#!/usr/bin/perl ############################################################################# ############################################################################# # # # File: sign # # # # Usage: sign [-c] file.sig [base directory] # # # # Description: # # Used to MD5 sign files # # # # Options: # # -c Creates signature file # # # ############################################################################# # # # (C) 2001 Stefano Selleri # # # # Vers. 0.0.0 # # # ############################################################################# $CRCFunc = "/usr/bin/md5sum"; ############################################################################# # &Help; # # This routine explains brief usage syntax to STDOUT. The program is then # # terminated. # ############################################################################# # sub Help { print "Usage:\tsign [-c] file.sig [directory]\n"; print "\tUsed to sign and verify file signatures.\n\n"; print "\tOptions:\n"; print "\t-c\tCreates signature file.\n"; print "\n\nP.S., have you extracted the POD?\n\n"; exit; } ############################################################################# # &getdir (root, recursiveFlag); # # Routine to gather filenames within a directory, with an optional recursive# # flag. # ############################################################################# # sub getdir { local($rootdir)=@_; print "scanning -> $rootdir\n"; opendir(DIR, $rootdir) || die "No can do...\n"; foreach (sort readdir(DIR)) { next if (/^\.\.?$/); $filename = $_; $filename = "$rootdir/$filename"; # root directory gets a double slash prepended so we clean it up. $filename =~ s/\/\//\//; if (!-d $filename) { # User wants to use the systems better CRC/hash functions. if ( !open(IN,"$CRCFunc '$filename' |") ) { printf("Unable to read $CRCFunc or $filename for CRC generation.\n"); exit; } # Get the return value of the CRC/hash function in $filecrc $filecrc = ; chomp($filecrc); close(IN); ($filecrc)=split(" ", $filecrc); $SIGS{$filename}=$filecrc; } if ((-d "$filename" && !-l "$filename")) { &getdir("$filename"); } } close(DIR); } ############################################################################# # Main routine begins. # ############################################################################# # if(@ARGV<1) { &Help; } # Help the user with the syntax if ($ARGV[0] eq "-c") {$create=1;shift @ARGV;} $sigfile = $ARGV[0] || die "No sig file\n"; shift @ARGV; if (-f $sigfile && $create) { die "$sigfile exists\n"; } if ((! -f $sigfile) && (! $create)) { die "$sigfile do not exist"; } $root = $ARGV[0]; if (! defined $root) {$root = "/"} &getdir($root); if ($create) { open (FH,">$sigfile"); foreach $a (keys(%SIGS)) { print FH "$a $SIGS{$a}\n"; } close (FH); } else { open (FH,"<$sigfile"); while () { chomp(); ($file,$sig)=split(" "); if ($SIGS{$file} ne $sig) { print "WARNING: file $file does NOT match\n"; } delete $SIGS{$file}; } close (FH); foreach $a (keys(%SIGS)) { print "Found NEW file $a not in $sigfile\n"; } } __END__ =head1 NAME sign.pl - recursively generates, stores and checkes MD5 signatures =head1 SUPPORTED PLATFORMS Any with perl B md5sum or any other signature generator =head1 SYNOPSIS sign.pl -c file.sig directory Recursively scans C generating an MD5 signature of each file found herein. Everithing is stored in a file named C. sign.pl file.sig directory Recursively scans C generating an MD5 signature of each file found herein. Result is checked against C. Warnings are issued if signature does not match, if a filed not in C is present or if a file in C has disappeared. sign.pl -h A little help =head1 USAGE Wat's this for? Well, have you ever heard of hackers? they sometimes break in, change some executables and do what they please... BUT If you generate C of the sensitive directories, that is C C etc. etc. and store the files on a floppy somewhere else then you can check, at regular intervals, if something evil has happened. =head1 REVISION HISTORY Hey! this is version 0.0.0! Do you B think that there is an history at all? =head1 CREDITS B has been developed by I I I I I<50134 Firenze Italy.> The author can be contacted at I and the latest version of the B code should be located at I =head1 License B and related files (C) 2001 Stefano Selleri This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA