colin
/
tripwire-open-source
mirror of https://github.com/Tripwire/tripwire-open-source.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix non-OpenSSL SHA brokenness; fix OpenSolaris/OpenIndiana build issue; tweak filelist in touchconfig script; update ChangeLog, RPM spec, & MAINTAINERS

This commit is contained in:
Brian Cox 2016-03-26 01:08:03 -07:00
parent 82fbd232c8
commit 184bfe63eb
8 changed files with 130 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
ChangeLog
View File

@ -1,3 +1,16 @@
2016-03-25 Brian Cox <bcox@tripwire.com>
* Bumping version to 2.4.3.0
* Compilation fixes for gcc 4.7+ and LLVM/clang
(see http://www.linuxfromscratch.org/blfs/view/svn/postlfs/tripwire.html )
* Absorb fixes from FreeBSD ports patchset
(see http://svnweb.freebsd.org/ports/head/security/tripwire/ )
* Fix handling of SHA hashes when not built to use OpenSSL implementation
* Update GNU config.guess & config.sub to current versions
* Compilation fixes for assorted platforms
(Mac OS X, OpenBSD, OpenSolaris, Cygwin, Minix 3.x, GNU/Hurd, Haiku, Syllable)
* Added script to bump buildys file timestaps, to fix
spurious aclocal/automake errors on a fresh clone/untar/etc.
2011-11-21 Stephane Dudzinski <tripwire@frlinux.net>
* Bumping version to 2.4.2.2

3
MAINTAINERS
View File

@ -1,6 +1,7 @@
Open Source Tripwire Maintainers:
tripwire@frlinux.net
bcox@tripwire.com
tripwire@frlinux.net (maintains the fork at github.com/frlinux/tripwire-open-source)
Previous Maintainer:

2
src/core/sha.cpp
View File

@ -319,7 +319,7 @@ void shsFinal(SHS_INFO *shsInfo)
shsTransform( shsInfo );
#ifndef WORDS_BIGENDIAN
byteReverse( shsInfo->data, SHS_BLOCKSIZE );
byteReverse( shsInfo->data, SHS_DIGESTSIZE );
#endif /* #ifndef WORDS_BIGENDIAN */
}

2
src/cryptlib/integer.cpp
View File

@ -13,6 +13,8 @@
#include "algebra.cpp"
#include "eprecomp.cpp"
#include <string.h>
#define MAKE_DWORD(lowWord, highWord) ((dword(highWord)<<WORD_BITS) | (lowWord))
union dword_union

136
src/fco/signature.cpp
View File

@ -169,7 +169,7 @@ char* btob64(const register byte* pcbitvec, register char* pcout, int numbits)
}
*pcout = '\0';
return (char *) pcorig;
}
@ -216,7 +216,7 @@ void cNullSignature::Init()
{
}
void cNullSignature::Update( const byte* pbData, int cbDataLen )
void cNullSignature::Update( const byte* const pbData, int cbDataLen )
{
}
@ -292,8 +292,9 @@ void cChecksumSignature::Init()
{
}
void cChecksumSignature::Update( const byte* pbData, int cbDataLen )
void cChecksumSignature::Update( const byte* const pbDataC, int cbDataLen )
{
byte* pbData = (byte*)pbDataC;
for( int i = 0; i < cbDataLen; i++, pbData++ )
mChecksum += *pbData;
}
@ -382,7 +383,7 @@ void cCRC32Signature::Init()
crcInit( mCRCInfo );
}
void cCRC32Signature::Update( const byte* pbData, int cbDataLen )
void cCRC32Signature::Update( const byte* const pbData, int cbDataLen )
{
ASSERT( sizeof( byte ) == sizeof( uint8 ) );
crcUpdate( mCRCInfo, (uint8*)pbData, cbDataLen );
@ -481,7 +482,7 @@ void cMD5Signature::Init()
#endif
}
void cMD5Signature::Update( const byte* pbData, int cbDataLen )
void cMD5Signature::Update( const byte* const pbData, int cbDataLen )
{
#ifdef HAVE_OPENSSL_MD5_H
MD5_Update( &mMD5Info, (uint8*)pbData, cbDataLen );
@ -519,6 +520,7 @@ TSTRING cMD5Signature::AsString() const
#else
ret.append(buf);
#endif
return ret;
//return ret;
//ret holds base64 representation of digest.
@ -583,7 +585,9 @@ IMPLEMENT_TYPEDSERIALIZABLE(cSHASignature, _T("cSHASignature"), 0, 1)
cSHASignature::cSHASignature()
{
memset( &mSHAInfo, 0, sizeof( mSHAInfo ) );
#ifdef HAVE_OPENSSL_SHA_H
memset( sha_digest, 0, SHA_DIGEST_LENGTH );
#endif
}
cSHASignature::~cSHASignature()
@ -598,7 +602,7 @@ void cSHASignature::Init()
#endif
}
void cSHASignature::Update( const byte* pbData, int cbDataLen )
void cSHASignature::Update( const byte* const pbData, int cbDataLen )
{
ASSERT( sizeof( byte ) == sizeof( uint8 ) );
#ifdef HAVE_OPENSSL_SHA_H
@ -614,67 +618,94 @@ void cSHASignature::Finit()
SHA1_Final( (unsigned char *)sha_digest, &mSHAInfo );
#else
shsFinal( &mSHAInfo );
bcopy(&mSHAInfo.digest, sha_digest, SHA_DIGEST_LENGTH);
{
/* sha_digest is a byte array, so can't be in
* host order.
*/
int i;
uint32 *j = (uint32 *)sha_digest;
uint32 *k = (uint32 *)&mSHAInfo.digest;
for(int i=0; i<SIG_UINT32_SIZE; i++)
# ifdef WORDS_BIGENDIAN
j[i] = k[i];
# else
j[i] = ( (k[i] & 0x00ff) << 24 ) | ( (k[i] & 0xff00) << 8)|
( (k[i] >> 8) & 0xff00 ) | ( (k[i] >> 24) & 0x00ff );
# endif //WORDS_BIGENDIAN
}
#endif
}
////////////////////////////////////////////////////////////////////////////////
// AsString -- Converts to Base64 representation and returns a TSTRING
#ifdef HAVE_OPENSSL_SHA_H
TSTRING cSHASignature::AsString(void) const
{
TSTRING ret;
char* ps_signature;
char buf[100];
int length;
ps_signature = btob64((uint8*)sha_digest, buf, SIG_UINT32_SIZE*sizeof(uint32)*8);
//converting to base64 representation.
length = strlen(ps_signature);
#ifdef _UNICODE //making it TSTRING sensitive
ret.resize(length);
mbstowcs((TCHAR*) ret.data(), ps_signature, length);
TSTRING ret;
char*
char buf[100];
int length;
ps_signature = btob64((uint8*)sha_digest, buf, SIG_UINT32_SIZE*sizeof(uint32)*8);
//converting to base64 representation.
length = strlen(ps_signature);
#ifdef _UNICODE //making it TSTRING sensitive
ret.resize(length);
mbstowcs((TCHAR*) ret.data(), ps_signature, length);
#else
ret.append(ps_signature);
ret.append(ps_signature);
#endif
return ret;
return ret;
//return ret;
}
TSTRING cSHASignature::AsStringHex() const
TSTRING cSHASignature::AsStringHex() const
{
TSTRING ret;
TCHAR stringBuffer[128];
TCHAR sigStringOut[128];
sigStringOut[0] = '\0';
uint8 *dbuf = (uint8 *)sha_digest;
TSTRING ret;
for (int i=0; i < SIG_UINT32_SIZE*(int)sizeof(uint32); ++i)
{
_stprintf(stringBuffer, _T("%02x"), dbuf[i]);
_tcscat(sigStringOut, stringBuffer);
}
ret.append(sigStringOut);
return ret;
TCHAR stringBuffer[128];
TCHAR sigStringOut[128];
sigStringOut[0] = '\0';
uint8 *dbuf = (uint8 *)sha_digest;
for (int i=0; i < SIG_UINT32_SIZE*(int)sizeof(uint32); ++i)
{
_stprintf(stringBuffer, _T("%02x"), dbuf[i]);
_tcscat(sigStringOut, stringBuffer);
}
ret.append(sigStringOut);
return ret;
}
#else // HAVE_OPENSSL_SHA_H
TSTRING cSHASignature::AsString(void) const
{
TSTRING ret;
char* ps_signature;
char buf[100];
buf[99]=0;
ps_signature = pltob64((uint32*)mSHAInfo.digest, buf, SIG_UINT32_SIZE);
//converting to base64 representation.
#ifdef _UNICODE //making it TSTRING sensitive
int length = strlen(ps_signature);
ret.resize(length);
mbstowcs((TCHAR*) ret.data(), ps_signature, length);
#else
ret.append(ps_signature);
#endif
return ret;
//return ret;
}
TSTRING cSHASignature::AsStringHex() const
{
TSTRING ret;
TCHAR stringBuffer[128];
TCHAR sigStringOut[128];
sigStringOut[0] = '\0';
for (int i=0; i < SIG_UINT32_SIZE; ++i)
{
_stprintf(stringBuffer, _T("%08x"), mSHAInfo.digest[i]);
_tcscat(sigStringOut, stringBuffer);
}
ret.append(sigStringOut);
return ret;
}
#endif
///////////////////////////////////////////////////////////////////////////////
// Copy -- Copies a new sig value from a base pointer
void cSHASignature::Copy(const iFCOProp* rhs)
@ -732,7 +763,7 @@ void cHAVALSignature::Init()
haval_start( &mHavalState );
}
void cHAVALSignature::Update( const byte* pbData, int cbDataLen )
void cHAVALSignature::Update( const byte* const pbData, int cbDataLen )
{
haval_hash( &mHavalState, (uint8*)pbData, cbDataLen );
}
@ -760,6 +791,7 @@ TSTRING cHAVALSignature::AsString() const
#else
ret.append(buf);
#endif
return ret;
//return ret;
//ret holds base64 representation of digest.

27
src/fco/signature.h
View File

@ -98,7 +98,7 @@ public:
//
virtual void Init () = 0;
// call before beginning hashing
virtual void Update( const byte* pbData, int cbDataLen ) = 0;
virtual void Update( const byte* const pbData, int cbDataLen ) = 0;
// may be called multiple times -- best to call with blocks of size SUGGESTED_BLOCK_SIZE,
// but can handle any size data.
virtual void Finit () = 0;
@ -168,7 +168,7 @@ public:
virtual ~cNullSignature();
virtual void Init ();
virtual void Update( const byte* pbData, int cbDataLen );
virtual void Update( const byte* const pbData, int cbDataLen );
virtual void Finit ();
virtual TSTRING AsString() const;
virtual TSTRING AsStringHex() const;
@ -195,7 +195,7 @@ public:
virtual ~cChecksumSignature();
virtual void Init ();
virtual void Update( const byte* pbData, int cbDataLen );
virtual void Update( const byte* const pbData, int cbDataLen );
virtual void Finit ();
virtual TSTRING AsString() const;
virtual TSTRING AsStringHex() const;
@ -223,7 +223,7 @@ public:
virtual ~cCRC32Signature();
virtual void Init ();
virtual void Update( const byte* pbData, int cbDataLen );
virtual void Update( const byte* const pbData, int cbDataLen );
virtual void Finit ();
virtual TSTRING AsString() const;
@ -252,7 +252,7 @@ public:
virtual ~cMD5Signature();
virtual void Init ();
virtual void Update( const byte* pbData, int cbDataLen );
virtual void Update( const byte* const pbData, int cbDataLen );
virtual void Finit ();
virtual TSTRING AsString() const;
virtual TSTRING AsStringHex() const;
@ -281,7 +281,7 @@ public:
virtual ~cSHASignature();
virtual void Init ();
virtual void Update( const byte* pbData, int cbDataLen );
virtual void Update( const byte* const pbData, int cbDataLen );
virtual void Finit ();
virtual TSTRING AsString() const;
virtual TSTRING AsStringHex() const;
@ -291,12 +291,17 @@ public:
virtual void Write(iSerializer* pSerializer) const;
protected:
enum { SIG_UINT32_SIZE = SHA_DIGEST_LENGTH/4 };
SHA_CTX mSHAInfo;
virtual bool IsEqual(const iSignature& rhs) const;
#ifdef HAVE_OPENSSL_SHA_H
enum { SIG_UINT32_SIZE = SHA_DIGEST_LENGTH/4 };
SHA_CTX mSHAInfo;
uint32 sha_digest[SHA_DIGEST_LENGTH/4];
#else
enum { SIG_UINT32_SIZE = 5 };
SHS_INFO mSHAInfo;
#endif
};
///////////////////////////////////////////////////////////////////////////////
@ -312,7 +317,7 @@ public:
virtual ~cHAVALSignature();
virtual void Init ();
virtual void Update( const byte* pbData, int cbDataLen );
virtual void Update( const byte* const pbData, int cbDataLen );
virtual void Finit ();
virtual TSTRING AsString() const;
virtual TSTRING AsStringHex() const;

2
touchconfig.sh
View File

@ -4,5 +4,5 @@
# and insists they need to be regenerated, though they really don't.
# This script bumps the timestamps on the right files in the right order,
# such that they don't all match, and make can proceed on its way.
touch configure.ac aclocal.m4 configure Makefile.am Makefile.in
touch configure.in acinclude.m4 aclocal.m4 configure Makefile.am Makefile.in

12
tripwire.spec
View File

@ -8,7 +8,7 @@ Summary: IDS (Intrusion Detection System)
License: GPL
Group: Applications/System
Source0: http://download.sourceforge.net/tripwire/tripwire-%{version}-src.tar.bz2
Source0: https://github.com/Tripwire/tripwire-open-source/archive/master.zip
Source1: tripwire.cron.in
Source3: tripwire.gif
Source4: twcfg.txt.in
@ -144,6 +144,16 @@ post
%changelog
2016-03-25
* Fri Mar 25 2016 Brian Cox <bcox@tripwire.com> 2.4.3.0
- Bumping version to 2.4.3.0
- Compilation fixes for gcc 4.7+ and LLVM/clang (see http://www.linuxfromscratch.org/blfs/view/svn/postlfs/tripwire.html )
- Absorb fixes from FreeBSD ports patchset (see http://svnweb.freebsd.org/ports/head/security/tripwire/ )
- Fix handling of SHA hashes when not using OpenSSL impl
- Update GNU config.guess & config.sub to current versions
- Compilation fixes for assorted platforms (Mac OS X, OpenBSD, OpenSolaris, Cygwin, Minix 3.x, GNU/Hurd, Haiku, Syllable)
- Added script to bump buildys file timestaps, to fix spurious aclocal/automake errors on a fresh clone/untar/etc.
* Mon Nov 21 2011 Stephane Dudzinski <tripwire@frlinux.net> 2.4.2.2
- Updated spec file
- Updated version revision in reports and all