diff -rup aide-0.12_rc1-orig/configure.in aide-0.12_rc1/configure.in --- aide-0.12_rc1-orig/configure.in 2006-10-13 11:11:52.000000000 -0400 +++ aide-0.12_rc1/configure.in 2006-10-16 12:27:30.000000000 -0400 @@ -555,9 +555,9 @@ AC_CHECK_LIB([mhash],[mhash_get_block_si [CRYPTLIB="${CRYPTLIB} -lmhash" compoptionstring="${compoptionstring}WITH_MHASH\\n" AC_DEFINE(WITH_MHASH,1,[use mhash library])], - [AC_MSG_ERROR(You must have libmhash installed as a static library.)] + [AC_MSG_WARN(No mhash means no hmac.)] ) -# [AC_MSG_WARN(You should have libmhash installed as a static library.)] +# [AC_MSG_ERROR(You must have libmhash installed as a static library.)] AC_SUBST(CRYPTLIB) @@ -632,13 +632,18 @@ AC_ARG_WITH([dbhmactype], [Hash type to use for checking db. Valid values are md5 and sha1.]), [if test "x$withval" = "xmd5" ;then DBHMACTYPE="MHASH_MD5" - else - if test "x$withval" = "xsha1" ;then + else if test "x$withval" = "xsha1" ;then DBHMACTYPE="MHASH_SHA1" - else - echo "Valid parameters for --with-dbhmactype are md5, sha1" + else if test "x$withval" = "xsha256" ;then + CONFIGHMACTYPE="MHASH_SHA256" + else if test "x$withval" = "xsha512" ;then + CONFIGHMACTYPE="MHASH_SHA512" + else + echo "Valid parameters for --with-dbhmactype are md5, sha1, sha256 and sha512" exit 1 - fi + fi + fi + fi fi AC_DEFINE_UNQUOTED(DBHMACTYPE,$DBHMACTYPE,[hash type for checking db])], [ Only in aide-0.12_rc1: configure.in.nomhash Only in aide-0.12_rc1: configure.nomhash diff -rup aide-0.12_rc1-orig/include/db_config.h aide-0.12_rc1/include/db_config.h --- aide-0.12_rc1-orig/include/db_config.h 2006-10-13 11:11:52.000000000 -0400 +++ aide-0.12_rc1/include/db_config.h 2006-10-16 12:27:30.000000000 -0400 @@ -356,20 +356,21 @@ typedef struct db_config { char* config_file; char* config_version; + + int do_dbnewmd; + int do_dboldmd; #ifdef WITH_MHASH int do_configmd; MHASH confmd; hashid confhmactype; char* old_confmdstr; - int do_dbnewmd; - int do_dboldmd; hashid dbhmactype; MHASH dbnewmd; MHASH dboldmd; +#endif char* old_dbnewmdstr; char* old_dboldmdstr; -#endif /* The following three a lists of rx_rule*s */ @@ -425,16 +426,16 @@ typedef struct db_line { byte* sha1; byte* rmd160; byte* tiger; - byte* crc32; - byte* haval; - byte* gost; - byte* crc32b; byte* sha256; byte* sha512; - byte* whirlpool; - + byte* crc32; /* MHASH only */ + byte* haval; + byte* gost; + byte* crc32b; + byte* whirlpool; + acl_type* acl; /* Something here.. */ Only in aide-0.12_rc1/include: db_config.h.nomhash diff -rup aide-0.12_rc1-orig/src/aide.c aide-0.12_rc1/src/aide.c --- aide-0.12_rc1-orig/src/aide.c 2006-10-13 11:11:52.000000000 -0400 +++ aide-0.12_rc1/src/aide.c 2006-10-16 12:27:38.000000000 -0400 @@ -276,19 +276,27 @@ void setdefaults_before_config() error_init(u,1); conf->config_file=CONFIG_FILE; + conf->config_version=NULL; + +#ifdef WITH_ACL + conf->no_acl_on_symlinks=0; /* zero means don't do ACLs on symlinks */ +#endif + #ifdef WITH_MHASH conf->do_configmd=0; conf->confmd=NULL; conf->confhmactype=CONFIGHMACTYPE; conf->old_confmdstr=NULL; - conf->do_dbnewmd=0; - conf->do_dboldmd=0; conf->dbhmactype=DBHMACTYPE; - conf->old_dbnewmdstr=NULL; - conf->old_dboldmdstr=NULL; conf->dbnewmd=NULL; conf->dboldmd=NULL; #endif + + conf->do_dbnewmd=0; + conf->do_dboldmd=0; + conf->old_dbnewmdstr=NULL; + conf->old_dboldmdstr=NULL; + conf->db_out_order=(DB_FIELD*)malloc(sizeof(DB_FIELD)*db_unknown); conf->db_out_size=1; conf->db_out_order[0]=db_filename; @@ -303,10 +311,12 @@ void setdefaults_before_config() conf->db_new=NULL; conf->db_out_url=NULL; conf->db_out=NULL; + #ifdef WITH_ZLIB conf->db_gzin=0; conf->db_gznew=0; conf->gzip_dbout=0; + conf->db_gzout=0; #endif conf->action=0; @@ -342,7 +352,6 @@ void setdefaults_before_config() do_groupdef("rmd160",DB_RMD160); do_groupdef("sha256",DB_SHA256); do_groupdef("sha512",DB_SHA512); - do_groupdef("whirlpool",DB_WHIRLPOOL); do_groupdef("acl",DB_ACL); do_groupdef("xattrs",DB_XATTRS); @@ -356,6 +365,7 @@ void setdefaults_before_config() */ do_groupdef("haval",DB_HAVAL); do_groupdef("gost",DB_GOST); + do_groupdef("whirlpool",DB_WHIRLPOOL); #endif do_groupdef("R",DB_PERM|DB_INODE|DB_LNKCOUNT|DB_UID|DB_GID|DB_SIZE| Only in aide-0.12_rc1/src: aide.c.nomhash diff -rup aide-0.12_rc1-orig/src/commandconf.c aide-0.12_rc1/src/commandconf.c --- aide-0.12_rc1-orig/src/commandconf.c 2006-10-13 11:11:52.000000000 -0400 +++ aide-0.12_rc1/src/commandconf.c 2006-10-16 12:27:30.000000000 -0400 @@ -256,9 +256,14 @@ int db_input_wrapper(char* buf, int max_ switch(db) { case DB_OLD: { db_url=conf->db_in_url; + domd=&(conf->do_dboldmd); +#ifdef WITH_MHASH md=&(conf->dboldmd); +#endif + db_filep=&(conf->db_in); + #ifdef WITH_ZLIB db_gzp=&(conf->db_gzin); #endif @@ -266,9 +271,14 @@ int db_input_wrapper(char* buf, int max_ } case DB_NEW: { db_url=conf->db_new_url; + domd=&(conf->do_dbnewmd); +#ifdef WITH_MHASH md=&(conf->dbnewmd); +#endif + db_filep=&(conf->db_new); + #ifdef WITH_ZLIB db_gzp=&(conf->db_gznew); #endif @@ -305,10 +315,10 @@ int db_input_wrapper(char* buf, int max_ } else { /* gzread returns 0 even if uncompressed bytes were read*/ error(240,"nread=%d,strlen(buf)=%d,errno=%s,gzerr=%s\n", - retval,strlen((char*)buf),strerror(errno), + retval,strnlen((char*)buf, max_size),strerror(errno), gzerror(*db_gzp,&err)); if(retval==0){ - retval=strlen((char*)buf); + retval=strnlen((char*)buf, max_size); } } } @@ -380,8 +390,8 @@ int db_input_wrapper(char* buf, int max_ mhash(*md,(void*)buf,retval); } } -#endif } +#endif #ifdef WITH_CURL } Only in aide-0.12_rc1/src: commandconf.c.nomhash diff -rup aide-0.12_rc1-orig/src/db.c aide-0.12_rc1/src/db.c --- aide-0.12_rc1-orig/src/db.c 2006-10-13 11:11:52.000000000 -0400 +++ aide-0.12_rc1/src/db.c 2006-10-16 12:27:30.000000000 -0400 @@ -232,6 +232,14 @@ static char *db_readchar(char *s) return strdup(s); } +#define WARN_ONCE(x) case db_ ## x : { \ + static int warn_once_ ## x = 0; \ + if (! warn_once_ ## x ) \ + error(0,_("Hash %s uses MHASH, which is not enabled.\n"), \ + #x ); \ + warn_once_ ## x = 1; \ + } break + db_line* db_char2line(char** ss,int db){ int i; @@ -263,13 +271,13 @@ db_line* db_char2line(char** ss,int db){ line->sha1=NULL; line->rmd160=NULL; line->tiger=NULL; -#ifdef WITH_MHASH - line->crc32=NULL; + + line->crc32=NULL; /* MHASH stuff.. */ line->crc32b=NULL; line->haval=NULL; line->gost=NULL; line->whirlpool=NULL; -#endif + line->sha256=NULL; line->sha512=NULL; line->perm=0; @@ -385,6 +393,12 @@ db_line* db_char2line(char** ss,int db){ strlen(ss[(*db_order)[i]]), NULL); break; } +#else + WARN_ONCE(crc32); + WARN_ONCE(gost); + WARN_ONCE(haval); + WARN_ONCE(crc32b); + WARN_ONCE(whirlpool); #endif case db_sha256 : { line->sha256=base64tobyte(ss[(*db_order)[i]], Only in aide-0.12_rc1/src: db.c.nomhash diff -rup aide-0.12_rc1-orig/src/db_file.c aide-0.12_rc1/src/db_file.c --- aide-0.12_rc1-orig/src/db_file.c 2006-10-13 11:11:52.000000000 -0400 +++ aide-0.12_rc1/src/db_file.c 2006-10-16 12:27:30.000000000 -0400 @@ -68,12 +68,20 @@ void handle_gzipped_input(int out,gzFile error(0,_("gzread() failed: gzerr=%s!\n"),gzerror(*gzp,&err)); exit(1); } else { + int tmp = 0; + /* gzread returns 0 even if uncompressed bytes were read */ if(nread==0){ - write(out, buf,strlen((char*)buf)); + tmp = strlen((char*)buf); } else { - write(out, buf,nread); + tmp = nread; + } + if (write(out, buf,nread) != tmp) + { + error(0,_("write() failed: %m\n")); + exit(1); } + error(240,"nread=%d,strlen(buf)=%d,errno=%s,gzerr=%s\n", nread,strlen((char*)buf),strerror(errno), gzerror(*gzp,&err)); @@ -285,7 +293,9 @@ char** db_readline_file(int db){ int gotbegin_db=0; int gotend_db=0; int* domd=NULL; +#ifdef WITH_MHASH MHASH* md=NULL; +#endif char** oldmdstr=NULL; int* db_osize=0; DB_FIELD** db_order=NULL; @@ -297,23 +307,30 @@ char** db_readline_file(int db){ switch (db) { case DB_OLD: { +#ifdef WITH_MHASH md=&(conf->dboldmd); +#endif domd=&(conf->do_dboldmd); oldmdstr=&(conf->old_dboldmdstr); + db_osize=&(conf->db_in_size); db_order=&(conf->db_in_order); db_filep=&(conf->db_in); db_url=conf->db_in_url; db_lineno=&db_in_lineno; + #ifdef WITH_ZLIB db_gzp=&(conf->db_gzin); #endif break; } case DB_NEW: { +#ifdef WITH_MHASH md=&(conf->dbnewmd); +#endif domd=&(conf->do_dbnewmd); oldmdstr=&(conf->old_dbnewmdstr); + db_osize=&(conf->db_new_size); db_order=&(conf->db_new_order); db_filep=&(conf->db_new); @@ -493,7 +510,8 @@ char** db_readline_file(int db){ if(token!=TSTRING){ error(0,_("Corrupt db. Checksum garbled\n")); abort(); - } else { + } else { /* FIXME: this probably isn't right */ +#ifdef WITH_MHASH if(*md){ byte* dig=NULL; char* digstr=NULL; @@ -509,10 +527,13 @@ char** db_readline_file(int db){ error(0,_("Db checksum mismatch for db:%i\n"),db); abort(); } - }else { + } + else + { error(0,"@@end_db found without @@begin_db in db:%i\n",db); abort(); } +#endif } token=db_scan(); if(token!=TNEWLINE){ Only in aide-0.12_rc1/src: db_file.c.nomhash diff -rup aide-0.12_rc1-orig/src/do_md.c aide-0.12_rc1/src/do_md.c --- aide-0.12_rc1-orig/src/do_md.c 2006-10-13 11:11:52.000000000 -0400 +++ aide-0.12_rc1/src/do_md.c 2006-10-16 12:27:30.000000000 -0400 @@ -364,7 +364,10 @@ void acl2line(db_line* line) { /* use tmp, so free() can be called instead of acl_free() */ tmp = acl_to_text(acl_a, NULL); - ret->acl_a = strdup(tmp); + if (!tmp || !*tmp) + ret->acl_a = NULL; + else + ret->acl_a = strdup(tmp); acl_free(tmp); if (!acl_d) @@ -372,7 +375,7 @@ void acl2line(db_line* line) { else { tmp = acl_to_text(acl_d, NULL); - if (!*tmp) + if (!tmp || !*tmp) ret->acl_d = NULL; else ret->acl_d = strdup(tmp); Only in aide-0.12_rc1/src: do_md.c.nomhash