Adds sha256 support. While it is a good idea to also add sha384 and

sha512, I did not do that since it is not entirely clear where "the one
true place" to hold their implementations is going to be.  Sha256 is
different since mtree already links against libmd.

Make recommended procedure for integrity checking in the manpage
consistent.

Fix a bug with -f spec1 -f spec2 comparison, which prevented
test/tes03.sh from running successfully.

Reviewed by:	phk, cperciva

9 files changed, 67 insertions, 9 deletions

diff --git a/usr.sbin/mtree/Makefile b/usr.sbin/mtree/Makefile
index 6376ea3..2977c47 100644
--- a/usr.sbin/mtree/Makefile
+++ b/usr.sbin/mtree/Makefile
@@ -10,7 +10,7 @@ SRCS+=	specspec.c
 
 WARNS?=	4
 
-CFLAGS+= -DMD5 -DSHA1 -DRMD160
+CFLAGS+= -DMD5 -DSHA1 -DRMD160 -DSHA256
 DPADD=	${LIBMD}
 LDADD=	-lmd
 
diff --git a/usr.sbin/mtree/compare.c b/usr.sbin/mtree/compare.c
index bf4353c..44556d6 100644
--- a/usr.sbin/mtree/compare.c
+++ b/usr.sbin/mtree/compare.c
@@ -52,6 +52,9 @@ __FBSDID("$FreeBSD$");
 #ifdef SHA1
 #include <sha.h>
 #endif
+#ifdef SHA256
+#include <sha256.h>
+#endif
 #include <stdint.h>
 #include <stdio.h>
 #include <time.h>
@@ -294,6 +297,24 @@ typeerr:		LABEL;
 		}
 	}
 #endif /* RMD160 */
+#ifdef SHA256
+	if (s->flags & F_SHA256) {
+		char *new_digest, buf[65];
+
+		new_digest = SHA256_File(p->fts_accpath, buf);
+		if (!new_digest) {
+			LABEL;
+			printf("%sSHA-256: %s: %s\n", tab, p->fts_accpath,
+			       strerror(errno));
+			tab = "\t";
+		} else if (strcmp(new_digest, s->sha256digest)) {
+			LABEL;
+			printf("%sSHA-256 expected %s found %s\n",
+			       tab, s->sha256digest, new_digest);
+			tab = "\t";
+		}
+	}
+#endif /* SHA256 */
 
 	if (s->flags & F_SLINK &&
 	    strcmp(cp = rlink(p->fts_accpath), s->slink)) {
diff --git a/usr.sbin/mtree/create.c b/usr.sbin/mtree/create.c
index fa902e4..f1b0313 100644
--- a/usr.sbin/mtree/create.c
+++ b/usr.sbin/mtree/create.c
@@ -52,6 +52,9 @@ __FBSDID("$FreeBSD$");
 #ifdef RMD160
 #include <ripemd.h>
 #endif
+#ifdef SHA256
+#include <sha256.h>
+#endif
 #include <pwd.h>
 #include <stdint.h>
 #include <stdio.h>
@@ -249,6 +252,16 @@ statf(int indent, FTSENT *p)
 		output(indent, &offset, "ripemd160digest=%s", digest);
 	}
 #endif /* RMD160 */
+#ifdef SHA256
+	if (keys & F_SHA256 && S_ISREG(p->fts_statp->st_mode)) {
+		char *digest, buf[65];
+
+		digest = SHA256_File(p->fts_accpath, buf);
+		if (!digest)
+			err(1, "%s", p->fts_accpath);
+		output(indent, &offset, "sha256digest=%s", digest);
+	}
+#endif /* SHA256 */
 	if (keys & F_SLINK &&
 	    (p->fts_info == FTS_SL || p->fts_info == FTS_SLNONE))
 		output(indent, &offset, "link=%s", rlink(p->fts_accpath));
diff --git a/usr.sbin/mtree/misc.c b/usr.sbin/mtree/misc.c
index cc211f0..8f5344e 100644
--- a/usr.sbin/mtree/misc.c
+++ b/usr.sbin/mtree/misc.c
@@ -72,6 +72,9 @@ static KEY keylist[] = {
 #ifdef SHA1
 	{"sha1digest",	F_SHA1,		NEEDVALUE},
 #endif
+#ifdef SHA256
+	{"sha256digest",	F_SHA256,		NEEDVALUE},
+#endif
 	{"size",	F_SIZE,		NEEDVALUE},
 	{"time",	F_TIME,		NEEDVALUE},
 	{"type",	F_TYPE,		NEEDVALUE},
diff --git a/usr.sbin/mtree/mtree.8 b/usr.sbin/mtree/mtree.8
index 971474a..0dad86d 100644
--- a/usr.sbin/mtree/mtree.8
+++ b/usr.sbin/mtree/mtree.8
@@ -204,6 +204,12 @@ The
 160-1
 .Pq Dq Tn SHA-1
 message digest of the file.
+.It Cm sha256digest
+The
+.Tn FIPS
+180-2
+.Pq Dq Tn SHA-256
+message digest of the file.
 .It Cm ripemd160digest
 The
 .Tn RIPEMD160
@@ -317,21 +323,21 @@ To detect system binaries that have been ``trojan horsed'', it is recommended
 that
 .Nm
 .Fl K
-.Cm sha1digest
+.Cm sha256digest
 be run on the file systems, and a copy of the results stored on a different
 machine, or, at least, in encrypted form.
 The output file itself should be digested using the
-.Xr md5 1
+.Xr sha256 1
 utility.
 Then, periodically,
 .Nm
 and
-.Xr md5 1
+.Xr sha256 1
 should be run against the on-line specifications.
 While it is possible for the bad guys to change the on-line specifications
 to conform to their modified binaries, it is believed to be
 impractical for them to create a modified specification which has
-the same MD5 digest as the original.
+the same SHA-256 digest as the original.
 .Pp
 The
 .Fl d
@@ -372,6 +378,10 @@ digests were added in
 .Fx 4.0 ,
 as new attacks have demonstrated weaknesses in
 .Tn MD5 .
+The
+.Tn SHA-256
+digest was added in
+.Fx 6.0 .
 Support for file flags was added in
 .Fx 4.0 ,
 and mostly comes from
diff --git a/usr.sbin/mtree/mtree.h b/usr.sbin/mtree/mtree.h
index 7d899c6..b0d5415 100644
--- a/usr.sbin/mtree/mtree.h
+++ b/usr.sbin/mtree/mtree.h
@@ -46,6 +46,7 @@ typedef struct _node {
 	u_long	cksum;				/* check sum */
 	char	*md5digest;			/* MD5 digest */
 	char	*sha1digest;			/* SHA-1 digest */
+	char	*sha256digest;			/* SHA-256 digest */
 	char	*rmd160digest;			/* RIPEMD160 digest */
 	char	*slink;				/* symbolic link reference */
 	uid_t	st_uid;				/* uid */
@@ -76,6 +77,7 @@ typedef struct _node {
 #define	F_SHA1	0x20000				/* SHA-1 digest */
 #define	F_RMD160 0x40000			/* RIPEMD160 digest */
 #define	F_FLAGS	0x80000				/* file flags */
+#define	F_SHA256	0x100000				/* SHA-256 digest */
 	u_int	flags;				/* items set */
 
 #define	F_BLOCK	0x001				/* block special */
diff --git a/usr.sbin/mtree/spec.c b/usr.sbin/mtree/spec.c
index 0407f78..ed94316 100644
--- a/usr.sbin/mtree/spec.c
+++ b/usr.sbin/mtree/spec.c
@@ -194,6 +194,11 @@ set(char *t, NODE *ip)
 			if(!ip->sha1digest)
 				errx(1, "strdup");
 			break;
+		case F_SHA256:
+			ip->sha256digest = strdup(val);
+			if(!ip->sha256digest)
+				errx(1, "strdup");
+			break;
 		case F_RMD160:
 			ip->rmd160digest = strdup(val);
 			if(!ip->rmd160digest)
diff --git a/usr.sbin/mtree/specspec.c b/usr.sbin/mtree/specspec.c
index 59dd937b..f85882e 100644
--- a/usr.sbin/mtree/specspec.c
+++ b/usr.sbin/mtree/specspec.c
@@ -82,6 +82,8 @@ shownode(NODE *n, int f, char const *path)
 		printf(" sha1digest=%s", n->sha1digest);
 	if (f & F_RMD160)
 		printf(" rmd160digest=%s", n->rmd160digest);
+	if (f & F_SHA256)
+		printf(" sha256digest=%s", n->sha256digest);
 	if (f & F_FLAGS)
 		printf(" flags=%s", flags_to_string(n->st_flags));
 	printf("\n");
@@ -160,6 +162,8 @@ compare_nodes(NODE *n1, NODE *n2, char const *path)
 		differs |= F_SHA1;
 	if (FS(n1, n2, F_RMD160, rmd160digest))
 		differs |= F_RMD160;
+	if (FS(n1, n2, F_SHA256, sha256digest))
+		differs |= F_SHA256;
 	if (FF(n1, n2, F_FLAGS, st_flags))
 		differs |= F_FLAGS;
 	if (differs) {
@@ -213,19 +217,19 @@ walk_in_the_forest(NODE *t1, NODE *t2, char const *path)
 			asprintf(&np, "%s%s/", path, c2->name);
 			i = walk_in_the_forest(c1, c2, np);
 			free(np);
-			i = compare_nodes(c1, c2, path);
+			i += compare_nodes(c1, c2, path);
 		} else if (c2 == NULL && c1->type == F_DIR) {
 			asprintf(&np, "%s%s/", path, c1->name);
 			i = walk_in_the_forest(c1, c2, np);
 			free(np);
-			i = compare_nodes(c1, c2, path);
+			i += compare_nodes(c1, c2, path);
 		} else if (c1 == NULL || c2 == NULL) {
 			i = compare_nodes(c1, c2, path);
 		} else if (c1->type == F_DIR && c2->type == F_DIR) {
 			asprintf(&np, "%s%s/", path, c1->name);
 			i = walk_in_the_forest(c1, c2, np);
 			free(np);
-			i = compare_nodes(c1, c2, path);
+			i += compare_nodes(c1, c2, path);
 		} else {
 			i = compare_nodes(c1, c2, path);
 		}
diff --git a/usr.sbin/mtree/test/test03.sh b/usr.sbin/mtree/test/test03.sh
index e320c4f..bb3a5b5 100644
--- a/usr.sbin/mtree/test/test03.sh
+++ b/usr.sbin/mtree/test/test03.sh
@@ -15,7 +15,7 @@ TMP=/tmp/mtree.$$
 rm -rf ${TMP}
 mkdir -p ${TMP}
 
-K=uid,uname,gid,gname,flags,md5digest,size,ripemd160digest,sha1digest,cksum
+K=uid,uname,gid,gname,flags,md5digest,size,ripemd160digest,sha1digest,sha256digest,cksum
 
 rm -rf _FOO
 mkdir _FOO