#! /bin/sh # This is a shell archive. Remove anything before this line, then unpack # it by saving it into a file and typing "sh file". To overwrite existing # files, type "sh file -c". You can also feed this as standard input via # unshar, or by typing "sh 'tripwire-1.0/src/main.c' <<'END_OF_FILE' X#ifndef lint Xstatic char rcsid[] = "$Id: main.c,v 1.3 92/11/03 02:43:52 genek Exp $"; X#endif X X/************************************************************************ X * X * All files in the distribution of Tripwire are Copyright 1992 by the X * Purdue Research Foundation of Purdue University. All rights X * reserved. Some individual files in this distribution may be covered X * by other copyrights, as noted in their embedded comments. X * X * Redistribution and use in source and binary forms are permitted X * provided that this entire copyright notice is duplicated in all such X * copies, and that any documentation, announcements, and other X * materials related to such distribution and use acknowledge that the X * software was developed at Purdue University, W. Lafayette, IN by X * Gene Kim and Eugene Spafford. No charge, other than an "at-cost" X * distribution fee, may be charged for copies, derivations, or X * distributions of this material without the express written consent X * of the copyright holder. Neither the name of the University nor the X * names of the authors may be used to endorse or promote products X * derived from this material without specific prior written X * permission. THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY X * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE X * IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR ANY PARTICULAR X * PURPOSE. X * X ************************************************************************/ X X/* X * main.c X * X * main routines and global variables X * X * Gene Kim X * Purdue University X */ X X#include "../include/config.h" X#include X#ifdef STDLIBH X#include X#include X#endif X#include X#include X#include X#include X#ifdef STRINGH X#include X#else X#include X#endif X#ifdef MALLOCH X# include X#endif X#if (defined(SYSV) && (SYSV < 3)) X# include X#endif /* SVR2 */ X#include "../include/list.h" X#include "../include/tripwire.h" X#include "../include/patchlevel.h" X X X/* version information */ X Xchar *version_num = VERSION_NUM; Xint db_version_num = DB_VERSION_NUM; X X/******* signature functions ***************************************** X * sig_md5_get : MD5 by RSA X * sig_snefru_get : Snefru by Xerox X * sig_null_get : null X *********************************************************************/ X Xint (*pf_signatures [NUM_SIGS]) () = { X SIG0FUNC, X SIG1FUNC, X SIG2FUNC, X SIG3FUNC, X SIG4FUNC, X SIG5FUNC, X SIG6FUNC, X SIG7FUNC, X SIG8FUNC, X SIG9FUNC X }; Xchar *signames[NUM_SIGS] = { X SIG0NAME, X SIG1NAME, X SIG2NAME, X SIG3NAME, X SIG4NAME, X SIG5NAME, X SIG6NAME, X SIG7NAME, X SIG8NAME, X SIG9NAME X }; X Xchar *config_file = CONFIG_FILE; Xchar *database_file = DATABASE_FILE; X Xchar *database_path = DATABASE_PATH; Xchar *config_path = CONFIG_PATH; X Xchar tempdatabase_file[MAXPATHLEN]; X Xchar *defaultignore = DEFAULTIGNORE; Xstatic char *defaultignore_parsed; X Xchar *db_record_format = DB_RECORD_FORMAT; X Xstruct list *filelist = (struct list *) NULL; X Xint debuglevel = 1; Xint verbosity = 0; Xstatic int dbaseinit = 0; Xint printhex = 0; Xstatic char *updateentry = NULL; Xint quiet = 0; Xint printpreprocess = 0; Xchar *specified_dbasefile = NULL; Xchar *specified_configfile = NULL; Xint runtimeignore = 0; X Xchar *progname; X Xstatic void Xusage() X{ X fputs("usage: tripwire [ options ... ]\n", stderr); X fputs("\tWhere `options' are:\n", stderr); X fputs("\t\t-initialize Database Generation mode\n", stderr); X fputs("\t\t-init \n", stderr); X fputs("\t\t-update entry update entry (a file, directory, or \n", stderr); X fputs("\t\t tw.config entry) in the database\n", stderr); X fputs("\t\t-d dbasefile read in database from dbasefile\n", stderr); X fputs("\t\t (use `-d -' to read from stdin)\n", stderr); X fputs("\t\t-c configfile read in config file from configfile\n", stderr); X fputs("\t\t (use `-c -' to read from stdin)\n", stderr); X fputs("\t\t-Dvar=value define a tw.config variable (ala @@define)\n", X stderr); X fputs("\t\t-Uvar undefine a tw.config variable (ala @@undef)\n", X stderr); X fputs("\t\t-i #|all ignore the specified signature (to reduce\n", stderr); X fputs("\t\t execution time)\n", stderr); X fputs("\t\t-q quiet mode\n", stderr); X fputs("\t\t-v verbose mode\n", stderr); X fputs("\t\t-preprocess print out preprocessed configuration file\n", X stderr); X fputs("\t\t-E \n", stderr); X fputs("\t\t-version print version and patch information\n", stderr); X exit(1); X} X X/* X * void X * version() X * X * print out version information, with patchlevel information. X * currently, there is no real correlation between the two. X */ X Xstatic void Xversion() X{ X fprintf(stderr, "\nTripwire version %s (patchlevel %d)\n\n", version_num, X PATCHLEVEL); X fprintf(stderr, "Copyright (c) 1992, Purdue Research Foundation\n"); X fprintf(stderr, "\tBy Gene Kim, Eugene Spafford\n\n"); X exit(0); X} X Xint Xmain(argc, argv) X int argc; X char *argv[]; X{ X int i; X char *pc; X char database[MAXPATHLEN]; X char mask[64]; X int fd; X X progname = argv[0]; X X /* iterate through arguments */ X for (i = 1; i < argc; i++) { X pc = argv[i]; X /* verbose mode */ X if (strcmp(pc, "-v") == 0) { X verbosity++; X continue; X } X /* quiet mode */ X if (strcmp(pc, "-q") == 0) { X quiet++; X continue; X } X /* hex mode */ X if (strcmp(pc, "-x") == 0) { X printhex++; X continue; X } X /* database generation mode */ X if (strcmp(pc, "-initialize") == 0 || strcmp(pc, "-init") == 0 || X strcmp(pc, "-initialise") == 0) { X dbaseinit++; X continue; X } X /* print preprocessed configuration file */ X if ((strcmp(pc, "-preprocess") == 0) || (strcmp(pc, "-E") == 0)) { X printpreprocess++; X continue; X } X /* update specific database entry */ X if (strcmp(pc, "-update") == 0) { X /* check to see that there is an argument */ X if ((pc = argv[++i]) == NULL) { X usage(); X } X updateentry = pc; X continue; X } X /* specify database file */ X if (strcmp(pc, "-d") == 0) { X /* check to see that there is an argument */ X if ((pc = argv[++i]) == NULL) { X usage(); X } X specified_dbasefile = pc; X continue; X } X /* specify configuration file */ X if (strcmp(pc, "-c") == 0) { X /* check to see that there is an argument */ X if ((pc = argv[++i]) == NULL) { X usage(); X } X specified_configfile = pc; X continue; X } X /* ignore specified signatures */ X if (strcmp(pc, "-i") == 0) { X int tmpflag; X X /* check to see if there is an argument */ X if ((pc = argv[++i]) == NULL) { X usage(); X } X if (strcmp(pc, "all") == 0) { X runtimeignore = IGNORE_0_9; X continue; X } X if ((sscanf(pc, "%d", &tmpflag)) != 1) X usage(); X runtimeignore |= (IGNORE_0 << tmpflag); X continue; X } X /* print out version information */ X if (strcmp(pc, "-version") == 0) { X version(); X } X /* define (-Dfoo=bar) */ X if (strncmp(pc, "-D", 2) == 0) { X char key[512], value[512]; X X if (!pc[2]) { X fputs("tripwire: -D requires an argument!\n", stderr); X exit(1); X } X (void) string_split_ch(pc+2, key, value, '='); X tw_mac_define(key, value); X continue; X } X /* undef (-Ufoo) */ X if (strncmp(pc, "-U", 2) == 0) { X if (!pc[2]) { X fputs("tripwire: -U requires an argument!\n", stderr); X exit(1); X } X tw_mac_undef(pc+2); X continue; X } X usage(); X } X X /* argument sanity checking */ X /* are two files set to read from stdin? */ X if (specified_configfile != NULL && specified_dbasefile) { X if (strcmp(specified_configfile, "-") == 0 && X strcmp(specified_dbasefile, "-") == 0) { X fprintf(stderr, "%s: specified database and configuration file can't be both be stdin!\n", progname); X exit(1); X } X } X X /* initialize lists */ X list_init(); X X /* build hostname specific names */ X filename_hostname_expand(&config_path); X filename_hostname_expand(&config_file); X filename_hostname_expand(&database_path); X filename_hostname_expand(&database_file); X X /* recompute the default ignore string (old -> new format) */ X (void) strcpy(mask, defaultignore); X ignore_configvec_to_dvec(mask); X defaultignore_parsed = mask; X X /* are we in database generation mode? */ X if (dbaseinit) { X char *oldpath = database_path; X char *newpath = database_path = "./databases"; X struct list *dbase_entry_list = (struct list *) NULL; X X /* place database in ./databases */ X database_path = newpath; X X if (mkdir(newpath, 0777) >= 0) { X fprintf(stderr, "### Warning:\tcreating %s directory!\n", X newpath); X fprintf(stderr, "###\n"); X } X X /* generate the database */ X configfile_read(&filelist, &dbase_entry_list); X database_build(&filelist, DBASE_PERMANENT, &dbase_entry_list); X fprintf(stderr, "###\n"); X fprintf(stderr, X"### Warning: Database file placed in %s/%s.\n", database_path, X database_file); X fprintf(stderr, "###\n"); X fprintf(stderr, X"### Make sure to move this file file and the configuration\n"); X fprintf(stderr, X"### to secure media!\n"); X fprintf(stderr, "###\n"); X fprintf(stderr, X"### (Tripwire expects to find it in '%s'.)\n", oldpath); X exit(0); X } X X /* X * make sure that database file is there! X * (this is meaningless if we specified stdin "-") X */ X X if (specified_dbasefile == NULL) X sprintf(database, "%s/%s", database_path, database_file); X else X (void) strcpy(database, specified_dbasefile); X X if (strcmp(database, "-") != 0) { X if ((fd = open(database, O_RDONLY)) < 0) { X fprintf(stderr, X "%s: database file '%s/%s' does not exist! Aborting...\n", X progname, database_path, database_file); X exit(1); X } X (void) close(fd); X } X X /* are we in database update mode? */ X if (updateentry) { X preen_update(updateentry); X exit(0); X } X X /* we're in integrity checking mode */ X preen_gather(); X exit(0); X /*NOTREACHED*/ X} END_OF_FILE if test 10112 -ne `wc -c <'tripwire-1.0/src/main.c'`; then echo shar: \"'tripwire-1.0/src/main.c'\" unpacked with wrong size! fi # end of 'tripwire-1.0/src/main.c' fi if test -f 'tripwire-1.0/src/dbase.build.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'tripwire-1.0/src/dbase.build.c'\" else echo shar: Extracting \"'tripwire-1.0/src/dbase.build.c'\" \(10027 characters\) sed "s/^X//" >'tripwire-1.0/src/dbase.build.c' <<'END_OF_FILE' X#ifndef lint Xstatic char rcsid[] = "$Id: dbase.build.c,v 1.3 92/11/03 02:43:40 genek Exp $"; X#endif X X/* X * dbase.build.c X * X * build the preen.database file with the list of files that X * was generated by config.parse.c X * X * Gene Kim X * Purdue University X * September 27, 1992 X */ X X#include "../include/config.h" X#include X#ifdef STDLIBH X#include X#include X#endif X#include X#include X#include X#include X#ifndef XENIX X# include X#else X# include X#endif /* XENIX */ X#ifdef DIRENT X# include X#else X# ifndef XENIX X# include X# else /* XENIX */ X# include X# endif /* XENIX */ X#endif /* DIRENT */ X#if (defined(SYSV) && (SYSV < 3)) X# include X#endif /* SVR2 */ X#ifdef STRINGH X#include X#else X#include X#endif X#include "../include/list.h" X#include "../include/tripwire.h" X X#if defined(SYSV) && (SYSV < 4) X#ifndef HAVE_LSTAT X# define lstat(x,y) stat(x,y) X#endif X#endif /* SYSV */ X Xint files_scanned_num = 0; X X/* prototypes */ Xchar *mktemp(); Xstatic void database_record_write(); X X#ifndef L_tmpnam X# define L_tmpnam (unsigned int) MAXPATHLEN X#endif X Xchar backupfile[MAXPATHLEN]; X X/* X * database_build(struct list **pp_list, int tempdatabaseflag) X * X * take the list of file elements from the list and store all of X * the pertinent inode and signature information in the database X * file. X * X * if (tempdatabaseflag) is set, then we write to a private file X * in the /tmp directory. X */ X Xvoid Xdatabase_build (pp_list, mode, pp_entry_list) X struct list **pp_list; X int mode; X struct list **pp_entry_list; X{ X struct list_elem *p_fileentry; X struct list_elem *p_configentry; X FILE *fpw; X char database[MAXPATHLEN]; X int entrynum, X oldumask; X extern int errno; X X X#ifndef XENIX X struct timezone tzone; X struct timeval tval; X#else X long tval; X#endif /* XENIX */ X X fprintf(stderr, "### Phase 3: %s file information database\n", X mode == DBASE_UPDATE ? "Updating" : "Creating"); X X X /* create the database file X * if we are making the permanent database, then we write X * to the specified file. X * X * else, we create a temporary file, and save the name of it. X */ X X /* XXX - we should use open() so we can set the modes */ X X oldumask = umask(077); X X if (mode == DBASE_TEMPORARY) { X char *tmpfilename = (char *) malloc(L_tmpnam); X (void) strcpy(tmpfilename, TEMPFILE_TEMPLATE); X X if ((char *) mktemp(tmpfilename) == NULL) X die_with_err("database_build: mktemp()", (char *) NULL); X X (void) strcpy(tempdatabase_file, tmpfilename); X (void) strcpy(database, tempdatabase_file); X } /* end if temporary database */ X else { X sprintf(database, "%s/%s", database_path, database_file); X } /* end if non-temporary database */ X X /* back up any existing database */ X if (mode == DBASE_UPDATE) { X FILE *fpin, *fpout; X char backup[MAXPATHLEN]; X register int ctemp; X X sprintf(backup, "%s.old", database_file); X X /* make sure we stay underneath maximum file length */ X X if ((int)(strlen(database_file) + 4) > MAXNAMLEN) { X X /* tack on .old as well as it fits */ X (void) strcpy(backup + (MAXNAMLEN - 4), ".old"); X } X /* so we can reference it later */ X (void) strcpy(backupfile, backup); /* strlen(./Databases/) == 12 */ X X if ((fpin = fopen(database, "r")) == NULL) X die_with_err("database_build: Couldn't open database `%s'!\n", database); X X else if ((fpout = fopen(backup, "w")) == NULL) X die_with_err("Couldn't open '%s'!\n", backup); X X /* make the backup file */ X while ((ctemp = getc(fpin)) != EOF) X putc((char) ctemp, fpout); X X (void) fclose(fpin); X (void) fclose(fpout); X } X X /* rebuild the database */ X if ((fpw = fopen(database, "w")) == NULL) X die_with_err("Hint: Maybe the database directory '%s' doesn't exist?\n", X database); X X (void) umask(oldumask); X X X /* get time information for banner */ X X#ifndef XENIX X if (gettimeofday(&tval, &tzone) < 0) X die_with_err("gettimeofday()", (char *) NULL); X#else X tval = time((long *) 0); X#endif /* XENIX */ X X X /* add a banner to the top of the database file */ X /* note that the newline comes from date */ X fprintf(fpw, "# Generated by Tripwire, version %s on %s", X version_num, ctime((time_t *)&tval)); X fprintf(fpw, "@@dbaseversion %d\n", db_version_num); X X /* we use &filelist as the key */ X if (list_open(pp_list) < 0) X die_with_err("database_build: list_open() failed!\n", (char *) NULL); X X while ((p_fileentry = list_get(pp_list)) != NULL) { X X struct stat statbuf; X char *filename, ignorevec[512]; X X /* if we're in a debugging mood, print out the entries */ X XSPDEBUG(10) Xprintf("--(%3d)--> %s\n", files_scanned_num, p_fileentry->varname); X X /* X * if we're in UPDATE mode, we simply copy entries unless X * FLAG_UPDATE is set. X */ X X if (mode == DBASE_UPDATE) { X char s[MAXPATHLEN*2]; X X if (! (list_getflag(p_fileentry->varname, pp_list) & FLAG_UPDATE)) { X sprintf(s, "%s %s", p_fileentry->varname, X p_fileentry->varvalue); X fputs(s, fpw); X continue; X } X } X X /* get the stat information on it */ X filename = p_fileentry->varname; X if (sscanf(p_fileentry->varvalue, "%d %s", &entrynum, ignorevec) != 2) X die_with_err("database_build: sscanf() parsing error!\n", X (char *) NULL); X X if (lstat(filename, &statbuf) < 0) { X if (errno == ENOENT) { X fprintf(stderr, X "%s: %s: disappeared. Skipping...\n", progname, filename); X continue; X } X else X die_with_err("database_build: lstat()", filename); X } X X /* pick up NO_OPEN flag if we're in UPDATE mode X * X * if it is a special file or device, add it to the list, but X * make sure we don't open it and read from it! X */ X if (mode == DBASE_UPDATE) X switch (statbuf.st_mode & S_IFMT) { X case S_IFIFO: X case S_IFCHR: X case S_IFDIR: X case S_IFBLK: X#if !defined(SYSV) || (SYSV > 3) X case S_IFSOCK: X#endif X (void) list_setflag(filename, FLAG_NOOPEN, pp_list); X } X X database_record_write(fpw, filename, p_fileentry->flag, ignorevec, X &statbuf, entrynum); X X files_scanned_num++; X } /* end while list_read() */ X X /* cleanup */ X if (list_close(pp_list) < 0) X die_with_err("database_build: list_close() failed!\n", (char *) NULL); X X /* print out table of contents in permanent database */ X if (mode != DBASE_TEMPORARY) { X /* we use &pp_entry_list as the key */ X if (list_open(pp_entry_list) < 0) X die_with_err("database_build: list_open() failed!\n", (char *) NULL); X X /* print out the contents */ X while ((p_configentry = list_get(pp_entry_list)) != NULL) X fprintf(fpw, "@@contents %s %s\n", p_configentry->varname, X p_configentry->varvalue); X X /* close the list */ X if (list_close(pp_entry_list) < 0) X die_with_err("database_build: list_close() failed!\n", (char *) NULL); X } X X (void) fclose(fpw); X X return; X} X X/* X * database_record_write(FILE *fpw, char *filename, int flags, X * char *ignorevec, struct stat *statbuf, X * int entrynum) X * X * write out the pertinent information of the specifed file to the X * database. X * X * gather the signatures, and include that in the info going to X * to the database. X * X * (entrynum) is the unique entry number tag from tw.config. X */ X Xstatic void Xdatabase_record_write (fpw, filename, flags, ignorevec, statbuf, entrynum) X FILE *fpw; X char *filename; X int flags; X char *ignorevec; X struct stat *statbuf; X int entrynum; X{ X char sigs[NUM_SIGS][SIG_MAX_LEN]; X int fd, i; X int ignoremask; X char vec64_a[50]; X char vec64_c[50]; X char vec64_m[50]; X char sigs_concat[1024]; X /* filename, entrynum, ignore, mode, inode, nlinks, uid, gid, size, X * access, modify, ctime, {sig0, sig1, ..., sig9} X */ X static char *format = "%s %ld %s %lo %ld %ld %ld %ld %ld %s %s %s %s\n"; X X if (verbosity) { X fprintf(stderr, "scanning: %s\n", filename); X } X X /* X * check for NOOPEN flag (for special files that shouldn't be X * read from, like devices) X * X * if it's a symlink, then we collect the stat info on the link X * itself. remember, we never traverse symlinks! X * X * so, we make up null signatures. X */ X if ((flags & FLAG_NOOPEN) || (flags & FLAG_SYMLINK)) { X for (i = 0; i < NUM_SIGS; i++) { X register char *pc = sigs[i]; X *pc++ = '0'; X *pc++ = ' '; X *pc++ = '\0'; X } X X goto SKIPPED_SIGS; X } X X /* descriptor for signature functions */ X if ((fd = open(filename, O_RDONLY)) < 0) { X /* skip it if we had an error */ X warn_with_err("Trying to open %s for signature\n", filename); X return; X } X X /* first find out which signatures we don't need to collect */ X ignoremask = ignore_vec_to_scalar(ignorevec); X X /* collect signatures */ X for (i = 0; i < NUM_SIGS; i++) { X char *pc = sigs[i]; X X /* do we skip this signature? */ X if ((ignoremask & (IGNORE_0 << i)) || (runtimeignore & (IGNORE_0 << i))) X (void) strcpy(pc, "0 "); X else { X (*pf_signatures[i])(fd, pc, SIG_MAX_LEN); X (void) strcat(pc, " "); X } X } X X /* close up the descriptor, since we're done */ X (void) close(fd); X XSKIPPED_SIGS: X X /* concatenate all the signature */ X sigs_concat[0] = '\0'; X for (i = 0; i < NUM_SIGS; i++) X strcat(sigs_concat, sigs[i]); X X /* escape any special characters in the filename */ X filename_escape(filename); X X /* filename, ignore, mode, inode, nlinks, uid, gid, size, access, modify, X * ctime, sig0, sig1, ..., sig9 X */ X X X fprintf(fpw, format, filename, (long)entrynum, ignorevec, X (long)statbuf->st_mode, (long)statbuf->st_ino, X (long)statbuf->st_nlink, (long)statbuf->st_uid, X (long)statbuf->st_gid, (long)statbuf->st_size, X ltob64((unsigned long) statbuf->st_atime, vec64_a), X ltob64((unsigned long) statbuf->st_mtime, vec64_m), X ltob64((unsigned long) statbuf->st_ctime, vec64_c), X sigs_concat); X X return; X X} END_OF_FILE if test 10027 -ne `wc -c <'tripwire-1.0/src/dbase.build.c'`; then echo shar: \"'tripwire-1.0/src/dbase.build.c'\" unpacked with wrong size! fi # end of 'tripwire-1.0/src/dbase.build.c' fi if test -f 'tripwire-1.0/src/config.pre.y' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'tripwire-1.0/src/config.pre.y'\" else echo shar: Extracting \"'tripwire-1.0/src/config.pre.y'\" \(9777 characters\) sed "s/^X//" >'tripwire-1.0/src/config.pre.y' <<'END_OF_FILE' X%token DIRECTIVE X%token COMMENT X%token EOL X%token STRING X%token INCLUDE X%token DEFINE X%token UNDEF X%token IFDEF X%token IFNDEF X%token IFHOST X%token IFNHOST X%token ELSE X%token ENDIF X%token CONTENTS X%token DBASEVERSION X%token LPAREN X%token RPAREN X%token ANDAND X%token OROR X%token ECHOTHIS X%token BSLASH X%token ESCCHAR X X%{ X/* $Id: config.pre.y,v 1.2 92/11/03 04:49:41 genek Exp $ */ X X/* X * config.y X * X * tw.config preprocessor parser for yacc. X * X * This implementation does an unfortunately large number of X * malloc()'s and free()'s to store the lexeme values. Although X * memory leaks are few, too much time is spent doing memory X * allocation. X * X * At this point, I would argue that this is not too significant, X * since we only run this routine once. X * X * Gene Kim X * Purdue University X * October 5, 1992 X */ X X#include "../include/config.h" X#include X#ifdef STRINGH X#include X#else X#include X#endif X#include X#include X#include X#include "../include/list.h" X#include "../include/tripwire.h" X X#define INCLUDE_STACK_SZ 16 /* max num of nested includes */ X Xint yaccdebuglevel = 0; X Xstatic int linenumber = 0; X Xstatic FILE *fp_stack[INCLUDE_STACK_SZ]; Xstatic int linenumber_stack[INCLUDE_STACK_SZ]; Xstatic char *filename_stack[INCLUDE_STACK_SZ]; Xstatic int stackpointer = 0; Xstatic int found_db_version = 0; Xstatic struct list **pp_entry_list_global = NULL; X Xstatic char *currparsefile = NULL; X X/* prototypes */ Xstatic char *string_dequote(); Xstatic void include_push(); Xstatic FILE *include_pop(); X X%} X X%union { X char *string; X int val; X} X X%left COMMENT STRING ESCCHAR X%token IFDEF IFNDEF IFHOST IFNHOST X%type word words directive colines coline else X%type if_expr host_expr X%left ANDAND OROR X X%start lines X%% X Xlines : lines line X | X ; X X/* we do all of the line-emitting in this production (line) */ X Xline : directive EOL X { X /* X linenumber++; X */ X X if ($1) { X fprintf(yyout, "%s\n", $1); X free($1); X } X } X | words EOL X { X /* X linenumber++; X */ X X if ($1) { X fprintf(yyout, "%s\n", $1); X free($1); X } X } X ; X X Xcolines : colines coline X { X /* concatenate the two terminals together */ X if ($1 == NULL) { X $$ = (char *) malloc((unsigned) strlen($2) + 1); X $$[0] = '\0'; X } X else { X $$ = (char *) malloc((unsigned) X (strlen($1) + strlen($2)) + 2); X (void) strcpy($$, $1); X (void) strcat($$, "\n"); X X /* free up the left component */ X free($1); X } X (void) strcat($$, $2); X X /* free up the right component */ X if ($2) X free($2); X } X | X { X $$ = NULL; X } X ; X Xcoline : directive EOL { $$ = $1; /* linenumber++; */} X | words EOL { $$ = $1; /* linenumber++; */} X ; X Xelse : ELSE colines X { X $$ = $2; X } X | X { X $$ = NULL; X } X ; X Xif_expr : LPAREN if_expr RPAREN X { X $$ = $2; X } X | if_expr ANDAND if_expr X { X $$ = $1 && $3; X } X | if_expr OROR if_expr X { X $$ = $1 || $3; X } X | word X { X $$ = tw_mac_ifdef($1); X } X Xhost_expr: LPAREN host_expr RPAREN X { X $$ = $2; X } X | host_expr ANDAND host_expr X { X $$ = $1 && $3; X } X | host_expr OROR host_expr X { X $$ = $1 || $3; X } X | word X { X $$ = tw_mac_ifhost($1); X } X Xdirective: X DEFINE word { tw_mac_define($2, ""); $$ = NULL; } X | DEFINE word word { tw_mac_define($2, $3); $$ = NULL; } X | UNDEF word { tw_mac_undef($2); $$ = NULL; } X | IFDEF if_expr X { X $1 = $2; X } X EOL colines else ENDIF X { X if ($1) { $$ = $5; } X else { $$ = $6; } X X /* X linenumber++; X */ X } X | IFNDEF if_expr X { X $1 = !$2; X } X EOL colines else ENDIF X { X if ($1) { $$ = $5; } X else { $$ = $6; } X X /* X linenumber++; X */ X } X | IFHOST host_expr X { X $1 = $2; X } X EOL colines else ENDIF X { X if ($1) { $$ = $5; } X else { $$ = $6; } X X /* X linenumber++; X */ X } X | IFNHOST host_expr X { X $1 = !$2; X } X EOL colines else ENDIF X { X if ($1) { $$ = $5; } X else { $$ = $6; } X X /* X linenumber++; X */ X } X | INCLUDE word X { X /* push a new @@include file onto the include stack */ X include_push($2, &yyin); X $$ = NULL; X X } X | CONTENTS word X { X char *pc = "@@contents "; X X /* record contents in list */ X list_set($2, "", 0, pp_entry_list_global); X X /* reconstruct and emit the entire string */ X $$ = (char *) malloc((unsigned) (strlen($2) + strlen(pc)) + 1); X (void) strcpy($$, pc); X (void) strcat($$, $2); X X /* free up the right side */ X free($2); X } X | ECHOTHIS words X { X printf("tw.config: echo: %s\n", $2); X } X | DBASEVERSION word X { X int version; X X if (sscanf($2, "%d", &version) != 1) { X yyerror(""); X } X X /* check if the database format is too old */ X if (version != db_version_num) { X fprintf(stderr, X "tripwire: configuration file '%s' format is too old!\n", X version); X exit(1); X } X X /* free up the right side */ X free($2); X X /* we must see one of these productions in the file */ X found_db_version = 1; X X $$ = NULL; X } X ; X Xwords : words word X { X /* concatenate the two terminals together */ X if ($1 == NULL) { X $$ = (char *) malloc((unsigned) strlen($2) + 1); X $$[0] = '\0'; X } X else { X $$ = (char *) malloc((unsigned) X (strlen($1) + strlen($2)) + 2); X (void) strcpy($$, $1); X (void) strcat($$, " "); X X /* free up the left component */ X free($1); X } X (void) strcat($$, $2); X X /* free up the right component */ X if ($2) X free($2); X } X | X { X $$ = NULL; X } X ; X Xword : STRING X { X $$ = strcpy((char *) malloc((unsigned) strlen($1) + 1), $1); X } X | DIRECTIVE STRING X { X char *pc; X X /* if not defined */ X if (tw_mac_ifdef($2) == 0) { X fprintf(stderr, "warning: uninitialized definition at line %d in '%s'!\n(Hint: maybe a misspelled directive?)\n", linenumber, X currparsefile); X $$ = NULL; X } X else { X /* else substitute in the input stream */ X pc = tw_mac_dereference($2); X assert(pc != NULL); X X $$ = (char *) malloc((unsigned) strlen(pc) + 1); X (void) strcpy($$, pc); X } X } X ; X X X%% X X#include "lex.yy.c" X X/*ARGSUSED*/ Xyyerror(s) X char *s; X{ X fprintf(stderr, X "syntax error at line %d in configuration file '%s'! Aborting...\n", X ++linenumber, currparsefile); X} X X/* X * void X * tw_macro_parse(char *filename, FILE *fpin, FILE *fpout, X * struct list **pp_entry_list) X * X * wrapper around yyparse(), initiailzing input and output data. X */ X Xvoid Xtw_macro_parse(filename, fpin, fpout, pp_entry_list) X char *filename; X FILE *fpin, *fpout; X struct list **pp_entry_list; X{ X /* set up input and output pointers */ X yyin = fpin; X yyout = fpout; X X /* set up initial filename */ X currparsefile = filename; X X pp_entry_list_global = pp_entry_list; X X (void) yyparse(); X} X X/* counters odd behaviour of flex -- Simon Leinen */ X#ifdef yywrap X# undef yyrap X#endif X Xyywrap() X{ X /* check to see if we've reached the bottom of the @@include stack */ X if (include_pop()) { X linenumber++; X return 0; X } X X /* check to see if we've seen a @@dbversion line */ X#ifdef FOO X if (!found_db_version) { X fprintf(stderr, "tripwire: database file doesn't contain version number! (old database?)\n"); X exit(1); X } X#endif X X /* close up parser */ X return 1; X} X X/* X * static char * X * string_dequote(char *s) X * X * remove pairs of quoted strings. X */ X Xstatic char * Xstring_dequote(s) X char *s; X{ X char temp[1024]; X X /* do we need to do anything? */ X if (s[0] != '"') { return s; } X X (void) strncpy(temp, s+1, strlen(s) - 2); X (void) strcpy(s, temp); X X return s; X X} X X/* X * void X * include_push(char *filename, FILE **p_fp_old) X * X * return a stdio (FILE *) pointer to the opened (filename), saving X * the old (FILE *) pointer and line number on the stack. X * X * returns (NULL) when we pop back to the original file. X */ X Xstatic void Xinclude_push(filename, p_fp_old) X char *filename; X FILE **p_fp_old; X{ X static FILE *fp; X char *pc; X extern int errno; X X /* check for stack overflow */ X if (stackpointer == INCLUDE_STACK_SZ) { X fprintf(stderr, "Too many nested includes at line %d in file '%s'!\n", X linenumber, currparsefile); X exit(1); X } X X /* dequote the include filename */ X string_dequote(filename); X X /* save the old file pointer, filename, and linenumber on the stack */ X fp_stack[stackpointer] = *p_fp_old; X X (void) strcpy((pc = (char *) malloc((unsigned) strlen(currparsefile) + 1)), X currparsefile); X filename_stack[stackpointer] = pc; X X linenumber_stack[stackpointer++] = linenumber; X X /* try opening the file */ X if ((fp = fopen(filename, "r")) == NULL) { X if (errno == ENOENT) { X fprintf(stderr, "tw.config: @@include '%s' file not found in '%s'!\n", X filename, currparsefile); X exit(1); X } X else { X char msg[100]; X sprintf(msg, "%s: fopen()", filename); X perror(msg); X exit(1); X } X } X X /* replace old pointer with new */ X *p_fp_old = fp; X X /* reset line number and filename */ X linenumber = 0; X currparsefile = pc; X} X X/* X * FILE * X * include_pop() X * X * pop the last file structure off the @@include stack. X * X * returns NULL when we've exhausted the stack. X */ X Xstatic FILE * Xinclude_pop() X{ X /* check for stack underflow */ X if (stackpointer-- == 0) X return NULL; X X /* pop off the line numbers and the stdio file pointer */ X yyin = fp_stack[stackpointer]; X linenumber = linenumber_stack[stackpointer]; X currparsefile = filename_stack[stackpointer]; X free(filename_stack[stackpointer]); X X return yyin; X} X END_OF_FILE if test 9777 -ne `wc -c <'tripwire-1.0/src/config.pre.y'`; then echo shar: \"'tripwire-1.0/src/config.pre.y'\" unpacked with wrong size! fi # end of 'tripwire-1.0/src/config.pre.y' fi if test -f 'tripwire-1.0/sigs/md4/md4.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'tripwire-1.0/sigs/md4/md4.c'\" else echo shar: Extracting \"'tripwire-1.0/sigs/md4/md4.c'\" \(9435 characters\) sed "s/^X//" >'tripwire-1.0/sigs/md4/md4.c' <<'END_OF_FILE' X#ifndef lint Xstatic char rcsid[] = "$Id: md4.c,v 1.1.1.2 92/11/02 18:21:41 genek Exp $"; X#endif X X/* X** ************************************************************************** X** md4.c -- Implementation of MD4 Message Digest Algorithm ** X** Updated: 2/16/90 by Ronald L. Rivest ** X** (C) 1990 RSA Data Security, Inc. ** X** ************************************************************************** X*/ X X/* X** To use MD4: X** -- Include md4.h in your program X** -- Declare an MDstruct MD to hold the state of the digest computation. X** -- Initialize MD using MDbegin(&MD) X** -- For each full block (64 bytes) X you wish to process, call X** MDupdate(&MD,X,512) X** (512 is the number of bits in a full block.) X** -- For the last block (less than 64 bytes) you wish to process, X** MDupdate(&MD,X,n) X** where n is the number of bits in the partial block. A partial X** block terminates the computation, so every MD computation should X** terminate by processing a partial block, even if it has n = 0. X** -- The message digest is available in MD.buffer[0] ... MD.buffer[3]. X** (Least-significant byte of each word should be output first.) X** -- You can print out the digest using MDprint(&MD) X*/ X X/* Implementation notes: X** This implementation assumes that ints are 32-bit quantities. X** If the machine stores the least-significant byte of an int in the X** least-addressed byte (eg., VAX and 8086), then LOWBYTEFIRST should be X** set to TRUE. Otherwise (eg., SUNS), LOWBYTEFIRST should be set to X** FALSE. Note that on machines with LOWBYTEFIRST FALSE the routine X** MDupdate modifies has a side-effect on its input array (the order of bytes X** in each word are reversed). If this is undesired a call to MDreverse(X) can X** reverse the bytes of X back into order after each call to MDupdate. X*/ X#define TRUE 1 X#define FALSE 0 X X X/* Compile-time includes X*/ X#include "../../include/config.h" X#include X#ifdef STDLIBH X#include X#endif X#include "../../include/byteorder.h" X#include "md4.h" X X/* Compile-time declarations of MD4 ``magic constants''. X*/ X#define I0 0x67452301 /* Initial values for MD buffer */ X#define I1 0xefcdab89 X#define I2 0x98badcfe X#define I3 0x10325476 X#define C2 013240474631 /* round 2 constant = sqrt(2) in octal */ X#define C3 015666365641 /* round 3 constant = sqrt(3) in octal */ X/* C2 and C3 are from Knuth, The Art of Programming, Volume 2 X** (Seminumerical Algorithms), Second Edition (1981), Addison-Wesley. X** Table 2, page 660. X*/ X#define fs1 3 /* round 1 shift amounts */ X#define fs2 7 X#define fs3 11 X#define fs4 19 X#define gs1 3 /* round 2 shift amounts */ X#define gs2 5 X#define gs3 9 X#define gs4 13 X#define hs1 3 /* round 3 shift amounts */ X#define hs2 9 X#define hs3 11 X#define hs4 15 X X X/* Compile-time macro declarations for MD4. X** Note: The ``rot'' operator uses the variable ``tmp''. X** It assumes tmp is declared as unsigned int, so that the >> X** operator will shift in zeros rather than extending the sign bit. X*/ X#define f(X,Y,Z) ((X&Y) | ((~X)&Z)) X#define g(X,Y,Z) ((X&Y) | (X&Z) | (Y&Z)) X#define h(X,Y,Z) (X^Y^Z) X#define rot(X,S) (tmp=X,(tmp<>(32-S))) X#define ff(A,B,C,D,i,s) A = rot((A + f(B,C,D) + X[i]),s) X#define gg(A,B,C,D,i,s) A = rot((A + g(B,C,D) + X[i] + C2),s) X#define hh(A,B,C,D,i,s) A = rot((A + h(B,C,D) + X[i] + C3),s) X X/* MDprint(MDp) X** Print message digest buffer MDp as 32 hexadecimal digits. X** Order is from low-order byte of buffer[0] to high-order byte of buffer[3]. X** Each byte is printed with high-order hexadecimal digit first. X** This is a user-callable routine. X*/ Xvoid XMDprint(MDp) XMDptr MDp; X{ int i,j; X for (i=0;i<4;i++) X for (j=0;j<32;j=j+8) X printf("%02x",(MDp->buffer[i]>>j) & 0xFF); X} X X/* MDbegin(MDp) X** Initialize message digest buffer MDp. X** This is a user-callable routine. X*/ Xvoid XMDbegin(MDp) XMDptr MDp; X{ int i; X MDp->buffer[0] = I0; X MDp->buffer[1] = I1; X MDp->buffer[2] = I2; X MDp->buffer[3] = I3; X for (i=0;i<8;i++) MDp->count[i] = 0; X MDp->done = 0; X} X X/* MDreverse(X) X** Reverse the byte-ordering of every int in X. X** Assumes X is an array of 16 ints. X** The macro revx reverses the byte-ordering of the next word of X. X*/ X#define revx { t = (*X << 16) | (*X >> 16); \ X *X++ = ((t & 0xFF00FF00) >> 8) | ((t & 0x00FF00FF) << 8); } Xvoid XMDreverse(X) Xunsigned int *X; X{ register unsigned int t; X revx; revx; revx; revx; revx; revx; revx; revx; X revx; revx; revx; revx; revx; revx; revx; revx; X} X X/* MDblock(MDp,X) X** Update message digest buffer MDp->buffer using 16-word data block X. X** Assumes all 16 words of X are full of data. X** Does not update MDp->count. X** This routine is not user-callable. X*/ Xstatic void XMDblock(MDp,X) XMDptr MDp; Xunsigned int *X; X{ X register unsigned int tmp, A, B, C, D; X#if BYTEORDER != 0x4321 X MDreverse(X); X#endif X A = MDp->buffer[0]; X B = MDp->buffer[1]; X C = MDp->buffer[2]; X D = MDp->buffer[3]; X /* Update the message digest buffer */ X ff(A , B , C , D , 0 , fs1); /* Round 1 */ X ff(D , A , B , C , 1 , fs2); X ff(C , D , A , B , 2 , fs3); X ff(B , C , D , A , 3 , fs4); X ff(A , B , C , D , 4 , fs1); X ff(D , A , B , C , 5 , fs2); X ff(C , D , A , B , 6 , fs3); X ff(B , C , D , A , 7 , fs4); X ff(A , B , C , D , 8 , fs1); X ff(D , A , B , C , 9 , fs2); X ff(C , D , A , B , 10 , fs3); X ff(B , C , D , A , 11 , fs4); X ff(A , B , C , D , 12 , fs1); X ff(D , A , B , C , 13 , fs2); X ff(C , D , A , B , 14 , fs3); X ff(B , C , D , A , 15 , fs4); X gg(A , B , C , D , 0 , gs1); /* Round 2 */ X gg(D , A , B , C , 4 , gs2); X gg(C , D , A , B , 8 , gs3); X gg(B , C , D , A , 12 , gs4); X gg(A , B , C , D , 1 , gs1); X gg(D , A , B , C , 5 , gs2); X gg(C , D , A , B , 9 , gs3); X gg(B , C , D , A , 13 , gs4); X gg(A , B , C , D , 2 , gs1); X gg(D , A , B , C , 6 , gs2); X gg(C , D , A , B , 10 , gs3); X gg(B , C , D , A , 14 , gs4); X gg(A , B , C , D , 3 , gs1); X gg(D , A , B , C , 7 , gs2); X gg(C , D , A , B , 11 , gs3); X gg(B , C , D , A , 15 , gs4); X hh(A , B , C , D , 0 , hs1); /* Round 3 */ X hh(D , A , B , C , 8 , hs2); X hh(C , D , A , B , 4 , hs3); X hh(B , C , D , A , 12 , hs4); X hh(A , B , C , D , 2 , hs1); X hh(D , A , B , C , 10 , hs2); X hh(C , D , A , B , 6 , hs3); X hh(B , C , D , A , 14 , hs4); X hh(A , B , C , D , 1 , hs1); X hh(D , A , B , C , 9 , hs2); X hh(C , D , A , B , 5 , hs3); X hh(B , C , D , A , 13 , hs4); X hh(A , B , C , D , 3 , hs1); X hh(D , A , B , C , 11 , hs2); X hh(C , D , A , B , 7 , hs3); X hh(B , C , D , A , 15 , hs4); X MDp->buffer[0] += A; X MDp->buffer[1] += B; X MDp->buffer[2] += C; X MDp->buffer[3] += D; X} X X/* MDupdate(MDp,X,count) X** Input: MDp -- an MDptr X** X -- a pointer to an array of unsigned characters. X** count -- the number of bits of X to use. X** (if not a multiple of 8, uses high bits of last byte.) X** Update MDp using the number of bits of X given by count. X** This is the basic input routine for an MD4 user. X** The routine completes the MD computation when count < 512, so X** every MD computation should end with one call to MDupdate with a X** count less than 512. A call with count 0 will be ignored if the X** MD has already been terminated (done != 0), so an extra call with count X** 0 can be given as a ``courtesy close'' to force termination if desired. X*/ Xvoid XMDupdate(MDp,X,count) XMDptr MDp; Xunsigned char *X; Xunsigned int count; X{ unsigned int i, tmp, bit, byte, mask; X unsigned char XX[64]; X unsigned char *p; X /* return with no error if this is a courtesy close with count X ** zero and MDp->done is true. X */ X if (count == 0 && MDp->done) return; X /* check to see if MD is already done and report error */ X if (MDp->done) { printf("\nError: MDupdate MD already done."); return; } X /* Add count to MDp->count */ X tmp = count; X p = MDp->count; X while (tmp) X { tmp += *p; X *p++ = tmp; X tmp = tmp >> 8; X } X /* Process data */ X if (count == 512) X { /* Full block of data to handle */ X MDblock(MDp,(unsigned int *)X); X } X else if (count > 512) /* Check for count too large */ X { printf("\nError: MDupdate called with illegal count value %d.",count); X return; X } X else /* partial block -- must be last block so finish up */ X { /* Find out how many bytes and residual bits there are */ X byte = count >> 3; X bit = count & 7; X /* Copy X into XX since we need to modify it */ X for (i=0;i<=byte;i++) XX[i] = X[i]; X for (i=byte+1;i<64;i++) XX[i] = 0; X /* Add padding '1' bit and low-order zeros in last byte */ X mask = 1 << (7 - bit); X XX[byte] = (XX[byte] | mask) & ~( mask - 1); X /* If room for bit count, finish up with this block */ X if (byte <= 55) X { for (i=0;i<8;i++) XX[56+i] = MDp->count[i]; X MDblock(MDp,(unsigned int *)XX); X } X else /* need to do two blocks to finish up */ X { MDblock(MDp,(unsigned int *)XX); X for (i=0;i<56;i++) XX[i] = 0; X for (i=0;i<8;i++) XX[56+i] = MDp->count[i]; X MDblock(MDp,(unsigned int *)XX); X } X /* Set flag saying we're done with MD computation */ X MDp->done = 1; X } X} END_OF_FILE if test 9435 -ne `wc -c <'tripwire-1.0/sigs/md4/md4.c'`; then echo shar: \"'tripwire-1.0/sigs/md4/md4.c'\" unpacked with wrong size! fi # end of 'tripwire-1.0/sigs/md4/md4.c' fi if test -f 'tripwire-1.0/sigs/snefru/README.snefru' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'tripwire-1.0/sigs/snefru/README.snefru'\" else echo shar: Extracting \"'tripwire-1.0/sigs/snefru/README.snefru'\" \(8502 characters\) sed "s/^X//" >'tripwire-1.0/sigs/snefru/README.snefru' <<'END_OF_FILE' X# $Id: README.snefru,v 1.1.1.2 92/11/02 18:22:42 genek Exp $ X X The Snefru one-way hash function package is copyrighted by XXerox Corporation. The following disclaimer can be found in the XSnefru C code: (Comments on changes made to accomodate its use Xwithin Tripwire follow the disclaimer.) X X================== X X/* X This is an implementation of Snefru. Snefru is a one-way hash X function that provides authentication. It does not provide secrecy. X X Snefru is named after a Pharaoh of ancient Egypt. X X Copyright (c) Xerox Corporation 1989. All rights reserved. X X License to copy and use this software is granted provided that it is X identified as the "Xerox Secure Hash Function" in all material mentioning X or referencing this software or this hash function. X X License is also granted to make and use derivative works provided that such X works are identified as "derived from the Xerox Secure Hash Function" in X all material mentioning or referencing the derived work. X X Xerox Corporation makes no representations concerning either the X merchantability of this software or the suitability of this software for X any particular purpose. It is provided "as is" without express or implied X warranty of any kind. X X These notices must be retained in any copies of any part of this software. X X Updated information about Snefru is available from arisia.xerox.com in X directory /pub/hash by anonymous FTP. The README file provides a quick X introduction. X X This is version 2.5a, November 29, 1990. X Version 2.5a provides a reasonably understandable and efficient X implementation of Snefru. Further, this version provides X 8 passes. While 4 pass Snefru has not been broken, the use X of 4 pass Snefru for production use is not recommended at X this time. Further study of the security of Snefru is X required before production use is advisable. X X This program reads from the standard input until EOF is reached (the first X "read" that returns 0 bytes). The data on the standard input is "hashed" X with a cryptographically secure one-way hash function (also known as a X "message digest", "fingerprint", "Manipulation Detection Code" or "MDC"). X The hash is then printed on the standard output. X X The input can be of any size. The output is 128 bits printed as 32 X characters in hex. The output size can be changed to 256 bits be setting X the parameter OUTPUT_BLOCK_SIZE to 8. (The 8 indicates the number of X 32-bit words in the output). X X The primary use of one-way hash functions is to determine if there have been X any unauthorized, malicious, or accidental changes made to a file. For X example, if an executable program file produces the hash "209884c4 X 2e89d967 5456ac0e 61269550", then any change to that program file will X cause the hash to be changed. Thus, the tampering can be detected by X comparing the current output value with the previously computed (and X presumably correct) output value. X X Hash512 is the centrol routine in this program. It is used in this program in X a linear fashion -- i.e., a sequential file is hashed down by repeated X applications of Hash512. Changing a single bit in the file would then X require completely re-computing the hash from the point of change onward. X X Hash512 can be used in a tree-structured fashion to authenticate a large table X of data. This would imply that changing a single bit would not force a X complete re-computation of the hash value, but would instead require only X log n re-computations of Hash512 to "patch up" the changes along the path X from the root to the changed leaf entry. A tree-structured application X also has the advantage that any single entry in the table can subsequently X be authenticated by someone who knows only the "authentication path" from X the root of the tree to the leaf entry. These concepts are discussed more X thoroughly in "Secrecy, Authentication, and Public Key Systems" by Ralph X C. Merkle, UMI Research Press, 1982 (see particularly Chapter 2, "One Way X Hash Functions"). The use of a tree-structured pattern of applications of X a one-way hash function is covered by U.S. Patent #4,309,569, "Method of X Providing Digital Signatures" (contact Stanford University, Office of X Technology Licensing). X X X At the present time (November 29, 1990) the author knows of no method for X "breaking" this one-way function, (i.e., finding two input files that X produce the same output value). X X We recommend against the use of output sizes smaller than 128 bits, and X against the use of an input that is less than 2 (two) words larger than X the size of the output. When the input size equals the output size, X Snefru suffers a serious degradation in security (an observation due to X Coppersmith). X X Further study and validation of the security of Snefru is required prior X to production use. X X If anyone using this program finds two different inputs that produce the same X output, please contact Ralph C. Merkle via E-mail (merkle@xerox.com) or X via normal mail at: Xerox PARC 3333 Coyote Hill Road Palo Alto, CA 94304 X (415) 494-4000 X X X See the paper "A Fast Software One Way Hash Function" by Ralph C. Merkle, X to appear in The Journal of Cryptology, for a more detailed explanation. X X The following test cases were taken directly from a terminal, and can be used X to verify the correct functioning of an implementation of Snefru. The X first input is simply a carriage return followed by control-d. The second X input is "1" followed by carriage return followed by control-d, the third X input is "12" followed by carriage return followed by control-d, etc. X (In some cases, two control-d's will be required). X XNote that the test cases given are from 8-pass Snefru (e.g., SECURITY_LEVEL=8) X X% ./snefru X X d9fcb317 1c097fbb a8c8f12a a0906bad X% ./snefru X1 X 44ec420c e99c1f62 feb66c53 c24ae453 X% ./snefru X12 X 7182051a a852ef6f ba4b6c9c 9b79b317 X% ./snefru X123 X bc3a50af 82bf56d6 a64732bc 7b050a93 X% ./snefru X1234 X c5b8a049 85a8eadf b4331a89 88752b77 X% ./snefru X12345 X d559a2b6 2f6f4411 1324f852 08723707 X% ./snefru X123456 X 6cfb5e8f 1da02bd1 67b01e48 16686c30 X% ./snefru X1234567 X 29aa4832 5f275a8a 7a01ba15 43c54ba5 X% ./snefru X12345678 X be862a6b 68b7df88 7ebe0031 9cbc4a47 X% ./snefru X123456789 X 6103721c cd8ad565 d68e90b0 f8906163 X% X X XThe following outputs were obtained after the program was Xcompiled with OUTPUT_BLOCK_SIZE set to 8. This can be done Xby using the -D option on cc, as: Xcc -o snefru256 -DOUTPUT_BLOCK_SIZE=8 snefru.c X XNote that the test cases given are from 8-pass Snefru (e.g., SECURITY_LEVEL=8) X X% ./snefru256 X X 2e02687f 0d45d5b9 b50cb68c 3f33e684 3d618a1a ca2d0689 3d3eb4e3 026b5732 X% ./snefru256 X1 X bfea4a05 a2a2ef15 c736d114 598a20b9 d9bd4d66 b661e6b0 5ecf6a77 37bdc58c X% ./snefru256 X12 X ac677d69 761ade3f 189c7aef 106d5fe7 392d324e 19cc76d5 db4a2c05 f2cc2cc5 X% ./snefru256 X123 X 061c76aa 1db4a22c 0e42945e 26c48499 b5400162 e08c640b e05d3c00 7c44793d X% ./snefru256 X1234 X 1e87fe1d 9c927e9e 24be85e3 cc733598 73541640 a6261793 ce5a9749 53113f5e X% ./snefru256 X12345 X 1b59927d 85a9349a 87796620 fe2ff401 a06a7ba4 8794498e bab978ef c3a68912 X% ./snefru256 X123456 X 28e9d9bc 35032b68 faeda881 01ecb252 4317e9da 111b0e3e 70941072 12d9cf72 X% ./snefru256 X1234567 X f7fff4ee 74fd1b8d 6b3267f8 4e47e007 f029d13b 8af7e37e 34d13b46 9b8f248f X% ./snefru256 X12345678 X ee7d64b0 102b2205 e9892661 3b200185 559d08be 6ad787da 717c9687 44e11af3 X% ./snefru256 X123456789 X 4ca72639 e40e9ab9 c0c3f523 c4449b39 11632d37 4c124d77 02192ec2 e4e0b7a3 X% X X Note that "word32" MUST be 32 bits X X Implementor: Ralph C. Merkle X X */ X X================== X X The Snefru one-way hash function package is copyrighted by XXerox Corporation. The disclaimer from the C code has been Xretained, and is shown above. X X All big-endian/little-endian specific code in snefru.c has Xbeen replaced by code that can resolve this automatically at Xcompile-time. Tripwire specific code is also in snefru.c to Xto minimize the amount of overhead in collecting signatures from Xwithin Tripwire. (We certainly don't want to fork() for every Xfile we need to scan!) X X Because of this, snefru.c is no longer identical to the Xvirgin Snefru distribution. I have sent my changes to the Xauthor, but I am not aware of any buybacks at this time. X X The original Snefru code can be obtained via anonymous FTP Xfrom arisia.xerox.com. The original README file has been Xretained in the Tripwire distribution. X X X XGene Kim XSeptember 7, 1992 END_OF_FILE if test 8502 -ne `wc -c <'tripwire-1.0/sigs/snefru/README.snefru'`; then echo shar: \"'tripwire-1.0/sigs/snefru/README.snefru'\" unpacked with wrong size! fi # end of 'tripwire-1.0/sigs/snefru/README.snefru' fi if test -f 'tripwire-1.0/sigs/crc32/crc32.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'tripwire-1.0/sigs/crc32/crc32.c'\" else echo shar: Extracting \"'tripwire-1.0/sigs/crc32/crc32.c'\" \(8219 characters\) sed "s/^X//" >'tripwire-1.0/sigs/crc32/crc32.c' <<'END_OF_FILE' X#ifndef lint Xstatic char rcsid[] = "$Id: crc32.c,v 1.1.1.2 92/11/02 18:20:58 genek Exp $"; X#endif X X/* X * crc32.c X * X * signature function hook for CRC32. X * X * Gene Kim X * Purdue University X * October 14, 1992 X */ X X /* ============================================================= */ X /* COPYRIGHT (C) 1986 Gary S. Brown. You may use this program, or */ X /* code or tables extracted from it, as desired without restriction. */ X /* */ X /* First, the polynomial itself and its table of feedback terms. The */ X /* polynomial is */ X /* X^32+X^26+X^23+X^22+X^16+X^12+X^11+X^10+X^8+X^7+X^5+X^4+X^2+X^1+X^0 */ X /* */ X /* Note that we take it "backwards" and put the highest-order term in */ X /* the lowest-order bit. The X^32 term is "implied"; the LSB is the */ X /* X^31 term, etc. The X^0 term (usually shown as "+1") results in */ X /* the MSB being 1. */ X /* */ X /* Note that the usual hardware shift register implementation, which */ X /* is what we're using (we're merely optimizing it by doing eight-bit */ X /* chunks at a time) shifts bits into the lowest-order term. In our */ X /* implementation, that means shifting towards the right. Why do we */ X /* do it this way? Because the calculated CRC must be transmitted in */ X /* order from highest-order term to lowest-order term. UARTs transmit */ X /* characters in order from LSB to MSB. By storing the CRC this way, */ X /* we hand it to the UART in the order low-byte to high-byte; the UART */ X /* sends each low-bit to hight-bit; and the result is transmission bit */ X /* by bit from highest- to lowest-order term without requiring any bit */ X /* shuffling on our part. Reception works similarly. */ X /* */ X /* The feedback terms table consists of 256, 32-bit entries. Notes: */ X /* */ X /* The table can be generated at runtime if desired; code to do so */ X /* is shown later. It might not be obvious, but the feedback */ X /* terms simply represent the results of eight shift/xor opera- */ X /* tions for all combinations of data and CRC register values. */ X /* */ X /* The values must be right-shifted by eight bits by the "updcrc" */ X /* logic; the shift must be unsigned (bring in zeroes). On some */ X /* hardware you could probably optimize the shift in assembler by */ X /* using byte-swap instructions. */ X /* polynomial $edb88320 */ X /* */ X /* -------------------------------------------------------------------- */ X X#include "../../include/config.h" X#include X#include X#ifdef STDLIBH X#include X#include X#endif X#include "../../include/sigs.h" X#include "crc32.h" X#define BUFSIZE 4096 X Xstatic long crc_32_tab[] = { X 0x00000000L, 0x77073096L, 0xee0e612cL, 0x990951baL, 0x076dc419L, X 0x706af48fL, 0xe963a535L, 0x9e6495a3L, 0x0edb8832L, 0x79dcb8a4L, X 0xe0d5e91eL, 0x97d2d988L, 0x09b64c2bL, 0x7eb17cbdL, 0xe7b82d07L, X 0x90bf1d91L, 0x1db71064L, 0x6ab020f2L, 0xf3b97148L, 0x84be41deL, X 0x1adad47dL, 0x6ddde4ebL, 0xf4d4b551L, 0x83d385c7L, 0x136c9856L, X 0x646ba8c0L, 0xfd62f97aL, 0x8a65c9ecL, 0x14015c4fL, 0x63066cd9L, X 0xfa0f3d63L, 0x8d080df5L, 0x3b6e20c8L, 0x4c69105eL, 0xd56041e4L, X 0xa2677172L, 0x3c03e4d1L, 0x4b04d447L, 0xd20d85fdL, 0xa50ab56bL, X 0x35b5a8faL, 0x42b2986cL, 0xdbbbc9d6L, 0xacbcf940L, 0x32d86ce3L, X 0x45df5c75L, 0xdcd60dcfL, 0xabd13d59L, 0x26d930acL, 0x51de003aL, X 0xc8d75180L, 0xbfd06116L, 0x21b4f4b5L, 0x56b3c423L, 0xcfba9599L, X 0xb8bda50fL, 0x2802b89eL, 0x5f058808L, 0xc60cd9b2L, 0xb10be924L, X 0x2f6f7c87L, 0x58684c11L, 0xc1611dabL, 0xb6662d3dL, 0x76dc4190L, X 0x01db7106L, 0x98d220bcL, 0xefd5102aL, 0x71b18589L, 0x06b6b51fL, X 0x9fbfe4a5L, 0xe8b8d433L, 0x7807c9a2L, 0x0f00f934L, 0x9609a88eL, X 0xe10e9818L, 0x7f6a0dbbL, 0x086d3d2dL, 0x91646c97L, 0xe6635c01L, X 0x6b6b51f4L, 0x1c6c6162L, 0x856530d8L, 0xf262004eL, 0x6c0695edL, X 0x1b01a57bL, 0x8208f4c1L, 0xf50fc457L, 0x65b0d9c6L, 0x12b7e950L, X 0x8bbeb8eaL, 0xfcb9887cL, 0x62dd1ddfL, 0x15da2d49L, 0x8cd37cf3L, X 0xfbd44c65L, 0x4db26158L, 0x3ab551ceL, 0xa3bc0074L, 0xd4bb30e2L, X 0x4adfa541L, 0x3dd895d7L, 0xa4d1c46dL, 0xd3d6f4fbL, 0x4369e96aL, X 0x346ed9fcL, 0xad678846L, 0xda60b8d0L, 0x44042d73L, 0x33031de5L, X 0xaa0a4c5fL, 0xdd0d7cc9L, 0x5005713cL, 0x270241aaL, 0xbe0b1010L, X 0xc90c2086L, 0x5768b525L, 0x206f85b3L, 0xb966d409L, 0xce61e49fL, X 0x5edef90eL, 0x29d9c998L, 0xb0d09822L, 0xc7d7a8b4L, 0x59b33d17L, X 0x2eb40d81L, 0xb7bd5c3bL, 0xc0ba6cadL, 0xedb88320L, 0x9abfb3b6L, X 0x03b6e20cL, 0x74b1d29aL, 0xead54739L, 0x9dd277afL, 0x04db2615L, X 0x73dc1683L, 0xe3630b12L, 0x94643b84L, 0x0d6d6a3eL, 0x7a6a5aa8L, X 0xe40ecf0bL, 0x9309ff9dL, 0x0a00ae27L, 0x7d079eb1L, 0xf00f9344L, X 0x8708a3d2L, 0x1e01f268L, 0x6906c2feL, 0xf762575dL, 0x806567cbL, X 0x196c3671L, 0x6e6b06e7L, 0xfed41b76L, 0x89d32be0L, 0x10da7a5aL, X 0x67dd4accL, 0xf9b9df6fL, 0x8ebeeff9L, 0x17b7be43L, 0x60b08ed5L, X 0xd6d6a3e8L, 0xa1d1937eL, 0x38d8c2c4L, 0x4fdff252L, 0xd1bb67f1L, X 0xa6bc5767L, 0x3fb506ddL, 0x48b2364bL, 0xd80d2bdaL, 0xaf0a1b4cL, X 0x36034af6L, 0x41047a60L, 0xdf60efc3L, 0xa867df55L, 0x316e8eefL, X 0x4669be79L, 0xcb61b38cL, 0xbc66831aL, 0x256fd2a0L, 0x5268e236L, X 0xcc0c7795L, 0xbb0b4703L, 0x220216b9L, 0x5505262fL, 0xc5ba3bbeL, X 0xb2bd0b28L, 0x2bb45a92L, 0x5cb36a04L, 0xc2d7ffa7L, 0xb5d0cf31L, X 0x2cd99e8bL, 0x5bdeae1dL, 0x9b64c2b0L, 0xec63f226L, 0x756aa39cL, X 0x026d930aL, 0x9c0906a9L, 0xeb0e363fL, 0x72076785L, 0x05005713L, X 0x95bf4a82L, 0xe2b87a14L, 0x7bb12baeL, 0x0cb61b38L, 0x92d28e9bL, X 0xe5d5be0dL, 0x7cdcefb7L, 0x0bdbdf21L, 0x86d3d2d4L, 0xf1d4e242L, X 0x68ddb3f8L, 0x1fda836eL, 0x81be16cdL, 0xf6b9265bL, 0x6fb077e1L, X 0x18b74777L, 0x88085ae6L, 0xff0f6a70L, 0x66063bcaL, 0x11010b5cL, X 0x8f659effL, 0xf862ae69L, 0x616bffd3L, 0x166ccf45L, 0xa00ae278L, X 0xd70dd2eeL, 0x4e048354L, 0x3903b3c2L, 0xa7672661L, 0xd06016f7L, X 0x4969474dL, 0x3e6e77dbL, 0xaed16a4aL, 0xd9d65adcL, 0x40df0b66L, X 0x37d83bf0L, 0xa9bcae53L, 0xdebb9ec5L, 0x47b2cf7fL, 0x30b5ffe9L, X 0xbdbdf21cL, 0xcabac28aL, 0x53b39330L, 0x24b4a3a6L, 0xbad03605L, X 0xcdd70693L, 0x54de5729L, 0x23d967bfL, 0xb3667a2eL, 0xc4614ab8L, X 0x5d681b02L, 0x2a6f2b94L, 0xb40bbe37L, 0xc30c8ea1L, 0x5a05df1bL, X 0x2d02ef8dL X }; X X/* ------------------------------------------------------------- */ X Xstatic long crc32val; X Xstatic void XUpdateCRC(s, len) Xregister unsigned char *s; Xregister int len; X /* update running CRC calculation with contents of a buffer */ X{ X int i; X for (i = 0; i < len; i ++) { X crc32val = crc_32_tab[(int) ((crc32val) ^ (s[i])) & 0xff] ^ X (((crc32val) >> 8) & 0x00FFFFFFL); X } X} X X#define MAXCRC 0xFFFFFFFFL /* 32-bit CRC */ X Xint Xsig_crc32_get (fd_in, ps_signature, siglen) X int fd_in; X char *ps_signature; X int siglen; X{ X unsigned char buffer[BUFSIZE]; X int readin = -1; X char scratch[100]; X X if (lseek(fd_in, 0, SEEK_SET) < 0) { X perror("sig_md5_get: lseek()"); X exit(1); X } X X crc32val = 0xFFFFFFFFL; X while ((readin = read(fd_in, (char *)buffer, (off_t) BUFSIZE)) == BUFSIZE) { X UpdateCRC(buffer, BUFSIZE); X } X if (readin != 0) { X UpdateCRC(buffer, readin); X } X crc32val = -1 - crc32val; X sprintf(ps_signature, "%6s", ltob64((unsigned long)crc32val, scratch)); X X return 0; X} X END_OF_FILE if test 8219 -ne `wc -c <'tripwire-1.0/sigs/crc32/crc32.c'`; then echo shar: \"'tripwire-1.0/sigs/crc32/crc32.c'\" unpacked with wrong size! fi # end of 'tripwire-1.0/sigs/crc32/crc32.c' fi if test -f 'tripwire-1.0/src/ignorevec.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'tripwire-1.0/src/ignorevec.c'\" else echo shar: Extracting \"'tripwire-1.0/src/ignorevec.c'\" \(3545 characters\) sed "s/^X//" >'tripwire-1.0/src/ignorevec.c' <<'END_OF_FILE' X#ifndef lint Xstatic char rcsid[] = "$Id: ignorevec.c,v 1.2 92/11/03 02:43:45 genek Exp $"; X X#endif X X/* X * ignorevec.c X * X * ignore-flag vector handling routines X * X * Gene Kim X * Purdue University X */ X X#include "../include/config.h" X#include X#ifdef STDLIBH X#include X#endif X#ifdef STRINGH X#include X#else X#include X#endif X#include X X#ifdef __STDC__ /* pick up all the structure prototypes */ X#include X#include X#endif X X#include "../include/list.h" X#include "../include/tripwire.h" X X/* X * ignore_vec_to_scalar(char *s) X * X * take an ignore vector, and return an integer composed of OR'ed X * ignore flags. X */ X Xint Xignore_vec_to_scalar (s) X char *s; X{ X register int retval = 0; X X retval = (int) b64tol (s); X XSPDEBUG (10) Xprintf ("ignore_vec_to_scalar (%s) --> %d\n", s, retval); X X return retval; X} X X/* X * ignore_configvec_to_dvec(char *s) X * X * convert a configuration-style ignore vector to the format we use in X * database files. X */ X X#define MASKIT(mask) if (ignorethis) {ignoremask |= (mask);} \ X else {ignoremask = ignoremask & (~mask);} X Xvoid Xignore_configvec_to_dvec (s) X char *s; X{ X char dvec[128]; X int ignoremask = 0, ignorethis = 0; X char *pc; X unsigned long l; X X /* X * where ignore-flags are in the format: X * X * [ [N|R|L] [ [-|+][p|i|n|u|g|s|a|m|c|0|1|2|3|4|5|6|7|8|9] ] ] X * (template) (modifier) X * X * Templates: (default) N : Nothing (+pinusgsamc0123456789) X * R : Read-only (N-a) X * L : Log (N-sam0123456789) X * E : Everything (-pnugsamci0123456789) X */ X X X /* walk through the ignore vector */ X for (pc = s; *pc; pc++) { X X /* look for template */ X switch (*pc) { X case 'E': X ignoremask = IGNORE_P | IGNORE_N | IGNORE_U | IGNORE_G | X IGNORE_S | IGNORE_A | IGNORE_M | IGNORE_C | X IGNORE_I | IGNORE_0_9; X break; X case 'L': X ignoremask = IGNORE_S | IGNORE_A | IGNORE_M | IGNORE_0_9; X break; X case 'N': X ignoremask = 0; X break; X case 'R': X ignoremask = IGNORE_A | X IGNORE_3 | IGNORE_4 | IGNORE_5 | IGNORE_6 | X IGNORE_7 | IGNORE_8 | IGNORE_9; X break; X default: X goto NEXTPLACE; X } X } XNEXTPLACE: X for (; *pc; pc++) { X switch (*pc) { X case '+': ignorethis = 0; break; X case '-': ignorethis = 1; break; X case 'p': MASKIT (IGNORE_P); break; X case 'i': MASKIT (IGNORE_I); break; X case 'n': MASKIT (IGNORE_N); break; X case 'u': MASKIT (IGNORE_U); break; X case 'g': MASKIT (IGNORE_G); break; X case 's': MASKIT (IGNORE_S); break; X case 'a': MASKIT (IGNORE_A); break; X case 'm': MASKIT (IGNORE_M); break; X case 'c': MASKIT (IGNORE_C); break; X case '0': MASKIT (IGNORE_0); break; X case '1': MASKIT (IGNORE_1); break; X case '2': MASKIT (IGNORE_2); break; X case '3': MASKIT (IGNORE_3); break; X case '4': MASKIT (IGNORE_4); break; X case '5': MASKIT (IGNORE_5); break; X case '6': MASKIT (IGNORE_6); break; X case '7': MASKIT (IGNORE_7); break; X case '8': MASKIT (IGNORE_8); break; X case '9': MASKIT (IGNORE_9); break; X default: X fprintf (stderr, X "%s: configuration parse error: illegal flag ('%c' in '%s')\n", X progname, *pc, s); X exit (1); X } X X } X X /* now turn it into a string that we can interpolate */ X X l = ignoremask; X (void) ltob64 (l, dvec); X XSPDEBUG (10) Xprintf ("ignore_configvec_to_dvec: (%s) --> (%s)\n", s, dvec); X X (void) strcpy (s, dvec); X X return; X} END_OF_FILE if test 3545 -ne `wc -c <'tripwire-1.0/src/ignorevec.c'`; then echo shar: \"'tripwire-1.0/src/ignorevec.c'\" unpacked with wrong size! fi # end of 'tripwire-1.0/src/ignorevec.c' fi if test -f 'tripwire-1.0/sigs/md5/Makefile' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'tripwire-1.0/sigs/md5/Makefile'\" else echo shar: Extracting \"'tripwire-1.0/sigs/md5/Makefile'\" \(305 characters\) sed "s/^X//" >'tripwire-1.0/sigs/md5/Makefile' <<'END_OF_FILE' X# $Id: Makefile,v 1.1.1.2 92/11/02 18:21:58 genek Exp $ X# X# Makefile for md5 wrapper X# X# Gene Kim X# Purdue University X# October 18, 1992 X# X Xall: md5.o md5wrapper.o X X.c.o: X $(CC) $(CFLAGS) -c $< X Xclean: X -rm -rf md5.o md5wrapper.o X Xmd5.o: ../../include/byteorder.h Xmd5wrapper.o: ../../include/byteorder.h END_OF_FILE if test 305 -ne `wc -c <'tripwire-1.0/sigs/md5/Makefile'`; then echo shar: \"'tripwire-1.0/sigs/md5/Makefile'\" unpacked with wrong size! fi # end of 'tripwire-1.0/sigs/md5/Makefile' fi echo shar: End of archive 5 \(of 8\). cp /dev/null ark5isdone MISSING="" for I in 1 2 3 4 5 6 7 8 ; do if test ! -f ark${I}isdone ; then MISSING="${MISSING} ${I}" fi done if test "${MISSING}" = "" ; then echo You have unpacked all 8 archives. echo "Now read the README file" rm -f ark[1-9]isdone else echo You still need to unpack the following archives: echo " " ${MISSING} fi ## End of shell archive. exit 0