From 6e90d2b4a57b5437754016e4e36708a765632dfc Mon Sep 17 00:00:00 2001
From: Tomas Sarquis <tsarquis88@gmail.com>
Date: Tue, 12 Dec 2023 13:12:02 -0300
Subject: [PATCH] Update old VD config when installing Wazuh manager

Co-authored-by: Kevin Cardenas <kevin.cardenas@wazuh.com>
---
 debs/SPECS/wazuh-manager/debian/postinst | 48 +++++++++++++++++++++++-
 1 file changed, 47 insertions(+), 1 deletion(-)

diff --git a/debs/SPECS/wazuh-manager/debian/postinst b/debs/SPECS/wazuh-manager/debian/postinst
index 16935a565d..3f6f57f3fa 100644
--- a/debs/SPECS/wazuh-manager/debian/postinst
+++ b/debs/SPECS/wazuh-manager/debian/postinst
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 # postinst script for Wazuh
 # Wazuh, Inc 2015
 set -e
@@ -277,6 +277,52 @@ case "$1" in
         fi
     fi
 
+    # Function that checks if the old (< v4.8) VD configuration is present.
+    is_old_vulndet_config_present()
+    {
+        local OSSEC_CONFIGURATION_FILE="$1"
+        local VULNERABILITY_DETECTOR_PATTERN="<vulnerability-detector>"
+
+        if ( grep -q "$VULNERABILITY_DETECTOR_PATTERN" "$OSSEC_CONFIGURATION_FILE" ); then
+            return 0
+        fi
+        return 1
+    }
+
+    # Function that updates the old (< v4.8) VD configuration with the latest one.
+    update_vulndet_config()
+    {
+        local OSSEC_CONFIGURATION_FILE="$1"
+        local OSSEC_CONFIGURATION_FILE_TMP="$1.tmp"
+
+        touch $OSSEC_CONFIGURATION_FILE_TMP
+        local OSSEC_CONFIGURATION_FILE_BEFORE_VD="$(sed -ne '/<vulnerability-detector>/q;p' $OSSEC_CONFIGURATION_FILE)"
+        local OSSEC_CONFIGURATION_FILE_AFTER_VD="$(sed -e '1,/<\/vulnerability-detector>/d' $OSSEC_CONFIGURATION_FILE)"
+
+        # Append current config preceding the old VD config.
+        echo "${OSSEC_CONFIGURATION_FILE_BEFORE_VD}" >> $OSSEC_CONFIGURATION_FILE_TMP
+        echo "" >> $OSSEC_CONFIGURATION_FILE_TMP
+
+        # Append new VD config.
+        local VULNDET_TEMPLATE_FILE="${SCRIPTS_DIR}/etc/templates/config/generic/wodle-vulnerability-detection.manager.template"
+        cat ${VULNDET_TEMPLATE_FILE} >> $OSSEC_CONFIGURATION_FILE_TMP
+        echo "" >> $OSSEC_CONFIGURATION_FILE_TMP
+
+        # Append new Indexer config.
+        local INDEXER_TEMPLATE_FILE="${SCRIPTS_DIR}/etc/templates/config/generic/wodle-indexer.manager.template"
+        cat ${INDEXER_TEMPLATE_FILE} >> $OSSEC_CONFIGURATION_FILE_TMP
+
+        # Append current config succeeding the old VD config.
+        echo "$OSSEC_CONFIGURATION_FILE_AFTER_VD" >> $OSSEC_CONFIGURATION_FILE_TMP
+
+        mv $OSSEC_CONFIGURATION_FILE_TMP $OSSEC_CONFIGURATION_FILE
+    }
+
+    # Update VD configuration if necessary.
+    if is_old_vulndet_config_present "${DIR}/etc/ossec.conf"; then
+        update_vulndet_config "${DIR}/etc/ossec.conf"
+    fi
+
     #Delete obsolete files
     if [ -f /etc/ossec-init.conf ]; then
         rm -f /etc/ossec-init.conf