Fossil SCM
Initial infrastructure for a command-line version of the security audit page.
Commit
dba4c4f2c488a2eefd09c2a794afc11813858e7fff6171db2027767914f46b7d
Parent
b17aba9e20d8237…
1 file changed
+107
+107
| --- src/security_audit.c | ||
| +++ src/security_audit.c | ||
| @@ -706,5 +706,112 @@ | ||
| 706 | 706 | } |
| 707 | 707 | fclose(in); |
| 708 | 708 | @ </pre> |
| 709 | 709 | style_footer(); |
| 710 | 710 | } |
| 711 | + | |
| 712 | +#if INTERFACE | |
| 713 | +/* | |
| 714 | +** Options for the audit() function. Also used to record the severity | |
| 715 | +** of audit findings. | |
| 716 | +*/ | |
| 717 | +#define AUDIT_RISK 0x0001 /* High-risk configurations */ | |
| 718 | +#define AUDIT_ALERT 0x0002 /* Possible security issues */ | |
| 719 | +#define AUDIT_WARN 0x0004 /* Less secure settings, but still ok */ | |
| 720 | +#define AUDIT_INFO 0x0008 /* Information about routine settings */ | |
| 721 | +#define AUDIT_CKONLY 0x0010 /* Return a boolean instead of a list */ | |
| 722 | + | |
| 723 | +/* | |
| 724 | +** Report the findings of an audit as a list of strings contained in | |
| 725 | +** an instance of the following object. | |
| 726 | +*/ | |
| 727 | +struct AuditReport { | |
| 728 | + int nItem; /* Number of items in the report. Size of a[] */ | |
| 729 | + int nAlloc; /* Space allocated for a[] */ | |
| 730 | + struct { /* For each item... */ | |
| 731 | + int mSeverity; /* One of the AUDIT_ flags */ | |
| 732 | + char *zMsg; /* Description of the item */ | |
| 733 | + } *a; /* Array of all items in the report */ | |
| 734 | +}; | |
| 735 | +#endif | |
| 736 | + | |
| 737 | +/* | |
| 738 | +** Free a list of concerns previously returned by audid() | |
| 739 | +*/ | |
| 740 | +void audit_free(AuditReport *p){ | |
| 741 | + int i; | |
| 742 | + if( p==0 ) return; | |
| 743 | + for(i=0; p->nItem; i++){ | |
| 744 | + fossil_free(p->a[i].zMsg); | |
| 745 | + } | |
| 746 | + fossil_free(p); | |
| 747 | +} | |
| 748 | + | |
| 749 | +/* | |
| 750 | +** Append a new entry to the AuditReport | |
| 751 | +*/ | |
| 752 | +void audit_append(AuditReport *p, int severity, const char *zFormat, ...){ | |
| 753 | + va_list ap; | |
| 754 | + int i; | |
| 755 | + if( p->nItem+1>=p->nAlloc ){ | |
| 756 | + int nNew = p->nAlloc*2 + 10; | |
| 757 | + p->a = fossil_realloc(p->a, nNew*sizeof(p->a[0])); | |
| 758 | + p->nAlloc = nNew; | |
| 759 | + } | |
| 760 | + i = p->nItem++; | |
| 761 | + va_start(ap, zFormat); | |
| 762 | + p->a[i].mSeverity = severity; | |
| 763 | + p->a[i].zMsg = vmprintf(zFormat, ap); | |
| 764 | + va_end(ap); | |
| 765 | +} | |
| 766 | + | |
| 767 | +/* | |
| 768 | +** Generate and return an audit report. | |
| 769 | +*/ | |
| 770 | +AuditReport *audit(int mFlags){ | |
| 771 | + AuditReport *p = fossil_malloc( sizeof(*p) ); | |
| 772 | + memset(p, 0, sizeof(*p)); | |
| 773 | + | |
| 774 | + return p; | |
| 775 | +} | |
| 776 | + | |
| 777 | +/* | |
| 778 | +** COMMAND: audit | |
| 779 | +** | |
| 780 | +** Usage: %fossil audit [options] | |
| 781 | +** | |
| 782 | +** Run an audit of a Fossil repository looking for questionable or | |
| 783 | +** insecure settings. Report findings on standard output. If not | |
| 784 | +** anomalies are detected, no output generated. | |
| 785 | +** | |
| 786 | +** By default, only high-risk settings are reported. Use the -v or | |
| 787 | +** -w options to show additional detail. | |
| 788 | +** | |
| 789 | +** Options: | |
| 790 | +** | |
| 791 | +** -R|--repository REPO Run the audit of REPO | |
| 792 | +** | |
| 793 | +** -v|--verbose Provide lots of extra information about the | |
| 794 | +** configuration | |
| 795 | +** | |
| 796 | +** -w|--warnings Provide warnings of questionable settings | |
| 797 | +** in addition to high-risk settings. | |
| 798 | +*/ | |
| 799 | +void audit_cmd(void){ | |
| 800 | + AuditReport *p; | |
| 801 | + int mSeverity = AUDIT_RISK|AUDIT_ALERT; | |
| 802 | + int i; | |
| 803 | + if( find_option("verbose","v",0) ){ | |
| 804 | + mSeverity |= AUDIT_INFO|AUDIT_WARN; | |
| 805 | + } | |
| 806 | + if( find_option("warning","w",0) ){ | |
| 807 | + mSeverity |= AUDIT_WARN; | |
| 808 | + } | |
| 809 | + db_find_and_open_repository(0, 0); | |
| 810 | + verify_all_options(); | |
| 811 | + | |
| 812 | + p = audit(mSeverity); | |
| 813 | + for(i=0; i<p->nItem; i++){ | |
| 814 | + fossil_print(" * %s\n", p->a[i].zMsg); | |
| 815 | + } | |
| 816 | + audit_free(p); | |
| 817 | +} | |
| 711 | 818 |
| --- src/security_audit.c | |
| +++ src/security_audit.c | |
| @@ -706,5 +706,112 @@ | |
| 706 | } |
| 707 | fclose(in); |
| 708 | @ </pre> |
| 709 | style_footer(); |
| 710 | } |
| 711 |
| --- src/security_audit.c | |
| +++ src/security_audit.c | |
| @@ -706,5 +706,112 @@ | |
| 706 | } |
| 707 | fclose(in); |
| 708 | @ </pre> |
| 709 | style_footer(); |
| 710 | } |
| 711 | |
| 712 | #if INTERFACE |
| 713 | /* |
| 714 | ** Options for the audit() function. Also used to record the severity |
| 715 | ** of audit findings. |
| 716 | */ |
| 717 | #define AUDIT_RISK 0x0001 /* High-risk configurations */ |
| 718 | #define AUDIT_ALERT 0x0002 /* Possible security issues */ |
| 719 | #define AUDIT_WARN 0x0004 /* Less secure settings, but still ok */ |
| 720 | #define AUDIT_INFO 0x0008 /* Information about routine settings */ |
| 721 | #define AUDIT_CKONLY 0x0010 /* Return a boolean instead of a list */ |
| 722 | |
| 723 | /* |
| 724 | ** Report the findings of an audit as a list of strings contained in |
| 725 | ** an instance of the following object. |
| 726 | */ |
| 727 | struct AuditReport { |
| 728 | int nItem; /* Number of items in the report. Size of a[] */ |
| 729 | int nAlloc; /* Space allocated for a[] */ |
| 730 | struct { /* For each item... */ |
| 731 | int mSeverity; /* One of the AUDIT_ flags */ |
| 732 | char *zMsg; /* Description of the item */ |
| 733 | } *a; /* Array of all items in the report */ |
| 734 | }; |
| 735 | #endif |
| 736 | |
| 737 | /* |
| 738 | ** Free a list of concerns previously returned by audid() |
| 739 | */ |
| 740 | void audit_free(AuditReport *p){ |
| 741 | int i; |
| 742 | if( p==0 ) return; |
| 743 | for(i=0; p->nItem; i++){ |
| 744 | fossil_free(p->a[i].zMsg); |
| 745 | } |
| 746 | fossil_free(p); |
| 747 | } |
| 748 | |
| 749 | /* |
| 750 | ** Append a new entry to the AuditReport |
| 751 | */ |
| 752 | void audit_append(AuditReport *p, int severity, const char *zFormat, ...){ |
| 753 | va_list ap; |
| 754 | int i; |
| 755 | if( p->nItem+1>=p->nAlloc ){ |
| 756 | int nNew = p->nAlloc*2 + 10; |
| 757 | p->a = fossil_realloc(p->a, nNew*sizeof(p->a[0])); |
| 758 | p->nAlloc = nNew; |
| 759 | } |
| 760 | i = p->nItem++; |
| 761 | va_start(ap, zFormat); |
| 762 | p->a[i].mSeverity = severity; |
| 763 | p->a[i].zMsg = vmprintf(zFormat, ap); |
| 764 | va_end(ap); |
| 765 | } |
| 766 | |
| 767 | /* |
| 768 | ** Generate and return an audit report. |
| 769 | */ |
| 770 | AuditReport *audit(int mFlags){ |
| 771 | AuditReport *p = fossil_malloc( sizeof(*p) ); |
| 772 | memset(p, 0, sizeof(*p)); |
| 773 | |
| 774 | return p; |
| 775 | } |
| 776 | |
| 777 | /* |
| 778 | ** COMMAND: audit |
| 779 | ** |
| 780 | ** Usage: %fossil audit [options] |
| 781 | ** |
| 782 | ** Run an audit of a Fossil repository looking for questionable or |
| 783 | ** insecure settings. Report findings on standard output. If not |
| 784 | ** anomalies are detected, no output generated. |
| 785 | ** |
| 786 | ** By default, only high-risk settings are reported. Use the -v or |
| 787 | ** -w options to show additional detail. |
| 788 | ** |
| 789 | ** Options: |
| 790 | ** |
| 791 | ** -R|--repository REPO Run the audit of REPO |
| 792 | ** |
| 793 | ** -v|--verbose Provide lots of extra information about the |
| 794 | ** configuration |
| 795 | ** |
| 796 | ** -w|--warnings Provide warnings of questionable settings |
| 797 | ** in addition to high-risk settings. |
| 798 | */ |
| 799 | void audit_cmd(void){ |
| 800 | AuditReport *p; |
| 801 | int mSeverity = AUDIT_RISK|AUDIT_ALERT; |
| 802 | int i; |
| 803 | if( find_option("verbose","v",0) ){ |
| 804 | mSeverity |= AUDIT_INFO|AUDIT_WARN; |
| 805 | } |
| 806 | if( find_option("warning","w",0) ){ |
| 807 | mSeverity |= AUDIT_WARN; |
| 808 | } |
| 809 | db_find_and_open_repository(0, 0); |
| 810 | verify_all_options(); |
| 811 | |
| 812 | p = audit(mSeverity); |
| 813 | for(i=0; i<p->nItem; i++){ |
| 814 | fossil_print(" * %s\n", p->a[i].zMsg); |
| 815 | } |
| 816 | audit_free(p); |
| 817 | } |
| 818 |