From owner-p4-projects@FreeBSD.ORG Wed Jun 29 16:58:13 2005 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id C1D2916A420; Wed, 29 Jun 2005 16:58:12 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 99CEE16A41C for ; Wed, 29 Jun 2005 16:58:12 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6E44E43D55 for ; Wed, 29 Jun 2005 16:58:12 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j5TGwCOK026484 for ; Wed, 29 Jun 2005 16:58:12 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j5TGwCkJ026481 for perforce@freebsd.org; Wed, 29 Jun 2005 16:58:12 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Wed, 29 Jun 2005 16:58:12 GMT Message-Id: <200506291658.j5TGwCkJ026481@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Cc: Subject: PERFORCE change 79157 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jun 2005 16:58:13 -0000 http://perforce.freebsd.org/chv.cgi?CH=79157 Change 79157 by rwatson@rwatson_zoo on 2005/06/29 16:57:28 Integrate OpenBSM changes from OpenBSM tree to the Audit3 tree: - libbsm.h moved to /usr/include/bsm - Man page fixes - FreeBSD trigger device node support - C99 types - Style cleanups Integrated using trustedbsd_openbsm_audit3 branch. Affected files ... .. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditreduce/auditreduce.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/praudit/praudit.1#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/praudit/praudit.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/Makefile#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit.h#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_record.h#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/libbsm.h#1 branch .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/Makefile#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_audit.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_class.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_control.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_event.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_flags.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_mask.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_notify.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_token.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_user.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_wrappers.c#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/libbsm.h#2 delete .. //depot/projects/trustedbsd/audit3/contrib/openbsm/man/audit.log.5#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/man/audit_class.5#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/man/audit_control.5#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/man/audit_event.5#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/man/audit_user.5#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/man/audit_warn.5#2 integrate .. //depot/projects/trustedbsd/audit3/contrib/openbsm/man/auditon.2#2 integrate Differences ... ==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditreduce/auditreduce.c#2 (text+ko) ==== @@ -37,6 +37,8 @@ * XXX the records present within the file and between the files themselves */ +#include + #include #include #include @@ -45,7 +47,6 @@ #include #include -#include #include "auditreduce.h" ==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/praudit/praudit.1#2 (text+ko) ==== @@ -60,8 +60,8 @@ This option is exclusive from .Fl r .It Fl d Ar del -Specifies the delimeter. -The default delimeter is the comma. +Specifies the delimiter. +The default delimiter is the comma. .El .Pp If the raw or short forms are not specified, the default is to print the tokens @@ -69,7 +69,7 @@ Events are displayed as per their descriptions given in .Pa /etc/security/audit_event ; uids and gids are expanded to their names; -dates and times are displayed in human-readible format. +dates and times are displayed in human-readable format. .Sh FILES .Bl -tag -width "/etc/security/audit_control" -compact .It Pa /etc/security/audit_class ==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/praudit/praudit.c#2 (text+ko) ==== @@ -34,12 +34,12 @@ * praudit [-lrs] [-ddel] [filenames] */ +#include + #include #include #include -#include - extern char *optarg; extern int optind, optopt, opterr,optreset; ==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/Makefile#2 (text+ko) ==== @@ -6,7 +6,8 @@ audit_internal.h \ audit_kevents.h \ audit_record.h \ - audit_uevents.h + audit_uevents.h \ + libbsm.h TARGET= ${DESTDIR}/usr/include/bsm ==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit.h#2 (text+ko) ==== @@ -32,8 +32,18 @@ /* * Triggers for the audit daemon */ -#define AUDIT_TRIGGER_LOW_SPACE 1 -#define AUDIT_TRIGGER_FILE_FULL 2 +#define AUDIT_TRIGGER_MIN 1 +#define AUDIT_TRIGGER_LOW_SPACE 1 +#define AUDIT_TRIGGER_OPEN_NEW 2 +#define AUDIT_TRIGGER_READ_FILE 3 +#define AUDIT_TRIGGER_CLOSE_AND_DIE 4 +#define AUDIT_TRIGGER_NO_SPACE 5 +#define AUDIT_TRIGGER_MAX 5 + +/* + * File that will be read for trigger events from the kernel + */ +#define AUDIT_TRIGGER_FILE "/dev/audit" /* * Pre-defined audit IDs @@ -119,6 +129,7 @@ #define A_GETPINFO_ADDR 28 #define A_GETKAUDIT 29 #define A_SETKAUDIT 30 +#define A_SENDTRIGGER 31 /* * Audit policy controls. ==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bsm/audit_record.h#2 (text+ko) ==== @@ -155,7 +155,7 @@ /* * The values for the following token ids are not defined by BSM. * - * XXXRW: Not sure how to andle these in OpenBSM yet, but I'll give them + * XXXRW: Not sure how to handle these in OpenBSM yet, but I'll give them * names more consistent with Sun's BSM. These originally came from Apple's * BSM. */ @@ -180,8 +180,8 @@ /* ... and their sizes */ #define AUR_BYTE_SIZE sizeof(u_char) -#define AUR_SHORT_SIZE sizeof(u_int16_t) -#define AUR_LONG_SIZE sizeof(u_int32_t) +#define AUR_SHORT_SIZE sizeof(uint16_t) +#define AUR_LONG_SIZE sizeof(uint32_t) /* Modifiers for the header token */ #define PAD_NOTATTR 0x4000 /* nonattributable event */ @@ -239,9 +239,9 @@ au_emod_t e_mod); token_t *au_to_me(void); -token_t *au_to_arg(char n, char *text, u_int32_t v); -token_t *au_to_arg32(char n, char *text, u_int32_t v); -token_t *au_to_arg64(char n, char *text, u_int64_t v); +token_t *au_to_arg(char n, char *text, uint32_t v); +token_t *au_to_arg32(char n, char *text, uint32_t v); +token_t *au_to_arg64(char n, char *text, uint64_t v); #if defined(_KERNEL) || defined(KERNEL) token_t *au_to_attr(struct vnode_au_info *vni); token_t *au_to_attr32(struct vnode_au_info *vni); @@ -251,14 +251,14 @@ char unit_count, char *p); token_t *au_to_exit(int retval, int err); token_t *au_to_groups(int *groups); -token_t *au_to_newgroups(u_int16_t n, gid_t *groups); +token_t *au_to_newgroups(uint16_t n, gid_t *groups); token_t *au_to_in_addr(struct in_addr *internet_addr); token_t *au_to_in_addr_ex(struct in6_addr *internet_addr); token_t *au_to_ip(struct ip *ip); token_t *au_to_ipc(char type, int id); token_t *au_to_ipc_perm(struct ipc_perm *perm); -token_t *au_to_iport(u_int16_t iport); -token_t *au_to_opaque(char *data, u_int16_t bytes); +token_t *au_to_iport(uint16_t iport); +token_t *au_to_opaque(char *data, uint16_t bytes); token_t *au_to_path(char *path); token_t *au_to_process(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, pid_t pid, @@ -278,15 +278,15 @@ token_t *au_to_process64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid); -token_t *au_to_return(char status, u_int32_t ret); -token_t *au_to_return32(char status, u_int32_t ret); -token_t *au_to_return64(char status, u_int64_t ret); +token_t *au_to_return(char status, uint32_t ret); +token_t *au_to_return32(char status, uint32_t ret); +token_t *au_to_return64(char status, uint64_t ret); token_t *au_to_seq(long audit_count); #if defined(_KERNEL) || defined(KERNEL) token_t *au_to_socket(struct socket *so); -token_t *au_to_socket_ex_32(u_int16_t lp, u_int16_t rp, +token_t *au_to_socket_ex_32(uint16_t lp, uint16_t rp, struct sockaddr *la, struct sockaddr *ta); -token_t *au_to_socket_ex_128(u_int16_t lp, u_int16_t rp, +token_t *au_to_socket_ex_128(uint16_t lp, uint16_t rp, struct sockaddr *la, struct sockaddr *ta); #endif token_t *au_to_sock_inet(struct sockaddr_in *so); ==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/Makefile#2 (text+ko) ==== @@ -9,7 +9,6 @@ CFLAGS+=-I- \ -I .. \ - -I . \ -Wall SRCS= bsm_audit.c \ @@ -24,8 +23,6 @@ bsm_user.c \ bsm_wrappers.c -INCS= libbsm.h - MAN= libbsm.3 \ au_class.3 \ au_control.3 \ @@ -117,4 +114,10 @@ au_token.3 au_to_header64.3 \ au_token.3 au_to_trailer.3 +beforeinstall: + if test -d ${INCSDIR}; then \ + else \ + mkdir ${INCSDIR}; \ + fi; + .include ==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_audit.c#2 (text+ko) ==== @@ -32,29 +32,28 @@ #include #include +#include #include -#include #include #include #include /* array of used descriptors */ -static au_record_t* open_desc_table[MAX_AUDIT_RECORDS]; +static au_record_t *open_desc_table[MAX_AUDIT_RECORDS]; /* The current number of active record descriptors */ -static int bsm_rec_count = 0; +static int bsm_rec_count = 0; + /* - * Records that can be recycled are maintained in the list given below - * The maximum number of elements that can be present in this list is - * bounded by MAX_AUDIT_RECORDS. Memory allocated for these records are never - * freed + * Records that can be recycled are maintained in the list given below. The + * maximum number of elements that can be present in this list is bounded by + * MAX_AUDIT_RECORDS. Memory allocated for these records are never freed. */ +static LIST_HEAD(, au_record) bsm_free_q; -static LIST_HEAD(, au_record) bsm_free_q; +static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; -static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; - /* * This call frees a token_t and its internal data. */ @@ -70,27 +69,25 @@ } /* - * This call reserves memory for the audit record. - * Memory must be guaranteed before any auditable event can be - * generated. - * The au_record_t structure maintains a reference to the - * memory allocated above and also the list of tokens associated - * with this record - * Descriptors are recyled once the records are added to the audit - * trail following au_close(). + * This call reserves memory for the audit record. Memory must be guaranteed + * before any auditable event can be generated. The au_record_t structure + * maintains a reference to the memory allocated above and also the list of + * tokens associated with this record. Descriptors are recyled once the + * records are added to the audit trail following au_close(). */ -int au_open(void) +int +au_open(void) { au_record_t *rec = NULL; pthread_mutex_lock(&mutex); - if(bsm_rec_count == 0) { + if (bsm_rec_count == 0) LIST_INIT(&bsm_free_q); - } /* - * Find an unused descriptor, remove it from the free list, mark as used + * Find an unused descriptor, remove it from the free list, mark as + * used. */ if (!LIST_EMPTY(&bsm_free_q)) { rec = LIST_FIRST(&bsm_free_q); @@ -100,31 +97,31 @@ pthread_mutex_unlock(&mutex); - if(rec == NULL) { + if (rec == NULL) { /* - * Create a new au_record_t if no descriptors are available + * Create a new au_record_t if no descriptors are available. */ - rec = (au_record_t *) malloc (sizeof(au_record_t)); - if(rec == NULL) { - return -1; /* Failed */ - } - rec->data = (u_char *) malloc (MAX_AUDIT_RECORD_SIZE * sizeof(u_char)); - if(rec->data == NULL) { + rec = malloc (sizeof(au_record_t)); + if (rec == NULL) + return (-1); + + rec->data = malloc (MAX_AUDIT_RECORD_SIZE * sizeof(u_char)); + if (rec->data == NULL) { free(rec); errno = ENOMEM; - return -1; + return (-1); } pthread_mutex_lock(&mutex); - if(bsm_rec_count == MAX_AUDIT_RECORDS) { + if (bsm_rec_count == MAX_AUDIT_RECORDS) { pthread_mutex_unlock(&mutex); free(rec->data); free(rec); /* XXX We need to increase size of MAX_AUDIT_RECORDS */ errno = ENOMEM; - return -1; + return (-1); } rec->desc = bsm_rec_count; open_desc_table[bsm_rec_count] = rec; @@ -140,29 +137,30 @@ rec->len = 0; rec->used = 1; - return rec->desc; + return (rec->desc); } /* - * Store the token with the record descriptor + * Store the token with the record descriptor. * * Don't permit writing more to the buffer than would let the trailer be * appended later. */ -int au_write(int d, token_t *tok) +int +au_write(int d, token_t *tok) { au_record_t *rec; - if(tok == NULL) { + if (tok == NULL) { errno = EINVAL; - return -1; /* Invalid Token */ + return (-1); /* Invalid Token */ } /* Write the token to the record descriptor */ rec = open_desc_table[d]; - if((rec == NULL) || (rec->used == 0)) { + if ((rec == NULL) || (rec->used == 0)) { errno = EINVAL; - return -1; /* Invalid descriptor */ + return (-1); /* Invalid descriptor */ } if (rec->len + tok->len + BSM_TRAILER_SIZE > MAX_AUDIT_RECORD_SIZE) { @@ -181,13 +179,13 @@ /* Token should not be available after this call */ tok = NULL; - return 0; /* Success */ + return (0); /* Success */ } /* - * Assemble an audit record out of its tokens, including allocating header - * and trailer tokens. Does not free the token chain, which must be done by - * the caller if desirable. + * Assemble an audit record out of its tokens, including allocating header and + * trailer tokens. Does not free the token chain, which must be done by the + * caller if desirable. * * XXX: Assumes there is sufficient space for the header and trailer. */ @@ -227,8 +225,8 @@ } /* - * Given a record that is no longer of interest, tear it down and convert to - * a free record. + * Given a record that is no longer of interest, tear it down and convert to a + * free record. */ static void au_teardown(au_record_t *rec) @@ -254,9 +252,8 @@ } /* - * Add the header token, identify any missing tokens - * Write out the tokens to the record memory and finally, - * call audit + * Add the header token, identify any missing tokens. Write out the tokens to + * the record memory and finally, call audit. */ int au_close(int d, int keep, short event) { @@ -265,9 +262,9 @@ int retval = 0; rec = open_desc_table[d]; - if((rec == NULL) || (rec->used == 0)) { + if ((rec == NULL) || (rec->used == 0)) { errno = EINVAL; - return -1; /* Invalid descriptor */ + return (-1); /* Invalid descriptor */ } if (!keep) { @@ -291,8 +288,8 @@ if (au_assemble(rec, event) < 0) { /* - * XXXRW: This is also not supposed to happen, but might if - * we are unable to allocate header and trailer memory. + * XXXRW: This is also not supposed to happen, but might if we + * are unable to allocate header and trailer memory. */ retval = -1; goto cleanup; @@ -304,7 +301,7 @@ cleanup: /* CLEANUP */ au_teardown(rec); - return retval; + return (retval); } /* @@ -338,15 +335,14 @@ } if (au_assemble(rec, event) < 0) { - /* - * XXXRW: See au_close() comment. - */ + /* XXXRW: See au_close() comment. */ retval = -1; goto cleanup; } memcpy(buffer, rec->data, rec->len); *buflen = rec->len; + cleanup: au_teardown(rec); return (retval); ==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_class.c#2 (text+ko) ==== @@ -26,246 +26,224 @@ * POSSIBILITY OF SUCH DAMAGE. */ +#include + #include #include #include #include -#include - /* - * Parse the contents of the audit_class file to return - * struct au_class_ent entries + * Parse the contents of the audit_class file to return struct au_class_ent + * entries. */ -static FILE *fp = NULL; -static char linestr[AU_LINE_MAX]; -static char *delim = ":"; +static FILE *fp = NULL; +static char linestr[AU_LINE_MAX]; +static char *delim = ":"; -static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; +static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; - /* * XXX The reentrant versions of the following functions is TBD * XXX struct au_class_ent *getclassent_r(au_class_ent_t *class_int); * XXX struct au_class_ent *getclassnam_r(au_class_ent_t *class_int, const char *name); */ - - /* - * Allocate a au_class_ent structure + * Allocate a au_class_ent structure. */ -static struct au_class_ent *get_class_area() +static struct au_class_ent * +get_class_area(void) { struct au_class_ent *c; - c = (struct au_class_ent *) malloc (sizeof(struct au_class_ent)); - if(c == NULL) { - return NULL; - } - c->ac_name = (char *)malloc(AU_CLASS_NAME_MAX * sizeof(char)); - if(c->ac_name == NULL) { + c = malloc(sizeof(struct au_class_ent)); + if (c == NULL) + return (NULL); + c->ac_name = malloc(AU_CLASS_NAME_MAX * sizeof(char)); + if (c->ac_name == NULL) { free(c); - return NULL; + return (NULL); } - c->ac_desc = (char *)malloc(AU_CLASS_DESC_MAX * sizeof(char)); - if(c->ac_desc == NULL) { + c->ac_desc = malloc(AU_CLASS_DESC_MAX * sizeof(char)); + if (c->ac_desc == NULL) { free(c->ac_name); free(c); - return NULL; + return (NULL); } - return c; + return (c); } /* - * Free the au_class_ent structure + * Free the au_class_ent structure. */ -void free_au_class_ent(struct au_class_ent *c) +void +free_au_class_ent(struct au_class_ent *c) { - if (c) - { - if (c->ac_name) - free(c->ac_name); - if (c->ac_desc) - free(c->ac_desc); - free(c); - } + + if (c) { + if (c->ac_name) + free(c->ac_name); + if (c->ac_desc) + free(c->ac_desc); + free(c); + } } /* - * Parse a single line from the audit_class file passed in str - * to the struct au_class_ent elements; store the result in c + * Parse a single line from the audit_class file passed in str to the struct + * au_class_ent elements; store the result in c. */ -static struct au_class_ent *classfromstr(char *str, char *delim, struct au_class_ent *c) +static struct au_class_ent * +classfromstr(char *str, char *delim, struct au_class_ent *c) { char *classname, *classdesc, *classflag; char *last; - /* each line contains flag:name:desc */ + /* Each line contains flag:name:desc. */ classflag = strtok_r(str, delim, &last); classname = strtok_r(NULL, delim, &last); classdesc = strtok_r(NULL, delim, &last); - if((classflag == NULL) - || (classname == NULL) - || (classdesc == NULL)) { + if ((classflag == NULL) || (classname == NULL) || (classdesc == NULL)) + return (NULL); - return NULL; - } - /* - * Check for very large classnames + * Check for very large classnames. */ - if(strlen(classname) >= AU_CLASS_NAME_MAX) { - return NULL; - } + if (strlen(classname) >= AU_CLASS_NAME_MAX) + return (NULL); strcpy(c->ac_name, classname); /* - * Check for very large class description + * Check for very large class description. */ - if(strlen(classdesc) >= AU_CLASS_DESC_MAX) { - return NULL; - } + if (strlen(classdesc) >= AU_CLASS_DESC_MAX) + return (NULL); strcpy(c->ac_desc, classdesc); - c->ac_class = strtoul(classflag, (char **) NULL, 0); - return c; + return (c); } /* - * Return the next au_class_ent structure from the file - * setauclass should be called before invoking this function - * for the first time + * Return the next au_class_ent structure from the file setauclass should be + * called before invoking this function for the first time. */ -struct au_class_ent *getauclassent() +struct au_class_ent * +getauclassent(void) { struct au_class_ent *c; char *tokptr, *nl; pthread_mutex_lock(&mutex); - if((fp == NULL) - && ((fp = fopen(AUDIT_CLASS_FILE, "r")) == NULL)) { - + if ((fp == NULL) && ((fp = fopen(AUDIT_CLASS_FILE, "r")) == NULL)) { pthread_mutex_unlock(&mutex); - return NULL; + return (NULL); } - if(fgets(linestr, AU_LINE_MAX, fp) == NULL) { - + if (fgets(linestr, AU_LINE_MAX, fp) == NULL) { pthread_mutex_unlock(&mutex); - return NULL; + return (NULL); } - /* Remove trailing new line character */ - if((nl = strrchr(linestr, '\n')) != NULL) { + /* Remove trailing new line character. */ + if ((nl = strrchr(linestr, '\n')) != NULL) *nl = '\0'; - } tokptr = linestr; c = get_class_area(); /* allocate */ - if(c == NULL) { - + if (c == NULL) { pthread_mutex_unlock(&mutex); - return NULL; + return (NULL); } - /* parse tokptr to au_class_ent components */ - if(classfromstr(tokptr, delim, c) == NULL) { - + /* Parse tokptr to au_class_ent components. */ + if (classfromstr(tokptr, delim, c) == NULL) { free_au_class_ent(c); - pthread_mutex_unlock(&mutex); - return NULL; + return (NULL); } pthread_mutex_unlock(&mutex); - return c; + return (c); } /* - * Return the next au_class_entry having the given class name + * Return the next au_class_entry having the given class name. */ -struct au_class_ent *getauclassnam(const char *name) +struct au_class_ent * +getauclassnam(const char *name) { struct au_class_ent *c; char *nl; - if(name == NULL) { - return NULL; - } + if (name == NULL) + return (NULL); - /* Rewind to beginning of file */ + /* Rewind to beginning of file. */ setauclass(); pthread_mutex_lock(&mutex); - if((fp == NULL) - && ((fp = fopen(AUDIT_CLASS_FILE, "r")) == NULL)) { - + if ((fp == NULL) && ((fp = fopen(AUDIT_CLASS_FILE, "r")) == NULL)) { pthread_mutex_unlock(&mutex); - return NULL; + return (NULL); } c = get_class_area(); /* allocate */ - if(c == NULL) { - + if (c == NULL) { pthread_mutex_unlock(&mutex); - return NULL; + return (NULL); } + while(fgets(linestr, AU_LINE_MAX, fp) != NULL) { /* Remove trailing new line character */ - if((nl = strrchr(linestr, '\n')) != NULL) { + if ((nl = strrchr(linestr, '\n')) != NULL) *nl = '\0'; - } /* parse tokptr to au_class_ent components */ - if(classfromstr(linestr, delim, c) != NULL) { - if(!strcmp(name, c->ac_name)) { - + if (classfromstr(linestr, delim, c) != NULL) { + if (!strcmp(name, c->ac_name)) { pthread_mutex_unlock(&mutex); - return c; + return (c); } } } free_au_class_ent(c); - pthread_mutex_unlock(&mutex); - return NULL; + return (NULL); } /* - * Rewind to the beginning of the enumeration + * Rewind to the beginning of the enumeration. */ -void setauclass() +void +setauclass(void) { + pthread_mutex_lock(&mutex); - - if(fp != NULL) { + if (fp != NULL) fseek(fp, 0, SEEK_SET); - } - pthread_mutex_unlock(&mutex); } /* - * audit_class processing is complete; close any open files + * audit_class processing is complete; close any open files. */ -void endauclass() +void endauclass(void) { + pthread_mutex_lock(&mutex); - - if(fp != NULL) { + if (fp != NULL) { fclose(fp); fp = NULL; } - pthread_mutex_unlock(&mutex); } ==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_control.c#2 (text+ko) ==== @@ -26,32 +26,33 @@ * POSSIBILITY OF SUCH DAMAGE. */ +#include + #include #include #include #include #include -#include - /* - * Parse the contents of the audit_control file to return - * the audit control parameters + * Parse the contents of the audit_control file to return the audit control + * parameters. */ -static FILE *fp = NULL; -static char linestr[AU_LINE_MAX]; -static char *delim = ":"; +static FILE *fp = NULL; +static char linestr[AU_LINE_MAX]; +static char *delim = ":"; -static char inacdir = 0; -static char ptrmoved = 0; +static char inacdir = 0; +static char ptrmoved = 0; -static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; +static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; /* - * Returns the string value corresponding to the given label - * from the configuration file + * Returns the string value corresponding to the given label from the + * configuration file. */ -static int getstrfromtype(char *name, char **str) +static int +getstrfromtype(char *name, char **str) { char *type, *nl; char *tokptr; @@ -61,84 +62,77 @@ pthread_mutex_lock(&mutex); - if((fp == NULL) - && ((fp = fopen(AUDIT_CONTROL_FILE, "r")) == NULL)) { - + if ((fp == NULL) && ((fp = fopen(AUDIT_CONTROL_FILE, "r")) == + NULL)) { pthread_mutex_unlock(&mutex); - return 0; /* Error */ + return (0); /* Error */ } - /* Search for the line beginning with the given name */ - while(fgets(linestr, AU_LINE_MAX, fp) != NULL) { - - /* Remove trailing new line character */ - if((nl = strrchr(linestr, '\n')) != NULL) { + /* Search for the line beginning with the given name. */ + while (fgets(linestr, AU_LINE_MAX, fp) != NULL) { + /* Remove trailing new line character. */ + if ((nl = strrchr(linestr, '\n')) != NULL) *nl = '\0'; - } tokptr = linestr; - if((type = strtok_r(tokptr, delim, &last)) != NULL) { - if(!strcmp(name, type)) { - - /* Found matching name */ + if ((type = strtok_r(tokptr, delim, &last)) != NULL) { + if (!strcmp(name, type)) { + /* Found matching name. */ *str = strtok_r(NULL, delim, &last); - pthread_mutex_unlock(&mutex); - - if(*str == NULL) { - return 1; /* Parse error in file */ - } - return 0; /* Success */ + if (*str == NULL) + return (1); /* Parse error in file */ + return (0); /* Success */ } } } pthread_mutex_unlock(&mutex); - return 0; /* EOF */ + return (0); /* EOF */ } /* - * Rewind the file pointer to beginning + * Rewind the file pointer to beginning. */ -void setac() +void +setac(void) { + pthread_mutex_lock(&mutex); - ptrmoved = 1; - if(fp != NULL) { + if (fp != NULL) fseek(fp, 0, SEEK_SET); - } - pthread_mutex_unlock(&mutex); } /* * Close the audit_control file */ -void endac() +void +endac(void) { + pthread_mutex_lock(&mutex); - ptrmoved = 1; - if(fp != NULL) { + if (fp != NULL) { fclose(fp); fp = NULL; } - pthread_mutex_unlock(&mutex); } /* - * Return audit directory information from the audit control file + * Return audit directory information from the audit control file. */ -int getacdir(char *name, int len) +int +getacdir(char *name, int len) { char *dir; int ret = 0; - if(name == NULL) { >>> TRUNCATED FOR MAIL (1000 lines) <<<