From owner-p4-projects@FreeBSD.ORG Mon Jun 16 01:05:38 2008 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 938DF106566C; Mon, 16 Jun 2008 01:05:38 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3D619106567F for ; Mon, 16 Jun 2008 01:05:38 +0000 (UTC) (envelope-from snagg@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 291488FC18 for ; Mon, 16 Jun 2008 01:05:38 +0000 (UTC) (envelope-from snagg@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id m5G15cER023250 for ; Mon, 16 Jun 2008 01:05:38 GMT (envelope-from snagg@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.1/8.14.1/Submit) id m5G15cxu023248 for perforce@freebsd.org; Mon, 16 Jun 2008 01:05:38 GMT (envelope-from snagg@FreeBSD.org) Date: Mon, 16 Jun 2008 01:05:38 GMT Message-Id: <200806160105.m5G15cxu023248@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to snagg@FreeBSD.org using -f From: Vincenzo Iozzo To: Perforce Change Reviews Cc: Subject: PERFORCE change 143560 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Jun 2008 01:05:38 -0000 http://perforce.freebsd.org/chv.cgi?CH=143560 Change 143560 by snagg@snagg_macosx on 2008/06/16 01:04:51 Some functionalities for the testing framework Affected files ... .. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.c#2 edit .. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.h#1 add Differences ... ==== //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.c#2 (text+ko) ==== @@ -1,64 +1,47 @@ -/*- - * Copyright (c) 2008 Vincenzo Iozzo - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ +#include "audit_pipe_regression_test_utils.h" -#include -#include -#include -#include -#include +struct audit_record *del_record_au(struct audit_record *head, int index) +{ + struct audit_record *tmp; + struct audit_record *p; + + tmp = head; + if(tmp == NULL) + return NULL; + for(; tmp->next != NULL; tmp = tmp->next) + { + if(tmp->next->index == index) { + p = tmp->next; + tmp->next = tmp->next->next; + free(p); + return head; + } + } + + return NULL; +} + +struct audit_record +*add_field_au(struct audit_record *head, struct audit_record *new) +{ + struct audit_record *tmp; + + tmp = head; + if(tmp == NULL) { + new->next = NULL; + return new; + } + + for(; tmp->next != NULL;tmp = tmp->next); + + new->index = tmp->index +1; + tmp->next= new; + new->next = NULL; + + return head; +} -#include -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#define AUDIT_BUFFER_LEN 65536 -#define SHMSZ 512 -char SEM_NAME[]= "/audit-test"; -char SEM_CLIENT_NAME[]="/client"; -sem_t *mutex, *mutex_client; -char *shm; -int shmid; - -enum TYPES{ - INT_TYPE, - STRING_TYPE, - CHAR_TYPE -}; - + void init_channel() { key_t key; @@ -194,30 +177,55 @@ /* * We fetch every token from auditpipe and eventually dump them to a file + * Modified version of praudit function. */ -tokenstr_t -audit_print_record(char *buffer, int buflen, FILE *st) +struct audit_record +*audit_print_record(FILE *st, FILE *in) { + u_char *buf; tokenstr_t tok; + int reclen; + int bytesread; + int count; + u_char type; + struct audit_record *rec; - while (buflen > 0) { + type = 0; + count = 0; + rec = malloc(sizeof(struct audit_record)); + if(rec == NULL) + err(-1, "MALLOC"); + + /* Record must begin with a header token. */ + do { + type = fgetc(in); + } while(type != AU_HEADER_32_TOKEN); + ungetc(type, in); - /* XXX: Is this an incomplete record? */ - if (au_fetch_tok(&tok, buffer, buflen) == -1) - break; - au_print_tok_xml(st, &tok, ",", 0, 0); - buflen -= tok.len; - buffer += tok.len; - fprintf(st, "\n"); + while ((reclen = au_read_rec(in, &buf)) != -1) { + bytesread = 0; + while (bytesread < reclen) { + + /* Is this an incomplete record? */ + if (-1 == au_fetch_tok(&tok, buf + bytesread, + reclen - bytesread)) + break; + rec->toks[count] = tok; + rec->count = count; + au_print_tok_xml(st, &tok, ",", 0, 0); + fprintf(st, "\n"); + bytesread += tok.len; + } + free(buf); + fflush(st); } - fflush(st); - return tok; + return rec; } /* * Init log file for evaluation */ -FILE *f init_log(pid_t pid) +FILE *init_log(pid_t pid) { FILE *f; char path[512]; @@ -231,6 +239,33 @@ return f; } +void report_error(tokenstr_t tok, struct audit_record *rec, FILE *f) +{ + int i; + + if(rec == NULL) + return; + for(i = 0; i <= rec->count; i++) { + au_print_tok_xml(f, &(rec->toks[i]), ",", 0, 0); + fprintf(f, "\n"); + } + fprintf(f, "ERROR:***"); + au_print_tok_xml(f, &tok, ",", 0, 0); + fprintf(f, "\n"); +} + +/* + * Check the return value of a bsm-token + */ +int check_ret(au_exit_t ret, int r, char *val) +{ + if(ret.ret == r) + //if(!strncmp(ret.status, val, strlen(ret.status) > strlen(val)? + // strlen(ret.status): strlen(val))) + return 1; + return 0; +} + /* * Check the path field of a bsm-token */ @@ -238,5 +273,51 @@ { if(!path.len) return -1; - return strncmp(path.path, val, path.len); -} + + if(!strncmp(path.path, val, path.len > strlen(val)? path.len: strlen(val))) + return 1; + + return 0; +} + +/* + * Check the arg field of a bsm-token + */ +int check_arg(au_arg32_t arg, long val) +{ + if(!arg.len) + return -1; + + if(arg.val == val) + return 1; + + return 0; +} + +/* + * Check the pid and privilege of a bsm-token + */ +int check_priv(au_proc32ex_t priv, pid_t pid) +{ + if(priv.pid == pid && priv.euid == geteuid() && priv.ruid == getuid() && + priv.rgid == getgid() && priv.egid == getegid()) + return 1; + + return 0; +} + +/* + * Check attributes of fd from a bsm-token + */ +int check_fd(au_attr32_t attr, int fd) +{ + struct stat s; + + if(fstat(fd, &s) == -1) + return -1; + if(attr.mode == s.st_mode && attr.uid == s.st_uid && attr.gid == s.st_gid && + attr.nid == s.st_ino && attr.dev == s.st_dev) + return 1; + + return 0; +}