Use an explicit plugin list instead of the unrealible "find" to build checksums
This commit is contained in:
Martin Willi
parent
8f01815143
commit
123a84d3db
150
configure.in
150
configure.in
|
|
@ -678,75 +678,82 @@ scripts_plugins=
|
|||
manager_plugins=
|
||||
medsrv_plugins=
|
||||
|
||||
ADD_PLUGIN([test-vectors], [libcharon pluto openac scepclient pki])
|
||||
ADD_PLUGIN([curl], [libcharon pluto scepclient])
|
||||
ADD_PLUGIN([ldap], [libcharon pluto scepclient])
|
||||
ADD_PLUGIN([mysql], [libcharon pluto pool manager medsrv])
|
||||
ADD_PLUGIN([sqlite], [libcharon pluto pool manager medsrv])
|
||||
ADD_PLUGIN([aes], [libcharon pluto openac scepclient pki scripts])
|
||||
ADD_PLUGIN([des], [libcharon pluto openac scepclient pki scripts])
|
||||
ADD_PLUGIN([blowfish], [libcharon pluto openac scepclient pki scripts])
|
||||
ADD_PLUGIN([sha1], [libcharon pluto openac scepclient pki scripts medsrv])
|
||||
ADD_PLUGIN([sha2], [libcharon pluto openac scepclient pki scripts medsrv])
|
||||
ADD_PLUGIN([md4], [libcharon openac manager scepclient pki])
|
||||
ADD_PLUGIN([md5], [libcharon pluto openac scepclient pki])
|
||||
ADD_PLUGIN([random], [libcharon pluto openac scepclient pki medsrv])
|
||||
ADD_PLUGIN([x509], [libcharon pluto openac scepclient pki])
|
||||
ADD_PLUGIN([revocation], [libcharon])
|
||||
ADD_PLUGIN([pubkey], [libcharon])
|
||||
ADD_PLUGIN([pkcs1], [libcharon pluto openac scepclient pki scripts manager medsrv])
|
||||
ADD_PLUGIN([pgp], [libcharon pluto])
|
||||
ADD_PLUGIN([dnskey], [pluto])
|
||||
ADD_PLUGIN([pem], [libcharon pluto openac scepclient pki scripts manager medsrv])
|
||||
ADD_PLUGIN([padlock], [libcharon])
|
||||
ADD_PLUGIN([openssl], [libcharon pluto openac scepclient pki scripts manager medsrv])
|
||||
ADD_PLUGIN([gcrypt], [libcharon pluto openac scepclient pki scripts manager medsrv])
|
||||
ADD_PLUGIN([fips-prf], [libcharon])
|
||||
ADD_PLUGIN([gmp], [libcharon pluto openac scepclient pki scripts manager medsrv])
|
||||
ADD_PLUGIN([agent], [libcharon])
|
||||
ADD_PLUGIN([pkcs11], [libcharon pki])
|
||||
ADD_PLUGIN([xcbc], [libcharon])
|
||||
ADD_PLUGIN([hmac], [libcharon pluto])
|
||||
ADD_PLUGIN([xauth], [pluto])
|
||||
ADD_PLUGIN([attr], [libcharon pluto])
|
||||
ADD_PLUGIN([attr-sql], [libcharon pluto])
|
||||
ADD_PLUGIN([resolve], [libcharon pluto])
|
||||
ADD_PLUGIN([load-tester], [libcharon])
|
||||
ADD_PLUGIN([kernel-pfkey], [libcharon])
|
||||
ADD_PLUGIN([kernel-pfroute], [libcharon])
|
||||
ADD_PLUGIN([kernel-klips], [libcharon])
|
||||
ADD_PLUGIN([kernel-netlink], [libcharon])
|
||||
ADD_PLUGIN([socket-default], [libcharon])
|
||||
ADD_PLUGIN([socket-raw], [libcharon])
|
||||
ADD_PLUGIN([socket-dynamic], [libcharon])
|
||||
ADD_PLUGIN([farp], [libcharon])
|
||||
ADD_PLUGIN([stroke], [libcharon])
|
||||
ADD_PLUGIN([smp], [libcharon])
|
||||
ADD_PLUGIN([sql], [libcharon])
|
||||
ADD_PLUGIN([updown], [libcharon])
|
||||
ADD_PLUGIN([eap-identity], [libcharon])
|
||||
ADD_PLUGIN([eap-sim], [libcharon])
|
||||
ADD_PLUGIN([eap-sim-file], [libcharon])
|
||||
ADD_PLUGIN([eap-simaka-sql], [libcharon])
|
||||
ADD_PLUGIN([eap-simaka-pseudonym], [libcharon])
|
||||
ADD_PLUGIN([eap-simaka-reauth], [libcharon])
|
||||
ADD_PLUGIN([eap-aka], [libcharon])
|
||||
ADD_PLUGIN([eap-aka-3gpp2], [libcharon])
|
||||
ADD_PLUGIN([eap-md5], [libcharon])
|
||||
ADD_PLUGIN([eap-gtc], [libcharon])
|
||||
ADD_PLUGIN([eap-mschapv2], [libcharon])
|
||||
ADD_PLUGIN([eap-radius], [libcharon])
|
||||
ADD_PLUGIN([eap-tls], [libcharon])
|
||||
ADD_PLUGIN([eap-ttls], [libcharon])
|
||||
ADD_PLUGIN([medsrv], [libcharon])
|
||||
ADD_PLUGIN([medcli], [libcharon])
|
||||
ADD_PLUGIN([nm], [libcharon])
|
||||
ADD_PLUGIN([dhcp], [libcharon])
|
||||
ADD_PLUGIN([android], [libcharon])
|
||||
ADD_PLUGIN([ha], [libcharon])
|
||||
ADD_PLUGIN([uci], [libcharon])
|
||||
ADD_PLUGIN([addrblock], [libcharon])
|
||||
ADD_PLUGIN([unit-tester], [libcharon])
|
||||
# location specific lists for checksumming,
|
||||
# for src/libcharon, src/pluto, src/libhydra and src/libstrongswan
|
||||
c_plugins=
|
||||
p_plugins=
|
||||
h_plugins=
|
||||
s_plugins=
|
||||
|
||||
ADD_PLUGIN([test-vectors], [s libcharon pluto openac scepclient pki])
|
||||
ADD_PLUGIN([curl], [s libcharon pluto scepclient])
|
||||
ADD_PLUGIN([ldap], [s libcharon pluto scepclient])
|
||||
ADD_PLUGIN([mysql], [s libcharon pluto pool manager medsrv])
|
||||
ADD_PLUGIN([sqlite], [s libcharon pluto pool manager medsrv])
|
||||
ADD_PLUGIN([aes], [s libcharon pluto openac scepclient pki scripts])
|
||||
ADD_PLUGIN([des], [s libcharon pluto openac scepclient pki scripts])
|
||||
ADD_PLUGIN([blowfish], [s libcharon pluto openac scepclient pki scripts])
|
||||
ADD_PLUGIN([sha1], [s libcharon pluto openac scepclient pki scripts medsrv])
|
||||
ADD_PLUGIN([sha2], [s libcharon pluto openac scepclient pki scripts medsrv])
|
||||
ADD_PLUGIN([md4], [s libcharon openac manager scepclient pki])
|
||||
ADD_PLUGIN([md5], [s libcharon pluto openac scepclient pki])
|
||||
ADD_PLUGIN([random], [s libcharon pluto openac scepclient pki medsrv])
|
||||
ADD_PLUGIN([x509], [s libcharon pluto openac scepclient pki])
|
||||
ADD_PLUGIN([revocation], [s libcharon])
|
||||
ADD_PLUGIN([pubkey], [s libcharon])
|
||||
ADD_PLUGIN([pkcs1], [s libcharon pluto openac scepclient pki scripts manager medsrv])
|
||||
ADD_PLUGIN([pgp], [s libcharon pluto])
|
||||
ADD_PLUGIN([dnskey], [s pluto])
|
||||
ADD_PLUGIN([pem], [s libcharon pluto openac scepclient pki scripts manager medsrv])
|
||||
ADD_PLUGIN([padlock], [s libcharon])
|
||||
ADD_PLUGIN([openssl], [s libcharon pluto openac scepclient pki scripts manager medsrv])
|
||||
ADD_PLUGIN([gcrypt], [s libcharon pluto openac scepclient pki scripts manager medsrv])
|
||||
ADD_PLUGIN([fips-prf], [s libcharon])
|
||||
ADD_PLUGIN([gmp], [s libcharon pluto openac scepclient pki scripts manager medsrv])
|
||||
ADD_PLUGIN([agent], [s libcharon])
|
||||
ADD_PLUGIN([pkcs11], [s libcharon pki])
|
||||
ADD_PLUGIN([xcbc], [s libcharon])
|
||||
ADD_PLUGIN([hmac], [s libcharon pluto])
|
||||
ADD_PLUGIN([xauth], [p pluto])
|
||||
ADD_PLUGIN([attr], [h libcharon pluto])
|
||||
ADD_PLUGIN([attr-sql], [h libcharon pluto])
|
||||
ADD_PLUGIN([resolve], [h libcharon pluto])
|
||||
ADD_PLUGIN([load-tester], [c libcharon])
|
||||
ADD_PLUGIN([kernel-pfkey], [c libcharon])
|
||||
ADD_PLUGIN([kernel-pfroute], [c libcharon])
|
||||
ADD_PLUGIN([kernel-klips], [c libcharon])
|
||||
ADD_PLUGIN([kernel-netlink], [c libcharon])
|
||||
ADD_PLUGIN([socket-default], [c libcharon])
|
||||
ADD_PLUGIN([socket-raw], [c libcharon])
|
||||
ADD_PLUGIN([socket-dynamic], [c libcharon])
|
||||
ADD_PLUGIN([farp], [c libcharon])
|
||||
ADD_PLUGIN([stroke], [c libcharon])
|
||||
ADD_PLUGIN([smp], [c libcharon])
|
||||
ADD_PLUGIN([sql], [c libcharon])
|
||||
ADD_PLUGIN([updown], [c libcharon])
|
||||
ADD_PLUGIN([eap-identity], [c libcharon])
|
||||
ADD_PLUGIN([eap-sim], [c libcharon])
|
||||
ADD_PLUGIN([eap-sim-file], [c libcharon])
|
||||
ADD_PLUGIN([eap-simaka-sql], [c libcharon])
|
||||
ADD_PLUGIN([eap-simaka-pseudonym], [c libcharon])
|
||||
ADD_PLUGIN([eap-simaka-reauth], [c libcharon])
|
||||
ADD_PLUGIN([eap-aka], [c libcharon])
|
||||
ADD_PLUGIN([eap-aka-3gpp2], [c libcharon])
|
||||
ADD_PLUGIN([eap-md5], [c libcharon])
|
||||
ADD_PLUGIN([eap-gtc], [c libcharon])
|
||||
ADD_PLUGIN([eap-mschapv2], [c libcharon])
|
||||
ADD_PLUGIN([eap-radius], [c libcharon])
|
||||
ADD_PLUGIN([eap-tls], [c libcharon])
|
||||
ADD_PLUGIN([eap-ttls], [c libcharon])
|
||||
ADD_PLUGIN([medsrv], [c libcharon])
|
||||
ADD_PLUGIN([medcli], [c libcharon])
|
||||
ADD_PLUGIN([nm], [c libcharon])
|
||||
ADD_PLUGIN([dhcp], [c libcharon])
|
||||
ADD_PLUGIN([android], [c libcharon])
|
||||
ADD_PLUGIN([ha], [c libcharon])
|
||||
ADD_PLUGIN([uci], [c libcharon])
|
||||
ADD_PLUGIN([addrblock], [c libcharon])
|
||||
ADD_PLUGIN([unit-tester], [c libcharon])
|
||||
|
||||
AC_SUBST(libcharon_plugins)
|
||||
AC_SUBST(pluto_plugins)
|
||||
|
|
@ -758,6 +765,11 @@ AC_SUBST(scripts_plugins)
|
|||
AC_SUBST(manager_plugins)
|
||||
AC_SUBST(medsrv_plugins)
|
||||
|
||||
AC_SUBST(c_plugins)
|
||||
AC_SUBST(p_plugins)
|
||||
AC_SUBST(h_plugins)
|
||||
AC_SUBST(s_plugins)
|
||||
|
||||
dnl =========================
|
||||
dnl set Makefile.am vars
|
||||
dnl =========================
|
||||
|
|
|
|||
|
|
@ -14,13 +14,13 @@ checksum_builder_LDADD = \
|
|||
BUILT_SOURCES = checksum.c
|
||||
CLEANFILES = checksum.c
|
||||
INCLUDES = -I$(top_srcdir)/src/libstrongswan
|
||||
AM_CFLAGS = -rdynamic
|
||||
AM_CFLAGS = -rdynamic \
|
||||
-DS_PLUGINS=\""${s_plugins}\"" -DS_PATH=\""${top_builddir}/src/libstrongswan/plugins\"" \
|
||||
-DH_PLUGINS=\""${h_plugins}\"" -DH_PATH=\""${top_builddir}/src/libhydra/plugins\"" \
|
||||
-DP_PLUGINS=\""${p_plugins}\"" -DP_PATH=\""${top_builddir}/src/pluto/plugins\"" \
|
||||
-DC_PLUGINS=\""${c_plugins}\"" -DC_PATH=\""${top_builddir}/src/libcharon/plugins\""
|
||||
|
||||
libs = $(shell find $(top_builddir)/src/libstrongswan \
|
||||
$(top_builddir)/src/libcharon \
|
||||
$(top_builddir)/src/libhydra \
|
||||
$(top_builddir)/src/pluto \
|
||||
-name 'libstrongswan*.so')
|
||||
libs = $(top_builddir)/src/libstrongswan/.libs/libstrongswan.so
|
||||
|
||||
if USE_LIBHYDRA
|
||||
libs += $(top_builddir)/src/libhydra/.libs/libhydra.so
|
||||
|
|
|
|||
|
|
@ -19,14 +19,113 @@
|
|||
#include <dlfcn.h>
|
||||
|
||||
#include <library.h>
|
||||
#include <utils/enumerator.h>
|
||||
|
||||
/* we need to fake the pluto symbol to dlopen() the xauth plugin */
|
||||
void *pluto;
|
||||
|
||||
/**
|
||||
* Integrity checker
|
||||
*/
|
||||
integrity_checker_t *integrity;
|
||||
|
||||
/**
|
||||
* Create the checksum of a binary, using name and a symbol name
|
||||
*/
|
||||
static void build_checksum(char *path, char *name, char *sname)
|
||||
{
|
||||
void *handle, *symbol;
|
||||
u_int32_t fsum, ssum;
|
||||
size_t fsize = 0;
|
||||
size_t ssize = 0;
|
||||
|
||||
fsum = integrity->build_file(integrity, path, &fsize);
|
||||
ssum = 0;
|
||||
if (sname)
|
||||
{
|
||||
handle = dlopen(path, RTLD_LAZY);
|
||||
if (handle)
|
||||
{
|
||||
symbol = dlsym(handle, sname);
|
||||
if (symbol)
|
||||
{
|
||||
ssum = integrity->build_segment(integrity, symbol, &ssize);
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(stderr, "symbol lookup failed: %s\n", dlerror());
|
||||
}
|
||||
dlclose(handle);
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(stderr, "dlopen failed: %s\n", dlerror());
|
||||
}
|
||||
}
|
||||
printf("\t{\"%-20s%7u, 0x%08x, %6u, 0x%08x},\n",
|
||||
name, fsize, fsum, ssize, ssum);
|
||||
fprintf(stderr, "\"%-20s%7u / 0x%08x %6u / 0x%08x\n",
|
||||
name, fsize, fsum, ssize, ssum);
|
||||
}
|
||||
|
||||
/**
|
||||
* Build checksums for a set of plugins in a given path prefix
|
||||
*/
|
||||
static void build_plugin_checksums(char *plugins, char *prefix)
|
||||
{
|
||||
enumerator_t *enumerator;
|
||||
char *plugin, path[256], under[128], sname[128], name[128];
|
||||
|
||||
enumerator = enumerator_create_token(plugins, " ", " ");
|
||||
while (enumerator->enumerate(enumerator, &plugin))
|
||||
{
|
||||
snprintf(under, sizeof(under), "%s", plugin);
|
||||
translate(under, "-", "_");
|
||||
snprintf(path, sizeof(path), "%s/%s/.libs/libstrongswan-%s.so",
|
||||
prefix, under, plugin);
|
||||
snprintf(sname, sizeof(sname), "%s_plugin_create", under);
|
||||
snprintf(name, sizeof(name), "%s\",", plugin);
|
||||
build_checksum(path, name, sname);
|
||||
}
|
||||
enumerator->destroy(enumerator);
|
||||
}
|
||||
|
||||
/**
|
||||
* Build checksums for a binary/library found at path
|
||||
*/
|
||||
static void build_binary_checksum(char *path)
|
||||
{
|
||||
char *binary, *pos, name[128], sname[128];
|
||||
|
||||
binary = strrchr(path, '/');
|
||||
if (binary)
|
||||
{
|
||||
binary++;
|
||||
pos = strrchr(binary, '.');
|
||||
if (pos && streq(pos, ".so"))
|
||||
{
|
||||
snprintf(name, sizeof(name), "%.*s\",", pos - binary, binary);
|
||||
if (streq(name, "libstrongswan\","))
|
||||
{
|
||||
snprintf(sname, sizeof(sname), "%s", "library_init");
|
||||
}
|
||||
else
|
||||
{
|
||||
snprintf(sname, sizeof(sname), "%.*s_init", pos - binary, binary);
|
||||
}
|
||||
build_checksum(path, name, sname);
|
||||
}
|
||||
else
|
||||
{
|
||||
snprintf(name, sizeof(name), "%s\",", binary);
|
||||
build_checksum(path, name, NULL);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
int main(int argc, char* argv[])
|
||||
{
|
||||
int i;
|
||||
integrity_checker_t *integrity;
|
||||
|
||||
/* avoid confusing leak reports in build process */
|
||||
setenv("LEAK_DETECTIVE_DISABLE", "1", 0);
|
||||
|
|
@ -47,105 +146,13 @@ int main(int argc, char* argv[])
|
|||
fprintf(stderr, "module name, file size / checksum segment size / checksum\n");
|
||||
for (i = 1; i < argc; i++)
|
||||
{
|
||||
char *name, *path, *sname = NULL;
|
||||
void *handle, *symbol;
|
||||
u_int32_t fsum, ssum;
|
||||
size_t fsize = 0;
|
||||
size_t ssize = 0;
|
||||
|
||||
path = argv[i];
|
||||
|
||||
if ((name = strstr(path, "libstrongswan-")))
|
||||
{
|
||||
name = strdup(name + strlen("libstrongswan-"));
|
||||
name[strlen(name) - 3] = '"';
|
||||
name[strlen(name) - 2] = ',';
|
||||
name[strlen(name) - 1] = '\0';
|
||||
if (asprintf(&sname, "%.*s_plugin_create", strlen(name) - 2,
|
||||
name) < 0)
|
||||
{
|
||||
fprintf(stderr, "failed to format plugin constructor "
|
||||
"for '%s', ignored", path);
|
||||
free(name);
|
||||
continue;
|
||||
}
|
||||
translate(sname, "-", "_");
|
||||
}
|
||||
else if (strstr(path, "libstrongswan.so"))
|
||||
{
|
||||
name = strdup("libstrongswan\",");
|
||||
sname = strdup("library_init");
|
||||
}
|
||||
else if (strstr(path, "libhydra.so"))
|
||||
{
|
||||
name = strdup("libhydra\",");
|
||||
sname = strdup("libhydra_init");
|
||||
}
|
||||
else if (strstr(path, "libcharon.so"))
|
||||
{
|
||||
name = strdup("libcharon\",");
|
||||
sname = strdup("libcharon_init");
|
||||
}
|
||||
else if (strstr(path, "pool"))
|
||||
{
|
||||
name = strdup("pool\",");
|
||||
}
|
||||
else if (strstr(path, "charon"))
|
||||
{
|
||||
name = strdup("charon\",");
|
||||
}
|
||||
else if (strstr(path, "pluto"))
|
||||
{
|
||||
name = strdup("pluto\",");
|
||||
}
|
||||
else if (strstr(path, "openac"))
|
||||
{
|
||||
name = strdup("openac\",");
|
||||
}
|
||||
else if (strstr(path, "scepclient"))
|
||||
{
|
||||
name = strdup("scepclient\",");
|
||||
}
|
||||
else if (strstr(path, "pki"))
|
||||
{
|
||||
name = strdup("pki\",");
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(stderr, "don't know how to handle '%s', ignored", path);
|
||||
continue;
|
||||
}
|
||||
|
||||
fsum = integrity->build_file(integrity, path, &fsize);
|
||||
ssum = 0;
|
||||
if (sname)
|
||||
{
|
||||
handle = dlopen(path, RTLD_LAZY);
|
||||
if (handle)
|
||||
{
|
||||
symbol = dlsym(handle, sname);
|
||||
if (symbol)
|
||||
{
|
||||
ssum = integrity->build_segment(integrity, symbol, &ssize);
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(stderr, "symbol lookup failed: %s\n", dlerror());
|
||||
}
|
||||
dlclose(handle);
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(stderr, "dlopen failed: %s\n", dlerror());
|
||||
}
|
||||
}
|
||||
printf("\t{\"%-20s%7u, 0x%08x, %6u, 0x%08x},\n",
|
||||
name, fsize, fsum, ssize, ssum);
|
||||
fprintf(stderr, "\"%-20s%7u / 0x%08x %6u / 0x%08x\n",
|
||||
name, fsize, fsum, ssize, ssum);
|
||||
free(sname);
|
||||
free(name);
|
||||
build_binary_checksum(argv[i]);
|
||||
}
|
||||
build_plugin_checksums(S_PLUGINS, S_PATH);
|
||||
build_plugin_checksums(H_PLUGINS, H_PATH);
|
||||
build_plugin_checksums(P_PLUGINS, P_PATH);
|
||||
build_plugin_checksums(C_PLUGINS, C_PATH);
|
||||
|
||||
printf("};\n");
|
||||
printf("\n");
|
||||
printf("int checksum_count = countof(checksums);\n");
|
||||
|
|
|
|||
Loading…
Reference in New Issue