Skip to content

Commit

Permalink
Fix help and command line arguments in ossec-authd
Browse files Browse the repository at this point in the history 
Implement fixes for ossec#207. Added better help output and figured out
possible command line arguments.
  • Loading branch information
@awiddersheim
awiddersheim committed Aug 23, 2014
1 parent 40af29c commit 197412d
Show file tree
Hide file tree
Showing 3 changed files with 54 additions and 65 deletions.
1 change: 1 addition & 0 deletions src/os_auth/auth.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@
BIO *bio_err;
#define KEYFILE "/etc/sslmanager.key"
#define CERTFILE "/etc/sslmanager.cert"
#define DEFAULT_PORT 1515

SSL_CTX *os_ssl_keys(int is_server, char *os_dir, char *cert, char *key, char *ca_cert);
SSL_CTX *get_ssl_context();
Expand Down
65 changes: 30 additions & 35 deletions src/os_auth/main-client.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,18 +44,26 @@ int main()



void report_help()
/* print help statement */
void help_local()
{
printf("\nOSSEC HIDS %s: Connects to the manager to extract the agent key.\n", ARGV0);
printf("Available options:\n");
printf("\t-h This help message.\n");
printf("\t-m <manager ip> Manager IP Address.\n");
printf("\t-p <port> Manager port (default 1515).\n");
printf("\t-A <agent name> Agent name (default is the hostname).\n");
printf("\t-D <OSSEC Dir> Location where OSSEC is installed.\n");
printf("\t-v <Path to CA Cert> Full path to CA certificate used to verify the server.\n");
printf("\t-x <Path to agent cert> Full path to agent certificate.\n");
printf("\t-k <Path to agent key> Full path to agent key.\n");
print_header();
print_out(" %s: -[Vhdt] [-g group] [-D dir] [-m IP address] [-p port] [-A name] [-v path] [-x path] [-k path]", ARGV0);
print_out(" -V Version and license message");
print_out(" -h This help message");
print_out(" -d Execute in debug mode. This parameter");
print_out(" can be specified multiple times");
print_out(" to increase the debug level.");
print_out(" -t Test configuration");
print_out(" -g <group> Run as 'group'");
print_out(" -D <dir> Chroot to 'dir'");
print_out(" -m <addr> Manager IP address");
print_out(" -p <port> Manager port (Default: %d)", DEFAULT_PORT);
print_out(" -A <name> Agent name (Default: hostname)");
print_out(" -v <path> Full path to CA certificate used to verify the server");
print_out(" -x <path> Full path to agent certificate");
print_out(" -k <path> Full path to agent key");
print_out(" ");
exit(1);
}

Expand All @@ -64,19 +72,14 @@ void report_help()
int main(int argc, char **argv)
{
int c;
// TODO: implement or delete
int test_config __attribute__((unused)) = 0;
int test_config = 0;
#ifndef WIN32
int gid = 0;
#endif

int sock = 0, port = 1515, ret = 0;
// TODO: implement or delete
char *dir __attribute__((unused)) = DEFAULTDIR;
char *user = USER;
int sock = 0, port = DEFAULT_PORT, ret = 0;
char *dir = DEFAULTDIR;
char *group = GROUPGLOBAL;
// TODO: implement or delete
char *cfg __attribute__((unused)) = DEFAULTCPATH;
char *manager = NULL;
char *ipaddress = NULL;
char *agentname = NULL;
Expand All @@ -99,23 +102,18 @@ int main(int argc, char **argv)
/* Setting the name */
OS_SetName(ARGV0);

while((c = getopt(argc, argv, "Vdhu:g:D:c:m:p:A:v:x:k:")) != -1)
while((c = getopt(argc, argv, "Vdhtg:m:p:A:v:x:k:")) != -1)
{
switch(c){
case 'V':
print_version();
break;
case 'h':
report_help();
help_local();
break;
case 'd':
nowDebug();
break;
case 'u':
if(!optarg)
ErrorExit("%s: -u needs an argument",ARGV0);
user=optarg;
break;
case 'g':
if(!optarg)
ErrorExit("%s: -g needs an argument",ARGV0);
Expand All @@ -124,12 +122,7 @@ int main(int argc, char **argv)
case 'D':
if(!optarg)
ErrorExit("%s: -D needs an argument",ARGV0);
dir=optarg;
break;
case 'c':
if(!optarg)
ErrorExit("%s: -c needs an argument",ARGV0);
cfg = optarg;
dir = optarg;
break;
case 't':
test_config = 1;
Expand Down Expand Up @@ -169,7 +162,7 @@ int main(int argc, char **argv)
agent_key = optarg;
break;
default:
report_help();
help_local();
break;
}
}
Expand All @@ -182,9 +175,11 @@ int main(int argc, char **argv)
/* Check if the user/group given are valid */
gid = Privsep_GetGroup(group);
if(gid < 0)
ErrorExit(USER_ERROR,ARGV0,user,group);

ErrorExit(USER_ERROR,ARGV0,"",group);

/* Exit here if test config is set */
if(test_config)
exit(0);

/* Privilege separation */
if(Privsep_SetGroup(gid) < 0)
Expand Down
53 changes: 23 additions & 30 deletions src/os_auth/main-server.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,18 +33,25 @@
/* TODO: Pulled this value out of the sky, may or may not be sane */
int POOL_SIZE = 512;

/* ossec-reportd - Runs manual reports. */
void report_help()
/* print help statement */
void help_local()
{
printf("\nOSSEC HIDS %s: Automatically provide a key to clients.\n", ARGV0);
printf("Available options:\n");
printf("\t-h This help message.\n");
printf("\t-i Use client's source IP address.\n");
printf("\t-p <port> Manager port (default 1515).\n");
printf("\t-D <OSSEC Dir> Location where OSSEC is installed.\n");
printf("\t-v <Path to CA Cert> Full path to CA certificate used to verify clients.\n");
printf("\t-x <Path to server cert> Full path to server certificate.\n");
printf("\t-k <Path to server key> Full path to server key.\n");
print_header();
print_out(" %s: -[Vhdti] [-g group] [-D dir] [-p port] [-v path] [-x path] [-k path]", ARGV0);
print_out(" -V Version and license message");
print_out(" -h This help message");
print_out(" -d Execute in debug mode. This parameter");
print_out(" can be specified multiple times");
print_out(" to increase the debug level.");
print_out(" -t Test configuration");
print_out(" -i Use client's source IP address");
print_out(" -g <group> Run as 'group'");
print_out(" -D <dir> Chroot to 'dir'");
print_out(" -p <port> Manager port (Default: %d)", DEFAULT_PORT);
print_out(" -v <path> Full path to CA certificate used to verify clients");
print_out(" -x <path> Full path to server certificate");
print_out(" -k <path> Full path to server key");
print_out(" ");
exit(1);
}

Expand Down Expand Up @@ -92,12 +99,9 @@ int main(int argc, char **argv)
int process_pool[POOL_SIZE];
// Count of pids we are wait()ing on.
int c = 0, test_config = 0, use_ip_address = 0, pid = 0, status, i = 0, active_processes = 0;
int gid = 0, client_sock = 0, sock = 0, port = 1515, ret = 0;
int gid = 0, client_sock = 0, sock = 0, port = DEFAULT_PORT, ret = 0;
char *dir = DEFAULTDIR;
char *user = USER;
char *group = GROUPGLOBAL;
// TODO: implement or delete
char *cfg __attribute__((unused)) = DEFAULTCPATH;
char *server_cert = NULL;
char *server_key = NULL;
char *ca_cert = NULL;
Expand All @@ -120,26 +124,21 @@ int main(int argc, char **argv)
OS_SetName(ARGV0);
/* add an option to use the ip on the socket to tie the name to a
specific address */
while((c = getopt(argc, argv, "Vdhiu:g:D:c:m:p:v:x:k:")) != -1)
while((c = getopt(argc, argv, "Vdhtig:D:m:p:v:x:k:")) != -1)
{
switch(c){
case 'V':
print_version();
break;
case 'h':
report_help();
help_local();
break;
case 'd':
nowDebug();
break;
case 'i':
use_ip_address = 1;
break;
case 'u':
if(!optarg)
ErrorExit("%s: -u needs an argument",ARGV0);
user = optarg;
break;
case 'g':
if(!optarg)
ErrorExit("%s: -g needs an argument",ARGV0);
Expand All @@ -150,11 +149,6 @@ int main(int argc, char **argv)
ErrorExit("%s: -D needs an argument",ARGV0);
dir = optarg;
break;
case 'c':
if(!optarg)
ErrorExit("%s: -c needs an argument",ARGV0);
cfg = optarg;
break;
case 't':
test_config = 1;
break;
Expand Down Expand Up @@ -183,7 +177,7 @@ int main(int argc, char **argv)
server_key = optarg;
break;
default:
report_help();
help_local();
break;
}

Expand All @@ -195,8 +189,7 @@ int main(int argc, char **argv)
/* Check if the user/group given are valid */
gid = Privsep_GetGroup(group);
if(gid < 0)
ErrorExit(USER_ERROR,ARGV0,user,group);

ErrorExit(USER_ERROR,ARGV0,"",group);


/* Exit here if test config is set */
Expand Down

0 comments on commit 197412d

Please sign in to comment.