integrity test of openac and scepclient code files
authorAndreas Steffen <andreas@strongswan.org>
Mon, 17 Aug 2009 12:25:18 +0000 (14:25 +0200)
committerAndreas Steffen <andreas@strongswan.org>
Mon, 17 Aug 2009 12:25:18 +0000 (14:25 +0200)
src/checksum/Makefile.am
src/checksum/checksum_builder.c
src/openac/openac.c
src/scepclient/scepclient.c

index f9c1be2..8241012 100644 (file)
@@ -23,5 +23,10 @@ if USE_PLUTO
   libs += $(top_builddir)/src/pluto/.libs/pluto
 endif
 
+if USE_TOOLS
+  libs += $(top_builddir)/src/openac/.libs/openac
+  libs += $(top_builddir)/src/scepclient/.libs/scepclient
+endif
+
 checksum.c : checksum_builder $(libs)
                ./checksum_builder $(libs) > checksum.c
index 71cca1d..d6085f8 100644 (file)
@@ -77,6 +77,14 @@ int main(int argc, char* argv[])
                {
                        name = strdup("pluto\",");
                }
+               else if (strstr(path, "openac"))
+               {
+                       name = strdup("openac\",");
+               }
+               else if (strstr(path, "scepclient"))
+               {
+                       name = strdup("scepclient\",");
+               }
                else
                {
                        fprintf(stderr, "don't know how to handle '%s', ignored", path);
index f61a946..a8f75e0 100755 (executable)
@@ -288,6 +288,13 @@ int main(int argc, char **argv)
                library_deinit();
                exit(SS_RC_LIBSTRONGSWAN_INTEGRITY);
        }
+       if (lib->integrity &&
+               !lib->integrity->check_file(lib->integrity, "openac", argv[0]))
+       {
+               fprintf(stderr, "integrity check of openac failed\n");
+               library_deinit();
+               exit(SS_RC_DAEMON_INTEGRITY);
+       }
        lib->plugins->load(lib->plugins, IPSEC_PLUGINDIR, 
                lib->settings->get_str(lib->settings, "openac.load", PLUGINS));
 
index 88dd285..6c0166d 100644 (file)
@@ -392,6 +392,13 @@ int main(int argc, char **argv)
                library_deinit();
                exit(SS_RC_LIBSTRONGSWAN_INTEGRITY);
        }
+       if (lib->integrity &&
+               !lib->integrity->check_file(lib->integrity, "scepclient", argv[0]))
+       {
+               fprintf(stderr, "integrity check of scepclient failed\n");
+               library_deinit();
+               exit(SS_RC_DAEMON_INTEGRITY);
+       }
 
        /* initialize optionsfrom */
        options = options_create();