token.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2003 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#ifndef lint
static char sccsid[] = "%Z%%M% %I% %E% SMI";
#endif
#include <string.h>
#include <stdlib.h>
#include <bsm/audit_record.h>
#include <stdio.h>
#include <errno.h>
#include <pwd.h>
#include <grp.h>
#include <netdb.h>
#include "praudit.h"
extern char *sys_errlist[];
extern int sys_nerr;
static int au_fetch_char();
static int au_fetch_short();
static int au_fetch_int32();
static int au_fetch_int64();
static int au_fetch_bytes();
static char *get_Hname();
static void convertascii();
static int convert_char_to_string();
static int convert_int32_to_string();
static int convert_int64_to_string();
static int convertbinary();
static char *hexconvert();
static char *pa_gettokenstring();
/*
* au_read_rec:
* If the file pointer or the record buffer passed in are NULL,
* free up the static space and return an error code < 0.
* Otherwise, attempt to read an audit record from the file pointer.
*
* If successful:
* Set recbuf to the pointer to the space holding the record.
* Advance in the stream(fp).
* Return 0.
*
* If failed:
* Don't alter recbuf.
* Don't advance the stream.
* Return error code < 0.
*/
int
{
static int cur_size = 0; /* size of p_space in bytes */
char tokenid; /* token (attribute) identifier */
long start_pos; /* initial position in fp */
int new_size; /* size of the new space in bytes */
cur_size = 0;
return (-1);
}
/*
* Use the adr routines for reading the audit trail.
* They have a bit of overhead, but the already do
* the byte stream conversions that we will need.
*/
/*
* Save the current position in the file.
* We`ll need to back up to here before
* reading in the entire record.
*/
/* Determine the amount of space needed for the record... */
/* Skip passed the token id */
return (-2);
}
/* Read in the size of the record */
return (-4);
}
} else if (tokenid == AUT_OTHER_FILE32) {
return (-5);
}
return (-6);
}
/* 11 is the size of an attr id, */
/* date&time32, and name length */
} else if (tokenid == AUT_OTHER_FILE64) {
return (-5);
}
return (-6);
}
/* 19 is the size of an date&time64 */
} else {
return (-7);
}
/* Go back to the starting point so we can read in the entire record */
/*
* If the current size of the static p_space cannot hold
* the entire record, make it larger.
*/
while (new_size < record_size) {
new_size += 512;
/*
* If we need more than a megabyte to hold a single record
* something is amiss.
*/
if (new_size > 1000000) {
return (-8);
}
}
cur_size = 0;
return (-9);
}
}
/* Do what we came here for; read an audit record */
return (-10);
}
/* Pad the buffer with zeroes */
return (0);
}
/*
* au_fetch_tok():
*
* Au_fetch_tok() behaves like strtok(3). On the first call, a buffer
* is passed in. On subsequent calls, NULL is passed in as buffer.
* Au_fetch_tok() manages the buffer pointer offset and returns tokens
* until the end of the buffer is reached. The user of the routine must
* guarantee that the buffer starts with and contains at least one full
* audit record. This type of assurance is provided by au_read_rec().
*/
int
{
static char *invalid_txt = "invalid token id";
static int len_invalid_txt = 17;
char *orig_buf; /* position in buf when fetch entered */
char *cur_buf; /* current location in buf */
int length;
int i;
int valid_id;
/* Check flags, one should be on. */
i = 0;
i++;
}
i++;
}
if (flags & AUF_COPY_IN) {
i++;
}
if (i != 1) {
return (-1);
}
/* Skip not implemented, yet */
return (-2);
}
} else {
}
valid_id = 1;
case AUT_OTHER_FILE32:
flags);
flags);
flags);
break;
case AUT_OTHER_FILE64:
flags);
flags);
flags);
break;
case AUT_HEADER32:
flags);
flags);
flags);
break;
case AUT_HEADER64:
flags);
flags);
flags);
break;
case AUT_TRAILER:
flags);
break;
case AUT_DATA:
flags);
flags);
flags);
break;
case AUT_IPC:
break;
case AUT_PATH:
flags);
break;
case AUT_SUBJECT32:
flags);
flags);
flags);
flags);
flags);
flags);
flags);
break;
case AUT_SUBJECT64:
flags);
flags);
flags);
flags);
flags);
flags);
flags);
break;
case AUT_PROCESS32:
flags);
flags);
flags);
flags);
flags);
flags);
case AUT_PROCESS64:
flags);
flags);
flags);
flags);
flags);
flags);
break;
case AUT_RETURN32:
flags);
flags);
break;
case AUT_RETURN64:
flags);
flags);
break;
case AUT_TEXT:
flags);
break;
case AUT_OPAQUE:
flags);
break;
case AUT_IN_ADDR:
break;
case AUT_IP:
flags);
flags);
flags);
flags);
flags);
flags);
flags);
flags);
break;
case AUT_IPORT:
flags);
break;
case AUT_ARG32:
flags);
flags);
flags);
case AUT_ARG64:
flags);
flags);
flags);
break;
case AUT_SOCKET:
flags);
flags);
flags);
break;
case AUT_SEQ:
flags);
break;
case AUT_ACL:
break;
case AUT_ATTR32:
flags);
flags);
flags);
flags);
flags);
flags);
case AUT_ATTR64:
flags);
flags);
flags);
flags);
flags);
flags);
break;
case AUT_IPC_PERM:
(void) au_fetch_int32(
(void) au_fetch_int32(
(void) au_fetch_int32(
(void) au_fetch_int32(
(void) au_fetch_int32(
(void) au_fetch_int32(
(void) au_fetch_int32(
break;
case AUT_GROUPS:
for (i = 0; i < NGROUPS_MAX; i++) {
}
break;
case AUT_EXIT:
flags);
flags);
break;
case AUT_UAUTH:
flags);
break;
case AUT_INVALID:
default:
valid_id = 0;
}
if (valid_id == 0) {
return (-3);
}
return (0);
}
{
(*buf)++;
return (0);
}
{
(*buf)++;
(*buf)++;
return (0);
}
{
int i;
for (i = 0; i < sizeof (int); i++) {
*result <<= 8;
(*buf)++;
}
return (0);
}
{
int i;
for (i = 0; i < sizeof (int64_t); i++) {
*result <<= 8;
(*buf)++;
}
return (0);
}
{
return (0);
}
return (0);
}
if (flags & AUF_COPY_IN) {
return (0);
}
return (-1);
}
/*
* The following defines and functions are for work with device major
* and minor numbers independently from libc, because it doesn't support
* such work for 32- and 64-bit format at the same time. This implementation
*/
static int32_t
{
return (NODEV);
}
}
static int32_t
{
return (NODEV);
}
}
static int32_t
{
return (NODEV);
}
}
static int32_t
{
return (NODEV);
}
}
int
{
char p[80];
int i;
char *p_data;
char c1;
short c2;
int c3;
char *hostname;
char *ipstring;
if (flags == 0)
case AUT_OTHER_FILE32: {
return (0);
}
case AUT_OTHER_FILE64: {
return (0);
}
case AUT_HEADER32: {
return (0);
}
case AUT_HEADER64: {
return (0);
}
case AUT_TRAILER:
return (-2);
}
return (0);
case AUT_DATA:
case AUP_BINARY:
s1 = "binary";
break;
case AUP_OCTAL:
s1 = "octal";
break;
case AUP_DECIMAL:
s1 = "decimal";
break;
case AUP_HEX:
s1 = "hex";
break;
case AUP_STRING:
s1 = "string";
break;
default:
s1 = "unknown print suggestion";
break;
}
/* case AUR_BYTE: */
case AUR_CHAR:
s2 = "char";
break;
case AUR_SHORT:
s2 = "short";
break;
case AUR_INT32:
s2 = "int32_t";
break;
case AUR_INT64:
s2 = "int64_t";
break;
default:
s2 = "unknown basic unit type";
break;
}
m);
case AUR_CHAR:
0) {
} else {
return (-3);
}
break;
case AUR_SHORT:
0) {
} else {
return (-4);
}
break;
case AUR_INT32:
0) {
} else {
return (-5);
}
break;
case AUR_INT64:
0) {
c3, p);
} else {
return (-9);
}
break;
default:
return (-6);
break;
}
}
return (0);
case AUT_IPC:
e);
return (0);
case AUT_PATH:
return (0);
case AUT_SUBJECT32:
s1 = "bad machine id";
}
"%s%s%s%d%s%d%s%d%s%d%s%d%s%d%s%d%s%d%s%d"
"%s%s%s%s%s", b, "subject32", m,
s1, e);
case AUT_SUBJECT64:
s1 = "bad machine id";
}
"%s%s%s%d%s%d%s%d%s%d%s%d%s%d%s%d%s%d%s%d"
"%s%s%s%s%s", b, "subject64", m,
s1, e);
return (0);
case AUT_PROCESS32:
s1 = "bad machine id";
}
"%s%s%s%d%s%d%s%d%s%d%s%d%s%d%s%d%s%d%s%d"
"%s%s%s%s%s", b, "process32", m,
s1, e);
return (0);
case AUT_PROCESS64:
s1 = "bad machine id";
}
"%s%s%s%d%s%d%s%d%s%d%s%d%s%d%s%d%s%d%s%d"
"%s%s%s%s%s", b, "process64", m,
s1, e);
return (0);
case AUT_RETURN32:
} else {
} else {
}
}
return (0);
case AUT_RETURN64:
} else {
} else {
}
}
return (0);
case AUT_TEXT:
return (0);
case AUT_OPAQUE:
b, "opaque", m,
s1, e);
return (0);
case AUT_IN_ADDR:
b, "ip address", m,
s1, e);
return (0);
case AUT_IP:
"%s%s%s%x%s%x%s%d%s%d%s%d%s%x%s%x%s%d%s%x%s%x%s",
return (0);
case AUT_IPORT:
return (0);
case AUT_ARG32:
return (0);
case AUT_ARG64:
return (0);
case AUT_SOCKET:
return (0);
case AUT_SEQ:
return (0);
case AUT_ACL:
setpwent();
else
endpwent();
setgrent();
else
endpwent();
} else {
}
return (0);
case AUT_ATTR32:
setpwent();
} else {
}
endpwent();
setgrent();
} else {
}
endgrent();
return (0);
case AUT_ATTR64:
setpwent();
} else {
}
endpwent();
setgrent();
} else {
}
endgrent();
return (0);
case AUT_IPC_PERM:
setpwent();
} else {
}
endpwent();
setgrent();
} else {
}
endgrent();
b, "IPC perm", m,
s3, m,
s4, m);
setpwent();
} else {
}
endpwent();
setgrent();
} else {
}
endgrent();
return (0);
case AUT_GROUPS:
for (i = 0; i < NGROUPS_MAX; i++) {
setgrent();
== NULL) {
} else {
}
endgrent();
i == NGROUPS_MAX - 1 ? m : e);
}
case AUT_EXIT:
} else {
}
return (0);
case AUT_UAUTH:
return (0);
case AUT_INVALID:
default:
return (-1);
break;
}
}
void
{
char *str;
char *prefix;
case AUT_ARG32:
prefix = "arg32";
break;
case AUT_ARG64:
prefix = "arg64";
break;
case AUT_ATTR32:
prefix = "attr32";
break;
case AUT_ATTR64:
prefix = "attr64";
break;
case AUT_DATA:
prefix = "data";
break;
case AUT_EXIT:
prefix = "exit";
break;
case AUT_GROUPS:
prefix = "groups";
break;
case AUT_HEADER32:
prefix = "header32";
break;
case AUT_HEADER64:
prefix = "header64";
break;
case AUT_INVALID:
prefix = "invalid";
break;
case AUT_IN_ADDR:
prefix = "in_addr";
break;
case AUT_IP:
prefix = "ip";
break;
case AUT_IPC:
prefix = "ipc";
break;
case AUT_IPC_PERM:
prefix = "ipc_perm";
break;
case AUT_IPORT:
prefix = "iport";
break;
case AUT_OPAQUE:
prefix = "opaque";
break;
case AUT_OTHER_FILE32:
prefix = "file32";
break;
case AUT_OTHER_FILE64:
prefix = "file364";
break;
case AUT_PATH:
prefix = "path";
break;
case AUT_PROCESS32:
prefix = "process32";
break;
case AUT_PROCESS64:
prefix = "process64";
break;
case AUT_RETURN32:
prefix = "return32";
break;
case AUT_RETURN64:
prefix = "return64";
break;
case AUT_SEQ:
prefix = "seq";
break;
case AUT_SOCKET:
prefix = "socket";
break;
case AUT_SUBJECT32:
prefix = "subject32";
break;
case AUT_SUBJECT64:
prefix = "subject64";
break;
case AUT_TEXT:
prefix = "text";
break;
case AUT_TRAILER:
prefix = "trailer";
break;
case AUT_UAUTH:
prefix = "uauth";
break;
default:
prefix = "invalid";
break;
}
}
/*
* Convert binary data to ASCII for printing.
*/
static void
convertascii(char *p, char *c, int size)
{
register int i;
for (i = 0; i < size; i++) {
*(c+i) = (char)toascii(*(c+i));
if ((int)iscntrl(*(c+i))) {
*p++ = '^';
*p++ = (char)(*(c+i)+0x40);
} else
*p++ = *(c+i);
}
*p = '\0';
}
/*
* =========================================================
* convert_char_to_string:
* Converts a byte to string depending on the print mode
* input : printmode, which may be one of AUP_BINARY,
* AUP_OCTAL, AUP_DECIMAL, and AUP_HEX
* c, which is the byte to convert
* output : p, which is a pointer to the location where
* the resulting string is to be stored
* ==========================================================
*/
static int
convert_char_to_string(char printmode, char c, char *p)
{
union {
char c1[4];
int c2;
} dat;
if (printmode == AUP_BINARY)
convertbinary(p, &c, sizeof (char));
else if (printmode == AUP_DECIMAL)
sprintf(p, "%d", c);
else if (printmode == AUP_STRING)
convertascii(p, &c, sizeof (char));
return (0);
}
/*
* ==============================================================
* convert_short_to_string:
* Converts a short integer to string depending on the print mode
* input : printmode, which may be one of AUP_BINARY,
* AUP_OCTAL, AUP_DECIMAL, and AUP_HEX
* c, which is the short integer to convert
* output : p, which is a pointer to the location where
* the resulting string is to be stored
* ===============================================================
*/
static int
convert_short_to_string(char printmode, short c, char *p)
{
union {
short c1[2];
int c2;
} dat;
if (printmode == AUP_BINARY)
convertbinary(p, &c, sizeof (short));
else if (printmode == AUP_DECIMAL)
sprintf(p, "%hd", c);
else if (printmode == AUP_STRING)
convertascii(p, &c, sizeof (short));
return (0);
}
/*
* =========================================================
* convert_intXX_to_string:
* Converts a integer to string depending on the print mode
* input : printmode, which may be one of AUP_BINARY,
* AUP_OCTAL, AUP_DECIMAL, and AUP_HEX
* c, which is the integer to convert
* output : p, which is a pointer to the location where
* the resulting string is to be stored
* ==========================================================
*/
static int
{
if (printmode == AUP_BINARY)
convertbinary(p, &c, sizeof (int32_t));
sprintf(p, "%o", c);
else if (printmode == AUP_DECIMAL)
sprintf(p, "%d", c);
sprintf(p, "0x%x", c);
else if (printmode == AUP_STRING)
convertascii(p, &c, sizeof (int32_t));
return (0);
}
static int
convert_int64_to_string(char printmode, int c, char *p)
{
if (printmode == AUP_BINARY)
convertbinary(p, &c, sizeof (int64_t));
else if (printmode == AUP_DECIMAL)
else if (printmode == AUP_STRING)
convertascii(p, &c, sizeof (int64_t));
return (0);
}
/*
* ===========================================================
* convertbinary:
* Converts a unit c of 'size' bytes long into a binary string
* and returns it into the position pointed to by p
* ============================================================
*/
static int
convertbinary(char *p, char *c, int size)
{
char *s, *t;
int i, j;
return (0);
/* first convert to binary */
t = s;
for (i = 0; i < size; i++) {
for (j = 0; j < 8; j++)
c++;
}
*t = '\0';
/* now string leading zero's if any */
j = strlen(s) - 1;
for (i = 0; i < j; i++) {
if (*s != '0')
break;
else
s++;
}
/* now copy the contents of s to p */
t = p;
if (*s == '\0') {
*t = '\0';
break;
}
*t++ = *s++;
}
free(s);
return (1);
}
static char *
{
register char *s, *t;
register int i, j, k;
int numchunks;
int leftovers;
return (NULL);
if (size <= 0)
return (NULL);
t = s;
for (i = j = 0; i < numchunks; i++) {
if (j++) {
*t = ' ';
t++;
}
(void) sprintf(t, "0x");
t += 2;
for (k = 0; k < chunk; k++) {
sprintf(t, "%02x", *c++);
t += 2;
}
}
if (leftovers) {
*t++ = ' ';
*t++ = '0';
*t++ = 'x';
for (i = 0; i < leftovers; i++) {
sprintf(t, "%02x", *c++);
t += 2;
}
}
*t = '\0';
return (s);
}
static char *
{
static char buf[256];
return (buf);
}
return (buf);
}
static char *
pa_gettokenstring(int tokenid)
{
int i;
struct tokentable *k;
for (i = 0; i < numtokenentries; i++) {
k = &(tokentab[i]);
return (k->tokentype);
}
/* here if token id is not in table */
return (NULL);
}