From 9db9474dd092a67e37af54a2eb898cea625a98cd Mon Sep 17 00:00:00 2001 From: Panu Matilainen Date: Tue, 11 Jun 2019 16:12:56 +0300 Subject: [PATCH 2/3] Refer to the RPMVERIFY_* constants instead of VERIFY_* counterparts The RPMVERIFY_* values always refer to corresponding file verification attributes, which is what we're dealing with here. The VERIFY_* constants do not exist in all versions, and include things that do not make any sense at all for files anyway, such as VERIFY_DEPS and VERIFY_SCRIPT which are package-level operations and VERIFY_SIGNATURE and VERIFY_DIGEST which are not verify operations at all. --- src/OVAL/probes/unix/linux/rpmverify_probe.c | 21 ++++++---------- .../probes/unix/linux/rpmverifyfile_probe.c | 25 +++++++++---------- 2 files changed, 20 insertions(+), 26 deletions(-) diff --git a/src/OVAL/probes/unix/linux/rpmverify_probe.c b/src/OVAL/probes/unix/linux/rpmverify_probe.c index 07bd09d84..dbc9523ba 100644 --- a/src/OVAL/probes/unix/linux/rpmverify_probe.c +++ b/src/OVAL/probes/unix/linux/rpmverify_probe.c @@ -303,19 +303,14 @@ typedef struct { } rpmverify_bhmap_t; const rpmverify_bhmap_t rpmverify_bhmap[] = { - { "nodeps", (uint64_t)VERIFY_DEPS }, - { "nodigest", (uint64_t)VERIFY_DIGEST }, - { "nofiles", (uint64_t)VERIFY_FILES }, - { "noscripts", (uint64_t)VERIFY_SCRIPT }, - { "nosignature", (uint64_t)VERIFY_SIGNATURE }, - { "nolinkto", (uint64_t)VERIFY_LINKTO }, - { "nomd5", (uint64_t)VERIFY_MD5 }, - { "nosize", (uint64_t)VERIFY_SIZE }, - { "nouser", (uint64_t)VERIFY_USER }, - { "nogroup", (uint64_t)VERIFY_GROUP }, - { "nomtime", (uint64_t)VERIFY_MTIME }, - { "nomode", (uint64_t)VERIFY_MODE }, - { "nordev", (uint64_t)VERIFY_RDEV }, + { "nolinkto", (uint64_t)RPMVERIFY_LINKTO }, + { "nomd5", (uint64_t)RPMVERIFY_MD5 }, + { "nosize", (uint64_t)RPMVERIFY_FILESIZE }, + { "nouser", (uint64_t)RPMVERIFY_USER }, + { "nogroup", (uint64_t)RPMVERIFY_GROUP }, + { "nomtime", (uint64_t)RPMVERIFY_MTIME }, + { "nomode", (uint64_t)RPMVERIFY_MODE }, + { "nordev", (uint64_t)RPMVERIFY_RDEV }, { "noconfigfiles", RPMVERIFY_SKIP_CONFIG }, { "noghostfiles", RPMVERIFY_SKIP_GHOST } }; diff --git a/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c b/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c index d81728ebe..10fcdf8df 100644 --- a/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c +++ b/src/OVAL/probes/unix/linux/rpmverifyfile_probe.c @@ -83,11 +83,10 @@ struct rpmverify_res { * They all have the same value (1) - see 'rpm/rpmvf.h'. */ #define RPMVERIFY_FILEDIGEST RPMVERIFY_MD5 - #define VERIFY_FILEDIGEST VERIFY_MD5 - /* VERIFY_CAPS is not supported in older rpmlib. + /* RPMVERIFY_CAPS is not supported in older rpmlib. * We can set it to 0 because 0 is neutral to bit OR operation. */ - #define VERIFY_CAPS 0 + #define RPMVERIFY_CAPS 0 #endif #define RPMVERIFY_LOCK RPM_MUTEX_LOCK(&g_rpm->mutex) @@ -423,18 +422,18 @@ typedef struct { } rpmverifyfile_bhmap_t; const rpmverifyfile_bhmap_t rpmverifyfile_bhmap[] = { - { "nolinkto", (uint64_t)VERIFY_LINKTO }, - { "nomd5", (uint64_t)VERIFY_MD5 }, // deprecated since OVAL 5.11.1 - { "nosize", (uint64_t)VERIFY_SIZE }, - { "nouser", (uint64_t)VERIFY_USER }, - { "nogroup", (uint64_t)VERIFY_GROUP }, - { "nomtime", (uint64_t)VERIFY_MTIME }, - { "nomode", (uint64_t)VERIFY_MODE }, - { "nordev", (uint64_t)VERIFY_RDEV }, + { "nolinkto", (uint64_t)RPMVERIFY_LINKTO }, + { "nomd5", (uint64_t)RPMVERIFY_MD5 }, // deprecated since OVAL 5.11.1 + { "nosize", (uint64_t)RPMVERIFY_FILESIZE }, + { "nouser", (uint64_t)RPMVERIFY_USER }, + { "nogroup", (uint64_t)RPMVERIFY_GROUP }, + { "nomtime", (uint64_t)RPMVERIFY_MTIME }, + { "nomode", (uint64_t)RPMVERIFY_MODE }, + { "nordev", (uint64_t)RPMVERIFY_RDEV }, { "noconfigfiles", RPMVERIFY_SKIP_CONFIG }, { "noghostfiles", RPMVERIFY_SKIP_GHOST }, - { "nofiledigest", (uint64_t)VERIFY_FILEDIGEST }, - { "nocaps", (uint64_t)VERIFY_CAPS } + { "nofiledigest", (uint64_t)RPMVERIFY_FILEDIGEST }, + { "nocaps", (uint64_t)RPMVERIFY_CAPS } }; int rpmverifyfile_probe_main(probe_ctx *ctx, void *arg) -- 2.22.0