From 219a6dab8995aad9ac4860cc1a84d6f3509a03a4 Mon Sep 17 00:00:00 2001 From: wbx Date: Sun, 17 May 2009 14:41:34 +0200 Subject: Initial import --- package/osiris/Config.in | 18 ++++++++++ package/osiris/Makefile | 42 ++++++++++++++++++++++ package/osiris/files/osirisd.init | 27 ++++++++++++++ package/osiris/ipkg/osirisd.control | 5 +++ package/osiris/ipkg/osirisd.postinst | 3 ++ package/osiris/patches/patch-configure | 32 +++++++++++++++++ .../osiris/patches/patch-src_libosiris_Makefile_in | 41 +++++++++++++++++++++ .../patches/patch-src_libosiris_configuration_c | 27 ++++++++++++++ .../patches/patch-src_libosiris_configuration_h | 13 +++++++ .../osiris/patches/patch-src_libosiris_filter_c | 35 ++++++++++++++++++ .../osiris/patches/patch-src_libosiris_filter_h | 23 ++++++++++++ .../patches/patch-src_libosiris_ssl_utilities_c | 30 ++++++++++++++++ .../patches/patch-src_libosiris_ssl_utilities_h | 14 ++++++++ .../osiris/patches/patch-src_libosiris_utilities_c | 13 +++++++ package/osiris/patches/patch-src_osirisd_scanner_c | 33 +++++++++++++++++ .../osiris/patches/patch-src_osirismd_md_control_c | 16 +++++++++ 16 files changed, 372 insertions(+) create mode 100644 package/osiris/Config.in create mode 100644 package/osiris/Makefile create mode 100644 package/osiris/files/osirisd.init create mode 100644 package/osiris/ipkg/osirisd.control create mode 100644 package/osiris/ipkg/osirisd.postinst create mode 100644 package/osiris/patches/patch-configure create mode 100644 package/osiris/patches/patch-src_libosiris_Makefile_in create mode 100644 package/osiris/patches/patch-src_libosiris_configuration_c create mode 100644 package/osiris/patches/patch-src_libosiris_configuration_h create mode 100644 package/osiris/patches/patch-src_libosiris_filter_c create mode 100644 package/osiris/patches/patch-src_libosiris_filter_h create mode 100644 package/osiris/patches/patch-src_libosiris_ssl_utilities_c create mode 100644 package/osiris/patches/patch-src_libosiris_ssl_utilities_h create mode 100644 package/osiris/patches/patch-src_libosiris_utilities_c create mode 100644 package/osiris/patches/patch-src_osirisd_scanner_c create mode 100644 package/osiris/patches/patch-src_osirismd_md_control_c (limited to 'package/osiris') diff --git a/package/osiris/Config.in b/package/osiris/Config.in new file mode 100644 index 000000000..84a16435a --- /dev/null +++ b/package/osiris/Config.in @@ -0,0 +1,18 @@ +config ADK_COMPILE_OSIRIS + tristate + default n + depends ADK_PACKAGE_OSIRISD + +config ADK_PACKAGE_OSIRISD + prompt "osirisd........................... Host integrity monitoring system (scanning agent)" + tristate + default n + select ADK_COMPILE_OSIRIS + select ADK_PACKAGE_LIBOPENSSL + help + An host integrity monitoring system (scanning agent) + + http://www.hostintegrity.com/osiris/ + + Depends: openssl + diff --git a/package/osiris/Makefile b/package/osiris/Makefile new file mode 100644 index 000000000..0cae63ab0 --- /dev/null +++ b/package/osiris/Makefile @@ -0,0 +1,42 @@ +# $Id$ +#- +# This file is part of the OpenADK project. OpenADK is copyrighted +# material, please see the LICENCE file in the top-level directory. + +include ${TOPDIR}/rules.mk + +PKG_NAME:= osiris +PKG_VERSION:= 4.2.3 +PKG_RELEASE:= 1 +PKG_MD5SUM:= 1951c7dc0fe729af9ffaf58910340d12 +MASTER_SITES:= http://osiris.shmoo.com/data/ + +include ${TOPDIR}/mk/package.mk + +$(eval $(call PKG_template,OSIRISD,osirisd,${PKG_VERSION}-${PKG_RELEASE},${ARCH})) + +CONFIGURE_STYLE:= gnu +CONFIGURE_ENV+= ac_cv_openssldir="${STAGING_DIR}/usr" \ + ac_cv_have_accrights_in_msghdr=no \ + ac_cv_have_control_in_msghdr=yes +CONFIGURE_ARGS+= --with-osiris-user=root \ + --with-root-dir=/var/lib/osiris \ + --with-readline=no +BUILD_STYLE:= auto +INSTALL_STYLE:= auto +XAKE_FLAGS+= ar=${TARGET_CROSS}ar \ + INTERACTIVE=0 +TCFLAGS+= -DOPENSSL_NO_RIPEMD + +post-configure: + (cd ${WRKDIST}/src/osirisd/modules && ./genmods.sh); + +post-install: + ${INSTALL_DIR} ${IDIR_OSIRISD}/etc/init.d + ${INSTALL_DIR} ${IDIR_OSIRISD}/usr/sbin + ${INSTALL_BIN} ./files/osirisd.init \ + ${IDIR_OSIRISD}/etc/init.d/osirisd + ${INSTALL_BIN} ${WRKINST}/usr/sbin/osirisd \ + ${IDIR_OSIRISD}/usr/sbin/ + +include ${TOPDIR}/mk/pkg-bottom.mk diff --git a/package/osiris/files/osirisd.init b/package/osiris/files/osirisd.init new file mode 100644 index 000000000..4172f702a --- /dev/null +++ b/package/osiris/files/osirisd.init @@ -0,0 +1,27 @@ +#!/bin/sh +#FWINIT 75 +. /etc/rc.conf + +case $1 in +autostop) ;; +autostart) + test x"${osirisd:-NO}" = x"NO" && exit 0 + exec sh $0 start + ;; +start) + [ -d /var/lib/osiris ] || mkdir -p /var/lib/osiris + osirisd + ;; +stop) + killall osirisd + ;; +restart) + sh $0 stop + sh $0 start + ;; +*) + echo "Usage: $0 {start | stop | restart}" + exit 1 + ;; +esac +exit $? diff --git a/package/osiris/ipkg/osirisd.control b/package/osiris/ipkg/osirisd.control new file mode 100644 index 000000000..defe7c356 --- /dev/null +++ b/package/osiris/ipkg/osirisd.control @@ -0,0 +1,5 @@ +Package: osirisd +Priority: optional +Section: admin +Depends: libopenssl, libpthread +Description: an Host Integrity Monitoring System (scanning agent) diff --git a/package/osiris/ipkg/osirisd.postinst b/package/osiris/ipkg/osirisd.postinst new file mode 100644 index 000000000..04e53ac93 --- /dev/null +++ b/package/osiris/ipkg/osirisd.postinst @@ -0,0 +1,3 @@ +#!/bin/sh +. $IPKG_INSTROOT/etc/functions.sh +add_rcconf osirisd osirisd NO diff --git a/package/osiris/patches/patch-configure b/package/osiris/patches/patch-configure new file mode 100644 index 000000000..c6e56a0b0 --- /dev/null +++ b/package/osiris/patches/patch-configure @@ -0,0 +1,32 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- osiris-4.2.3.orig/configure 2006-07-28 01:57:51.000000000 +0200 ++++ osiris-4.2.3/configure 2009-05-10 21:10:24.000000000 +0200 +@@ -3738,7 +3738,7 @@ CYGWIN*) + esac + + +-DB_CONFIG_ARGS="--enable-shared=no --enable-static=yes" ++DB_CONFIG_ARGS="--enable-shared=no --enable-static=yes --target=${target_alias} --host=${host_alias} --build=${build_alias}" + + case "${OS_NAME}" in + MINGW32*) +@@ -4448,11 +4448,6 @@ cat >>confdefs.h <<_ACEOF + #define SYSTEM_LINUX 1 + _ACEOF + +- +- rc=`grep -c krb5 /usr/include/openssl/ssl.h` +- if test $rc -ne 0; then +- CPPFLAGS="-I/usr/kerberos/include/ ${CPPFLAGS}" +- fi + ;; + BSD*) + +@@ -11394,7 +11389,6 @@ chmod ug+x src/install/install.sh + echo " Osiris MD Directory: ${with_md_root_dir}" + echo " Osiris MD user: ${with_osiris_md_user}" + echo " Osiris MD config dir: ${with_md_conf_dir}" +- cd ./src/osirisd/modules;./genmods.sh;cd ../../.. + echo " ==> use one of the following targets:" + echo "" + echo " all: make everything, agent, CLI and management console." diff --git a/package/osiris/patches/patch-src_libosiris_Makefile_in b/package/osiris/patches/patch-src_libosiris_Makefile_in new file mode 100644 index 000000000..a7d09c693 --- /dev/null +++ b/package/osiris/patches/patch-src_libosiris_Makefile_in @@ -0,0 +1,41 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- osiris-4.2.3.orig/src/libosiris/Makefile.in 2006-07-28 01:57:51.000000000 +0200 ++++ osiris-4.2.3/src/libosiris/Makefile.in 2009-05-10 20:51:38.000000000 +0200 +@@ -105,7 +105,7 @@ libosiris_a_SOURCES = list.c message.c s + filter_uid.c filter_gid.c filter_user.c \ + filter_group.c filter_header.c filter_file.c \ + filter_suffix.c filter_md5.c filter_sha.c \ +- filter_ripemd.c filter_sid.c filter_permissions.c \ ++ filter_sid.c filter_permissions.c \ + string_list.h ssl_utilities.h utilities.h \ + regex.h regex.c debug.h debug.c strcasestr.c \ + error.h strptime.h +@@ -128,11 +128,10 @@ am_libosiris_a_OBJECTS = list.$(OBJEXT) + filter_python.$(OBJEXT) filter_script.$(OBJEXT) \ + filter_gzip.$(OBJEXT) filter_zip.$(OBJEXT) filter_tar.$(OBJEXT) \ + filter_pgp.$(OBJEXT) filter_rpm.$(OBJEXT) filter_uid.$(OBJEXT) \ +- filter_gid.$(OBJEXT) filter_user.$(OBJEXT) \ ++ filter_gid.$(OBJEXT) filter_user.$(OBJEXT) filter_sid.$(OBJEXT) \ + filter_group.$(OBJEXT) filter_header.$(OBJEXT) \ + filter_file.$(OBJEXT) filter_suffix.$(OBJEXT) \ + filter_md5.$(OBJEXT) filter_sha.$(OBJEXT) \ +- filter_ripemd.$(OBJEXT) filter_sid.$(OBJEXT) \ + filter_permissions.$(OBJEXT) regex.$(OBJEXT) debug.$(OBJEXT) \ + strcasestr.$(OBJEXT) + libosiris_a_OBJECTS = $(am_libosiris_a_OBJECTS) +@@ -158,7 +157,6 @@ am__depfiles_maybe = depfiles + @AMDEP_TRUE@ ./$(DEPDIR)/filter_permissions.Po \ + @AMDEP_TRUE@ ./$(DEPDIR)/filter_pgp.Po \ + @AMDEP_TRUE@ ./$(DEPDIR)/filter_python.Po \ +-@AMDEP_TRUE@ ./$(DEPDIR)/filter_ripemd.Po \ + @AMDEP_TRUE@ ./$(DEPDIR)/filter_rpm.Po \ + @AMDEP_TRUE@ ./$(DEPDIR)/filter_script.Po \ + @AMDEP_TRUE@ ./$(DEPDIR)/filter_sgid.Po \ +@@ -224,7 +222,6 @@ distclean-compile: + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/filter_permissions.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/filter_pgp.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/filter_python.Po@am__quote@ +-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/filter_ripemd.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/filter_rpm.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/filter_script.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/filter_sgid.Po@am__quote@ diff --git a/package/osiris/patches/patch-src_libosiris_configuration_c b/package/osiris/patches/patch-src_libosiris_configuration_c new file mode 100644 index 000000000..f4b164b52 --- /dev/null +++ b/package/osiris/patches/patch-src_libosiris_configuration_c @@ -0,0 +1,27 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- osiris-4.2.3.orig/src/libosiris/configuration.c 2006-07-28 01:57:51.000000000 +0200 ++++ osiris-4.2.3/src/libosiris/configuration.c 2009-05-10 21:06:49.000000000 +0200 +@@ -105,9 +105,11 @@ static struct keywords hash_keywords[] = + { "sha1", HASH_SHA }, + { "sha-1", HASH_SHA }, + ++#ifndef OPENSSL_NO_RIPEMD + { "ripemd", HASH_RIPEMD }, + { "ripemd-160", HASH_RIPEMD }, + { "ripemd160", HASH_RIPEMD }, ++#endif + + { NULL, 0 } + }; +@@ -119,9 +121,11 @@ static char * valid_hash_values[] = + "sha", + "sha1", + "sha-1", ++#ifndef OPENSSL_NO_RIPEMD + "ripemd", + "ripemd160", + "ripemd-160", ++#endif + NULL + }; + diff --git a/package/osiris/patches/patch-src_libosiris_configuration_h b/package/osiris/patches/patch-src_libosiris_configuration_h new file mode 100644 index 000000000..6cf7c3540 --- /dev/null +++ b/package/osiris/patches/patch-src_libosiris_configuration_h @@ -0,0 +1,13 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- osiris-4.2.3.orig/src/libosiris/configuration.h 2006-07-28 01:57:51.000000000 +0200 ++++ osiris-4.2.3/src/libosiris/configuration.h 2009-05-10 21:19:28.000000000 +0200 +@@ -45,7 +45,9 @@ + #define HASH_DEFAULT HASH_MD5 + #define HASH_MD5 1 + #define HASH_SHA 2 ++#ifndef OPENSSL_NO_RIPEMD + #define HASH_RIPEMD 3 ++#endif + + /* config keyword types */ + diff --git a/package/osiris/patches/patch-src_libosiris_filter_c b/package/osiris/patches/patch-src_libosiris_filter_c new file mode 100644 index 000000000..d7306ea14 --- /dev/null +++ b/package/osiris/patches/patch-src_libosiris_filter_c @@ -0,0 +1,35 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- osiris-4.2.3.orig/src/libosiris/filter.c 2006-07-28 01:57:51.000000000 +0200 ++++ osiris-4.2.3/src/libosiris/filter.c 2009-05-10 21:02:44.000000000 +0200 +@@ -66,7 +66,9 @@ static struct keywords filter_keywords[] + { "suffix", FILTER_TYPE_SUFFIX }, + { "md5", FILTER_TYPE_MD5 }, + { "sha", FILTER_TYPE_SHA }, ++#ifndef OPENSSL_NO_RIPEMD + { "ripemd", FILTER_TYPE_RIPEMD }, ++#endif + { "permissions", FILTER_TYPE_PERMISSIONS }, + { NULL, 0 } + }; +@@ -179,9 +181,11 @@ int setup_filter_function( OSI_FILTER *a + action_filter->perform = filter_sha; + break; + ++#ifndef OPENSSL_NO_RIPEMD + case FILTER_TYPE_RIPEMD: + action_filter->perform = filter_ripemd; + break; ++#endif + + case FILTER_TYPE_PERMISSIONS: + action_filter->perform = filter_permissions; +@@ -220,7 +224,9 @@ osi_bool filter_is_dynamic( int filter_t + case FILTER_TYPE_SUFFIX: + case FILTER_TYPE_MD5: + case FILTER_TYPE_SHA: ++#ifndef OPENSSL_NO_RIPEMD + case FILTER_TYPE_RIPEMD: ++#endif + case FILTER_TYPE_PERMISSIONS: + + return TRUE; diff --git a/package/osiris/patches/patch-src_libosiris_filter_h b/package/osiris/patches/patch-src_libosiris_filter_h new file mode 100644 index 000000000..c7463306d --- /dev/null +++ b/package/osiris/patches/patch-src_libosiris_filter_h @@ -0,0 +1,23 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- osiris-4.2.3.orig/src/libosiris/filter.h 2006-07-28 01:57:51.000000000 +0200 ++++ osiris-4.2.3/src/libosiris/filter.h 2009-05-10 21:15:10.000000000 +0200 +@@ -61,7 +61,9 @@ + #define FILTER_TYPE_SUFFIX 19 + #define FILTER_TYPE_MD5 20 + #define FILTER_TYPE_SHA 21 ++#ifndef OPENSSL_NO_RIPEMD + #define FILTER_TYPE_RIPEMD 22 ++#endif + #define FILTER_TYPE_PERMISSIONS 23 + #define FILTER_TYPE_SID 24 + +@@ -143,7 +145,9 @@ osi_bool filter_file( const char *file_p + osi_bool filter_suffix( const char *file_path, FILTER_CONTEXT *context ); + osi_bool filter_md5( const char *file_path, FILTER_CONTEXT *context ); + osi_bool filter_sha( const char *file_path, FILTER_CONTEXT *context ); ++#ifndef OPENSSL_NO_RIPEMD + osi_bool filter_ripemd( const char *file_path, FILTER_CONTEXT *context ); ++#endif + osi_bool filter_permissions( const char *file_path, FILTER_CONTEXT *context ); + + #endif diff --git a/package/osiris/patches/patch-src_libosiris_ssl_utilities_c b/package/osiris/patches/patch-src_libosiris_ssl_utilities_c new file mode 100644 index 000000000..47563591b --- /dev/null +++ b/package/osiris/patches/patch-src_libosiris_ssl_utilities_c @@ -0,0 +1,30 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- osiris-4.2.3.orig/src/libosiris/ssl_utilities.c 2006-07-28 01:57:51.000000000 +0200 ++++ osiris-4.2.3/src/libosiris/ssl_utilities.c 2009-05-10 20:41:31.000000000 +0200 +@@ -51,7 +51,9 @@ + #include + #include + #include ++#ifndef OPENSSL_NO_RIPEMD + #include ++#endif + + #ifdef WIN32 + #include +@@ -337,6 +339,7 @@ int hash_file_sha( const char *file_path + return -1; + } + ++#ifndef OPENSSL_NO_RIPEMD + /****************************************************************************** + ** + ** Function: hash_file_ripemd +@@ -433,7 +436,7 @@ int hash_file_ripemd( const char *file_p + + return -1; + } +- ++#endif + + /****************************************************************************** + ** diff --git a/package/osiris/patches/patch-src_libosiris_ssl_utilities_h b/package/osiris/patches/patch-src_libosiris_ssl_utilities_h new file mode 100644 index 000000000..668096983 --- /dev/null +++ b/package/osiris/patches/patch-src_libosiris_ssl_utilities_h @@ -0,0 +1,14 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- osiris-4.2.3.orig/src/libosiris/ssl_utilities.h 2006-07-28 01:57:51.000000000 +0200 ++++ osiris-4.2.3/src/libosiris/ssl_utilities.h 2009-05-10 20:42:04.000000000 +0200 +@@ -59,8 +59,10 @@ int hash_file_md5( const char *file_path + int hash_file_sha( const char *file_path, FILE *file, + char *buffer, int buffer_size ); + ++#ifndef OPENSSL_NO_RIPEMD + int hash_file_ripemd( const char *file_path, FILE *file, + char *buffer, int buffer_size ); ++#endif + + /* random SSL utilities. */ + diff --git a/package/osiris/patches/patch-src_libosiris_utilities_c b/package/osiris/patches/patch-src_libosiris_utilities_c new file mode 100644 index 000000000..ec5a26ee7 --- /dev/null +++ b/package/osiris/patches/patch-src_libosiris_utilities_c @@ -0,0 +1,13 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- osiris-4.2.3.orig/src/libosiris/utilities.c 2006-07-28 01:57:51.000000000 +0200 ++++ osiris-4.2.3/src/libosiris/utilities.c 2009-05-10 20:37:18.000000000 +0200 +@@ -60,7 +60,9 @@ + + #include + #include ++#ifndef OPENSSL_NO_RIPEMD + #include ++#endif + + #include "utilities.h" + #include "error.h" diff --git a/package/osiris/patches/patch-src_osirisd_scanner_c b/package/osiris/patches/patch-src_osirisd_scanner_c new file mode 100644 index 000000000..ee3927bf0 --- /dev/null +++ b/package/osiris/patches/patch-src_osirisd_scanner_c @@ -0,0 +1,33 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- osiris-4.2.3.orig/src/osirisd/scanner.c 2006-07-28 01:57:51.000000000 +0200 ++++ osiris-4.2.3/src/osirisd/scanner.c 2009-05-10 20:43:04.000000000 +0200 +@@ -839,12 +839,14 @@ void populate_scan_record( SCANNER *scan + MAX_CHECKSUM_LENGTH ); + break; + ++#ifndef OPENSSL_NO_RIPEMD + case HASH_RIPEMD: + + rc = hash_file_ripemd( scan_record->path, file_handle, + scan_record->checksum, + MAX_CHECKSUM_LENGTH ); + break; ++#endif + + default: + +@@ -987,12 +989,14 @@ void populate_scan_record( SCANNER *scan + MAX_CHECKSUM_LENGTH ); + break; + ++#ifndef OPENSSL_NO_RIPEMD + case HASH_RIPEMD: + + rc = hash_file_ripemd( scan_record->path, file_handle, + scan_record->checksum, + MAX_CHECKSUM_LENGTH ); + break; ++#endif + + default: + diff --git a/package/osiris/patches/patch-src_osirismd_md_control_c b/package/osiris/patches/patch-src_osirismd_md_control_c new file mode 100644 index 000000000..0c33533c8 --- /dev/null +++ b/package/osiris/patches/patch-src_osirismd_md_control_c @@ -0,0 +1,16 @@ +$Id: update-patches 24 2008-08-31 14:56:13Z wbx $ +--- osiris-4.2.3.orig/src/osirismd/md_control.c 2006-12-05 13:02:48.000000000 +0100 ++++ osiris-4.2.3/src/osirismd/md_control.c 2009-05-10 21:28:06.000000000 +0200 +@@ -3259,9 +3259,9 @@ osi_bool generate_session_key_hash( unsi + int index; + char checksum[41]; + +- SHA_Init( &context ); +- SHA_Update( &context, key, (unsigned long)keysize ); +- SHA_Final( &( digest[0] ), &context ); ++ SHA1_Init( &context ); ++ SHA1_Update( &context, key, (unsigned long)keysize ); ++ SHA1_Final( &( digest[0] ), &context ); + + for ( index = 0; index < SHA_DIGEST_LENGTH; index++ ) + { -- cgit v1.2.3