PERFORCE change 92688 for review
Robert Watson
rwatson at FreeBSD.org
Fri Mar 3 12:31:03 PST 2006
http://perforce.freebsd.org/chv.cgi?CH=92688
Change 92688 by rwatson at rwatson_zoo on 2006/03/03 20:27:35
Integrate OpenBSM 1.0a5 parts into TrustedBSD audit3 branch:
- autoconf/automake.
- Support for systems without LOG_SECURITY.
- Push more private data structures into audit_internal.h.
- Build on Linux, Darwin.
- Don't expose internals of in6_addr.
- Don't expose au_to_socket() (et al) in user space.
Affected files ...
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/CHANGELOG#10 delete
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/HISTORY#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/Makefile#4 delete
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/Makefile.am#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/Makefile.in#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/README#10 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/TODO#6 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/aclocal.m4#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/autogen.sh#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/Makefile#5 delete
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/Makefile.am#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/Makefile.in#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/audit/Makefile#3 delete
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/audit/Makefile.am#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/audit/Makefile.in#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/audit/audit.c#6 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/Makefile#3 delete
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/Makefile.am#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/Makefile.in#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/audit_warn.c#3 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/auditd.c#7 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditreduce/Makefile#4 delete
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditreduce/Makefile.am#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditreduce/Makefile.in#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/praudit/Makefile#4 delete
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/praudit/Makefile.am#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/praudit/Makefile.in#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/Makefile#6 delete
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/Makefile.am#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/Makefile.in#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit.h#9 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_internal.h#7 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/libbsm.h#8 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/compat/endian.h#4 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/compat/queue.h#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/config/config.guess#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/config/config.h.in#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/config/config.sub#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/config/depcomp#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/config/install-sh#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/config/ltmain.sh#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/config/missing#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/configure#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/configure.ac#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/Makefile#7 delete
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/Makefile.am#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/Makefile.in#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_audit.c#8 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#10 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_mask.c#8 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_notify.c#7 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_token.c#10 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_user.c#8 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#9 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/man/Makefile#7 delete
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/man/Makefile.am#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/man/Makefile.in#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/tools/Makefile#5 delete
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/tools/Makefile.am#1 branch
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/tools/Makefile.in#1 branch
Differences ...
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/README#10 (text+ko) ====
@@ -25,26 +25,34 @@
Building
-OpenBSM is currently built using a series of BSD make files which should
-work on both FreeBSD and Darwin. One known issue is that versions of
-Darwin prior to 10.3.8 have a nested include of "sys/audit.h" from
-"sys/proc.h", which can result in type definition conflicts. If running
-with include files from an earlier version of Darwin, the nested include
-must be manually removed in order that libbsm can be built, due to
-potentially conflicting types resulting from an include of "sys/sysctl.h"
-by that file. On Darwin, the use of BSD make must be specified explicitly
-by using "bsdmake" rather than "make", which on Darwin refers to GNU make.
-Typical invocations from the OpenBSM tree root:
+OpenBSM is currently built using autoconf and automake, which should allow
+for building on a range of operating systems, including FreeBSD, Mac OS X,
+and Linux. Depending on the availability of audit facailities in the
+underlying operating system, some components that depend on kernel audit
+support are built conditionally. Typically, build will be performed using
+
+ ./configure
+ make
+
+To install, use:
-FreeBSD
+ make install
- % make
- # make install
+You may wish to specify that the OpenBSM components not be installed in the
+base system, rather in a specific directory. This may be done using the
+--prefix argument to configure. If installing to a specific directory,
+remember to update your library path so that running tools from that
+directory the correct libbsm is used:
-Darwin
+ ./configure --prefix=/home/rwatson/openbsm
+ make
+ make install
+ LD_LIBRARY_PATH=/home/rwatson/openbsm/libbsm ; export LD_LIBRARY_PATH
- % bsdmake
- # bsdmake install
+You will need to manually propagate openbsm/etc/* into /etc on your system;
+this is not done automatically so as to avoid disrupting the current
+configuration. Currently, the locations of these files is not
+configurable.
Credits
@@ -65,6 +73,7 @@
Christian Brueffer
Olivier Houchard
Christian Peron
+ Martin Fong
In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel
Software's FlexeLint tool were used to identify a number of bugs in the
@@ -86,4 +95,4 @@
http://www.TrustedBSD.org/
-$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/README#9 $
+$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/README#10 $
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/TODO#6 (text+ko) ====
@@ -8,5 +8,10 @@
- Document contents of libbsm "public" data structures in libbsm man pages.
- The audit.log.5 man page is incomplete, as it does not describe all
token types.
+- With the move to autoconf/automake, man page symlinks are no longer
+ installed. This needs to be fixed.
+- It might be desirable to be able to provide EOPNOTSUPP system call stubs
+ on systems that don't have the necessary audit system calls; that would
+ allow the full libbsm and tool set to build, just not run.
-$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/TODO#5 $
+$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/TODO#6 $
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/audit/audit.c#6 (text+ko) ====
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/audit/audit.c#5 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/audit/audit.c#6 $
*/
/*
* Program to trigger the audit daemon with a message that is either:
@@ -44,7 +44,7 @@
#include <sys/queue.h>
#include <sys/uio.h>
-#include <bsm/audit.h>
+#include <bsm/libbsm.h>
#include <fcntl.h>
#include <stdio.h>
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/audit_warn.c#3 (text+ko) ====
@@ -30,12 +30,14 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/audit_warn.c#2 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/audit_warn.c#3 $
*/
#include <sys/types.h>
+
+#include <stdio.h>
+#include <stdlib.h>
#include <unistd.h>
-#include <stdio.h>
#include "auditd.h"
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/auditd.c#7 (text+ko) ====
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/auditd.c#6 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditd/auditd.c#7 $
*/
#include <sys/types.h>
@@ -795,7 +795,11 @@
}
}
+#ifdef LOG_SECURITY
openlog("auditd", LOG_CONS | LOG_PID, LOG_SECURITY);
+#else
+ openlog("auditd", LOG_CONS | LOG_PID, LOG_AUTH);
+#endif
syslog(LOG_INFO, "starting...\n");
if (debug == 0 && daemon(0, 0) == -1) {
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit.h#9 (text+ko) ====
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit.h#8 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit.h#9 $
*/
#ifndef _BSM_AUDIT_H
@@ -240,25 +240,11 @@
};
typedef struct auditpinfo_addr auditpinfo_addr_t;
-/* Token and record structures. */
-
-struct au_token {
- u_char *t_data;
- size_t len;
- TAILQ_ENTRY(au_token) tokens;
-};
+/*
+ * Contents of token_t are opaque outside of libbsm.
+ */
typedef struct au_token token_t;
-struct au_record {
- char used; /* Record currently in use? */
- int desc; /* Descriptor for record. */
- TAILQ_HEAD(, au_token) token_q; /* Queue of BSM tokens. */
- u_char *data;
- size_t len;
- LIST_ENTRY(au_record) au_rec_q;
-};
-typedef struct au_record au_record_t;
-
/*
* Kernel audit queue control parameters.
*/
@@ -310,6 +296,9 @@
};
typedef struct au_evclass_map au_evclass_map_t;
+/*
+ * Audit system calls.
+ */
#if !defined(_KERNEL) && !defined(KERNEL)
int audit(const void *, int);
int auditon(int, void *, int);
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_internal.h#7 (text+ko) ====
@@ -34,11 +34,15 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_internal.h#6 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_internal.h#7 $
*/
-#ifndef _LIBBSM_INTERNAL_H
-#define _LIBBSM_INTERNAL_H
+#ifndef _AUDIT_INTERNAL_H
+#define _AUDIT_INTERNAL_H
+
+#if defined(__linux__) && !defined(__unused)
+#define __unused
+#endif
/*
* audit_internal.h contains private interfaces that are shared by user space
@@ -47,7 +51,23 @@
* broken with future releases of OpenBSM, which may delete, modify, or
* otherwise break these interfaces or the assumptions they rely on.
*/
+struct au_token {
+ u_char *t_data;
+ size_t len;
+ TAILQ_ENTRY(au_token) tokens;
+};
+
+struct au_record {
+ char used; /* Record currently in use? */
+ int desc; /* Descriptor for record. */
+ TAILQ_HEAD(, au_token) token_q; /* Queue of BSM tokens. */
+ u_char *data;
+ size_t len;
+ LIST_ENTRY(au_record) au_rec_q;
+};
+typedef struct au_record au_record_t;
+
/* We could determined the header and trailer sizes by
* defining appropriate structures. We hold off that approach
* till we have a consistant way of using structures for all tokens.
@@ -96,4 +116,4 @@
#define ADD_STRING(loc, data, size) ADD_MEM(loc, data, size)
-#endif /* !_LIBBSM_INTERNAL_H_ */
+#endif /* !_AUDIT_INTERNAL_H_ */
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/libbsm.h#8 (text+ko) ====
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/libbsm.h#7 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/libbsm.h#8 $
*/
#ifndef _LIBBSM_H_
@@ -42,9 +42,9 @@
#include <sys/types.h>
#include <sys/cdefs.h>
-#include <sys/queue.h>
#include <stdint.h> /* Required for audit.h. */
+#include <time.h> /* Required for clock_t on Linux. */
#include <bsm/audit.h>
#include <bsm/audit_record.h>
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/compat/endian.h#4 (text+ko) ====
@@ -25,18 +25,13 @@
* SUCH DAMAGE.
*
* Derived from FreeBSD src/sys/sys/endian.h:1.6.
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/compat/endian.h#3 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/compat/endian.h#4 $
*/
#ifndef _COMPAT_ENDIAN_H_
#define _COMPAT_ENDIAN_H_
/*
- * Pick up value of BYTE_ORDER/_BYTE_ORDER if not yet included.
- */
-#include <machine/endian.h>
-
-/*
* Some systems will have the uint/int types defined here already, others
* will need stdint.h.
*/
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_audit.c#8 (text+ko) ====
@@ -30,11 +30,21 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_audit.c#7 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_audit.c#8 $
*/
#include <sys/types.h>
+
+#ifdef HAVE_CONFIG_H
+#include <config/config.h>
+#ifdef HAVE_FULL_QUEUE_H
#include <sys/queue.h>
+#else
+#include <compat/queue.h>
+#endif
+#else /* !HAVE_CONFIG_H */
+#include <sys/queue.h>
+#endif /* !HAVE_CONFIG_H */
#include <bsm/audit_internal.h>
#include <bsm/libbsm.h>
@@ -256,11 +266,13 @@
pthread_mutex_unlock(&mutex);
}
+#ifdef HAVE_AUDIT_SYSCALLS
/*
* Add the header token, identify any missing tokens. Write out the tokens to
* the record memory and finally, call audit.
*/
-int au_close(int d, int keep, short event)
+int
+au_close(int d, int keep, short event)
{
au_record_t *rec;
size_t tot_rec_size;
@@ -308,6 +320,7 @@
au_teardown(rec);
return (retval);
}
+#endif /* HAVE_AUDIT_SYSCALLS */
/*
* au_close(), except onto an in-memory buffer. Buffer size as an argument,
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#10 (text+ko) ====
@@ -31,15 +31,37 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#9 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#10 $
*/
#include <sys/types.h>
-#ifdef __APPLE__
+
+#ifdef HAVE_CONFIG_H
+#include <config/config.h>
+#ifdef HAVE_SYS_ENDIAN_H
+#include <sys/endian.h>
+#else /* !HAVE_SYS_ENDIAN_H */
+#ifdef HAVE_MACHINE_ENDIAN_H
+#include <machine/endian.h>
+#else /* !HAVE_MACHINE_ENDIAN_H */
+#ifdef HAVE_ENDIAN_H
+#include <endian.h>
+#else /* !HAVE_ENDIAN_H */
+#error "No supported endian.h"
+#endif /* !HAVE_ENDIAN_H */
+#endif /* !HAVE_MACHINE_ENDIAN_H */
#include <compat/endian.h>
-#else /* !__APPLE__ */
+#endif /* !HAVE_SYS_ENDIAN_H */
+#ifdef HAVE_FULL_QUEUE_H
+#include <sys/queue.h>
+#else /* !HAVE_FULL_QUEUE_H */
+#include <compat/queue.h>
+#endif /* !HAVE_FULL_QUEUE_H */
+#else /* !HAVE_CONFIG_H */
#include <sys/endian.h>
-#endif /* __APPLE__*/
+#include <sys/queue.h>
+#endif /* !HAVE_CONFIG_H */
+
#include <sys/stat.h>
#include <sys/socket.h>
@@ -381,10 +403,7 @@
break;
case AU_IPv6:
- ipv6.__u6_addr.__u6_addr32[0] = ipaddr[0];
- ipv6.__u6_addr.__u6_addr32[1] = ipaddr[1];
- ipv6.__u6_addr.__u6_addr32[2] = ipaddr[2];
- ipv6.__u6_addr.__u6_addr32[3] = ipaddr[3];
+ bcopy(ipaddr, &ipv6, sizeof(ipv6));
fprintf(fp, "%s", inet_ntop(AF_INET6, &ipv6, dst,
INET6_ADDRSTRLEN));
break;
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_mask.c#8 (text+ko) ====
@@ -27,11 +27,21 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_mask.c#7 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_mask.c#8 $
*/
#include <sys/types.h>
+
+#ifdef HAVE_CONFIG_H
+#include <config/config.h>
+#ifdef HAVE_FULL_QUEUE_H
#include <sys/queue.h>
+#else /* !HAVE_FULL_QUEUE_H */
+#include <compat/queue.h>
+#endif /* !HAVE_FULL_QUEUE_H */
+#else /* !HAVE_CONFIG_H */
+#include <sys/queue.h>
+#endif /* !HAVE_CONFIG_H */
#include <bsm/libbsm.h>
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_notify.c#7 (text+ko) ====
@@ -26,18 +26,39 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_notify.c#6 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_notify.c#7 $
*/
/*
* Based on sample code from Marc Majka.
*/
-#include <string.h> /* strerror() */
-#include <sys/errno.h> /* errno */
+#include <sys/types.h>
+
+#ifdef HAVE_CONFIG_H
+
+#include <config/config.h>
+
+#ifdef HAVE_FULL_QUEUE_H
+#include <sys/queue.h>
+#else /* !HAVE_FULL_QUEUE_H */
+#include <compat/queue.h>
+#endif /* !HAVE_FULL_QUEUE_H */
+
+#else /* !HAVE_CONFIG_H */
+
+#include <sys/queue.h>
+
+#endif /* !HAVE_CONFIG_H */
+
+#include <bsm/audit_internal.h>
#include <bsm/libbsm.h>
-#include <stdint.h> /* uint32_t */
-#include <syslog.h> /* syslog() */
-#include <stdarg.h> /* syslog() */
+
+#include <errno.h>
+#include <stdint.h>
+#include <stdarg.h>
+#include <string.h>
+#include <syslog.h>
+
#ifdef __APPLE__
#include <notify.h>
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_token.c#10 (text+ko) ====
@@ -30,15 +30,37 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_token.c#9 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_token.c#10 $
*/
#include <sys/types.h>
-#ifdef __APPLE__
+
+#ifdef HAVE_CONFIG_H
+#include <config/config.h>
+#ifdef HAVE_SYS_ENDIAN_H
+#include <sys/endian.h>
+#else /* !HAVE_SYS_ENDIAN_H */
+#ifdef HAVE_MACHINE_ENDIAN_H
+#include <machine/endian.h>
+#else /* !HAVE_MACHINE_ENDIAN_H */
+#ifdef HAVE_ENDIAN_H
+#include <endian.h>
+#else /* !HAVE_ENDIAN_H */
+#error "No supported endian.h"
+#endif /* !HAVE_ENDIAN_H */
+#endif /* !HAVE_MACHINE_ENDIAN_H */
#include <compat/endian.h>
-#else /* !__APPLE__ */
+#endif /* !HAVE_SYS_ENDIANG_H */
+#ifdef HAVE_FULL_QUEUE_H
+#include <sys/queue.h>
+#else /* !HAVE_FULL_QUEUE_H */
+#include <compat/queue.h>
+#endif /* !HAVE_FULL_QUEUE_H */
+#else /* !HAVE_CONFIG_H */
#include <sys/endian.h>
-#endif /* __APPLE__*/
+#include <sys/queue.h>
+#endif /* !HAVE_CONFIG_H */
+
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/un.h>
@@ -352,10 +374,7 @@
ADD_U_CHAR(dptr, AUT_IN_ADDR_EX);
ADD_U_INT32(dptr, type);
- ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[0]);
- ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[1]);
- ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[2]);
- ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[3]);
+ ADD_MEM(dptr, internet_addr, sizeof(*internet_addr));
return (t);
}
@@ -448,9 +467,18 @@
ADD_U_INT16(dptr, perm->mode);
ADD_U_INT16(dptr, pad0);
+
+#ifdef HAVE_IPC_PERM___SEQ
+ ADD_U_INT16(dptr, perm->__seq);
+#else
ADD_U_INT16(dptr, perm->seq);
+#endif
+#ifdef HAVE_IPC_PERM___KEY
+ ADD_U_INT32(dptr, perm->__key);
+#else
ADD_U_INT32(dptr, perm->key);
+#endif
return (t);
}
@@ -781,50 +809,6 @@
/*
* token ID 1 byte
- * socket type 2 bytes
- * local port 2 bytes
- * local Internet address 4 bytes
- * remote port 2 bytes
- * remote Internet address 4 bytes
- */
-token_t *
-au_to_socket(struct socket *so)
-{
-
- errno = ENOTSUP;
- return (NULL);
-}
-
-/*
- * token ID 1 byte
- * socket type 2 bytes
- * local port 2 bytes
- * address type/length 4 bytes
- * local Internet address 4 bytes/16 bytes (IPv4/IPv6 address)
- * remote port 4 bytes
- * address type/length 4 bytes
- * remote Internet address 4 bytes/16 bytes (IPv4/IPv6 address)
- */
-token_t *
-au_to_socket_ex_32(u_int16_t lp, u_int16_t rp, struct sockaddr *la,
- struct sockaddr *ra)
-{
-
- errno = ENOTSUP;
- return (NULL);
-}
-
-token_t *
-au_to_socket_ex_128(u_int16_t lp, u_int16_t rp, struct sockaddr *la,
- struct sockaddr *ra)
-{
-
- errno = ENOTSUP;
- return (NULL);
-}
-
-/*
- * token ID 1 byte
* socket family 2 bytes
* path 104 bytes
*/
@@ -898,10 +882,7 @@
ADD_U_CHAR(dptr, so->sin6_family);
ADD_U_INT16(dptr, so->sin6_port);
- ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[0]);
- ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[1]);
- ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[2]);
- ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[3]);
+ ADD_MEM(dptr, &so->sin6_addr, sizeof(so->sin6_addr));
return (t);
@@ -1031,7 +1012,7 @@
tid));
}
-#if !defined(_KERNEL) && !defined(KERNEL)
+#if !defined(_KERNEL) && !defined(KERNEL) && defined(HAVE_AUDIT_SYSCALLS)
/*
* Collects audit information for the current process
* and creates a subject token from it
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_user.c#8 (text+ko) ====
@@ -27,7 +27,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_user.c#7 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_user.c#8 $
*/
#include <bsm/libbsm.h>
==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#9 (text+ko) ====
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#8 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#9 $
*/
#ifdef __APPLE__
@@ -35,6 +35,11 @@
#include <sys/param.h>
#include <sys/stat.h>
+
+#ifdef __APPLE__
+#include <sys/queue.h> /* Our bsm/audit.h doesn't include queue.h. */
+#endif
+
#include <sys/sysctl.h>
#include <bsm/libbsm.h>
@@ -56,7 +61,11 @@
if (p == NULL)
return (kAUBadParamErr);
+#ifdef NODEV
*p = NODEV;
+#else
+ *p = -1;
+#endif
/* for /usr/bin/login, try fstat() first */
if (fstat(STDIN_FILENO, &st) != 0) {
@@ -78,6 +87,8 @@
int
audit_set_terminal_host(uint32_t *m)
{
+
+#ifdef KERN_HOSTID
int name[2] = { CTL_KERN, KERN_HOSTID };
size_t len;
@@ -90,6 +101,10 @@
return (kAUSysctlErr);
}
return (kAUNoErr);
+#else
+ *m = -1;
+ return (kAUNoErr);
+#endif
}
int
More information about the trustedbsd-cvs
mailing list