6 files changed, 338 insertions, 87 deletions
diff --git a/contrib/openbsm/libbsm/au_control.3 b/contrib/openbsm/libbsm/au_control.3
index 0cd66f1..00a551e 100644
--- a/contrib/openbsm/libbsm/au_control.3
+++ b/contrib/openbsm/libbsm/au_control.3
@@ -23,7 +23,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#3 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#4 $
 .\"
 .Dd April 19, 2005
 .Dt AU_CONTROL 3
@@ -34,7 +34,10 @@
 .Nm getacdir ,
 .Nm getacmin ,
 .Nm getacflg ,
-.Nm getacna
+.Nm getacna ,
+.Nm getacpol ,
+.Nm au_poltostr
+.Nm au_strtopol
 .Nd "Look up information from the audit_control database"
 .Sh LIBRARY
 .Lb libbsm
@@ -52,6 +55,12 @@
 .Fn getacflg "char *auditstr" "int len"
 .Ft int
 .Fn getacna "char *auditstr" "int len"
+.Ft int
+.Fn getacpol "char *auditstr" "size_t len"
+.Ft ssize_t
+.Fn au_poltostr "long policy" "size_t maxsize" "char *buf"
+.Ft int
+.Fn au_strtopol "const char *polstr" "long *policy"
 .Sh DESCRIPTION
 These interfaces may be used to look up information from the
 .Xr audit_control 5
@@ -90,15 +99,42 @@ returns the non-attributable flags via the passed character buffer
 .Va auditstr
 of length
 .Va len .
+.Pp
+.Fn getacpol
+returns the audit policy flags via the passed character buffer
+.Va auditstr
+of length
+.Va len .
+.Pp
+.Fn au_poltostr
+converts a numeric audit policy mask,
+.Va policy ,
+value to a string in the passed character buffer
+.Va buf
+of lenth
+.Va maxsize .
+.Pp
+.Fn au_strtopol
+converts an audit policy flags string,
+.Va polstr ,
+to a numeric audit policy mask returned via
+.Va policy .
 .Sh RETURN VALULES
 .Fn getacdir ,
 .Fn getacmin ,
 .Fn getacflg ,
+.Fn getacna ,
+.Fn getacpol ,
 and
-.Fn getacna
+.Fn au_strtopol
 return 0 on success, or a negative value on failure, along with error
 information in
 .Va errno .
+.Pp
+.Fn au_poltostr
+returns a string length of 0 or more on success, or a negative value on
+if there is a failure.
+.Pp
 Functions that return a string value will return a failure if there is
 insufficient room in the passed character buffer for the full string.
 .Sh SEE ALSO
diff --git a/contrib/openbsm/libbsm/au_open.3 b/contrib/openbsm/libbsm/au_open.3
index 569940e..db9e9b3 100644
--- a/contrib/openbsm/libbsm/au_open.3
+++ b/contrib/openbsm/libbsm/au_open.3
@@ -23,16 +23,17 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_open.3#4 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_open.3#5 $
 .\"
 .Dd March 4, 2006
 .Dt AU_OPEN 3
 .Os
 .Sh NAME
-.Nm au_open ,
-.Nm au_write ,
 .Nm au_close ,
-.Nm au_close_buffer
+.Nm au_close_buffer ,
+.Nm au_close_token ,
+.Nm au_open ,
+.Nm au_write
 .Nd "Create and commit audit records"
 .Sh LIBRARY
 .Lb libbsm
@@ -120,6 +121,7 @@ return 0 on success, or a negative value on failure, along with error
 information in
 .Va errno .
 .Sh SEE ALSO
+.Xr audit_submit 3 ,
 .Xr libbsm 3
 .Sh AUTHORS
 This software was created by Robert Watson, Wayne Salamon, and Suresh
diff --git a/contrib/openbsm/libbsm/bsm_control.c b/contrib/openbsm/libbsm/bsm_control.c
index 438082b..ba643b2 100644
--- a/contrib/openbsm/libbsm/bsm_control.c
+++ b/contrib/openbsm/libbsm/bsm_control.c
@@ -1,5 +1,6 @@
 /*
  * Copyright (c) 2004 Apple Computer, Inc.
+ * Copyright (c) 2006 Robert N. M. Watson
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26,7 +27,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#13 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_control.c#15 $
  */
 
 #include <bsm/libbsm.h>
@@ -37,9 +38,14 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include <config/config.h>
+#ifndef HAVE_STRLCAT
+#include <compat/strlcat.h>
+#endif
+
 /*
  * Parse the contents of the audit_control file to return the audit control
- * parameters.
+ * parameters.  These static fields are protected by 'mutex'.
  */
 static FILE	*fp = NULL;
 static char	linestr[AU_LINE_MAX];
@@ -98,21 +104,223 @@ getstrfromtype_locked(char *name, char **str)
 }
 
 /*
+ * Convert a policy to a string.  Return -1 on failure, or >= 0 representing
+ * the actual size of the string placed in the buffer (excluding terminating
+ * nul).
+ */
+ssize_t
+au_poltostr(long policy, size_t maxsize, char *buf)
+{
+	int first;
+
+	if (maxsize < 1)
+		return (-1);
+	first = 1;
+	buf[0] = '\0';
+
+	if (policy & AUDIT_CNT) {
+		if (strlcat(buf, "cnt", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_AHLT) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "ahlt", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_ARGV) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "argv", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_ARGE) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "arge", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_SEQ) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "seq", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_WINDATA) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "windata", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_USER) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "user", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_GROUP) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "group", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_TRAIL) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "trail", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_PATH) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "path", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_SCNT) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "scnt", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_PUBLIC) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "public", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_ZONENAME) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "zonename", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	if (policy & AUDIT_PERZONE) {
+		if (!first) {
+			if (strlcat(buf, ",", maxsize) >= maxsize)
+				return (-1);
+		}
+		if (strlcat(buf, "perzone", maxsize) >= maxsize)
+			return (-1);
+		first = 0;
+	}
+	return (strlen(buf));
+}
+
+/*
+ * Convert a string to a policy.  Return -1 on failure (with errno EINVAL,
+ * ENOMEM) or 0 on success.
+ */
+int
+au_strtopol(const char *polstr, long *policy)
+{
+	char *bufp, *string;
+	char *buffer;
+
+	*policy = 0;
+	buffer = strdup(polstr);
+	if (buffer == NULL)
+		return (-1);
+
+	bufp = buffer;
+	while ((string = strsep(&bufp, ",")) != NULL) {
+		if (strcmp(string, "cnt") == 0)
+			*policy |= AUDIT_CNT;
+		else if (strcmp(string, "ahlt") == 0)
+			*policy |= AUDIT_AHLT;
+		else if (strcmp(string, "argv") == 0)
+			*policy |= AUDIT_ARGV;
+		else if (strcmp(string, "arge") == 0)
+			*policy |= AUDIT_ARGE;
+		else if (strcmp(string, "seq") == 0)
+			*policy |= AUDIT_SEQ;
+		else if (strcmp(string, "winau_fstat") == 0)
+			*policy |= AUDIT_WINDATA;
+		else if (strcmp(string, "user") == 0)
+			*policy |= AUDIT_USER;
+		else if (strcmp(string, "group") == 0)
+			*policy |= AUDIT_GROUP;
+		else if (strcmp(string, "trail") == 0)
+			*policy |= AUDIT_TRAIL;
+		else if (strcmp(string, "path") == 0)
+			*policy |= AUDIT_PATH;
+		else if (strcmp(string, "scnt") == 0)
+			*policy |= AUDIT_SCNT;
+		else if (strcmp(string, "public") == 0)
+			*policy |= AUDIT_PUBLIC;
+		else if (strcmp(string, "zonename") == 0)
+			*policy |= AUDIT_ZONENAME;
+		else if (strcmp(string, "perzone") == 0)
+			*policy |= AUDIT_PERZONE;
+		else {
+			free(buffer);
+			errno = EINVAL;
+			return (-1);
+		}
+	}
+	free(buffer);
+	return (0);
+}
+
+/*
  * Rewind the file pointer to beginning.
  */
-void
-setac(void)
+static void
+setac_locked(void)
 {
 
-	pthread_mutex_lock(&mutex);
 	ptrmoved = 1;
 	if (fp != NULL)
 		fseek(fp, 0, SEEK_SET);
+}
+
+void
+setac(void)
+{
+
+	pthread_mutex_lock(&mutex);
+	setac_locked();
 	pthread_mutex_unlock(&mutex);
 }
 
 /*
- * Close the audit_control file
+ * Close the audit_control file.
  */
 void
 endac(void)
@@ -136,72 +344,54 @@ getacdir(char *name, int len)
 	char *dir;
 	int ret = 0;
 
-	if (name == NULL) {
-		errno = EINVAL;
-		return (-2);
-	}
-
-	pthread_mutex_lock(&mutex);
-
 	/*
-	 * Check if another function was called between
-	 * successive calls to getacdir
+	 * Check if another function was called between successive calls to
+	 * getacdir.
 	 */
+	pthread_mutex_lock(&mutex);
 	if (inacdir && ptrmoved) {
 		ptrmoved = 0;
 		if (fp != NULL)
 			fseek(fp, 0, SEEK_SET);
 		ret = 2;
 	}
-
-
 	if (getstrfromtype_locked(DIR_CONTROL_ENTRY, &dir) < 0) {
 		pthread_mutex_unlock(&mutex);
 		return (-2);
 	}
-
-	pthread_mutex_unlock(&mutex);
-
-	if (dir == NULL)
+	if (dir == NULL) {
+		pthread_mutex_unlock(&mutex);
 		return (-1);
-
-	if (strlen(dir) >= len)
+	}
+	if (strlen(dir) >= len) {
+		pthread_mutex_unlock(&mutex);
 		return (-3);
-
+	}
 	strcpy(name, dir);
-
+	pthread_mutex_unlock(&mutex);
 	return (ret);
 }
 
 /*
- * Return the minimum free diskspace value from the audit control file
+ * Return the minimum free diskspace value from the audit control file.
  */
 int
 getacmin(int *min_val)
 {
 	char *min;
 
-	setac();
-
-	if (min_val == NULL) {
-		errno = EINVAL;
-		return (-2);
-	}
-
 	pthread_mutex_lock(&mutex);
-
+	setac_locked();
 	if (getstrfromtype_locked(MINFREE_CONTROL_ENTRY, &min) < 0) {
 		pthread_mutex_unlock(&mutex);
 		return (-2);
 	}
-
-	pthread_mutex_unlock(&mutex);
-
-	if (min == NULL)
+	if (min == NULL) {
+		pthread_mutex_unlock(&mutex);
 		return (1);
-
+	}
 	*min_val = atoi(min);
-
+	pthread_mutex_unlock(&mutex);
 	return (0);
 }
 
@@ -213,30 +403,22 @@ getacflg(char *auditstr, int len)
 {
 	char *str;
 
-	setac();
-
-	if (auditstr == NULL) {
-		errno = EINVAL;
-		return (-2);
-	}
-
 	pthread_mutex_lock(&mutex);
-
+	setac_locked();
 	if (getstrfromtype_locked(FLAGS_CONTROL_ENTRY, &str) < 0) {
 		pthread_mutex_unlock(&mutex);
 		return (-2);
 	}
-
-	pthread_mutex_unlock(&mutex);
-
-	if (str == NULL)
+	if (str == NULL) {
+		pthread_mutex_unlock(&mutex);
 		return (1);
-
-	if (strlen(str) >= len)
+	}
+	if (strlen(str) >= len) {
+		pthread_mutex_unlock(&mutex);
 		return (-3);
-
+	}
 	strcpy(auditstr, str);
-
+	pthread_mutex_unlock(&mutex);
 	return (0);
 }
 
@@ -248,28 +430,47 @@ getacna(char *auditstr, int len)
 {
 	char *str;
 
-	setac();
-
-	if (auditstr == NULL) {
-		errno = EINVAL;
-		return (-2);
-	}
-
 	pthread_mutex_lock(&mutex);
-
+	setac_locked();
 	if (getstrfromtype_locked(NA_CONTROL_ENTRY, &str) < 0) {
 		pthread_mutex_unlock(&mutex);
 		return (-2);
 	}
-	pthread_mutex_unlock(&mutex);
-
-	if (str == NULL)
+	if (str == NULL) {
+		pthread_mutex_unlock(&mutex);
 		return (1);
-
-	if (strlen(str) >= len)
+	}
+	if (strlen(str) >= len) {
+		pthread_mutex_unlock(&mutex);
 		return (-3);
-
+	}
 	strcpy(auditstr, str);
+	return (0);
+}
+
+/*
+ * Return the policy field from the audit control file.
+ */
+int
+getacpol(char *auditstr, size_t len)
+{
+	char *str;
 
+	pthread_mutex_lock(&mutex);
+	setac_locked();
+	if (getstrfromtype_locked(POLICY_CONTROL_ENTRY, &str) < 0) {
+		pthread_mutex_unlock(&mutex);
+		return (-2);
+	}
+	if (str == NULL) {
+		pthread_mutex_unlock(&mutex);
+		return (-1);
+	}
+	if (strlen(str) >= len) {
+		pthread_mutex_unlock(&mutex);
+		return (-3);
+	}
+	strcpy(auditstr, str);
+	pthread_mutex_unlock(&mutex);
 	return (0);
 }
diff --git a/contrib/openbsm/libbsm/bsm_io.c b/contrib/openbsm/libbsm/bsm_io.c
index 30639e6..2587735 100644
--- a/contrib/openbsm/libbsm/bsm_io.c
+++ b/contrib/openbsm/libbsm/bsm_io.c
@@ -31,7 +31,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#40 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#41 $
  */
 
 #include <sys/types.h>
@@ -1190,7 +1190,8 @@ fetch_execarg_tok(tokenstr_t *tok, char *buf, int len)
 
 	for (i = 0; i < tok->tt.execarg.count; i++) {
 		bptr = buf + tok->len;
-		tok->tt.execarg.text[i] = bptr;
+		if (i < AUDIT_MAX_ARGS)
+			tok->tt.execarg.text[i] = bptr;
 
 		/* Look for a null terminated string. */
 		while (bptr && (*bptr != '\0')) {
@@ -1202,6 +1203,8 @@ fetch_execarg_tok(tokenstr_t *tok, char *buf, int len)
 			return (-1);
 		tok->len++; /* \0 character */
 	}
+	if (tok->tt.execarg.count > AUDIT_MAX_ARGS)
+		tok->tt.execarg.count = AUDIT_MAX_ARGS;
 
 	return (0);
 }
@@ -1235,9 +1238,10 @@ fetch_execenv_tok(tokenstr_t *tok, char *buf, int len)
 	if (err)
 		return (-1);
 
-	for (i = 0; i< tok->tt.execenv.count; i++) {
+	for (i = 0; i < tok->tt.execenv.count; i++) {
 		bptr = buf + tok->len;
-		tok->tt.execenv.text[i] = bptr;
+		if (i < AUDIT_MAX_ENV)
+			tok->tt.execenv.text[i] = bptr;
 
 		/* Look for a null terminated string. */
 		while (bptr && (*bptr != '\0')) {
@@ -1249,6 +1253,8 @@ fetch_execenv_tok(tokenstr_t *tok, char *buf, int len)
 			return (-1);
 		tok->len++; /* \0 character */
 	}
+	if (tok->tt.execenv.count > AUDIT_MAX_ENV)
+		tok->tt.execenv.count = AUDIT_MAX_ENV;
 
 	return (0);
 }
diff --git a/contrib/openbsm/libbsm/bsm_token.c b/contrib/openbsm/libbsm/bsm_token.c
index f90cbc9..fecbeb8 100644
--- a/contrib/openbsm/libbsm/bsm_token.c
+++ b/contrib/openbsm/libbsm/bsm_token.c
@@ -30,7 +30,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#51 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#52 $
  */
 
 #include <sys/types.h>
@@ -71,7 +71,6 @@
 #include <string.h>
 #include <stdlib.h>
 #include <unistd.h>
-#include <sys/socketvar.h>
 
 #include <bsm/audit_internal.h>
 #include <bsm/libbsm.h>
diff --git a/contrib/openbsm/libbsm/libbsm.3 b/contrib/openbsm/libbsm/libbsm.3
index df0c3c1..3d9aadd 100644
--- a/contrib/openbsm/libbsm/libbsm.3
+++ b/contrib/openbsm/libbsm/libbsm.3
@@ -23,7 +23,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#5 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/libbsm.3#7 $
 .\"
 .Dd April 19, 2005
 .Dt LIBBSM 3
@@ -55,15 +55,18 @@ These are described respectively in the
 .Xr au_notify 3 ,
 .Xr au_stream 3 ,
 .Xr au_token 3 ,
+and
 .Xr au_user 3
-man pages.
+manual pages.
 .Ss Audit Event Stream Interfaces
 Audit event stream interfaces support interaction with file-backed audit
 event streams:
-.Xr au_close 3 .
+.Xr au_close 3 ,
+.Xr au_close_buffer 3 ,
 .Xr au_free_token 3 ,
 .Xr au_open 3 ,
 .Xr au_write 3 ,
+.Xr audit_submit 3 .
 .Ss Audit Class Interfaces
 Audit class interfaces support the look up of information from the
 .Xr audit_class 5
@@ -83,7 +86,10 @@ database:
 .Xr getacdir 3 ,
 .Xr getacflg 3 ,
 .Xr getacmin 3 ,
-.Xr getacna 3 .
+.Xr getacna 3 ,
+.Xr getacpol 3 ,
+.Xr au_poltostr 3 ,
+.Xr au_strtopol 3 .
 .Ss Audit Event Interfaces
 Audit event interfaces support the look up of information from the
 .Xr audit_event 5
@@ -188,6 +194,7 @@ database:
 .Xr au_stream 3 ,
 .Xr au_token 3 ,
 .Xr au_user 3 ,
+.Xr audit_submit 3 ,
 .Xr audit_class 5 ,
 .Xr audit_control 5
 .Sh AUTHORS