From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 27 Jun 2023 17:03:32 +0000 (+0200)
Subject: libimcv: Add Debian 12 (bookworm) to database
X-Git-Tag: android-2.4.2~22^2~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=55273157b01560800fd2c67bbdaad4b4fbe58ba8;p=thirdparty%2Fstrongswan.git

libimcv: Add Debian 12 (bookworm) to database

Because libcrypto and libssl are measured, we need a new group for Debian
versions with OpenSSL 3 (I've rather added a suffix to the old group as
that could eventually get removed, although we might need a 3.1 variant
in the future - maybe we should measure some other files?).
---

diff --git a/src/libimcv/imv/data.sql b/src/libimcv/imv/data.sql
index 1b32d28d4f..88e1e330f7 100644
--- a/src/libimcv/imv/data.sql
+++ b/src/libimcv/imv/data.sql
@@ -616,6 +616,12 @@ INSERT INTO products (      /* 103 */
  'Debian 11 x86_64'
 );
 
+INSERT INTO products (      /* 104 */
+  name
+) VALUES (
+ 'Debian 12 x86_64'
+);
+
 /* Directories */
 
 INSERT INTO directories (		/*  1 */
@@ -740,6 +746,18 @@ INSERT INTO files (				/*  6 */
   'tnc_config', 2
 );
 
+INSERT INTO files (             /*  7 */
+  name, dir
+) VALUES (
+ 'libcrypto.so.3', 11
+);
+
+INSERT INTO files (             /*  8 */
+  name, dir
+) VALUES (
+ 'libssl.so.3', 11
+);
+
 /* Algorithms */
 
 INSERT INTO algorithms (
@@ -995,7 +1013,7 @@ INSERT INTO groups (			/*  4 */
 INSERT INTO groups (			/*  5 */
   name, parent
 ) VALUES (
-  'Debian x86_64', 2
+  'Debian x86_64 OpenSSL 1.1', 2
 );
 
 INSERT INTO groups (			/*  6 */
@@ -1064,6 +1082,12 @@ INSERT INTO groups (      /* 16 */
   'TPM TBOOT'
 );
 
+INSERT INTO groups (      /* 17 */
+  name, parent
+) VALUES (
+  'Debian x86_64', 2
+);
+
 /* Default Product Groups */
 
 INSERT INTO groups_product_defaults (
@@ -1678,6 +1702,12 @@ INSERT INTO groups_product_defaults (
   15, 79
 );
 
+INSERT INTO groups_product_defaults (
+  group_id, product_id
+) VALUES (
+  17, 104
+);
+
 /* Policies */
 
 INSERT INTO policies (			/*  1 */
@@ -1812,6 +1842,18 @@ INSERT INTO policies (          /* 22 */
   16, 'TPM TBOOT Measurements', 'T', 2, 2
 );
 
+INSERT INTO policies (          /* 23 */
+  type, name, file, rec_fail, rec_noresult
+) VALUES (
+  6, 'Measure /usr/lib/x86_64-linux-gnu/libcrypto.so.3', 7, 2, 2
+);
+
+INSERT INTO policies (          /* 24 */
+  type, name, file, rec_fail, rec_noresult
+) VALUES (
+  6, 'Measure /usr/lib/x86_64-linux-gnu/libssl.so.3', 8, 2, 2
+);
+
 /* Enforcements */
 
 INSERT INTO enforcements (		/*  1 */
@@ -1922,6 +1964,18 @@ INSERT INTO enforcements (      /* 18 */
   22, 16, 60
 );
 
+INSERT INTO enforcements (      /* 19 */
+  policy, group_id, max_age
+) VALUES (
+  23, 17, 86400
+);
+
+INSERT INTO enforcements (      /* 20 */
+  policy, group_id, max_age
+) VALUES (
+  24, 17, 86400
+);
+
 /* swid_entities */
 
 INSERT INTO "swid_entities" (		/*  1 */