1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
/*
* Copyright (C) 2009 Martin Willi
* Hochschule fuer Technik Rapperswil, Switzerland
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include <stdlib.h>
#include <stdio.h>
#include <dlfcn.h>
#include <library.h>
/* we need to fake some charon symbols to dlopen() its plugins */
void *charon, *eap_type_names, *auth_class_names, *protocol_id_names,
*action_names, *ipsec_mode_names, *ike_sa_state_names, *child_sa_state_names,
*policy_dir_names, *ipcomp_transform_names, *debug_names, *controller_cb_empty;
int main(int argc, char* argv[])
{
int i;
integrity_checker_t *integrity;
/* avoid confusing leak reports in build process */
setenv("LEAK_DETECTIVE_DISABLE", "1", 0);
library_init(NULL);
atexit(library_deinit);
integrity = integrity_checker_create(NULL);
printf("/**\n");
printf(" * checksums of files and loaded code segments.\n");
printf(" * created by %s\n", argv[0]);
printf(" */\n");
printf("\n");
printf("#include <library.h>\n");
printf("\n");
printf("integrity_checksum_t checksums[] = {\n");
for (i = 1; i < argc; i++)
{
char *name, *path, *sname = NULL;
void *handle, *symbol;
u_int32_t fsum, ssum;
path = argv[i];
if ((name = strstr(path, "libstrongswan-")))
{
name = strdup(name + strlen("libstrongswan-"));
name[strlen(name) - 3] = '"';
name[strlen(name) - 2] = ',';
name[strlen(name) - 1] = '\0';
sname = "plugin_create";
}
else if (strstr(path, "libstrongswan.so"))
{
name = strdup("libstrongswan\",");
sname = "library_init";
}
else if (strstr(path, "charon"))
{
name = strdup("charon\",");
}
else if (strstr(path, "pluto"))
{
name = strdup("pluto\",");
}
else
{
fprintf(stderr, "don't know how to handle '%s', ignored", path);
continue;
}
fsum = integrity->build_file(integrity, path);
ssum = 0;
if (sname)
{
handle = dlopen(path, RTLD_LAZY);
if (handle)
{
symbol = dlsym(handle, sname);
if (symbol)
{
ssum = integrity->build_segment(integrity, symbol);
}
else
{
fprintf(stderr, "symbol lookup failed: %s\n", dlerror());
}
dlclose(handle);
}
else
{
fprintf(stderr, "dlopen failed: %s\n", dlerror());
}
}
printf("\t{\"%-20s0x%08x, 0x%08x},\n", name, fsum, ssum);
free(name);
}
printf("};\n");
printf("\n");
printf("int checksum_count = countof(checksums);\n");
printf("\n");
integrity->destroy(integrity);
exit(0);
}
|
