Index: trunk/include/rijndael-api-fst.h =================================================================== --- trunk/include/rijndael-api-fst.h (revision 67) +++ trunk/include/rijndael-api-fst.h (revision 68) @@ -25,6 +25,10 @@ #define MODE_CBC 2 /* Are we ciphering in CBC mode? */ #define MODE_CFB1 3 /* Are we ciphering in 1-bit CFB mode? */ +#ifndef TRUE #define TRUE 1 +#endif +#ifndef FALSE #define FALSE 0 +#endif #define BITSPERBLOCK 128 /* Default number of bits in a cipher block */ Index: trunk/include/samhain.h =================================================================== --- trunk/include/samhain.h (revision 67) +++ trunk/include/samhain.h (revision 68) @@ -316,4 +316,9 @@ } while (0) +#define SH_VALIDATE_GE(a,b) \ + do { \ + if ((a) < (b)) safe_fatal(#a " < " #b, FIL__, __LINE__);\ + } while (0) + #if defined(HAVE_MLOCK) && !defined(HAVE_BROKEN_MLOCK) #define MLOCK(a, b) \ Index: trunk/include/sh_cat.h =================================================================== --- trunk/include/sh_cat.h (revision 67) +++ trunk/include/sh_cat.h (revision 68) @@ -130,4 +130,16 @@ MSG_UT_ROT, +#endif + +#ifdef SH_USE_PROCESSCHECK + MSG_PCK_CHECK, + MSG_PCK_OK, + MSG_PCK_HIDDEN, + MSG_PCK_FAKE, + MSG_PCK_MISS, +#endif + +#ifdef SH_USE_PORTCHECK + MSG_PORT_REPORT, #endif Index: trunk/include/sh_kern.h =================================================================== --- trunk/include/sh_kern.h (revision 67) +++ trunk/include/sh_kern.h (revision 68) @@ -12,15 +12,13 @@ int sh_kern_null (void); -int sh_kern_set_activate (char * c); -int sh_kern_set_severity (char * c); -int sh_kern_set_timer (char * c); -int sh_kern_set_idt (char * c); - -/* FIXME: document these */ -int sh_kern_set_sct_addr (char * c); -int sh_kern_set_sc_addr (char * c); -int sh_kern_set_proc_root (char * c); -int sh_kern_set_proc_root_lookup (char * c); -int sh_kern_set_proc_root_iops (char * c); +int sh_kern_set_activate (const char * c); +int sh_kern_set_severity (const char * c); +int sh_kern_set_timer (const char * c); +int sh_kern_set_idt (const char * c); +int sh_kern_set_sct_addr (const char * c); +int sh_kern_set_sc_addr (const char * c); +int sh_kern_set_proc_root (const char * c); +int sh_kern_set_proc_root_lookup (const char * c); +int sh_kern_set_proc_root_iops (const char * c); extern sh_rconf sh_kern_table[]; Index: trunk/include/sh_modules.h =================================================================== --- trunk/include/sh_modules.h (revision 67) +++ trunk/include/sh_modules.h (revision 68) @@ -7,5 +7,5 @@ { char * the_opt; - int (*func)(char * opt); + int (*func)(const char * opt); } sh_rconf; Index: trunk/include/sh_suidchk.h =================================================================== --- trunk/include/sh_suidchk.h (revision 67) +++ trunk/include/sh_suidchk.h (revision 68) @@ -12,14 +12,14 @@ int sh_suidchk_free_schedule (void); -int sh_suidchk_set_activate (char * c); -int sh_suidchk_set_severity (char * c); -int sh_suidchk_set_timer (char * c); -int sh_suidchk_set_schedule (char * c); -int sh_suidchk_set_exclude (char * c); -int sh_suidchk_set_fps (char * c); -int sh_suidchk_set_yield (char * c); -int sh_suidchk_set_quarantine (char * c); -int sh_suidchk_set_qmethod (char * c); -int sh_suidchk_set_qdelete (char * c); +int sh_suidchk_set_activate (const char * c); +int sh_suidchk_set_severity (const char * c); +int sh_suidchk_set_timer (const char * c); +int sh_suidchk_set_schedule (const char * c); +int sh_suidchk_set_exclude (const char * c); +int sh_suidchk_set_fps (const char * c); +int sh_suidchk_set_yield (const char * c); +int sh_suidchk_set_quarantine (const char * c); +int sh_suidchk_set_qmethod (const char * c); +int sh_suidchk_set_qdelete (const char * c); Index: trunk/include/sh_unix.h =================================================================== --- trunk/include/sh_unix.h (revision 67) +++ trunk/include/sh_unix.h (revision 68) @@ -139,5 +139,9 @@ char link_c_mode[11]; int linkisok; + char * attr_string; } file_type; + +extern int sh_unix_check_selinux; +extern int sh_unix_check_acl; /* mlock utilities @@ -157,4 +161,13 @@ */ int sh_unix_uselocaltime (const char * c); + +/* whether to perform selinux/acl checks + */ +#ifdef USE_XATTR +int sh_unix_setcheckselinux (const char * c); +#endif +#ifdef USE_ACL +int sh_unix_setcheckacl (const char * c); +#endif /* set I/O limit Index: trunk/include/sh_userfiles.h =================================================================== --- trunk/include/sh_userfiles.h (revision 67) +++ trunk/include/sh_userfiles.h (revision 68) @@ -16,8 +16,8 @@ int sh_userfiles_reconf (void); -int sh_userfiles_set_uid (char * str); -int sh_userfiles_add_file(char *c); -int sh_userfiles_set_interval(char *c); -int sh_userfiles_set_active(char *c); +int sh_userfiles_set_uid (const char * str); +int sh_userfiles_add_file(const char *c); +int sh_userfiles_set_interval(const char *c); +int sh_userfiles_set_active(const char *c); int sh_userfiles_check_internal(); Index: trunk/include/sh_utils.h =================================================================== --- trunk/include/sh_utils.h (revision 67) +++ trunk/include/sh_utils.h (revision 68) @@ -63,4 +63,8 @@ char * sh_util_strsep (char **str, const char *delim); +/* compactify verbose acl text + */ +char * sh_util_acl_compact (char * buf, ssize_t len); + /* set signature type HASH-TIGER/HMAC-TIGER */ @@ -84,4 +88,12 @@ */ int sh_util_hidesetup(const char * c); + +/* valif utf-8 string + */ +int sh_util_valid_utf8 (const unsigned char * str); + +/* filenames are utf8 + */ +int sh_util_obscure_utf8 (const char * c); /* exceptions to obscure name check Index: trunk/include/sh_utmp.h =================================================================== --- trunk/include/sh_utmp.h (revision 67) +++ trunk/include/sh_utmp.h (revision 68) @@ -12,9 +12,9 @@ int sh_utmp_null (void); -int sh_utmp_set_login_activate (char * c); -int sh_utmp_set_login_solo (char * c); -int sh_utmp_set_login_multi (char * c); -int sh_utmp_set_logout_good (char * c); -int sh_utmp_set_login_timer (char * c); +int sh_utmp_set_login_activate (const char * c); +int sh_utmp_set_login_solo (const char * c); +int sh_utmp_set_login_multi (const char * c); +int sh_utmp_set_logout_good (const char * c); +int sh_utmp_set_login_timer (const char * c); extern sh_rconf sh_utmp_table[];