[thirdparty/strongswan.git] / src / checksum / checksum_builder.c

/*
 * Copyright (C) 2009 Martin Willi
 *
 * Copyright (C) secunet Security Networks AG
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#define _GNU_SOURCE
#include <stdlib.h>
#include <stdio.h>
#include <dlfcn.h>

#include <library.h>
#include <daemon.h>
#include <collections/enumerator.h>

/**
 * Integrity checker
 */
integrity_checker_t *integrity;

/**
 * Create the checksum of a binary, using name and a symbol name
 */
static void build_checksum(char *path, char *name, char *sname)
{
	void *handle, *symbol;
	uint32_t fsum, ssum;
	size_t fsize = 0;
	size_t ssize = 0;

	fsum = integrity->build_file(integrity, path, &fsize);
	ssum = 0;
	if (sname)
	{
		handle = dlopen(path, RTLD_LAZY);
		if (handle)
		{
			symbol = dlsym(handle, sname);
			if (symbol)
			{
				ssum = integrity->build_segment(integrity, symbol, &ssize);
			}
			else
			{
				fprintf(stderr, "symbol lookup failed: %s\n", dlerror());
			}
			dlclose(handle);
		}
		else
		{
			fprintf(stderr, "dlopen failed: %s\n", dlerror());
		}
	}
	printf("\t{\"%-25s%7u, 0x%08x, %6u, 0x%08x},\n",
		   name, fsize, fsum, ssize, ssum);
	fprintf(stderr, "\"%-25s%7u / 0x%08x       %6u / 0x%08x\n",
			name, fsize, fsum, ssize, ssum);
}

/**
 * Build checksums for a set of plugins
 */
static void build_plugin_checksums(char *plugins)
{
	enumerator_t *enumerator;
	char *plugin, path[256], under[128], sname[128], name[128];

	enumerator = enumerator_create_token(plugins, " ", " ");
	while (enumerator->enumerate(enumerator, &plugin))
	{
		snprintf(under, sizeof(under), "%s", plugin);
		translate(under, "-", "_");
		snprintf(path, sizeof(path), "%s/libstrongswan-%s.so",
				 PLUGINDIR, plugin);
		snprintf(sname, sizeof(sname), "%s_plugin_create", under);
		snprintf(name, sizeof(name), "%s\",", plugin);
		build_checksum(path, name, sname);
	}
	enumerator->destroy(enumerator);
}

/**
 * Build checksums for a binary/library found at path
 */
static void build_binary_checksum(char *path)
{
	char *binary, *pos, name[128], sname[128];

	binary = strrchr(path, '/');
	if (binary)
	{
		binary++;
		pos = strrchr(binary, '.');
		if (pos && streq(pos, ".so"))
		{
			snprintf(name, sizeof(name), "%.*s\",", (int)(pos - binary),
					 binary);
			if (streq(name, "libstrongswan\","))
			{
				snprintf(sname, sizeof(sname), "%s", "library_init");
			}
			else
			{
				snprintf(sname, sizeof(sname), "%.*s_init", (int)(pos - binary),
						 binary);
			}
			build_checksum(path, name, sname);
		}
		else
		{
			snprintf(name, sizeof(name), "%s\",", binary);
			build_checksum(path, name, NULL);
		}
	}
}

int main(int argc, char* argv[])
{
	int i;

	/* forces link against libcharon, imports symbols needed to
	 * dlopen plugins */
	charon = NULL;

	/* avoid confusing leak reports in build process */
	setenv("LEAK_DETECTIVE_DISABLE", "1", 0);
	/* don't use a strongswan.conf, forces integrity check to disabled */
	library_init("", "checksum_builder");
	atexit(library_deinit);

	integrity = integrity_checker_create(NULL);

	printf("/**\n");
	printf(" * checksums of files and loaded code segments.\n");
	printf(" * created by %s\n", argv[0]);
	printf(" */\n");
	printf("\n");
	printf("#include <library.h>\n");
	printf("\n");
	printf("integrity_checksum_t checksums[] = {\n");
	fprintf(stderr, "integrity test data:\n");
	fprintf(stderr, "module name,            file size / checksum   "
					"segment size / checksum\n");
	for (i = 1; i < argc; i++)
	{
		build_binary_checksum(argv[i]);
	}
#ifdef S_PLUGINS
	build_plugin_checksums(S_PLUGINS);
#endif
#ifdef P_PLUGINS
	build_plugin_checksums(P_PLUGINS);
#endif
#ifdef T_PLUGINS
	build_plugin_checksums(T_PLUGINS);
#endif
#ifdef C_PLUGINS
	build_plugin_checksums(C_PLUGINS);
#endif

	printf("};\n");
	printf("\n");
	printf("int checksum_count = countof(checksums);\n");
	printf("\n");
	integrity->destroy(integrity);

	exit(0);
}
Commit	Line	Data
12c68f1b MW	1	/*
12c68f1b MW	2	* Copyright (C) 2009 Martin Willi
19ef2aec TB	3	*
19ef2aec TB	4	* Copyright (C) secunet Security Networks AG
12c68f1b MW	5	*
	6	* This program is free software; you can redistribute it and/or modify it
	7	* under the terms of the GNU General Public License as published by the
	8	* Free Software Foundation; either version 2 of the License, or (at your
	9	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	10	*
	11	* This program is distributed in the hope that it will be useful, but
	12	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	13	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	14	* for more details.
	15	*/
	16
16c8442a	17	#define _GNU_SOURCE
12c68f1b MW	18	#include <stdlib.h>
	19	#include <stdio.h>
	20	#include <dlfcn.h>
	21
	22	#include <library.h>
f147b731	23	#include <daemon.h>
12642a68	24	#include <collections/enumerator.h>
12c68f1b	25
123a84d3 MW	26	/**
	27	* Integrity checker
	28	*/
	29	integrity_checker_t *integrity;
	30
	31	/**
	32	* Create the checksum of a binary, using name and a symbol name
	33	*/
	34	static void build_checksum(char path, char name, char *sname)
	35	{
	36	void handle, symbol;
b12c53ce	37	uint32_t fsum, ssum;
123a84d3 MW	38	size_t fsize = 0;
	39	size_t ssize = 0;
	40
	41	fsum = integrity->build_file(integrity, path, &fsize);
	42	ssum = 0;
	43	if (sname)
	44	{
	45	handle = dlopen(path, RTLD_LAZY);
	46	if (handle)
	47	{
	48	symbol = dlsym(handle, sname);
	49	if (symbol)
	50	{
	51	ssum = integrity->build_segment(integrity, symbol, &ssize);
	52	}
	53	else
	54	{
	55	fprintf(stderr, "symbol lookup failed: %s\n", dlerror());
	56	}
	57	dlclose(handle);
	58	}
	59	else
	60	{
	61	fprintf(stderr, "dlopen failed: %s\n", dlerror());
	62	}
	63	}
4ad67fe7	64	printf("\t{\"%-25s%7u, 0x%08x, %6u, 0x%08x},\n",
123a84d3	65	name, fsize, fsum, ssize, ssum);
4ad67fe7	66	fprintf(stderr, "\"%-25s%7u / 0x%08x %6u / 0x%08x\n",
123a84d3 MW	67	name, fsize, fsum, ssize, ssum);
	68	}
	69
	70	/**
89bad63b	71	* Build checksums for a set of plugins
123a84d3	72	*/
89bad63b	73	static void build_plugin_checksums(char *plugins)
123a84d3 MW	74	{
	75	enumerator_t *enumerator;
	76	char *plugin, path[256], under[128], sname[128], name[128];
	77
	78	enumerator = enumerator_create_token(plugins, " ", " ");
	79	while (enumerator->enumerate(enumerator, &plugin))
	80	{
	81	snprintf(under, sizeof(under), "%s", plugin);
	82	translate(under, "-", "_");
89bad63b TB	83	snprintf(path, sizeof(path), "%s/libstrongswan-%s.so",
89bad63b TB	84	PLUGINDIR, plugin);
123a84d3 MW	85	snprintf(sname, sizeof(sname), "%s_plugin_create", under);
	86	snprintf(name, sizeof(name), "%s\",", plugin);
	87	build_checksum(path, name, sname);
	88	}
	89	enumerator->destroy(enumerator);
	90	}
	91
	92	/**
	93	* Build checksums for a binary/library found at path
	94	*/
	95	static void build_binary_checksum(char *path)
	96	{
	97	char binary, pos, name[128], sname[128];
	98
	99	binary = strrchr(path, '/');
	100	if (binary)
	101	{
	102	binary++;
	103	pos = strrchr(binary, '.');
	104	if (pos && streq(pos, ".so"))
	105	{
a05f3b20 TB	106	snprintf(name, sizeof(name), "%.*s\",", (int)(pos - binary),
a05f3b20 TB	107	binary);
123a84d3 MW	108	if (streq(name, "libstrongswan\","))
	109	{
	110	snprintf(sname, sizeof(sname), "%s", "library_init");
	111	}
	112	else
	113	{
a05f3b20 TB	114	snprintf(sname, sizeof(sname), "%.*s_init", (int)(pos - binary),
a05f3b20 TB	115	binary);
123a84d3 MW	116	}
	117	build_checksum(path, name, sname);
	118	}
	119	else
	120	{
	121	snprintf(name, sizeof(name), "%s\",", binary);
	122	build_checksum(path, name, NULL);
	123	}
	124	}
	125	}
	126
12c68f1b MW	127	int main(int argc, char* argv[])
	128	{
	129	int i;
7daf5226	130
28649f6d	131	/* forces link against libcharon, imports symbols needed to
9192f78f	132	* dlopen plugins */
f147b731 MW	133	charon = NULL;
f147b731 MW	134
12c68f1b MW	135	/* avoid confusing leak reports in build process */
12c68f1b MW	136	setenv("LEAK_DETECTIVE_DISABLE", "1", 0);
0eef2707	137	/* don't use a strongswan.conf, forces integrity check to disabled */
34d3bfcf	138	library_init("", "checksum_builder");
12c68f1b	139	atexit(library_deinit);
7daf5226	140
12c68f1b	141	integrity = integrity_checker_create(NULL);
7daf5226	142
12c68f1b MW	143	printf("/**\n");
	144	printf(" * checksums of files and loaded code segments.\n");
	145	printf(" * created by %s\n", argv[0]);
	146	printf(" */\n");
	147	printf("\n");
	148	printf("#include <library.h>\n");
	149	printf("\n");
	150	printf("integrity_checksum_t checksums[] = {\n");
e1089f59	151	fprintf(stderr, "integrity test data:\n");
c27e54a7 AS	152	fprintf(stderr, "module name, file size / checksum "
c27e54a7 AS	153	"segment size / checksum\n");
12c68f1b MW	154	for (i = 1; i < argc; i++)
12c68f1b MW	155	{
123a84d3	156	build_binary_checksum(argv[i]);
12c68f1b	157	}
289c4245	158	#ifdef S_PLUGINS
89bad63b	159	build_plugin_checksums(S_PLUGINS);
289c4245	160	#endif
af9341c2 AS	161	#ifdef P_PLUGINS
	162	build_plugin_checksums(P_PLUGINS);
	163	#endif
e8f65c5c AS	164	#ifdef T_PLUGINS
e8f65c5c AS	165	build_plugin_checksums(T_PLUGINS);
3dbc5dfe MW	166	#endif
3dbc5dfe MW	167	#ifdef C_PLUGINS
89bad63b	168	build_plugin_checksums(C_PLUGINS);
3dbc5dfe	169	#endif
123a84d3	170
12c68f1b MW	171	printf("};\n");
	172	printf("\n");
	173	printf("int checksum_count = countof(checksums);\n");
	174	printf("\n");
	175	integrity->destroy(integrity);
7daf5226	176
12c68f1b MW	177	exit(0);
	178	}
	179