Merged
Conversation
added 6 commits
June 28, 2017 14:35
…ion of agent with a duplicated IP, and enables the option for re-using agent ID's in authd.
…limit to force the deletion of an agent with a duplicated IP, and the option for the re-using of an agent ID in authd
…for duplicated IPs, and enabled option for re-using an agent ID
…st_mtime and removed the .tv_sec, since mtime returns the time of last modification in seconds. Should resolve previous build errors in Travis.
Contributor
|
You've reintroduced a number of IPv4 dependencies into the code. Can you redo in a IP version agnostic way?
Tony
… On Jun 29, 2017, at 09:04, hcw2016 ***@***.***> wrote:
Several changes were made to support TCP for secure connections. Changes came from the patch files as well as Wazuh.
You can view, comment on, or merge this pull request online at:
#1162
Commit Summary
Patches to avoid inserting duplicated Ips, time limit to force delection of agent with a duplicated IP, and enables the option for re-using agent ID's in authd.
Patches to avoid insering duplicated Ips into authd, enabling a time limit to force the deletion of an agent with a duplicated IP, and the option for the re-using of an agent ID in authd
Patches to avoid the duplication of IPs in authd, enabled time limit for duplicated IPs, and enabled option for re-using an agent ID
Added simple check in the opening of file object in OS_RemoveAgent
In OS_AgentAntiquity changed the return statement at the end to call st_mtime and removed the .tv_sec, since mtime returns the time of last modification in seconds. Should resolve previous build errors in Travis.
Multiple changes made to support TCP for secure connections.
File Changes
M src/Makefile (7)
M src/addagent/manage_agents.h (3)
M src/addagent/validate.c (147)
M src/client-agent/agentd.c (1)
M src/client-agent/config.c (2)
M src/client-agent/receiver-win.c (14)
M src/client-agent/receiver.c (14)
M src/client-agent/sendmsg.c (32)
M src/client-agent/start_agent.c (30)
M src/config/client-config.c (11)
M src/config/client-config.h (5)
M src/config/config.h (3)
M src/config/remote-config.c (4)
M src/config/remote-config.h (3)
M src/headers/defs.h (2)
M src/headers/sec.h (3)
M src/os_auth/main-server.c (77)
M src/os_net/os_net.c (4)
M src/os_net/os_net.h (4)
M src/remoted/README (2)
M src/remoted/ar-forward.c (6)
M src/remoted/main.c (4)
M src/remoted/manager.c (8)
M src/remoted/remoted.c (7)
M src/remoted/remoted.h (7)
M src/remoted/secure.c (40)
M src/remoted/sendmsg.c (21)
M src/win32/win_agent.c (26)
Patch Links:
https://github.com/ossec/ossec-hids/pull/1162.patch
https://github.com/ossec/ossec-hids/pull/1162.diff
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
Author
|
Mr. Querubin,
I am unsure of what you are asking. Did I do something wrong with the code?
I noticed that it supported IPV4 and not IPV6. I just want to make sure I
did not mess something up.
Thanks,
Hayden Cody Woods
On Fri, Jun 30, 2017 at 5:36 AM, Antonio Querubin <notifications@github.com>
wrote:
… You've reintroduced a number of IPv4 dependencies into the code. Can you
redo in a IP version agnostic way?
Tony
> On Jun 29, 2017, at 09:04, hcw2016 ***@***.***> wrote:
>
> Several changes were made to support TCP for secure connections. Changes
came from the patch files as well as Wazuh.
>
> You can view, comment on, or merge this pull request online at:
>
> #1162
>
> Commit Summary
>
> Patches to avoid inserting duplicated Ips, time limit to force delection
of agent with a duplicated IP, and enables the option for re-using agent
ID's in authd.
> Patches to avoid insering duplicated Ips into authd, enabling a time
limit to force the deletion of an agent with a duplicated IP, and the
option for the re-using of an agent ID in authd
> Patches to avoid the duplication of IPs in authd, enabled time limit for
duplicated IPs, and enabled option for re-using an agent ID
> Added simple check in the opening of file object in OS_RemoveAgent
> In OS_AgentAntiquity changed the return statement at the end to call
st_mtime and removed the .tv_sec, since mtime returns the time of last
modification in seconds. Should resolve previous build errors in Travis.
> Multiple changes made to support TCP for secure connections.
> File Changes
>
> M src/Makefile (7)
> M src/addagent/manage_agents.h (3)
> M src/addagent/validate.c (147)
> M src/client-agent/agentd.c (1)
> M src/client-agent/config.c (2)
> M src/client-agent/receiver-win.c (14)
> M src/client-agent/receiver.c (14)
> M src/client-agent/sendmsg.c (32)
> M src/client-agent/start_agent.c (30)
> M src/config/client-config.c (11)
> M src/config/client-config.h (5)
> M src/config/config.h (3)
> M src/config/remote-config.c (4)
> M src/config/remote-config.h (3)
> M src/headers/defs.h (2)
> M src/headers/sec.h (3)
> M src/os_auth/main-server.c (77)
> M src/os_net/os_net.c (4)
> M src/os_net/os_net.h (4)
> M src/remoted/README (2)
> M src/remoted/ar-forward.c (6)
> M src/remoted/main.c (4)
> M src/remoted/manager.c (8)
> M src/remoted/remoted.c (7)
> M src/remoted/remoted.h (7)
> M src/remoted/secure.c (40)
> M src/remoted/sendmsg.c (21)
> M src/win32/win_agent.c (26)
> Patch Links:
>
> https://github.com/ossec/ossec-hids/pull/1162.patch
> https://github.com/ossec/ossec-hids/pull/1162.diff
> —
> You are receiving this because you are subscribed to this thread.
> Reply to this email directly, view it on GitHub, or mute the thread.
>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#1162 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ATiuftVTg55aT4MS5-Pje4ueqSog2r7gks5sJMGjgaJpZM4OJvMn>
.
|
Contributor
|
That's exactly the point. OSSEC supports IPv6 and IPv4. In several places your patches re-introduce code that only supports IPv4.
Tony
… On Jun 30, 2017, at 00:51, hcw2016 ***@***.***> wrote:
Mr. Querubin,
I am unsure of what you are asking. Did I do something wrong with the code?
I noticed that it supported IPV4 and not IPV6. I just want to make sure I
did not mess something up.
Thanks,
Hayden Cody Woods
On Fri, Jun 30, 2017 at 5:36 AM, Antonio Querubin ***@***.***>
wrote:
> You've reintroduced a number of IPv4 dependencies into the code. Can you
> redo in a IP version agnostic way?
>
> Tony
>
> > On Jun 29, 2017, at 09:04, hcw2016 ***@***.***> wrote:
> >
> > Several changes were made to support TCP for secure connections. Changes
> came from the patch files as well as Wazuh.
> >
> > You can view, comment on, or merge this pull request online at:
> >
> > #1162
> >
> > Commit Summary
> >
> > Patches to avoid inserting duplicated Ips, time limit to force delection
> of agent with a duplicated IP, and enables the option for re-using agent
> ID's in authd.
> > Patches to avoid insering duplicated Ips into authd, enabling a time
> limit to force the deletion of an agent with a duplicated IP, and the
> option for the re-using of an agent ID in authd
> > Patches to avoid the duplication of IPs in authd, enabled time limit for
> duplicated IPs, and enabled option for re-using an agent ID
> > Added simple check in the opening of file object in OS_RemoveAgent
> > In OS_AgentAntiquity changed the return statement at the end to call
> st_mtime and removed the .tv_sec, since mtime returns the time of last
> modification in seconds. Should resolve previous build errors in Travis.
> > Multiple changes made to support TCP for secure connections.
> > File Changes
> >
> > M src/Makefile (7)
> > M src/addagent/manage_agents.h (3)
> > M src/addagent/validate.c (147)
> > M src/client-agent/agentd.c (1)
> > M src/client-agent/config.c (2)
> > M src/client-agent/receiver-win.c (14)
> > M src/client-agent/receiver.c (14)
> > M src/client-agent/sendmsg.c (32)
> > M src/client-agent/start_agent.c (30)
> > M src/config/client-config.c (11)
> > M src/config/client-config.h (5)
> > M src/config/config.h (3)
> > M src/config/remote-config.c (4)
> > M src/config/remote-config.h (3)
> > M src/headers/defs.h (2)
> > M src/headers/sec.h (3)
> > M src/os_auth/main-server.c (77)
> > M src/os_net/os_net.c (4)
> > M src/os_net/os_net.h (4)
> > M src/remoted/README (2)
> > M src/remoted/ar-forward.c (6)
> > M src/remoted/main.c (4)
> > M src/remoted/manager.c (8)
> > M src/remoted/remoted.c (7)
> > M src/remoted/remoted.h (7)
> > M src/remoted/secure.c (40)
> > M src/remoted/sendmsg.c (21)
> > M src/win32/win_agent.c (26)
> > Patch Links:
> >
> > https://github.com/ossec/ossec-hids/pull/1162.patch
> > https://github.com/ossec/ossec-hids/pull/1162.diff
> > —
> > You are receiving this because you are subscribed to this thread.
> > Reply to this email directly, view it on GitHub, or mute the thread.
> >
>
> —
> You are receiving this because you authored the thread.
> Reply to this email directly, view it on GitHub
> <#1162 (comment)>,
> or mute the thread
> <https://github.com/notifications/unsubscribe-auth/ATiuftVTg55aT4MS5-Pje4ueqSog2r7gks5sJMGjgaJpZM4OJvMn>
> .
>
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or mute the thread.
|
Member
|
I dont think we ever merged in that IPv6 PR that added it. When I look at OS_ConnectTCP it was only ipv4 in master: int OS_ConnectTCP(char *_port, const char *_ip) I know I saw a change to that for ipv6, but I dont remember where it was |
Contributor
|
Actually, if you look back at the history, a lot of the functions had a third argument to specify whether to do IPv4 or IPv6. And they passed IP addresses and ports as 32-bit ints. However, the code to actually handle IPv6 was missing. The big IPv6 PR pulled all of that kludginess out and actually simplified and reduced the code base in many places.
Tony
… On Jun 30, 2017, at 06:43, Scott R. Shinn ***@***.***> wrote:
I dont think we ever merged in that IPv6 PR that added it. When I look at OS_ConnectTCP it was only ipv4 in master:
int OS_ConnectTCP(char *_port, const char *_ip)
I know I saw a change to that for ipv6, but I dont remember where it was
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or mute the thread.
|
Member
|
A ha! I knew I wasnt crazy for remembering those had 3 args. |
Merged
ddpbsd
added a commit
to ddpbsd/ossec-hids
that referenced
this pull request
Jul 14, 2017
ddpbsd
added a commit
to ddpbsd/ossec-hids
that referenced
this pull request
Jul 14, 2017
Remove old agents with the same IP
ddpbsd
added a commit
to ddpbsd/ossec-hids
that referenced
this pull request
Jul 14, 2017
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Several changes were made to support TCP for secure connections. Changes came from the patch files as well as Wazuh.
This change is