colin
/
tripwire-open-source
mirror of https://github.com/Tripwire/tripwire-open-source.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Report an error if requested feature isn't available on current platform -- SMTP mail, syslog, direct i/o hashing. And limit direct i/o to Linux for now, since elsewhere it either doesn't work the way we need it to (e.g. OSX, FreeBSD) or hasn't been tested adequately.

This commit is contained in:
Brian Cox 2016-07-09 10:49:14 -07:00
parent b410bdf87f
commit 2d49bf6630
9 changed files with 55 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config.h.in
View File

@ -81,6 +81,9 @@
/* Define to 1 if you have the <syslog.h> header file. */ /* Define to 1 if you have the <syslog.h> header file. */
#undef HAVE_SYSLOG_H #undef HAVE_SYSLOG_H
/* Define to 1 if you have the <sys/fs/vx_ioctl.h> header file. */
#undef HAVE_SYS_FS_VX_IOCTL_H
/* Define to 1 if you have the <sys/mount.h> header file. */ /* Define to 1 if you have the <sys/mount.h> header file. */
#undef HAVE_SYS_MOUNT_H #undef HAVE_SYS_MOUNT_H

12
configure vendored
View File

@ -5733,6 +5733,18 @@ fi
done done
for ac_header in sys/fs/vx_ioctl.h
do :
ac_fn_c_check_header_mongrel "$LINENO" "sys/fs/vx_ioctl.h" "ac_cv_header_sys_fs_vx_ioctl_h" "$ac_includes_default"
if test "x$ac_cv_header_sys_fs_vx_ioctl_h" = xyes; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_SYS_FS_VX_IOCTL_H 1
_ACEOF
fi
done
CPPFLAGS_SAVE="${CPPFLAGS}" CPPFLAGS_SAVE="${CPPFLAGS}"
CPPFLAGS="${CPPFLAGS} -Werror" CPPFLAGS="${CPPFLAGS} -Werror"

1
configure.ac
View File

@ -71,6 +71,7 @@ AC_CHECK_HEADERS(sys/ustat.h sys/sysmacros.h sys/syslog.h sys/socket.h)
AC_CHECK_HEADERS(unistd.h syslog.h langinfo.h sys/statfs.h sys/select.h) AC_CHECK_HEADERS(unistd.h syslog.h langinfo.h sys/statfs.h sys/select.h)
AC_CHECK_HEADERS(signum.h bits/signum.h, break ) AC_CHECK_HEADERS(signum.h bits/signum.h, break )
AC_CHECK_HEADERS(stdarg.h varargs.h, break ) AC_CHECK_HEADERS(stdarg.h varargs.h, break )
AC_CHECK_HEADERS(sys/fs/vx_ioctl.h)
dnl # Special case for malloc.h, because it's depreciated on most systems. dnl # Special case for malloc.h, because it's depreciated on most systems.
CPPFLAGS_SAVE="${CPPFLAGS}" CPPFLAGS_SAVE="${CPPFLAGS}"

26
src/core/file_unix.cpp
View File

@ -53,7 +53,7 @@
#include <fcntl.h> #include <fcntl.h>
#include <errno.h> #include <errno.h>
#if IS_HPUX #if HAVE_SYS_FS_VX_IOCTL_H
# include <sys/fs/vx_ioctl.h> # include <sys/fs/vx_ioctl.h>
#endif #endif
@ -235,25 +235,23 @@ void cFile::Open( const TSTRING& sFileNameC, uint32 flags )
#if IS_SOLARIS #if IS_SOLARIS
if ((flags & OPEN_DIRECT) && (flags & OPEN_SCANNING)) if ((flags & OPEN_DIRECT) && (flags & OPEN_SCANNING))
directio(fh, DIRECTIO_ON); directio(fh, DIRECTIO_ON);
#elif IS_HPUX
if (flags & OPEN_SCANNING)
{
if (flags & OPEN_DIRECT)
ioctl(fh, VX_SETCACHE, VX_DIRECT);
else
ioctl(fh, VX_SETCACHE, VX_SEQ | VX_NOREUSE);
}
#endif #endif
#if HAVE_POSIX_FADVISE
#ifdef HAVE_POSIX_FADVISE
if (flags & OPEN_SCANNING && !(flags & OPEN_DIRECT)) if (flags & OPEN_SCANNING && !(flags & OPEN_DIRECT))
{ {
posix_fadvise(fh,0,0, POSIX_FADV_SEQUENTIAL); posix_fadvise(fh,0,0, POSIX_FADV_SEQUENTIAL);
posix_fadvise(fh,0,0, POSIX_FADV_NOREUSE); posix_fadvise(fh,0,0, POSIX_FADV_NOREUSE);
} }
#elif HAVE_SYS_FS_VX_IOCTL_H
if (flags & OPEN_SCANNING)
{
if (flags & OPEN_DIRECT)
ioctl(fh, VX_SETCACHE, VX_DIRECT);
else
ioctl(fh, VX_SETCACHE, VX_SEQ | VX_NOREUSE);
}
#endif #endif
} }

1
src/core/platform.h
View File

@ -301,6 +301,7 @@
#define USES_MBLEN (!IS_ANDROID && !IS_AROS) #define USES_MBLEN (!IS_ANDROID && !IS_AROS)
#define USES_DEVICE_PATH (IS_AROS || IS_DOS_DJGPP) #define USES_DEVICE_PATH (IS_AROS || IS_DOS_DJGPP)
#define ICONV_CONST_SOURCE (IS_MINIX) #define ICONV_CONST_SOURCE (IS_MINIX)
#define SUPPORTS_DIRECT_IO (IS_LINUX) // Others may work, but only tested & verified on Linux so far.

1
src/tripwire/mailmessage.h
View File

@ -60,6 +60,7 @@ TSS_EXCEPTION( eMailSMTPSocket, eMailMessageError );
TSS_EXCEPTION( eMailSMTPOpenConnection, eMailMessageError ); TSS_EXCEPTION( eMailSMTPOpenConnection, eMailMessageError );
TSS_EXCEPTION( eMailSMTPCloseConnection, eMailMessageError ); TSS_EXCEPTION( eMailSMTPCloseConnection, eMailMessageError );
TSS_EXCEPTION( eMailSMTPServer, eMailMessageError ); TSS_EXCEPTION( eMailSMTPServer, eMailMessageError );
TSS_EXCEPTION( eMailSMTPNotSupported, eMailMessageError);
// piped // piped
TSS_EXCEPTION( eMailPipedOpen, eMailMessageError ); TSS_EXCEPTION( eMailPipedOpen, eMailMessageError );

5
src/tripwire/tripwireerrors.cpp
View File

@ -59,7 +59,7 @@ TSS_REGISTER_ERROR( eMailSMTPSocket(), _T("Socket for an SMTP conne
TSS_REGISTER_ERROR( eMailSMTPOpenConnection(), _T("The SMTP connection could not be established.") ); TSS_REGISTER_ERROR( eMailSMTPOpenConnection(), _T("The SMTP connection could not be established.") );
TSS_REGISTER_ERROR( eMailSMTPCloseConnection(), _T("The SMTP connection could not be properly closed.") ); TSS_REGISTER_ERROR( eMailSMTPCloseConnection(), _T("The SMTP connection could not be properly closed.") );
TSS_REGISTER_ERROR( eMailSMTPServer(), _T("The SMTP server returned an error.") ); TSS_REGISTER_ERROR( eMailSMTPServer(), _T("The SMTP server returned an error.") );
TSS_REGISTER_ERROR( eMailSMTPNotSupported(), _T("SMTP email is not supported on this platform") );
// Piped // Piped
TSS_REGISTER_ERROR( eMailPipedOpen(), _T("Problem opening mail pipe.") ); TSS_REGISTER_ERROR( eMailPipedOpen(), _T("Problem opening mail pipe.") );
TSS_REGISTER_ERROR( eMailPipedWrite(), _T("Problem writing to mail pipe.") ); TSS_REGISTER_ERROR( eMailPipedWrite(), _T("Problem writing to mail pipe.") );
@ -99,4 +99,7 @@ TSS_REGISTER_ERROR( eTWInvalidReportLevelCfg(), _T("Invalid reporting level
TSS_REGISTER_ERROR( eTWInvalidPortNumber(), _T("Invalid SMTP port number.\nValid ports: [0-65535]\n") ); TSS_REGISTER_ERROR( eTWInvalidPortNumber(), _T("Invalid SMTP port number.\nValid ports: [0-65535]\n") );
TSS_REGISTER_ERROR( eTWInvalidTempDirectory(), _T("Cannot access temp directory.") ); TSS_REGISTER_ERROR( eTWInvalidTempDirectory(), _T("Cannot access temp directory.") );
TSS_REGISTER_ERROR( eTWSyslogNotSupported(), _T("Syslog reporting is not supported on this platform.") );
TSS_REGISTER_ERROR( eTWDirectIONotSupported(), _T("Direct I/O hashing is not supported on this platform.") );
TSS_END_ERROR_REGISTRATION() TSS_END_ERROR_REGISTRATION()

19
src/tripwire/twcmdline.cpp
View File

@ -72,6 +72,7 @@
#include "integritycheck.h" #include "integritycheck.h"
#include "updatedb.h" #include "updatedb.h"
#include "policyupdate.h" #include "policyupdate.h"
#include "core/platform.h"
#ifdef TW_PROFILE #ifdef TW_PROFILE
#include "tasktimer.h" #include "tasktimer.h"
@ -377,6 +378,11 @@ static void FillOutConfigInfo(cTWModeCommon* pModeInfo, const cConfigFile& cf)
pModeInfo->mMailMethod = cMailMessage::NO_METHOD; pModeInfo->mMailMethod = cMailMessage::NO_METHOD;
} }
#if !SUPPORTS_NETWORKING
if (pModeInfo->mMailMethod == cMailMessage::MAIL_BY_SMTP)
throw eMailSMTPNotSupported();
#endif
// Get the SMTP server // Get the SMTP server
if(cf.Lookup(TSTRING(_T("SMTPHOST")), str)) if(cf.Lookup(TSTRING(_T("SMTPHOST")), str))
pModeInfo->mSmtpHost = str; pModeInfo->mSmtpHost = str;
@ -417,10 +423,14 @@ static void FillOutConfigInfo(cTWModeCommon* pModeInfo, const cConfigFile& cf)
// SYSLOG reporting // SYSLOG reporting
if(cf.Lookup(TSTRING(_T("SYSLOGREPORTING")), str)) if(cf.Lookup(TSTRING(_T("SYSLOGREPORTING")), str))
{ {
#if SUPPORTS_SYSLOG
if (_tcsicmp(str.c_str(), _T("true")) == 0) if (_tcsicmp(str.c_str(), _T("true")) == 0)
pModeInfo->mbLogToSyslog = true; pModeInfo->mbLogToSyslog = true;
else else
pModeInfo->mbLogToSyslog = false; pModeInfo->mbLogToSyslog = false;
#else
throw eTWSyslogNotSupported();
#endif
} }
else else
pModeInfo->mbLogToSyslog = false; pModeInfo->mbLogToSyslog = false;
@ -437,17 +447,24 @@ static void FillOutConfigInfo(cTWModeCommon* pModeInfo, const cConfigFile& cf)
int blocks = 0; int blocks = 0;
if (cf.Lookup(TSTRING(_T("HASH_DIRECT_IO")), str)) if (cf.Lookup(TSTRING(_T("HASH_DIRECT_IO")), str))
{ {
#if SUPPORTS_DIRECT_IO
if (_tcsicmp(str.c_str(), _T("true")) == 0) if (_tcsicmp(str.c_str(), _T("true")) == 0)
{ {
pModeInfo->mbDirectIO = true; pModeInfo->mbDirectIO = true;
cArchiveSigGen::SetUseDirectIO(true); cArchiveSigGen::SetUseDirectIO(true);
blocks = 1; blocks = 1;
} }
#else
throw eTWDirectIONotSupported();
#endif
} }
if (cf.Lookup(TSTRING(_T("HASH_BLOCKS")), str)) if (cf.Lookup(TSTRING(_T("HASH_BLOCKS")), str))
{ {
blocks = _ttoi( str.c_str() ); int requested_blocks = _ttoi(str.c_str());
if (requested_blocks > 0)
blocks = requested_blocks;
} }
if( blocks > 0 ) if( blocks > 0 )

3
src/tripwire/twcmdline.h
View File

@ -76,6 +76,9 @@ TSS_EXCEPTION( eTWInvalidPortNumber, eError );
TSS_EXCEPTION( eTWPassForUnencryptedDb, eError ); TSS_EXCEPTION( eTWPassForUnencryptedDb, eError );
TSS_EXCEPTION( eTWInvalidTempDirectory, eError ); TSS_EXCEPTION( eTWInvalidTempDirectory, eError );
TSS_EXCEPTION( eTWSyslogNotSupported, eError );
TSS_EXCEPTION( eTWDirectIONotSupported, eError );
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
// cTWCmdLine -- class with a bunch of static member functions helpful in parsing // cTWCmdLine -- class with a bunch of static member functions helpful in parsing
// the tripwire command line // the tripwire command line