implemented a checksum_builder tool to build the checksum library
authorMartin Willi <martin@strongswan.org>
Fri, 19 Jun 2009 09:42:54 +0000 (11:42 +0200)
committerMartin Willi <martin@strongswan.org>
Mon, 22 Jun 2009 13:47:17 +0000 (15:47 +0200)
configure.in
src/libstrongswan/Makefile.am
src/libstrongswan/checksum/.gitignore [new file with mode: 0644]
src/libstrongswan/checksum/Makefile.am [new file with mode: 0644]
src/libstrongswan/checksum/checksum_builder.c [new file with mode: 0644]

index 3ecc0b8..858914c 100644 (file)
@@ -1234,6 +1234,7 @@ AC_OUTPUT(
        src/Makefile
        src/include/Makefile
        src/libstrongswan/Makefile
+       src/libstrongswan/checksum/Makefile
        src/libstrongswan/plugins/aes/Makefile
        src/libstrongswan/plugins/des/Makefile
        src/libstrongswan/plugins/blowfish/Makefile
index da46b63..4de511e 100644 (file)
@@ -209,3 +209,5 @@ endif
 if USE_INTEGRITY_TEST
   SUBDIRS += fips
 endif
+
+SUBDIRS += checksum
diff --git a/src/libstrongswan/checksum/.gitignore b/src/libstrongswan/checksum/.gitignore
new file mode 100644 (file)
index 0000000..9956b9d
--- /dev/null
@@ -0,0 +1,2 @@
+checksum.c
+checksum_builder
diff --git a/src/libstrongswan/checksum/Makefile.am b/src/libstrongswan/checksum/Makefile.am
new file mode 100644 (file)
index 0000000..6be4e92
--- /dev/null
@@ -0,0 +1,15 @@
+ipsec_LTLIBRARIES = libchecksum.la
+noinst_PROGRAMS = checksum_builder
+
+libchecksum_la_SOURCES = checksum.c
+
+checksum_builder_SOURCES = checksum_builder.c
+checksum_builder_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
+
+BUILT_SOURCES = checksum.c
+CLEANFILES = checksum.c checksum_builder
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+
+checksum.c : checksum_builder
+               find $(top_builddir)/src/libstrongswan -name 'libstrongswan-*.so' \
+                       | xargs ./checksum_builder > checksum.c
diff --git a/src/libstrongswan/checksum/checksum_builder.c b/src/libstrongswan/checksum/checksum_builder.c
new file mode 100644 (file)
index 0000000..03b9d85
--- /dev/null
@@ -0,0 +1,105 @@
+/*
+ * Copyright (C) 2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil, Switzerland
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <dlfcn.h>
+
+#include <library.h>
+
+
+/* we need some faked symbols to load charon plugins */
+char *charon = "adsf";
+
+int main(int argc, char* argv[])
+{
+       int i;
+       integrity_checker_t *integrity;
+       
+       /* avoid confusing leak reports in build process */
+       setenv("LEAK_DETECTIVE_DISABLE", "1", 0);
+       library_init(NULL);
+       atexit(library_deinit);
+       
+       integrity = integrity_checker_create(NULL);
+       
+       printf("/**\n");
+       printf(" * checksums of files and loaded code segments.\n");
+       printf(" * created by %s\n", argv[0]);
+       printf(" */\n");
+       printf("\n");
+       printf("#include <library.h>\n");
+       printf("\n");
+       printf("integrity_checksum_t checksums[] = {\n");
+       for (i = 1; i < argc; i++)
+       {
+               char *name, *path, *sname;
+               void *handle, *symbol;
+               u_int32_t fsum, ssum;
+               
+               path = argv[i];
+               
+               if ((name = strstr(path, "libstrongswan-")))
+               {
+                       name = strdup(name + strlen("libstrongswan-"));
+                       name[strlen(name) - 3] = '"';
+                       name[strlen(name) - 2] = ',';
+                       name[strlen(name) - 1] = '\0';
+                       sname = "plugin_create";
+               }
+               else if (strstr(path, "libstrongswan.so"))
+               {
+                       name = strdup("libstrongswan\",");
+                       sname = "library_init";
+               }
+               else
+               {
+                       fprintf(stderr, "don't know how to handle '%s', ignored", path);
+                       continue;
+               }
+               
+               fsum = integrity->build_file(integrity, path);
+               ssum = 0;
+               handle = dlopen(path, RTLD_GLOBAL|RTLD_NOW);
+               if (handle)
+               {
+                       symbol = dlsym(handle, sname);
+                       if (symbol)
+                       {
+                               ssum = integrity->build_segment(integrity, symbol);
+                       }
+                       else
+                       {
+                               fprintf(stderr, "symbol lookup failed: %s\n", dlerror());
+                       }
+                       dlclose(handle);
+               }
+               else
+               {
+                       fprintf(stderr, "dlopen failed: %s\n", dlerror());
+               }
+               
+               printf("\t{\"%-20s0x%08x, 0x%08x},\n", name, fsum, ssum);
+               free(name);
+       }
+       printf("};\n");
+       printf("\n");
+       printf("int checksum_count = countof(checksums);\n");
+       printf("\n");
+       integrity->destroy(integrity);
+       
+       exit(0);
+}
+