summaryrefslogtreecommitdiffstats
path: root/contrib/openbsm/libbsm/bsm_io.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/openbsm/libbsm/bsm_io.c')
-rw-r--r--contrib/openbsm/libbsm/bsm_io.c1135
1 files changed, 560 insertions, 575 deletions
diff --git a/contrib/openbsm/libbsm/bsm_io.c b/contrib/openbsm/libbsm/bsm_io.c
index 2dd1330..85fab59 100644
--- a/contrib/openbsm/libbsm/bsm_io.c
+++ b/contrib/openbsm/libbsm/bsm_io.c
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2004-2008 Apple Inc.
+ * Copyright (c) 2004-2009 Apple Inc.
* Copyright (c) 2005 SPARTA, Inc.
* Copyright (c) 2006 Robert N. M. Watson
* Copyright (c) 2006 Martin Voros
@@ -16,7 +16,7 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of
+ * 3. Neither the name of Apple Inc. ("Apple") nor the names of
* its contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
@@ -32,26 +32,29 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#63 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#75 $
*/
#include <sys/types.h>
#include <config/config.h>
-#if defined(HAVE_SYS_ENDIAN_H) && defined(HAVE_BE32ENC)
+
+#ifdef USE_ENDIAN_H
+#include <endian.h>
+#endif
+#ifdef USE_SYS_ENDIAN_H
#include <sys/endian.h>
-#else /* !HAVE_SYS_ENDIAN_H || !HAVE_BE32ENC */
-#ifdef HAVE_MACHINE_ENDIAN_H
+#endif
+#ifdef USE_MACHINE_ENDIAN_H
#include <machine/endian.h>
-#else /* !HAVE_MACHINE_ENDIAN_H */
-#ifdef HAVE_ENDIAN_H
-#include <endian.h>
-#else /* !HAVE_ENDIAN_H */
-#error "No supported endian.h"
-#endif /* !HAVE_ENDIAN_H */
-#endif /* !HAVE_MACHINE_ENDIAN_H */
+#endif
+#ifdef USE_COMPAT_ENDIAN_H
#include <compat/endian.h>
-#endif /* !HAVE_SYS_ENDIAN_H || !HAVE_BE32ENC */
+#endif
+#ifdef USE_COMPAT_ENDIAN_ENC_H
+#include <compat/endian_enc.h>
+#endif
+
#ifdef HAVE_FULL_QUEUE_H
#include <sys/queue.h>
#else /* !HAVE_FULL_QUEUE_H */
@@ -74,6 +77,12 @@
#include <pwd.h>
#include <grp.h>
+#ifdef HAVE_VIS
+#include <vis.h>
+#else
+#include <compat/vis.h>
+#endif
+
#include <bsm/audit_internal.h>
#define READ_TOKEN_BYTES(buf, len, dest, size, bytesread, err) do { \
@@ -106,7 +115,7 @@
(dest) = be32dec((buf) + (bytesread)); \
(bytesread) += sizeof(u_int32_t); \
} else \
- (err) = 1; \
+ (err) = 1; \
} while (0)
#define READ_TOKEN_U_INT64(buf, len, dest, bytesread, err) do { \
@@ -114,7 +123,7 @@
dest = be64dec((buf) + (bytesread)); \
(bytesread) += sizeof(u_int64_t); \
} else \
- (err) = 1; \
+ (err) = 1; \
} while (0)
#define SET_PTR(buf, len, ptr, size, bytesread, err) do { \
@@ -214,6 +223,51 @@ print_string(FILE *fp, const char *str, size_t len)
}
/*
+ * Prints the given data bytes as an XML-sanitized string.
+ */
+static void
+print_xml_string(FILE *fp, const char *str, size_t len)
+{
+ u_int32_t i;
+ char visbuf[5];
+
+ if (len == 0)
+ return;
+
+ for (i = 0; i < len; i++) {
+ switch (str[i]) {
+ case '\0':
+ return;
+
+ case '&':
+ (void) fprintf(fp, "&amp;");
+ break;
+
+ case '<':
+ (void) fprintf(fp, "&lt;");
+ break;
+
+ case '>':
+ (void) fprintf(fp, "&gt;");
+ break;
+
+ case '\"':
+ (void) fprintf(fp, "&quot;");
+ break;
+
+ case '\'':
+ (void) fprintf(fp, "&apos;");
+ break;
+
+ default:
+ (void) vis(visbuf, str[i], VIS_CSTYLE, 0);
+ (void) fprintf(fp, "%s", visbuf);
+ break;
+ }
+ }
+}
+
+/*
* Prints the beggining of attribute.
*/
static void
@@ -407,10 +461,10 @@ close_tag(FILE *fp, u_char type)
* Prints the token type in either the raw or the default form.
*/
static void
-print_tok_type(FILE *fp, u_char type, const char *tokname, char raw, int xml)
+print_tok_type(FILE *fp, u_char type, const char *tokname, int oflags)
{
- if (xml) {
+ if (oflags & AU_OFLAG_XML) {
switch(type) {
case AUT_HEADER32:
fprintf(fp, "<record ");
@@ -576,7 +630,7 @@ print_tok_type(FILE *fp, u_char type, const char *tokname, char raw, int xml)
break;
}
} else {
- if (raw)
+ if (oflags & AU_OFLAG_RAW)
fprintf(fp, "%u", type);
else
fprintf(fp, "%s", tokname);
@@ -587,11 +641,11 @@ print_tok_type(FILE *fp, u_char type, const char *tokname, char raw, int xml)
* Prints a user value.
*/
static void
-print_user(FILE *fp, u_int32_t usr, char raw)
+print_user(FILE *fp, u_int32_t usr, int oflags)
{
struct passwd *pwent;
- if (raw)
+ if (oflags & AU_OFLAG_RAW)
fprintf(fp, "%d", usr);
else {
pwent = getpwuid(usr);
@@ -606,11 +660,11 @@ print_user(FILE *fp, u_int32_t usr, char raw)
* Prints a group value.
*/
static void
-print_group(FILE *fp, u_int32_t grp, char raw)
+print_group(FILE *fp, u_int32_t grp, int oflags)
{
struct group *grpent;
- if (raw)
+ if (oflags & AU_OFLAG_RAW)
fprintf(fp, "%d", grp);
else {
grpent = getgrgid(grp);
@@ -626,7 +680,7 @@ print_group(FILE *fp, u_int32_t grp, char raw)
* form.
*/
static void
-print_event(FILE *fp, u_int16_t ev, char raw, char sfrm)
+print_event(FILE *fp, u_int16_t ev, int oflags)
{
char event_ent_name[AU_EVENT_NAME_MAX];
char event_ent_desc[AU_EVENT_DESC_MAX];
@@ -644,9 +698,9 @@ print_event(FILE *fp, u_int16_t ev, char raw, char sfrm)
return;
}
- if (raw)
+ if (oflags & AU_OFLAG_RAW)
fprintf(fp, "%u", ev);
- else if (sfrm)
+ else if (oflags & AU_OFLAG_SHORT)
fprintf(fp, "%s", e.ae_name);
else
fprintf(fp, "%s", e.ae_desc);
@@ -658,9 +712,9 @@ print_event(FILE *fp, u_int16_t ev, char raw, char sfrm)
* raw form.
*/
static void
-print_evmod(FILE *fp, u_int16_t evmod, char raw)
+print_evmod(FILE *fp, u_int16_t evmod, int oflags)
{
- if (raw)
+ if (oflags & AU_OFLAG_RAW)
fprintf(fp, "%u", evmod);
else
fprintf(fp, "%u", evmod);
@@ -670,12 +724,12 @@ print_evmod(FILE *fp, u_int16_t evmod, char raw)
* Prints seconds in the ctime format.
*/
static void
-print_sec32(FILE *fp, u_int32_t sec, char raw)
+print_sec32(FILE *fp, u_int32_t sec, int oflags)
{
time_t timestamp;
char timestr[26];
- if (raw)
+ if (oflags & AU_OFLAG_RAW)
fprintf(fp, "%u", sec);
else {
timestamp = (time_t)sec;
@@ -690,12 +744,12 @@ print_sec32(FILE *fp, u_int32_t sec, char raw)
* assume a 32-bit time_t, we simply truncate for now.
*/
static void
-print_sec64(FILE *fp, u_int64_t sec, char raw)
+print_sec64(FILE *fp, u_int64_t sec, int oflags)
{
time_t timestamp;
char timestr[26];
- if (raw)
+ if (oflags & AU_OFLAG_RAW)
fprintf(fp, "%u", (u_int32_t)sec);
else {
timestamp = (time_t)sec;
@@ -709,9 +763,9 @@ print_sec64(FILE *fp, u_int64_t sec, char raw)
* Prints the excess milliseconds.
*/
static void
-print_msec32(FILE *fp, u_int32_t msec, char raw)
+print_msec32(FILE *fp, u_int32_t msec, int oflags)
{
- if (raw)
+ if (oflags & AU_OFLAG_RAW)
fprintf(fp, "%u", msec);
else
fprintf(fp, " + %u msec", msec);
@@ -722,11 +776,11 @@ print_msec32(FILE *fp, u_int32_t msec, char raw)
* a 32-bit msec, we simply truncate for now.
*/
static void
-print_msec64(FILE *fp, u_int64_t msec, char raw)
+print_msec64(FILE *fp, u_int64_t msec, int oflags)
{
msec &= 0xffffffff;
- if (raw)
+ if (oflags & AU_OFLAG_RAW)
fprintf(fp, "%u", (u_int32_t)msec);
else
fprintf(fp, " + %u msec", (u_int32_t)msec);
@@ -776,11 +830,11 @@ print_ip_ex_address(FILE *fp, u_int32_t type, u_int32_t *ipaddr)
* Prints return value as success or failure.
*/
static void
-print_retval(FILE *fp, u_char status, char raw)
+print_retval(FILE *fp, u_char status, int oflags)
{
int error;
- if (raw)
+ if (oflags & AU_OFLAG_RAW)
fprintf(fp, "%u", status);
else {
/*
@@ -813,9 +867,9 @@ print_errval(FILE *fp, u_int32_t val)
* Prints IPC type.
*/
static void
-print_ipctype(FILE *fp, u_char type, char raw)
+print_ipctype(FILE *fp, u_char type, int oflags)
{
- if (raw)
+ if (oflags & AU_OFLAG_RAW)
fprintf(fp, "%u", type);
else {
if (type == AT_IPC_MSG)
@@ -835,7 +889,7 @@ print_ipctype(FILE *fp, u_char type, char raw)
void
au_print_xml_header(FILE *outfp)
{
-
+
fprintf(outfp, "<?xml version='1.0' ?>\n");
fprintf(outfp, "<audit>\n");
}
@@ -846,7 +900,7 @@ au_print_xml_header(FILE *outfp)
void
au_print_xml_footer(FILE *outfp)
{
-
+
fprintf(outfp, "</audit>\n");
}
@@ -891,26 +945,25 @@ fetch_header32_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_header32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, char sfrm,
- int xml)
+print_header32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "header", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "header", oflags);
+ if (oflags & AU_OFLAG_RAW) {
open_attr(fp, "version");
print_1_byte(fp, tok->tt.hdr32.version, "%u");
close_attr(fp);
open_attr(fp, "event");
- print_event(fp, tok->tt.hdr32.e_type, raw, sfrm);
+ print_event(fp, tok->tt.hdr32.e_type, oflags);
close_attr(fp);
open_attr(fp, "modifier");
- print_evmod(fp, tok->tt.hdr32.e_mod, raw);
+ print_evmod(fp, tok->tt.hdr32.e_mod, oflags);
close_attr(fp);
open_attr(fp, "time");
- print_sec32(fp, tok->tt.hdr32.s, raw);
+ print_sec32(fp, tok->tt.hdr32.s, oflags);
close_attr(fp);
open_attr(fp, "msec");
- print_msec32(fp, tok->tt.hdr32.ms, 1);
+ print_msec32(fp, tok->tt.hdr32.ms, oflags);
close_attr(fp);
close_tag(fp, tok->id);
} else {
@@ -919,13 +972,13 @@ print_header32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, char sfrm,
print_delim(fp, del);
print_1_byte(fp, tok->tt.hdr32.version, "%u");
print_delim(fp, del);
- print_event(fp, tok->tt.hdr32.e_type, raw, sfrm);
+ print_event(fp, tok->tt.hdr32.e_type, oflags);
print_delim(fp, del);
- print_evmod(fp, tok->tt.hdr32.e_mod, raw);
+ print_evmod(fp, tok->tt.hdr32.e_mod, oflags);
print_delim(fp, del);
- print_sec32(fp, tok->tt.hdr32.s, raw);
+ print_sec32(fp, tok->tt.hdr32.s, oflags);
print_delim(fp, del);
- print_msec32(fp, tok->tt.hdr32.ms, raw);
+ print_msec32(fp, tok->tt.hdr32.ms, oflags);
}
}
@@ -999,30 +1052,29 @@ fetch_header32_ex_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_header32_ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- char sfrm, int xml)
+print_header32_ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "header_ex", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "header_ex", oflags);
+ if (oflags & AU_OFLAG_RAW) {
open_attr(fp, "version");
print_1_byte(fp, tok->tt.hdr32_ex.version, "%u");
close_attr(fp);
open_attr(fp, "event");
- print_event(fp, tok->tt.hdr32_ex.e_type, raw, sfrm);
+ print_event(fp, tok->tt.hdr32_ex.e_type, oflags);
close_attr(fp);
open_attr(fp, "modifier");
- print_evmod(fp, tok->tt.hdr32_ex.e_mod, raw);
+ print_evmod(fp, tok->tt.hdr32_ex.e_mod, oflags);
close_attr(fp);
open_attr(fp, "host");
print_ip_ex_address(fp, tok->tt.hdr32_ex.ad_type,
tok->tt.hdr32_ex.addr);
close_attr(fp);
open_attr(fp, "time");
- print_sec32(fp, tok->tt.hdr32_ex.s, raw);
+ print_sec32(fp, tok->tt.hdr32_ex.s, oflags);
close_attr(fp);
open_attr(fp, "msec");
- print_msec32(fp, tok->tt.hdr32_ex.ms, raw);
+ print_msec32(fp, tok->tt.hdr32_ex.ms, oflags);
close_attr(fp);
close_tag(fp, tok->id);
} else {
@@ -1031,16 +1083,16 @@ print_header32_ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
print_delim(fp, del);
print_1_byte(fp, tok->tt.hdr32_ex.version, "%u");
print_delim(fp, del);
- print_event(fp, tok->tt.hdr32_ex.e_type, raw, sfrm);
+ print_event(fp, tok->tt.hdr32_ex.e_type, oflags);
print_delim(fp, del);
- print_evmod(fp, tok->tt.hdr32_ex.e_mod, raw);
+ print_evmod(fp, tok->tt.hdr32_ex.e_mod, oflags);
print_delim(fp, del);
print_ip_ex_address(fp, tok->tt.hdr32_ex.ad_type,
tok->tt.hdr32_ex.addr);
print_delim(fp, del);
- print_sec32(fp, tok->tt.hdr32_ex.s, raw);
+ print_sec32(fp, tok->tt.hdr32_ex.s, oflags);
print_delim(fp, del);
- print_msec32(fp, tok->tt.hdr32_ex.ms, raw);
+ print_msec32(fp, tok->tt.hdr32_ex.ms, oflags);
}
}
@@ -1085,26 +1137,25 @@ fetch_header64_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_header64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, char sfrm,
- int xml)
+print_header64_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
-
- print_tok_type(fp, tok->id, "header", raw, xml);
- if (xml) {
+
+ print_tok_type(fp, tok->id, "header", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "version");
print_1_byte(fp, tok->tt.hdr64.version, "%u");
close_attr(fp);
open_attr(fp, "event");
- print_event(fp, tok->tt.hdr64.e_type, raw, sfrm);
+ print_event(fp, tok->tt.hdr64.e_type, oflags);
close_attr(fp);
open_attr(fp, "modifier");
- print_evmod(fp, tok->tt.hdr64.e_mod, raw);
+ print_evmod(fp, tok->tt.hdr64.e_mod, oflags);
close_attr(fp);
open_attr(fp, "time");
- print_sec64(fp, tok->tt.hdr64.s, raw);
+ print_sec64(fp, tok->tt.hdr64.s, oflags);
close_attr(fp);
open_attr(fp, "msec");
- print_msec64(fp, tok->tt.hdr64.ms, raw);
+ print_msec64(fp, tok->tt.hdr64.ms, oflags);
close_attr(fp);
close_tag(fp, tok->id);
} else {
@@ -1113,13 +1164,13 @@ print_header64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, char sfrm,
print_delim(fp, del);
print_1_byte(fp, tok->tt.hdr64.version, "%u");
print_delim(fp, del);
- print_event(fp, tok->tt.hdr64.e_type, raw, sfrm);
+ print_event(fp, tok->tt.hdr64.e_type, oflags);
print_delim(fp, del);
- print_evmod(fp, tok->tt.hdr64.e_mod, raw);
+ print_evmod(fp, tok->tt.hdr64.e_mod, oflags);
print_delim(fp, del);
- print_sec64(fp, tok->tt.hdr64.s, raw);
+ print_sec64(fp, tok->tt.hdr64.s, oflags);
print_delim(fp, del);
- print_msec64(fp, tok->tt.hdr64.ms, raw);
+ print_msec64(fp, tok->tt.hdr64.ms, oflags);
}
}
@@ -1189,30 +1240,29 @@ fetch_header64_ex_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_header64_ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- char sfrm, int xml)
+print_header64_ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "header_ex", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "header_ex", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "version");
print_1_byte(fp, tok->tt.hdr64_ex.version, "%u");
close_attr(fp);
open_attr(fp, "event");
- print_event(fp, tok->tt.hdr64_ex.e_type, raw, sfrm);
+ print_event(fp, tok->tt.hdr64_ex.e_type, oflags);
close_attr(fp);
open_attr(fp, "modifier");
- print_evmod(fp, tok->tt.hdr64_ex.e_mod, raw);
+ print_evmod(fp, tok->tt.hdr64_ex.e_mod, oflags);
close_attr(fp);
open_attr(fp, "host");
print_ip_ex_address(fp, tok->tt.hdr64_ex.ad_type,
tok->tt.hdr64_ex.addr);
close_attr(fp);
open_attr(fp, "time");
- print_sec64(fp, tok->tt.hdr64_ex.s, raw);
+ print_sec64(fp, tok->tt.hdr64_ex.s, oflags);
close_attr(fp);
open_attr(fp, "msec");
- print_msec64(fp, tok->tt.hdr64_ex.ms, raw);
+ print_msec64(fp, tok->tt.hdr64_ex.ms, oflags);
close_attr(fp);
close_tag(fp, tok->id);
} else {
@@ -1221,16 +1271,16 @@ print_header64_ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
print_delim(fp, del);
print_1_byte(fp, tok->tt.hdr64_ex.version, "%u");
print_delim(fp, del);
- print_event(fp, tok->tt.hdr64_ex.e_type, raw, sfrm);
+ print_event(fp, tok->tt.hdr64_ex.e_type, oflags);
print_delim(fp, del);
- print_evmod(fp, tok->tt.hdr64_ex.e_mod, raw);
+ print_evmod(fp, tok->tt.hdr64_ex.e_mod, oflags);
print_delim(fp, del);
print_ip_ex_address(fp, tok->tt.hdr64_ex.ad_type,
tok->tt.hdr64_ex.addr);
print_delim(fp, del);
- print_sec64(fp, tok->tt.hdr64_ex.s, raw);
+ print_sec64(fp, tok->tt.hdr64_ex.s, oflags);
print_delim(fp, del);
- print_msec64(fp, tok->tt.hdr64_ex.ms, raw);
+ print_msec64(fp, tok->tt.hdr64_ex.ms, oflags);
}
}
@@ -1255,12 +1305,11 @@ fetch_trailer_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_trailer_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_trailer_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "trailer", raw, xml);
- if (!xml) {
+ print_tok_type(fp, tok->id, "trailer", oflags);
+ if (!(oflags & AU_OFLAG_XML)) {
print_delim(fp, del);
print_4_bytes(fp, tok->tt.trail.count, "%u");
}
@@ -1298,12 +1347,11 @@ fetch_arg32_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_arg32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_arg32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "argument", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "argument", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "arg-num");
print_1_byte(fp, tok->tt.arg32.no, "%u");
close_attr(fp);
@@ -1350,12 +1398,11 @@ fetch_arg64_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_arg64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_arg64_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "argument", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "argument", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "arg-num");
print_1_byte(fp, tok->tt.arg64.no, "%u");
close_attr(fp);
@@ -1435,16 +1482,15 @@ fetch_arb_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
char *str;
char *format;
size_t size;
int i;
- print_tok_type(fp, tok->id, "arbitrary", raw, xml);
- if (!xml)
+ print_tok_type(fp, tok->id, "arbitrary", oflags);
+ if (!(oflags & AU_OFLAG_XML))
print_delim(fp, del);
switch(tok->tt.arb.howtopr) {
@@ -1477,7 +1523,7 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
return;
}
- if (xml) {
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "print");
fprintf(fp, "%s",str);
close_attr(fp);
@@ -1490,7 +1536,7 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
/* case AUR_CHAR: */
str = "byte";
size = AUR_BYTE_SIZE;
- if (xml) {
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "type");
fprintf(fp, "%zu", size);
close_attr(fp);
@@ -1516,7 +1562,7 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
case AUR_SHORT:
str = "short";
size = AUR_SHORT_SIZE;
- if (xml) {
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "type");
fprintf(fp, "%zu", size);
close_attr(fp);
@@ -1545,7 +1591,7 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
/* case AUR_INT: */
str = "int";
size = AUR_INT32_SIZE;
- if (xml) {
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "type");
fprintf(fp, "%zu", size);
close_attr(fp);
@@ -1573,7 +1619,7 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
case AUR_INT64:
str = "int64";
size = AUR_INT64_SIZE;
- if (xml) {
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "type");
fprintf(fp, "%zu", size);
close_attr(fp);
@@ -1644,20 +1690,19 @@ fetch_attr32_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_attr32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_attr32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "attribute", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "attribute", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "mode");
print_4_bytes(fp, tok->tt.attr32.mode, "%o");
close_attr(fp);
open_attr(fp, "uid");
- print_user(fp, tok->tt.attr32.uid, raw);
+ print_user(fp, tok->tt.attr32.uid, oflags);
close_attr(fp);
open_attr(fp, "gid");
- print_group(fp, tok->tt.attr32.gid, raw);
+ print_group(fp, tok->tt.attr32.gid, oflags);
close_attr(fp);
open_attr(fp, "fsid");
print_4_bytes(fp, tok->tt.attr32.fsid, "%u");
@@ -1673,9 +1718,9 @@ print_attr32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
print_delim(fp, del);
print_4_bytes(fp, tok->tt.attr32.mode, "%o");
print_delim(fp, del);
- print_user(fp, tok->tt.attr32.uid, raw);
+ print_user(fp, tok->tt.attr32.uid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.attr32.gid, raw);
+ print_group(fp, tok->tt.attr32.gid, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.attr32.fsid, "%u");
print_delim(fp, del);
@@ -1726,20 +1771,19 @@ fetch_attr64_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_attr64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_attr64_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "attribute", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "attribute", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "mode");
print_4_bytes(fp, tok->tt.attr64.mode, "%o");
close_attr(fp);
open_attr(fp, "uid");
- print_user(fp, tok->tt.attr64.uid, raw);
+ print_user(fp, tok->tt.attr64.uid, oflags);
close_attr(fp);
open_attr(fp, "gid");
- print_group(fp, tok->tt.attr64.gid, raw);
+ print_group(fp, tok->tt.attr64.gid, oflags);
close_attr(fp);
open_attr(fp, "fsid");
print_4_bytes(fp, tok->tt.attr64.fsid, "%u");
@@ -1755,9 +1799,9 @@ print_attr64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
print_delim(fp, del);
print_4_bytes(fp, tok->tt.attr64.mode, "%o");
print_delim(fp, del);
- print_user(fp, tok->tt.attr64.uid, raw);
+ print_user(fp, tok->tt.attr64.uid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.attr64.gid, raw);
+ print_group(fp, tok->tt.attr64.gid, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.attr64.fsid, "%u");
print_delim(fp, del);
@@ -1788,12 +1832,11 @@ fetch_exit_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_exit_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_exit_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "exit", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "exit", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "errval");
print_errval(fp, tok->tt.exit.status);
close_attr(fp);
@@ -1846,16 +1889,15 @@ fetch_execarg_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_execarg_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_execarg_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
u_int32_t i;
- print_tok_type(fp, tok->id, "exec arg", raw, xml);
+ print_tok_type(fp, tok->id, "exec arg", oflags);
for (i = 0; i < tok->tt.execarg.count; i++) {
- if (xml) {
+ if (oflags & AU_OFLAG_XML) {
fprintf(fp, "<arg>");
- print_string(fp, tok->tt.execarg.text[i],
+ print_xml_string(fp, tok->tt.execarg.text[i],
strlen(tok->tt.execarg.text[i]));
fprintf(fp, "</arg>");
} else {
@@ -1864,7 +1906,7 @@ print_execarg_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
strlen(tok->tt.execarg.text[i]));
}
}
- if (xml)
+ if (oflags & AU_OFLAG_XML)
close_tag(fp, tok->id);
}
@@ -1905,16 +1947,15 @@ fetch_execenv_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_execenv_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_execenv_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
u_int32_t i;
- print_tok_type(fp, tok->id, "exec env", raw, xml);
+ print_tok_type(fp, tok->id, "exec env", oflags);
for (i = 0; i< tok->tt.execenv.count; i++) {
- if (xml) {
+ if (oflags & AU_OFLAG_XML) {
fprintf(fp, "<env>");
- print_string(fp, tok->tt.execenv.text[i],
+ print_xml_string(fp, tok->tt.execenv.text[i],
strlen(tok->tt.execenv.text[i]));
fprintf(fp, "</env>");
} else {
@@ -1923,7 +1964,7 @@ print_execenv_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
strlen(tok->tt.execenv.text[i]));
}
}
- if (xml)
+ if (oflags & AU_OFLAG_XML)
close_tag(fp, tok->id);
}
@@ -1959,26 +2000,25 @@ fetch_file_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_file_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_file_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "file", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "file", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "time");
- print_sec32(fp, tok->tt.file.s, raw);
+ print_sec32(fp, tok->tt.file.s, oflags);
close_attr(fp);
open_attr(fp, "msec");
- print_msec32(fp, tok->tt.file.ms, raw);
+ print_msec32(fp, tok->tt.file.ms, oflags);
close_attr(fp);
fprintf(fp, ">");
print_string(fp, tok->tt.file.name, tok->tt.file.len);
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_sec32(fp, tok->tt.file.s, raw);
+ print_sec32(fp, tok->tt.file.s, oflags);
print_delim(fp, del);
- print_msec32(fp, tok->tt.file.ms, raw);
+ print_msec32(fp, tok->tt.file.ms, oflags);
print_delim(fp, del);
print_string(fp, tok->tt.file.name, tok->tt.file.len);
}
@@ -2001,29 +2041,28 @@ fetch_newgroups_tok(tokenstr_t *tok, u_char *buf, int len)
for (i = 0; i<tok->tt.grps.no; i++) {
READ_TOKEN_U_INT32(buf, len, tok->tt.grps.list[i], tok->len,
err);
- if (err)
- return (-1);
+ if (err)
+ return (-1);
}
return (0);
}
static void
-print_newgroups_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_newgroups_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
int i;
- print_tok_type(fp, tok->id, "group", raw, xml);
+ print_tok_type(fp, tok->id, "group", oflags);
for (i = 0; i < tok->tt.grps.no; i++) {
- if (xml) {
+ if (oflags & AU_OFLAG_XML) {
fprintf(fp, "<gid>");
- print_group(fp, tok->tt.grps.list[i], raw);
+ print_group(fp, tok->tt.grps.list[i], oflags);
fprintf(fp, "</gid>");
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_group(fp, tok->tt.grps.list[i], raw);
+ print_group(fp, tok->tt.grps.list[i], oflags);
}
}
}
@@ -2046,12 +2085,11 @@ fetch_inaddr_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_inaddr_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_inaddr_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "ip addr", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "ip addr", oflags);
+ if (oflags & AU_OFLAG_XML) {
print_ip_address(fp, tok->tt.inaddr.addr);
close_tag(fp, tok->id);
} else {
@@ -2061,7 +2099,7 @@ print_inaddr_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
}
/*
- * type 4 bytes
+ * type 4 bytes
* address 16 bytes
*/
static int
@@ -2090,12 +2128,11 @@ fetch_inaddr_ex_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_inaddr_ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_inaddr_ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "ip addr ex", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "ip addr ex", oflags);
+ if (oflags & AU_OFLAG_XML) {
print_ip_ex_address(fp, tok->tt.inaddr_ex.type,
tok->tt.inaddr_ex.addr);
close_tag(fp, tok->id);
@@ -2164,12 +2201,11 @@ fetch_ip_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_ip_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_ip_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "ip", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "ip", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "version");
print_mem(fp, (u_char *)(&tok->tt.ip.version),
sizeof(u_char));
@@ -2248,14 +2284,13 @@ fetch_ipc_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_ipc_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_ipc_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "IPC", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "IPC", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "ipc-type");
- print_ipctype(fp, tok->tt.ipc.type, raw);
+ print_ipctype(fp, tok->tt.ipc.type, oflags);
close_attr(fp);
open_attr(fp, "ipc-id");
print_4_bytes(fp, tok->tt.ipc.id, "%u");
@@ -2263,7 +2298,7 @@ print_ipc_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_ipctype(fp, tok->tt.ipc.type, raw);
+ print_ipctype(fp, tok->tt.ipc.type, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.ipc.id, "%u");
}
@@ -2315,23 +2350,22 @@ fetch_ipcperm_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_ipcperm_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_ipcperm_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "IPC perm", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "IPC perm", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "uid");
- print_user(fp, tok->tt.ipcperm.uid, raw);
+ print_user(fp, tok->tt.ipcperm.uid, oflags);
close_attr(fp);
open_attr(fp, "gid");
- print_group(fp, tok->tt.ipcperm.gid, raw);
+ print_group(fp, tok->tt.ipcperm.gid, oflags);
close_attr(fp);
open_attr(fp, "creator-uid");
- print_user(fp, tok->tt.ipcperm.puid, raw);
+ print_user(fp, tok->tt.ipcperm.puid, oflags);
close_attr(fp);
open_attr(fp, "creator-gid");
- print_group(fp, tok->tt.ipcperm.pgid, raw);
+ print_group(fp, tok->tt.ipcperm.pgid, oflags);
close_attr(fp);
open_attr(fp, "mode");
print_4_bytes(fp, tok->tt.ipcperm.mode, "%o");
@@ -2345,13 +2379,13 @@ print_ipcperm_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_user(fp, tok->tt.ipcperm.uid, raw);
+ print_user(fp, tok->tt.ipcperm.uid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.ipcperm.gid, raw);
+ print_group(fp, tok->tt.ipcperm.gid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.ipcperm.puid, raw);
+ print_user(fp, tok->tt.ipcperm.puid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.ipcperm.pgid, raw);
+ print_group(fp, tok->tt.ipcperm.pgid, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.ipcperm.mode, "%o");
print_delim(fp, del);
@@ -2378,12 +2412,11 @@ fetch_iport_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_iport_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_iport_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "ip port", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "ip port", oflags);
+ if (oflags & AU_OFLAG_XML) {
print_2_bytes(fp, ntohs(tok->tt.iport.port), "%#x");
close_tag(fp, tok->id);
} else {
@@ -2414,12 +2447,11 @@ fetch_opaque_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_opaque_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_opaque_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "opaque", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "opaque", oflags);
+ if (oflags & AU_OFLAG_XML) {
print_mem(fp, (u_char*)tok->tt.opaque.data,
tok->tt.opaque.size);
close_tag(fp, tok->id);
@@ -2454,12 +2486,11 @@ fetch_path_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_path_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_path_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "path", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "path", oflags);
+ if (oflags & AU_OFLAG_XML) {
print_string(fp, tok->tt.path.path, tok->tt.path.len);
close_tag(fp, tok->id);
} else {
@@ -2527,26 +2558,25 @@ fetch_process32_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_process32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_process32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "process", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "process", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "audit-uid");
- print_user(fp, tok->tt.proc32.auid, raw);
+ print_user(fp, tok->tt.proc32.auid, oflags);
close_attr(fp);
open_attr(fp, "uid");
- print_user(fp, tok->tt.proc32.euid, raw);
+ print_user(fp, tok->tt.proc32.euid, oflags);
close_attr(fp);
open_attr(fp, "gid");
- print_group(fp, tok->tt.proc32.egid, raw);
+ print_group(fp, tok->tt.proc32.egid, oflags);
close_attr(fp);
open_attr(fp, "ruid");
- print_user(fp, tok->tt.proc32.ruid, raw);
+ print_user(fp, tok->tt.proc32.ruid, oflags);
close_attr(fp);
open_attr(fp, "rgid");
- print_group(fp, tok->tt.proc32.rgid, raw);
+ print_group(fp, tok->tt.proc32.rgid, oflags);
close_attr(fp);
open_attr(fp, "pid");
print_4_bytes(fp, tok->tt.proc32.pid, "%u");
@@ -2561,15 +2591,15 @@ print_process32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_user(fp, tok->tt.proc32.auid, raw);
+ print_user(fp, tok->tt.proc32.auid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.proc32.euid, raw);
+ print_user(fp, tok->tt.proc32.euid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.proc32.egid, raw);
+ print_group(fp, tok->tt.proc32.egid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.proc32.ruid, raw);
+ print_user(fp, tok->tt.proc32.ruid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.proc32.rgid, raw);
+ print_group(fp, tok->tt.proc32.rgid, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.proc32.pid, "%u");
print_delim(fp, del);
@@ -2640,25 +2670,24 @@ fetch_process64_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_process64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_process64_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "process", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "process", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "audit-uid");
- print_user(fp, tok->tt.proc64.auid, raw);
+ print_user(fp, tok->tt.proc64.auid, oflags);
close_attr(fp);
open_attr(fp, "uid");
- print_user(fp, tok->tt.proc64.euid, raw);
+ print_user(fp, tok->tt.proc64.euid, oflags);
close_attr(fp);
open_attr(fp, "gid");
- print_group(fp, tok->tt.proc64.egid, raw);
+ print_group(fp, tok->tt.proc64.egid, oflags);
close_attr(fp);
open_attr(fp, "ruid");
- print_user(fp, tok->tt.proc64.ruid, raw);
+ print_user(fp, tok->tt.proc64.ruid, oflags);
close_attr(fp);
open_attr(fp, "rgid");
- print_group(fp, tok->tt.proc64.rgid, raw);
+ print_group(fp, tok->tt.proc64.rgid, oflags);
close_attr(fp);
open_attr(fp, "pid");
print_4_bytes(fp, tok->tt.proc64.pid, "%u");
@@ -2673,15 +2702,15 @@ print_process64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_user(fp, tok->tt.proc64.auid, raw);
+ print_user(fp, tok->tt.proc64.auid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.proc64.euid, raw);
+ print_user(fp, tok->tt.proc64.euid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.proc64.egid, raw);
+ print_group(fp, tok->tt.proc64.egid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.proc64.ruid, raw);
+ print_user(fp, tok->tt.proc64.ruid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.proc64.rgid, raw);
+ print_group(fp, tok->tt.proc64.rgid, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.proc64.pid, "%u");
print_delim(fp, del);
@@ -2767,26 +2796,25 @@ fetch_process32ex_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_process32ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_process32ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "process_ex", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "process_ex", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "audit-uid");
- print_user(fp, tok->tt.proc32_ex.auid, raw);
+ print_user(fp, tok->tt.proc32_ex.auid, oflags);
close_attr(fp);
open_attr(fp, "uid");
- print_user(fp, tok->tt.proc32_ex.euid, raw);
+ print_user(fp, tok->tt.proc32_ex.euid, oflags);
close_attr(fp);
open_attr(fp, "gid");
- print_group(fp, tok->tt.proc32_ex.egid, raw);
+ print_group(fp, tok->tt.proc32_ex.egid, oflags);
close_attr(fp);
open_attr(fp, "ruid");
- print_user(fp, tok->tt.proc32_ex.ruid, raw);
+ print_user(fp, tok->tt.proc32_ex.ruid, oflags);
close_attr(fp);
open_attr(fp, "rgid");
- print_group(fp, tok->tt.proc32_ex.rgid, raw);
+ print_group(fp, tok->tt.proc32_ex.rgid, oflags);
close_attr(fp);
open_attr(fp, "pid");
print_4_bytes(fp, tok->tt.proc32_ex.pid, "%u");
@@ -2802,15 +2830,15 @@ print_process32ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_user(fp, tok->tt.proc32_ex.auid, raw);
+ print_user(fp, tok->tt.proc32_ex.auid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.proc32_ex.euid, raw);
+ print_user(fp, tok->tt.proc32_ex.euid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.proc32_ex.egid, raw);
+ print_group(fp, tok->tt.proc32_ex.egid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.proc32_ex.ruid, raw);
+ print_user(fp, tok->tt.proc32_ex.ruid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.proc32_ex.rgid, raw);
+ print_group(fp, tok->tt.proc32_ex.rgid, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.proc32_ex.pid, "%u");
print_delim(fp, del);
@@ -2897,25 +2925,24 @@ fetch_process64ex_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_process64ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_process64ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "process_ex", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "process_ex", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "audit-uid");
- print_user(fp, tok->tt.proc64_ex.auid, raw);
+ print_user(fp, tok->tt.proc64_ex.auid, oflags);
close_attr(fp);
open_attr(fp, "uid");
- print_user(fp, tok->tt.proc64_ex.euid, raw);
+ print_user(fp, tok->tt.proc64_ex.euid, oflags);
close_attr(fp);
open_attr(fp, "gid");
- print_group(fp, tok->tt.proc64_ex.egid, raw);
+ print_group(fp, tok->tt.proc64_ex.egid, oflags);
close_attr(fp);
open_attr(fp, "ruid");
- print_user(fp, tok->tt.proc64_ex.ruid, raw);
+ print_user(fp, tok->tt.proc64_ex.ruid, oflags);
close_attr(fp);
open_attr(fp, "rgid");
- print_group(fp, tok->tt.proc64_ex.rgid, raw);
+ print_group(fp, tok->tt.proc64_ex.rgid, oflags);
close_attr(fp);
open_attr(fp, "pid");
print_4_bytes(fp, tok->tt.proc64_ex.pid, "%u");
@@ -2931,15 +2958,15 @@ print_process64ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_user(fp, tok->tt.proc64_ex.auid, raw);
+ print_user(fp, tok->tt.proc64_ex.auid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.proc64_ex.euid, raw);
+ print_user(fp, tok->tt.proc64_ex.euid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.proc64_ex.egid, raw);
+ print_group(fp, tok->tt.proc64_ex.egid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.proc64_ex.ruid, raw);
+ print_user(fp, tok->tt.proc64_ex.ruid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.proc64_ex.rgid, raw);
+ print_group(fp, tok->tt.proc64_ex.rgid, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.proc64_ex.pid, "%u");
print_delim(fp, del);
@@ -2973,14 +3000,13 @@ fetch_return32_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_return32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_return32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "return", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "return", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp ,"errval");
- print_retval(fp, tok->tt.ret32.status, raw);
+ print_retval(fp, tok->tt.ret32.status, oflags);
close_attr(fp);
open_attr(fp, "retval");
print_4_bytes(fp, tok->tt.ret32.ret, "%u");
@@ -2988,7 +3014,7 @@ print_return32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_retval(fp, tok->tt.ret32.status, raw);
+ print_retval(fp, tok->tt.ret32.status, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.ret32.ret, "%u");
}
@@ -3011,14 +3037,13 @@ fetch_return64_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_return64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_return64_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "return", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "return", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "errval");
- print_retval(fp, tok->tt.ret64.err, raw);
+ print_retval(fp, tok->tt.ret64.err, oflags);
close_attr(fp);
open_attr(fp, "retval");
print_8_bytes(fp, tok->tt.ret64.val, "%lld");
@@ -3026,7 +3051,7 @@ print_return64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_retval(fp, tok->tt.ret64.err, raw);
+ print_retval(fp, tok->tt.ret64.err, oflags);
print_delim(fp, del);
print_8_bytes(fp, tok->tt.ret64.val, "%lld");
}
@@ -3048,12 +3073,11 @@ fetch_seq_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_seq_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_seq_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "sequence", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "sequence", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "seq-num");
print_4_bytes(fp, tok->tt.seq.seqno, "%u");
close_attr(fp);
@@ -3093,12 +3117,11 @@ fetch_sock_inet32_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_sock_inet32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_sock_inet32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "socket-inet", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "socket-inet", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "type");
print_2_bytes(fp, tok->tt.sockinet_ex32.family, "%u");
close_attr(fp);
@@ -3148,12 +3171,11 @@ fetch_sock_inet128_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_sock_inet128_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_sock_inet128_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "socket-inet6", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "socket-inet6", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "type");
print_2_bytes(fp, tok->tt.sockinet_ex32.family, "%u");
close_attr(fp);
@@ -3192,7 +3214,7 @@ fetch_sock_unix_tok(tokenstr_t *tok, u_char *buf, int len)
/* slen = strnlen((buf + tok->len), 104) + 1; */
p = (u_char *)memchr((const void *)(buf + tok->len), '\0', 104);
- slen = (p ? (int)(p - (buf + tok->len)) : 104) + 1;
+ slen = (p ? (int)(p - (buf + tok->len)) : 104) + 1;
READ_TOKEN_BYTES(buf, len, tok->tt.sockunix.path, slen, tok->len, err);
if (err)
@@ -3202,12 +3224,11 @@ fetch_sock_unix_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_sock_unix_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_sock_unix_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "socket-unix", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "socket-unix", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "type");
print_2_bytes(fp, tok->tt.sockunix.family, "%u");
close_attr(fp);
@@ -3267,12 +3288,11 @@ fetch_socket_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_socket_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_socket_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "socket", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "socket", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "sock_type");
print_2_bytes(fp, tok->tt.socket.type, "%u");
close_attr(fp);
@@ -3361,26 +3381,25 @@ fetch_subject32_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_subject32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_subject32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "subject", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "subject", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "audit-uid");
- print_user(fp, tok->tt.subj32.auid, raw);
+ print_user(fp, tok->tt.subj32.auid, oflags);
close_attr(fp);
open_attr(fp, "uid");
- print_user(fp, tok->tt.subj32.euid, raw);
+ print_user(fp, tok->tt.subj32.euid, oflags);
close_attr(fp);
open_attr(fp, "gid");
- print_group(fp, tok->tt.subj32.egid, raw);
+ print_group(fp, tok->tt.subj32.egid, oflags);
close_attr(fp);
open_attr(fp, "ruid");
- print_user(fp, tok->tt.subj32.ruid, raw);
+ print_user(fp, tok->tt.subj32.ruid, oflags);
close_attr(fp);
open_attr(fp, "rgid");
- print_group(fp, tok->tt.subj32.rgid, raw);
+ print_group(fp, tok->tt.subj32.rgid, oflags);
close_attr(fp);
open_attr(fp,"pid");
print_4_bytes(fp, tok->tt.subj32.pid, "%u");
@@ -3395,15 +3414,15 @@ print_subject32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_user(fp, tok->tt.subj32.auid, raw);
+ print_user(fp, tok->tt.subj32.auid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.subj32.euid, raw);
+ print_user(fp, tok->tt.subj32.euid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.subj32.egid, raw);
+ print_group(fp, tok->tt.subj32.egid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.subj32.ruid, raw);
+ print_user(fp, tok->tt.subj32.ruid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.subj32.rgid, raw);
+ print_group(fp, tok->tt.subj32.rgid, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.subj32.pid, "%u");
print_delim(fp, del);
@@ -3415,6 +3434,110 @@ print_subject32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
}
}
+static void
+print_upriv_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
+{
+
+ print_tok_type(fp, tok->id, "use of privilege", oflags);
+ if (oflags & AU_OFLAG_XML) {
+ open_attr(fp, "status");
+ if (tok->tt.priv.sorf)
+ (void) fprintf(fp, "successful use of priv");
+ else
+ (void) fprintf(fp, "failed use of priv");
+ close_attr(fp);
+ open_attr(fp, "name");
+ print_string(fp, tok->tt.priv.priv, tok->tt.priv.privstrlen);
+ close_attr(fp);
+ close_tag(fp, tok->id);
+ } else {
+ print_delim(fp, del);
+ if (tok->tt.priv.sorf)
+ (void) fprintf(fp, "successful use of priv");
+ else
+ (void) fprintf(fp, "failed use of priv");
+ print_delim(fp, del);
+ print_string(fp, tok->tt.priv.priv, tok->tt.priv.privstrlen);
+ }
+}
+
+/*
+ * status 1 byte
+ * privstrlen 2 bytes
+ * priv N bytes + 1 (\0 byte)
+ */
+static int
+fetch_priv_tok(tokenstr_t *tok, u_char *buf, int len)
+{
+ int err = 0;
+
+ READ_TOKEN_U_CHAR(buf, len, tok->tt.priv.sorf, tok->len, err);
+ if (err)
+ return (-1);
+ READ_TOKEN_U_INT16(buf, len, tok->tt.priv.privstrlen, tok->len, err);
+ if (err)
+ return (-1);
+ SET_PTR((char *)buf, len, tok->tt.priv.priv, tok->tt.priv.privstrlen,
+ tok->len, err);
+ if (err)
+ return (-1);
+ return (0);
+}
+
+/*
+ * privtstrlen 1 byte
+ * privtstr N bytes + 1
+ * privstrlen 1 byte
+ * privstr N bytes + 1
+ */
+static int
+fetch_privset_tok(tokenstr_t *tok, u_char *buf, int len)
+{
+ int err = 0;
+
+ READ_TOKEN_U_INT16(buf, len, tok->tt.privset.privtstrlen,
+ tok->len, err);
+ if (err)
+ return (-1);
+ SET_PTR((char *)buf, len, tok->tt.privset.privtstr,
+ tok->tt.privset.privtstrlen, tok->len, err);
+ if (err)
+ return (-1);
+ READ_TOKEN_U_INT16(buf, len, tok->tt.privset.privstrlen,
+ tok->len, err);
+ if (err)
+ return (-1);
+ SET_PTR((char *)buf, len, tok->tt.privset.privstr,
+ tok->tt.privset.privstrlen, tok->len, err);
+ if (err)
+ return (-1);
+ return (0);
+}
+
+static void
+print_privset_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
+{
+
+ print_tok_type(fp, tok->id, "privilege", oflags);
+ if (oflags & AU_OFLAG_XML) {
+ open_attr(fp, "type");
+ print_string(fp, tok->tt.privset.privtstr,
+ tok->tt.privset.privtstrlen);
+ close_attr(fp);
+ open_attr(fp, "priv");
+ print_string(fp, tok->tt.privset.privstr,
+ tok->tt.privset.privstrlen);
+ close_attr(fp);
+ } else {
+ print_delim(fp, del);
+ print_string(fp, tok->tt.privset.privtstr,
+ tok->tt.privset.privtstrlen);
+ print_delim(fp, del);
+ print_string(fp, tok->tt.privset.privstr,
+ tok->tt.privset.privstrlen);
+ }
+}
+
/*
* audit ID 4 bytes
* euid 4 bytes
@@ -3473,26 +3596,25 @@ fetch_subject64_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_subject64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_subject64_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "subject", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "subject", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "audit-uid");
- print_user(fp, tok->tt.subj64.auid, raw);
+ print_user(fp, tok->tt.subj64.auid, oflags);
close_attr(fp);
open_attr(fp, "uid");
- print_user(fp, tok->tt.subj64.euid, raw);
+ print_user(fp, tok->tt.subj64.euid, oflags);
close_attr(fp);
open_attr(fp, "gid");
- print_group(fp, tok->tt.subj64.egid, raw);
+ print_group(fp, tok->tt.subj64.egid, oflags);
close_attr(fp);
open_attr(fp, "ruid");
- print_user(fp, tok->tt.subj64.ruid, raw);
+ print_user(fp, tok->tt.subj64.ruid, oflags);
close_attr(fp);
open_attr(fp, "rgid");
- print_group(fp, tok->tt.subj64.rgid, raw);
+ print_group(fp, tok->tt.subj64.rgid, oflags);
close_attr(fp);
open_attr(fp, "pid");
print_4_bytes(fp, tok->tt.subj64.pid, "%u");
@@ -3507,15 +3629,15 @@ print_subject64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_user(fp, tok->tt.subj64.auid, raw);
+ print_user(fp, tok->tt.subj64.auid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.subj64.euid, raw);
+ print_user(fp, tok->tt.subj64.euid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.subj64.egid, raw);
+ print_group(fp, tok->tt.subj64.egid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.subj64.ruid, raw);
+ print_user(fp, tok->tt.subj64.ruid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.subj64.rgid, raw);
+ print_group(fp, tok->tt.subj64.rgid, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.subj64.pid, "%u");
print_delim(fp, del);
@@ -3600,26 +3722,25 @@ fetch_subject32ex_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_subject32ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_subject32ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "subject_ex", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "subject_ex", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "audit-uid");
- print_user(fp, tok->tt.subj32_ex.auid, raw);
+ print_user(fp, tok->tt.subj32_ex.auid, oflags);
close_attr(fp);
open_attr(fp, "uid");
- print_user(fp, tok->tt.subj32_ex.euid, raw);
+ print_user(fp, tok->tt.subj32_ex.euid, oflags);
close_attr(fp);
open_attr(fp, "gid");
- print_group(fp, tok->tt.subj32_ex.egid, raw);
+ print_group(fp, tok->tt.subj32_ex.egid, oflags);
close_attr(fp);
open_attr(fp, "ruid");
- print_user(fp, tok->tt.subj32_ex.ruid, raw);
+ print_user(fp, tok->tt.subj32_ex.ruid, oflags);
close_attr(fp);
open_attr(fp, "rgid");
- print_group(fp, tok->tt.subj32_ex.rgid, raw);
+ print_group(fp, tok->tt.subj32_ex.rgid, oflags);
close_attr(fp);
open_attr(fp, "pid");
print_4_bytes(fp, tok->tt.subj32_ex.pid, "%u");
@@ -3635,15 +3756,15 @@ print_subject32ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_user(fp, tok->tt.subj32_ex.auid, raw);
+ print_user(fp, tok->tt.subj32_ex.auid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.subj32_ex.euid, raw);
+ print_user(fp, tok->tt.subj32_ex.euid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.subj32_ex.egid, raw);
+ print_group(fp, tok->tt.subj32_ex.egid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.subj32_ex.ruid, raw);
+ print_user(fp, tok->tt.subj32_ex.ruid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.subj32_ex.rgid, raw);
+ print_group(fp, tok->tt.subj32_ex.rgid, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.subj32_ex.pid, "%u");
print_delim(fp, del);
@@ -3729,25 +3850,24 @@ fetch_subject64ex_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_subject64ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_subject64ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "subject_ex", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "subject_ex", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "audit-uid");
- print_user(fp, tok->tt.subj64_ex.auid, raw);
+ print_user(fp, tok->tt.subj64_ex.auid, oflags);
close_attr(fp);
open_attr(fp, "uid");
- print_user(fp, tok->tt.subj64_ex.euid, raw);
+ print_user(fp, tok->tt.subj64_ex.euid, oflags);
close_attr(fp);
open_attr(fp, "gid");
- print_group(fp, tok->tt.subj64_ex.egid, raw);
+ print_group(fp, tok->tt.subj64_ex.egid, oflags);
close_attr(fp);
open_attr(fp, "ruid");
- print_user(fp, tok->tt.subj64_ex.ruid, raw);
+ print_user(fp, tok->tt.subj64_ex.ruid, oflags);
close_attr(fp);
open_attr(fp, "rgid");
- print_group(fp, tok->tt.subj64_ex.rgid, raw);
+ print_group(fp, tok->tt.subj64_ex.rgid, oflags);
close_attr(fp);
open_attr(fp, "pid");
print_4_bytes(fp, tok->tt.subj64_ex.pid, "%u");
@@ -3763,15 +3883,15 @@ print_subject64ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
close_tag(fp, tok->id);
} else {
print_delim(fp, del);
- print_user(fp, tok->tt.subj64_ex.auid, raw);
+ print_user(fp, tok->tt.subj64_ex.auid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.subj64_ex.euid, raw);
+ print_user(fp, tok->tt.subj64_ex.euid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.subj64_ex.egid, raw);
+ print_group(fp, tok->tt.subj64_ex.egid, oflags);
print_delim(fp, del);
- print_user(fp, tok->tt.subj64_ex.ruid, raw);
+ print_user(fp, tok->tt.subj64_ex.ruid, oflags);
print_delim(fp, del);
- print_group(fp, tok->tt.subj64_ex.rgid, raw);
+ print_group(fp, tok->tt.subj64_ex.rgid, oflags);
print_delim(fp, del);
print_4_bytes(fp, tok->tt.subj64_ex.pid, "%u");
print_delim(fp, del);
@@ -3806,12 +3926,11 @@ fetch_text_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_text_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_text_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "text", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "text", oflags);
+ if (oflags & AU_OFLAG_XML) {
print_string(fp, tok->tt.text.text, tok->tt.text.len);
close_tag(fp, tok->id);
} else {
@@ -3891,8 +4010,7 @@ fetch_socketex32_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_socketex32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_socketex32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
/*
@@ -3901,8 +4019,8 @@ print_socketex32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
* these constants in the future, we may want to call conversion
* routines.
*/
- print_tok_type(fp, tok->id, "socket", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "socket", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "sock_dom");
print_2_bytes(fp, tok->tt.socket_ex32.domain, "%#x");
close_attr(fp);
@@ -3963,12 +4081,11 @@ fetch_invalid_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_invalid_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_invalid_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- if (!xml) {
- print_tok_type(fp, tok->id, "unknown", raw, 0);
+ if (!(oflags & AU_OFLAG_XML)) {
+ print_tok_type(fp, tok->id, "unknown", oflags);
print_delim(fp, del);
print_mem(fp, (u_char*)tok->tt.invalid.data,
tok->tt.invalid.length);
@@ -3996,12 +4113,11 @@ fetch_zonename_tok(tokenstr_t *tok, u_char *buf, int len)
}
static void
-print_zonename_tok(FILE *fp, tokenstr_t *tok, char *del, char raw,
- __unused char sfrm, int xml)
+print_zonename_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags)
{
- print_tok_type(fp, tok->id, "zone", raw, xml);
- if (xml) {
+ print_tok_type(fp, tok->id, "zone", oflags);
+ if (oflags & AU_OFLAG_XML) {
open_attr(fp, "name");
print_string(fp, tok->tt.zonename.zonename,
tok->tt.zonename.len);
@@ -4152,360 +4268,230 @@ au_fetch_tok(tokenstr_t *tok, u_char *buf, int len)
case AUT_ZONENAME:
return (fetch_zonename_tok(tok, buf, len));
+ case AUT_UPRIV:
+ return (fetch_priv_tok(tok, buf, len));
+
+ case AUT_PRIV:
+ return (fetch_privset_tok(tok, buf, len));
+
default:
return (fetch_invalid_tok(tok, buf, len));
}
}
-/*
- * 'prints' the token out to outfp.
- */
void
-au_print_tok(FILE *outfp, tokenstr_t *tok, char *del, char raw, char sfrm)
+au_print_flags_tok(FILE *outfp, tokenstr_t *tok, char *del, int oflags)
{
switch(tok->id) {
case AUT_HEADER32:
- print_header32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_header32_tok(outfp, tok, del, oflags);
return;
case AUT_HEADER32_EX:
- print_header32_ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_header32_ex_tok(outfp, tok, del, oflags);
return;
case AUT_HEADER64:
- print_header64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_header64_tok(outfp, tok, del, oflags);
return;
case AUT_HEADER64_EX:
- print_header64_ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_header64_ex_tok(outfp, tok, del, oflags);
return;
case AUT_TRAILER:
- print_trailer_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_trailer_tok(outfp, tok, del, oflags);
return;
case AUT_ARG32:
- print_arg32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_arg32_tok(outfp, tok, del, oflags);
return;
case AUT_ARG64:
- print_arg64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_arg64_tok(outfp, tok, del, oflags);
return;
case AUT_DATA:
- print_arb_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_arb_tok(outfp, tok, del, oflags);
return;
case AUT_ATTR32:
- print_attr32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_attr32_tok(outfp, tok, del, oflags);
return;
case AUT_ATTR64:
- print_attr64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_attr64_tok(outfp, tok, del, oflags);
return;
case AUT_EXIT:
- print_exit_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_exit_tok(outfp, tok, del, oflags);
return;
case AUT_EXEC_ARGS:
- print_execarg_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_execarg_tok(outfp, tok, del, oflags);
return;
case AUT_EXEC_ENV:
- print_execenv_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_execenv_tok(outfp, tok, del, oflags);
return;
case AUT_OTHER_FILE32:
- print_file_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_file_tok(outfp, tok, del, oflags);
return;
case AUT_NEWGROUPS:
- print_newgroups_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_newgroups_tok(outfp, tok, del, oflags);
return;
case AUT_IN_ADDR:
- print_inaddr_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_inaddr_tok(outfp, tok, del, oflags);
return;
case AUT_IN_ADDR_EX:
- print_inaddr_ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_inaddr_ex_tok(outfp, tok, del, oflags);
return;
case AUT_IP:
- print_ip_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_ip_tok(outfp, tok, del, oflags);
return;
case AUT_IPC:
- print_ipc_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_ipc_tok(outfp, tok, del, oflags);
return;
case AUT_IPC_PERM:
- print_ipcperm_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_ipcperm_tok(outfp, tok, del, oflags);
return;
case AUT_IPORT:
- print_iport_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_iport_tok(outfp, tok, del, oflags);
return;
case AUT_OPAQUE:
- print_opaque_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_opaque_tok(outfp, tok, del, oflags);
return;
case AUT_PATH:
- print_path_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_path_tok(outfp, tok, del, oflags);
return;
case AUT_PROCESS32:
- print_process32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_process32_tok(outfp, tok, del, oflags);
return;
case AUT_PROCESS32_EX:
- print_process32ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_process32ex_tok(outfp, tok, del, oflags);
return;
case AUT_PROCESS64:
- print_process64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_process64_tok(outfp, tok, del, oflags);
return;
case AUT_PROCESS64_EX:
- print_process64ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_process64ex_tok(outfp, tok, del, oflags);
return;
case AUT_RETURN32:
- print_return32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_return32_tok(outfp, tok, del, oflags);
return;
case AUT_RETURN64:
- print_return64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_return64_tok(outfp, tok, del, oflags);
return;
case AUT_SEQ:
- print_seq_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_seq_tok(outfp, tok, del, oflags);
return;
case AUT_SOCKET:
- print_socket_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_socket_tok(outfp, tok, del, oflags);
return;
case AUT_SOCKINET32:
- print_sock_inet32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_sock_inet32_tok(outfp, tok, del, oflags);
return;
case AUT_SOCKUNIX:
- print_sock_unix_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_sock_unix_tok(outfp, tok, del, oflags);
return;
case AUT_SOCKINET128:
- print_sock_inet128_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_sock_inet128_tok(outfp, tok, del, oflags);
return;
case AUT_SUBJECT32:
- print_subject32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_subject32_tok(outfp, tok, del, oflags);
return;
case AUT_SUBJECT64:
- print_subject64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_subject64_tok(outfp, tok, del, oflags);
return;
case AUT_SUBJECT32_EX:
- print_subject32ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_subject32ex_tok(outfp, tok, del, oflags);
return;
case AUT_SUBJECT64_EX:
- print_subject64ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_subject64ex_tok(outfp, tok, del, oflags);
return;
case AUT_TEXT:
- print_text_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_text_tok(outfp, tok, del, oflags);
return;
case AUT_SOCKET_EX:
- print_socketex32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_socketex32_tok(outfp, tok, del, oflags);
return;
case AUT_ZONENAME:
- print_zonename_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_zonename_tok(outfp, tok, del, oflags);
+ return;
+
+ case AUT_UPRIV:
+ print_upriv_tok(outfp, tok, del, oflags);
+ return;
+
+ case AUT_PRIV:
+ print_privset_tok(outfp, tok, del, oflags);
return;
default:
- print_invalid_tok(outfp, tok, del, raw, sfrm, AU_PLAIN);
+ print_invalid_tok(outfp, tok, del, oflags);
}
}
/*
- * 'prints' the token out to outfp in XML format.
+ * 'prints' the token out to outfp.
*/
void
-au_print_tok_xml(FILE *outfp, tokenstr_t *tok, char *del, char raw,
- char sfrm)
+au_print_tok(FILE *outfp, tokenstr_t *tok, char *del, char raw, char sfrm)
{
+ int oflags = AU_OFLAG_NONE;
- switch(tok->id) {
- case AUT_HEADER32:
- print_header32_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_HEADER32_EX:
- print_header32_ex_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_HEADER64:
- print_header64_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_HEADER64_EX:
- print_header64_ex_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_TRAILER:
- print_trailer_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_ARG32:
- print_arg32_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_ARG64:
- print_arg64_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_DATA:
- print_arb_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_ATTR32:
- print_attr32_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_ATTR64:
- print_attr64_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_EXIT:
- print_exit_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_EXEC_ARGS:
- print_execarg_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_EXEC_ENV:
- print_execenv_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_OTHER_FILE32:
- print_file_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_NEWGROUPS:
- print_newgroups_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_IN_ADDR:
- print_inaddr_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_IN_ADDR_EX:
- print_inaddr_ex_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_IP:
- print_ip_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_IPC:
- print_ipc_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_IPC_PERM:
- print_ipcperm_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_IPORT:
- print_iport_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_OPAQUE:
- print_opaque_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_PATH:
- print_path_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_PROCESS32:
- print_process32_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_PROCESS32_EX:
- print_process32ex_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_PROCESS64:
- print_process64_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_PROCESS64_EX:
- print_process64ex_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_RETURN32:
- print_return32_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_RETURN64:
- print_return64_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_SEQ:
- print_seq_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_SOCKET:
- print_socket_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_SOCKINET32:
- print_sock_inet32_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_SOCKUNIX:
- print_sock_unix_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_SUBJECT32:
- print_subject32_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_SUBJECT64:
- print_subject64_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_SUBJECT32_EX:
- print_subject32ex_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
-
- case AUT_SUBJECT64_EX:
- print_subject64ex_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
+ if (raw)
+ oflags |= AU_OFLAG_RAW;
+ if (sfrm)
+ oflags |= AU_OFLAG_SHORT;
- case AUT_TEXT:
- print_text_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
+ au_print_flags_tok(outfp, tok, del, oflags);
+}
- case AUT_SOCKET_EX:
- print_socketex32_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
+/*
+ * 'prints' the token out to outfp in XML format.
+ */
+void
+au_print_tok_xml(FILE *outfp, tokenstr_t *tok, char *del, char raw,
+ char sfrm)
+{
+ int oflags = AU_OFLAG_XML;
- case AUT_ZONENAME:
- print_zonename_tok(outfp, tok, del, raw, sfrm, AU_XML);
- return;
+ if (raw)
+ oflags |= AU_OFLAG_RAW;
+ if (sfrm)
+ oflags |= AU_OFLAG_SHORT;
- default:
- print_invalid_tok(outfp, tok, del, raw, sfrm, AU_XML);
- }
+ au_print_flags_tok(outfp, tok, del, oflags);
}
/*
@@ -4553,11 +4539,10 @@ au_read_rec(FILE *fp, u_char **buf)
return (-1);
}
- *buf = malloc(recsize * sizeof(u_char));
+ *buf = calloc(recsize, sizeof(u_char));
if (*buf == NULL)
return (-1);
bptr = *buf;
- memset(bptr, 0, recsize);
/* store the token contents already read, back to the buffer*/
*bptr = type;
OpenPOWER on IntegriCloud