diff options
author | rwatson <rwatson@FreeBSD.org> | 2006-03-04 16:45:52 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2006-03-04 16:45:52 +0000 |
commit | ab71945909ae42af4e5fa0802d62298315b31281 (patch) | |
tree | bf80089d9b6069156fa54061c123d3e0d1dd6377 /contrib/openbsm/libbsm/bsm_token.c | |
parent | 0b2cf89651826909f5fdc3b98f24a31060a0f915 (diff) | |
download | FreeBSD-src-ab71945909ae42af4e5fa0802d62298315b31281.zip FreeBSD-src-ab71945909ae42af4e5fa0802d62298315b31281.tar.gz |
Vendor branch import of TrustedBSD OpenBSM 1.0 alpha 5:
- Update install notes to indicate /etc files are to be installed manually.
- On systems without LOG_SECURITY, use LOG_AUTH.
- Convert to autoconf/automake in order to move to a more portable (not
BSD-specific) build infrastructure, and more easy conditional building of
components. Currently, the primary feature loss is that automake does
not have native support for manual symlinks. This will be addressed in a
future OpenBSM release.
- Add compat/queue.h, to be used on systems dated BSD queue macro libraries
(as found on Linux).
- Rename CHANGELOG to HISTORY, as our change log doesn't follow some of the
existing conventions for a CHANGELOG.
- Some private data structures moved from audit.h to audit_internal.h to
prevent inappropriate use by applications and name space pollution.
- Improved detection and use of endian macros using autoconf.
- Avoid non-portable use of struct in6_addr, which is largely opaque.
- Avoid leaking BSD kernel socket related token code to user space in
bsm_token.c.
- Teach System V IPC calls to look for Linux naming variations for certain
struct ipc_perm fields.
- Test for audit system calls, and if not present, don't build
bsm_wrappers.c, bsm_notify.c, audit(8), and auditd(8), which rely on
those system calls.
- au_close() is not implemented on systems that don't have audit system
calls, but au_close_buffer() is.
- Work around missing BSDisms in bsm_wrapper.c.
- Fix nested includes so including libbsm.h in an application on Linux
picks up the necessary definitions.
Obtained from: TrustedBSD Project
Diffstat (limited to 'contrib/openbsm/libbsm/bsm_token.c')
-rw-r--r-- | contrib/openbsm/libbsm/bsm_token.c | 92 |
1 files changed, 34 insertions, 58 deletions
diff --git a/contrib/openbsm/libbsm/bsm_token.c b/contrib/openbsm/libbsm/bsm_token.c index d7eadb2..880c700 100644 --- a/contrib/openbsm/libbsm/bsm_token.c +++ b/contrib/openbsm/libbsm/bsm_token.c @@ -30,15 +30,32 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#34 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#43 $ */ #include <sys/types.h> -#ifdef __APPLE__ -#include <compat/endian.h> -#else /* !__APPLE__ */ + +#include <config/config.h> +#ifdef HAVE_SYS_ENDIAN_H #include <sys/endian.h> -#endif /* __APPLE__*/ +#else /* !HAVE_SYS_ENDIAN_H */ +#ifdef HAVE_MACHINE_ENDIAN_H +#include <machine/endian.h> +#else /* !HAVE_MACHINE_ENDIAN_H */ +#ifdef HAVE_ENDIAN_H +#include <endian.h> +#else /* !HAVE_ENDIAN_H */ +#error "No supported endian.h" +#endif /* !HAVE_ENDIAN_H */ +#endif /* !HAVE_MACHINE_ENDIAN_H */ +#include <compat/endian.h> +#endif /* !HAVE_SYS_ENDIAN_H */ +#ifdef HAVE_FULL_QUEUE_H +#include <sys/queue.h> +#else /* !HAVE_FULL_QUEUE_H */ +#include <compat/queue.h> +#endif /* !HAVE_FULL_QUEUE_H */ + #include <sys/socket.h> #include <sys/time.h> #include <sys/un.h> @@ -352,10 +369,7 @@ au_to_in_addr_ex(struct in6_addr *internet_addr) ADD_U_CHAR(dptr, AUT_IN_ADDR_EX); ADD_U_INT32(dptr, type); - ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[0]); - ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[1]); - ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[2]); - ADD_U_INT32(dptr, internet_addr->__u6_addr.__u6_addr32[3]); + ADD_MEM(dptr, internet_addr, sizeof(*internet_addr)); return (t); } @@ -448,9 +462,18 @@ au_to_ipc_perm(struct ipc_perm *perm) ADD_U_INT16(dptr, perm->mode); ADD_U_INT16(dptr, pad0); + +#ifdef HAVE_IPC_PERM___SEQ + ADD_U_INT16(dptr, perm->__seq); +#else ADD_U_INT16(dptr, perm->seq); +#endif +#ifdef HAVE_IPC_PERM___KEY + ADD_U_INT32(dptr, perm->__key); +#else ADD_U_INT32(dptr, perm->key); +#endif return (t); } @@ -781,50 +804,6 @@ au_to_seq(long audit_count) /* * token ID 1 byte - * socket type 2 bytes - * local port 2 bytes - * local Internet address 4 bytes - * remote port 2 bytes - * remote Internet address 4 bytes - */ -token_t * -au_to_socket(struct socket *so) -{ - - errno = ENOTSUP; - return (NULL); -} - -/* - * token ID 1 byte - * socket type 2 bytes - * local port 2 bytes - * address type/length 4 bytes - * local Internet address 4 bytes/16 bytes (IPv4/IPv6 address) - * remote port 4 bytes - * address type/length 4 bytes - * remote Internet address 4 bytes/16 bytes (IPv4/IPv6 address) - */ -token_t * -au_to_socket_ex_32(u_int16_t lp, u_int16_t rp, struct sockaddr *la, - struct sockaddr *ra) -{ - - errno = ENOTSUP; - return (NULL); -} - -token_t * -au_to_socket_ex_128(u_int16_t lp, u_int16_t rp, struct sockaddr *la, - struct sockaddr *ra) -{ - - errno = ENOTSUP; - return (NULL); -} - -/* - * token ID 1 byte * socket family 2 bytes * path 104 bytes */ @@ -898,10 +877,7 @@ au_to_sock_inet128(struct sockaddr_in6 *so) ADD_U_CHAR(dptr, so->sin6_family); ADD_U_INT16(dptr, so->sin6_port); - ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[0]); - ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[1]); - ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[2]); - ADD_U_INT32(dptr, so->sin6_addr.__u6_addr.__u6_addr32[3]); + ADD_MEM(dptr, &so->sin6_addr, sizeof(so->sin6_addr)); return (t); @@ -1031,7 +1007,7 @@ au_to_subject_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, tid)); } -#if !defined(_KERNEL) && !defined(KERNEL) +#if !defined(_KERNEL) && !defined(KERNEL) && defined(HAVE_AUDIT_SYSCALLS) /* * Collects audit information for the current process * and creates a subject token from it |