diff options
Diffstat (limited to 'src/checksum/checksum_builder.c')
| -rw-r--r-- | src/checksum/checksum_builder.c | 205 |
1 files changed, 106 insertions, 99 deletions
diff --git a/src/checksum/checksum_builder.c b/src/checksum/checksum_builder.c index 2db68054e..dc1de99c3 100644 --- a/src/checksum/checksum_builder.c +++ b/src/checksum/checksum_builder.c @@ -19,14 +19,113 @@ #include <dlfcn.h> #include <library.h> +#include <utils/enumerator.h> /* we need to fake the pluto symbol to dlopen() the xauth plugin */ void *pluto; +/** + * Integrity checker + */ +integrity_checker_t *integrity; + +/** + * Create the checksum of a binary, using name and a symbol name + */ +static void build_checksum(char *path, char *name, char *sname) +{ + void *handle, *symbol; + u_int32_t fsum, ssum; + size_t fsize = 0; + size_t ssize = 0; + + fsum = integrity->build_file(integrity, path, &fsize); + ssum = 0; + if (sname) + { + handle = dlopen(path, RTLD_LAZY); + if (handle) + { + symbol = dlsym(handle, sname); + if (symbol) + { + ssum = integrity->build_segment(integrity, symbol, &ssize); + } + else + { + fprintf(stderr, "symbol lookup failed: %s\n", dlerror()); + } + dlclose(handle); + } + else + { + fprintf(stderr, "dlopen failed: %s\n", dlerror()); + } + } + printf("\t{\"%-20s%7u, 0x%08x, %6u, 0x%08x},\n", + name, fsize, fsum, ssize, ssum); + fprintf(stderr, "\"%-20s%7u / 0x%08x %6u / 0x%08x\n", + name, fsize, fsum, ssize, ssum); +} + +/** + * Build checksums for a set of plugins in a given path prefix + */ +static void build_plugin_checksums(char *plugins, char *prefix) +{ + enumerator_t *enumerator; + char *plugin, path[256], under[128], sname[128], name[128]; + + enumerator = enumerator_create_token(plugins, " ", " "); + while (enumerator->enumerate(enumerator, &plugin)) + { + snprintf(under, sizeof(under), "%s", plugin); + translate(under, "-", "_"); + snprintf(path, sizeof(path), "%s/%s/.libs/libstrongswan-%s.so", + prefix, under, plugin); + snprintf(sname, sizeof(sname), "%s_plugin_create", under); + snprintf(name, sizeof(name), "%s\",", plugin); + build_checksum(path, name, sname); + } + enumerator->destroy(enumerator); +} + +/** + * Build checksums for a binary/library found at path + */ +static void build_binary_checksum(char *path) +{ + char *binary, *pos, name[128], sname[128]; + + binary = strrchr(path, '/'); + if (binary) + { + binary++; + pos = strrchr(binary, '.'); + if (pos && streq(pos, ".so")) + { + snprintf(name, sizeof(name), "%.*s\",", pos - binary, binary); + if (streq(name, "libstrongswan\",")) + { + snprintf(sname, sizeof(sname), "%s", "library_init"); + } + else + { + snprintf(sname, sizeof(sname), "%.*s_init", pos - binary, binary); + } + build_checksum(path, name, sname); + } + else + { + snprintf(name, sizeof(name), "%s\",", binary); + build_checksum(path, name, NULL); + } + } +} + int main(int argc, char* argv[]) { int i; - integrity_checker_t *integrity; /* avoid confusing leak reports in build process */ setenv("LEAK_DETECTIVE_DISABLE", "1", 0); @@ -47,105 +146,13 @@ int main(int argc, char* argv[]) fprintf(stderr, "module name, file size / checksum segment size / checksum\n"); for (i = 1; i < argc; i++) { - char *name, *path, *sname = NULL; - void *handle, *symbol; - u_int32_t fsum, ssum; - size_t fsize = 0; - size_t ssize = 0; - - path = argv[i]; - - if ((name = strstr(path, "libstrongswan-"))) - { - name = strdup(name + strlen("libstrongswan-")); - name[strlen(name) - 3] = '"'; - name[strlen(name) - 2] = ','; - name[strlen(name) - 1] = '\0'; - if (asprintf(&sname, "%.*s_plugin_create", strlen(name) - 2, - name) < 0) - { - fprintf(stderr, "failed to format plugin constructor " - "for '%s', ignored", path); - free(name); - continue; - } - translate(sname, "-", "_"); - } - else if (strstr(path, "libstrongswan.so")) - { - name = strdup("libstrongswan\","); - sname = strdup("library_init"); - } - else if (strstr(path, "libhydra.so")) - { - name = strdup("libhydra\","); - sname = strdup("libhydra_init"); - } - else if (strstr(path, "libcharon.so")) - { - name = strdup("libcharon\","); - sname = strdup("libcharon_init"); - } - else if (strstr(path, "pool")) - { - name = strdup("pool\","); - } - else if (strstr(path, "charon")) - { - name = strdup("charon\","); - } - else if (strstr(path, "pluto")) - { - name = strdup("pluto\","); - } - else if (strstr(path, "openac")) - { - name = strdup("openac\","); - } - else if (strstr(path, "scepclient")) - { - name = strdup("scepclient\","); - } - else if (strstr(path, "pki")) - { - name = strdup("pki\","); - } - else - { - fprintf(stderr, "don't know how to handle '%s', ignored", path); - continue; - } - - fsum = integrity->build_file(integrity, path, &fsize); - ssum = 0; - if (sname) - { - handle = dlopen(path, RTLD_LAZY); - if (handle) - { - symbol = dlsym(handle, sname); - if (symbol) - { - ssum = integrity->build_segment(integrity, symbol, &ssize); - } - else - { - fprintf(stderr, "symbol lookup failed: %s\n", dlerror()); - } - dlclose(handle); - } - else - { - fprintf(stderr, "dlopen failed: %s\n", dlerror()); - } - } - printf("\t{\"%-20s%7u, 0x%08x, %6u, 0x%08x},\n", - name, fsize, fsum, ssize, ssum); - fprintf(stderr, "\"%-20s%7u / 0x%08x %6u / 0x%08x\n", - name, fsize, fsum, ssize, ssum); - free(sname); - free(name); + build_binary_checksum(argv[i]); } + build_plugin_checksums(S_PLUGINS, S_PATH); + build_plugin_checksums(H_PLUGINS, H_PATH); + build_plugin_checksums(P_PLUGINS, P_PATH); + build_plugin_checksums(C_PLUGINS, C_PATH); + printf("};\n"); printf("\n"); printf("int checksum_count = countof(checksums);\n"); |