PERFORCE change 148576 for review
Diego Giagio
diego at FreeBSD.org
Wed Aug 27 02:57:06 UTC 2008
http://perforce.freebsd.org/chv.cgi?CH=148576
Change 148576 by diego at diego_black on 2008/08/27 02:56:36
Teach OpenBSM library and utilities about Sun OpenSolaris socket_ex
token.
Affected files ...
.. //depot/projects/soc2008/diego-audit/src/contrib/openbsm/bsm/libbsm.h#2 edit
.. //depot/projects/soc2008/diego-audit/src/contrib/openbsm/libbsm/bsm_io.c#2 edit
Differences ...
==== //depot/projects/soc2008/diego-audit/src/contrib/openbsm/bsm/libbsm.h#2 (text) ====
@@ -537,21 +537,21 @@
} au_socket_t;
/*
+ * socket domain 2 bytes
* socket type 2 bytes
+ * ip address type 2 bytes
* local port 2 bytes
- * address type/length 4 bytes
- * local Internet address 4 bytes/16 bytes (IPv4/IPv6 address)
- * remote port 4 bytes
- * address type/length 4 bytes
- * remote Internet address 4 bytes/16 bytes (IPv4/IPv6 address)
+ * local address 4 bytes/16 bytes (IPv4/IPv6 address)
+ * remote port 2 bytes
+ * remote address 4 bytes/16 bytes (IPv4/IPv6 address)
*/
typedef struct {
+ u_int16_t domain;
u_int16_t type;
+ u_int16_t addr_type;
u_int16_t l_port;
- u_int32_t l_ad_type;
u_int32_t l_addr;
- u_int32_t r_port;
- u_int32_t r_ad_type;
+ u_int16_t r_port;
u_int32_t r_addr;
} au_socket_ex32_t;
==== //depot/projects/soc2008/diego-audit/src/contrib/openbsm/libbsm/bsm_io.c#2 (text) ====
@@ -557,7 +557,7 @@
break;
case AUT_SOCKET_EX:
- fprintf(fp, "<socket ");
+ fprintf(fp, "<socket_ex ");
break;
case AUT_DATA:
@@ -3746,31 +3746,36 @@
}
/*
+ * socket domain 2 bytes
* socket type 2 bytes
+ * ip address type 2 bytes
* local port 2 bytes
- * address type/length 4 bytes
- * local Internet address 4 bytes
- * remote port 4 bytes
- * address type/length 4 bytes
- * remote Internet address 4 bytes
+ * local address 4 bytes/16 bytes (IPv4/IPv6 address)
+ * remote port 2 bytes
+ * remote address 4 bytes/16 bytes (IPv4/IPv6 address)
*/
static int
fetch_socketex32_tok(tokenstr_t *tok, u_char *buf, int len)
{
int err = 0;
+ READ_TOKEN_U_INT16(buf, len, tok->tt.socket_ex32.domain, tok->len,
+ err);
+ if (err)
+ return (-1);
+
READ_TOKEN_U_INT16(buf, len, tok->tt.socket_ex32.type, tok->len,
err);
if (err)
return (-1);
- READ_TOKEN_BYTES(buf, len, &tok->tt.socket_ex32.l_port,
- sizeof(uint16_t), tok->len, err);
+ READ_TOKEN_U_INT16(buf, len, tok->tt.socket_ex32.addr_type, tok->len,
+ err);
if (err)
return (-1);
- READ_TOKEN_U_INT32(buf, len, tok->tt.socket_ex32.l_ad_type, tok->len,
- err);
+ READ_TOKEN_BYTES(buf, len, &tok->tt.socket_ex32.l_port,
+ sizeof(uint16_t), tok->len, err);
if (err)
return (-1);
@@ -3784,11 +3789,6 @@
if (err)
return (-1);
- READ_TOKEN_U_INT32(buf, len, tok->tt.socket_ex32.r_ad_type, tok->len,
- err);
- if (err)
- return (-1);
-
READ_TOKEN_BYTES(buf, len, &tok->tt.socket_ex32.r_addr,
sizeof(tok->tt.socket_ex32.r_addr), tok->len, err);
if (err)
@@ -3802,8 +3802,11 @@
__unused char sfrm, int xml)
{
- print_tok_type(fp, tok->id, "socket", raw, xml);
+ print_tok_type(fp, tok->id, "socket_ex", raw, xml);
if (xml) {
+ open_attr(fp, "sock_domain");
+ print_2_bytes(fp, tok->tt.socket_ex32.domain, "%#x");
+ close_attr(fp);
open_attr(fp, "sock_type");
print_2_bytes(fp, tok->tt.socket_ex32.type, "%#x");
close_attr(fp);
@@ -3822,6 +3825,8 @@
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
+ print_2_bytes(fp, tok->tt.socket_ex32.domain, "%#x");
+ print_delim(fp, del);
print_2_bytes(fp, tok->tt.socket_ex32.type, "%#x");
print_delim(fp, del);
print_2_bytes(fp, ntohs(tok->tt.socket_ex32.l_port), "%#x");
More information about the p4-projects
mailing list