format.c revision f72effdea24d97a107b04e4b041cf5081dae0ee9
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#define _REENTRANT
#include <ctype.h>
#include <errno.h>
#include <grp.h>
#include <libintl.h>
#include <netdb.h>
#include <time.h>
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <wchar.h>
#include <bsm/audit_record.h>
#include <security/pam_appl.h>
#include <sys/inttypes.h>
#include <aclutils.h>
#include "praudit.h"
#include "toktable.h"
#include "adt_xlate.h"
static void convertascii(char *p, char *c, int size);
static int convertbinary(char *p, char *c, int size);
/*
* ------------------------------------------------------
* field widths for arbitrary data token type
* ------------------------------------------------------
*/
static struct fw {
char basic_unit;
struct {
char print_base;
int field_width;
} pwidth[5];
} fwidth[] = {
/* character data type, 8 bits */
AUP_OCTAL, 6,
AUP_DECIMAL, 6,
AUP_HEX, 6,
AUP_STRING, 1,
AUP_OCTAL, 6,
AUP_DECIMAL, 6,
AUP_HEX, 6,
AUP_STRING, 1,
AUP_OCTAL, 10,
AUP_DECIMAL, 10,
AUP_HEX, 8,
AUP_STRING, 6,
AUP_OCTAL, 18,
AUP_DECIMAL, 18,
AUP_HEX, 12,
AUP_STRING, 10,
AUP_OCTAL, 34,
AUP_DECIMAL, 34,
AUP_HEX, 20,
AUP_STRING, 20};
static int numwidthentries = sizeof (fwidth)
/ sizeof (struct fw);
/*
* -----------------------------------------------------------------------
* do_newline:
* Print a newline, if needed according to various formatting
* rules.
* return codes : 0 - success
* : -1 - error
* -----------------------------------------------------------------------
*/
int
{
int retstat = 0;
return (retstat);
}
int
{
int err = 0;
/* no-op if not doing XML format */
return (0);
/*
* First if needed do an implicit finish of a pending open for an
* extended tag. I.e., for the extended tag xxx:
* <xxx a=".." b=".."> ... </xxx>
* -- insert a close bracket after the last attribute
* (in other words, when the 1st non-attribute is opened while
* this is pending). Note that only one tag could be pending at
* a given time -- it couldn't be nested.
*/
/* complete pending extended open */
if (err != 0)
return (err);
context->pending_flag = 0;
}
/* File token or new record on new line */
/* Each token on new line if possible */
}
if (err != 0)
return (err);
case T_ATTRIBUTE:
break;
case T_ELEMENT:
break;
case T_ENCLOSED:
break;
case T_EXTENDED:
if (err == 0)
break;
default:
break;
}
return (err);
}
/*
* Do an implicit close of a record when needed.
*/
int
{
int err = 0;
/* no-op if not doing XML format */
return (0);
/*
* If we're opening a header or the file token (i.e., starting a new
* record), if there's a current record in progress do an implicit
* close of it.
*/
context->current_rec) {
if (err == 0)
}
return (err);
}
/*
* explicit finish of a pending open for an extended tag.
*/
int
{
int err = 0;
/* no-op if not doing XML format */
return (0);
if (context->pending_flag) {
/* complete pending extended open */
if (err == 0)
context->pending_flag = 0;
}
return (err);
}
int
{
int err = 0;
/* no-op if not doing XML format */
return (0);
case T_ATTRIBUTE:
break;
case T_ELEMENT:
break;
case T_ENCLOSED:
break;
case T_EXTENDED:
break;
default:
break;
}
return (err);
}
/*
* -----------------------------------------------------------------------
* process_tag:
* Calls the routine corresponding to the tag
* Note that to use this mechanism, all such routines must
* take 2 ints for their parameters; the first of these is
* the current status.
*
* flag = 1 for newline / delimiter, else 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
int retstat;
if (retstat)
return (retstat);
if (!retstat)
flag);
if (!retstat)
return (retstat);
}
/* here if token id is not in table */
"tag id %d\n"), tagnum);
return (0);
}
void
{
return;
}
}
void
{
int err;
} else
if (phe)
}
int
{
int returnstat;
char buf[256];
if (status < 0)
return (status);
return (returnstat);
} else {
return (-1);
}
return (returnstat);
}
int
{
int returnstat;
char buf[256];
if (status < 0)
return (status);
/* get ip type */
return (returnstat);
/* only IPv4 and IPv6 addresses are legal */
return (-1);
/* get ip address */
return (returnstat);
return (returnstat);
} else {
return (-1);
}
} else {
sizeof (buf));
}
}
if (returnstat != 0)
return (returnstat);
}
int
{
int returnstat;
short ip_type;
char buf[256];
if (status < 0)
return (status);
/* get ip type */
return (returnstat);
/* only IPv4 and IPv6 addresses are legal */
return (-1);
/* get local ip port */
return (returnstat);
return (returnstat);
sizeof (ip_port));
if (uval.string_val) {
} else
returnstat = -1;
if (returnstat)
return (returnstat);
return (returnstat);
/* get local ip address */
return (returnstat);
return (returnstat);
} else {
return (-1);
}
} else {
sizeof (buf));
}
} else
returnstat = -1;
if (returnstat)
return (returnstat);
return (returnstat);
/* get foreign ip port */
return (returnstat);
return (returnstat);
sizeof (ip_port));
if (uval.string_val) {
} else
returnstat = -1;
if (returnstat)
return (returnstat);
return (returnstat);
/* get foreign ip address */
return (returnstat);
return (returnstat);
} else {
return (-1);
}
} else {
sizeof (buf));
}
} else
returnstat = -1;
if (returnstat)
return (returnstat);
return (returnstat);
return (returnstat);
}
static int32_t
{
return (NODEV);
}
}
static int32_t
{
return (NODEV);
}
}
static int32_t
{
return (NODEV);
}
}
static int32_t
{
return (NODEV);
}
}
/*
* -----------------------------------------------------------------------
* pa_tid() : Process terminal id and display contents
* return codes : -1 - error
* : 0 - successful
*
* terminal id port adr_int32
* terminal id machine adr_int32
* -----------------------------------------------------------------------
*/
int
{
int returnstat;
char *ipstring;
char buf[256];
if (status < 0)
return (status);
return (returnstat);
return (returnstat);
char hostname[256];
hostname);
}
return (-1);
ipstring);
}
int
{
int returnstat;
char *ipstring;
char hostname[256];
char buf[256];
char tbuf[256];
if (status < 0)
return (status);
/* get port info */
return (returnstat);
/* get address type */
return (returnstat);
/* legal address types are either AU_IPv4 or AU_IPv6 only */
return (-1);
/* get address (4/16) */
return (returnstat);
hostname);
}
return (-1);
} else {
hostname);
}
sizeof (tbuf));
}
}
int
{
int returnstat;
char *ipstring;
char hostname[256];
char buf[256];
char tbuf[256];
if (status < 0)
return (status);
/* get address type */
return (returnstat);
/* legal address type is AU_IPv4 or AU_IPv6 */
return (-1);
/* get address (4/16) */
return (returnstat);
}
return (-1);
} else {
hostname);
}
sizeof (tbuf));
}
}
int
{
int returnstat;
char *ipstring;
char buf[256];
if (status < 0)
return (status);
return (returnstat);
return (returnstat);
char hostname[256];
}
return (-1);
}
int
{
int returnstat;
char *ipstring;
char hostname[256];
char buf[256];
char tbuf[256];
if (status < 0)
return (status);
/* get port info */
return (returnstat);
/* get address type */
return (returnstat);
/* legal address types are either AU_IPv4 or AU_IPv6 only */
return (-1);
/* get address (4/16) */
return (returnstat);
hostname);
}
return (-1);
} else {
hostname);
}
sizeof (tbuf));
}
}
/*
* ----------------------------------------------------------------
* findfieldwidth:
* Returns the field width based on the basic unit and print mode.
* This routine is called to determine the field width for the
* data items in the arbitrary data token where the tokens are
* to be printed in more than one line. The field width can be
* found in the fwidth structure.
*
* Input parameters:
* basicunit Can be one of AUR_CHAR, AUR_BYTE, AUR_SHORT,
* AUR_INT32, or AUR_INT64
* howtoprint Print mode. Can be one of AUP_BINARY, AUP_OCTAL,
* AUP_DECIMAL, or AUP_HEX.
* ----------------------------------------------------------------
*/
int
{
int i, j;
for (i = 0; i < numwidthentries; i++) {
for (j = 0; j <= 4; j++) {
howtoprint) {
return (
}
}
/*
* if we got here, then we didn't get what we were after
*/
return (0);
}
}
/* if we got here, we didn't get what we wanted either */
return (0);
}
/*
* -----------------------------------------------------------------------
* pa_cmd: Retrieves the cmd item from the input stream.
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
char *cmd; /* cmd */
short length;
int returnstat;
/*
* We need to know how much space to allocate for our string, so
* read the length first, then call pr_adr_char to read those bytes.
*/
if (status >= 0) {
return (-1);
} else {
returnstat = -1;
}
return (returnstat);
} else
return (-1);
} else
return (status);
}
/*
* -----------------------------------------------------------------------
* pa_adr_byte : Issues pr_adr_char to retrieve the next ADR item from
* the input stream pointed to by audit_adr, and prints it
* as an integer if status >= 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
char c;
if (status >= 0) {
} else
return (-1);
} else
return (status);
}
/*
* -----------------------------------------------------------------------
* pa_adr_charhex: Issues pr_adr_char to retrieve the next ADR item from
* the input stream pointed to by audit_adr, and prints it
* in hexadecimal if status >= 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
char p[2];
int returnstat;
if (status >= 0) {
p[0] = p[1] = 0;
sizeof (char));
if (uval.string_val) {
}
}
return (returnstat);
} else
return (status);
}
/*
* -----------------------------------------------------------------------
* pa_adr_int32 : Issues pr_adr_int32 to retrieve the next ADR item from the
* input stream pointed to by audit_adr, and prints it
* if status >= 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
int32_t c;
if (status >= 0) {
} else
return (-1);
} else
return (status);
}
/*
* -----------------------------------------------------------------------
* pa_adr_int64 : Issues pr_adr_int64 to retrieve the next ADR item from the
* input stream pointed to by audit_adr, and prints it
* if status >= 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
int64_t c;
if (status >= 0) {
} else
return (-1);
} else
return (status);
}
/*
* -----------------------------------------------------------------------
* pa_adr_int64hex: Issues pr_adr_int64 to retrieve the next ADR item from the
* input stream pointed to by audit_adr, and prints it
* in hexadecimal if status >= 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
int32_t l;
int returnstat;
if (status >= 0) {
}
return (returnstat);
} else
return (status);
}
/*
* -----------------------------------------------------------------------
* pa_adr_int64hex: Issues pr_adr_int64 to retrieve the next ADR item from the
* input stream pointed to by audit_adr, and prints it
* in hexadecimal if status >= 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
int64_t l;
int returnstat;
if (status >= 0) {
}
return (returnstat);
} else
return (status);
}
/*
* -------------------------------------------------------------------
* bu2string: Maps a print basic unit type to a string.
* returns : The string mapping or "unknown basic unit type".
* -------------------------------------------------------------------
*/
char *
bu2string(char basic_unit)
{
register int i;
struct bu_map_ent {
char basic_unit;
char *string;
};
/*
* TRANSLATION_NOTE
* These names are data units when displaying the arbitrary data
* token.
*/
static struct bu_map_ent bu_map[] = {
{ AUR_BYTE, "byte" },
{ AUR_CHAR, "char" },
{ AUR_SHORT, "short" },
{ AUR_INT32, "int32" },
{ AUR_INT64, "int64" } };
for (i = 0; i < sizeof (bu_map) / sizeof (struct bu_map_ent); i++)
return (gettext("unknown basic unit type"));
}
/*
* -------------------------------------------------------------------
* eventmodifier2string: Maps event modifier flags to a readable string.
* returns: The string mapping or "none".
* -------------------------------------------------------------------
*/
static void
{
register int i, j;
struct em_map_ent {
int mask;
char *string;
};
/*
* TRANSLATION_NOTE
* These abbreviations represent the event modifier field of the
* header token. To gain a better understanding of each modifier,
* read
* System Administration Guide: Security Services >> Solaris Auditing
* at http://docs.sun.com.
*/
static struct em_map_ent em_map[] = {
};
modstring[0] = '\0';
for (i = 0, j = 0; i < sizeof (em_map) / sizeof (struct em_map_ent);
i++) {
if (j++)
}
}
}
/*
* ---------------------------------------------------------
* convert_char_to_string:
* Converts a byte to string depending on the print mode
* input : printmode, which may be one of AUP_BINARY,
* AUP_OCTAL, AUP_DECIMAL, and AUP_HEX
* c, which is the byte to convert
* output : p, which is a pointer to the location where
* the resulting string is to be stored
* ----------------------------------------------------------
*/
int
convert_char_to_string(char printmode, char c, char *p)
{
union {
char c1[4];
int c2;
} dat;
if (printmode == AUP_BINARY)
(void) convertbinary(p, &c, sizeof (char));
else if (printmode == AUP_DECIMAL)
(void) sprintf(p, "%d", c);
else if (printmode == AUP_STRING)
convertascii(p, &c, sizeof (char));
return (0);
}
/*
* --------------------------------------------------------------
* convert_short_to_string:
* Converts a short integer to string depending on the print mode
* input : printmode, which may be one of AUP_BINARY,
* AUP_OCTAL, AUP_DECIMAL, and AUP_HEX
* c, which is the short integer to convert
* output : p, which is a pointer to the location where
* the resulting string is to be stored
* ---------------------------------------------------------------
*/
int
convert_short_to_string(char printmode, short c, char *p)
{
union {
short c1[2];
int c2;
} dat;
if (printmode == AUP_BINARY)
(void) convertbinary(p, (char *)&c, sizeof (short));
else if (printmode == AUP_DECIMAL)
(void) sprintf(p, "%hd", c);
else if (printmode == AUP_STRING)
convertascii(p, (char *)&c, sizeof (short));
return (0);
}
/*
* ---------------------------------------------------------
* convert_int32_to_string:
* Converts a integer to string depending on the print mode
* input : printmode, which may be one of AUP_BINARY,
* AUP_OCTAL, AUP_DECIMAL, and AUP_HEX
* c, which is the integer to convert
* output : p, which is a pointer to the location where
* the resulting string is to be stored
* ----------------------------------------------------------
*/
int
{
if (printmode == AUP_BINARY)
(void) convertbinary(p, (char *)&c, sizeof (int32_t));
(void) sprintf(p, "%o", c);
else if (printmode == AUP_DECIMAL)
(void) sprintf(p, "%d", c);
(void) sprintf(p, "0x%x", c);
else if (printmode == AUP_STRING)
convertascii(p, (char *)&c, sizeof (int));
return (0);
}
/*
* ---------------------------------------------------------
* convert_int64_to_string:
* Converts a integer to string depending on the print mode
* input : printmode, which may be one of AUP_BINARY,
* AUP_OCTAL, AUP_DECIMAL, and AUP_HEX
* c, which is the integer to convert
* output : p, which is a pointer to the location where
* the resulting string is to be stored
* ----------------------------------------------------------
*/
int
{
if (printmode == AUP_BINARY)
(void) convertbinary(p, (char *)&c, sizeof (int64_t));
else if (printmode == AUP_DECIMAL)
else if (printmode == AUP_STRING)
convertascii(p, (char *)&c, sizeof (int64_t));
return (0);
}
/*
* -----------------------------------------------------------
* convertbinary:
* Converts a unit c of 'size' bytes long into a binary string
* and returns it into the position pointed to by p
* ------------------------------------------------------------
*/
int
convertbinary(char *p, char *c, int size)
{
char *s, *t, *ss;
int i, j;
return (0);
ss = s;
/* first convert to binary */
t = s;
for (i = 0; i < size; i++) {
for (j = 0; j < 8; j++)
c++;
}
*t = '\0';
/* now string leading zero's if any */
j = strlen(s) - 1;
for (i = 0; i < j; i++) {
if (*s != '0')
break;
else
s++;
}
/* now copy the contents of s to p */
t = p;
if (*s == '\0') {
*t = '\0';
break;
}
*t++ = *s++;
}
return (1);
}
static char hex[] = "0123456789abcdef";
/*
* -------------------------------------------------------------------
* hexconvert : Converts a string of (size) bytes to hexadecimal, and
* returns the hexadecimal string.
* returns : - NULL if memory cannot be allocated for the string, or
* - pointer to the hexadecimal string if successful
* -------------------------------------------------------------------
*/
char *
{
register char *s, *t;
register int i, j, k;
int numchunks;
int leftovers;
if (size <= 0)
return (NULL);
return (NULL);
t = s;
for (i = j = 0; i < numchunks; i++) {
if (j++) {
*t++ = ' ';
}
*t++ = '0';
*t++ = 'x';
for (k = 0; k < chunk; k++) {
c++;
}
}
if (leftovers) {
*t++ = ' ';
*t++ = '0';
*t++ = 'x';
for (i = 0; i < leftovers; i++) {
c++;
}
}
*t = '\0';
return (s);
}
/*
* -------------------------------------------------------------------
* htp2string: Maps a print suggestion to a string.
* returns : The string mapping or "unknown print suggestion".
* -------------------------------------------------------------------
*/
char *
htp2string(char print_sugg)
{
register int i;
struct htp_map_ent {
char print_sugg;
char *print_string;
};
/*
* TRANSLATION_NOTE
* These names are data types when displaying the arbitrary data
* token.
*/
static struct htp_map_ent htp_map[] = {
{ AUP_BINARY, "binary" },
{ AUP_OCTAL, "octal" },
{ AUP_DECIMAL, "decimal" },
{ AUP_HEX, "hexadecimal" },
{ AUP_STRING, "string" } };
for (i = 0; i < sizeof (htp_map) / sizeof (struct htp_map_ent); i++)
return (gettext("unknown print suggestion"));
}
/*
* ----------------------------------------------------------------------
* pa_adr_short: Issues pr_adr_short to retrieve the next ADR item from the
* input stream pointed to by audit_adr, and prints it
* if status >= 0
* return codes: -1 - error
* : 0 - successful
* ----------------------------------------------------------------------
*/
int
{
short c;
if (status >= 0) {
} else
return (-1);
} else
return (status);
}
/*
* -----------------------------------------------------------------------
* pa_adr_shorthex: Issues pr_adr_short to retrieve the next ADR item from the
* input stream pointed to by audit_adr, and prints it
* in hexadecimal if status >= 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
short s;
int returnstat;
if (status >= 0) {
sizeof (s));
if (uval.string_val) {
}
}
return (returnstat);
} else
return (status);
}
/*
* -----------------------------------------------------------------------
* pa_adr_string: Retrieves a string from the input stream and prints it
* if status >= 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
char *c;
short length;
int returnstat;
/*
* We need to know how much space to allocate for our string, so
* read the length first, then call pr_adr_char to read those bytes.
*/
if (status < 0)
return (status);
return (returnstat);
return (-1);
free(c);
return (returnstat);
}
uval.string_val = c;
free(c);
return (returnstat);
}
/*
* -----------------------------------------------------------------------
* pa_file_string: Retrieves a file string from the input stream and prints it
* if status >= 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
char *c;
char *p;
short length;
int returnstat;
/*
* We need to know how much space to allocate for our string, so
* read the length first, then call pr_adr_char to read those bytes.
*/
if (status < 0)
return (status);
return (returnstat);
return (-1);
free(c);
return (-1);
}
free(c);
free(p);
return (returnstat);
}
uval.string_val = p;
if (returnstat == 0)
if (returnstat == 0)
free(c);
free(p);
return (returnstat);
}
static int
{
int err;
if (!printable) {
/*
* Unprintable chars should always be converted to the
* visible form. If there are unprintable characters which
* require special treatment in xml, those should be
* handled here.
*/
do {
(unsigned char)*str++);
return (err);
}
/* printable characters */
if (len == 1) {
/*
* check for the special chars only when char size was 1
* ie, ignore special chars appear in the middle of multibyte
* sequence.
*/
/* Escape for XML */
switch (*str) {
case '&':
break;
case '<':
break;
case '>':
break;
case '\"':
break;
case '\'':
break;
default:
break;
}
return (err);
}
do {
return (err);
}
static int
{
int err;
if (!printable) {
do {
(unsigned char)*str++);
return (err);
}
do {
return (err);
}
int
{
int mbmax = MB_CUR_MAX;
char c;
if (status < 0)
return (status);
if (mbmax == 1) {
while (wstat == 0) {
break;
if (c == '\0')
break;
}
goto done;
}
while (wstat == 0) {
rlen = 0;
do {
if (!eos) {
if (rstat != 0 || c == '\0')
eos = 1;
else
}
if (mlen == 0)
break; /* end of string */
if (rlen <= 0) { /* no good sequence */
rlen = 1;
printable = 0;
} else {
}
if (mlen > 0) {
for (i = 0; i < mlen; i++)
}
}
done:
if (wstat == 0)
}
/*
* -----------------------------------------------------------------------
* pa_adr_u_int32: Issues pr_adr_u_int32 to retrieve the next ADR item from
* the input stream pointed to by audit_adr, and prints it
* if status = 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
uint32_t c;
if (status >= 0) {
uval.uint32_val = c;
} else
return (-1);
} else
return (status);
}
/*
* -----------------------------------------------------------------------
* pa_adr_u_int64: Issues pr_adr_u_int64 to retrieve the next ADR item from the
* input stream pointed to by audit_adr, and prints it
* if status = 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
uint64_t c;
if (status >= 0) {
uval.uint64_val = c;
} else
return (-1);
} else
return (status);
}
/*
* -----------------------------------------------------------------------
* pa_adr_u_short: Issues pr_adr_u_short to retrieve the next ADR item from
* the input stream pointed to by audit_adr, and prints it
* if status = 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
ushort_t c;
if (status >= 0) {
uval.ushort_val = c;
} else
return (-1);
} else
return (status);
}
/*
* -----------------------------------------------------------------------
* pa_reclen: Issues pr_adr_u_long to retrieve the length of the record
* from the input stream pointed to by audit_adr,
* and prints it (unless format is XML) if status = 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
uint32_t c;
if (status >= 0) {
context->audit_rec_len = c;
/* Don't print this for XML format */
return (0);
} else {
uval.uint32_val = c;
}
} else
return (-1);
} else
return (status);
}
/*
* -----------------------------------------------------------------------
* pa_mode : Issues pr_adr_u_short to retrieve the next ADR item from
* the input stream pointed to by audit_adr, and prints it
* in octal if status = 0
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
uint32_t c;
if (status >= 0) {
uval.uint32_val = c;
} else
return (-1);
} else
return (status);
}
static int
{
int returnstat;
if (status < 0)
return (status);
/* get password file entry */
returnstat = 1;
} else {
/* print in ASCII form */
}
}
/* print in integer form */
}
return (returnstat);
}
/*
* -----------------------------------------------------------------------
* pa_pw_uid() : Issues pr_adr_u_int32 to reads uid from input stream
* pointed to by audit_adr, and displays it in either
* raw form or its ASCII representation, if status >= 0.
* return codes : -1 - error
* : 1 - warning, passwd entry not found
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
if (status < 0)
return (status);
/* cannot retrieve uid */
return (-1);
}
static int
{
int returnstat;
if (status < 0)
return (status);
/* get group file entry */
returnstat = 1;
} else {
/* print in ASCII form */
}
}
/* print in integer form */
}
return (returnstat);
}
/*
* -----------------------------------------------------------------------
* pa_gr_uid() : Issues pr_adr_u_int32 to reads group uid from input stream
* pointed to by audit_adr, and displays it in either
* raw form or its ASCII representation, if status >= 0.
* return codes : -1 - error
* : 1 - warning, passwd entry not found
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
if (status < 0)
return (status);
/* cannot retrieve gid */
return (-1);
}
/*
* -----------------------------------------------------------------------
* pa_pw_uid_gr_gid() : Issues pr_adr_u_int32 to reads uid or group uid
* from input stream
* pointed to by audit_adr, and displays it in either
* raw form or its ASCII representation, if status >= 0.
* return codes : -1 - error
* : 1 - warning, passwd entry not found
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
int returnstat;
if (status < 0)
return (status);
/* get value of a_type */
return (returnstat);
return (returnstat);
return (returnstat);
return (returnstat);
return (returnstat);
/*
* TRANSLATION_NOTE
* The "mask" and "other" strings refer to the class mask
* and other (or world) entries in an ACL.
* The "unrecognized" string refers to an unrecognized ACL
* entry.
*/
switch (value) {
case USER_OBJ:
case USER:
break;
case GROUP_OBJ:
case GROUP:
break;
case CLASS_OBJ:
if (returnstat != 0)
return (returnstat);
} else {
if ((returnstat =
return (returnstat);
}
}
break;
case OTHER_OBJ:
if (returnstat != 0)
return (returnstat);
} else {
if ((returnstat =
return (returnstat);
}
}
break;
default:
if (returnstat != 0)
return (returnstat);
} else {
if ((returnstat =
return (returnstat);
}
}
}
return (returnstat);
return (returnstat);
}
/*
* -----------------------------------------------------------------------
* pa_event_modifier(): Issues pr_adr_u_short to retrieve the next ADR item from
* the input stream pointed to by audit_adr. This is the
* event type, and is displayed in hex;
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
int returnstat;
char modstring[64];
if (status < 0)
return (status);
return (returnstat);
/* For XML, only print when modifier is non-zero */
if (returnstat >= 0) {
sizeof (modstring));
} else {
if (uval.string_val) {
flag);
}
}
}
if (returnstat >= 0)
}
return (returnstat);
}
/*
* -----------------------------------------------------------------------
* pa_event_type(): Issues pr_adr_u_short to retrieve the next ADR item from
* the input stream pointed to by audit_adr. This is the
* event type, and is displayed in either raw or
* ASCII form as appropriate
* return codes : -1 - error
* : 0 - successful
* -----------------------------------------------------------------------
*/
int
{
int returnstat;
if (status >= 0) {
} else {
}
else
} else {
gettext("invalid event number");
}
} else {
}
}
return (returnstat);
} else
return (status);
}
/*
* Print time from struct timeval to millisecond resolution.
*
* typedef long time_t; time of day in seconds
* typedef long useconds_t; signed # of microseconds
*
* struct timeval {
* time_t tv_sec; seconds
* suseconds_t tv_usec; and microseconds
* };
*/
int
{
}
/*
* Print time from timestruc_t to millisecond resolution.
*
* typedef struct timespec timestruct_t;
* struct timespec{
* time_t tv_sec; seconds
* long tv_nsec; and nanoseconds
* };
*/
int
{
}
/*
* Format the timezone +/- HH:MM and terminate the string
* Note tm and tv_sec are the same time.
* Too bad strftime won't produce an ISO 8601 time zone numeric
*/
static void
{
int min_off;
if (min_off < 0) {
*p++ = '-';
} else {
*p++ = '+';
}
*p++ = ':';
*p = '\0';
}
/*
* Format the milliseconds in place in the string.
* Borrowed from strftime.c:itoa()
*/
static void
{
}
/*
*/
static int
{
char time_created[sizeof ("YYYY-MM-DD HH:MM:SS.sss -HH:MM")];
int returnstat;
if (status < 0)
return (status);
return (returnstat);
return (returnstat);
(void) strftime(time_created,
sizeof ("YYYY-MM-DD HH:MM:SS.xxx "),
"%Y-%m-%d %H:%M:%S.xxx ", &tm);
sizeof ("YYYY-MM-DD HH:MM:SS.xxx ")-1]);
} else {
}
}
if (returnstat == 0)
else
return (returnstat);
}
/*
* Print time from struct timeval to millisecond resolution.
*
* typedef long time_t; time of day in seconds
* typedef long useconds_t; signed # of microseconds
*
* struct timeval {
* time_t tv_sec; seconds
* suseconds_t tv_usec; and microseconds
* };
*/
int
{
}
/*
* Print time from timestruc_t to millisecond resolution.
*
* typedef struct timespec timestruct_t;
* struct timespec{
* time_t tv_sec; seconds
* long tv_nsec; and nanoseconds
* };
*/
int
{
}
/*
* Format the milliseconds in place in the string.
* Borrowed from strftime.c:itoa()
*/
static void
{
}
/*
*/
static int
{
char time_created[sizeof ("YYYY-MM-DD HH:MM:SS.sss -HH:MM")];
int returnstat;
if (status < 0)
return (status);
return (returnstat);
return (returnstat);
#ifndef _LP64
/*
* N.B.
* This fails for years from 2038
* The Y2K+38 problem
*/
#endif /* !_LP64 */
(void) strftime(time_created,
sizeof ("YYYY-MM-DD HH:MM:SS.xxx "),
"%Y-%m-%d %H:%M:%S.xxx ", &tm);
sizeof ("YYYY-MM-DD HH:MM:SS.xxx ")-1]);
} else {
}
}
if (returnstat < 0)
return (returnstat);
}
/*
* -----------------------------------------------------------------------
* pa_error() : convert the return token error code.
*
* output : buf string representing return token error code.
*
* -----------------------------------------------------------------------
*/
void
{
if (err == ADT_SUCCESS) {
} else if ((char)err == ADT_FAILURE) {
} else {
} else {
}
}
}
/*
* -----------------------------------------------------------------------
* pa_retval() : convert the return token return value code.
*
* output : buf string representing return token error code.
*
* -----------------------------------------------------------------------
*/
void
{
buflen);
} else if ((retval >= ADT_FAIL_PAM) &&
buflen);
} else if ((char)err == ADT_FAILURE) {
} else {
}
} else {
}
}
/*
* -----------------------------------------------------------------------
* pa_printstr() : print a given string, translating unprintables
* : as needed.
*/
static int
{
int err = 0;
int mbmax = MB_CUR_MAX;
char c;
if (mbmax == 1) {
/* fast path */
c = *str++;
}
return (err);
}
if (len <= 0) {
len = 1;
printable = 0;
} else {
}
}
return (err);
}
/*
* -----------------------------------------------------------------------
* pa_print() : print as one str or formatted for easy reading.
* : flag - indicates whether to output a new line for
* : multi-line output.
* : = 0; no new line
* : = 1; new line if regular output
* output : The audit record information is displayed in the
* type specified by uvaltype and value specified in
* uval. The printing of the delimiter or newline is
* determined by PRF_ONELINE, and the flag value,
* as follows:
* +--------+------+------+-----------------+
* |ONELINE | flag | last | Action |
* +--------+------+------+-----------------+
* | Y | Y | T | print new line |
* | Y | Y | F | print delimiter |
* | Y | N | T | print new line |
* | Y | N | F | print delimiter |
* | N | Y | T | print new line |
* | N | Y | F | print new line |
* | N | N | T | print new line |
* | N | N | F | print delimiter |
* +--------+------+------+-----------------+
*
* return codes : -1 - error
* 0 - successful
* -----------------------------------------------------------------------
*/
int
{
int returnstat = 0;
int last;
case PRA_INT32:
break;
case PRA_UINT32:
break;
case PRA_INT64:
break;
case PRA_UINT64:
break;
case PRA_SHORT:
break;
case PRA_USHORT:
break;
case PRA_CHAR:
break;
case PRA_BYTE:
break;
case PRA_STRING:
break;
case PRA_HEX32:
break;
case PRA_HEX64:
break;
case PRA_SHEX:
break;
case PRA_OCT:
break;
case PRA_LOCT:
break;
default:
returnstat = -1;
break;
}
if (returnstat < 0)
return (returnstat);
else
} else {
if (!last)
else
}
}
return (returnstat);
}
static struct cntrl_mapping {
char from;
char to;
} cntrl_map[] = {
'\0', '0',
'\a', 'a',
'\b', 'b',
'\t', 't',
'\f', 'f',
'\n', 'n',
'\r', 'r',
'\v', 'v'
};
static int cntrl_map_entries = sizeof (cntrl_map)
/ sizeof (struct cntrl_mapping);
/*
* Convert binary data to ASCII for printing.
*/
void
convertascii(char *p, char *c, int size)
{
int i, j, uc;
for (i = 0; i < size; i++) {
uc = (unsigned char)*(c + i);
for (j = 0; j < cntrl_map_entries; j++) {
*p++ = '\\';
break;
}
}
if (j == cntrl_map_entries) {
*p++ = '^';
*p++ = (char)(uc ^ 0100);
}
} else {
*p++ = (char)uc;
}
} else {
}
}
*p = '\0';
}
/*
* -----------------------------------------------------------------------
* pa_xgeneric: Process Xobject token and display contents
* This routine will handle many of the attribute
* types introduced in TS 2.x, such as:
*
* AUT_XCOLORMAP, AUT_XCURSOR, AUT_XFONT,
* AUT_XGC, AUT_XPIXMAP, AUT_XWINDOW
*
* NOTE: At the time of call, the token id has been retrieved
*
* return codes : -1 - error
* : 0 - successful
* NOTE: At the time of call, the xatom token id has been retrieved
*
* Format of xobj
* text token id adr_char
* XID adr_u_int32
* creator uid adr_pw_uid
* -----------------------------------------------------------------------
*/
int
{
int returnstat;
}
/*
* ------------------------------------------------------------------------
* pa_liaison : Issues pr_adr_char to retrieve the next ADR item from the
* input stream pointed to by audit_adr, and prints it
* if status >= 0 either in ASCII or raw form
* return codes : -1 - error
* : 0 - successful
* : 1 - warning, unknown label type
* -----------------------------------------------------------------------
*/
int
{
int returnstat;
if (status >= 0) {
return (returnstat);
}
}
/* print in hexadecimal form */
}
return (returnstat);
} else
return (status);
}
/*
* ------------------------------------------------------------------------
* pa_xid : Issues pr_adr_int32 to retrieve the XID from the input
* stream pointed to by audit_adr, and prints it if
* status >= 0 either in ASCII or raw form
* return codes : -1 - error
* : 0 - successful
* : 1 - warning, unknown label type
* ------------------------------------------------------------------------
*/
int
{
int returnstat;
if (status < 0)
return (status);
/* get XID from stream */
return (returnstat);
sizeof (xid));
if (uval.string_val) {
}
} else {
}
return (returnstat);
}
static int
{
int returnstat;
if (status < 0)
return (status);
/*
* TRANSLATION_NOTE
*/
return (returnstat);
case ACE_OWNER:
break;
case ACE_GROUP | ACE_IDENTIFIER_GROUP:
break;
case ACE_IDENTIFIER_GROUP:
break;
case ACE_EVERYONE:
break;
case 0:
break;
default:
}
} else {
}
return (returnstat);
}
static int
{
int returnstat;
if (status < 0)
return (status);
/*
* TRANSLATION_NOTE
*/
return (returnstat);
case ACE_IDENTIFIER_GROUP: /* group id */
flag);
break;
default: /* user id */
flag);
break;
}
if (returnstat < 0)
return (returnstat);
}
/*
* Appends what to str, (re)allocating str if necessary.
*/
#define INITIAL_ALLOC 256
static int
{
char *s, *newstr;
s = *str;
if (s == NULL) {
s = malloc(INITIAL_ALLOC);
if (s == NULL) {
*alloc = 0;
return (-1);
}
*alloc = INITIAL_ALLOC;
s[0] = '\0';
*str = s;
}
return (-1);
s = newstr;
*str = s;
}
return (0);
}
static int
{
int returnstat, i;
size_t permstr_alloc = 0;
if (status < 0)
return (status);
/*
* TRANSLATION_NOTE
*/
return (returnstat);
for (i = 0; i < 14; i++)
permstr[i] = '-';
permstr[0] = 'r';
/*
* Note this differs from acltext.c:ace_perm_txt()
* because we don't know if the acl belongs to a file
* or directory. ace mask value are the same
*/
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
if (returnstat != 0)
return (returnstat);
}
static int
{
int returnstat;
if (status < 0)
return (status);
/*
* TRANSLATION_NOTE
*/
return (returnstat);
break;
break;
break;
break;
default:
}
} else {
}
return (returnstat);
}
int
{
int returnstat;
if (status < 0)
return (status);
return (returnstat);
return (returnstat);
return (returnstat);
return (returnstat);
return (returnstat);
return (returnstat);
returnstat, 0)) != 0)
return (returnstat);
}