-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improves configuration of OVAL updates #416
Conversation
Also adds update intervals for each OVAL
The base code for 'URL' option has also been added
src/wazuh_modules/wm_vuln_detector.h
Outdated
#define VU_MODERATE "Moderate" | ||
#define VU_MEDIUM "Medium" | ||
#define VU_HIGH "High" | ||
#define VU_IMPORTANT "Important" | ||
|
||
extern const wm_context WM_VULNDETECTOR_CONTEXT; | ||
|
||
static const char *vu_dist[] = { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Declaring static (private) strings in a header has no sense. It produces warnings in all source files except which they are used in:
In file included from wazuh_modules/wmodules.h:64:0,
from wazuh_modules/main.c:12:
wazuh_modules/wm_vuln_detector.h:53:20: warning: ‘vu_dist’ defined but not used [-Wunused-variable]
static const char *vu_dist[] = {
^~~~~~~
src/config/wmodules-vuln-detector.c
Outdated
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing OS_ClearNode(chld_node);
src/config/wmodules-vuln-detector.c
Outdated
os_strdup(chld_node[j]->content, upd->path); | ||
} else { | ||
merror("Invalid option '%s' for tag '%s' at module '%s'.", chld_node[j]->element, XML_FEED , WM_VULNDETECTOR_CONTEXT.name); | ||
return OS_INVALID; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing OS_ClearNode(chld_node);
src/config/wmodules-vuln-detector.c
Outdated
} else if (!strcmp(chld_node[j]->element, XML_UPDATE_INTERVAL)) { | ||
if (get_interval(chld_node[j]->content, &upd->interval)) { | ||
merror("Invalid content for '%s' option at module '%s'", XML_UPDATE_INTERVAL, WM_VULNDETECTOR_CONTEXT.name); | ||
return OS_INVALID; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing OS_ClearNode(chld_node);
.
src/config/wmodules-vuln-detector.c
Outdated
} | ||
} else { | ||
merror("Invalid content for '%s' option at module '%s'", XML_DISABLED, WM_VULNDETECTOR_CONTEXT.name); | ||
return OS_INVALID; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing OS_ClearNode(chld_node);
.
03e4e3c
to
f6871c4
Compare
GJ @crolopez! |
The way in which OVAL updates are configured has been restructured. Now each source is configured separately and not in groups as before.
To configure the update we will use the feed tag, followed by the name attribute. The value of this attribute must be the operating system followed by the version (OS-VERSION).
We can also deactivate each source with disable and configure a custom update interval with update_interval.
Before
Now
Two new options have also been added to configure alternative sources to the official repositories:
The syntax of these sources must be the same as that used by official repositories.