Vendor import TrustedBSD OpenBSM 1.0 alpha 14, with the following change

history notes since the last import:

OpenBSM 1.0 alpha 14

- Fix endian issues when processing IPv6 addresses for extended subject
  and process tokens.
- gcc41 warnings clean.
- Teach audit_submit(3) about getaudit_addr(2).
- Add support for zonename tokens.

OpenBSM 1.0 alpha 13

- compat/clock_gettime.h now provides a compatibility implementation of
  clock_gettime(), which fixes building on Mac OS X.
- Countless man page improvements, markup fixes, content fixs, etc.
- XML printing support via "praudit -x".
- audit.log.5 expanded to include additional BSM token types.
- Added encoding and decoding routines for process64_ex, process32_ex,
  subject32_ex, header64, and attr64 tokens.
- Additional audit event identifiers for listen, mlockall/munlockall,
  getpath, POSIX message queues, and mandatory access control.

Approved by:	re (bmah)
MFC after:	3 weeks
Obtained from:	TrustedBSD Project

1 files changed, 24 insertions, 5 deletions

diff --git a/contrib/openbsm/libbsm/bsm_wrappers.c b/contrib/openbsm/libbsm/bsm_wrappers.c
index 98f286c..f001e5f 100644
--- a/contrib/openbsm/libbsm/bsm_wrappers.c
+++ b/contrib/openbsm/libbsm/bsm_wrappers.c
@@ -26,7 +26,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#23 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_wrappers.c#24 $
  */
 
 #ifdef __APPLE__
@@ -66,8 +66,9 @@ audit_submit(short au_event, au_id_t auid, char status,
 	long acond;
 	va_list ap;
 	pid_t pid;
-	int error, afd;
+	int error, afd, subj_ex;
 	struct auditinfo ai;
+	struct auditinfo_addr aia;
 
 	if (auditon(A_GETCOND, &acond, sizeof(acond)) < 0) {
 		/*
@@ -84,6 +85,7 @@ audit_submit(short au_event, au_id_t auid, char status,
 	}
 	if (acond == AUC_NOAUDIT)
 		return (0);
+	/* XXXCSJP we should be doing a pre-select here */
 	afd = au_open();
 	if (afd < 0) {
 		error = errno;
@@ -92,7 +94,20 @@ audit_submit(short au_event, au_id_t auid, char status,
 		errno = error;
 		return (-1);
 	}
-	if (getaudit(&ai) < 0) {
+	/*
+	 * Some operating systems do not have getaudit_addr(2) implemented
+	 * yet.  So we try to use getaudit(2) first, if the subject is
+	 * using IPv6, then we will have to try getaudit_addr(2).  Failing
+	 * this, we return error.
+	 */
+	subj_ex = 0;
+	error = getaudit(&ai);
+	if (error < 0 && errno == E2BIG) {
+		error = getaudit_addr(&aia, sizeof(aia));
+		if (error == 0)
+			subj_ex = 1;
+	}
+	if (error < 0) {
 		error = errno;
 		syslog(LOG_AUTH | LOG_ERR, "audit: getaudit failed: %s",
 		    strerror(errno));
@@ -100,8 +115,12 @@ audit_submit(short au_event, au_id_t auid, char status,
 		return (-1);
 	}
 	pid = getpid();
-	token = au_to_subject32(auid, geteuid(), getegid(),
-	    getuid(), getgid(), pid, pid, &ai.ai_termid);
+	if (subj_ex == 0)
+		token = au_to_subject32(auid, geteuid(), getegid(),
+		    getuid(), getgid(), pid, pid, &ai.ai_termid);
+	else
+		token = au_to_subject_ex(auid, geteuid(), getegid(),
+		    getuid(), getgid(), pid, pid, &aia.ai_termid);
 	if (token == NULL) {
 		syslog(LOG_AUTH | LOG_ERR,
 		    "audit: unable to build subject token");