colin
/
tripwire-open-source
mirror of https://github.com/Tripwire/tripwire-open-source.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: colin:master
Branches Tags
colin:master
colin:dev/2438
colin:2.4.3.7
colin:2.4.3.6
colin:2.4.3.5
colin:2.4.3.4
colin:2.4.3.3
colin:2.4.3.2
colin:2.4.3.1
colin:2.4.3.0
..
compare: colin:2.4.3.4
Branches Tags
colin:dev/2438
colin:master
colin:2.4.3.7
colin:2.4.3.6
colin:2.4.3.5
colin:2.4.3.4
colin:2.4.3.3
colin:2.4.3.2
colin:2.4.3.1
colin:2.4.3.0

No commits in common. "master" and "2.4.3.4" have entirely different histories.
master ... 2.4.3.4

577 changed files with 30580 additions and 39656 deletions
Show Stats Expand all files Collapse all files

115
.clang-format
View File

@ -1,115 +0,0 @@
---
Language: Cpp
AccessModifierOffset: -4
AlignAfterOpenBracket: Align
AlignConsecutiveAssignments: true
AlignConsecutiveDeclarations: true
AlignEscapedNewlines: Left
AlignOperands: true
AlignTrailingComments: true
AllowAllParametersOfDeclarationOnNextLine: true
AllowShortBlocksOnASingleLine: false
AllowShortCaseLabelsOnASingleLine: false
AllowShortFunctionsOnASingleLine: None
AllowShortIfStatementsOnASingleLine: false
AllowShortLoopsOnASingleLine: false
AlwaysBreakAfterDefinitionReturnType: None
AlwaysBreakAfterReturnType: None
AlwaysBreakBeforeMultilineStrings: false
AlwaysBreakTemplateDeclarations: false
BinPackArguments: false
BinPackParameters: false
BraceWrapping:
AfterClass: true
AfterControlStatement: true
AfterEnum: true
AfterFunction: true
AfterNamespace: true
AfterObjCDeclaration: true
AfterStruct: true
AfterUnion: true
AfterExternBlock: true
BeforeCatch: true
BeforeElse: true
IndentBraces: false
SplitEmptyFunction: true
SplitEmptyRecord: true
SplitEmptyNamespace: true
BreakBeforeBinaryOperators: None
BreakBeforeBraces: Custom
BreakBeforeInheritanceComma: false
BreakBeforeTernaryOperators: false
BreakConstructorInitializersBeforeComma: false
BreakConstructorInitializers: BeforeColon
BreakAfterJavaFieldAnnotations: false
BreakStringLiterals: true
ColumnLimit: 120
CommentPragmas: '^ IWYU pragma:'
CompactNamespaces: false
ConstructorInitializerAllOnOneLineOrOnePerLine: true
ConstructorInitializerIndentWidth: 4
ContinuationIndentWidth: 4
Cpp11BracedListStyle: true
DerivePointerAlignment: false
DisableFormat: false
ExperimentalAutoDetectBinPacking: false
FixNamespaceComments: true
ForEachMacros:
- foreach
- Q_FOREACH
- BOOST_FOREACH
IncludeBlocks: Preserve
IncludeCategories:
- Regex: '^"(llvm|llvm-c|clang|clang-c)/'
Priority: 2
- Regex: '^(<|"(gtest|gmock|isl|json)/)'
Priority: 3
- Regex: '.*'
Priority: 1
IncludeIsMainRegex: '(Test)?$'
IndentCaseLabels: false
IndentPPDirectives: AfterHash
IndentWidth: 4
IndentWrappedFunctionNames: false
JavaScriptQuotes: Leave
JavaScriptWrapImports: true
KeepEmptyLinesAtTheStartOfBlocks: true
MacroBlockBegin: ''
MacroBlockEnd: ''
MaxEmptyLinesToKeep: 2
NamespaceIndentation: None
ObjCBlockIndentWidth: 2
ObjCSpaceAfterProperty: false
ObjCSpaceBeforeProtocolList: true
PenaltyBreakAssignment: 2
PenaltyBreakBeforeFirstCallParameter: 19
PenaltyBreakComment: 300
PenaltyBreakFirstLessLess: 120
PenaltyBreakString: 1000
PenaltyExcessCharacter: 1000000
PenaltyReturnTypeOnItsOwnLine: 60
PointerAlignment: Left
RawStringFormats:
- Delimiter: pb
Language: TextProto
BasedOnStyle: google
ReflowComments: false
SortIncludes: false
SortUsingDeclarations: true
SpaceAfterCStyleCast: false
SpaceAfterTemplateKeyword: false
SpaceBeforeAssignmentOperators: true
SpaceBeforeParens: ControlStatements
SpaceInEmptyParentheses: false
SpacesBeforeTrailingComments: 1
SpacesInAngles: false
SpacesInContainerLiterals: true
SpacesInCStyleCastParentheses: false
SpacesInParentheses: false
SpacesInSquareBrackets: false
Standard: Auto
TabWidth: 4
UseTab: Never
...

5
.gitignore vendored
View File

@ -3,6 +3,7 @@ config.h
config.h.in~
config.log
config.status
compile
autom4te.cache/
bin/
lib/
@ -11,7 +12,6 @@ src/tripwire/tripwire
src/twadmin/twadmin
src/twprint/twprint
src/twtest/twtest
src/test-harness/twtest
**/Makefile
**/*.o
**/*.dylib
@ -20,9 +20,6 @@ src/test-harness/twtest
**/*.dll
**/*.exe
**/*~
**/*#
**/*.bak
**/.DS_Store
**/*.gcno
**/*.gcda
releases/

37
ChangeLog
View File

@ -1,39 +1,3 @@
2018-03-24 Brian Cox <bcox@tripwire.com>
* Update version to 2.4.3.7
* Provide a useful README.md (Github issue #17).
* Document return codes in man pages (Github issue #28).
* Update install script after testing on additional platforms.
* Provide default policies for more operating systems, and update some existing policies
* Usability tweaks to twtest.
* Fix email reporting on Syllable
* Update copyright dates to 2018
* Clean up code style with clang-format, & add a custom style that approximates existing OST usage.
* Add -t / --output-level option to print-db mode, for consistency w/ print-report mode.
* Add object list support to print-report mode, for consistency w/ print-db mode.
2017-10-01 Brian Cox <bcox@tripwire.com>
* Update version to 2.4.3.6
* Fix & expand tests in Perl acceptance test framework
* Fix & expand twtest unit tests, & rework unit test mini-framework so theyre referenced by name, not some numeric ID, and list tests as “skipped" if they dont make any test assertions.
* Add configure options to enable coverage, profiling, & use /dev/urandom as RNG (all off by default)
* Add a list make target to list all make targets
* Remove dead code & add test coverage per gcov+lcov results
* Fix various memory issues pointed out by valgrind
* In examine-encryption mode, better reporting (& nonzero exit) if we can't find a keyfile for the examined file.
* More exception handling around individual objects & init/IC as a whole, since there have been occasional reports of uncaught exceptions during init or check, and so far havent been able to repro or figure out what circumstances it occurs under. (e.g. Github issue #25)
* Tweak install.sh so it can be run directly, not just thru 'make install' if you want. (Github issue #26)
* Improve native (non-Posixy) path handling on platforms that need it (DOS, AROS, RISC OS, Redox)
* New platforms: MirOS BSD, Bitrig, LibertyBSD, RISC OS, Redox
* Add default policies for HP-UX & various BSDs
2017-03-30 Brian Cox <bcox@tripwire.com>
* Bump version to 2.4.3.5
* Fix install-strip, check, uninstall, and distcheck make targets.
* Fix GCC 7.0.x warnings; use std::unique_ptr instead of deprecated std::auto_ptr where available.
* Add --disable-extrawarnings configure option, for old compilers that dont support the -Wextra compile option.
* Clean up unit tests & enable disabled tests.
* Address more static analyzer warnings, including from CppCheck & Flawfinder
2017-03-05 Brian Cox <bcox@tripwire.com>
* Bump version to 2.4.3.4
* Fix issue with printing level 2 reports, introduced by fixing a Clang static analyzer quibble in 2.4.3.3. Sigh.
@ -64,7 +28,6 @@
* Remove dead code & unused files.
* Optional RESOLVE_IDS_TO_NAMES option to disable uid/gid to name resolution, if needed.
* New --key-size option to twadmin --generate-keys, to generate 1024 (default) or 2048 bit El Gamal keys.
2016-04-20 Brian Cox <bcox@tripwire.com>
* Bump version to 2.4.3.1
* Revive old 'twtest' unit test suite (such as it is); move _t.cpp files into twtest dir.

22
Makefile.am
View File

@ -3,23 +3,7 @@ SUBDIRS = man src
EXTRA_DIST = COMMERCIAL MAINTAINERS TRADEMARK LICENSE Packaging ReadMe-2.4.3 README.md autogen.sh autogen.sh.README touchconfig.sh contrib policy installer
install-data-hook:
INSTALL_STRIP_FLAG="$(INSTALL_STRIP_FLAG)" \
export INSTALL_STRIP_FLAG
prefix="$(prefix)" sysconfdir="$(sysconfdir)" \
path_to_vi="$(path_to_vi)" path_to_sendmail="$(path_to_sendmail)" \
$(top_srcdir)/installer/install.sh
uninstall-hook:
rm -f ${prefix}/sbin/tripwire $(prefix)/sbin/twadmin $(prefix)/sbin/twprint $(prefix)/sbin/siggen
rm -Rf $(prefix)/doc
check:
rm -Rf $(top_srcdir)/src/test-harness/twtest
rm -Rf $(top_srcdir)/bin/TWTestData
cd $(top_srcdir)/src/test-harness && perl ./twtest.pl
cd $(top_srcdir)/bin && ./twtest all
test: check
.PHONY: targets
targets:
@$(MAKE) -pRrq -f $(lastword $(MAKEFILE_LIST)) : 2>/dev/null | awk -v RS= -F: '/^# File/,/^# Finished Make data base/ {if ($$1 !~ "^[#.]") {print $$1}}' | sort | egrep -v -e '^[^[:alnum:]]' -e '^$@$$' | xargs
path_to_vi="$(path_to_vi)" path_to_sendmail="$(path_to_sendmail)" \
./installer/install.sh

42
Makefile.in
View File

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.15.1 from Makefile.am.
# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2017 Free Software Foundation, Inc.
# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -307,6 +307,7 @@ pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
@ -546,7 +547,7 @@ distdir: $(DISTFILES)
! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \
|| chmod -R a+r "$(distdir)"
dist-gzip: distdir
tardir=$(distdir) && $(am__tar) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).tar.gz
tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz
$(am__post_remove_distdir)
dist-bzip2: distdir
@ -572,7 +573,7 @@ dist-shar: distdir
@echo WARNING: "Support for shar distribution archives is" \
"deprecated." >&2
@echo WARNING: "It will be removed altogether in Automake 2.0" >&2
shar $(distdir) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).shar.gz
shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz
$(am__post_remove_distdir)
dist-zip: distdir
@ -590,7 +591,7 @@ dist dist-all:
distcheck: dist
case '$(DIST_ARCHIVES)' in \
*.tar.gz*) \
eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).tar.gz | $(am__untar) ;;\
GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\
*.tar.bz2*) \
bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
*.tar.lz*) \
@ -600,7 +601,7 @@ distcheck: dist
*.tar.Z*) \
uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
*.shar.gz*) \
eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).shar.gz | unshar ;;\
GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\
*.zip*) \
unzip $(distdir).zip ;;\
esac
@ -773,10 +774,9 @@ ps: ps-recursive
ps-am:
uninstall-am:
@$(NORMAL_INSTALL)
$(MAKE) $(AM_MAKEFLAGS) uninstall-hook
.MAKE: $(am__recursive_targets) all install-am install-data-am \
install-strip uninstall-am
install-strip
.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \
am--refresh check check-am clean clean-cscope clean-generic \
@ -792,32 +792,16 @@ uninstall-am:
install-strip installcheck installcheck-am installdirs \
installdirs-am maintainer-clean maintainer-clean-generic \
mostlyclean mostlyclean-generic pdf pdf-am ps ps-am tags \
tags-am uninstall uninstall-am uninstall-hook
tags-am uninstall uninstall-am
.PRECIOUS: Makefile
install-data-hook:
INSTALL_STRIP_FLAG="$(INSTALL_STRIP_FLAG)" \
export INSTALL_STRIP_FLAG
prefix="$(prefix)" sysconfdir="$(sysconfdir)" \
path_to_vi="$(path_to_vi)" path_to_sendmail="$(path_to_sendmail)" \
$(top_srcdir)/installer/install.sh
uninstall-hook:
rm -f ${prefix}/sbin/tripwire $(prefix)/sbin/twadmin $(prefix)/sbin/twprint $(prefix)/sbin/siggen
rm -Rf $(prefix)/doc
check:
rm -Rf $(top_srcdir)/src/test-harness/twtest
rm -Rf $(top_srcdir)/bin/TWTestData
cd $(top_srcdir)/src/test-harness && perl ./twtest.pl
cd $(top_srcdir)/bin && ./twtest all
test: check
.PHONY: targets
targets:
@$(MAKE) -pRrq -f $(lastword $(MAKEFILE_LIST)) : 2>/dev/null | awk -v RS= -F: '/^# File/,/^# Finished Make data base/ {if ($$1 !~ "^[#.]") {print $$1}}' | sort | egrep -v -e '^[^[:alnum:]]' -e '^$@$$' | xargs
path_to_vi="$(path_to_vi)" path_to_sendmail="$(path_to_sendmail)" \
./installer/install.sh
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.

18
Packaging Normal file → Executable file
View File

@ -9,6 +9,10 @@ Packaging for Open Source Tripwire is maintained by various third parties:
* Debian: https://tracker.debian.org/pkg/tripwire
* Gentoo: https://packages.gentoo.org/packages/app-admin/tripwire
Gentoo also has an SELinux policy for OST:
https://packages.gentoo.org/packages/sec-policy/selinux-tripwire
* Chef cookbook: https://github.com/rackspace-cookbooks/rackspace_tripwire
* FreeBSD Ports: http://svnweb.freebsd.org/ports/head/security/tripwire/
@ -19,19 +23,5 @@ Packaging for Open Source Tripwire is maintained by various third parties:
* NetBSD pkgsrc: http://ftp.netbsd.org/pub/pkgsrc/current/pkgsrc/security/tripwire/README.html
NOTE: At present (April 2016) pkgsrc only provides the obsolete Tripwire 1.2, from the mid-1990s.
That version lacks contemporary hash algorithms, and you probably don't want to use it.
There's an unfinished pkgsrc port for OST 2.3+ here, if someone who understands pkgsrc
is looking for a fun(?) project: http://pkgsrc.se/wip/tripwire2
A few third party projects that might be useful with OST
* Chef cookbook: https://github.com/rackspace-cookbooks/rackspace_tripwire
* Puppet module: https://github.com/razorsedge/puppet-tripwire
* SELinux policies from Tresys: https://github.com/TresysTechnology/refpolicy-contrib/blob/master/tripwire.te
(and related .fc and .if files in the same repo)
* A Gentoo SELinux policy, different from the one above: https://packages.gentoo.org/packages/sec-policy/selinux-tripwire
* An experimental(?) Dockerfile for CentOS: https://hub.docker.com/r/prateeknischal/tripwire-play/

180
README.md
View File

@ -1,179 +1,5 @@
# Open Source Tripwire<sup</sup>
#Open Source Tripwire<sup</sup>
Open Source Tripwire<sup>®</sup> is a security and data integrity tool for monitoring and alerting on file & directory changes. This project is based on code originally contributed by [Tripwire, Inc.](http://www.tripwire.com) in 2000.
Open Source Tripwire<sup>®</sup> software is a security and data integrity tool useful for monitoring and alerting on specific file change(s) on a range of systems. The project is based on code originally contributed by [Tripwire, Inc.](http://www.tripwire.com) in 2000.
## Overview
A Tripwire check compares the current filesystem state against a known baseline state, and alerts on any changes it detects. The baseline and check behavior are controlled by a policy file, which specifies which files or directories to monitor, and which attributes to monitor on them, such as hashes, file permissions, and ownership.
When an expected change occurs, such as upgrading a package, the baseline database can be updated to the new known-good state. The policy can also be updated, for example to reduce noise or cover a newly installed package.
## Getting Started
This section covers manual setup of Open Source Tripwire. If installing via an RPM or Debian package, or via **make install**, a setup script will walk the user through the initial setup steps (key generation thru policy creation) and these will not need to be done by hand.
### Generating Keys
The first step is to generate site and local key files. This is necessary because Tripwire policy, configuration, and database files are signed by default, and report files may also be signed. The site key is used to sign config and policy files, while databases and reports are signed with the local key. The idea here is that multiple machines can share a site key, but each will have its own local key. The policy and config files can then be created once and distributed across these machines.
A common practice is to include the hostname in the local key filename, as follows:
```
./twadmin --generate-keys -L /etc/tripwire/${HOSTNAME}-local.key
./twadmin --generate-keys -S /etc/tripwire/site.key
```
### Creating a configuration file
The next step is to create a Tripwire config file. The config file contains a variety of settings including the locations of Tripwire binaries and key files, email report settings, and parameters that control baseline/check behavior. These settings are explained in detail in the **twconfig(4)** manual page.
This command line reads and validates the config text in /path/to/twcfg.txt, writes the results to tw.cfg, and signs the resulting file with the provided site key:
```
./twadmin --create-cfgfile -S /path/to/site.key /path/to/twcfg.txt
```
### Generating a policy file
Now it's time to configure which files & directories OST will monitor. A few simple examples of policy rules:
```
/start/point -> $(IgnoreNone); # Get all attributes for this dir tree
/another/start -> +pinugS; # Get selected attributes for this dir tree
!/start/point/subdir/to/ignore; # Don't monitor this dir tree
```
The Tripwire policy language is documented in detail in the **twpolicy(4)** manual page, and default policies for most common operating systems are available in the OST project's policy subdirectory.
```
./twadmin --create-polfile -S /path/to/site.key /etc/tripwire/twpol.txt
```
### Creating a baseline
The next step is to baseline the system for the first time. This step is necessary even if the previous steps are handled by a setup/install script.
```
./tripwire --init
```
This creates a database file in the configured directory, typically a file with a .twd extension in /var/lib/tripwire. The optional **--verbose** argument to init mode lists files and directories as they're being scanned.
### Running a check
```
./tripwire --check
```
This runs a check, again with an optional **--verbose** option that displays what it's doing. Scan results are written to standard out, as well as a report file, which typically has a .twr extension and lives in /var/lib/tripwire/report. If email reporting is enabled, emails will be sent at the end of the check.
A common way to use OST is to set up a cron job to run checks periodically, emailing results to an administrative account. Note that the OST install script currently does not create any cron jobs, and this will need to be done by hand.
### Printing a report
```
./twprint -m r -t [0-4] -r /path/to/reportfile.twr
```
The -t argument specifies the level of report verbosity, where 0 is a single line summary of the report contents, and 4 displays all gathered attributes on all changed objects. The report level defaults to 3 if not specified on the command line or via the REPORTLEVEL config file option.
Databases can be also printed with:
```
./twprint -m d -d /path/to/database.twd
```
### Updating a database
The simplest form of update updates the database with all the changes in a report file:
```
./tripwire --update --accept-all
```
While a
```
./tripwire --update
```
brings up a text report in the user's preferred editor (as configured in the config file's EDITOR option), with a checkbox next to each detected change. After saving and exiting the editor, the database will only be updated for those objects that remain selected with an **[x]**.
### Updating a policy
Policy update mode modifies the current Tripwire policy without losing existing baselines.
```
./tripwire --update-policy updated-policy.txt
```
A check is run with the new policy as part of the update process. If this check detects changes, the default behavior is to display the changes and exit without updating the policy or database. To accept the changes and continue with the policy update, use the **-Z low** / **--secure-mode low** command line option.
### Testing the email configuration
To test email configuration:
```
./tripwire --test --email user@domain.tld
```
This sends a test email to the specified address, using the email settings specified in the config file.
## Building OST
### Prerequisites
A C++ compiler. It's known to build with gcc and clang; OST should work with gcc versions as old as 2.95.2, although gcc older than version 3.1 will need an external STLPort package.
A POSIX-like operating system, including Linux, macOS, various BSDs, Solaris, AIX, HP-UX, Minix, Haiku, GNU/Hurd, and others. Windows users can build OST under Cygwin, although this does not provide support for monitoring the Registry or any Windows-specific file attributes.
Perl 5+ is needed to run the project's test suite.
### Configuring & Building
OST uses a standard automake build, so the first configuration step will generally be:
```
./configure
```
Additional compiler arguments (such as Debian hardening options), non-default paths, and other options can be set up in this step. A ```./configure --help``` lists the available configuration options.
The ```--prefix=/some/path``` option controls where a subsequent ```make install``` will install to, and where Tripwire binaries will look for a configuration file.
The ```--enable-static``` option causes the build to create statically linked binaries. This is often used as a security enhancement, so that Tripwire will not rely on the shared libraries on the machine. This is not possible on all platforms, as some (like macOS and Solaris) don't provide the necessary static libraries to link against.
Note that Linux systems that use NSS for name lookups will still employ shared libraries behind the scenes even when the OST binaries are statically linked. There have been occasional reports of segfaults when trying to do a name lookup in these circumstances, particularly when the binary was built on a different machine or it's trying to do an LDAP or NIS name lookup. If this occurs, there are two ways to work around it: Either switch to dynamic binaries, or set the Tripwire config file option ```RESOLVE_IDS_TO_NAMES=false```, which tells OST to just watch numeric user & group IDs and not perform name lookups.
If the configure or make step fails with errors about the automake/autoconf version, it may be necessary to run the script
```./touchconfig.sh```
before building the project. This script simply touches files in the correct order such that their last change times are not all identical, and that they're different in the right order.
Then just
```make```
to build the project.
## Running the test suites
the ```make check``` make target runs two things: The acceptance test suite in the src/test-harness directory, and unit tests by running twtest, which is built in the bin directory along with other Tripwire binaries. These tests can also be run separately:
```./twtest``` runs all unit tests, while ```./twtest list``` lists all available tests.
```./twtest Groupname``` runs all tests in a group, and
```./twtest Groupname/Testname``` just runs the specified test.
To run the acceptance tests manually, cd to the src/test-harness directory and run ```perl ./twtest.pl```.
## Deployment
The ```make install``` target installs OST to the configured location, and ```make install-strip``` installs and removes symbols from the Tripwire binaries. A ```make dist``` creates a gzipped source bundle.
## Authors
* [Tripwire, Inc.](http://www.tripwire.com)
## License
The developer of the original code and/or files is Tripwire, Inc.
Portions created by Tripwire, Inc. are copyright 2000-2018 Tripwire, Inc.
Tripwire is a registered trademark of Tripwire, Inc. All rights reserved.
This program is free software. The contents of this file are subject to the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. You may redistribute it and/or modify it only in compliance with the GNU General Public License.
This program is distributed in the hope that it will be useful. However,
this program is distributed "AS-IS" WITHOUT ANY WARRANTY; INCLUDING THE
IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Please see the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc.,
59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
Nothing in the GNU General Public License or any other license to use the
code or files shall permit you to use Tripwire's trademarks, service marks, or other intellectual property without Tripwire's prior written consent.
If you have any questions, please contact Tripwire, Inc. at either
info@tripwire.org or www.tripwire.org.
Open Source Tripwire is suitable for monitoring a small number of Linux servers, where centralized control and reporting is not needed and professional support or system automation is not a requirement.

40
ReadMe-2.4.3
View File

@ -1,14 +1,4 @@
What's new in Open Source Tripwire 2.4.3.x:
* Useful install-strip, check, uninstall & distcheck make targets as of OST 2.4.3.5. Check target invokes both the test-harness framework and twtest unit tests.
* Verify OST builds without errors w/ GCC 7.0.x; fix new warnings from the new compiler, including deprecation warnings; use std::unique_ptr instead of std::auto_ptr where available.
* Add --disable-extrawarnings configure option, for old compilers that dont support the -Wextra compile option.
* Clean up unit tests, enable various disabled tests, make results more useful.
* Additional cleanup due to static analysis tool results (CppCheck, Flawfinder, Clang analyzer).
What's new in Open Source Tripwire 2.4.3.2:
* OST now includes optional iconv support when configured with --enable-iconv.
When enabled, binary database & report files store paths as UTF-16, making these files more
@ -39,6 +29,11 @@ specifying a build directory outside the source dir now works as expected.
* Assorted platform tweaks: Add DOS/FreeDOS + DJGPP as a new platform; support Cygwin
//host/share/path syntax for UNC paths; passphrase & tempfile fixes for AROS.
======================================
What was new in earlier 2.4.3 versions:
* This update fixes compilation errors on modern compilers (GCC 4.7+ and LLVM/clang),
as well as some additional errors encountered on various platforms. This is intended
to supersede patches against 2.4.2.x, e.g. http://www.linuxfromscratch.org/blfs/view/svn/postlfs/tripwire.html
@ -71,22 +66,15 @@ defined incorrectly otherwise.
The update has been tested on a variety of platforms:
Linuxes
- Alpine Linux 3.3.3 + gcc 5.3.0
- Alpine Linux 3.5.1 + gcc 6.2.1
- Arch Linux 232 + gcc 6.3.1
- Amazon Linux AMI 2016.09 + gcc 4.8.3
- Android 6.0 (arm) + gcc 4.9 (NDK)
- CentOS 7 (amd64) + gcc 4.8.5
- Fedora 24 Alpha 7 (amd64) + gcc 6.0.0
- Fedora 27 Rawhide (amd64) + gcc 7.0.1
- Raspbian 7 (wheezy) (armv6l) + gcc 4.6.3
- RHEL 3.4 (Itanium) + gcc 3.4.3
- RHEL 6.0 (powerpc64) + gcc 4.4.4
- openSuSE Tumbleweed (20160408) (i586) + gcc 5.3.1
- Oracle Linux 6.8 + gcc 4.4.7
- Ubuntu 14.0.4 (amd64) + gcc 4.x
- Ubuntu 16.0.4 (amd64) + gcc 5.4.0
- Wind River Pulsar Linux 8 + gcc 5.2.0
- RHEL 3.4 (Itanium) + gcc 3.4.3
- Alpine Linux 3.3.3 + gcc 5.3.0
- Android 6.0 (arm) + gcc 4.9
- Raspbian 7 (wheezy) (armv6l) + gcc 4.6.3
- openSuSE Tumbleweed (20160408) (i586) + gcc 5.3.1
- RHEL 6.0 (powerpc64) + gcc 4.4.4
- Fedora 24 Alpha 7 (amd64) + gcc 6.0.0
OSX
- Mac OS X 10.11 + LLVM 7.0.2 / clang-700.1.81
@ -102,7 +90,7 @@ BSDs
UNIXes
- Solaris 10 SPARC + gcc 3.4.6
- Solaris 10 x86 + gcc 3.4.3
- OpenIndiana 151 + gcc 4.8.5
- OpenIndiana 151 + gcc 4.8.5 [an OpenSolaris/illumos distro]
- AIX 5.2 + gcc 4.3.1
- HP-UX 11.23 + gcc 4.2.3

2
TRADEMARK
View File

@ -2,7 +2,7 @@ TRIPWIRE COPYRIGHT & TRADEMARK NOTICE
COPYRIGHT
The developer of the original code and/or files is Tripwire, Inc. Portions
created by Tripwire, Inc. are copyright 2000-2018 Tripwire, Inc.
created by Tripwire, Inc. are copyright 2000 Tripwire, Inc.
TRADEMARK
Tripwire is a registered trademark (the "Trademark") of Tripwire, Inc. All

1
_config.yml
View File

@ -1 +0,0 @@
theme: jekyll-theme-minimal

46
aclocal.m4 vendored
View File

@ -1,6 +1,6 @@
# generated automatically by aclocal 1.15.1 -*- Autoconf -*-
# generated automatically by aclocal 1.15 -*- Autoconf -*-
# Copyright (C) 1996-2017 Free Software Foundation, Inc.
# Copyright (C) 1996-2014 Free Software Foundation, Inc.
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -20,7 +20,7 @@ You have another version of autoconf. It may work, but is not guaranteed to.
If you have problems, you may need to regenerate the build system entirely.
To do so, use the procedure documented by the package, typically 'autoreconf'.])])
# Copyright (C) 2002-2017 Free Software Foundation, Inc.
# Copyright (C) 2002-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -35,7 +35,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION],
[am__api_version='1.15'
dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
dnl require some minimum version. Point them to the right macro.
m4_if([$1], [1.15.1], [],
m4_if([$1], [1.15], [],
[AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
])
@ -51,14 +51,14 @@ m4_define([_AM_AUTOCONF_VERSION], [])
# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
# This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
[AM_AUTOMAKE_VERSION([1.15.1])dnl
[AM_AUTOMAKE_VERSION([1.15])dnl
m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
# AM_AUX_DIR_EXPAND -*- Autoconf -*-
# Copyright (C) 2001-2017 Free Software Foundation, Inc.
# Copyright (C) 2001-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -110,7 +110,7 @@ am_aux_dir=`cd "$ac_aux_dir" && pwd`
# AM_CONDITIONAL -*- Autoconf -*-
# Copyright (C) 1997-2017 Free Software Foundation, Inc.
# Copyright (C) 1997-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -141,7 +141,7 @@ AC_CONFIG_COMMANDS_PRE(
Usually this means the macro was only invoked conditionally.]])
fi])])
# Copyright (C) 1999-2017 Free Software Foundation, Inc.
# Copyright (C) 1999-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -332,7 +332,7 @@ _AM_SUBST_NOTMAKE([am__nodep])dnl
# Generate code to set up dependency tracking. -*- Autoconf -*-
# Copyright (C) 1999-2017 Free Software Foundation, Inc.
# Copyright (C) 1999-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -408,7 +408,7 @@ AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS],
# Do all the work for Automake. -*- Autoconf -*-
# Copyright (C) 1996-2017 Free Software Foundation, Inc.
# Copyright (C) 1996-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -605,7 +605,7 @@ for _am_header in $config_headers :; do
done
echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
# Copyright (C) 2001-2017 Free Software Foundation, Inc.
# Copyright (C) 2001-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -626,7 +626,7 @@ if test x"${install_sh+set}" != xset; then
fi
AC_SUBST([install_sh])])
# Copyright (C) 2003-2017 Free Software Foundation, Inc.
# Copyright (C) 2003-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -647,7 +647,7 @@ AC_SUBST([am__leading_dot])])
# Check to see how 'make' treats includes. -*- Autoconf -*-
# Copyright (C) 2001-2017 Free Software Foundation, Inc.
# Copyright (C) 2001-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -697,7 +697,7 @@ rm -f confinc confmf
# Fake the existence of programs that GNU maintainers use. -*- Autoconf -*-
# Copyright (C) 1997-2017 Free Software Foundation, Inc.
# Copyright (C) 1997-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -738,7 +738,7 @@ fi
# Obsolete and "removed" macros, that must however still report explicit
# error messages when used, to smooth transition.
#
# Copyright (C) 1996-2017 Free Software Foundation, Inc.
# Copyright (C) 1996-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -765,7 +765,7 @@ AU_DEFUN([fp_C_PROTOTYPES], [AM_C_PROTOTYPES])
# Helper functions for option handling. -*- Autoconf -*-
# Copyright (C) 2001-2017 Free Software Foundation, Inc.
# Copyright (C) 2001-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -794,7 +794,7 @@ AC_DEFUN([_AM_SET_OPTIONS],
AC_DEFUN([_AM_IF_OPTION],
[m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])])
# Copyright (C) 1999-2017 Free Software Foundation, Inc.
# Copyright (C) 1999-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -841,7 +841,7 @@ AC_LANG_POP([C])])
# For backward compatibility.
AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])])
# Copyright (C) 2001-2017 Free Software Foundation, Inc.
# Copyright (C) 2001-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -860,7 +860,7 @@ AC_DEFUN([AM_RUN_LOG],
# Check to make sure that the build environment is sane. -*- Autoconf -*-
# Copyright (C) 1996-2017 Free Software Foundation, Inc.
# Copyright (C) 1996-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -941,7 +941,7 @@ AC_CONFIG_COMMANDS_PRE(
rm -f conftest.file
])
# Copyright (C) 2009-2017 Free Software Foundation, Inc.
# Copyright (C) 2009-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1001,7 +1001,7 @@ AC_SUBST([AM_BACKSLASH])dnl
_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl
])
# Copyright (C) 2001-2017 Free Software Foundation, Inc.
# Copyright (C) 2001-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1029,7 +1029,7 @@ fi
INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
AC_SUBST([INSTALL_STRIP_PROGRAM])])
# Copyright (C) 2006-2017 Free Software Foundation, Inc.
# Copyright (C) 2006-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -1048,7 +1048,7 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
# Check how to create a tarball. -*- Autoconf -*-
# Copyright (C) 2004-2017 Free Software Foundation, Inc.
# Copyright (C) 2004-2014 Free Software Foundation, Inc.
#
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,

348
compile
View File

@ -1,348 +0,0 @@
#! /bin/sh
# Wrapper for compilers which do not understand '-c -o'.
scriptversion=2016-01-11.22; # UTC
# Copyright (C) 1999-2017 Free Software Foundation, Inc.
# Written by Tom Tromey <tromey@cygnus.com>.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# This file is maintained in Automake, please report
# bugs to <bug-automake@gnu.org> or send patches to
# <automake-patches@gnu.org>.
nl='
'
# We need space, tab and new line, in precisely that order. Quoting is
# there to prevent tools from complaining about whitespace usage.
IFS=" "" $nl"
file_conv=
# func_file_conv build_file lazy
# Convert a $build file to $host form and store it in $file
# Currently only supports Windows hosts. If the determined conversion
# type is listed in (the comma separated) LAZY, no conversion will
# take place.
func_file_conv ()
{
file=$1
case $file in
/ | /[!/]*) # absolute file, and not a UNC file
if test -z "$file_conv"; then
# lazily determine how to convert abs files
case `uname -s` in
MINGW*)
file_conv=mingw
;;
CYGWIN*)
file_conv=cygwin
;;
*)
file_conv=wine
;;
esac
fi
case $file_conv/,$2, in
*,$file_conv,*)
;;
mingw/*)
file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'`
;;
cygwin/*)
file=`cygpath -m "$file" || echo "$file"`
;;
wine/*)
file=`winepath -w "$file" || echo "$file"`
;;
esac
;;
esac
}
# func_cl_dashL linkdir
# Make cl look for libraries in LINKDIR
func_cl_dashL ()
{
func_file_conv "$1"
if test -z "$lib_path"; then
lib_path=$file
else
lib_path="$lib_path;$file"
fi
linker_opts="$linker_opts -LIBPATH:$file"
}
# func_cl_dashl library
# Do a library search-path lookup for cl
func_cl_dashl ()
{
lib=$1
found=no
save_IFS=$IFS
IFS=';'
for dir in $lib_path $LIB
do
IFS=$save_IFS
if $shared && test -f "$dir/$lib.dll.lib"; then
found=yes
lib=$dir/$lib.dll.lib
break
fi
if test -f "$dir/$lib.lib"; then
found=yes
lib=$dir/$lib.lib
break
fi
if test -f "$dir/lib$lib.a"; then
found=yes
lib=$dir/lib$lib.a
break
fi
done
IFS=$save_IFS
if test "$found" != yes; then
lib=$lib.lib
fi
}
# func_cl_wrapper cl arg...
# Adjust compile command to suit cl
func_cl_wrapper ()
{
# Assume a capable shell
lib_path=
shared=:
linker_opts=
for arg
do
if test -n "$eat"; then
eat=
else
case $1 in
-o)
# configure might choose to run compile as 'compile cc -o foo foo.c'.
eat=1
case $2 in
*.o | *.[oO][bB][jJ])
func_file_conv "$2"
set x "$@" -Fo"$file"
shift
;;
*)
func_file_conv "$2"
set x "$@" -Fe"$file"
shift
;;
esac
;;
-I)
eat=1
func_file_conv "$2" mingw
set x "$@" -I"$file"
shift
;;
-I*)
func_file_conv "${1#-I}" mingw
set x "$@" -I"$file"
shift
;;
-l)
eat=1
func_cl_dashl "$2"
set x "$@" "$lib"
shift
;;
-l*)
func_cl_dashl "${1#-l}"
set x "$@" "$lib"
shift
;;
-L)
eat=1
func_cl_dashL "$2"
;;
-L*)
func_cl_dashL "${1#-L}"
;;
-static)
shared=false
;;
-Wl,*)
arg=${1#-Wl,}
save_ifs="$IFS"; IFS=','
for flag in $arg; do
IFS="$save_ifs"
linker_opts="$linker_opts $flag"
done
IFS="$save_ifs"
;;
-Xlinker)
eat=1
linker_opts="$linker_opts $2"
;;
-*)
set x "$@" "$1"
shift
;;
*.cc | *.CC | *.cxx | *.CXX | *.[cC]++)
func_file_conv "$1"
set x "$@" -Tp"$file"
shift
;;
*.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO])
func_file_conv "$1" mingw
set x "$@" "$file"
shift
;;
*)
set x "$@" "$1"
shift
;;
esac
fi
shift
done
if test -n "$linker_opts"; then
linker_opts="-link$linker_opts"
fi
exec "$@" $linker_opts
exit 1
}
eat=
case $1 in
'')
echo "$0: No command. Try '$0 --help' for more information." 1>&2
exit 1;
;;
-h | --h*)
cat <<\EOF
Usage: compile [--help] [--version] PROGRAM [ARGS]
Wrapper for compilers which do not understand '-c -o'.
Remove '-o dest.o' from ARGS, run PROGRAM with the remaining
arguments, and rename the output as expected.
If you are trying to build a whole package this is not the
right script to run: please start by reading the file 'INSTALL'.
Report bugs to <bug-automake@gnu.org>.
EOF
exit $?
;;
-v | --v*)
echo "compile $scriptversion"
exit $?
;;
cl | *[/\\]cl | cl.exe | *[/\\]cl.exe | \
icl | *[/\\]icl | icl.exe | *[/\\]icl.exe )
func_cl_wrapper "$@" # Doesn't return...
;;
esac
ofile=
cfile=
for arg
do
if test -n "$eat"; then
eat=
else
case $1 in
-o)
# configure might choose to run compile as 'compile cc -o foo foo.c'.
# So we strip '-o arg' only if arg is an object.
eat=1
case $2 in
*.o | *.obj)
ofile=$2
;;
*)
set x "$@" -o "$2"
shift
;;
esac
;;
*.c)
cfile=$1
set x "$@" "$1"
shift
;;
*)
set x "$@" "$1"
shift
;;
esac
fi
shift
done
if test -z "$ofile" || test -z "$cfile"; then
# If no '-o' option was seen then we might have been invoked from a
# pattern rule where we don't need one. That is ok -- this is a
# normal compilation that the losing compiler can handle. If no
# '.c' file was seen then we are probably linking. That is also
# ok.
exec "$@"
fi
# Name of file we expect compiler to create.
cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'`
# Create the lock directory.
# Note: use '[/\\:.-]' here to ensure that we don't use the same name
# that we are using for the .o file. Also, base the name on the expected
# object file name, since that is what matters with a parallel build.
lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d
while true; do
if mkdir "$lockdir" >/dev/null 2>&1; then
break
fi
sleep 1
done
# FIXME: race condition here if user kills between mkdir and trap.
trap "rmdir '$lockdir'; exit 1" 1 2 15
# Run the compile.
"$@"
ret=$?
if test -f "$cofile"; then
test "$cofile" = "$ofile" || mv "$cofile" "$ofile"
elif test -f "${cofile}bj"; then
test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile"
fi
rmdir "$lockdir"
exit $ret
# Local Variables:
# mode: shell-script
# sh-indentation: 2
# eval: (add-hook 'write-file-hooks 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC0"
# time-stamp-end: "; # UTC"
# End:

109
config.guess vendored
View File

@ -1,8 +1,8 @@
#! /bin/sh
# Attempt to guess a canonical system name.
# Copyright 1992-2017 Free Software Foundation, Inc.
# Copyright 1992-2016 Free Software Foundation, Inc.
timestamp='2017-09-16'
timestamp='2016-02-11'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@ -15,7 +15,7 @@ timestamp='2017-09-16'
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, see <https://www.gnu.org/licenses/>.
# along with this program; if not, see <http://www.gnu.org/licenses/>.
#
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
@ -27,7 +27,7 @@ timestamp='2017-09-16'
# Originally written by Per Bothner; maintained since 2000 by Ben Elliston.
#
# You can get the latest version of this script from:
# https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess
# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess
#
# Please send patches to <config-patches@gnu.org>.
@ -50,7 +50,7 @@ version="\
GNU config.guess ($timestamp)
Originally written by Per Bothner.
Copyright 1992-2017 Free Software Foundation, Inc.
Copyright 1992-2016 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@ -186,12 +186,9 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
*) machine=${UNAME_MACHINE_ARCH}-unknown ;;
esac
# The Operating System including object format, if it has switched
# to ELF recently (or will in the future) and ABI.
# to ELF recently, or will in the future.
case "${UNAME_MACHINE_ARCH}" in
earm*)
os=netbsdelf
;;
arm*|i386|m68k|ns32k|sh3*|sparc|vax)
arm*|earm*|i386|m68k|ns32k|sh3*|sparc|vax)
eval $set_cc_for_build
if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
| grep -q __ELF__
@ -259,9 +256,6 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
*:Sortix:*:*)
echo ${UNAME_MACHINE}-unknown-sortix
exit ;;
*:Redox:*:*)
echo ${UNAME_MACHINE}-unknown-redox
exit ;;
alpha:OSF1:*:*)
case $UNAME_RELEASE in
*4.0)
@ -318,6 +312,15 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
exitcode=$?
trap '' 0
exit $exitcode ;;
Alpha\ *:Windows_NT*:*)
# How do we know it's Interix rather than the generic POSIX subsystem?
# Should we change UNAME_MACHINE based on the output of uname instead
# of the specific Alpha model?
echo alpha-pc-interix
exit ;;
21064:Windows_NT:50:3)
echo alpha-dec-winnt3.5
exit ;;
Amiga*:UNIX_System_V:4.0:*)
echo m68k-unknown-sysv4
exit ;;
@ -383,7 +386,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
# This test works for both compilers.
if [ "$CC_FOR_BUILD" != no_compiler_found ]; then
if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \
(CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \
(CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
grep IS_64BIT_ARCH >/dev/null
then
SUN_ARCH=x86_64
@ -681,7 +684,7 @@ EOF
exit (0);
}
EOF
(CCOPTS="" $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy`
(CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy`
test -z "$HP_ARCH" && HP_ARCH=hppa
fi ;;
esac
@ -698,7 +701,7 @@ EOF
# $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess
# => hppa64-hp-hpux11.23
if echo __LP64__ | (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) |
if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) |
grep -q __LP64__
then
HP_ARCH=hppa2.0w
@ -831,11 +834,10 @@ EOF
UNAME_PROCESSOR=`/usr/bin/uname -p`
case ${UNAME_PROCESSOR} in
amd64)
UNAME_PROCESSOR=x86_64 ;;
i386)
UNAME_PROCESSOR=i586 ;;
echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
*)
echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
esac
echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
exit ;;
*:MidnightBSD:*:*)
UNAME_PROCESSOR=`/usr/bin/uname -p`
@ -858,6 +860,10 @@ EOF
*:MSYS*:*)
echo ${UNAME_MACHINE}-pc-msys
exit ;;
i*:windows32*:*)
# uname -m includes "-pc" on this system.
echo ${UNAME_MACHINE}-mingw32
exit ;;
i*:PW*:*)
echo ${UNAME_MACHINE}-pc-pw32
exit ;;
@ -873,12 +879,27 @@ EOF
echo ia64-unknown-interix${UNAME_RELEASE}
exit ;;
esac ;;
[345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
echo i${UNAME_MACHINE}-pc-mks
exit ;;
8664:Windows_NT:*)
echo x86_64-pc-mks
exit ;;
i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
# How do we know it's Interix rather than the generic POSIX subsystem?
# It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
# UNAME_MACHINE based on the output of uname instead of i386?
echo i586-pc-interix
exit ;;
i*:UWIN*:*)
echo ${UNAME_MACHINE}-pc-uwin
exit ;;
amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*)
echo x86_64-unknown-cygwin
exit ;;
p*:CYGWIN*:*)
echo powerpcle-unknown-cygwin
exit ;;
prep*:SunOS:5.*:*)
echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit ;;
@ -888,7 +909,7 @@ EOF
exit ;;
*:GNU/*:*:*)
# other systems with GNU libc and userland
echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr "[:upper:]" "[:lower:]"``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC}
echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC}
exit ;;
i*86:Minix:*:*)
echo ${UNAME_MACHINE}-pc-minix
@ -985,9 +1006,6 @@ EOF
eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'`
test x"${CPU}" != x && { echo "${CPU}-unknown-linux-${LIBC}"; exit; }
;;
mips64el:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
exit ;;
openrisc*:Linux:*:*)
echo or1k-unknown-linux-${LIBC}
exit ;;
@ -1020,9 +1038,6 @@ EOF
ppcle:Linux:*:*)
echo powerpcle-unknown-linux-${LIBC}
exit ;;
riscv32:Linux:*:* | riscv64:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
exit ;;
s390:Linux:*:* | s390x:Linux:*:*)
echo ${UNAME_MACHINE}-ibm-linux-${LIBC}
exit ;;
@ -1270,9 +1285,6 @@ EOF
SX-8R:SUPER-UX:*:*)
echo sx8r-nec-superux${UNAME_RELEASE}
exit ;;
SX-ACE:SUPER-UX:*:*)
echo sxace-nec-superux${UNAME_RELEASE}
exit ;;
Power*:Rhapsody:*:*)
echo powerpc-apple-rhapsody${UNAME_RELEASE}
exit ;;
@ -1288,21 +1300,14 @@ EOF
if test `echo "$UNAME_RELEASE" | sed -e 's/\..*//'` -le 10 ; then
if [ "$CC_FOR_BUILD" != no_compiler_found ]; then
if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \
(CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \
grep IS_64BIT_ARCH >/dev/null
(CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
grep IS_64BIT_ARCH >/dev/null
then
case $UNAME_PROCESSOR in
i386) UNAME_PROCESSOR=x86_64 ;;
powerpc) UNAME_PROCESSOR=powerpc64 ;;
esac
fi
# On 10.4-10.6 one might compile for PowerPC via gcc -arch ppc
if (echo '#ifdef __POWERPC__'; echo IS_PPC; echo '#endif') | \
(CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \
grep IS_PPC >/dev/null
then
UNAME_PROCESSOR=powerpc
fi
fi
elif test "$UNAME_PROCESSOR" = i386 ; then
# Avoid executing cc on OS X 10.9, as it ships with a stub
@ -1326,18 +1331,15 @@ EOF
*:QNX:*:4*)
echo i386-pc-qnx
exit ;;
NEO-*:NONSTOP_KERNEL:*:*)
NEO-?:NONSTOP_KERNEL:*:*)
echo neo-tandem-nsk${UNAME_RELEASE}
exit ;;
NSE-*:NONSTOP_KERNEL:*:*)
echo nse-tandem-nsk${UNAME_RELEASE}
exit ;;
NSR-*:NONSTOP_KERNEL:*:*)
NSR-?:NONSTOP_KERNEL:*:*)
echo nsr-tandem-nsk${UNAME_RELEASE}
exit ;;
NSX-*:NONSTOP_KERNEL:*:*)
echo nsx-tandem-nsk${UNAME_RELEASE}
exit ;;
*:NonStop-UX:*:*)
echo mips-compaq-nonstopux
exit ;;
@ -1393,7 +1395,7 @@ EOF
echo i386-pc-xenix
exit ;;
i*86:skyos:*:*)
echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE} | sed -e 's/ .*$//'`
echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//'
exit ;;
i*86:rdos:*:*)
echo ${UNAME_MACHINE}-pc-rdos
@ -1412,17 +1414,18 @@ esac
cat >&2 <<EOF
$0: unable to guess system type
This script (version $timestamp), has failed to recognize the
operating system you are using. If your script is old, overwrite *all*
copies of config.guess and config.sub with the latest versions from:
This script, last modified $timestamp, has failed to recognize
the operating system you are using. It is advised that you
download the most up to date version of the config scripts from
https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess
http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess
and
https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub
http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub
If $0 has already been updated, send the following data and any
information you think might be pertinent to config-patches@gnu.org to
provide the necessary information to handle your system.
If the version you run ($0) is already up to date, please
send the following data and any information you think might be
pertinent to <config-patches@gnu.org> in order to provide the needed
information to handle your system.
config.guess timestamp = $timestamp

39
config.h.in
View File

@ -6,9 +6,6 @@
/* Compile with debug code */
#undef DEBUG
/* Enable use of /dev/urandom */
#undef ENABLE_DEV_URANDOM
/* this is the prefix for STL exception functions */
#undef EXCEPTION_NAMESPACE
@ -18,21 +15,6 @@
/* Define to 1 if you have the <CommonCrypto/CommonDigest.h> header file. */
#undef HAVE_COMMONCRYPTO_COMMONDIGEST_H
/* Has /dev/arandom */
#undef HAVE_DEV_ARANDOM
/* Has /dev/random */
#undef HAVE_DEV_RANDOM
/* Has /dev/urandom */
#undef HAVE_DEV_URANDOM
/* Define to 1 if you have the `door_create' function. */
#undef HAVE_DOOR_CREATE
/* Define to 1 if you have the <door.h> header file. */
#undef HAVE_DOOR_H
/* Define to 1 if you have the <fcntl.h> header file. */
#undef HAVE_FCNTL_H
@ -72,12 +54,6 @@
/* Define to 1 if you have the <openssl/sha.h> header file. */
#undef HAVE_OPENSSL_SHA_H
/* Define to 1 if you have the `port_create' function. */
#undef HAVE_PORT_CREATE
/* Define to 1 if you have the <port.h> header file. */
#undef HAVE_PORT_H
/* Define to 1 if you have the `posix_fadvise' function. */
#undef HAVE_POSIX_FADVISE
@ -102,15 +78,6 @@
/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
/* Define to 1 if `st_blocks' is a member of `struct stat'. */
#undef HAVE_STRUCT_STAT_ST_BLOCKS
/* Define to 1 if `st_rdev' is a member of `struct stat'. */
#undef HAVE_STRUCT_STAT_ST_RDEV
/* Define to 1 if you have the `swab' function. */
#undef HAVE_SWAB
/* Define to 1 if you have the <syslog.h> header file. */
#undef HAVE_SYSLOG_H
@ -144,9 +111,6 @@
/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
/* Define to 1 if you have the <sys/unistd.h> header file. */
#undef HAVE_SYS_UNISTD_H
/* Define to 1 if you have the <sys/ustat.h> header file. */
#undef HAVE_SYS_USTAT_H
@ -201,9 +165,6 @@
/* The size of `long long', as computed by sizeof. */
#undef SIZEOF_LONG_LONG
/* The size of `time_t', as computed by sizeof. */
#undef SIZEOF_TIME_T
/* Don't use gethostbyname() on Solaris */
#undef SOLARIS_NO_GETHOSTBYNAME

63
config.sub vendored
View File

@ -1,8 +1,8 @@
#! /bin/sh
# Configuration validation subroutine script.
# Copyright 1992-2017 Free Software Foundation, Inc.
# Copyright 1992-2016 Free Software Foundation, Inc.
timestamp='2017-09-22'
timestamp='2016-01-01'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@ -15,7 +15,7 @@ timestamp='2017-09-22'
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, see <https://www.gnu.org/licenses/>.
# along with this program; if not, see <http://www.gnu.org/licenses/>.
#
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
@ -33,7 +33,7 @@ timestamp='2017-09-22'
# Otherwise, we print the canonical config type on stdout and succeed.
# You can get the latest version of this script from:
# https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub
# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub
# This file is supposed to be the same for all GNU packages
# and recognize all the CPU types, system types and aliases
@ -67,7 +67,7 @@ Report bugs and patches to <config-patches@gnu.org>."
version="\
GNU config.sub ($timestamp)
Copyright 1992-2017 Free Software Foundation, Inc.
Copyright 1992-2016 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@ -117,7 +117,7 @@ case $maybe_os in
nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \
linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \
knetbsd*-gnu* | netbsd*-gnu* | netbsd*-eabi* | \
kopensolaris*-gnu* | cloudabi*-eabi* | \
kopensolaris*-gnu* | \
storm-chaos* | os2-emx* | rtmk-nova*)
os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
@ -229,6 +229,9 @@ case $os in
-ptx*)
basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'`
;;
-windowsnt*)
os=`echo $os | sed -e 's/windowsnt/winnt/'`
;;
-psos*)
os=-psos
;;
@ -260,7 +263,7 @@ case $basic_machine in
| fido | fr30 | frv | ft32 \
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| hexagon \
| i370 | i860 | i960 | ia16 | ia64 \
| i370 | i860 | i960 | ia64 \
| ip2k | iq2000 \
| k1om \
| le32 | le64 \
@ -298,7 +301,6 @@ case $basic_machine in
| open8 | or1k | or1knd | or32 \
| pdp10 | pdp11 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle \
| pru \
| pyramid \
| riscv32 | riscv64 \
| rl78 | rx \
@ -312,7 +314,6 @@ case $basic_machine in
| ubicom32 \
| v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \
| visium \
| wasm32 \
| we32k \
| x86 | xc16x | xstormy16 | xtensa \
| z8k | z80)
@ -386,7 +387,7 @@ case $basic_machine in
| h8300-* | h8500-* \
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
| hexagon-* \
| i*86-* | i860-* | i960-* | ia16-* | ia64-* \
| i*86-* | i860-* | i960-* | ia64-* \
| ip2k-* | iq2000-* \
| k1om-* \
| le32-* | le64-* \
@ -427,7 +428,6 @@ case $basic_machine in
| orion-* \
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \
| pru-* \
| pyramid-* \
| riscv32-* | riscv64-* \
| rl78-* | romp-* | rs6000-* | rx-* \
@ -444,7 +444,6 @@ case $basic_machine in
| v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \
| vax-* \
| visium-* \
| wasm32-* \
| we32k-* \
| x86-* | x86_64-* | xc16x-* | xps100-* \
| xstormy16-* | xtensa*-* \
@ -644,14 +643,6 @@ case $basic_machine in
basic_machine=m68k-bull
os=-sysv3
;;
e500v[12])
basic_machine=powerpc-unknown
os=$os"spe"
;;
e500v[12]-*)
basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
os=$os"spe"
;;
ebmon29k)
basic_machine=a29k-amd
os=-ebmon
@ -947,9 +938,6 @@ case $basic_machine in
nsr-tandem)
basic_machine=nsr-tandem
;;
nsx-tandem)
basic_machine=nsx-tandem
;;
op50n-* | op60c-*)
basic_machine=hppa1.1-oki
os=-proelf
@ -1034,7 +1022,7 @@ case $basic_machine in
ppc-* | ppcbe-*)
basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
ppcle | powerpclittle)
ppcle | powerpclittle | ppc-le | powerpc-little)
basic_machine=powerpcle-unknown
;;
ppcle-* | powerpclittle-*)
@ -1044,7 +1032,7 @@ case $basic_machine in
;;
ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
ppc64le | powerpc64little)
ppc64le | powerpc64little | ppc64-le | powerpc64-little)
basic_machine=powerpc64le-unknown
;;
ppc64le-* | powerpc64little-*)
@ -1245,9 +1233,6 @@ case $basic_machine in
basic_machine=a29k-wrs
os=-vxworks
;;
wasm32)
basic_machine=wasm32-unknown
;;
w65*)
basic_machine=w65-wdc
os=-none
@ -1256,9 +1241,6 @@ case $basic_machine in
basic_machine=hppa1.1-winbond
os=-proelf
;;
x64)
basic_machine=x86_64-pc
;;
xbox)
basic_machine=i686-pc
os=-mingw32
@ -1366,8 +1348,8 @@ esac
if [ x"$os" != x"" ]
then
case $os in
# First match some system type aliases that might get confused
# with valid system types.
# First match some system type aliases
# that might get confused with valid system types.
# -solaris* is a basic system type, with this one exception.
-auroraux)
os=-auroraux
@ -1387,9 +1369,9 @@ case $os in
-gnu/linux*)
os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'`
;;
# Now accept the basic system types.
# First accept the basic system types.
# The portable systems comes first.
# Each alternative MUST end in a * to match a version number.
# Each alternative MUST END IN A *, to match a version number.
# -sysv* is not here because it comes later, after sysvr4.
-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
| -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\
@ -1405,9 +1387,9 @@ case $os in
| -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
| -chorusos* | -chorusrdb* | -cegcc* | -glidix* \
| -chorusos* | -chorusrdb* | -cegcc* \
| -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
| -midipix* | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \
| -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \
| -linux-newlib* | -linux-musl* | -linux-uclibc* \
| -uxpv* | -beos* | -mpeix* | -udk* | -moxiebox* \
| -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
@ -1417,7 +1399,7 @@ case $os in
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
| -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es* \
| -onefs* | -tirtos* | -phoenix* | -fuchsia* | -redox*)
| -onefs* | -tirtos*)
# Remember, each alternative MUST END IN *, to match a version number.
;;
-qnx*)
@ -1549,8 +1531,6 @@ case $os in
;;
-nacl*)
;;
-ios)
;;
-none)
;;
*)
@ -1646,9 +1626,6 @@ case $basic_machine in
sparc-* | *-sun)
os=-sunos4.1.1
;;
pru-*)
os=-elf
;;
*-be)
os=-beos
;;

322
configure vendored
View File

@ -1,7 +1,7 @@
#! /bin/sh
# From configure.ac Revision: 2.4.3.7 .
# From configure.ac Revision: 2.4.3.4 .
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for tripwire 2.4.3.7.
# Generated by GNU Autoconf 2.69 for tripwire 2.4.3.4.
#
# Report bugs to <https://github.com/Tripwire/tripwire-open-source/issues>.
#
@ -12,7 +12,7 @@
# This configure script is free software; the Free Software Foundation
# gives unlimited permission to copy, distribute and modify it.
#
# The developer of the original code and/or files is Tripwire, Inc. Portions created by Tripwire, Inc. are copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights reserved.
# The developer of the original code and/or files is Tripwire, Inc. Portions created by Tripwire, Inc. are copyright 2000-2017 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights reserved.
## -------------------- ##
## M4sh Initialization. ##
## -------------------- ##
@ -584,8 +584,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='tripwire'
PACKAGE_TARNAME='tripwire'
PACKAGE_VERSION='2.4.3.7'
PACKAGE_STRING='tripwire 2.4.3.7'
PACKAGE_VERSION='2.4.3.4'
PACKAGE_STRING='tripwire 2.4.3.4'
PACKAGE_BUGREPORT='https://github.com/Tripwire/tripwire-open-source/issues'
PACKAGE_URL='https://github.com/Tripwire/tripwire-open-source'
@ -724,6 +724,7 @@ infodir
docdir
oldincludedir
includedir
runstatedir
localstatedir
sharedstatedir
sysconfdir
@ -747,12 +748,8 @@ ac_subst_files=''
ac_user_opts='
enable_option_checking
enable_silent_rules
enable_extrawarnings
enable_static
enable_debug
enable_coverage
enable_profiling
enable_urandom
enable_dependency_tracking
enable_commoncrypto
enable_iconv
@ -812,6 +809,7 @@ datadir='${datarootdir}'
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
@ -1064,6 +1062,15 @@ do
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
-runstatedir | --runstatedir | --runstatedi | --runstated \
| --runstate | --runstat | --runsta | --runst | --runs \
| --run | --ru | --r)
ac_prev=runstatedir ;;
-runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
| --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
| --run=* | --ru=* | --r=*)
runstatedir=$ac_optarg ;;
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@ -1201,7 +1208,7 @@ fi
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
libdir localedir mandir
libdir localedir mandir runstatedir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@ -1314,7 +1321,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures tripwire 2.4.3.7 to adapt to many kinds of systems.
\`configure' configures tripwire 2.4.3.4 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1354,6 +1361,7 @@ Fine tuning of the installation directories:
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
@ -1385,7 +1393,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of tripwire 2.4.3.7:";;
short | recursive ) echo "Configuration of tripwire 2.4.3.4:";;
esac
cat <<\_ACEOF
@ -1395,12 +1403,8 @@ Optional Features:
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
--enable-silent-rules less verbose build output (undo: "make V=1")
--disable-silent-rules verbose build output (undo: "make V=0")
—-disable-extrawarnings do not compile with -Wextra warnings enabled
--enable-static compile static binaries
--enable-debug compile with debuging enabled
--enable-coverage enable code coverage
--enable-profiling enable profiling
--enable-urandom use /dev/urandom
--enable-dependency-tracking
do not reject slow dependency extractors
--disable-dependency-tracking
@ -1500,14 +1504,14 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
tripwire configure 2.4.3.7
tripwire configure 2.4.3.4
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
This configure script is free software; the Free Software Foundation
gives unlimited permission to copy, distribute and modify it.
The developer of the original code and/or files is Tripwire, Inc. Portions created by Tripwire, Inc. are copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights reserved.
The developer of the original code and/or files is Tripwire, Inc. Portions created by Tripwire, Inc. are copyright 2000-2017 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights reserved.
_ACEOF
exit
fi
@ -2030,63 +2034,6 @@ rm -f conftest.val
} # ac_fn_c_compute_int
# ac_fn_c_check_member LINENO AGGR MEMBER VAR INCLUDES
# ----------------------------------------------------
# Tries to find if the field MEMBER exists in type AGGR, after including
# INCLUDES, setting cache variable VAR accordingly.
ac_fn_c_check_member ()
{
as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2.$3" >&5
$as_echo_n "checking for $2.$3... " >&6; }
if eval \${$4+:} false; then :
$as_echo_n "(cached) " >&6
else
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
$5
int
main ()
{
static $2 ac_aggr;
if (ac_aggr.$3)
return 0;
;
return 0;
}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
eval "$4=yes"
else
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
$5
int
main ()
{
static $2 ac_aggr;
if (sizeof ac_aggr.$3)
return 0;
;
return 0;
}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
eval "$4=yes"
else
eval "$4=no"
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
fi
eval ac_res=\$$4
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
$as_echo "$ac_res" >&6; }
eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
} # ac_fn_c_check_member
# ac_fn_c_try_link LINENO
# -----------------------
# Try to link conftest.$ac_ext, and return whether this succeeded.
@ -2444,7 +2391,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by tripwire $as_me 2.4.3.7, which was
It was created by tripwire $as_me 2.4.3.4, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@ -3418,7 +3365,7 @@ fi
# Define the identity of the package.
PACKAGE='tripwire'
VERSION='2.4.3.7'
VERSION='2.4.3.4'
cat >>confdefs.h <<_ACEOF
@ -3517,21 +3464,11 @@ ac_config_headers="$ac_config_headers config.h"
CFLAGS=${CFLAGS:-"-O -pipe -Wall -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"}
CXXFLAGS=${CXXFLAGS:-"-O -pipe -Wall -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"}
rm -f src/tripwire/syslog.h 2> /dev/null
chmod 755 install-sh 2> /dev/null
# This is primarily to support old compilers that dont understand -Wextra
# Check whether --enable-extrawarnings was given.
if test "${enable_extrawarnings+set}" = set; then :
enableval=$enable_extrawarnings;
fi
if test "x$enable_extrawarnings" != "xno"
then
CFLAGS="${CFLAGS} -Wextra -Wno-unused-parameter"
CXXFLAGS="${CXXFLAGS} -Wextra -Wno-unused-parameter"
fi
CFLAGS=${CFLAGS:-"-O -pipe -Wall -Wextra -Wno-unused-parameter -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"}
CXXFLAGS=${CXXFLAGS:-"-O -pipe -Wall -Wextra -Wno-unused-parameter -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"}
# Check whether --enable-static was given.
if test "${enable_static+set}" = set; then :
@ -3541,7 +3478,6 @@ fi
if test "x$enable_static" = xyes
then LDFLAGS="${LDFLAGS} -static"
fi
# Check whether --enable-debug was given.
if test "${enable_debug+set}" = set; then :
enableval=$enable_debug;
@ -3554,46 +3490,6 @@ then
$as_echo "#define DEBUG 1" >>confdefs.h
else
$as_echo "#define NDEBUG 1" >>confdefs.h
fi
# Check whether --enable-coverage was given.
if test "${enable_coverage+set}" = set; then :
enableval=$enable_coverage;
fi
if test "x$enable_coverage" = xyes
then
CFLAGS="${CFLAGS} --coverage"
CXXFLAGS="${CXXFLAGS} --coverage"
LDFLAGS="${LDFLAGS} --coverage"
fi
# Check whether --enable-profiling was given.
if test "${enable_profiling+set}" = set; then :
enableval=$enable_profiling;
fi
if test "x$enable_profiling" = xyes
then
CFLAGS="${CFLAGS} -pg"
CXXFLAGS="${CXXFLAGS} -pg"
LDFLAGS="${LDFLAGS} -pg"
fi
# Check whether --enable-urandom was given.
if test "${enable_urandom+set}" = set; then :
enableval=$enable_urandom;
fi
if test "x$enable_urandom" = xyes
then
$as_echo "#define ENABLE_DEV_URANDOM 1" >>confdefs.h
fi
ac_ext=c
@ -4453,7 +4349,7 @@ if test -z "$CXX"; then
CXX=$CCC
else
if test -n "$ac_tool_prefix"; then
for ac_prog in g++ c++ clang++ sunCC aCC xlC_r xlC cl.exe
for ac_prog in g++ clang++ sunCC aCC xlC_r xlC cl.exe
do
# Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
set dummy $ac_tool_prefix$ac_prog; ac_word=$2
@ -4497,7 +4393,7 @@ fi
fi
if test -z "$CXX"; then
ac_ct_CXX=$CXX
for ac_prog in g++ c++ clang++ sunCC aCC xlC_r xlC cl.exe
for ac_prog in g++ clang++ sunCC aCC xlC_r xlC cl.exe
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
@ -5626,20 +5522,7 @@ fi
done
for ac_header in unistd.h sys/unistd.h
do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
cat >>confdefs.h <<_ACEOF
#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
_ACEOF
fi
done
for ac_header in syslog.h langinfo.h sys/statfs.h sys/select.h
for ac_header in unistd.h syslog.h langinfo.h sys/statfs.h sys/select.h
do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
@ -6170,39 +6053,6 @@ cat >>confdefs.h <<_ACEOF
_ACEOF
# The cast to long int works around a bug in the HP C Compiler
# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
# This bug is HP SR number 8606223364.
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of time_t" >&5
$as_echo_n "checking size of time_t... " >&6; }
if ${ac_cv_sizeof_time_t+:} false; then :
$as_echo_n "(cached) " >&6
else
if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (time_t))" "ac_cv_sizeof_time_t" "$ac_includes_default"; then :
else
if test "$ac_cv_type_time_t" = yes; then
{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
as_fn_error 77 "cannot compute sizeof (time_t)
See \`config.log' for more details" "$LINENO" 5; }
else
ac_cv_sizeof_time_t=0
fi
fi
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_time_t" >&5
$as_echo "$ac_cv_sizeof_time_t" >&6; }
cat >>confdefs.h <<_ACEOF
#define SIZEOF_TIME_T $ac_cv_sizeof_time_t
_ACEOF
$as_echo "#define USES_1S_COMPLEMENT 0" >>confdefs.h
@ -6228,26 +6078,6 @@ $as_echo "#define IS_UNIX 1" >>confdefs.h
$as_echo "#define NDEBUG 1" >>confdefs.h
ac_fn_c_check_member "$LINENO" "struct stat" "st_rdev" "ac_cv_member_struct_stat_st_rdev" "$ac_includes_default"
if test "x$ac_cv_member_struct_stat_st_rdev" = xyes; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_STRUCT_STAT_ST_RDEV 1
_ACEOF
fi
ac_fn_c_check_member "$LINENO" "struct stat" "st_blocks" "ac_cv_member_struct_stat_st_blocks" "$ac_includes_default"
if test "x$ac_cv_member_struct_stat_st_blocks" = xyes; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_STRUCT_STAT_ST_BLOCKS 1
_ACEOF
fi
for ac_func in strftime gethostname gethostid
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
@ -6272,17 +6102,6 @@ _ACEOF
fi
done
for ac_func in swab
do :
ac_fn_c_check_func "$LINENO" "swab" "ac_cv_func_swab"
if test "x$ac_cv_func_swab" = xyes; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_SWAB 1
_ACEOF
fi
done
for ac_header in fcntl.h
do :
@ -6329,78 +6148,6 @@ done
fi
for ac_header in door.h
do :
ac_fn_c_check_header_mongrel "$LINENO" "door.h" "ac_cv_header_door_h" "$ac_includes_default"
if test "x$ac_cv_header_door_h" = xyes; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_DOOR_H 1
_ACEOF
for ac_func in door_create
do :
ac_fn_c_check_func "$LINENO" "door_create" "ac_cv_func_door_create"
if test "x$ac_cv_func_door_create" = xyes; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_DOOR_CREATE 1
_ACEOF
fi
done
fi
done
for ac_header in port.h
do :
ac_fn_c_check_header_mongrel "$LINENO" "port.h" "ac_cv_header_port_h" "$ac_includes_default"
if test "x$ac_cv_header_port_h" = xyes; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_PORT_H 1
_ACEOF
for ac_func in port_create
do :
ac_fn_c_check_func "$LINENO" "port_create" "ac_cv_func_port_create"
if test "x$ac_cv_func_port_create" = xyes; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_PORT_CREATE 1
_ACEOF
fi
done
fi
done
UNAME=`uname`
if [ $UNAME != "AROS" ]; then
if test -c "/dev/random"; then
$as_echo "#define HAVE_DEV_RANDOM 1" >>confdefs.h
fi
if test -c "/dev/urandom"; then
$as_echo "#define HAVE_DEV_URANDOM 1" >>confdefs.h
fi
if test -c "/dev/arandom"; then
$as_echo "#define HAVE_DEV_ARANDOM 1" >>confdefs.h
fi
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for socket in -lc" >&5
$as_echo_n "checking for socket in -lc... " >&6; }
@ -7103,9 +6850,6 @@ case $target in
;;
*-*-netbsd*)
;;
*-*-libertybsd*)
CXXFLAGS="${CXXFLAGS} -DTW_LibertyBSD"
;;
i[0-9]86-pc-linux*)
;;
sparc-*-linux*)
@ -7889,7 +7633,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by tripwire $as_me 2.4.3.7, which was
This file was extended by tripwire $as_me 2.4.3.4, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -7956,7 +7700,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
tripwire config.status 2.4.3.7
tripwire config.status 2.4.3.4
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"

97
configure.ac
View File

@ -2,75 +2,47 @@ dnl Process this file with autoconf to produce a configure script.
dnl
dnl
AC_INIT([tripwire], [2.4.3.7], [https://github.com/Tripwire/tripwire-open-source/issues], [tripwire], [https://github.com/Tripwire/tripwire-open-source])
AC_INIT([tripwire], [2.4.3.4], [https://github.com/Tripwire/tripwire-open-source/issues], [tripwire], [https://github.com/Tripwire/tripwire-open-source])
AC_CONFIG_SRCDIR([src/tw/tw.cpp])
AC_CANONICAL_TARGET([])
AM_INIT_AUTOMAKE
AM_CONFIG_HEADER(config.h)
AC_COPYRIGHT([The developer of the original code and/or files is Tripwire, Inc. Portions created by Tripwire, Inc. are copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights reserved.])
AC_REVISION([$Revision: 2.4.3.7 $])
AC_COPYRIGHT([The developer of the original code and/or files is Tripwire, Inc. Portions created by Tripwire, Inc. are copyright 2000-2017 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights reserved.])
AC_REVISION([$Revision: 2.4.3.4 $])
dnl #################################
dnl Cleanup Cruft Leftover From Patch
dnl #################################
rm -f src/tripwire/syslog.h 2> /dev/null
chmod 755 install-sh 2> /dev/null
dnl ###############
dnl Setup defaults
dnl ###############
CFLAGS=${CFLAGS:-"-O -pipe -Wall -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"}
CXXFLAGS=${CXXFLAGS:-"-O -pipe -Wall -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"}
CFLAGS=${CFLAGS:-"-O -pipe -Wall -Wextra -Wno-unused-parameter -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"}
CXXFLAGS=${CXXFLAGS:-"-O -pipe -Wall -Wextra -Wno-unused-parameter -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"}
dnl #####################
dnl Configuration options
dnl #####################
# This is primarily to support old compilers that dont understand -Wextra
AC_ARG_ENABLE(extrawarnings, [ —-disable-extrawarnings do not compile with -Wextra warnings enabled])
if test "x$enable_extrawarnings" != "xno"
then
CFLAGS="${CFLAGS} -Wextra -Wno-unused-parameter"
CXXFLAGS="${CXXFLAGS} -Wextra -Wno-unused-parameter"
fi
AC_ARG_ENABLE(static, [ --enable-static compile static binaries])
if test "x$enable_static" = xyes
then LDFLAGS="${LDFLAGS} -static"
fi
AC_ARG_ENABLE(debug, [ --enable-debug compile with debuging enabled])
if test "x$enable_debug" = xyes
then
CFLAGS="${CFLAGS} -g"
CXXFLAGS="${CXXFLAGS} -g"
AC_DEFINE(DEBUG, 1, [Compile with debug code])
else
AC_DEFINE(NDEBUG, 1, [Compile without debug code])
fi
AC_ARG_ENABLE(coverage, [ --enable-coverage enable code coverage])
if test "x$enable_coverage" = xyes
then
CFLAGS="${CFLAGS} --coverage"
CXXFLAGS="${CXXFLAGS} --coverage"
LDFLAGS="${LDFLAGS} --coverage"
fi
AC_ARG_ENABLE(profiling, [ --enable-profiling enable profiling])
if test "x$enable_profiling" = xyes
then
CFLAGS="${CFLAGS} -pg"
CXXFLAGS="${CXXFLAGS} -pg"
LDFLAGS="${LDFLAGS} -pg"
fi
AC_ARG_ENABLE(urandom, [ --enable-urandom use /dev/urandom])
if test "x$enable_urandom" = xyes
then
AC_DEFINE(ENABLE_DEV_URANDOM, 1, [Enable use of /dev/urandom])
fi
dnl ###################
dnl Checks for programs
dnl ###################
AC_PROG_CC([gcc clang suncc aCC xlC_r xlC cl.exe])
AC_PROG_CXX([g++ c++ clang++ sunCC aCC xlC_r xlC cl.exe])
AC_PROG_CXX([g++ clang++ sunCC aCC xlC_r xlC cl.exe])
AC_PROG_RANLIB
AC_PROG_YACC
AC_PROG_LN_S
@ -99,8 +71,7 @@ AC_CHECK_HEADERS(sys/mount.h,,,
#endif
]])
AC_CHECK_HEADERS(sys/ustat.h sys/sysmacros.h sys/syslog.h sys/socket.h)
AC_CHECK_HEADERS(unistd.h sys/unistd.h)
AC_CHECK_HEADERS(syslog.h langinfo.h sys/statfs.h sys/select.h)
AC_CHECK_HEADERS(unistd.h syslog.h langinfo.h sys/statfs.h sys/select.h)
AC_CHECK_HEADERS(signum.h bits/signum.h, break )
AC_CHECK_HEADERS(stdarg.h varargs.h, break )
AC_CHECK_HEADERS(sys/utsname.h memory.h)
@ -122,7 +93,6 @@ AC_C_BIGENDIAN
AC_CHECK_SIZEOF(int)
AC_CHECK_SIZEOF(long)
AC_CHECK_SIZEOF(long long)
AC_CHECK_SIZEOF(time_t)
dnl All platforms we support use 2's complement, are byte aligned, etc...
AC_DEFINE(USES_1S_COMPLEMENT, 0, [Uses one's complement])
@ -139,15 +109,11 @@ AC_DEFINE(IS_UNIX, 1, [Is a unix type platform])
dnl whether or not to generate debuging code?
AC_DEFINE(NDEBUG, 1, [don't generate debuging code])
dnl look for struct stat members that aren't always there
AC_CHECK_MEMBERS([struct stat.st_rdev, struct stat.st_blocks])
dnl #############################
dnl Checks for standard functions
dnl #############################
AC_CHECK_FUNCS(strftime gethostname gethostid)
AC_CHECK_FUNCS(mkstemp mktemp, break)
AC_CHECK_FUNCS(swab)
dnl check for posix_fadvise
AC_CHECK_HEADERS(fcntl.h, [AC_CHECK_FUNCS(posix_fadvise)])
@ -161,40 +127,6 @@ then
AC_CHECK_HEADERS(CommonCrypto/CommonDigest.h)
fi
dnl check for door support (Solaris)
AC_CHECK_HEADERS(door.h, [AC_CHECK_FUNCS(door_create)])
dnl check for event port support (Solaris)
AC_CHECK_HEADERS(port.h, [AC_CHECK_FUNCS(port_create)])
dnl ##############################################
dnl check for various RNG/PRNG devices
dnl ##############################################
UNAME=`uname`
dnl ##############################################
dnl AROS pops up a "Please insert disk" dialog for /dev
dnl if script looks for devices (which don't exist)
dnl so don't even try looking.
dnl ##############################################
if [[ $UNAME != "AROS" ]]; then
if test -c "/dev/random"; then
AC_DEFINE(HAVE_DEV_RANDOM, [1], [Has /dev/random])
fi
if test -c "/dev/urandom"; then
AC_DEFINE(HAVE_DEV_URANDOM, [1], [Has /dev/urandom])
fi
if test -c "/dev/arandom"; then
AC_DEFINE(HAVE_DEV_ARANDOM, [1], [Has /dev/arandom])
fi
fi
dnl ##############################################
dnl Checks for various platform specific libraries
dnl ##############################################
@ -349,9 +281,6 @@ case $target in
;;
*-*-netbsd*)
;;
*-*-libertybsd*)
CXXFLAGS="${CXXFLAGS} -DTW_LibertyBSD"
;;
i[[0-9]]86-pc-linux*)
;;
sparc-*-linux*)

147
installer/install.sh
View File

@ -17,7 +17,7 @@
## from Larry Wall's metaconfig.
##-------------------------------------------------------
PATH=".:/bin:/usr/bin:/usr/local/bin:$PATH"
PATH='.:/bin:/usr/bin'
export PATH || (echo 'You must use sh to run this script'; kill $$)
if [ ! -t 0 ] ; then
echo "Say 'sh install.sh', not 'sh < install.sh'"
@ -28,7 +28,7 @@ fi
## The usage message.
##-------------------------------------------------------
USAGE="install.sh [<configfile>] [-n] [-f] [-s <sitepassphrase>] [-l <localpassphrase>] [-d <installdir>]"
USAGE="install.sh [<configfile>] [-n] [-f] [-s <sitepassphrase>] [-l <localpassphrase>]"
##-------------------------------------------------------
## Figure out how to do an echo without newline.
@ -42,6 +42,18 @@ else
c=""
fi
##-------------------------------------------------------
## Better have a copy of tar!
## If /bin/sh does not exist or is not readable (seems
## fairly unlikely), then this will fail.
##-------------------------------------------------------
(tar cvf /dev/null /bin/sh) 2> /dev/null 1>&2
if [ $? -ne 0 ]; then
echo "tar command not found -- aborting install."
exit 1
fi
##-------------------------------------------------------
## Can't live without sed.
##-------------------------------------------------------
@ -66,24 +78,52 @@ for p in $awknames; do
fi
done
##-------------------------------------------------------
## Does this system have a copy of grep we can use?
## Some greps don't return status (amazing, huh?),
## so we look for a copy of grep that
## returns 0 status for an exact match
## returns 0 status for a case-insensitive match
## returns 0 status for a wildcard match
## returns non-zero status for a failed match
##-------------------------------------------------------
GREP=""
grepnames="grep egrep"
lcgrepstr="findensiemich" # all lower case
mcgrepstr="FindenSieMich" # mixed case
wcgrepstr="sie.ich$" # wild card match
nogrepstr="WoBistDu" # should not be able to find this
for p in $grepnames; do
(echo "$lcgrepstr" | $p "$lcgrepstr") 2> /dev/null 1>&2
if [ $? -eq 0 ]; then
(echo "$lcgrepstr" | $p -i "$mcgrepstr") 2> /dev/null 1>&2
if [ $? -eq 0 ]; then
(echo "$lcgrepstr" | $p "$wcgrepstr") 2> /dev/null 1>&2
if [ $? -eq 0 ]; then
(echo "$lcgrepstr" | $p "$nogrepstr") 2> /dev/null 1>&2
if [ $? -ne 0 ]; then
GREP=$p
break
fi
fi
fi
fi
done
##-------------------------------------------------------
## Does this system have a pager that we can use?
## Use cat if desperate.
##-------------------------------------------------------
MORE="cat"
morenames="less more most pg cat"
morenames="more less cat"
for p in $morenames; do
pagerpath=`command -v $p`
if [ -z $pagerpath ]; then
continue
fi
if [ -x $pagerpath ]; then
MORE=$pagerpath
break
fi
($p $0 < /dev/null) 2> /dev/null 1>&2
if [ $? -eq 0 ]; then
MORE=$p
break
fi
done
##-------------------------------------------------------
@ -104,10 +144,8 @@ fi
## Miscellaneous configuration parameters.
##-------------------------------------------------------
# set a few location variables if caller didn't pass them to us
prefix="${prefix:=/usr/local}"
sysconfdir="${sysconfdir:=/usr/local/etc}"
path_to_vi="${path_to_vi:=/usr/bin/vi}"
# prefix
prefix="${prefix:=/usr}"
# License File name
TWLICENSEFILE="COPYING"
@ -154,16 +192,10 @@ TAR_DIR=${TAR_DIR:-${START_DIR}}
OS=`uname -s`
POLICYSRC="twpol-${OS:=GENERIC}.txt"
if [ ! -r ${TAR_DIR}/policy/${POLICYSRC} ]; then
OS=`uname -o`
POLICYSRC="twpol-${OS:=GENERIC}.txt"
if [ ! -r ${TAR_DIR}/policy/${POLICYSRC} ]
then POLICYSRC="twpol-GENERIC.txt"
fi
if [ ! -r ${TAR_DIR}/policy/${POLICYSRC} ]; then
POLICYSRC="twpol-GENERIC.txt"
fi
##-------------------------------------------------------
## Parse the command line.
##-------------------------------------------------------
@ -186,13 +218,6 @@ while [ "x$1" != "x" ] ; do
exit 1 ;;
*) TW_LOCAL_PASS="$2"; shift ;;
esac ;;
-d) case "$2" in
"" | -*)
echo "Error: missing install dir with -d option." 1>&2
echo "$USAGE"
exit 1 ;;
*) prefix="$2"; sysconfdir="$2/bin"; shift ;;
esac ;;
-*) echo "Error: unknown argument $1" 1>&2
echo "$USAGE"
exit 1 ;;
@ -218,8 +243,9 @@ cat << END_OF_TEXT
Installer program for:
Tripwire(R) 2.4 Open Source
Copyright (C) 1998-2017 Tripwire, Inc.
Tripwire is a registered trademark of Tripwire, Inc. All rights reserved.
Copyright (C) 1998-2000 Tripwire (R) Security Systems, Inc. Tripwire (R)
is a registered trademark of the Purdue Research Foundation and is
licensed exclusively to Tripwire (R) Security Systems, Inc.
END_OF_TEXT
@ -392,48 +418,14 @@ else
## Verify that the specified editor program exists
##-------------------------------------------------------
# If user specified an editor in $path_to_vi or $TWEDITOR, try that first.
# $path_to_vi defaults to /usr/bin/vi, so we usually succeed here.
#
if [ -n ${TWEDITOR} ]; then
TWEDITOR_PATH=`command -v $TWEDITOR`
fi
# If user's environment includes $EDITOR, try that next
if [ -n ${EDITOR} ] && [ -z ${TWEDITOR_PATH} ]; then
TWEDITOR_PATH=`command -v $EDITOR`
fi
# Ok, now search path for vi
if [ -z ${TWEDITOR_PATH} ]; then
TWEDITOR_PATH=`command -v vi`
fi
# Try vim in case there isn't a link named vi
if [ -z ${TWEDITOR_PATH} ]; then
TWEDITOR_PATH=`command -v vim`
fi
# No vi/vim? See if nano is present
if [ -z ${TWEDITOR_PATH} ]; then
TWEDITOR_PATH=`command -v nano`
fi
# No vi or nano? See if emacs is available
if [ -z ${TWEDITOR_PATH} ]; then
TWEDITOR_PATH=`command -v emacs`
fi
if [ -n ${TWEDITOR_PATH} ]; then
TWEDITOR=$TWEDITOR_PATH
fi
TWEDITOR=${TWEDITOR:-'/bin/vi'}
if [ -x ${TWEDITOR} ]; then
echo "${TWEDITOR} exists. Continuing installation."
echo
echo "${TWEDITOR} exists. Continuing installation."
echo
else
echo "${TWEDITOR} not found. Continuing, but your configuration may need to be edited after installation."
echo
echo "${TWEDITOR} does not exist. Exiting."
exit 1
fi
##-------------------------------------------------------
@ -592,12 +584,9 @@ f10=' ff=${POLICYSRC} ; d="/policy" ; dd=$TWPOLICY ; rr=0640 '
#f16=' ff=twadmin.8 ; d="/man/man8" ; dd=$TWMAN/man8 ; rr=0444 '
#f17=' ff=twintro.8 ; d="/man/man8" ; dd=$TWMAN/man8 ; rr=0444 '
#f18=' ff=twprint.8 ; d="/man/man8" ; dd=$TWMAN/man8 ; rr=0444 '
f19=' ff=COMMERCIAL ; d="" ; dd=$TWDOCS ; rr=0444 '
f20=' ff=ReadMe-2.4.3 ; d="" ; dd=$TWDOCS ; rr=0444 '
f21=' ff=ChangeLog ; d="" ; dd=$TWDOCS ; rr=0444 '
# Binaries and manpages are already installed by the install target
loosefiles="f3 f4 f5 f6 f7 f8 f9 f10 f19 f20 f21"
loosefiles="f3 f4 f5 f6 f7 f8 f9 f10"
for i in $loosefiles; do
eval "eval \"\$$i\""
@ -618,9 +607,7 @@ done
if [ -n "$INSTALL_STRIP_FLAG" ] ; then
echo "INSTALL_STRIP_FLAG is set, stripping binaries"
chmod u+w "$TWBIN/siggen" "$TWBIN/tripwire" "$TWBIN/twadmin" "$TWBIN/twprint"
strip "$TWBIN/siggen" "$TWBIN/tripwire" "$TWBIN/twadmin" "$TWBIN/twprint"
chmod u-w "$TWBIN/siggen" "$TWBIN/tripwire" "$TWBIN/twadmin" "$TWBIN/twprint"
fi
#Make extra sure we don't install the unit test binary to sbin
@ -936,7 +923,7 @@ cat << END_OF_TEXT
----------------------------------------------
The installation succeeded.
Please refer to documentation in $TWDOCS
Please refer to $README_LOC
for release information and to the printed user documentation
for further instructions on using Tripwire 2.4 Open Source.

18
lcov.sh
View File

@ -1,18 +0,0 @@
#!/bin/sh
if [ -d ./lcov ]; then
rm -Rf ./lcov
fi
if [ -e ./lcov.dat ]; then
rm ./lcov.dat
fi
if [ -e ./lcov.tgz ]; then
rm ./lcov.tgz
fi
lcov --capture --directory src --output-file ./lcov.dat
genhtml ./lcov.dat --output-directory lcov
tar -zcvf lcov.tgz lcov

5
man/Makefile.in
View File

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.15.1 from Makefile.am.
# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2017 Free Software Foundation, Inc.
# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -284,6 +284,7 @@ pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@

5
man/man4/Makefile.in
View File

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.15.1 from Makefile.am.
# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2017 Free Software Foundation, Inc.
# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -256,6 +256,7 @@ pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@

13
man/man4/twconfig.4
View File

@ -35,7 +35,7 @@
..
.nh
.ad l
.TH TWCONFIG 4 "04 Jan 2018" "Open Source Tripwire 2.4"
.TH TWCONFIG 4 "1 July 2000"
.SH NAME
twconfig \- \fITripwire\fP configuration file reference
.SH DESCRIPTION
@ -215,15 +215,6 @@ parameter; reports displayed by other modes and other commands
are not affected.
.br
Initial value: \fI3\fP
.IP \f(CWDBPRINTLEVEL\fP
Specifies the default level of report produced by the \fBtwprint
\(hy\(hyprint\(hydbfile\fP mode. Valid values for this option are 0 to
2. The output
level specified by this option can be overridden with the (\fB\(hyt\fP\ or\ \fB\(hy\(hyoutput\(hylevel\fP) option on the command line. If
this variable is not included in the configuration file, the default
output level is 2.
.br
Initial value: \fI2\fP
.IP \f(CWHASH_DIRECT_IO\fP
Use direct i/o when hashing files. (Linux-only as of OST 2.4.3.2)
.br
@ -311,7 +302,7 @@ Permission is granted to copy and distribute modified versions of this man page
.PP
Permission is granted to copy and distribute translations of this man page into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by Tripwire, Inc.
.PP
Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
Copyright 2000-2017 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
.SH SEE ALSO
.BR twintro (8),
.BR tripwire (8),

4
man/man4/twpolicy.4
View File

@ -36,7 +36,7 @@
.\"
.nh
.ad l
.TH TWPOLICY 4 "04 Jan 2018" "Open Source Tripwire 2.4"
.TH TWPOLICY 4 "1 July 2000"
.SH NAME
twpolicy \- \fITripwire\fP policy file reference
.SH DESCRIPTION
@ -537,7 +537,7 @@ Permission is granted to copy and distribute modified versions of this man page
.PP
Permission is granted to copy and distribute translations of this man page into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by Tripwire, Inc.
.PP
Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
Copyright 2000-2017 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
.SH SEE ALSO
.BR twintro (8),
.BR tripwire (8),

5
man/man5/Makefile.in
View File

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.15.1 from Makefile.am.
# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2017 Free Software Foundation, Inc.
# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -256,6 +256,7 @@ pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@

4
man/man5/twfiles.5
View File

@ -25,7 +25,7 @@
.\"
.nh
.ad l
.TH TWFILES 5 "04 Jan 2018" "Open Source Tripwire 2.4"
.TH TWFILES 5 "1 July 2000"
.SH NAME
twfiles \- overview of files used by \fITripwire\fR and file backup process
.\"
@ -112,7 +112,7 @@ Permission is granted to copy and distribute modified versions of this man page
.PP
Permission is granted to copy and distribute translations of this man page into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by Tripwire, Inc.
.PP
Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
Copyright 2000-2017 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
.SH SEE ALSO
.BR twintro (8),
.BR tripwire (8),

5
man/man8/Makefile.in
View File

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.15.1 from Makefile.am.
# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2017 Free Software Foundation, Inc.
# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -256,6 +256,7 @@ pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@

8
man/man8/siggen.8
View File

@ -2,9 +2,9 @@
.\" Do not move or remove previous line.
.\" Used by some man commands to know that tbl should be used.
.nh
.TH SIGGEN 8 "04 Jan 2018" "Open Source Tripwire 2.4"
.TH SIGGEN 8 "19 Feb 2004"
.SH NAME
siggen \- signature gathering utility for Tripwire
siggen \- signature gathering routine for Tripwire
.SH SYNOPSIS
.B siggen
[
@ -54,8 +54,6 @@ Display Haval value, a 128-bit hash code.
.TP
.IR file1 " [ " "file2... " ]
List of filesystem objects for which to display values.
.SH EXIT STATUS
\fBsiggen\fP exits 0 on success, 1 on error.
.SH VERSION INFORMATION
This man page describes
.B siggen
@ -69,7 +67,7 @@ Permission is granted to copy and distribute modified versions of this man page
.PP
Permission is granted to copy and distribute translations of this man page into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by Tripwire, Inc.
.PP
Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
Copyright 2000-2017 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
.SH SEE ALSO
.BR twintro (8),
.BR tripwire (8),

19
man/man8/tripwire.8
View File

@ -36,9 +36,9 @@
.\"
.nh
.ad l
.TH TRIPWIRE 8 "04 Jan 2018" "Open Source Tripwire 2.4"
.TH TRIPWIRE 8 "1 July 2000"
.SH NAME
tripwire \- a file integrity checker for \s-1UNIX-like\s0 systems
tripwire \- a file integrity checker for \s-1UNIX\s0 systems
.SH SYNOPSIS
.B tripwire
.RB "{ " "-m i" " | " "--init" " } "
@ -554,19 +554,6 @@ Mode selector.
Use the specified email address. This parameter must
be supplied when test mode is used. Only one address
may be specified.
.SH EXIT STATUS
.SS Integrity Checking Mode
\fBtripwire\fP exits 0 if no changes are detected. Otherwise the exit value is a bit mask:
.TP
\fB1\fP At least one file or directory has been added.
.TP
\fB2\fP At least one file or directory has been modified.
.TP
\fB4\fP At least one file or directory has been modified.
.TP
\fB8\fP Error(s) occurred during the check.
.SS All Other Modes
\fBtripwire\fP exits 0 on success, 8 on error.
.SH VERSION INFORMATION
This man page describes
.B tripwire
@ -580,7 +567,7 @@ Permission is granted to copy and distribute modified versions of this man page
.PP
Permission is granted to copy and distribute translations of this man page into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by Tripwire, Inc.
.PP
Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
Copyright 2000-2017 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
.SH SEE ALSO
.BR twintro (8),
.BR twadmin (8),

6
man/man8/twadmin.8
View File

@ -17,7 +17,7 @@
.in \\n(.iu
..
.ad l
.TH TWADMIN 8 "04 Jan 2018" "Open Source Tripwire 2.4"
.TH TWADMIN 8 "1 July 2000"
.SH NAME
twadmin \- Tripwire administrative and utility tool
.SH SYNOPSIS
@ -538,8 +538,6 @@ file.
Specify passphrase used to decrypt the private key in the specified sitekey
file.
.\" *****************************************
.SH EXIT STATUS
\fBtwadmin\fP exits 0 on success, 1 on error.
.SH VERSION INFORMATION
This man page describes
.B twadmin
@ -553,7 +551,7 @@ Permission is granted to copy and distribute modified versions of this man page
.PP
Permission is granted to copy and distribute translations of this man page into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by Tripwire, Inc.
.PP
Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
Copyright 2000-2017 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
.SH SEE ALSO
.BR twintro (8),
.BR tripwire (8),

6
man/man8/twintro.8
View File

@ -16,12 +16,12 @@
.\"
.nh
.ad l
.TH TWINTRO 8 "04 Jan 2018" "Open Source Tripwire 2.4"
.TH TWINTRO 8 "1 July 2000"
.SH NAME
twintro \- introduction to \fITripwire\fP software
.SH DESCRIPTION
.PP
\fITripwire 2.4\fP is a file integrity assessment tool for UNIX-like systems. Rather than preventing an intruder or virus
\fITripwire 2.4\fP is a file integrity assessment product for Linux networks. Rather than preventing an intruder or virus
from attacking system files, \fITripwire\fP detects intrusions when
they do occur. By comparing system files and directories against a
previously stored "baseline" database, \fITripwire\fP finds any
@ -99,7 +99,7 @@ Permission is granted to copy and distribute modified versions of this man page
.PP
Permission is granted to copy and distribute translations of this man page into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by Tripwire, Inc.
.PP
Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
Copyright 2000-2017 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
.SH SEE ALSO
.BR tripwire (8),
.BR twadmin (8),

23
man/man8/twprint.8
View File

@ -2,7 +2,7 @@
.\" Do not move or remove previous line.
.\" Used by some man commands to know that tbl should be used.
.ad l
.TH TWPRINT 8 "04 Jan 2018" "Open Source Tripwire 2.4"
.TH TWPRINT 8 "1 July 2000"
.nh
.SH NAME
twprint \- Tripwire database and report printer
@ -10,9 +10,6 @@ twprint \- Tripwire database and report printer
.B twprint
.RB "{ " "-m r" " | " "--print-report" " } "
.RI "[ " options... " ]"
.if n .br
.if n .ti +.5i
.RI " [ " "object1" " [ " "object2..." " ]]"
.br
.B twprint
.RB "{ " "-m d" " | " "--print-dbfile" " } "
@ -62,7 +59,6 @@ lbw(1.2i) lb.
-L \fIlocalkey\fP --local-keyfile \fIlocalkey\fP
-t \fR{ 0|1|2|3|4 }\fP --report-level \fR{ 0|1|2|3|4 }\fP
.TE
.RI "[ " "object1" " [ " "object2..." " ]]"
.RE
.TP
.BR "\(hym r" ", " --print-report
@ -87,15 +83,10 @@ Print the specified report file.
Use the specified local key file to perform verification
with reports which are signed.
.TP
.BI \(hyt " level\fR, " --report-level " level"
.BI \(hyt " level\fR, " --report-level " level
Specifies the detail level of the printed report, overriding the
\f(CWREPORTLEVEL\fP variable in the configuration
file. \fIlevel\fR must be a number from 0\ to\ 4.
.TP
.RI "[ " "object1" " [ " "object2..." " ]]"
List of filesystem objects in the report to print. If no
objects are specified, every object in the report will
be printed.
.\" *****************************************
.SS Database printing mode:
.RS 0.4i
@ -109,7 +100,6 @@ lbw(1.2i) lb.
-c \fIcfgfile\fP --cfgfile \fIcfgfile\fP
-d \fIdatabase\fP --dbfile \fIdatabase\fP
-L \fIlocalkey\fP --local-keyfile \fIlocalkey\fP
-t \fR{ 0|1|2 }\fP --output-level \fR{ 0|1|2 }\fP
.TE
.RI "[ " "object1" " [ " "object2..." " ]]"
.RE
@ -135,11 +125,6 @@ Print the specified database file.
.BI \(hyL " localkey\fR, " --local-keyfile " localkey"
Use the specified local key file to read the database.
.TP
.BI \(hyt " level\fR, " --output-level " level"
Specifies the detail level of the printed database, overriding the
\f(CWDBPRINTLEVEL\fP variable in the configuration
file. \fIlevel\fR must be a number from 0\ to\ 2.
.TP
.RI "[ " "object1" " [ " "object2..." " ]]"
List of filesystem objects in the database to print. If no
objects are specified, every object in the database will
@ -147,8 +132,6 @@ be printed. The format for a list of objects is:
.if n .I "section: objname objname... section: objname..."
.if t .br
.if t .I "section: objectname objectname... section: objectname..."
.SH EXIT STATUS
\fBtwprint\fP exits 0 on success, 1 on error.
.SH VERSION INFORMATION
This man page describes
.B twprint
@ -162,7 +145,7 @@ Permission is granted to copy and distribute modified versions of this man page
.PP
Permission is granted to copy and distribute translations of this man page into another language, under the above conditions for modified versions, except that this permission notice may be stated in a translation approved by Tripwire, Inc.
.PP
Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
Copyright 2000-2017 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and other countries. All rights reserved.
.SH SEE ALSO
.BR twintro (8),
.BR tripwire (8),

2
policy/policyguide.txt
View File

@ -191,7 +191,7 @@ $(DIR1) -> $(param1); # It is also possible to do a
#=============================================================================
#
# Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire,
# Copyright 2000 Tripwire, Inc. Tripwire is a registered trademark of Tripwire,
# Inc. All rights reserved.
#
# Linux is a registered trademark of Linus Torvalds.

113
policy/twpol-AIX.txt
View File

@ -60,14 +60,13 @@ HOSTNAME=;
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
Device = +pugsdr-intlbamcCMSH ;
Dynamic = +pinugtd-srlbamcCMSH ;
Growing = +pinugtdl-srbamcCMSH ;
IgnoreAll = -pinugtsdrlbamcCMSH ;
IgnoreNone = +pinugtsdrbamcCMSH-l ;
ReadOnly = +pinugtsdbmCM-rlacSH ;
Temporary = +pugt ;
@@section FS
@ -84,10 +83,10 @@ SEC_TEMPORARY = +pugt ;
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
$(TWBIN)/siggen -> $(ReadOnly) ;
$(TWBIN)/tripwire -> $(ReadOnly) ;
$(TWBIN)/twadmin -> $(ReadOnly) ;
$(TWBIN)/twprint -> $(ReadOnly) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
@ -104,14 +103,14 @@ SEC_TEMPORARY = +pugt ;
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
$(TWDB) -> $(Dynamic) -i ;
$(TWPOL)/tw.pol -> $(ReadOnly) -i ;
$(TWPOL)/tw.cfg -> $(ReadOnly) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(ReadOnly) ;
$(TWSKEY)/site.key -> $(ReadOnly) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
$(TWREPORT) -> $(Dynamic) (recurse=0) ;
}
################################################
@ -125,7 +124,7 @@ SEC_TEMPORARY = +pugt ;
rulename = "OS Boot and Configuration Files",
)
{
/etc -> $(SEC_IGNORE_NONE) -SHa ;
/etc -> $(IgnoreNone) -SHa ;
}
###################################################
@ -139,9 +138,9 @@ SEC_TEMPORARY = +pugt ;
rulename = "Mount Points",
)
{
/ -> $(SEC_READONLY) ;
/usr -> $(SEC_READONLY) ;
/var -> $(SEC_READONLY) ;
/ -> $(ReadOnly) ;
/usr -> $(ReadOnly) ;
/var -> $(ReadOnly) ;
}
###################################################
@ -155,10 +154,10 @@ SEC_TEMPORARY = +pugt ;
rulename = "Misc Top-Level Directories",
)
{
/lost+found -> $(SEC_READONLY) ;
/hacmplocal -> $(SEC_READONLY) ;
/homelocal -> $(SEC_READONLY) ;
/opt -> $(SEC_READONLY) ;
/lost+found -> $(ReadOnly) ;
/hacmplocal -> $(ReadOnly) ;
/homelocal -> $(ReadOnly) ;
/opt -> $(ReadOnly) ;
!/var/adm/csd ;
}
@ -173,7 +172,7 @@ SEC_TEMPORARY = +pugt ;
rulename = "System Devices",
)
{
/dev -> $(SEC_DEVICE) ;
/dev -> $(Device) ;
}
################################################
@ -187,10 +186,10 @@ SEC_TEMPORARY = +pugt ;
rulename = "OS Binaries and Libraries",
)
{
/sbin -> $(SEC_READONLY) ;
/usr/bin -> $(SEC_READONLY) ;
/usr/lib -> $(SEC_READONLY) ;
/usr/sbin -> $(SEC_READONLY) ;
/sbin -> $(ReadOnly) ;
/usr/bin -> $(ReadOnly) ;
/usr/lib -> $(ReadOnly) ;
/usr/sbin -> $(ReadOnly) ;
}
################################################
@ -204,11 +203,11 @@ SEC_TEMPORARY = +pugt ;
rulename = "Root Directory and Files",
)
{
#/.dtprofile -> $(SEC_DYNAMIC) ;
#/.dtprofile -> $(Dynamic) ;
! /.netscape/cache ;
/.netscape/history.dat -> $(SEC_DYNAMIC) ;
/.sh_history -> $(SEC_DYNAMIC) ;
#/.Xauthority -> $(SEC_READONLY) ;
/.netscape/history.dat -> $(Dynamic) ;
/.sh_history -> $(Dynamic) ;
#/.Xauthority -> $(ReadOnly) ;
}
################################################
@ -222,8 +221,8 @@ SEC_TEMPORARY = +pugt ;
rulename = "Temporary Directories",
)
{
/tmp -> $(SEC_TEMPORARY) ;
/var/tmp -> $(SEC_TEMPORARY) ;
/tmp -> $(Temporary) ;
/var/tmp -> $(Temporary) ;
}
################################################
@ -252,31 +251,31 @@ SEC_TEMPORARY = +pugt ;
rulename = "System and Boot Changes",
)
{
/etc/es/objrepos -> $(SEC_READONLY) -SHacm ;
/etc/es/objrepos/HACMPresource -> $(SEC_READONLY) -SHCMcm ;
/etc/lpp/diagnostics/data -> $(SEC_READONLY) -SHCMacm ;
/etc/ntp.drift -> $(SEC_READONLY) -SHiacm ;
/etc/es/objrepos -> $(ReadOnly) -SHacm ;
/etc/es/objrepos/HACMPresource -> $(ReadOnly) -SHCMcm ;
/etc/lpp/diagnostics/data -> $(ReadOnly) -SHCMacm ;
/etc/ntp.drift -> $(ReadOnly) -SHiacm ;
!/etc/objrepos ;
/etc/security -> $(SEC_READONLY) -SHacm ;
/usr/es/adm/cluster.log -> $(SEC_READONLY) -SHCMsbm ;
/usr/es/sbin/cluster/etc/objrepos/active -> $(SEC_READONLY) -SHim ;
/etc/security -> $(ReadOnly) -SHacm ;
/usr/es/adm/cluster.log -> $(ReadOnly) -SHCMsbm ;
/usr/es/sbin/cluster/etc/objrepos/active -> $(ReadOnly) -SHim ;
!/usr/etc/sbin/cluster/history ;
/usr/share/lib/objrepos -> $(SEC_READONLY) -m ;
/usr/lib/objrepos -> $(SEC_READONLY) -m ;
/usr/share/lib/objrepos -> $(ReadOnly) -m ;
/usr/lib/objrepos -> $(ReadOnly) -m ;
!/var/adm/SPlogs ;
/var/ha/log -> $(SEC_GROWING) -i ;
/var/ha/log -> $(Growing) -i ;
!/var/adm ;
!/var/ct ;
#/var/backups -> $(SEC_DYNAMIC) -i ;
#/var/db/host.random -> $(SEC_READONLY) -mCM ;
#/var/db/locate.database -> $(SEC_READONLY) -misCM ;
#/var/cron -> $(SEC_GROWING) -i ;
#/var/log -> $(SEC_GROWING) -i ;
#/var/run -> $(SEC_DYNAMIC) -i ;
#/var/mail -> $(SEC_GROWING) ;
#/var/msgs/bounds -> $(SEC_READONLY) -smbCM ;
#/var/spool/clientmqueue -> $(SEC_TEMPORARY) ;
#/var/spool/mqueue -> $(SEC_TEMPORARY) ;
#/var/backups -> $(Dynamic) -i ;
#/var/db/host.random -> $(ReadOnly) -mCM ;
#/var/db/locate.database -> $(ReadOnly) -misCM ;
#/var/cron -> $(Growing) -i ;
#/var/log -> $(Growing) -i ;
#/var/run -> $(Dynamic) -i ;
#/var/mail -> $(Growing) ;
#/var/msgs/bounds -> $(ReadOnly) -smbCM ;
#/var/spool/clientmqueue -> $(Temporary) ;
#/var/spool/mqueue -> $(Temporary) ;
#!/var/tmp/vi.recover ; # perl script periodically removes this
}

132
policy/twpol-AROS.txt
View File

@ -1,132 +0,0 @@
###############################################################################
# ##
# Default Tripwire 2.4 Policy file for AROS ##
# ##
###############################################################################
###############################################################################
# ##
# Global Variable Definitions ##
# ##
# These are defined at install time by the installation script. You may ##
# Manually edit these if you are using this file directly and not from the ##
# installation script itself. ##
# ##
###############################################################################
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
##############################################################################
# Predefined Variables #
##############################################################################
#
# Property Masks
#
# - ignore the following properties
# + check the following properties
#
# a access timestamp (mutually exclusive with +CMSH)
# b number of blocks allocated
# c inode creation/modification timestamp
# d ID of device on which inode resides
# g group id of owner
# i inode number
# l growing files (logfiles for example)
# m modification timestamp
# n number of links
# p permission and file mode bits
# r ID of device pointed to by inode (valid only for device objects)
# s file size
# t file type
# u user id of owner
#
# C CRC-32 hash
# H HAVAL hash
# M MD5 hash
# S SHA hash
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
@@section FS
#########################################
# ##
# Tripwire Binaries and Data Files ##
# ##
#########################################
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
}
##############################################################################
(rulename="OS Files",)
{
AROS:System -> $(SEC_READONLY);
AROS:Devs -> $(SEC_READONLY);
AROS:Libs -> $(SEC_READONLY);
AROS:Tools-> $(SEC_READONLY);
AROS:Prefs -> $(SEC_READONLY);
AROS:Utilities -> $(SEC_READONLY);
AROS:WBStartup -> $(SEC_READONLY);
}
(rulename="Development Tools",)
{
Work:Development -> $(SEC_READONLY);
}
(rulename="Extras",)
{
Work:Extras -> $(SEC_READONLY);
}

292
policy/twpol-Bitrig.txt
View File

@ -1,292 +0,0 @@
##############################################################################
# ##
############################################################################## #
# # #
# Tripwire 2.4 policy for Bitrig # #
# updated March 2018 # #
# ##
##############################################################################
##############################################################################
# ##
############################################################################## #
# # #
# Global Variable Definitions # #
# # #
# These are defined at install time by the installation script. You may # #
# manually edit these if you are using this file directly and not from the # #
# installation script itself. # #
# ##
##############################################################################
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
##############################################################################
# Predefined Variables #
##############################################################################
#
# Property Masks
#
# - ignore the following properties
# + check the following properties
#
# a access timestamp (mutually exclusive with +CMSH)
# b number of blocks allocated
# c inode creation/modification timestamp
# d ID of device on which inode resides
# g group id of owner
# i inode number
# l growing files (logfiles for example)
# m modification timestamp
# n number of links
# p permission and file mode bits
# r ID of device pointed to by inode (valid only for device objects)
# s file size
# t file type
# u user id of owner
#
# C CRC-32 hash
# H HAVAL hash
# M MD5 hash
# S SHA hash
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
@@section FS
########################################
# ##
######################################## #
# # #
# Tripwire Binaries and Data Files # #
# ##
########################################
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
# In this configuration /usr/local is a symbolic link to /home/local.
# We want to ignore the following directories since they are already
# scanned using the real directory or mount point. Otherwise we see
# duplicates in the reports.
!/home/local ;
}
################################################
# ##
################################################ #
# # #
# OS Boot and Configuration Files # #
# ##
################################################
(
rulename = "OS Boot and Configuration Files",
)
{
/boot -> $(SEC_READONLY) ;
/bsd -> $(SEC_READONLY) ;
/etc -> $(SEC_IGNORE_NONE) -SHa ;
}
###################################################
# ##
################################################### #
# # #
# Mount Points # #
# ##
###################################################
(
rulename = "Mount Points",
)
{
/ -> $(SEC_READONLY) ;
/cdrom -> $(SEC_DYNAMIC) ;
/floppy -> $(SEC_DYNAMIC) ;
/home -> $(SEC_READONLY) ; # Modify as needed
/mnt -> $(SEC_DYNAMIC) ;
/usr -> $(SEC_READONLY) ;
/var -> $(SEC_READONLY) ;
}
###################################################
# ##
################################################### #
# # #
# Misc Top-Level Directories # #
# ##
###################################################
(
rulename = "Misc Top-Level Directories",
)
{
/altroot -> $(SEC_DYNAMIC) ;
/stand -> $(SEC_DYNAMIC) ;
}
################################################
# ##
################################################ #
# # #
# System Devices # #
# ##
################################################
(
rulename = "System Devices",
)
{
/dev -> $(SEC_DEVICE) ;
/dev/fd -> $(SEC_DEVICE) ;
/var/cron/tabs/.sock -> $(SEC_DEVICE) ;
/var/empty/dev/log -> $(SEC_DEVICE) ;
}
################################################
# ##
################################################ #
# # #
# OS Binaries and Libraries # #
# ##
################################################
(
rulename = "OS Binaries and Libraries",
)
{
/bin -> $(SEC_READONLY) ;
/sbin -> $(SEC_READONLY) ;
/usr/bin -> $(SEC_READONLY) ;
/usr/lib -> $(SEC_READONLY) ;
/usr/libexec -> $(SEC_READONLY) ;
/usr/sbin -> $(SEC_READONLY) ;
/usr/X11R6/bin -> $(SEC_READONLY) ;
/usr/X11R6/lib -> $(SEC_READONLY) ;
}
################################################
# ##
################################################ #
# # #
# Usr Local Files # #
# ##
################################################
#OK(
#OKrulename = "Usr Local Files",
#OK)
#OK{
#OK/usr/local -> $(SEC_READONLY) ;
#OK/usr/local/bin -> $(SEC_READONLY) ;
#OK/usr/local/doc -> $(SEC_READONLY) ;
#OK/usr/local/etc -> $(SEC_READONLY) ;
#OK/usr/local/include -> $(SEC_READONLY) ;
#OK/usr/local/info -> $(SEC_READONLY) ;
#OK/usr/local/lib -> $(SEC_READONLY) ;
#OK/usr/local/libdata -> $(SEC_READONLY) ;
#OK/usr/local/libexec -> $(SEC_READONLY) ;
#OK/usr/local/man -> $(SEC_READONLY) ;
#OK/usr/local/sbin -> $(SEC_READONLY) ;
#OK/usr/local/share -> $(SEC_READONLY) ;
#OK/usr/local/src -> $(SEC_READONLY) ;
#OK}
################################################
# ##
################################################ #
# # #
# Root Directory and Files # #
# ##
################################################
(
rulename = "Root Directory and Files",
)
{
/root -> $(SEC_IGNORE_NONE) -SHa ;
/root/.cshrc -> $(SEC_DYNAMIC) ;
/root/.profile -> $(SEC_DYNAMIC) ;
}
################################################
# ##
################################################ #
# # #
# Temporary Directories # #
# ##
################################################
(
rulename = "Temporary Directories",
)
{
/tmp -> $(SEC_TEMPORARY) ;
/var/tmp -> $(SEC_TEMPORARY) ;
}
################################################
# ##
################################################ #
# # #
# System and Boot Changes # #
# ##
################################################
(
rulename = "System and Boot Changes",
)
{
/var/backups -> $(SEC_DYNAMIC) -i ;
/var/db/host.random -> $(SEC_READONLY) -mCM ;
/var/cron -> $(SEC_GROWING) -i ;
/var/log -> $(SEC_GROWING) -i ;
/var/run -> $(SEC_DYNAMIC) -i ;
/var/mail -> $(SEC_GROWING) ;
/var/msgs/bounds -> $(SEC_READONLY) -smbCM ;
/var/spool/clientmqueue -> $(SEC_TEMPORARY) ;
/var/spool/mqueue -> $(SEC_TEMPORARY) ;
}
#
# $Id: twpol-OpenBSD.txt,v 1.2 2004/05/14 21:56:21 pherman Exp $
#

163
policy/twpol-Cygwin.txt
View File

@ -1,163 +0,0 @@
###############################################################################
# ##
# Default Tripwire 2.4 Policy file for Cygwin ##
# ##
###############################################################################
###############################################################################
# ##
# Global Variable Definitions ##
# ##
# These are defined at install time by the installation script. You may ##
# Manually edit these if you are using this file directly and not from the ##
# installation script itself. ##
# ##
###############################################################################
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
##############################################################################
# Predefined Variables #
##############################################################################
#
# Property Masks
#
# - ignore the following properties
# + check the following properties
#
# a access timestamp (mutually exclusive with +CMSH)
# b number of blocks allocated
# c inode creation/modification timestamp
# d ID of device on which inode resides
# g group id of owner
# i inode number
# l growing files (logfiles for example)
# m modification timestamp
# n number of links
# p permission and file mode bits
# r ID of device pointed to by inode (valid only for device objects)
# s file size
# t file type
# u user id of owner
#
# C CRC-32 hash
# H HAVAL hash
# M MD5 hash
# S SHA hash
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
@@section FS
#########################################
# ##
# Tripwire Binaries and Data Files ##
# ##
#########################################
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
}
##############################################################################
(rulename="Binary files",)
{
/bin -> $(SEC_READONLY) -a;
/usr/bin -> $(SEC_READONLY) -a;
/usr/local/bin -> $(SEC_READONLY) -a;
}
(rulename="Development",)
{
/usr/x86_64-pc-cygwin -> $(SEC_READONLY) -a;
}
(rulename="Libexec",)
{
/usr/libexec -> $(SEC_READONLY) -a;
}
(rulename="Admin binaries",)
{
/sbin -> $(SEC_READONLY) -a;
/usr/sbin -> $(SEC_READONLY) -a;
}
(rulename="Libraries",)
{
/lib -> $(SEC_READONLY) -a;
/usr/lib -> $(SEC_READONLY) -a;
/usr/local/lib -> $(SEC_READONLY) -a;
}
(rulename="Etc",)
{
/etc -> $(SEC_READONLY) -a;
/usr/local/etc -> $(SEC_READONLY) -a;
}
(rulename="Dev",)
{
/dev -> $(SEC_DEVICE);
}
(rulename="Tmp",)
{
/tmp -> $(SEC_TEMPORARY);
/var/tmp -> $(SEC_TEMPORARY);
/usr/tmp -> $(SEC_TEMPORARY);
}
(rulename="Log",)
{
/var/log -> $(SEC_GROWING);
}

96
policy/twpol-Darwin.txt
View File

@ -2,8 +2,8 @@
# ##
############################################################################## #
# # #
# Tripwire 2.4 policy for Mac OS X # #
# updated March 2018 # #
# Policy file for Mac OS X # #
# September 3, 2003 # #
# ##
##############################################################################
@ -28,7 +28,7 @@ TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
#USER1=frodo ;
##############################################################################
@ -67,10 +67,9 @@ SEC_DYNAMIC = +pinugt-dsrlbamcCMSH ;
SEC_READONLY = +pinugtsbmCM-drlacSH ;
SEC_GROWING = +pinugtl-dsrbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_TEMPORARY = +pugt ;
IgnoreAll = -pinugtsdrlbamcCMSH ;
IgnoreNone = +pinugtsdrbamcCMSH-l ;
Temporary = +pugt ;
@@section FS
@ -110,7 +109,7 @@ SEC_TEMPORARY = +pugt ;
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWLKEY)/local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
# don't scan the individual reports
@ -130,14 +129,14 @@ SEC_TEMPORARY = +pugt ;
rulename = "OS Boot and Configuration Files", severity=100
)
{
#/mach.sym -> $(SEC_READONLY)-im ;
/mach.sym -> $(SEC_READONLY)-im ;
/mach_kernel -> $(SEC_READONLY) ;
/private/etc -> $(SEC_READONLY)-m ;
#/private/etc/appletalk.cfg -> $(SEC_READONLY)-im ;
#/private/etc/appletalk.nvram.en0 -> $(SEC_DYNAMIC) ;
/private/etc/cups/certs -> $(SEC_DYNAMIC) -i(recurse=0) ;
#/private/etc/smb.conf -> $(SEC_READONLY)-im ;
/private/etc/smb.conf -> $(SEC_READONLY)-im ;
/Library -> $(SEC_READONLY) ;
/System -> $(SEC_READONLY) ;
@ -183,6 +182,8 @@ SEC_TEMPORARY = +pugt ;
)
{
/dev -> $(SEC_DEVICE)(recurse=0) ;
#/private/var/cron/tabs/.sock -> $(SEC_DEVICE) ;
}
################################################
@ -202,8 +203,8 @@ SEC_TEMPORARY = +pugt ;
/usr/lib -> $(SEC_READONLY) ;
/usr/libexec -> $(SEC_READONLY) ;
/usr/sbin -> $(SEC_READONLY) ;
/usr/X11 -> $(SEC_READONLY)(recurse=2) ; # May not be present
#/usr/X11/man -> $(SEC_DYNAMIC)-i(recurse=1) ; # May not be present
#/usr/X11R6 -> $(SEC_READONLY)(recurse=2) ; # May not be present
#/usr/X11R6/man -> $(SEC_DYNAMIC)-i(recurse=1) ; # May not be present
/usr/share -> $(SEC_READONLY) ;
/usr/share/man -> $(SEC_DYNAMIC)-i(recurse=1) ;
@ -222,6 +223,12 @@ SEC_TEMPORARY = +pugt ;
)
{
/Applications -> $(SEC_READONLY)-im(recurse=2) ;
"/Applications (Mac OS 9)" -> $(SEC_READONLY) ;
!/Applications/Internet/P2P/Downloads ;
!/Applications/Games/"Warcraft III Folder"/Save ;
}
################################################
@ -236,19 +243,10 @@ SEC_TEMPORARY = +pugt ;
)
{
/usr/local -> $(SEC_READONLY) ;
/usr/local/sbin -> $(SEC_READONLY) ;
/usr/local/bin -> $(SEC_READONLY) ;
/usr/local/include -> $(SEC_READONLY) ;
/usr/local/opt -> $(SEC_READONLY) ;
/usr/local/libexec -> $(SEC_READONLY) ;
/usr/local/lib -> $(SEC_READONLY) ;
#/usr/local/bin -> $(SEC_READONLY) ;
/usr/local/etc -> $(SEC_READONLY) ;
/usr/local/share -> $(SEC_READONLY) ;
/usr/local/man -> $(SEC_READONLY) ;
/usr/local/Frameworks -> $(SEC_READONLY) ;
# Homebrew
/usr/local/.git -> $(SEC_READONLY) ;
/usr/local/Cellar -> $(SEC_READONLY) ;
#/usr/local/sbin -> $(SEC_READONLY) ;
#/usr/local/share -> $(SEC_READONLY) ;
}
@ -265,26 +263,24 @@ SEC_TEMPORARY = +pugt ;
{
/private/tmp -> $(SEC_DYNAMIC)-in(recurse=0) ;
/private/tftpboot -> $(SEC_READONLY)-i ;
/private/var -> $(SEC_READONLY)-i ;
/private/var/backups -> $(SEC_READONLY)-imc(severity=100) ;
#/private/var/backups/local.nidump -> $(SEC_DYNAMIC) -i(severity=100) ;
#/private/var/cron -> $(SEC_DYNAMIC) -i ;
/private/var/db -> $(SEC_READONLY)-im ;
/private/var/db/BootCache.playlist -> $(SEC_DYNAMIC) -i ;
#/private/var/db/netinfo/local.nidb/Store.384 -> $(SEC_READONLY)-imc(severity=100) ;
/private/var/db/netinfo/local.nidb/Store.384 -> $(SEC_READONLY)-imc(severity=100) ;
#/private/var/db/netinfo/local.nidb/Store.672 -> $(SEC_READONLY)-imc(severity=100) ;
#/private/var/db/prebindOnDemandBadFiles -> $(SEC_DYNAMIC) -i ;
/private/var/db/prebindOnDemandBadFiles -> $(SEC_DYNAMIC) -i ;
/private/var/log -> $(SEC_DYNAMIC) -i ;
#/private/var/mail -> $(SEC_DYNAMIC) ;
/private/var/msgs/bounds -> $(SEC_READONLY)-smbCM ;
/private/var/root/Library/Caches -> $(SEC_DYNAMIC) -i ;
/private/var/run -> $(SEC_DYNAMIC) -i(rulename="Running Services") ;
#/private/var/slp.regfile -> $(SEC_READONLY)-im ;
#/private/var/spool/clientmqueue -> $(SEC_DYNAMIC)(recurse=0) ;
/private/var/spool/clientmqueue -> $(SEC_DYNAMIC)(recurse=0) ;
/private/var/spool/mqueue -> $(SEC_DYNAMIC)(recurse=0) ;
#/private/var/spool/lock -> $(SEC_DYNAMIC) -i(recurse=1) ;
/private/var/spool/lock -> $(SEC_DYNAMIC) -i(recurse=1) ;
/private/var/spool/cups -> $(SEC_DYNAMIC) -i(recurse=0) ;
/private/var/tmp -> $(SEC_DYNAMIC) -i(recurse=0) ;
/private/var/vm -> $(SEC_DYNAMIC)(recurse=0) ;
@ -298,19 +294,37 @@ SEC_TEMPORARY = +pugt ;
!/private/var/db/dhcpd_leases ;
!/private/var/db/locate.database ;
!/private/var/db/SystemEntropyCache ;
!/private/var/db/mds/messages/se_SecurityMessages ;
!/private/var/db/samba/secrets.tdb ;
!/private/var/db/ntp.drift ;
!/private/var/folders ;
!/private/var/vm/sleepimage ;
!/private/var/vm/swap0 ;
!/private/var/vm/swap[1-9][0-9]* ;
# Sophos
!/Library/Caches/com.sophos.sau ;
!/Library/Caches/com.sophos.sxld ;
}
################################################
# ##
################################################ #
# # #
# Classic Environment # #
# ##
################################################
(
rulename = "Classic Environment", severity=100
)
{
/"System Folder" -> $(SEC_READONLY) ;
/"System Folder"/Preferences -> $(SEC_DYNAMIC)-i(recurse=0) ;
/"System Folder"/Extensions -> $(SEC_READONLY)-im ;
/"System Folder/Apple Menu Items" -> $(SEC_READONLY)-im(recurse=0) ;
/"System Folder"/Clipboard -> $(SEC_DYNAMIC) ;
!/"System Folder"/VolumeNameIconPict ;
}
###################################################
# ##
################################################### #
@ -361,3 +375,7 @@ SEC_TEMPORARY = +pugt ;
#!"/Users/$(USER1)/.lpoptions" ;
#!"/Users/$(USER1)/.Trash" ;
}
#
# JTI
#

664
policy/twpol-DragonFly.txt
View File

@ -1,664 +0,0 @@
#
# Policy file for DragonFly BSD
# (adapted from FreeBSD policy)
#
# $FreeBSD: ports/security/tripwire/files/twpol.txt,v 1.2 2002/03/04 16:55:21 cy Exp $
# $Id: twpol-FreeBSD.txt,v 1.1 2003/06/08 02:00:06 pherman Exp $
#
# This is the example Tripwire Policy file. It is intended as a place to
# start creating your own custom Tripwire Policy file. Referring to it as
# well as the Tripwire Policy Guide should give you enough information to
# make a good custom Tripwire Policy file that better covers your
# configuration and security needs. A text version of this policy file is
# called twpol.txt.
#
# Note that this file is tuned to an install of FreeBSD using
# buildworld. If run unmodified, this file should create no errors on
# database creation, or violations on a subsiquent integrity check.
# However it is impossible for there to be one policy file for all machines,
# so this existing one errs on the side of security. Your FreeBSD
# configuration will most likey differ from the one our policy file was
# tuned to, and will therefore require some editing of the default
# Tripwire Policy file.
#
# The example policy file is best run with 'Loose Directory Checking'
# enabled. Set LOOSEDIRECTORYCHECKING=TRUE in the Tripwire Configuration
# file.
#
# Email support is not included and must be added to this file.
# Add the 'emailto=' to the rule directive section of each rule (add a comma
# after the 'severity=' line and add an 'emailto=' and include the email
# addresses you want the violation reports to go to). Addresses are
# semi-colon delimited.
#
#
# Global Variable Definitions
#
# These are defined at install time by the installation script. You may
# Manually edit these if you are using this file directly and not from the
# installation script itself.
#
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
@@section FS
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
SEC_CRIT = $(SEC_IGNORE_NONE)-SHa ; # Critical files that cannot change
SEC_SUID = $(SEC_IGNORE_NONE)-SHa ; # Binaries with the SUID or SGID flags set
SEC_BIN = $(SEC_READONLY) ; # Binaries that should not change
SEC_CONFIG = $(SEC_DYNAMIC) ; # Config files that are changed infrequently but accessed often
SEC_TTY = $(SEC_DYNAMIC)-ugp ; # Tty files that change ownership at login
SEC_LOG = $(SEC_GROWING) ; # Files that grow, but that should never change ownership
SEC_INVARIANT = $(SEC_TEMPORARY) ; # Directories that should never change permission or ownership
SIG_LOW = 33 ; # Non-critical files that are of minimal security impact
SIG_MED = 66 ; # Non-critical files that are of significant security impact
SIG_HI = 100 ; # Critical files that are significant points of vulnerability
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
severity = $(SIG_HI)
)
{
$(TWBIN)/siggen -> $(SEC_BIN) ;
$(TWBIN)/tripwire -> $(SEC_BIN) ;
$(TWBIN)/twadmin -> $(SEC_BIN) ;
$(TWBIN)/twprint -> $(SEC_BIN) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
severity = $(SIG_HI)
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_CONFIG) -i ;
$(TWPOL)/tw.pol -> $(SEC_BIN) -i ;
$(TWPOL)/tw.cfg -> $(SEC_BIN) -i ;
$(TWPOL)/twcfg.txt -> $(SEC_BIN) ;
$(TWPOL)/twpol.txt -> $(SEC_BIN) ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_BIN) ;
$(TWSKEY)/site.key -> $(SEC_BIN) ;
#don't scan the individual reports
$(TWREPORT) -> $(SEC_CONFIG) (recurse=0) ;
}
# Tripwire HQ Connector Binaries
#(
# rulename = "Tripwire HQ Connector Binaries",
# severity = $(SIG_HI)
#)
#{
# $(TWBIN)/hqagent -> $(SEC_BIN) ;
#}
#
# Tripwire HQ Connector - Configuration Files, Keys, and Logs
#
# Note: File locations here are different than in a stock HQ Connector
# installation. This is because Tripwire 2.3 uses a different path
# structure than Tripwire 2.2.1.
#
# You may need to update your HQ Agent configuation file (or this policy
# file) to correct the paths. We have attempted to support the FHS standard
# here by placing the HQ Agent files similarly to the way Tripwire 2.3
# places them.
#
#(
# rulename = "Tripwire HQ Connector Data Files",
# severity = $(SIG_HI)
#)
#{
#
# # NOTE: Removing the inode attribute because when Tripwire creates a backup
# # it does so by renaming the old file and creating a new one (which will
# # have a new inode number). Leaving inode turned on for keys, which
# # shouldn't ever change.
#
#
# $(TWBIN)/agent.cfg -> $(SEC_BIN) -i ;
# $(TWLKEY)/authentication.key -> $(SEC_BIN) ;
# $(TWDB)/tasks.dat -> $(SEC_CONFIG) ;
# $(TWDB)/schedule.dat -> $(SEC_CONFIG) ;
#
# # Uncomment if you have agent logging enabled.
# #/var/log/tripwire/agent.log -> $(SEC_LOG) ;
#}
# Commonly accessed directories that should remain static with regards to owner and group
(
rulename = "Invariant Directories",
severity = $(SIG_MED)
)
{
/ -> $(SEC_INVARIANT) (recurse = false) ;
/home -> $(SEC_INVARIANT) (recurse = false) ;
}
#
# First, root's "home"
#
(
rulename = "Root's home",
severity = $(SIG_HI)
)
{
# /.rhosts -> $(SEC_CRIT) ;
/.profile -> $(SEC_CRIT) ;
/.cshrc -> $(SEC_CRIT) ;
/.login -> $(SEC_CRIT) ;
# /.exrc -> $(SEC_CRIT) ;
# /.logout -> $(SEC_CRIT) ;
# /.forward -> $(SEC_CRIT) ;
/root -> $(SEC_CRIT) (recurse = true) ;
!/root/.history ;
!/root/.bash_history ;
# !/root/.lsof_SYSTEM_NAME ; # Uncomment if lsof is installed
}
#
# FreeBSD Kernel
#
(
rulename = "FreeBSD Kernel",
severity = $(SIG_HI)
)
{
/kernel -> $(SEC_CRIT) ;
/kernel.old -> $(SEC_CRIT) ;
/kernel.GENERIC -> $(SEC_CRIT) ;
}
#
# FreeBSD Modules
#
(
rulename = "FreeBSD Modules",
severity = $(SIG_HI)
)
{
/modules -> $(SEC_CRIT) (recurse = true) ;
/modules.old -> $(SEC_CRIT) (recurse = true) ;
# /lkm -> $(SEC_CRIT) (recurse = true) ; # uncomment if using lkm kld
}
#
# System Administration Programs
#
(
rulename = "System Administration Programs",
severity = $(SIG_HI)
)
{
/sbin -> $(SEC_CRIT) (recurse = true) ;
/usr/sbin -> $(SEC_CRIT) (recurse = true) ;
}
#
# User Utilities
#
(
rulename = "User Utilities",
severity = $(SIG_HI)
)
{
/bin -> $(SEC_CRIT) (recurse = true) ;
/usr/bin -> $(SEC_CRIT) (recurse = true) ;
}
#
# /dev
#
(
rulename = "/dev",
severity = $(SIG_HI)
)
{
/dev -> $(Device) (recurse = true) ;
!/dev/vga ;
!/dev/dri ;
/dev/console -> $(SEC_TTY) ;
/dev/ttyv0 -> $(SEC_TTY) ;
/dev/ttyv1 -> $(SEC_TTY) ;
/dev/ttyv2 -> $(SEC_TTY) ;
/dev/ttyv3 -> $(SEC_TTY) ;
/dev/ttyv4 -> $(SEC_TTY) ;
/dev/ttyv5 -> $(SEC_TTY) ;
/dev/ttyv6 -> $(SEC_TTY) ;
/dev/ttyv7 -> $(SEC_TTY) ;
/dev/ttyp0 -> $(SEC_TTY) ;
/dev/ttyp1 -> $(SEC_TTY) ;
/dev/ttyp2 -> $(SEC_TTY) ;
/dev/ttyp3 -> $(SEC_TTY) ;
/dev/ttyp4 -> $(SEC_TTY) ;
/dev/ttyp5 -> $(SEC_TTY) ;
/dev/ttyp6 -> $(SEC_TTY) ;
/dev/ttyp7 -> $(SEC_TTY) ;
/dev/ttyp8 -> $(SEC_TTY) ;
/dev/ttyp9 -> $(SEC_TTY) ;
/dev/ttypa -> $(SEC_TTY) ;
/dev/ttypb -> $(SEC_TTY) ;
/dev/ttypc -> $(SEC_TTY) ;
/dev/ttypd -> $(SEC_TTY) ;
/dev/ttype -> $(SEC_TTY) ;
/dev/ttypf -> $(SEC_TTY) ;
/dev/ttypg -> $(SEC_TTY) ;
/dev/ttyph -> $(SEC_TTY) ;
/dev/ttypi -> $(SEC_TTY) ;
/dev/ttypj -> $(SEC_TTY) ;
/dev/ttypl -> $(SEC_TTY) ;
/dev/ttypm -> $(SEC_TTY) ;
/dev/ttypn -> $(SEC_TTY) ;
/dev/ttypo -> $(SEC_TTY) ;
/dev/ttypp -> $(SEC_TTY) ;
/dev/ttypq -> $(SEC_TTY) ;
/dev/ttypr -> $(SEC_TTY) ;
/dev/ttyps -> $(SEC_TTY) ;
/dev/ttypt -> $(SEC_TTY) ;
/dev/ttypu -> $(SEC_TTY) ;
/dev/ttypv -> $(SEC_TTY) ;
/dev/cuaa0 -> $(SEC_TTY) ; # modem
}
#
# /etc
#
(
rulename = "/etc",
severity = $(SIG_HI)
)
{
/etc -> $(SEC_CRIT) (recurse = true) ;
# /etc/mail/aliases -> $(SEC_CONFIG) ;
/etc/dumpdates -> $(SEC_CONFIG) ;
/etc/motd -> $(SEC_CONFIG) ;
!/etc/ppp/connect-errors ;
/etc/skeykeys -> $(SEC_CONFIG) ;
# Uncomment the following 4 lines if your password file does not change
# /etc/passwd -> $(SEC_CONFIG) ;
# /etc/master.passwd -> $(SEC_CONFIG) ;
# /etc/pwd.db -> $(SEC_CONFIG) ;
# /etc/spwd.db -> $(SEC_CONFIG) ;
}
#
# Copatibility (Linux)
#
(
rulename = "Linux Compatibility",
severity = $(SIG_HI)
)
{
/compat -> $(SEC_CRIT) (recurse = true) ;
#
# Uncomment the following if Linux compatibility is used. Replace
# HOSTNAME1 and HOSTNAME2 with the hosts that have Linux emulation port
# installed.
#
#@@ifhost HOSTNAME1 || HOSTNAME2
# /compat/linux/etc -> $(SEC_INVARIANT) (recurse = false) ;
# /compat/linux/etc/X11 -> $(SEC_CONFIG) (recurse = true) ;
# /compat/linux/etc/pam.d -> $(SEC_CONFIG) (recurse = true) ;
# /compat/linux/etc/profile.d -> $(SEC_CONFIG) (recurse = true) ;
# /compat/linux/etc/real -> $(SEC_CONFIG) (recurse = true) ;
# /compat/linux/etc/bashrc -> $(SEC_CONFIG) ;
# /compat/linux/etc/csh.login -> $(SEC_CONFIG) ;
# /compat/linux/etc/host.conf -> $(SEC_CONFIG) ;
# /compat/linux/etc/hosts.allow -> $(SEC_CONFIG) ;
# /compat/linux/etc/hosts.deny -> $(SEC_CONFIG) ;
# /compat/linux/etc/info-dir -> $(SEC_CONFIG) ;
# /compat/linux/etc/inputrc -> $(SEC_CONFIG) ;
# /compat/linux/etc/ld.so.conf -> $(SEC_CONFIG) ;
# /compat/linux/etc/nsswitch.conf -> $(SEC_CONFIG) ;
# /compat/linux/etc/profile -> $(SEC_CONFIG) ;
# /compat/linux/etc/redhat-release -> $(SEC_CONFIG) ;
# /compat/linux/etc/rpc -> $(SEC_CONFIG) ;
# /compat/linux/etc/securetty -> $(SEC_CONFIG) ;
# /compat/linux/etc/shells -> $(SEC_CONFIG) ;
# /compat/linux/etc/termcap -> $(SEC_CONFIG) ;
# /compat/linux/etc/yp.conf -> $(SEC_CONFIG) ;
# !/compat/linux/etc/ld.so.cache ;
# !/compat/linux/var/spool/mail ;
#@@endif
}
#
# Libraries, include files, and other system files
#
(
rulename = "Libraries, include files, and other system files",
severity = $(SIG_HI)
)
{
/usr/include -> $(SEC_CRIT) (recurse = true) ;
/usr/lib -> $(SEC_CRIT) (recurse = true) ;
/usr/libdata -> $(SEC_CRIT) (recurse = true) ;
/usr/libexec -> $(SEC_CRIT) (recurse = true) ;
/usr/share -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man -> $(SEC_CONFIG) ;
!/usr/share/man/whatis ;
!/usr/share/man/.glimpse_filenames ;
!/usr/share/man/.glimpse_filenames_index ;
!/usr/share/man/.glimpse_filetimes ;
!/usr/share/man/.glimpse_filters ;
!/usr/share/man/.glimpse_index ;
!/usr/share/man/.glimpse_messages ;
!/usr/share/man/.glimpse_partitions ;
!/usr/share/man/.glimpse_statistics ;
!/usr/share/man/.glimpse_turbo ;
/usr/share/man/man1 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man2 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man3 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man4 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man5 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man6 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man7 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man8 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man9 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/mann -> $(SEC_CRIT) (recurse = true) ;
! /usr/share/man/cat1 ;
! /usr/share/man/cat2 ;
! /usr/share/man/cat3 ;
! /usr/share/man/cat4 ;
! /usr/share/man/cat5 ;
! /usr/share/man/cat6 ;
! /usr/share/man/cat7 ;
! /usr/share/man/cat8 ;
! /usr/share/man/cat9 ;
! /usr/share/man/catl ;
! /usr/share/man/catn ;
/usr/share/perl/man -> $(SEC_CONFIG) ;
!/usr/share/perl/man/whatis ;
!/usr/share/perl/man/.glimpse_filenames ;
!/usr/share/perl/man/.glimpse_filenames_index ;
!/usr/share/perl/man/.glimpse_filetimes ;
!/usr/share/perl/man/.glimpse_filters ;
!/usr/share/perl/man/.glimpse_index ;
!/usr/share/perl/man/.glimpse_messages ;
!/usr/share/perl/man/.glimpse_partitions ;
!/usr/share/perl/man/.glimpse_statistics ;
!/usr/share/perl/man/.glimpse_turbo ;
/usr/share/perl/man/man3 -> $(SEC_CRIT) (recurse = true) ;
! /usr/share/perl/man/cat3 ;
/usr/local/lib/perl5/5.00503/man -> $(SEC_CONFIG) ;
! /usr/local/lib/perl5/5.00503/man/whatis ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_filters ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_filetimes ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_messages ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_statistics ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_index ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_turbo ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_partitions ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_filenames ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_filenames_index ;
/usr/local/lib/perl5/5.00503/man/man3 -> $(SEC_CRIT) (recurse = true) ;
! /usr/local/lib/perl5/5.00503/man/cat3 ;
}
#
# X11R6
#
(
rulename = "X11R6",
severity = $(SIG_HI)
)
{
/usr/X11R6 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/lib/X11/xdm -> $(SEC_CONFIG) (recurse = true) ;
!/usr/X11R6/lib/X11/xdm/xdm-errors ;
!/usr/X11R6/lib/X11/xdm/authdir/authfiles ;
!/usr/X11R6/lib/X11/xdm/xdm-pid ;
/usr/X11R6/lib/X11/xkb/compiled -> $(SEC_CONFIG) (recurse = true) ;
/usr/X11R6/man -> $(SEC_CONFIG) ;
!/usr/X11R6/man/whatis ;
!/usr/X11R6/man/.glimpse_filenames ;
!/usr/X11R6/man/.glimpse_filenames_index ;
!/usr/X11R6/man/.glimpse_filetimes ;
!/usr/X11R6/man/.glimpse_filters ;
!/usr/X11R6/man/.glimpse_index ;
!/usr/X11R6/man/.glimpse_messages ;
!/usr/X11R6/man/.glimpse_partitions ;
!/usr/X11R6/man/.glimpse_statistics ;
!/usr/X11R6/man/.glimpse_turbo ;
/usr/X11R6/man/man1 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man2 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man3 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man4 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man5 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man6 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man7 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man8 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man9 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/manl -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/mann -> $(SEC_CRIT) (recurse = true) ;
! /usr/X11R6/man/cat1 ;
! /usr/X11R6/man/cat2 ;
! /usr/X11R6/man/cat3 ;
! /usr/X11R6/man/cat4 ;
! /usr/X11R6/man/cat5 ;
! /usr/X11R6/man/cat6 ;
! /usr/X11R6/man/cat7 ;
! /usr/X11R6/man/cat8 ;
! /usr/X11R6/man/cat9 ;
! /usr/X11R6/man/catl ;
! /usr/X11R6/man/catn ;
}
#
# sources
#
(
rulename = "Sources",
severity = $(SIG_HI)
)
{
/usr/src -> $(SEC_CRIT) (recurse = true) ;
/usr/src/sys/compile -> $(SEC_CONFIG) (recurse = false) ;
}
#
# NIS
#
(
rulename = "NIS",
severity = $(SIG_HI)
)
{
/var/yp -> $(SEC_CRIT) (recurse = true) ;
!/var/yp/binding ;
}
#
# Temporary directories
#
(
rulename = "Temporary directories",
recurse = false,
severity = $(SIG_LOW)
)
{
/usr/tmp -> $(SEC_INVARIANT) ;
/var/tmp -> $(SEC_INVARIANT) ;
/var/preserve -> $(SEC_INVARIANT) ;
/tmp -> $(SEC_INVARIANT) ;
}
#
# Local files
#
(
rulename = "Local files",
severity = $(SIG_MED)
)
{
/usr/local/bin -> $(SEC_BIN) (recurse = true) ;
/usr/local/sbin -> $(SEC_BIN) (recurse = true) ;
/usr/local/etc -> $(SEC_BIN) (recurse = true) ;
/usr/local/lib -> $(SEC_BIN) (recurse = true ) ;
/usr/local/libexec -> $(SEC_BIN) (recurse = true ) ;
/usr/local/share -> $(SEC_BIN) (recurse = true ) ;
/usr/local/man -> $(SEC_CONFIG) ;
!/usr/local/man/whatis ;
!/usr/local/man/.glimpse_filenames ;
!/usr/local/man/.glimpse_filenames_index ;
!/usr/local/man/.glimpse_filetimes ;
!/usr/local/man/.glimpse_filters ;
!/usr/local/man/.glimpse_index ;
!/usr/local/man/.glimpse_messages ;
!/usr/local/man/.glimpse_partitions ;
!/usr/local/man/.glimpse_statistics ;
!/usr/local/man/.glimpse_turbo ;
/usr/local/man/man1 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man2 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man3 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man4 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man5 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man6 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man7 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man8 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man9 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/manl -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/mann -> $(SEC_CRIT) (recurse = true) ;
! /usr/local/man/cat1 ;
! /usr/local/man/cat2 ;
! /usr/local/man/cat3 ;
! /usr/local/man/cat4 ;
! /usr/local/man/cat5 ;
! /usr/local/man/cat6 ;
! /usr/local/man/cat7 ;
! /usr/local/man/cat8 ;
! /usr/local/man/cat9 ;
! /usr/local/man/catl ;
! /usr/local/man/catn ;
/usr/local/krb5 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man -> $(SEC_CONFIG) ;
!/usr/local/krb5/man/whatis ;
!/usr/local/krb5/man/.glimpse_filenames ;
!/usr/local/krb5/man/.glimpse_filenames_index ;
!/usr/local/krb5/man/.glimpse_filetimes ;
!/usr/local/krb5/man/.glimpse_filters ;
!/usr/local/krb5/man/.glimpse_index ;
!/usr/local/krb5/man/.glimpse_messages ;
!/usr/local/krb5/man/.glimpse_partitions ;
!/usr/local/krb5/man/.glimpse_statistics ;
!/usr/local/krb5/man/.glimpse_turbo ;
/usr/local/krb5/man/man1 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man2 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man3 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man4 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man5 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man6 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man7 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man8 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man9 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/manl -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/mann -> $(SEC_CRIT) (recurse = true) ;
! /usr/local/krb5/man/cat1 ;
! /usr/local/krb5/man/cat2 ;
! /usr/local/krb5/man/cat3 ;
! /usr/local/krb5/man/cat4 ;
! /usr/local/krb5/man/cat5 ;
! /usr/local/krb5/man/cat6 ;
! /usr/local/krb5/man/cat7 ;
! /usr/local/krb5/man/cat8 ;
! /usr/local/krb5/man/cat9 ;
! /usr/local/krb5/man/catl ;
! /usr/local/krb5/man/catn ;
/usr/local/www -> $(SEC_CONFIG) (recurse = true) ;
}
(
rulename = "Security Control",
severity = $(SIG_HI)
)
{
/etc/group -> $(SEC_CRIT) ;
/etc/crontab -> $(SEC_CRIT) ;
}
#=============================================================================
#
# Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire,
# Inc. in the United States and other countries. All rights reserved.
#
# FreeBSD is a registered trademark of the FreeBSD Project Inc.
#
# UNIX is a registered trademark of The Open Group.
#
#=============================================================================
#
# Permission is granted to make and distribute verbatim copies of this document
# provided the copyright notice and this permission notice are preserved on all
# copies.
#
# Permission is granted to copy and distribute modified versions of this
# document under the conditions for verbatim copying, provided that the entire
# resulting derived work is distributed under the terms of a permission notice
# identical to this one.
#
# Permission is granted to copy and distribute translations of this document
# into another language, under the above conditions for modified versions,
# except that this permission notice may be stated in a translation approved by
# Tripwire, Inc.
#
# DCM

30
policy/twpol-FreeBSD.txt
View File

@ -53,24 +53,16 @@ TWREPORT=;
HOSTNAME=;
@@section FS
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
SEC_CRIT = $(SEC_IGNORE_NONE)-SHa ; # Critical files that cannot change
SEC_SUID = $(SEC_IGNORE_NONE)-SHa ; # Binaries with the SUID or SGID flags set
SEC_BIN = $(SEC_READONLY) ; # Binaries that should not change
SEC_CONFIG = $(SEC_DYNAMIC) ; # Config files that are changed infrequently but accessed often
SEC_TTY = $(SEC_DYNAMIC)-ugp ; # Tty files that change ownership at login
SEC_LOG = $(SEC_GROWING) ; # Files that grow, but that should never change ownership
SEC_INVARIANT = $(SEC_TEMPORARY) ; # Directories that should never change permission or ownership
SIG_LOW = 33 ; # Non-critical files that are of minimal security impact
SIG_MED = 66 ; # Non-critical files that are of significant security impact
SIG_HI = 100 ; # Critical files that are significant points of vulnerability
SEC_CRIT = $(IgnoreNone)-SHa ; # Critical files that cannot change
SEC_SUID = $(IgnoreNone)-SHa ; # Binaries with the SUID or SGID flags set
SEC_BIN = $(ReadOnly) ; # Binaries that should not change
SEC_CONFIG = $(Dynamic) ; # Config files that are changed infrequently but accessed often
SEC_TTY = $(Dynamic)-ugp ; # Tty files that change ownership at login
SEC_LOG = $(Growing) ; # Files that grow, but that should never change ownership
SEC_INVARIANT = +tpug ; # Directories that should never change permission or ownership
SIG_LOW = 33 ; # Non-critical files that are of minimal security impact
SIG_MED = 66 ; # Non-critical files that are of significant security impact
SIG_HI = 100 ; # Critical files that are significant points of vulnerability
# Tripwire Binaries
@ -637,7 +629,7 @@ SIG_HI = 100 ; # Critical files that are significant p
#=============================================================================
#
# Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire,
# Copyright 2000 Tripwire, Inc. Tripwire is a registered trademark of Tripwire,
# Inc. in the United States and other countries. All rights reserved.
#
# FreeBSD is a registered trademark of the FreeBSD Project Inc.

79
policy/twpol-GENERIC.txt
View File

@ -65,24 +65,15 @@ TWREPORT=;
HOSTNAME=;
@@section FS
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
SEC_CRIT = $(SEC_IGNORE_NONE)-SHa ; # Critical files that cannot change
SEC_SUID = $(SEC_IGNORE_NONE)-SHa ; # Binaries with the SUID or SGID flags set
SEC_BIN = $(SEC_READONLY) ; # Binaries that should not change
SEC_CONFIG = $(SEC_DYNAMIC) ; # Config files that are changed infrequently but accessed often
SEC_TTY = $(SEC_DYNAMIC)-ugp ; # Tty files that change ownership at login
SEC_LOG = $(SEC_GROWING) ; # Files that grow, but that should never change ownership
SEC_INVARIANT = $(SEC_TEMPORARY) ; # Directories that should never change permission or ownership
SIG_LOW = 33 ; # Non-critical files that are of minimal security impact
SIG_MED = 66 ; # Non-critical files that are of significant security impact
SIG_HI = 100 ; # Critical files that are significant points of vulnerability
SEC_CRIT = $(IgnoreNone)-SHa ; # Critical files that cannot change
SEC_SUID = $(IgnoreNone)-SHa ; # Binaries with the SUID or SGID flags set
SEC_BIN = $(ReadOnly) ; # Binaries that should not change
SEC_CONFIG = $(Dynamic) ; # Config files that are changed infrequently but accessed often
SEC_LOG = $(Growing) ; # Files that grow, but that should never change ownership
SEC_INVARIANT = +tpug ; # Directories that should never change permission or ownership
SIG_LOW = 33 ; # Non-critical files that are of minimal security impact
SIG_MED = 66 ; # Non-critical files that are of significant security impact
SIG_HI = 100 ; # Critical files that are significant points of vulnerability
# Tripwire Binaries
@ -123,6 +114,56 @@ SIG_HI = 100 ; # Critical files that are significant p
}
# Tripwire HQ Connector Binaries
#(
# rulename = "Tripwire HQ Connector Binaries",
# severity = $(SIG_HI)
#)
#{
# $(TWBIN)/hqagent -> $(SEC_BIN) ;
#}
#
# Tripwire HQ Connector - Configuration Files, Keys, and Logs
##############################################################################
# ##
############################################################################## #
# # #
# Note: File locations here are different than in a stock HQ Connector # #
# installation. This is because Tripwire 2.3 uses a different path # #
# structure than Tripwire 2.2.1. # #
# # #
# You may need to update your HQ Agent configuation file (or this policy # #
# file) to correct the paths. We have attempted to support the FHS standard # #
# here by placing the HQ Agent files similarly to the way Tripwire 2.3 # #
# places them. # #
# ##
##############################################################################
#(
# rulename = "Tripwire HQ Connector Data Files",
# severity = $(SIG_HI)
#)
#{
# #############################################################################
# ##############################################################################
# # NOTE: Removing the inode attribute because when Tripwire creates a backup ##
# # it does so by renaming the old file and creating a new one (which will ##
# # have a new inode number). Leaving inode turned on for keys, which ##
# # shouldn't ever change. ##
# #############################################################################
#
# $(TWBIN)/agent.cfg -> $(SEC_BIN) -i ;
# $(TWLKEY)/authentication.key -> $(SEC_BIN) ;
# $(TWDB)/tasks.dat -> $(SEC_CONFIG) ;
# $(TWDB)/schedule.dat -> $(SEC_CONFIG) ;
#
# # Uncomment if you have agent logging enabled.
# #/var/log/tripwire/agent.log -> $(SEC_LOG) ;
#}
# Commonly accessed directories that should remain static with regards to owner and group
(
rulename = "Invariant Directories",
@ -1037,7 +1078,7 @@ SIG_HI = 100 ; # Critical files that are significant p
#=============================================================================
#
# Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire,
# Copyright 2000 Tripwire, Inc. Tripwire is a registered trademark of Tripwire,
# Inc. in the United States and other countries. All rights reserved.
#
# Linux is a registered trademark of Linus Torvalds.

159
policy/twpol-GNU.txt
View File

@ -1,159 +0,0 @@
###############################################################################
# ##
# Default Tripwire 2.4 Policy file for GNU/Hurd ##
# ##
###############################################################################
###############################################################################
# ##
# Global Variable Definitions ##
# ##
# These are defined at install time by the installation script. You may ##
# Manually edit these if you are using this file directly and not from the ##
# installation script itself. ##
# ##
###############################################################################
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
##############################################################################
# Predefined Variables #
##############################################################################
#
# Property Masks
#
# - ignore the following properties
# + check the following properties
#
# a access timestamp (mutually exclusive with +CMSH)
# b number of blocks allocated
# c inode creation/modification timestamp
# d ID of device on which inode resides
# g group id of owner
# i inode number
# l growing files (logfiles for example)
# m modification timestamp
# n number of links
# p permission and file mode bits
# r ID of device pointed to by inode (valid only for device objects)
# s file size
# t file type
# u user id of owner
#
# C CRC-32 hash
# H HAVAL hash
# M MD5 hash
# S SHA hash
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
@@section FS
#########################################
# ##
# Tripwire Binaries and Data Files ##
# ##
#########################################
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
}
##############################################################################
(rulename="Boot files",)
{
/boot -> $(SEC_READONLY) -a;
}
(rulename="Binary files",)
{
/bin -> $(SEC_READONLY) -a;
/usr/bin -> $(SEC_READONLY) -a;
/usr/local/bin -> $(SEC_READONLY) -a;
}
(rulename="Admin binaries",)
{
/servers -> $(SEC_READONLY) -a;
/sbin -> $(SEC_READONLY) -a;
/usr/sbin -> $(SEC_READONLY) -a;
/hurd -> $(SEC_READONLY) -a;
}
(rulename="Libraries",)
{
/lib -> $(SEC_READONLY) -a;
/usr/lib -> $(SEC_READONLY) -a;
/usr/local/lib -> $(SEC_READONLY) -a;
}
(rulename="Etc",)
{
/etc -> $(SEC_READONLY) -a;
/usr/local/etc -> $(SEC_READONLY) -a;
}
(rulename="Dev",)
{
/dev -> $(SEC_DEVICE);
}
(rulename="Tmp",)
{
/tmp -> $(SEC_TEMPORARY);
/var/tmp -> $(SEC_TEMPORARY);
}
(rulename="Log",)
{
/var/log -> $(SEC_GROWING);
}

1106
policy/twpol-HP-UX.txt
View File

File diff suppressed because it is too large Load Diff

178
policy/twpol-Haiku.txt
View File

@ -1,178 +0,0 @@
###############################################################################
# ##
# Default Tripwire 2.4 Policy file for Haiku ##
# ##
###############################################################################
###############################################################################
# ##
# Global Variable Definitions ##
# ##
# These are defined at install time by the installation script. You may ##
# Manually edit these if you are using this file directly and not from the ##
# installation script itself. ##
# ##
###############################################################################
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
##############################################################################
# Predefined Variables #
##############################################################################
#
# Property Masks
#
# - ignore the following properties
# + check the following properties
#
# a access timestamp (mutually exclusive with +CMSH)
# b number of blocks allocated
# c inode creation/modification timestamp
# d ID of device on which inode resides
# g group id of owner
# i inode number
# l growing files (logfiles for example)
# m modification timestamp
# n number of links
# p permission and file mode bits
# r ID of device pointed to by inode (valid only for device objects)
# s file size
# t file type
# u user id of owner
#
# C CRC-32 hash
# H HAVAL hash
# M MD5 hash
# S SHA hash
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
@@section FS
#########################################
# ##
# Tripwire Binaries and Data Files ##
# ##
#########################################
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
}
##############################################################################
### System dir ###############################################################
#
(rulename = "System Directory",)
{
/boot/system -> $(SEC_READONLY) -a;
}
### Other bin dirs ############################################################
#
(rulename = "Binary Directories",)
{
/boot/home/config/bin -> $(SEC_READONLY) -a;
/boot/common/bin -> $(SEC_READONLY) -a;
/boot/apps -> $(SEC_READONLY) -a;
# /boot/develop/tools/gnupro/bin -> $(SEC_READONLY) -a; #uncomment to monitor dev tools if present
}
### Other lib dirs ############################################################
#
(rulename = "Library Directories",)
{
/boot/common/lib -> $(SEC_READONLY) -a;
/boot/home/config/lib -> $(SEC_READONLY) -a;
}
### Other boot dirs ###########################################################
#
(rulename = "Boot Directories",)
{
/boot/common/boot -> $(SEC_READONLY) -a;
/boot/home/config/boot -> $(SEC_READONLY) -a;
}
### Settings ##################################################################
#
(rulename = "Settings",)
{
/boot/common/settings -> $(SEC_READONLY) -a;
/boot/common/data -> $(SEC_READONLY) -a;
/boot/common/etc -> $(SEC_READONLY) -a;
/boot/home/config/settings -> $(SEC_READONLY) -a;
}
# Logs ########################################################################
#
(rulename = "Logs",)
{
/boot/common/var/log -> $(SEC_GROWING) -a;
}
# Dev #########################################################################
#
(rulename = "Devices",)
{
/dev -> $(SEC_DEVICE) -a;
}
# Temp dirs #########################
#
(rulename = "Temp Directories",)
{
/boot/common/cache/tmp -> $(SEC_TEMPORARY) -a;
}

292
policy/twpol-LibertyBSD.txt
View File

@ -1,292 +0,0 @@
##############################################################################
# ##
############################################################################## #
# # #
# Tripwire 2.4 policy for LibertyBSD # #
# updated March 2018 # #
# ##
##############################################################################
##############################################################################
# ##
############################################################################## #
# # #
# Global Variable Definitions # #
# # #
# These are defined at install time by the installation script. You may # #
# manually edit these if you are using this file directly and not from the # #
# installation script itself. # #
# ##
##############################################################################
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
##############################################################################
# Predefined Variables #
##############################################################################
#
# Property Masks
#
# - ignore the following properties
# + check the following properties
#
# a access timestamp (mutually exclusive with +CMSH)
# b number of blocks allocated
# c inode creation/modification timestamp
# d ID of device on which inode resides
# g group id of owner
# i inode number
# l growing files (logfiles for example)
# m modification timestamp
# n number of links
# p permission and file mode bits
# r ID of device pointed to by inode (valid only for device objects)
# s file size
# t file type
# u user id of owner
#
# C CRC-32 hash
# H HAVAL hash
# M MD5 hash
# S SHA hash
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
@@section FS
########################################
# ##
######################################## #
# # #
# Tripwire Binaries and Data Files # #
# ##
########################################
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
# In this configuration /usr/local is a symbolic link to /home/local.
# We want to ignore the following directories since they are already
# scanned using the real directory or mount point. Otherwise we see
# duplicates in the reports.
!/home/local ;
}
################################################
# ##
################################################ #
# # #
# OS Boot and Configuration Files # #
# ##
################################################
(
rulename = "OS Boot and Configuration Files",
)
{
/boot -> $(SEC_READONLY) ;
/bsd -> $(SEC_READONLY) ;
/etc -> $(SEC_IGNORE_NONE) -SHa ;
}
###################################################
# ##
################################################### #
# # #
# Mount Points # #
# ##
###################################################
(
rulename = "Mount Points",
)
{
/ -> $(SEC_READONLY) ;
/cdrom -> $(SEC_DYNAMIC) ;
/floppy -> $(SEC_DYNAMIC) ;
/home -> $(SEC_READONLY) ; # Modify as needed
/mnt -> $(SEC_DYNAMIC) ;
/usr -> $(SEC_READONLY) ;
/var -> $(SEC_READONLY) ;
}
###################################################
# ##
################################################### #
# # #
# Misc Top-Level Directories # #
# ##
###################################################
(
rulename = "Misc Top-Level Directories",
)
{
/altroot -> $(SEC_DYNAMIC) ;
/stand -> $(SEC_DYNAMIC) ;
}
################################################
# ##
################################################ #
# # #
# System Devices # #
# ##
################################################
(
rulename = "System Devices",
)
{
/dev -> $(SEC_DEVICE) ;
/dev/fd -> $(SEC_DEVICE) ;
/var/cron/tabs/.sock -> $(SEC_DEVICE) ;
/var/empty/dev/log -> $(SEC_DEVICE) ;
}
################################################
# ##
################################################ #
# # #
# OS Binaries and Libraries # #
# ##
################################################
(
rulename = "OS Binaries and Libraries",
)
{
/bin -> $(SEC_READONLY) ;
/sbin -> $(SEC_READONLY) ;
/usr/bin -> $(SEC_READONLY) ;
/usr/lib -> $(SEC_READONLY) ;
/usr/libexec -> $(SEC_READONLY) ;
/usr/sbin -> $(SEC_READONLY) ;
/usr/X11R6/bin -> $(SEC_READONLY) ;
/usr/X11R6/lib -> $(SEC_READONLY) ;
}
################################################
# ##
################################################ #
# # #
# Usr Local Files # #
# ##
################################################
#OK(
#OKrulename = "Usr Local Files",
#OK)
#OK{
#OK/usr/local -> $(SEC_READONLY) ;
#OK/usr/local/bin -> $(SEC_READONLY) ;
#OK/usr/local/doc -> $(SEC_READONLY) ;
#OK/usr/local/etc -> $(SEC_READONLY) ;
#OK/usr/local/include -> $(SEC_READONLY) ;
#OK/usr/local/info -> $(SEC_READONLY) ;
#OK/usr/local/lib -> $(SEC_READONLY) ;
#OK/usr/local/libdata -> $(SEC_READONLY) ;
#OK/usr/local/libexec -> $(SEC_READONLY) ;
#OK/usr/local/man -> $(SEC_READONLY) ;
#OK/usr/local/sbin -> $(SEC_READONLY) ;
#OK/usr/local/share -> $(SEC_READONLY) ;
#OK/usr/local/src -> $(SEC_READONLY) ;
#OK}
################################################
# ##
################################################ #
# # #
# Root Directory and Files # #
# ##
################################################
(
rulename = "Root Directory and Files",
)
{
/root -> $(SEC_IGNORE_NONE) -SHa ;
/root/.cshrc -> $(SEC_DYNAMIC) ;
/root/.profile -> $(SEC_DYNAMIC) ;
}
################################################
# ##
################################################ #
# # #
# Temporary Directories # #
# ##
################################################
(
rulename = "Temporary Directories",
)
{
/tmp -> $(SEC_TEMPORARY) ;
/var/tmp -> $(SEC_TEMPORARY) ;
}
################################################
# ##
################################################ #
# # #
# System and Boot Changes # #
# ##
################################################
(
rulename = "System and Boot Changes",
)
{
/var/backups -> $(SEC_DYNAMIC) -i ;
/var/db/host.random -> $(SEC_READONLY) -mCM ;
/var/cron -> $(SEC_GROWING) -i ;
/var/log -> $(SEC_GROWING) -i ;
/var/run -> $(SEC_DYNAMIC) -i ;
/var/mail -> $(SEC_GROWING) ;
/var/msgs/bounds -> $(SEC_READONLY) -smbCM ;
/var/spool/clientmqueue -> $(SEC_TEMPORARY) ;
/var/spool/mqueue -> $(SEC_TEMPORARY) ;
}
#
# $Id: twpol-OpenBSD.txt,v 1.2 2004/05/14 21:56:21 pherman Exp $
#

217
policy/twpol-Linux.txt
View File

@ -2,8 +2,7 @@
# ##
############################################################################## #
# # #
# Tripwire 2.4 policy for Linux (RPM) # #
# updated March 2018 # #
# Policy file for Red Hat Linux # #
# ##
##############################################################################
@ -60,13 +59,13 @@ HOSTNAME=;
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
Device = +pugsdr-intlbamcCMSH ;
Dynamic = +pinugtd-srlbamcCMSH ;
Growing = +pinugtdl-srbamcCMSH ;
IgnoreAll = -pinugtsdrlbamcCMSH ;
IgnoreNone = +pinugtsdrbamcCMSH-l ;
ReadOnly = +pinugtsdbmCM-rlacSH ;
Temporary = +pugt ;
@@section FS
@ -83,10 +82,10 @@ SEC_TEMPORARY = +pugt ;
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
$(TWBIN)/siggen -> $(ReadOnly) ;
$(TWBIN)/tripwire -> $(ReadOnly) ;
$(TWBIN)/twadmin -> $(ReadOnly) ;
$(TWBIN)/twprint -> $(ReadOnly) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
@ -103,14 +102,14 @@ SEC_TEMPORARY = +pugt ;
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
$(TWDB) -> $(Dynamic) -i ;
$(TWPOL)/tw.pol -> $(ReadOnly) -i ;
$(TWPOL)/tw.cfg -> $(ReadOnly) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(ReadOnly) ;
$(TWSKEY)/site.key -> $(ReadOnly) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
$(TWREPORT) -> $(Dynamic) (recurse=0) ;
}
################################################
@ -124,10 +123,10 @@ SEC_TEMPORARY = +pugt ;
rulename = "RPM Checksum Files",
)
{
/var/lib/rpm -> $(SEC_READONLY);
/var/lib/rpm/__db.001 -> $(SEC_DYNAMIC) ;
/var/lib/rpm/__db.002 -> $(SEC_DYNAMIC) ;
/var/lib/rpm/__db.003 -> $(SEC_DYNAMIC) ;
/var/lib/rpm -> $(ReadOnly);
/var/lib/rpm/__db.001 -> $(Dynamic) ;
/var/lib/rpm/__db.002 -> $(Dynamic) ;
/var/lib/rpm/__db.003 -> $(Dynamic) ;
}
################################################
@ -141,18 +140,18 @@ SEC_TEMPORARY = +pugt ;
rulename = "Global Configuration Files",
)
{
/etc -> $(SEC_IGNORE_NONE) -SHa ;
/etc/adjtime -> $(SEC_DYNAMIC) ;
/etc/aliases.db -> $(SEC_DYNAMIC) ;
/etc/bashrc -> $(SEC_DYNAMIC) ;
/etc/csh.cshrc -> $(SEC_DYNAMIC) ;
/etc/csh.login -> $(SEC_DYNAMIC) ;
/etc/mail/statistics -> $(SEC_GROWING) ;
/etc/profile -> $(SEC_DYNAMIC) -i ;
/etc/mtab -> $(SEC_DYNAMIC) -i ;
/etc/rc.d -> $(SEC_IGNORE_NONE) -SHa ;
/etc/sysconfig -> $(SEC_IGNORE_NONE) -SHa ;
/etc/sysconfig/hwconf -> $(SEC_DYNAMIC) -m ;
/etc -> $(IgnoreNone) -SHa ;
/etc/adjtime -> $(Dynamic) ;
/etc/aliases.db -> $(Dynamic) ;
/etc/bashrc -> $(Dynamic) ;
/etc/csh.cshrc -> $(Dynamic) ;
/etc/csh.login -> $(Dynamic) ;
/etc/mail/statistics -> $(Growing) ;
/etc/profile -> $(Dynamic) -i ;
/etc/mtab -> $(Dynamic) -i ;
/etc/rc.d -> $(IgnoreNone) -SHa ;
/etc/sysconfig -> $(IgnoreNone) -SHa ;
/etc/sysconfig/hwconf -> $(Dynamic) -m ;
}
################################################
@ -166,10 +165,10 @@ SEC_TEMPORARY = +pugt ;
rulename = "OS Boot Files and Mount Points",
)
{
/boot -> $(SEC_READONLY) ;
/cdrom -> $(SEC_DYNAMIC) ;
/floppy -> $(SEC_DYNAMIC) ;
/mnt -> $(SEC_DYNAMIC) ;
/boot -> $(ReadOnly) ;
/cdrom -> $(Dynamic) ;
/floppy -> $(Dynamic) ;
/mnt -> $(Dynamic) ;
}
################################################
@ -183,12 +182,12 @@ SEC_TEMPORARY = +pugt ;
rulename = "OS Devices and Misc Directories",
)
{
/dev -> $(SEC_DEVICE) ;
/initrd -> $(SEC_DYNAMIC) ;
/opt -> $(SEC_DYNAMIC) ;
/lost+found -> $(SEC_DYNAMIC) ;
/var/lost+found -> $(SEC_DYNAMIC) ;
/home/lost+found -> $(SEC_DYNAMIC) ;
/dev -> $(Device) ;
/initrd -> $(Dynamic) ;
/opt -> $(Dynamic) ;
/lost+found -> $(Dynamic) ;
/var/lost+found -> $(Dynamic) ;
/home/lost+found -> $(Dynamic) ;
!/dev/pts ; # Ignore this file
!/dev/shm ; # Ignore this file
}
@ -204,14 +203,14 @@ SEC_TEMPORARY = +pugt ;
rulename = "OS Binaries and Libraries",
)
{
/bin -> $(SEC_READONLY) ;
/lib -> $(SEC_READONLY) ;
/sbin -> $(SEC_READONLY) ;
/usr/bin -> $(SEC_READONLY) ;
/usr/lib -> $(SEC_READONLY) ;
/usr/libexec -> $(SEC_READONLY) ;
/usr/sbin -> $(SEC_READONLY) ;
/usr/X11R6/lib -> $(SEC_READONLY) ;
/bin -> $(ReadOnly) ;
/lib -> $(ReadOnly) ;
/sbin -> $(ReadOnly) ;
/usr/bin -> $(ReadOnly) ;
/usr/lib -> $(ReadOnly) ;
/usr/libexec -> $(ReadOnly) ;
/usr/sbin -> $(ReadOnly) ;
/usr/X11R6/lib -> $(ReadOnly) ;
}
################################################
# ##
@ -225,19 +224,19 @@ SEC_TEMPORARY = +pugt ;
)
{
!/home/local;
/usr/local -> $(SEC_READONLY) ;
/usr/local/bin -> $(SEC_READONLY) ;
/usr/local/doc -> $(SEC_READONLY) ;
/usr/local/etc -> $(SEC_READONLY) ;
/usr/local/games -> $(SEC_READONLY) ;
/usr/local/include -> $(SEC_READONLY) ;
/usr/local/lib -> $(SEC_READONLY) ;
/usr/local/libexec -> $(SEC_READONLY) ;
/usr/local/man -> $(SEC_READONLY) ;
/usr/local/sbin -> $(SEC_READONLY) ;
/usr/local/share -> $(SEC_READONLY) ;
/usr/local/src -> $(SEC_READONLY) ;
/usr/local/sysinfo -> $(SEC_READONLY) ;
/usr/local -> $(ReadOnly) ;
/usr/local/bin -> $(ReadOnly) ;
/usr/local/doc -> $(ReadOnly) ;
/usr/local/etc -> $(ReadOnly) ;
/usr/local/games -> $(ReadOnly) ;
/usr/local/include -> $(ReadOnly) ;
/usr/local/lib -> $(ReadOnly) ;
/usr/local/libexec -> $(ReadOnly) ;
/usr/local/man -> $(ReadOnly) ;
/usr/local/sbin -> $(ReadOnly) ;
/usr/local/share -> $(ReadOnly) ;
/usr/local/src -> $(ReadOnly) ;
/usr/local/sysinfo -> $(ReadOnly) ;
}
################################################
@ -251,29 +250,29 @@ SEC_TEMPORARY = +pugt ;
rulename = "Root Directory and Files",
)
{
/root -> $(SEC_IGNORE_NONE) -SHa ;
/root/.bashrc -> $(SEC_DYNAMIC) ;
/root/.bash_history -> $(SEC_DYNAMIC) ;
#/root/.bash_logout -> $(SEC_DYNAMIC) ;
/root/.bash_profile -> $(SEC_DYNAMIC) ;
/root/.cshrc -> $(SEC_DYNAMIC) ;
#/root/.enlightenment -> $(SEC_DYNAMIC) ;
#/root/.esd-auth -> $(SEC_DYNAMIC) ;
/root -> $(IgnoreNone) -SHa ;
/root/.bashrc -> $(Dynamic) ;
/root/.bash_history -> $(Dynamic) ;
#/root/.bash_logout -> $(Dynamic) ;
/root/.bash_profile -> $(Dynamic) ;
/root/.cshrc -> $(Dynamic) ;
#/root/.enlightenment -> $(Dynamic) ;
#/root/.esd-auth -> $(Dynamic) ;
!/root/.gconf ;
!/root/.gconfd ;
#/root/.gnome -> $(SEC_DYNAMIC) ;
#/root/.gnome-desktop -> $(SEC_DYNAMIC) ;
#/root/.gnome2 -> $(SEC_DYNAMIC) ;
#/root/.gtkrc -> $(SEC_DYNAMIC) ;
#/root/.gtkrc-1.2-gnome2 -> $(SEC_DYNAMIC) ;
#/root/.metacity -> $(SEC_DYNAMIC) ;
#/root/.nautilus -> $(SEC_DYNAMIC) ;
#/root/.rhn-applet.conf -> $(SEC_DYNAMIC) ;
#/root/.tcshrc -> $(SEC_DYNAMIC) ;
#/root/.xauth -> $(SEC_DYNAMIC) ;
#/root/.ICEauthority -> $(SEC_DYNAMIC) ;
#/root/.Xauthority -> $(SEC_DYNAMIC) -i ;
#/root/.Xresources -> $(SEC_DYNAMIC) ;
#/root/.gnome -> $(Dynamic) ;
#/root/.gnome-desktop -> $(Dynamic) ;
#/root/.gnome2 -> $(Dynamic) ;
#/root/.gtkrc -> $(Dynamic) ;
#/root/.gtkrc-1.2-gnome2 -> $(Dynamic) ;
#/root/.metacity -> $(Dynamic) ;
#/root/.nautilus -> $(Dynamic) ;
#/root/.rhn-applet.conf -> $(Dynamic) ;
#/root/.tcshrc -> $(Dynamic) ;
#/root/.xauth -> $(Dynamic) ;
#/root/.ICEauthority -> $(Dynamic) ;
#/root/.Xauthority -> $(Dynamic) -i ;
#/root/.Xresources -> $(Dynamic) ;
}
################################################
@ -287,12 +286,12 @@ SEC_TEMPORARY = +pugt ;
rulename = "Temporary Directories",
)
{
/usr/tmp -> $(SEC_TEMPORARY) ;
/var/tmp -> $(SEC_TEMPORARY) ;
/tmp -> $(SEC_TEMPORARY) ;
#/tmp/.fam-socket -> $(SEC_TEMPORARY) ;
#/tmp/.ICE-unix -> $(SEC_TEMPORARY) ;
#/tmp/.X11-unix -> $(SEC_TEMPORARY) ;
/usr/tmp -> $(Temporary) ;
/var/tmp -> $(Temporary) ;
/tmp -> $(Temporary) ;
#/tmp/.fam-socket -> $(Temporary) ;
#/tmp/.ICE-unix -> $(Temporary) ;
#/tmp/.X11-unix -> $(Temporary) ;
!/tmp/orbit-root ;
}
@ -307,21 +306,21 @@ SEC_TEMPORARY = +pugt ;
rulename = "System Boot Changes",
)
{
/.autofsck -> $(SEC_DYNAMIC) -m ;
/var/cache/man/whatis -> $(SEC_GROWING) ;
/var/lib/logrotate.status -> $(SEC_GROWING) ;
#/var/lib/nfs/statd -> $(SEC_GROWING) ;
/.autofsck -> $(Dynamic) -m ;
/var/cache/man/whatis -> $(Growing) ;
/var/lib/logrotate.status -> $(Growing) ;
#/var/lib/nfs/statd -> $(Growing) ;
!/var/lib/random-seed ;
#/var/lib/slocate/slocate.db -> $(SEC_GROWING) -is ;
/var/lock/subsys -> $(SEC_DYNAMIC) -i ;
/var/log -> $(SEC_GROWING) -i ;
#/var/lib/slocate/slocate.db -> $(Growing) -is ;
/var/lock/subsys -> $(Dynamic) -i ;
/var/log -> $(Growing) -i ;
!/var/log/sa;
!/var/log/cisco;
/var/run -> $(SEC_DYNAMIC) -i ;
/etc/cron.daily -> $(SEC_GROWING);
/etc/cron.weekly -> $(SEC_GROWING);
/etc/cron.monthly -> $(SEC_GROWING);
/var/spool/mail -> $(SEC_GROWING);
/var/run -> $(Dynamic) -i ;
/etc/cron.daily -> $(Growing);
/etc/cron.weekly -> $(Growing);
/etc/cron.monthly -> $(Growing);
/var/spool/mail -> $(Growing);
}
################################################
@ -335,10 +334,10 @@ SEC_TEMPORARY = +pugt ;
rulename = "Monitor Filesystems",
)
{
/ -> $(SEC_READONLY) ;
/home -> $(SEC_READONLY) ; # Modify as needed
/usr -> $(SEC_READONLY) ;
/var -> $(SEC_READONLY) ;
/ -> $(ReadOnly) ;
/home -> $(ReadOnly) ; # Modify as needed
/usr -> $(ReadOnly) ;
/var -> $(ReadOnly) ;
}
################################################

664
policy/twpol-MidnightBSD.txt
View File

@ -1,664 +0,0 @@
#
# Policy file for MidnightBSD
# (adapted from FreeBSD policy)
#
# $FreeBSD: ports/security/tripwire/files/twpol.txt,v 1.2 2002/03/04 16:55:21 cy Exp $
# $Id: twpol-FreeBSD.txt,v 1.1 2003/06/08 02:00:06 pherman Exp $
#
# This is the example Tripwire Policy file. It is intended as a place to
# start creating your own custom Tripwire Policy file. Referring to it as
# well as the Tripwire Policy Guide should give you enough information to
# make a good custom Tripwire Policy file that better covers your
# configuration and security needs. A text version of this policy file is
# called twpol.txt.
#
# Note that this file is tuned to an install of FreeBSD using
# buildworld. If run unmodified, this file should create no errors on
# database creation, or violations on a subsiquent integrity check.
# However it is impossible for there to be one policy file for all machines,
# so this existing one errs on the side of security. Your FreeBSD
# configuration will most likey differ from the one our policy file was
# tuned to, and will therefore require some editing of the default
# Tripwire Policy file.
#
# The example policy file is best run with 'Loose Directory Checking'
# enabled. Set LOOSEDIRECTORYCHECKING=TRUE in the Tripwire Configuration
# file.
#
# Email support is not included and must be added to this file.
# Add the 'emailto=' to the rule directive section of each rule (add a comma
# after the 'severity=' line and add an 'emailto=' and include the email
# addresses you want the violation reports to go to). Addresses are
# semi-colon delimited.
#
#
# Global Variable Definitions
#
# These are defined at install time by the installation script. You may
# Manually edit these if you are using this file directly and not from the
# installation script itself.
#
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
@@section FS
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
SEC_CRIT = $(SEC_IGNORE_NONE)-SHa ; # Critical files that cannot change
SEC_SUID = $(SEC_IGNORE_NONE)-SHa ; # Binaries with the SUID or SGID flags set
SEC_BIN = $(SEC_READONLY) ; # Binaries that should not change
SEC_CONFIG = $(SEC_DYNAMIC) ; # Config files that are changed infrequently but accessed often
SEC_TTY = $(SEC_DYNAMIC)-ugp ; # Tty files that change ownership at login
SEC_LOG = $(SEC_GROWING) ; # Files that grow, but that should never change ownership
SEC_INVARIANT = $(SEC_TEMPORARY) ; # Directories that should never change permission or ownership
SIG_LOW = 33 ; # Non-critical files that are of minimal security impact
SIG_MED = 66 ; # Non-critical files that are of significant security impact
SIG_HI = 100 ; # Critical files that are significant points of vulnerability
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
severity = $(SIG_HI)
)
{
$(TWBIN)/siggen -> $(SEC_BIN) ;
$(TWBIN)/tripwire -> $(SEC_BIN) ;
$(TWBIN)/twadmin -> $(SEC_BIN) ;
$(TWBIN)/twprint -> $(SEC_BIN) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
severity = $(SIG_HI)
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_CONFIG) -i ;
$(TWPOL)/tw.pol -> $(SEC_BIN) -i ;
$(TWPOL)/tw.cfg -> $(SEC_BIN) -i ;
$(TWPOL)/twcfg.txt -> $(SEC_BIN) ;
$(TWPOL)/twpol.txt -> $(SEC_BIN) ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_BIN) ;
$(TWSKEY)/site.key -> $(SEC_BIN) ;
#don't scan the individual reports
$(TWREPORT) -> $(SEC_CONFIG) (recurse=0) ;
}
# Tripwire HQ Connector Binaries
#(
# rulename = "Tripwire HQ Connector Binaries",
# severity = $(SIG_HI)
#)
#{
# $(TWBIN)/hqagent -> $(SEC_BIN) ;
#}
#
# Tripwire HQ Connector - Configuration Files, Keys, and Logs
#
# Note: File locations here are different than in a stock HQ Connector
# installation. This is because Tripwire 2.3 uses a different path
# structure than Tripwire 2.2.1.
#
# You may need to update your HQ Agent configuation file (or this policy
# file) to correct the paths. We have attempted to support the FHS standard
# here by placing the HQ Agent files similarly to the way Tripwire 2.3
# places them.
#
#(
# rulename = "Tripwire HQ Connector Data Files",
# severity = $(SIG_HI)
#)
#{
#
# # NOTE: Removing the inode attribute because when Tripwire creates a backup
# # it does so by renaming the old file and creating a new one (which will
# # have a new inode number). Leaving inode turned on for keys, which
# # shouldn't ever change.
#
#
# $(TWBIN)/agent.cfg -> $(SEC_BIN) -i ;
# $(TWLKEY)/authentication.key -> $(SEC_BIN) ;
# $(TWDB)/tasks.dat -> $(SEC_CONFIG) ;
# $(TWDB)/schedule.dat -> $(SEC_CONFIG) ;
#
# # Uncomment if you have agent logging enabled.
# #/var/log/tripwire/agent.log -> $(SEC_LOG) ;
#}
# Commonly accessed directories that should remain static with regards to owner and group
(
rulename = "Invariant Directories",
severity = $(SIG_MED)
)
{
/ -> $(SEC_INVARIANT) (recurse = false) ;
/home -> $(SEC_INVARIANT) (recurse = false) ;
}
#
# First, root's "home"
#
(
rulename = "Root's home",
severity = $(SIG_HI)
)
{
# /.rhosts -> $(SEC_CRIT) ;
/.profile -> $(SEC_CRIT) ;
/.cshrc -> $(SEC_CRIT) ;
/.login -> $(SEC_CRIT) ;
# /.exrc -> $(SEC_CRIT) ;
# /.logout -> $(SEC_CRIT) ;
# /.forward -> $(SEC_CRIT) ;
/root -> $(SEC_CRIT) (recurse = true) ;
!/root/.history ;
!/root/.bash_history ;
# !/root/.lsof_SYSTEM_NAME ; # Uncomment if lsof is installed
}
#
# FreeBSD Kernel
#
(
rulename = "FreeBSD Kernel",
severity = $(SIG_HI)
)
{
/kernel -> $(SEC_CRIT) ;
/kernel.old -> $(SEC_CRIT) ;
/kernel.GENERIC -> $(SEC_CRIT) ;
}
#
# FreeBSD Modules
#
(
rulename = "FreeBSD Modules",
severity = $(SIG_HI)
)
{
/modules -> $(SEC_CRIT) (recurse = true) ;
/modules.old -> $(SEC_CRIT) (recurse = true) ;
# /lkm -> $(SEC_CRIT) (recurse = true) ; # uncomment if using lkm kld
}
#
# System Administration Programs
#
(
rulename = "System Administration Programs",
severity = $(SIG_HI)
)
{
/sbin -> $(SEC_CRIT) (recurse = true) ;
/usr/sbin -> $(SEC_CRIT) (recurse = true) ;
}
#
# User Utilities
#
(
rulename = "User Utilities",
severity = $(SIG_HI)
)
{
/bin -> $(SEC_CRIT) (recurse = true) ;
/usr/bin -> $(SEC_CRIT) (recurse = true) ;
}
#
# /dev
#
(
rulename = "/dev",
severity = $(SIG_HI)
)
{
/dev -> $(Device) (recurse = true) ;
!/dev/vga ;
!/dev/dri ;
/dev/console -> $(SEC_TTY) ;
/dev/ttyv0 -> $(SEC_TTY) ;
/dev/ttyv1 -> $(SEC_TTY) ;
/dev/ttyv2 -> $(SEC_TTY) ;
/dev/ttyv3 -> $(SEC_TTY) ;
/dev/ttyv4 -> $(SEC_TTY) ;
/dev/ttyv5 -> $(SEC_TTY) ;
/dev/ttyv6 -> $(SEC_TTY) ;
/dev/ttyv7 -> $(SEC_TTY) ;
/dev/ttyp0 -> $(SEC_TTY) ;
/dev/ttyp1 -> $(SEC_TTY) ;
/dev/ttyp2 -> $(SEC_TTY) ;
/dev/ttyp3 -> $(SEC_TTY) ;
/dev/ttyp4 -> $(SEC_TTY) ;
/dev/ttyp5 -> $(SEC_TTY) ;
/dev/ttyp6 -> $(SEC_TTY) ;
/dev/ttyp7 -> $(SEC_TTY) ;
/dev/ttyp8 -> $(SEC_TTY) ;
/dev/ttyp9 -> $(SEC_TTY) ;
/dev/ttypa -> $(SEC_TTY) ;
/dev/ttypb -> $(SEC_TTY) ;
/dev/ttypc -> $(SEC_TTY) ;
/dev/ttypd -> $(SEC_TTY) ;
/dev/ttype -> $(SEC_TTY) ;
/dev/ttypf -> $(SEC_TTY) ;
/dev/ttypg -> $(SEC_TTY) ;
/dev/ttyph -> $(SEC_TTY) ;
/dev/ttypi -> $(SEC_TTY) ;
/dev/ttypj -> $(SEC_TTY) ;
/dev/ttypl -> $(SEC_TTY) ;
/dev/ttypm -> $(SEC_TTY) ;
/dev/ttypn -> $(SEC_TTY) ;
/dev/ttypo -> $(SEC_TTY) ;
/dev/ttypp -> $(SEC_TTY) ;
/dev/ttypq -> $(SEC_TTY) ;
/dev/ttypr -> $(SEC_TTY) ;
/dev/ttyps -> $(SEC_TTY) ;
/dev/ttypt -> $(SEC_TTY) ;
/dev/ttypu -> $(SEC_TTY) ;
/dev/ttypv -> $(SEC_TTY) ;
/dev/cuaa0 -> $(SEC_TTY) ; # modem
}
#
# /etc
#
(
rulename = "/etc",
severity = $(SIG_HI)
)
{
/etc -> $(SEC_CRIT) (recurse = true) ;
# /etc/mail/aliases -> $(SEC_CONFIG) ;
/etc/dumpdates -> $(SEC_CONFIG) ;
/etc/motd -> $(SEC_CONFIG) ;
!/etc/ppp/connect-errors ;
/etc/skeykeys -> $(SEC_CONFIG) ;
# Uncomment the following 4 lines if your password file does not change
# /etc/passwd -> $(SEC_CONFIG) ;
# /etc/master.passwd -> $(SEC_CONFIG) ;
# /etc/pwd.db -> $(SEC_CONFIG) ;
# /etc/spwd.db -> $(SEC_CONFIG) ;
}
#
# Copatibility (Linux)
#
(
rulename = "Linux Compatibility",
severity = $(SIG_HI)
)
{
/compat -> $(SEC_CRIT) (recurse = true) ;
#
# Uncomment the following if Linux compatibility is used. Replace
# HOSTNAME1 and HOSTNAME2 with the hosts that have Linux emulation port
# installed.
#
#@@ifhost HOSTNAME1 || HOSTNAME2
# /compat/linux/etc -> $(SEC_INVARIANT) (recurse = false) ;
# /compat/linux/etc/X11 -> $(SEC_CONFIG) (recurse = true) ;
# /compat/linux/etc/pam.d -> $(SEC_CONFIG) (recurse = true) ;
# /compat/linux/etc/profile.d -> $(SEC_CONFIG) (recurse = true) ;
# /compat/linux/etc/real -> $(SEC_CONFIG) (recurse = true) ;
# /compat/linux/etc/bashrc -> $(SEC_CONFIG) ;
# /compat/linux/etc/csh.login -> $(SEC_CONFIG) ;
# /compat/linux/etc/host.conf -> $(SEC_CONFIG) ;
# /compat/linux/etc/hosts.allow -> $(SEC_CONFIG) ;
# /compat/linux/etc/hosts.deny -> $(SEC_CONFIG) ;
# /compat/linux/etc/info-dir -> $(SEC_CONFIG) ;
# /compat/linux/etc/inputrc -> $(SEC_CONFIG) ;
# /compat/linux/etc/ld.so.conf -> $(SEC_CONFIG) ;
# /compat/linux/etc/nsswitch.conf -> $(SEC_CONFIG) ;
# /compat/linux/etc/profile -> $(SEC_CONFIG) ;
# /compat/linux/etc/redhat-release -> $(SEC_CONFIG) ;
# /compat/linux/etc/rpc -> $(SEC_CONFIG) ;
# /compat/linux/etc/securetty -> $(SEC_CONFIG) ;
# /compat/linux/etc/shells -> $(SEC_CONFIG) ;
# /compat/linux/etc/termcap -> $(SEC_CONFIG) ;
# /compat/linux/etc/yp.conf -> $(SEC_CONFIG) ;
# !/compat/linux/etc/ld.so.cache ;
# !/compat/linux/var/spool/mail ;
#@@endif
}
#
# Libraries, include files, and other system files
#
(
rulename = "Libraries, include files, and other system files",
severity = $(SIG_HI)
)
{
/usr/include -> $(SEC_CRIT) (recurse = true) ;
/usr/lib -> $(SEC_CRIT) (recurse = true) ;
/usr/libdata -> $(SEC_CRIT) (recurse = true) ;
/usr/libexec -> $(SEC_CRIT) (recurse = true) ;
/usr/share -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man -> $(SEC_CONFIG) ;
!/usr/share/man/whatis ;
!/usr/share/man/.glimpse_filenames ;
!/usr/share/man/.glimpse_filenames_index ;
!/usr/share/man/.glimpse_filetimes ;
!/usr/share/man/.glimpse_filters ;
!/usr/share/man/.glimpse_index ;
!/usr/share/man/.glimpse_messages ;
!/usr/share/man/.glimpse_partitions ;
!/usr/share/man/.glimpse_statistics ;
!/usr/share/man/.glimpse_turbo ;
/usr/share/man/man1 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man2 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man3 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man4 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man5 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man6 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man7 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man8 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man9 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/mann -> $(SEC_CRIT) (recurse = true) ;
! /usr/share/man/cat1 ;
! /usr/share/man/cat2 ;
! /usr/share/man/cat3 ;
! /usr/share/man/cat4 ;
! /usr/share/man/cat5 ;
! /usr/share/man/cat6 ;
! /usr/share/man/cat7 ;
! /usr/share/man/cat8 ;
! /usr/share/man/cat9 ;
! /usr/share/man/catl ;
! /usr/share/man/catn ;
/usr/share/perl/man -> $(SEC_CONFIG) ;
!/usr/share/perl/man/whatis ;
!/usr/share/perl/man/.glimpse_filenames ;
!/usr/share/perl/man/.glimpse_filenames_index ;
!/usr/share/perl/man/.glimpse_filetimes ;
!/usr/share/perl/man/.glimpse_filters ;
!/usr/share/perl/man/.glimpse_index ;
!/usr/share/perl/man/.glimpse_messages ;
!/usr/share/perl/man/.glimpse_partitions ;
!/usr/share/perl/man/.glimpse_statistics ;
!/usr/share/perl/man/.glimpse_turbo ;
/usr/share/perl/man/man3 -> $(SEC_CRIT) (recurse = true) ;
! /usr/share/perl/man/cat3 ;
/usr/local/lib/perl5/5.00503/man -> $(SEC_CONFIG) ;
! /usr/local/lib/perl5/5.00503/man/whatis ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_filters ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_filetimes ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_messages ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_statistics ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_index ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_turbo ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_partitions ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_filenames ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_filenames_index ;
/usr/local/lib/perl5/5.00503/man/man3 -> $(SEC_CRIT) (recurse = true) ;
! /usr/local/lib/perl5/5.00503/man/cat3 ;
}
#
# X11R6
#
(
rulename = "X11R6",
severity = $(SIG_HI)
)
{
/usr/X11R6 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/lib/X11/xdm -> $(SEC_CONFIG) (recurse = true) ;
!/usr/X11R6/lib/X11/xdm/xdm-errors ;
!/usr/X11R6/lib/X11/xdm/authdir/authfiles ;
!/usr/X11R6/lib/X11/xdm/xdm-pid ;
/usr/X11R6/lib/X11/xkb/compiled -> $(SEC_CONFIG) (recurse = true) ;
/usr/X11R6/man -> $(SEC_CONFIG) ;
!/usr/X11R6/man/whatis ;
!/usr/X11R6/man/.glimpse_filenames ;
!/usr/X11R6/man/.glimpse_filenames_index ;
!/usr/X11R6/man/.glimpse_filetimes ;
!/usr/X11R6/man/.glimpse_filters ;
!/usr/X11R6/man/.glimpse_index ;
!/usr/X11R6/man/.glimpse_messages ;
!/usr/X11R6/man/.glimpse_partitions ;
!/usr/X11R6/man/.glimpse_statistics ;
!/usr/X11R6/man/.glimpse_turbo ;
/usr/X11R6/man/man1 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man2 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man3 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man4 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man5 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man6 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man7 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man8 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man9 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/manl -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/mann -> $(SEC_CRIT) (recurse = true) ;
! /usr/X11R6/man/cat1 ;
! /usr/X11R6/man/cat2 ;
! /usr/X11R6/man/cat3 ;
! /usr/X11R6/man/cat4 ;
! /usr/X11R6/man/cat5 ;
! /usr/X11R6/man/cat6 ;
! /usr/X11R6/man/cat7 ;
! /usr/X11R6/man/cat8 ;
! /usr/X11R6/man/cat9 ;
! /usr/X11R6/man/catl ;
! /usr/X11R6/man/catn ;
}
#
# sources
#
(
rulename = "Sources",
severity = $(SIG_HI)
)
{
/usr/src -> $(SEC_CRIT) (recurse = true) ;
/usr/src/sys/compile -> $(SEC_CONFIG) (recurse = false) ;
}
#
# NIS
#
(
rulename = "NIS",
severity = $(SIG_HI)
)
{
/var/yp -> $(SEC_CRIT) (recurse = true) ;
!/var/yp/binding ;
}
#
# Temporary directories
#
(
rulename = "Temporary directories",
recurse = false,
severity = $(SIG_LOW)
)
{
/usr/tmp -> $(SEC_INVARIANT) ;
/var/tmp -> $(SEC_INVARIANT) ;
/var/preserve -> $(SEC_INVARIANT) ;
/tmp -> $(SEC_INVARIANT) ;
}
#
# Local files
#
(
rulename = "Local files",
severity = $(SIG_MED)
)
{
/usr/local/bin -> $(SEC_BIN) (recurse = true) ;
/usr/local/sbin -> $(SEC_BIN) (recurse = true) ;
/usr/local/etc -> $(SEC_BIN) (recurse = true) ;
/usr/local/lib -> $(SEC_BIN) (recurse = true ) ;
/usr/local/libexec -> $(SEC_BIN) (recurse = true ) ;
/usr/local/share -> $(SEC_BIN) (recurse = true ) ;
/usr/local/man -> $(SEC_CONFIG) ;
!/usr/local/man/whatis ;
!/usr/local/man/.glimpse_filenames ;
!/usr/local/man/.glimpse_filenames_index ;
!/usr/local/man/.glimpse_filetimes ;
!/usr/local/man/.glimpse_filters ;
!/usr/local/man/.glimpse_index ;
!/usr/local/man/.glimpse_messages ;
!/usr/local/man/.glimpse_partitions ;
!/usr/local/man/.glimpse_statistics ;
!/usr/local/man/.glimpse_turbo ;
/usr/local/man/man1 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man2 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man3 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man4 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man5 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man6 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man7 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man8 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man9 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/manl -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/mann -> $(SEC_CRIT) (recurse = true) ;
! /usr/local/man/cat1 ;
! /usr/local/man/cat2 ;
! /usr/local/man/cat3 ;
! /usr/local/man/cat4 ;
! /usr/local/man/cat5 ;
! /usr/local/man/cat6 ;
! /usr/local/man/cat7 ;
! /usr/local/man/cat8 ;
! /usr/local/man/cat9 ;
! /usr/local/man/catl ;
! /usr/local/man/catn ;
/usr/local/krb5 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man -> $(SEC_CONFIG) ;
!/usr/local/krb5/man/whatis ;
!/usr/local/krb5/man/.glimpse_filenames ;
!/usr/local/krb5/man/.glimpse_filenames_index ;
!/usr/local/krb5/man/.glimpse_filetimes ;
!/usr/local/krb5/man/.glimpse_filters ;
!/usr/local/krb5/man/.glimpse_index ;
!/usr/local/krb5/man/.glimpse_messages ;
!/usr/local/krb5/man/.glimpse_partitions ;
!/usr/local/krb5/man/.glimpse_statistics ;
!/usr/local/krb5/man/.glimpse_turbo ;
/usr/local/krb5/man/man1 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man2 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man3 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man4 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man5 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man6 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man7 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man8 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man9 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/manl -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/mann -> $(SEC_CRIT) (recurse = true) ;
! /usr/local/krb5/man/cat1 ;
! /usr/local/krb5/man/cat2 ;
! /usr/local/krb5/man/cat3 ;
! /usr/local/krb5/man/cat4 ;
! /usr/local/krb5/man/cat5 ;
! /usr/local/krb5/man/cat6 ;
! /usr/local/krb5/man/cat7 ;
! /usr/local/krb5/man/cat8 ;
! /usr/local/krb5/man/cat9 ;
! /usr/local/krb5/man/catl ;
! /usr/local/krb5/man/catn ;
/usr/local/www -> $(SEC_CONFIG) (recurse = true) ;
}
(
rulename = "Security Control",
severity = $(SIG_HI)
)
{
/etc/group -> $(SEC_CRIT) ;
/etc/crontab -> $(SEC_CRIT) ;
}
#=============================================================================
#
# Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire,
# Inc. in the United States and other countries. All rights reserved.
#
# FreeBSD is a registered trademark of the FreeBSD Project Inc.
#
# UNIX is a registered trademark of The Open Group.
#
#=============================================================================
#
# Permission is granted to make and distribute verbatim copies of this document
# provided the copyright notice and this permission notice are preserved on all
# copies.
#
# Permission is granted to copy and distribute modified versions of this
# document under the conditions for verbatim copying, provided that the entire
# resulting derived work is distributed under the terms of a permission notice
# identical to this one.
#
# Permission is granted to copy and distribute translations of this document
# into another language, under the above conditions for modified versions,
# except that this permission notice may be stated in a translation approved by
# Tripwire, Inc.
#
# DCM

176
policy/twpol-Minix.txt
View File

@ -1,176 +0,0 @@
###############################################################################
# ##
# Default Tripwire 2.4 Policy file for Minix ##
# ##
###############################################################################
###############################################################################
# ##
# Global Variable Definitions ##
# ##
# These are defined at install time by the installation script. You may ##
# Manually edit these if you are using this file directly and not from the ##
# installation script itself. ##
# ##
###############################################################################
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
##############################################################################
# Predefined Variables #
##############################################################################
#
# Property Masks
#
# - ignore the following properties
# + check the following properties
#
# a access timestamp (mutually exclusive with +CMSH)
# b number of blocks allocated
# c inode creation/modification timestamp
# d ID of device on which inode resides
# g group id of owner
# i inode number
# l growing files (logfiles for example)
# m modification timestamp
# n number of links
# p permission and file mode bits
# r ID of device pointed to by inode (valid only for device objects)
# s file size
# t file type
# u user id of owner
#
# C CRC-32 hash
# H HAVAL hash
# M MD5 hash
# S SHA hash
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
@@section FS
#########################################
# ##
# Tripwire Binaries and Data Files ##
# ##
#########################################
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
}
##############################################################################
(rulename="Boot files",)
{
/boot -> $(SEC_READONLY) -a;
/boot_monitor -> $(SEC_READONLY) -a;
/boot.cfg -> $(SEC_READONLY) -a;
}
(rulename="Binary files",)
{
/bin -> $(SEC_READONLY) -a;
/usr/bin -> $(SEC_READONLY) -a;
/usr/local/bin -> $(SEC_READONLY) -a;
/usr/pkg/bin -> $(SEC_READONLY) -a;
}
(rulename="Development",)
{
/usr/pkg/gnu/bin -> $(SEC_READONLY) -a;
/usr/pkg/i386-elf32-minix/bin -> $(SEC_READONLY) -a;
}
(rulename="Libexec",)
{
/usr/libexec -> $(SEC_READONLY) -a;
/usr/pkg/libexec -> $(SEC_READONLY) -a;
}
(rulename="Admin binaries",)
{
/service -> $(SEC_READONLY) -a;
/sbin -> $(SEC_READONLY) -a;
/usr/sbin -> $(SEC_READONLY) -a;
/usr/pkg/sbin -> $(SEC_READONLY) -a;
}
(rulename="Libraries",)
{
/lib -> $(SEC_READONLY) -a;
/usr/lib -> $(SEC_READONLY) -a;
/usr/pkg/lib -> $(SEC_READONLY) -a;
}
(rulename="Etc",)
{
/etc -> $(SEC_READONLY) -a;
/usr/etc -> $(SEC_READONLY) -a;
/usr/pkg/etc -> $(SEC_READONLY) -a;
}
(rulename="Dev",)
{
/dev -> $(SEC_DEVICE);
}
(rulename="Tmp",)
{
/tmp -> $(SEC_TEMPORARY);
/var/tmp -> $(SEC_TEMPORARY);
/usr/tmp -> $(SEC_TEMPORARY);
}
(rulename="Log",)
{
/var/log -> $(SEC_GROWING);
}

292
policy/twpol-MirBSD.txt
View File

@ -1,292 +0,0 @@
##############################################################################
# ##
############################################################################## #
# # #
# Tripwire 2.4 policy for MirOS BSD # #
# updated March 2018 # #
# ##
##############################################################################
##############################################################################
# ##
############################################################################## #
# # #
# Global Variable Definitions # #
# # #
# These are defined at install time by the installation script. You may # #
# manually edit these if you are using this file directly and not from the # #
# installation script itself. # #
# ##
##############################################################################
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
##############################################################################
# Predefined Variables #
##############################################################################
#
# Property Masks
#
# - ignore the following properties
# + check the following properties
#
# a access timestamp (mutually exclusive with +CMSH)
# b number of blocks allocated
# c inode creation/modification timestamp
# d ID of device on which inode resides
# g group id of owner
# i inode number
# l growing files (logfiles for example)
# m modification timestamp
# n number of links
# p permission and file mode bits
# r ID of device pointed to by inode (valid only for device objects)
# s file size
# t file type
# u user id of owner
#
# C CRC-32 hash
# H HAVAL hash
# M MD5 hash
# S SHA hash
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
@@section FS
########################################
# ##
######################################## #
# # #
# Tripwire Binaries and Data Files # #
# ##
########################################
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
# In this configuration /usr/local is a symbolic link to /home/local.
# We want to ignore the following directories since they are already
# scanned using the real directory or mount point. Otherwise we see
# duplicates in the reports.
!/home/local ;
}
################################################
# ##
################################################ #
# # #
# OS Boot and Configuration Files # #
# ##
################################################
(
rulename = "OS Boot and Configuration Files",
)
{
/boot -> $(SEC_READONLY) ;
/bsd -> $(SEC_READONLY) ;
/etc -> $(SEC_IGNORE_NONE) -SHa ;
}
###################################################
# ##
################################################### #
# # #
# Mount Points # #
# ##
###################################################
(
rulename = "Mount Points",
)
{
/ -> $(SEC_READONLY) ;
/cdrom -> $(SEC_DYNAMIC) ;
/floppy -> $(SEC_DYNAMIC) ;
/home -> $(SEC_READONLY) ; # Modify as needed
/mnt -> $(SEC_DYNAMIC) ;
/usr -> $(SEC_READONLY) ;
/var -> $(SEC_READONLY) ;
}
###################################################
# ##
################################################### #
# # #
# Misc Top-Level Directories # #
# ##
###################################################
(
rulename = "Misc Top-Level Directories",
)
{
/altroot -> $(SEC_DYNAMIC) ;
/stand -> $(SEC_DYNAMIC) ;
}
################################################
# ##
################################################ #
# # #
# System Devices # #
# ##
################################################
(
rulename = "System Devices",
)
{
/dev -> $(SEC_DEVICE) ;
/dev/fd -> $(SEC_DEVICE) ;
/var/cron/tabs/.sock -> $(SEC_DEVICE) ;
/var/empty/dev/log -> $(SEC_DEVICE) ;
}
################################################
# ##
################################################ #
# # #
# OS Binaries and Libraries # #
# ##
################################################
(
rulename = "OS Binaries and Libraries",
)
{
/bin -> $(SEC_READONLY) ;
/sbin -> $(SEC_READONLY) ;
/usr/bin -> $(SEC_READONLY) ;
/usr/lib -> $(SEC_READONLY) ;
/usr/libexec -> $(SEC_READONLY) ;
/usr/sbin -> $(SEC_READONLY) ;
/usr/X11R6/bin -> $(SEC_READONLY) ;
/usr/X11R6/lib -> $(SEC_READONLY) ;
}
################################################
# ##
################################################ #
# # #
# Usr Local Files # #
# ##
################################################
#OK(
#OKrulename = "Usr Local Files",
#OK)
#OK{
#OK/usr/local -> $(SEC_READONLY) ;
#OK/usr/local/bin -> $(SEC_READONLY) ;
#OK/usr/local/doc -> $(SEC_READONLY) ;
#OK/usr/local/etc -> $(SEC_READONLY) ;
#OK/usr/local/include -> $(SEC_READONLY) ;
#OK/usr/local/info -> $(SEC_READONLY) ;
#OK/usr/local/lib -> $(SEC_READONLY) ;
#OK/usr/local/libdata -> $(SEC_READONLY) ;
#OK/usr/local/libexec -> $(SEC_READONLY) ;
#OK/usr/local/man -> $(SEC_READONLY) ;
#OK/usr/local/sbin -> $(SEC_READONLY) ;
#OK/usr/local/share -> $(SEC_READONLY) ;
#OK/usr/local/src -> $(SEC_READONLY) ;
#OK}
################################################
# ##
################################################ #
# # #
# Root Directory and Files # #
# ##
################################################
(
rulename = "Root Directory and Files",
)
{
/root -> $(SEC_IGNORE_NONE) -SHa ;
/root/.cshrc -> $(SEC_DYNAMIC) ;
/root/.profile -> $(SEC_DYNAMIC) ;
}
################################################
# ##
################################################ #
# # #
# Temporary Directories # #
# ##
################################################
(
rulename = "Temporary Directories",
)
{
/tmp -> $(SEC_TEMPORARY) ;
/var/tmp -> $(SEC_TEMPORARY) ;
}
################################################
# ##
################################################ #
# # #
# System and Boot Changes # #
# ##
################################################
(
rulename = "System and Boot Changes",
)
{
/var/backups -> $(SEC_DYNAMIC) -i ;
/var/db/host.random -> $(SEC_READONLY) -mCM ;
/var/cron -> $(SEC_GROWING) -i ;
/var/log -> $(SEC_GROWING) -i ;
/var/run -> $(SEC_DYNAMIC) -i ;
/var/mail -> $(SEC_GROWING) ;
/var/msgs/bounds -> $(SEC_READONLY) -smbCM ;
/var/spool/clientmqueue -> $(SEC_TEMPORARY) ;
/var/spool/mqueue -> $(SEC_TEMPORARY) ;
}
#
# $Id: twpol-OpenBSD.txt,v 1.2 2004/05/14 21:56:21 pherman Exp $
#

664
policy/twpol-NetBSD.txt
View File

@ -1,664 +0,0 @@
#
# Policy file for NetBSD
# (adapted from FreeBSD policy)
#
# $FreeBSD: ports/security/tripwire/files/twpol.txt,v 1.2 2002/03/04 16:55:21 cy Exp $
# $Id: twpol-FreeBSD.txt,v 1.1 2003/06/08 02:00:06 pherman Exp $
#
# This is the example Tripwire Policy file. It is intended as a place to
# start creating your own custom Tripwire Policy file. Referring to it as
# well as the Tripwire Policy Guide should give you enough information to
# make a good custom Tripwire Policy file that better covers your
# configuration and security needs. A text version of this policy file is
# called twpol.txt.
#
# Note that this file is tuned to an install of FreeBSD using
# buildworld. If run unmodified, this file should create no errors on
# database creation, or violations on a subsiquent integrity check.
# However it is impossible for there to be one policy file for all machines,
# so this existing one errs on the side of security. Your FreeBSD
# configuration will most likey differ from the one our policy file was
# tuned to, and will therefore require some editing of the default
# Tripwire Policy file.
#
# The example policy file is best run with 'Loose Directory Checking'
# enabled. Set LOOSEDIRECTORYCHECKING=TRUE in the Tripwire Configuration
# file.
#
# Email support is not included and must be added to this file.
# Add the 'emailto=' to the rule directive section of each rule (add a comma
# after the 'severity=' line and add an 'emailto=' and include the email
# addresses you want the violation reports to go to). Addresses are
# semi-colon delimited.
#
#
# Global Variable Definitions
#
# These are defined at install time by the installation script. You may
# Manually edit these if you are using this file directly and not from the
# installation script itself.
#
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
@@section FS
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
SEC_CRIT = $(SEC_IGNORE_NONE)-SHa ; # Critical files that cannot change
SEC_SUID = $(SEC_IGNORE_NONE)-SHa ; # Binaries with the SUID or SGID flags set
SEC_BIN = $(SEC_READONLY) ; # Binaries that should not change
SEC_CONFIG = $(SEC_DYNAMIC) ; # Config files that are changed infrequently but accessed often
SEC_TTY = $(SEC_DYNAMIC)-ugp ; # Tty files that change ownership at login
SEC_LOG = $(SEC_GROWING) ; # Files that grow, but that should never change ownership
SEC_INVARIANT = $(SEC_TEMPORARY) ; # Directories that should never change permission or ownership
SIG_LOW = 33 ; # Non-critical files that are of minimal security impact
SIG_MED = 66 ; # Non-critical files that are of significant security impact
SIG_HI = 100 ; # Critical files that are significant points of vulnerability
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
severity = $(SIG_HI)
)
{
$(TWBIN)/siggen -> $(SEC_BIN) ;
$(TWBIN)/tripwire -> $(SEC_BIN) ;
$(TWBIN)/twadmin -> $(SEC_BIN) ;
$(TWBIN)/twprint -> $(SEC_BIN) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
severity = $(SIG_HI)
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_CONFIG) -i ;
$(TWPOL)/tw.pol -> $(SEC_BIN) -i ;
$(TWPOL)/tw.cfg -> $(SEC_BIN) -i ;
$(TWPOL)/twcfg.txt -> $(SEC_BIN) ;
$(TWPOL)/twpol.txt -> $(SEC_BIN) ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_BIN) ;
$(TWSKEY)/site.key -> $(SEC_BIN) ;
#don't scan the individual reports
$(TWREPORT) -> $(SEC_CONFIG) (recurse=0) ;
}
# Tripwire HQ Connector Binaries
#(
# rulename = "Tripwire HQ Connector Binaries",
# severity = $(SIG_HI)
#)
#{
# $(TWBIN)/hqagent -> $(SEC_BIN) ;
#}
#
# Tripwire HQ Connector - Configuration Files, Keys, and Logs
#
# Note: File locations here are different than in a stock HQ Connector
# installation. This is because Tripwire 2.3 uses a different path
# structure than Tripwire 2.2.1.
#
# You may need to update your HQ Agent configuation file (or this policy
# file) to correct the paths. We have attempted to support the FHS standard
# here by placing the HQ Agent files similarly to the way Tripwire 2.3
# places them.
#
#(
# rulename = "Tripwire HQ Connector Data Files",
# severity = $(SIG_HI)
#)
#{
#
# # NOTE: Removing the inode attribute because when Tripwire creates a backup
# # it does so by renaming the old file and creating a new one (which will
# # have a new inode number). Leaving inode turned on for keys, which
# # shouldn't ever change.
#
#
# $(TWBIN)/agent.cfg -> $(SEC_BIN) -i ;
# $(TWLKEY)/authentication.key -> $(SEC_BIN) ;
# $(TWDB)/tasks.dat -> $(SEC_CONFIG) ;
# $(TWDB)/schedule.dat -> $(SEC_CONFIG) ;
#
# # Uncomment if you have agent logging enabled.
# #/var/log/tripwire/agent.log -> $(SEC_LOG) ;
#}
# Commonly accessed directories that should remain static with regards to owner and group
(
rulename = "Invariant Directories",
severity = $(SIG_MED)
)
{
/ -> $(SEC_INVARIANT) (recurse = false) ;
/home -> $(SEC_INVARIANT) (recurse = false) ;
}
#
# First, root's "home"
#
(
rulename = "Root's home",
severity = $(SIG_HI)
)
{
# /.rhosts -> $(SEC_CRIT) ;
/.profile -> $(SEC_CRIT) ;
/.cshrc -> $(SEC_CRIT) ;
/.login -> $(SEC_CRIT) ;
# /.exrc -> $(SEC_CRIT) ;
# /.logout -> $(SEC_CRIT) ;
# /.forward -> $(SEC_CRIT) ;
/root -> $(SEC_CRIT) (recurse = true) ;
!/root/.history ;
!/root/.bash_history ;
# !/root/.lsof_SYSTEM_NAME ; # Uncomment if lsof is installed
}
#
# FreeBSD Kernel
#
(
rulename = "FreeBSD Kernel",
severity = $(SIG_HI)
)
{
/kernel -> $(SEC_CRIT) ;
/kernel.old -> $(SEC_CRIT) ;
/kernel.GENERIC -> $(SEC_CRIT) ;
}
#
# FreeBSD Modules
#
(
rulename = "FreeBSD Modules",
severity = $(SIG_HI)
)
{
/modules -> $(SEC_CRIT) (recurse = true) ;
/modules.old -> $(SEC_CRIT) (recurse = true) ;
# /lkm -> $(SEC_CRIT) (recurse = true) ; # uncomment if using lkm kld
}
#
# System Administration Programs
#
(
rulename = "System Administration Programs",
severity = $(SIG_HI)
)
{
/sbin -> $(SEC_CRIT) (recurse = true) ;
/usr/sbin -> $(SEC_CRIT) (recurse = true) ;
}
#
# User Utilities
#
(
rulename = "User Utilities",
severity = $(SIG_HI)
)
{
/bin -> $(SEC_CRIT) (recurse = true) ;
/usr/bin -> $(SEC_CRIT) (recurse = true) ;
}
#
# /dev
#
(
rulename = "/dev",
severity = $(SIG_HI)
)
{
/dev -> $(Device) (recurse = true) ;
!/dev/vga ;
!/dev/dri ;
/dev/console -> $(SEC_TTY) ;
/dev/ttyv0 -> $(SEC_TTY) ;
/dev/ttyv1 -> $(SEC_TTY) ;
/dev/ttyv2 -> $(SEC_TTY) ;
/dev/ttyv3 -> $(SEC_TTY) ;
/dev/ttyv4 -> $(SEC_TTY) ;
/dev/ttyv5 -> $(SEC_TTY) ;
/dev/ttyv6 -> $(SEC_TTY) ;
/dev/ttyv7 -> $(SEC_TTY) ;
/dev/ttyp0 -> $(SEC_TTY) ;
/dev/ttyp1 -> $(SEC_TTY) ;
/dev/ttyp2 -> $(SEC_TTY) ;
/dev/ttyp3 -> $(SEC_TTY) ;
/dev/ttyp4 -> $(SEC_TTY) ;
/dev/ttyp5 -> $(SEC_TTY) ;
/dev/ttyp6 -> $(SEC_TTY) ;
/dev/ttyp7 -> $(SEC_TTY) ;
/dev/ttyp8 -> $(SEC_TTY) ;
/dev/ttyp9 -> $(SEC_TTY) ;
/dev/ttypa -> $(SEC_TTY) ;
/dev/ttypb -> $(SEC_TTY) ;
/dev/ttypc -> $(SEC_TTY) ;
/dev/ttypd -> $(SEC_TTY) ;
/dev/ttype -> $(SEC_TTY) ;
/dev/ttypf -> $(SEC_TTY) ;
/dev/ttypg -> $(SEC_TTY) ;
/dev/ttyph -> $(SEC_TTY) ;
/dev/ttypi -> $(SEC_TTY) ;
/dev/ttypj -> $(SEC_TTY) ;
/dev/ttypl -> $(SEC_TTY) ;
/dev/ttypm -> $(SEC_TTY) ;
/dev/ttypn -> $(SEC_TTY) ;
/dev/ttypo -> $(SEC_TTY) ;
/dev/ttypp -> $(SEC_TTY) ;
/dev/ttypq -> $(SEC_TTY) ;
/dev/ttypr -> $(SEC_TTY) ;
/dev/ttyps -> $(SEC_TTY) ;
/dev/ttypt -> $(SEC_TTY) ;
/dev/ttypu -> $(SEC_TTY) ;
/dev/ttypv -> $(SEC_TTY) ;
/dev/cuaa0 -> $(SEC_TTY) ; # modem
}
#
# /etc
#
(
rulename = "/etc",
severity = $(SIG_HI)
)
{
/etc -> $(SEC_CRIT) (recurse = true) ;
# /etc/mail/aliases -> $(SEC_CONFIG) ;
/etc/dumpdates -> $(SEC_CONFIG) ;
/etc/motd -> $(SEC_CONFIG) ;
!/etc/ppp/connect-errors ;
/etc/skeykeys -> $(SEC_CONFIG) ;
# Uncomment the following 4 lines if your password file does not change
# /etc/passwd -> $(SEC_CONFIG) ;
# /etc/master.passwd -> $(SEC_CONFIG) ;
# /etc/pwd.db -> $(SEC_CONFIG) ;
# /etc/spwd.db -> $(SEC_CONFIG) ;
}
#
# Copatibility (Linux)
#
(
rulename = "Linux Compatibility",
severity = $(SIG_HI)
)
{
/compat -> $(SEC_CRIT) (recurse = true) ;
#
# Uncomment the following if Linux compatibility is used. Replace
# HOSTNAME1 and HOSTNAME2 with the hosts that have Linux emulation port
# installed.
#
#@@ifhost HOSTNAME1 || HOSTNAME2
# /compat/linux/etc -> $(SEC_INVARIANT) (recurse = false) ;
# /compat/linux/etc/X11 -> $(SEC_CONFIG) (recurse = true) ;
# /compat/linux/etc/pam.d -> $(SEC_CONFIG) (recurse = true) ;
# /compat/linux/etc/profile.d -> $(SEC_CONFIG) (recurse = true) ;
# /compat/linux/etc/real -> $(SEC_CONFIG) (recurse = true) ;
# /compat/linux/etc/bashrc -> $(SEC_CONFIG) ;
# /compat/linux/etc/csh.login -> $(SEC_CONFIG) ;
# /compat/linux/etc/host.conf -> $(SEC_CONFIG) ;
# /compat/linux/etc/hosts.allow -> $(SEC_CONFIG) ;
# /compat/linux/etc/hosts.deny -> $(SEC_CONFIG) ;
# /compat/linux/etc/info-dir -> $(SEC_CONFIG) ;
# /compat/linux/etc/inputrc -> $(SEC_CONFIG) ;
# /compat/linux/etc/ld.so.conf -> $(SEC_CONFIG) ;
# /compat/linux/etc/nsswitch.conf -> $(SEC_CONFIG) ;
# /compat/linux/etc/profile -> $(SEC_CONFIG) ;
# /compat/linux/etc/redhat-release -> $(SEC_CONFIG) ;
# /compat/linux/etc/rpc -> $(SEC_CONFIG) ;
# /compat/linux/etc/securetty -> $(SEC_CONFIG) ;
# /compat/linux/etc/shells -> $(SEC_CONFIG) ;
# /compat/linux/etc/termcap -> $(SEC_CONFIG) ;
# /compat/linux/etc/yp.conf -> $(SEC_CONFIG) ;
# !/compat/linux/etc/ld.so.cache ;
# !/compat/linux/var/spool/mail ;
#@@endif
}
#
# Libraries, include files, and other system files
#
(
rulename = "Libraries, include files, and other system files",
severity = $(SIG_HI)
)
{
/usr/include -> $(SEC_CRIT) (recurse = true) ;
/usr/lib -> $(SEC_CRIT) (recurse = true) ;
/usr/libdata -> $(SEC_CRIT) (recurse = true) ;
/usr/libexec -> $(SEC_CRIT) (recurse = true) ;
/usr/share -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man -> $(SEC_CONFIG) ;
!/usr/share/man/whatis ;
!/usr/share/man/.glimpse_filenames ;
!/usr/share/man/.glimpse_filenames_index ;
!/usr/share/man/.glimpse_filetimes ;
!/usr/share/man/.glimpse_filters ;
!/usr/share/man/.glimpse_index ;
!/usr/share/man/.glimpse_messages ;
!/usr/share/man/.glimpse_partitions ;
!/usr/share/man/.glimpse_statistics ;
!/usr/share/man/.glimpse_turbo ;
/usr/share/man/man1 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man2 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man3 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man4 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man5 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man6 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man7 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man8 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/man9 -> $(SEC_CRIT) (recurse = true) ;
/usr/share/man/mann -> $(SEC_CRIT) (recurse = true) ;
! /usr/share/man/cat1 ;
! /usr/share/man/cat2 ;
! /usr/share/man/cat3 ;
! /usr/share/man/cat4 ;
! /usr/share/man/cat5 ;
! /usr/share/man/cat6 ;
! /usr/share/man/cat7 ;
! /usr/share/man/cat8 ;
! /usr/share/man/cat9 ;
! /usr/share/man/catl ;
! /usr/share/man/catn ;
/usr/share/perl/man -> $(SEC_CONFIG) ;
!/usr/share/perl/man/whatis ;
!/usr/share/perl/man/.glimpse_filenames ;
!/usr/share/perl/man/.glimpse_filenames_index ;
!/usr/share/perl/man/.glimpse_filetimes ;
!/usr/share/perl/man/.glimpse_filters ;
!/usr/share/perl/man/.glimpse_index ;
!/usr/share/perl/man/.glimpse_messages ;
!/usr/share/perl/man/.glimpse_partitions ;
!/usr/share/perl/man/.glimpse_statistics ;
!/usr/share/perl/man/.glimpse_turbo ;
/usr/share/perl/man/man3 -> $(SEC_CRIT) (recurse = true) ;
! /usr/share/perl/man/cat3 ;
/usr/local/lib/perl5/5.00503/man -> $(SEC_CONFIG) ;
! /usr/local/lib/perl5/5.00503/man/whatis ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_filters ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_filetimes ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_messages ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_statistics ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_index ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_turbo ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_partitions ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_filenames ;
! /usr/local/lib/perl5/5.00503/man/.glimpse_filenames_index ;
/usr/local/lib/perl5/5.00503/man/man3 -> $(SEC_CRIT) (recurse = true) ;
! /usr/local/lib/perl5/5.00503/man/cat3 ;
}
#
# X11R6
#
(
rulename = "X11R6",
severity = $(SIG_HI)
)
{
/usr/X11R6 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/lib/X11/xdm -> $(SEC_CONFIG) (recurse = true) ;
!/usr/X11R6/lib/X11/xdm/xdm-errors ;
!/usr/X11R6/lib/X11/xdm/authdir/authfiles ;
!/usr/X11R6/lib/X11/xdm/xdm-pid ;
/usr/X11R6/lib/X11/xkb/compiled -> $(SEC_CONFIG) (recurse = true) ;
/usr/X11R6/man -> $(SEC_CONFIG) ;
!/usr/X11R6/man/whatis ;
!/usr/X11R6/man/.glimpse_filenames ;
!/usr/X11R6/man/.glimpse_filenames_index ;
!/usr/X11R6/man/.glimpse_filetimes ;
!/usr/X11R6/man/.glimpse_filters ;
!/usr/X11R6/man/.glimpse_index ;
!/usr/X11R6/man/.glimpse_messages ;
!/usr/X11R6/man/.glimpse_partitions ;
!/usr/X11R6/man/.glimpse_statistics ;
!/usr/X11R6/man/.glimpse_turbo ;
/usr/X11R6/man/man1 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man2 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man3 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man4 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man5 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man6 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man7 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man8 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/man9 -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/manl -> $(SEC_CRIT) (recurse = true) ;
/usr/X11R6/man/mann -> $(SEC_CRIT) (recurse = true) ;
! /usr/X11R6/man/cat1 ;
! /usr/X11R6/man/cat2 ;
! /usr/X11R6/man/cat3 ;
! /usr/X11R6/man/cat4 ;
! /usr/X11R6/man/cat5 ;
! /usr/X11R6/man/cat6 ;
! /usr/X11R6/man/cat7 ;
! /usr/X11R6/man/cat8 ;
! /usr/X11R6/man/cat9 ;
! /usr/X11R6/man/catl ;
! /usr/X11R6/man/catn ;
}
#
# sources
#
(
rulename = "Sources",
severity = $(SIG_HI)
)
{
/usr/src -> $(SEC_CRIT) (recurse = true) ;
/usr/src/sys/compile -> $(SEC_CONFIG) (recurse = false) ;
}
#
# NIS
#
(
rulename = "NIS",
severity = $(SIG_HI)
)
{
/var/yp -> $(SEC_CRIT) (recurse = true) ;
!/var/yp/binding ;
}
#
# Temporary directories
#
(
rulename = "Temporary directories",
recurse = false,
severity = $(SIG_LOW)
)
{
/usr/tmp -> $(SEC_INVARIANT) ;
/var/tmp -> $(SEC_INVARIANT) ;
/var/preserve -> $(SEC_INVARIANT) ;
/tmp -> $(SEC_INVARIANT) ;
}
#
# Local files
#
(
rulename = "Local files",
severity = $(SIG_MED)
)
{
/usr/local/bin -> $(SEC_BIN) (recurse = true) ;
/usr/local/sbin -> $(SEC_BIN) (recurse = true) ;
/usr/local/etc -> $(SEC_BIN) (recurse = true) ;
/usr/local/lib -> $(SEC_BIN) (recurse = true ) ;
/usr/local/libexec -> $(SEC_BIN) (recurse = true ) ;
/usr/local/share -> $(SEC_BIN) (recurse = true ) ;
/usr/local/man -> $(SEC_CONFIG) ;
!/usr/local/man/whatis ;
!/usr/local/man/.glimpse_filenames ;
!/usr/local/man/.glimpse_filenames_index ;
!/usr/local/man/.glimpse_filetimes ;
!/usr/local/man/.glimpse_filters ;
!/usr/local/man/.glimpse_index ;
!/usr/local/man/.glimpse_messages ;
!/usr/local/man/.glimpse_partitions ;
!/usr/local/man/.glimpse_statistics ;
!/usr/local/man/.glimpse_turbo ;
/usr/local/man/man1 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man2 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man3 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man4 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man5 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man6 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man7 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man8 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/man9 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/manl -> $(SEC_CRIT) (recurse = true) ;
/usr/local/man/mann -> $(SEC_CRIT) (recurse = true) ;
! /usr/local/man/cat1 ;
! /usr/local/man/cat2 ;
! /usr/local/man/cat3 ;
! /usr/local/man/cat4 ;
! /usr/local/man/cat5 ;
! /usr/local/man/cat6 ;
! /usr/local/man/cat7 ;
! /usr/local/man/cat8 ;
! /usr/local/man/cat9 ;
! /usr/local/man/catl ;
! /usr/local/man/catn ;
/usr/local/krb5 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man -> $(SEC_CONFIG) ;
!/usr/local/krb5/man/whatis ;
!/usr/local/krb5/man/.glimpse_filenames ;
!/usr/local/krb5/man/.glimpse_filenames_index ;
!/usr/local/krb5/man/.glimpse_filetimes ;
!/usr/local/krb5/man/.glimpse_filters ;
!/usr/local/krb5/man/.glimpse_index ;
!/usr/local/krb5/man/.glimpse_messages ;
!/usr/local/krb5/man/.glimpse_partitions ;
!/usr/local/krb5/man/.glimpse_statistics ;
!/usr/local/krb5/man/.glimpse_turbo ;
/usr/local/krb5/man/man1 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man2 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man3 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man4 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man5 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man6 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man7 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man8 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/man9 -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/manl -> $(SEC_CRIT) (recurse = true) ;
/usr/local/krb5/man/mann -> $(SEC_CRIT) (recurse = true) ;
! /usr/local/krb5/man/cat1 ;
! /usr/local/krb5/man/cat2 ;
! /usr/local/krb5/man/cat3 ;
! /usr/local/krb5/man/cat4 ;
! /usr/local/krb5/man/cat5 ;
! /usr/local/krb5/man/cat6 ;
! /usr/local/krb5/man/cat7 ;
! /usr/local/krb5/man/cat8 ;
! /usr/local/krb5/man/cat9 ;
! /usr/local/krb5/man/catl ;
! /usr/local/krb5/man/catn ;
/usr/local/www -> $(SEC_CONFIG) (recurse = true) ;
}
(
rulename = "Security Control",
severity = $(SIG_HI)
)
{
/etc/group -> $(SEC_CRIT) ;
/etc/crontab -> $(SEC_CRIT) ;
}
#=============================================================================
#
# Copyright 2000-2018 Tripwire, Inc. Tripwire is a registered trademark of Tripwire,
# Inc. in the United States and other countries. All rights reserved.
#
# FreeBSD is a registered trademark of the FreeBSD Project Inc.
#
# UNIX is a registered trademark of The Open Group.
#
#=============================================================================
#
# Permission is granted to make and distribute verbatim copies of this document
# provided the copyright notice and this permission notice are preserved on all
# copies.
#
# Permission is granted to copy and distribute modified versions of this
# document under the conditions for verbatim copying, provided that the entire
# resulting derived work is distributed under the terms of a permission notice
# identical to this one.
#
# Permission is granted to copy and distribute translations of this document
# into another language, under the above conditions for modified versions,
# except that this permission notice may be stated in a translation approved by
# Tripwire, Inc.
#
# DCM

140
policy/twpol-OpenBSD.txt
View File

@ -2,8 +2,8 @@
# ##
############################################################################## #
# # #
# Tripwire 2.4 policy for OpenBSD # #
# updated March 2018 # #
# Policy file for OpenBSD 3.5 # #
# May 20, 2003 # #
# ##
##############################################################################
@ -60,13 +60,13 @@ HOSTNAME=;
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
Device = +pugsdr-intlbamcCMSH ;
Dynamic = +pinugtd-srlbamcCMSH ;
Growing = +pinugtdl-srbamcCMSH ;
IgnoreAll = -pinugtsdrlbamcCMSH ;
IgnoreNone = +pinugtsdrbamcCMSH-l ;
ReadOnly = +pinugtsdbmCM-rlacSH ;
Temporary = +pugt ;
@@section FS
@ -83,10 +83,10 @@ SEC_TEMPORARY = +pugt ;
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
$(TWBIN)/siggen -> $(ReadOnly) ;
$(TWBIN)/tripwire -> $(ReadOnly) ;
$(TWBIN)/twadmin -> $(ReadOnly) ;
$(TWBIN)/twprint -> $(ReadOnly) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
@ -103,14 +103,14 @@ SEC_TEMPORARY = +pugt ;
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
$(TWDB) -> $(Dynamic) -i ;
$(TWPOL)/tw.pol -> $(ReadOnly) -i ;
$(TWPOL)/tw.cfg -> $(ReadOnly) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(ReadOnly) ;
$(TWSKEY)/site.key -> $(ReadOnly) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
$(TWREPORT) -> $(Dynamic) (recurse=0) ;
# In this configuration /usr/local is a symbolic link to /home/local.
# We want to ignore the following directories since they are already
@ -131,9 +131,9 @@ SEC_TEMPORARY = +pugt ;
rulename = "OS Boot and Configuration Files",
)
{
/boot -> $(SEC_READONLY) ;
/bsd -> $(SEC_READONLY) ;
/etc -> $(SEC_IGNORE_NONE) -SHa ;
/boot -> $(ReadOnly) ;
/bsd -> $(ReadOnly) ;
/etc -> $(IgnoreNone) -SHa ;
}
###################################################
@ -147,13 +147,13 @@ SEC_TEMPORARY = +pugt ;
rulename = "Mount Points",
)
{
/ -> $(SEC_READONLY) ;
/cdrom -> $(SEC_DYNAMIC) ;
/floppy -> $(SEC_DYNAMIC) ;
/home -> $(SEC_READONLY) ; # Modify as needed
/mnt -> $(SEC_DYNAMIC) ;
/usr -> $(SEC_READONLY) ;
/var -> $(SEC_READONLY) ;
/ -> $(ReadOnly) ;
/cdrom -> $(Dynamic) ;
/floppy -> $(Dynamic) ;
/home -> $(ReadOnly) ; # Modify as needed
/mnt -> $(Dynamic) ;
/usr -> $(ReadOnly) ;
/var -> $(ReadOnly) ;
}
###################################################
@ -167,8 +167,8 @@ SEC_TEMPORARY = +pugt ;
rulename = "Misc Top-Level Directories",
)
{
/altroot -> $(SEC_DYNAMIC) ;
/stand -> $(SEC_DYNAMIC) ;
/altroot -> $(Dynamic) ;
/stand -> $(Dynamic) ;
}
################################################
@ -182,10 +182,10 @@ SEC_TEMPORARY = +pugt ;
rulename = "System Devices",
)
{
/dev -> $(SEC_DEVICE) ;
/dev/fd -> $(SEC_DEVICE) ;
/var/cron/tabs/.sock -> $(SEC_DEVICE) ;
/var/empty/dev/log -> $(SEC_DEVICE) ;
/dev -> $(Device) ;
/dev/fd -> $(Device) ;
/var/cron/tabs/.sock -> $(Device) ;
/var/empty/dev/log -> $(Device) ;
}
################################################
@ -199,14 +199,14 @@ SEC_TEMPORARY = +pugt ;
rulename = "OS Binaries and Libraries",
)
{
/bin -> $(SEC_READONLY) ;
/sbin -> $(SEC_READONLY) ;
/usr/bin -> $(SEC_READONLY) ;
/usr/lib -> $(SEC_READONLY) ;
/usr/libexec -> $(SEC_READONLY) ;
/usr/sbin -> $(SEC_READONLY) ;
/usr/X11R6/bin -> $(SEC_READONLY) ;
/usr/X11R6/lib -> $(SEC_READONLY) ;
/bin -> $(ReadOnly) ;
/sbin -> $(ReadOnly) ;
/usr/bin -> $(ReadOnly) ;
/usr/lib -> $(ReadOnly) ;
/usr/libexec -> $(ReadOnly) ;
/usr/sbin -> $(ReadOnly) ;
/usr/X11R6/bin -> $(ReadOnly) ;
/usr/X11R6/lib -> $(ReadOnly) ;
}
################################################
# ##
@ -219,19 +219,19 @@ SEC_TEMPORARY = +pugt ;
#OKrulename = "Usr Local Files",
#OK)
#OK{
#OK/usr/local -> $(SEC_READONLY) ;
#OK/usr/local/bin -> $(SEC_READONLY) ;
#OK/usr/local/doc -> $(SEC_READONLY) ;
#OK/usr/local/etc -> $(SEC_READONLY) ;
#OK/usr/local/include -> $(SEC_READONLY) ;
#OK/usr/local/info -> $(SEC_READONLY) ;
#OK/usr/local/lib -> $(SEC_READONLY) ;
#OK/usr/local/libdata -> $(SEC_READONLY) ;
#OK/usr/local/libexec -> $(SEC_READONLY) ;
#OK/usr/local/man -> $(SEC_READONLY) ;
#OK/usr/local/sbin -> $(SEC_READONLY) ;
#OK/usr/local/share -> $(SEC_READONLY) ;
#OK/usr/local/src -> $(SEC_READONLY) ;
#OK/usr/local -> $(ReadOnly) ;
#OK/usr/local/bin -> $(ReadOnly) ;
#OK/usr/local/doc -> $(ReadOnly) ;
#OK/usr/local/etc -> $(ReadOnly) ;
#OK/usr/local/include -> $(ReadOnly) ;
#OK/usr/local/info -> $(ReadOnly) ;
#OK/usr/local/lib -> $(ReadOnly) ;
#OK/usr/local/libdata -> $(ReadOnly) ;
#OK/usr/local/libexec -> $(ReadOnly) ;
#OK/usr/local/man -> $(ReadOnly) ;
#OK/usr/local/sbin -> $(ReadOnly) ;
#OK/usr/local/share -> $(ReadOnly) ;
#OK/usr/local/src -> $(ReadOnly) ;
#OK}
################################################
@ -245,9 +245,9 @@ SEC_TEMPORARY = +pugt ;
rulename = "Root Directory and Files",
)
{
/root -> $(SEC_IGNORE_NONE) -SHa ;
/root/.cshrc -> $(SEC_DYNAMIC) ;
/root/.profile -> $(SEC_DYNAMIC) ;
/root -> $(IgnoreNone) -SHa ;
/root/.cshrc -> $(Dynamic) ;
/root/.profile -> $(Dynamic) ;
}
################################################
@ -261,8 +261,8 @@ SEC_TEMPORARY = +pugt ;
rulename = "Temporary Directories",
)
{
/tmp -> $(SEC_TEMPORARY) ;
/var/tmp -> $(SEC_TEMPORARY) ;
/tmp -> $(Temporary) ;
/var/tmp -> $(Temporary) ;
}
################################################
@ -276,15 +276,15 @@ SEC_TEMPORARY = +pugt ;
rulename = "System and Boot Changes",
)
{
/var/backups -> $(SEC_DYNAMIC) -i ;
/var/db/host.random -> $(SEC_READONLY) -mCM ;
/var/cron -> $(SEC_GROWING) -i ;
/var/log -> $(SEC_GROWING) -i ;
/var/run -> $(SEC_DYNAMIC) -i ;
/var/mail -> $(SEC_GROWING) ;
/var/msgs/bounds -> $(SEC_READONLY) -smbCM ;
/var/spool/clientmqueue -> $(SEC_TEMPORARY) ;
/var/spool/mqueue -> $(SEC_TEMPORARY) ;
/var/backups -> $(Dynamic) -i ;
/var/db/host.random -> $(ReadOnly) -mCM ;
/var/cron -> $(Growing) -i ;
/var/log -> $(Growing) -i ;
/var/run -> $(Dynamic) -i ;
/var/mail -> $(Growing) ;
/var/msgs/bounds -> $(ReadOnly) -smbCM ;
/var/spool/clientmqueue -> $(Temporary) ;
/var/spool/mqueue -> $(Temporary) ;
}
#

105
policy/twpol-SunOS.txt
View File

@ -2,8 +2,7 @@
# ##
############################################################################## #
# # #
# Tripwire 2.4 policy for Solaris # #
# updated March 2018 # #
# Policy file for Solaris 8 # #
# ##
##############################################################################
@ -62,13 +61,13 @@ HOSTNAME=;
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
Device = +pugsdr-intlbamcCMSH ;
Dynamic = +pinugtd-srlbamcCMSH ;
Growing = +pinugtdl-srbamcCMSH ;
IgnoreAll = -pinugtsdrlbamcCMSH ;
IgnoreNone = +pinugtsdrbamcCMSH-l ;
ReadOnly = +pinugtsdbmCM-rlacSH ;
Temporary = +pugt ;
@@section FS
@ -85,10 +84,10 @@ SEC_TEMPORARY = +pugt ;
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
$(TWBIN)/siggen -> $(ReadOnly) ;
$(TWBIN)/tripwire -> $(ReadOnly) ;
$(TWBIN)/twadmin -> $(ReadOnly) ;
$(TWBIN)/twprint -> $(ReadOnly) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
@ -105,14 +104,14 @@ SEC_TEMPORARY = +pugt ;
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
$(TWDB) -> $(Dynamic) -i ;
$(TWPOL)/tw.pol -> $(ReadOnly) -i ;
$(TWPOL)/tw.cfg -> $(ReadOnly) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(ReadOnly) ;
$(TWSKEY)/site.key -> $(ReadOnly) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
$(TWREPORT) -> $(Dynamic) (recurse=0) ;
# In this configuration /usr/local is a symbolic link to /home/local.
# We want to ignore the following directories since they are already
@ -133,8 +132,8 @@ SEC_TEMPORARY = +pugt ;
rulename = "OS Boot and Configuration Files",
)
{
/etc -> $(SEC_IGNORE_NONE) -SHa ;
/kernel -> $(SEC_READONLY) ;
/etc -> $(IgnoreNone) -SHa ;
/kernel -> $(ReadOnly) ;
}
###################################################
@ -148,13 +147,13 @@ SEC_TEMPORARY = +pugt ;
rulename = "Mount Points",
)
{
/ -> $(SEC_READONLY) ;
/cdrom -> $(SEC_DYNAMIC) ;
/home -> $(SEC_READONLY) ;
/mnt -> $(SEC_DYNAMIC) ;
/usr -> $(SEC_READONLY) ;
/var -> $(SEC_READONLY) ;
/opt -> $(SEC_READONLY) ;
/ -> $(ReadOnly) ;
/cdrom -> $(Dynamic) ;
/home -> $(ReadOnly) ;
/mnt -> $(Dynamic) ;
/usr -> $(ReadOnly) ;
/var -> $(ReadOnly) ;
/opt -> $(ReadOnly) ;
}
###################################################
@ -168,7 +167,7 @@ SEC_TEMPORARY = +pugt ;
rulename = "Misc Top-Level Directories",
)
{
/lost+found -> $(SEC_READONLY) ;
/lost+found -> $(ReadOnly) ;
}
################################################
@ -182,8 +181,8 @@ SEC_TEMPORARY = +pugt ;
rulename = "System Devices",
)
{
/dev -> $(SEC_DEVICE) ;
/devices -> $(SEC_DEVICE) ;
/dev -> $(Device) ;
/devices -> $(Device) ;
}
################################################
@ -197,12 +196,12 @@ SEC_TEMPORARY = +pugt ;
rulename = "OS Binaries and Libraries",
)
{
/sbin -> $(SEC_READONLY) ;
/usr/bin -> $(SEC_READONLY) ;
/usr/lib -> $(SEC_READONLY) ;
/usr/sbin -> $(SEC_READONLY) ;
/usr/openwin/bin -> $(SEC_READONLY) ;
/usr/openwin/lib -> $(SEC_READONLY) ;
/sbin -> $(ReadOnly) ;
/usr/bin -> $(ReadOnly) ;
/usr/lib -> $(ReadOnly) ;
/usr/sbin -> $(ReadOnly) ;
/usr/openwin/bin -> $(ReadOnly) ;
/usr/openwin/lib -> $(ReadOnly) ;
}
################################################
@ -217,9 +216,9 @@ SEC_TEMPORARY = +pugt ;
)
{
! /.netscape/cache ;
/.bash_history -> $(SEC_READONLY) -smbCM;
/.sh_history -> $(SEC_DYNAMIC) ;
/.Xauthority -> $(SEC_READONLY) ;
/.bash_history -> $(ReadOnly) -smbCM;
/.sh_history -> $(Dynamic) ;
/.Xauthority -> $(ReadOnly) ;
}
################################################
@ -233,8 +232,8 @@ SEC_TEMPORARY = +pugt ;
rulename = "Temporary Directories",
)
{
/tmp -> $(SEC_TEMPORARY) ;
/var/tmp -> $(SEC_TEMPORARY) ;
/tmp -> $(Temporary) ;
/var/tmp -> $(Temporary) ;
}
################################################
@ -296,17 +295,17 @@ SEC_TEMPORARY = +pugt ;
rulename = "System and Boot Changes",
)
{
/etc/.pwd.lock -> $(SEC_READONLY) -cm;
/etc/coreadm.conf -> $(SEC_READONLY) -cm;
/var/adm -> $(SEC_GROWING) -i;
#/var/backups -> $(SEC_DYNAMIC) -i ;
/var/cron/log -> $(SEC_GROWING) -i ;
#/var/db/host.random -> $(SEC_READONLY) -mCM ;
#/var/db/locate.database -> $(SEC_READONLY) -misCM ;
/var/log -> $(SEC_GROWING) -i ;
#/var/run -> $(SEC_DYNAMIC) -i ;
#/var/mail -> $(SEC_GROWING) ;
#/var/msgs/bounds -> $(SEC_READONLY) -smbCM ;
/etc/.pwd.lock -> $(ReadOnly) -cm;
/etc/coreadm.conf -> $(ReadOnly) -cm;
/var/adm -> $(Growing) -i;
#/var/backups -> $(Dynamic) -i ;
/var/cron/log -> $(Growing) -i ;
#/var/db/host.random -> $(ReadOnly) -mCM ;
#/var/db/locate.database -> $(ReadOnly) -misCM ;
/var/log -> $(Growing) -i ;
#/var/run -> $(Dynamic) -i ;
#/var/mail -> $(Growing) ;
#/var/msgs/bounds -> $(ReadOnly) -smbCM ;
!/var/sendmail ;
!/var/spool/clientmqueue ;
!/var/spool/mqueue ;

184
policy/twpol-Syllable.txt
View File

@ -1,184 +0,0 @@
###############################################################################
# ##
# Default Tripwire 2.4 Policy file for Syllable ##
# ##
###############################################################################
###############################################################################
# ##
# Global Variable Definitions ##
# ##
# These are defined at install time by the installation script. You may ##
# Manually edit these if you are using this file directly and not from the ##
# installation script itself. ##
# ##
###############################################################################
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
##############################################################################
# Predefined Variables #
##############################################################################
#
# Property Masks
#
# - ignore the following properties
# + check the following properties
#
# a access timestamp (mutually exclusive with +CMSH)
# b number of blocks allocated
# c inode creation/modification timestamp
# d ID of device on which inode resides
# g group id of owner
# i inode number
# l growing files (logfiles for example)
# m modification timestamp
# n number of links
# p permission and file mode bits
# r ID of device pointed to by inode (valid only for device objects)
# s file size
# t file type
# u user id of owner
#
# C CRC-32 hash
# H HAVAL hash
# M MD5 hash
# S SHA hash
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
@@section FS
#########################################
# ##
# Tripwire Binaries and Data Files ##
# ##
#########################################
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
}
##############################################################################
### System dir ###############################################################
#
(rulename = "System Directory",)
{
/boot/system -> $(SEC_READONLY) -a;
}
### Other bin dirs ############################################################
#
(rulename = "Binary Directories",)
{
/boot/bin -> $(SEC_READONLY) -a;
/usr/bin -> $(SEC_READONLY) -a;
/usr/local/bin -> $(SEC_READONLY) -a;
/boot/Applications -> $(SEC_READONLY) -a;
/resources/index/bin -> $(SEC_READONLY) -a;
}
(rulename = "Admin Binary Directories",)
{
/usr/local/sbin -> $(SEC_READONLY) -a;
/resources/index/sbin -> $(SEC_READONLY) -a;
/usr/local/libexec -> $(SEC_READONLY) -a;
/resources/index/libexec -> $(SEC_READONLY) -a;
}
### Other lib dirs ############################################################
#
(rulename = "Library Directories",)
{
/usr/local/lib -> $(SEC_READONLY) -a;
/resources/index/lib -> $(SEC_READONLY) -a;
}
### Other boot dirs ###########################################################
#
(rulename = "Boot Directories",)
{
/boot/boot/grub -> $(SEC_READONLY) -a;
}
### Settings ##################################################################
#
(rulename = "Settings",)
{
/boot/etc -> $(SEC_READONLY) -a;
/usr/local/etc -> $(SEC_READONLY) -a;
}
# Logs ########################################################################
#
(rulename = "Logs",)
{
/var/log -> $(SEC_GROWING) -a;
}
# Dev #########################################################################
#
(rulename = "Devices",)
{
/dev -> $(SEC_DEVICE) -a;
}
# Temp dirs #########################
#
(rulename = "Temp Directories",)
{
/boot/tmp -> $(SEC_TEMPORARY) -a;
}

183
policy/twpol-skyos.txt
View File

@ -1,183 +0,0 @@
###############################################################################
# ##
# Default Tripwire 2.4 Policy file for SkyOS ##
# ##
###############################################################################
###############################################################################
# ##
# Global Variable Definitions ##
# ##
# These are defined at install time by the installation script. You may ##
# Manually edit these if you are using this file directly and not from the ##
# installation script itself. ##
# ##
###############################################################################
@@section GLOBAL
TWROOT=;
TWBIN=;
TWPOL=;
TWDB=;
TWSKEY=;
TWLKEY=;
TWREPORT=;
HOSTNAME=;
##############################################################################
# Predefined Variables #
##############################################################################
#
# Property Masks
#
# - ignore the following properties
# + check the following properties
#
# a access timestamp (mutually exclusive with +CMSH)
# b number of blocks allocated
# c inode creation/modification timestamp
# d ID of device on which inode resides
# g group id of owner
# i inode number
# l growing files (logfiles for example)
# m modification timestamp
# n number of links
# p permission and file mode bits
# r ID of device pointed to by inode (valid only for device objects)
# s file size
# t file type
# u user id of owner
#
# C CRC-32 hash
# H HAVAL hash
# M MD5 hash
# S SHA hash
#
##############################################################################
SEC_DEVICE = +pugsdr-intlbamcCMSH ;
SEC_DYNAMIC = +pinugtd-srlbamcCMSH ;
SEC_GROWING = +pinugtdl-srbamcCMSH ;
SEC_IGNORE_ALL = -pinugtsdrlbamcCMSH ;
SEC_IGNORE_NONE = +pinugtsdrbamcCMSH-l ;
SEC_READONLY = +pinugtsdbmCM-rlacSH ;
SEC_TEMPORARY = +pugt ;
@@section FS
#########################################
# ##
# Tripwire Binaries and Data Files ##
# ##
#########################################
# Tripwire Binaries
(
rulename = "Tripwire Binaries",
)
{
$(TWBIN)/siggen -> $(SEC_READONLY) ;
$(TWBIN)/tripwire -> $(SEC_READONLY) ;
$(TWBIN)/twadmin -> $(SEC_READONLY) ;
$(TWBIN)/twprint -> $(SEC_READONLY) ;
}
# Tripwire Data Files - Configuration Files, Policy Files, Keys, Reports, Databases
(
rulename = "Tripwire Data Files",
)
{
# NOTE: We remove the inode attribute because when Tripwire creates a backup,
# it does so by renaming the old file and creating a new one (which will
# have a new inode number). Inode is left turned on for keys, which shouldn't
# ever change.
# NOTE: The first integrity check triggers this rule and each integrity check
# afterward triggers this rule until a database update is run, since the
# database file does not exist before that point.
$(TWDB) -> $(SEC_DYNAMIC) -i ;
$(TWPOL)/tw.pol -> $(SEC_READONLY) -i ;
$(TWPOL)/tw.cfg -> $(SEC_READONLY) -i ;
$(TWLKEY)/$(HOSTNAME)-local.key -> $(SEC_READONLY) ;
$(TWSKEY)/site.key -> $(SEC_READONLY) ;
# don't scan the individual reports
$(TWREPORT) -> $(SEC_DYNAMIC) (recurse=0) ;
}
##############################################################################
### System dir ###############################################################
#
(rulename = "System Directory",)
{
/boot/system -> $(SEC_READONLY) -a;
/boot/system/registry.rsm -> $(SEC_READONLY) -am;
}
(rulename = "System Files",)
{
/boot/kernel.sys -> $(SEC_READONLY) -a;
/boot/kernel.dbg -> $(SEC_READONLY) -a;
/boot/init.scr -> $(SEC_READONLY) -a;
/boot/install.sif -> $(SEC_READONLY) -a;
}
### Other bin dirs ############################################################
#
(rulename = "Binary Directories",)
{
/boot/programs -> $(SEC_READONLY) -a;
}
### Other lib dirs ############################################################
#
(rulename = "Library Directories",)
{
/usr/lib -> $(SEC_READONLY) -a;
/usr/local/lib -> $(SEC_READONLY) -a;
}
### Other boot dirs ###########################################################
#
(rulename = "Boot Directories",)
{
/boot/boot/grub -> $(SEC_READONLY) -a;
}
### Settings ##################################################################
#
(rulename = "Settings",)
{
/boot/programs/unix/etc -> $(SEC_READONLY) -a;
/usr/local/etc -> $(SEC_READONLY) -a;
}
# Logs ########################################################################
#
(rulename = "Logs",)
{
/var/log -> $(SEC_GROWING) -a;
}
# Dev #########################################################################
#
(rulename = "Devices",)
{
/dev -> $(SEC_DEVICE) -a;
/fifo -> $(SEC_DEVICE) -a;
/pty -> $(SEC_DEVICE) -as;
/systeminterface -> $(SEC_DEVICE) -a;
/umfs -> $(SEC_DEVICE) -a;
}
# Temp dirs #########################
#
(rulename = "Temp Directories",)
{
/boot/temp -> $(SEC_TEMPORARY) -a;
}

4
src/Makefile.am
View File

@ -8,7 +8,3 @@ install:
uninstall:
true
clean-local: clean-local-check
.PHONY: clean-local-check
clean-local-check:
-rm -rf test-harness/twtest

33
src/Makefile.in
View File

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.15.1 from Makefile.am.
# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2017 Free Software Foundation, Inc.
# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -282,6 +282,7 @@ pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
@ -519,7 +520,7 @@ maintainer-clean-generic:
@echo "it deletes files that may require special tools to rebuild."
clean: clean-recursive
clean-am: clean-generic clean-local mostlyclean-am
clean-am: clean-generic mostlyclean-am
distclean: distclean-recursive
-rm -f Makefile
@ -586,17 +587,16 @@ uninstall-am:
.MAKE: $(am__recursive_targets) install-am install-strip
.PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \
check-am clean clean-generic clean-local cscopelist-am ctags \
ctags-am distclean distclean-generic distclean-tags distdir \
dvi dvi-am html html-am info info-am install install-am \
install-data install-data-am install-dvi install-dvi-am \
install-exec install-exec-am install-html install-html-am \
install-info install-info-am install-man install-pdf \
install-pdf-am install-ps install-ps-am install-strip \
installcheck installcheck-am installdirs installdirs-am \
maintainer-clean maintainer-clean-generic mostlyclean \
mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \
uninstall-am
check-am clean clean-generic cscopelist-am ctags ctags-am \
distclean distclean-generic distclean-tags distdir dvi dvi-am \
html html-am info info-am install install-am install-data \
install-data-am install-dvi install-dvi-am install-exec \
install-exec-am install-html install-html-am install-info \
install-info-am install-man install-pdf install-pdf-am \
install-ps install-ps-am install-strip installcheck \
installcheck-am installdirs installdirs-am maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-generic pdf \
pdf-am ps ps-am tags tags-am uninstall uninstall-am
.PRECIOUS: Makefile
@ -607,11 +607,6 @@ install:
uninstall:
true
clean-local: clean-local-check
.PHONY: clean-local-check
clean-local-check:
-rm -rf test-harness/twtest
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

1
src/buildnum.h
View File

@ -1 +1,2 @@
#define BUILD_NUM _T("0")

17
src/core/Makefile.am
View File

@ -9,33 +9,32 @@ libcore_a_SOURCES = \
archive.cpp charutil.cpp \
cmdlineparser.cpp codeconvert.cpp core.cpp coreerrors.cpp \
corestrings.cpp crc32.cpp debug.cpp displayencoder.cpp \
displayutil.cpp epoch.cpp error.cpp errorbucketimpl.cpp errortable.cpp \
displayutil.cpp error.cpp errorbucketimpl.cpp errortable.cpp \
errorutil.cpp fileerror.cpp fileheader.cpp fsservices.cpp \
growheap.cpp hashtable.cpp haval.cpp msystem.cpp ntmbs.cpp \
refcountobj.cpp serializable.cpp serializer.cpp \
objectpool.cpp refcountobj.cpp serializable.cpp serializer.cpp \
serializerimpl.cpp serializerutil.cpp serstring.cpp \
srefcountobj.cpp srefcounttbl.cpp stdcore.cpp stringutil.cpp \
timeconvert.cpp tw_signal.cpp twlimits.cpp twlocale.cpp \
unixexcept.cpp usernotify.cpp usernotifystdout.cpp \
timebomb.cpp timeconvert.cpp tw_signal.cpp twlimits.cpp twlocale.cpp \
unixexcept.cpp usernotify.cpp usernotifystdout.cpp utf8.cpp \
wchar16.cpp
libcore_a_HEADERS = archive.h charutil.h cmdlineparser.h codeconvert.h \
core.h coreerrors.h corestrings.h crc32.h debug.h displayencoder.h \
displayutil.h epoch.h error.h errorbucket.h errorbucketimpl.h errorgeneral.h \
displayutil.h error.h errorbucket.h errorbucketimpl.h errorgeneral.h \
errortable.h errorutil.h file.h fileerror.h fileheader.h fixedfilebuf.h \
fsservices.h growheap.h hashtable.h haval.h md5.h msystem.h ntdbs.h \
ntmbs.h package.h platform.h refcountobj.h resources.h \
ntmbs.h objectpool.h package.h platform.h refcountobj.h resources.h \
serializable.h serializer.h serializerimpl.h serializerutil.h serstring.h \
sha.h srefcountobj.h srefcounttbl.h stdcore.h stringutil.h tasktimer.h \
tchar.h timeconvert.h tw_signal.h twlimits.h twlocale.h \
tchar.h timebomb.h timeconvert.h tw_signal.h twlimits.h twlocale.h \
twstringslang.h typed.h types.h unixexcept.h unixfsservices.h upperbound.h \
usernotify.h usernotifystdout.h wchar16.h
usernotify.h usernotifystdout.h utf8.h wchar16.h
libcore_a_LIBADD = @CORE_CRYPT_O@
libcore_a_DEPENDENCIES = @CORE_CRYPT_O@
DEFS = @DEFS@ # This gets rid of the -I. so AM_CPPFLAGS must be more explicit
CLEANFILES = *.gcno *.gcda
all: $(noinst_LIBRARIES)
$(AR) ru ../../lib/libtripwire.a $(libcore_a_OBJECTS) $(libcore_a_LIBADD)

44
src/core/Makefile.in
View File

@ -1,7 +1,7 @@
# Makefile.in generated by automake 1.15.1 from Makefile.am.
# Makefile.in generated by automake 1.15 from Makefile.am.
# @configure_input@
# Copyright (C) 1994-2017 Free Software Foundation, Inc.
# Copyright (C) 1994-2014 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@ -113,19 +113,20 @@ am_libcore_a_OBJECTS = file_unix.$(OBJEXT) unixfsservices.$(OBJEXT) \
archive.$(OBJEXT) charutil.$(OBJEXT) cmdlineparser.$(OBJEXT) \
codeconvert.$(OBJEXT) core.$(OBJEXT) coreerrors.$(OBJEXT) \
corestrings.$(OBJEXT) crc32.$(OBJEXT) debug.$(OBJEXT) \
displayencoder.$(OBJEXT) displayutil.$(OBJEXT) epoch.$(OBJEXT) \
error.$(OBJEXT) errorbucketimpl.$(OBJEXT) errortable.$(OBJEXT) \
displayencoder.$(OBJEXT) displayutil.$(OBJEXT) error.$(OBJEXT) \
errorbucketimpl.$(OBJEXT) errortable.$(OBJEXT) \
errorutil.$(OBJEXT) fileerror.$(OBJEXT) fileheader.$(OBJEXT) \
fsservices.$(OBJEXT) growheap.$(OBJEXT) hashtable.$(OBJEXT) \
haval.$(OBJEXT) msystem.$(OBJEXT) ntmbs.$(OBJEXT) \
refcountobj.$(OBJEXT) serializable.$(OBJEXT) \
serializer.$(OBJEXT) serializerimpl.$(OBJEXT) \
serializerutil.$(OBJEXT) serstring.$(OBJEXT) \
srefcountobj.$(OBJEXT) srefcounttbl.$(OBJEXT) \
stdcore.$(OBJEXT) stringutil.$(OBJEXT) timeconvert.$(OBJEXT) \
tw_signal.$(OBJEXT) twlimits.$(OBJEXT) twlocale.$(OBJEXT) \
unixexcept.$(OBJEXT) usernotify.$(OBJEXT) \
usernotifystdout.$(OBJEXT) wchar16.$(OBJEXT)
objectpool.$(OBJEXT) refcountobj.$(OBJEXT) \
serializable.$(OBJEXT) serializer.$(OBJEXT) \
serializerimpl.$(OBJEXT) serializerutil.$(OBJEXT) \
serstring.$(OBJEXT) srefcountobj.$(OBJEXT) \
srefcounttbl.$(OBJEXT) stdcore.$(OBJEXT) stringutil.$(OBJEXT) \
timebomb.$(OBJEXT) timeconvert.$(OBJEXT) tw_signal.$(OBJEXT) \
twlimits.$(OBJEXT) twlocale.$(OBJEXT) unixexcept.$(OBJEXT) \
usernotify.$(OBJEXT) usernotifystdout.$(OBJEXT) utf8.$(OBJEXT) \
wchar16.$(OBJEXT)
libcore_a_OBJECTS = $(am_libcore_a_OBJECTS)
AM_V_P = $(am__v_P_@AM_V@)
am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
@ -313,6 +314,7 @@ pdfdir = @pdfdir@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
@ -334,31 +336,30 @@ libcore_a_SOURCES = \
archive.cpp charutil.cpp \
cmdlineparser.cpp codeconvert.cpp core.cpp coreerrors.cpp \
corestrings.cpp crc32.cpp debug.cpp displayencoder.cpp \
displayutil.cpp epoch.cpp error.cpp errorbucketimpl.cpp errortable.cpp \
displayutil.cpp error.cpp errorbucketimpl.cpp errortable.cpp \
errorutil.cpp fileerror.cpp fileheader.cpp fsservices.cpp \
growheap.cpp hashtable.cpp haval.cpp msystem.cpp ntmbs.cpp \
refcountobj.cpp serializable.cpp serializer.cpp \
objectpool.cpp refcountobj.cpp serializable.cpp serializer.cpp \
serializerimpl.cpp serializerutil.cpp serstring.cpp \
srefcountobj.cpp srefcounttbl.cpp stdcore.cpp stringutil.cpp \
timeconvert.cpp tw_signal.cpp twlimits.cpp twlocale.cpp \
unixexcept.cpp usernotify.cpp usernotifystdout.cpp \
timebomb.cpp timeconvert.cpp tw_signal.cpp twlimits.cpp twlocale.cpp \
unixexcept.cpp usernotify.cpp usernotifystdout.cpp utf8.cpp \
wchar16.cpp
libcore_a_HEADERS = archive.h charutil.h cmdlineparser.h codeconvert.h \
core.h coreerrors.h corestrings.h crc32.h debug.h displayencoder.h \
displayutil.h epoch.h error.h errorbucket.h errorbucketimpl.h errorgeneral.h \
displayutil.h error.h errorbucket.h errorbucketimpl.h errorgeneral.h \
errortable.h errorutil.h file.h fileerror.h fileheader.h fixedfilebuf.h \
fsservices.h growheap.h hashtable.h haval.h md5.h msystem.h ntdbs.h \
ntmbs.h package.h platform.h refcountobj.h resources.h \
ntmbs.h objectpool.h package.h platform.h refcountobj.h resources.h \
serializable.h serializer.h serializerimpl.h serializerutil.h serstring.h \
sha.h srefcountobj.h srefcounttbl.h stdcore.h stringutil.h tasktimer.h \
tchar.h timeconvert.h tw_signal.h twlimits.h twlocale.h \
tchar.h timebomb.h timeconvert.h tw_signal.h twlimits.h twlocale.h \
twstringslang.h typed.h types.h unixexcept.h unixfsservices.h upperbound.h \
usernotify.h usernotifystdout.h wchar16.h
usernotify.h usernotifystdout.h utf8.h wchar16.h
libcore_a_LIBADD = @CORE_CRYPT_O@
libcore_a_DEPENDENCIES = @CORE_CRYPT_O@
CLEANFILES = *.gcno *.gcda
all: all-am
.SUFFIXES:
@ -545,7 +546,6 @@ install-strip:
mostlyclean-generic:
clean-generic:
-test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)

371
src/core/archive.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -49,15 +49,37 @@
#include "file.h"
#include "stringutil.h"
#include "corestrings.h" // for: STR_ERR2_ARCH_CRYPTO_ERR
#include "corestrings.h" // for: STR_ERR2_ARCH_CRYPTO_ERR
//=============================================================================
// Utility Functions
//=============================================================================
///////////////////////////////////////////////////////////////////////////////
// util_IsDir -- returns true if a given file is a directory
///////////////////////////////////////////////////////////////////////////////
bool util_IsDir( const TSTRING& fileName )
{
cFSStatArgs s;
try
{
iFSServices::GetInstance()->Stat( fileName, s );
}
catch( eFSServices )
{
return false;
}
return( s.mFileType == cFSStatArgs::TY_DIR );
}
//=============================================================================
// eArchiveCrypto
//=============================================================================
TSTRING eArchiveCrypto::GetMsg() const
TSTRING eArchiveCrypto::GetMsg( ) const
{
// RAD: Updated this to use new stringtable
return (mMsg + TSS_GetString(cCore, core::STR_ERR2_ARCH_CRYPTO_ERR));
return ( mMsg + TSS_GetString( cCore, core::STR_ERR2_ARCH_CRYPTO_ERR ) );
}
@ -113,25 +135,25 @@ void cArchive::ReadString(TSTRING& ret) // throw(eArchive)
{
// read in size of string
int16 size;
ReadInt16(size);
ReadInt16( size );
// create buffer for WCHAR16 string
wc16_string ws;
ws.resize(size);
ws.resize( size );
WCHAR16* pwc = (WCHAR16*)ws.data();
for (int n = 0; n < size; n++)
for( int n = 0; n < size; n++ )
{
int16 i16;
ReadInt16(i16);
ReadInt16( i16 );
*pwc++ = i16;
}
// convert WCHAR16 string to a TSTRING
ret = cStringUtil::WstrToTstr(ws);
ret = cStringUtil::WstrToTstr( ws );
}
int cArchive::ReadBlob(void* pBlob, int count)
int cArchive::ReadBlob(void* pBlob, int count)
{
return Read(pBlob, count);
}
@ -163,20 +185,20 @@ void cArchive::WriteString(TSTRING s) // throw(eArchive)
{
// convert string to a UCS2 string
wc16_string ws;
cStringUtil::Convert(ws, s); // Make convert "type-dispatched"
cStringUtil::Convert( ws, s ); // Make convert "type-dispatched"
// we assume that we can represent the size as a unsigned 16-bit number
// (we actually write it as a signed number, but we cast it)
if (ws.length() > TSS_INT16_MAX)
ThrowAndAssert(eArchiveStringTooLong());
if( ws.length() > TSS_INT16_MAX )
ThrowAndAssert( eArchiveStringTooLong() );
WriteInt16(static_cast<int16>(ws.length()));
WriteInt16( static_cast<int16>( ws.length() ) );
// write out each 16 bit character
// RAD:09/03/99 -- Optimized for performance with "const"
wc16_string::const_iterator at = ws.begin();
while (at != ws.end())
WriteInt16(*at++);
while ( at != ws.end() )
WriteInt16( *at++ );
}
@ -193,27 +215,24 @@ int32 cArchive::GetStorageSize(const TSTRING& str)
// after the length, all of the characters in the string are written as 16-bit values,
// except for the null character
//
size += (str.length() * 2);
size += ( str.length() * 2 );
return size;
}
int64 cArchive::Copy(cArchive* pFrom, int64 amt)
{
enum
{
BUF_SIZE = 2048
};
int8 buf[BUF_SIZE];
int64 amtLeft = amt;
enum { BUF_SIZE = 2048 };
int8 buf[BUF_SIZE];
int64 amtLeft = amt;
while (amtLeft > 0)
while(amtLeft > 0)
{
int64 amtToRead = amtLeft > (int64)BUF_SIZE ? (int64)BUF_SIZE : amtLeft;
int64 amtRead = pFrom->ReadBlob(buf, static_cast<int>(amtToRead));
int64 amtRead = pFrom->ReadBlob(buf, static_cast<int>( amtToRead ) );
amtLeft -= amtRead;
WriteBlob(buf, static_cast<int>(amtRead));
if (amtRead < amtToRead)
WriteBlob(buf, static_cast<int>( amtRead ) );
if(amtRead < amtToRead)
break;
}
@ -227,7 +246,7 @@ int64 cArchive::Copy(cArchive* pFrom, int64 amt)
cMemMappedArchive::cMemMappedArchive()
{
mpMappedMem = 0;
mpMappedMem = 0;
mMappedOffset = 0;
mMappedLength = 0;
}
@ -272,13 +291,13 @@ void cMemMappedArchive::SetNewMap(void* pMap, int64 offset, int64 length) const
{
if (pMap == 0)
{
mpMappedMem = 0;
mpMappedMem = 0;
mMappedOffset = 0;
mMappedLength = 0;
}
else
{
mpMappedMem = pMap;
mpMappedMem = pMap;
mMappedOffset = offset;
mMappedLength = length;
}
@ -291,13 +310,14 @@ void cMemMappedArchive::SetNewMap(void* pMap, int64 offset, int64 length) const
// mapped.
///////////////////////////////////////////////////////////////////////////////
cMemoryArchive::cMemoryArchive(int maxSize) : mMaxAllocatedLen(maxSize)
cMemoryArchive::cMemoryArchive(int maxSize)
: mMaxAllocatedLen(maxSize)
{
ASSERT(maxSize > 0);
mpMemory = 0;
mpMemory = 0;
mAllocatedLen = 0;
mLogicalSize = 0;
mReadHead = 0;
mLogicalSize = 0;
mReadHead = 0;
}
cMemoryArchive::~cMemoryArchive()
@ -323,15 +343,13 @@ void cMemoryArchive::Seek(int64 offset, SeekFrom from) // throw(eArchive)
offset = mLogicalSize + (int)offset;
break;
default:
ThrowAndAssert(eArchiveSeek(TSS_GetString(cCore, core::STR_MEMARCHIVE_FILENAME),
TSS_GetString(cCore, core::STR_MEMARCHIVE_ERRSTR)));
ThrowAndAssert(eArchiveSeek(TSS_GetString( cCore, core::STR_MEMARCHIVE_FILENAME), TSS_GetString( cCore, core::STR_MEMARCHIVE_ERRSTR)));
}
if (offset > mLogicalSize)
ThrowAndAssert(eArchiveSeek(TSS_GetString(cCore, core::STR_MEMARCHIVE_FILENAME),
TSS_GetString(cCore, core::STR_MEMARCHIVE_ERRSTR)));
ThrowAndAssert(eArchiveSeek(TSS_GetString( cCore, core::STR_MEMARCHIVE_FILENAME), TSS_GetString( cCore, core::STR_MEMARCHIVE_ERRSTR)));
mReadHead = static_cast<int>(offset);
mReadHead = static_cast<int>( offset );
}
int64 cMemoryArchive::CurrentPos() const
@ -354,8 +372,8 @@ void cMemoryArchive::Truncate()
void cMemoryArchive::MapArchive(int64 offset, int64 len) // throw(eArchive)
{
if (offset + (int)len > mLogicalSize)
AllocateMemory(static_cast<int>(offset + len));
if ( offset + (int)len > mLogicalSize )
AllocateMemory( static_cast<int>( offset + len ) );
SetNewMap(mpMemory + offset, offset, len);
}
@ -403,12 +421,12 @@ void cMemoryArchive::AllocateMemory(int len) // throw(eArchive)
{
// grow the buffer
// only error if we are in debug mode
#ifdef DEBUG
#ifdef _DEBUG
if (len > mMaxAllocatedLen)
ThrowAndAssert(eArchiveOutOfMem());
#endif
if (0 == mAllocatedLen)
if( 0 == mAllocatedLen )
mAllocatedLen = MIN_ALLOCATED_SIZE;
while (mAllocatedLen < len)
@ -420,7 +438,7 @@ void cMemoryArchive::AllocateMemory(int len) // throw(eArchive)
memcpy(pNewMem, mpMemory, mLogicalSize);
delete [] mpMemory;
}
mpMemory = pNewMem;
mpMemory = pNewMem;
mLogicalSize = len;
// update memory map if there is one
@ -440,7 +458,7 @@ void cMemoryArchive::AllocateMemory(int len) // throw(eArchive)
ASSERT(mpMemory);
memcpy(pNewMem, mpMemory, len);
delete [] mpMemory;
mpMemory = pNewMem;
mpMemory = pNewMem;
mLogicalSize = len;
// update memory map if there is one
@ -468,27 +486,33 @@ public:
//-----------------------------------------------------------------------------
// cFixedMemArchive
//-----------------------------------------------------------------------------
cFixedMemArchive::cFixedMemArchive() : mpMemory(0), mSize(0), mReadHead(0)
cFixedMemArchive::cFixedMemArchive()
: mpMemory (0),
mSize (0),
mReadHead (0)
{
}
cFixedMemArchive::cFixedMemArchive(int8* pMem, int32 size) : mpMemory(0), mSize(0), mReadHead(0)
cFixedMemArchive::cFixedMemArchive( int8* pMem, int32 size )
: mpMemory (0),
mSize (0),
mReadHead (0)
{
Attach(pMem, size);
Attach( pMem, size );
}
cFixedMemArchive::~cFixedMemArchive()
{
}
void cFixedMemArchive::Attach(int8* pMem, int32 size)
void cFixedMemArchive::Attach( int8* pMem, int32 size )
{
mpMemory = pMem;
mSize = size;
mReadHead = 0;
mpMemory = pMem;
mSize = size;
mReadHead = 0;
}
void cFixedMemArchive::Seek(int64 offset, SeekFrom from) // throw(eArchive)
void cFixedMemArchive::Seek(int64 offset, SeekFrom from) // throw(eArchive)
{
switch (from)
{
@ -501,15 +525,13 @@ void cFixedMemArchive::Seek(int64 offset, SeekFrom from) // throw(eArchive)
offset = mSize + (int)offset;
break;
default:
ThrowAndAssert(eArchiveSeek(TSS_GetString(cCore, core::STR_MEMARCHIVE_FILENAME),
TSS_GetString(cCore, core::STR_MEMARCHIVE_ERRSTR)));
ThrowAndAssert(eArchiveSeek(TSS_GetString( cCore, core::STR_MEMARCHIVE_FILENAME), TSS_GetString( cCore, core::STR_MEMARCHIVE_ERRSTR)));
}
if (offset > mSize)
ThrowAndAssert(eArchiveSeek(TSS_GetString(cCore, core::STR_MEMARCHIVE_FILENAME),
TSS_GetString(cCore, core::STR_MEMARCHIVE_ERRSTR)));
ThrowAndAssert(eArchiveSeek(TSS_GetString( cCore, core::STR_MEMARCHIVE_FILENAME), TSS_GetString( cCore, core::STR_MEMARCHIVE_ERRSTR)));
mReadHead = static_cast<int32>(offset);
mReadHead = static_cast<int32>( offset );
}
int64 cFixedMemArchive::CurrentPos() const
@ -527,12 +549,12 @@ bool cFixedMemArchive::EndOfFile()
return (mReadHead >= mSize);
}
int cFixedMemArchive::Read(void* pDest, int count) // throw(eArchive)
int cFixedMemArchive::Read(void* pDest, int count) // throw(eArchive)
{
ASSERT(pDest);
ASSERT( pDest );
if (mReadHead + count > mSize)
{
count = static_cast<int>(mSize - mReadHead);
count = static_cast<int>( mSize - mReadHead );
if (count <= 0)
return 0;
}
@ -545,11 +567,11 @@ int cFixedMemArchive::Read(void* pDest, int count) // throw(eArchive)
return count;
}
int cFixedMemArchive::Write(const void* pDest, int count) // throw(eArchive)
int cFixedMemArchive::Write(const void* pDest, int count) // throw(eArchive)
{
if (mReadHead + count > mSize)
{
ASSERT(false);
ASSERT( false );
throw eArchiveWrite();
}
@ -566,9 +588,11 @@ int cFixedMemArchive::Write(const void* pDest, int count) // throw(eArchive)
///////////////////////////////////////////////////////////////////////////////
//Ctor -- Initialize member variables to 0 or NULL equivalents.
cFileArchive::cFileArchive() : mFileSize(0), mReadHead(0), isWritable(false)
{
}
cFileArchive::cFileArchive() :
mFileSize(0),
mReadHead(0),
isWritable(false)
{}
cFileArchive::~cFileArchive()
{
@ -576,14 +600,14 @@ cFileArchive::~cFileArchive()
bool cFileArchive::EndOfFile()
{
return (mReadHead >= mFileSize);
return ( mReadHead >= mFileSize );
}
////////////////////////////////////////////////////////////////////////
// Seek -- This is where the actual offset is performed. The default
// for each archive will be 0.
/////////////////////////////////////////////////////////////////////////
void cFileArchive::Seek(int64 offset, SeekFrom from) // throw(eArchive)
void cFileArchive::Seek( int64 offset, SeekFrom from) // throw(eArchive)
{
try
{
@ -598,19 +622,19 @@ void cFileArchive::Seek(int64 offset, SeekFrom from) // throw(eArchive)
offset = mFileSize + offset;
break;
default:
throw eArchiveSeek(mCurrentFilename, iFSServices::GetInstance()->GetErrString());
throw eArchiveSeek( mCurrentFilename, iFSServices::GetInstance()->GetErrString() ) ;
}
if (offset > mFileSize)
throw eArchiveSeek(mCurrentFilename, iFSServices::GetInstance()->GetErrString());
if ( offset > mFileSize )
throw eArchiveSeek( mCurrentFilename, iFSServices::GetInstance()->GetErrString() ) ;
mReadHead = offset;
mCurrentFile.Seek(mReadHead, cFile::SEEK_BEGIN);
//This is where the actual read/writehead is set!!
} //try
catch (eFile& fileError)
//This is where the actual read/writehead is set!!
}//try
catch( eFile& fileError )
{
throw(eArchiveSeek(mCurrentFilename, fileError.GetDescription()));
throw( eArchiveSeek( mCurrentFilename, fileError.GetDescription() ) );
}
}
@ -628,9 +652,9 @@ int64 cFileArchive::Length(void) const
{
return mCurrentFile.GetSize();
}
catch (eFile& fileError)
catch(eFile& fileError)
{
throw(eArchiveSeek(mCurrentFilename, fileError.GetDescription()));
throw( eArchiveSeek( mCurrentFilename, fileError.GetDescription() ) );
}
}
@ -643,22 +667,22 @@ void cFileArchive::OpenRead(const TCHAR* filename, uint32 openFlags)
{
// set up open flags
uint32 flags = cFile::OPEN_READ;
flags |= ((openFlags & FA_OPEN_TRUNCATE) ? cFile::OPEN_TRUNCATE : 0);
flags |= ((openFlags & FA_OPEN_TEXT) ? cFile::OPEN_TEXT : 0);
flags |= ((openFlags & FA_SCANNING) ? cFile::OPEN_SCANNING : 0);
flags |= ((openFlags & FA_DIRECT) ? cFile::OPEN_DIRECT : 0);
flags |= ( ( openFlags & FA_OPEN_TRUNCATE ) ? cFile::OPEN_TRUNCATE : 0 );
flags |= ( ( openFlags & FA_OPEN_TEXT ) ? cFile::OPEN_TEXT : 0 );
flags |= ( ( openFlags & FA_SCANNING ) ? cFile::OPEN_SCANNING : 0 );
flags |= ( ( openFlags & FA_DIRECT ) ? cFile::OPEN_DIRECT : 0 );
mOpenFlags = openFlags;
mOpenFlags = openFlags;
mCurrentFilename = filename;
mCurrentFile.Open(filename, flags);
mCurrentFile.Open( filename, flags );
isWritable = false;
mFileSize = mCurrentFile.GetSize();
mReadHead = mCurrentFile.Seek(0, cFile::SEEK_BEGIN);
mFileSize = mCurrentFile.GetSize();
mReadHead = mCurrentFile.Seek( 0, cFile::SEEK_BEGIN );
}
catch (eFile& fileError)
catch(eFile& fileError)
{
throw(eArchiveOpen(mCurrentFilename, fileError.GetDescription()));
throw(eArchiveOpen( mCurrentFilename, fileError.GetDescription() ) );
}
}
@ -671,22 +695,22 @@ void cFileArchive::OpenReadWrite(const TCHAR* filename, uint32 openFlags)
{
// set up open flags
uint32 flags = cFile::OPEN_WRITE;
flags |= ((openFlags & FA_OPEN_TRUNCATE) ? cFile::OPEN_TRUNCATE : 0);
flags |= ((openFlags & FA_OPEN_TEXT) ? cFile::OPEN_TEXT : 0);
flags |= ((openFlags & FA_SCANNING) ? cFile::OPEN_SCANNING : 0);
flags |= ((openFlags & FA_DIRECT) ? cFile::OPEN_DIRECT : 0);
flags |= ( ( openFlags & FA_OPEN_TRUNCATE ) ? cFile::OPEN_TRUNCATE : 0 );
flags |= ( ( openFlags & FA_OPEN_TEXT ) ? cFile::OPEN_TEXT : 0 );
flags |= ( ( openFlags & FA_SCANNING ) ? cFile::OPEN_SCANNING : 0 );
flags |= ( ( openFlags & FA_DIRECT ) ? cFile::OPEN_DIRECT : 0 );
mOpenFlags = openFlags;
mOpenFlags = openFlags;
mCurrentFilename = filename;
mCurrentFile.Open(filename, flags);
mCurrentFile.Open( filename, flags );
isWritable = true;
mFileSize = mCurrentFile.GetSize();
mReadHead = mCurrentFile.Seek(0, cFile::SEEK_BEGIN);
mReadHead = mCurrentFile.Seek( 0, cFile::SEEK_BEGIN );
}
catch (eFile& fileError)
catch(eFile& fileError)
{
throw(eArchiveOpen(mCurrentFilename, fileError.GetDescription()));
throw( eArchiveOpen( mCurrentFilename, fileError.GetDescription() ) );
}
}
@ -707,14 +731,14 @@ void cFileArchive::Close()
try
{
mCurrentFile.Close();
mFileSize = 0;
mReadHead = 0;
mFileSize = 0;
mReadHead = 0;
mCurrentFilename = _T("");
}
catch (eFile& fileError)
catch(eFile& fileError)
{
throw(eArchive(mCurrentFilename, fileError.GetDescription()));
throw( eArchive( mCurrentFilename, fileError.GetDescription() ) );
}
}
@ -727,42 +751,43 @@ int cFileArchive::Read(void* pDest, int count)
try
{
if (mReadHead + count > mFileSize && !(mOpenFlags & FA_DIRECT))
count = static_cast<int>(mFileSize - mReadHead);
if ( mReadHead + count > mFileSize && !(mOpenFlags & FA_DIRECT))
count = static_cast<int>( mFileSize - mReadHead );
if (pDest != NULL)
if ( pDest != NULL )
{
int nbRead = static_cast<int>(mCurrentFile.Read(pDest, count));
int nbRead =
static_cast<int>( mCurrentFile.Read( pDest, count ) );
// 'count' may not be equal to 'nbRead' if the file is open in
// text mode.
count = nbRead;
if (count < 0)
count = 0;
if(count < 0) count = 0;
}
else
{
int i;
int i;
int32 dummy;
for (i = count;; i -= sizeof(int32))
for (i = count; ; i -= sizeof(int32))
{
if (i < (int)sizeof(int32))
{
if (i > 0)
mCurrentFile.Read(&dummy, i);
mCurrentFile.Read( &dummy, i );
break;
}
mCurrentFile.Read(&dummy, i);
mCurrentFile.Read( &dummy, i );
}
}
mReadHead += count;
return count;
}
catch (eFile& fileError)
catch( eFile& fileError )
{
throw(eArchiveRead(mCurrentFilename, fileError.GetDescription()));
throw( eArchiveRead( mCurrentFilename, fileError.GetDescription() ) );
}
}
/////////////////////////////////////////////////////////////////////////
@ -774,35 +799,35 @@ int cFileArchive::Write(const void* pDest, int count) // throw(eArchive)
try
{
int64 actual_count = 0;
ASSERT(mCurrentFile.isWritable);
ASSERT( mCurrentFile.isWritable );
actual_count = mCurrentFile.Write(pDest, count);
actual_count = mCurrentFile.Write( pDest, count );
if (actual_count < count)
if ( actual_count < count )
{
//Disk full??
throw eArchiveWrite(mCurrentFilename, iFSServices::GetInstance()->GetErrString());
throw eArchiveWrite( mCurrentFilename, iFSServices::GetInstance()->GetErrString() ) ;
}
// increment the read/write head
mReadHead += actual_count;
// increase the size, if needed
if (mReadHead > mFileSize)
if( mReadHead > mFileSize )
{
#if 0 // IS_SUNPRO \
// These two lines seem to be all there is between code that crashes and code that works for sunpro
#if 0 // IS_SUNPRO
// These two lines seem to be all there is between code that crashes and code that works for sunpro
cDebug d("cFileArchive::Write()");
d.TraceDebug(_T("file(%s) adjusted mFileSize = %d mReadHead = %d\n"), mCurrentFilename.c_str(), (int)mFileSize, (int)mReadHead);
#endif
#endif
mFileSize = mReadHead;
}
return (int)actual_count;
}
catch (eFile& fileError)
catch( eFile& fileError )
{
throw(eArchiveWrite(mCurrentFilename, fileError.GetDescription()));
throw( eArchiveWrite( mCurrentFilename, fileError.GetDescription() ) );
}
}
@ -812,90 +837,89 @@ int cFileArchive::Write(const void* pDest, int count) // throw(eArchive)
/////////////////////////////////////////////////////////////////////////
void cFileArchive::Truncate() // throw(eArchive)
{
ASSERT(mCurrentFile.IsOpen());
ASSERT(mCurrentFile.isWritable);
ASSERT( mCurrentFile.IsOpen() );
ASSERT( mCurrentFile.isWritable );
try
{
mCurrentFile.Truncate(mReadHead);
mCurrentFile.Truncate ( mReadHead );
}
catch (eFile& fileError)
catch( eFile& fileError )
{
//TODO: create an error number for truncate...
throw(eArchiveWrite(mCurrentFilename, fileError.GetDescription()));
throw( eArchiveWrite( mCurrentFilename, fileError.GetDescription() ) );
}
mFileSize = mReadHead;
}
/////////////////////////////////////////////////////////////////////////
// OpenReadWrite -- Opens the file to be read or written to
//
// since we'll never open an existing file, the truncateFile flag is unnecessary.
/////////////////////////////////////////////////////////////////////////
void cLockedTemporaryFileArchive::OpenReadWrite(const TCHAR* filename, uint32 openFlags)
void cLockedTemporaryFileArchive::OpenReadWrite( const TCHAR* filename, uint32 openFlags )
{
TSTRING strTempFile;
TSTRING strTempFile;
try
{
try {
ASSERT(!mCurrentFile.IsOpen()); // shouldn't be able to create a new file when we're already open
if (mCurrentFile.IsOpen())
throw(eArchive(mCurrentFilename, _T("Internal Error")));
ASSERT( !mCurrentFile.IsOpen() ); // shouldn't be able to create a new file when we're already open
if ( mCurrentFile.IsOpen() )
throw( eArchive( mCurrentFilename, _T("Internal Error") ) );
///////////////////////////////////////////////////////////////////////////////
// if filename is NULL, create a temp file for the caller
if (filename == NULL)
{
try
{
iFSServices::GetInstance()->GetTempDirName(strTempFile);
strTempFile += _T("twtempXXXXXX");
iFSServices::GetInstance()->MakeTempFilename(strTempFile);
}
catch (eFSServices& fileError)
{
TSTRING errStr = TSS_GetString(cCore, core::STR_BAD_TEMPDIRECTORY);
throw eArchiveOpen(strTempFile, errStr);
}
}
///////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////
// if filename is NULL, create a temp file for the caller
if( filename == NULL )
{
try
{
iFSServices::GetInstance()->GetTempDirName( strTempFile );
strTempFile += _T("twtempXXXXXX");
iFSServices::GetInstance()->MakeTempFilename( strTempFile );
}
catch( eFSServices& fileError)
{
TSTRING errStr = TSS_GetString( cCore, core::STR_BAD_TEMPDIRECTORY );
throw eArchiveOpen(strTempFile, errStr);
}
}
///////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////
// create file
///////////////////////////////////////////////////////////////////////////////
// create file
// set up flags
uint32 flags = cFile::OPEN_WRITE | cFile::OPEN_LOCKED_TEMP | cFile::OPEN_CREATE | cFile::OPEN_EXCLUSIVE;
if (openFlags & FA_OPEN_TRUNCATE)
flags |= cFile::OPEN_TRUNCATE;
if (openFlags & FA_OPEN_TEXT)
flags |= cFile::OPEN_TEXT;
// set up flags
uint32 flags = cFile::OPEN_WRITE | cFile::OPEN_LOCKED_TEMP | cFile::OPEN_CREATE | cFile::OPEN_EXCLUSIVE;
if ( openFlags & FA_OPEN_TRUNCATE )
flags |= cFile::OPEN_TRUNCATE;
if ( openFlags & FA_OPEN_TEXT )
flags |= cFile::OPEN_TEXT;
// open file
mCurrentFilename = filename ? filename : strTempFile.c_str();
mCurrentFile.Open(mCurrentFilename, flags);
// open file
mCurrentFilename = filename ? filename : strTempFile.c_str();
mCurrentFile.Open( mCurrentFilename, flags );
isWritable = true;
mFileSize = mCurrentFile.GetSize();
mReadHead = mCurrentFile.Seek(0, cFile::SEEK_BEGIN);
isWritable = true;
mFileSize = mCurrentFile.GetSize();
mReadHead = mCurrentFile.Seek( 0, cFile::SEEK_BEGIN );
#if 0 // IS_SUNPRO
cDebug d("cLockedTemporaryFileArchive::OpenReadWrite()");
d.TraceDebug(_T("file(%s) set mFileSize to %d mReadHead to %d\n"), mCurrentFilename.c_str(), (int)mFileSize, (int)mReadHead);
#endif
} //try
catch (eFile& fileError)
{
TSTRING errStr = TSS_GetString(cCore, core::STR_BAD_TEMPDIRECTORY);
eArchiveOpen e(strTempFile, errStr);
throw e;
}
}//try
catch (eFile& fileError) {
TSTRING errStr = TSS_GetString( cCore, core::STR_BAD_TEMPDIRECTORY );
eArchiveOpen e(strTempFile, errStr);
throw e;
}
///////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////
}
/////////////////////////////////////////////////////////////////////////
@ -905,3 +929,4 @@ void cLockedTemporaryFileArchive::Close()
// Note: this deletes the file as well
cFileArchive::Close();
}

260
src/core/archive.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -56,24 +56,24 @@
//=============================================================================
// eArchive exception classes
//=============================================================================
TSS_FILE_EXCEPTION(eArchive, eFileError);
TSS_FILE_EXCEPTION(eArchiveOpen, eArchive);
TSS_FILE_EXCEPTION(eArchiveWrite, eArchive);
TSS_FILE_EXCEPTION(eArchiveRead, eArchive);
TSS_FILE_EXCEPTION(eArchiveEOF, eArchive);
TSS_FILE_EXCEPTION(eArchiveSeek, eArchive);
TSS_FILE_EXCEPTION(eArchiveMemmap, eArchive);
TSS_FILE_EXCEPTION(eArchiveOutOfMem, eArchive);
TSS_FILE_EXCEPTION(eArchiveInvalidOp, eArchive);
TSS_FILE_EXCEPTION(eArchiveFormat, eArchive);
TSS_FILE_EXCEPTION(eArchiveNotRegularFile, eArchive);
TSS_BEGIN_EXCEPTION(eArchiveCrypto, eArchive)
TSS_FILE_EXCEPTION( eArchive, eFileError );
TSS_FILE_EXCEPTION( eArchiveOpen, eArchive );
TSS_FILE_EXCEPTION( eArchiveWrite, eArchive );
TSS_FILE_EXCEPTION( eArchiveRead, eArchive );
TSS_FILE_EXCEPTION( eArchiveEOF, eArchive );
TSS_FILE_EXCEPTION( eArchiveSeek, eArchive );
TSS_FILE_EXCEPTION( eArchiveMemmap, eArchive );
TSS_FILE_EXCEPTION( eArchiveOutOfMem, eArchive );
TSS_FILE_EXCEPTION( eArchiveInvalidOp, eArchive );
TSS_FILE_EXCEPTION( eArchiveFormat, eArchive );
TSS_FILE_EXCEPTION( eArchiveNotRegularFile, eArchive );
TSS_BEGIN_EXCEPTION( eArchiveCrypto, eArchive )
virtual TSTRING GetMsg() const;
// eCryptoArchive appends a special string to the end of
// all exception messages
virtual TSTRING GetMsg() const;
// eCryptoArchive appends a special string to the end of
// all exception messages
TSS_END_EXCEPTION()
TSS_EXCEPTION(eArchiveStringTooLong, eArchive);
TSS_EXCEPTION( eArchiveStringTooLong, eArchive );
// throw( eArchiveOpen( cErrorUtil::MakeFileError( fileError.GetMsg(), strTempFile ) ) );
@ -85,9 +85,7 @@ TSS_EXCEPTION(eArchiveStringTooLong, eArchive);
class cArchive
{
public:
virtual ~cArchive()
{
}
virtual ~cArchive() {}
// convenience methods
//
@ -103,24 +101,24 @@ public:
// All write functions throw exceptions for unexpected events like
// running out of memory or disk space.
//
void ReadInt16(int16& ret); // throw(eArchive)
void ReadInt32(int32& ret); // throw(eArchive)
void ReadInt64(int64& ret); // throw(eArchive)
void ReadString(TSTRING& ret); // throw(eArchive)
int ReadBlob(void* pBlob, int count);
void WriteInt16(int16 i); // throw(eArchive)
void WriteInt32(int32 i); // throw(eArchive)
void WriteInt64(int64 i); // throw(eArchive)
void WriteString(TSTRING s); // throw(eArchive)
void WriteBlob(const void* pBlob, int count); // throw(eArchive)
void ReadInt16(int16& ret); // throw(eArchive)
void ReadInt32(int32& ret); // throw(eArchive)
void ReadInt64(int64& ret); // throw(eArchive)
void ReadString(TSTRING& ret); // throw(eArchive)
int ReadBlob(void* pBlob, int count);
void WriteInt16(int16 i); // throw(eArchive)
void WriteInt32(int32 i); // throw(eArchive)
void WriteInt64(int64 i); // throw(eArchive)
void WriteString(TSTRING s); // throw(eArchive)
void WriteBlob(const void* pBlob, int count); // throw(eArchive)
static int32 GetStorageSize(const TSTRING& str);
// this method calculates how many bytes the given string will take up in the archive and returns
// that value
// NOTE -- if the implementation of ReadString() or WriteString() ever changes, this method will also
// need to change.
// this method calculates how many bytes the given string will take up in the archive and returns
// that value
// NOTE -- if the implementation of ReadString() or WriteString() ever changes, this method will also
// need to change.
int64 Copy(cArchive* pFrom, int64 amt); // throw(eArchive)
int64 Copy(cArchive* pFrom, int64 amt); // throw(eArchive)
// this method copies amt bytes from pFrom to itself, throwing an eArchive if anything goes wrong.
// only makes sense to call for reading archives
@ -128,7 +126,7 @@ public:
protected:
// overrides
virtual int Read(void* pDest, int count) = 0;
virtual int Read(void* pDest, int count) = 0;
virtual int Write(const void* pDest, int count) = 0; // throw(eArchive);
};
@ -139,16 +137,15 @@ protected:
class cBidirArchive : public cArchive
{
public:
enum SeekFrom
{
enum SeekFrom {
BEGINNING = 0,
CURRENT = 1,
END = -1
CURRENT = 1,
END = -1
};
virtual void Seek(int64 offset, SeekFrom from) = 0; // throw(eArchive);
virtual int64 CurrentPos() const = 0;
virtual int64 Length() const = 0;
virtual void Seek(int64 offset, SeekFrom from) = 0; // throw(eArchive);
virtual int64 CurrentPos() const = 0;
virtual int64 Length() const = 0;
};
///////////////////////////////////////////////////////////////////////////////
@ -158,30 +155,29 @@ public:
class cMemMappedArchive : public cBidirArchive
{
public:
enum
{
enum {
MAP_TO_EOF = -1
};
cMemMappedArchive();
virtual ~cMemMappedArchive();
virtual void MapArchive(int64 offset, int64 len) = 0; // throw(eArchive);
virtual void MapArchive(int64 offset, int64 len) const = 0; // throw(eArchive);
virtual void MapArchive(int64 offset, int64 len) = 0; // throw(eArchive);
virtual void MapArchive(int64 offset, int64 len) const = 0; // throw(eArchive);
// the const version of MapArchive() does not allow the archive to grow in size
int64 GetMappedOffset() const; // throw(eArchive)
int64 GetMappedLength() const; // throw(eArchive)
void* GetMap(); // throw(eArchive)
const void* GetMap() const;
int64 GetMappedOffset() const; // throw(eArchive)
int64 GetMappedLength() const; // throw(eArchive)
void* GetMap(); // throw(eArchive)
const void* GetMap() const;
protected:
mutable void* mpMappedMem;
mutable int64 mMappedOffset;
mutable int64 mMappedLength;
mutable void* mpMappedMem;
mutable int64 mMappedOffset;
mutable int64 mMappedLength;
// call in derived class to set above vars
void SetNewMap(void* pMap, int64 offset, int64 length) const;
void SetNewMap(void* pMap, int64 offset, int64 length) const;
};
///////////////////////////////////////////////////////////////////////////////
@ -197,30 +193,27 @@ public:
cMemoryArchive(int maxSize = 0x8000000); // default max size == 128MB
~cMemoryArchive();
virtual bool EndOfFile();
virtual void Seek(int64 offset, SeekFrom from); // throw(eArchive)
virtual int64 CurrentPos() const;
virtual int64 Length() const;
virtual void MapArchive(int64 offset, int64 len); // throw(eArchive)
virtual void MapArchive(int64 offset, int64 len) const; // throw(eArchive)
virtual bool EndOfFile();
virtual void Seek(int64 offset, SeekFrom from); // throw(eArchive)
virtual int64 CurrentPos() const;
virtual int64 Length() const;
virtual void MapArchive(int64 offset, int64 len); // throw(eArchive)
virtual void MapArchive(int64 offset, int64 len) const; // throw(eArchive)
void Truncate(); // set the length to the current pos
void Truncate(); // set the length to the current pos
int8* GetMemory() const
{
return mpMemory;
}
int8* GetMemory() const { return mpMemory; }
protected:
int8* mpMemory;
int mAllocatedLen;
int mMaxAllocatedLen;
int mLogicalSize;
int mReadHead;
int8* mpMemory;
int mAllocatedLen;
int mMaxAllocatedLen;
int mLogicalSize;
int mReadHead;
virtual int Read(void* pDest, int count);
virtual int Write(const void* pDest, int count); // throw(eArchive)
virtual void AllocateMemory(int len); // throw(eArchive)
virtual int Read(void* pDest, int count);
virtual int Write(const void* pDest, int count); // throw(eArchive)
virtual void AllocateMemory(int len); // throw(eArchive)
};
///////////////////////////////////////////////////////////////////////////////
@ -231,31 +224,30 @@ class cFixedMemArchive : public cBidirArchive
{
public:
cFixedMemArchive();
cFixedMemArchive(int8* pMem, int32 size);
cFixedMemArchive( int8* pMem, int32 size );
virtual ~cFixedMemArchive();
void Attach(int8* pMem, int32 size);
// this method associates the archive with pMem and sets the size of the
// archive. Unlike cMemoryArchive, this may never grow or shrink in size.
void Attach( int8* pMem, int32 size );
// this method associates the archive with pMem and sets the size of the
// archive. Unlike cMemoryArchive, this may never grow or shrink in size.
//-----------------------------------
// cBidirArchive interface
//-----------------------------------
virtual void Seek(int64 offset, SeekFrom from); // throw(eArchive);
virtual int64 CurrentPos() const;
virtual int64 Length() const;
virtual bool EndOfFile();
virtual void Seek (int64 offset, SeekFrom from) ; // throw(eArchive);
virtual int64 CurrentPos () const ;
virtual int64 Length () const ;
virtual bool EndOfFile();
protected:
//-----------------------------------
// cArchive interface
//-----------------------------------
virtual int Read(void* pDest, int count); // throw(eArchive)
virtual int Write(const void* pDest, int count); // throw(eArchive)
virtual int Read(void* pDest, int count); // throw(eArchive)
virtual int Write(const void* pDest, int count); // throw(eArchive)
int8* mpMemory;
int32 mSize;
int32 mReadHead;
int8* mpMemory;
int32 mSize;
int32 mReadHead;
};
class cFileArchive : public cBidirArchive
@ -266,42 +258,42 @@ public:
enum OpenFlags
{
FA_OPEN_TEXT = 0x1,
FA_OPEN_TRUNCATE = 0x2,
FA_SCANNING = 0x4,
FA_DIRECT = 0x8
FA_OPEN_TEXT = 0x1,
FA_OPEN_TRUNCATE = 0x2,
FA_SCANNING = 0x4,
FA_DIRECT = 0x8
};
// TODO: Open should throw
virtual void OpenRead(const TCHAR* filename, uint32 openFlags = 0);
virtual void OpenReadWrite(const TCHAR* filename, uint32 openFlags = FA_OPEN_TRUNCATE);
// opens a file for reading or writing; the file is always created if it doesn't exist,
// and is truncated to zero length if truncateFile is set to true;
TSTRING GetCurrentFilename(void) const;
virtual void Close(void);
void Truncate(); // throw(eArchive) // set the length to the current pos
virtual void OpenRead(const TCHAR* filename, uint32 openFlags = 0 );
virtual void OpenReadWrite(const TCHAR* filename, uint32 openFlags = FA_OPEN_TRUNCATE );
// opens a file for reading or writing; the file is always created if it doesn't exist,
// and is truncated to zero length if truncateFile is set to true;
TSTRING GetCurrentFilename(void) const;
virtual void Close(void);
void Truncate(); // throw(eArchive) // set the length to the current pos
//-----------------------------------
// cBidirArchive interface
//-----------------------------------
virtual bool EndOfFile();
virtual void Seek(int64 offset, SeekFrom from); // throw(eArchive)
virtual int64 CurrentPos() const;
virtual int64 Length() const;
virtual bool EndOfFile();
virtual void Seek(int64 offset, SeekFrom from); // throw(eArchive)
virtual int64 CurrentPos() const;
virtual int64 Length() const;
protected:
int64 mFileSize; //Size of FileArchive
int64 mReadHead; //Current position of read/write head
int64 mFileSize; //Size of FileArchive
int64 mReadHead; //Current position of read/write head
//-----------------------------------
// cArchive interface
//-----------------------------------
virtual int Read(void* pDest, int count);
virtual int Write(const void* pDest, int count); //throw(eArchive)
bool isWritable;
cFile mCurrentFile;
TSTRING mCurrentFilename; //current file
uint32 mOpenFlags;
virtual int Read(void* pDest, int count);
virtual int Write(const void* pDest, int count); //throw(eArchive)
bool isWritable;
cFile mCurrentFile;
TSTRING mCurrentFilename; //current file
uint32 mOpenFlags;
};
///////////////////////////////////////////////////////////////
@ -315,25 +307,45 @@ protected:
class cLockedTemporaryFileArchive : public cFileArchive
{
public:
virtual void OpenReadWrite(const TCHAR* filename = NULL, uint32 openFlags = FA_OPEN_TRUNCATE);
// creates the file. filename must not exist on the file system.
// if filename is NULL, the class will create and use a temporary file.
// truncateFile has no meaning
virtual void OpenReadWrite ( const TCHAR* filename = NULL, uint32 openFlags = FA_OPEN_TRUNCATE );
// creates the file. filename must not exist on the file system.
// if filename is NULL, the class will create and use a temporary file.
// truncateFile has no meaning
//virtual void OpenReadWriteThrow ( const TCHAR* filename = NULL, bool truncateFile = true ) throw (eArchive);
// this is the same as OpenReadWrite, except an exception is thrown on error (of type
// cArchive::ERR_OPEN_FAILED)
// this is the same as OpenReadWrite, except an exception is thrown on error (of type
// cArchive::ERR_OPEN_FAILED)
virtual void Close();
// close and delete the file
virtual void Close();
// close and delete the file
private:
// open for read only makes no sense if we're always creating the file,
// so disallow read only file opens
virtual void OpenRead(const TCHAR*, uint32 openFlags = 0)
{
ASSERT(false);
THROW_INTERNAL("archive.h");
}
virtual void OpenRead( const TCHAR*, uint32 openFlags = 0 ) { ASSERT( false ); THROW_INTERNAL("archive.h"); }
};
/*
// TODO: fill these out
///////////////////////////////////////////////////////////////////////////////
// class cMMFileArchive --
///////////////////////////////////////////////////////////////////////////////
class cMMFileArchive : public cMemMappedArchive
{
public:
};
///////////////////////////////////////////////////////////////////////////////
// class cNetArchive --
///////////////////////////////////////////////////////////////////////////////
class cNetArchive : public cArchive
{
public:
};
*/
#endif

50
src/core/charutil.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -42,9 +42,9 @@
#include "ntmbs.h"
#if IS_ANDROID
int mblen(const char* s, size_t n)
int mblen(const char *s, size_t n)
{
return mbtowc(0, s, n);
return mbtowc(0, s, n);
}
#endif
@ -64,26 +64,26 @@ int mblen(const char* s, size_t n)
//
/* static */
bool cCharUtil::PeekNextChar(const TSTRING::const_iterator& cur,
const TSTRING::const_iterator& end,
TSTRING::const_iterator& first,
TSTRING::const_iterator& last)
bool cCharUtil::PeekNextChar( const TSTRING::const_iterator& cur,
const TSTRING::const_iterator& end,
TSTRING::const_iterator& first,
TSTRING::const_iterator& last )
{
//
// do we have a valid string here?
//
if (cur > end)
if( cur > end )
{
return false;
}
if (cur == end)
if( cur == end )
{
first = last = end;
return false;
}
if (*cur == _T('\0'))
if( *cur == _T('\0') )
{
first = last = cur;
return false;
@ -93,19 +93,19 @@ bool cCharUtil::PeekNextChar(const TSTRING::const_iterator& cur,
if (!(*cur))
{
last = cur;
last = cur;
}
else
{
#if !IS_AROS
mblen(NULL, 0);
int len = mblen(&*cur, MB_CUR_MAX);
if (len < 0) //invalid multibyte sequence, but let's not blow up.
len = 1;
mblen (NULL, 0);
int len = mblen(&*cur, MB_CUR_MAX);
if (len < 0) //invalid multibyte sequence, but let's not blow up.
len = 1;
last = cur + len;
#else // AROS mblen() seems broken (as of 6/2016) so don't use it.
last = cur + 1;
last = cur + len;
#else // AROS mblen() seems broken (as of 6/2016) so don't use it.
last = cur + 1;
#endif
}
@ -138,14 +138,16 @@ bool cCharUtil::PeekNextChar(const TSTRING::const_iterator& cur,
//
/* static */
bool cCharUtil::PopNextChar(TSTRING::const_iterator& cur,
const TSTRING::const_iterator& end,
TSTRING::const_iterator& first,
TSTRING::const_iterator& last)
bool cCharUtil::PopNextChar( TSTRING::const_iterator& cur,
const TSTRING::const_iterator& end,
TSTRING::const_iterator& first,
TSTRING::const_iterator& last )
{
bool f = PeekNextChar(cur, end, first, last);
bool f = PeekNextChar( cur, end, first, last );
cur = last; // pop causes 'cur' to move to just beyond character ('last')
cur = last; // pop causes 'cur' to move to just beyond character ('last')
return f;
}
// eof: charutil.cpp

23
src/core/charutil.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -44,20 +44,23 @@
class cCharUtil
{
public:
// finds the next whole character in string identified by ['cur'-'end')
// identifies beginning of char in 'first', then end of character in 'last'
// returns 'are there more characters in string?'
// if there are no more characters, will return 0 and first = last = end
static bool PeekNextChar(const TSTRING::const_iterator& cur,
const TSTRING::const_iterator& end,
TSTRING::const_iterator& first,
TSTRING::const_iterator& last);
static bool PeekNextChar( const TSTRING::const_iterator& cur,
const TSTRING::const_iterator& end,
TSTRING::const_iterator& first,
TSTRING::const_iterator& last );
// same as PeekNextChar but increments 'cur' to 'last'
static bool PopNextChar(TSTRING::const_iterator& cur,
const TSTRING::const_iterator& end,
TSTRING::const_iterator& first,
TSTRING::const_iterator& last);
static bool PopNextChar( TSTRING::const_iterator& cur,
const TSTRING::const_iterator& end,
TSTRING::const_iterator& first,
TSTRING::const_iterator& last );
};
#endif //__CHARUTIL_H
#endif//__CHARUTIL_H

211
src/core/cmdlineparser.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -38,7 +38,9 @@
///////////////////////////////////////////////////////////////////////////////
// ctor, dotr
///////////////////////////////////////////////////////////////////////////////
cCmdLineParser::cCmdLineParser() : mArgTable(HASH_VERY_SMALL), mLastArgInfo(-1, PARAM_NONE)
cCmdLineParser::cCmdLineParser() :
mArgTable(HASH_VERY_SMALL),
mLastArgInfo(-1, PARAM_NONE)
{
}
@ -49,20 +51,19 @@ cCmdLineParser::~cCmdLineParser()
///////////////////////////////////////////////////////////////////////////////
// AddArg
///////////////////////////////////////////////////////////////////////////////
void cCmdLineParser::AddArg(
int argId, const TSTRING& arg, const TSTRING& alias, ParamCount numParams, bool multipleAllowed)
void cCmdLineParser::AddArg(int argId, const TSTRING& arg, const TSTRING& alias, ParamCount numParams, bool multipleAllowed)
{
if (arg.empty() && alias.empty())
if(arg.empty() && alias.empty())
{
// this refers to the list of parameters that comes after all the cmd line switches
mLastArgInfo.mId = argId;
mLastArgInfo.mNumParams = numParams;
return;
return ;
}
if (!arg.empty())
mArgTable.Insert(arg, cArgInfo(argId, numParams));
if (!alias.empty())
if(! arg.empty())
mArgTable.Insert(arg, cArgInfo(argId, numParams));
if(! alias.empty())
{
// put the alias in the table with a '-' prepended to it so it matches '--'
TSTRING str(_T("-"));
@ -70,58 +71,62 @@ void cCmdLineParser::AddArg(
mArgTable.Insert(str, cArgInfo(argId, numParams));
}
// This argument can appear more than once on the command line.
if (multipleAllowed)
mMultipleAllowed.insert(argId);
if( multipleAllowed )
mMultipleAllowed.insert( argId );
}
///////////////////////////////////////////////////////////////////////////////
// Clear
///////////////////////////////////////////////////////////////////////////////
/*void cCmdLineParser::Clear()
void cCmdLineParser::Clear()
{
mLastArgInfo.mId = -1;
mLastArgInfo.mNumParams = PARAM_INVALID;
mArgTable.Clear();
mArgData.clear();
mMutExList.clear();
}*/
}
///////////////////////////////////////////////////////////////////////////////
// Parse
///////////////////////////////////////////////////////////////////////////////
void cCmdLineParser::Parse(int argc, const TCHAR* const* argv)
void cCmdLineParser::Parse(int argc, const TCHAR *const * argv)
{
// clear out any existing data
mArgData.clear();
const TCHAR* pCurArg = 0;
bool bProcessedFinalParams = false; // gets set to true when the parameters to the command line are processed
const TCHAR* pCurArg = 0;
bool bProcessedFinalParams = false; // gets set to true when the parameters to the command line are processed
// I assume argv[0] is the executable name...
for (int i = 1; i < argc; i++)
for(int i=1; i < argc; i++)
{
if (argv[i][0] == _T('-'))
if(argv[i][0] == _T('-'))
{
pCurArg = argv[i];
// this is a switch; find it in the table...
cArgInfo argInfo;
if (!mArgTable.Lookup(TSTRING(&argv[i][1]), argInfo))
if ( !mArgTable.Lookup( TSTRING(&argv[i][1] ), argInfo ) )
{
// unknown switch!
throw eCmdLineInvalidArg(TSS_GetString(cCore, core::STR_ERR2_BAD_ARG_PARAMS) + pCurArg);
throw eCmdLineInvalidArg(
TSS_GetString( cCore, core::STR_ERR2_BAD_ARG_PARAMS )
+ pCurArg );
}
//
// make sure this hasn't been specified yet...
//
if (ArgInList(argInfo.mId))
if( ArgInList( argInfo.mId ) )
{
// Make sure it isn't okay for this one to appear more than once...
std::set<int>::iterator it = mMultipleAllowed.find(argInfo.mId);
if (it == mMultipleAllowed.end())
std::set<int>::iterator it = mMultipleAllowed.find( argInfo.mId );
if( it == mMultipleAllowed.end() )
{
// It wasn't in our list of allowed params, so error.
throw eCmdLineMultiArg(TSS_GetString(cCore, core::STR_ERR2_BAD_ARG_PARAMS) + argv[i]);
throw eCmdLineMultiArg(
TSS_GetString( cCore, core::STR_ERR2_BAD_ARG_PARAMS )
+ argv[i] );
}
}
//
@ -129,22 +134,24 @@ void cCmdLineParser::Parse(int argc, const TCHAR* const* argv)
//
mArgData.push_back(cArgData(argInfo.mId, TSTRING(argv[i])));
cArgData& curArg = mArgData.back();
switch (argInfo.mNumParams)
switch( argInfo.mNumParams )
{
case PARAM_NONE:
// make sure there are no parameters to this, but be careful because
// it is legal to start the parameters to the executable here.
if ((i + 1 < argc) && (argv[i + 1][0] != _T('-')))
if((i+1 < argc) && (argv[i+1][0] != _T('-')))
{
// search for any more parameters
// TODO: In the future we may want to support a '--' switch that specifies the start
// of parameters to the executable.
for (int j = i + 2; j < argc; ++j)
for (int j = i + 2; j < argc; ++j )
{
if (argv[j][0] == _T('-'))
{
// >0 parameter passed !
throw eCmdLineBadParam(TSS_GetString(cCore, core::STR_ERR2_BAD_ARG_PARAMS) + pCurArg);
throw eCmdLineBadParam(
TSS_GetString( cCore, core::STR_ERR2_BAD_ARG_PARAMS )
+ pCurArg );
}
}
}
@ -153,27 +160,29 @@ void cCmdLineParser::Parse(int argc, const TCHAR* const* argv)
case PARAM_ONE:
// get the next parameter...
i++;
if ((i >= argc) || (argv[i][0] == _T('-')))
if ( (i >= argc) || (argv[i][0] == _T('-')) )
{
// zero parameters passed to something that needed one param
throw eCmdLineBadParam(TSS_GetString(cCore, core::STR_ERR2_BAD_ARG_PARAMS) + pCurArg);
throw eCmdLineBadParam(
TSS_GetString( cCore, core::STR_ERR2_BAD_ARG_PARAMS )
+ pCurArg );
}
curArg.mParams.push_back(TSTRING(argv[i]));
curArg.mParams.push_back( TSTRING(argv[i]) );
break;
case PARAM_MANY:
i++;
while ((i < argc) && (argv[i][0] != _T('-')))
while((i < argc) && (argv[i][0] != _T('-')))
{
curArg.mParams.push_back(TSTRING(argv[i]));
i++;
}
i--; // since we have gone too far at this point
i--; // since we have gone too far at this point
break;
default:
ASSERTMSG(false, "Unknown number of arguments to parser");
ASSERTMSG( false, "Unknown number of arguments to parser" );
}
}
else
@ -182,14 +191,14 @@ void cCmdLineParser::Parse(int argc, const TCHAR* const* argv)
// this must be the final "unnamed" arg
// first, make sure it is consistent with the current info...
bool bResult = true;
switch (mLastArgInfo.mNumParams)
switch(mLastArgInfo.mNumParams)
{
case PARAM_NONE:
// this is an error; they didn't want any command line parameters...
bResult = false;
break;
case PARAM_ONE:
if (i + 1 != argc)
if(i+1 != argc)
// there is >1 final parameter; it is an error
bResult = false;
break;
@ -198,28 +207,33 @@ void cCmdLineParser::Parse(int argc, const TCHAR* const* argv)
break;
default:
ASSERT(false);
}
if (!bResult)
if(! bResult)
{
throw eCmdLineBadParam();
throw eCmdLineBadParam( );
}
// ok, we can push the final parameter info onto the list...
mArgData.push_back(cArgData(mLastArgInfo.mId));
cArgData& curArg = mArgData.back();
while (i < argc)
while ( i < argc )
{
if (argv[i][0] == _T('-'))
if ( argv[i][0] == _T('-') )
{
if (!pCurArg)
if ( ! pCurArg )
{
throw eCmdLineBadSwitchPos(TSS_GetString(cCore, core::STR_ERR2_BAD_ARG_PARAMS) + argv[i]);
throw eCmdLineBadSwitchPos(
TSS_GetString( cCore, core::STR_ERR2_BAD_ARG_PARAMS )
+ argv[i] );
}
else
{
// there was an extra parameter passed somewhere!
throw eCmdLineBadArgParam(TSS_GetString(cCore, core::STR_ERR2_BAD_ARG_PARAMS) + pCurArg);
throw eCmdLineBadArgParam(
TSS_GetString( cCore, core::STR_ERR2_BAD_ARG_PARAMS )
+ pCurArg );
}
}
@ -227,18 +241,21 @@ void cCmdLineParser::Parse(int argc, const TCHAR* const* argv)
curArg.mParams.push_back(TSTRING(argv[i]));
i++;
}
}
}
// it is possible not to process the final command line parameters in the "else" case above
// (this only occurs if there are no command line parameters specified) so let's make sure that
// is consistent with what we are configured with...
// NOTE -- it is ok to have no cmd line parameters if they specified PARAM_NONE or PARAM_MANY
if (!bProcessedFinalParams)
if(! bProcessedFinalParams)
{
if (mLastArgInfo.mNumParams == PARAM_ONE)
if(mLastArgInfo.mNumParams == PARAM_ONE)
{
throw eCmdLineBadParam();
throw eCmdLineBadParam( );
}
}
@ -252,24 +269,28 @@ void cCmdLineParser::Parse(int argc, const TCHAR* const* argv)
///////////////////////////////////////////////////////////////////////////////
void cCmdLineParser::TestMutEx()
{
std::list<std::pair<int, int> >::const_iterator i;
cCmdLineIter iter1(*this), iter2(*this);
for (i = mMutExList.begin(); i != mMutExList.end(); i++)
std::list<std::pair<int,int> >::const_iterator i;
cCmdLineIter iter1(*this), iter2(*this);
for(i = mMutExList.begin(); i != mMutExList.end(); i++)
{
//TODO -- there is a much more efficent way to do this (using cFCOPropVector, for example)
// the command line is presumably small enough, tho, that it probably isn't a big
// deal to do it this way.
iter1.SeekToArg(i->first);
if (!iter1.Done())
if(! iter1.Done())
{
iter2.SeekToArg(i->second);
if (!iter2.Done())
if(! iter2.Done())
{
// we have a mutual exclusion violation!
throw eCmdLineMutEx(iter1.ActualParam() + _T(", ") + iter2.ActualParam());
throw eCmdLineMutEx(
iter1.ActualParam()
+ _T(", ")
+ iter2.ActualParam() );
}
}
}
}
///////////////////////////////////////////////////////////////////////////////
@ -277,51 +298,51 @@ void cCmdLineParser::TestMutEx()
///////////////////////////////////////////////////////////////////////////////
void cCmdLineParser::TestDependency()
{
std::list<std::pair<std::pair<int, int>, bool> >::const_iterator i;
cCmdLineIter iter1(*this), iter2(*this);
std::list< std::pair< std::pair< int, int>, bool > >::const_iterator i;
cCmdLineIter iter1(*this), iter2(*this);
for (i = mDependencyList.begin(); i != mDependencyList.end(); ++i)
for( i = mDependencyList.begin(); i != mDependencyList.end(); ++i)
{
iter1.SeekToArg(i->first.first);
iter1.SeekToArg( i->first.first );
// was it on the command line?
if (!iter1.Done())
if( !iter1.Done() )
{
// it was, is the corresponding arg on the command line?
iter2.SeekToArg(i->first.second);
if (iter2.Done()) // it wasn't, dependency error
iter2.SeekToArg( i->first.second );
if( iter2.Done() ) // it wasn't, dependency error
{
TSTRING arg1, arg2, alias1, alias2;
cCmdLineParser::LookupArgInfo(i->first.first, arg1, alias1);
cCmdLineParser::LookupArgInfo(i->first.second, arg2, alias2);
cCmdLineParser::LookupArgInfo( i->first.first, arg1, alias1 );
cCmdLineParser::LookupArgInfo( i->first.second, arg2, alias2 );
// determine in which form the user passed the arguments,
// and construct the error message in the same form
if (iter1.ActualParam().length() == 2)
throw eCmdLineDependency(_T("The switch -") + arg1 + _T(" requires -") + arg2 + _T("."));
if ( iter1.ActualParam().length() == 2 )
throw eCmdLineDependency( _T("The switch -") + arg1 + _T(" requires -") + arg2 +_T(".") );
else
throw eCmdLineDependency(_T("The switch --") + alias1 + _T(" requires --") + alias2 + _T("."));
throw eCmdLineDependency( _T("The switch --") + alias1 + _T(" requires --") + alias2 + _T(".") );
}
}
else if (i->second)
else if( i->second )
// only make this second check if the dependencies are MUTUAL,
// as indicated (or not) by the bool value.
{
iter2.SeekToArg(i->first.second);
// the first arg in the pair was not on the command line,
// so just make sure the second isn't there...
if (!iter2.Done())
iter2.SeekToArg( i->first.second );
// the first arg in the pair was not on the command line,
// so just make sure the second isn't there...
if( !iter2.Done() )
{
// arg2 appeared without arg1, so dependency error.
TSTRING arg1, arg2, alias1, alias2;
cCmdLineParser::LookupArgInfo(i->first.first, arg1, alias1);
cCmdLineParser::LookupArgInfo(i->first.second, arg2, alias2);
cCmdLineParser::LookupArgInfo( i->first.first, arg1, alias1 );
cCmdLineParser::LookupArgInfo( i->first.second, arg2, alias2 );
// determine in which form the user passed the arguments,
// and construct the error message in the same form
if (iter1.ActualParam().length() == 2)
throw eCmdLineDependency(_T("The switch -") + arg2 + _T(" requires -") + arg1 + _T("."));
if ( iter1.ActualParam().length() == 2 )
throw eCmdLineDependency( _T("The switch -") + arg2 + _T(" requires -") + arg1 +_T(".") );
else
throw eCmdLineDependency(_T("The switch --") + alias2 + _T(" requires --") + alias1 + _T("."));
throw eCmdLineDependency( _T("The switch --") + alias2 + _T(" requires --") + alias1 + _T(".") );
}
}
@ -343,32 +364,32 @@ void cCmdLineParser::AddMutEx(int argId1, int argId2)
///////////////////////////////////////////////////////////////////////////////
// AddDependency
///////////////////////////////////////////////////////////////////////////////
void cCmdLineParser::AddDependency(int argId1, int argId2, bool mutual)
void cCmdLineParser::AddDependency(int argId1, int argId2, bool mutual )
{
// again, no checking for duplicates... would a set
// prove to be a better container for this operation?
std::pair<int, int> Args(argId1, argId2);
std::pair<std::pair<int, int>, bool> Dep(Args, mutual);
std::pair< int, int > Args( argId1, argId2 );
std::pair< std::pair< int, int >, bool > Dep( Args, mutual );
ASSERT(argId1 != argId2);
mDependencyList.push_back(Dep);
mDependencyList.push_back( Dep);
}
///////////////////////////////////////////////////////////////////////////////
// TraceContents
///////////////////////////////////////////////////////////////////////////////
#ifdef DEBUG
#ifdef _DEBUG
void cCmdLineParser::TraceContents(int dl)
{
cDebug d("cCmdLineParser::TraceContents");
if (dl == -1)
if(dl == -1)
dl = cDebug::D_DEBUG;
std::list<cArgData>::const_iterator i;
for (i = mArgData.begin(); i != mArgData.end(); i++)
for(i = mArgData.begin(); i != mArgData.end(); i++)
{
d.Trace(dl, "* Item id:%d\n", i->mId);
for (std::vector<TSTRING>::const_iterator vi = i->mParams.begin(); vi != i->mParams.end(); vi++)
for(std::vector<TSTRING>::const_iterator vi = i->mParams.begin(); vi != i->mParams.end(); vi++)
{
d.Trace(dl, "\t%s\n", vi->c_str());
}
@ -377,7 +398,7 @@ void cCmdLineParser::TraceContents(int dl)
d.Trace(dl, "--- Switch id table ---\n");
cHashTableIter<TSTRING, cArgInfo> iter(mArgTable);
for (iter.SeekBegin(); !iter.Done(); iter.Next())
for(iter.SeekBegin(); ! iter.Done(); iter.Next())
{
d.Trace(dl, "[%d] %s\n", iter.Val().mId, iter.Key().c_str());
}
@ -391,16 +412,16 @@ void cCmdLineParser::TraceContents(int dl)
///////////////////////////////////////////////////////////////////////////////
bool cCmdLineParser::LookupArgInfo(int argId, TSTRING& arg, TSTRING& alias) const
{
arg = _T("");
alias = _T("");
arg = _T("");
alias = _T("");
cHashTableIter<TSTRING, cArgInfo> iter(mArgTable);
for (iter.SeekBegin(); !iter.Done(); iter.Next())
for(iter.SeekBegin(); ! iter.Done(); iter.Next())
{
if (iter.Val().mId == argId)
if(iter.Val().mId == argId)
{
TSTRING str = iter.Key();
if ((str.length() > 0) && (str[0] == _T('-')))
if((str.length() > 0) && (str[0] == _T('-')))
{
// this is the alias!
alias = (str.c_str() + 1);
@ -412,7 +433,7 @@ bool cCmdLineParser::LookupArgInfo(int argId, TSTRING& arg, TSTRING& alias) cons
}
}
}
return ((!arg.empty()) || (!alias.empty()));
return ((! arg.empty()) || (! alias.empty()));
}
///////////////////////////////////////////////////////////////////////////////
@ -421,9 +442,9 @@ bool cCmdLineParser::LookupArgInfo(int argId, TSTRING& arg, TSTRING& alias) cons
bool cCmdLineParser::ArgInList(int argId)
{
std::list<cArgData>::iterator i;
for (i = mArgData.begin(); i != mArgData.end(); i++)
for( i = mArgData.begin(); i != mArgData.end(); i++ )
{
if (i->mId == argId)
if( i->mId == argId )
return true;
}
return false;
@ -437,13 +458,15 @@ bool cCmdLineParser::ArgInList(int argId)
///////////////////////////////////////////////////////////////////////////////
// SeekToArg
///////////////////////////////////////////////////////////////////////////////
bool cCmdLineIter::SeekToArg(int argId) const
bool cCmdLineIter::SeekToArg(int argId) const
{
for (SeekBegin(); !Done(); Next())
for(SeekBegin(); ! Done(); Next())
{
if (ArgId() == argId)
if(ArgId() == argId)
return true;
}
return false;
}

173
src/core/cmdlineparser.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -49,15 +49,14 @@
//=============================================================================
// eCmdLine
//=============================================================================
TSS_EXCEPTION(eCmdLine, eError)
TSS_EXCEPTION(eCmdLineInvalidArg, eCmdLine) // an arg on the command line is not recognized
TSS_EXCEPTION(eCmdLineBadArgParam, eCmdLine) // wrong number of parameters to an argument
TSS_EXCEPTION(eCmdLineBadParam,
eCmdLine) // wrong number of paramters to the executable (not associated with any arguments)
TSS_EXCEPTION(eCmdLineBadSwitchPos, eCmdLine) // a '-' arg appeared after the final parameter list
TSS_EXCEPTION(eCmdLineMutEx, eCmdLine) // a mutual exclusion error has occured
TSS_EXCEPTION(eCmdLineDependency, eCmdLine) // a dependency error has occurred.
TSS_EXCEPTION(eCmdLineMultiArg, eCmdLine) // an arg was found twice in the command line
TSS_EXCEPTION( eCmdLine, eError )
TSS_EXCEPTION( eCmdLineInvalidArg, eCmdLine ) // an arg on the command line is not recognized
TSS_EXCEPTION( eCmdLineBadArgParam, eCmdLine ) // wrong number of parameters to an argument
TSS_EXCEPTION( eCmdLineBadParam, eCmdLine ) // wrong number of paramters to the executable (not associated with any arguments)
TSS_EXCEPTION( eCmdLineBadSwitchPos,eCmdLine ) // a '-' arg appeared after the final parameter list
TSS_EXCEPTION( eCmdLineMutEx, eCmdLine ) // a mutual exclusion error has occured
TSS_EXCEPTION( eCmdLineDependency, eCmdLine ) // a dependency error has occurred.
TSS_EXCEPTION( eCmdLineMultiArg, eCmdLine ) // an arg was found twice in the command line
/*
@ -96,93 +95,87 @@ public:
enum ParamCount
{
PARAM_NONE, // no parameters to arg
PARAM_ONE, // one parameter to arg
PARAM_MANY, // zero or more paramters to arg
PARAM_NONE, // no parameters to arg
PARAM_ONE, // one parameter to arg
PARAM_MANY, // zero or more paramters to arg
PARAM_INVALID // top of enum
PARAM_INVALID // top of enum
};
void
AddArg(int argId, const TSTRING& arg, const TSTRING& alias, ParamCount numParams, bool multipleAllowed = false);
// this method should be called for each argument that can appear on the
// command line.
// argId -- a number that uniquely identifies the argument; no two arguments
// may have the same id (ASSERT-enforced)
// arg -- string that comes after the '-'. can be _T("") if there is only
// a string representation
// alias -- string that comes after '--' which has the same meaning. Can be _T("")
// if there is no alias. If both arg and alias are empty strings, then this arg
// represents the list of arguments that comes at the end of the command line
// numParams -- number of parameters that this argument needs
void AddArg(int argId, const TSTRING& arg, const TSTRING& alias, ParamCount numParams, bool multipleAllowed = false);
// this method should be called for each argument that can appear on the
// command line.
// argId -- a number that uniquely identifies the argument; no two arguments
// may have the same id (ASSERT-enforced)
// arg -- string that comes after the '-'. can be _T("") if there is only
// a string representation
// alias -- string that comes after '--' which has the same meaning. Can be _T("")
// if there is no alias. If both arg and alias are empty strings, then this arg
// represents the list of arguments that comes at the end of the command line
// numParams -- number of parameters that this argument needs
void AddMutEx(int argId1, int argId2);
// this adds a mutual exclusion constraint. When Parse() is called, if argId1 and
// argId2 both exist on the command line, then the parse will fail and the error
// value ERR_MUTUAL_EXCLUSION will be set.
// this adds a mutual exclusion constraint. When Parse() is called, if argId1 and
// argId2 both exist on the command line, then the parse will fail and the error
// value ERR_MUTUAL_EXCLUSION will be set.
void AddDependency(int argId1, int argId2, bool mutual = false);
// This adds a dependency constraint. When Parse() is called, if argId1
// exists on the command line independent from argId2, then the parse will fail.
// If the default param mutual is true, then the command parser will check for
// argId1 if argId2 is passed. We do this, since it is possible for one arg to
// depend on another, but have the other arg alone on the command line, legally.
void AddDependency(int argId1, int argId2, bool mutual = false );
// This adds a dependency constraint. When Parse() is called, if argId1
// exists on the command line independent from argId2, then the parse will fail.
// If the default param mutual is true, then the command parser will check for
// argId1 if argId2 is passed. We do this, since it is possible for one arg to
// depend on another, but have the other arg alone on the command line, legally.
void Parse(int argc, const TCHAR* const* argv); // throw eCmdLine
void Parse(int argc, const TCHAR *const * argv); // throw eCmdLine
// after AddArg() has been called for every argument that could be processed by the
// command line, call this to tokenize argv. If the return value is false, then
// the input was invalid in some way; the actual error can be determined by calling
// GetErrorInfo() below.
// void Clear();
// clear out all information that this class contains
void Clear();
// clear out all information that this class contains
bool LookupArgInfo(int argId, TSTRING& arg, TSTRING& alias) const;
// given an argId, fill out the strings with the argument and alias strings. Returns false
// if the argId cannot be found. This method is not very fast, so don't use it often.
// given an argId, fill out the strings with the argument and alias strings. Returns false
// if the argId cannot be found. This method is not very fast, so don't use it often.
#ifdef DEBUG
void TraceContents(int dl = -1);
#endif
#ifdef _DEBUG
void TraceContents(int dl = -1) ;
#endif
private:
void TestMutEx();
// tests for mutual exclusion violations; if it fails, the current error is set and false
// is returned.
// tests for mutual exclusion violations; if it fails, the current error is set and false
// is returned.
void TestDependency();
// tests for all dependency violations.
// tests for all dependency violations.
bool ArgInList(int argId);
// returns true if an argument with the specified id already exists in the list; this is used
// to make sure the same arg doesn't appear >1 time on the command line
// returns true if an argument with the specified id already exists in the list; this is used
// to make sure the same arg doesn't appear >1 time on the command line
// for storing information on paramers
struct cArgInfo
{
int mId;
ParamCount mNumParams;
int mId;
ParamCount mNumParams;
cArgInfo(int i = -1, ParamCount p = PARAM_INVALID) : mId(i), mNumParams(p)
{
}
cArgInfo(int i = -1, ParamCount p = PARAM_INVALID) : mId(i), mNumParams(p) {}
};
// for storing parsed argv information
struct cArgData
{
int mId;
std::vector<TSTRING> mParams;
TSTRING mActualParam; // a string representation of what was actually on the command line
int mId;
std::vector<TSTRING> mParams;
TSTRING mActualParam; // a string representation of what was actually on the command line
cArgData(int id = -1, const TSTRING& actualParam = TSTRING(_T(""))) : mId(id), mActualParam(actualParam)
{
}
cArgData(int id = -1, const TSTRING& actualParam = TSTRING(_T(""))) : mId(id), mActualParam(actualParam) {}
};
cHashTable<TSTRING, cArgInfo> mArgTable;
cArgInfo
mLastArgInfo; // info on the argument that comes at the end of the command line (with no associated '-x' or '--x')
std::list<cArgData> mArgData;
std::list<std::pair<int, int> > mMutExList; // all of the mutual exclusions
std::list<std::pair<std::pair<int, int>, bool> > mDependencyList; // all of the dependencies
std::set<int> mMultipleAllowed;
cHashTable<TSTRING, cArgInfo> mArgTable;
cArgInfo mLastArgInfo; // info on the argument that comes at the end of the command line (with no associated '-x' or '--x')
std::list<cArgData> mArgData;
std::list<std::pair<int,int> > mMutExList; // all of the mutual exclusions
std::list< std::pair < std::pair<int,int>, bool > > mDependencyList; // all of the dependencies
std::set< int > mMultipleAllowed;
friend class cCmdLineIter;
};
@ -197,35 +190,36 @@ public:
cCmdLineIter(const cCmdLineParser& parser);
// iteration
void SeekBegin() const;
bool Done() const;
bool IsEmpty() const;
void Next() const;
void SeekBegin() const;
bool Done() const;
bool IsEmpty() const;
void Next() const;
bool SeekToArg(int argId) const;
// seeks to the argument with the given argId. returns
// false and Done() == true if it couldn't find it.
bool SeekToArg(int argId) const;
// seeks to the argument with the given argId. returns
// false and Done() == true if it couldn't find it.
// access to the argument data
int ArgId() const;
// returns the id of this arg; ASSERTs if Done() == true
int NumParams() const;
// returns the number of parameters this argument has
const TSTRING& ActualParam() const;
// returns exactly what was passed on the command line (ie -- what the user typed)
const TSTRING& ParamAt(int index) const;
// returns the parameter at the specified index. ASSERTs if
// the index is out of range.
int ArgId() const;
// returns the id of this arg; ASSERTs if Done() == true
int NumParams() const;
// returns the number of parameters this argument has
const TSTRING& ActualParam() const;
// returns exactly what was passed on the command line (ie -- what the user typed)
const TSTRING& ParamAt(int index) const;
// returns the parameter at the specified index. ASSERTs if
// the index is out of range.
private:
const std::list<cCmdLineParser::cArgData>& mList;
const std::list<cCmdLineParser::cArgData>& mList;
mutable std::list<cCmdLineParser::cArgData>::const_iterator mIter;
};
//#############################################################################
// inline implementation
//#############################################################################
inline cCmdLineIter::cCmdLineIter(const cCmdLineParser& parser) : mList(parser.mArgData)
inline cCmdLineIter::cCmdLineIter(const cCmdLineParser& parser) :
mList(parser.mArgData)
{
SeekBegin();
}
@ -247,22 +241,22 @@ inline void cCmdLineIter::Next() const
}
inline int cCmdLineIter::ArgId() const
{
ASSERT(!Done());
ASSERT(! Done());
return mIter->mId;
}
inline int cCmdLineIter::NumParams() const
{
ASSERT(!Done());
ASSERT(! Done());
return mIter->mParams.size();
}
inline const TSTRING& cCmdLineIter::ActualParam() const
inline const TSTRING& cCmdLineIter::ActualParam() const
{
ASSERT(!Done());
ASSERT(! Done());
return mIter->mActualParam;
}
inline const TSTRING& cCmdLineIter::ParamAt(int index) const
inline const TSTRING& cCmdLineIter::ParamAt(int index) const
{
ASSERT((index >= 0) && (index < NumParams()));
return mIter->mParams[index];
@ -270,3 +264,4 @@ inline const TSTRING& cCmdLineIter::ParamAt(int index) const
#endif

1548
src/core/codeconvert.cpp
View File

File diff suppressed because it is too large Load Diff

183
src/core/codeconvert.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -60,17 +60,17 @@
/// Requirements
#include "platform.h" // for: Platform specific code
#include "ntmbs.h" // for: NTBS, NTMBS, NTWCS, and NTDBS types
#include "platform.h" // for: Platform specific code
#include "ntmbs.h" // for: NTBS, NTMBS, NTWCS, and NTDBS types
/// Exceptions
TSS_EXCEPTION(eConverter, eError);
TSS_EXCEPTION(eConverterReset, eConverter);
TSS_EXCEPTION(eConverterFatal, eConverter);
TSS_EXCEPTION(eConverterUnsupportedConversion, eConverter);
TSS_EXCEPTION(eConverterUnknownCodepage, eConverter);
TSS_EXCEPTION( eConverter, eError );
TSS_EXCEPTION( eConverterReset, eConverter );
TSS_EXCEPTION( eConverterFatal, eConverter );
TSS_EXCEPTION( eConverterUnsupportedConversion, eConverter );
TSS_EXCEPTION( eConverterUnknownCodepage, eConverter );
/// Classes
@ -90,38 +90,43 @@ TSS_EXCEPTION(eConverterUnknownCodepage, eConverter);
*/
class iCodeConverter
{
public:
static iCodeConverter* GetInstance(); // Singleton
static void Finit();
public:
static iCodeConverter* GetInstance(); // Singleton
/// Subclass Responsibilities
virtual int Convert(ntmbs_t, // NTMBS buffer
size_t, // Capacity in mbchar_t's (bytes)
const_ntdbs_t, // null terminated two-byte wide character (UCS2 rep)
size_t nCount) = 0; // Amount to convert in dbchar_t's
// returns number of buffer items converted, -1 on error
/// Subclass Responsibilities
virtual
int
Convert(
ntmbs_t, // NTMBS buffer
size_t, // Capacity in mbchar_t's (bytes)
const_ntdbs_t, // null terminated two-byte wide character (UCS2 rep)
size_t nCount ) = 0; // Amount to convert in dbchar_t's
// returns number of buffer items converted, -1 on error
virtual int Convert(ntdbs_t, // NTDBS (Null-terminated two byte sequence) buf
size_t, // Capacity in dbchar_t's
const_ntmbs_t, // Null-terminated multi-byte sequence
size_t) = 0; // Capacity in mbchar_t's (bytes)
// returns number of buffer items converted, -1 on error
virtual
int
Convert(
ntdbs_t, // NTDBS (Null-terminated two byte sequence) buf
size_t, // Capacity in dbchar_t's
const_ntmbs_t, // Null-terminated multi-byte sequence
size_t ) = 0; // Capacity in mbchar_t's (bytes)
// returns number of buffer items converted, -1 on error
protected:
iCodeConverter()
{
}
virtual ~iCodeConverter()
{
}
protected:
private:
static iCodeConverter* CreateConverter();
static iCodeConverter* CreateGoodEnoughConverter();
iCodeConverter() {}
virtual ~iCodeConverter() {}
private:
static iCodeConverter* CreateConverter();
static iCodeConverter* CreateGoodEnoughConverter();
static iCodeConverter* m_pInst;
static iCodeConverter* m_pInst;
};
@ -132,64 +137,68 @@ private:
#ifdef HAVE_ICONV_H
#include <iconv.h>
# ifdef HAVE_LANGINFO_H
# ifndef __USE_XOPEN
# define __USE_XOPEN 1
# endif
# include <langinfo.h>
# endif
#ifdef HAVE_LANGINFO_H
#ifndef __USE_XOPEN
#define __USE_XOPEN 1
#endif
#include <langinfo.h>
#endif
class cIconvUtil
{
public:
static const char* GetCodePageID(); // gets code page id for current locale, throws if error
static bool GetCodePageID(const char** ppCP);
static const char* GetIconvDbIdentifier();
static const char* GetMiddleIdentifier();
static void ResetConverter(iconv_t);
static bool TestConverter(const char* pTo, const char* pFrom);
static iconv_t OpenHandle(const char* pTo, const char* pFrom); // throws
static void CloseHandle(iconv_t ic);
public:
static const char* GetCodePageID(); // gets code page id for current locale, throws if error
static bool GetCodePageID( const char** ppCP );
static const char* GetIconvDbIdentifier();
static const char* GetMiddleIdentifier();
static void ResetConverter( iconv_t );
static bool TestConverter( const char* pTo, const char* pFrom );
static iconv_t OpenHandle( const char* pTo, const char* pFrom ); // throws
static void CloseHandle( iconv_t ic );
};
class cIconvConverter : public iCodeConverter
{
public:
static bool Test(); // is there a conversion for the current codepage?
public:
virtual int Convert(ntmbs_t, size_t, const_ntdbs_t, size_t);
virtual int Convert(ntdbs_t, size_t, const_ntmbs_t, size_t);
static bool Test(); // is there a conversion for the current codepage?
cIconvConverter();
virtual ~cIconvConverter();
virtual int Convert( ntmbs_t, size_t, const_ntdbs_t, size_t );
virtual int Convert( ntdbs_t, size_t, const_ntmbs_t, size_t );
private:
void Init();
cIconvConverter();
virtual ~cIconvConverter();
iconv_t icToDb;
iconv_t icFromDb;
private:
void Init();
iconv_t icToDb;
iconv_t icFromDb;
};
class cDoubleIconvConverter : public iCodeConverter
{
public:
static bool Test(); // is there a conversion for the current codepage?
public:
virtual int Convert(ntmbs_t, size_t, const_ntdbs_t, size_t);
virtual int Convert(ntdbs_t, size_t, const_ntmbs_t, size_t);
static bool Test(); // is there a conversion for the current codepage?
cDoubleIconvConverter();
virtual ~cDoubleIconvConverter();
virtual int Convert( ntmbs_t, size_t, const_ntdbs_t, size_t );
virtual int Convert( ntdbs_t, size_t, const_ntmbs_t, size_t );
private:
void Init();
cDoubleIconvConverter();
virtual ~cDoubleIconvConverter();
iconv_t icMbToUTF8;
iconv_t icUTF8ToDb;
private:
iconv_t icDbToUTF8;
iconv_t icUTF8ToMb;
void Init();
iconv_t icMbToUTF8;
iconv_t icUTF8ToDb;
iconv_t icDbToUTF8;
iconv_t icUTF8ToMb;
};
#endif // HAVE_ICONV_H
@ -209,12 +218,10 @@ private:
class cWcharIs32BitUcs2Converterer : public iCodeConverter
{
public:
virtual int Convert(ntmbs_t, size_t, const_ntdbs_t, size_t);
virtual int Convert(ntdbs_t, size_t, const_ntmbs_t, size_t);
virtual int Convert( ntmbs_t, size_t, const_ntdbs_t, size_t );
virtual int Convert( ntdbs_t, size_t, const_ntmbs_t, size_t );
virtual ~cWcharIs32BitUcs2Converterer()
{
}
virtual ~cWcharIs32BitUcs2Converterer() {}
};
#endif // WCHAR_IS_32_BITS
@ -231,12 +238,10 @@ public:
class cWcharIs16BitUcs2Converterer : public iCodeConverter
{
public:
virtual int Convert(ntmbs_t, size_t, const_ntdbs_t, size_t);
virtual int Convert(ntdbs_t, size_t, const_ntmbs_t, size_t);
virtual int Convert( ntmbs_t, size_t, const_ntdbs_t, size_t );
virtual int Convert( ntdbs_t, size_t, const_ntmbs_t, size_t );
virtual ~cWcharIs16BitUcs2Converterer()
{
}
virtual ~cWcharIs16BitUcs2Converterer() {}
};
#endif // WCHAR_IS_16_BITS
@ -246,12 +251,10 @@ public:
class cGoodEnoughConverterer : public iCodeConverter
{
public:
virtual int Convert(ntmbs_t, size_t, const_ntdbs_t, size_t);
virtual int Convert(ntdbs_t, size_t, const_ntmbs_t, size_t);
virtual int Convert( ntmbs_t, size_t, const_ntdbs_t, size_t );
virtual int Convert( ntdbs_t, size_t, const_ntmbs_t, size_t );
virtual ~cGoodEnoughConverterer()
{
}
virtual ~cGoodEnoughConverterer() {}
};
@ -264,14 +267,14 @@ class cConvertUtil
TSS_HIGH_ASCII_START = 0x0080u,
TSS_HIGH_ASCII_END = 0x00FFu
};
public:
static dbchar_t ConvertNonChar(mbchar_t ch);
static mbchar_t ConvertNonChar(dbchar_t ch);
static dbchar_t ConvertNonChar( mbchar_t ch );
static mbchar_t ConvertNonChar( dbchar_t ch );
static bool ValueInReservedRange(mbchar_t ch);
static bool ValueInReservedRange(dbchar_t ch);
static bool ValueInReservedRange( mbchar_t ch );
static bool ValueInReservedRange( dbchar_t ch );
};
#endif //__CODECONVERT_H

20
src/core/core.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -39,28 +39,26 @@
#include "core.h"
#include "coreerrors.h"
#include "codeconvert.h" // for: iCodeConverter::GetInstance
#include "twlocale.h" // for: cTWLocale::InitGlobalLocale
#include "codeconvert.h" // for: iCodeConverter::GetInstance
#include "twlocale.h" // for: cTWLocale::InitGlobalLocale
TSS_ImplementPackage(cCore)
TSS_ImplementPackage( cCore )
cCore::cCore()
{
TSS_REGISTER_PKG_ERRORS(core);
TSS_REGISTER_PKG_ERRORS( core );
// NOTE: Initialize code converter when cCore is a dependency
// of another package (created on first call to GetInstance(),
// forcing creation here to hasten the display of any errors)
cDebug::SetDebugLevel(cDebug::D_DEBUG);
cDebug::AddOutTarget(cDebug::OUT_STDOUT);
cDebug::SetDebugLevel( cDebug::D_DEBUG );
cDebug::AddOutTarget( cDebug::OUT_STDOUT );
cTWLocale::InitGlobalLocale();
iCodeConverter::GetInstance();
}
cCore::~cCore()
{
iCodeConverter::Finit();
}
// eof: core.cpp

15
src/core/core.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -43,18 +43,19 @@
//--Requirements
#include "package.h" // for: Packaging Abstraction
#include "package.h" // for: Packaging Abstraction
//--Classes
TSS_BeginPackage(cCore)
TSS_BeginPackage( cCore )
TSS_DECLARE_STRINGTABLE;
public:
cCore();
~cCore();
public:
TSS_EndPackage(cCore)
cCore();
TSS_EndPackage( cCore )
#endif //__CORE_H

136
src/core/coreerrors.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -49,118 +49,120 @@
#include "ntmbs.h"
#include "displayencoder.h"
TSS_BEGIN_ERROR_REGISTRATION(core)
TSS_BEGIN_ERROR_REGISTRATION( core )
/// Internal
TSS_REGISTER_ERROR(eInternal(), _T("Internal error."))
TSS_REGISTER_ERROR( eInternal(), _T("Internal error.") )
/// General
TSS_REGISTER_ERROR(eErrorGeneral(), _T("General Error"));
TSS_REGISTER_ERROR(eOpen(), _T("File could not be opened."));
TSS_REGISTER_ERROR(eOpenRead(), _T("File could not be opened for reading."));
TSS_REGISTER_ERROR(eOpenWrite(), _T("File could not be opened for writing."));
TSS_REGISTER_ERROR(eBadModeSwitch(), _T("Unknown mode specified."));
TSS_REGISTER_ERROR(eBadCmdLine(), _T("Command line error."));
TSS_REGISTER_ERROR( eErrorGeneral(), _T("General Error") );
TSS_REGISTER_ERROR( eOpen(), _T("File could not be opened.") );
TSS_REGISTER_ERROR( eOpenRead(), _T("File could not be opened for reading.") );
TSS_REGISTER_ERROR( eOpenWrite(), _T("File could not be opened for writing.") );
TSS_REGISTER_ERROR( eBadModeSwitch(), _T("Unknown mode specified.") );
TSS_REGISTER_ERROR( eBadCmdLine(), _T("Command line error.") );
/// Archive
TSS_REGISTER_ERROR(eArchive(), _T("Archive error."))
TSS_REGISTER_ERROR(eArchiveOpen(), _T("File could not be opened."))
TSS_REGISTER_ERROR(eArchiveWrite(), _T("File could not be written."))
TSS_REGISTER_ERROR(eArchiveRead(), _T("File could not be read."))
TSS_REGISTER_ERROR(eArchiveEOF(), _T("End of file reached."))
TSS_REGISTER_ERROR(eArchiveSeek(), _T("File seek failed."))
TSS_REGISTER_ERROR(eArchiveMemmap(), _T("Memory mapped archive file invalid."))
TSS_REGISTER_ERROR(eArchiveOutOfMem(), _T("Archive ran out of memory."))
TSS_REGISTER_ERROR(eArchiveInvalidOp(), _T("Archive logic error."))
TSS_REGISTER_ERROR(eArchiveFormat(), _T("Archive file format invalid."))
TSS_REGISTER_ERROR(eArchiveNotRegularFile(), _T("File is not a regular file."))
TSS_REGISTER_ERROR(eArchiveCrypto(), _T("File could not be decrypted."))
TSS_REGISTER_ERROR(eArchiveStringTooLong(), _T("String was too long."))
TSS_REGISTER_ERROR( eArchive(), _T("Archive error.") )
TSS_REGISTER_ERROR( eArchiveOpen(), _T("File could not be opened.") )
TSS_REGISTER_ERROR( eArchiveWrite(), _T("File could not be written.") )
TSS_REGISTER_ERROR( eArchiveRead(), _T("File could not be read.") )
TSS_REGISTER_ERROR( eArchiveEOF(), _T("End of file reached.") )
TSS_REGISTER_ERROR( eArchiveSeek(), _T("File seek failed.") )
TSS_REGISTER_ERROR( eArchiveMemmap(), _T("Memory mapped archive file invalid.") )
TSS_REGISTER_ERROR( eArchiveOutOfMem(), _T("Archive ran out of memory.") )
TSS_REGISTER_ERROR( eArchiveInvalidOp(),_T("Archive logic error.") )
TSS_REGISTER_ERROR( eArchiveFormat(), _T("Archive file format invalid.") )
TSS_REGISTER_ERROR( eArchiveNotRegularFile(), _T("File is not a regular file.") )
TSS_REGISTER_ERROR( eArchiveCrypto(), _T("File could not be decrypted.") )
TSS_REGISTER_ERROR( eArchiveStringTooLong(), _T("String was too long.") )
/// File
TSS_REGISTER_ERROR(eFile(), _T("File error."))
TSS_REGISTER_ERROR(eFileOpen(), _T("File could not be opened."))
TSS_REGISTER_ERROR(eFileWrite(), _T("File could not be written."))
TSS_REGISTER_ERROR(eFileRead(), _T("File could not be read."))
TSS_REGISTER_ERROR(eFileEOF(), _T("End of file reached."))
TSS_REGISTER_ERROR(eFileSeek(), _T("File seek failed."))
TSS_REGISTER_ERROR(eFileInvalidOp(), _T("File logic error."))
TSS_REGISTER_ERROR(eFileTrunc(), _T("File could not be truncated."))
TSS_REGISTER_ERROR(eFileClose(), _T("File could not be closed."))
TSS_REGISTER_ERROR(eFileFlush(), _T("File could not be flushed."))
TSS_REGISTER_ERROR(eFileRewind(), _T("File could not be rewound."))
TSS_REGISTER_ERROR( eFile(), _T("File error.") )
TSS_REGISTER_ERROR( eFileOpen(), _T("File could not be opened.") )
TSS_REGISTER_ERROR( eFileWrite(), _T("File could not be written.") )
TSS_REGISTER_ERROR( eFileRead(), _T("File could not be read.") )
TSS_REGISTER_ERROR( eFileEOF(), _T("End of file reached.") )
TSS_REGISTER_ERROR( eFileSeek(), _T("File seek failed.") )
TSS_REGISTER_ERROR( eFileInvalidOp(), _T("File logic error.") )
TSS_REGISTER_ERROR( eFileTrunc(), _T("File could not be truncated.") )
TSS_REGISTER_ERROR( eFileClose(), _T("File could not be closed.") )
TSS_REGISTER_ERROR( eFileFlush(), _T("File could not be flushed.") )
TSS_REGISTER_ERROR( eFileRewind(), _T("File could not be rewound.") )
/// General API failures
TSS_REGISTER_ERROR(eUnix(), _T("Unix API failure."))
/// Win32
#if IS_UNIX
TSS_REGISTER_ERROR(eUnix(), _T("Unix API failure.") )
#endif
/// FSServices
TSS_REGISTER_ERROR(eFSServices(), _T("File system error."))
TSS_REGISTER_ERROR(eFSServicesGeneric(), _T("File system error."))
TSS_REGISTER_ERROR( eFSServices(), _T("File system error.") )
TSS_REGISTER_ERROR( eFSServicesGeneric(),_T("File system error.") )
/// Serializer
TSS_REGISTER_ERROR(eSerializerUnknownType(),
_T("Unknown type encountered in file.\nFile format may not be valid for this platform."))
TSS_REGISTER_ERROR(eSerializerInputStreamFmt(), _T("Invalid input stream format."))
TSS_REGISTER_ERROR(eSerializerOutputStreamFmt(), _T("Invalid output stream format."))
TSS_REGISTER_ERROR(eSerializerInputStremTypeArray(), _T("A bad index was encountered in file."))
TSS_REGISTER_ERROR(eSerializerArchive(), _T("File read encountered an archive error."))
TSS_REGISTER_ERROR(eSerializerVersionMismatch(), _T("File version mismatch."))
TSS_REGISTER_ERROR(eSerializerEncryption(), _T("File encryption error."))
TSS_REGISTER_ERROR(eSerializer(), _T("File format error."))
TSS_REGISTER_ERROR( eSerializerUnknownType(), _T("Unknown type encountered in file.\nFile format may not be valid for this platform.") )
TSS_REGISTER_ERROR( eSerializerInputStreamFmt(), _T("Invalid input stream format.") )
TSS_REGISTER_ERROR( eSerializerOutputStreamFmt(), _T("Invalid output stream format.") )
TSS_REGISTER_ERROR( eSerializerInputStremTypeArray(), _T("A bad index was encountered in file.") )
TSS_REGISTER_ERROR( eSerializerArchive(), _T("File read encountered an archive error.") )
TSS_REGISTER_ERROR( eSerializerVersionMismatch(), _T("File version mismatch.") )
TSS_REGISTER_ERROR( eSerializerEncryption(), _T("File encryption error.") )
TSS_REGISTER_ERROR( eSerializer(), _T("File format error.") )
/// Command Line
TSS_REGISTER_ERROR(eCmdLine(), _T("Command line parsing error."))
TSS_REGISTER_ERROR(eCmdLineInvalidArg(), _T("Invalid argument passed on command line."))
TSS_REGISTER_ERROR(eCmdLineBadArgParam(), _T("Incorrect number of parameters to a command line argument."))
TSS_REGISTER_ERROR(eCmdLineBadParam(), _T("Incorrect number of parameters on command line."))
TSS_REGISTER_ERROR(eCmdLineBadSwitchPos(), _T("Switch appears after final command line parameter."))
TSS_REGISTER_ERROR(eCmdLineMutEx(), _T("Specified command line switches are mutually exclusive."))
TSS_REGISTER_ERROR(eCmdLineDependency(), _T("Command line parameter missing."))
TSS_REGISTER_ERROR(eCmdLineMultiArg(), _T("Command line argument specified more than once."))
TSS_REGISTER_ERROR( eCmdLine(), _T("Command line parsing error.") )
TSS_REGISTER_ERROR( eCmdLineInvalidArg(), _T("Invalid argument passed on command line.") )
TSS_REGISTER_ERROR( eCmdLineBadArgParam(), _T("Incorrect number of parameters to a command line argument.") )
TSS_REGISTER_ERROR( eCmdLineBadParam(), _T("Incorrect number of parameters on command line.") )
TSS_REGISTER_ERROR( eCmdLineBadSwitchPos(), _T("Switch appears after final command line parameter.") )
TSS_REGISTER_ERROR( eCmdLineMutEx(), _T("Specified command line switches are mutually exclusive.") )
TSS_REGISTER_ERROR( eCmdLineDependency(), _T("Command line parameter missing.") )
TSS_REGISTER_ERROR( eCmdLineMultiArg(), _T("Command line argument specified more than once.") )
/// TWLocale
TSS_REGISTER_ERROR(eTWLocale(), _T("Localization error."))
TSS_REGISTER_ERROR(eTWLocaleBadNumFormat(), _T("Bad number format."))
TSS_REGISTER_ERROR( eTWLocale(), _T("Localization error.") )
TSS_REGISTER_ERROR( eTWLocaleBadNumFormat(),_T("Bad number format.") )
/// Character Handling (defined in ntmbs.h)
TSS_REGISTER_ERROR(eCharacter(), _T("General Character Handling Error."))
TSS_REGISTER_ERROR(eCharacterEncoding(), _T("Character Encoding Error."))
TSS_REGISTER_ERROR( eCharacter(), _T("General Character Handling Error.") )
TSS_REGISTER_ERROR( eCharacterEncoding(), _T("Character Encoding Error.") )
/// Character Conversion Handling (defined in <codeconvert.h>)
TSS_REGISTER_ERROR(eConverter(), _T("General conversion error."))
TSS_REGISTER_ERROR(eConverterReset(), _T("Converter handle could not be reset."))
TSS_REGISTER_ERROR(eConverterFatal(), _T("Catastrophic conversion error."))
TSS_REGISTER_ERROR(eConverterUnsupportedConversion(), _T("Unsupported character conversion."))
TSS_REGISTER_ERROR(eConverterUnknownCodepage(), _T("Could not identify code page."))
TSS_REGISTER_ERROR( eConverter(), _T("General conversion error.") )
TSS_REGISTER_ERROR( eConverterReset(), _T("Converter handle could not be reset.") )
TSS_REGISTER_ERROR( eConverterFatal(), _T("Catastrophic conversion error.") )
TSS_REGISTER_ERROR( eConverterUnsupportedConversion(), _T("Unsupported character conversion.") )
TSS_REGISTER_ERROR( eConverterUnknownCodepage(), _T("Could not identify code page.") )
//
// Display Encoder
//
TSS_REGISTER_ERROR(eEncoder(), _T("Display encoder error."))
TSS_REGISTER_ERROR(eBadDecoderInput(), _T("Bad input to display encoder."))
TSS_REGISTER_ERROR(eBadHexConversion(), _T("Bad hex conversion in display encoder."))
TSS_REGISTER_ERROR(eUnknownEscapeEncoding(), _T("Unknown encoding in display encoder input."))
TSS_REGISTER_ERROR( eEncoder(), _T("Display encoder error.") )
TSS_REGISTER_ERROR( eBadDecoderInput(), _T("Bad input to display encoder.") )
TSS_REGISTER_ERROR( eBadHexConversion(), _T("Bad hex conversion in display encoder.") )
TSS_REGISTER_ERROR( eUnknownEscapeEncoding(), _T("Unknown encoding in display encoder input.") )
TSS_END_ERROR_REGISTRATION()

7
src/core/coreerrors.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -41,7 +41,8 @@
#include "core/errortable.h"
TSS_DECLARE_ERROR_REGISTRATION(core)
TSS_DECLARE_ERROR_REGISTRATION( core )
#endif //__COREERRORS_H
#endif//__COREERRORS_H

58
src/core/corestrings.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -35,35 +35,39 @@
// Creator.: Robert DiFalco (rdifalco)
//
#include "stdcore.h" // for: pch (required by all core source modules)
#include "corestrings.h" // for: cCore and core::STR_IDS
#include "stdcore.h" // for: pch (required by all core source modules)
#include "corestrings.h" // for: cCore and core::STR_IDS
TSS_BeginStringtable(cCore)
TSS_BeginStringtable( cCore )
TSS_StringEntry(core::STR_ERR2_ARCH_CRYPTO_ERR, _T("File could not be decrypted.")),
TSS_StringEntry(core::STR_ERR2_BAD_ARG_PARAMS, _T("Argument: ")),
TSS_StringEntry(core::STR_ERROR_ERROR, _T("### Error")),
TSS_StringEntry(core::STR_ERROR_WARNING, _T("### Warning")), TSS_StringEntry(core::STR_ERROR_COLON, _T(":")),
TSS_StringEntry(core::STR_ERROR_HEADER, _T("### ")), TSS_StringEntry(core::STR_ERROR_EXITING, _T("Exiting...")),
TSS_StringEntry(core::STR_ERROR_CONTINUING, _T("Continuing...")),
TSS_StringEntry(core::STR_ERR2_FILENAME, _T("Filename: ")),
TSS_StringEntry(core::STR_ERROR_FILENAME, _T("Filename: ")), TSS_StringEntry(core::STR_UNKNOWN, _T("Unknown")),
TSS_StringEntry(core::STR_NUMBER_TOO_BIG, _T("Number too big")),
TSS_StringEntry(core::STR_SIGNAL, _T("Software interrupt forced exit:")),
TSS_StringEntry(core::STR_NEWLINE, _T("\n")),
TSS_StringEntry(core::STR_MEMARCHIVE_FILENAME, _T("Error occured in internal memory file")),
TSS_StringEntry(core::STR_MEMARCHIVE_ERRSTR, _T("")),
TSS_StringEntry(core::STR_ENDOFTIME, _T("Tripwire is not designed to run past the year 2038.\nNow exiting...")),
TSS_StringEntry(core::STR_UNKNOWN_TIME, _T("Unknown time")),
TSS_StringEntry(
core::STR_BAD_TEMPDIRECTORY,
_T("Solution: Check existence/permissions for directory specified by TEMPDIRECTORY in config file")),
TSS_StringEntry( core::STR_ERR2_ARCH_CRYPTO_ERR, _T("File could not be decrypted.") ),
TSS_StringEntry( core::STR_ERR2_BAD_ARG_PARAMS, _T("Argument: ") ),
TSS_StringEntry( core::STR_ERROR_ERROR, _T("### Error") ),
TSS_StringEntry( core::STR_ERROR_WARNING, _T("### Warning") ),
TSS_StringEntry( core::STR_ERROR_COLON, _T(":") ),
TSS_StringEntry( core::STR_ERROR_HEADER, _T("### ") ),
TSS_StringEntry( core::STR_ERROR_EXITING, _T("Exiting...") ),
TSS_StringEntry( core::STR_ERROR_CONTINUING, _T("Continuing...") ),
TSS_StringEntry( core::STR_ERR2_FILENAME, _T("Filename: ") ),
TSS_StringEntry( core::STR_ERROR_FILENAME, _T("Filename: ") ),
TSS_StringEntry( core::STR_UNKNOWN, _T("Unknown") ),
TSS_StringEntry( core::STR_NUMBER_TOO_BIG, _T("Number too big") ),
TSS_StringEntry( core::STR_SIGNAL, _T("Software interrupt forced exit:") ),
TSS_StringEntry( core::STR_NEWLINE, _T("\n") ),
TSS_StringEntry( core::STR_MEMARCHIVE_FILENAME, _T("Error occured in internal memory file") ),
TSS_StringEntry( core::STR_MEMARCHIVE_ERRSTR, _T("") ),
TSS_StringEntry( core::STR_ENDOFTIME, _T("Tripwire is not designed to run past the year 2038.\nNow exiting...") ),
TSS_StringEntry( core::STR_UNKNOWN_TIME, _T("Unknown time") ),
TSS_StringEntry( core::STR_BAD_TEMPDIRECTORY, _T("Solution: Check existence/permissions for directory specified by TEMPDIRECTORY in config file") ),
/// Particularly useful for eCharacter and eCharacterEncoding
TSS_StringEntry(core::STR_ERR_ISNULL, _T("Argument cannot be null.")),
TSS_StringEntry(core::STR_ERR_OVERFLOW, _T("An overflow has been detected.")),
TSS_StringEntry(core::STR_ERR_UNDERFLOW, _T("An underflow has been detected.")),
TSS_StringEntry(core::STR_ERR_BADCHAR, _T("Input contained an invalid character."))
TSS_StringEntry( core::STR_ERR_ISNULL, _T("Argument cannot be null.") ),
TSS_StringEntry( core::STR_ERR_OVERFLOW, _T("An overflow has been detected.") ),
TSS_StringEntry( core::STR_ERR_UNDERFLOW, _T("An underflow has been detected.") ),
TSS_StringEntry( core::STR_ERR_BADCHAR, _T("Input contained an invalid character.") )
TSS_EndStringtable(cCore)
TSS_EndStringtable( cCore )
// eof: corestrings.cpp

34
src/core/corestrings.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -40,24 +40,42 @@
#define __CORESTRINGS_H
#include "core.h" // for: STRINGTABLE syntax
#include "core.h" // for: STRINGTABLE syntax
//--Message Keys
TSS_BeginStringIds(core)
TSS_BeginStringIds( core )
STR_ERR2_ARCH_CRYPTO_ERR,
STR_ERR2_BAD_ARG_PARAMS, STR_ERROR_ERROR, STR_ERROR_WARNING, STR_ERROR_COLON, STR_ERROR_HEADER, STR_ERROR_EXITING,
STR_ERROR_CONTINUING, STR_ERR2_FILENAME, STR_ERROR_FILENAME, STR_NUMBER_TOO_BIG, STR_UNKNOWN, STR_SIGNAL,
STR_NEWLINE, STR_MEMARCHIVE_FILENAME, STR_MEMARCHIVE_ERRSTR, STR_ENDOFTIME, STR_UNKNOWN_TIME, STR_BAD_TEMPDIRECTORY,
STR_ERR2_BAD_ARG_PARAMS,
STR_ERROR_ERROR,
STR_ERROR_WARNING,
STR_ERROR_COLON,
STR_ERROR_HEADER,
STR_ERROR_EXITING,
STR_ERROR_CONTINUING,
STR_ERR2_FILENAME,
STR_ERROR_FILENAME,
STR_NUMBER_TOO_BIG,
STR_UNKNOWN,
STR_SIGNAL,
STR_NEWLINE,
STR_MEMARCHIVE_FILENAME,
STR_MEMARCHIVE_ERRSTR,
STR_ENDOFTIME,
STR_UNKNOWN_TIME,
STR_BAD_TEMPDIRECTORY,
/// Particularly useful for eCharacterSet and eCharacterEncoding
STR_ERR_ISNULL, STR_ERR_OVERFLOW, STR_ERR_UNDERFLOW,
STR_ERR_ISNULL,
STR_ERR_OVERFLOW,
STR_ERR_UNDERFLOW,
STR_ERR_BADCHAR
TSS_EndStringIds(core)
TSS_EndStringIds( core )
#endif //__CORESTRINGS_H

2
src/core/crc32.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//

2
src/core/crc32.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//

71
src/core/debug.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -37,17 +37,17 @@
#ifdef DEBUG
# ifndef va_start
# include <cstdarg>
# endif
#ifndef va_start
#include <cstdarg>
#endif
#include <cwchar>
#include <fstream>
#include <cstdio>
int cDebug::mDebugLevel(10);
uint32 cDebug::mOutMask(cDebug::OUT_TRACE);
int cDebug::mDebugLevel(10);
uint32 cDebug::mOutMask(cDebug::OUT_TRACE);
std::ofstream cDebug::logfile;
//mDebugLevel default == 10, mOutMask default == OUT_TRACE.
//mDebugLevel default == 10, mOutMask default == OUT_TRACE.
///////////////////////////////////////////////////////////////////////////////
// Constructors and Destructor
@ -61,14 +61,14 @@ cDebug::cDebug(const char* label)
mLabel[cnt] = '\0';
}
cDebug::cDebug(const cDebug& rhs)
cDebug::cDebug(const cDebug &rhs)
{
strncpy(mLabel, rhs.mLabel, MAX_LABEL);
strcpy(mLabel, rhs.mLabel);
}
cDebug::~cDebug()
{
if (logfile)
if(logfile)
logfile.close();
}
///////////////////////////////////////////////////////////////////////////////
@ -86,6 +86,7 @@ void cDebug::Trace(int levelNum, const char* format, ...)
va_start(args, format);
DoTrace(format, args);
va_end(args);
}
@ -95,13 +96,13 @@ void cDebug::Trace(int levelNum, const char* format, ...)
// console, etc...
///////////////////////////////////////////////////////////////////////////////
void cDebug::DoTrace(const char* format, va_list& args)
void cDebug::DoTrace(const char *format, va_list &args)
{
size_t guard1 = 0xBABABABA;
char out[2048];
char out[2048];
size_t guard2 = 0xBABABABA;
vsnprintf(out, 2048, format, args);
vsprintf(out, format, args);
ASSERT(guard1 == 0xBABABABA && guard2 == 0xBABABABA); // string was too long
ASSERT(strlen(out) < 1024);
@ -134,14 +135,14 @@ void cDebug::DoTrace(const char* format, va_list& args)
logfile.flush();
}
}
# ifdef DEBUG
#ifdef DEBUG
//
// wrappers around Trace() that requires less typing
// TODO: this is quick and dirty, but lets me check in all these files right away. --ghk
//
void cDebug::TraceAlways(const char* format, ...)
void cDebug::TraceAlways(const char *format, ...)
{
if (D_ALWAYS > mDebugLevel)
return;
@ -153,7 +154,7 @@ void cDebug::TraceAlways(const char* format, ...)
va_end(args);
}
void cDebug::TraceError(const char* format, ...)
void cDebug::TraceError(const char *format, ...)
{
if (D_ERROR > mDebugLevel)
return;
@ -165,7 +166,7 @@ void cDebug::TraceError(const char* format, ...)
va_end(args);
}
void cDebug::TraceWarning(const char* format, ...)
void cDebug::TraceWarning(const char *format, ...)
{
if (D_WARNING > mDebugLevel)
return;
@ -177,7 +178,7 @@ void cDebug::TraceWarning(const char* format, ...)
va_end(args);
}
void cDebug::TraceDebug(const char* format, ...)
void cDebug::TraceDebug(const char *format, ...)
{
if (D_DEBUG > mDebugLevel)
return;
@ -189,7 +190,7 @@ void cDebug::TraceDebug(const char* format, ...)
va_end(args);
}
void cDebug::TraceDetail(const char* format, ...)
void cDebug::TraceDetail(const char *format, ...)
{
if (D_DETAIL > mDebugLevel)
return;
@ -201,7 +202,7 @@ void cDebug::TraceDetail(const char* format, ...)
va_end(args);
}
void cDebug::TraceNever(const char* format, ...)
void cDebug::TraceNever(const char *format, ...)
{
if (D_NEVER > mDebugLevel)
return;
@ -213,12 +214,12 @@ void cDebug::TraceNever(const char* format, ...)
va_end(args);
}
void cDebug::TraceVaArgs(int iDebugLevel, const char* format, va_list& args)
void cDebug::TraceVaArgs( int iDebugLevel, const char *format, va_list &args )
{
if (iDebugLevel <= mDebugLevel)
DoTrace(format, args);
if ( iDebugLevel <= mDebugLevel )
DoTrace( format, args);
}
# endif // DEBUG
#endif // DEBUG
///////////////////////////////////////////////////////////////////////////////
// AddOutTarget -- Attempts to add a new target for trace/debug output.
@ -230,8 +231,7 @@ bool cDebug::AddOutTarget(OutTarget target)
mOutMask |= OUT_STDOUT;
if (target == OUT_TRACE)
mOutMask |= OUT_TRACE;
if (target == OUT_FILE)
{
if (target == OUT_FILE) {
mOutMask |= OUT_FILE;
return false;
}
@ -283,15 +283,13 @@ bool cDebug::SetOutputFile(const char* filename)
logfile.open(filename, std::ios_base::out | std::ios_base::ate | std::ios_base::app);
else
logfile.setf(std::ios_base::hex, std::ios_base::basefield);
//make sure info. will not be clobbered.
//make sure info. will not be clobbered.
//Should be open now- if not, abort.
if (!logfile)
{
if (!logfile) {
mOutMask ^= OUT_FILE;
return false;
}
else
} else
mOutMask |= OUT_FILE;
return true;
}
@ -300,18 +298,18 @@ bool cDebug::SetOutputFile(const char* filename)
// DebugOut -- Works just like TRACE. note: there is an internal buffer size
// of 1024; traces larger than that will have unpredictable results.
//////////////////////////////////////////////////////////////////////////////
void cDebug::DebugOut(const char* lpOutputString, ...)
void cDebug::DebugOut( const char* lpOutputString, ... )
{
char buf[2048];
// create the output buffer
va_list args;
va_start(args, lpOutputString);
vsnprintf(buf, 2048, lpOutputString, args);
vsprintf(buf, lpOutputString, args);
va_end(args);
# ifdef DEBUG
TCERR << buf;
# endif //_DEBUG
#ifdef _DEBUG
TCERR << buf;
#endif //_DEBUG
TCOUT.flush();
}
@ -320,3 +318,4 @@ void cDebug::DebugOut(const char* lpOutputString, ...)
//////////////////////////////////////////////////////////////////////////////////
// ASSERT macro support function
//////////////////////////////////////////////////////////////////////////////////

211
src/core/debug.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -40,17 +40,19 @@
#include <assert.h>
#include <iostream>
/* Do it in this order, because autoconf checks for <stdarg.h>
* first i.e. if HAVE_VARARGS_H is defined, it is only because
* <stdarg.h> couldn't be found.
*/
#ifdef HAVE_VARARGS_H
#include <varargs.h>
# include <varargs.h>
#else
# ifdef HAVE_STDARG_H
# include <stdarg.h>
# endif
# ifdef HAVE_STDARG_H
# include <stdarg.h>
# endif
#endif
#include "types.h"
@ -78,19 +80,19 @@ class cDebug
public:
enum OutTarget
{
OUT_STDOUT = 1,
OUT_TRACE = 2,
OUT_FILE = 4
OUT_STDOUT = 1,
OUT_TRACE = 2,
OUT_FILE = 4
};
enum DebugLevel
{
D_ALWAYS = 0,
D_ERROR = 1,
D_WARNING = 4,
D_DEBUG = 8,
D_DETAIL = 16,
D_NEVER = 1000
D_ERROR = 1,
D_WARNING = 4,
D_DEBUG = 8,
D_DETAIL = 16,
D_NEVER = 1000
};
cDebug(const char* pLabel);
@ -105,62 +107,60 @@ public:
// The wide character overloads of these functions will expect wide strings
// for %s options.
//
void TraceAlways(const char* format, ...);
void TraceError(const char* format, ...);
void TraceWarning(const char* format, ...);
void TraceDebug(const char* format, ...);
void TraceDetail(const char* format, ...);
void TraceNever(const char* format, ...);
void TraceAlways (const char *format, ...);
void TraceError (const char *format, ...);
void TraceWarning (const char *format, ...);
void TraceDebug (const char *format, ...);
void TraceDetail (const char *format, ...);
void TraceNever (const char *format, ...);
// these are of use if you are inside a function with a "..." as an argument
// and you want to trace those args
void TraceVaArgs(int iDebugLevel, const char* format, va_list& args);
void TraceVaArgs (int iDebugLevel, const char *format, va_list &args);
// ...but you can still choose to use this interface...
void Trace(int levelNum, const char* format, ...);
// Outputs based on levelnum. If levelnum <= global debug, print.
// Outputs based on levelnum. If levelnum <= global debug, print.
public:
static bool AddOutTarget(OutTarget target);
static bool RemoveOutTarget(OutTarget target);
// used to specify the out target....
static bool HasOutTarget(OutTarget target);
static bool SetOutputFile(const char* filename);
// specifies the output file name used when OUT_FILE is set
static void SetDebugLevel(int level);
static int GetDebugLevel(void);
// gets and sets the global debug level. Trace output at or below this
// level will be output.
static bool AddOutTarget (OutTarget target);
static bool RemoveOutTarget (OutTarget target);
// used to specify the out target....
static bool HasOutTarget (OutTarget target);
static void DebugOut(const char* lpOutputString, ...);
// Works just like TRACE
// note: there is an internal buffer size of 1024; traces larger
// than that will have unpredictable and probably bad results
static bool SetOutputFile (const char* filename);
// specifies the output file name used when OUT_FILE is set
static void SetDebugLevel (int level);
static int GetDebugLevel (void);
// gets and sets the global debug level. Trace output at or below this
// level will be output.
static void DebugOut ( const char* lpOutputString, ... );
// Works just like TRACE
// note: there is an internal buffer size of 1024; traces larger
// than that will have unpredictable and probably bad results
private:
#ifdef DEBUG
enum
{
MAX_LABEL = 128
};
enum { MAX_LABEL = 128 };
static int mDebugLevel;
static uint32 mOutMask;
static std::ofstream logfile;
char mLabel[MAX_LABEL];
static int mDebugLevel;
static uint32 mOutMask;
static std::ofstream logfile;
char mLabel[MAX_LABEL];
// helper functions
void DoTrace(const char* format, va_list& args);
void DoTrace(const char *format, va_list &args);
#endif
};
#ifdef DEBUG
# define TRACE cDebug::DebugOut
#ifdef _DEBUG
#define TRACE cDebug::DebugOut
#else
# define TRACE 1 ? (void)0 : cDebug::DebugOut
#endif // DEBUG
#define TRACE 1 ? (void)0 : cDebug::DebugOut
#endif // _DEBUG
//////////////////////////////////////////////////////////////////////////////////
// inline implementation
@ -179,90 +179,57 @@ inline int cDebug::GetDebugLevel()
return mDebugLevel;
}
# else // DEBUG
#else // DEBUG
inline cDebug::cDebug(const char*)
{
}
inline cDebug::~cDebug()
{
}
inline cDebug::cDebug(const cDebug&)
{
}
inline void cDebug::TraceAlways(const char*, ...)
{
}
inline void cDebug::TraceError(const char*, ...)
{
}
inline void cDebug::TraceWarning(const char*, ...)
{
}
inline void cDebug::TraceDebug(const char*, ...)
{
}
inline void cDebug::TraceDetail(const char*, ...)
{
}
inline void cDebug::TraceNever(const char*, ...)
{
}
inline void cDebug::TraceVaArgs(int, const char*, va_list&)
{
}
inline void cDebug::Trace(int, const char*, ...)
{
}
inline bool cDebug::AddOutTarget(OutTarget)
{
return false;
}
inline bool cDebug::RemoveOutTarget(OutTarget)
{
return false;
}
inline bool cDebug::HasOutTarget(OutTarget)
{
return false;
}
inline bool cDebug::SetOutputFile(const char*)
{
return false;
}
inline void cDebug::SetDebugLevel(int)
{
}
inline int cDebug::GetDebugLevel(void)
{
return 0;
}
inline void cDebug::DebugOut(const char*, ...)
{
}
inline cDebug::cDebug (const char *) {}
inline cDebug::~cDebug () {}
inline cDebug::cDebug (const cDebug&) {}
inline void cDebug::TraceAlways (const char *, ...) {}
inline void cDebug::TraceError (const char *, ...) {}
inline void cDebug::TraceWarning (const char *, ...) {}
inline void cDebug::TraceDebug (const char *, ...) {}
inline void cDebug::TraceDetail (const char *, ...) {}
inline void cDebug::TraceNever (const char *, ...) {}
inline void cDebug::TraceVaArgs (int, const char *, va_list &) {}
inline void cDebug::Trace (int, const char*, ...) {}
inline bool cDebug::AddOutTarget (OutTarget) { return false; }
inline bool cDebug::RemoveOutTarget (OutTarget) { return false; }
inline bool cDebug::HasOutTarget (OutTarget) { return false; }
inline bool cDebug::SetOutputFile (const char*) { return false; }
inline void cDebug::SetDebugLevel (int) {}
inline int cDebug::GetDebugLevel (void) { return 0; }
inline void cDebug::DebugOut ( const char*, ... ) {}
#endif // DEBUG
# endif // DEBUG
//////////////////////////////////////////////////////////////////////////////////
// ASSERT macro
//////////////////////////////////////////////////////////////////////////////////
# define ASSERTMSG(exp, s) assert((exp) != 0)
# define ASSERT(exp) assert((exp) != 0)
// if we are not windows we will just use the standard assert()
# define TSS_DebugBreak() ASSERT(false);
# ifndef ASSERT
# error ASSERT did not get defined!!!
# endif
#if IS_UNIX
# ifndef ASSERTMSG
# error ASSERTMSG did not get defined!!!
# endif
#define ASSERTMSG( exp, s ) assert( (exp) != 0 )
#define ASSERT( exp ) assert( (exp) != 0 )
// if we are not windows we will just use the standard assert()
#define TSS_DebugBreak() ASSERT( false );
# ifndef TSS_DebugBreak
# error TSS_DebugBreak did not get defined!!!
# endif
#endif// IS_UNIX
#ifndef ASSERT
#error ASSERT did not get defined!!!
#endif
#ifndef ASSERTMSG
#error ASSERTMSG did not get defined!!!
#endif
#ifndef TSS_DebugBreak
#error TSS_DebugBreak did not get defined!!!
#endif
#endif //__DEBUG_H

599
src/core/displayencoder.cpp
View File

File diff suppressed because it is too large Load Diff

140
src/core/displayencoder.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -40,10 +40,10 @@
// EXCEPTION DECLARATION
//=========================================================================
TSS_EXCEPTION(eEncoder, eError);
TSS_EXCEPTION(eBadDecoderInput, eEncoder);
TSS_EXCEPTION(eBadHexConversion, eEncoder);
TSS_EXCEPTION(eUnknownEscapeEncoding, eEncoder);
TSS_EXCEPTION( eEncoder, eError );
TSS_EXCEPTION( eBadDecoderInput, eEncoder );
TSS_EXCEPTION( eBadHexConversion, eEncoder );
TSS_EXCEPTION( eUnknownEscapeEncoding, eEncoder );
//=========================================================================
// DECLARATION OF CLASSES
@ -59,97 +59,102 @@ class iCharEncoder;
// as long as AllIdentifiersUnique and OnlyOneCatagoryPerChar are true
class cEncoder
{
public:
enum Encodings
{
NON_NARROWABLE = 0x01, // WC -> MB, MB alway narrowable:
NON_PRINTABLE = 0x02,
BACKSLASH = 0x04,
DBL_QUOTE = 0x08
};
public:
enum Encodings
{
NON_NARROWABLE = 0x01, // WC -> MB, MB alway narrowable:
NON_PRINTABLE = 0x02,
BACKSLASH = 0x04,
DBL_QUOTE = 0x08
};
enum Flags
{
ROUNDTRIP = 0x01,
NON_ROUNDTRIP = 0x02,
ALLOW_WHITESPACE = 0x04
};
enum Flags
{
ROUNDTRIP = 0x01,
NON_ROUNDTRIP = 0x02,
ALLOW_WHITESPACE = 0x04
};
cEncoder(int e, int f); // mask of Encodings
virtual ~cEncoder();
cEncoder( int e, int f ); // mask of Encodings
virtual ~cEncoder();
void Encode(TSTRING& str) const;
void Decode(TSTRING& str) const; // TODO:BAM -- throw error!
void Encode( TSTRING& str ) const;
void Decode( TSTRING& str ) const; // TODO:BAM -- throw error!
void ValidateSchema() const;
bool OnlyOneCatagoryPerChar() const;
bool AllIdentifiersUnique() const;
bool AllTestsRunOnEncodedString(const TSTRING& str) const;
void ValidateSchema() const;
bool OnlyOneCatagoryPerChar() const;
bool AllIdentifiersUnique() const;
bool AllTestsRunOnEncodedString( const TSTRING& str ) const;
private:
typedef std::vector<iCharEncoder*> sack_type;
private:
typedef std::vector< iCharEncoder* > sack_type;
TSTRING
Encode(TSTRING::const_iterator first, TSTRING::const_iterator last, sack_type::const_iterator encoding) const;
TSTRING Encode( TSTRING::const_iterator first,
TSTRING::const_iterator last,
sack_type::const_iterator encoding ) const;
bool RoundTrip() const;
bool AllowWhiteSpace() const;
bool RoundTrip() const;
bool AllowWhiteSpace() const;
sack_type m_encodings;
int m_fFlags;
sack_type m_encodings;
int m_fFlags;
};
// encodes ( BACKSLASH | DBL_QUOTE | NON_NARROWABLE | NON_PRINTABLE )
class cDisplayEncoder : public cEncoder
{
public:
cDisplayEncoder(Flags f = NON_ROUNDTRIP);
public:
cDisplayEncoder( Flags f = NON_ROUNDTRIP );
void Encode(TSTRING& str) const;
bool Decode(TSTRING& str) const;
void Encode( TSTRING& str ) const;
bool Decode( TSTRING& str ) const;
static TSTRING EncodeInline(const TSTRING& sIn)
{
TSTRING sOut = sIn;
cDisplayEncoder e;
e.Encode(sOut);
return sOut;
}
static TSTRING EncodeInline( const TSTRING& sIn )
{
TSTRING sOut = sIn;
cDisplayEncoder e;
e.Encode( sOut );
return sOut;
}
static TSTRING EncodeInlineAllowWS(const TSTRING& sIn)
{
TSTRING sOut = sIn;
cDisplayEncoder e((Flags)(NON_ROUNDTRIP | ALLOW_WHITESPACE));
e.Encode(sOut);
return sOut;
}
static TSTRING EncodeInlineAllowWS( const TSTRING& sIn )
{
TSTRING sOut = sIn;
cDisplayEncoder e( (Flags)( NON_ROUNDTRIP | ALLOW_WHITESPACE ) );
e.Encode( sOut );
return sOut;
}
};
class cCharEncoderUtil
{
public:
static bool IsPrintable(TCHAR ch);
static bool IsWhiteSpace(TCHAR ch);
public:
static TSTRING CharStringToHexValue(const TSTRING& str);
static bool IsPrintable( TCHAR ch );
static bool IsWhiteSpace( TCHAR ch );
static TSTRING HexValueToCharString(const TSTRING& str);
static TSTRING CharStringToHexValue( const TSTRING& str );
static TCHAR hex_to_char(TSTRING::const_iterator first, TSTRING::const_iterator last);
static TSTRING HexValueToCharString( const TSTRING& str );
static TSTRING char_to_hex(TCHAR ch);
static TCHAR hex_to_char( TSTRING::const_iterator first,
TSTRING::const_iterator last );
static TSTRING DecodeHexToChar(TSTRING::const_iterator* pcur, const TSTRING::const_iterator end);
static TSTRING char_to_hex( TCHAR ch );
static TSTRING DecodeHexToChar( TSTRING::const_iterator* pcur,
const TSTRING::const_iterator end );
enum
{
BYTE_AS_HEX__IN_TCHARS = 2,
BYTES_PER_TCHAR = sizeof(TCHAR),
TCHAR_AS_HEX__IN_TCHARS = BYTE_AS_HEX__IN_TCHARS * BYTES_PER_TCHAR
};
enum
{
BYTE_AS_HEX__IN_TCHARS = 2,
BYTES_PER_TCHAR = sizeof( TCHAR ),
TCHAR_AS_HEX__IN_TCHARS = BYTE_AS_HEX__IN_TCHARS * BYTES_PER_TCHAR
};
};
#endif //__DISPLAYENCODER_H
@ -236,3 +241,4 @@ typedef cDisplayEncoder_<TCHAR> cDisplayEncoder;
#endif //__DISPLAYENCODER_H
*/

30
src/core/displayutil.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -40,29 +40,29 @@
#include "ntmbs.h"
#include <iomanip>
TSTRING cDisplayUtil::FormatMultiLineString(const TSTRING& str, int nOffset, int nWidth)
TSTRING cDisplayUtil::FormatMultiLineString( const TSTRING& str, int nOffset, int nWidth )
{
TOSTRINGSTREAM sstr;
TSTRING strT;
bool fFirstLine = true;
for (TSTRING::const_iterator i = str.begin(); i != str.end(); i = *i ? i + 1 : i)
TSTRING strT;
bool fFirstLine = true;
for( TSTRING::const_iterator i = str.begin(); i != str.end(); i = *i ? i + 1 : i )
{
// return found -- add line to output string
if (_T('\n') == *i)
if( _T('\n') == *i )
{
// only do offset for strings after the first
if (fFirstLine)
if( fFirstLine )
{
fFirstLine = false;
}
else
{
// add offset
for (int j = 0; j < nOffset; j++)
for( int j = 0; j < nOffset; j++ )
sstr << _T(" ");
// set width
sstr << std::setw(nWidth);
sstr << std::setw( nWidth );
}
// add to stringstream
@ -74,7 +74,7 @@ TSTRING cDisplayUtil::FormatMultiLineString(const TSTRING& str, int nOffset, int
else
{
// add char to string
strT.append(i, (TSTRING::const_iterator)(*i ? i + 1 : i));
strT.append( i, (TSTRING::const_iterator)(*i ? i + 1 : i) );
}
}
@ -82,17 +82,19 @@ TSTRING cDisplayUtil::FormatMultiLineString(const TSTRING& str, int nOffset, int
// we want our client to be able to say "out << PropAsString() << endl;"
// add offset
if (!fFirstLine)
if( ! fFirstLine )
{
for (int j = 0; j < nOffset; j++)
for( int j = 0; j < nOffset; j++ )
sstr << _T(" ");
}
// set width
sstr << std::setw(nWidth);
sstr << std::setw( nWidth );
// now add last string
sstr << strT;
return (sstr.str());
return( sstr.str() );
}
// eof: displayutil.cpp

5
src/core/displayutil.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -41,7 +41,7 @@
class cDisplayUtil
{
public:
static TSTRING FormatMultiLineString(const TSTRING& str, int nOffset, int nWidth);
static TSTRING FormatMultiLineString( const TSTRING& str, int nOffset, int nWidth );
};
// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
@ -98,3 +98,4 @@ public:
// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
#endif // #ifndef __DISPLAYUTIL_H

12
src/core/error.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -39,11 +39,13 @@
///////////////////////////////////////////////////////////////////////////////
// CalcHash
///////////////////////////////////////////////////////////////////////////////
uint32 eError::CalcHash(const char* name)
uint32 eError::CalcHash( const char* name )
{
CRC_INFO crc;
crcInit(crc);
crcUpdate(crc, (const uint8*)name, strlen(name));
crcFinit(crc);
crcInit( crc );
crcUpdate( crc, (const uint8*)name, strlen( name ) );
crcFinit( crc );
return crc.crc;
}

161
src/core/error.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -42,13 +42,14 @@
class eError
{
public:
//-------------------------------------------------------------------------
// Construction and Assignment
//-------------------------------------------------------------------------
eError(const TSTRING& msg, uint32 flags = 0);
explicit eError(const eError& rhs);
explicit eError();
void operator=(const eError& rhs);
eError( const TSTRING& msg, uint32 flags = 0 );
explicit eError( const eError& rhs );
explicit eError();
void operator=( const eError& rhs );
//-------------------------------------------------------------------------
// Destruction
@ -59,54 +60,54 @@ public:
// Data Access
//-------------------------------------------------------------------------
virtual uint32 GetID() const = 0;
// returns a system wide unique identifier for this exception. See the
// macro below for the typical implementation of this method.
// This is used to associate the error with a string description of the
// error via the global error table.
// returns a system wide unique identifier for this exception. See the
// macro below for the typical implementation of this method.
// This is used to associate the error with a string description of the
// error via the global error table.
virtual TSTRING GetMsg() const;
// returns specific information about the error that occured. Provides
// additional information about the error described by GetID(). It should
// not provide any information redundant with GetID().
//
// The string passed to the constructor should be formated properly to
// be displayed as the "Second" part of an error message, or the derived
// class should override GetMsg() and return a string appropriate for display.
// returns specific information about the error that occured. Provides
// additional information about the error described by GetID(). It should
// not provide any information redundant with GetID().
//
// The string passed to the constructor should be formated properly to
// be displayed as the "Second" part of an error message, or the derived
// class should override GetMsg() and return a string appropriate for display.
uint32 GetFlags() const;
// Flags are defined below. Currently, these only have an impact on how errors are
// displayed.
// Flags are defined below. Currently, these only have an impact on how errors are
// displayed.
//-------------------------------------------------------------------------
// Flags
//-------------------------------------------------------------------------
enum Flag
{
NON_FATAL = 0x00000001, // displays "Error" or "Warning" ?
SUPRESS_THIRD_MSG = 0x00000002 // supresses the "continuing" or "exiting" message
NON_FATAL = 0x00000001, // displays "Error" or "Warning" ?
SUPRESS_THIRD_MSG = 0x00000002 // supresses the "continuing" or "exiting" message
};
void SetFlags(uint32 flags);
void SetFlags( uint32 flags );
//-------------------------------------------------------------------------
// Flag Convenience Methods
//-------------------------------------------------------------------------
void SetFatality(bool fatal);
bool IsFatal() const;
// Fatality is set to true by default when eError is constructed. But when an error
// it is put in an cErrorBucket chain it the code doing so may wish to set the fatality
// to non-fatal to indicate that the error is actually a warning and program flow
// is going to continue.
void SetSupressThird(bool supressThird);
bool SupressThird() const;
void SetFatality(bool fatal);
bool IsFatal() const;
// Fatality is set to true by default when eError is constructed. But when an error
// it is put in an cErrorBucket chain it the code doing so may wish to set the fatality
// to non-fatal to indicate that the error is actually a warning and program flow
// is going to continue.
void SetSupressThird(bool supressThird);
bool SupressThird() const;
//-------------------------------------------------------------------------
// Utility Methods
//-------------------------------------------------------------------------
static uint32 CalcHash(const char* name);
// calculates the CRC32 of the string passed in as name. This methods
// asserts that name is non null. This is used to generate unique IDs
// for errors.
static uint32 CalcHash( const char* name );
// calculates the CRC32 of the string passed in as name. This methods
// asserts that name is non null. This is used to generate unique IDs
// for errors.
//-------------------------------------------------------------------------
// Private Implementation
@ -128,51 +129,44 @@ protected:
///////////////////////////////////////////////////////////////////////////////
#if HAVE_GCC
# define TSS_BEGIN_EXCEPTION_EXPLICIT
#define TSS_BEGIN_EXCEPTION_EXPLICIT
#else
# define TSS_BEGIN_EXCEPTION_EXPLICIT explicit
#define TSS_BEGIN_EXCEPTION_EXPLICIT explicit
#endif
#define TSS_BEGIN_EXCEPTION(except, base) \
class except : public base \
{ \
public: \
except(const TSTRING& msg, uint32 flags = 0) : base(msg, flags) \
{ \
} \
TSS_BEGIN_EXCEPTION_EXPLICIT except(const except& rhs) : base(rhs) \
{ \
} \
explicit except() : base() \
{ \
} \
\
virtual uint32 GetID() const \
{ \
return CalcHash(#except); \
}
#define TSS_BEGIN_EXCEPTION( except, base ) \
class except : public base \
{\
public:\
except( const TSTRING& msg, uint32 flags = 0 ) \
: base( msg, flags ) {} \
TSS_BEGIN_EXCEPTION_EXPLICIT except( const except& rhs ) \
: base( rhs ) {} \
explicit except() : base() {} \
\
virtual uint32 GetID() const \
{\
return CalcHash( #except ); \
}\
#define TSS_END_EXCEPTION() \
} \
;
#define TSS_END_EXCEPTION( ) \
};
///////////////////////////////////////////////////////////////////////////////
// TSS_BEGIN_EXCEPTION_NO_CTOR
//
// Same as TSS_BEGIN_EXCEPTION, but doesn't define any ctors.
///////////////////////////////////////////////////////////////////////////////
#define TSS_BEGIN_EXCEPTION_NO_CTOR(except, base) \
class except : public base \
{ \
public: \
explicit except() : base() \
{ \
} \
\
virtual uint32 GetID() const \
{ \
return CalcHash(#except); \
}
#define TSS_BEGIN_EXCEPTION_NO_CTOR( except, base ) \
class except : public base \
{\
public:\
explicit except() : base() {} \
\
virtual uint32 GetID() const \
{\
return CalcHash( #except ); \
}\
///////////////////////////////////////////////////////////////////////////////
// TSS_EXCEPTION
@ -184,8 +178,8 @@ protected:
// TODO (mdb) -- do we want to cache the CRC? if we store it in a class static
// variable, then we will need to define it in the cpp file as well ...
///////////////////////////////////////////////////////////////////////////////
#define TSS_EXCEPTION(except, base) \
TSS_BEGIN_EXCEPTION(except, base) \
#define TSS_EXCEPTION( except, base ) \
TSS_BEGIN_EXCEPTION( except, base ) \
TSS_END_EXCEPTION()
//-----------------------------------------------------------------------------
@ -195,32 +189,41 @@ protected:
///////////////////////////////////////////////////////////////////////////////
// eError
///////////////////////////////////////////////////////////////////////////////
inline eError::eError(const TSTRING& msg, uint32 flags) : mMsg(msg), mFlags(flags)
inline eError::eError( const TSTRING& msg, uint32 flags )
: mMsg ( msg ),
mFlags ( flags )
{
}
///////////////////////////////////////////////////////////////////////////////
// eError
///////////////////////////////////////////////////////////////////////////////
inline eError::eError(const eError& rhs) : mMsg(rhs.mMsg), mFlags(rhs.mFlags)
inline eError::eError( const eError& rhs )
: mMsg ( rhs.mMsg ),
mFlags ( rhs.mFlags )
{
}
///////////////////////////////////////////////////////////////////////////////
// eError
///////////////////////////////////////////////////////////////////////////////
inline eError::eError() : mMsg(_T("")), mFlags(0)
inline eError::eError( )
: mMsg ( _T("") ),
mFlags ( 0 )
{
}
///////////////////////////////////////////////////////////////////////////////
// operator=
///////////////////////////////////////////////////////////////////////////////
inline void eError::operator=(const eError& rhs)
inline void eError::operator=( const eError& rhs )
{
mMsg = rhs.mMsg;
mFlags = rhs.mFlags;
mMsg = rhs.mMsg;
mFlags = rhs.mFlags;
}
///////////////////////////////////////////////////////////////////////////////
@ -228,6 +231,7 @@ inline void eError::operator=(const eError& rhs)
///////////////////////////////////////////////////////////////////////////////
inline eError::~eError()
{
}
///////////////////////////////////////////////////////////////////////////////
@ -249,7 +253,7 @@ inline uint32 eError::GetFlags() const
///////////////////////////////////////////////////////////////////////////////
// SetFlags
///////////////////////////////////////////////////////////////////////////////
inline void eError::SetFlags(uint32 flags)
inline void eError::SetFlags( uint32 flags )
{
mFlags = flags;
}
@ -271,6 +275,7 @@ inline void eError::SetFatality(bool fatal)
inline bool eError::IsFatal() const
{
return (mFlags & (uint32)NON_FATAL) == 0;
}
///////////////////////////////////////////////////////////////////////////////
@ -293,4 +298,6 @@ inline bool eError::SupressThird() const
}
#endif //__ERROR_H

24
src/core/errorbucket.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -57,23 +57,21 @@ class cErrorBucket
{
public:
cErrorBucket();
virtual ~cErrorBucket()
{
}
virtual ~cErrorBucket() {}
virtual void AddError(const eError& error);
// add an error to the bucket
// add an error to the bucket
cErrorBucket* GetChild();
// returns the bucket that the current bucket is chained to, or
// NULL if nothing is attached to it.
// returns the bucket that the current bucket is chained to, or
// NULL if nothing is attached to it.
cErrorBucket* SetChild(cErrorBucket* pNewChild);
// sets the child link of this bucket; returns the old link value
// sets the child link of this bucket; returns the old link value
protected:
virtual void HandleError(const eError& error) = 0;
// override this to implement error handling functionality specific to
// the derived class
// override this to implement error handling functionality specific to
// the derived class
cErrorBucket* mpChild;
};
@ -83,7 +81,8 @@ protected:
///////////////////
// cErrorBucket
///////////////////
inline cErrorBucket::cErrorBucket() : mpChild(0)
inline cErrorBucket::cErrorBucket() :
mpChild(0)
{
}
@ -95,8 +94,9 @@ inline cErrorBucket* cErrorBucket::GetChild()
inline cErrorBucket* cErrorBucket::SetChild(cErrorBucket* pNewChild)
{
cErrorBucket* pOldChild = mpChild;
mpChild = pNewChild;
mpChild = pNewChild;
return pOldChild;
}
#endif

104
src/core/errorbucketimpl.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -43,7 +43,7 @@
void cErrorBucket::AddError(const eError& error)
{
HandleError(error);
if (mpChild)
if(mpChild)
mpChild->AddError(error);
}
@ -52,8 +52,10 @@ void cErrorBucket::AddError(const eError& error)
//#############################################################################
void cErrorReporter::PrintErrorMsg(const eError& error, const TSTRING& strExtra)
{
cDisplayEncoder e((cDisplayEncoder::Flags)(cDisplayEncoder::NON_ROUNDTRIP | cDisplayEncoder::ALLOW_WHITESPACE));
TSTRING errStr;
cDisplayEncoder e(
(cDisplayEncoder::Flags) ( cDisplayEncoder::NON_ROUNDTRIP |
cDisplayEncoder::ALLOW_WHITESPACE ) );
TSTRING errStr;
//
// if the ID is zero, just return.
@ -66,18 +68,19 @@ void cErrorReporter::PrintErrorMsg(const eError& error, const TSTRING& strExtra)
// point is when we throw ePoly() with no constructor arguments. At some point we want
// to stop using the mechanism have non-printing errors, thus we leave in the ASSERT below.
// But we don't want to break any release code, thus we return on the next line - June 2, 1999 DMB.
ASSERT(error.GetID() != 0);
ASSERT( error.GetID() != 0 );
if (error.GetID() == 0)
if( error.GetID() == 0 )
return;
// "First Part" header
errStr = TSS_GetString(cCore, error.IsFatal() ? core::STR_ERROR_ERROR : core::STR_ERROR_WARNING);
errStr = TSS_GetString( cCore, error.IsFatal() ? core::STR_ERROR_ERROR
: core::STR_ERROR_WARNING );
if (errStr.empty())
{
TOSTRINGSTREAM strm;
ASSERT(sizeof(uint32) == sizeof(unsigned int)); // for cast on next line
ASSERT( sizeof( uint32 ) == sizeof(unsigned int) ); // for cast on next line
strm << _T("Unknown Error ID ") << (unsigned int)error.GetID();
errStr = strm.str();
}
@ -88,10 +91,10 @@ void cErrorReporter::PrintErrorMsg(const eError& error, const TSTRING& strExtra)
// "First Part" error string
TSTRING prependToSecond;
// #pragma message("errorbucketimpl.cpp needs a little help in the mb arena, with the findfirst/last and such")
// #pragma message("errorbucketimpl.cpp needs a little help in the mb arena, with the findfirst/last and such")
errStr = cErrorTable::GetInstance()->Get(error.GetID());
if (!errStr.empty())
errStr = cErrorTable::GetInstance()->Get( error.GetID() );
if(! errStr.empty())
{
// If the first part has a '\n' in it, we take everything following and prepend it to the
// second part. This was added to allow specifing a verbose string as the second part
@ -105,7 +108,7 @@ void cErrorReporter::PrintErrorMsg(const eError& error, const TSTRING& strExtra)
ASSERT(errStr.length() + len + 6 < 80); // line too big for terminal?
// Add 6 to account for "### ' and ': '
TCERR << TSS_GetString(cCore, core::STR_ERROR_COLON) << _T(" ") << errStr;
TCERR << TSS_GetString( cCore, core::STR_ERROR_COLON ) << _T(" ") << errStr;
TCERR << std::endl;
}
@ -114,14 +117,14 @@ void cErrorReporter::PrintErrorMsg(const eError& error, const TSTRING& strExtra)
const TCHAR SPACE = _T(' ');
errStr = prependToSecond + error.GetMsg() + strExtra;
e.Encode(errStr);
if (!errStr.empty())
e.Encode( errStr );
if (! errStr.empty())
{
do
{
// look for newline chars
TSTRING::size_type firstNewLine;
TSTRING currentStr = errStr.substr(0, (firstNewLine = errStr.find_first_of(_T('\n'))));
TSTRING currentStr = errStr.substr(0, (firstNewLine = errStr.find_first_of(_T('\n'))));
errStr.erase(0, (firstNewLine < errStr.length() ? firstNewLine + 1 : firstNewLine));
// break up the error string in case it is larger than screen width
@ -129,12 +132,11 @@ void cErrorReporter::PrintErrorMsg(const eError& error, const TSTRING& strExtra)
{
if (currentStr.length() <= (unsigned int)WIDTH)
{
TCERR << TSS_GetString(cCore, core::STR_ERROR_HEADER) << currentStr << std::endl;
TCERR << TSS_GetString( cCore, core::STR_ERROR_HEADER ) << currentStr << std::endl;
break;
}
TSTRING::size_type lastSpace =
currentStr.find_last_of(SPACE, currentStr.length() >= WIDTH - 1 ? WIDTH - 1 : TSTRING::npos);
TSTRING::size_type lastSpace = currentStr.find_last_of(SPACE, currentStr.length() >= WIDTH - 1 ? WIDTH - 1 : TSTRING::npos);
if (lastSpace == TSTRING::npos)
{
// can't find space to break at so this string will just have to be longer than screen width.
@ -146,21 +148,28 @@ void cErrorReporter::PrintErrorMsg(const eError& error, const TSTRING& strExtra)
lastSpace = currentStr.length();
}
TCERR << TSS_GetString(cCore, core::STR_ERROR_HEADER) << currentStr.substr(0, lastSpace) << std::endl;
TCERR << TSS_GetString( cCore, core::STR_ERROR_HEADER )
<< currentStr.substr( 0, lastSpace )
<< std::endl;
currentStr.erase(0, lastSpace + 1);
} while (!currentStr.empty());
} while (!errStr.empty());
currentStr.erase( 0, lastSpace + 1 );
}
while ( !currentStr.empty() );
}
while ( !errStr.empty() );
}
// "Third Part" print 'exiting' or 'continuing'
// note that we supress this part if the appropriate flag is set...
//
if ((error.GetFlags() & eError::SUPRESS_THIRD_MSG) == 0)
if( (error.GetFlags() & eError::SUPRESS_THIRD_MSG) == 0 )
{
TCERR << TSS_GetString(cCore, core::STR_ERROR_HEADER)
<< TSS_GetString(cCore, error.IsFatal() ? core::STR_ERROR_EXITING : core::STR_ERROR_CONTINUING)
<< std::endl;
TCERR << TSS_GetString( cCore, core::STR_ERROR_HEADER)
<< TSS_GetString(
cCore,
error.IsFatal()
? core::STR_ERROR_EXITING
: core::STR_ERROR_CONTINUING ) << std::endl;
}
}
@ -176,7 +185,9 @@ void cErrorTracer::HandleError(const eError& error)
{
cDebug d("cErrorTracer::HandleError");
d.TraceError(_T("%s : %s\n"), cErrorTable::GetInstance()->Get(error.GetID()).c_str(), error.GetMsg().c_str());
d.TraceError( _T("%s : %s\n"),
cErrorTable::GetInstance()->Get( error.GetID() ).c_str(),
error.GetMsg().c_str() );
}
//#############################################################################
@ -196,15 +207,17 @@ int cErrorQueue::GetNumErrors() const
void cErrorQueue::HandleError(const eError& error)
{
mList.push_back(ePoly(error));
mList.push_back( ePoly( error ) );
}
cErrorQueueIter::cErrorQueueIter(cErrorQueue& queue) : mList(queue.mList)
cErrorQueueIter::cErrorQueueIter(cErrorQueue& queue) :
mList(queue.mList)
{
SeekBegin();
}
cErrorQueueIter::cErrorQueueIter(const cErrorQueue& queue) : mList(((cErrorQueue*)&queue)->mList)
cErrorQueueIter::cErrorQueueIter(const cErrorQueue& queue)
: mList( ((cErrorQueue*)&queue)->mList )
{
SeekBegin();
}
@ -227,7 +240,7 @@ bool cErrorQueueIter::Done() const
const ePoly& cErrorQueueIter::GetError() const
{
ASSERT(!Done());
ASSERT(! Done());
return (*mIter);
}
@ -242,18 +255,19 @@ void cErrorQueue::Read(iSerializer* pSerializer, int32 version)
int32 size;
mList.clear();
pSerializer->ReadInt32(size);
for (int i = 0; i < size; ++i)
for(int i = 0; i < size; ++i)
{
int32 errorNumber;
TSTRING errorString;
int32 flags;
pSerializer->ReadInt32(errorNumber);
pSerializer->ReadString(errorString);
pSerializer->ReadInt32(flags);
pSerializer->ReadInt32 (errorNumber);
pSerializer->ReadString (errorString);
pSerializer->ReadInt32 (flags);
mList.push_back(ePoly(errorNumber, errorString, flags));
mList.push_back( ePoly( errorNumber, errorString, flags ) );
}
}
///////////////////////////////////////////////////////////////////////////////
@ -263,12 +277,13 @@ void cErrorQueue::Write(iSerializer* pSerializer) const
{
pSerializer->WriteInt32(mList.size());
ListType::const_iterator i;
for (i = mList.begin(); i != mList.end(); ++i)
for( i = mList.begin(); i != mList.end(); ++i)
{
pSerializer->WriteInt32((*i).GetID());
pSerializer->WriteInt32 ((*i).GetID());
pSerializer->WriteString((*i).GetMsg());
pSerializer->WriteInt32((*i).GetFlags());
pSerializer->WriteInt32 ((*i).GetFlags());
}
}
@ -277,14 +292,15 @@ void cErrorQueue::Write(iSerializer* pSerializer) const
///////////////////////////////////////////////////////////////////////////////
void cErrorQueue::TraceContents(int dl) const
{
if (dl < 0)
if(dl < 0)
dl = cDebug::D_DEBUG;
cDebug d("cFCOErrorQueue::TraceContents");
cDebug d("cFCOErrorQueue::TraceContents");
ListType::const_iterator i;
int counter = 0;
for (i = mList.begin(); i != mList.end(); i++, counter++)
int counter = 0;
for(i = mList.begin(); i != mList.end(); i++, counter++)
{
d.Trace(dl, _T("Error[%d]: num = %x string = %s\n"), counter, (*i).GetID(), (*i).GetMsg().c_str());
d.Trace(dl, _T("Error[%d]: num = %x string = %s\n") , counter, (*i).GetID(), (*i).GetMsg().c_str());
}
}

55
src/core/errorbucketimpl.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -67,15 +67,15 @@ class cErrorReporter : public cErrorBucket
{
public:
static void PrintErrorMsg(const eError& error, const TSTRING& strExtra = _T(""));
// function that HandleError() uses to print the error messages to stderr.
// this function uses the current authoritative format for error reporting, so
// other functions needing to display errors to the user should use this.
//
// function that HandleError() uses to print the error messages to stderr.
// this function uses the current authoritative format for error reporting, so
// other functions needing to display errors to the user should use this.
//
// NOTE:bam 5/7/99 -- I don't think the below is true anymore?
// NOTE:mdb -- if the error has an ID of zero, nothing will be printed. This
// is a way to throw a fatal error where the error reporting has already
// occurred.
// NOTE:bam 5/7/99 -- I don't think the below is true anymore?
// NOTE:mdb -- if the error has an ID of zero, nothing will be printed. This
// is a way to throw a fatal error where the error reporting has already
// occurred.
protected:
virtual void HandleError(const eError& error);
@ -100,18 +100,17 @@ protected:
class cErrorQueue : public cErrorBucket, public iTypedSerializable
{
friend class cErrorQueueIter;
public:
void Clear();
// remove all errors from the queue
// remove all errors from the queue
int GetNumErrors() const;
// returns how many errors are in the queue
// returns how many errors are in the queue
//
// iSerializable interface
//
virtual void Read(iSerializer* pSerializer, int32 version = 0); // throw (eSerializer, eArchive)
virtual void Write(iSerializer* pSerializer) const; // throw (eSerializer, eArchive)
virtual void Read (iSerializer* pSerializer, int32 version = 0); // throw (eSerializer, eArchive)
virtual void Write(iSerializer* pSerializer) const; // throw (eSerializer, eArchive)
//
// Debugging
@ -120,10 +119,9 @@ public:
protected:
virtual void HandleError(const eError& error);
private:
typedef std::list<ePoly> ListType;
ListType mList;
ListType mList;
DECLARE_TYPEDSERIALIZABLE()
};
@ -133,9 +131,7 @@ class cErrorQueueIter
public:
cErrorQueueIter(cErrorQueue& queue);
cErrorQueueIter(const cErrorQueue& queue);
~cErrorQueueIter()
{
}
~cErrorQueueIter() {}
// iteration methods
void SeekBegin();
@ -143,9 +139,9 @@ public:
bool Done() const;
// access to the error
const ePoly& GetError() const;
// both of these return results are undefined if the iterator
// is not valid (ie - IsDone() == true)
const ePoly& GetError() const;
// both of these return results are undefined if the iterator
// is not valid (ie - IsDone() == true)
private:
cErrorQueue::ListType& mList;
cErrorQueue::ListType::iterator mIter;
@ -157,14 +153,9 @@ private:
//////////////////////////////////////////////////////
class cErrorBucketNull : public cErrorBucket
{
virtual void AddError(const eError&)
{
}
virtual void AddError(const eError& ) {}
protected:
virtual void HandleError(const eError&)
{
}
virtual void HandleError(const eError& ) {}
};
//////////////////////////////////////////////////////
@ -174,10 +165,10 @@ protected:
class cErrorBucketPassThru : public cErrorBucket
{
protected:
virtual void HandleError(const eError&)
{
}
virtual void HandleError(const eError& ) {}
};
#endif

15
src/core/errorgeneral.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -38,11 +38,12 @@
#include "error.h"
TSS_EXCEPTION(eErrorGeneral, eError);
TSS_EXCEPTION(eOpen, eErrorGeneral);
TSS_EXCEPTION(eOpenRead, eErrorGeneral);
TSS_EXCEPTION(eOpenWrite, eErrorGeneral);
TSS_EXCEPTION(eBadCmdLine, eErrorGeneral);
TSS_EXCEPTION(eBadModeSwitch, eErrorGeneral);
TSS_EXCEPTION( eErrorGeneral, eError );
TSS_EXCEPTION( eOpen, eErrorGeneral );
TSS_EXCEPTION( eOpenRead, eErrorGeneral );
TSS_EXCEPTION( eOpenWrite, eErrorGeneral );
TSS_EXCEPTION( eBadCmdLine, eErrorGeneral );
TSS_EXCEPTION( eBadModeSwitch, eErrorGeneral );
#endif //#ifndef __ERRORGENERAL_H

18
src/core/errortable.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -35,7 +35,7 @@
#include "stdcore.h"
#include "errortable.h"
#ifdef DEBUG
#ifdef _DEBUG
#include "package.h"
#include "corestrings.h"
#endif
@ -52,7 +52,7 @@ cErrorTable* cErrorTable::GetInstance()
///////////////////////////////////////////////////////////////////////////////
// AssertMsgValidity
///////////////////////////////////////////////////////////////////////////////
#ifdef DEBUG
#ifdef _DEBUG
void cErrorTable::AssertMsgValidity(const TCHAR* msg)
{
// Check to see that the first part of this error message is not too long.
@ -64,18 +64,18 @@ void cErrorTable::AssertMsgValidity(const TCHAR* msg)
if (errSize == TSTRING::npos)
errSize = errStr.length();
# if 0 //TODO: Figure out how to do this properly.
#if 0 //TODO: Figure out how to do this properly.
TSTRING::size_type errorSize = TSS_GetString( cCore, core::STR_ERROR_ERROR ).length();
TSTRING::size_type warningSize = TSS_GetString( cCore, core::STR_ERROR_WARNING ).length();
TSTRING::size_type maxHeaderSize = (errorSize > warningSize ? errorSize : warningSize) + 6; // Add 6 to account for "### ' and ': '
# else
#else
// Sunpro got stuck in an infinite loop when we called GetString from this func;
TSTRING::size_type errorSize = 9;
TSTRING::size_type errorSize = 9;
TSTRING::size_type warningSize = 10;
TSTRING::size_type maxHeaderSize =
(errorSize > warningSize ? errorSize : warningSize) + 6; // Add 6 to account for "### ' and ': '
# endif
TSTRING::size_type maxHeaderSize = (errorSize > warningSize ? errorSize : warningSize) + 6; // Add 6 to account for "### ' and ': '
#endif
ASSERT(maxHeaderSize + errSize < 80);
}
#endif

43
src/core/errortable.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -59,25 +59,25 @@ public:
//
// Convenience Methods
//
void Put(const eError& e, const TCHAR* msg);
void Put( const eError& e, const TCHAR* msg );
//
// Singleton Interface
//
static cErrorTable* GetInstance();
private:
#ifdef DEBUG
#ifdef _DEBUG
static void AssertMsgValidity(const TCHAR* msg);
#endif
#endif
};
inline void cErrorTable::Put(const eError& e, const TCHAR* msg)
inline void cErrorTable::Put( const eError& e, const TCHAR* msg )
{
#ifdef DEBUG
#ifdef _DEBUG
AssertMsgValidity(msg);
#endif
#endif
inherited::Put(e.GetID(), msg);
inherited::Put( e.GetID(), msg );
}
//-----------------------------------------------------------------------------
@ -109,27 +109,32 @@ inline void cErrorTable::Put(const eError& e, const TCHAR* msg)
//===================
// cpp file macros
//===================
# define TSS_BEGIN_ERROR_REGISTRATION(pkgName) \
RegisterErrors##pkgName::RegisterErrors##pkgName() \
{
#define TSS_BEGIN_ERROR_REGISTRATION( pkgName ) \
RegisterErrors##pkgName::RegisterErrors##pkgName() \
{
# define TSS_REGISTER_ERROR(err, str) cErrorTable::GetInstance()->Put(err, str);
#define TSS_REGISTER_ERROR( err, str ) \
cErrorTable::GetInstance()->Put \
( err, str );
# define TSS_END_ERROR_REGISTRATION() }
#define TSS_END_ERROR_REGISTRATION() \
}
//===================
// h file macros
//===================
# define TSS_DECLARE_ERROR_REGISTRATION(pkgName) \
struct RegisterErrors##pkgName \
{ \
RegisterErrors##pkgName(); \
};
#define TSS_DECLARE_ERROR_REGISTRATION( pkgName ) \
struct RegisterErrors##pkgName \
{\
RegisterErrors##pkgName(); \
};
//===================
// package init macros
//===================
# define TSS_REGISTER_PKG_ERRORS(pkgName) RegisterErrors##pkgName register##pkgName;
#define TSS_REGISTER_PKG_ERRORS( pkgName ) \
RegisterErrors##pkgName register##pkgName;
#endif //__ERRORTABLE_H

32
src/core/errorutil.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -40,23 +40,28 @@
// class eInternal
//=============================================================================
#if IS_UNIX
namespace //unique
{
TCHAR* tw_itot(int value, TCHAR* string, int radix, int size)
{
snprintf(string, size, "%d", value);
return string;
TCHAR* tw_itot( int value, TCHAR* string, int radix)
{
_stprintf( string, "%d", value );
return string;
}
}
} // namespace
#else
#define tw_itot _itot
#endif //IS_UNIX
eInternal::eInternal(TCHAR* sourceFile, int lineNum) : eError(_T(""))
eInternal::eInternal(TCHAR* sourceFile, int lineNum)
: eError(_T(""))
{
TCHAR buf[256];
mMsg = _T("File: ");
mMsg += sourceFile;
mMsg += _T(" Line: ");
mMsg += tw_itot(lineNum, buf, 10, 256);
mMsg += tw_itot(lineNum, buf, 10);
}
//=============================================================================
@ -66,17 +71,18 @@ eInternal::eInternal(TCHAR* sourceFile, int lineNum) : eError(_T(""))
///////////////////////////////////////////////////////////////////////////////
// MakeFileError
///////////////////////////////////////////////////////////////////////////////
TSTRING cErrorUtil::MakeFileError(const TSTRING& msg, const TSTRING& fileName)
TSTRING cErrorUtil::MakeFileError( const TSTRING& msg, const TSTRING& fileName )
{
TSTRING ret;
ret = TSS_GetString(cCore, core::STR_ERR2_FILENAME);
ret.append(fileName);
ret.append(1, _T('\n'));
ret = TSS_GetString( cCore, core::STR_ERR2_FILENAME );
ret.append( fileName );
ret.append( 1, _T('\n') );
if (msg.length() > 0)
if ( msg.length() > 0 )
{
ret.append(msg);
}
return ret;
}

61
src/core/errorutil.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -58,27 +58,27 @@ public:
//-------------------------------------------------------------------------
// Construction and Assignment
//-------------------------------------------------------------------------
ePoly(uint32 id, const TSTRING& msg, uint32 flags = 0);
explicit ePoly(const eError& rhs);
explicit ePoly();
void operator=(const eError& rhs);
ePoly( uint32 id, const TSTRING& msg, uint32 flags = 0 );
explicit ePoly( const eError& rhs );
explicit ePoly();
void operator=( const eError& rhs );
//-------------------------------------------------------------------------
// ID manipulation
//-------------------------------------------------------------------------
virtual uint32 GetID() const;
void SetID(uint32 id);
virtual uint32 GetID() const;
void SetID( uint32 id );
private:
uint32 mID;
uint32 mID;
};
//-----------------------------------------------------------------------------
// eInternal
//-----------------------------------------------------------------------------
TSS_BEGIN_EXCEPTION(eInternal, eError)
TSS_BEGIN_EXCEPTION( eInternal, eError )
public:
eInternal(TCHAR* file, int lineNum);
eInternal( TCHAR* file, int lineNum );
TSS_END_EXCEPTION()
//-----------------------------------------------------------------------------
@ -87,11 +87,11 @@ TSS_END_EXCEPTION()
class cErrorUtil
{
public:
static TSTRING MakeFileError(const TSTRING& msg, const TSTRING& fileName);
// constructs an error message of the form:
// File: <fileName> \n <msg>
// This is useful for constructing strings to pass as the msg parameter
// to eError constructors.
static TSTRING MakeFileError( const TSTRING& msg, const TSTRING& fileName );
// constructs an error message of the form:
// File: <fileName> \n <msg>
// This is useful for constructing strings to pass as the msg parameter
// to eError constructors.
};
//-----------------------------------------------------------------------------
@ -102,17 +102,13 @@ public:
// __FILE__ because that includes the full path to the file, which we
// would not like to display to the user.
//
#define INTERNAL_ERROR(filename) eInternal((TCHAR*)_T(filename), __LINE__)
#define THROW_INTERNAL(filename) throw eInternal((TCHAR*)_T(filename), __LINE__)
#define INTERNAL_ERROR(filename) eInternal((TCHAR*)_T(filename), __LINE__)
#define THROW_INTERNAL(filename) throw eInternal((TCHAR*)_T(filename), __LINE__)
// TODO: ASSERT is always fatal in Unix, perhaps we could #ifdef the ASSERT
// to echo to cout the line number the exception occured at?
#define ThrowAndAssert(exception) \
{ \
ASSERT(false); \
throw exception; \
}
#define ThrowAndAssert(exception) { ASSERT(false); throw exception; }
//-----------------------------------------------------------------------------
@ -122,14 +118,17 @@ public:
///////////////////////////////////////////////////////////////////////////////
// ePoly
///////////////////////////////////////////////////////////////////////////////
inline ePoly::ePoly(uint32 id, const TSTRING& msg, uint32 flags) : eError(msg, flags), mID(id)
inline ePoly::ePoly( uint32 id, const TSTRING& msg, uint32 flags )
: eError( msg, flags ),
mID( id )
{
}
///////////////////////////////////////////////////////////////////////////////
// ePoly
///////////////////////////////////////////////////////////////////////////////
inline ePoly::ePoly(const eError& rhs)
inline ePoly::ePoly( const eError& rhs )
{
*this = rhs;
}
@ -137,18 +136,21 @@ inline ePoly::ePoly(const eError& rhs)
///////////////////////////////////////////////////////////////////////////////
// ePoly
///////////////////////////////////////////////////////////////////////////////
inline ePoly::ePoly() : eError(_T("")), mID(0)
inline ePoly::ePoly()
: eError( _T("") ),
mID( 0 )
{
}
///////////////////////////////////////////////////////////////////////////////
// operator=
///////////////////////////////////////////////////////////////////////////////
inline void ePoly::operator=(const eError& rhs)
inline void ePoly::operator=( const eError& rhs )
{
mMsg = rhs.GetMsg();
mMsg = rhs.GetMsg();
mFlags = rhs.GetFlags();
mID = rhs.GetID();
mID = rhs.GetID();
}
///////////////////////////////////////////////////////////////////////////////
@ -162,9 +164,10 @@ inline uint32 ePoly::GetID() const
///////////////////////////////////////////////////////////////////////////////
// SetID
///////////////////////////////////////////////////////////////////////////////
inline void ePoly::SetID(uint32 id)
inline void ePoly::SetID( uint32 id )
{
mID = id;
}
#endif //__ERRORUTIL_H

138
src/core/file.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -55,133 +55,103 @@
// eFile exception class
//=============================================================================
TSS_FILE_EXCEPTION(eFile, eFileError);
TSS_FILE_EXCEPTION(eFileOpen, eFile);
TSS_FILE_EXCEPTION(eFileWrite, eFile);
TSS_FILE_EXCEPTION(eFileRead, eFile);
TSS_FILE_EXCEPTION(eFileEOF, eFile); // never used!
TSS_FILE_EXCEPTION(eFileSeek, eFile);
TSS_FILE_EXCEPTION(eFileInvalidOp, eFile); // never used!
TSS_FILE_EXCEPTION(eFileTrunc, eFile);
TSS_FILE_EXCEPTION(eFileClose, eFile); // never used!
TSS_FILE_EXCEPTION(eFileFlush, eFile);
TSS_FILE_EXCEPTION(eFileRewind, eFile);
TSS_FILE_EXCEPTION( eFile, eFileError );
TSS_FILE_EXCEPTION( eFileOpen, eFile );
TSS_FILE_EXCEPTION( eFileWrite, eFile );
TSS_FILE_EXCEPTION( eFileRead, eFile );
TSS_FILE_EXCEPTION( eFileEOF, eFile ); // never used!
TSS_FILE_EXCEPTION( eFileSeek, eFile );
TSS_FILE_EXCEPTION( eFileInvalidOp, eFile ); // never used!
TSS_FILE_EXCEPTION( eFileTrunc, eFile );
TSS_FILE_EXCEPTION( eFileClose, eFile ); // never used!
TSS_FILE_EXCEPTION( eFileFlush, eFile );
TSS_FILE_EXCEPTION( eFileRewind, eFile );
//=============================================================================
// cFile
//=============================================================================
struct cFile_i;
class cFile
class cFile
{
public:
#if IS_UNIX
typedef off_t File_t;
#else //WIN32
typedef int64 File_t;
#endif // IS_UNIX
enum SeekFrom
{
SEEK_BEGIN = 0,
SEEK_CURRENT,
SEEK_EOF
SEEK_BEGIN = 0,
SEEK_CURRENT,
SEEK_EOF
};
enum OpenFlags
{
// note that reading from the file is implicit
OPEN_READ = 0x00000001, // not needed, but makes calls nice...
OPEN_WRITE = 0x00000002, // we will be writing to the file
OPEN_LOCKED_TEMP =
0x00000004, // the file should not be readable by other processes and should be removed when closed
OPEN_TRUNCATE =
0x00000008, // opens an empty file. creates it if it doesn't exist. Doesn't make much sense without OF_WRITE
OPEN_CREATE = 0x00000010, // create the file if it doesn't exist; this is implicit if OF_TRUNCATE is set
OPEN_TEXT = 0x00000020,
OPEN_EXCLUSIVE = 0x00000040, // Use O_CREAT | O_EXCL
OPEN_SCANNING = 0x00000080, // Open for scanning; set nonblocking & caching accordingly, where available
OPEN_DIRECT = 0x00000100 // Use O_DIRECT or platform equivalent
// note that reading from the file is implicit
OPEN_READ = 0x00000001, // not needed, but makes calls nice...
OPEN_WRITE = 0x00000002, // we will be writing to the file
OPEN_LOCKED_TEMP = 0x00000004, // the file should not be readable by other processes and should be removed when closed
OPEN_TRUNCATE = 0x00000008, // opens an empty file. creates it if it doesn't exist. Doesn't make much sense without OF_WRITE
OPEN_CREATE = 0x00000010, // create the file if it doesn't exist; this is implicit if OF_TRUNCATE is set
OPEN_TEXT = 0x00000020,
OPEN_EXCLUSIVE = 0x00000040, // Use O_CREAT | O_EXCL
OPEN_SCANNING = 0x00000080, // Open for scanning; set nonblocking & caching accordingly, where available
OPEN_DIRECT = 0x00000100 // Use O_DIRECT or platform equivalent
};
//Ctor, Dtor, CpyCtor, Operator=:
cFile(void);
~cFile(void);
cFile ( void );
~cFile ( void );
/************ User Interface **************************/
// Both Open methods ALWAYS open files in BINARY mode!
void Open(const TSTRING& sFileName, uint32 flags = OPEN_READ); //throw(eFile)
void Close(void); //throw(eFile)
bool IsOpen(void) const;
void Open ( const TSTRING& sFileName, uint32 flags = OPEN_READ ); //throw(eFile)
void Close ( void ); //throw(eFile)
bool IsOpen ( void ) const;
File_t Seek(File_t offset, SeekFrom From) const; //throw(eFile)
File_t Seek ( File_t offset, SeekFrom From ) const; //throw(eFile)
// Seek returns the current offset after completion
File_t Read(void* buffer, File_t nBytes) const; //throw(eFile)
File_t Read ( void* buffer, File_t nBytes ) const; //throw(eFile)
// Read returns the number of bytes that are actually read. If the nBytes
// parameter is 0, 0 bytes will be read and buffer will remain untouched.
// If the read head is at EOF, no bytes will be read and 0 will be returned.
File_t Write(const void* buffer, File_t nBytes); //throw(eFile)
File_t Write ( const void* buffer, File_t nBytes ); //throw(eFile)
// Write returns the number of bytes that are actually written.
File_t Tell(void) const;
// Tell returns the current offset.
bool Flush(void); //throw(eFile)
File_t Tell ( void ) const;
// Tell returns the current offset.
bool Flush ( void ); //throw(eFile)
// Flush returns 0 if the currently defined stream is successfully flushed.
void Rewind(void) const; //throw(eFile)
void Rewind ( void ) const; //throw(eFile)
// Sets the offset to 0.
File_t GetSize(void) const;
// Returns the size of the current file in bytes. Returns -1 if no file is defined.
void Truncate(File_t offset); // throw(eFile)
File_t GetSize ( void ) const;
// Returns the size of the current file in bytes. Returns -1 if no file is defined.
void Truncate ( File_t offset ); // throw(eFile)
private:
cFile(const cFile& rhs); //not impl.
cFile& operator=(const cFile& rhs); //not impl.
cFile ( const cFile& rhs ); //not impl.
cFile& operator= ( const cFile& rhs); //not impl.
//Pointer to the insulated implementation
cFile_i* mpData;
cFile_i* mpData;
public:
bool isWritable;
bool isWritable;
};
class cDosPath
#if USES_DEVICE_PATH
class cDevicePath
{
public:
static TSTRING AsPosix(const TSTRING& in);
static TSTRING AsNative(const TSTRING& in);
static bool IsAbsolutePath(const TSTRING& in);
static TSTRING BackupName(const TSTRING& in);
};
class cArosPath
{
public:
static TSTRING AsPosix(const TSTRING& in);
static TSTRING AsNative(const TSTRING& in);
static bool IsAbsolutePath(const TSTRING& in);
};
class cRiscosPath
{
public:
static TSTRING AsPosix(const TSTRING& in);
static TSTRING AsNative(const TSTRING& in);
static bool IsAbsolutePath(const TSTRING& in);
};
class cRedoxPath
{
public:
static TSTRING AsPosix(const TSTRING& in);
static TSTRING AsNative(const TSTRING& in);
static bool IsAbsolutePath(const TSTRING& in);
};
# if IS_DOS_DJGPP
# define cDevicePath cDosPath
# elif IS_AROS
# define cDevicePath cArosPath
# elif IS_RISCOS
# define cDevicePath cRiscosPath
# elif IS_REDOX
# define cDevicePath cRedoxPath
# endif
#endif
#endif //__FILE_H

430
src/core/file_unix.cpp
View File

@ -1,6 +1,6 @@
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -35,13 +35,13 @@
/* On GNU/Hurd, need to define _GNU_SOURCE in order to use O_NOATIME
which technically is still a nonstandard extension to open() */
#if IS_HURD
# define _GNU_SOURCE
# define _GNU_SOURCE
#endif
#include "core/stdcore.h"
#if !IS_UNIX
# error Need to be unix to use unixfsservices
#error Need to be unix to use unixfsservices
#endif
#include "core/file.h"
@ -54,7 +54,7 @@
#include <errno.h>
#if HAVE_SYS_FS_VX_IOCTL_H
#include <sys/fs/vx_ioctl.h>
# include <sys/fs/vx_ioctl.h>
#endif
#include "core/debug.h"
@ -62,10 +62,6 @@
#include "core/fsservices.h"
#include "core/errorutil.h"
#if IS_RISCOS
#include <unixlib/local.h>
#endif
///////////////////////////////////////////////////////////////////////////
// cFile_i : Insulated implementation for cFile objects.
///////////////////////////////////////////////////////////////////////////
@ -75,36 +71,36 @@ struct cFile_i
cFile_i();
~cFile_i();
int m_fd; //underlying file descriptor
FILE* mpCurrStream; //currently defined file stream
TSTRING mFileName; //the name of the file we are currently referencing.
uint32 mFlags; //Flags used to open the file
int m_fd; //underlying file descriptor
FILE* mpCurrStream; //currently defined file stream
TSTRING mFileName; //the name of the file we are currently referencing.
uint32 mFlags; //Flags used to open the file
};
//Ctor
cFile_i::cFile_i() : m_fd(-1), mpCurrStream(NULL), mFlags(0)
{
}
cFile_i::cFile_i() :
mpCurrStream(NULL)
{}
//Dtor
cFile_i::~cFile_i()
{
if (mpCurrStream != NULL)
{
fclose(mpCurrStream);
mpCurrStream = NULL;
fclose( mpCurrStream );
mpCurrStream = NULL;
#if !CAN_UNLINK_WHILE_OPEN // so unlink after close instead
if (mFlags & cFile::OPEN_LOCKED_TEMP)
#if IS_AROS
if( mFlags & cFile::OPEN_LOCKED_TEMP )
{
// unlink this file
if( 0 != unlink(mFileName.c_str()))
{
// unlink this file
if (0 != unlink(mFileName.c_str()))
{
throw(eFileOpen(mFileName, iFSServices::GetInstance()->GetErrString()));
}
throw( eFileOpen( mFileName, iFSServices::GetInstance()->GetErrString() ) );
}
#endif
}
#endif
mFileName.empty();
}
///////////////////////////////////////////////////////////////////////////
@ -113,14 +109,15 @@ cFile_i::~cFile_i()
///////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
cFile::cFile() : mpData(NULL), isWritable(false)
cFile::cFile() :
mpData(NULL), isWritable(false)
{
mpData = new cFile_i;
}
cFile::~cFile()
{
if (mpData != NULL)
if( mpData != NULL)
{
delete mpData;
mpData = NULL;
@ -132,10 +129,10 @@ cFile::~cFile()
///////////////////////////////////////////////////////////////////////////////
#if !USES_DEVICE_PATH
void cFile::Open(const TSTRING& sFileName, uint32 flags)
void cFile::Open( const TSTRING& sFileName, uint32 flags )
{
#else
void cFile::Open(const TSTRING& sFileNameC, uint32 flags)
void cFile::Open( const TSTRING& sFileNameC, uint32 flags )
{
TSTRING sFileName = cDevicePath::AsNative(sFileNameC);
#endif
@ -154,9 +151,9 @@ void cFile::Open(const TSTRING& sFileNameC, uint32 flags)
if (flags & OPEN_WRITE)
{
perm |= O_RDWR;
isWritable = true;
mode = _T("rb");
perm |= O_RDWR;
isWritable = true;
mode = _T("rb");
if (flags & OPEN_TRUNCATE)
{
perm |= O_TRUNC;
@ -168,15 +165,14 @@ void cFile::Open(const TSTRING& sFileNameC, uint32 flags)
}
else
{
perm |= O_RDONLY;
isWritable = false;
mode = _T("rb");
perm |= O_RDONLY;
isWritable = false;
mode = _T("rb");
}
if (flags & OPEN_EXCLUSIVE)
{
if (flags & OPEN_EXCLUSIVE) {
perm |= O_CREAT | O_EXCL;
openmode = (mode_t)0600; // Make sure only root can read the file
openmode = (mode_t) 0600; // Make sure only root can read the file
}
if (flags & OPEN_CREATE)
@ -196,28 +192,28 @@ void cFile::Open(const TSTRING& sFileNameC, uint32 flags)
//Only use O_DIRECT for scanning, since cfg/policy/report reads
// don't happen w/ a nice round block size.
if ((flags & OPEN_DIRECT) && (flags & OPEN_SCANNING))
perm |= O_DIRECT;
perm |= O_DIRECT;
#endif
//
// actually open the file
//
int fh = _topen(sFileName.c_str(), perm, openmode);
if (fh == -1)
int fh = _topen( sFileName.c_str(), perm, openmode );
if( fh == -1 )
{
throw(eFileOpen(sFileName, iFSServices::GetInstance()->GetErrString()));
throw( eFileOpen( sFileName, iFSServices::GetInstance()->GetErrString() ) );
}
mpData->m_fd = fh;
#if CAN_UNLINK_WHILE_OPEN
if (flags & OPEN_LOCKED_TEMP)
#if !IS_AROS
if( flags & OPEN_LOCKED_TEMP )
{
// unlink this file
if (0 != unlink(sFileName.c_str()))
if( 0 != unlink( sFileName.c_str() ) )
{
// we weren't able to unlink file, so close handle and fail
close(fh);
throw(eFileOpen(sFileName, iFSServices::GetInstance()->GetErrString()));
close( fh );
throw( eFileOpen( sFileName, iFSServices::GetInstance()->GetErrString() ) );
}
}
#endif
@ -227,7 +223,7 @@ void cFile::Open(const TSTRING& sFileNameC, uint32 flags)
//
mpData->mpCurrStream = _tfdopen(fh, mode.c_str());
mpData->mFileName = sFileName; //Set mFileName to the newly opened file.
mpData->mFileName = sFileName; //Set mFileName to the newly opened file.
cFile::Rewind();
@ -244,8 +240,8 @@ void cFile::Open(const TSTRING& sFileNameC, uint32 flags)
#if HAVE_POSIX_FADVISE
if (flags & OPEN_SCANNING && !(flags & OPEN_DIRECT))
{
posix_fadvise(fh, 0, 0, POSIX_FADV_SEQUENTIAL);
posix_fadvise(fh, 0, 0, POSIX_FADV_NOREUSE);
posix_fadvise(fh,0,0, POSIX_FADV_SEQUENTIAL);
posix_fadvise(fh,0,0, POSIX_FADV_NOREUSE);
}
#elif HAVE_SYS_FS_VX_IOCTL_H
@ -257,6 +253,7 @@ void cFile::Open(const TSTRING& sFileNameC, uint32 flags)
ioctl(fh, VX_SETCACHE, VX_SEQ | VX_NOREUSE);
}
#endif
}
@ -265,13 +262,13 @@ void cFile::Open(const TSTRING& sFileNameC, uint32 flags)
///////////////////////////////////////////////////////////////////////////
void cFile::Close() //throw(eFile)
{
if (mpData->mpCurrStream != NULL)
if(mpData->mpCurrStream != NULL)
{
#ifdef HAVE_POSIX_FADVISE
posix_fadvise(fileno(mpData->mpCurrStream), 0, 0, POSIX_FADV_DONTNEED);
posix_fadvise(fileno(mpData->mpCurrStream),0,0, POSIX_FADV_DONTNEED);
#endif
fclose(mpData->mpCurrStream);
fclose( mpData->mpCurrStream );
mpData->mpCurrStream = NULL;
}
@ -279,23 +276,23 @@ void cFile::Close() //throw(eFile)
mpData->mFileName.empty();
}
bool cFile::IsOpen(void) const
bool cFile::IsOpen( void ) const
{
return (mpData->mpCurrStream != NULL);
return( mpData->mpCurrStream != NULL );
}
///////////////////////////////////////////////////////////////////////////
// Seek -- Positions the read/write offset in mpCurrStream. Returns the
// current offset upon completion. Returns 0 if no stream is defined.
///////////////////////////////////////////////////////////////////////////
cFile::File_t cFile::Seek(File_t offset, SeekFrom From) const //throw(eFile)
cFile::File_t cFile::Seek( File_t offset, SeekFrom From) const //throw(eFile)
{
//Check to see if a file as been opened yet...
ASSERT(mpData->mpCurrStream != 0);
ASSERT( mpData->mpCurrStream != 0);
int apiFrom;
switch (From)
switch( From )
{
case cFile::SEEK_BEGIN:
apiFrom = SEEK_SET;
@ -308,11 +305,11 @@ cFile::File_t cFile::Seek(File_t offset, SeekFrom From) const //throw(eFile)
break;
default:
//An invalid SeekFrom parameter was passed.
throw(eInternal(_T("file_unix")));
throw( eInternal( _T("file_unix") ) );
}
// this is a hack to simulate running out of disk space
#if 0
// this is a hack to simulate running out of disk space
#if 0
static int blowupCount = 1;
if (++blowupCount == 1075)
{
@ -321,14 +318,14 @@ cFile::File_t cFile::Seek(File_t offset, SeekFrom From) const //throw(eFile)
throw std::bad_alloc();
}
fprintf(stderr, "%d\n", blowupCount);
#endif
#endif
if (fseeko(mpData->mpCurrStream, offset, apiFrom) != 0)
if (fseeko( mpData->mpCurrStream, offset, apiFrom ) != 0)
{
#ifdef DEBUG
#ifdef _DEBUG
cDebug d("cFile::Seek");
d.TraceDebug("Seek failed!\n");
#endif
#endif
throw eFileSeek();
}
@ -339,31 +336,26 @@ cFile::File_t cFile::Seek(File_t offset, SeekFrom From) const //throw(eFile)
// Read -- Returns the actual bytes read from mpCurrStream. Returns 0 if
// mpCurrStream is undefined.
///////////////////////////////////////////////////////////////////////////
cFile::File_t cFile::Read(void* buffer, File_t nBytes) const //throw(eFile)
cFile::File_t cFile::Read( void* buffer, File_t nBytes ) const //throw(eFile)
{
File_t iBytesRead;
// Has a file been opened?
ASSERT(mpData->mpCurrStream != NULL);
ASSERT( mpData->mpCurrStream != NULL );
// Is the nBytes parameter 0? If so, return without touching buffer:
if (nBytes == 0)
if( nBytes == 0 )
return 0;
if (mpData->mFlags & OPEN_DIRECT)
{
if (mpData->mFlags & OPEN_DIRECT) {
iBytesRead = read(mpData->m_fd, buffer, nBytes);
if (iBytesRead < 0)
{
if (iBytesRead<0) {
throw eFileRead(mpData->mFileName, iFSServices::GetInstance()->GetErrString());
}
}
else
{
iBytesRead = fread(buffer, sizeof(byte), nBytes, mpData->mpCurrStream);
if (ferror(mpData->mpCurrStream) != 0)
{
throw eFileRead(mpData->mFileName, iFSServices::GetInstance()->GetErrString());
} else {
iBytesRead = fread( buffer, sizeof(byte), nBytes, mpData->mpCurrStream );
if( ferror( mpData->mpCurrStream ) != 0 ) {
throw eFileRead( mpData->mFileName, iFSServices::GetInstance()->GetErrString() ) ;
}
}
@ -374,16 +366,16 @@ cFile::File_t cFile::Read(void* buffer, File_t nBytes) const //throw(eFile)
// Write -- Returns the actual number of bytes written to mpCurrStream
// Returns 0 if no file has been opened.
///////////////////////////////////////////////////////////////////////////
cFile::File_t cFile::Write(const void* buffer, File_t nBytes) //throw(eFile)
cFile::File_t cFile::Write( const void* buffer, File_t nBytes ) //throw(eFile)
{
File_t actual_count = 0;
// Has a file been opened? Is it writable?
ASSERT(mpData->mpCurrStream != NULL);
ASSERT(isWritable);
ASSERT( mpData->mpCurrStream != NULL );
ASSERT( isWritable );
if ((actual_count = fwrite(buffer, sizeof(byte), nBytes, mpData->mpCurrStream)) < nBytes)
throw eFileWrite(mpData->mFileName, iFSServices::GetInstance()->GetErrString());
if( ( actual_count = fwrite( buffer, sizeof(byte), nBytes, mpData->mpCurrStream ) ) < nBytes )
throw eFileWrite( mpData->mFileName, iFSServices::GetInstance()->GetErrString() );
else
return actual_count;
}
@ -394,9 +386,9 @@ cFile::File_t cFile::Write(const void* buffer, File_t nBytes) //throw(eFile)
///////////////////////////////////////////////////////////////////////////
cFile::File_t cFile::Tell() const
{
ASSERT(mpData->mpCurrStream != 0);
ASSERT( mpData->mpCurrStream != 0);
return ftell(mpData->mpCurrStream);
return ftell( mpData->mpCurrStream );
}
///////////////////////////////////////////////////////////////////////////
@ -404,23 +396,23 @@ cFile::File_t cFile::Tell() const
///////////////////////////////////////////////////////////////////////////
bool cFile::Flush() //throw(eFile)
{
if (mpData->mpCurrStream == NULL)
throw eFileFlush(mpData->mFileName, iFSServices::GetInstance()->GetErrString());
if ( mpData->mpCurrStream == NULL )
throw eFileFlush( mpData->mFileName, iFSServices::GetInstance()->GetErrString() );
return (fflush(mpData->mpCurrStream) == 0);
return ( fflush( mpData->mpCurrStream) == 0 );
}
///////////////////////////////////////////////////////////////////////////
// Rewind -- Sets the offset to the beginning of the file. If mpCurrStream
// is NULL, this method returns false. If the rewind operation fails,
// an exception is thrown.
///////////////////////////////////////////////////////////////////////////
void cFile::Rewind() const //throw(eFile)
void cFile::Rewind() const //throw(eFile)
{
ASSERT(mpData->mpCurrStream != 0);
ASSERT( mpData->mpCurrStream != 0);
rewind(mpData->mpCurrStream);
if (ftell(mpData->mpCurrStream) != 0)
throw(eFileRewind(mpData->mFileName, iFSServices::GetInstance()->GetErrString()));
rewind( mpData->mpCurrStream );
if( ftell( mpData->mpCurrStream ) != 0 )
throw( eFileRewind( mpData->mFileName, iFSServices::GetInstance()->GetErrString() ) );
}
///////////////////////////////////////////////////////////////////////////
@ -433,12 +425,12 @@ cFile::File_t cFile::GetSize() const
File_t ret;
//Has a file been opened? If not, return -1
if (mpData->mpCurrStream == NULL)
if( mpData->mpCurrStream == NULL )
return -1;
ret = Seek(0, cFile::SEEK_EOF);
Seek(vCurrentOffset, cFile::SEEK_BEGIN);
//return the offset to it's position prior to GetSize call.
ret = Seek( 0, cFile::SEEK_EOF );
Seek( vCurrentOffset, cFile::SEEK_BEGIN );
//return the offset to it's position prior to GetSize call.
return ret;
}
@ -446,240 +438,62 @@ cFile::File_t cFile::GetSize() const
/////////////////////////////////////////////////////////////////////////
// Truncate
/////////////////////////////////////////////////////////////////////////
void cFile::Truncate(File_t offset) // throw(eFile)
void cFile::Truncate( File_t offset ) // throw(eFile)
{
ASSERT(mpData->mpCurrStream != 0);
ASSERT(isWritable);
ASSERT( mpData->mpCurrStream != 0);
ASSERT( isWritable );
ftruncate(fileno(mpData->mpCurrStream), offset);
if (GetSize() != offset)
throw(eFileTrunc(mpData->mFileName, iFSServices::GetInstance()->GetErrString()));
ftruncate( fileno(mpData->mpCurrStream), offset );
if( GetSize() != offset )
throw( eFileTrunc( mpData->mFileName, iFSServices::GetInstance()->GetErrString() ) );
}
/////////////////////////////////////////////////////////////////////////
// Platform path conversion methods
/////////////////////////////////////////////////////////////////////////
bool cDosPath::IsAbsolutePath(const TSTRING& in)
{
if (in.empty())
return false;
if (in[0] == '/')
return true;
if (in.length() >= 2 && in[1] == ':')
return true;
return false;
}
// For paths of type C:\DOS
TSTRING cDosPath::AsPosix(const TSTRING& in)
#if USES_DEVICE_PATH
// For paths of type DH0:/dir/file
TSTRING cDevicePath::AsPosix( const TSTRING& in )
{
if (in[0] == '/')
{
return in;
}
TSTRING out = (cDosPath::IsAbsolutePath(in)) ? ("/dev/" + in) : in;
#if IS_DOS_DJGPP
TSTRING out = "/dev/" + in;
std::replace(out.begin(), out.end(), '\\', '/');
out.erase(std::remove(out.begin(), out.end(), ':'), out.end());
#else
TSTRING out = '/' + in;
#endif
return out;
}
TSTRING cDosPath::AsNative(const TSTRING& in)
{
if (in[0] != '/')
{
return in;
}
if (in.find("/dev") != 0 || in.length() < 6)
return in;
TSTRING out = "?:/";
out[0] = in[5];
if (in.length() >= 8)
out.append(in.substr(7));
std::replace(out.begin(), out.end(), '/', '\\');
return out;
}
TSTRING cDosPath::BackupName(const TSTRING& in)
{
TSTRING out = in;
std::string::size_type pos = out.find_last_of("\\");
if (std::string::npos == pos)
return in;
TSTRING path = in.substr(0, pos);
TSTRING name = in.substr(pos, 9);
std::replace(name.begin(), name.end(), '.', '_');
path.append(name);
return path;
}
/////////////////////////////////////////////////////////////////////////
bool cArosPath::IsAbsolutePath(const TSTRING& in)
{
if (in.empty())
return false;
if (in[0] == '/')
return true;
if (in.find(":") != std::string::npos)
return true;
return false;
}
// For paths of type DH0:dir/file
TSTRING cArosPath::AsPosix(const TSTRING& in)
{
if (in[0] == '/')
{
return in;
}
TSTRING out = IsAbsolutePath(in) ? '/' + in : in;
std::replace(out.begin(), out.end(), ':', '/');
return out;
}
TSTRING cArosPath::AsNative(const TSTRING& in)
TSTRING cDevicePath::AsNative( const TSTRING& in )
{
if (in[0] != '/')
{
return in;
}
std::string::size_type drive = in.find_first_not_of("/");
TSTRING out = (drive != std::string::npos) ? in.substr(drive) : in;
TSTRING::size_type t = out.find_first_of('/');
if (t != std::string::npos)
out[t] = ':';
else
out.append(":");
#if IS_DOS_DJGPP
if (in.find("/dev") != 0 || in.length() < 6)
return in;
TSTRING out = "?:/";
out[0] = in[5];
if (in.length() >= 8)
out.append(in.substr(7));
return out;
}
/////////////////////////////////////////////////////////////////////////
bool cRiscosPath::IsAbsolutePath(const TSTRING& in)
{
if (in.empty())
return false;
#elif IS_AROS
int x = 1;
for ( x; in[x] == '/' && x<in.length(); x++);
if (in[0] == '/')
return true;
TSTRING out = in.substr(x);
TSTRING::size_type t = out.find_first_of('/');
out[t] = ':';
if (in.find("$") != std::string::npos)
return true;
return false;
}
// For paths of type SDFS::Volume.$.dir.file
TSTRING cRiscosPath::AsPosix(const TSTRING& in)
{
#if IS_RISCOS
if (in[0] == '/')
{
return in;
}
TSTRING out;
char* unixified = __unixify(in.c_str(), 0, 0, 0, 0);
if (unixified)
{
out.assign(unixified);
free(unixified);
return out;
}
return in;
#else
return in;
return out;
#endif
}
TSTRING cRiscosPath::AsNative(const TSTRING& in)
{
#if IS_RISCOS
if (in[0] != '/')
{
return in;
}
TSTRING out;
int buf_size = in.length() + 100; // examples pad by 100
std::vector<char> buf(buf_size);
__riscosify(in.c_str(), 0, 0, &buf[0], buf_size, 0);
if (buf[0])
{
out.assign(&buf[0]);
return out;
}
return in;
#else
return in;
#endif
}
/////////////////////////////////////////////////////////////////////////
bool cRedoxPath::IsAbsolutePath(const TSTRING& in)
{
if (in.empty())
return false;
if (in[0] == '/')
return true;
if (in.find(":") != std::string::npos)
return true;
return false;
}
// For paths of type file:/dir/file
TSTRING cRedoxPath::AsPosix(const TSTRING& in)
{
if (in[0] == '/')
{
return in;
}
TSTRING out = IsAbsolutePath(in) ? '/' + in : in;
std::string::size_type colon = out.find_first_of(":");
if (colon != std::string::npos)
out.erase(colon, 1);
return out;
}
TSTRING cRedoxPath::AsNative(const TSTRING& in)
{
if (in[0] != '/')
{
return in;
}
std::string::size_type drive = in.find_first_not_of("/");
TSTRING out = (drive != std::string::npos) ? in.substr(drive) : in;
TSTRING::size_type slash = out.find_first_of('/');
if (slash != std::string::npos)
out.insert(slash, ":");
else
out.append(":/");
return out;
}

16
src/core/fileerror.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -37,10 +37,11 @@
#include "corestrings.h"
// TODO: Make this use MakeFileError() for consistency
eFileError::eFileError(const TSTRING& filename, const TSTRING& description, uint32 flags) : eError(_T(""), flags)
eFileError::eFileError( const TSTRING& filename, const TSTRING& description, uint32 flags )
: eError( _T(""), flags )
{
mFilename = filename;
mMsg = description;
mMsg = description;
}
TSTRING eFileError::GetFilename() const
@ -57,14 +58,14 @@ TSTRING eFileError::GetDescription() const
{
TSTRING ret;
if (!mFilename.empty())
if( ! mFilename.empty() )
{
ret = TSS_GetString(cCore, core::STR_ERROR_FILENAME) + mFilename;
ret = TSS_GetString( cCore, core::STR_ERROR_FILENAME ) + mFilename;
}
if (!mMsg.empty())
if( ! mMsg.empty() )
{
if (!mFilename.empty())
if ( ! mFilename.empty() )
ret += _T("\n");
ret += mMsg;
@ -72,3 +73,4 @@ TSTRING eFileError::GetDescription() const
return ret;
}

37
src/core/fileerror.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -51,33 +51,30 @@
// ### Insufficient permission to open file. <-- constructor parameter "msg"
// ### Exiting... <-- appropriate third message
//=============================================================================
TSS_BEGIN_EXCEPTION_NO_CTOR(eFileError, eError)
TSS_BEGIN_EXCEPTION_NO_CTOR( eFileError, eError )
private:
TSTRING mFilename;
TSTRING mFilename;
public:
eFileError(const TSTRING& filename, const TSTRING& description, uint32 flags = 0);
eFileError( const TSTRING& filename, const TSTRING& description, uint32 flags = 0 );
explicit eFileError(const eFileError& rhs) : eError(rhs)
{
mFilename = rhs.mFilename;
}
eFileError(const TSTRING& msg, uint32 flags = 0) : eError(msg, flags)
{
}
explicit eFileError( const eFileError& rhs )
: eError( rhs ) { mFilename = rhs.mFilename; }
eFileError( const TSTRING& msg, uint32 flags = 0 )
: eError( msg, flags ) {}
TSTRING GetFilename() const;
TSTRING GetDescription() const;
virtual TSTRING GetMsg() const;
TSTRING GetFilename() const;
TSTRING GetDescription() const;
virtual TSTRING GetMsg() const;
TSS_END_EXCEPTION()
# define TSS_FILE_EXCEPTION(except, base) \
TSS_BEGIN_EXCEPTION(except, base) \
except(const TSTRING& filename, const TSTRING& msg, uint32 flags = 0) : base(filename, msg, flags) \
{ \
} \
TSS_END_EXCEPTION()
#define TSS_FILE_EXCEPTION( except, base ) \
TSS_BEGIN_EXCEPTION( except, base ) \
except( const TSTRING& filename, const TSTRING& msg, uint32 flags = 0 ) \
: base( filename, msg, flags ) {} \
TSS_END_EXCEPTION()
#endif

68
src/core/fileheader.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -50,7 +50,7 @@ cFileHeaderID::~cFileHeaderID()
{
}
void cFileHeaderID::operator=(const TCHAR* pszId)
void cFileHeaderID::operator=( const TCHAR* pszId )
{
// RAD:10/1/99 -- Not Needed
// TODO:BAM -- I'm pretty sure that there's a bug hiding here...
@ -62,34 +62,36 @@ void cFileHeaderID::operator=(const TCHAR* pszId)
// return;
//}
size_t N = ::strlen(pszId);
if (!(N < cFileHeaderID::MAXBYTES))
throw eCharacter(TSS_GetString(cCore, core::STR_ERR_OVERFLOW));
size_t N = ::strlen( pszId );
if ( !(N < cFileHeaderID::MAXBYTES) )
throw eCharacter( TSS_GetString( cCore, core::STR_ERR_OVERFLOW ) );
mIDLen = static_cast<int16>(N); // know len is less than MAXBYTES
::memcpy(mID, pszId, N * sizeof(char));
mIDLen = static_cast<int16>( N ); // know len is less than MAXBYTES
::memcpy( mID, pszId, N * sizeof(char) );
}
void cFileHeaderID::operator=(const cFileHeaderID& rhs)
void cFileHeaderID::operator=( const cFileHeaderID& rhs )
{
ASSERT(rhs.mIDLen < cFileHeaderID::MAXBYTES);
ASSERT( rhs.mIDLen < cFileHeaderID::MAXBYTES );
mIDLen = rhs.mIDLen;
memcpy(mID, rhs.mID, mIDLen * sizeof(char));
}
int cFileHeaderID::operator==(const cFileHeaderID& rhs) const
int cFileHeaderID::operator==( const cFileHeaderID& rhs ) const
{
return (mIDLen == rhs.mIDLen) && (::memcmp(mID, rhs.mID, mIDLen * sizeof(char)) == 0);
return
( mIDLen == rhs.mIDLen ) &&
( ::memcmp( mID, rhs.mID, mIDLen * sizeof(char) ) == 0 );
}
void cFileHeaderID::Read(iSerializer* pSerializer, int32 /*version*/) // throw (eSerializer, eArchive)
void cFileHeaderID::Read(iSerializer* pSerializer, int32 /*version*/ ) // throw (eSerializer, eArchive)
{
int16 len;
pSerializer->ReadInt16(len);
if ((len < 0) || (len >= cFileHeaderID::MAXBYTES))
pSerializer->ReadInt16( len );
if ( (len < 0) || (len >= cFileHeaderID::MAXBYTES ))
{
// this is invalid!
throw eSerializerInputStreamFmt(_T("File Header ID invalid"));
throw eSerializerInputStreamFmt( _T("File Header ID invalid") );
}
pSerializer->ReadBlob(mID, len * sizeof(char));
mIDLen = len;
@ -97,18 +99,19 @@ void cFileHeaderID::Read(iSerializer* pSerializer, int32 /*version*/) // throw (
void cFileHeaderID::Write(iSerializer* pSerializer) const // throw (eSerializer, eArchive)
{
ASSERT(mIDLen >= 0 && mIDLen < cFileHeaderID::MAXBYTES);
ASSERT( mIDLen >= 0 && mIDLen < cFileHeaderID::MAXBYTES );
pSerializer->WriteInt16(mIDLen);
pSerializer->WriteBlob(mID, mIDLen * sizeof(char));
pSerializer->WriteInt16( mIDLen );
pSerializer->WriteBlob( mID, mIDLen * sizeof(char) );
}
///////////////////////////////////////////////////////////////////////////////
// class cFileHeader
cFileHeader::cFileHeader() : mVersion(0)
cFileHeader::cFileHeader()
: mVersion(0)
{
#ifdef DEBUG
#ifdef _DEBUG
mEncoding = LAST_ENCODING; // set to invalid value so we can assert on write
#else
mEncoding = NO_ENCODING;
@ -116,14 +119,20 @@ cFileHeader::cFileHeader() : mVersion(0)
}
cFileHeader::cFileHeader(const cFileHeader& rhs)
: iSerializable(), mID(rhs.mID), mVersion(rhs.mVersion), mEncoding(rhs.mEncoding)
: iSerializable(),
mID(rhs.mID),
mVersion(rhs.mVersion),
mEncoding(rhs.mEncoding)
{
if (rhs.mBaggage.Length() > 0)
{
mBaggage.MapArchive(0, rhs.mBaggage.Length());
rhs.mBaggage.MapArchive(0, rhs.mBaggage.Length());
::memcpy(mBaggage.GetMap(), rhs.mBaggage.GetMap(), static_cast<size_t>(rhs.mBaggage.Length()));
::memcpy(
mBaggage.GetMap(),
rhs.mBaggage.GetMap(),
static_cast<size_t>( rhs.mBaggage.Length() ) );
mBaggage.MapArchive(0, 0);
rhs.mBaggage.MapArchive(0, 0);
@ -162,7 +171,7 @@ void cFileHeader::Read(iSerializer* pSerializer, int32 /*version*/) // throw (eS
if ((unsigned int)magicNumber != FILE_HEADER_MAGIC_NUMBER)
{
d.TraceDebug("Bad magic number");
throw eSerializerInputStreamFmt(pSerializer->GetFileName());
throw eSerializerInputStreamFmt(pSerializer->GetFileName() );
}
// Note this version refers to the format of this data structure in the
@ -173,7 +182,7 @@ void cFileHeader::Read(iSerializer* pSerializer, int32 /*version*/) // throw (eS
{
// don't understand the version
d.TraceDebug("Bad version");
throw eSerializerInputStreamFmt(pSerializer->GetFileName());
throw eSerializerInputStreamFmt(pSerializer->GetFileName() );
}
mID.Read(pSerializer);
@ -187,7 +196,7 @@ void cFileHeader::Read(iSerializer* pSerializer, int32 /*version*/) // throw (eS
pSerializer->ReadInt32(len);
if (len < 0 || len > 0xffff)
throw eSerializerInputStreamFmt(pSerializer->GetFileName());
throw eSerializerInputStreamFmt(pSerializer->GetFileName() );
mBaggage.MapArchive(0, len);
@ -204,7 +213,7 @@ void cFileHeader::Read(iSerializer* pSerializer, int32 /*version*/) // throw (eS
void cFileHeader::Write(iSerializer* pSerializer) const // throw (eSerializer, eArchive)
{
#ifdef DEBUG
#ifdef _DEBUG
// check that we set some values
cFileHeaderID id;
ASSERT(mID != id);
@ -224,14 +233,14 @@ void cFileHeader::Write(iSerializer* pSerializer) const // throw (eSerializer, e
pSerializer->WriteInt32(mVersion);
pSerializer->WriteInt16(static_cast<int16>(mEncoding));
pSerializer->WriteInt16( static_cast<int16>(mEncoding) );
int32 len = static_cast<int32>(mBaggage.Length());
int32 len = static_cast<int32>( mBaggage.Length() );
ASSERT(len >= 0);
ASSERT(len <= 0xFFFF);
if (len < 0 || len > 0xFFFF)
if ( len < 0 || len > 0xFFFF )
throw eSerializerOutputStreamFmt();
pSerializer->WriteInt32(len);
@ -241,3 +250,4 @@ void cFileHeader::Write(iSerializer* pSerializer) const // throw (eSerializer, e
pSerializer->WriteBlob(mBaggage.GetMap(), len);
}
}

60
src/core/fileheader.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -54,13 +54,13 @@ public:
cFileHeaderID(const cFileHeaderID& rhs);
virtual ~cFileHeaderID();
void operator=(const TCHAR* id);
void operator=(const cFileHeaderID& rhs);
int operator==(const cFileHeaderID& rhs) const;
int operator!=(const cFileHeaderID& rhs) const;
void operator = (const TCHAR* id);
void operator = (const cFileHeaderID& rhs);
int operator == (const cFileHeaderID& rhs) const;
int operator != (const cFileHeaderID& rhs) const;
virtual void Read(iSerializer* pSerializer, int32 version = 0); // throw (eSerializer, eArchive)
virtual void Write(iSerializer* pSerializer) const; // throw (eSerializer, eArchive)
virtual void Read (iSerializer* pSerializer, int32 version = 0); // throw (eSerializer, eArchive)
virtual void Write(iSerializer* pSerializer) const; // throw (eSerializer, eArchive)
private:
// For now we will store the id as a string.
@ -68,13 +68,10 @@ private:
// the way we implemented cFCONames.
// Note: We store the string as narrow chars, since
// the program is the only person who will see them.
int16 mIDLen;
int16 mIDLen;
enum
{
MAXBYTES = 256
};
char mID[MAXBYTES];
enum { MAXBYTES = 256 };
char mID[ MAXBYTES ];
};
inline cFileHeaderID::cFileHeaderID()
@ -87,12 +84,14 @@ inline cFileHeaderID::cFileHeaderID(const TCHAR* id)
*this = id;
}
inline cFileHeaderID::cFileHeaderID(const cFileHeaderID& rhs) : iSerializable(), mIDLen(rhs.mIDLen)
inline
cFileHeaderID::cFileHeaderID( const cFileHeaderID& rhs ) :
iSerializable(), mIDLen( rhs.mIDLen )
{
memcpy(mID, rhs.mID, MAXBYTES);
memcpy( mID, rhs.mID, MAXBYTES );
}
inline int cFileHeaderID::operator!=(const cFileHeaderID& rhs) const
inline int cFileHeaderID::operator != (const cFileHeaderID& rhs) const
{
return !(*this == rhs);
}
@ -116,26 +115,26 @@ public:
LAST_ENCODING
};
void SetID(const cFileHeaderID& id);
const cFileHeaderID& GetID() const;
void SetID(const cFileHeaderID& id);
const cFileHeaderID& GetID() const;
void SetVersion(uint32 v);
uint32 GetVersion() const;
void SetVersion(uint32 v);
uint32 GetVersion() const;
void SetEncoding(Encoding e);
Encoding GetEncoding() const;
void SetEncoding(Encoding e);
Encoding GetEncoding() const;
cMemoryArchive& GetBaggage();
const cMemoryArchive& GetBaggage() const;
cMemoryArchive& GetBaggage();
const cMemoryArchive& GetBaggage() const;
virtual void Read(iSerializer* pSerializer, int32 version = 0); // throw (eSerializer, eArchive)
virtual void Write(iSerializer* pSerializer) const; // throw (eSerializer, eArchive)
virtual void Read (iSerializer* pSerializer, int32 version = 0); // throw (eSerializer, eArchive)
virtual void Write(iSerializer* pSerializer) const; // throw (eSerializer, eArchive)
protected:
cFileHeaderID mID;
uint32 mVersion;
Encoding mEncoding;
cMemoryArchive mBaggage; // items that have been serialized to this object
cFileHeaderID mID;
uint32 mVersion;
Encoding mEncoding;
cMemoryArchive mBaggage; // items that have been serialized to this object
};
inline const cFileHeaderID& cFileHeader::GetID() const
@ -164,3 +163,4 @@ inline const cMemoryArchive& cFileHeader::GetBaggage() const
}
#endif

10
src/core/fixedfilebuf.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -45,6 +45,10 @@
#define __FIXED_FILEBUF_H
#include <fstream>
#define fixed_basic_ofstream std::basic_ofstream
#endif //__FIXED_FILEBUF_H
#if IS_UNIX
#define fixed_basic_ofstream std::basic_ofstream
#endif // IS_WIN32/IS_UNIX
#endif//__FIXED_FILEBUF_H

4
src/core/fsservices.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -43,3 +43,5 @@ iFSServices* iFSServices::mpInstance = 0;
//#############################################################################
// eFSServices
//#############################################################################

376
src/core/fsservices.h
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -65,14 +65,15 @@
// STANDARD LIBRARY INCLUDES
//=========================================================================
#if HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
#if IS_UNIX
#if HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
#if HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
#endif
//=========================================================================
// DEFINES AND MACROS
@ -80,26 +81,26 @@
// macros for extracting the major and minor portions of int64's:
#if !defined(major)
# if !USES_GLIBC
# define major(x) ((int)((x) >> 8) & 0xff)
# define minor(x) ((int)((x)&0xff))
# else
# ifdef WORDS_BIGENDIAN
# define major(x) (int)(((char*)&(x))[2])
# define minor(x) (int)(((char*)&(x))[3])
# else
# define major(x) (int)(((char*)&(x))[1])
# define minor(x) (int)(((char*)&(x))[0])
# endif
# endif
#if !USES_GLIBC
#define major(x) ((int)((x) >> 8) & 0xff)
#define minor(x) ((int)((x) & 0xff))
#else
#ifdef WORDS_BIGENDIAN
#define major(x) (int)(((char*)&(x))[2])
#define minor(x) (int)(((char*)&(x))[3])
#else
#define major(x) (int)(((char*)&(x))[1])
#define minor(x) (int)(((char*)&(x))[0])
#endif
#endif
#endif /* !major */
//=========================================================================
// TYPEDEFS
//=========================================================================
typedef int64 cFSTime;
typedef int64 cFSType;
typedef int64 cFSTime;
typedef int64 cFSType;
//=========================================================================
// GLOBALS
@ -122,58 +123,56 @@ typedef int64 cFSType;
// this class is used only to pass arguments to iFSServices
// it is the union of MAX(elem) for all the file systems that we support
struct cFSStatArgs
{
enum FileType
{
TY_INVALID, // lazy evaluation
TY_FILE,
TY_DIR,
TY_BLOCKDEV,
TY_CHARDEV,
TY_SYMLINK,
TY_FIFO,
TY_SOCK,
TY_DOOR,
TY_PORT,
TY_NAMED
};
struct cFSStatArgs {
enum FileType {
TY_INVALID, // lazy evaluation
TY_FILE,
TY_DIR,
TY_BLOCKDEV,
TY_CHARDEV,
TY_SYMLINK,
TY_FIFO,
TY_SOCK,
TY_DOOR,
TY_PORT
};
// attr is fs dependent?
uint64 dev; // dep
int64 ino; // dep
int64 mode; // dep
int64 nlink; // indep
int64 uid; // dep
int64 gid; // dep
uint64 rdev; // dep
int64 size; // indep
cFSTime atime; // indep
cFSTime mtime; // indep
cFSTime ctime; // indep
int64 blksize; // indep
int64 blocks; // dep
int64 fstype; // dep
TSTRING usid; // dep
TSTRING gsid; // dep
// int64 mFileType; // Matt's addition...
// attr is fs dependent?
uint64 dev; // dep
int64 ino; // dep
int64 mode; // dep
int64 nlink; // indep
int64 uid; // dep
int64 gid; // dep
uint64 rdev; // dep
int64 size; // indep
cFSTime atime; // indep
cFSTime mtime; // indep
cFSTime ctime; // indep
int64 blksize; // indep
int64 blocks; // dep
int64 fstype; // dep
TSTRING usid; // dep
TSTRING gsid; // dep
// int64 mFileType; // Matt's addition...
FileType mFileType; // redundant with other information in this struct, but
// broken out for convenience
FileType mFileType; // redundant with other information in this struct, but
// broken out for convenience
//TODO: access control list should go here, too
//std::list <cACLElem> mACL; // indep
//TODO: access control list should go here, too
//std::list <cACLElem> mACL; // indep
};
//=========================================================================
//
// eFSServices -- exception class
//
//=========================================================================
TSS_FILE_EXCEPTION(eFSServices, eFileError);
TSS_FILE_EXCEPTION(eFSServicesGeneric, eFSServices);
TSS_FILE_EXCEPTION( eFSServices, eFileError );
TSS_FILE_EXCEPTION( eFSServicesGeneric, eFSServices );
//=========================================================================
//
@ -185,161 +184,163 @@ TSS_FILE_EXCEPTION(eFSServicesGeneric, eFSServices);
class iFSServices
{
public:
virtual ~iFSServices()
{
}
///////////////////////////////////////////////////////////////
// ENUMS
///////////////////////////////////////////////////////////////
public:
virtual ~iFSServices() {}
///////////////////////////////////////////////////////////////
// ENUMS
///////////////////////////////////////////////////////////////
////////////////////////////////////////
// file creation modes
////////////////////////////////////////
enum Mode
{
MODE_DEFAULT = 0,
MODE_READ = 1,
MODE_WRITE = 2,
MODE_SHARE_DELETE = 4,
MODE_SHARE_READ = 8,
MODE_SHARE_WRITE = 16,
MODE_CREATE_EXCL = 32,
MODE_CREATE_TRUNCATE = 64
};
////////////////////////////////////////
// file creation modes
////////////////////////////////////////
enum Mode
{
MODE_DEFAULT = 0,
MODE_READ = 1,
MODE_WRITE = 2,
MODE_SHARE_DELETE = 4,
MODE_SHARE_READ = 8,
MODE_SHARE_WRITE = 16,
MODE_CREATE_EXCL = 32,
MODE_CREATE_TRUNCATE = 64
};
////////////////////////////////////////
// maximum path length on platform
////////////////////////////////////////
enum
{
#ifdef MAXPATHLEN
TW_MAX_PATH = MAXPATHLEN
#else
TW_MAX_PATH = 1024
////////////////////////////////////////
// maximum path length on platform
////////////////////////////////////////
enum
{
#if IS_UNIX
#ifdef MAXPATHLEN
TW_MAX_PATH = MAXPATHLEN
#else
TW_MAX_PATH = 1024
#endif
#endif
};
};
///////////////////////////////////////////////////////////////
// MEMBER FUNCTIONS
///////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////
// MEMBER FUNCTIONS
///////////////////////////////////////////////////////////////
////////////////////////////////////////
// platform specific functions
////////////////////////////////////////
virtual bool IsCaseSensitive() const = 0;
// returns true if the file system is case sensitive
virtual TCHAR GetPathSeparator() const = 0;
// returns "/" for unix and "\\" for win32
virtual const TCHAR* GetStandardBackupExtension() const = 0;
// returns normal string to append to backup files for this os.
////////////////////////////////////////
// platform specific functions
////////////////////////////////////////
virtual bool IsCaseSensitive() const = 0;
// returns true if the file system is case sensitive
virtual TCHAR GetPathSeparator() const = 0;
// returns "/" for unix and "\\" for win32
virtual const TCHAR* GetStandardBackupExtension() const = 0;
// returns normal string to append to backup files for this os.
////////////////////////////////////////
// process functions
////////////////////////////////////////
virtual void Sleep(int nSeconds) const = 0;
// makes the current process sleep for the specified number of seconds
////////////////////////////////////////
// process functions
////////////////////////////////////////
virtual void Sleep( int nSeconds ) const = 0;
// makes the current process sleep for the specified number of seconds
////////////////////////////////////////
// major filesystem functions
////////////////////////////////////////
virtual void Stat(const TSTRING& strFileName, cFSStatArgs& pStat) const = 0;
// fills out the cFSStatArgs structure with the stat info for the named file
virtual void GetTempDirName(TSTRING& strName) const = 0;
// makes directory if it doesn't exist already. Dirname will end with a delimiter ( '/' )
////////////////////////////////////////
// major filesystem functions
////////////////////////////////////////
virtual void Stat( const TSTRING& strFileName, cFSStatArgs& pStat ) const throw( eFSServices ) = 0;
// fills out the cFSStatArgs structure with the stat info for the named file
virtual void GetTempDirName( TSTRING& strName ) const throw( eFSServices ) = 0;
// makes directory if it doesn't exist already. Dirname will end with a delimiter ( '/' )
virtual void SetTempDirName(TSTRING& tmpName) = 0;
virtual void SetTempDirName( TSTRING& tmpName ) = 0;
virtual TSTRING& MakeTempFilename(TSTRING& strName) const = 0;
// create temporary file
// TSTRING must have the form ("baseXXXXXX"), where the X's are replaced with
// characters to make it a unique file. There must be at least 6 Xs.
virtual TSTRING& MakeTempFilename( TSTRING& strName ) const throw( eFSServices ) = 0;
// create temporary file
// TSTRING must have the form ("baseXXXXXX"), where the X's are replaced with
// characters to make it a unique file. There must be at least 6 Xs.
////////////////////////////////////////
// minor filesystem functions
////////////////////////////////////////
virtual void GetHostID(TSTRING& name) const = 0;
////////////////////////////////////////
// minor filesystem functions
////////////////////////////////////////
virtual void GetHostID( TSTRING& name ) const = 0;
virtual void GetMachineName(TSTRING& name) const = 0;
virtual void GetMachineName( TSTRING& name ) const throw(eFSServices) = 0;
virtual void GetMachineNameFullyQualified(TSTRING& name) const = 0;
virtual void GetMachineNameFullyQualified( TSTRING& name ) const = 0;
virtual bool GetCurrentUserName(TSTRING& tstrName) const = 0;
virtual bool GetCurrentUserName( TSTRING& tstrName ) const = 0;
virtual bool GetIPAddress(uint32& uiIPAddress) = 0;
virtual bool GetIPAddress( uint32& uiIPAddress ) = 0;
////////////////////////////////////////
// directory specific functions
////////////////////////////////////////
virtual void ReadDir(const TSTRING& strName, std::vector<TSTRING>& vDirContents, bool bFullPaths = true) const = 0;
// puts the contents of the specified directory, except for . and .., into the supplied vector.
// if bFullPaths is true, then the vector contains fully qualified path names; otherwise, it only contains the
// short names.
virtual void GetCurrentDir(TSTRING& strCurDir) const = 0;
// returns the current working directory
////////////////////////////////////////
// directory specific functions
////////////////////////////////////////
virtual void ReadDir( const TSTRING& strName, std::vector<TSTRING> &vDirContents, bool bFullPaths = true ) const throw( eFSServices ) = 0;
// puts the contents of the specified directory, except for . and .., into the supplied vector.
// if bFullPaths is true, then the vector contains fully qualified path names; otherwise, it only contains the
// short names.
virtual void GetCurrentDir( TSTRING& strCurDir ) const throw( eFSServices ) = 0;
// returns the current working directory
////////////////////////////////////////
// file specific functions
////////////////////////////////////////
virtual bool FileDelete(const TSTRING& name) const = 0;
////////////////////////////////////////
// file specific functions
////////////////////////////////////////
virtual bool FileDelete( const TSTRING& name ) const = 0;
////////////////////////////////////////
// directory and file functions
////////////////////////////////////////
virtual bool Rename(const TSTRING& strOldName, const TSTRING& strNewName, bool fOverWrite = true) const = 0;
// rename a file
////////////////////////////////////////
// directory and file functions
////////////////////////////////////////
virtual bool Rename( const TSTRING& strOldName, const TSTRING& strNewName, bool fOverWrite = true ) const = 0;
// rename a file
virtual bool GetUserName(uid_t user_id, TSTRING& tstrUser) const = 0;
virtual bool GetGroupName(gid_t group_id, TSTRING& tstrGroup) const = 0;
virtual bool GetOwnerForFile( const TSTRING& tstrFilename, TSTRING& tstrUser ) const = 0;
virtual bool GetGroupForFile( const TSTRING& tstrFilename, TSTRING& tstrGroup ) const = 0;
virtual bool GetUserName( uid_t user_id, TSTRING& tstrUser ) const = 0;
virtual bool GetGroupName( gid_t group_id, TSTRING& tstrGroup ) const = 0;
//Set whether we try to resolve uid/gid to a name, since Linux static binaries can
//have trouble (read: segfaulting) with name resolution given the right nsswitch.conf setup.
//This defaults to true if not specified.
virtual void SetResolveNames(bool resolve) = 0;
//Set whether we try to resolve uid/gid to a name, since Linux static binaries can
//have trouble (read: segfaulting) with name resolution given the right nsswitch.conf setup.
//This defaults to true if not specified.
virtual void SetResolveNames(bool resolve)=0;
////////////////////////////////////////
// miscellaneous utility functions
////////////////////////////////////////
virtual void ConvertModeToString(uint64 perm, TSTRING& tstrPerm) const = 0;
// takes a int64 permission (from stat) and changes it to look like UNIX's 'ls -l' (e.g. drwxrwxrwx)
virtual bool FullPath(TSTRING& fullPath, const TSTRING& relPath, const TSTRING& pathRelFrom = _T("")) const = 0;
// converts relPath into a fully qualified path, storing it in FullPath. If this
// fails, false is returned. if the path to which relPath is relative is not CWD, put it in pathRelFrom.
// TODO: In some places we have depended on the behaviour that if relPath.empty() == true then we
// fail or return an empty string. Should we add this behaviour to the interface?
virtual bool GetExecutableFilename(TSTRING& strFullPath, const TSTRING& strFilename) const = 0;
// get the path to the current executable file
virtual bool IsRoot(const TSTRING& strPath) const = 0;
// returns true if strPath denotes a root path
////////////////////////////////////////
// miscellaneous utility functions
////////////////////////////////////////
virtual void ConvertModeToString( uint64 perm, TSTRING& tstrPerm ) const = 0;
// takes a int64 permission (from stat) and changes it to look like UNIX's 'ls -l' (e.g. drwxrwxrwx)
virtual bool FullPath( TSTRING& fullPath, const TSTRING& relPath, const TSTRING& pathRelFrom = _T("") ) const = 0;
// converts relPath into a fully qualified path, storing it in FullPath. If this
// fails, false is returned. if the path to which relPath is relative is not CWD, put it in pathRelFrom.
// TODO: In some places we have depended on the behaviour that if relPath.empty() == true then we
// fail or return an empty string. Should we add this behaviour to the interface?
virtual bool GetExecutableFilename( TSTRING& strFullPath, const TSTRING& strFilename ) const = 0;
// get the path to the current executable file
virtual bool IsRoot( const TSTRING& strPath ) const = 0;
// returns true if strPath denotes a root path
////////////////////////////////////////
// error functions
////////////////////////////////////////
virtual TSTRING GetErrString() const = 0;
// Returns an error string that is appropriate for the system, (e.g. errorstr(errno)
// on UNIX and FormatError( ..., GetLastError(), ...) in Win32
// Call this immediately after a failed system call to get a string
// representation of the error event.
////////////////////////////////////////
// error functions
////////////////////////////////////////
virtual TSTRING GetErrString() const = 0;
// Returns an error string that is appropriate for the system, (e.g. errorstr(errno)
// on UNIX and FormatError( ..., GetLastError(), ...) in Win32
// Call this immediately after a failed system call to get a string
// representation of the error event.
////////////////////////////////////////
// singleton manipulation
////////////////////////////////////////
static iFSServices* GetInstance();
static void SetInstance(iFSServices* pInst);
////////////////////////////////////////
// singleton manipulation
////////////////////////////////////////
static iFSServices* GetInstance();
static void SetInstance( iFSServices* pInst );
///////////////////////////////////////////////////////////////
// PRIVATE DATA
///////////////////////////////////////////////////////////////
private:
static iFSServices* mpInstance;
///////////////////////////////////////////////////////////////
// PRIVATE DATA
///////////////////////////////////////////////////////////////
private:
static iFSServices* mpInstance;
};
@ -348,15 +349,16 @@ private:
//=========================================================================
inline iFSServices* iFSServices::GetInstance()
{
ASSERT(mpInstance != 0);
ASSERT(mpInstance != 0);
return mpInstance;
return mpInstance;
}
inline void iFSServices::SetInstance(iFSServices* pInst)
inline void iFSServices::SetInstance( iFSServices* pInst )
{
mpInstance = pInst;
mpInstance = pInst;
}
#endif

109
src/core/growheap.cpp
View File

@ -1,6 +1,6 @@
//
// The developer of the original code and/or files is Tripwire, Inc.
// Portions created by Tripwire, Inc. are copyright (C) 2000-2018 Tripwire,
// Portions created by Tripwire, Inc. are copyright (C) 2000 Tripwire,
// Inc. Tripwire is a registered trademark of Tripwire, Inc. All rights
// reserved.
//
@ -44,51 +44,48 @@ public:
class cHeap
{
public:
size_t mSize;
int8* mpData;
size_t mSize;
int8* mpData;
cHeap(size_t size) : mSize(size), mpData(new int8[size])
{
ASSERT(mpData != 0);
}
// Note: The above ASSERT should never occur! If the new failed we should have thrown a bad_alloc().
cHeap( size_t size ) : mSize( size ), mpData( new int8[size] ) { ASSERT(mpData != 0); }
// Note: The above ASSERT should never occur! If the new failed we should have thrown a bad_alloc().
};
typedef std::vector<cHeap> HeapList;
size_t mInitialSize;
size_t mGrowBy;
HeapList mHeaps;
TSTRING mName;
size_t mCurOff;
size_t mInitialSize;
size_t mGrowBy;
HeapList mHeaps;
TSTRING mName;
size_t mCurOff;
cGrowHeap_i(size_t initialSize, size_t growBy, const TCHAR* name);
~cGrowHeap_i()
{
Clear();
}
cGrowHeap_i( size_t initialSize, size_t growBy, const TCHAR* name );
~cGrowHeap_i() { Clear(); }
size_t AlignSizeRequest(size_t size, size_t alignSize);
void* Malloc(size_t size);
void Clear();
size_t AlignSizeRequest( size_t size, size_t alignSize );
void* Malloc( size_t size );
void Clear();
};
cGrowHeap_i::cGrowHeap_i(size_t initialSize, size_t growBy, const TCHAR* name)
: mInitialSize(initialSize), mGrowBy(growBy), mName(name), mCurOff(0)
cGrowHeap_i::cGrowHeap_i( size_t initialSize, size_t growBy, const TCHAR* name )
: mInitialSize( initialSize ),
mGrowBy ( growBy ),
mName ( name ),
mCurOff ( 0 )
{
// assure that initial size and growby are aligned
ASSERT(0 == (initialSize % BYTE_ALIGN));
ASSERT(0 == (growBy % BYTE_ALIGN));
ASSERT( 0 == ( initialSize % BYTE_ALIGN ) );
ASSERT( 0 == ( growBy % BYTE_ALIGN ) );
}
size_t cGrowHeap::TotalMemUsage() const
{
size_t usage = 0;
for (cGrowHeap_i::HeapList::const_iterator i = mpData->mHeaps.begin(); i != mpData->mHeaps.end(); i++)
for( cGrowHeap_i::HeapList::const_iterator i = mpData->mHeaps.begin(); i != mpData->mHeaps.end(); i++ )
{
usage += i->mSize;
}
if (!mpData->mHeaps.empty())
if( ! mpData->mHeaps.empty() )
{
// take off the unused portion...
usage -= (mpData->mHeaps.back().mSize - mpData->mCurOff);
@ -97,23 +94,23 @@ size_t cGrowHeap::TotalMemUsage() const
}
void* cGrowHeap_i::Malloc(size_t size)
void* cGrowHeap_i::Malloc( size_t size )
{
size = AlignSizeRequest(size, BYTE_ALIGN);
size = AlignSizeRequest( size, BYTE_ALIGN );
ASSERT((size > 0) && (size < mGrowBy));
ASSERT( ( size > 0 ) && ( size < mGrowBy ) );
if (size >= mGrowBy)
if( size >= mGrowBy )
return NULL;
if (mHeaps.empty())
if( mHeaps.empty() )
{
mHeaps.push_back(cHeap(mInitialSize));
mHeaps.push_back( cHeap( mInitialSize ) );
ASSERT(mHeaps.back().mpData != 0);
mCurOff = 0;
mCurOff = 0;
}
if (mCurOff + size < mHeaps.back().mSize)
if( mCurOff + size < mHeaps.back().mSize )
{
// we have room to add this to the current heap.
//
@ -125,43 +122,43 @@ void* cGrowHeap_i::Malloc(size_t size)
}
else
{
mHeaps.push_back(cHeap(mGrowBy));
mHeaps.push_back( cHeap( mGrowBy ) );
ASSERT(mHeaps.back().mpData != 0);
mCurOff = 0;
#ifdef _DEUBG
void* ret = Malloc(size);
ASSERT(ret != 0);
return ret;
#else
return Malloc(size);
#endif
#ifdef _DEUBG
void* ret = Malloc( size );
ASSERT(ret != 0);
return ret;
#else
return Malloc( size );
#endif
}
}
size_t cGrowHeap_i::AlignSizeRequest(size_t size, size_t alignSize)
size_t cGrowHeap_i::AlignSizeRequest( size_t size, size_t alignSize )
{
// The two's complement algorithm requires a non-zero size request size,
// so make make all requests require it so that this function
// acts the same no matter what the integer representation
if (0 == size)
if( 0 == size )
size = 1;
#if USES_2S_COMPLEMENT
// This efficient algorithm assumes alignSize is power of two AND a
// 2's complement representation. Requires non-zero size request
ASSERT(0 == (alignSize % 2));
ASSERT(size > 0);
return ((size + alignSize - 1) & ~(alignSize - 1));
ASSERT( 0 == ( alignSize % 2 ) );
ASSERT( size > 0 );
return( ( size + alignSize - 1 ) & ~( alignSize - 1 ) );
#else
// this makes no assumption about BYTE_ALIGN or hardware integer representation
return (((size / alignSize) + ((size % alignSize) ? 1 : 0)) * alignSize);
return( ( ( size / alignSize ) + ( ( size % alignSize ) ? 1 : 0 ) ) * alignSize );
#endif
}
void cGrowHeap_i::Clear()
{
for (HeapList::iterator i = mHeaps.begin(); i != mHeaps.end(); i++)
for( HeapList::iterator i = mHeaps.begin(); i != mHeaps.end(); i++ )
{
delete [] i->mpData;
}
@ -171,25 +168,27 @@ void cGrowHeap_i::Clear()
//-----------------------------------------------------------------------------
// cGrowHeap
//-----------------------------------------------------------------------------
cGrowHeap::cGrowHeap(size_t initialSize, size_t growBy, const TCHAR* name)
: mpData(new cGrowHeap_i(initialSize, growBy, name))
cGrowHeap::cGrowHeap( size_t initialSize, size_t growBy, const TCHAR* name ) :
mpData( new cGrowHeap_i( initialSize, growBy, name ) )
{
}
cGrowHeap::~cGrowHeap()
{
cDebug d("FCO name heap stats");
d.TraceDebug(_T("Total heap memory usage for %s: %d\n"), mpData->mName.c_str(), TotalMemUsage());
d.TraceDebug( _T("Total heap memory usage for %s: %d\n"), mpData->mName.c_str(), TotalMemUsage() );
delete mpData;
}
void* cGrowHeap::Malloc(size_t size)
void* cGrowHeap::Malloc( size_t size )
{
return mpData->Malloc(size);
return mpData->Malloc( size );
}
void cGrowHeap::Clear()
{
mpData->Clear();
}

Some files were not shown because too many files have changed in this diff Show More