1 |
matsuu 09/04/16 14:59:19 |
2 |
|
3 |
Added: aide-0.13.1-equ-matching.patch |
4 |
aide-0.13.1-libgrypt_init.patch |
5 |
Log: |
6 |
Fixed bug #204217 and #266175. |
7 |
(Portage version: 2.1.6.11/cvs/Linux x86_64) |
8 |
|
9 |
Revision Changes Path |
10 |
1.1 app-forensics/aide/files/aide-0.13.1-equ-matching.patch |
11 |
|
12 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-forensics/aide/files/aide-0.13.1-equ-matching.patch?rev=1.1&view=markup |
13 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-forensics/aide/files/aide-0.13.1-equ-matching.patch?rev=1.1&content-type=text/plain |
14 |
|
15 |
Index: aide-0.13.1-equ-matching.patch |
16 |
=================================================================== |
17 |
--- src/gen_list.c.orig 2007-12-19 15:37:13.000000000 -0800 |
18 |
+++ src/gen_list.c 2007-12-19 16:19:43.000000000 -0800 |
19 |
@@ -732,33 +732,6 @@ |
20 |
return retval; |
21 |
} |
22 |
|
23 |
-//this is used to check if $text if equal to a node in $rxrlist |
24 |
-//should be used to check equ_rx_lst only |
25 |
-int check_list_for_equal(list* rxrlist,char* text,DB_ATTR_TYPE* attr) |
26 |
-{ |
27 |
- list* r=NULL; |
28 |
- int retval=1; |
29 |
- char *temp; |
30 |
- |
31 |
- for(r=rxrlist;r;r=r->next){ |
32 |
- temp=((rx_rule*)r->data)->rx; |
33 |
- |
34 |
- //FIXME, if rx not begin with ^, may need to do something else |
35 |
- if(temp[0]=='^') //^ is for reg exp, we can ignore this character |
36 |
- temp++; |
37 |
- |
38 |
- //we don't need to worry about buff-overflow, so strcmp is safe |
39 |
- if((retval=strcmp(temp, text))==0){ |
40 |
- *attr=((rx_rule*)r->data)->attr; |
41 |
- error(231,"\"%s\" matches string from line #%ld: %s\n",text,((rx_rule*)r->data)->conf_lineno,((rx_rule*)r->data)->rx); |
42 |
- break; |
43 |
- } else { |
44 |
- error(231,"\"%s\" doesn't match string from line #%ld: %s\n",text,((rx_rule*)r->data)->conf_lineno,((rx_rule*)r->data)->rx); |
45 |
- } |
46 |
- } |
47 |
- return retval; |
48 |
-} |
49 |
- |
50 |
/* |
51 |
* Function check_node_for_match() |
52 |
* calls itself recursively to go to the top and then back down. |
53 |
@@ -783,35 +756,24 @@ |
54 |
return retval; |
55 |
} |
56 |
|
57 |
- /* We need this to check whether this was the first one * |
58 |
- * to be called and not a recursive call */ |
59 |
- if(!((retval&16)==16)){ |
60 |
- retval|=16; |
61 |
+ /* if this call is not recursive we check the equals list and we set top * |
62 |
+ * and retval so we know following calls are recursive */ |
63 |
+ if(!(retval&16)){ |
64 |
top=1; |
65 |
- } else { |
66 |
- top=0; |
67 |
- } |
68 |
- |
69 |
- /* if no deeper match found */ |
70 |
- if(!((retval&8)==8)&&!((retval&4)==4)){ |
71 |
+ retval|=16; |
72 |
+ |
73 |
if(!check_list_for_match(node->equ_rx_lst,text,attr)){ |
74 |
- /* |
75 |
- Zhi Wen Wong added this line to fix bug that equ not work for |
76 |
- compare |
77 |
- if we do "=/bin", we should only check /bin |
78 |
- so, /bin/bash or /bin/something should return 0 as neg |
79 |
- */ |
80 |
- if(!check_list_for_equal(node->equ_rx_lst,text,attr)) |
81 |
- retval|=(2|4); |
82 |
- }; |
83 |
- }; |
84 |
+ retval|=2|4; |
85 |
+ } |
86 |
+ } |
87 |
/* We'll use retval to pass information on whether to recurse |
88 |
* the dir or not */ |
89 |
|
90 |
|
91 |
- if(!((retval&8)==8)&&!((retval&4)==4)){ |
92 |
+ /* If 4 and 8 are not set, we will check for matches */ |
93 |
+ if(!(retval&(4|8))){ |
94 |
if(!check_list_for_match(node->sel_rx_lst,text,attr)) |
95 |
- retval|=(1|8); |
96 |
+ retval|=1|8; |
97 |
} |
98 |
|
99 |
/* Now let's check the ancestors */ |
100 |
|
101 |
|
102 |
|
103 |
1.1 app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch |
104 |
|
105 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch?rev=1.1&view=markup |
106 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-forensics/aide/files/aide-0.13.1-libgrypt_init.patch?rev=1.1&content-type=text/plain |
107 |
|
108 |
Index: aide-0.13.1-libgrypt_init.patch |
109 |
=================================================================== |
110 |
diff -urp aide-0.13.1.orig/doc/aide.1 aide-0.13.1/doc/aide.1 |
111 |
--- aide-0.13.1.orig/doc/aide.1 2009-04-14 15:46:20.000000000 -0700 |
112 |
+++ aide-0.13.1/doc/aide.1 2009-04-14 15:49:18.000000000 -0700 |
113 |
@@ -67,6 +67,7 @@ conditions: |
114 |
.IP "16 Unimplemented function error" |
115 |
.IP "17 Invalid configureline error" |
116 |
.IP "18 IO error" |
117 |
+.IP "19 Version mismatch error" |
118 |
.PP |
119 |
.SH NOTES |
120 |
Please note that due to mmap issues, aide cannot be terminated with |
121 |
diff -urp aide-0.13.1.orig/doc/aide.1.in aide-0.13.1/doc/aide.1.in |
122 |
--- aide-0.13.1.orig/doc/aide.1.in 2009-04-14 15:46:20.000000000 -0700 |
123 |
+++ aide-0.13.1/doc/aide.1.in 2009-04-14 15:49:56.000000000 -0700 |
124 |
@@ -67,6 +67,7 @@ conditions: |
125 |
.IP "16 Unimplemented function error" |
126 |
.IP "17 Invalid configureline error" |
127 |
.IP "18 IO error" |
128 |
+.IP "19 Version mismatch error" |
129 |
.PP |
130 |
.SH NOTES |
131 |
Please note that due to mmap issues, aide cannot be terminated with |
132 |
diff -urp aide-0.13.1.orig/include/report.h aide-0.13.1/include/report.h |
133 |
--- aide-0.13.1.orig/include/report.h 2009-04-14 15:46:20.000000000 -0700 |
134 |
+++ aide-0.13.1/include/report.h 2009-04-14 15:46:28.000000000 -0700 |
135 |
@@ -31,6 +31,7 @@ |
136 |
#define UNIMPLEMENTED_FUNCTION_ERROR 16 |
137 |
#define INVALID_CONFIGURELINE_ERROR 17 |
138 |
#define IO_ERROR 18 |
139 |
+#define VERSION_MISMATCH_ERROR 19 |
140 |
|
141 |
/* Errorcodes */ |
142 |
#define HASH_ALGO_ERROR 30 |
143 |
diff -urp aide-0.13.1.orig/src/md.c aide-0.13.1/src/md.c |
144 |
--- aide-0.13.1.orig/src/md.c 2009-04-14 15:46:20.000000000 -0700 |
145 |
+++ aide-0.13.1/src/md.c 2009-04-14 15:46:28.000000000 -0700 |
146 |
@@ -201,6 +201,12 @@ int init_md(struct md_container* md) { |
147 |
#endif |
148 |
#ifdef WITH_GCRYPT |
149 |
error(255,"Gcrypt library initialization\n"); |
150 |
+ if(!gcry_check_version(GCRYPT_VERSION)) { |
151 |
+ error(0,"libgcrypt version mismatch\n"); |
152 |
+ exit(VERSION_MISMATCH_ERROR); |
153 |
+ } |
154 |
+ gcry_control(GCRYCTL_DISABLE_SECMEM, 0); |
155 |
+ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); |
156 |
if(gcry_md_open(&md->mdh,0,0)!=GPG_ERR_NO_ERROR){ |
157 |
error(0,"gcrypt_md_open failed\n"); |
158 |
exit(IO_ERROR); |