diff options
Diffstat (limited to '')
-rw-r--r-- | Makefile.in | 31 | ||||
-rwxr-xr-x | configure | 2 | ||||
-rw-r--r-- | configure.ac | 2 | ||||
-rw-r--r-- | samhain-install.sh.in | 2 | ||||
-rw-r--r-- | src/dnmalloc.c | 1 | ||||
-rw-r--r-- | src/sh_tiger0.c | 2 | ||||
-rw-r--r-- | stamp-dep | 1 | ||||
-rw-r--r-- | stamp-h | 1 | ||||
-rw-r--r-- | yulerc | 338 |
9 files changed, 22 insertions, 358 deletions
diff --git a/Makefile.in b/Makefile.in index 409b003..684e92b 100644 --- a/Makefile.in +++ b/Makefile.in @@ -54,7 +54,7 @@ selectconfig = @selectconfig@ top_builddir = . INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL@ -m 700 +INSTALL_PROGRAM = @INSTALL@ -s -m 700 INSTALL_SHELL = @INSTALL@ -m 700 INSTALL_DATA = @INSTALL@ -m 600 INSTALL_MAN = @INSTALL@ -m 644 @@ -229,7 +229,7 @@ PROGRAMS = $(SETPWD) $(STEGIN) $(SAMHAIN) $(YULECTL) $(SADMIN) # #---------------------------------------------------------- -all: $(top_srcdir)/depend.sum $(SETPWD) $(STEGIN) $(SAMHAIN) $(YULECTL) +all: $(top_srcdir)/depend.sum $(SETPWD) $(STEGIN) $(SAMHAIN) $(YULECTL) sstrip #---------------------------------------------------------- @@ -512,7 +512,7 @@ uninstall-boot: samhain-install.sh # -install-program: $(PROGRAMS) +install-program: $(PROGRAMS) sstrip @$(mkinstalldirs) $(DESTDIR)$(sbindir) @if test x$(mytmpdir) != x; then \ $(mkinstalldirs) $(DESTDIR)$(mytmpdir); \ @@ -525,6 +525,8 @@ install-program: $(PROGRAMS) echo " $(INSTALL_PROGRAM) $$p $$target"; \ $(INSTALL_PROGRAM) $$p $$target; \ chmod 0700 $$target; \ + echo " ./sstrip $$target"; \ + ./sstrip $$target; \ else \ echo " $(INSTALL_SHELL) $$p $$target"; \ $(INSTALL_SHELL) $$p $$target; \ @@ -1254,26 +1256,29 @@ exepack_fill: $(srcsrc)/exepack_fill.c minilzo.o exepack echo "$(LINK) exepack_fill.o minilzo.o"; \ $(LINK) exepack_fill.o minilzo.o -samhain.pk: $(SAMHAIN) exepack exepack_fill +samhain.pk: $(SAMHAIN) exepack exepack_fill sstrip @echo "cp ./$(SAMHAIN) ./samhain.pk.data"; \ - cp ./$(SAMHAIN) ./samhain.pk.data + cp ./$(SAMHAIN) ./samhain.pk.data; \ echo "strip ./samhain.pk.data"; \ - strip ./samhain.pk.data > /dev/null 2>&1 || echo "... is already stripped" - test -f exepack.out && rm exepack.out + strip ./samhain.pk.data > /dev/null 2>&1 || echo "... is already stripped"; \ + echo "./sstrip ./samhain.pk.data"; \ + ./sstrip ./samhain.pk.data > /dev/null 2>&1 || echo "sstrip returned false"; \ + test -f exepack.out && rm exepack.out; \ echo "./exepack_fill exepack samhain.pk.data exepack.out"; \ - ./exepack_fill exepack samhain.pk.data exepack.out - chmod +x exepack.out + ./exepack_fill exepack samhain.pk.data exepack.out; \ + chmod +x exepack.out; \ echo "strip exepack.out"; \ - strip exepack.out > /dev/null 2>&1 || echo "... is already stripped" + strip exepack.out > /dev/null 2>&1 || echo "... is already stripped"; \ + ./sstrip exepack.out > /dev/null 2>&1 || echo "sstrip returned false"; \ echo "mv exepack.out samhain.pk"; \ rm -f samhain.pk; mv exepack.out samhain.pk samhain-packed: $(SAMHAIN) samhain_setpwd @echo "samhain_setpwd samhain new $(CLIENTPASSWD)"; \ - samhain_setpwd samhain new $(CLIENTPASSWD) + samhain_setpwd samhain new $(CLIENTPASSWD); \ echo "rm -f samhain; mv samhain.new samhain"; \ - rm -f samhain; mv samhain.new samhain - $(MAKE) samhain.pk + rm -f samhain; mv samhain.new samhain; \ + $(MAKE) samhain.pk; \ echo "rm -f samhain; mv samhain.pk samhain"; \ rm -f samhain; mv samhain.pk samhain @@ -4330,7 +4330,7 @@ enable_asm_ok=yes case "$host_os" in - *linux*|*-kfreebsd*-gnu|*-gnu*) + *linux*) sh_use_lcaps="yes" $as_echo "#define HOST_IS_LINUX 1" >>confdefs.h diff --git a/configure.ac b/configure.ac index 7dd90e8..1b3e2ac 100644 --- a/configure.ac +++ b/configure.ac @@ -56,7 +56,7 @@ enable_asm_ok=yes case "$host_os" in - *linux*|*-kfreebsd*-gnu|*-gnu*) + *linux*) sh_use_lcaps="yes" AC_DEFINE(HOST_IS_LINUX) AC_DEFINE(HAVE_EXT2_IOCTLS) diff --git a/samhain-install.sh.in b/samhain-install.sh.in index 849a1fd..195dfe1 100644 --- a/samhain-install.sh.in +++ b/samhain-install.sh.in @@ -879,7 +879,7 @@ then rc_uinst="rm -f ${DESTDIR}/etc/init.d/@install_name@; rm -f ${DESTDIR}/etc/rc0.d/K10@install_name@; rm -f ${DESTDIR}/etc/rc1.d/K10@install_name@; rm -f ${DESTDIR}/etc/rc3.d/S99@install_name@" ;; - Linux/* | GNU/kFreeBSD/* | GNU/* ) + Linux/* | GNU/kFreeBSD* | GNU/* ) rlv="2 3 4 5" linkopt="-f -s" # find rc directories diff --git a/src/dnmalloc.c b/src/dnmalloc.c index 3a85797..4ab3b9a 100644 --- a/src/dnmalloc.c +++ b/src/dnmalloc.c @@ -216,7 +216,6 @@ kernel versions newer than 1.3.77. */ -#define _GNU_SOURCE 1 #ifndef HAVE_MREMAP #ifdef linux #define HAVE_MREMAP 1 diff --git a/src/sh_tiger0.c b/src/sh_tiger0.c index 6e590d2..aea8158 100644 --- a/src/sh_tiger0.c +++ b/src/sh_tiger0.c @@ -110,7 +110,7 @@ void tiger_dbg(sh_word32 res[6], int step, * implementation */ -/* static sh_byte buffer[PRIV_MAX + 72] __attribute__((aligned(4))); */ +/* static sh_byte buffer[PRIV_MAX + 72]; */ #if defined(TIGER_64_BIT) static diff --git a/stamp-dep b/stamp-dep deleted file mode 100644 index ee5af9b..0000000 --- a/stamp-dep +++ /dev/null @@ -1 +0,0 @@ -./src diff --git a/stamp-h b/stamp-h deleted file mode 100644 index 9788f70..0000000 --- a/stamp-h +++ /dev/null @@ -1 +0,0 @@ -timestamp @@ -1,338 +0,0 @@ -##################################################################### -# -# Configuration file template for yule. -# -##################################################################### -# -# NOTE: This is a log server-only configuration file TEMPLATE. -# -# NOTE: The log server ('yule') will look for THAT configuration file -# that has been defined at compile time with the configure option -# ./configure --with-config-file=FILE -# The default is "/usr/local/etc/.samhainrc" (NOT "yulerc"). -# -##################################################################### -# -# -- empty lines and lines starting with '#', ';' or '//' are ignored -# -- you can PGP clearsign this file -- samhain will check (if compiled -# with support) or otherwise ignore the signature -# -- CHECK mail address -# -# To each log facility, you can assign a threshold severity. Only -# reports with at least the threshold severity will be logged -# to the respective facility (even further below). -# -##################################################################### - - -[Log] -## -## Switch on/OFF log facilities and set their threshold severity -## -## Values: debug, info, notice, warn, mark, err, crit, alert, none. -## 'mark' is used for timestamps. -## -## -## Use 'none' to SWITCH OFF a log facility -## -## By default, everything equal to and above the threshold is logged. -## The specifiers '*', '!', and '=' are interpreted as -## 'all', 'all but', and 'only', respectively (like syslogd(8) does, -## at least on Linux). Examples: -## MailSeverity=* -## MailSeverity=!warn -## MailSeverity==crit - -## E-mail -## -# MailSeverity=none -MailSeverity=crit - -## Console -## -# PrintSeverity=info - -## Logfile -## -# LogSeverity=none - -## Syslog -## -# SyslogSeverity=none - -## External script or program -## -# ExternalSeverity = none - -## Logging to a database -## -# DatabaseSeverity = none - - -# [Database] -## -## --- Logging to a relational database -## - -## Database name -# -# SetDBName = samhain - -## Database table -# -# SetDBTable = log - -## Database user -# -# SetDBUser = samhain - -## Database password -# -# SetDBPassword = (default: none) - -## Database host -# -# SetDBHost = localhost - -## Log the server timestamp for received messages -# -SetDBServerTstamp = True - -## Use a persistent connection -# -UsePersistent = True - - - -# [External] -## -## Interface to call external scripts/programs for logging -## - -## The absolute path to the command -## - Each invocation of this directive will end the definition of the -## preceding command, and start the definition of -## an additional, new command -# -# OpenCommand = (no default) - -## Type (log or rv) -## - log for log messages, srv for messages received by the server -# -# SetType = log - -## The command (full command line) to execute -# -# SetCommandLine = (no default) - -## The environment (KEY=value; repeat for more) -# -# SetEnviron = TZ=(your timezone) - -## The TIGER192 checksum (optional) -# -# SetChecksum = (no default) - -## User who runs the command -# -# SetCredentials = (default: samhain process uid) - -## Words not allowed in message -# -# SetFilterNot = (none) - -## Words required (ALL of them) -# -# SetFilterAnd = (none) - -## Words required (at least one) -# -# SetFilterOr = (none) - -## Deadtime between consecutive calls -# -# SetDeadtime = 0 - -## Add default environment (HOME, PATH, SHELL) -# -# SetDefault = no - - -##################################################### -# -# Miscellaneous configuration options -# -##################################################### - -[Misc] - -## whether to become a daemon process -## (this is not honoured on database initialisation) -# -# Daemon = no -Daemon = yes - - - -[Misc] -# whether to become a daemon process -Daemon=yes - -## Interval between time stamp messages -# -# SetLoopTime = 60 -SetLoopTime = 600 - -## The maximum time between client messages (seconds) -## This allows the server to flag clients that have exceeded -## the timeout limits; i.e. might have died for some reason. -# -# SetClientTimeLimit = 86400 - -## Use client address as known to the communication layer (might be -## incorrect if the client is behind NAT). The default is to use -## the client name as claimed by the client, and verify it against -## the former (might be incorrect if the client has several -## interfaces, and its hostname resolves to the wrong interface). -# -# SetClientFromAccept = False - -## If SetClientFromAccept is False (default), severity of a -## failure to resolve the hostname claimed by the client -## to the IP address of the socket peer. -# -# SeverityLookup = crit - -## The console device (can also be a file or named pipe) -## - There are two console devices. Accordingly, you can use -## this directive a second time to set the second console device. -## If you have not defined the second device at compile time, -## and you don't want to use it, then: -## setting it to /dev/null is less effective than just leaving -## it alone (setting to /dev/null will waste time by opening -## /dev/null and writing to it) -# -# SetConsole = /dev/console - -## Use separate logfiles for individual clients -# -# UseSeparateLogs = False - -## Enable listening on port 514/udp for logging of remote syslog -## messages (if optionally compiled with support for this) -# -# SetUDPActive = False - - -## Activate the SysV IPC message queue -# -# MessageQueueActive = False - - -## If false, skip reverse lookup when connecting to a host known -## by name rather than IP address (i.e. trust the DNS) -# -# SetReverseLookup = True - -## If true, open a Unix domain socket to listen for commands that should -## be passed to clients upon next connection. Only works on systems -## that support passing of peer credentials (for authentication) via sockets. -## Use yulectl to access the socket. -# -# SetUseSocket = False - -## The UID of the user that is allowed to pass commands to the server -## via the Unix domain socket. -# -# SetSocketAllowUid = 0 - -## --- E-Mail --- - -# Only highest-level (alert) reports will be mailed immediately, -# others will be queued. Here you can define, when the queue will -# be flushed (Note: the queue is automatically flushed after -# completing a file check). -# -# SetMailTime = 86400 - -## Maximum number of mails to queue -# -# SetMailNum = 10 - -## Recipient (max. 8) -# -# SetMailAddress=root@localhost - -## Mail relay (IP address) -# -# SetMailRelay = NULL - -## Custom subject format -# -# MailSubject = NULL - -## --- end E-Mail --- - -# The binary. Setting the path will allow -# samhain to check for modifications between -# startup and exit. -# -# SamhainPath=/usr/local/bin/yule - -## The IP address of the time server -# -# SetTimeServer = (default: compiled-in) - -## Trusted Users (comma delimited list of user names) -# -# TrustedUser = (no default; this adds to the compiled-in list) - -## Custom format for message header. -## CAREFUL if you use XML logfile format. -## -## %S severity -## %T timestamp -## %C class -## -## %F source file -## %L source line -# -# MessageHeader="%S %T " - - -## Don't log path to config/database file on startup -# -# HideSetup = False - -## The syslog facility, if you log to syslog -# -# SyslogFacility = LOG_AUTHPRIV - - -## The message authentication method -## - If you change this, you *must* change it -## on client *and* server -# -# MACType = HMAC-TIGER - - -[Clients] -## -## This is a sample registry entry for a client at host 'HOSTNAME'. This entry -## is valid for the default password. -## You are STRONGLY ADVISED to reset te password (see the README) and -## compute your own entries using 'samhain -P <password>' -## -## Usually, HOSTNAME should be a fully qualified hostname, -## no numerical address. -## -- exception: if the client (samhain) cannot determine the -## fully qualified hostname of its host, -## the numerical address may be required. -## You will know if you get a message like: -## 'Invalid connection attempt: Not in -## client list what.ever.it.is' -## -## First entry is for challenge/response, second one for SRP authentication. -# -# Client=HOSTNAME@00000000@C39F0EEFBC64E4A8BBF72349637CC07577F714B420B62882 -# Client=HOSTNAME@8F81BA58956F8F42@8932D08C49CA76BD843C51EDD1D6640510FA032A7A2403E572BBDA2E5C6B753991CF7E091141D20A2499C5CD3E14C1639D17482E14E1548E5246ACF4E7193D524CDDAC9C9D6A9A36C596B4ECC68BEB0C5BB7082224946FC98E3ADE214EA1343E2DA8DF4229D4D8572AD8679228928A787B6E5390D3A713102FFCC9D0B2188C92 |