diff options
Diffstat (limited to 'contrib/openbsm/libbsm/bsm_io.c')
-rw-r--r-- | contrib/openbsm/libbsm/bsm_io.c | 1135 |
1 files changed, 560 insertions, 575 deletions
diff --git a/contrib/openbsm/libbsm/bsm_io.c b/contrib/openbsm/libbsm/bsm_io.c index 2dd1330..85fab59 100644 --- a/contrib/openbsm/libbsm/bsm_io.c +++ b/contrib/openbsm/libbsm/bsm_io.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2004-2008 Apple Inc. + * Copyright (c) 2004-2009 Apple Inc. * Copyright (c) 2005 SPARTA, Inc. * Copyright (c) 2006 Robert N. M. Watson * Copyright (c) 2006 Martin Voros @@ -16,7 +16,7 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of + * 3. Neither the name of Apple Inc. ("Apple") nor the names of * its contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * @@ -32,26 +32,29 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#63 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#75 $ */ #include <sys/types.h> #include <config/config.h> -#if defined(HAVE_SYS_ENDIAN_H) && defined(HAVE_BE32ENC) + +#ifdef USE_ENDIAN_H +#include <endian.h> +#endif +#ifdef USE_SYS_ENDIAN_H #include <sys/endian.h> -#else /* !HAVE_SYS_ENDIAN_H || !HAVE_BE32ENC */ -#ifdef HAVE_MACHINE_ENDIAN_H +#endif +#ifdef USE_MACHINE_ENDIAN_H #include <machine/endian.h> -#else /* !HAVE_MACHINE_ENDIAN_H */ -#ifdef HAVE_ENDIAN_H -#include <endian.h> -#else /* !HAVE_ENDIAN_H */ -#error "No supported endian.h" -#endif /* !HAVE_ENDIAN_H */ -#endif /* !HAVE_MACHINE_ENDIAN_H */ +#endif +#ifdef USE_COMPAT_ENDIAN_H #include <compat/endian.h> -#endif /* !HAVE_SYS_ENDIAN_H || !HAVE_BE32ENC */ +#endif +#ifdef USE_COMPAT_ENDIAN_ENC_H +#include <compat/endian_enc.h> +#endif + #ifdef HAVE_FULL_QUEUE_H #include <sys/queue.h> #else /* !HAVE_FULL_QUEUE_H */ @@ -74,6 +77,12 @@ #include <pwd.h> #include <grp.h> +#ifdef HAVE_VIS +#include <vis.h> +#else +#include <compat/vis.h> +#endif + #include <bsm/audit_internal.h> #define READ_TOKEN_BYTES(buf, len, dest, size, bytesread, err) do { \ @@ -106,7 +115,7 @@ (dest) = be32dec((buf) + (bytesread)); \ (bytesread) += sizeof(u_int32_t); \ } else \ - (err) = 1; \ + (err) = 1; \ } while (0) #define READ_TOKEN_U_INT64(buf, len, dest, bytesread, err) do { \ @@ -114,7 +123,7 @@ dest = be64dec((buf) + (bytesread)); \ (bytesread) += sizeof(u_int64_t); \ } else \ - (err) = 1; \ + (err) = 1; \ } while (0) #define SET_PTR(buf, len, ptr, size, bytesread, err) do { \ @@ -214,6 +223,51 @@ print_string(FILE *fp, const char *str, size_t len) } /* + * Prints the given data bytes as an XML-sanitized string. + */ +static void +print_xml_string(FILE *fp, const char *str, size_t len) +{ + u_int32_t i; + char visbuf[5]; + + if (len == 0) + return; + + for (i = 0; i < len; i++) { + switch (str[i]) { + case '\0': + return; + + case '&': + (void) fprintf(fp, "&"); + break; + + case '<': + (void) fprintf(fp, "<"); + break; + + case '>': + (void) fprintf(fp, ">"); + break; + + case '\"': + (void) fprintf(fp, """); + break; + + case '\'': + (void) fprintf(fp, "'"); + break; + + default: + (void) vis(visbuf, str[i], VIS_CSTYLE, 0); + (void) fprintf(fp, "%s", visbuf); + break; + } + } +} + +/* * Prints the beggining of attribute. */ static void @@ -407,10 +461,10 @@ close_tag(FILE *fp, u_char type) * Prints the token type in either the raw or the default form. */ static void -print_tok_type(FILE *fp, u_char type, const char *tokname, char raw, int xml) +print_tok_type(FILE *fp, u_char type, const char *tokname, int oflags) { - if (xml) { + if (oflags & AU_OFLAG_XML) { switch(type) { case AUT_HEADER32: fprintf(fp, "<record "); @@ -576,7 +630,7 @@ print_tok_type(FILE *fp, u_char type, const char *tokname, char raw, int xml) break; } } else { - if (raw) + if (oflags & AU_OFLAG_RAW) fprintf(fp, "%u", type); else fprintf(fp, "%s", tokname); @@ -587,11 +641,11 @@ print_tok_type(FILE *fp, u_char type, const char *tokname, char raw, int xml) * Prints a user value. */ static void -print_user(FILE *fp, u_int32_t usr, char raw) +print_user(FILE *fp, u_int32_t usr, int oflags) { struct passwd *pwent; - if (raw) + if (oflags & AU_OFLAG_RAW) fprintf(fp, "%d", usr); else { pwent = getpwuid(usr); @@ -606,11 +660,11 @@ print_user(FILE *fp, u_int32_t usr, char raw) * Prints a group value. */ static void -print_group(FILE *fp, u_int32_t grp, char raw) +print_group(FILE *fp, u_int32_t grp, int oflags) { struct group *grpent; - if (raw) + if (oflags & AU_OFLAG_RAW) fprintf(fp, "%d", grp); else { grpent = getgrgid(grp); @@ -626,7 +680,7 @@ print_group(FILE *fp, u_int32_t grp, char raw) * form. */ static void -print_event(FILE *fp, u_int16_t ev, char raw, char sfrm) +print_event(FILE *fp, u_int16_t ev, int oflags) { char event_ent_name[AU_EVENT_NAME_MAX]; char event_ent_desc[AU_EVENT_DESC_MAX]; @@ -644,9 +698,9 @@ print_event(FILE *fp, u_int16_t ev, char raw, char sfrm) return; } - if (raw) + if (oflags & AU_OFLAG_RAW) fprintf(fp, "%u", ev); - else if (sfrm) + else if (oflags & AU_OFLAG_SHORT) fprintf(fp, "%s", e.ae_name); else fprintf(fp, "%s", e.ae_desc); @@ -658,9 +712,9 @@ print_event(FILE *fp, u_int16_t ev, char raw, char sfrm) * raw form. */ static void -print_evmod(FILE *fp, u_int16_t evmod, char raw) +print_evmod(FILE *fp, u_int16_t evmod, int oflags) { - if (raw) + if (oflags & AU_OFLAG_RAW) fprintf(fp, "%u", evmod); else fprintf(fp, "%u", evmod); @@ -670,12 +724,12 @@ print_evmod(FILE *fp, u_int16_t evmod, char raw) * Prints seconds in the ctime format. */ static void -print_sec32(FILE *fp, u_int32_t sec, char raw) +print_sec32(FILE *fp, u_int32_t sec, int oflags) { time_t timestamp; char timestr[26]; - if (raw) + if (oflags & AU_OFLAG_RAW) fprintf(fp, "%u", sec); else { timestamp = (time_t)sec; @@ -690,12 +744,12 @@ print_sec32(FILE *fp, u_int32_t sec, char raw) * assume a 32-bit time_t, we simply truncate for now. */ static void -print_sec64(FILE *fp, u_int64_t sec, char raw) +print_sec64(FILE *fp, u_int64_t sec, int oflags) { time_t timestamp; char timestr[26]; - if (raw) + if (oflags & AU_OFLAG_RAW) fprintf(fp, "%u", (u_int32_t)sec); else { timestamp = (time_t)sec; @@ -709,9 +763,9 @@ print_sec64(FILE *fp, u_int64_t sec, char raw) * Prints the excess milliseconds. */ static void -print_msec32(FILE *fp, u_int32_t msec, char raw) +print_msec32(FILE *fp, u_int32_t msec, int oflags) { - if (raw) + if (oflags & AU_OFLAG_RAW) fprintf(fp, "%u", msec); else fprintf(fp, " + %u msec", msec); @@ -722,11 +776,11 @@ print_msec32(FILE *fp, u_int32_t msec, char raw) * a 32-bit msec, we simply truncate for now. */ static void -print_msec64(FILE *fp, u_int64_t msec, char raw) +print_msec64(FILE *fp, u_int64_t msec, int oflags) { msec &= 0xffffffff; - if (raw) + if (oflags & AU_OFLAG_RAW) fprintf(fp, "%u", (u_int32_t)msec); else fprintf(fp, " + %u msec", (u_int32_t)msec); @@ -776,11 +830,11 @@ print_ip_ex_address(FILE *fp, u_int32_t type, u_int32_t *ipaddr) * Prints return value as success or failure. */ static void -print_retval(FILE *fp, u_char status, char raw) +print_retval(FILE *fp, u_char status, int oflags) { int error; - if (raw) + if (oflags & AU_OFLAG_RAW) fprintf(fp, "%u", status); else { /* @@ -813,9 +867,9 @@ print_errval(FILE *fp, u_int32_t val) * Prints IPC type. */ static void -print_ipctype(FILE *fp, u_char type, char raw) +print_ipctype(FILE *fp, u_char type, int oflags) { - if (raw) + if (oflags & AU_OFLAG_RAW) fprintf(fp, "%u", type); else { if (type == AT_IPC_MSG) @@ -835,7 +889,7 @@ print_ipctype(FILE *fp, u_char type, char raw) void au_print_xml_header(FILE *outfp) { - + fprintf(outfp, "<?xml version='1.0' ?>\n"); fprintf(outfp, "<audit>\n"); } @@ -846,7 +900,7 @@ au_print_xml_header(FILE *outfp) void au_print_xml_footer(FILE *outfp) { - + fprintf(outfp, "</audit>\n"); } @@ -891,26 +945,25 @@ fetch_header32_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_header32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, char sfrm, - int xml) +print_header32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "header", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "header", oflags); + if (oflags & AU_OFLAG_RAW) { open_attr(fp, "version"); print_1_byte(fp, tok->tt.hdr32.version, "%u"); close_attr(fp); open_attr(fp, "event"); - print_event(fp, tok->tt.hdr32.e_type, raw, sfrm); + print_event(fp, tok->tt.hdr32.e_type, oflags); close_attr(fp); open_attr(fp, "modifier"); - print_evmod(fp, tok->tt.hdr32.e_mod, raw); + print_evmod(fp, tok->tt.hdr32.e_mod, oflags); close_attr(fp); open_attr(fp, "time"); - print_sec32(fp, tok->tt.hdr32.s, raw); + print_sec32(fp, tok->tt.hdr32.s, oflags); close_attr(fp); open_attr(fp, "msec"); - print_msec32(fp, tok->tt.hdr32.ms, 1); + print_msec32(fp, tok->tt.hdr32.ms, oflags); close_attr(fp); close_tag(fp, tok->id); } else { @@ -919,13 +972,13 @@ print_header32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, char sfrm, print_delim(fp, del); print_1_byte(fp, tok->tt.hdr32.version, "%u"); print_delim(fp, del); - print_event(fp, tok->tt.hdr32.e_type, raw, sfrm); + print_event(fp, tok->tt.hdr32.e_type, oflags); print_delim(fp, del); - print_evmod(fp, tok->tt.hdr32.e_mod, raw); + print_evmod(fp, tok->tt.hdr32.e_mod, oflags); print_delim(fp, del); - print_sec32(fp, tok->tt.hdr32.s, raw); + print_sec32(fp, tok->tt.hdr32.s, oflags); print_delim(fp, del); - print_msec32(fp, tok->tt.hdr32.ms, raw); + print_msec32(fp, tok->tt.hdr32.ms, oflags); } } @@ -999,30 +1052,29 @@ fetch_header32_ex_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_header32_ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - char sfrm, int xml) +print_header32_ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "header_ex", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "header_ex", oflags); + if (oflags & AU_OFLAG_RAW) { open_attr(fp, "version"); print_1_byte(fp, tok->tt.hdr32_ex.version, "%u"); close_attr(fp); open_attr(fp, "event"); - print_event(fp, tok->tt.hdr32_ex.e_type, raw, sfrm); + print_event(fp, tok->tt.hdr32_ex.e_type, oflags); close_attr(fp); open_attr(fp, "modifier"); - print_evmod(fp, tok->tt.hdr32_ex.e_mod, raw); + print_evmod(fp, tok->tt.hdr32_ex.e_mod, oflags); close_attr(fp); open_attr(fp, "host"); print_ip_ex_address(fp, tok->tt.hdr32_ex.ad_type, tok->tt.hdr32_ex.addr); close_attr(fp); open_attr(fp, "time"); - print_sec32(fp, tok->tt.hdr32_ex.s, raw); + print_sec32(fp, tok->tt.hdr32_ex.s, oflags); close_attr(fp); open_attr(fp, "msec"); - print_msec32(fp, tok->tt.hdr32_ex.ms, raw); + print_msec32(fp, tok->tt.hdr32_ex.ms, oflags); close_attr(fp); close_tag(fp, tok->id); } else { @@ -1031,16 +1083,16 @@ print_header32_ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, print_delim(fp, del); print_1_byte(fp, tok->tt.hdr32_ex.version, "%u"); print_delim(fp, del); - print_event(fp, tok->tt.hdr32_ex.e_type, raw, sfrm); + print_event(fp, tok->tt.hdr32_ex.e_type, oflags); print_delim(fp, del); - print_evmod(fp, tok->tt.hdr32_ex.e_mod, raw); + print_evmod(fp, tok->tt.hdr32_ex.e_mod, oflags); print_delim(fp, del); print_ip_ex_address(fp, tok->tt.hdr32_ex.ad_type, tok->tt.hdr32_ex.addr); print_delim(fp, del); - print_sec32(fp, tok->tt.hdr32_ex.s, raw); + print_sec32(fp, tok->tt.hdr32_ex.s, oflags); print_delim(fp, del); - print_msec32(fp, tok->tt.hdr32_ex.ms, raw); + print_msec32(fp, tok->tt.hdr32_ex.ms, oflags); } } @@ -1085,26 +1137,25 @@ fetch_header64_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_header64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, char sfrm, - int xml) +print_header64_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - - print_tok_type(fp, tok->id, "header", raw, xml); - if (xml) { + + print_tok_type(fp, tok->id, "header", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "version"); print_1_byte(fp, tok->tt.hdr64.version, "%u"); close_attr(fp); open_attr(fp, "event"); - print_event(fp, tok->tt.hdr64.e_type, raw, sfrm); + print_event(fp, tok->tt.hdr64.e_type, oflags); close_attr(fp); open_attr(fp, "modifier"); - print_evmod(fp, tok->tt.hdr64.e_mod, raw); + print_evmod(fp, tok->tt.hdr64.e_mod, oflags); close_attr(fp); open_attr(fp, "time"); - print_sec64(fp, tok->tt.hdr64.s, raw); + print_sec64(fp, tok->tt.hdr64.s, oflags); close_attr(fp); open_attr(fp, "msec"); - print_msec64(fp, tok->tt.hdr64.ms, raw); + print_msec64(fp, tok->tt.hdr64.ms, oflags); close_attr(fp); close_tag(fp, tok->id); } else { @@ -1113,13 +1164,13 @@ print_header64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, char sfrm, print_delim(fp, del); print_1_byte(fp, tok->tt.hdr64.version, "%u"); print_delim(fp, del); - print_event(fp, tok->tt.hdr64.e_type, raw, sfrm); + print_event(fp, tok->tt.hdr64.e_type, oflags); print_delim(fp, del); - print_evmod(fp, tok->tt.hdr64.e_mod, raw); + print_evmod(fp, tok->tt.hdr64.e_mod, oflags); print_delim(fp, del); - print_sec64(fp, tok->tt.hdr64.s, raw); + print_sec64(fp, tok->tt.hdr64.s, oflags); print_delim(fp, del); - print_msec64(fp, tok->tt.hdr64.ms, raw); + print_msec64(fp, tok->tt.hdr64.ms, oflags); } } @@ -1189,30 +1240,29 @@ fetch_header64_ex_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_header64_ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - char sfrm, int xml) +print_header64_ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "header_ex", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "header_ex", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "version"); print_1_byte(fp, tok->tt.hdr64_ex.version, "%u"); close_attr(fp); open_attr(fp, "event"); - print_event(fp, tok->tt.hdr64_ex.e_type, raw, sfrm); + print_event(fp, tok->tt.hdr64_ex.e_type, oflags); close_attr(fp); open_attr(fp, "modifier"); - print_evmod(fp, tok->tt.hdr64_ex.e_mod, raw); + print_evmod(fp, tok->tt.hdr64_ex.e_mod, oflags); close_attr(fp); open_attr(fp, "host"); print_ip_ex_address(fp, tok->tt.hdr64_ex.ad_type, tok->tt.hdr64_ex.addr); close_attr(fp); open_attr(fp, "time"); - print_sec64(fp, tok->tt.hdr64_ex.s, raw); + print_sec64(fp, tok->tt.hdr64_ex.s, oflags); close_attr(fp); open_attr(fp, "msec"); - print_msec64(fp, tok->tt.hdr64_ex.ms, raw); + print_msec64(fp, tok->tt.hdr64_ex.ms, oflags); close_attr(fp); close_tag(fp, tok->id); } else { @@ -1221,16 +1271,16 @@ print_header64_ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, print_delim(fp, del); print_1_byte(fp, tok->tt.hdr64_ex.version, "%u"); print_delim(fp, del); - print_event(fp, tok->tt.hdr64_ex.e_type, raw, sfrm); + print_event(fp, tok->tt.hdr64_ex.e_type, oflags); print_delim(fp, del); - print_evmod(fp, tok->tt.hdr64_ex.e_mod, raw); + print_evmod(fp, tok->tt.hdr64_ex.e_mod, oflags); print_delim(fp, del); print_ip_ex_address(fp, tok->tt.hdr64_ex.ad_type, tok->tt.hdr64_ex.addr); print_delim(fp, del); - print_sec64(fp, tok->tt.hdr64_ex.s, raw); + print_sec64(fp, tok->tt.hdr64_ex.s, oflags); print_delim(fp, del); - print_msec64(fp, tok->tt.hdr64_ex.ms, raw); + print_msec64(fp, tok->tt.hdr64_ex.ms, oflags); } } @@ -1255,12 +1305,11 @@ fetch_trailer_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_trailer_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_trailer_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "trailer", raw, xml); - if (!xml) { + print_tok_type(fp, tok->id, "trailer", oflags); + if (!(oflags & AU_OFLAG_XML)) { print_delim(fp, del); print_4_bytes(fp, tok->tt.trail.count, "%u"); } @@ -1298,12 +1347,11 @@ fetch_arg32_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_arg32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_arg32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "argument", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "argument", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "arg-num"); print_1_byte(fp, tok->tt.arg32.no, "%u"); close_attr(fp); @@ -1350,12 +1398,11 @@ fetch_arg64_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_arg64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_arg64_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "argument", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "argument", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "arg-num"); print_1_byte(fp, tok->tt.arg64.no, "%u"); close_attr(fp); @@ -1435,16 +1482,15 @@ fetch_arb_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { char *str; char *format; size_t size; int i; - print_tok_type(fp, tok->id, "arbitrary", raw, xml); - if (!xml) + print_tok_type(fp, tok->id, "arbitrary", oflags); + if (!(oflags & AU_OFLAG_XML)) print_delim(fp, del); switch(tok->tt.arb.howtopr) { @@ -1477,7 +1523,7 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, return; } - if (xml) { + if (oflags & AU_OFLAG_XML) { open_attr(fp, "print"); fprintf(fp, "%s",str); close_attr(fp); @@ -1490,7 +1536,7 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, /* case AUR_CHAR: */ str = "byte"; size = AUR_BYTE_SIZE; - if (xml) { + if (oflags & AU_OFLAG_XML) { open_attr(fp, "type"); fprintf(fp, "%zu", size); close_attr(fp); @@ -1516,7 +1562,7 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, case AUR_SHORT: str = "short"; size = AUR_SHORT_SIZE; - if (xml) { + if (oflags & AU_OFLAG_XML) { open_attr(fp, "type"); fprintf(fp, "%zu", size); close_attr(fp); @@ -1545,7 +1591,7 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, /* case AUR_INT: */ str = "int"; size = AUR_INT32_SIZE; - if (xml) { + if (oflags & AU_OFLAG_XML) { open_attr(fp, "type"); fprintf(fp, "%zu", size); close_attr(fp); @@ -1573,7 +1619,7 @@ print_arb_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, case AUR_INT64: str = "int64"; size = AUR_INT64_SIZE; - if (xml) { + if (oflags & AU_OFLAG_XML) { open_attr(fp, "type"); fprintf(fp, "%zu", size); close_attr(fp); @@ -1644,20 +1690,19 @@ fetch_attr32_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_attr32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_attr32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "attribute", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "attribute", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "mode"); print_4_bytes(fp, tok->tt.attr32.mode, "%o"); close_attr(fp); open_attr(fp, "uid"); - print_user(fp, tok->tt.attr32.uid, raw); + print_user(fp, tok->tt.attr32.uid, oflags); close_attr(fp); open_attr(fp, "gid"); - print_group(fp, tok->tt.attr32.gid, raw); + print_group(fp, tok->tt.attr32.gid, oflags); close_attr(fp); open_attr(fp, "fsid"); print_4_bytes(fp, tok->tt.attr32.fsid, "%u"); @@ -1673,9 +1718,9 @@ print_attr32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, print_delim(fp, del); print_4_bytes(fp, tok->tt.attr32.mode, "%o"); print_delim(fp, del); - print_user(fp, tok->tt.attr32.uid, raw); + print_user(fp, tok->tt.attr32.uid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.attr32.gid, raw); + print_group(fp, tok->tt.attr32.gid, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.attr32.fsid, "%u"); print_delim(fp, del); @@ -1726,20 +1771,19 @@ fetch_attr64_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_attr64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_attr64_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "attribute", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "attribute", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "mode"); print_4_bytes(fp, tok->tt.attr64.mode, "%o"); close_attr(fp); open_attr(fp, "uid"); - print_user(fp, tok->tt.attr64.uid, raw); + print_user(fp, tok->tt.attr64.uid, oflags); close_attr(fp); open_attr(fp, "gid"); - print_group(fp, tok->tt.attr64.gid, raw); + print_group(fp, tok->tt.attr64.gid, oflags); close_attr(fp); open_attr(fp, "fsid"); print_4_bytes(fp, tok->tt.attr64.fsid, "%u"); @@ -1755,9 +1799,9 @@ print_attr64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, print_delim(fp, del); print_4_bytes(fp, tok->tt.attr64.mode, "%o"); print_delim(fp, del); - print_user(fp, tok->tt.attr64.uid, raw); + print_user(fp, tok->tt.attr64.uid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.attr64.gid, raw); + print_group(fp, tok->tt.attr64.gid, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.attr64.fsid, "%u"); print_delim(fp, del); @@ -1788,12 +1832,11 @@ fetch_exit_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_exit_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_exit_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "exit", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "exit", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "errval"); print_errval(fp, tok->tt.exit.status); close_attr(fp); @@ -1846,16 +1889,15 @@ fetch_execarg_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_execarg_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_execarg_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { u_int32_t i; - print_tok_type(fp, tok->id, "exec arg", raw, xml); + print_tok_type(fp, tok->id, "exec arg", oflags); for (i = 0; i < tok->tt.execarg.count; i++) { - if (xml) { + if (oflags & AU_OFLAG_XML) { fprintf(fp, "<arg>"); - print_string(fp, tok->tt.execarg.text[i], + print_xml_string(fp, tok->tt.execarg.text[i], strlen(tok->tt.execarg.text[i])); fprintf(fp, "</arg>"); } else { @@ -1864,7 +1906,7 @@ print_execarg_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, strlen(tok->tt.execarg.text[i])); } } - if (xml) + if (oflags & AU_OFLAG_XML) close_tag(fp, tok->id); } @@ -1905,16 +1947,15 @@ fetch_execenv_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_execenv_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_execenv_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { u_int32_t i; - print_tok_type(fp, tok->id, "exec env", raw, xml); + print_tok_type(fp, tok->id, "exec env", oflags); for (i = 0; i< tok->tt.execenv.count; i++) { - if (xml) { + if (oflags & AU_OFLAG_XML) { fprintf(fp, "<env>"); - print_string(fp, tok->tt.execenv.text[i], + print_xml_string(fp, tok->tt.execenv.text[i], strlen(tok->tt.execenv.text[i])); fprintf(fp, "</env>"); } else { @@ -1923,7 +1964,7 @@ print_execenv_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, strlen(tok->tt.execenv.text[i])); } } - if (xml) + if (oflags & AU_OFLAG_XML) close_tag(fp, tok->id); } @@ -1959,26 +2000,25 @@ fetch_file_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_file_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_file_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "file", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "file", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "time"); - print_sec32(fp, tok->tt.file.s, raw); + print_sec32(fp, tok->tt.file.s, oflags); close_attr(fp); open_attr(fp, "msec"); - print_msec32(fp, tok->tt.file.ms, raw); + print_msec32(fp, tok->tt.file.ms, oflags); close_attr(fp); fprintf(fp, ">"); print_string(fp, tok->tt.file.name, tok->tt.file.len); close_tag(fp, tok->id); } else { print_delim(fp, del); - print_sec32(fp, tok->tt.file.s, raw); + print_sec32(fp, tok->tt.file.s, oflags); print_delim(fp, del); - print_msec32(fp, tok->tt.file.ms, raw); + print_msec32(fp, tok->tt.file.ms, oflags); print_delim(fp, del); print_string(fp, tok->tt.file.name, tok->tt.file.len); } @@ -2001,29 +2041,28 @@ fetch_newgroups_tok(tokenstr_t *tok, u_char *buf, int len) for (i = 0; i<tok->tt.grps.no; i++) { READ_TOKEN_U_INT32(buf, len, tok->tt.grps.list[i], tok->len, err); - if (err) - return (-1); + if (err) + return (-1); } return (0); } static void -print_newgroups_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_newgroups_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { int i; - print_tok_type(fp, tok->id, "group", raw, xml); + print_tok_type(fp, tok->id, "group", oflags); for (i = 0; i < tok->tt.grps.no; i++) { - if (xml) { + if (oflags & AU_OFLAG_XML) { fprintf(fp, "<gid>"); - print_group(fp, tok->tt.grps.list[i], raw); + print_group(fp, tok->tt.grps.list[i], oflags); fprintf(fp, "</gid>"); close_tag(fp, tok->id); } else { print_delim(fp, del); - print_group(fp, tok->tt.grps.list[i], raw); + print_group(fp, tok->tt.grps.list[i], oflags); } } } @@ -2046,12 +2085,11 @@ fetch_inaddr_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_inaddr_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_inaddr_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "ip addr", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "ip addr", oflags); + if (oflags & AU_OFLAG_XML) { print_ip_address(fp, tok->tt.inaddr.addr); close_tag(fp, tok->id); } else { @@ -2061,7 +2099,7 @@ print_inaddr_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, } /* - * type 4 bytes + * type 4 bytes * address 16 bytes */ static int @@ -2090,12 +2128,11 @@ fetch_inaddr_ex_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_inaddr_ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_inaddr_ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "ip addr ex", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "ip addr ex", oflags); + if (oflags & AU_OFLAG_XML) { print_ip_ex_address(fp, tok->tt.inaddr_ex.type, tok->tt.inaddr_ex.addr); close_tag(fp, tok->id); @@ -2164,12 +2201,11 @@ fetch_ip_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_ip_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_ip_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "ip", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "ip", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "version"); print_mem(fp, (u_char *)(&tok->tt.ip.version), sizeof(u_char)); @@ -2248,14 +2284,13 @@ fetch_ipc_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_ipc_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_ipc_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "IPC", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "IPC", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "ipc-type"); - print_ipctype(fp, tok->tt.ipc.type, raw); + print_ipctype(fp, tok->tt.ipc.type, oflags); close_attr(fp); open_attr(fp, "ipc-id"); print_4_bytes(fp, tok->tt.ipc.id, "%u"); @@ -2263,7 +2298,7 @@ print_ipc_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, close_tag(fp, tok->id); } else { print_delim(fp, del); - print_ipctype(fp, tok->tt.ipc.type, raw); + print_ipctype(fp, tok->tt.ipc.type, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.ipc.id, "%u"); } @@ -2315,23 +2350,22 @@ fetch_ipcperm_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_ipcperm_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_ipcperm_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "IPC perm", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "IPC perm", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "uid"); - print_user(fp, tok->tt.ipcperm.uid, raw); + print_user(fp, tok->tt.ipcperm.uid, oflags); close_attr(fp); open_attr(fp, "gid"); - print_group(fp, tok->tt.ipcperm.gid, raw); + print_group(fp, tok->tt.ipcperm.gid, oflags); close_attr(fp); open_attr(fp, "creator-uid"); - print_user(fp, tok->tt.ipcperm.puid, raw); + print_user(fp, tok->tt.ipcperm.puid, oflags); close_attr(fp); open_attr(fp, "creator-gid"); - print_group(fp, tok->tt.ipcperm.pgid, raw); + print_group(fp, tok->tt.ipcperm.pgid, oflags); close_attr(fp); open_attr(fp, "mode"); print_4_bytes(fp, tok->tt.ipcperm.mode, "%o"); @@ -2345,13 +2379,13 @@ print_ipcperm_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, close_tag(fp, tok->id); } else { print_delim(fp, del); - print_user(fp, tok->tt.ipcperm.uid, raw); + print_user(fp, tok->tt.ipcperm.uid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.ipcperm.gid, raw); + print_group(fp, tok->tt.ipcperm.gid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.ipcperm.puid, raw); + print_user(fp, tok->tt.ipcperm.puid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.ipcperm.pgid, raw); + print_group(fp, tok->tt.ipcperm.pgid, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.ipcperm.mode, "%o"); print_delim(fp, del); @@ -2378,12 +2412,11 @@ fetch_iport_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_iport_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_iport_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "ip port", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "ip port", oflags); + if (oflags & AU_OFLAG_XML) { print_2_bytes(fp, ntohs(tok->tt.iport.port), "%#x"); close_tag(fp, tok->id); } else { @@ -2414,12 +2447,11 @@ fetch_opaque_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_opaque_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_opaque_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "opaque", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "opaque", oflags); + if (oflags & AU_OFLAG_XML) { print_mem(fp, (u_char*)tok->tt.opaque.data, tok->tt.opaque.size); close_tag(fp, tok->id); @@ -2454,12 +2486,11 @@ fetch_path_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_path_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_path_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "path", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "path", oflags); + if (oflags & AU_OFLAG_XML) { print_string(fp, tok->tt.path.path, tok->tt.path.len); close_tag(fp, tok->id); } else { @@ -2527,26 +2558,25 @@ fetch_process32_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_process32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_process32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "process", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "process", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "audit-uid"); - print_user(fp, tok->tt.proc32.auid, raw); + print_user(fp, tok->tt.proc32.auid, oflags); close_attr(fp); open_attr(fp, "uid"); - print_user(fp, tok->tt.proc32.euid, raw); + print_user(fp, tok->tt.proc32.euid, oflags); close_attr(fp); open_attr(fp, "gid"); - print_group(fp, tok->tt.proc32.egid, raw); + print_group(fp, tok->tt.proc32.egid, oflags); close_attr(fp); open_attr(fp, "ruid"); - print_user(fp, tok->tt.proc32.ruid, raw); + print_user(fp, tok->tt.proc32.ruid, oflags); close_attr(fp); open_attr(fp, "rgid"); - print_group(fp, tok->tt.proc32.rgid, raw); + print_group(fp, tok->tt.proc32.rgid, oflags); close_attr(fp); open_attr(fp, "pid"); print_4_bytes(fp, tok->tt.proc32.pid, "%u"); @@ -2561,15 +2591,15 @@ print_process32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, close_tag(fp, tok->id); } else { print_delim(fp, del); - print_user(fp, tok->tt.proc32.auid, raw); + print_user(fp, tok->tt.proc32.auid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.proc32.euid, raw); + print_user(fp, tok->tt.proc32.euid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.proc32.egid, raw); + print_group(fp, tok->tt.proc32.egid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.proc32.ruid, raw); + print_user(fp, tok->tt.proc32.ruid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.proc32.rgid, raw); + print_group(fp, tok->tt.proc32.rgid, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.proc32.pid, "%u"); print_delim(fp, del); @@ -2640,25 +2670,24 @@ fetch_process64_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_process64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_process64_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "process", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "process", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "audit-uid"); - print_user(fp, tok->tt.proc64.auid, raw); + print_user(fp, tok->tt.proc64.auid, oflags); close_attr(fp); open_attr(fp, "uid"); - print_user(fp, tok->tt.proc64.euid, raw); + print_user(fp, tok->tt.proc64.euid, oflags); close_attr(fp); open_attr(fp, "gid"); - print_group(fp, tok->tt.proc64.egid, raw); + print_group(fp, tok->tt.proc64.egid, oflags); close_attr(fp); open_attr(fp, "ruid"); - print_user(fp, tok->tt.proc64.ruid, raw); + print_user(fp, tok->tt.proc64.ruid, oflags); close_attr(fp); open_attr(fp, "rgid"); - print_group(fp, tok->tt.proc64.rgid, raw); + print_group(fp, tok->tt.proc64.rgid, oflags); close_attr(fp); open_attr(fp, "pid"); print_4_bytes(fp, tok->tt.proc64.pid, "%u"); @@ -2673,15 +2702,15 @@ print_process64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, close_tag(fp, tok->id); } else { print_delim(fp, del); - print_user(fp, tok->tt.proc64.auid, raw); + print_user(fp, tok->tt.proc64.auid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.proc64.euid, raw); + print_user(fp, tok->tt.proc64.euid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.proc64.egid, raw); + print_group(fp, tok->tt.proc64.egid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.proc64.ruid, raw); + print_user(fp, tok->tt.proc64.ruid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.proc64.rgid, raw); + print_group(fp, tok->tt.proc64.rgid, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.proc64.pid, "%u"); print_delim(fp, del); @@ -2767,26 +2796,25 @@ fetch_process32ex_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_process32ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_process32ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "process_ex", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "process_ex", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "audit-uid"); - print_user(fp, tok->tt.proc32_ex.auid, raw); + print_user(fp, tok->tt.proc32_ex.auid, oflags); close_attr(fp); open_attr(fp, "uid"); - print_user(fp, tok->tt.proc32_ex.euid, raw); + print_user(fp, tok->tt.proc32_ex.euid, oflags); close_attr(fp); open_attr(fp, "gid"); - print_group(fp, tok->tt.proc32_ex.egid, raw); + print_group(fp, tok->tt.proc32_ex.egid, oflags); close_attr(fp); open_attr(fp, "ruid"); - print_user(fp, tok->tt.proc32_ex.ruid, raw); + print_user(fp, tok->tt.proc32_ex.ruid, oflags); close_attr(fp); open_attr(fp, "rgid"); - print_group(fp, tok->tt.proc32_ex.rgid, raw); + print_group(fp, tok->tt.proc32_ex.rgid, oflags); close_attr(fp); open_attr(fp, "pid"); print_4_bytes(fp, tok->tt.proc32_ex.pid, "%u"); @@ -2802,15 +2830,15 @@ print_process32ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, close_tag(fp, tok->id); } else { print_delim(fp, del); - print_user(fp, tok->tt.proc32_ex.auid, raw); + print_user(fp, tok->tt.proc32_ex.auid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.proc32_ex.euid, raw); + print_user(fp, tok->tt.proc32_ex.euid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.proc32_ex.egid, raw); + print_group(fp, tok->tt.proc32_ex.egid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.proc32_ex.ruid, raw); + print_user(fp, tok->tt.proc32_ex.ruid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.proc32_ex.rgid, raw); + print_group(fp, tok->tt.proc32_ex.rgid, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.proc32_ex.pid, "%u"); print_delim(fp, del); @@ -2897,25 +2925,24 @@ fetch_process64ex_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_process64ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_process64ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "process_ex", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "process_ex", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "audit-uid"); - print_user(fp, tok->tt.proc64_ex.auid, raw); + print_user(fp, tok->tt.proc64_ex.auid, oflags); close_attr(fp); open_attr(fp, "uid"); - print_user(fp, tok->tt.proc64_ex.euid, raw); + print_user(fp, tok->tt.proc64_ex.euid, oflags); close_attr(fp); open_attr(fp, "gid"); - print_group(fp, tok->tt.proc64_ex.egid, raw); + print_group(fp, tok->tt.proc64_ex.egid, oflags); close_attr(fp); open_attr(fp, "ruid"); - print_user(fp, tok->tt.proc64_ex.ruid, raw); + print_user(fp, tok->tt.proc64_ex.ruid, oflags); close_attr(fp); open_attr(fp, "rgid"); - print_group(fp, tok->tt.proc64_ex.rgid, raw); + print_group(fp, tok->tt.proc64_ex.rgid, oflags); close_attr(fp); open_attr(fp, "pid"); print_4_bytes(fp, tok->tt.proc64_ex.pid, "%u"); @@ -2931,15 +2958,15 @@ print_process64ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, close_tag(fp, tok->id); } else { print_delim(fp, del); - print_user(fp, tok->tt.proc64_ex.auid, raw); + print_user(fp, tok->tt.proc64_ex.auid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.proc64_ex.euid, raw); + print_user(fp, tok->tt.proc64_ex.euid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.proc64_ex.egid, raw); + print_group(fp, tok->tt.proc64_ex.egid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.proc64_ex.ruid, raw); + print_user(fp, tok->tt.proc64_ex.ruid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.proc64_ex.rgid, raw); + print_group(fp, tok->tt.proc64_ex.rgid, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.proc64_ex.pid, "%u"); print_delim(fp, del); @@ -2973,14 +3000,13 @@ fetch_return32_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_return32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_return32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "return", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "return", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp ,"errval"); - print_retval(fp, tok->tt.ret32.status, raw); + print_retval(fp, tok->tt.ret32.status, oflags); close_attr(fp); open_attr(fp, "retval"); print_4_bytes(fp, tok->tt.ret32.ret, "%u"); @@ -2988,7 +3014,7 @@ print_return32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, close_tag(fp, tok->id); } else { print_delim(fp, del); - print_retval(fp, tok->tt.ret32.status, raw); + print_retval(fp, tok->tt.ret32.status, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.ret32.ret, "%u"); } @@ -3011,14 +3037,13 @@ fetch_return64_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_return64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_return64_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "return", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "return", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "errval"); - print_retval(fp, tok->tt.ret64.err, raw); + print_retval(fp, tok->tt.ret64.err, oflags); close_attr(fp); open_attr(fp, "retval"); print_8_bytes(fp, tok->tt.ret64.val, "%lld"); @@ -3026,7 +3051,7 @@ print_return64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, close_tag(fp, tok->id); } else { print_delim(fp, del); - print_retval(fp, tok->tt.ret64.err, raw); + print_retval(fp, tok->tt.ret64.err, oflags); print_delim(fp, del); print_8_bytes(fp, tok->tt.ret64.val, "%lld"); } @@ -3048,12 +3073,11 @@ fetch_seq_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_seq_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_seq_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "sequence", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "sequence", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "seq-num"); print_4_bytes(fp, tok->tt.seq.seqno, "%u"); close_attr(fp); @@ -3093,12 +3117,11 @@ fetch_sock_inet32_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_sock_inet32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_sock_inet32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "socket-inet", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "socket-inet", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "type"); print_2_bytes(fp, tok->tt.sockinet_ex32.family, "%u"); close_attr(fp); @@ -3148,12 +3171,11 @@ fetch_sock_inet128_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_sock_inet128_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_sock_inet128_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "socket-inet6", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "socket-inet6", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "type"); print_2_bytes(fp, tok->tt.sockinet_ex32.family, "%u"); close_attr(fp); @@ -3192,7 +3214,7 @@ fetch_sock_unix_tok(tokenstr_t *tok, u_char *buf, int len) /* slen = strnlen((buf + tok->len), 104) + 1; */ p = (u_char *)memchr((const void *)(buf + tok->len), '\0', 104); - slen = (p ? (int)(p - (buf + tok->len)) : 104) + 1; + slen = (p ? (int)(p - (buf + tok->len)) : 104) + 1; READ_TOKEN_BYTES(buf, len, tok->tt.sockunix.path, slen, tok->len, err); if (err) @@ -3202,12 +3224,11 @@ fetch_sock_unix_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_sock_unix_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_sock_unix_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "socket-unix", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "socket-unix", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "type"); print_2_bytes(fp, tok->tt.sockunix.family, "%u"); close_attr(fp); @@ -3267,12 +3288,11 @@ fetch_socket_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_socket_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_socket_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "socket", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "socket", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "sock_type"); print_2_bytes(fp, tok->tt.socket.type, "%u"); close_attr(fp); @@ -3361,26 +3381,25 @@ fetch_subject32_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_subject32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_subject32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "subject", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "subject", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "audit-uid"); - print_user(fp, tok->tt.subj32.auid, raw); + print_user(fp, tok->tt.subj32.auid, oflags); close_attr(fp); open_attr(fp, "uid"); - print_user(fp, tok->tt.subj32.euid, raw); + print_user(fp, tok->tt.subj32.euid, oflags); close_attr(fp); open_attr(fp, "gid"); - print_group(fp, tok->tt.subj32.egid, raw); + print_group(fp, tok->tt.subj32.egid, oflags); close_attr(fp); open_attr(fp, "ruid"); - print_user(fp, tok->tt.subj32.ruid, raw); + print_user(fp, tok->tt.subj32.ruid, oflags); close_attr(fp); open_attr(fp, "rgid"); - print_group(fp, tok->tt.subj32.rgid, raw); + print_group(fp, tok->tt.subj32.rgid, oflags); close_attr(fp); open_attr(fp,"pid"); print_4_bytes(fp, tok->tt.subj32.pid, "%u"); @@ -3395,15 +3414,15 @@ print_subject32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, close_tag(fp, tok->id); } else { print_delim(fp, del); - print_user(fp, tok->tt.subj32.auid, raw); + print_user(fp, tok->tt.subj32.auid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.subj32.euid, raw); + print_user(fp, tok->tt.subj32.euid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.subj32.egid, raw); + print_group(fp, tok->tt.subj32.egid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.subj32.ruid, raw); + print_user(fp, tok->tt.subj32.ruid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.subj32.rgid, raw); + print_group(fp, tok->tt.subj32.rgid, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.subj32.pid, "%u"); print_delim(fp, del); @@ -3415,6 +3434,110 @@ print_subject32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, } } +static void +print_upriv_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) +{ + + print_tok_type(fp, tok->id, "use of privilege", oflags); + if (oflags & AU_OFLAG_XML) { + open_attr(fp, "status"); + if (tok->tt.priv.sorf) + (void) fprintf(fp, "successful use of priv"); + else + (void) fprintf(fp, "failed use of priv"); + close_attr(fp); + open_attr(fp, "name"); + print_string(fp, tok->tt.priv.priv, tok->tt.priv.privstrlen); + close_attr(fp); + close_tag(fp, tok->id); + } else { + print_delim(fp, del); + if (tok->tt.priv.sorf) + (void) fprintf(fp, "successful use of priv"); + else + (void) fprintf(fp, "failed use of priv"); + print_delim(fp, del); + print_string(fp, tok->tt.priv.priv, tok->tt.priv.privstrlen); + } +} + +/* + * status 1 byte + * privstrlen 2 bytes + * priv N bytes + 1 (\0 byte) + */ +static int +fetch_priv_tok(tokenstr_t *tok, u_char *buf, int len) +{ + int err = 0; + + READ_TOKEN_U_CHAR(buf, len, tok->tt.priv.sorf, tok->len, err); + if (err) + return (-1); + READ_TOKEN_U_INT16(buf, len, tok->tt.priv.privstrlen, tok->len, err); + if (err) + return (-1); + SET_PTR((char *)buf, len, tok->tt.priv.priv, tok->tt.priv.privstrlen, + tok->len, err); + if (err) + return (-1); + return (0); +} + +/* + * privtstrlen 1 byte + * privtstr N bytes + 1 + * privstrlen 1 byte + * privstr N bytes + 1 + */ +static int +fetch_privset_tok(tokenstr_t *tok, u_char *buf, int len) +{ + int err = 0; + + READ_TOKEN_U_INT16(buf, len, tok->tt.privset.privtstrlen, + tok->len, err); + if (err) + return (-1); + SET_PTR((char *)buf, len, tok->tt.privset.privtstr, + tok->tt.privset.privtstrlen, tok->len, err); + if (err) + return (-1); + READ_TOKEN_U_INT16(buf, len, tok->tt.privset.privstrlen, + tok->len, err); + if (err) + return (-1); + SET_PTR((char *)buf, len, tok->tt.privset.privstr, + tok->tt.privset.privstrlen, tok->len, err); + if (err) + return (-1); + return (0); +} + +static void +print_privset_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) +{ + + print_tok_type(fp, tok->id, "privilege", oflags); + if (oflags & AU_OFLAG_XML) { + open_attr(fp, "type"); + print_string(fp, tok->tt.privset.privtstr, + tok->tt.privset.privtstrlen); + close_attr(fp); + open_attr(fp, "priv"); + print_string(fp, tok->tt.privset.privstr, + tok->tt.privset.privstrlen); + close_attr(fp); + } else { + print_delim(fp, del); + print_string(fp, tok->tt.privset.privtstr, + tok->tt.privset.privtstrlen); + print_delim(fp, del); + print_string(fp, tok->tt.privset.privstr, + tok->tt.privset.privstrlen); + } +} + /* * audit ID 4 bytes * euid 4 bytes @@ -3473,26 +3596,25 @@ fetch_subject64_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_subject64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_subject64_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "subject", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "subject", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "audit-uid"); - print_user(fp, tok->tt.subj64.auid, raw); + print_user(fp, tok->tt.subj64.auid, oflags); close_attr(fp); open_attr(fp, "uid"); - print_user(fp, tok->tt.subj64.euid, raw); + print_user(fp, tok->tt.subj64.euid, oflags); close_attr(fp); open_attr(fp, "gid"); - print_group(fp, tok->tt.subj64.egid, raw); + print_group(fp, tok->tt.subj64.egid, oflags); close_attr(fp); open_attr(fp, "ruid"); - print_user(fp, tok->tt.subj64.ruid, raw); + print_user(fp, tok->tt.subj64.ruid, oflags); close_attr(fp); open_attr(fp, "rgid"); - print_group(fp, tok->tt.subj64.rgid, raw); + print_group(fp, tok->tt.subj64.rgid, oflags); close_attr(fp); open_attr(fp, "pid"); print_4_bytes(fp, tok->tt.subj64.pid, "%u"); @@ -3507,15 +3629,15 @@ print_subject64_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, close_tag(fp, tok->id); } else { print_delim(fp, del); - print_user(fp, tok->tt.subj64.auid, raw); + print_user(fp, tok->tt.subj64.auid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.subj64.euid, raw); + print_user(fp, tok->tt.subj64.euid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.subj64.egid, raw); + print_group(fp, tok->tt.subj64.egid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.subj64.ruid, raw); + print_user(fp, tok->tt.subj64.ruid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.subj64.rgid, raw); + print_group(fp, tok->tt.subj64.rgid, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.subj64.pid, "%u"); print_delim(fp, del); @@ -3600,26 +3722,25 @@ fetch_subject32ex_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_subject32ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_subject32ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "subject_ex", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "subject_ex", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "audit-uid"); - print_user(fp, tok->tt.subj32_ex.auid, raw); + print_user(fp, tok->tt.subj32_ex.auid, oflags); close_attr(fp); open_attr(fp, "uid"); - print_user(fp, tok->tt.subj32_ex.euid, raw); + print_user(fp, tok->tt.subj32_ex.euid, oflags); close_attr(fp); open_attr(fp, "gid"); - print_group(fp, tok->tt.subj32_ex.egid, raw); + print_group(fp, tok->tt.subj32_ex.egid, oflags); close_attr(fp); open_attr(fp, "ruid"); - print_user(fp, tok->tt.subj32_ex.ruid, raw); + print_user(fp, tok->tt.subj32_ex.ruid, oflags); close_attr(fp); open_attr(fp, "rgid"); - print_group(fp, tok->tt.subj32_ex.rgid, raw); + print_group(fp, tok->tt.subj32_ex.rgid, oflags); close_attr(fp); open_attr(fp, "pid"); print_4_bytes(fp, tok->tt.subj32_ex.pid, "%u"); @@ -3635,15 +3756,15 @@ print_subject32ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, close_tag(fp, tok->id); } else { print_delim(fp, del); - print_user(fp, tok->tt.subj32_ex.auid, raw); + print_user(fp, tok->tt.subj32_ex.auid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.subj32_ex.euid, raw); + print_user(fp, tok->tt.subj32_ex.euid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.subj32_ex.egid, raw); + print_group(fp, tok->tt.subj32_ex.egid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.subj32_ex.ruid, raw); + print_user(fp, tok->tt.subj32_ex.ruid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.subj32_ex.rgid, raw); + print_group(fp, tok->tt.subj32_ex.rgid, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.subj32_ex.pid, "%u"); print_delim(fp, del); @@ -3729,25 +3850,24 @@ fetch_subject64ex_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_subject64ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_subject64ex_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "subject_ex", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "subject_ex", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "audit-uid"); - print_user(fp, tok->tt.subj64_ex.auid, raw); + print_user(fp, tok->tt.subj64_ex.auid, oflags); close_attr(fp); open_attr(fp, "uid"); - print_user(fp, tok->tt.subj64_ex.euid, raw); + print_user(fp, tok->tt.subj64_ex.euid, oflags); close_attr(fp); open_attr(fp, "gid"); - print_group(fp, tok->tt.subj64_ex.egid, raw); + print_group(fp, tok->tt.subj64_ex.egid, oflags); close_attr(fp); open_attr(fp, "ruid"); - print_user(fp, tok->tt.subj64_ex.ruid, raw); + print_user(fp, tok->tt.subj64_ex.ruid, oflags); close_attr(fp); open_attr(fp, "rgid"); - print_group(fp, tok->tt.subj64_ex.rgid, raw); + print_group(fp, tok->tt.subj64_ex.rgid, oflags); close_attr(fp); open_attr(fp, "pid"); print_4_bytes(fp, tok->tt.subj64_ex.pid, "%u"); @@ -3763,15 +3883,15 @@ print_subject64ex_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, close_tag(fp, tok->id); } else { print_delim(fp, del); - print_user(fp, tok->tt.subj64_ex.auid, raw); + print_user(fp, tok->tt.subj64_ex.auid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.subj64_ex.euid, raw); + print_user(fp, tok->tt.subj64_ex.euid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.subj64_ex.egid, raw); + print_group(fp, tok->tt.subj64_ex.egid, oflags); print_delim(fp, del); - print_user(fp, tok->tt.subj64_ex.ruid, raw); + print_user(fp, tok->tt.subj64_ex.ruid, oflags); print_delim(fp, del); - print_group(fp, tok->tt.subj64_ex.rgid, raw); + print_group(fp, tok->tt.subj64_ex.rgid, oflags); print_delim(fp, del); print_4_bytes(fp, tok->tt.subj64_ex.pid, "%u"); print_delim(fp, del); @@ -3806,12 +3926,11 @@ fetch_text_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_text_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_text_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "text", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "text", oflags); + if (oflags & AU_OFLAG_XML) { print_string(fp, tok->tt.text.text, tok->tt.text.len); close_tag(fp, tok->id); } else { @@ -3891,8 +4010,7 @@ fetch_socketex32_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_socketex32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_socketex32_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { /* @@ -3901,8 +4019,8 @@ print_socketex32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, * these constants in the future, we may want to call conversion * routines. */ - print_tok_type(fp, tok->id, "socket", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "socket", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "sock_dom"); print_2_bytes(fp, tok->tt.socket_ex32.domain, "%#x"); close_attr(fp); @@ -3963,12 +4081,11 @@ fetch_invalid_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_invalid_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_invalid_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - if (!xml) { - print_tok_type(fp, tok->id, "unknown", raw, 0); + if (!(oflags & AU_OFLAG_XML)) { + print_tok_type(fp, tok->id, "unknown", oflags); print_delim(fp, del); print_mem(fp, (u_char*)tok->tt.invalid.data, tok->tt.invalid.length); @@ -3996,12 +4113,11 @@ fetch_zonename_tok(tokenstr_t *tok, u_char *buf, int len) } static void -print_zonename_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, - __unused char sfrm, int xml) +print_zonename_tok(FILE *fp, tokenstr_t *tok, char *del, int oflags) { - print_tok_type(fp, tok->id, "zone", raw, xml); - if (xml) { + print_tok_type(fp, tok->id, "zone", oflags); + if (oflags & AU_OFLAG_XML) { open_attr(fp, "name"); print_string(fp, tok->tt.zonename.zonename, tok->tt.zonename.len); @@ -4152,360 +4268,230 @@ au_fetch_tok(tokenstr_t *tok, u_char *buf, int len) case AUT_ZONENAME: return (fetch_zonename_tok(tok, buf, len)); + case AUT_UPRIV: + return (fetch_priv_tok(tok, buf, len)); + + case AUT_PRIV: + return (fetch_privset_tok(tok, buf, len)); + default: return (fetch_invalid_tok(tok, buf, len)); } } -/* - * 'prints' the token out to outfp. - */ void -au_print_tok(FILE *outfp, tokenstr_t *tok, char *del, char raw, char sfrm) +au_print_flags_tok(FILE *outfp, tokenstr_t *tok, char *del, int oflags) { switch(tok->id) { case AUT_HEADER32: - print_header32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_header32_tok(outfp, tok, del, oflags); return; case AUT_HEADER32_EX: - print_header32_ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_header32_ex_tok(outfp, tok, del, oflags); return; case AUT_HEADER64: - print_header64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_header64_tok(outfp, tok, del, oflags); return; case AUT_HEADER64_EX: - print_header64_ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_header64_ex_tok(outfp, tok, del, oflags); return; case AUT_TRAILER: - print_trailer_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_trailer_tok(outfp, tok, del, oflags); return; case AUT_ARG32: - print_arg32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_arg32_tok(outfp, tok, del, oflags); return; case AUT_ARG64: - print_arg64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_arg64_tok(outfp, tok, del, oflags); return; case AUT_DATA: - print_arb_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_arb_tok(outfp, tok, del, oflags); return; case AUT_ATTR32: - print_attr32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_attr32_tok(outfp, tok, del, oflags); return; case AUT_ATTR64: - print_attr64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_attr64_tok(outfp, tok, del, oflags); return; case AUT_EXIT: - print_exit_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_exit_tok(outfp, tok, del, oflags); return; case AUT_EXEC_ARGS: - print_execarg_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_execarg_tok(outfp, tok, del, oflags); return; case AUT_EXEC_ENV: - print_execenv_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_execenv_tok(outfp, tok, del, oflags); return; case AUT_OTHER_FILE32: - print_file_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_file_tok(outfp, tok, del, oflags); return; case AUT_NEWGROUPS: - print_newgroups_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_newgroups_tok(outfp, tok, del, oflags); return; case AUT_IN_ADDR: - print_inaddr_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_inaddr_tok(outfp, tok, del, oflags); return; case AUT_IN_ADDR_EX: - print_inaddr_ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_inaddr_ex_tok(outfp, tok, del, oflags); return; case AUT_IP: - print_ip_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_ip_tok(outfp, tok, del, oflags); return; case AUT_IPC: - print_ipc_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_ipc_tok(outfp, tok, del, oflags); return; case AUT_IPC_PERM: - print_ipcperm_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_ipcperm_tok(outfp, tok, del, oflags); return; case AUT_IPORT: - print_iport_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_iport_tok(outfp, tok, del, oflags); return; case AUT_OPAQUE: - print_opaque_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_opaque_tok(outfp, tok, del, oflags); return; case AUT_PATH: - print_path_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_path_tok(outfp, tok, del, oflags); return; case AUT_PROCESS32: - print_process32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_process32_tok(outfp, tok, del, oflags); return; case AUT_PROCESS32_EX: - print_process32ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_process32ex_tok(outfp, tok, del, oflags); return; case AUT_PROCESS64: - print_process64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_process64_tok(outfp, tok, del, oflags); return; case AUT_PROCESS64_EX: - print_process64ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_process64ex_tok(outfp, tok, del, oflags); return; case AUT_RETURN32: - print_return32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_return32_tok(outfp, tok, del, oflags); return; case AUT_RETURN64: - print_return64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_return64_tok(outfp, tok, del, oflags); return; case AUT_SEQ: - print_seq_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_seq_tok(outfp, tok, del, oflags); return; case AUT_SOCKET: - print_socket_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_socket_tok(outfp, tok, del, oflags); return; case AUT_SOCKINET32: - print_sock_inet32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_sock_inet32_tok(outfp, tok, del, oflags); return; case AUT_SOCKUNIX: - print_sock_unix_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_sock_unix_tok(outfp, tok, del, oflags); return; case AUT_SOCKINET128: - print_sock_inet128_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_sock_inet128_tok(outfp, tok, del, oflags); return; case AUT_SUBJECT32: - print_subject32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_subject32_tok(outfp, tok, del, oflags); return; case AUT_SUBJECT64: - print_subject64_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_subject64_tok(outfp, tok, del, oflags); return; case AUT_SUBJECT32_EX: - print_subject32ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_subject32ex_tok(outfp, tok, del, oflags); return; case AUT_SUBJECT64_EX: - print_subject64ex_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_subject64ex_tok(outfp, tok, del, oflags); return; case AUT_TEXT: - print_text_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_text_tok(outfp, tok, del, oflags); return; case AUT_SOCKET_EX: - print_socketex32_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_socketex32_tok(outfp, tok, del, oflags); return; case AUT_ZONENAME: - print_zonename_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_zonename_tok(outfp, tok, del, oflags); + return; + + case AUT_UPRIV: + print_upriv_tok(outfp, tok, del, oflags); + return; + + case AUT_PRIV: + print_privset_tok(outfp, tok, del, oflags); return; default: - print_invalid_tok(outfp, tok, del, raw, sfrm, AU_PLAIN); + print_invalid_tok(outfp, tok, del, oflags); } } /* - * 'prints' the token out to outfp in XML format. + * 'prints' the token out to outfp. */ void -au_print_tok_xml(FILE *outfp, tokenstr_t *tok, char *del, char raw, - char sfrm) +au_print_tok(FILE *outfp, tokenstr_t *tok, char *del, char raw, char sfrm) { + int oflags = AU_OFLAG_NONE; - switch(tok->id) { - case AUT_HEADER32: - print_header32_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_HEADER32_EX: - print_header32_ex_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_HEADER64: - print_header64_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_HEADER64_EX: - print_header64_ex_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_TRAILER: - print_trailer_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_ARG32: - print_arg32_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_ARG64: - print_arg64_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_DATA: - print_arb_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_ATTR32: - print_attr32_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_ATTR64: - print_attr64_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_EXIT: - print_exit_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_EXEC_ARGS: - print_execarg_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_EXEC_ENV: - print_execenv_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_OTHER_FILE32: - print_file_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_NEWGROUPS: - print_newgroups_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_IN_ADDR: - print_inaddr_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_IN_ADDR_EX: - print_inaddr_ex_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_IP: - print_ip_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_IPC: - print_ipc_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_IPC_PERM: - print_ipcperm_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_IPORT: - print_iport_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_OPAQUE: - print_opaque_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_PATH: - print_path_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_PROCESS32: - print_process32_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_PROCESS32_EX: - print_process32ex_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_PROCESS64: - print_process64_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_PROCESS64_EX: - print_process64ex_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_RETURN32: - print_return32_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_RETURN64: - print_return64_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_SEQ: - print_seq_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_SOCKET: - print_socket_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_SOCKINET32: - print_sock_inet32_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_SOCKUNIX: - print_sock_unix_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_SUBJECT32: - print_subject32_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_SUBJECT64: - print_subject64_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_SUBJECT32_EX: - print_subject32ex_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; - - case AUT_SUBJECT64_EX: - print_subject64ex_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; + if (raw) + oflags |= AU_OFLAG_RAW; + if (sfrm) + oflags |= AU_OFLAG_SHORT; - case AUT_TEXT: - print_text_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; + au_print_flags_tok(outfp, tok, del, oflags); +} - case AUT_SOCKET_EX: - print_socketex32_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; +/* + * 'prints' the token out to outfp in XML format. + */ +void +au_print_tok_xml(FILE *outfp, tokenstr_t *tok, char *del, char raw, + char sfrm) +{ + int oflags = AU_OFLAG_XML; - case AUT_ZONENAME: - print_zonename_tok(outfp, tok, del, raw, sfrm, AU_XML); - return; + if (raw) + oflags |= AU_OFLAG_RAW; + if (sfrm) + oflags |= AU_OFLAG_SHORT; - default: - print_invalid_tok(outfp, tok, del, raw, sfrm, AU_XML); - } + au_print_flags_tok(outfp, tok, del, oflags); } /* @@ -4553,11 +4539,10 @@ au_read_rec(FILE *fp, u_char **buf) return (-1); } - *buf = malloc(recsize * sizeof(u_char)); + *buf = calloc(recsize, sizeof(u_char)); if (*buf == NULL) return (-1); bptr = *buf; - memset(bptr, 0, recsize); /* store the token contents already read, back to the buffer*/ *bptr = type; |