Improves configuration of OVAL updates #416
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Also adds update intervals for each OVAL
The base code for 'URL' option has also been added
vikman90
requested changes
Mar 21, 2018
src/wazuh_modules/wm_vuln_detector.h
Outdated
| #define VU_MODERATE "Moderate" | ||
| #define VU_MEDIUM "Medium" | ||
| #define VU_HIGH "High" | ||
| #define VU_IMPORTANT "Important" | ||
|
|
||
| extern const wm_context WM_VULNDETECTOR_CONTEXT; | ||
|
|
||
| static const char *vu_dist[] = { |
There was a problem hiding this comment.
Declaring static (private) strings in a header has no sense. It produces warnings in all source files except which they are used in:
In file included from wazuh_modules/wmodules.h:64:0,
from wazuh_modules/main.c:12:
wazuh_modules/wm_vuln_detector.h:53:20: warning: ‘vu_dist’ defined but not used [-Wunused-variable]
static const char *vu_dist[] = {
^~~~~~~
src/config/wmodules-vuln-detector.c
Outdated
| } | ||
| } |
There was a problem hiding this comment.
Missing OS_ClearNode(chld_node);
src/config/wmodules-vuln-detector.c
Outdated
| os_strdup(chld_node[j]->content, upd->path); | ||
| } else { | ||
| merror("Invalid option '%s' for tag '%s' at module '%s'.", chld_node[j]->element, XML_FEED , WM_VULNDETECTOR_CONTEXT.name); | ||
| return OS_INVALID; |
There was a problem hiding this comment.
Missing OS_ClearNode(chld_node);
src/config/wmodules-vuln-detector.c
Outdated
| } else if (!strcmp(chld_node[j]->element, XML_UPDATE_INTERVAL)) { | ||
| if (get_interval(chld_node[j]->content, &upd->interval)) { | ||
| merror("Invalid content for '%s' option at module '%s'", XML_UPDATE_INTERVAL, WM_VULNDETECTOR_CONTEXT.name); | ||
| return OS_INVALID; |
There was a problem hiding this comment.
Missing OS_ClearNode(chld_node);.
src/config/wmodules-vuln-detector.c
Outdated
| } | ||
| } else { | ||
| merror("Invalid content for '%s' option at module '%s'", XML_DISABLED, WM_VULNDETECTOR_CONTEXT.name); | ||
| return OS_INVALID; |
There was a problem hiding this comment.
Missing OS_ClearNode(chld_node);.
vikman90
approved these changes
Mar 21, 2018
vikman90
force-pushed
the
master
branch
2 times, most recently
from
03e4e3c
to
f6871c4
Compare
|
GJ @crolopez! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The way in which OVAL updates are configured has been restructured. Now each source is configured separately and not in groups as before.
To configure the update we will use the feed tag, followed by the name attribute. The value of this attribute must be the operating system followed by the version (OS-VERSION).
We can also deactivate each source with disable and configure a custom update interval with update_interval.
Before
Now
Two new options have also been added to configure alternative sources to the official repositories:
The syntax of these sources must be the same as that used by official repositories.