New upstream version 5.6.0

author: Yves-Alexis Perez <corsac@corsac.net> 2017-09-01 17:21:25 +0200
committer: Yves-Alexis Perez <corsac@corsac.net> 2017-09-01 17:21:25 +0200
commit: 11d6b62db969bdd808d0f56706cb18f113927a31 (patch)
tree: 8aa7d8fb611c3da6a3523cb78a082f62ffd0dac8 /src/libimcv/pts
parent: bba25e2ff6c4a193acb54560ea4417537bd2954e (diff)
download: vyos-strongswan-11d6b62db969bdd808d0f56706cb18f113927a31.tar.gz
vyos-strongswan-11d6b62db969bdd808d0f56706cb18f113927a31.zip
2 files changed, 23 insertions, 13 deletions
diff --git a/src/libimcv/pts/components/ita/ita_comp_ima.c b/src/libimcv/pts/components/ita/ita_comp_ima.c
index 448ca9ffb..9ba72d01d 100644
--- a/src/libimcv/pts/components/ita/ita_comp_ima.c
+++ b/src/libimcv/pts/components/ita/ita_comp_ima.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2011-2014 Andreas Steffen
+ * Copyright (C) 2011-2017 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -667,7 +667,8 @@ METHOD(pts_component_t, verify, status_t,
 			case IMA_STATE_RUNTIME:
 			{
 				uint8_t hash_buf[HASH_SIZE_SHA512];
-				chunk_t digest, hash;
+				uint8_t digest_buf[HASH_SIZE_SHA512], *hex_digest_buf;
+				chunk_t hex_digest, digest, hash;
 				enumerator_t *e;
 
 				this->count++;
@@ -685,8 +686,10 @@ METHOD(pts_component_t, verify, status_t,
 												hash_algo, ima_name);
 				if (e)
 				{
-					while (e->enumerate(e, &digest))
+					while (e->enumerate(e, &hex_digest_buf))
 					{
+						hex_digest = chunk_from_str(hex_digest_buf);
+						digest = chunk_from_hex(hex_digest, digest_buf);
 						if (!ima_hash(digest, ima_algo, ima_name,
 									  FALSE, algo, hash_buf))
 						{
diff --git a/src/libimcv/pts/pts_database.c b/src/libimcv/pts/pts_database.c
index 1a4c4212d..4a47b06f0 100644
--- a/src/libimcv/pts/pts_database.c
+++ b/src/libimcv/pts/pts_database.c
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2011-2012 Sansar Choinyambuu
- * Copyright (C) 2012-2014 Andreas Steffen
+ * Copyright (C) 2012-2017 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -104,17 +104,19 @@ METHOD(pts_database_t, create_file_hash_enumerator, enumerator_t*,
 				"SELECT f.id, f.name, fh.hash FROM file_hashes AS fh "
 				"JOIN files AS f ON f.id = fh.file "
 				"JOIN directories as d ON d.id = f.dir "
-				"WHERE fh.product = ? AND fh.algo = ? AND d.id = ? "
+				"JOIN versions as v ON v.id = fh.version "
+				"WHERE v.product = ? AND fh.algo = ? AND d.id = ? "
 				"ORDER BY f.name",
-				DB_INT, pid, DB_INT, algo, DB_INT, id, DB_INT, DB_TEXT, DB_BLOB);
+				DB_INT, pid, DB_INT, algo, DB_INT, id, DB_INT, DB_TEXT, DB_TEXT);
 	}
 	else
 	{
 		e = this->db->query(this->db,
 				"SELECT f.id, f.name, fh.hash FROM file_hashes AS fh "
 				"JOIN files AS f ON f.id = fh.file "
-				"WHERE fh.product = ? AND fh.algo = ? AND fh.file = ?",
-				DB_INT, pid, DB_INT, algo, DB_INT, id, DB_INT, DB_TEXT, DB_BLOB);
+				"JOIN versions AS v ON v.id = fh.version "
+				"WHERE v.product = ? AND fh.algo = ? AND fh.file = ?",
+				DB_INT, pid, DB_INT, algo, DB_INT, id, DB_INT, DB_TEXT, DB_TEXT);
 	}
 	return e;
 }
@@ -179,7 +181,8 @@ METHOD(pts_database_t, add_file_measurement, status_t,
 	/* does hash measurement value already exist? */
 	e = this->db->query(this->db,
 			"SELECT fh.id, fh.hash FROM file_hashes AS fh "
-			"WHERE fh.product = ? AND fh.algo = ? AND fh.file = ?",
+			"JOIN versions AS v ON v.id = fh.version "
+			"WHERE v.product = ? AND fh.algo = ? AND fh.file = ?",
 			 DB_INT, pid, DB_INT, algo, DB_INT, fid, DB_INT, DB_BLOB);
 	if (!e)
 	{
@@ -235,8 +238,10 @@ METHOD(pts_database_t, create_file_meas_enumerator, enumerator_t*,
 		e = this->db->query(this->db,
 				"SELECT fh.hash FROM file_hashes AS fh "
 				"JOIN files AS f ON f.id = fh.file "
-				"WHERE fh.product = ? AND f.name = ? AND fh.algo = ?",
-				DB_INT, pid, DB_TEXT, file, DB_INT, algo, DB_BLOB);
+				"JOIN versions AS v ON v.id = fh.version "
+				"WHERE v.product = ? AND f.name = ? AND fh.algo = ? "
+				"ORDER BY v.time DESC",
+				DB_INT, pid, DB_TEXT, file, DB_INT, algo, DB_TEXT);
 	}
 	else
 	{	/* absolute pathname */
@@ -256,8 +261,10 @@ METHOD(pts_database_t, create_file_meas_enumerator, enumerator_t*,
 		e = this->db->query(this->db,
 				"SELECT fh.hash FROM file_hashes AS fh "
 				"JOIN files AS f ON f.id = fh.file "
-				"WHERE fh.product = ? AND f.dir = ? AND f.name = ? AND fh.algo = ?",
-				DB_INT, pid, DB_INT, did, DB_TEXT, file, DB_INT, algo, DB_BLOB);
+				"JOIN versions AS v ON v.id = fh.version "
+				"WHERE v.product = ? AND f.dir = ? AND f.name = ? AND fh.algo = ? "
+				"ORDER BY v.time DESC",
+				DB_INT, pid, DB_INT, did, DB_TEXT, file, DB_INT, algo, DB_TEXT);
 	}
 
 err:
author	Yves-Alexis Perez <corsac@corsac.net>	2017-09-01 17:21:25 +0200
committer	Yves-Alexis Perez <corsac@corsac.net>	2017-09-01 17:21:25 +0200
commit	11d6b62db969bdd808d0f56706cb18f113927a31 (patch)
tree	8aa7d8fb611c3da6a3523cb78a082f62ffd0dac8 /src/libimcv/pts
parent	bba25e2ff6c4a193acb54560ea4417537bd2954e (diff)
download	vyos-strongswan-11d6b62db969bdd808d0f56706cb18f113927a31.tar.gz vyos-strongswan-11d6b62db969bdd808d0f56706cb18f113927a31.zip