Add USE_LIBSODIUM to the Makefile

ddpbsd committed Dec 19, 2017

Start to add options for allowing different FIM hashes to be used.

ddpbsd committed Dec 19, 2017

Don't allow sha256 in non-sodium builds.

ddpbsd committed Dec 19, 2017

Silence a clang warning.

ddpbsd committed Dec 19, 2017

Make sure msg is initialized.

ddpbsd committed Dec 19, 2017

Merge branch 'master' of https://github.com/ossec/ossec-hids into lib… …

…sodium

ddpbsd committed Jan 15, 2018

Try to use libsodium to allow us to check sha256 hashes. …

It will switch from running OS_md5_sha1_File to OS_algorithm_File
The output will be different. Enable with LIBSODIUM_ENABLED=y
!! Incomplete and untested !!

ddpbsd committed Jan 15, 2018

Fix a typo

ddpbsd committed Jan 17, 2018

xml_check_sha256sum is not used

ddpbsd committed Jan 17, 2018

randombytes -> OS_randombytes. There is a randombytes() in libsodium … …

…as well

ddpbsd committed Jan 17, 2018

Fix-up the sha256 stuff. It compiles. Testing will begin shortly.

ddpbsd committed Jan 17, 2018

Merged into md5_sha1_op.c.

ddpbsd committed Jan 17, 2018

randombytes() -> OS_randombytes(). libsodium has a randombytes() too

ddpbsd committed Jan 17, 2018

Add some more libsodium bits.

ddpbsd committed Feb 11, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed Feb 11, 2018

alg_output -> hash_output

ddpbsd committed Feb 14, 2018

OS_algorithms_File -> OS_Hash_File

ddpbsd committed Feb 14, 2018

Make sure we don't set the output for a hash if we aren't checking …

that hash.

ddpbsd committed Feb 14, 2018

sprintf->snprintf

ddpbsd committed Feb 14, 2018

Don't run the check if the md5 is 'xxx'

ddpbsd committed Feb 15, 2018

Not sure what I was thinking, but correct a stupid typo.

ddpbsd committed Feb 15, 2018

Go about this in a slightly different way.

ddpbsd committed Feb 15, 2018

Closer to supporting sha256

ddpbsd committed Feb 15, 2018

The basic idea is to have hash1 and hash2. Then the hash strings …

will be prepended with the hash type followed by an '='.
This will cause changes in analysisd, I think. It will have to handle
the different hash strings and types. I can probably either change to
a generic signature for "HASH changed," and maybe add the hash type
into a field in the alert (like src_ip). Or continue with the way rules
are currently written and add rules for the new hash types.

ddpbsd committed Feb 15, 2018

Add some more libsodium bits to create_db.c.

ddpbsd committed Mar 6, 2018

I think sha256 is working. …

lots of devug left in, need to free file_sums or change how it's being handled
plenty of other cleanups available. sleep now. code later

ddpbsd committed Mar 7, 2018

Remove some debugging printfs

ddpbsd committed Mar 7, 2018

Merge branch 'master' of https://github.com/ossec/ossec-hids into lib… …

…sodium

ddpbsd committed Mar 7, 2018

Make this actually compile.

ddpbsd committed Mar 11, 2018

sqlite

ddpbsd committed Mar 13, 2018

Add some explicit nul terminators …

Add some debug messages

ddpbsd committed Mar 13, 2018

More sha256 work. Still lots of debug stuff.

ddpbsd committed Mar 14, 2018

Remove some debugging.

ddpbsd committed Mar 14, 2018

Get rid of some debug stuff.

ddpbsd committed Mar 14, 2018

More debugging

ddpbsd committed Mar 14, 2018

Correctly deal with these variables.

ddpbsd committed Mar 15, 2018

Oops, I prefer -ggdb to -g, so I often change it and switch back before …

pushing. This one snuck through

ddpbsd committed Mar 15, 2018

Linux didn't like writing a variable to itself with snprintf, so …

complicate this a bit to make it work.

Spacing

ddpbsd committed Mar 15, 2018

Make sure sodium.h isn't added if we're not in LIBSODIUM_ENABLED

ddpbsd committed Mar 15, 2018

Disable these for now. The idea isn't fully fleshed out yet.

ddpbsd committed Mar 15, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed Mar 15, 2018

Try to do tests for libsodium and sqlite

ddpbsd committed Mar 23, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed Mar 23, 2018

CID 166736: Ignoring number of bytes read …

CID 166735: String not null terminated

ddpbsd committed Apr 11, 2018

CID 153424: Buffer not null terminated

ddpbsd committed Apr 11, 2018

CID 28500: Resource leak

ddpbsd committed Apr 11, 2018

CID 28511: Resource leak

ddpbsd committed Apr 11, 2018

Merge branch 'master' of https://github.com/ossec/ossec-hids into cov… …

…erity_20180411

ddpbsd committed Apr 17, 2018

spaces -> tabs

ddpbsd committed Apr 17, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed Apr 23, 2018

Merge branch 'coverity_20180411' of github.com:ddpbsd/ossec-hids into… …

… libsodium

ddpbsd committed Apr 23, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed Apr 30, 2018

Close fp before leaving GetRandomNoise() …

Spotted by Codacy

ddpbsd committed Apr 30, 2018

Clarify calculation precedence for '&' and '?'. …

From codacy. More to come if this seems to work.

ddpbsd committed Apr 30, 2018

The rest of the "Clarify calculation precedence for '&' and '?'" commit. …

From codacy.

ddpbsd committed Apr 30, 2018

No libsodium-dev or libsodium in Trusty? There's a ppa for that!

ddpbsd committed May 1, 2018

md5->sha256

ddpbsd committed May 25, 2018

Get rid of hash1 and hash2. Bad idea.

ddpbsd committed May 25, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed May 30, 2018

From codacy

ddpbsd committed May 30, 2018

Get rid of hash1, hash2. …

Introduce the blake2b hash output

ddpbsd committed May 31, 2018

Adjust

ddpbsd committed Jun 5, 2018

Force add the libsodium repository

ddpbsd committed Jun 6, 2018

I'll get this right eventually.

ddpbsd committed Jun 6, 2018

Try this again.

ddpbsd committed Jun 6, 2018

Makes testing easier

ddpbsd committed Jun 6, 2018

Don't mention blake2b in case libsodium changes their generic algorithm. …

Make room for the libsodium generic hash algorithm.
Make it easier to see which hashes will be checked.

ddpbsd committed Jun 8, 2018

Add libsodium's generichash (blake2b right now)

ddpbsd committed Jun 8, 2018

Start to add blake2b

ddpbsd committed Jun 9, 2018

Make opts available everywhere.

ddpbsd committed Jun 9, 2018

Start to make sure this reports everything properly.

ddpbsd committed Jun 9, 2018

Caused a crash in reportd

ddpbsd committed Jun 22, 2018

I need these right now

ddpbsd committed Jun 22, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed Jun 22, 2018

Looks like I was previously truncating the SHA256 and GENERIC hash …

outputs, oops. Make sure to traverse the entire hash to translate from
unsigned char to signed char.

ddpbsd committed Jun 22, 2018

Generichash wasn't named in the log output. …

simplify some of the ifdefs.

ddpbsd committed Jun 22, 2018

Make sure the generic hash is written to new_hashes. …

LOTS of debugging stuff that will be removed shortly.

ddpbsd committed Jun 22, 2018

Remove my debug stuff.

ddpbsd committed Jun 22, 2018

Remove some debugging stuff.

ddpbsd committed Jun 22, 2018

This doesn't have to be extern here

ddpbsd committed Jun 22, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed Jun 26, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed Jun 27, 2018

The variable should be sha256 not generic.

ddpbsd committed Jun 27, 2018

Increase the alert_msg size from 916 to 2048 in some places. …

The instances that are MAC_PATH stayed the same.

ddpbsd committed Jun 28, 2018

Try to push the correct sums to run_check.

ddpbsd committed Jul 12, 2018

Add some more debugging. …

Get rid of a free that was apparently not ok.

ddpbsd committed Jul 12, 2018

Instead of passing syscheck_opts around (which I didn't do correctly) …

pass the opts in the function.

ddpbsd committed Jul 12, 2018

I forgot to copy new_hashes_tmp to new_hashes like a moron. …

Also remove some debugging.

ddpbsd committed Jul 13, 2018

Remove the poorly done syscheck_opts idea. I switched to passing …

the opts to the functions that needed it instead. Much cleaner.

ddpbsd committed Jul 13, 2018

Remove more debugging stuff.

ddpbsd committed Jul 13, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed Jul 13, 2018

Add the hash names into the hash output so that we know what we're …

looking at when investigating later. I'm not sure if I should use
GENERIC or BLAKE2B for the "generic" hash. It's set to GENERIC for now.

Hopefully correct some ifdef/else/endif LIBSODIUM stuff. I think alert_msg
was being overwritten in a few places making my actual hashes to be written
as "xxx:xxx" (no value, basically) instead of the actual computed hashes.

Also a bunch of debugging stuff that will be removed later.

ddpbsd committed Jul 19, 2018

Merge branch 'master' of https://github.com/ossec/ossec-hids into lib… …

…sodium_test

ddpbsd committed Jul 19, 2018

Get rid of some debugging.

ddpbsd committed Jul 25, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed Jul 31, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed Aug 6, 2018

Merge branch 'master' of github.com:ossec/ossec-hids into libsodium

ddpbsd committed Oct 12, 2018

Merge branch 'master' of github.com:ddpbsd/ossec-hids into libsodium

ddpbsd committed Oct 15, 2018

Missed a conflict.

ddpbsd committed Oct 16, 2018