diff -rup aide-0.12-rc1-orig/config.h.in aide-0.12-rc1/config.h.in
--- aide-0.12-rc1-orig/config.h.in 2006-07-15 13:44:27.000000000 -0400
+++ aide-0.12-rc1/config.h.in 2006-10-11 10:32:02.000000000 -0400
@@ -279,16 +279,16 @@
/* use bundled GNU regex */
#undef REGEX
-/* The size of `unsigned int', as computed by sizeof. */
+/* The size of a `unsigned int', as computed by sizeof. */
#undef SIZEOF_UNSIGNED_INT
-/* The size of `unsigned long', as computed by sizeof. */
+/* The size of a `unsigned long', as computed by sizeof. */
#undef SIZEOF_UNSIGNED_LONG
-/* The size of `unsigned long long', as computed by sizeof. */
+/* The size of a `unsigned long long', as computed by sizeof. */
#undef SIZEOF_UNSIGNED_LONG_LONG
-/* The size of `unsigned short', as computed by sizeof. */
+/* The size of a `unsigned short', as computed by sizeof. */
#undef SIZEOF_UNSIGNED_SHORT
/* Define to 1 if you have the ANSI C header files. */
@@ -315,9 +315,15 @@
/* use mhash library */
#undef WITH_MHASH
+/* use POSIX ACLs */
+#undef WITH_POSIX_ACL
+
/* postgresql support */
#undef WITH_PSQL
+/* use SELinux */
+#undef WITH_SELINUX
+
/* use ACL on Solaris */
#undef WITH_SUN_ACL
@@ -331,6 +337,9 @@
/* Select 64 bits filesystem interface */
#undef _FILE_OFFSET_BITS
+/* unhide _GLIBC symbols */
+#undef _GNU_SOURCE
+
/* Additional functionality from LFS */
#undef _LARGEFILE64_SOURCE
diff -rup aide-0.12-rc1-orig/configure.in aide-0.12-rc1/configure.in
--- aide-0.12-rc1-orig/configure.in 2006-05-31 05:09:03.000000000 -0400
+++ aide-0.12-rc1/configure.in 2006-10-11 12:41:49.000000000 -0400
@@ -57,6 +57,9 @@ AC_ARG_WITH(extra-link-libs,
[LIBS="$LIBS $withval"]
)
+dnl Do the right thing for glibc...
+AC_DEFINE(_GNU_SOURCE,1,[unhide _GLIBC symbols])
+
dnl This is borrowed from libtool
if test $ac_cv_prog_gcc = yes; then
@@ -338,7 +341,7 @@ AC_ARG_WITH([curl],
)
-AC_MSG_CHECKING(for acl-support)
+AC_MSG_CHECKING(for sun-acl-support)
AC_ARG_WITH(sun-acl,
AC_HELP_STRING([--with-sun-acl],
[use ACL on solaris (no checking)]),
@@ -349,8 +352,31 @@ AC_ARG_WITH(sun-acl,
[AC_MSG_RESULT(no)]
)
+AC_MSG_CHECKING(for posix-acl-support)
+AC_ARG_WITH(posix-acl,
+ AC_HELP_STRING([--with-posix-acl],
+ [use POSIX ACLs (no checking)]),
+ [AC_DEFINE(WITH_POSIX_ACL,1,[use POSIX ACLs])
+ AC_DEFINE(WITH_ACL,1,[use ACL])
+ ACLLIB="-lacl"
+ AC_MSG_RESULT(yes)],
+ [AC_MSG_RESULT(no)]
+)
+
AC_SUBST(ACLLIB)
+AC_MSG_CHECKING(for selinux-support)
+AC_ARG_WITH(selinux,
+ AC_HELP_STRING([--with-selinux],
+ [use SELinux (no checking)]),
+ [AC_DEFINE(WITH_SELINUX,1,[use SELinux])
+ SELINUXLIB="-lselinux"
+ AC_MSG_RESULT(yes)],
+ [AC_MSG_RESULT(no)]
+)
+
+AC_SUBST(SELINUXLIB)
+
# Check whether LFS has explicitly been disabled
AC_ARG_ENABLE(lfs,[ --disable-lfs Disable large file support on 32-bit platforms], [aide_lfs_choice=$enableval], [aide_lfs_choice=yes])
@@ -531,21 +557,27 @@ AC_CHECK_LIB([mhash],[mhash_get_block_si
AC_DEFINE(WITH_MHASH,1,[use mhash library])],
[AC_MSG_ERROR(You must have libmhash installed as a static library.)]
)
+# [AC_MSG_WARN(You should have libmhash installed as a static library.)]
AC_SUBST(CRYPTLIB)
AC_ARG_WITH([confighmactype],
AC_HELP_STRING([--with-confighmactype=TYPE],
- [Hash type to use for checking config. Valid values are md5 and sha1.]),
+ [Hash type to use for checking config. Valid values are md5, sha1, sha256 and sha512.]),
[if test "x$withval" = "xmd5" ;then
CONFIGHMACTYPE="MHASH_MD5"
- else
- if test "x$withval" = "xsha1" ;then
+ else if test "x$withval" = "xsha1" ;then
CONFIGHMACTYPE="MHASH_SHA1"
- else
- echo "Valid parameters for --with-confighmactype are md5, sha1"
- exit 1
- fi
+ else if test "x$withval" = "xsha256" ;then
+ CONFIGHMACTYPE="MHASH_SHA256"
+ else if test "x$withval" = "xsha512" ;then
+ CONFIGHMACTYPE="MHASH_SHA512"
+ else
+ echo "Valid parameters for --with-confighmactype are md5, sha1, sha256 and sha512"
+ exit 1
+ fi
+ fi
+ fi
fi
AC_DEFINE_UNQUOTED(CONFIGHMACTYPE,$CONFIGHMACTYPE,[hash type for config file check])],
[
diff -rup aide-0.12-rc1-orig/doc/aide.conf.5 aide-0.12-rc1/doc/aide.conf.5
--- aide-0.12-rc1-orig/doc/aide.conf.5 2006-07-15 14:19:00.000000000 -0400
+++ aide-0.12-rc1/doc/aide.conf.5 2006-10-11 12:49:49.000000000 -0400
@@ -30,11 +30,11 @@ valid urls.
.IP "database"
The url from which database is read. There can only be one of these
lines. If there are multiple database lines then the first is used.
-The default value is "/usr/local/etc/aide.db".
+The default value is "/tmp/james/etc/aide.db".
.IP "database_out"
The url to which the new database is written to. There can only be one
of these lines. If there are multiple database_out lines then the
-first is used. The default value is "/usr/local/etc/aide.db.new".
+first is used. The default value is "/tmp/james/etc/aide.db.new".
.IP "database_new"
The url from which the other database for \-\-compare is read.
There is no default for this one.
diff -rup aide-0.12-rc1-orig/doc/aide.conf.in aide-0.12-rc1/doc/aide.conf.in
--- aide-0.12-rc1-orig/doc/aide.conf.in 2006-07-15 12:42:58.000000000 -0400
+++ aide-0.12-rc1/doc/aide.conf.in 2006-10-11 13:34:03.000000000 -0400
@@ -76,23 +76,29 @@ report_url=stdout
#m: mtime
#a: atime
#c: ctime
+#acl: Access Control Lists
+#selinux SELinux security context
+#xattrs: Extended file attributes
#S: check for growing size
#I: ignore changed filename
#md5: md5 checksum
#sha1: sha1 checksum
+#sha256: sha256 checksum
+#sha512: sha512 checksum
#rmd160: rmd160 checksum
#tiger: tiger checksum
-#R: p+i+n+u+g+s+m+c+md5
-#L: p+i+n+u+g
+#whirlpool: whirlpool checksum
+#R: p+i+n+u+g+s+m+c+acl+selinux+xattrs+md5
+#L: p+i+n+u+g+acl+selinux+xattrs
#E: Empty group
-#>: Growing logfile p+u+g+i+n+S
+#>: Growing logfile p+u+g+i+n+S+acl+selinux+xattrs
#The following are available if you have mhash support enabled.
#haval: haval checksum
#gost: gost checksum
#crc32: crc32 checksum
# Rule definition
-All=R+a+sha1+rmd160
+All=R+a+sha1+rmd160+sha256+sha512+whirlpool
# report_attributes is a special rule definition
# the attributes listed in it are alway displayed for changed files
@@ -107,7 +113,7 @@ All=R+a+sha1+rmd160
# Attributes that can be used to verify that aide in intact
# by people that have downloaded it from the web.
# Let's be paranoid
-Norm=s+n+b+md5+sha1+rmd160
+Norm=s+n+b+selinux+xattrs+md5+sha1+rmd160+sha256+sha512+whirlpool
# The commented rules are just examples the rest are used by
# make check
diff -rup aide-0.12-rc1-orig/doc/Makefile.in aide-0.12-rc1/doc/Makefile.in
--- aide-0.12-rc1-orig/doc/Makefile.in 2006-07-15 14:20:24.000000000 -0400
+++ aide-0.12-rc1/doc/Makefile.in 2006-10-11 12:49:28.000000000 -0400
@@ -1,8 +1,8 @@
-# Makefile.in generated by automake 1.7.9 from Makefile.am.
+# Makefile.in generated by automake 1.9.6 from Makefile.am.
# @configure_input@
-# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003
-# Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -32,7 +32,6 @@
# the Free Software Foundation, 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
#
-
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
@@ -40,7 +39,6 @@ pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = ..
-
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
INSTALL = @INSTALL@
install_sh_DATA = $(install_sh) -c -m 644
@@ -54,6 +52,26 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+subdir = doc
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
+ $(srcdir)/aide.1.in $(srcdir)/aide.conf.5.in \
+ $(srcdir)/aide.conf.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/version.m4 $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES = aide.conf aide.1 aide.conf.5
+SOURCES =
+DIST_SOURCES =
+man1dir = $(mandir)/man1
+am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)"
+man5dir = $(mandir)/man5
+NROFF = nroff
+MANS = $(man_MANS)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLLIB = @ACLLIB@
ACLOCAL = @ACLOCAL@
AIDE_USE_LOCALE = @AIDE_USE_LOCALE@
@@ -78,7 +96,6 @@ ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-GREP = @GREP@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
@@ -105,82 +122,88 @@ PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
PSQLLIB = @PSQLLIB@
RANLIB = @RANLIB@
+SELINUXLIB = @SELINUXLIB@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
-YFLAGS = @YFLAGS@
ac_ct_CC = @ac_ct_CC@
+ac_ct_RANLIB = @ac_ct_RANLIB@
+ac_ct_STRIP = @ac_ct_STRIP@
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
bindir = @bindir@
build_alias = @build_alias@
curlconfig = @curlconfig@
datadir = @datadir@
-datarootdir = @datarootdir@
-docdir = @docdir@
-dvidir = @dvidir@
exec_prefix = @exec_prefix@
host_alias = @host_alias@
-htmldir = @htmldir@
includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
libexecdir = @libexecdir@
-localedir = @localedir@
localstatedir = @localstatedir@
mandir = @mandir@
+mkdir_p = @mkdir_p@
oldincludedir = @oldincludedir@
-pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
-psdir = @psdir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
-
CLEANFILES = *~
-
man_MANS = aide.1 aide.conf.5
-
EXTRA_DIST = aide.1 aide.conf.5 manual.html
-subdir = doc
-ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
-CONFIG_HEADER = $(top_builddir)/config.h
-CONFIG_CLEAN_FILES = aide.conf aide.1 aide.conf.5
-DIST_SOURCES =
-
-NROFF = nroff
-MANS = $(man_MANS)
-DIST_COMMON = $(srcdir)/Makefile.in Makefile.am aide.1.in \
- aide.conf.5.in aide.conf.in
all: all-am
.SUFFIXES:
-$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4)
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/Makefile'; \
cd $(top_srcdir) && \
$(AUTOMAKE) --gnu doc/Makefile
-Makefile: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.in $(top_builddir)/config.status
- cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)
-aide.conf: $(top_builddir)/config.status aide.conf.in
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+aide.conf: $(top_builddir)/config.status $(srcdir)/aide.conf.in
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
-aide.1: $(top_builddir)/config.status aide.1.in
+aide.1: $(top_builddir)/config.status $(srcdir)/aide.1.in
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
-aide.conf.5: $(top_builddir)/config.status aide.conf.5.in
+aide.conf.5: $(top_builddir)/config.status $(srcdir)/aide.conf.5.in
cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
uninstall-info-am:
-
-man1dir = $(mandir)/man1
install-man1: $(man1_MANS) $(man_MANS)
@$(NORMAL_INSTALL)
- $(mkinstalldirs) $(DESTDIR)$(man1dir)
+ test -z "$(man1dir)" || $(mkdir_p) "$(DESTDIR)$(man1dir)"
@list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \
l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
for i in $$l2; do \
@@ -199,8 +222,8 @@ install-man1: $(man1_MANS) $(man_MANS)
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
- echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man1dir)/$$inst"; \
- $(INSTALL_DATA) $$file $(DESTDIR)$(man1dir)/$$inst; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \
done
uninstall-man1:
@$(NORMAL_UNINSTALL)
@@ -220,14 +243,12 @@ uninstall-man1:
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
- echo " rm -f $(DESTDIR)$(man1dir)/$$inst"; \
- rm -f $(DESTDIR)$(man1dir)/$$inst; \
+ echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man1dir)/$$inst"; \
done
-
-man5dir = $(mandir)/man5
install-man5: $(man5_MANS) $(man_MANS)
@$(NORMAL_INSTALL)
- $(mkinstalldirs) $(DESTDIR)$(man5dir)
+ test -z "$(man5dir)" || $(mkdir_p) "$(DESTDIR)$(man5dir)"
@list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \
l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
for i in $$l2; do \
@@ -246,8 +267,8 @@ install-man5: $(man5_MANS) $(man_MANS)
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
- echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man5dir)/$$inst"; \
- $(INSTALL_DATA) $$file $(DESTDIR)$(man5dir)/$$inst; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \
done
uninstall-man5:
@$(NORMAL_UNINSTALL)
@@ -267,8 +288,8 @@ uninstall-man5:
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
- echo " rm -f $(DESTDIR)$(man5dir)/$$inst"; \
- rm -f $(DESTDIR)$(man5dir)/$$inst; \
+ echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man5dir)/$$inst"; \
done
tags: TAGS
TAGS:
@@ -276,10 +297,6 @@ TAGS:
ctags: CTAGS
CTAGS:
-DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-
-top_distdir = ..
-distdir = $(top_distdir)/$(PACKAGE)-$(VERSION)
distdir: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
@@ -293,7 +310,7 @@ distdir: $(DISTFILES)
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
dir="/$$dir"; \
- $(mkinstalldirs) "$(distdir)$$dir"; \
+ $(mkdir_p) "$(distdir)$$dir"; \
else \
dir=''; \
fi; \
@@ -311,9 +328,10 @@ distdir: $(DISTFILES)
check-am: all-am
check: check-am
all-am: Makefile $(MANS)
-
installdirs:
- $(mkinstalldirs) $(DESTDIR)$(man1dir) $(DESTDIR)$(man5dir)
+ for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man5dir)"; do \
+ test -z "$$dir" || $(mkdir_p) "$$dir"; \
+ done
install: install-am
install-exec: install-exec-am
install-data: install-data-am
@@ -334,7 +352,7 @@ clean-generic:
-test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
distclean-generic:
- -rm -f $(CONFIG_CLEAN_FILES)
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@@ -351,6 +369,8 @@ dvi: dvi-am
dvi-am:
+html: html-am
+
info: info-am
info-am:
@@ -386,8 +406,8 @@ uninstall-am: uninstall-info-am uninstal
uninstall-man: uninstall-man1 uninstall-man5
.PHONY: all all-am check check-am clean clean-generic distclean \
- distclean-generic distdir dvi dvi-am info info-am install \
- install-am install-data install-data-am install-exec \
+ distclean-generic distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-exec \
install-exec-am install-info install-info-am install-man \
install-man1 install-man5 install-strip installcheck \
installcheck-am installdirs maintainer-clean \
diff -rup aide-0.12-rc1-orig/include/base64.h aide-0.12-rc1/include/base64.h
--- aide-0.12-rc1-orig/include/base64.h 2003-01-16 05:37:34.000000000 -0500
+++ aide-0.12-rc1/include/base64.h 2006-10-10 02:16:13.000000000 -0400
@@ -43,7 +43,7 @@
char* encode_base64(byte* src,size_t ssize);
-byte* decode_base64(char* src,size_t ssize);
+byte* decode_base64(char* src,size_t ssize,size_t *);
/* Returns decoded length */
size_t length_base64(char* src,size_t ssize);
diff -rup aide-0.12-rc1-orig/include/commandconf.h aide-0.12-rc1/include/commandconf.h
--- aide-0.12-rc1-orig/include/commandconf.h 2003-01-16 05:37:34.000000000 -0500
+++ aide-0.12-rc1/include/commandconf.h 2006-10-11 03:39:53.000000000 -0400
@@ -31,7 +31,7 @@ int commandconf(const char mode,const ch
int conf_input_wrapper(char* buf, int max_size, FILE* in);
int db_input_wrapper(char* buf, int max_size, int db);
-list* append_rxlist(char*,int,list*);
+list* append_rxlist(char*,DB_ATTR_TYPE,list*);
void do_define(char*,char*);
@@ -41,9 +41,9 @@ int do_ifxdef(int,char*);
int do_ifxhost(int,char*);
-void do_groupdef(char*,int);
+void do_groupdef(char*,DB_ATTR_TYPE);
-int get_groupval(char*);
+DB_ATTR_TYPE get_groupval(char*);
void putbackvariable(char*);
diff -rup aide-0.12-rc1-orig/include/compare_db.h aide-0.12-rc1/include/compare_db.h
--- aide-0.12-rc1-orig/include/compare_db.h 2003-01-16 05:37:34.000000000 -0500
+++ aide-0.12-rc1/include/compare_db.h 2006-10-10 21:04:09.000000000 -0400
@@ -48,6 +48,6 @@ void init_rxlst(list* rxlst);
* compare_dbline()
* Return RETOK if same RETFAIL if not
*/
-int compare_dbline(db_line* old,db_line* new,int ignorelist);
+int compare_dbline(db_line* old,db_line* new,DB_ATTR_TYPE ignorelist);
#endif
diff -rup aide-0.12-rc1-orig/include/db_config.h aide-0.12-rc1/include/db_config.h
--- aide-0.12-rc1-orig/include/db_config.h 2005-12-19 05:52:21.000000000 -0500
+++ aide-0.12-rc1/include/db_config.h 2006-10-11 13:11:03.000000000 -0400
@@ -35,6 +35,10 @@
/* Warning! if acl in database is corrupted then
this will break down. See and fix db.c */
+#ifndef WITH_ACL
+# error "No ACL support ... but Sun ACL support."
+#endif
+
#include <sys/acl.h>
typedef struct acl_type{
int entries;
@@ -43,6 +47,43 @@ typedef struct acl_type{
#endif
+#ifdef WITH_POSIX_ACL /* POSIX acl works for Sun ACL, AIUI but anyway... */
+#include <sys/acl.h>
+#ifndef WITH_ACL
+# error "No ACL support ... but POSIX ACL support."
+#endif
+#endif
+
+typedef struct acl_type {
+ char *acl_a; /* ACCESS */
+ char *acl_d; /* DEFAULT, directories only */
+} acl_type;
+
+#define WITH_XATTR 1 /* FIXME: autoconf */
+
+#ifdef WITH_XATTR /* Do generic user Xattrs. */
+#include <sys/xattr.h>
+#include <attr/xattr.h>
+#endif
+
+typedef struct xattr_node
+{
+ char *key;
+ byte *val;
+ size_t vsz;
+} xattr_node;
+
+typedef struct xattrs_type
+{
+ size_t num;
+ size_t sz;
+ struct xattr_node *ents;
+} xattrs_type;
+
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#endif
+
#ifdef WITH_MHASH
#include <mhash.h>
#endif
@@ -104,53 +145,74 @@ typedef enum {
db_checkmask, /* "checkmask"*/
db_allownewfile, /* "allownewfile */
db_allowrmfile, /* "allowrmfile" */
+ db_sha256, /* "sha256", */
+ db_sha512, /* "sha512", */
+ db_whirlpool, /* "whirlpool", */
+ db_selinux, /* "selinux", */
+ db_xattrs, /* "xattrs", */
db_unknown } DB_FIELD; /* "unknown" */
/* db_unknown must be last because it is used to determine size of
DB_FILED */
+/* FIXME: THIS IS A HACK, somethimes we use AIDE_OFF_TYPE instead
+ * because that's what internal functions take. This bitmap needs to die. */
+#define DB_ATTR_TYPE unsigned long long
+#define DB_ATTR_UNDEF ((DB_ATTR_TYPE) -1)
+
/* WE need this for rx_rules since enums are not orrable (horrible) */
-#define DB_FILENAME (1<<0) /* "name", */
-#define DB_LINKNAME (1<<1) /* "lname", */
-#define DB_PERM (1<<2) /* "perm", */
-#define DB_UID (1<<3) /* "uid", */
-#define DB_GID (1<<4) /* "gid", */
-#define DB_SIZE (1<<5) /* "size", */
-#define DB_ATIME (1<<6) /* "atime", */
-#define DB_CTIME (1<<7) /* "ctime", */
-#define DB_MTIME (1<<8) /* "mtime", */
-#define DB_INODE (1<<9) /* "inode", */
-#define DB_BCOUNT (1<<10) /* "bcount", */
-#define DB_LNKCOUNT (1<<11) /* "lcount", */
-#define DB_MD5 (1<<12) /* "md5", */
-#define DB_SHA1 (1<<13) /* "sha1", */
-#define DB_RMD160 (1<<14) /* "rmd160", */
-#define DB_TIGER (1<<15) /* "tiger", */
+#define DB_FILENAME (1LLU<<0) /* "name", */
+#define DB_LINKNAME (1LLU<<1) /* "lname", */
+#define DB_PERM (1LLU<<2) /* "perm", */
+#define DB_UID (1LLU<<3) /* "uid", */
+#define DB_GID (1LLU<<4) /* "gid", */
+#define DB_SIZE (1LLU<<5) /* "size", */
+#define DB_ATIME (1LLU<<6) /* "atime", */
+#define DB_CTIME (1LLU<<7) /* "ctime", */
+#define DB_MTIME (1LLU<<8) /* "mtime", */
+#define DB_INODE (1LLU<<9) /* "inode", */
+#define DB_BCOUNT (1LLU<<10) /* "bcount", */
+#define DB_LNKCOUNT (1LLU<<11) /* "lcount", */
+#define DB_MD5 (1LLU<<12) /* "md5", */
+#define DB_SHA1 (1LLU<<13) /* "sha1", */
+#define DB_RMD160 (1LLU<<14) /* "rmd160", */
+#define DB_TIGER (1LLU<<15) /* "tiger", */
/*
We want to matk these newertheless we have a
hash-functon or not.
*/
-#define DB_CRC32 (1<<16) /* "crc32", */
-#define DB_HAVAL (1<<17) /* "haval", */
-#define DB_GOST (1<<18) /* "gost", */
-#define DB_CRC32B (1<<19) /* "crc32b", */
-#define DB_ATTR (1<<20) /* "attr" */
-#define DB_ACL (1<<21) /* "acl" */
-#define DB_BSIZE (1<<22) /* "bsize" */
-#define DB_RDEV (1<<23) /* "rdev" */
-#define DB_DEV (1<<24) /* "dev" */
-
-#define DB_CHECKMASK (1<<25) /* "checkmask"*/
-#define DB_SIZEG (1<<26) /* "unknown" */
-#define DB_CHECKINODE (1<<27) /* "checkinode"*/
-#define DB_NEWFILE (1<<28) /* "allow new file" */
-#define DB_RMFILE (1<<29) /* "allot rm file" */
+#define DB_CRC32 (1LLU<<16) /* "crc32", */
+#define DB_HAVAL (1LLU<<17) /* "haval", */
+#define DB_GOST (1LLU<<18) /* "gost", */
+#define DB_CRC32B (1LLU<<19) /* "crc32b", */
+// #define DB_ATTR (1LLU<<20) /* "attr" */
+#define DB_ACL (1LLU<<21) /* "acl" */
+#define DB_BSIZE (1LLU<<22) /* "bsize" */
+#define DB_RDEV (1LLU<<23) /* "rdev" */
+#define DB_DEV (1LLU<<24) /* "dev" */
+
+#define DB_CHECKMASK (1LLU<<25) /* "checkmask"*/
+#define DB_SIZEG (1LLU<<26) /* "unknown" */
+#define DB_CHECKINODE (1LLU<<27) /* "checkinode"*/
+#define DB_NEWFILE (1LLU<<28) /* "allow new file" */
+#define DB_RMFILE (1LLU<<29) /* "allot rm file" */
+#define DB_SHA256 (1LLU<<30) /* "sha256", */
+#define DB_SHA512 (1LLU<<31) /* "sha512", */
+#define DB_SELINUX (1LLU<<32) /* "selinux", */
+#define DB_XATTRS (1LLU<<33) /* "xattrs", */
+#define DB_WHIRLPOOL (1LLU<<34) /* "whirlpool", */
#define DB_HASHES (DB_MD5|DB_SHA1|DB_RMD160|DB_TIGER|DB_CRC32|DB_HAVAL| \
- DB_GOST|DB_CRC32B)
+ DB_GOST|DB_CRC32B|DB_SHA256|DB_SHA512|DB_WHIRLPOOL)
-const static char* db_names[] = {
+/* This is stupid, should be functions, but static data means if it isn't used
+ * but this header is included we get a warning ... so kill the warning */
+#ifdef __GNUC__
+# define DB__ATTR_USED() __attribute__ ((used))
+#endif
+
+static DB__ATTR_USED() const char* db_names[] = {
"name",
"lname",
"perm",
@@ -178,9 +240,14 @@ const static char* db_names[] = {
"dev",
"checkmask",
"unknown",
- "allownewfiles"} ;
+ "allownewfiles",
+ "sha256",
+ "sha512",
+ "selinux",
+ "xattrs",
+ "whirlpool"} ;
-const static int db_value[] = {
+static DB__ATTR_USED() const int db_value[] = {
db_filename, /* "name", */
db_linkname, /* "lname", */
db_perm, /* "perm", */
@@ -209,18 +276,23 @@ const static int db_value[] = {
db_checkmask, /* "checkmask" */
db_allownewfile, /* "allownewfile" */
db_allowrmfile, /* "allowrmfile" */
+ db_sha256, /* "sha256", */
+ db_sha512, /* "sha512", */
+ db_selinux, /* "selinux", */
+ db_xattrs, /* "xattrs", */
+ db_whirlpool, /* "whirlpool", */
db_unknown }; /* "unknown" */
/* db_namealias && db_aliasvalue are here to support earlier database
* names that are no longer used. */
-const static char* db_namealias[] = {
+static DB__ATTR_USED() const char* db_namealias[] = {
"count" } ;
-const static int db_aliasvalue[] = {
+static DB__ATTR_USED() const int db_aliasvalue[] = {
db_lnkcount } ; /* "count", */
-const static int db_alias_size=1;
+static DB__ATTR_USED() const int db_alias_size=1;
/* TIMEBUFSIZE should be exactly ceil(sizeof(time_t)*8*ln(2)/ln(10))
* Now it is ceil(sizeof(time_t)*2.5)
@@ -337,7 +409,7 @@ typedef struct db_config {
time_t end_time;
int symlinks_found;
- int attr;
+ DB_ATTR_TYPE attr;
#ifdef WITH_ACL
int no_acl_on_symlinks;
@@ -358,10 +430,13 @@ typedef struct db_line {
byte* gost;
byte* crc32b;
-#ifdef WITH_ACL
+ byte* sha256;
+ byte* sha512;
+
+ byte* whirlpool;
+
acl_type* acl;
/* Something here.. */
-#endif
mode_t perm;
mode_t perm_o; /* Permission for tree traverse */
@@ -379,8 +454,12 @@ typedef struct db_line {
char* filename;
char* linkname;
+ char *cntx;
+
+ xattrs_type* xattrs;
+
/* Attributes .... */
- int attr;
+ DB_ATTR_TYPE attr;
} db_line;
diff -rup aide-0.12-rc1-orig/include/db_sql.h aide-0.12-rc1/include/db_sql.h
--- aide-0.12-rc1-orig/include/db_sql.h 2004-10-23 07:15:48.000000000 -0400
+++ aide-0.12-rc1/include/db_sql.h 2006-10-11 05:07:20.000000000 -0400
@@ -22,7 +22,7 @@
#define _DB_SQL_H_INCLUDED
-const static char* db_sql_types[] = {
+static __attribute__ ((used)) const char* db_sql_types[] = {
"text unique primary key",/* "name", */
"text", /* "lname", */
"int", /* "perm", */
diff -rup aide-0.12-rc1-orig/include/do_md.h aide-0.12-rc1/include/do_md.h
--- aide-0.12-rc1-orig/include/do_md.h 2003-01-16 05:37:34.000000000 -0500
+++ aide-0.12-rc1/include/do_md.h 2006-10-11 02:25:22.000000000 -0400
@@ -31,5 +31,6 @@
list* do_md(list* file_lst,db_config* conf);
+void acl2line(db_line* line);
#endif /* _DO_MD_H_INCLUDED */
diff -rup aide-0.12-rc1-orig/include/gen_list.h aide-0.12-rc1/include/gen_list.h
--- aide-0.12-rc1-orig/include/gen_list.h 2003-01-16 05:37:34.000000000 -0500
+++ aide-0.12-rc1/include/gen_list.h 2006-10-10 21:11:12.000000000 -0400
@@ -29,7 +29,7 @@
typedef struct rx_rule {
char* rx; /* Regular expression in text form */
regex_t* crx; /* Compiled regexp */
- int attr; /* Which attributes to save */
+ DB_ATTR_TYPE attr; /* Which attributes to save */
long conf_lineno; /* line no. of rule definition*/
} rx_rule;
@@ -62,11 +62,11 @@ void populate_tree(seltree* tree);
char* strrxtok(char*);
-int check_list_for_match(list*,char*,int*);
+int check_list_for_match(list*,char*,DB_ATTR_TYPE*);
-int check_rxtree(char* filename,seltree* tree, int* attr);
+int check_rxtree(char* filename,seltree* tree, DB_ATTR_TYPE* attr);
-db_line* get_file_attrs(char* filename,int attr);
+db_line* get_file_attrs(char* filename,DB_ATTR_TYPE attr);
seltree* get_seltree_node(seltree* tree,char* path);
diff -rup aide-0.12-rc1-orig/include/md.h aide-0.12-rc1/include/md.h
--- aide-0.12-rc1-orig/include/md.h 2005-04-06 05:50:02.000000000 -0400
+++ aide-0.12-rc1/include/md.h 2006-10-11 13:21:45.000000000 -0400
@@ -32,7 +32,7 @@
#ifdef WITH_MHASH
#include <mhash.h>
-#define HASH_MHASH_COUNT 18
+#define HASH_MHASH_COUNT MHASH_WHIRLPOOL /* WHIRLPOOL == 22 on 2006-10-11 */
#define MHASH_RMD160 MHASH_RIPEMD160
#define MHASH_HAVAL MHASH_HAVAL256
#endif
@@ -59,6 +59,8 @@
#define HASH_TIGER160_LEN 20
#define HASH_MD4_LEN 16
#define HASH_SHA256_LEN 32
+#define HASH_SHA512_LEN 64
+#define HASH_WHIRLPOOL_LEN 64
#define HASH_ADLER32_LEN 4
#define HASH_CRC32B_LEN 4
#define HASH_CRC32_LEN 4
@@ -69,7 +71,8 @@
*/
#define HASH_USE_MHASH (DB_MD5|DB_SHA1|DB_RMD160|DB_TIGER|DB_CRC32|\
- DB_HAVAL|DB_GOST|DB_CRC32B)
+ DB_HAVAL|DB_GOST|DB_CRC32B|\
+ DB_SHA256|DB_SHA512|DB_WHIRLPOOL)
#define HASH_USE_LIBGCRYPT (0)
@@ -100,18 +103,20 @@ typedef struct md_container {
char tiger160[HASH_TIGER160_LEN];
char md4[HASH_MD4_LEN];
char sha256[HASH_SHA256_LEN];
+ char sha512[HASH_SHA512_LEN];
char adler32[HASH_ADLER32_LEN];
+ char whirlpool[HASH_WHIRLPOOL_LEN];
/*
Attr which are to be calculated.
*/
- int calc_attr;
+ DB_ATTR_TYPE calc_attr;
/*
Attr which are not (yet) to be calculated.
After init hold's hashes which are not calculated :)
*/
- int todo_attr;
+ DB_ATTR_TYPE todo_attr;
/*
Variables needed to cope with the library.
diff -rup aide-0.12-rc1-orig/include/symboltable.h aide-0.12-rc1/include/symboltable.h
--- aide-0.12-rc1-orig/include/symboltable.h 2003-01-16 05:37:34.000000000 -0500
+++ aide-0.12-rc1/include/symboltable.h 2006-10-11 02:22:57.000000000 -0400
@@ -26,7 +26,7 @@
typedef struct symba {
char* name;
char* value;
- int ival;
+ DB_ATTR_TYPE ival;
} symba;
diff -rup aide-0.12-rc1-orig/Makefile.in aide-0.12-rc1/Makefile.in
--- aide-0.12-rc1-orig/Makefile.in 2006-07-15 14:20:24.000000000 -0400
+++ aide-0.12-rc1/Makefile.in 2006-10-11 12:49:29.000000000 -0400
@@ -1,8 +1,8 @@
-# Makefile.in generated by automake 1.7.9 from Makefile.am.
+# Makefile.in generated by automake 1.9.6 from Makefile.am.
# @configure_input@
-# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003
-# Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -32,7 +32,6 @@
# the Free Software Foundation, 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
#
-
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
@@ -40,7 +39,6 @@ pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = .
-
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
INSTALL = @INSTALL@
install_sh_DATA = $(install_sh) -c -m 644
@@ -54,6 +52,42 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+subdir = .
+DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \
+ $(srcdir)/Makefile.in $(srcdir)/aide.spec.in \
+ $(srcdir)/config.h.in $(top_srcdir)/configure AUTHORS COPYING \
+ ChangeLog INSTALL NEWS depcomp install-sh missing \
+ mkinstalldirs ylwrap
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/version.m4 $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
+ configure.lineno configure.status.lineno
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = config.h
+CONFIG_CLEAN_FILES = aide.spec
+SOURCES =
+RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
+ html-recursive info-recursive install-data-recursive \
+ install-exec-recursive install-info-recursive \
+ install-recursive installcheck-recursive installdirs-recursive \
+ pdf-recursive ps-recursive uninstall-info-recursive \
+ uninstall-recursive
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+distdir = $(PACKAGE)-$(VERSION)
+top_distdir = $(distdir)
+am__remove_distdir = \
+ { test ! -d $(distdir) \
+ || { find $(distdir) -type d ! -perm -200 -exec chmod u+w {} ';' \
+ && rm -fr $(distdir); }; }
+DIST_ARCHIVES = $(distdir).tar.gz
+GZIP_ENV = --best
+distuninstallcheck_listfiles = find . -type f -print
+distcleancheck_listfiles = find . -type f -print
ACLLIB = @ACLLIB@
ACLOCAL = @ACLOCAL@
AIDE_USE_LOCALE = @AIDE_USE_LOCALE@
@@ -78,7 +112,6 @@ ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-GREP = @GREP@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
@@ -105,86 +138,76 @@ PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
PSQLLIB = @PSQLLIB@
RANLIB = @RANLIB@
+SELINUXLIB = @SELINUXLIB@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
-YFLAGS = @YFLAGS@
ac_ct_CC = @ac_ct_CC@
+ac_ct_RANLIB = @ac_ct_RANLIB@
+ac_ct_STRIP = @ac_ct_STRIP@
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
bindir = @bindir@
build_alias = @build_alias@
curlconfig = @curlconfig@
-
datadir = @datadir@
-datarootdir = @datarootdir@
-docdir = @docdir@
-dvidir = @dvidir@
exec_prefix = @exec_prefix@
host_alias = @host_alias@
-htmldir = @htmldir@
includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
libexecdir = @libexecdir@
-localedir = $(datadir)/locale
localstatedir = @localstatedir@
mandir = @mandir@
+mkdir_p = @mkdir_p@
oldincludedir = @oldincludedir@
-pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
-psdir = @psdir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
-
SUBDIRS = src doc
-
+localedir = $(datadir)/locale
CLEANFILES = *~
-
DIST_SOURCES = src/conf_lex.l src/db_lex.l
DIST_SUBDIRS = $(SUBDIRS)
EXTRA_DIST = Todo LICENSE-snprintf.txt README-snprintf
-subdir = .
-ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
-CONFIG_HEADER = config.h
-CONFIG_CLEAN_FILES = aide.spec
-
-RECURSIVE_TARGETS = info-recursive dvi-recursive pdf-recursive \
- ps-recursive install-info-recursive uninstall-info-recursive \
- all-recursive install-data-recursive install-exec-recursive \
- installdirs-recursive install-recursive uninstall-recursive \
- check-recursive installcheck-recursive
-DIST_COMMON = README $(srcdir)/Makefile.in $(srcdir)/configure AUTHORS \
- COPYING ChangeLog INSTALL Makefile.am NEWS acinclude.m4 \
- aclocal.m4 aide.spec.in config.h.in configure configure.in \
- depcomp install-sh missing mkinstalldirs ylwrap
all: config.h
$(MAKE) $(AM_MAKEFLAGS) all-recursive
.SUFFIXES:
-
-am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
- configure.lineno
-$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4)
+am--refresh:
+ @:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ echo ' cd $(srcdir) && $(AUTOMAKE) --gnu '; \
+ cd $(srcdir) && $(AUTOMAKE) --gnu \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu Makefile'; \
cd $(top_srcdir) && \
$(AUTOMAKE) --gnu Makefile
+.PRECIOUS: Makefile
-$(top_builddir)/config.status: $(srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
$(SHELL) ./config.status --recheck
-$(srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(srcdir)/configure.in $(ACLOCAL_M4) $(CONFIGURE_DEPENDENCIES)
- cd $(srcdir) && $(AUTOCONF)
-$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ configure.in acinclude.m4
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(srcdir) && $(AUTOCONF)
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
cd $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS)
config.h: stamp-h1
@@ -196,14 +219,14 @@ config.h: stamp-h1
stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status
@rm -f stamp-h1
cd $(top_builddir) && $(SHELL) ./config.status config.h
-
-$(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(top_srcdir)/configure.in $(ACLOCAL_M4)
+$(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
cd $(top_srcdir) && $(AUTOHEADER)
- touch $(srcdir)/config.h.in
+ rm -f stamp-h1
+ touch $@
distclean-hdr:
-rm -f config.h stamp-h1
-aide.spec: $(top_builddir)/config.status aide.spec.in
+aide.spec: $(top_builddir)/config.status $(srcdir)/aide.spec.in
cd $(top_builddir) && $(SHELL) ./config.status $@
uninstall-info-am:
@@ -214,7 +237,13 @@ uninstall-info-am:
# (which will cause the Makefiles to be regenerated when you run `make');
# (2) otherwise, pass the desired values on the `make' command line.
$(RECURSIVE_TARGETS):
- @set fnord $$MAKEFLAGS; amf=$$2; \
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
dot_seen=no; \
target=`echo $@ | sed s/-recursive//`; \
list='$(SUBDIRS)'; for subdir in $$list; do \
@@ -226,7 +255,7 @@ $(RECURSIVE_TARGETS):
local_target="$$target"; \
fi; \
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
- || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \
+ || eval $$failcom; \
done; \
if test "$$dot_seen" = "no"; then \
$(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
@@ -234,7 +263,13 @@ $(RECURSIVE_TARGETS):
mostlyclean-recursive clean-recursive distclean-recursive \
maintainer-clean-recursive:
- @set fnord $$MAKEFLAGS; amf=$$2; \
+ @failcom='exit 1'; \
+ for f in x $$MAKEFLAGS; do \
+ case $$f in \
+ *=* | --[!k]*);; \
+ *k*) failcom='fail=yes';; \
+ esac; \
+ done; \
dot_seen=no; \
case "$@" in \
distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
@@ -255,7 +290,7 @@ maintainer-clean-recursive:
local_target="$$target"; \
fi; \
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
- || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \
+ || eval $$failcom; \
done && test -z "$$fail"
tags-recursive:
list='$(SUBDIRS)'; for subdir in $$list; do \
@@ -266,14 +301,6 @@ ctags-recursive:
test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
done
-ETAGS = etags
-ETAGSFLAGS =
-
-CTAGS = ctags
-CTAGSFLAGS =
-
-tags: TAGS
-
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
@@ -282,19 +309,22 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
mkid -fID $$unique
+tags: TAGS
TAGS: tags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
- if (etags --etags-include --version) >/dev/null 2>&1; then \
+ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
include_option=--etags-include; \
+ empty_fix=.; \
else \
include_option=--include; \
+ empty_fix=; \
fi; \
list='$(SUBDIRS)'; for subdir in $$list; do \
if test "$$subdir" = .; then :; else \
- test -f $$subdir/TAGS && \
+ test ! -f $$subdir/TAGS || \
tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
fi; \
done; \
@@ -304,10 +334,11 @@ TAGS: tags-recursive $(HEADERS) $(SOURCE
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- test -z "$(ETAGS_ARGS)$$tags$$unique" \
- || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
- $$tags $$unique
-
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
ctags: CTAGS
CTAGS: ctags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
@@ -330,24 +361,11 @@ GTAGS:
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
-DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-
-top_distdir = .
-distdir = $(PACKAGE)-$(VERSION)
-
-am__remove_distdir = \
- { test ! -d $(distdir) \
- || { find $(distdir) -type d ! -perm -200 -exec chmod u+w {} ';' \
- && rm -fr $(distdir); }; }
-
-GZIP_ENV = --best
-distuninstallcheck_listfiles = find . -type f -print
-distcleancheck_listfiles = find . -type f -print
distdir: $(DISTFILES)
$(am__remove_distdir)
mkdir $(distdir)
- $(mkinstalldirs) $(distdir)/. $(distdir)/doc
+ $(mkdir_p) $(distdir)/. $(distdir)/doc
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
list='$(DISTFILES)'; for file in $$list; do \
@@ -359,7 +377,7 @@ distdir: $(DISTFILES)
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
dir="/$$dir"; \
- $(mkinstalldirs) "$(distdir)$$dir"; \
+ $(mkdir_p) "$(distdir)$$dir"; \
else \
dir=''; \
fi; \
@@ -376,13 +394,15 @@ distdir: $(DISTFILES)
done
list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
if test "$$subdir" = .; then :; else \
- test -d $(distdir)/$$subdir \
- || mkdir $(distdir)/$$subdir \
+ test -d "$(distdir)/$$subdir" \
+ || $(mkdir_p) "$(distdir)/$$subdir" \
|| exit 1; \
+ distdir=`$(am__cd) $(distdir) && pwd`; \
+ top_distdir=`$(am__cd) $(top_distdir) && pwd`; \
(cd $$subdir && \
$(MAKE) $(AM_MAKEFLAGS) \
- top_distdir="$(top_distdir)" \
- distdir=../$(distdir)/$$subdir \
+ top_distdir="$$top_distdir" \
+ distdir="$$distdir/$$subdir" \
distdir) \
|| exit 1; \
fi; \
@@ -396,19 +416,46 @@ distdir: $(DISTFILES)
! -type d ! -perm -444 -exec $(SHELL) $(install_sh) -c -m a+r {} {} \; \
|| chmod -R a+r $(distdir)
dist-gzip: distdir
- $(AMTAR) chof - $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
+ tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
+ $(am__remove_distdir)
+
+dist-bzip2: distdir
+ tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2
+ $(am__remove_distdir)
+
+dist-tarZ: distdir
+ tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z
+ $(am__remove_distdir)
+
+dist-shar: distdir
+ shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz
+ $(am__remove_distdir)
+
+dist-zip: distdir
+ -rm -f $(distdir).zip
+ zip -rq $(distdir).zip $(distdir)
$(am__remove_distdir)
dist dist-all: distdir
- $(AMTAR) chof - $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
+ tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
$(am__remove_distdir)
# This target untars the dist file and tries a VPATH configuration. Then
# it guarantees that the distribution is self-contained by making another
# tarfile.
distcheck: dist
- $(am__remove_distdir)
- GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(AMTAR) xf -
+ case '$(DIST_ARCHIVES)' in \
+ *.tar.gz*) \
+ GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(am__untar) ;;\
+ *.tar.bz2*) \
+ bunzip2 -c $(distdir).tar.bz2 | $(am__untar) ;;\
+ *.tar.Z*) \
+ uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
+ *.shar.gz*) \
+ GZIP=$(GZIP_ENV) gunzip -c $(distdir).shar.gz | unshar ;;\
+ *.zip*) \
+ unzip $(distdir).zip ;;\
+ esac
chmod -R a-w $(distdir); chmod a+w $(distdir)
mkdir $(distdir)/_build
mkdir $(distdir)/_inst
@@ -428,19 +475,20 @@ distcheck: dist
distuninstallcheck \
&& chmod -R a-w "$$dc_install_base" \
&& ({ \
- (cd ../.. && $(mkinstalldirs) "$$dc_destdir") \
+ (cd ../.. && umask 077 && mkdir "$$dc_destdir") \
&& $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \
&& $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \
&& $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \
distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \
} || { rm -rf "$$dc_destdir"; exit 1; }) \
&& rm -rf "$$dc_destdir" \
- && $(MAKE) $(AM_MAKEFLAGS) dist-gzip \
- && rm -f $(distdir).tar.gz \
+ && $(MAKE) $(AM_MAKEFLAGS) dist \
+ && rm -rf $(DIST_ARCHIVES) \
&& $(MAKE) $(AM_MAKEFLAGS) distcleancheck
$(am__remove_distdir)
- @echo "$(distdir).tar.gz is ready for distribution" | \
- sed 'h;s/./=/g;p;x;p;x'
+ @(echo "$(distdir) archives ready for distribution: "; \
+ list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \
+ sed -e '1{h;s/./=/g;p;x;}' -e '$${p;x;}'
distuninstallcheck:
@cd $(distuninstallcheck_dir) \
&& test `$(distuninstallcheck_listfiles) | wc -l` -le 1 \
@@ -464,7 +512,6 @@ check: check-recursive
all-am: Makefile config.h
installdirs: installdirs-recursive
installdirs-am:
-
install: install-recursive
install-exec: install-exec-recursive
install-data: install-data-recursive
@@ -485,7 +532,7 @@ clean-generic:
-test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
distclean-generic:
- -rm -f $(CONFIG_CLEAN_FILES)
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@@ -503,6 +550,8 @@ dvi: dvi-recursive
dvi-am:
+html: html-recursive
+
info: info-recursive
info-am:
@@ -539,22 +588,20 @@ uninstall-am: uninstall-info-am
uninstall-info: uninstall-info-recursive
-.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am check check-am clean \
- clean-generic clean-recursive ctags ctags-recursive dist \
- dist-all dist-gzip distcheck distclean distclean-generic \
- distclean-hdr distclean-recursive distclean-tags distcleancheck \
- distdir distuninstallcheck dvi dvi-am dvi-recursive info \
- info-am info-recursive install install-am install-data \
- install-data-am install-data-recursive install-exec \
- install-exec-am install-exec-recursive install-info \
- install-info-am install-info-recursive install-man \
- install-recursive install-strip installcheck installcheck-am \
- installdirs installdirs-am installdirs-recursive \
+.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am am--refresh check \
+ check-am clean clean-generic clean-recursive ctags \
+ ctags-recursive dist dist-all dist-bzip2 dist-gzip dist-hook \
+ dist-shar dist-tarZ dist-zip distcheck distclean \
+ distclean-generic distclean-hdr distclean-recursive \
+ distclean-tags distcleancheck distdir distuninstallcheck dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-exec install-exec-am \
+ install-info install-info-am install-man install-strip \
+ installcheck installcheck-am installdirs installdirs-am \
maintainer-clean maintainer-clean-generic \
maintainer-clean-recursive mostlyclean mostlyclean-generic \
- mostlyclean-recursive pdf pdf-am pdf-recursive ps ps-am \
- ps-recursive tags tags-recursive uninstall uninstall-am \
- uninstall-info-am uninstall-info-recursive uninstall-recursive
+ mostlyclean-recursive pdf pdf-am ps ps-am tags tags-recursive \
+ uninstall uninstall-am uninstall-info-am
check: update-db
diff -rup aide-0.12-rc1-orig/src/aide.c aide-0.12-rc1/src/aide.c
--- aide-0.12-rc1-orig/src/aide.c 2006-03-29 10:11:57.000000000 -0500
+++ aide-0.12-rc1/src/aide.c 2006-10-11 13:11:46.000000000 -0400
@@ -109,7 +109,7 @@ int read_param(int argc,char**argv)
{ "update", no_argument, NULL, 'u'},
{ "config-check", no_argument, NULL, 'D'},
{ "compare", no_argument, NULL, 'E'},
- { NULL }
+ { NULL,0,NULL,0 }
};
while(1){
@@ -340,9 +340,14 @@ void setdefaults_before_config()
do_groupdef("tiger",DB_TIGER);
do_groupdef("sha1",DB_SHA1);
do_groupdef("rmd160",DB_RMD160);
-#ifdef WITH_ACL
+ do_groupdef("sha256",DB_SHA256);
+ do_groupdef("sha512",DB_SHA512);
+ do_groupdef("whirlpool",DB_WHIRLPOOL);
do_groupdef("acl",DB_ACL);
-#endif
+
+ do_groupdef("xattrs",DB_XATTRS);
+ do_groupdef("selinux",DB_SELINUX);
+
#ifdef WITH_MHASH
do_groupdef("crc32",DB_CRC32);
/*
@@ -354,9 +359,9 @@ void setdefaults_before_config()
#endif
do_groupdef("R",DB_PERM|DB_INODE|DB_LNKCOUNT|DB_UID|DB_GID|DB_SIZE|
- DB_MTIME|DB_CTIME|DB_MD5);
- do_groupdef("L",DB_PERM|DB_INODE|DB_LNKCOUNT|DB_UID|DB_GID);
- do_groupdef(">",DB_PERM|DB_INODE|DB_LNKCOUNT|DB_UID|DB_GID|DB_SIZEG);
+ DB_MTIME|DB_CTIME|DB_MD5|DB_XATTRS|DB_SELINUX|DB_ACL);
+ do_groupdef("L",DB_PERM|DB_INODE|DB_LNKCOUNT|DB_UID|DB_GID|DB_XATTRS|DB_SELINUX|DB_ACL);
+ do_groupdef(">",DB_PERM|DB_INODE|DB_LNKCOUNT|DB_UID|DB_GID|DB_SIZEG|DB_XATTRS|DB_SELINUX|DB_ACL);
do_groupdef("E",0);
diff -rup aide-0.12-rc1-orig/src/base64.c aide-0.12-rc1/src/base64.c
--- aide-0.12-rc1-orig/src/base64.c 2005-12-19 05:52:21.000000000 -0500
+++ aide-0.12-rc1/src/base64.c 2006-10-10 02:12:18.000000000 -0400
@@ -174,7 +174,7 @@ char* encode_base64(byte* src,size_t ssi
}
/* FIXME Possible buffer overflow on outputs larger than B64_BUF */
-byte* decode_base64(char* src,size_t ssize)
+byte* decode_base64(char* src,size_t ssize, size_t *ret_len)
{
byte* outbuf;
byte* retbuf;
@@ -252,6 +252,8 @@ byte* decode_base64(char* src,size_t ssi
free(outbuf);
+ if (ret_len) *ret_len = pos;
+
return retbuf;
}
diff -rup aide-0.12-rc1-orig/src/commandconf.c aide-0.12-rc1/src/commandconf.c
--- aide-0.12-rc1-orig/src/commandconf.c 2006-03-29 08:27:50.000000000 -0500
+++ aide-0.12-rc1/src/commandconf.c 2006-10-11 13:29:11.000000000 -0400
@@ -403,7 +403,7 @@ int check_dboo(DB_FIELD a){
return check_db_order(conf->db_out_order,conf->db_out_size,a);
}
-void update_db_out_order(int attr)
+void update_db_out_order(DB_ATTR_TYPE attr)
{
/* First we add those attributes that must be there */
if (check_dboo(db_linkname)==RETOK) {
@@ -472,14 +472,29 @@ void update_db_out_order(int attr)
if((attr&DB_CRC32B) && (check_dboo(db_crc32b)!=RETFAIL)){
conf->db_out_order[conf->db_out_size++]=db_crc32b;
}
+ if((attr&DB_WHIRLPOOL) && (check_dboo(db_whirlpool)!=RETFAIL)){
+ conf->db_out_order[conf->db_out_size++]=db_whirlpool;
+ }
/*
#endif
*/
+ if((attr&DB_SHA256) && (check_dboo(db_sha256)!=RETFAIL)){
+ conf->db_out_order[conf->db_out_size++]=db_sha256;
+ }
+ if((attr&DB_SHA512) && (check_dboo(db_sha512)!=RETFAIL)){
+ conf->db_out_order[conf->db_out_size++]=db_sha512;
+ }
#ifdef WITH_ACL
if((attr&DB_ACL) && (check_dboo(db_acl)!=RETFAIL)){
conf->db_out_order[conf->db_out_size++]=db_acl;
}
#endif
+ if((attr&DB_XATTRS) && (check_dboo(db_xattrs)!=RETFAIL)){
+ conf->db_out_order[conf->db_out_size++]=db_xattrs;
+ }
+ if((attr&DB_SELINUX) && (check_dboo(db_selinux)!=RETFAIL)){
+ conf->db_out_order[conf->db_out_size++]=db_selinux;
+ }
if((attr&DB_CHECKMASK) && (check_dboo(db_checkmask)!=RETFAIL)){
conf->db_out_order[conf->db_out_size++]=db_checkmask;
}
@@ -681,7 +696,7 @@ int do_ifxhost(int mode,char* name)
return (handle_endif(doit,1));
}
-list* append_rxlist(char* rx,int attr,list* rxlst)
+list* append_rxlist(char* rx,DB_ATTR_TYPE attr,list* rxlst)
{
extern long conf_lineno; /* defined & set in conf_lex.l */
@@ -698,7 +713,7 @@ list* append_rxlist(char* rx,int attr,li
return rxlst;
}
-void do_groupdef(char* group,int value)
+void do_groupdef(char* group,DB_ATTR_TYPE value)
{
list* r=NULL;
symba* s=NULL;
@@ -714,9 +729,10 @@ void do_groupdef(char* group,int value)
conf->groupsyms=list_append(conf->groupsyms,(void*)s);
}
-int get_groupval(char* group)
+DB_ATTR_TYPE get_groupval(char* group)
{
list* r=NULL;
+
if((r=list_find(group,conf->groupsyms))){
return (((symba*)r->data)->ival);
}
@@ -888,7 +904,7 @@ void* get_conf_key() {
strcat(m,aide_key_8);
strcat(m,aide_key_9);
- r=decode_base64(m,strlen(m));
+ r=decode_base64(m,strlen(m),NULL);
memset(m,0,strlen(m));
free(m);
@@ -950,7 +966,7 @@ void* get_db_key() {
strcat(m,db_key_8);
strcat(m,db_key_9);
- r=decode_base64(m,strlen(m));
+ r=decode_base64(m,strlen(m),NULL);
memset(m,0,strlen(m));
free(m);
diff -rup aide-0.12-rc1-orig/src/compare_db.c aide-0.12-rc1/src/compare_db.c
--- aide-0.12-rc1-orig/src/compare_db.c 2006-07-15 12:46:40.000000000 -0400
+++ aide-0.12-rc1/src/compare_db.c 2006-10-11 13:32:35.000000000 -0400
@@ -23,6 +23,7 @@
#include <string.h>
#include <time.h>
#include <sys/stat.h>
+#include <math.h>
#include "base64.h"
#include "report.h"
@@ -45,11 +46,11 @@
const int old_col = 12;
const int new_col = 40;
-const int part_len = 40; /* usable length of line[] */
-char oline[40];
-char nline[40];
-const char* entry_format= " %-9s: %-34s, %-34s\n";
-const char* entry_format_justnew=" %-9s: %-34c %-34s\n";
+const int part_len = 33; /* usable length of line[] */
+char oline[33];
+char nline[33];
+const char* entry_format= " %-9s: %-33s, %s\n";
+const char* entry_format_justnew=" %-9s: %-33c %s\n";
/*************/
static int get_ignorelist() {
@@ -99,8 +100,34 @@ list* find_line_match(db_line* line,list
return NULL;
}
-#ifdef WITH_ACL
-int compare_single_acl(aclent_t* a1,aclent_t* a2) {
+#ifdef WITH_POSIX_ACL
+int compare_acl(acl_type* a1,acl_type* a2)
+{
+ if (a1==NULL && a2==NULL) {
+ return RETOK;
+ }
+ if (a1==NULL || a2==NULL) {
+ return RETFAIL;
+ }
+
+ if (!a1->acl_a != !a2->acl_a) {
+ return RETFAIL;
+ }
+ if (!a1->acl_d != !a2->acl_d) {
+ return RETFAIL;
+ }
+
+ if (a1->acl_a && strcmp(a1->acl_a, a2->acl_a))
+ return RETFAIL;
+ if (a1->acl_d && strcmp(a1->acl_d, a2->acl_d))
+ return RETFAIL;
+
+ return RETOK;
+}
+#endif
+
+#ifdef WITH_SUN_ACL
+static int compare_single_acl(aclent_t* a1,aclent_t* a2) {
if (a1->a_type!=a2->a_type ||
a1->a_id!=a2->a_id ||
a1->a_perm!=a2->a_perm) {
@@ -134,13 +161,73 @@ int compare_acl(acl_type* a1,acl_type* a
}
#endif
+static int cmp_xattr_node(const void *c1, const void *c2)
+{
+ const xattr_node *x1 = c1;
+ const xattr_node *x2 = c2;
+
+ return (strcmp(x1->key, x2->key));
+}
+
+int compare_xattrs(xattrs_type* x1,xattrs_type* x2)
+{
+ size_t num = 0;
+
+ if (x1 && (x1->num == 0)) x1 = NULL;
+ if (x2 && (x2->num == 0)) x2 = NULL;
+
+ if (x1==NULL && x2==NULL) {
+ return RETOK;
+ }
+ if (x1==NULL || x2==NULL) {
+ return RETFAIL;
+ }
+
+ if (x1->num != x2->num) {
+ return RETFAIL;
+ }
+
+ qsort(x1->ents, x1->num, sizeof(xattr_node), cmp_xattr_node);
+ qsort(x2->ents, x2->num, sizeof(xattr_node), cmp_xattr_node);
+
+ while (num++ < x1->num)
+ {
+ const char *x1key = NULL;
+ const byte *x1val = NULL;
+ size_t x1vsz = 0;
+ const char *x2key = NULL;
+ const byte *x2val = NULL;
+ size_t x2vsz = 0;
+
+ x1key = x1->ents[num - 1].key;
+ x1val = x1->ents[num - 1].val;
+ x1vsz = x1->ents[num - 1].vsz;
+
+ x2key = x2->ents[num - 1].key;
+ x2val = x2->ents[num - 1].val;
+ x2vsz = x2->ents[num - 1].vsz;
+
+ if (strcmp(x1key, x2key) ||
+ x1vsz != x2vsz ||
+ memcmp(x1val, x2val, x1vsz))
+ return RETFAIL;
+ }
+
+ return RETOK;
+}
+
+static int bytecmp(byte *b1, byte *b2, size_t len)
+{
+ return strncmp((char *)b1, (char *)b2, len);
+}
+
int compare_md_entries(byte* e1,byte* e2,int len)
{
error(255,"Debug, compare_md_entries %p %p\n",e1,e2);
if(e1!=NULL && e2!=NULL){
- if(strncmp(e1,e2,len)!=0){
+ if(bytecmp(e1,e2,len)!=0){
return RETFAIL;
}else{
return RETOK;
@@ -156,6 +243,21 @@ int compare_md_entries(byte* e1,byte* e2
return RETFAIL;
}
+static int compare_str(const char *s1, const char *s2)
+{
+ if(s1==NULL){
+ if(s2!=NULL){
+ return RETFAIL;
+ }
+ }else if(s2==NULL){
+ return RETFAIL;
+ }else if (strcmp(s1,s2)!=0){
+ return RETFAIL;
+ }
+
+ return RETOK;
+}
+
/*
We assume
@@ -165,7 +267,7 @@ int compare_md_entries(byte* e1,byte* e2
- ignorelist kertoo mitä ei saa vertailla
*/
-int compare_dbline(db_line* l1,db_line* l2,int ignorelist)
+int compare_dbline(db_line* l1,db_line* l2,DB_ATTR_TYPE ignorelist)
{
#define easy_compare(a,b) \
@@ -184,20 +286,11 @@ int compare_dbline(db_line* l1,db_line*
}
- int ret=0;
+ DB_ATTR_TYPE ret=0;
if (!(DB_LINKNAME&ignorelist)) {
- if(l1->linkname==NULL){
- if(l2->linkname!=NULL){
- ret|=DB_LINKNAME;
- //return RETFAIL;
- }
- }else if(l2->linkname==NULL){
- ret|=DB_LINKNAME;
- //return RETFAIL;
- }else if(strcmp(l1->linkname,l2->linkname)!=0){
+ if(compare_str(l1->linkname, l2->linkname)){
ret|=DB_LINKNAME;
- //return RETFAIL;
}
}
@@ -238,17 +331,22 @@ int compare_dbline(db_line* l1,db_line*
easy_md_compare(DB_MD5,md5,HASH_MD5_LEN);
- error(255,"Debug, %s, %p %p %i %i\n",l1->filename,l1->md5,l2->md5,ret&DB_MD5,ignorelist);
+ error(255,"Debug, %s, %p %p %llx %llx\n",
+ l1->filename,l1->md5,l2->md5,ret&DB_MD5,ignorelist);
easy_md_compare(DB_SHA1,sha1,HASH_SHA1_LEN);
easy_md_compare(DB_RMD160,rmd160,HASH_RMD160_LEN);
easy_md_compare(DB_TIGER,tiger,HASH_TIGER_LEN);
+ easy_md_compare(DB_SHA256,sha256,HASH_SHA256_LEN);
+ easy_md_compare(DB_SHA512,sha512,HASH_SHA512_LEN);
+
#ifdef WITH_MHASH
easy_md_compare(DB_CRC32,crc32,HASH_CRC32_LEN);
easy_md_compare(DB_HAVAL,haval,HASH_HAVAL256_LEN);
easy_md_compare(DB_GOST,gost,HASH_GOST_LEN);
easy_md_compare(DB_CRC32B,crc32b,HASH_CRC32B_LEN);
+ easy_md_compare(DB_WHIRLPOOL,whirlpool,HASH_WHIRLPOOL_LEN);
#endif
#ifdef WITH_ACL
@@ -258,10 +356,20 @@ int compare_dbline(db_line* l1,db_line*
}
}
#endif
+ if (!(DB_XATTRS&ignorelist)) {
+ if(compare_xattrs(l1->xattrs,l2->xattrs)) {
+ ret|=DB_XATTRS;
+ }
+ }
+ if (!(DB_SELINUX&ignorelist)) {
+ if(compare_str(l1->cntx,l2->cntx)) {
+ ret|=DB_SELINUX;
+ }
+ }
return ret;
}
-void print_lname_changes(char*old,char*new)
+void print_str_changes(char*old,char*new,const char *name)
{
int ok = 0;
@@ -281,46 +389,120 @@ void print_lname_changes(char*old,char*n
ok = 1;
}
if(ok)
- error(2,(char*)entry_format,"Lname",oline,nline);
+ error(2,(char*)entry_format,name,oline,nline);
return;
}
#ifdef WITH_ACL
-void print_single_acl(acl_type* acl){
- char* aclt;
-
+void print_single_acl(acl_type* acl)
+{
if (acl==NULL) {
- error(2,"<NULL>");
+ error(2,"<NULL>\n");
} else {
-
+#ifdef WITH_POSIX_ACL
+ if (!acl->acl_a)
+ error(2,"A:<NONE>\n ");
+ else
+ error(2,"A:\n----\n%s----\n ",acl->acl_a);
+ if (!acl->acl_d)
+ error(2,"D:<NONE>\n");
+ else
+ error(2,"D:\n----\n%s----\n",acl->acl_d);
+#endif
+#ifdef WITH_SUN_ACL
aclt=acltotext(acl->acl,acl->entries);
if (aclt==NULL) {
- error(2,"ERROR");
+ error(2,"ERROR\n");
} else {
- error(2,"%s ,",aclt);
+ error(2,"%s ,\n",aclt);
free(aclt);
}
+#endif
}
}
void print_acl_changes(acl_type* old,acl_type* new) {
if (compare_acl(old,new)==RETFAIL) {
- error(2,"Acl: old = ");
+ error(2,"ACL: old = ");
print_single_acl(old);
- error(2,"\n new = ");
+ error(2," new = ");
print_single_acl(new);
}
-
}
#endif
+static size_t xstrnspn(const char *s1, size_t len, const char *srch)
+{
+ const char *os1 = s1;
+
+ while (len-- && strchr(srch, *s1))
+ ++s1;
+
+ return (s1 - os1);
+}
+
+#define PRINTABLE_XATTR_VALS \
+ "0123456789" \
+ "abcdefghijklmnopqrstuvwxyz" \
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \
+ ".-_:;,[]{}<>()!@#$%^&*|\\/?~"
+
+void print_single_xattrs(xattrs_type* xattrs)
+{
+ if (xattrs==NULL) {
+ error(2,"num=0\n");
+ } else {
+ size_t num = 0;
+ int width = 0;
+
+ error(2,"num=%d\n", xattrs->num);
+
+ width = log10(xattrs->num); /* make them the same width */
+
+ while (num++ < xattrs->num)
+ {
+ char *val = NULL;
+ size_t len = 0;
+
+ val = (char *)xattrs->ents[num - 1].val;
+
+ len = xstrnspn(val, xattrs->ents[num - 1].vsz, PRINTABLE_XATTR_VALS);
+
+ if ((len == xattrs->ents[num - 1].vsz) ||
+ ((len == (xattrs->ents[num - 1].vsz - 1)) && !val[len]))
+ error(2," [%.*zd] %s = %s\n", width, num,
+ xattrs->ents[num - 1].key, val);
+ else
+ {
+ val = encode_base64(xattrs->ents[num - 1].val,
+ xattrs->ents[num - 1].vsz);
+ error(2," [%.*zd] %s <=> %s\n", width, num,
+ xattrs->ents[num - 1].key, val);
+ free(val);
+ }
+
+ }
+ }
+}
+
+void print_xattrs_changes(xattrs_type* old,xattrs_type* new) {
+
+ if (compare_xattrs(old,new)==RETFAIL) {
+ error(2,"XAttrs: old = ");
+ print_single_xattrs(old);
+ error(2," new = ");
+ print_single_xattrs(new);
+ }
+
+}
+
void print_md_changes(byte*old,byte*new,int len,char* name)
{
int ok = 0;
if(old!=NULL && new!=NULL){
- if(strncmp(old,new,len)!=0){
+ if(bytecmp(old,new,len)!=0){
snprintf(oline,part_len,"%s",encode_base64(old,len));
snprintf(nline,part_len,"%s",encode_base64(new,len));
ok = 1;
@@ -330,14 +512,14 @@ void print_md_changes(byte*old,byte*new,
return;
}
if(old==NULL){
- snprintf(oline,part_len,"NA");
+ snprintf(oline,part_len,"<NONE>");
} else {
snprintf(oline,part_len,"%s",encode_base64(old,len));
ok = 1;
}
/* OLD one */
if(new==NULL){
- snprintf(nline,part_len,"NA");
+ snprintf(nline,part_len,"<NONE>");
}else {
snprintf(nline,part_len,"%s",encode_base64(new,len));
ok = 1;
@@ -371,19 +553,19 @@ void print_time_changes(const char* name
nt = localtime(&(new_time));
if (!justnew) {
if( is_time_null(ot) ) {
- snprintf(oline,part_len,"NA");
+ snprintf(oline,part_len,"<NONE>");
} else {
snprintf(oline,part_len,
- "%0.4u-%0.2u-%0.2u %0.2u:%0.2u:%0.2u",
+ "%.4u-%.2u-%.2u %.2u:%.2u:%.2u",
ot->tm_year+1900, ot->tm_mon+1, ot->tm_mday,
ot->tm_hour, ot->tm_min, ot->tm_sec);
}
}
if( is_time_null(nt) ) {
- snprintf(nline,part_len,"NA");
+ snprintf(nline,part_len,"<NONE>");
} else {
snprintf(nline,part_len,
- "%0.4u-%0.2u-%0.2u %0.2u:%0.2u:%0.2u",
+ "%.4u-%.2u-%.2u %.2u:%.2u:%.2u",
nt->tm_year+1900, nt->tm_mon+1, nt->tm_mday,
nt->tm_hour, nt->tm_min, nt->tm_sec);
}
@@ -440,7 +622,8 @@ void print_string_changes(const char* na
}
-void print_dbline_changes(db_line* old,db_line* new,int ignorelist,int forced_attrs)
+void print_dbline_changes(db_line* old,db_line* new,
+ DB_ATTR_TYPE ignorelist,DB_ATTR_TYPE forced_attrs)
{
char* tmp=NULL;
char* tmp2=NULL;
@@ -457,7 +640,7 @@ void print_dbline_changes(db_line* old,d
}
if(!(DB_LINKNAME&ignorelist)){
- print_lname_changes(old->linkname,new->linkname);
+ print_str_changes(old->linkname,new->linkname, "Lname");
}
if (!(DB_SIZE&ignorelist)) {
if(old->size!=new->size||(DB_SIZE&forced_attrs)){
@@ -547,6 +730,18 @@ void print_dbline_changes(db_line* old,d
"TIGER");
}
+ if (!(DB_SHA256&ignorelist)) {
+ print_md_changes(old->sha256,new->sha256,
+ HASH_SHA256_LEN,
+ "SHA256");
+ }
+
+ if (!(DB_SHA512&ignorelist)) {
+ print_md_changes(old->sha512,new->sha512,
+ HASH_SHA512_LEN,
+ "SHA512");
+ }
+
#ifdef WITH_MHASH
if (!(DB_CRC32&ignorelist)) {
print_md_changes(old->crc32,new->crc32,
@@ -571,6 +766,12 @@ void print_dbline_changes(db_line* old,d
HASH_CRC32B_LEN,
"CRC32B");
}
+
+ if (!(DB_WHIRLPOOL&ignorelist)) {
+ print_md_changes(old->whirlpool,new->whirlpool,
+ HASH_WHIRLPOOL_LEN,
+ "WHIRLPOOL");
+ }
#endif
#ifdef WITH_ACL
@@ -578,6 +779,12 @@ void print_dbline_changes(db_line* old,d
print_acl_changes(old->acl,new->acl);
}
#endif
+ if (!(DB_XATTRS&ignorelist)) {
+ print_xattrs_changes(old->xattrs,new->xattrs);
+ }
+ if (!(DB_SELINUX&ignorelist)) {
+ print_str_changes(old->cntx,new->cntx, "SELinux");
+ }
return;
}
@@ -653,7 +860,7 @@ void print_report_header(int nfil,int na
if(conf->config_version)
error(2,_("Config version used: %s\n"),conf->config_version);
- error(2,_("Start timestamp: %0.4u-%0.2u-%0.2u %0.2u:%0.2u:%0.2u\n"),
+ error(2,_("Start timestamp: %.4u-%.2u-%.2u %.2u:%.2u:%.2u\n"),
st->tm_year+1900, st->tm_mon+1, st->tm_mday,
st->tm_hour, st->tm_min, st->tm_sec);
error(0,_("\nSummary:\n Total number of files:\t%i\n Added files:\t\t\t%i\n"
@@ -663,7 +870,7 @@ void print_report_header(int nfil,int na
void print_report_footer(struct tm* st)
{
- error(2,_("\nEnd timestamp: %0.4u-%0.2u-%0.2u %0.2u:%0.2u:%0.2u\n"),
+ error(2,_("\nEnd timestamp: %.4u-%.2u-%.2u %.2u:%.2u:%.2u\n"),
st->tm_year+1900, st->tm_mon+1, st->tm_mday,
st->tm_hour, st->tm_min, st->tm_sec);
}
@@ -682,11 +889,11 @@ void compare_db(list* new,db_config* con
long nadd=0;
long nfil=0;
long filesindir=0;
- int tempignore=0;
+ DB_ATTR_TYPE tempignore=0;
int initdbwarningprinted=0;
- int ignorelist;
- int forced_attrs;
+ DB_ATTR_TYPE ignorelist;
+ DB_ATTR_TYPE forced_attrs;
error(200,_("compare_db()\n"));
@@ -708,7 +915,7 @@ void compare_db(list* new,db_config* con
forced_attrs=get_report_attributes();
- if (forced_attrs==-1) {
+ if (forced_attrs==DB_ATTR_UNDEF) {
forced_attrs=0;
}
@@ -734,7 +941,8 @@ void compare_db(list* new,db_config* con
int localignorelist=old->attr ^ ((db_line*)r->data)->attr;
if ((localignorelist&(~(DB_NEWFILE|DB_RMFILE)))!=0) {
- error(2,"File %s in databases has different attributes, %i,%i\n",old->filename,old->attr,((db_line*)r->data)->attr);
+ error(2,"File %s in databases has different attributes, %llx,%llx\n",
+ old->filename,old->attr,((db_line*)r->data)->attr);
}
localignorelist|=ignorelist;
@@ -828,7 +1036,7 @@ void compare_db(list* new,db_config* con
error(2,_("Detailed information about changes:\n"));
error(2,_("---------------------------------------------------\n\n"));
for(r=changedold,l=changednew;r;r=r->next,l=l->next){
- int localignorelist=((db_line*)l->data)->attr^((db_line*)r->data)->attr;
+ DB_ATTR_TYPE localignorelist=((db_line*)l->data)->attr^((db_line*)r->data)->attr;
localignorelist|=ignorelist;
print_dbline_changes((db_line*)r->data,
(db_line*)l->data,localignorelist,forced_attrs);
diff -rup aide-0.12-rc1-orig/src/conf_yacc.y aide-0.12-rc1/src/conf_yacc.y
--- aide-0.12-rc1-orig/src/conf_yacc.y 2006-07-15 12:02:45.000000000 -0400
+++ aide-0.12-rc1/src/conf_yacc.y 2006-10-11 13:11:30.000000000 -0400
@@ -31,7 +31,7 @@
#include "symboltable.h"
#include "commandconf.h"
-int retval=0;
+DB_ATTR_TYPE retval=0;
extern int conflex();
void conferror(const char*);
@@ -42,7 +42,7 @@ extern long conf_lineno;
%}
%union {
char* s;
- int i;
+ DB_ATTR_TYPE i;
}
@@ -102,6 +102,9 @@ extern long conf_lineno;
%token <i> TATIME
%token <i> TCTIME
%token <i> TMTIME
+%token <i> TACL
+%token <i> TXATTRS
+%token <i> TSELINUX
/* hash funktions */
@@ -111,6 +114,9 @@ extern long conf_lineno;
%token <i> TMD2
%token <i> TMD4
%token <i> TMD5
+%token <i> TSHA256
+%token <i> TSHA512
+%token <i> TWHIRLPOOL
/* predefs */
@@ -184,7 +190,7 @@ expr : expr '+' expr { $$ =$1 | $3 ; }
primary : hash { $$ =$1 ; } |
other { $$ =$1 ; } |
- TSTRING { if((retval=get_groupval($1))>=0) {
+ TSTRING { if((retval=get_groupval($1)) != DB_ATTR_UNDEF) {
$$=retval;
}
else {
@@ -199,10 +205,12 @@ other : TRIGHTS { $$ =$1 ;} | TUSER {$$
| TLINKCOUNT {$$ =$1 ;} | TSIZE {$$ =$1 ;}
| TGROWINGSIZE {$$ =$1 ;} | TATIME {$$ =$1 ;}
| TCTIME {$$ =$1 ;} | TMTIME {$$ =$1 ;} | TL {$$ = $1;}
- | TR {$$ = $1;} ;
+ | TR {$$ = $1;} | TACL {$$ =$1 ;} | TXATTRS {$$ =$1 ;}
+ | TSELINUX {$$ =$1 ;};
hash : TTIGER { $$ =$1 ;} | TSHA1 { $$ =$1 ;} | TRMD160 { $$ =$1 ;}
- | TMD5 {$$ =$1 ;} ;
+ | TMD5 {$$ =$1 ;} | TSHA256 { $$ =$1 ;} | TSHA512 { $$ =$1 ;}
+ | TWHIRLPOOL { $$ =$1 ;};
definestmt : TDEFINE TSTRING TSTRING { do_define($2,$3); };
@@ -252,8 +260,10 @@ verbose : TVERBOSE TSTRING { do_verbdef(
report : TREPORT_URL TSTRING { do_repurldef($2); } ;
beginconfigstmt : TBEGIN_CONFIG TSTRING {
+#ifdef WITH_MHASH
conf->do_configmd=1;
conf->old_confmdstr=strdup($2);
+#endif
} ;
endconfigstmt : TEND_CONFIG {
diff -rup aide-0.12-rc1-orig/src/db.c aide-0.12-rc1/src/db.c
--- aide-0.12-rc1-orig/src/db.c 2006-03-29 02:58:19.000000000 -0500
+++ aide-0.12-rc1/src/db.c 2006-10-11 13:18:25.000000000 -0400
@@ -197,14 +197,41 @@ db_line* db_readline(int db){
}
-byte* base64tobyte(char* src,int len)
+byte* base64tobyte(char* src,int len,size_t *ret_len)
{
if(strcmp(src,"0")!=0){
- return decode_base64(src,len);
+ return decode_base64(src,len,ret_len);
}
return NULL;
}
+static char *db_readchar(char *s)
+{
+ if (s == NULL)
+ return (NULL);
+
+ if (s[0] == '0')
+ {
+ if (s[1] == '\0')
+ return (NULL);
+
+ if (s[1] == '-')
+ return (strdup(""));
+
+ if (s[1] == '0')
+ {
+ memmove(s, s+1, strlen(s+1)+1);
+ // Hope this removes core
+ // dumping in some environments. Has something to do with
+ // memory (de)allocation.
+ }
+ }
+
+ decode_string(s);
+
+ return strdup(s);
+}
+
db_line* db_char2line(char** ss,int db){
int i;
@@ -241,10 +268,10 @@ db_line* db_char2line(char** ss,int db){
line->crc32b=NULL;
line->haval=NULL;
line->gost=NULL;
+ line->whirlpool=NULL;
#endif
-#ifdef WITH_ACL
- line->acl=0;
-#endif
+ line->sha256=NULL;
+ line->sha512=NULL;
line->perm=0;
line->uid=0;
line->gid=0;
@@ -257,6 +284,9 @@ db_line* db_char2line(char** ss,int db){
line->size=0;
line->filename=NULL;
line->linkname=NULL;
+ line->acl=NULL;
+ line->xattrs=NULL;
+ line->cntx=NULL;
line->attr=conf->attr; /* attributes from @@dbspec */
@@ -273,28 +303,7 @@ db_line* db_char2line(char** ss,int db){
break;
}
case db_linkname : {
- char *s = ss[(*db_order)[i]];
- if(ss[(*db_order)[i]]!=NULL){
- if(ss[(*db_order)[i]][0]=='0'){
- if(ss[(*db_order)[i]][1]=='\0'){
- line->linkname=NULL;
- break;
- }else if(ss[(*db_order)[i]][1]=='-'){
- line->linkname=strdup("");
- break;
- }else if(ss[(*db_order)[i]][1]=='0'){
- memmove(s,s+1,strlen(s+1)+1);
- // Hope this removes core
- // dumping in some environments. Has something to do with
- // memory (de)allocation.
- }
- }
- decode_string(s);
- line->linkname=strdup(s);
- } else {
- error(0,_("db_char2line():Error while reading database\n"));
- abort();
- }
+ line->linkname = db_readchar(ss[(*db_order)[i]]);
break;
}
case db_mtime : {
@@ -332,47 +341,62 @@ db_line* db_char2line(char** ss,int db){
}
case db_md5 : {
line->md5=base64tobyte(ss[(*db_order)[i]],
- strlen(ss[(*db_order)[i]]));
+ strlen(ss[(*db_order)[i]]), NULL);
break;
}
case db_sha1 : {
line->sha1=base64tobyte(ss[(*db_order)[i]],
- strlen(ss[(*db_order)[i]]));
+ strlen(ss[(*db_order)[i]]), NULL);
break;
}
case db_rmd160 : {
line->rmd160=base64tobyte(ss[(*db_order)[i]],
- strlen(ss[(*db_order)[i]]));
+ strlen(ss[(*db_order)[i]]), NULL);
break;
}
case db_tiger : {
line->tiger=base64tobyte(ss[(*db_order)[i]],
- strlen(ss[(*db_order)[i]]));
+ strlen(ss[(*db_order)[i]]), NULL);
break;
}
#ifdef WITH_MHASH
case db_crc32 : {
line->crc32=base64tobyte(ss[(*db_order)[i]],
- strlen(ss[(*db_order)[i]]));
+ strlen(ss[(*db_order)[i]]), NULL);
break;
}
case db_gost : {
line->gost=base64tobyte(ss[(*db_order)[i]],
- strlen(ss[(*db_order)[i]]));
+ strlen(ss[(*db_order)[i]]), NULL);
break;
}
case db_haval : {
line->haval=base64tobyte(ss[(*db_order)[i]],
- strlen(ss[(*db_order)[i]]));
+ strlen(ss[(*db_order)[i]]), NULL);
break;
}
case db_crc32b : {
line->crc32b=base64tobyte(ss[(*db_order)[i]],
- strlen(ss[(*db_order)[i]]));
+ strlen(ss[(*db_order)[i]]), NULL);
+ break;
+ }
+ case db_whirlpool : {
+ line->whirlpool=base64tobyte(ss[(*db_order)[i]],
+ strlen(ss[(*db_order)[i]]), NULL);
break;
}
#endif
-#ifdef WITH_ACL
+ case db_sha256 : {
+ line->sha256=base64tobyte(ss[(*db_order)[i]],
+ strlen(ss[(*db_order)[i]]), NULL);
+ break;
+ }
+ case db_sha512 : {
+ line->sha512=base64tobyte(ss[(*db_order)[i]],
+ strlen(ss[(*db_order)[i]]), NULL);
+ break;
+ }
+#ifdef WITH_SUN_ACL
case db_acl : {
char* endp,*pos;
int entries,lc;
@@ -400,6 +424,70 @@ db_line* db_char2line(char** ss,int db){
break;
}
#endif
+#ifdef WITH_POSIX_ACL
+ case db_acl : {
+ char *tval = NULL;
+
+ tval = strtok(ss[(*db_order)[i]], ",");
+
+ line->acl = NULL;
+
+ if (tval[0] == '0')
+ line->acl = NULL;
+ else if (!strcmp(tval, "POSIX"))
+ {
+ line->acl = malloc(sizeof(acl_type));
+ line->acl->acl_a = NULL;
+ line->acl->acl_d = NULL;
+
+ tval = strtok(NULL, ",");
+ line->acl->acl_a = (char *)base64tobyte(tval, strlen(tval), NULL);
+ tval = strtok(NULL, ",");
+ line->acl->acl_d = (char *)base64tobyte(tval, strlen(tval), NULL);
+ }
+ /* else, it's broken... */
+ break;
+ }
+#endif
+ case db_xattrs : {
+ size_t num = 0;
+ char *tval = NULL;
+
+ tval = strtok(ss[(*db_order)[i]], ",");
+ num = readlong(tval, "xattrs");
+ if (num)
+ {
+ line->xattrs = malloc(sizeof(xattrs_type));
+ line->xattrs->ents = calloc(sizeof(xattr_node), num);
+ line->xattrs->sz = num;
+ line->xattrs->num = num;
+ num = 0;
+ while (num < line->xattrs->num)
+ {
+ byte *val = NULL;
+ size_t vsz = 0;
+
+ tval = strtok(NULL, ",");
+ line->xattrs->ents[num].key = db_readchar(strdup(tval));
+ tval = strtok(NULL, ",");
+ val = base64tobyte(tval, strlen(tval), &vsz);
+ line->xattrs->ents[num].val = val;
+ line->xattrs->ents[num].vsz = vsz;
+
+ ++num;
+ }
+ }
+ break;
+ }
+
+ case db_selinux : {
+ byte *val = NULL;
+
+ val = base64tobyte(ss[(*db_order)[i]], strlen(ss[(*db_order)[i]]),NULL);
+ line->cntx = (char *)val;
+ break;
+ }
+
case db_perm : {
line->perm=readoct(ss[(*db_order)[i]],"permissions");
break;
@@ -411,7 +499,7 @@ db_line* db_char2line(char** ss,int db){
}
case db_attr : {
- line->attr=readint(ss[(*db_order)[i]],"attr");
+ line->attr=readlong(ss[(*db_order)[i]],"attr");
break;
}
@@ -434,7 +522,7 @@ db_line* db_char2line(char** ss,int db){
time_t base64totime_t(char* s){
- byte* b=decode_base64(s,strlen(s));
+ byte* b=decode_base64(s,strlen(s),NULL);
char* endp;
if (b==NULL||strcmp(s,"0")==0) {
@@ -444,7 +532,7 @@ time_t base64totime_t(char* s){
return 0;
} else {
- time_t t = strtol(b,&endp,10);
+ time_t t = strtol((char *)b,&endp,10);
if (endp[0]!='\0') {
error(0,"Error converting base64\n");
@@ -645,10 +733,16 @@ void free_db_line(db_line* dl)
checked_free(dl->filename);
checked_free(dl->linkname);
+#ifdef WITH_MHASH
checked_free(dl->crc32);
checked_free(dl->crc32b);
checked_free(dl->gost);
checked_free(dl->haval);
+#endif
+
+ checked_free(dl->sha256);
+ checked_free(dl->sha512);
+ checked_free(dl->whirlpool);
}
const char* aide_key_5=CONFHMACKEY_05;
const char* db_key_5=DBHMACKEY_05;
diff -rup aide-0.12-rc1-orig/src/db_disk.c aide-0.12-rc1/src/db_disk.c
--- aide-0.12-rc1-orig/src/db_disk.c 2006-04-13 08:58:07.000000000 -0400
+++ aide-0.12-rc1/src/db_disk.c 2006-10-11 02:11:37.000000000 -0400
@@ -20,7 +20,9 @@
*/
#include "aide.h"
-#define _POSIX_C_SOURCE 199506L
+#ifndef _POSIX_C_SOURCE
+# define _POSIX_C_SOURCE 199506L
+#endif
#include <unistd.h>
#include <stdio.h>
#include <string.h>
@@ -66,7 +68,7 @@ seltree *tree;
long td = -1;
int rdres = 0;
-int attr;
+DB_ATTR_TYPE attr;
char *start_path = "/";
int root_handled = 0;
diff -rup aide-0.12-rc1-orig/src/db_file.c aide-0.12-rc1/src/db_file.c
--- aide-0.12-rc1-orig/src/db_file.c 2006-04-11 05:30:44.000000000 -0400
+++ aide-0.12-rc1/src/db_file.c 2006-10-11 13:20:05.000000000 -0400
@@ -264,7 +264,7 @@ int db_file_read_spec(int db){
conf->attr=1;
}
}
- if (conf->attr==-1) {
+ if (conf->attr==DB_ATTR_UNDEF) {
conf->attr=0;
error(0,"Database does not have attr field.\nComparation may be incorrect\nGenerating attr-field from dbspec\nIt might be a good Idea to regenerate databases. Sorry.\n");
for(i=0;i<conf->db_in_size;i++) {
@@ -593,6 +593,8 @@ int db_writechar(char* s,FILE* file,int
char* r=NULL;
int retval=0;
+ (void)file;
+
if(i) {
dofprintf(" ");
}
@@ -627,6 +629,8 @@ int db_writechar(char* s,FILE* file,int
int db_writeint(long i,FILE* file,int a)
{
+ (void)file;
+
if(a) {
dofprintf(" ");
}
@@ -636,6 +640,8 @@ int db_writeint(long i,FILE* file,int a)
}
int db_writelong(AIDE_OFF_TYPE i,FILE* file,int a)
{
+ (void)file;
+
if(a) {
dofprintf(" ");
}
@@ -648,12 +654,13 @@ int db_writelong(AIDE_OFF_TYPE i,FILE* f
}
-int db_write_byte_base64(byte*data,size_t len,FILE* file,int i,int th,
- int attr )
+int db_write_byte_base64(byte*data,size_t len,FILE* file,int i,
+ DB_ATTR_TYPE th, DB_ATTR_TYPE attr )
{
char* tmpstr=NULL;
int retval=0;
+ (void)file;
if (data!=NULL&&th&attr) {
tmpstr=encode_base64(data,len);
@@ -681,6 +688,8 @@ int db_write_time_base64(time_t i,FILE*
char* tmpstr=NULL;
int retval=0;
+ (void)file;
+
if(a){
dofprintf(" ");
}
@@ -701,7 +710,7 @@ int db_write_time_base64(time_t i,FILE*
sprintf(ptr,"%li",i);
- tmpstr=encode_base64(ptr,strlen(ptr));
+ tmpstr=encode_base64((byte *)ptr,strlen(ptr));
retval=dofprintf(tmpstr);
free(tmpstr);
free(ptr);
@@ -712,6 +721,8 @@ int db_write_time_base64(time_t i,FILE*
int db_writeoct(long i, FILE* file,int a)
{
+ (void)file;
+
if(a) {
dofprintf(" ");
}
@@ -779,7 +790,7 @@ int db_writespec_file(db_config* conf)
}
for(i=0;i<conf->db_out_size;i++){
for(j=0;j<db_unknown;j++){
- if(db_value[j]==conf->db_out_order[i]){
+ if((int)db_value[j]==(int)conf->db_out_order[i]){
retval=dofprintf("%s ",db_names[j]);
if(retval==0){
return RETFAIL;
@@ -795,8 +806,9 @@ int db_writespec_file(db_config* conf)
return RETOK;
}
+int db_writeacl(acl_type* acl,FILE* file,int a)
+{
#ifdef WITH_SUN_ACL
-int db_writeacl(acl_type* acl,FILE* file,int a){
int i;
if(a) {
@@ -814,13 +826,45 @@ int db_writeacl(acl_type* acl,FILE* file
acl->acl[i].a_perm);
}
}
+#endif
+#ifdef WITH_POSIX_ACL
+ if(a) {
+ dofprintf(" ");
+ }
+
+ if (acl==NULL) {
+ dofprintf("0");
+ } else {
+ dofprintf("POSIX"); /* This is _very_ incompatible */
+
+ dofprintf(",");
+ if (acl->acl_a)
+ db_write_byte_base64((byte*)acl->acl_a, strlen(acl->acl_a), file,0,1,1);
+ else
+ dofprintf("0");
+ dofprintf(",");
+ if (acl->acl_d)
+ db_write_byte_base64((byte*)acl->acl_d, strlen(acl->acl_d), file,0,1,1);
+ else
+ dofprintf("0");
+ }
+#endif
+#ifndef WITH_ACL
+ if(a) { /* compat. */
+ dofprintf(" ");
+ }
+
+ dofprintf("0");
+#endif
+
return RETOK;
}
-#endif
int db_writeline_file(db_line* line,db_config* conf, url_t* url){
int i;
+ (void)url;
+
for(i=0;i<conf->db_out_size;i++){
switch (conf->db_out_order[i]) {
case db_filename : {
@@ -930,9 +974,32 @@ int db_writeline_file(db_line* line,db_c
DB_GOST,line->attr);
break;
}
+ case db_sha256 : {
+ db_write_byte_base64(line->sha256,
+ HASH_SHA256_LEN,
+ conf->db_out,i,
+ DB_SHA256,line->attr);
+
+ break;
+ }
+ case db_sha512 : {
+ db_write_byte_base64(line->sha512,
+ HASH_SHA512_LEN,
+ conf->db_out,i,
+ DB_SHA512,line->attr);
+
+ break;
+ }
+ case db_whirlpool : {
+ db_write_byte_base64(line->whirlpool,
+ HASH_WHIRLPOOL_LEN,
+ conf->db_out,i,
+ DB_WHIRLPOOL,line->attr);
+
+ break;
+ }
case db_attr : {
- db_writeint(line->attr,
- conf->db_out,i);
+ db_writelong(line->attr, conf->db_out,i);
break;
}
#ifdef WITH_ACL
@@ -941,6 +1008,37 @@ int db_writeline_file(db_line* line,db_c
break;
}
#endif
+ case db_xattrs : {
+ xattr_node *xattr = NULL;
+ size_t num = 0;
+
+ // if (!line->xattrs || !(line->attr & DB_XATTRS))
+ if (!line->xattrs)
+ {
+ db_writelong(0, conf->db_out, i);
+ break;
+ }
+
+ db_writelong(line->xattrs->num, conf->db_out, i);
+
+ xattr = line->xattrs->ents;
+ while (num < line->xattrs->num)
+ {
+ dofprintf(",");
+ db_writechar(xattr->key, conf->db_out, 0);
+ dofprintf(",");
+ db_write_byte_base64(xattr->val, xattr->vsz, conf->db_out, 0, 1, 1);
+
+ ++xattr;
+ ++num;
+ }
+ break;
+ }
+ case db_selinux : {
+ db_write_byte_base64((byte*)line->cntx, strlen(line->cntx),
+ conf->db_out, i, 1, 1);
+ break;
+ }
case db_checkmask : {
db_writeoct(line->attr,conf->db_out,i);
break;
diff -rup aide-0.12-rc1-orig/src/db_sql.c aide-0.12-rc1/src/db_sql.c
--- aide-0.12-rc1-orig/src/db_sql.c 2005-04-06 05:50:26.000000000 -0400
+++ aide-0.12-rc1/src/db_sql.c 2006-10-09 02:06:10.000000000 -0400
@@ -542,6 +542,11 @@ char* db_get_sql(db_line* line,db_config
/* TODO */
break;
}
+ case db_xattrs : {
+ error(0,"TODO db_xattrs write to db_sql.c");
+ /* TODO */
+ break;
+ }
case db_checkmask : {
sql_writeoct(line->attr,s,i);
break;
diff -rup aide-0.12-rc1-orig/src/do_md.c aide-0.12-rc1/src/do_md.c
--- aide-0.12-rc1-orig/src/do_md.c 2006-05-31 05:17:26.000000000 -0400
+++ aide-0.12-rc1/src/do_md.c 2006-10-11 11:19:21.000000000 -0400
@@ -19,10 +19,12 @@
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-#define _POSIX_C_SOURCE 200112L
-
#include "aide.h"
+#ifndef _POSIX_C_SOURCE
+#define _POSIX_C_SOURCE 200112L
+#endif
+
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
@@ -63,7 +65,7 @@
/*
#include <gcrypt.h>
*/
-void md_init_fail(const char* s,db_line* db,byte** hash,unsigned i) {
+void md_init_fail(const char* s,db_line* db,byte** hash,DB_ATTR_TYPE i) {
error(0,"Message digest %s initialise failed\nDisabling %s for file %s\n",s,s,db->filename);
db->attr=db->attr&(~i);
(*hash)=0;
@@ -84,6 +86,8 @@ void free_hashes(db_line* dl){
free_hash(gost);
free_hash(crc32b);
#endif
+ free_hash(sha256);
+ free_hash(sha512);
}
/* Not use any more. calc_md is the new function.
@@ -332,8 +336,52 @@ void fs2db_line(struct AIDE_STAT_TYPE* f
}
-#ifdef WITH_ACL
void acl2line(db_line* line) {
+ acl_type *ret = NULL;
+
+#ifdef WITH_POSIX_ACL
+ if(DB_ACL&line->attr) {
+ acl_t acl_a;
+ acl_t acl_d;
+ char *tmp = NULL;
+
+ acl_a = acl_get_file(line->filename, ACL_TYPE_ACCESS);
+ acl_d = acl_get_file(line->filename, ACL_TYPE_DEFAULT);
+ if ((acl_a == NULL) && (errno == ENOTSUP))
+ return;
+ if (acl_a == NULL)
+ error(0, "Tried to read access ACL on %s but failed with: %m\n",
+ line->filename);
+ if ((acl_d == NULL) && (errno != EACCES)) /* ignore DEFAULT on files */
+ {
+ acl_free(acl_a);
+ error(0, "Tried to read default ACL on %s but failed with: %m\n",
+ line->filename);
+ }
+
+ /* assume memory allocs work, like rest of AIDE code... */
+ ret = malloc(sizeof(acl_type));
+
+ /* use tmp, so free() can be called instead of acl_free() */
+ tmp = acl_to_text(acl_a, NULL);
+ ret->acl_a = strdup(tmp);
+ acl_free(tmp);
+
+ if (!acl_d)
+ ret->acl_d = NULL;
+ else
+ {
+ tmp = acl_to_text(acl_d, NULL);
+ if (!*tmp)
+ ret->acl_d = NULL;
+ else
+ ret->acl_d = strdup(tmp);
+ acl_free(tmp);
+ }
+ }
+ line->acl = ret;
+#endif
+#ifdef WITH_SUN_ACL
if(DB_ACL&line->attr) { /* There might be a bug here. */
int res;
line->acl=malloc(sizeof(acl_type));
@@ -360,8 +408,8 @@ void acl2line(db_line* line) {
}else{
line->acl=NULL;
}
-}
#endif
+}
void no_hash(db_line* line) {
line->attr&=~DB_HASHES;
diff -rup aide-0.12-rc1-orig/src/error.c aide-0.12-rc1/src/error.c
--- aide-0.12-rc1-orig/src/error.c 2006-01-22 07:00:55.000000000 -0500
+++ aide-0.12-rc1/src/error.c 2006-10-11 01:56:16.000000000 -0400
@@ -35,6 +35,7 @@
/*for locale support*/
#include "locale-aide.h"
/*for locale support*/
+#include "util.h"
int cmp_url(url_t* url1,url_t* url2){
diff -rup aide-0.12-rc1-orig/src/gen_list.c aide-0.12-rc1/src/gen_list.c
--- aide-0.12-rc1-orig/src/gen_list.c 2006-07-15 11:25:17.000000000 -0400
+++ aide-0.12-rc1/src/gen_list.c 2006-10-11 13:26:56.000000000 -0400
@@ -33,6 +33,7 @@
#endif
#include <errno.h>
#include <time.h>
+
#include "report.h"
#include "gnu_regex.h"
#include "list.h"
@@ -56,6 +57,7 @@
#include <gcrypt.h>
*/
#include "md.h"
+#include "do_md.h"
void hsymlnk(db_line* line);
void fs2db_line(struct AIDE_STAT_TYPE* fs,db_line* line);
@@ -65,10 +67,10 @@ void no_hash(db_line* line);
char* strrxtok(char* rx)
{
char*p=NULL;
- int i=0;
+ size_t i=0;
/* The following code assumes that the first character is a slash */
- int lastslash=1;
+ size_t lastslash=1;
p=strdup(rx);
p[0]='/';
@@ -103,8 +105,8 @@ char* strrxtok(char* rx)
char* strlastslash(char*str)
{
char* p=NULL;
- int lastslash=1;
- int i=0;
+ size_t lastslash=1;
+ size_t i=0;
for(i=1;i<strlen(str);i++){
if(str[i]=='/'){
@@ -354,11 +356,130 @@ void gen_seltree(list* rxlist,seltree* t
*/
free(rxtok);
}
+}
+
+static xattrs_type *xattr_new(void)
+{
+ xattrs_type *ret = NULL;
+
+ ret = malloc(sizeof(xattrs_type));
+ ret->num = 0;
+ ret->sz = 2;
+ ret->ents = malloc(sizeof(xattr_node) * ret->sz);
+
+ return (ret);
+}
+
+static void *xzmemdup(const void *ptr, size_t len)
+{ /* always keeps a 0 at the end... */
+ void *ret = NULL;
+ ret = malloc(len+1);
+ memcpy(ret, ptr, len);
+ ((char*)ret)[len] = 0;
+
+ return (ret);
+}
+
+static void xattr_add(xattrs_type *xattrs,
+ const char *key, const char *val, size_t vsz)
+{
+ if (xattrs->num >= xattrs->sz)
+ {
+ xattrs->sz <<= 1;
+ xattrs->ents = realloc(xattrs->ents, sizeof(xattr_node) * xattrs->sz);
+ }
+
+ xattrs->ents[xattrs->num].key = strdup(key);
+ xattrs->ents[xattrs->num].val = xzmemdup(val, vsz);
+ xattrs->ents[xattrs->num].vsz = vsz;
+
+ xattrs->num += 1;
+}
+
+/* should be in do_md ? */
+static void xattrs2line(db_line *line)
+{ /* get all generic user xattrs. */
+ xattrs_type *xattrs = NULL;
+ static ssize_t xsz = 1024;
+ static char *xatrs = NULL;
+ ssize_t xret = -1;
+
+ if (!(DB_XATTRS&line->attr))
+ return;
+
+ xattrs = xattr_new();
+
+ /* assume memory allocs work, like rest of AIDE code... */
+ if (!xatrs) xatrs = malloc(xsz);
+
+ while (((xret = listxattr(line->filename, xatrs, xsz)) == -1) &&
+ (errno == ERANGE))
+ {
+ xsz <<= 1;
+ xatrs = realloc(xatrs, xsz);
+ }
+
+ if (xret == -1)
+ error(0, "listxattrs failed for %s:%m\n", line->filename);
+ else
+ {
+ const char *attr = xatrs;
+ static ssize_t asz = 1024;
+ static char *val = NULL;
+
+ if (!val) val = malloc(asz);
+
+ while (xret > 0)
+ {
+ size_t len = strlen(attr);
+ ssize_t aret = 0;
+
+ if (strncmp(attr, "user.", strlen("user.")) &&
+ strncmp(attr, "root.", strlen("root.")))
+ goto next_attr; /* only store normal xattrs, and SELinux */
+
+ while (((aret = getxattr(line->filename, attr, val, asz)) == -1) &&
+ (errno == ERANGE))
+ {
+ asz <<= 1;
+ val = realloc (val, asz);
+ }
+
+ if (aret != -1)
+ xattr_add(xattrs, attr, val, aret);
+ else if (errno != ENOATTR)
+ error(0, "getxattr failed for %s:%m\n", line->filename);
+
+ next_attr:
+ attr += len + 1;
+ xret -= len + 1;
+ }
+ }
+ line->xattrs = xattrs;
}
-list* add_file_to_list(list* listp,char*filename,int attr,int* addok)
+/* should be in do_md ? */
+static void selinux2line(db_line *line)
+{
+ char *cntx = NULL;
+
+ if (!(DB_SELINUX&line->attr))
+ return;
+
+ if (lgetfilecon_raw(line->filename, &cntx) == -1)
+ {
+ error(0, "lgetfilecon_raw failed for %s:%m\n", line->filename);
+ return;
+ }
+
+ line->cntx = strdup(cntx);
+
+ freecon(cntx);
+}
+
+list* add_file_to_list(list* listp,char*filename,DB_ATTR_TYPE attr,int* addok)
{
db_line* fil=NULL;
time_t cur_time;
@@ -445,8 +566,8 @@ list* add_file_to_list(list* listp,char*
if(conf->no_acl_on_symlinks!=1) {
fil->attr&=(~DB_ACL);
}
-#endif
-
+#endif
+
if(conf->warn_dead_symlinks==1) {
struct AIDE_STAT_TYPE fs;
int sres;
@@ -567,35 +688,6 @@ list* add_file_to_list(list* listp,char*
fil->bcount=0;
}
-#ifdef WITH_ACL
- if(DB_ACL&fil->attr) { /* There might be a bug here. */
- int res;
- fil->acl=malloc(sizeof(acl_type));
- fil->acl->entries=acl(fil->filename,GETACLCNT,0,NULL);
- if (fil->acl->entries==-1) {
- char* er=strerror(errno);
- fil->acl->entries=0;
- if (er==NULL) {
- error(0,"ACL query failed for %s. strerror failed for %i\n",fil->filename,errno);
- } else {
- error(0,"ACL query failed for %s:%s\n",fil->filename,er);
- }
- } else {
- fil->acl->acl=malloc(sizeof(aclent_t)*fil->acl->entries);
- res=acl(fil->filename,GETACL,fil->acl->entries,fil->acl->acl);
- if (res==-1) {
- error(0,"ACL error %s\n",strerror(errno));
- } else {
- if (res!=fil->acl->entries) {
- error(0,"Tried to read %i acl but got %i\n",fil->acl->entries,res);
- }
- }
- }
- }else{
- fil->acl=NULL;
- }
-
-#endif
if(S_ISDIR(fs.st_mode)||S_ISCHR(fs.st_mode)
||S_ISBLK(fs.st_mode)||S_ISFIFO(fs.st_mode)
@@ -630,13 +722,18 @@ list* add_file_to_list(list* listp,char*
fil->haval=DB_HAVAL&fil->attr?(byte*)"":NULL;
#endif
}
+
+ xattrs2line(fil); /* NOTE ... this is a lie, code never gets here */
+
+ // selinux2line(fil);
+
listp=list_append(listp,(void*)fil);
*addok=RETOK;
return listp;
}
-int check_list_for_match(list* rxrlist,char* text,int* attr)
+int check_list_for_match(list* rxrlist,char* text,DB_ATTR_TYPE* attr)
{
list* r=NULL;
int retval=1;
@@ -654,7 +751,7 @@ int check_list_for_match(list* rxrlist,c
//this is used to check if $text if equal to a node in $rxrlist
//should be used to check equ_rx_lst only
-int check_list_for_equal(list* rxrlist,char* text,int* attr)
+int check_list_for_equal(list* rxrlist,char* text,DB_ATTR_TYPE* attr)
{
list* r=NULL;
int retval=1;
@@ -695,7 +792,7 @@ int check_list_for_equal(list* rxrlist,c
*16, this is a recursed call
*/
-int check_node_for_match(seltree*node,char*text,int retval,int* attr)
+int check_node_for_match(seltree*node,char*text,int retval,DB_ATTR_TYPE* attr)
{
int top=0;
@@ -753,7 +850,7 @@ int check_node_for_match(seltree*node,ch
return retval;
}
-list* traverse_tree(seltree* tree,list* file_lst,int attr)
+list* traverse_tree(seltree* tree,list* file_lst,DB_ATTR_TYPE attr)
{
list* r=NULL;
seltree* a=NULL;
@@ -764,7 +861,7 @@ list* traverse_tree(seltree* tree,list*
int addfile=0;
char* fullname=NULL;
int e=0;
- int matchattr=attr;
+ DB_ATTR_TYPE matchattr=attr;
# ifndef HAVE_READDIR_R
long td=-1;
# endif
@@ -960,7 +1057,7 @@ list* gen_list(list* prxlist,list* nrxli
* strip_dbline()
* strips given dbline
*/
-void strip_dbline(db_line* line,int attr)
+void strip_dbline(db_line* line,DB_ATTR_TYPE attr)
{
#define checked_free(x) if(x!=NULL) free(x)
@@ -1034,12 +1131,24 @@ void strip_dbline(db_line* line,int attr
line->haval=NULL;
}
#endif
+ if(!(attr&DB_SHA256)){
+ checked_free(line->sha256);
+ line->sha256=NULL;
+ }
+ if(!(attr&DB_SHA512)){
+ checked_free(line->sha512);
+ line->sha512=NULL;
+ }
#ifdef WITH_ACL
if(!(attr&DB_ACL)){
- checked_free(line->acl);
+ checked_free(line->acl); /* FIXME: ... needs more */
line->acl=NULL;
}
#endif
+ if(!(attr&DB_XATTRS)){
+ checked_free(line->xattrs); /* FIXME: ... needs more */
+ line->xattrs=NULL;
+ }
}
/*
@@ -1048,11 +1157,12 @@ void strip_dbline(db_line* line,int attr
* status = what to do with this node
* attr attributes to add
*/
-void add_file_to_tree(seltree* tree,db_line* file,int db,int status,int attr)
+void add_file_to_tree(seltree* tree,db_line* file,int db,int status,
+ DB_ATTR_TYPE attr)
{
seltree* node=NULL;
- int localignorelist=0;
- int ignorelist=0;
+ DB_ATTR_TYPE localignorelist=0;
+ DB_ATTR_TYPE ignorelist=0;
node=get_seltree_node(tree,file->filename);
@@ -1090,14 +1200,15 @@ void add_file_to_tree(seltree* tree,db_l
ignorelist=get_groupval("ignore_list");
- if (ignorelist==-1) {
+ if (ignorelist==DB_ATTR_UNDEF) {
ignorelist=0;
}
if((node->checked&DB_OLD)&&(node->checked&DB_NEW)){
localignorelist=(node->new_data->attr^node->old_data->attr);
if (localignorelist!=0) {
- error(2,"File %s in databases has different attributes, %i,%i\n",node->old_data->filename,node->old_data->attr,node->new_data->attr);
+ error(2,"File %s in databases has different attributes, %llx,%llx\n",
+ node->old_data->filename,node->old_data->attr,node->new_data->attr);
}
localignorelist|=ignorelist;
@@ -1145,7 +1256,7 @@ void add_file_to_tree(seltree* tree,db_l
localignorelist=(oldData->attr^newData->attr)&(~(DB_NEWFILE|DB_RMFILE));
if (localignorelist!=0) {
- error(5,"File \"%s\" \"%s\" in databases has different attributes (here3), %i,%i\n",
+ error(5,"File \"%s\" \"%s\" in databases has different attributes (here3), %llx,%llx\n",
newData->filename,oldData->filename,oldData->attr,newData->attr);
}
@@ -1170,7 +1281,7 @@ void add_file_to_tree(seltree* tree,db_l
}
}
-int check_rxtree(char* filename,seltree* tree,int* attr)
+int check_rxtree(char* filename,seltree* tree,DB_ATTR_TYPE* attr)
{
int retval=0;
char * tmp=NULL;
@@ -1203,7 +1314,7 @@ int check_rxtree(char* filename,seltree*
return retval;
}
-db_line* get_file_attrs(char* filename,int attr)
+db_line* get_file_attrs(char* filename,DB_ATTR_TYPE attr)
{
struct AIDE_STAT_TYPE fs;
int sres=0;
@@ -1285,9 +1396,11 @@ db_line* get_file_attrs(char* filename,i
/*
ACL stuff
*/
-#ifdef WITH_ACL
acl2line(line);
-#endif
+
+ xattrs2line(line);
+
+ selinux2line(line);
if (attr&DB_HASHES && S_ISREG(fs.st_mode)) {
calc_md(&fs,line);
@@ -1373,8 +1486,8 @@ void populate_tree(seltree* tree)
db_line* old=NULL;
db_line* new=NULL;
int initdbwarningprinted=0;
- int ignorelist=0;
- int attr=0;
+ DB_ATTR_TYPE ignorelist=0;
+ DB_ATTR_TYPE attr=0;
seltree* node=NULL;
/* With this we avoid unnecessary checking of removed files. */
@@ -1386,7 +1499,7 @@ void populate_tree(seltree* tree)
ignorelist=get_groupval("ignore_list");
- if (ignorelist==-1) {
+ if (ignorelist==DB_ATTR_UNDEF) {
ignorelist=0;
}
diff -rup aide-0.12-rc1-orig/src/Makefile.am aide-0.12-rc1/src/Makefile.am
--- aide-0.12-rc1-orig/src/Makefile.am 2006-03-29 02:58:19.000000000 -0500
+++ aide-0.12-rc1/src/Makefile.am 2006-10-11 10:07:34.000000000 -0400
@@ -50,16 +50,16 @@ aide_SOURCES = \
INCLUDES = -I$(top_srcdir)/include
-LDADD = @CRYPTLIB@ @ACLLIB@
+LDADD = @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@
-AM_LDFLAGS = @LDFLAGS@ @LD_STATIC_FLAG@
+AM_LDFLAGS = @LDFLAGS@ @LD_STATIC_FLAG@ -lm
AM_CFLAGS = @CFLAGS@ @MAINTAINER_MODE_TRUE@ -Wall -g
CLEANFILES = conf_yacc.h conf_yacc.c conf_lex.c db_lex.c *~
LEX_OUTPUT_ROOT = lex.yy
-AM_YFLAGS= -d
+# AM_YFLAGS= -d
db_lex2.c:db_lex.c
diff -rup aide-0.12-rc1-orig/src/Makefile.in aide-0.12-rc1/src/Makefile.in
--- aide-0.12-rc1-orig/src/Makefile.in 2006-07-15 14:20:25.000000000 -0400
+++ aide-0.12-rc1/src/Makefile.in 2006-10-11 12:49:29.000000000 -0400
@@ -1,8 +1,8 @@
-# Makefile.in generated by automake 1.7.9 from Makefile.am.
+# Makefile.in generated by automake 1.9.6 from Makefile.am.
# @configure_input@
-# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003
-# Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -43,7 +43,6 @@ pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = ..
-
am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
INSTALL = @INSTALL@
install_sh_DATA = $(install_sh) -c -m 644
@@ -57,6 +56,45 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+bin_PROGRAMS = aide$(EXEEXT)
+subdir = src
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in conf_yacc.c
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/version.m4 $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+am__installdirs = "$(DESTDIR)$(bindir)"
+binPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
+PROGRAMS = $(bin_PROGRAMS)
+am_aide_OBJECTS = conf_yacc.$(OBJEXT) conf_lex2.$(OBJEXT) \
+ getopt.$(OBJEXT) getopt1.$(OBJEXT) gnu_regex.$(OBJEXT) \
+ error.$(OBJEXT) md.$(OBJEXT) db.$(OBJEXT) \
+ commandconf.$(OBJEXT) db_file.$(OBJEXT) db_disk.$(OBJEXT) \
+ db_lex2.$(OBJEXT) db_sql.$(OBJEXT) gen_list.$(OBJEXT) \
+ list.$(OBJEXT) do_md.$(OBJEXT) base64.$(OBJEXT) \
+ symboltable.$(OBJEXT) compare_db.$(OBJEXT) be.$(OBJEXT) \
+ util.$(OBJEXT) snprintf.$(OBJEXT) fopen.$(OBJEXT) \
+ aide.$(OBJEXT)
+aide_OBJECTS = $(am_aide_OBJECTS)
+aide_LDADD = $(LDADD)
+aide_DEPENDENCIES =
+DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS)
+SOURCES = $(aide_SOURCES)
+DIST_SOURCES = $(aide_SOURCES)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLLIB = @ACLLIB@
ACLOCAL = @ACLOCAL@
AIDE_USE_LOCALE = @AIDE_USE_LOCALE@
@@ -81,7 +119,6 @@ ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
-GREP = @GREP@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
@@ -108,48 +145,43 @@ PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
PSQLLIB = @PSQLLIB@
RANLIB = @RANLIB@
+SELINUXLIB = @SELINUXLIB@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
YACC = @YACC@
-YFLAGS = @YFLAGS@
ac_ct_CC = @ac_ct_CC@
+ac_ct_RANLIB = @ac_ct_RANLIB@
+ac_ct_STRIP = @ac_ct_STRIP@
am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
am__include = @am__include@
am__leading_dot = @am__leading_dot@
am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
bindir = @bindir@
build_alias = @build_alias@
curlconfig = @curlconfig@
datadir = @datadir@
-datarootdir = @datarootdir@
-docdir = @docdir@
-dvidir = @dvidir@
exec_prefix = @exec_prefix@
host_alias = @host_alias@
-htmldir = @htmldir@
includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
libdir = @libdir@
libexecdir = @libexecdir@
-localedir = @localedir@
localstatedir = @localstatedir@
mandir = @mandir@
+mkdir_p = @mkdir_p@
oldincludedir = @oldincludedir@
-pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
-psdir = @psdir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
-
-bin_PROGRAMS = aide
-
aide_SOURCES = \
conf_yacc.y \
conf_lex2.c \
@@ -176,83 +208,54 @@ aide_SOURCES = \
fopen.c \
aide.c
-
INCLUDES = -I$(top_srcdir)/include
-
-LDADD = @CRYPTLIB@ @ACLLIB@
-
-AM_LDFLAGS = @LDFLAGS@ @LD_STATIC_FLAG@
-
+LDADD = @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@
+AM_LDFLAGS = @LDFLAGS@ @LD_STATIC_FLAG@ -lm
AM_CFLAGS = @CFLAGS@ @MAINTAINER_MODE_TRUE@ -Wall -g
-
CLEANFILES = conf_yacc.h conf_yacc.c conf_lex.c db_lex.c *~
-
-AM_YFLAGS = -d
-subdir = src
-ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
-CONFIG_HEADER = $(top_builddir)/config.h
-CONFIG_CLEAN_FILES =
-bin_PROGRAMS = aide$(EXEEXT)
-PROGRAMS = $(bin_PROGRAMS)
-
-am_aide_OBJECTS = conf_yacc.$(OBJEXT) conf_lex2.$(OBJEXT) \
- getopt.$(OBJEXT) getopt1.$(OBJEXT) gnu_regex.$(OBJEXT) \
- error.$(OBJEXT) md.$(OBJEXT) db.$(OBJEXT) commandconf.$(OBJEXT) \
- db_file.$(OBJEXT) db_disk.$(OBJEXT) db_lex2.$(OBJEXT) \
- db_sql.$(OBJEXT) gen_list.$(OBJEXT) list.$(OBJEXT) \
- do_md.$(OBJEXT) base64.$(OBJEXT) symboltable.$(OBJEXT) \
- compare_db.$(OBJEXT) be.$(OBJEXT) util.$(OBJEXT) \
- snprintf.$(OBJEXT) fopen.$(OBJEXT) aide.$(OBJEXT)
-aide_OBJECTS = $(am_aide_OBJECTS)
-aide_LDADD = $(LDADD)
-aide_DEPENDENCIES =
-aide_LDFLAGS =
-
-DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)
-depcomp = $(SHELL) $(top_srcdir)/depcomp
-am__depfiles_maybe = depfiles
-@AMDEP_TRUE@DEP_FILES = ./$(DEPDIR)/aide.Po ./$(DEPDIR)/base64.Po \
-@AMDEP_TRUE@ ./$(DEPDIR)/be.Po ./$(DEPDIR)/commandconf.Po \
-@AMDEP_TRUE@ ./$(DEPDIR)/compare_db.Po ./$(DEPDIR)/conf_lex2.Po \
-@AMDEP_TRUE@ ./$(DEPDIR)/conf_yacc.Po ./$(DEPDIR)/db.Po \
-@AMDEP_TRUE@ ./$(DEPDIR)/db_disk.Po ./$(DEPDIR)/db_file.Po \
-@AMDEP_TRUE@ ./$(DEPDIR)/db_lex2.Po ./$(DEPDIR)/db_sql.Po \
-@AMDEP_TRUE@ ./$(DEPDIR)/do_md.Po ./$(DEPDIR)/error.Po \
-@AMDEP_TRUE@ ./$(DEPDIR)/fopen.Po ./$(DEPDIR)/gen_list.Po \
-@AMDEP_TRUE@ ./$(DEPDIR)/getopt.Po ./$(DEPDIR)/getopt1.Po \
-@AMDEP_TRUE@ ./$(DEPDIR)/gnu_regex.Po ./$(DEPDIR)/list.Po \
-@AMDEP_TRUE@ ./$(DEPDIR)/md.Po ./$(DEPDIR)/snprintf.Po \
-@AMDEP_TRUE@ ./$(DEPDIR)/symboltable.Po ./$(DEPDIR)/util.Po
-COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
- $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-CCLD = $(CC)
-LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
-YACCCOMPILE = $(YACC) $(YFLAGS) $(AM_YFLAGS)
-DIST_SOURCES = $(aide_SOURCES)
-DIST_COMMON = $(srcdir)/Makefile.in Makefile.am conf_yacc.c conf_yacc.h
-SOURCES = $(aide_SOURCES)
-
all: all-am
.SUFFIXES:
.SUFFIXES: .c .o .obj .y
-$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4)
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/Makefile'; \
cd $(top_srcdir) && \
$(AUTOMAKE) --gnu src/Makefile
-Makefile: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.in $(top_builddir)/config.status
- cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)
-binPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
install-binPROGRAMS: $(bin_PROGRAMS)
@$(NORMAL_INSTALL)
- $(mkinstalldirs) $(DESTDIR)$(bindir)
+ test -z "$(bindir)" || $(mkdir_p) "$(DESTDIR)$(bindir)"
@list='$(bin_PROGRAMS)'; for p in $$list; do \
p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
if test -f $$p \
; then \
f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
- echo " $(INSTALL_PROGRAM_ENV) $(binPROGRAMS_INSTALL) $$p $(DESTDIR)$(bindir)/$$f"; \
- $(INSTALL_PROGRAM_ENV) $(binPROGRAMS_INSTALL) $$p $(DESTDIR)$(bindir)/$$f || exit 1; \
+ echo " $(INSTALL_PROGRAM_ENV) $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \
+ $(INSTALL_PROGRAM_ENV) $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \
else :; fi; \
done
@@ -260,23 +263,18 @@ uninstall-binPROGRAMS:
@$(NORMAL_UNINSTALL)
@list='$(bin_PROGRAMS)'; for p in $$list; do \
f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
- echo " rm -f $(DESTDIR)$(bindir)/$$f"; \
- rm -f $(DESTDIR)$(bindir)/$$f; \
+ echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \
+ rm -f "$(DESTDIR)$(bindir)/$$f"; \
done
clean-binPROGRAMS:
-test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS)
-conf_yacc.h: conf_yacc.c
- @if test ! -f $@; then \
- rm -f conf_yacc.c; \
- $(MAKE) conf_yacc.c; \
- else :; fi
aide$(EXEEXT): $(aide_OBJECTS) $(aide_DEPENDENCIES)
@rm -f aide$(EXEEXT)
$(LINK) $(aide_LDFLAGS) $(aide_OBJECTS) $(aide_LDADD) $(LIBS)
mostlyclean-compile:
- -rm -f *.$(OBJEXT) core *.core
+ -rm -f *.$(OBJEXT)
distclean-compile:
-rm -f *.tab.c
@@ -307,34 +305,27 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/util.Po@am__quote@
.c.o:
-@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" \
-@am__fastdepCC_TRUE@ -c -o $@ `test -f '$<' || echo '$(srcdir)/'`$<; \
-@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; \
-@am__fastdepCC_TRUE@ else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; \
-@am__fastdepCC_TRUE@ fi
+@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ depfile='$(DEPDIR)/$*.Po' tmpdepfile='$(DEPDIR)/$*.TPo' @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$<
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
.c.obj:
-@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" \
-@am__fastdepCC_TRUE@ -c -o $@ `if test -f '$<'; then $(CYGPATH_W) '$<'; else $(CYGPATH_W) '$(srcdir)/$<'; fi`; \
-@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; \
-@am__fastdepCC_TRUE@ else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; \
-@am__fastdepCC_TRUE@ fi
+@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ depfile='$(DEPDIR)/$*.Po' tmpdepfile='$(DEPDIR)/$*.TPo' @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(COMPILE) -c `if test -f '$<'; then $(CYGPATH_W) '$<'; else $(CYGPATH_W) '$(srcdir)/$<'; fi`
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
.y.c:
- $(YACCCOMPILE) `test -f '$<' || echo '$(srcdir)/'`$<
+ $(YACCCOMPILE) $<
if test -f y.tab.h; then \
to=`echo "$*_H" | sed \
-e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/' \
-e 's/[^ABCDEFGHIJKLMNOPQRSTUVWXYZ]/_/g'`; \
- sed "/^#/ s/Y_TAB_H/$$to/g" y.tab.h >$*.ht; \
+ sed -e "/^#/!b" -e "s/Y_TAB_H/$$to/g" -e "s|y\.tab\.h|$*.h|" \
+ y.tab.h >$*.ht; \
rm -f y.tab.h; \
if cmp -s $*.ht $*.h; then \
rm -f $*.ht ;\
@@ -349,14 +340,6 @@ distclean-compile:
rm -f y.tab.c
uninstall-info-am:
-ETAGS = etags
-ETAGSFLAGS =
-
-CTAGS = ctags
-CTAGSFLAGS =
-
-tags: TAGS
-
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
@@ -365,6 +348,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
mkid -fID $$unique
+tags: TAGS
TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
@@ -376,10 +360,11 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEP
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- test -z "$(ETAGS_ARGS)$$tags$$unique" \
- || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
- $$tags $$unique
-
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
ctags: CTAGS
CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
@@ -402,10 +387,6 @@ GTAGS:
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
-DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-
-top_distdir = ..
-distdir = $(top_distdir)/$(PACKAGE)-$(VERSION)
distdir: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
@@ -419,7 +400,7 @@ distdir: $(DISTFILES)
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
dir="/$$dir"; \
- $(mkinstalldirs) "$(distdir)$$dir"; \
+ $(mkdir_p) "$(distdir)$$dir"; \
else \
dir=''; \
fi; \
@@ -437,9 +418,10 @@ distdir: $(DISTFILES)
check-am: all-am
check: check-am
all-am: Makefile $(PROGRAMS)
-
installdirs:
- $(mkinstalldirs) $(DESTDIR)$(bindir)
+ for dir in "$(DESTDIR)$(bindir)"; do \
+ test -z "$$dir" || $(mkdir_p) "$$dir"; \
+ done
install: install-am
install-exec: install-exec-am
install-data: install-data-am
@@ -460,13 +442,12 @@ clean-generic:
-test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
distclean-generic:
- -rm -f $(CONFIG_CLEAN_FILES)
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
-rm -f conf_yacc.c
- -rm -f conf_yacc.h
clean: clean-am
clean-am: clean-binPROGRAMS clean-generic mostlyclean-am
@@ -481,6 +462,8 @@ dvi: dvi-am
dvi-am:
+html: html-am
+
info: info-am
info-am:
@@ -516,16 +499,18 @@ uninstall-am: uninstall-binPROGRAMS unin
.PHONY: CTAGS GTAGS all all-am check check-am clean clean-binPROGRAMS \
clean-generic ctags distclean distclean-compile \
- distclean-generic distclean-tags distdir dvi dvi-am info \
- info-am install install-am install-binPROGRAMS install-data \
- install-data-am install-exec install-exec-am install-info \
- install-info-am install-man install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
+ distclean-generic distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-binPROGRAMS \
+ install-data install-data-am install-exec install-exec-am \
+ install-info install-info-am install-man install-strip \
+ installcheck installcheck-am installdirs maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-compile \
mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \
uninstall-am uninstall-binPROGRAMS uninstall-info-am
+# AM_YFLAGS= -d
+
db_lex2.c:db_lex.c
db_lex.c:db_lex.l
diff -rup aide-0.12-rc1-orig/src/md.c aide-0.12-rc1/src/md.c
--- aide-0.12-rc1-orig/src/md.c 2005-04-06 05:50:26.000000000 -0400
+++ aide-0.12-rc1/src/md.c 2006-10-11 13:31:51.000000000 -0400
@@ -35,8 +35,9 @@
stored. Only a speed issue.
*/
-int hash_mhash2attr(int i) {
- int r=0;
+DB_ATTR_TYPE hash_mhash2attr(int i) {
+ DB_ATTR_TYPE r=0;
+#ifdef WITH_MHASH
switch (i) {
case MHASH_CRC32: {
r=DB_CRC32;
@@ -92,6 +93,15 @@ int hash_mhash2attr(int i) {
break;
}
case MHASH_SHA256: {
+ r=DB_SHA256;
+ break;
+ }
+ case MHASH_SHA512: {
+ r=DB_SHA512;
+ break;
+ }
+ case MHASH_WHIRLPOOL: {
+ r=DB_WHIRLPOOL;
break;
}
case MHASH_ADLER32: {
@@ -100,7 +110,7 @@ int hash_mhash2attr(int i) {
default:
break;
}
-
+#endif
return r;
}
@@ -125,9 +135,9 @@ int init_md(struct md_container* md) {
#ifdef WITH_MHASH
error(255,"Mhash library initialization\n");
for(i=0;i<=HASH_MHASH_COUNT;i++) {
- if (((hash_mhash2attr(i))&(HASH_USE_MHASH)&md->todo_attr)!=0) {
- int h=hash_mhash2attr(i);
- error(255,"inserting %i\n",h);
+ if (((hash_mhash2attr(i)&HASH_USE_MHASH)&md->todo_attr)!=0) {
+ DB_ATTR_TYPE h=hash_mhash2attr(i);
+ error(255,"inserting %llu\n",h);
md->mhash_mdh[i]=mhash_init(i);
if (md->mhash_mdh[i]!=MHASH_FAILED) {
md->calc_attr|=h;
@@ -209,7 +219,10 @@ int close_md(struct md_container* md) {
get_libgcrypt_hash(DB_MD5,GCRY_MD_MD5,md5,HASH_MD5_LEN);
get_libgcrypt_hash(DB_SHA1,GCRY_MD_SHA1,sha1,HASH_SHA1_LEN);
get_libgcrypt_hash(DB_TIGER,GCRY_MD_TIGER,tiger,HASH_TIGER_LEN);
- get_libgcrypt_hash(DB_RMD160,GCRY_MD_RMD160,rmd160,HASH_RMD160_LEN);
+ get_libgcrypt_hash(DB_RMD160,GCRY_MD_RMD160,rmd160,HASH_RMD160_LEN);
+
+ get_libgcrypt_hash(DB_SHA256,GCRY_MD_SHA256,sha256,HASH_SHA256_LEN);
+ get_libgcrypt_hash(DB_SHA512,GCRY_MD_SHA512,sha512,HASH_SHA512_LEN);
/*. There might be more hashes in the library. Add those here.. */
@@ -230,6 +243,9 @@ int close_md(struct md_container* md) {
get_mhash_hash(MHASH_HAVAL,haval);
get_mhash_hash(MHASH_GOST,gost);
get_mhash_hash(MHASH_CRC32B,crc32b);
+ get_mhash_hash(MHASH_SHA256,sha256);
+ get_mhash_hash(MHASH_SHA512,sha512);
+ get_mhash_hash(MHASH_WHIRLPOOL,whirlpool);
/*
There might be more hashes in the library we want to use.
@@ -275,6 +291,10 @@ void md2line(struct md_container* md,str
copyhash(DB_HAVAL,haval,HASH_HAVAL_LEN);
copyhash(DB_GOST,gost,HASH_GOST_LEN);
copyhash(DB_CRC32B,crc32b,HASH_CRC32B_LEN);
+
+ copyhash(DB_SHA256,sha256,HASH_SHA256_LEN);
+ copyhash(DB_SHA512,sha512,HASH_SHA512_LEN);
+ copyhash(DB_WHIRLPOOL,whirlpool,HASH_WHIRLPOOL_LEN);
}
/*
const char* aide_key_14=KEY_14;
diff -rup aide-0.12-rc1-orig/src/snprintf.c aide-0.12-rc1/src/snprintf.c
--- aide-0.12-rc1-orig/src/snprintf.c 2005-04-06 06:16:30.000000000 -0400
+++ aide-0.12-rc1/src/snprintf.c 2006-10-11 13:14:27.000000000 -0400
@@ -410,10 +410,12 @@ int portable_vsnprintf(char *str, size_t
/* declarations */
+#if !defined(HAVE_SNPRINTF) || defined(PREFER_PORTABLE_SNPRINTF)
static char credits[] = "\n\
@(#)snprintf.c, v2.2: Mark Martinec, <mark.martinec@ijs.si>\n\
@(#)snprintf.c, v2.2: Copyright 1999, Mark Martinec. Frontier Artistic License applies.\n\
@(#)snprintf.c, v2.2: http://www.ijs.si/software/snprintf/\n";
+#endif
#if defined(NEED_ASPRINTF)
int asprintf(char **ptr, const char *fmt, /*args*/ ...) {
diff -rup aide-0.12-rc1-orig/src/gen_list.c aide-0.12-rc1/src/gen_list.c
--- aide-0.12-rc1-orig/src/gen_list.c 2006-10-11 15:57:24.000000000 -0400
+++ aide-0.12-rc1/src/gen_list.c 2006-10-11 16:06:49.000000000 -0400
@@ -408,21 +408,21 @@ static void xattrs2line(db_line *line)
if (!(DB_XATTRS&line->attr))
return;
- xattrs = xattr_new();
-
/* assume memory allocs work, like rest of AIDE code... */
if (!xatrs) xatrs = malloc(xsz);
- while (((xret = listxattr(line->filename, xatrs, xsz)) == -1) &&
+ while (((xret = llistxattr(line->filename, xatrs, xsz)) == -1) &&
(errno == ERANGE))
{
xsz <<= 1;
xatrs = realloc(xatrs, xsz);
}
- if (xret == -1)
+ if ((xret == -1) && (errno == ENOSYS))
+ { /* do nothing */ }
+ else if (xret == -1)
error(0, "listxattrs failed for %s:%m\n", line->filename);
- else
+ else if (xret)
{
const char *attr = xatrs;
static ssize_t asz = 1024;
@@ -430,6 +430,8 @@ static void xattrs2line(db_line *line)
if (!val) val = malloc(asz);
+ xattrs = xattr_new();
+
while (xret > 0)
{
size_t len = strlen(attr);
--- aide-0.12_rc1/src/gen_list.c 2006-10-11 16:11:22.000000000 -0400
+++ aide-0.12-rc1/src/gen_list.c 2006-10-11 21:09:47.000000000 -0400
@@ -1061,12 +1061,11 @@ list* gen_list(list* prxlist,list* nrxli
*/
void strip_dbline(db_line* line,DB_ATTR_TYPE attr)
{
-#define checked_free(x) if(x!=NULL) free(x)
+#define checked_free(x) do { free(x); x=NULL; } while (0)
/* filename is always needed, hence it is never stripped */
if(!(attr&DB_LINKNAME)){
checked_free(line->linkname);
- line->linkname=NULL;
}
if(!(attr&DB_PERM)){
line->perm=0;
@@ -1101,55 +1100,53 @@ void strip_dbline(db_line* line,DB_ATTR_
if(!(attr&DB_MD5)){
checked_free(line->md5);
- line->md5=NULL;
}
if(!(attr&DB_SHA1)){
checked_free(line->sha1);
- line->sha1=NULL;
}
if(!(attr&DB_RMD160)){
checked_free(line->rmd160);
- line->rmd160=NULL;
}
if(!(attr&DB_TIGER)){
checked_free(line->tiger);
- line->tiger=NULL;
}
#ifdef WITH_MHASH
if(!(attr&DB_CRC32)){
checked_free(line->crc32);
- line->crc32=NULL;
}
if(!(attr&DB_CRC32B)){
checked_free(line->crc32b);
- line->crc32b=NULL;
}
if(!(attr&DB_GOST)){
checked_free(line->gost);
- line->gost=NULL;
}
if(!(attr&DB_HAVAL)){
checked_free(line->haval);
- line->haval=NULL;
}
#endif
if(!(attr&DB_SHA256)){
checked_free(line->sha256);
- line->sha256=NULL;
}
if(!(attr&DB_SHA512)){
checked_free(line->sha512);
- line->sha512=NULL;
}
#ifdef WITH_ACL
if(!(attr&DB_ACL)){
- checked_free(line->acl); /* FIXME: ... needs more */
- line->acl=NULL;
+ if (line->acl)
+ {
+ free(line->acl->acl_a);
+ free(line->acl->acl_d);
+ }
+ checked_free(line->acl);
}
#endif
if(!(attr&DB_XATTRS)){
- checked_free(line->xattrs); /* FIXME: ... needs more */
- line->xattrs=NULL;
+ if (line->xattrs)
+ free(line->xattrs->ents);
+ checked_free(line->xattrs);
+ }
+ if(!(attr&DB_SELINUX)){
+ checked_free(line->cntx);
}
}
--- aide-0.12_rc1/src/db.c 2006-10-11 16:11:22.000000000 -0400
+++ aide-0.12-rc1/src/db.c 2006-10-11 21:11:03.000000000 -0400
@@ -724,7 +724,7 @@ void free_db_line(db_line* dl)
return;
}
-#define checked_free(x) if(x!=NULL) { free(x); x=NULL; }
+#define checked_free(x) do { free(x); x=NULL; } while (0)
checked_free(dl->md5);
checked_free(dl->sha1);
@@ -743,6 +743,20 @@ void free_db_line(db_line* dl)
checked_free(dl->sha256);
checked_free(dl->sha512);
checked_free(dl->whirlpool);
+
+ if (dl->acl)
+ {
+#ifdef WITH_ACL
+ free(dl->acl->acl_a);
+ free(dl->acl->acl_d);
+#endif
+ }
+ checked_free(dl->acl);
+
+ if (dl->xattrs)
+ free(dl->xattrs->ents);
+ checked_free(dl->xattrs);
+ checked_free(dl->cntx);
}
const char* aide_key_5=CONFHMACKEY_05;
const char* db_key_5=DBHMACKEY_05;
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
ade1e91e7739462bb469e0c1fd11933a
>
files
>
9
