]>
Commit | Line | Data |
---|---|---|
12c68f1b MW |
1 | /* |
2 | * Copyright (C) 2009 Martin Willi | |
19ef2aec TB |
3 | * |
4 | * Copyright (C) secunet Security Networks AG | |
12c68f1b MW |
5 | * |
6 | * This program is free software; you can redistribute it and/or modify it | |
7 | * under the terms of the GNU General Public License as published by the | |
8 | * Free Software Foundation; either version 2 of the License, or (at your | |
9 | * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. | |
10 | * | |
11 | * This program is distributed in the hope that it will be useful, but | |
12 | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY | |
13 | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | |
14 | * for more details. | |
15 | */ | |
16 | ||
16c8442a | 17 | #define _GNU_SOURCE |
12c68f1b MW |
18 | #include <stdlib.h> |
19 | #include <stdio.h> | |
20 | #include <dlfcn.h> | |
21 | ||
22 | #include <library.h> | |
f147b731 | 23 | #include <daemon.h> |
12642a68 | 24 | #include <collections/enumerator.h> |
12c68f1b | 25 | |
123a84d3 MW |
26 | /** |
27 | * Integrity checker | |
28 | */ | |
29 | integrity_checker_t *integrity; | |
30 | ||
31 | /** | |
32 | * Create the checksum of a binary, using name and a symbol name | |
33 | */ | |
34 | static void build_checksum(char *path, char *name, char *sname) | |
35 | { | |
36 | void *handle, *symbol; | |
b12c53ce | 37 | uint32_t fsum, ssum; |
123a84d3 MW |
38 | size_t fsize = 0; |
39 | size_t ssize = 0; | |
40 | ||
41 | fsum = integrity->build_file(integrity, path, &fsize); | |
42 | ssum = 0; | |
43 | if (sname) | |
44 | { | |
45 | handle = dlopen(path, RTLD_LAZY); | |
46 | if (handle) | |
47 | { | |
48 | symbol = dlsym(handle, sname); | |
49 | if (symbol) | |
50 | { | |
51 | ssum = integrity->build_segment(integrity, symbol, &ssize); | |
52 | } | |
53 | else | |
54 | { | |
55 | fprintf(stderr, "symbol lookup failed: %s\n", dlerror()); | |
56 | } | |
57 | dlclose(handle); | |
58 | } | |
59 | else | |
60 | { | |
61 | fprintf(stderr, "dlopen failed: %s\n", dlerror()); | |
62 | } | |
63 | } | |
4ad67fe7 | 64 | printf("\t{\"%-25s%7u, 0x%08x, %6u, 0x%08x},\n", |
123a84d3 | 65 | name, fsize, fsum, ssize, ssum); |
4ad67fe7 | 66 | fprintf(stderr, "\"%-25s%7u / 0x%08x %6u / 0x%08x\n", |
123a84d3 MW |
67 | name, fsize, fsum, ssize, ssum); |
68 | } | |
69 | ||
70 | /** | |
89bad63b | 71 | * Build checksums for a set of plugins |
123a84d3 | 72 | */ |
89bad63b | 73 | static void build_plugin_checksums(char *plugins) |
123a84d3 MW |
74 | { |
75 | enumerator_t *enumerator; | |
76 | char *plugin, path[256], under[128], sname[128], name[128]; | |
77 | ||
78 | enumerator = enumerator_create_token(plugins, " ", " "); | |
79 | while (enumerator->enumerate(enumerator, &plugin)) | |
80 | { | |
81 | snprintf(under, sizeof(under), "%s", plugin); | |
82 | translate(under, "-", "_"); | |
89bad63b TB |
83 | snprintf(path, sizeof(path), "%s/libstrongswan-%s.so", |
84 | PLUGINDIR, plugin); | |
123a84d3 MW |
85 | snprintf(sname, sizeof(sname), "%s_plugin_create", under); |
86 | snprintf(name, sizeof(name), "%s\",", plugin); | |
87 | build_checksum(path, name, sname); | |
88 | } | |
89 | enumerator->destroy(enumerator); | |
90 | } | |
91 | ||
92 | /** | |
93 | * Build checksums for a binary/library found at path | |
94 | */ | |
95 | static void build_binary_checksum(char *path) | |
96 | { | |
97 | char *binary, *pos, name[128], sname[128]; | |
98 | ||
99 | binary = strrchr(path, '/'); | |
100 | if (binary) | |
101 | { | |
102 | binary++; | |
103 | pos = strrchr(binary, '.'); | |
104 | if (pos && streq(pos, ".so")) | |
105 | { | |
a05f3b20 TB |
106 | snprintf(name, sizeof(name), "%.*s\",", (int)(pos - binary), |
107 | binary); | |
123a84d3 MW |
108 | if (streq(name, "libstrongswan\",")) |
109 | { | |
110 | snprintf(sname, sizeof(sname), "%s", "library_init"); | |
111 | } | |
112 | else | |
113 | { | |
a05f3b20 TB |
114 | snprintf(sname, sizeof(sname), "%.*s_init", (int)(pos - binary), |
115 | binary); | |
123a84d3 MW |
116 | } |
117 | build_checksum(path, name, sname); | |
118 | } | |
119 | else | |
120 | { | |
121 | snprintf(name, sizeof(name), "%s\",", binary); | |
122 | build_checksum(path, name, NULL); | |
123 | } | |
124 | } | |
125 | } | |
126 | ||
12c68f1b MW |
127 | int main(int argc, char* argv[]) |
128 | { | |
129 | int i; | |
7daf5226 | 130 | |
28649f6d | 131 | /* forces link against libcharon, imports symbols needed to |
9192f78f | 132 | * dlopen plugins */ |
f147b731 MW |
133 | charon = NULL; |
134 | ||
12c68f1b MW |
135 | /* avoid confusing leak reports in build process */ |
136 | setenv("LEAK_DETECTIVE_DISABLE", "1", 0); | |
0eef2707 | 137 | /* don't use a strongswan.conf, forces integrity check to disabled */ |
34d3bfcf | 138 | library_init("", "checksum_builder"); |
12c68f1b | 139 | atexit(library_deinit); |
7daf5226 | 140 | |
12c68f1b | 141 | integrity = integrity_checker_create(NULL); |
7daf5226 | 142 | |
12c68f1b MW |
143 | printf("/**\n"); |
144 | printf(" * checksums of files and loaded code segments.\n"); | |
145 | printf(" * created by %s\n", argv[0]); | |
146 | printf(" */\n"); | |
147 | printf("\n"); | |
148 | printf("#include <library.h>\n"); | |
149 | printf("\n"); | |
150 | printf("integrity_checksum_t checksums[] = {\n"); | |
e1089f59 | 151 | fprintf(stderr, "integrity test data:\n"); |
c27e54a7 AS |
152 | fprintf(stderr, "module name, file size / checksum " |
153 | "segment size / checksum\n"); | |
12c68f1b MW |
154 | for (i = 1; i < argc; i++) |
155 | { | |
123a84d3 | 156 | build_binary_checksum(argv[i]); |
12c68f1b | 157 | } |
289c4245 | 158 | #ifdef S_PLUGINS |
89bad63b | 159 | build_plugin_checksums(S_PLUGINS); |
289c4245 | 160 | #endif |
af9341c2 AS |
161 | #ifdef P_PLUGINS |
162 | build_plugin_checksums(P_PLUGINS); | |
163 | #endif | |
e8f65c5c AS |
164 | #ifdef T_PLUGINS |
165 | build_plugin_checksums(T_PLUGINS); | |
3dbc5dfe MW |
166 | #endif |
167 | #ifdef C_PLUGINS | |
89bad63b | 168 | build_plugin_checksums(C_PLUGINS); |
3dbc5dfe | 169 | #endif |
123a84d3 | 170 | |
12c68f1b MW |
171 | printf("};\n"); |
172 | printf("\n"); | |
173 | printf("int checksum_count = countof(checksums);\n"); | |
174 | printf("\n"); | |
175 | integrity->destroy(integrity); | |
7daf5226 | 176 | |
12c68f1b MW |
177 | exit(0); |
178 | } | |
179 |