colin
/
tripwire-open-source
mirror of https://github.com/Tripwire/tripwire-open-source.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/brc0x1/tripwire-open-source

This commit is contained in:
Brian Cox 2016-04-11 11:46:42 -07:00
parent 12cef61f40 30d4275007
commit 2cff64ebe7
19 changed files with 117 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
MAINTAINERS
View File

@ -1,6 +1,6 @@
Open Source Tripwire Maintainers:
bcox@tripwire.com
Brian Cox (bcox [at] tripwire.com)
tripwire@frlinux.net (maintains the fork at github.com/frlinux/tripwire-open-source)
Previous Maintainer:

4
man/man8/tripwire.8
View File

@ -273,6 +273,7 @@ lbw(1.2i) lb.
-x \fIsection\fP --section \fIsection\fP
-M --email-report
-t \fR{ 0|1|2|3|4 }\fP --email-report-level \fR{ 0|1|2|3|4 }\fP
-h --hexadecimal
.TE
.RI "[ " object1 " [ " object2... " ]]"
.RE
@ -369,6 +370,9 @@ EMAILREPORTLEVEL variable in the configuration file. \fIlevel\fR must
be a number from 0\ to\ 4.
Valid only with (\fB\(hyM\fP).
.TP
.BR \(hyh ", " --hexadecimal
Display hash values as hexadecimal in email reports
.TP
.RI "[ " object1 " [ " object2... " ]]"
List of files and directories that should be integrity checked.
Default is all files. If files are specified for checking, the

8
man/man8/twprint.8
View File

@ -53,6 +53,7 @@ lbw(1.2i) lb.
-m r --print-report
-v --verbose
-s --silent\fR,\fP --quiet
-h --hexadecimal
-c \fIcfgfile\fP --cfgfile \fIcfgfile\fP
-r \fIreport\fP --twrfile \fIreport\fP
-L \fIlocalkey\fP --local-keyfile \fIlocalkey\fP
@ -69,6 +70,9 @@ Verbose output mode. Mutually exclusive with (\fB\(hys\fR).
.BR \(hys ", " --silent ", " --quiet
Silent output mode. Mutually exclusive with (\fB\(hyv\fR).
.TP
.BR \(hyh ", " --hexadecimal
Display hash values as hexadecimal.
.TP
.BI \(hyc " cfgfile\fR, " --cfgfile " cfgfile"
Use the specified configuration file.
.TP
@ -92,6 +96,7 @@ lbw(1.2i) lb.
-m d --print-dbfile
-v --verbose
-s --silent\fR,\fP --quiet
-h --hexadecimal
-c \fIcfgfile\fP --cfgfile \fIcfgfile\fP
-d \fIdatabase\fP --dbfile \fIdatabase\fP
-L \fIlocalkey\fP --local-keyfile \fIlocalkey\fP
@ -108,6 +113,9 @@ Verbose output mode. Mutually exclusive with (\fB\(hys\fR).
.BR \(hys ", " --silent ", " --quiet
Silent output mode. Mutually exclusive with (\fB\(hyv\fR).
.TP
.BR \(hyh ", " --hexadecimal
Display hash values as hexadecimal.
.TP
.BI \(hyc " cfgfile\fR, " --cfgfile " cfgfile"
Use the specified configuration file.
.TP

4
src/core/fsservices.h
View File

@ -128,7 +128,9 @@ struct cFSStatArgs {
TY_CHARDEV,
TY_SYMLINK,
TY_FIFO,
TY_SOCK
TY_SOCK,
TY_DOOR,
TY_PORT
};
// attr is fs dependent?

30
src/core/unixfsservices.cpp
View File

@ -381,14 +381,21 @@ void cUnixFSServices::Stat( const TSTRING& strNameC, cFSStatArgs& stat) const th
stat.blocks = statbuf.st_blocks;
// set the file type
if(S_ISREG(statbuf.st_mode)) stat.mFileType = cFSStatArgs::TY_FILE;
if(S_ISREG(statbuf.st_mode)) stat.mFileType = cFSStatArgs::TY_FILE;
else if(S_ISDIR(statbuf.st_mode)) stat.mFileType = cFSStatArgs::TY_DIR;
else if(S_ISLNK(statbuf.st_mode)) stat.mFileType = cFSStatArgs::TY_SYMLINK;
else if(S_ISBLK(statbuf.st_mode)) stat.mFileType = cFSStatArgs::TY_BLOCKDEV;
else if(S_ISCHR(statbuf.st_mode)) stat.mFileType = cFSStatArgs::TY_CHARDEV;
else if(S_ISFIFO(statbuf.st_mode)) stat.mFileType = cFSStatArgs::TY_FIFO;
else if(S_ISSOCK(statbuf.st_mode)) stat.mFileType = cFSStatArgs::TY_SOCK;
else stat.mFileType = cFSStatArgs::TY_INVALID;
#ifdef S_IFDOOR
else if(S_ISDOOR(statbuf.st_mode)) stat.mFileType = cFSStatArgs::TY_DOOR;
#endif
#ifdef S_IFPORT
else if(S_ISPORT(statbuf.st_mode)) stat.mFileType = cFSStatArgs::TY_PORT;
#endif
else stat.mFileType = cFSStatArgs::TY_INVALID;
}
void cUnixFSServices::GetMachineName( TSTRING& strName ) const throw( eFSServices )
@ -589,18 +596,29 @@ void cUnixFSServices::ConvertModeToString( uint64 perm, TSTRING& tstrPerm ) cons
{
case S_IFDIR:
szPerm[0] = _T('d');
break;
break;
case S_IFCHR:
szPerm[0] = _T('c');
break;
break;
case S_IFBLK:
szPerm[0] = _T('b');
break;
break;
case S_IFIFO:
szPerm[0] = _T('p');
break;
break;
case S_IFLNK:
szPerm[0] = _T('l');
break;
#ifdef S_IFDOOR
case S_IFDOOR:
szPerm[0] = _T('D');
break;
#endif
#ifdef S_IFPORT
case S_IFPORT:
szPerm[0] = _T('P');
break;
#endif
break;
}

26
src/fco/signature.cpp
View File

@ -97,6 +97,7 @@ iFCOProp::CmpResult iSignature::Compare(const iFCOProp* rhs, Op op) const
return (op == iFCOProp::OP_NE) ? iFCOProp::CMP_TRUE : iFCOProp::CMP_FALSE;
}
bool cArchiveSigGen::mHex = false;
void cArchiveSigGen::AddSig( iSignature* pSig )
{
@ -129,6 +130,16 @@ void cArchiveSigGen::CalculateSignatures( cArchive& a )
mSigList[i]->Finit();
}
bool cArchiveSigGen::Hex()
{
return mHex;
}
void cArchiveSigGen::SetHex(bool hex)
{
mHex = hex;
}
///////////////////////////////////////////////////////////////////////////////
// btob64 -- convert arbitrary bits to base 64 string
//
@ -399,6 +410,9 @@ void cCRC32Signature::Finit()
// mCRC
TSTRING cCRC32Signature::AsString() const
{
if (cArchiveSigGen::Hex())
return AsStringHex();
TSTRING ret;
char *ps_signature;
char buf[100];
@ -505,6 +519,9 @@ void cMD5Signature::Finit()
// AsString -- Converts to Base64 representation and returns a TSTRING
TSTRING cMD5Signature::AsString() const
{
if (cArchiveSigGen::Hex())
return AsStringHex();
TSTRING ret;
char buf[24];
int length;
@ -626,6 +643,9 @@ void cSHASignature::Finit()
#ifdef HAVE_OPENSSL_SHA_H
TSTRING cSHASignature::AsString(void) const
{
if (cArchiveSigGen::Hex())
return AsStringHex();
TSTRING ret;
char* ps_signature;
char buf[100];
@ -704,6 +724,9 @@ bool cSHASignature::IsEqual(const iSignature& rhs) const
TSTRING cSHASignature::AsString(void) const
{
if (cArchiveSigGen::Hex())
return AsStringHex();
TSTRING ret;
char* ps_signature;
char buf[100];
@ -812,6 +835,9 @@ void cHAVALSignature::Finit()
// AsString -- Returns Base64 representation of mSignature in a TSTRING
TSTRING cHAVALSignature::AsString() const
{
if (cArchiveSigGen::Hex())
return AsStringHex();
TSTRING ret;
char buf[24];
int length;

7
src/fco/signature.h
View File

@ -75,6 +75,8 @@
// TODO: figure out a way to do this without including these headers.
// pool of objects?
///////////////////////////////////////////////////////////////////////////////
// class iSignatrue -- Interface all signatures will implement.
///////////////////////////////////////////////////////////////////////////////
@ -145,6 +147,9 @@ public:
// produces signature of archive for all signatures in the list
// remember to rewind archive!
static bool Hex();
static void SetHex(bool);
private:
// don't let C++ create these functions
cArchiveSigGen( const cArchiveSigGen& );
@ -152,6 +157,8 @@ private:
typedef std::vector< iSignature* > container_type;
container_type mSigList;
static bool mHex;
};

6
src/fs/fsdatasourceiter.cpp
View File

@ -249,6 +249,12 @@ bool cFSDataSourceIter::InitializeTypeInfo(iFCO* pFCO)
case cFSStatArgs::TY_SOCK:
propSet.SetFileType(cFSPropSet::FT_SOCK);
break;
case cFSStatArgs::TY_DOOR:
propSet.SetFileType(cFSPropSet::FT_DOOR);
break;
case cFSStatArgs::TY_PORT:
propSet.SetFileType(cFSPropSet::FT_PORT);
break;
default:
// set it to invalid
propSet.SetFileType(cFSPropSet::FT_INVALID);

6
src/fs/fspropcalc.cpp
View File

@ -255,6 +255,12 @@ void cFSPropCalc::VisitFSObject(cFSObject& obj)
case cFSStatArgs::TY_SOCK:
propSet.SetFileType(cFSPropSet::FT_SOCK);
break;
case cFSStatArgs::TY_DOOR:
propSet.SetFileType(cFSPropSet::FT_DOOR);
break;
case cFSStatArgs::TY_PORT:
propSet.SetFileType(cFSPropSet::FT_PORT);
break;
default:
// set it to invalid
propSet.SetFileType(cFSPropSet::FT_INVALID);

4
src/fs/fspropset.cpp
View File

@ -58,7 +58,9 @@ TSTRING cFCOPropFileType::AsString() const
fs::STR_FT_CHARDEV,
fs::STR_FT_SYMLINK,
fs::STR_FT_FIFO,
fs::STR_FT_SOCK
fs::STR_FT_SOCK,
fs::STR_FT_DOOR,
fs::STR_FT_PORT
};
int32 fileType = GetValue();

2
src/fs/fspropset.h
View File

@ -109,6 +109,8 @@ public:
FT_SYMLINK,
FT_FIFO,
FT_SOCK,
FT_DOOR,
FT_PORT,
FT_NUMITEMS
};

2
src/fs/fsstrings.cpp
View File

@ -49,6 +49,8 @@ TSS_BeginStringtable( cFS )
TSS_StringEntry( fs::STR_FT_SYMLINK, _T("Symbolic Link") ),
TSS_StringEntry( fs::STR_FT_FIFO, _T("FIFO") ),
TSS_StringEntry( fs::STR_FT_SOCK, _T("Socket") ),
TSS_StringEntry( fs::STR_FT_DOOR, _T("Door") ),
TSS_StringEntry( fs::STR_FT_PORT, _T("Event Port") ),
// property names
TSS_StringEntry( fs::STR_PROP_DEV, _T("Device Number") ),

2
src/fs/fsstrings.h
View File

@ -53,6 +53,8 @@ TSS_BeginStringIds( fs )
STR_FT_SYMLINK,
STR_FT_FIFO,
STR_FT_SOCK,
STR_FT_DOOR,
STR_FT_PORT,
// property names
STR_PROP_DEV,

1
src/tripwire/tripwirestrings.cpp
View File

@ -89,6 +89,7 @@ TSS_BeginStringtable( cTripwire )
_T(" -m c --check\n")
_T(" -I --interactive\n")
_T(" -v --verbose\n")
_T(" -h --hexadecimal\n")
_T(" -s --silent, --quiet\n")
_T(" -c cfgfile --cfgfile cfgfile\n")
_T(" -p polfile --polfile polfile\n")

10
src/tripwire/twcmdline.cpp
View File

@ -66,6 +66,7 @@
#include <set>
#include "fco/parsergenreutil.h" // this is needed to figure out if a path is fully qualified for the current genre.
#include "tw/fcodatabasefile.h"
#include "fco/signature.h"
#include "fco/genreswitcher.h"
#include "generatedb.h"
#include "integritycheck.h"
@ -829,7 +830,8 @@ void cTWModeIC::InitCmdLineParser(cCmdLineParser& cmdLine)
cmdLine.AddArg(cTWCmdLine::RULE_NAME, TSTRING(_T("R")), TSTRING(_T("rule-name")), cCmdLineParser::PARAM_ONE);
cmdLine.AddArg(cTWCmdLine::GENRE_NAME, TSTRING(_T("x")), TSTRING(_T("section")), cCmdLineParser::PARAM_ONE);
cmdLine.AddArg(cTWCmdLine::PARAMS, TSTRING(_T("")), TSTRING(_T("")), cCmdLineParser::PARAM_MANY);
cmdLine.AddArg(cTWCmdLine::HEXADECIMAL, TSTRING(_T("h")), TSTRING(_T("hexadecimal")), cCmdLineParser::PARAM_NONE);
// multiple levels of reporting
cmdLine.AddArg(cTWCmdLine::REPORTLEVEL, TSTRING(_T("t")), TSTRING(_T("email-report-level")), cCmdLineParser::PARAM_ONE);
@ -838,6 +840,8 @@ void cTWModeIC::InitCmdLineParser(cCmdLineParser& cmdLine)
cmdLine.AddArg(cTWCmdLine::USE_GMMS, TSTRING(_T("g")), TSTRING(_T("gmms")), cCmdLineParser::PARAM_NONE);
cmdLine.AddArg(cTWCmdLine::GMMS_VERBOSITY, TSTRING(_T("b")), TSTRING(_T("gmms-verbosity")), cCmdLineParser::PARAM_ONE);
#endif
// mutual exclusion...
// you can't specify any of these 3 things together...
@ -967,6 +971,10 @@ bool cTWModeIC::Init(const cConfigFile& cf, const cCmdLineParser& cmdLine)
ASSERT(iter.NumParams() > 0);
mpData->mGenreName = iter.ParamAt(0);
break;
case cTWCmdLine::HEXADECIMAL:
cArchiveSigGen::SetHex(true);
break;
case cTWCmdLine::PARAMS:
{
// pack all of these onto the files to check list...

3
src/tripwire/twcmdline.h
View File

@ -137,7 +137,8 @@ public:
SITE_PASSPHRASE,
TEST_EMAIL,
REPORTLEVEL,
HEXADECIMAL,
#ifdef GMMS
USE_GMMS,
GMMS_VERBOSITY,

8
src/twprint/twprintcmdline.cpp
View File

@ -66,6 +66,8 @@
#include "fco/twfactory.h"
#include "fco/fcospeclist.h" // cFCOSpecList
#include "fco/fcopropdisplayer.h"
#include "fco/signature.h"
#include <set>
///////////////////////////////////////////////////////////////////////////////
@ -118,6 +120,9 @@ static void InitCmdLineCommon(cCmdLineParser& parser)
// unattended operation
parser.AddArg(cTWPrintCmdLine::PASSPHRASE, TSTRING(_T("P")), TSTRING(_T("passphrase")), cCmdLineParser::PARAM_ONE);
parser.AddArg(cTWPrintCmdLine::HEXADECIMAL, TSTRING(_T("h")), TSTRING(_T("hexadecimal")), cCmdLineParser::PARAM_NONE);
// the paramters to the command line ... for now, this will take "many", even though in some
// modes, this is not valid to do...
@ -276,6 +281,9 @@ static void FillOutCmdLineInfo(cTWPrintModeCommon* pModeInfo, const cCmdLinePars
ASSERT(iter.NumParams() > 0); // should be caught by cmd line parser
pModeInfo->mSiteKeyFile = iter.ParamAt(0);
break;
case cTWPrintCmdLine::HEXADECIMAL:
cArchiveSigGen::SetHex(true);
break;
case cTWPrintCmdLine::PASSPHRASE:
{
// this bites! I have to make sure it is a narrow char string

1
src/twprint/twprintcmdline.h
View File

@ -89,6 +89,7 @@ public:
PASSPHRASE,
REPORTLEVEL,
HEXADECIMAL,
PARAMS, // the final parameters

2
src/twprint/twprintstrings.cpp
View File

@ -56,6 +56,7 @@ TSS_BeginStringtable( cTWPrint )
_T("Print Database mode:\n")
_T(" -m d --print-dbfile\n")
_T(" -v --verbose\n")
_T(" -h --hexadecimal\n")
_T(" -s --silent, --quiet\n")
_T(" -c cfgfile --cfgfile cfgfile\n")
_T(" -d database --dbfile database\n")
@ -70,6 +71,7 @@ TSS_BeginStringtable( cTWPrint )
_T("Print Report mode:\n")
_T(" -m r --print-report\n")
_T(" -v --verbose\n")
_T(" -h --hexadecimal\n")
_T(" -s --silent, --quiet\n")
_T(" -c cfgfile --cfgfile cfgfile\n")
_T(" -r report --twrfile report\n")