diff -urpN mtree-3.7.20050808-fixes/Makefile mtree-3.7.20050808-linux/Makefile --- mtree-3.7.20050808-fixes/Makefile Thu Jan 1 00:00:00 1970 +++ mtree-3.7.20050808-linux/Makefile Sun Jul 28 08:18:17 2002 @@ -0,0 +1,2 @@ +all clean: + $(MAKE) -C usr.sbin/mtree $@ diff -urpN mtree-3.7.20050808-fixes/lib/libc/gen/setmode.c mtree-3.7.20050808-linux/lib/libc/gen/setmode.c --- mtree-3.7.20050808-fixes/lib/libc/gen/setmode.c Mon Aug 8 07:19:51 2005 +++ mtree-3.7.20050808-linux/lib/libc/gen/setmode.c Mon Aug 8 07:19:51 2005 @@ -208,13 +208,13 @@ setmode(const char *p) if (isdigit(*p)) { perml = strtoul(p, &ep, 8); /* The test on perml will also catch overflow. */ - if (*ep != '\0' || (perml & ~(STANDARD_BITS|S_ISTXT))) { + if (*ep != '\0' || (perml & ~(STANDARD_BITS|S_ISVTX))) { free(saveset); errno = ERANGE; return (NULL); } perm = (mode_t)perml; - ADDCMD('=', (STANDARD_BITS|S_ISTXT), perm, mask); + ADDCMD('=', (STANDARD_BITS|S_ISVTX), perm, mask); set->cmd = 0; return (saveset); } @@ -251,7 +251,7 @@ getop: if ((op = *p++) != '+' && op != if (op == '=') equalopdone = 0; - who &= ~S_ISTXT; + who &= ~S_ISVTX; for (perm = 0, permXbits = 0;; ++p) { switch (*p) { case 'r': @@ -271,8 +271,8 @@ getop: if ((op = *p++) != '+' && op != * only "other" bits ignore sticky. */ if (who == 0 || (who & ~S_IRWXO)) { - who |= S_ISTXT; - perm |= S_ISTXT; + who |= S_ISVTX; + perm |= S_ISVTX; } break; case 'w': diff -urpN mtree-3.7.20050808-fixes/usr.sbin/mtree/Makefile mtree-3.7.20050808-linux/usr.sbin/mtree/Makefile --- mtree-3.7.20050808-fixes/usr.sbin/mtree/Makefile Sun May 2 17:55:53 2004 +++ mtree-3.7.20050808-linux/usr.sbin/mtree/Makefile Mon Aug 8 07:23:09 2005 @@ -1,8 +1,33 @@ # $OpenBSD: Makefile,v 1.7 2004/05/02 17:55:53 millert Exp $ +CC = gcc +LD = gcc +RM = rm -f +ifndef CFLAGS +CFLAGS = -O2 -fomit-frame-pointer +endif +CFLAGS += -I. -I../../include +CFLAGS += -Wall -Dlint +LDFLAGS = -s +LDLIBS = -lcrypto + PROG= mtree #CFLAGS+=-DDEBUG MAN= mtree.8 -SRCS= compare.c crc.c create.c misc.c mtree.c spec.c verify.c -.include +SRCS= compare.c crc.c create.c misc.c mtree.c spec.c verify.c \ + hashfile.c \ + ../../lib/libc/gen/setmode.c \ + ../../lib/libc/gen/vis.c \ + ../../lib/libc/gen/unvis.c + +all: $(PROG) + +$(PROG): $(SRCS:.c=.o) + $(LD) $(LDFLAGS) $+ $(LDLIBS) -o $@ + +.c.o: + $(CC) -c $(CFLAGS) $< -o $@ + +clean: + $(RM) $(PROG) $(SRCS:.c=.o) diff -urpN mtree-3.7.20050808-fixes/usr.sbin/mtree/compare.c mtree-3.7.20050808-linux/usr.sbin/mtree/compare.c --- mtree-3.7.20050808-fixes/usr.sbin/mtree/compare.c Mon Aug 8 13:59:53 2005 +++ mtree-3.7.20050808-linux/usr.sbin/mtree/compare.c Mon Aug 8 07:17:51 2005 @@ -38,6 +38,7 @@ static const char rcsid[] = "$OpenBSD: c #endif #endif /* not lint */ +#define _GNU_SOURCE #include #include #include @@ -45,12 +46,11 @@ static const char rcsid[] = "$OpenBSD: c #include #include #include +#include #include -#include -#include -#include #include "mtree.h" #include "extern.h" +#include "hashfile.h" extern int lflag, tflag, uflag; @@ -189,7 +189,7 @@ typeerr: LABEL; } if (s->flags & F_SIZE && s->st_size != p->fts_statp->st_size) { LABEL; - (void)printf("%ssize (%qd, %qd)\n", + (void)printf("%ssize (%lu, %lu)\n", tab, s->st_size, p->fts_statp->st_size); tab = "\t"; } @@ -205,14 +205,15 @@ typeerr: LABEL; struct timeval tv[2]; TIMESPEC_TO_TIMEVAL(&tv[0], &s->st_mtimespec); - TIMESPEC_TO_TIMEVAL(&tv[1], &p->fts_statp->st_mtimespec); + tv[1].tv_sec = p->fts_statp->st_mtime; + tv[1].tv_usec = 0; if (tv[0].tv_sec != tv[1].tv_sec || tv[0].tv_usec != tv[1].tv_usec) { LABEL; (void)printf("%smodification time (%.24s, ", tab, ctime(&s->st_mtimespec.tv_sec)); (void)printf("%.24s", - ctime(&p->fts_statp->st_mtimespec.tv_sec)); + ctime(&p->fts_statp->st_mtime)); if (tflag) { tv[1] = tv[0]; if (utimes(p->fts_accpath, tv)) @@ -299,6 +300,7 @@ typeerr: LABEL; LABEL; (void)printf("%slink ref (%s, %s)\n", tab, cp, s->slink); } +#if 0 if (s->flags & F_FLAGS && s->file_flags != p->fts_statp->st_flags) { char *db_flags = NULL; char *cur_flags = NULL; @@ -336,6 +338,7 @@ typeerr: LABEL; free(cur_flags); } } +#endif return (label); } diff -urpN mtree-3.7.20050808-fixes/usr.sbin/mtree/create.c mtree-3.7.20050808-linux/usr.sbin/mtree/create.c --- mtree-3.7.20050808-fixes/usr.sbin/mtree/create.c Mon Aug 8 16:56:53 2005 +++ mtree-3.7.20050808-linux/usr.sbin/mtree/create.c Mon Aug 8 16:58:25 2005 @@ -38,6 +38,7 @@ static const char rcsid[] = "$OpenBSD: c #endif #endif /* not lint */ +#define _GNU_SOURCE #include #include #include @@ -51,11 +52,9 @@ static const char rcsid[] = "$OpenBSD: c #include #include #include -#include -#include -#include #include "mtree.h" #include "extern.h" +#include "hashfile.h" #define INDENTNAMELEN 15 #define MAXLINELEN 80 @@ -197,17 +196,16 @@ statf(int indent, FTSENT *p) if (keys & F_NLINK && p->fts_statp->st_nlink != 1) output(indent, &offset, "nlink=%u", p->fts_statp->st_nlink); if (keys & F_SIZE && S_ISREG(p->fts_statp->st_mode)) - output(indent, &offset, "size=%qd", p->fts_statp->st_size); + output(indent, &offset, "size=%lu", p->fts_statp->st_size); if (keys & F_TIME) - output(indent, &offset, "time=%ld.%ld", - p->fts_statp->st_mtimespec.tv_sec, - p->fts_statp->st_mtimespec.tv_nsec); + output(indent, &offset, "time=%ld.0", + p->fts_statp->st_mtime); if (keys & F_CKSUM && S_ISREG(p->fts_statp->st_mode)) { if ((fd = open(p->fts_accpath, MTREE_O_FLAGS, 0)) < 0 || crc(fd, &val, &len)) error("%s: %s", p->fts_accpath, strerror(errno)); (void)close(fd); - output(indent, &offset, "cksum=%lu", val); + output(indent, &offset, "cksum=%u", val); } if (keys & F_MD5 && S_ISREG(p->fts_statp->st_mode)) { char *md5digest, buf[MD5_DIGEST_STRING_LENGTH]; @@ -247,6 +245,7 @@ statf(int indent, FTSENT *p) output(indent, &offset, "link=%s", escaped_name); free(escaped_name); } +#if 0 if (keys & F_FLAGS && !S_ISLNK(p->fts_statp->st_mode)) { char *file_flags; @@ -259,6 +258,7 @@ statf(int indent, FTSENT *p) output(indent, &offset, "flags=none"); free(file_flags); } +#endif (void)putchar('\n'); } diff -urpN mtree-3.7.20050808-fixes/usr.sbin/mtree/hashfile.c mtree-3.7.20050808-linux/usr.sbin/mtree/hashfile.c --- mtree-3.7.20050808-fixes/usr.sbin/mtree/hashfile.c Thu Jan 1 00:00:00 1970 +++ mtree-3.7.20050808-linux/usr.sbin/mtree/hashfile.c Mon Aug 8 14:04:02 2005 @@ -0,0 +1,75 @@ +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include + +#include "mtree.h" +#include "hashfile.h" + +#define FILE_BUFFER 0x1000 + +static char hex[16] = + "0123456789abcdef"; + +#define HASHFile(F, CTX, Init, Update, Final, N) \ +char *F(const char *pathname, char *output) \ +{ \ + CTX c; \ + unsigned char binary[N]; \ + struct stat st; \ + int fd, n, i; \ + char *buffer, *p; \ +\ + if (stat(pathname, &st)) return NULL; \ + if (!S_ISREG(st.st_mode)) { \ + errno = EIO; \ + return NULL; \ + } \ +\ + if ((fd = open(pathname, MTREE_O_FLAGS)) < 0) \ + return NULL; \ +\ + if (fstat(fd, &st)) { \ + close(fd); \ + return NULL; \ + } \ + if (!S_ISREG(st.st_mode)) { \ + close(fd); \ + errno = EIO; \ + return NULL; \ + } \ +\ + if (!(buffer = malloc(FILE_BUFFER))) { \ + close(fd); \ + errno = ENOMEM; \ + return NULL; \ + } \ +\ + Init(&c); \ + while ((n = read(fd, buffer, FILE_BUFFER)) > 0) \ + Update(&c, buffer, n); \ +\ + if (!n) { \ + Final(binary, &c); \ + p = output; \ + for (i = 0; i < N; i++) { \ + *p++ = hex[(int)binary[i] >> 4]; \ + *p++ = hex[(int)binary[i] & 0x0f]; \ + } \ + *p = '\0'; \ + } else \ + output = NULL; \ +\ + close(fd); \ + free(buffer); \ +\ + return output; \ +} + +HASHFile(MD5File, MD5_CTX, MD5_Init, MD5_Update, MD5_Final, 16) +HASHFile(SHA1File, SHA_CTX, SHA1_Init, SHA1_Update, SHA1_Final, 20) +HASHFile(RMD160File, RIPEMD160_CTX, + RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final, 20) diff -urpN mtree-3.7.20050808-fixes/usr.sbin/mtree/hashfile.h mtree-3.7.20050808-linux/usr.sbin/mtree/hashfile.h --- mtree-3.7.20050808-fixes/usr.sbin/mtree/hashfile.h Thu Jan 1 00:00:00 1970 +++ mtree-3.7.20050808-linux/usr.sbin/mtree/hashfile.h Mon Aug 8 14:03:18 2005 @@ -0,0 +1,16 @@ +#ifndef _HASHFILE_H +#define _HASHFILE_H + +#include +#include +#include + +#define MD5_DIGEST_STRING_LENGTH (MD5_DIGEST_LENGTH * 2 + 1) +#define SHA1_DIGEST_STRING_LENGTH (SHA_DIGEST_LENGTH * 2 + 1) +#define RMD160_DIGEST_STRING_LENGTH (RIPEMD160_DIGEST_LENGTH * 2 + 1) + +extern char *MD5File(const char *pathname, char *output); +extern char *SHA1File(const char *pathname, char *output); +extern char *RMD160File(const char *pathname, char *output); + +#endif diff -urpN mtree-3.7.20050808-fixes/usr.sbin/mtree/misc.c mtree-3.7.20050808-linux/usr.sbin/mtree/misc.c --- mtree-3.7.20050808-fixes/usr.sbin/mtree/misc.c Sun Aug 1 18:32:20 2004 +++ mtree-3.7.20050808-linux/usr.sbin/mtree/misc.c Mon Aug 8 07:17:51 2005 @@ -52,7 +52,9 @@ typedef struct _key { /* NB: the following table must be sorted lexically. */ static KEY keylist[] = { {"cksum", F_CKSUM, NEEDVALUE}, +#if 0 {"flags", F_FLAGS, NEEDVALUE}, +#endif {"gid", F_GID, NEEDVALUE}, {"gname", F_GNAME, NEEDVALUE}, {"ignore", F_IGN, 0}, diff -urpN mtree-3.7.20050808-fixes/usr.sbin/mtree/mtree.8 mtree-3.7.20050808-linux/usr.sbin/mtree/mtree.8 --- mtree-3.7.20050808-fixes/usr.sbin/mtree/mtree.8 Thu Dec 30 10:01:47 2004 +++ mtree-3.7.20050808-linux/usr.sbin/mtree/mtree.8 Mon Aug 8 15:48:56 2005 @@ -30,7 +30,7 @@ .\" .\" @(#)mtree.8 8.2 (Berkeley) 12/11/93 .\" -.Dd December 11, 1993 +.Dd August 8, 2005 .Dt MTREE 8 .Os .Sh NAME @@ -162,13 +162,6 @@ The checksum of the file using the defau the .Xr cksum 1 utility. -.It Cm flags -The current file's flags (whitespace or comma separated) in symbolic form -as specified by -.Xr chflags 1 . -The string -.Dq none -may be used to indicate that no flags should be set on the file. .It Cm gid The file group as a numeric value. .It Cm gname @@ -308,13 +301,16 @@ that .Cm sha1digest be run on the file systems, and a copy of the results stored on a different machine, or, at least, in encrypted form. -The output file itself should be digested using the -.Xr sha1 1 -utility. +The output file itself should be digested using +.Nm openssl +.Cm dgst +.Fl sha1 . Then, periodically, .Nm mtree and -.Xr sha1 1 +.Nm openssl +.Cm dgst +.Fl sha1 should be run against the on-line specifications. While it is possible for the bad guys to change the on-line specifications to conform to their modified binaries, it is believed to be @@ -333,17 +329,18 @@ distribution. .Sh SEE ALSO .Xr chgrp 1 , .Xr chmod 1 , +.Xr chown 1 , .Xr cksum 1 , -.Xr md5 1 , -.Xr rmd160 1 , -.Xr sha1 1 , +.Xr md5sum 1 , +.Xr openssl 1 , +.Xr sha1sum 1 , +.Xr stat 1 , .Xr stat 2 , .Xr fts 3 , .Xr md5 3 , -.Xr rmd160 3 , -.Xr sha1 3 , -.Xr hier 7 , -.Xr chown 8 +.Xr ripemd 3 , +.Xr sha 3 , +.Xr hier 7 .Sh HISTORY The .Nm mtree diff -urpN mtree-3.7.20050808-fixes/usr.sbin/mtree/mtree.h mtree-3.7.20050808-linux/usr.sbin/mtree/mtree.h --- mtree-3.7.20050808-fixes/usr.sbin/mtree/mtree.h Mon Aug 8 13:58:18 2005 +++ mtree-3.7.20050808-linux/usr.sbin/mtree/mtree.h Mon Aug 8 14:07:38 2005 @@ -55,7 +55,7 @@ typedef struct _node { char *slink; /* symbolic link reference */ uid_t st_uid; /* uid */ gid_t st_gid; /* gid */ -#define MBITS (S_ISUID|S_ISGID|S_ISTXT|S_IRWXU|S_IRWXG|S_IRWXO) +#define MBITS (S_ISUID|S_ISGID|S_ISVTX|S_IRWXU|S_IRWXG|S_IRWXO) mode_t st_mode; /* mode */ nlink_t st_nlink; /* link count */ u_int32_t file_flags; /* file flags */ @@ -79,7 +79,9 @@ typedef struct _node { #define F_UID 0x010000 /* uid */ #define F_UNAME 0x020000 /* user name */ #define F_VISIT 0x040000 /* file visited */ +#if 0 #define F_FLAGS 0x080000 /* file flags */ +#endif #define F_NOCHANGE 0x100000 /* do not change owner/mode */ u_int32_t flags; /* items set */ diff -urpN mtree-3.7.20050808-fixes/usr.sbin/mtree/spec.c mtree-3.7.20050808-linux/usr.sbin/mtree/spec.c --- mtree-3.7.20050808-fixes/usr.sbin/mtree/spec.c Mon Aug 8 12:28:36 2005 +++ mtree-3.7.20050808-linux/usr.sbin/mtree/spec.c Mon Aug 8 12:28:36 2005 @@ -50,6 +50,9 @@ static const char rcsid[] = "$OpenBSD: s #include "mtree.h" #include "extern.h" +extern mode_t getmode(const void *set, mode_t mode); +extern void * setmode(const char *mode_str); + int lineno; /* Current spec line number. */ static void set(char *, NODE *); @@ -150,7 +153,7 @@ noparent: error("no parent node"); if (strunvis(centry->name, p) == -1) { fprintf(stderr, "mtree: filename (%s) encoded incorrectly\n", p); - strlcpy(centry->name, p, len); + memcpy(centry->name, p, len); } set(NULL, centry); @@ -178,7 +181,9 @@ set(char *t, NODE *ip) struct passwd *pw; void *m; int value; +#if 0 u_int32_t fset, fclr; +#endif char *ep; size_t len; @@ -197,6 +202,7 @@ set(char *t, NODE *ip) if (!ip->md5digest) error("%s", strerror(errno)); break; +#if 0 case F_FLAGS: if (!strcmp(val, "none")) { ip->file_flags = 0; @@ -206,6 +212,7 @@ set(char *t, NODE *ip) error("%s", strerror(errno)); ip->file_flags = fset; break; +#endif case F_GID: ip->st_gid = strtoul(val, &ep, 10); if (*ep) @@ -252,7 +259,7 @@ set(char *t, NODE *ip) if (strunvis(ip->slink, val) == -1) { fprintf(stderr, "mtree: filename (%s) encoded incorrectly\n", val); - strlcpy(ip->slink, val, len); + memcpy(ip->slink, val, len); } break; case F_TIME: diff -urpN mtree-3.7.20050808-fixes/usr.sbin/mtree/verify.c mtree-3.7.20050808-linux/usr.sbin/mtree/verify.c --- mtree-3.7.20050808-fixes/usr.sbin/mtree/verify.c Mon Aug 8 13:55:55 2005 +++ mtree-3.7.20050808-linux/usr.sbin/mtree/verify.c Mon Aug 8 08:11:45 2005 @@ -164,7 +164,10 @@ miss(NODE *p, char *tail, size_t len) if (p->type != F_DIR && (dflag || p->flags & F_VISIT)) continue; /* XXX: pathname truncation on overflow */ - (void)strlcpy(tail, p->name, len); + if (len > 0) { + tail[0] = '\0'; + strncat(tail, p->name, len - 1); + } if (!(p->flags & F_VISIT)) { /* Don't print missing message if file exists as a symbolic link and the -q flag is set. */