Use an explicit plugin list instead of the unrealible "find" to build checksums
authorMartin Willi <martin@revosec.ch>
Thu, 12 Aug 2010 14:07:24 +0000 (16:07 +0200)
committerMartin Willi <martin@revosec.ch>
Thu, 12 Aug 2010 14:07:24 +0000 (16:07 +0200)
configure.in
src/checksum/Makefile.am
src/checksum/checksum_builder.c

index d44908d..6bde09e 100644 (file)
@@ -678,75 +678,82 @@ scripts_plugins=
 manager_plugins=
 medsrv_plugins=
 
-ADD_PLUGIN([test-vectors],         [libcharon pluto openac scepclient pki])
-ADD_PLUGIN([curl],                 [libcharon pluto scepclient])
-ADD_PLUGIN([ldap],                 [libcharon pluto scepclient])
-ADD_PLUGIN([mysql],                [libcharon pluto pool manager medsrv])
-ADD_PLUGIN([sqlite],               [libcharon pluto pool manager medsrv])
-ADD_PLUGIN([aes],                  [libcharon pluto openac scepclient pki scripts])
-ADD_PLUGIN([des],                  [libcharon pluto openac scepclient pki scripts])
-ADD_PLUGIN([blowfish],             [libcharon pluto openac scepclient pki scripts])
-ADD_PLUGIN([sha1],                 [libcharon pluto openac scepclient pki scripts medsrv])
-ADD_PLUGIN([sha2],                 [libcharon pluto openac scepclient pki scripts medsrv])
-ADD_PLUGIN([md4],                  [libcharon openac manager scepclient pki])
-ADD_PLUGIN([md5],                  [libcharon pluto openac scepclient pki])
-ADD_PLUGIN([random],               [libcharon pluto openac scepclient pki medsrv])
-ADD_PLUGIN([x509],                 [libcharon pluto openac scepclient pki])
-ADD_PLUGIN([revocation],           [libcharon])
-ADD_PLUGIN([pubkey],               [libcharon])
-ADD_PLUGIN([pkcs1],                [libcharon pluto openac scepclient pki scripts manager medsrv])
-ADD_PLUGIN([pgp],                  [libcharon pluto])
-ADD_PLUGIN([dnskey],               [pluto])
-ADD_PLUGIN([pem],                  [libcharon pluto openac scepclient pki scripts manager medsrv])
-ADD_PLUGIN([padlock],              [libcharon])
-ADD_PLUGIN([openssl],              [libcharon pluto openac scepclient pki scripts manager medsrv])
-ADD_PLUGIN([gcrypt],               [libcharon pluto openac scepclient pki scripts manager medsrv])
-ADD_PLUGIN([fips-prf],             [libcharon])
-ADD_PLUGIN([gmp],                  [libcharon pluto openac scepclient pki scripts manager medsrv])
-ADD_PLUGIN([agent],                [libcharon])
-ADD_PLUGIN([pkcs11],               [libcharon pki])
-ADD_PLUGIN([xcbc],                 [libcharon])
-ADD_PLUGIN([hmac],                 [libcharon pluto])
-ADD_PLUGIN([xauth],                [pluto])
-ADD_PLUGIN([attr],                 [libcharon pluto])
-ADD_PLUGIN([attr-sql],             [libcharon pluto])
-ADD_PLUGIN([resolve],              [libcharon pluto])
-ADD_PLUGIN([load-tester],          [libcharon])
-ADD_PLUGIN([kernel-pfkey],         [libcharon])
-ADD_PLUGIN([kernel-pfroute],       [libcharon])
-ADD_PLUGIN([kernel-klips],         [libcharon])
-ADD_PLUGIN([kernel-netlink],       [libcharon])
-ADD_PLUGIN([socket-default],       [libcharon])
-ADD_PLUGIN([socket-raw],           [libcharon])
-ADD_PLUGIN([socket-dynamic],       [libcharon])
-ADD_PLUGIN([farp],                 [libcharon])
-ADD_PLUGIN([stroke],               [libcharon])
-ADD_PLUGIN([smp],                  [libcharon])
-ADD_PLUGIN([sql],                  [libcharon])
-ADD_PLUGIN([updown],               [libcharon])
-ADD_PLUGIN([eap-identity],         [libcharon])
-ADD_PLUGIN([eap-sim],              [libcharon])
-ADD_PLUGIN([eap-sim-file],         [libcharon])
-ADD_PLUGIN([eap-simaka-sql],       [libcharon])
-ADD_PLUGIN([eap-simaka-pseudonym], [libcharon])
-ADD_PLUGIN([eap-simaka-reauth],    [libcharon])
-ADD_PLUGIN([eap-aka],              [libcharon])
-ADD_PLUGIN([eap-aka-3gpp2],        [libcharon])
-ADD_PLUGIN([eap-md5],              [libcharon])
-ADD_PLUGIN([eap-gtc],              [libcharon])
-ADD_PLUGIN([eap-mschapv2],         [libcharon])
-ADD_PLUGIN([eap-radius],           [libcharon])
-ADD_PLUGIN([eap-tls],              [libcharon])
-ADD_PLUGIN([eap-ttls],             [libcharon])
-ADD_PLUGIN([medsrv],               [libcharon])
-ADD_PLUGIN([medcli],               [libcharon])
-ADD_PLUGIN([nm],                   [libcharon])
-ADD_PLUGIN([dhcp],                 [libcharon])
-ADD_PLUGIN([android],              [libcharon])
-ADD_PLUGIN([ha],                   [libcharon])
-ADD_PLUGIN([uci],                  [libcharon])
-ADD_PLUGIN([addrblock],            [libcharon])
-ADD_PLUGIN([unit-tester],          [libcharon])
+# location specific lists for checksumming,
+# for src/libcharon, src/pluto, src/libhydra and src/libstrongswan
+c_plugins=
+p_plugins=
+h_plugins=
+s_plugins=
+
+ADD_PLUGIN([test-vectors],         [s libcharon pluto openac scepclient pki])
+ADD_PLUGIN([curl],                 [s libcharon pluto scepclient])
+ADD_PLUGIN([ldap],                 [s libcharon pluto scepclient])
+ADD_PLUGIN([mysql],                [s libcharon pluto pool manager medsrv])
+ADD_PLUGIN([sqlite],               [s libcharon pluto pool manager medsrv])
+ADD_PLUGIN([aes],                  [s libcharon pluto openac scepclient pki scripts])
+ADD_PLUGIN([des],                  [s libcharon pluto openac scepclient pki scripts])
+ADD_PLUGIN([blowfish],             [s libcharon pluto openac scepclient pki scripts])
+ADD_PLUGIN([sha1],                 [s libcharon pluto openac scepclient pki scripts medsrv])
+ADD_PLUGIN([sha2],                 [s libcharon pluto openac scepclient pki scripts medsrv])
+ADD_PLUGIN([md4],                  [s libcharon openac manager scepclient pki])
+ADD_PLUGIN([md5],                  [s libcharon pluto openac scepclient pki])
+ADD_PLUGIN([random],               [s libcharon pluto openac scepclient pki medsrv])
+ADD_PLUGIN([x509],                 [s libcharon pluto openac scepclient pki])
+ADD_PLUGIN([revocation],           [s libcharon])
+ADD_PLUGIN([pubkey],               [s libcharon])
+ADD_PLUGIN([pkcs1],                [s libcharon pluto openac scepclient pki scripts manager medsrv])
+ADD_PLUGIN([pgp],                  [s libcharon pluto])
+ADD_PLUGIN([dnskey],               [s pluto])
+ADD_PLUGIN([pem],                  [s libcharon pluto openac scepclient pki scripts manager medsrv])
+ADD_PLUGIN([padlock],              [s libcharon])
+ADD_PLUGIN([openssl],              [s libcharon pluto openac scepclient pki scripts manager medsrv])
+ADD_PLUGIN([gcrypt],               [s libcharon pluto openac scepclient pki scripts manager medsrv])
+ADD_PLUGIN([fips-prf],             [s libcharon])
+ADD_PLUGIN([gmp],                  [s libcharon pluto openac scepclient pki scripts manager medsrv])
+ADD_PLUGIN([agent],                [s libcharon])
+ADD_PLUGIN([pkcs11],               [s libcharon pki])
+ADD_PLUGIN([xcbc],                 [s libcharon])
+ADD_PLUGIN([hmac],                 [s libcharon pluto])
+ADD_PLUGIN([xauth],                [p pluto])
+ADD_PLUGIN([attr],                 [h libcharon pluto])
+ADD_PLUGIN([attr-sql],             [h libcharon pluto])
+ADD_PLUGIN([resolve],              [h libcharon pluto])
+ADD_PLUGIN([load-tester],          [c libcharon])
+ADD_PLUGIN([kernel-pfkey],         [c libcharon])
+ADD_PLUGIN([kernel-pfroute],       [c libcharon])
+ADD_PLUGIN([kernel-klips],         [c libcharon])
+ADD_PLUGIN([kernel-netlink],       [c libcharon])
+ADD_PLUGIN([socket-default],       [c libcharon])
+ADD_PLUGIN([socket-raw],           [c libcharon])
+ADD_PLUGIN([socket-dynamic],       [c libcharon])
+ADD_PLUGIN([farp],                 [c libcharon])
+ADD_PLUGIN([stroke],               [c libcharon])
+ADD_PLUGIN([smp],                  [c libcharon])
+ADD_PLUGIN([sql],                  [c libcharon])
+ADD_PLUGIN([updown],               [c libcharon])
+ADD_PLUGIN([eap-identity],         [c libcharon])
+ADD_PLUGIN([eap-sim],              [c libcharon])
+ADD_PLUGIN([eap-sim-file],         [c libcharon])
+ADD_PLUGIN([eap-simaka-sql],       [c libcharon])
+ADD_PLUGIN([eap-simaka-pseudonym], [c libcharon])
+ADD_PLUGIN([eap-simaka-reauth],    [c libcharon])
+ADD_PLUGIN([eap-aka],              [c libcharon])
+ADD_PLUGIN([eap-aka-3gpp2],        [c libcharon])
+ADD_PLUGIN([eap-md5],              [c libcharon])
+ADD_PLUGIN([eap-gtc],              [c libcharon])
+ADD_PLUGIN([eap-mschapv2],         [c libcharon])
+ADD_PLUGIN([eap-radius],           [c libcharon])
+ADD_PLUGIN([eap-tls],              [c libcharon])
+ADD_PLUGIN([eap-ttls],             [c libcharon])
+ADD_PLUGIN([medsrv],               [c libcharon])
+ADD_PLUGIN([medcli],               [c libcharon])
+ADD_PLUGIN([nm],                   [c libcharon])
+ADD_PLUGIN([dhcp],                 [c libcharon])
+ADD_PLUGIN([android],              [c libcharon])
+ADD_PLUGIN([ha],                   [c libcharon])
+ADD_PLUGIN([uci],                  [c libcharon])
+ADD_PLUGIN([addrblock],            [c libcharon])
+ADD_PLUGIN([unit-tester],          [c libcharon])
 
 AC_SUBST(libcharon_plugins)
 AC_SUBST(pluto_plugins)
@@ -758,6 +765,11 @@ AC_SUBST(scripts_plugins)
 AC_SUBST(manager_plugins)
 AC_SUBST(medsrv_plugins)
 
+AC_SUBST(c_plugins)
+AC_SUBST(p_plugins)
+AC_SUBST(h_plugins)
+AC_SUBST(s_plugins)
+
 dnl =========================
 dnl  set Makefile.am vars
 dnl =========================
index ad29237..3aded1d 100644 (file)
@@ -14,13 +14,13 @@ checksum_builder_LDADD = \
 BUILT_SOURCES = checksum.c
 CLEANFILES = checksum.c
 INCLUDES = -I$(top_srcdir)/src/libstrongswan
-AM_CFLAGS = -rdynamic
+AM_CFLAGS = -rdynamic \
+       -DS_PLUGINS=\""${s_plugins}\"" -DS_PATH=\""${top_builddir}/src/libstrongswan/plugins\"" \
+       -DH_PLUGINS=\""${h_plugins}\"" -DH_PATH=\""${top_builddir}/src/libhydra/plugins\"" \
+       -DP_PLUGINS=\""${p_plugins}\"" -DP_PATH=\""${top_builddir}/src/pluto/plugins\"" \
+       -DC_PLUGINS=\""${c_plugins}\"" -DC_PATH=\""${top_builddir}/src/libcharon/plugins\""
 
-libs = $(shell find $(top_builddir)/src/libstrongswan \
-                       $(top_builddir)/src/libcharon \
-                       $(top_builddir)/src/libhydra \
-                       $(top_builddir)/src/pluto \
-                       -name 'libstrongswan*.so')
+libs = $(top_builddir)/src/libstrongswan/.libs/libstrongswan.so
 
 if USE_LIBHYDRA
   libs += $(top_builddir)/src/libhydra/.libs/libhydra.so
index 2db6805..dc1de99 100644 (file)
 #include <dlfcn.h>
 
 #include <library.h>
+#include <utils/enumerator.h>
 
 /* we need to fake the pluto symbol to dlopen() the xauth plugin */
 void *pluto;
 
+/**
+ * Integrity checker
+ */
+integrity_checker_t *integrity;
+
+/**
+ * Create the checksum of a binary, using name and a symbol name
+ */
+static void build_checksum(char *path, char *name, char *sname)
+{
+       void *handle, *symbol;
+       u_int32_t fsum, ssum;
+       size_t fsize = 0;
+       size_t ssize = 0;
+
+       fsum = integrity->build_file(integrity, path, &fsize);
+       ssum = 0;
+       if (sname)
+       {
+               handle = dlopen(path, RTLD_LAZY);
+               if (handle)
+               {
+                       symbol = dlsym(handle, sname);
+                       if (symbol)
+                       {
+                               ssum = integrity->build_segment(integrity, symbol, &ssize);
+                       }
+                       else
+                       {
+                               fprintf(stderr, "symbol lookup failed: %s\n", dlerror());
+                       }
+                       dlclose(handle);
+               }
+               else
+               {
+                       fprintf(stderr, "dlopen failed: %s\n", dlerror());
+               }
+       }
+       printf("\t{\"%-20s%7u, 0x%08x, %6u, 0x%08x},\n",
+                  name, fsize, fsum, ssize, ssum);
+       fprintf(stderr, "\"%-20s%7u / 0x%08x       %6u / 0x%08x\n",
+                       name, fsize, fsum, ssize, ssum);
+}
+
+/**
+ * Build checksums for a set of plugins in a given path prefix
+ */
+static void build_plugin_checksums(char *plugins, char *prefix)
+{
+       enumerator_t *enumerator;
+       char *plugin, path[256], under[128], sname[128], name[128];
+
+       enumerator = enumerator_create_token(plugins, " ", " ");
+       while (enumerator->enumerate(enumerator, &plugin))
+       {
+               snprintf(under, sizeof(under), "%s", plugin);
+               translate(under, "-", "_");
+               snprintf(path, sizeof(path), "%s/%s/.libs/libstrongswan-%s.so",
+                                prefix, under, plugin);
+               snprintf(sname, sizeof(sname), "%s_plugin_create", under);
+               snprintf(name, sizeof(name), "%s\",", plugin);
+               build_checksum(path, name, sname);
+       }
+       enumerator->destroy(enumerator);
+}
+
+/**
+ * Build checksums for a binary/library found at path
+ */
+static void build_binary_checksum(char *path)
+{
+       char *binary, *pos, name[128], sname[128];
+
+       binary = strrchr(path, '/');
+       if (binary)
+       {
+               binary++;
+               pos = strrchr(binary, '.');
+               if (pos && streq(pos, ".so"))
+               {
+                       snprintf(name, sizeof(name), "%.*s\",", pos - binary, binary);
+                       if (streq(name, "libstrongswan\","))
+                       {
+                               snprintf(sname, sizeof(sname), "%s", "library_init");
+                       }
+                       else
+                       {
+                               snprintf(sname, sizeof(sname), "%.*s_init", pos - binary, binary);
+                       }
+                       build_checksum(path, name, sname);
+               }
+               else
+               {
+                       snprintf(name, sizeof(name), "%s\",", binary);
+                       build_checksum(path, name, NULL);
+               }
+       }
+}
+
 int main(int argc, char* argv[])
 {
        int i;
-       integrity_checker_t *integrity;
 
        /* avoid confusing leak reports in build process */
        setenv("LEAK_DETECTIVE_DISABLE", "1", 0);
@@ -47,105 +146,13 @@ int main(int argc, char* argv[])
        fprintf(stderr, "module name,       file size / checksum   segment size / checksum\n");
        for (i = 1; i < argc; i++)
        {
-               char *name, *path, *sname = NULL;
-               void *handle, *symbol;
-               u_int32_t fsum, ssum;
-               size_t fsize = 0;
-               size_t ssize = 0;
-
-               path = argv[i];
-
-               if ((name = strstr(path, "libstrongswan-")))
-               {
-                       name = strdup(name + strlen("libstrongswan-"));
-                       name[strlen(name) - 3] = '"';
-                       name[strlen(name) - 2] = ',';
-                       name[strlen(name) - 1] = '\0';
-                       if (asprintf(&sname, "%.*s_plugin_create", strlen(name) - 2,
-                                                name) < 0)
-                       {
-                               fprintf(stderr, "failed to format plugin constructor "
-                                               "for '%s', ignored", path);
-                               free(name);
-                               continue;
-                       }
-                       translate(sname, "-", "_");
-               }
-               else if (strstr(path, "libstrongswan.so"))
-               {
-                       name = strdup("libstrongswan\",");
-                       sname = strdup("library_init");
-               }
-               else if (strstr(path, "libhydra.so"))
-               {
-                       name = strdup("libhydra\",");
-                       sname = strdup("libhydra_init");
-               }
-               else if (strstr(path, "libcharon.so"))
-               {
-                       name = strdup("libcharon\",");
-                       sname = strdup("libcharon_init");
-               }
-               else if (strstr(path, "pool"))
-               {
-                       name = strdup("pool\",");
-               }
-               else if (strstr(path, "charon"))
-               {
-                       name = strdup("charon\",");
-               }
-               else if (strstr(path, "pluto"))
-               {
-                       name = strdup("pluto\",");
-               }
-               else if (strstr(path, "openac"))
-               {
-                       name = strdup("openac\",");
-               }
-               else if (strstr(path, "scepclient"))
-               {
-                       name = strdup("scepclient\",");
-               }
-               else if (strstr(path, "pki"))
-               {
-                       name = strdup("pki\",");
-               }
-               else
-               {
-                       fprintf(stderr, "don't know how to handle '%s', ignored", path);
-                       continue;
-               }
-
-               fsum = integrity->build_file(integrity, path, &fsize);
-               ssum = 0;
-               if (sname)
-               {
-                       handle = dlopen(path, RTLD_LAZY);
-                       if (handle)
-                       {
-                               symbol = dlsym(handle, sname);
-                               if (symbol)
-                               {
-                                       ssum = integrity->build_segment(integrity, symbol, &ssize);
-                               }
-                               else
-                               {
-                                       fprintf(stderr, "symbol lookup failed: %s\n", dlerror());
-                               }
-                               dlclose(handle);
-                       }
-                       else
-                       {
-                               fprintf(stderr, "dlopen failed: %s\n", dlerror());
-                       }
-               }
-               printf("\t{\"%-20s%7u, 0x%08x, %6u, 0x%08x},\n",
-                          name, fsize, fsum, ssize, ssum);
-               fprintf(stderr, "\"%-20s%7u / 0x%08x       %6u / 0x%08x\n",
-                               name, fsize, fsum, ssize, ssum);
-               free(sname);
-               free(name);
+               build_binary_checksum(argv[i]);
        }
+       build_plugin_checksums(S_PLUGINS, S_PATH);
+       build_plugin_checksums(H_PLUGINS, H_PATH);
+       build_plugin_checksums(P_PLUGINS, P_PATH);
+       build_plugin_checksums(C_PLUGINS, C_PATH);
+
        printf("};\n");
        printf("\n");
        printf("int checksum_count = countof(checksums);\n");