1 files changed, 276 insertions, 0 deletions

diff --git a/contrib/openbsm/bin/auditdistd/auditdistd.h b/contrib/openbsm/bin/auditdistd/auditdistd.h
new file mode 100644
index 0000000..9ac2850
--- /dev/null
+++ b/contrib/openbsm/bin/auditdistd/auditdistd.h
@@ -0,0 +1,276 @@
+/*-
+ * Copyright (c) 2012 The FreeBSD Foundation
+ * All rights reserved.
+ *
+ * This software was developed by Pawel Jakub Dawidek under sponsorship from
+ * the FreeBSD Foundation.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#2 $
+ */
+
+#ifndef	_AUDITDISTD_H_
+#define	_AUDITDISTD_H_
+
+#include <sys/param.h>
+#include <sys/queue.h>
+#include <sys/socket.h>
+
+#include <arpa/inet.h>
+
+#include <netinet/in.h>
+
+#include <dirent.h>
+#include <limits.h>
+#include <pthread.h>
+#include <stdbool.h>
+#include <stdint.h>
+
+#include <compat/compat.h>
+
+#include "proto.h"
+
+/*
+ * Version history:
+ * 0 - initial version
+ */
+#define	ADIST_VERSION	0
+
+#define	ADIST_ROLE_UNDEF	0
+#define	ADIST_ROLE_SENDER	1
+#define	ADIST_ROLE_RECEIVER	2
+
+#define	ADIST_USER			"auditdistd"
+#define	ADIST_TIMEOUT			20
+#define	ADIST_CONFIG			"/etc/security/auditdistd.conf"
+#define	ADIST_TCP_PORT			"7878"
+#define	ADIST_LISTEN_TLS_TCP4		"tls://0.0.0.0:" ADIST_TCP_PORT
+#define	ADIST_LISTEN_TLS_TCP6		"tls://[::]:" ADIST_TCP_PORT
+#define	ADIST_PIDFILE			"/var/run/auditdistd.pid"
+#define	ADIST_DIRECTORY_SENDER		"/var/audit/dist"
+#define	ADIST_DIRECTORY_RECEIVER	"/var/audit/remote"
+#define	ADIST_CERTFILE			"/etc/security/auditdistd.cert.pem"
+#define	ADIST_KEYFILE			"/etc/security/auditdistd.key.pem"
+
+#define	ADIST_ERROR_WRONG_ORDER		1
+#define	ADIST_ERROR_INVALID_NAME	2
+#define	ADIST_ERROR_OPEN_OLD		3
+#define	ADIST_ERROR_CREATE		4
+#define	ADIST_ERROR_OPEN		5
+#define	ADIST_ERROR_READ		6
+#define	ADIST_ERROR_WRITE		7
+#define	ADIST_ERROR_RENAME		8
+
+#define	ADIST_ADDRSIZE		1024
+#define	ADIST_HOSTSIZE		256
+#define	ADIST_PATHSIZE		256
+#define	ADIST_PASSWORDSIZE	128
+#define	ADIST_FINGERPRINTSIZE	256
+
+/* Number of seconds to sleep between reconnect retries or keepalive packets. */
+#define	ADIST_KEEPALIVE	10
+
+struct adist_listen {
+	/* Address to listen on. */
+	char	 adl_addr[ADIST_ADDRSIZE];
+	/* Protocol-specific data. */
+	struct proto_conn *adl_conn;
+	TAILQ_ENTRY(adist_listen) adl_next;
+};
+
+struct adist_config {
+	/* Our name. */
+	char	adc_name[ADIST_HOSTSIZE];
+	/* PID file path. */
+	char	adc_pidfile[PATH_MAX];
+	/* Connection timeout. */
+	int	adc_timeout;
+	/* Path to receiver's certificate file. */
+	char	adc_certfile[PATH_MAX];
+	/* Path to receiver's private key file. */
+	char	adc_keyfile[PATH_MAX];
+	/* List of addresses to listen on. */
+	TAILQ_HEAD(, adist_listen) adc_listen;
+	/* List of hosts. */
+	TAILQ_HEAD(, adist_host) adc_hosts;
+};
+
+#define	ADIST_COMPRESSION_NONE	0
+#define	ADIST_COMPRESSION_LZF	1
+
+#define	ADIST_CHECKSUM_NONE	0
+#define	ADIST_CHECKSUM_CRC32	1
+#define	ADIST_CHECKSUM_SHA256	2
+
+/*
+ * Structure that describes single host (either sender or receiver).
+ */
+struct adist_host {
+	/* Host name. */
+	char	adh_name[ADIST_HOSTSIZE];
+	/* Host role: ADIST_ROLE_{SENDER,RECEIVER}. */
+	int	adh_role;
+	/* Protocol version negotiated. */
+	int	adh_version;
+
+	/* Local address to bind to. */
+	char	adh_localaddr[ADIST_ADDRSIZE];
+	/* Address of the remote component. */
+	char	adh_remoteaddr[ADIST_ADDRSIZE];
+	/* Connection with remote host. */
+	struct proto_conn *adh_remote;
+	/* Connection was reestablished, reset the state. */
+	bool	adh_reset;
+
+	/*
+	 * Directory from which audit trail files should be send in
+	 * ADIST_ROLE_SENDER case or stored into in ADIST_ROLE_RECEIVER case.
+	 */
+	char	adh_directory[PATH_MAX];
+	/* Compression algorithm. Currently unused. */
+	int	adh_compression;
+	/* Checksum algorithm. Currently unused. */
+	int	adh_checksum;
+
+	/* Sender's password. */
+	char	adh_password[ADIST_PASSWORDSIZE];
+	/* Fingerprint of receiver's public key. */
+	char	adh_fingerprint[ADIST_FINGERPRINTSIZE];
+
+	/* PID of child worker process. 0 - no child. */
+	pid_t	adh_worker_pid;
+	/* Connection requests from sender to main. */
+	struct proto_conn *adh_conn;
+
+	/* Receiver-specific fields. */
+	char	 adh_trail_name[ADIST_PATHSIZE];
+	int	 adh_trail_fd;
+	int	 adh_trail_dirfd;
+	DIR	*adh_trail_dirfp;
+	/* Sender-specific fields. */
+	uint64_t adh_trail_offset;
+
+	/* Next resource. */
+	TAILQ_ENTRY(adist_host) adh_next;
+};
+
+#define	ADIST_BYTEORDER_UNDEFINED	0
+#define	ADIST_BYTEORDER_LITTLE_ENDIAN	1
+#define	ADIST_BYTEORDER_BIG_ENDIAN	2
+
+#if _BYTE_ORDER == _LITTLE_ENDIAN
+#define	ADIST_BYTEORDER	ADIST_BYTEORDER_LITTLE_ENDIAN
+#elif _BYTE_ORDER == _BIG_ENDIAN
+#define	ADIST_BYTEORDER	ADIST_BYTEORDER_BIG_ENDIAN
+#else
+#error Unknown byte order.
+#endif
+
+struct adpkt {
+	uint8_t		adp_byteorder;
+#define	ADIST_CMD_UNDEFINED	0
+#define	ADIST_CMD_OPEN		1
+#define	ADIST_CMD_APPEND	2
+#define	ADIST_CMD_CLOSE		3
+#define	ADIST_CMD_KEEPALIVE	4
+#define	ADIST_CMD_ERROR		5
+	uint8_t		adp_cmd;
+	uint64_t	adp_seq;
+	uint32_t	adp_datasize;
+	unsigned char	adp_data[0];
+} __packed;
+
+struct adreq {
+	int			adr_error;
+	TAILQ_ENTRY(adreq)	adr_next;
+	struct adpkt		adr_packet;
+};
+
+#define	adr_byteorder	adr_packet.adp_byteorder
+#define	adr_cmd		adr_packet.adp_cmd
+#define	adr_seq		adr_packet.adp_seq
+#define	adr_datasize	adr_packet.adp_datasize
+#define	adr_data	adr_packet.adp_data
+
+#define	ADPKT_SIZE(adreq)	(sizeof((adreq)->adr_packet) + (adreq)->adr_datasize)
+
+struct adrep {
+	uint8_t		adrp_byteorder;
+	uint64_t	adrp_seq;
+	uint16_t	adrp_error;
+} __packed;
+
+#define	ADIST_QUEUE_SIZE	16
+#define	ADIST_BUF_SIZE		65536
+
+#define	QUEUE_TAKE(adreq, list, timeout)	do {			\
+	mtx_lock(list##_lock);						\
+	if ((timeout) == 0) {						\
+		while (((adreq) = TAILQ_FIRST(list)) == NULL)		\
+			cv_wait(list##_cond, list##_lock);		\
+	} else {							\
+		(adreq) = TAILQ_FIRST(list);				\
+		if ((adreq) == NULL) {					\
+			cv_timedwait(list##_cond, list##_lock,		\
+			    (timeout));					\
+			(adreq) = TAILQ_FIRST(list);			\
+		}							\
+	}								\
+	if ((adreq) != NULL)						\
+		TAILQ_REMOVE((list), (adreq), adr_next);		\
+	mtx_unlock(list##_lock);					\
+} while (0)
+#define	QUEUE_INSERT(adreq, list)	do {				\
+	bool _wakeup;							\
+									\
+	mtx_lock(list##_lock);						\
+	_wakeup = TAILQ_EMPTY(list);					\
+	TAILQ_INSERT_TAIL((list), (adreq), adr_next);			\
+	mtx_unlock(list##_lock);					\
+	if (_wakeup)							\
+		cv_signal(list##_cond);					\
+} while (0)
+#define	QUEUE_WAIT(list)	do {					\
+	mtx_lock(list##_lock);						\
+	while (TAILQ_EMPTY(list))					\
+		cv_wait(list##_cond, list##_lock);			\
+	mtx_unlock(list##_lock);					\
+} while (0)
+
+extern const char *cfgpath;
+extern bool sigexit_received;
+extern struct pidfh *pfh;
+
+void descriptors_cleanup(struct adist_host *adhost);
+void descriptors_assert(const struct adist_host *adhost, int pjdlogmode);
+
+void adist_sender(struct adist_config *config, struct adist_host *adhost);
+void adist_receiver(struct adist_config *config, struct adist_host *adhost);
+
+struct adist_config *yy_config_parse(const char *config, bool exitonerror);
+void yy_config_free(struct adist_config *config);
+
+void yyerror(const char *);
+int yylex(void);
+
+#endif	/* !_AUDITDISTD_H_ */