Don't consider empty client.keys to be a failure condition on servers

chewi · chewi · commit 3b476f0385c8 · 2015-11-16T11:30:30.000Z
client.keys is already reloaded each time a given key is not found in
memory so there's no harm in this file being empty. In fact, it's
downright annoying if you're using authd because you have to wait for
the first agent to register and then manually restart the server
before they can start communicating. Removing this check would make
the Chef cookbook less clunky.

Disclaimer: I haven't tested this at all because I've already sunk too
much time into the cookbook. The change seems simple enough though.
diff --git a/src/os_crypto/shared/keys.c b/src/os_crypto/shared/keys.c
@@ -250,8 +250,8 @@ void OS_ReadKeys(keystore *keys)
     /* Clear one last time before leaving */
     __memclear(id, name, ip, key, KEYSIZE + 1);
 
-    /* Check if there are any agents available */
-    if (keys->keysize == 0) {
+    /* Check if there are any keys available, except on remoted */
+    if (keys->keysize == 0 && strcmp(__local_name, "ossec-remoted") != 0) {
         ErrorExit(NO_REM_CONN, __local_name);
     }
 

Original file line number	Diff line number	Diff line change
`@@ -250,8 +250,8 @@ void OS_ReadKeys(keystore *keys)`
`250`	`250`	`/* Clear one last time before leaving */`
`251`	`251`	`__memclear(id, name, ip, key, KEYSIZE + 1);`
`252`	`252`
`253`		`- /* Check if there are any agents available */`
`254`		`- if (keys->keysize == 0) {`
	`253`	`+ /* Check if there are any keys available, except on remoted */`
	`254`	`+ if (keys->keysize == 0 && strcmp(__local_name, "ossec-remoted") != 0) {`
`255`	`255`	`ErrorExit(NO_REM_CONN, __local_name);`
`256`	`256`	`}`
`257`	`257`