Date: Sun, 8 May 2005 18:49:44 GMT From: "Christian S.J. Peron" <csjp@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 76699 for review Message-ID: <200505081849.j48Ini1u089827@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=76699 Change 76699 by csjp@csjp_xor on 2005/05/08 18:49:44 -create the MAC_CHKEXEC kernel option so that people can compile this straight into their kernel. -create MD5_HASH_SIZE and SHA1_HASH_SIZE constants. This makes the code a bit more cleaner by adding context. -plug these new constants into the code where applicable Affected files ... .. //depot/projects/trustedbsd/mac/sys/conf/files#116 edit .. //depot/projects/trustedbsd/mac/sys/conf/options#73 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_chkexec/mac_chkexec.c#6 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_chkexec/mac_chkexec.h#3 edit .. //depot/projects/trustedbsd/mac/usr.sbin/getfhash/getfhash.c#3 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/conf/files#116 (text+ko) ==== @@ -308,6 +308,7 @@ crypto/sha1.c optional netgraph_mppc_encryption crypto/sha1.c optional crypto crypto/sha1.c optional ipsec +crypto/sha1.c optional mac_chkexec crypto/sha2/sha2.c optional crypto crypto/sha2/sha2.c optional geom_bde crypto/sha2/sha2.c optional ipsec @@ -1743,6 +1744,7 @@ security/mac/mac_vfs.c optional mac security/mac_biba/mac_biba.c optional mac_biba security/mac_bsdextended/mac_bsdextended.c optional mac_bsdextended +security/mac_chkexec/mac_chkexec.c optional mac_chkexec security/mac_ifoff/mac_ifoff.c optional mac_ifoff security/mac_lomac/mac_lomac.c optional mac_lomac security/mac_mls/mac_mls.c optional mac_mls ==== //depot/projects/trustedbsd/mac/sys/conf/options#73 (text+ko) ==== @@ -97,6 +97,7 @@ MAC_ALWAYS_LABEL_MBUF opt_mac.h MAC_BIBA opt_dontuse.h MAC_BSDEXTENDED opt_dontuse.h +MAC_CHKEXEC opt_dontuse.h MAC_DEBUG opt_mac.h MAC_IFOFF opt_dontuse.h MAC_LOMAC opt_dontuse.h ==== //depot/projects/trustedbsd/mac/sys/security/mac_chkexec/mac_chkexec.c#6 (text+ko) ==== @@ -127,8 +127,8 @@ hashalgo, sizeof(hashalgo), "Current trusted exec algorithm"); static struct hash_algo ha_table[] = { - { mac_chkexec_calc_vnode_sha1, 20, MAC_VCSUM_SHA1, "sha1" }, - { mac_chkexec_calc_vnode_md5, 16, MAC_VCSUM_MD5, "md5" }, + { mac_chkexec_calc_vnode_sha1, SHA1_HASH_SIZE, MAC_VCSUM_SHA1, "sha1" }, + { mac_chkexec_calc_vnode_md5, MD5_HASH_SIZE, MAC_VCSUM_MD5, "md5" }, { NULL, 0, 0, NULL }, }; ==== //depot/projects/trustedbsd/mac/sys/security/mac_chkexec/mac_chkexec.h#3 (text+ko) ==== @@ -31,7 +31,9 @@ #define MAC_CHKEXEC_ATTRN EXTATTR_NAMESPACE_SYSTEM #define MAC_CHKEXEC "chkexec" #define MAC_CHKEXEC_DEP "chkexec_depend" -#define MAXCSUMSIZE 32 +#define SHA1_HASH_SIZE 20 +#define MD5_HASH_SIZE 16 +#define MAXCSUMSIZE 32 #ifdef _KERNEL struct vcache { ==== //depot/projects/trustedbsd/mac/usr.sbin/getfhash/getfhash.c#3 (text+ko) ==== @@ -125,11 +125,11 @@ return; } if (sum.vs_flags == MAC_VCSUM_SHA1) { - nbytes = 20; + nbytes = SHA1_HASH_SIZE; algo = "sha1"; } else if (sum.vs_flags == MAC_VCSUM_MD5) { - nbytes = 16; + nbytes = MD5_HASH_SIZE; algo = "md5"; } else { warnx("%s: invalid checksum algorithm",
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200505081849.j48Ini1u089827>