diff options
author | rwatson <rwatson@FreeBSD.org> | 2006-06-27 18:06:41 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2006-06-27 18:06:41 +0000 |
commit | 8dc785807f47f495a3c0b66b2bf252de673609e3 (patch) | |
tree | b395a50680679df40adc5c3d4fda6ac2b2025303 /contrib | |
parent | 5aa3857899c7495727eb0cc0baae48e39ed3642c (diff) | |
parent | 02d6c5b525eb33f2cb80e79944dc5182be119e2c (diff) | |
download | FreeBSD-src-8dc785807f47f495a3c0b66b2bf252de673609e3.zip FreeBSD-src-8dc785807f47f495a3c0b66b2bf252de673609e3.tar.gz |
This commit was generated by cvs2svn to compensate for changes in r159985,
which included commits to RCS files with non-trunk default branches.
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/openbsm/HISTORY | 12 | ||||
-rw-r--r-- | contrib/openbsm/VERSION | 2 | ||||
-rw-r--r-- | contrib/openbsm/bsm/audit_kevents.h | 21 | ||||
-rw-r--r-- | contrib/openbsm/bsm/audit_record.h | 4 | ||||
-rw-r--r-- | contrib/openbsm/bsm/libbsm.h | 4 | ||||
-rw-r--r-- | contrib/openbsm/config/ltmain.sh | 633 | ||||
-rwxr-xr-x | contrib/openbsm/configure | 38 | ||||
-rw-r--r-- | contrib/openbsm/configure.ac | 20 | ||||
-rw-r--r-- | contrib/openbsm/libbsm/bsm_notify.c | 4 | ||||
-rw-r--r-- | contrib/openbsm/libbsm/bsm_token.c | 40 | ||||
-rw-r--r-- | contrib/openbsm/man/audit.log.5 | 4 | ||||
-rw-r--r-- | contrib/openbsm/test/bsm/generate.c | 53 |
12 files changed, 663 insertions, 172 deletions
diff --git a/contrib/openbsm/HISTORY b/contrib/openbsm/HISTORY index e1e6911..946f2ff 100644 --- a/contrib/openbsm/HISTORY +++ b/contrib/openbsm/HISTORY @@ -1,3 +1,13 @@ +OpenBSM 1.0 alpha 7 + +- Adopted Solaris-compatible format for subject32_ex and subject64_ex + tokens, which previously did not correctly implement variable length + address storage. +- Prefer inttypes.h to stdint.h; enhance queue.h detection to test for + TAILQ_FOREACH_SAFE(), which is present in recent BSD queue.h's, but not + older ones. OpenBSM now builds on some FreeBSD 4.x version. +- New event types for extended attributes, ACLs, and scheduling. + OpenBSM 1.0 alpha 6 - Use AU_TO_WRITE and AU_NO_TO_WRITE for the 'keep' argument to au_close(); @@ -165,4 +175,4 @@ OpenBSM 1.0 alpha 1 to support reloading of kernel event table. - Allow comments in /etc/security configuration files. -$P4: //depot/projects/trustedbsd/openbsm/HISTORY#12 $ +$P4: //depot/projects/trustedbsd/openbsm/HISTORY#15 $ diff --git a/contrib/openbsm/VERSION b/contrib/openbsm/VERSION index e2b0eb9..fe14dbb 100644 --- a/contrib/openbsm/VERSION +++ b/contrib/openbsm/VERSION @@ -1 +1 @@ -OPENBSM_1_0_ALPHA_6 +OPENBSM_1_0_ALPHA_7 diff --git a/contrib/openbsm/bsm/audit_kevents.h b/contrib/openbsm/bsm/audit_kevents.h index 335dc7d..b323692 100644 --- a/contrib/openbsm/bsm/audit_kevents.h +++ b/contrib/openbsm/bsm/audit_kevents.h @@ -30,7 +30,7 @@ * * @APPLE_BSD_LICENSE_HEADER_END@ * - * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_kevents.h#37 $ + * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_kevents.h#38 $ */ #ifndef _BSM_AUDIT_KEVENTS_H_ @@ -383,7 +383,24 @@ #define AUE_ACL_DELETE_FD 403 /* FreeBSD. */ #define AUE_ACL_CHECK_FILE 404 /* FreeBSD. */ #define AUE_ACL_CHECK_FD 405 /* FreeBSD. */ -#define AUE_SYSARCH 406 /* FreeBSD. */ +#define AUE_ACL_GET_LINK 406 /* FreeBSD. */ +#define AUE_ACL_SET_LINK 407 /* FreeBSD. */ +#define AUE_ACL_DELETE_LINK 408 /* FreeBSD. */ +#define AUE_ACL_CHECK_LINK 409 /* FreeBSD. */ +#define AUE_SYSARCH 410 /* FreeBSD. */ +#define AUE_EXTATTRCTL 411 /* FreeBSD. */ +#define AUE_EXTATTR_GET_FILE 412 /* FreeBSD. */ +#define AUE_EXTATTR_SET_FILE 413 /* FreeBSD. */ +#define AUE_EXTATTR_LIST_FILE 414 /* FreeBSD. */ +#define AUE_EXTATTR_DELETE_FILE 415 /* FreeBSD. */ +#define AUE_EXTATTR_GET_FD 416 /* FreeBSD. */ +#define AUE_EXTATTR_SET_FD 417 /* FreeBSD. */ +#define AUE_EXTATTR_LIST_FD 418 /* FreeBSD. */ +#define AUE_EXTATTR_DELETE_FD 419 /* FreeBSD. */ +#define AUE_EXTATTR_GET_LINK 420 /* FreeBSD. */ +#define AUE_EXTATTR_SET_LINK 421 /* FreeBSD. */ +#define AUE_EXTATTR_LIST_LINK 422 /* FreeBSD. */ +#define AUE_EXTATTR_DELETE_LINK 423 /* FreeBSD. */ /* * Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the diff --git a/contrib/openbsm/bsm/audit_record.h b/contrib/openbsm/bsm/audit_record.h index 9816112..f9c0288 100644 --- a/contrib/openbsm/bsm/audit_record.h +++ b/contrib/openbsm/bsm/audit_record.h @@ -30,12 +30,14 @@ * * @APPLE_BSD_LICENSE_HEADER_END@ * - * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_record.h#17 $ + * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_record.h#19 $ */ #ifndef _BSM_AUDIT_RECORD_H_ #define _BSM_AUDIT_RECORD_H_ +#include <sys/time.h> /* struct timeval */ + /* * Token type identifiers. */ diff --git a/contrib/openbsm/bsm/libbsm.h b/contrib/openbsm/bsm/libbsm.h index 45af631..2efdace 100644 --- a/contrib/openbsm/bsm/libbsm.h +++ b/contrib/openbsm/bsm/libbsm.h @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#20 $ + * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#21 $ */ #ifndef _LIBBSM_H_ @@ -43,7 +43,7 @@ #include <sys/types.h> #include <sys/cdefs.h> -#include <stdint.h> /* Required for audit.h. */ +#include <inttypes.h> /* Required for audit.h. */ #include <time.h> /* Required for clock_t on Linux. */ #include <bsm/audit.h> diff --git a/contrib/openbsm/config/ltmain.sh b/contrib/openbsm/config/ltmain.sh index 9e71d27..a85567f 100644 --- a/contrib/openbsm/config/ltmain.sh +++ b/contrib/openbsm/config/ltmain.sh @@ -43,8 +43,8 @@ EXIT_FAILURE=1 PROGRAM=ltmain.sh PACKAGE=libtool -VERSION=1.5.20 -TIMESTAMP=" (1.1220.2.287 2005/08/31 18:54:15)" +VERSION=1.5.22 +TIMESTAMP=" (1.1220.2.365 2005/12/18 22:14:06)" # See if we are running on zsh, and set the options which allow our # commands through without removal of \ escapes. @@ -132,6 +132,8 @@ run= show="$echo" show_help= execute_dlfiles= +duplicate_deps=no +preserve_args= lo2o="s/\\.lo\$/.${objext}/" o2lo="s/\\.${objext}\$/.lo/" @@ -139,6 +141,43 @@ o2lo="s/\\.${objext}\$/.lo/" # Shell function definitions: # This seems to be the best place for them +# func_mktempdir [string] +# Make a temporary directory that won't clash with other running +# libtool processes, and avoids race conditions if possible. If +# given, STRING is the basename for that directory. +func_mktempdir () +{ + my_template="${TMPDIR-/tmp}/${1-$progname}" + + if test "$run" = ":"; then + # Return a directory name, but don't create it in dry-run mode + my_tmpdir="${my_template}-$$" + else + + # If mktemp works, use that first and foremost + my_tmpdir=`mktemp -d "${my_template}-XXXXXXXX" 2>/dev/null` + + if test ! -d "$my_tmpdir"; then + # Failing that, at least try and use $RANDOM to avoid a race + my_tmpdir="${my_template}-${RANDOM-0}$$" + + save_mktempdir_umask=`umask` + umask 0077 + $mkdir "$my_tmpdir" + umask $save_mktempdir_umask + fi + + # If we're not in dry-run mode, bomb out on failure + test -d "$my_tmpdir" || { + $echo "cannot create temporary directory \`$my_tmpdir'" 1>&2 + exit $EXIT_FAILURE + } + fi + + $echo "X$my_tmpdir" | $Xsed +} + + # func_win32_libid arg # return the library type of file 'arg' # @@ -157,12 +196,11 @@ func_win32_libid () if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null | \ $EGREP -e 'file format pe-i386(.*architecture: i386)?' >/dev/null ; then win32_nmres=`eval $NM -f posix -A $1 | \ - sed -n -e '1,100{/ I /{x;/import/!{s/^/import/;h;p;};x;};}'` - if test "X$win32_nmres" = "Ximport" ; then - win32_libid_type="x86 archive import" - else - win32_libid_type="x86 archive static" - fi + $SED -n -e '1,100{/ I /{s,.*,import,;p;q;};}'` + case $win32_nmres in + import*) win32_libid_type="x86 archive import";; + *) win32_libid_type="x86 archive static";; + esac fi ;; *DLL*) @@ -188,6 +226,20 @@ func_win32_libid () # arg is usually of the form 'gcc ...' func_infer_tag () { + # FreeBSD-specific: where we install compilers with non-standard names + tag_compilers_CC="*cc cc* *gcc gcc*" + tag_compilers_CXX="*c++ c++* *g++ g++*" + base_compiler=`set -- "$@"; echo $1` + + # If $tagname isn't set, then try to infer if the default "CC" tag applies + if test -z "$tagname"; then + for zp in $tag_compilers_CC; do + case $base_compiler in + $zp) tagname="CC"; break;; + esac + done + fi + if test -n "$available_tags" && test -z "$tagname"; then CC_quoted= for arg in $CC; do @@ -228,7 +280,22 @@ func_infer_tag () break ;; esac - fi + + # FreeBSD-specific: try compilers based on inferred tag + if test -z "$tagname"; then + eval "tag_compilers=\$tag_compilers_${z}" + if test -n "$tag_compilers"; then + for zp in $tag_compilers; do + case $base_compiler in + $zp) tagname=$z; break;; + esac + done + if test -n "$tagname"; then + break + fi + fi + fi + fi done # If $tagname still isn't set, then no tagged configuration # was found and let the user know that the "--tag" command @@ -295,9 +362,9 @@ func_extract_archives () $run ${rm}r "$my_xdir" $show "$mkdir $my_xdir" $run $mkdir "$my_xdir" - status=$? - if test "$status" -ne 0 && test ! -d "$my_xdir"; then - exit $status + exit_status=$? + if test "$exit_status" -ne 0 && test ! -d "$my_xdir"; then + exit $exit_status fi case $host in *-darwin*) @@ -352,6 +419,8 @@ func_extract_archives () # Darwin sucks eval std_shrext=\"$shrext_cmds\" +disable_libs=no + # Parse our command line options once, thoroughly. while test "$#" -gt 0 do @@ -468,7 +537,11 @@ do preserve_args="$preserve_args $arg" ;; - --tag) prevopt="--tag" prev=tag ;; + --tag) + prevopt="--tag" + prev=tag + preserve_args="$preserve_args --tag" + ;; --tag=*) set tag "$optarg" ${1+"$@"} shift @@ -500,6 +573,18 @@ if test -n "$prevopt"; then exit $EXIT_FAILURE fi +case $disable_libs in +no) + ;; +shared) + build_libtool_libs=no + build_old_libs=yes + ;; +static) + build_old_libs=`case $build_libtool_libs in yes) echo no;; *) echo yes;; esac` + ;; +esac + # If this variable is set in any of the actions, the command in it # will be execed at the end. This prevents here-documents from being # left over by shells. @@ -856,9 +941,9 @@ EOF if test ! -d "${xdir}$objdir"; then $show "$mkdir ${xdir}$objdir" $run $mkdir ${xdir}$objdir - status=$? - if test "$status" -ne 0 && test ! -d "${xdir}$objdir"; then - exit $status + exit_status=$? + if test "$exit_status" -ne 0 && test ! -d "${xdir}$objdir"; then + exit $exit_status fi fi @@ -1061,6 +1146,7 @@ EOF no_install=no objs= non_pic_objects= + notinst_path= # paths that contain not-installed libtool libraries precious_files_regex= prefer_static_libs=no preload=no @@ -1089,14 +1175,15 @@ EOF if test -n "$link_static_flag"; then dlopen_self=$dlopen_self_static fi + prefer_static_libs=yes else if test -z "$pic_flag" && test -n "$link_static_flag"; then dlopen_self=$dlopen_self_static fi + prefer_static_libs=built fi build_libtool_libs=no build_old_libs=yes - prefer_static_libs=yes break ;; esac @@ -1271,6 +1358,11 @@ EOF if test -z "$pic_object" || test "$pic_object" = none ; then arg="$non_pic_object" fi + else + # If the PIC object exists, use it instead. + # $xdir was prepended to $pic_object above. + non_pic_object="$pic_object" + non_pic_objects="$non_pic_objects $non_pic_object" fi else # Only an error if not doing a dry-run. @@ -1354,8 +1446,8 @@ EOF prev= continue ;; - darwin_framework) - compiler_flags="$compiler_flags $arg" + darwin_framework|darwin_framework_skip) + test "$prev" = "darwin_framework" && compiler_flags="$compiler_flags $arg" compile_command="$compile_command $arg" finalize_command="$finalize_command $arg" prev= @@ -1419,13 +1511,17 @@ EOF continue ;; - -framework|-arch) - prev=darwin_framework - compiler_flags="$compiler_flags $arg" + -framework|-arch|-isysroot) + case " $CC " in + *" ${arg} ${1} "* | *" ${arg} ${1} "*) + prev=darwin_framework_skip ;; + *) compiler_flags="$compiler_flags $arg" + prev=darwin_framework ;; + esac compile_command="$compile_command $arg" finalize_command="$finalize_command $arg" - continue - ;; + continue + ;; -inst-prefix-dir) prev=inst_prefix @@ -1453,7 +1549,8 @@ EOF absdir=`cd "$dir" && pwd` if test -z "$absdir"; then $echo "$modename: cannot determine absolute directory name of \`$dir'" 1>&2 - exit $EXIT_FAILURE + absdir="$dir" + notinst_path="$notinst_path $dir" fi dir="$absdir" ;; @@ -1467,10 +1564,15 @@ EOF esac case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*) + testbindir=`$echo "X$dir" | $Xsed -e 's*/lib$*/bin*'` case :$dllsearchpath: in *":$dir:"*) ;; *) dllsearchpath="$dllsearchpath:$dir";; esac + case :$dllsearchpath: in + *":$testbindir:"*) ;; + *) dllsearchpath="$dllsearchpath:$testbindir";; + esac ;; esac continue @@ -1479,11 +1581,11 @@ EOF -l*) if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then case $host in - *-*-cygwin* | *-*-pw32* | *-*-beos*) + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos*) # These systems don't actually have a C or math library (as such) continue ;; - *-*-mingw* | *-*-os2*) + *-*-os2*) # These systems don't actually have a C library (as such) test "X$arg" = "X-lc" && continue ;; @@ -1495,6 +1597,15 @@ EOF # Rhapsody C and math libraries are in the System framework deplibs="$deplibs -framework System" continue + ;; + *-*-sco3.2v5* | *-*-sco5v6*) + # Causes problems with __ctype + test "X$arg" = "X-lc" && continue + ;; + *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*) + # Compiler inserts libc in the correct place for threads to work + test "X$arg" = "X-lc" && continue + ;; esac elif test "X$arg" = "X-lc_r"; then case $host in @@ -1522,6 +1633,7 @@ EOF compiler_flags="$compiler_flags $arg" compile_command="$compile_command $arg" finalize_command="$finalize_command $arg" + deplibs="$deplibs $arg" continue ;; @@ -1536,7 +1648,12 @@ EOF # +DA*, +DD* enable 64-bit mode on the HP compiler # -q* pass through compiler args for the IBM compiler # -m* pass through architecture-specific compiler args for GCC - -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*) + # -m*, -t[45]*, -txscale* pass through architecture-specific + # compiler args for GCC + # -pg pass through profiling flag for GCC + # @file GCC response files + -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*|-pg| \ + -t[45]*|-txscale*|@*) # Unknown arguments in both finalize_command and compile_command need # to be aesthetically quoted because they are evaled later. @@ -1548,9 +1665,7 @@ EOF esac compile_command="$compile_command $arg" finalize_command="$finalize_command $arg" - if test "$with_gcc" = "yes" ; then - compiler_flags="$compiler_flags $arg" - fi + compiler_flags="$compiler_flags $arg" continue ;; @@ -1788,6 +1903,11 @@ EOF if test -z "$pic_object" || test "$pic_object" = none ; then arg="$non_pic_object" fi + else + # If the PIC object exists, use it instead. + # $xdir was prepended to $pic_object above. + non_pic_object="$pic_object" + non_pic_objects="$non_pic_objects $non_pic_object" fi else # Only an error if not doing a dry-run. @@ -1893,9 +2013,9 @@ EOF if test ! -d "$output_objdir"; then $show "$mkdir $output_objdir" $run $mkdir $output_objdir - status=$? - if test "$status" -ne 0 && test ! -d "$output_objdir"; then - exit $status + exit_status=$? + if test "$exit_status" -ne 0 && test ! -d "$output_objdir"; then + exit $exit_status fi fi @@ -1958,7 +2078,6 @@ EOF newlib_search_path= need_relink=no # whether we're linking any uninstalled libtool libraries notinst_deplibs= # not-installed libtool libraries - notinst_path= # paths that contain not-installed libtool libraries case $linkmode in lib) passes="conv link" @@ -2012,6 +2131,29 @@ EOF else compiler_flags="$compiler_flags $deplib" fi + + case $linkmode in + lib) + deplibs="$deplib $deplibs" + test "$pass" = conv && continue + newdependency_libs="$deplib $newdependency_libs" + ;; + prog) + if test "$pass" = conv; then + deplibs="$deplib $deplibs" + continue + fi + if test "$pass" = scan; then + deplibs="$deplib $deplibs" + else + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + fi + ;; + *) + ;; + esac # linkmode + continue ;; -l*) @@ -2194,7 +2336,7 @@ EOF esac # case $deplib if test "$found" = yes || test -f "$lib"; then : else - $echo "$modename: cannot find the library \`$lib'" 1>&2 + $echo "$modename: cannot find the library \`$lib' or unhandled argument \`$deplib'" 1>&2 exit $EXIT_FAILURE fi @@ -2445,8 +2587,12 @@ EOF fi link_static=no # Whether the deplib will be linked statically + use_static_libs=$prefer_static_libs + if test "$use_static_libs" = built && test "$installed" = yes ; then + use_static_libs=no + fi if test -n "$library_names" && - { test "$prefer_static_libs" = no || test -z "$old_library"; }; then + { test "$use_static_libs" = no || test -z "$old_library"; }; then if test "$installed" = no; then notinst_deplibs="$notinst_deplibs $lib" need_relink=yes @@ -2559,11 +2705,15 @@ EOF if test "$hardcode_direct" = no; then add="$dir/$linklib" case $host in - *-*-sco3.2v5* ) add_dir="-L$dir" ;; + *-*-sco3.2v5.0.[024]*) add_dir="-L$dir" ;; + *-*-sysv4*uw2*) add_dir="-L$dir" ;; + *-*-sysv5OpenUNIX* | *-*-sysv5UnixWare7.[01].[10]* | \ + *-*-unixware7*) add_dir="-L$dir" ;; *-*-darwin* ) # if the lib is a module then we can not link against # it, someone is ignoring the new warnings I added - if /usr/bin/file -L $add 2> /dev/null | $EGREP "bundle" >/dev/null ; then + if /usr/bin/file -L $add 2> /dev/null | + $EGREP ": [^:]* bundle" >/dev/null ; then $echo "** Warning, lib $linklib is a module, not a shared library" if test -z "$old_library" ; then $echo @@ -3314,9 +3464,9 @@ EOF # Eliminate all temporary directories. for path in $notinst_path; do - lib_search_path=`$echo "$lib_search_path " | ${SED} -e 's% $path % %g'` - deplibs=`$echo "$deplibs " | ${SED} -e 's% -L$path % %g'` - dependency_libs=`$echo "$dependency_libs " | ${SED} -e 's% -L$path % %g'` + lib_search_path=`$echo "$lib_search_path " | ${SED} -e "s% $path % %g"` + deplibs=`$echo "$deplibs " | ${SED} -e "s% -L$path % %g"` + dependency_libs=`$echo "$dependency_libs " | ${SED} -e "s% -L$path % %g"` done if test -n "$xrpath"; then @@ -3369,7 +3519,12 @@ EOF ;; *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) # Do not include libc due to us having libc/libc_r. - test "X$arg" = "X-lc" && continue + ;; + *-*-sco3.2v5* | *-*-sco5v6*) + # Causes problems with __ctype + ;; + *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*) + # Compiler inserts libc in the correct place for threads to work ;; *) # Add libc to deplibs on all other systems if necessary. @@ -3413,7 +3568,7 @@ EOF int main() { return 0; } EOF $rm conftest - $LTCC -o conftest conftest.c $deplibs + $LTCC $LTCFLAGS -o conftest conftest.c $deplibs if test "$?" -eq 0 ; then ldd_output=`ldd conftest` for i in $deplibs; do @@ -3458,7 +3613,7 @@ EOF # If $name is empty we are operating on a -L argument. if test "$name" != "" && test "$name" != "0"; then $rm conftest - $LTCC -o conftest conftest.c $i + $LTCC $LTCFLAGS -o conftest conftest.c $i # Did it work? if test "$?" -eq 0 ; then ldd_output=`ldd conftest` @@ -3705,6 +3860,35 @@ EOF deplibs=$newdeplibs fi + + # move library search paths that coincide with paths to not yet + # installed libraries to the beginning of the library search list + new_libs= + for path in $notinst_path; do + case " $new_libs " in + *" -L$path/$objdir "*) ;; + *) + case " $deplibs " in + *" -L$path/$objdir "*) + new_libs="$new_libs -L$path/$objdir" ;; + esac + ;; + esac + done + for deplib in $deplibs; do + case $deplib in + -L*) + case " $new_libs " in + *" $deplib "*) ;; + *) new_libs="$new_libs $deplib" ;; + esac + ;; + *) new_libs="$new_libs $deplib" ;; + esac + done + deplibs="$new_libs" + + # All the library-specific variables (install_libdir is set above). library_names= old_library= @@ -3788,6 +3972,7 @@ EOF fi lib="$output_objdir/$realname" + linknames= for link do linknames="$linknames $link" @@ -4219,6 +4404,35 @@ EOF ;; esac + + # move library search paths that coincide with paths to not yet + # installed libraries to the beginning of the library search list + new_libs= + for path in $notinst_path; do + case " $new_libs " in + *" -L$path/$objdir "*) ;; + *) + case " $compile_deplibs " in + *" -L$path/$objdir "*) + new_libs="$new_libs -L$path/$objdir" ;; + esac + ;; + esac + done + for deplib in $compile_deplibs; do + case $deplib in + -L*) + case " $new_libs " in + *" $deplib "*) ;; + *) new_libs="$new_libs $deplib" ;; + esac + ;; + *) new_libs="$new_libs $deplib" ;; + esac + done + compile_deplibs="$new_libs" + + compile_command="$compile_command $compile_deplibs" finalize_command="$finalize_command $finalize_deplibs" @@ -4263,10 +4477,15 @@ EOF fi case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*) + testbindir=`$echo "X$libdir" | $Xsed -e 's*/lib$*/bin*'` case :$dllsearchpath: in *":$libdir:"*) ;; *) dllsearchpath="$dllsearchpath:$libdir";; esac + case :$dllsearchpath: in + *":$testbindir:"*) ;; + *) dllsearchpath="$dllsearchpath:$testbindir";; + esac ;; esac done @@ -4383,10 +4602,22 @@ extern \"C\" { export_symbols="$output_objdir/$outputname.exp" $run $rm $export_symbols $run eval "${SED} -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"' + case $host in + *cygwin* | *mingw* ) + $run eval "echo EXPORTS "'> "$output_objdir/$outputname.def"' + $run eval 'cat "$export_symbols" >> "$output_objdir/$outputname.def"' + ;; + esac else - $run eval "${SED} -e 's/\([ ][.*^$]\)/\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"' + $run eval "${SED} -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"' $run eval 'grep -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T' $run eval 'mv "$nlist"T "$nlist"' + case $host in + *cygwin* | *mingw* ) + $run eval "echo EXPORTS "'> "$output_objdir/$outputname.def"' + $run eval 'cat "$nlist" >> "$output_objdir/$outputname.def"' + ;; + esac fi fi @@ -4503,16 +4734,32 @@ static const void *lt_preloaded_setup() { esac # Now compile the dynamic symbol file. - $show "(cd $output_objdir && $LTCC -c$no_builtin_flag$pic_flag_for_symtable \"$dlsyms\")" - $run eval '(cd $output_objdir && $LTCC -c$no_builtin_flag$pic_flag_for_symtable "$dlsyms")' || exit $? + $show "(cd $output_objdir && $LTCC $LTCFLAGS -c$no_builtin_flag$pic_flag_for_symtable \"$dlsyms\")" + $run eval '(cd $output_objdir && $LTCC $LTCFLAGS -c$no_builtin_flag$pic_flag_for_symtable "$dlsyms")' || exit $? # Clean up the generated files. $show "$rm $output_objdir/$dlsyms $nlist ${nlist}S ${nlist}T" $run $rm "$output_objdir/$dlsyms" "$nlist" "${nlist}S" "${nlist}T" # Transform the symbol file into the correct name. - compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` - finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` + case $host in + *cygwin* | *mingw* ) + if test -f "$output_objdir/${outputname}.def" ; then + compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}.def $output_objdir/${outputname}S.${objext}%"` + finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}.def $output_objdir/${outputname}S.${objext}%"` + else + compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` + finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` + fi + ;; + * ) + compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` + finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` + ;; + esac + ;; + *-*-freebsd*) + # FreeBSD doesn't need this... ;; *) $echo "$modename: unknown suffix for \`$dlsyms'" 1>&2 @@ -4537,7 +4784,7 @@ static const void *lt_preloaded_setup() { # We have no uninstalled library dependencies, so finalize right now. $show "$link_command" $run eval "$link_command" - status=$? + exit_status=$? # Delete the generated files. if test -n "$dlsyms"; then @@ -4545,7 +4792,7 @@ static const void *lt_preloaded_setup() { $run $rm "$output_objdir/${outputname}S.${objext}" fi - exit $status + exit $exit_status fi if test -n "$shlibpath_var"; then @@ -4685,10 +4932,12 @@ static const void *lt_preloaded_setup() { esac case $host in *cygwin* | *mingw* ) - cwrappersource=`$echo ${objdir}/lt-${outputname}.c` - cwrapper=`$echo ${output}.exe` - $rm $cwrappersource $cwrapper - trap "$rm $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15 + output_name=`basename $output` + output_path=`dirname $output` + cwrappersource="$output_path/$objdir/lt-$output_name.c" + cwrapper="$output_path/$output_name.exe" + $rm $cwrappersource $cwrapper + trap "$rm $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15 cat > $cwrappersource <<EOF @@ -4713,6 +4962,9 @@ EOF #include <malloc.h> #include <stdarg.h> #include <assert.h> +#include <string.h> +#include <ctype.h> +#include <sys/stat.h> #if defined(PATH_MAX) # define LT_PATHMAX PATH_MAX @@ -4723,15 +4975,19 @@ EOF #endif #ifndef DIR_SEPARATOR -#define DIR_SEPARATOR '/' +# define DIR_SEPARATOR '/' +# define PATH_SEPARATOR ':' #endif #if defined (_WIN32) || defined (__MSDOS__) || defined (__DJGPP__) || \ defined (__OS2__) -#define HAVE_DOS_BASED_FILE_SYSTEM -#ifndef DIR_SEPARATOR_2 -#define DIR_SEPARATOR_2 '\\' -#endif +# define HAVE_DOS_BASED_FILE_SYSTEM +# ifndef DIR_SEPARATOR_2 +# define DIR_SEPARATOR_2 '\\' +# endif +# ifndef PATH_SEPARATOR_2 +# define PATH_SEPARATOR_2 ';' +# endif #endif #ifndef DIR_SEPARATOR_2 @@ -4741,17 +4997,32 @@ EOF (((ch) == DIR_SEPARATOR) || ((ch) == DIR_SEPARATOR_2)) #endif /* DIR_SEPARATOR_2 */ +#ifndef PATH_SEPARATOR_2 +# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR) +#else /* PATH_SEPARATOR_2 */ +# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR_2) +#endif /* PATH_SEPARATOR_2 */ + #define XMALLOC(type, num) ((type *) xmalloc ((num) * sizeof(type))) #define XFREE(stale) do { \ if (stale) { free ((void *) stale); stale = 0; } \ } while (0) +/* -DDEBUG is fairly common in CFLAGS. */ +#undef DEBUG +#if defined DEBUGWRAPPER +# define DEBUG(format, ...) fprintf(stderr, format, __VA_ARGS__) +#else +# define DEBUG(format, ...) +#endif + const char *program_name = NULL; void * xmalloc (size_t num); char * xstrdup (const char *string); -char * basename (const char *name); -char * fnqualify(const char *path); +const char * base_name (const char *name); +char * find_executable(const char *wrapper); +int check_executable(const char *path); char * strendzap(char *str, const char *pat); void lt_fatal (const char *message, ...); @@ -4761,29 +5032,50 @@ main (int argc, char *argv[]) char **newargz; int i; - program_name = (char *) xstrdup ((char *) basename (argv[0])); + program_name = (char *) xstrdup (base_name (argv[0])); + DEBUG("(main) argv[0] : %s\n",argv[0]); + DEBUG("(main) program_name : %s\n",program_name); newargz = XMALLOC(char *, argc+2); EOF - cat >> $cwrappersource <<EOF - newargz[0] = "$SHELL"; + cat >> $cwrappersource <<EOF + newargz[0] = (char *) xstrdup("$SHELL"); EOF - cat >> $cwrappersource <<"EOF" - newargz[1] = fnqualify(argv[0]); + cat >> $cwrappersource <<"EOF" + newargz[1] = find_executable(argv[0]); + if (newargz[1] == NULL) + lt_fatal("Couldn't find %s", argv[0]); + DEBUG("(main) found exe at : %s\n",newargz[1]); /* we know the script has the same name, without the .exe */ /* so make sure newargz[1] doesn't end in .exe */ strendzap(newargz[1],".exe"); for (i = 1; i < argc; i++) newargz[i+1] = xstrdup(argv[i]); newargz[argc+1] = NULL; + + for (i=0; i<argc+1; i++) + { + DEBUG("(main) newargz[%d] : %s\n",i,newargz[i]); + ; + } + EOF - cat >> $cwrappersource <<EOF + case $host_os in + mingw*) + cat >> $cwrappersource <<EOF + execv("$SHELL",(char const **)newargz); +EOF + ;; + *) + cat >> $cwrappersource <<EOF execv("$SHELL",newargz); EOF + ;; + esac - cat >> $cwrappersource <<"EOF" + cat >> $cwrappersource <<"EOF" return 127; } @@ -4804,48 +5096,148 @@ xstrdup (const char *string) ; } -char * -basename (const char *name) +const char * +base_name (const char *name) { const char *base; #if defined (HAVE_DOS_BASED_FILE_SYSTEM) /* Skip over the disk name in MSDOS pathnames. */ - if (isalpha (name[0]) && name[1] == ':') + if (isalpha ((unsigned char)name[0]) && name[1] == ':') name += 2; #endif for (base = name; *name; name++) if (IS_DIR_SEPARATOR (*name)) base = name + 1; - return (char *) base; + return base; } +int +check_executable(const char * path) +{ + struct stat st; + + DEBUG("(check_executable) : %s\n", path ? (*path ? path : "EMPTY!") : "NULL!"); + if ((!path) || (!*path)) + return 0; + + if ((stat (path, &st) >= 0) && + ( + /* MinGW & native WIN32 do not support S_IXOTH or S_IXGRP */ +#if defined (S_IXOTH) + ((st.st_mode & S_IXOTH) == S_IXOTH) || +#endif +#if defined (S_IXGRP) + ((st.st_mode & S_IXGRP) == S_IXGRP) || +#endif + ((st.st_mode & S_IXUSR) == S_IXUSR)) + ) + return 1; + else + return 0; +} + +/* Searches for the full path of the wrapper. Returns + newly allocated full path name if found, NULL otherwise */ char * -fnqualify(const char *path) +find_executable (const char* wrapper) { - size_t size; - char *p; + int has_slash = 0; + const char* p; + const char* p_next; + /* static buffer for getcwd */ char tmp[LT_PATHMAX + 1]; + int tmp_len; + char* concat_name; + + DEBUG("(find_executable) : %s\n", wrapper ? (*wrapper ? wrapper : "EMPTY!") : "NULL!"); - assert(path != NULL); + if ((wrapper == NULL) || (*wrapper == '\0')) + return NULL; - /* Is it qualified already? */ + /* Absolute path? */ #if defined (HAVE_DOS_BASED_FILE_SYSTEM) - if (isalpha (path[0]) && path[1] == ':') - return xstrdup (path); + if (isalpha ((unsigned char)wrapper[0]) && wrapper[1] == ':') + { + concat_name = xstrdup (wrapper); + if (check_executable(concat_name)) + return concat_name; + XFREE(concat_name); + } + else + { +#endif + if (IS_DIR_SEPARATOR (wrapper[0])) + { + concat_name = xstrdup (wrapper); + if (check_executable(concat_name)) + return concat_name; + XFREE(concat_name); + } +#if defined (HAVE_DOS_BASED_FILE_SYSTEM) + } #endif - if (IS_DIR_SEPARATOR (path[0])) - return xstrdup (path); - /* prepend the current directory */ - /* doesn't handle '~' */ + for (p = wrapper; *p; p++) + if (*p == '/') + { + has_slash = 1; + break; + } + if (!has_slash) + { + /* no slashes; search PATH */ + const char* path = getenv ("PATH"); + if (path != NULL) + { + for (p = path; *p; p = p_next) + { + const char* q; + size_t p_len; + for (q = p; *q; q++) + if (IS_PATH_SEPARATOR(*q)) + break; + p_len = q - p; + p_next = (*q == '\0' ? q : q + 1); + if (p_len == 0) + { + /* empty path: current directory */ + if (getcwd (tmp, LT_PATHMAX) == NULL) + lt_fatal ("getcwd failed"); + tmp_len = strlen(tmp); + concat_name = XMALLOC(char, tmp_len + 1 + strlen(wrapper) + 1); + memcpy (concat_name, tmp, tmp_len); + concat_name[tmp_len] = '/'; + strcpy (concat_name + tmp_len + 1, wrapper); + } + else + { + concat_name = XMALLOC(char, p_len + 1 + strlen(wrapper) + 1); + memcpy (concat_name, p, p_len); + concat_name[p_len] = '/'; + strcpy (concat_name + p_len + 1, wrapper); + } + if (check_executable(concat_name)) + return concat_name; + XFREE(concat_name); + } + } + /* not found in PATH; assume curdir */ + } + /* Relative path | not found in path: prepend cwd */ if (getcwd (tmp, LT_PATHMAX) == NULL) lt_fatal ("getcwd failed"); - size = strlen(tmp) + 1 + strlen(path) + 1; /* +2 for '/' and '\0' */ - p = XMALLOC(char, size); - sprintf(p, "%s%c%s", tmp, DIR_SEPARATOR, path); - return p; + tmp_len = strlen(tmp); + concat_name = XMALLOC(char, tmp_len + 1 + strlen(wrapper) + 1); + memcpy (concat_name, tmp, tmp_len); + concat_name[tmp_len] = '/'; + strcpy (concat_name + tmp_len + 1, wrapper); + + if (check_executable(concat_name)) + return concat_name; + XFREE(concat_name); + return NULL; } char * @@ -4889,16 +5281,16 @@ lt_fatal (const char *message, ...) va_end (ap); } EOF - # we should really use a build-platform specific compiler - # here, but OTOH, the wrappers (shell script and this C one) - # are only useful if you want to execute the "real" binary. - # Since the "real" binary is built for $host, then this - # wrapper might as well be built for $host, too. - $run $LTCC -s -o $cwrapper $cwrappersource - ;; - esac - $rm $output - trap "$rm $output; exit $EXIT_FAILURE" 1 2 15 + # we should really use a build-platform specific compiler + # here, but OTOH, the wrappers (shell script and this C one) + # are only useful if you want to execute the "real" binary. + # Since the "real" binary is built for $host, then this + # wrapper might as well be built for $host, too. + $run $LTCC $LTCFLAGS -s -o $cwrapper $cwrappersource + ;; + esac + $rm $output + trap "$rm $output; exit $EXIT_FAILURE" 1 2 15 $echo > $output "\ #! $SHELL @@ -5128,9 +5520,9 @@ fi\ $run ${rm}r "$gentop" $show "$mkdir $gentop" $run $mkdir "$gentop" - status=$? - if test "$status" -ne 0 && test ! -d "$gentop"; then - exit $status + exit_status=$? + if test "$exit_status" -ne 0 && test ! -d "$gentop"; then + exit $exit_status fi fi @@ -5797,18 +6189,7 @@ relink_command=\"$relink_command\"" outputname= if test "$fast_install" = no && test -n "$relink_command"; then if test "$finalize" = yes && test -z "$run"; then - tmpdir="/tmp" - test -n "$TMPDIR" && tmpdir="$TMPDIR" - tmpdir="$tmpdir/libtool-$$" - save_umask=`umask` - umask 0077 - if $mkdir "$tmpdir"; then - umask $save_umask - else - umask $save_umask - $echo "$modename: error: cannot create temporary directory \`$tmpdir'" 1>&2 - continue - fi + tmpdir=`func_mktempdir` file=`$echo "X$file$stripped_ext" | $Xsed -e 's%^.*/%%'` outputname="$tmpdir/$file" # Replace the output file specification. @@ -5932,7 +6313,7 @@ relink_command=\"$relink_command\"" # Exit here if they wanted silent mode. test "$show" = : && exit $EXIT_SUCCESS - $echo "----------------------------------------------------------------------" + $echo "X----------------------------------------------------------------------" | $Xsed $echo "Libraries have been installed in:" for libdir in $libdirs; do $echo " $libdir" @@ -5965,7 +6346,7 @@ relink_command=\"$relink_command\"" $echo $echo "See any operating system documentation about shared libraries for" $echo "more information, such as the ld(1) and ld.so(8) manual pages." - $echo "----------------------------------------------------------------------" + $echo "X----------------------------------------------------------------------" | $Xsed exit $EXIT_SUCCESS ;; @@ -6182,9 +6563,17 @@ relink_command=\"$relink_command\"" rmfiles="$rmfiles $objdir/$n" done test -n "$old_library" && rmfiles="$rmfiles $objdir/$old_library" - test "$mode" = clean && rmfiles="$rmfiles $objdir/$name $objdir/${name}i" - if test "$mode" = uninstall; then + case "$mode" in + clean) + case " $library_names " in + # " " in the beginning catches empty $dlname + *" $dlname "*) ;; + *) rmfiles="$rmfiles $objdir/$dlname" ;; + esac + test -n "$libdir" && rmfiles="$rmfiles $objdir/$name $objdir/${name}i" + ;; + uninstall) if test -n "$library_names"; then # Do each command in the postuninstall commands. cmds=$postuninstall_cmds @@ -6217,7 +6606,8 @@ relink_command=\"$relink_command\"" IFS="$save_ifs" fi # FIXME: should reinstall the best remaining shared library. - fi + ;; + esac fi ;; @@ -6516,12 +6906,11 @@ exit $? # configuration. But we'll never go from static-only to shared-only. # ### BEGIN LIBTOOL TAG CONFIG: disable-shared -build_libtool_libs=no -build_old_libs=yes +disable_libs=shared # ### END LIBTOOL TAG CONFIG: disable-shared # ### BEGIN LIBTOOL TAG CONFIG: disable-static -build_old_libs=`case $build_libtool_libs in yes) $echo no;; *) $echo yes;; esac` +disable_libs=static # ### END LIBTOOL TAG CONFIG: disable-static # Local Variables: diff --git a/contrib/openbsm/configure b/contrib/openbsm/configure index 06b3269..c73a001 100755 --- a/contrib/openbsm/configure +++ b/contrib/openbsm/configure @@ -1,7 +1,7 @@ #! /bin/sh -# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#22 . +# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#23 . # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a6. +# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a7. # # Report bugs to <trustedbsd-audit@TrustesdBSD.org>. # @@ -424,8 +424,8 @@ SHELL=${CONFIG_SHELL-/bin/sh} # Identity of this package. PACKAGE_NAME='OpenBSM' PACKAGE_TARNAME='openbsm' -PACKAGE_VERSION='1.0a6' -PACKAGE_STRING='OpenBSM 1.0a6' +PACKAGE_VERSION='1.0a7' +PACKAGE_STRING='OpenBSM 1.0a7' PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org' ac_unique_file="bin/auditreduce/auditreduce.c" @@ -955,7 +955,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures OpenBSM 1.0a6 to adapt to many kinds of systems. +\`configure' configures OpenBSM 1.0a7 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1021,7 +1021,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of OpenBSM 1.0a6:";; + short | recursive ) echo "Configuration of OpenBSM 1.0a7:";; esac cat <<\_ACEOF @@ -1162,7 +1162,7 @@ fi test -n "$ac_init_help" && exit 0 if $ac_init_version; then cat <<\_ACEOF -OpenBSM configure 1.0a6 +OpenBSM configure 1.0a7 generated by GNU Autoconf 2.59 Copyright (C) 2003 Free Software Foundation, Inc. @@ -1176,7 +1176,7 @@ cat >&5 <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by OpenBSM $as_me 1.0a6, which was +It was created by OpenBSM $as_me 1.0a7, which was generated by GNU Autoconf 2.59. Invocation command line was $ $0 $@ @@ -19278,7 +19278,7 @@ fi # Define the identity of the package. PACKAGE=OpenBSM - VERSION=1.0a6 + VERSION=1.0a7 cat >>confdefs.h <<_ACEOF @@ -22936,8 +22936,8 @@ done # sys/queue.h exists on most systems, but its capabilities vary a great deal. -# test for LIST_FIRST, which appears to not exist in all of them, and is -# necessary for OpenBSM. +# test for LIST_FIRST and TAILQ_FOREACH_SAFE, which appears to not exist in +# all of them, and are necessary for OpenBSM. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF @@ -22951,13 +22951,13 @@ int main () { - struct foo { - LIST_ENTRY(foo) foo_entries; - }; - LIST_HEAD(, foo) foo_list; - struct foo *foo; - foo = LIST_FIRST(&foo_list); + #ifndef LIST_FIRST + #error LIST_FIRST missing + #endif + #ifndef TAILQ_FOREACH_SAFE + #error TAILQ_FOREACH_SAFE + #endif ; return 0; @@ -23477,7 +23477,7 @@ _ASBOX } >&5 cat >&5 <<_CSEOF -This file was extended by OpenBSM $as_me 1.0a6, which was +This file was extended by OpenBSM $as_me 1.0a7, which was generated by GNU Autoconf 2.59. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -23540,7 +23540,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -OpenBSM config.status 1.0a6 +OpenBSM config.status 1.0a7 configured by $0, generated by GNU Autoconf 2.59, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" diff --git a/contrib/openbsm/configure.ac b/contrib/openbsm/configure.ac index 1fca5b7..48dd95e 100644 --- a/contrib/openbsm/configure.ac +++ b/contrib/openbsm/configure.ac @@ -2,8 +2,8 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -AC_INIT([OpenBSM], [1.0a6], [trustedbsd-audit@TrustesdBSD.org],[openbsm]) -AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#22 $]) +AC_INIT([OpenBSM], [1.0a7], [trustedbsd-audit@TrustesdBSD.org],[openbsm]) +AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#24 $]) AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c]) AC_CONFIG_AUX_DIR(config) AC_CONFIG_HEADER([config/config.h]) @@ -59,18 +59,18 @@ AC_FUNC_STRFTIME AC_CHECK_FUNCS([bzero ftruncate gettimeofday inet_ntoa memset strchr strerror strrchr strstr strtol strtoul]) # sys/queue.h exists on most systems, but its capabilities vary a great deal. -# test for LIST_FIRST, which appears to not exist in all of them, and is -# necessary for OpenBSM. +# test for LIST_FIRST and TAILQ_FOREACH_SAFE, which appears to not exist in +# all of them, and are necessary for OpenBSM. AC_TRY_LINK([ #include <sys/queue.h> ], [ - struct foo { - LIST_ENTRY(foo) foo_entries; - }; - LIST_HEAD(, foo) foo_list; - struct foo *foo; - foo = LIST_FIRST(&foo_list); + #ifndef LIST_FIRST + #error LIST_FIRST missing + #endif + #ifndef TAILQ_FOREACH_SAFE + #error TAILQ_FOREACH_SAFE + #endif ], [ AC_DEFINE(HAVE_FULL_QUEUE_H,, Define if queue.h includes LIST_FIRST) ]) diff --git a/contrib/openbsm/libbsm/bsm_notify.c b/contrib/openbsm/libbsm/bsm_notify.c index d5a7601..3ebfb25 100644 --- a/contrib/openbsm/libbsm/bsm_notify.c +++ b/contrib/openbsm/libbsm/bsm_notify.c @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#11 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#12 $ */ /* @@ -45,7 +45,7 @@ #include <bsm/libbsm.h> #include <errno.h> -#include <stdint.h> +#include <inttypes.h> #include <stdarg.h> #include <string.h> #include <syslog.h> diff --git a/contrib/openbsm/libbsm/bsm_token.c b/contrib/openbsm/libbsm/bsm_token.c index 98991ad..7512c42 100644 --- a/contrib/openbsm/libbsm/bsm_token.c +++ b/contrib/openbsm/libbsm/bsm_token.c @@ -30,7 +30,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#47 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#48 $ */ #include <sys/types.h> @@ -691,7 +691,16 @@ au_to_process32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, token_t *t; u_char *dptr = NULL; - GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 * sizeof(u_int32_t)); + if (tid->at_type == AU_IPv4) + GET_TOKEN_AREA(t, dptr, sizeof(u_char) + + 10 * sizeof(u_int32_t)); + else if (tid->at_type == AU_IPv6) + GET_TOKEN_AREA(t, dptr, sizeof(u_char) + + 13 * sizeof(u_int32_t)); + else { + errno = EINVAL; + return (NULL); + } if (t == NULL) return (NULL); @@ -706,9 +715,11 @@ au_to_process32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, ADD_U_INT32(dptr, tid->at_port); ADD_U_INT32(dptr, tid->at_type); ADD_U_INT32(dptr, tid->at_addr[0]); - ADD_U_INT32(dptr, tid->at_addr[1]); - ADD_U_INT32(dptr, tid->at_addr[2]); - ADD_U_INT32(dptr, tid->at_addr[3]); + if (tid->at_type == AU_IPv6) { + ADD_U_INT32(dptr, tid->at_addr[1]); + ADD_U_INT32(dptr, tid->at_addr[2]); + ADD_U_INT32(dptr, tid->at_addr[3]); + } return (t); } @@ -969,7 +980,16 @@ au_to_subject32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, token_t *t; u_char *dptr = NULL; - GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 * sizeof(u_int32_t)); + if (tid->at_type == AU_IPv4) + GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 10 * + sizeof(u_int32_t)); + else if (tid->at_type == AU_IPv6) + GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 * + sizeof(u_int32_t)); + else { + errno = EINVAL; + return (NULL); + } if (t == NULL) return (NULL); @@ -984,9 +1004,11 @@ au_to_subject32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, ADD_U_INT32(dptr, tid->at_port); ADD_U_INT32(dptr, tid->at_type); ADD_U_INT32(dptr, tid->at_addr[0]); - ADD_U_INT32(dptr, tid->at_addr[1]); - ADD_U_INT32(dptr, tid->at_addr[2]); - ADD_U_INT32(dptr, tid->at_addr[3]); + if (tid->at_type == AU_IPv6) { + ADD_U_INT32(dptr, tid->at_addr[1]); + ADD_U_INT32(dptr, tid->at_addr[2]); + ADD_U_INT32(dptr, tid->at_addr[3]); + } return (t); } diff --git a/contrib/openbsm/man/audit.log.5 b/contrib/openbsm/man/audit.log.5 index 87e1ab3..b53b1fc 100644 --- a/contrib/openbsm/man/audit.log.5 +++ b/contrib/openbsm/man/audit.log.5 @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.log.5#8 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.log.5#9 $ .\" .Dd May 1, 2005 .Dt AUDIT.LOG 5 @@ -218,7 +218,7 @@ token can be created using .It Li "Protocol" Ta "1 byte" Ta "IP protocol number" .It Li "Checksum" Ta "2 bytes" Ta "IP header checksum, network byte order" .It Li "Source Address" Ta "4 bytes" Ta "IPv4 source address" -.It Li "Desintation Address" Ta "4 bytes" Ta "IPv4 destination address" +.It Li "Destination Address" Ta "4 bytes" Ta "IPv4 destination address" .El .Ss Expanded ip Token The diff --git a/contrib/openbsm/test/bsm/generate.c b/contrib/openbsm/test/bsm/generate.c index 8944931..12bc462 100644 --- a/contrib/openbsm/test/bsm/generate.c +++ b/contrib/openbsm/test/bsm/generate.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/test/bsm/generate.c#3 $ + * $P4: //depot/projects/trustedbsd/openbsm/test/bsm/generate.c#4 $ */ /* @@ -31,6 +31,7 @@ */ #include <sys/types.h> +#include <sys/socket.h> #include <sys/stat.h> #include <netinet/in.h> @@ -267,6 +268,7 @@ static gid_t subject32_rgid = 0x09876543; static pid_t subject32_pid = 0x13243546; static au_asid_t subject32_sid = 0x97867564; static au_tid_t subject32_tid = { 0x16593746 }; +static au_tid_addr_t subject32_tid_addr = { 0x16593746 }; static void generate_subject32_token(const char *directory, const char *token_filename) @@ -298,6 +300,32 @@ generate_subject32_record(const char *directory, const char *record_filename) write_record(directory, record_filename, subject32_token, AUE_NULL); } +static void +generate_subject32ex_token(const char *directory, const char *token_filename, + u_int32_t type) +{ + token_t *subject32ex_token; + char *buf; + + buf = (char *)malloc(strlen(token_filename) + 6); + if (type == AU_IPv6) { + inet_pton(AF_INET6, "fe80::1", subject32_tid_addr.at_addr); + subject32_tid_addr.at_type = AU_IPv6; + sprintf(buf, "%s%s", token_filename, "-IPv6"); + } else { + subject32_tid_addr.at_addr[0] = inet_addr("127.0.0.1"); + subject32_tid_addr.at_type = AU_IPv4; + sprintf(buf, "%s%s", token_filename, "-IPv4"); + } + + subject32ex_token = au_to_subject32_ex(subject32_auid, subject32_euid, + subject32_egid, subject32_ruid, subject32_rgid, subject32_pid, + subject32_sid, &subject32_tid_addr); + if (subject32ex_token == NULL) + err(EX_UNAVAILABLE, "au_to_subject32_ex"); + write_token(directory, buf, subject32ex_token); +} + static au_id_t process32_auid = 0x12345678; static uid_t process32_euid = 0x01234567; static gid_t process32_egid = 0x23456789; @@ -306,6 +334,7 @@ static gid_t process32_rgid = 0x09876543; static pid_t process32_pid = 0x13243546; static au_asid_t process32_sid = 0x97867564; static au_tid_t process32_tid = { 0x16593746 }; +static au_tid_addr_t process32_tid_addr = { 0x16593746 }; static void generate_process32_token(const char *directory, const char *token_filename) @@ -337,6 +366,22 @@ generate_process32_record(const char *directory, const char *record_filename) write_record(directory, record_filename, process32_token, AUE_NULL); } +static void +generate_process32ex_token(const char *directory, const char *token_filename) +{ + token_t *process32ex_token; + + process32_tid_addr.at_addr[0] = inet_addr("127.0.0.1"); + process32_tid_addr.at_type = AU_IPv4; + + process32ex_token = au_to_process32_ex(process32_auid, process32_euid, + process32_egid, process32_ruid, process32_rgid, process32_pid, + process32_sid, &process32_tid_addr); + if (process32ex_token == NULL) + err(EX_UNAVAILABLE, "au_to_process32_ex"); + write_token(directory, token_filename, process32ex_token); +} + static char return32_status = 0xd7; static uint32_t return32_ret = 0x12345678; @@ -713,7 +758,10 @@ main(int argc, char *argv[]) generate_ipc_token(directory, "ipc_token"); generate_path_token(directory, "path_token"); generate_subject32_token(directory, "subject32_token"); + generate_subject32ex_token(directory, "subject32ex_token", AU_IPv4); + generate_subject32ex_token(directory, "subject32ex_token", AU_IPv6); generate_process32_token(directory, "process32_token"); + generate_process32ex_token(directory, "process32ex_token"); generate_return32_token(directory, "return32_token"); generate_text_token(directory, "text_token"); generate_opaque_token(directory, "opaque_token"); @@ -736,7 +784,10 @@ main(int argc, char *argv[]) generate_ipc_token(directory, "ipc_record"); generate_path_token(directory, "path_record"); generate_subject32_token(directory, "subject32_record"); + generate_subject32ex_token(directory, "subject32ex_record", AU_IPv4); + generate_subject32ex_token(directory, "subject32ex_record", AU_IPv6); generate_process32_token(directory, "process32_record"); + generate_process32ex_token(directory, "process32ex_token"); generate_return32_token(directory, "return32_record"); generate_text_token(directory, "text_record"); generate_opaque_token(directory, "opaque_record"); |