Date: Thu, 26 May 2005 15:32:22 GMT From: "Christian S.J. Peron" <csjp@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 77511 for review Message-ID: <200505261532.j4QFWMVj090402@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=77511 Change 77511 by csjp@csjp_xor on 2005/05/26 15:32:08 -Introduce -W this can be used when trying to determine what dependency along the line resulted in the failure to execute an object. A warning is produced if the checksum registered with the object does not match the checksum of the object itself. Affected files ... .. //depot/projects/trustedbsd/mac/usr.sbin/getfhash/getfhash.c#6 edit Differences ... ==== //depot/projects/trustedbsd/mac/usr.sbin/getfhash/getfhash.c#6 (text+ko) ==== @@ -24,6 +24,7 @@ * SUCH DAMAGE. */ #include <sys/types.h> +#include <sys/stat.h> #include <sys/sysctl.h> #include <sys/extattr.h> #include <sys/time.h> @@ -31,12 +32,15 @@ #include <security/mac_chkexec/mac_chkexec.h> +#include <sha.h> +#include <md5.h> #include <err.h> #include <errno.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> +#include <fcntl.h> static void print_hash(const char *); static void process_depends(const char *); @@ -47,8 +51,94 @@ static int dflag; static int rflag; static char *mflag; +static int Wflag; + static void (*handler)(const char *); +static int +calc_sha1(const char *fname, u_char *digest) +{ + SHA1_CTX shac; + int fd, len, error, count; + struct stat sb; + off_t b; + char *buffer; + + fd = open(fname, O_RDONLY); + if (fd < 0) { + warn("open failed"); + return (fd); + } + if (fstat(fd, &sb) < 0) { + warn("fstat failed"); + close(fd); + return (-1); + } + len = getpagesize(); + buffer = malloc(len); + SHA1_Init(&shac); + for (b = 0; b < sb.st_size; b += len) { + if ((len + b) > sb.st_size) + count = sb.st_size - b; + else + count = len; + error = read(fd, buffer, count); + if (error < 0) { + close(fd); + free(buffer); + warn("read failed"); + return (error); + } + SHA1_Update(&shac, buffer, count); + } + close(fd); + SHA1_Final(digest, &shac); + free(buffer); + return (0); +} + +static int +calc_md5(const char *fname, u_char *digest) +{ + MD5_CTX ctx; + int fd, len, error, count; + struct stat sb; + off_t b; + char *buffer; + + fd = open(fname, O_RDONLY); + if (fd < 0) { + warn("open failed"); + return (fd); + } + if (fstat(fd, &sb) < 0) { + warn("fstat failed"); + close(fd); + return (-1); + } + len = getpagesize(); + buffer = malloc(len); + MD5Init(&ctx); + for (b = 0; b < sb.st_size; b += len) { + if ((len + b) > sb.st_size) + count = sb.st_size - b; + else + count = len; + error = read(fd, buffer, count); + if (error < 0) { + close(fd); + free(buffer); + warn("read failed"); + return (error); + } + MD5Update(&ctx, buffer, count); + } + close(fd); + MD5Final(digest, &ctx); + free(buffer); + return (0); +} + static void process_depends(const char *pathname) { @@ -116,6 +206,7 @@ int i, error; int nbytes; const char *algo; + u_char digest[64]; error = extattr_get_file(pathname, MAC_CHKEXEC_ATTRN, MAC_CHKEXEC, (void *)&sum, sizeof(sum)); @@ -138,6 +229,12 @@ printf("%s: %s ", pathname, algo); for (i = 0; i < nbytes; i++) printf("%02x", sum.vs_sum[i]); + if (Wflag) { + calc_sha1(pathname, &digest[0]); + if (memcmp(&digest[0], &sum.vs_sum[0], nbytes) != 0) { + printf(" (conflicting checksum)"); + } + } putchar('\n'); if (dflag) process_depends(pathname); @@ -172,7 +269,7 @@ handler = print_hash; else errx(1, "what program am I supposed to be?"); - while ((ch = getopt(argc, argv, "dhm:r")) != -1) + while ((ch = getopt(argc, argv, "dhm:rW")) != -1) switch(ch) { case 'd': dflag++; @@ -183,6 +280,9 @@ case 'r': rflag++; break; + case 'W': + Wflag++; + break; default: break; }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200505261532.j4QFWMVj090402>