Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Could not possible to add agents more than 3999 with ossec-authd #642

Closed
netman2k opened this issue Jul 22, 2015 · 4 comments
Closed

Could not possible to add agents more than 3999 with ossec-authd #642

netman2k opened this issue Jul 22, 2015 · 4 comments
Assignees
@atomicturtle

Comments

@netman2k
Copy link

Dear users and developers

I've been using OSSEC in my company for almost 2 years now.

I modified the ossec-authd to check client SSL certification for security reason last year.
My company has got almost 6000 agents now. but at that time I found some of problem with it.
The problem was that I couldn't add more agents more than 3999.
To solve this problem, I looked into the code and found it.

as you can see the below code which is the part of the file, src/addagent/validate.c

nid[8] = '\0';
if (id == NULL) {
    int i = 1024;
    snprintf(nid, 6, "%d", i);
    while (IDExist(nid)) {
        i++;
        snprintf(nid, 6, "%d", i);
        if (i >= 4000) {
            return (NULL);
        }
    }
    id = nid;

Can you see it? there is 4000!!!.

So I changed it with this:

if (i >= (MAX_AGENTS + 1024)){

Please correct me If I did wrong and that the way.
Thanks for reading
@netman2k netman2k changed the title Could not possible add agents more than 3999 with ossec-authd Could not possible to add agents more than 3999 with ossec-authd Aug 10, 2015
@jer-gentoo
Copy link

Are you sure about the 3999 is? Looks like 3999 - 1024 to me.

@kefkii
Copy link

kefkii commented Dec 18, 2015

Having similar issue, can you comment if your change fixed your problem of being able to add additional agents via agent-auth?

@netman2k
Copy link
Author

Currently, Our ossec server manages all most 6000 servers at this time.
also we do not create any key manually. we use agent-auth method to register the servers without any problems.

@netman2k
Copy link
Author

Dear jer-gentoo, I re-downloaded the ossec file from this url.
https://bintray.com/artifact/download/ossec/ossec-hids/ossec-hids-2.8.3.tar.gz
I found that it still contains this lines of codes.

nid[8] = '\0';
if(id == NULL)
{
    i = 1024;
    snprintf(nid, 6, "%d", i);
    while(IDExist(nid))
    {
        i++;
        snprintf(nid, 6, "%d", i);
        if(i >= 4000)
        {
            return(NULL);
        }
    }
    id = nid;
}

Did I understand what you asking for?

@netman2k netman2k reopened this Dec 21, 2015
@atomicturtle atomicturtle self-assigned this Dec 24, 2015
atomicturtle added a commit to atomicturtle/ossec-hids that referenced this issue Dec 24, 2015
@atomicturtle
Fixes ossec#642, increases the max client limit for authd from 4000 t…
344accb 
…o the

build time variable for MAX_AGENTS + 1024. Credit to  netman2k  for this
fix.
atomicturtle added a commit that referenced this issue Dec 24, 2015
@atomicturtle
Fix #642, increase ossec-authd max agents
a0dae0c 
Credit to netman2k, thanks!
ddpbsd added a commit that referenced this issue Dec 24, 2015
@ddpbsd
Merge pull request #724 from atomicturtle/fix642
85b4ed5 
- Fix #642, ossec-authd maxagents
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@atomicturtle atomicturtle

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jer-gentoo @atomicturtle @netman2k @kefkii