextCollection ();
|
void goNextCollection ();
|
||||||
|
|
||||||
bool isLastCollection ();
|
bool isLastCollection ();
|
||||||
|
bool isInCollectionList(string name);
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -33,6 +33,10 @@
|
||||||
#include <cstdlib>
|
#include <cstdlib>
|
||||||
#include <ctime>
|
#include <ctime>
|
||||||
#include <direct.h>
|
#include <direct.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <dirent.h>
|
||||||
|
#include <sys/stat.h>
|
||||||
|
#include <pandora_agent_conf.h>
|
||||||
|
|
||||||
using namespace std;
|
using namespace std;
|
||||||
using namespace Pandora;
|
using namespace Pandora;
|
||||||
|
@ -633,8 +637,50 @@ Pandora_Windows_Service::unzipCollection(string zip_path, string dest_dir) {
|
||||||
CloseHandle (pi.hProcess);
|
CloseHandle (pi.hProcess);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
/*
|
||||||
|
* Check the disk for collections installed
|
||||||
|
*/
|
||||||
|
|
||||||
void
|
void
|
||||||
|
Pandora_Windows_Service::purgeDiskCollections () {
|
||||||
|
|
||||||
|
DIR *dir;
|
||||||
|
struct dirent *dir_content;
|
||||||
|
struct stat file;
|
||||||
|
string tmp, filepath;
|
||||||
|
|
||||||
|
filepath = Pandora::getPandoraInstallDir() +"collections\\";
|
||||||
|
/*Open the directory*/
|
||||||
|
dir = opendir (filepath.c_str ());
|
||||||
|
|
||||||
|
/*Read the directory looking for files and folders*/
|
||||||
|
dir_content = readdir(dir);
|
||||||
|
|
||||||
|
while (dir_content != NULL) {
|
||||||
|
|
||||||
|
stat(tmp.c_str(),&file);
|
||||||
|
|
||||||
|
/*If is a folder, check for . and .. */
|
||||||
|
if ( (strcmp(dir_content->d_name,".") != 0) && (strcmp(dir_content->d_name,"..") != 0) ) {
|
||||||
|
/*If the file is not in collection list, delete the file*/
|
||||||
|
if(! conf->isInCollectionList(dir_content->d_name) ) {
|
||||||
|
tmp = filepath+dir_content->d_name;
|
||||||
|
Pandora_File::removeDir(tmp);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*Next item*/
|
||||||
|
dir_content = readdir(dir);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*Close dir oppened*/
|
||||||
|
closedir(dir);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Check collections to sync it between server and agent
|
||||||
|
*/
|
||||||
|
void
|
||||||
Pandora_Windows_Service::checkCollections () {
|
Pandora_Windows_Service::checkCollections () {
|
||||||
|
|
||||||
int flag, i;
|
int flag, i;
|
||||||
|
@ -836,6 +882,7 @@ Pandora_Windows_Service::checkCollections () {
|
||||||
/*Go to next collection*/
|
/*Go to next collection*/
|
||||||
conf->goNextCollection();
|
conf->goNextCollection();
|
||||||
}
|
}
|
||||||
|
purgeDiskCollections ();
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
|
|
|
@ -47,7 +47,8 @@ namespace Pandora {
|
||||||
long transfer_interval;
|
long transfer_interval;
|
||||||
bool started;
|
bool started;
|
||||||
void *udp_server;
|
void *udp_server;
|
||||||
|
list<string> collection_disk;
|
||||||
|
|
||||||
string getXmlHeader ();
|
string getXmlHeader ();
|
||||||
int copyDataFile (string filename);
|
int copyDataFile (string filename);
|
||||||
int copyTentacleDataFile (string host,
|
int copyTentacleDataFile (string host,
|
||||||
|
@ -73,8 +74,10 @@ namespace Pandora {
|
||||||
void checkCollections ();
|
void checkCollections ();
|
||||||
void addCollectionsPath();
|
void addCollectionsPath();
|
||||||
void checkConfig ();
|
void checkConfig ();
|
||||||
|
void purgeDiskCollections ();
|
||||||
|
|
||||||
Pandora_Windows_Service ();
|
Pandora_Windows_Service ();
|
||||||
|
|
||||||
public:
|
public:
|
||||||
void pandora_run ();
|
void pandora_run ();
|
||||||
void pandora_init ();
|
void pandora_init ();
|
||||||
|
|
Loading…
Reference in New Issue