various PTS fixes
authorAndreas Steffen <andreas.steffen@strongswan.org>
Tue, 17 Jul 2012 14:38:55 +0000 (16:38 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Tue, 17 Jul 2012 14:38:55 +0000 (16:38 +0200)
src/libpts/plugins/imv_attestation/attest_db.c
src/libpts/pts/components/ita/ita_comp_ima.c
src/libpts/pts/pts_database.c
src/libpts/pts/pts_file_meas.c

index 13a9f9a..b345fc0 100644 (file)
@@ -1156,6 +1156,8 @@ METHOD(attest_db_t, add, bool,
                                                                                                this->relative, this->algo);
                if (!measurements)
                {
+                       printf("file measurement failed\n");
+                       hasher->destroy(hasher);
                        return FALSE;
                }
                if (this->fid && this->relative)
index b41e863..576b9de 100644 (file)
@@ -31,7 +31,7 @@
 #define SECURITY_DIR                           "/sys/kernel/security/"
 #define IMA_BIOS_MEASUREMENTS          SECURITY_DIR "tpm0/binary_bios_measurements"
 #define IMA_RUNTIME_MEASUREMENTS       SECURITY_DIR "ima/binary_runtime_measurements"
-#define IMA_MEASUREMENT_BATCH_SIZE     1000
+#define IMA_MEASUREMENT_BATCH_SIZE     200
 #define IMA_EVENT_NAME_LEN_MAX         255
 #define IMA_PCR                                                10
 #define IMA_PCR_MAX                                    16
index 1c1812a..7d6e6ab 100644 (file)
@@ -130,10 +130,10 @@ METHOD(pts_database_t, check_file_measurement, status_t,
        status_t status;
 
        e = this->db->query(this->db,
-               "SELECT fh.hash FROM file_hashes AS fh"
-               "JOIN files AS f ON f.id = fh.file"
+               "SELECT fh.hash FROM file_hashes AS fh "
+               "JOIN files AS f ON f.id = fh.file "
                "JOIN products AS p ON p.id = fh.product "
-               "WHERE p.product = ? AND f.file = ? AND fh.algo = ?",
+               "WHERE p.name = ? AND f.path = ? AND fh.algo = ?",
                DB_TEXT, product, DB_TEXT, filename, DB_INT, algo, DB_BLOB);
        if (!e)
        {
index 4eb359c..c196189 100644 (file)
@@ -129,7 +129,7 @@ METHOD(pts_file_meas_t, check, bool,
                switch (status)
                {
                        case SUCCESS:
-                               status_msg = "ok";
+                               status_msg = "is ok";
                                count_ok++;
                                break;
                        case NOT_FOUND:
@@ -144,7 +144,7 @@ METHOD(pts_file_meas_t, check, bool,
                        default:
                                status_msg = "failed";
                }
-               DBG2(DBG_PTS, "  %#B for '%s' %s", &entry->measurement,
+               DBG2(DBG_PTS, "  %#B for '%s' %s", &entry->measurement,
                         entry->filename, status_msg);
        }
        enumerator->destroy(enumerator);