本文整理匯總了C++中CfOut函數的典型用法代碼示例。如果您正苦於以下問題:C++ CfOut函數的具體用法?C++ CfOut怎麽用?C++ CfOut使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了CfOut函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的C++代碼示例。
示例1: Summarize
void Summarize()
{
Auth *ptr;
Item *ip, *ipr;
CfOut(cf_verbose, "", "Summarize control promises\n");
CfOut(cf_verbose, "", "Granted access to paths :\n");
for (ptr = VADMIT; ptr != NULL; ptr = ptr->next)
{
CfOut(cf_verbose, "", "Path: %s (encrypt=%d)\n", ptr->path, ptr->encrypt);
for (ip = ptr->accesslist; ip != NULL; ip = ip->next)
{
CfOut(cf_verbose, "", " Admit: %s root=", ip->name);
for (ipr = ptr->maproot; ipr != NULL; ipr = ipr->next)
{
CfOut(cf_verbose, "", "%s,", ipr->name);
}
}
}
CfOut(cf_verbose, "", "Denied access to paths :\n");
for (ptr = VDENY; ptr != NULL; ptr = ptr->next)
{
CfOut(cf_verbose, "", "Path: %s\n", ptr->path);
for (ip = ptr->accesslist; ip != NULL; ip = ip->next)
{
CfOut(cf_verbose, "", " Deny: %s\n", ip->name);
}
}
CfOut(cf_verbose, "", " -> Host IPs allowed connection access :\n");
for (ip = NONATTACKERLIST; ip != NULL; ip = ip->next)
{
CfOut(cf_verbose, "", " .... IP: %s\n", ip->name);
}
CfOut(cf_verbose, "", "Host IPs denied connection access :\n");
for (ip = ATTACKERLIST; ip != NULL; ip = ip->next)
{
CfOut(cf_verbose, "", " .... IP: %s\n", ip->name);
}
CfOut(cf_verbose, "", "Host IPs allowed multiple connection access :\n");
for (ip = MULTICONNLIST; ip != NULL; ip = ip->next)
{
CfOut(cf_verbose, "", " .... IP: %s\n", ip->name);
}
CfOut(cf_verbose, "", "Host IPs from whom we shall accept public keys on trust :\n");
for (ip = TRUSTKEYLIST; ip != NULL; ip = ip->next)
{
CfOut(cf_verbose, "", " .... IP: %s\n", ip->name);
}
CfOut(cf_verbose, "", "Users from whom we accept connections :\n");
for (ip = ALLOWUSERLIST; ip != NULL; ip = ip->next)
{
CfOut(cf_verbose, "", " .... USERS: %s\n", ip->name);
}
CfOut(cf_verbose, "", "Host IPs from NAT which we don't verify :\n");
for (ip = SKIPVERIFY; ip != NULL; ip = ip->next)
{
CfOut(cf_verbose, "", " .... IP: %s\n", ip->name);
}
CfOut(cf_verbose, "", "Dynamical Host IPs (e.g. DHCP) whose bindings could vary over time :\n");
for (ip = DHCPLIST; ip != NULL; ip = ip->next)
{
CfOut(cf_verbose, "", " .... IP: %s\n", ip->name);
}
}
示例2: ConsiderFile
int ConsiderFile(const char *nodename,char *path,struct Attributes attr,struct Promise *pp)
{ int i, suspicious = true;
struct stat statbuf;
char newname[CF_BUFSIZE],vbuff[CF_BUFSIZE];
const char *sp;
static char *skipfiles[] =
{
".",
"..",
"lost+found",
".cfengine.rm",
NULL
};
if (strlen(nodename) < 1)
{
CfOut(cf_error,"","Empty (null) filename detected in %s\n",path);
return true;
}
if (IsItemIn(SUSPICIOUSLIST,nodename))
{
struct stat statbuf;
if (cfstat(nodename,&statbuf) != -1)
{
if (S_ISREG(statbuf.st_mode))
{
CfOut(cf_error,"","Suspicious file %s found in %s\n",nodename,path);
return false;
}
}
}
if (strcmp(nodename,"...") == 0)
{
CfOut(cf_verbose,"","Possible DFS/FS cell node detected in %s...\n",path);
return true;
}
for (i = 0; skipfiles[i] != NULL; i++)
{
if (strcmp(nodename,skipfiles[i]) == 0)
{
Debug("Filename %s/%s is classified as ignorable\n",path,nodename);
return false;
}
}
if ((strcmp("[",nodename) == 0) && (strcmp("/usr/bin",path) == 0))
{
if (VSYSTEMHARDCLASS == linuxx)
{
return true;
}
}
suspicious = true;
for (sp = nodename; *sp != '\0'; sp++)
{
if ((*sp > 31) && (*sp < 127))
{
suspicious = false;
break;
}
}
strcpy(vbuff,path);
AddSlash(vbuff);
strcat(vbuff,nodename);
for (sp = nodename; *sp != '\0'; sp++) /* Check for files like ".. ." */
{
if ((*sp != '.') && ! isspace(*sp))
{
suspicious = false;
return true;
}
}
if (cf_lstat(vbuff,&statbuf,attr,pp) == -1)
{
CfOut(cf_verbose,"lstat","Couldn't stat %s",vbuff);
return true;
}
if (statbuf.st_size == 0 && ! (VERBOSE||INFORM)) /* No sense in warning about empty files */
{
return false;
}
CfOut(cf_error,"","Suspicious looking file object \"%s\" masquerading as hidden file in %s\n",nodename,path);
Debug("Filename looks suspicious\n");
if (S_ISLNK(statbuf.st_mode))
{
CfOut(cf_inform,""," %s is a symbolic link\n",nodename);
}
//.........這裏部分代碼省略.........
示例3: KeepKeyPromises
static void KeepKeyPromises(void)
{
unsigned long err;
RSA *pair;
FILE *fp;
struct stat statbuf;
int fd;
static char *passphrase = "Cfengine passphrase";
const EVP_CIPHER *cipher;
char vbuff[CF_BUFSIZE];
NewScope("common");
cipher = EVP_des_ede3_cbc();
if (cfstat(CFPUBKEYFILE, &statbuf) != -1)
{
CfOut(cf_cmdout, "", "A key file already exists at %s\n", CFPUBKEYFILE);
return;
}
if (cfstat(CFPRIVKEYFILE, &statbuf) != -1)
{
CfOut(cf_cmdout, "", "A key file already exists at %s\n", CFPRIVKEYFILE);
return;
}
printf("Making a key pair for cfengine, please wait, this could take a minute...\n");
pair = RSA_generate_key(2048, 35, NULL, NULL);
if (pair == NULL)
{
err = ERR_get_error();
CfOut(cf_error, "", "Unable to generate key: %s\n", ERR_reason_error_string(err));
return;
}
if (DEBUG)
{
RSA_print_fp(stdout, pair, 0);
}
fd = open(CFPRIVKEYFILE, O_WRONLY | O_CREAT | O_TRUNC, 0600);
if (fd < 0)
{
CfOut(cf_error, "open", "Open %s failed: %s.", CFPRIVKEYFILE, strerror(errno));
return;
}
if ((fp = fdopen(fd, "w")) == NULL)
{
CfOut(cf_error, "fdopen", "Couldn't open private key %s.", CFPRIVKEYFILE);
close(fd);
return;
}
CfOut(cf_verbose, "", "Writing private key to %s\n", CFPRIVKEYFILE);
if (!PEM_write_RSAPrivateKey(fp, pair, cipher, passphrase, strlen(passphrase), NULL, NULL))
{
err = ERR_get_error();
CfOut(cf_error, "", "Couldn't write private key: %s\n", ERR_reason_error_string(err));
return;
}
fclose(fp);
fd = open(CFPUBKEYFILE, O_WRONLY | O_CREAT | O_TRUNC, 0600);
if (fd < 0)
{
CfOut(cf_error, "open", "Unable to open public key %s.", CFPUBKEYFILE);
return;
}
if ((fp = fdopen(fd, "w")) == NULL)
{
CfOut(cf_error, "fdopen", "Open %s failed.", CFPUBKEYFILE);
close(fd);
return;
}
CfOut(cf_verbose, "", "Writing public key to %s\n", CFPUBKEYFILE);
if (!PEM_write_RSAPublicKey(fp, pair))
{
err = ERR_get_error();
CfOut(cf_error, "", "Unable to write public key: %s\n", ERR_reason_error_string(err));
return;
}
fclose(fp);
snprintf(vbuff, CF_BUFSIZE, "%s/randseed", CFWORKDIR);
RAND_write_file(vbuff);
cf_chmod(vbuff, 0644);
}
示例4: main
int main(int argc, char *argv[])
{
int ret = 0;
GenericAgentConfig *config = CheckOpts(argc, argv);
#ifdef HAVE_AVAHI_CLIENT_CLIENT_H
#ifdef HAVE_AVAHI_COMMON_ADDRESS_H
if (NULL_OR_EMPTY(POLICY_SERVER) && BOOTSTRAP)
{
int ret = AutomaticBootstrap();
if (ret < 0)
{
return 1;
}
}
#endif
#endif
ReportContext *report_context = OpenReports(config->agent_type);
GenericAgentDiscoverContext(config, report_context);
Policy *policy = NULL;
if (GenericAgentCheckPolicy(config, report_context, ALWAYS_VALIDATE))
{
policy = GenericAgentLoadPolicy(config->agent_type, config, report_context);
}
else if (config->tty_interactive)
{
FatalError("CFEngine was not able to get confirmation of promises from cf-promises, please verify input file\n");
}
else
{
CfOut(OUTPUT_LEVEL_ERROR, "", "CFEngine was not able to get confirmation of promises from cf-promises, so going to failsafe\n");
HardClass("failsafe_fallback");
GenericAgentConfigSetInputFile(config, "failsafe.cf");
policy = GenericAgentLoadPolicy(config->agent_type, config, report_context);
}
CheckLicenses();
ThisAgentInit();
BeginAudit();
KeepPromises(policy, config, report_context);
CloseReports("agent", report_context);
// only note class usage when default policy is run
if (!config->input_file)
{
NoteClassUsage(VHEAP, true);
NoteClassUsage(VHARDHEAP, true);
}
#ifdef HAVE_NOVA
Nova_NoteVarUsageDB();
Nova_TrackExecution(config->input_file);
#endif
PurgeLocks();
if (BOOTSTRAP && !VerifyBootstrap())
{
ret = 1;
}
EndAudit(CFA_BACKGROUND);
GenericAgentConfigDestroy(config);
return ret;
}
示例5: KeepControlPromises
void KeepControlPromises(Policy *policy)
{
Rval retval;
Rlist *rp;
Seq *constraints = ControlBodyConstraints(policy, AGENT_TYPE_AGENT);
if (constraints)
{
for (size_t i = 0; i < SeqLength(constraints); i++)
{
Constraint *cp = SeqAt(constraints, i);
if (IsExcluded(cp->classes, NULL))
{
continue;
}
if (GetVariable("control_common", cp->lval, &retval) != DATA_TYPE_NONE)
{
/* Already handled in generic_agent */
continue;
}
if (GetVariable("control_agent", cp->lval, &retval) == DATA_TYPE_NONE)
{
CfOut(OUTPUT_LEVEL_ERROR, "", "Unknown lval %s in agent control body", cp->lval);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_maxconnections].lval) == 0)
{
CFA_MAXTHREADS = (int) IntFromString(retval.item);
CfOut(OUTPUT_LEVEL_VERBOSE, "", "SET maxconnections = %d\n", CFA_MAXTHREADS);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_checksum_alert_time].lval) == 0)
{
CF_PERSISTENCE = (int) IntFromString(retval.item);
CfOut(OUTPUT_LEVEL_VERBOSE, "", "SET checksum_alert_time = %d\n", CF_PERSISTENCE);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_agentfacility].lval) == 0)
{
SetFacility(retval.item);
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_agentaccess].lval) == 0)
{
ACCESSLIST = (Rlist *) retval.item;
CheckAgentAccess(ACCESSLIST, InputFiles(policy));
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_refresh_processes].lval) == 0)
{
Rlist *rp;
if (VERBOSE)
{
printf("%s> SET refresh_processes when starting: ", VPREFIX);
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
printf(" %s", (char *) rp->item);
PrependItem(&PROCESSREFRESH, rp->item, NULL);
}
printf("\n");
}
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_abortclasses].lval) == 0)
{
Rlist *rp;
CfOut(OUTPUT_LEVEL_VERBOSE, "", "SET Abort classes from ...\n");
for (rp = (Rlist *) retval.item; rp != NULL; rp = rp->next)
{
char name[CF_MAXVARSIZE] = "";
strncpy(name, rp->item, CF_MAXVARSIZE - 1);
AddAbortClass(name, cp->classes);
}
continue;
}
if (strcmp(cp->lval, CFA_CONTROLBODY[cfa_abortbundleclasses].lval) == 0)
{
Rlist *rp;
CfOut(OUTPUT_LEVEL_VERBOSE, "", "SET Abort bundle classes from ...\n");
//.........這裏部分代碼省略.........
示例6: HailServer
static int HailServer(char *host, Attributes a, Promise *pp)
{
AgentConnection *conn;
char sendbuffer[CF_BUFSIZE], recvbuffer[CF_BUFSIZE], peer[CF_MAXVARSIZE], ipv4[CF_MAXVARSIZE],
digest[CF_MAXVARSIZE], user[CF_SMALLBUF];
bool gotkey;
char reply[8];
a.copy.portnumber = (short) ParseHostname(host, peer);
snprintf(ipv4, CF_MAXVARSIZE, "%s", Hostname2IPString(peer));
Address2Hostkey(ipv4, digest);
GetCurrentUserName(user, CF_SMALLBUF);
if (INTERACTIVE)
{
CfOut(OUTPUT_LEVEL_VERBOSE, "", " -> Using interactive key trust...\n");
gotkey = HavePublicKey(user, peer, digest) != NULL;
if (!gotkey)
{
gotkey = HavePublicKey(user, ipv4, digest) != NULL;
}
if (!gotkey)
{
printf("WARNING - You do not have a public key from host %s = %s\n", host, ipv4);
printf(" Do you want to accept one on trust? (yes/no)\n\n--> ");
while (true)
{
if (fgets(reply, 8, stdin) == NULL)
{
FatalError("EOF trying to read answer from terminal");
}
if (Chop(reply, CF_EXPANDSIZE) == -1)
{
CfOut(OUTPUT_LEVEL_ERROR, "", "Chop was called on a string that seemed to have no terminator");
}
if (strcmp(reply, "yes") == 0)
{
printf(" -> Will trust the key...\n");
a.copy.trustkey = true;
break;
}
else if (strcmp(reply, "no") == 0)
{
printf(" -> Will not trust the key...\n");
a.copy.trustkey = false;
break;
}
else
{
printf(" !! Please reply yes or no...(%s)\n", reply);
}
}
}
}
/* Continue */
#ifdef __MINGW32__
CfOut(OUTPUT_LEVEL_INFORM, "", "...........................................................................\n");
CfOut(OUTPUT_LEVEL_INFORM, "", " * Hailing %s : %u, with options \"%s\" (serial)\n", peer, a.copy.portnumber,
REMOTE_AGENT_OPTIONS);
CfOut(OUTPUT_LEVEL_INFORM, "", "...........................................................................\n");
#else /* !__MINGW32__ */
if (BACKGROUND)
{
CfOut(OUTPUT_LEVEL_INFORM, "", "Hailing %s : %u, with options \"%s\" (parallel)\n", peer, a.copy.portnumber,
REMOTE_AGENT_OPTIONS);
}
else
{
CfOut(OUTPUT_LEVEL_INFORM, "", "...........................................................................\n");
CfOut(OUTPUT_LEVEL_INFORM, "", " * Hailing %s : %u, with options \"%s\" (serial)\n", peer, a.copy.portnumber,
REMOTE_AGENT_OPTIONS);
CfOut(OUTPUT_LEVEL_INFORM, "", "...........................................................................\n");
}
#endif /* !__MINGW32__ */
a.copy.servers = RlistFromSplitString(peer, '*');
if (a.copy.servers == NULL || strcmp(a.copy.servers->item, "localhost") == 0)
{
cfPS(OUTPUT_LEVEL_INFORM, CF_NOP, "", pp, a, "No hosts are registered to connect to");
return false;
}
else
{
conn = NewServerConnection(a, pp);
if (conn == NULL)
//.........這裏部分代碼省略.........
示例7: HailExec
static void HailExec(AgentConnection *conn, char *peer, char *recvbuffer, char *sendbuffer)
{
FILE *fp = stdout;
char *sp;
int n_read;
if (strlen(DEFINECLASSES))
{
snprintf(sendbuffer, CF_BUFSIZE, "EXEC %s -D%s", REMOTE_AGENT_OPTIONS, DEFINECLASSES);
}
else
{
snprintf(sendbuffer, CF_BUFSIZE, "EXEC %s", REMOTE_AGENT_OPTIONS);
}
if (SendTransaction(conn->sd, sendbuffer, 0, CF_DONE) == -1)
{
CfOut(OUTPUT_LEVEL_ERROR, "send", "Transmission rejected");
DisconnectServer(conn);
return;
}
fp = NewStream(peer);
SendClassData(conn);
while (true)
{
memset(recvbuffer, 0, CF_BUFSIZE);
if ((n_read = ReceiveTransaction(conn->sd, recvbuffer, NULL)) == -1)
{
return;
}
if (n_read == 0)
{
break;
}
if (strlen(recvbuffer) == 0)
{
continue;
}
if ((sp = strstr(recvbuffer, CFD_TERMINATOR)) != NULL)
{
break;
}
if ((sp = strstr(recvbuffer, "BAD:")) != NULL)
{
fprintf(fp, "%s> !! %s\n", VPREFIX, recvbuffer + 4);
continue;
}
if (strstr(recvbuffer, "too soon"))
{
fprintf(fp, "%s> !! %s\n", VPREFIX, recvbuffer);
continue;
}
fprintf(fp, "%s> -> %s", VPREFIX, recvbuffer);
}
DeleteStream(fp);
DisconnectServer(conn);
}
示例8: CfenvTimeOut
static void CfenvTimeOut(int signum)
{
alarm(0);
TCPPAUSE = true;
CfOut(cf_verbose, "", "Time out\n");
}
示例9: MonNetworkSnifferGatherData
void MonNetworkSnifferGatherData(double *cf_this)
{
int i;
char vbuff[CF_BUFSIZE];
for (i = 0; i < CF_NETATTR; i++)
{
struct stat statbuf;
double entropy;
time_t now = time(NULL);
CfDebug("save incoming %s\n", TCPNAMES[i]);
snprintf(vbuff, CF_MAXVARSIZE, "%s/state/cf_incoming.%s", CFWORKDIR, TCPNAMES[i]);
if (cfstat(vbuff, &statbuf) != -1)
{
if ((ByteSizeList(NETIN_DIST[i]) < statbuf.st_size) && (now < statbuf.st_mtime + 40 * 60))
{
CfOut(cf_verbose, "", "New state %s is smaller, retaining old for 40 mins longer\n", TCPNAMES[i]);
DeleteItemList(NETIN_DIST[i]);
NETIN_DIST[i] = NULL;
continue;
}
}
SaveTCPEntropyData(NETIN_DIST[i], i, "in");
entropy = MonEntropyCalculate(NETIN_DIST[i]);
MonEntropyClassesSet(TCPNAMES[i], "in", entropy);
DeleteItemList(NETIN_DIST[i]);
NETIN_DIST[i] = NULL;
}
for (i = 0; i < CF_NETATTR; i++)
{
struct stat statbuf;
double entropy;
time_t now = time(NULL);
CfDebug("save outgoing %s\n", TCPNAMES[i]);
snprintf(vbuff, CF_MAXVARSIZE, "%s/state/cf_outgoing.%s", CFWORKDIR, TCPNAMES[i]);
if (cfstat(vbuff, &statbuf) != -1)
{
if ((ByteSizeList(NETOUT_DIST[i]) < statbuf.st_size) && (now < statbuf.st_mtime + 40 * 60))
{
CfOut(cf_verbose, "", "New state %s is smaller, retaining old for 40 mins longer\n", TCPNAMES[i]);
DeleteItemList(NETOUT_DIST[i]);
NETOUT_DIST[i] = NULL;
continue;
}
}
SaveTCPEntropyData(NETOUT_DIST[i], i, "out");
entropy = MonEntropyCalculate(NETOUT_DIST[i]);
MonEntropyClassesSet(TCPNAMES[i], "out", entropy);
DeleteItemList(NETOUT_DIST[i]);
NETOUT_DIST[i] = NULL;
}
}
示例10: AddVariableHash
int AddVariableHash(const char *scope, const char *lval, Rval rval, enum cfdatatype dtype, const char *fname,
int lineno)
{
Scope *ptr;
const Rlist *rp;
CfAssoc *assoc;
if (rval.rtype == CF_SCALAR)
{
CfDebug("AddVariableHash(%s.%s=%s (%s) rtype=%c)\n", scope, lval, (const char *) rval.item, CF_DATATYPES[dtype],
rval.rtype);
}
else
{
CfDebug("AddVariableHash(%s.%s=(list) (%s) rtype=%c)\n", scope, lval, CF_DATATYPES[dtype], rval.rtype);
}
if (lval == NULL || scope == NULL)
{
CfOut(cf_error, "", "scope.value = %s.%s", scope, lval);
ReportError("Bad variable or scope in a variable assignment");
FatalError("Should not happen - forgotten to register a function call in fncall.c?");
}
if (rval.item == NULL)
{
CfDebug("No value to assignment - probably a parameter in an unused bundle/body\n");
return false;
}
if (strlen(lval) > CF_MAXVARSIZE)
{
ReportError("variable lval too long");
return false;
}
/* If we are not expanding a body template, check for recursive singularities */
if (strcmp(scope, "body") != 0)
{
switch (rval.rtype)
{
case CF_SCALAR:
if (StringContainsVar((char *) rval.item, lval))
{
CfOut(cf_error, "", "Scalar variable %s.%s contains itself (non-convergent): %s", scope, lval,
(char *) rval.item);
return false;
}
break;
case CF_LIST:
for (rp = rval.item; rp != NULL; rp = rp->next)
{
if (StringContainsVar((char *) rp->item, lval))
{
CfOut(cf_error, "", "List variable %s contains itself (non-convergent)", lval);
return false;
}
}
break;
}
}
ptr = GetScope(scope);
if (ptr == NULL)
{
return false;
}
// Look for outstanding lists in variable rvals
if (THIS_AGENT_TYPE == cf_common)
{
Rlist *listvars = NULL, *scalarvars = NULL;
if (strcmp(CONTEXTID, "this") != 0)
{
MapIteratorsFromRval(CONTEXTID, &scalarvars, &listvars, rval, NULL);
if (listvars != NULL)
{
CfOut(cf_error, "", " !! Redefinition of variable \"%s\" (embedded list in RHS) in context \"%s\"",
lval, CONTEXTID);
}
DeleteRlist(scalarvars);
DeleteRlist(listvars);
}
}
assoc = HashLookupElement(ptr->hashtable, lval);
if (assoc)
{
if (CompareVariableValue(rval, assoc) == 0)
//.........這裏部分代碼省略.........
示例11: DeRefListsInHashtable
void DeRefListsInHashtable(char *scope, Rlist *namelist, Rlist *dereflist)
// Go through scope and for each variable in name-list, replace with a
// value from the deref "lol" (list of lists) clock
{
int len;
Scope *ptr;
Rlist *rp;
CfAssoc *cplist;
HashIterator i;
CfAssoc *assoc;
if ((len = RlistLen(namelist)) != RlistLen(dereflist))
{
CfOut(cf_error, "", " !! Name list %d, dereflist %d\n", len, RlistLen(dereflist));
FatalError("Software Error DeRefLists... correlated lists not same length");
}
if (len == 0)
{
return;
}
ptr = GetScope(scope);
i = HashIteratorInit(ptr->hashtable);
while ((assoc = HashIteratorNext(&i)))
{
for (rp = dereflist; rp != NULL; rp = rp->next)
{
cplist = (CfAssoc *) rp->item;
if (strcmp(cplist->lval, assoc->lval) == 0)
{
/* Link up temp hash to variable lol */
if (rp->state_ptr == NULL || rp->state_ptr->type == CF_FNCALL)
{
/* Unexpanded function, or blank variable must be skipped. */
return;
}
if (rp->state_ptr)
{
CfDebug("Rewriting expanded type for %s from %s to %s\n", assoc->lval, CF_DATATYPES[assoc->dtype],
(char *) rp->state_ptr->item);
// must first free existing rval in scope, then allocate new (should always be string)
DeleteRvalItem(assoc->rval);
// avoids double free - borrowing value from lol (freed in DeleteScope())
assoc->rval.item = xstrdup(rp->state_ptr->item);
}
switch (assoc->dtype)
{
case cf_slist:
assoc->dtype = cf_str;
assoc->rval.rtype = CF_SCALAR;
break;
case cf_ilist:
assoc->dtype = cf_int;
assoc->rval.rtype = CF_SCALAR;
break;
case cf_rlist:
assoc->dtype = cf_real;
assoc->rval.rtype = CF_SCALAR;
break;
default:
/* Only lists need to be converted */
break;
}
CfDebug(" to %s\n", CF_DATATYPES[assoc->dtype]);
}
}
}
}
示例12: LoadSecretKeys
void LoadSecretKeys()
{
FILE *fp;
static char *passphrase = "Cfengine passphrase", name[CF_BUFSIZE], source[CF_BUFSIZE];
char guard[CF_MAXVARSIZE];
unsigned char digest[EVP_MAX_MD_SIZE + 1];
unsigned long err;
struct stat sb;
if ((fp = fopen(PrivateKeyFile(), "r")) == NULL)
{
CfOut(OUTPUT_LEVEL_INFORM, "fopen", "Couldn't find a private key (%s) - use cf-key to get one", PrivateKeyFile());
return;
}
if ((PRIVKEY = PEM_read_RSAPrivateKey(fp, (RSA **) NULL, NULL, passphrase)) == NULL)
{
err = ERR_get_error();
CfOut(OUTPUT_LEVEL_ERROR, "PEM_read", "Error reading Private Key = %s\n", ERR_reason_error_string(err));
PRIVKEY = NULL;
fclose(fp);
return;
}
fclose(fp);
CfOut(OUTPUT_LEVEL_VERBOSE, "", " -> Loaded private key %s\n", PrivateKeyFile());
if ((fp = fopen(PublicKeyFile(), "r")) == NULL)
{
CfOut(OUTPUT_LEVEL_ERROR, "fopen", "Couldn't find a public key (%s) - use cf-key to get one", PublicKeyFile());
return;
}
if ((PUBKEY = PEM_read_RSAPublicKey(fp, NULL, NULL, passphrase)) == NULL)
{
err = ERR_get_error();
CfOut(OUTPUT_LEVEL_ERROR, "PEM_read", "Error reading Private Key = %s\n", ERR_reason_error_string(err));
PUBKEY = NULL;
fclose(fp);
return;
}
CfOut(OUTPUT_LEVEL_VERBOSE, "", " -> Loaded public key %s\n", PublicKeyFile());
fclose(fp);
if ((BN_num_bits(PUBKEY->e) < 2) || (!BN_is_odd(PUBKEY->e)))
{
FatalError("RSA Exponent too small or not odd");
}
if (NULL_OR_EMPTY(POLICY_SERVER))
{
snprintf(name, CF_MAXVARSIZE - 1, "%s%cpolicy_server.dat", CFWORKDIR, FILE_SEPARATOR);
if ((fp = fopen(name, "r")) != NULL)
{
if (fscanf(fp, "%4095s", POLICY_SERVER) != 1)
{
CfDebug("Couldn't read string from policy_server.dat");
}
fclose(fp);
}
}
/* Check that we have our own SHA key form of the key in the IP on the hub */
char buffer[EVP_MAX_MD_SIZE * 4];
HashPubKey(PUBKEY, digest, CF_DEFAULT_DIGEST);
snprintf(name, CF_MAXVARSIZE, "%s/ppkeys/%s-%s.pub", CFWORKDIR, "root", HashPrintSafe(CF_DEFAULT_DIGEST, digest, buffer));
MapName(name);
snprintf(source, CF_MAXVARSIZE, "%s/ppkeys/localhost.pub", CFWORKDIR);
MapName(source);
// During bootstrap we need the pre-registered IP/hash pair on the hub
snprintf(guard, sizeof(guard), "%s/state/am_policy_hub", CFWORKDIR);
MapName(guard);
// need to use cf_stat
if ((stat(name, &sb) == -1) && (stat(guard, &sb) != -1))
// copy localhost.pub to root-HASH.pub on policy server
{
LastSaw(POLICY_SERVER, digest, LAST_SEEN_ROLE_CONNECT);
if (!LinkOrCopy(source, name, false))
{
CfOut(OUTPUT_LEVEL_ERROR, "", " -> Unable to clone server's key file as %s\n", name);
}
}
}
示例13: snprintf
RSA *HavePublicKey(char *username, char *ipaddress, char *digest)
{
char keyname[CF_MAXVARSIZE], newname[CF_BUFSIZE], oldname[CF_BUFSIZE];
struct stat statbuf;
static char *passphrase = "public";
unsigned long err;
FILE *fp;
RSA *newkey = NULL;
snprintf(keyname, CF_MAXVARSIZE, "%s-%s", username, digest);
CfDebug("HavePublickey(%s)\n", keyname);
snprintf(newname, CF_BUFSIZE, "%s/ppkeys/%s.pub", CFWORKDIR, keyname);
MapName(newname);
if (cfstat(newname, &statbuf) == -1)
{
CfOut(OUTPUT_LEVEL_VERBOSE, "", " -> Did not find new key format %s", newname);
snprintf(oldname, CF_BUFSIZE, "%s/ppkeys/%s-%s.pub", CFWORKDIR, username, ipaddress);
MapName(oldname);
CfOut(OUTPUT_LEVEL_VERBOSE, "", " -> Trying old style %s", oldname);
if (cfstat(oldname, &statbuf) == -1)
{
CfDebug("Did not have old-style key %s\n", oldname);
return NULL;
}
if (strlen(digest) > 0)
{
CfOut(OUTPUT_LEVEL_INFORM, "", " -> Renaming old key from %s to %s", oldname, newname);
if (rename(oldname, newname) != 0)
{
CfOut(OUTPUT_LEVEL_ERROR, "rename", "!! Could not rename from old key format (%s) to new (%s)", oldname, newname);
}
}
else // we don't know the digest (e.g. because we are a client and
// have no lastseen-map and/or root-SHA...pub of the server's key
// yet) Just using old file format (root-IP.pub) without renaming for now.
{
CfOut(OUTPUT_LEVEL_VERBOSE, "", " -> Could not map key file to new format - we have no digest yet (using %s)",
oldname);
snprintf(newname, sizeof(newname), "%s", oldname);
}
}
if ((fp = fopen(newname, "r")) == NULL)
{
CfOut(OUTPUT_LEVEL_ERROR, "fopen", "Couldn't find a public key (%s)", newname);
return NULL;
}
if ((newkey = PEM_read_RSAPublicKey(fp, NULL, NULL, passphrase)) == NULL)
{
err = ERR_get_error();
CfOut(OUTPUT_LEVEL_ERROR, "PEM_read", "Error reading Private Key = %s\n", ERR_reason_error_string(err));
fclose(fp);
return NULL;
}
fclose(fp);
if ((BN_num_bits(newkey->e) < 2) || (!BN_is_odd(newkey->e)))
{
FatalError("RSA Exponent too small or not odd");
}
return newkey;
}
示例14: CopyData
/*
* Copy data jumping over areas filled by '\0', so files automatically become sparse if possible.
*/
static bool CopyData(const char *source, int sd, const char *destination, int dd, char *buf, size_t buf_size)
{
off_t n_read_total = 0;
while (true)
{
ssize_t n_read = read(sd, buf, buf_size);
if (n_read == -1)
{
if (errno == EINTR)
{
continue;
}
CfOut(OUTPUT_LEVEL_ERROR, "read", "Unable to read source file while doing %s to %s", source, destination);
return false;
}
if (n_read == 0)
{
/*
* As the tail of file may contain of bytes '\0' (and hence
* lseek(2)ed on destination instead of being written), do a
* ftruncate(2) here to ensure the whole file is written to the
* disc.
*/
if (ftruncate(dd, n_read_total) < 0)
{
CfOut(OUTPUT_LEVEL_ERROR, "ftruncate", "Copy failed (no space?) while doing %s to %s", source, destination);
return false;
}
return true;
}
n_read_total += n_read;
/* Copy/seek */
void *cur = buf;
void *end = buf + n_read;
while (cur < end)
{
void *skip_span = MemSpan(cur, 0, end - cur);
if (skip_span > cur)
{
if (lseek(dd, skip_span - cur, SEEK_CUR) < 0)
{
CfOut(OUTPUT_LEVEL_ERROR, "lseek", "Copy failed (no space?) while doing %s to %s", source, destination);
return false;
}
cur = skip_span;
}
void *copy_span = MemSpanInverse(cur, 0, end - cur);
if (copy_span > cur)
{
if (FullWrite(dd, cur, copy_span - cur) < 0)
{
CfOut(OUTPUT_LEVEL_ERROR, "write", "Copy failed (no space?) while doing %s to %s", source, destination);
return false;
}
cur = copy_span;
}
}
}
}
示例15: main
int main(int argc, char *argv[])
{
Rlist *rp;
Promise *pp;
#if !defined(__MINGW32__)
int count = 0;
int status;
int pid;
#endif
GenericAgentConfig *config = CheckOpts(argc, argv);
ReportContext *report_context = OpenReports(config->agent_type);
GenericAgentDiscoverContext(config, report_context);
Policy *policy = GenericAgentLoadPolicy(config->agent_type, config, report_context);
CheckLicenses();
ThisAgentInit();
KeepControlPromises(policy); // Set RUNATTR using copy
if (BACKGROUND && INTERACTIVE)
{
CfOut(OUTPUT_LEVEL_ERROR, "", " !! You cannot specify background mode and interactive mode together");
exit(1);
}
pp = MakeDefaultRunAgentPromise();
/* HvB */
if (HOSTLIST)
{
rp = HOSTLIST;
while (rp != NULL)
{
#ifdef __MINGW32__
if (BACKGROUND)
{
CfOut(OUTPUT_LEVEL_VERBOSE, "",
"Windows does not support starting processes in the background - starting in foreground");
BACKGROUND = false;
}
#else
if (BACKGROUND) /* parallel */
{
if (count <= MAXCHILD)
{
if (fork() == 0) /* child process */
{
HailServer(rp->item, RUNATTR, pp);
exit(0);
}
else /* parent process */
{
rp = rp->next;
count++;
}
}
else
{
pid = wait(&status);
CfDebug("child = %d, child number = %d\n", pid, count);
count--;
}
}
else /* serial */
#endif /* __MINGW32__ */
{
HailServer(rp->item, RUNATTR, pp);
rp = rp->next;
}
} /* end while */
} /* end if HOSTLIST */
#ifndef __MINGW32__
if (BACKGROUND)
{
printf("Waiting for child processes to finish\n");
while (count > 1)
{
pid = wait(&status);
CfOut(OUTPUT_LEVEL_VERBOSE, "", "Child = %d ended, number = %d\n", pid, count);
count--;
}
}
#endif
PromiseDestroy(pp);
GenericAgentConfigDestroy(config);
ReportContextDestroy(report_context);
return 0;
}