Date: Wed, 14 Jan 2009 10:44:16 +0000 (UTC) From: Robert Watson <rwatson@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r187214 - in head: contrib/openbsm contrib/openbsm/bin/auditd contrib/openbsm/bin/auditreduce contrib/openbsm/bsm contrib/openbsm/libauditd contrib/openbsm/libbsm contrib/openbsm/man co... Message-ID: <200901141044.n0EAiG2g039967@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rwatson Date: Wed Jan 14 10:44:16 2009 New Revision: 187214 URL: http://svn.freebsd.org/changeset/base/187214 Log: Merge OpenBSM alpha 5 from OpenBSM vendor branch to head, both contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual merge). Hook up bsm_domain.c and bsm_socket_type.c to the libbsm build along with man pages, add audit_bsm_domain.c and audit_bsm_socket_type.c to the kernel environment. OpenBSM history for imported revisions below for reference. MFC after: 1 month Sponsored by: Apple Inc. Obtained from: TrustedBSD Project OpenBSM 1.1 alpha 5 - Stub libauditd(3) man page added. - All BSM error number constants with BSM_ERRNO_. - Interfaces to convert between local and BSM socket types and protocol families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3), au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions of constants in audit_domain.h and audit_socket_type.h. This improves interoperability by converting local constant spaces, which vary by OS, to and from Solaris constants (where available) or OpenBSM constants for protocol domains not present in Solaris (a fair number). These routines should be used when generating and interpreting extended socket tokens. - Fix build warnings with full gcc warnings enabled on most supported platforms. - Don't compile error strings into bsm_errno.c when building it in the kernel environment. - When started by launchd, use the label com.apple.auditd rather than org.trustedbsd.auditd. Added: head/contrib/openbsm/libauditd/libauditd.3 - copied unchanged from r187065, vendor/openbsm/dist/libauditd/libauditd.3 head/contrib/openbsm/libbsm/au_domain.3 - copied unchanged from r187065, vendor/openbsm/dist/libbsm/au_domain.3 head/contrib/openbsm/libbsm/au_socket_type.3 - copied unchanged from r187065, vendor/openbsm/dist/libbsm/au_socket_type.3 head/contrib/openbsm/libbsm/bsm_domain.c - copied unchanged from r187065, vendor/openbsm/dist/libbsm/bsm_domain.c head/contrib/openbsm/libbsm/bsm_socket_type.c - copied unchanged from r187065, vendor/openbsm/dist/libbsm/bsm_socket_type.c head/contrib/openbsm/sys/bsm/audit_domain.h - copied unchanged from r187065, vendor/openbsm/dist/sys/bsm/audit_domain.h head/contrib/openbsm/sys/bsm/audit_socket_type.h - copied unchanged from r187065, vendor/openbsm/dist/sys/bsm/audit_socket_type.h head/sys/bsm/audit_domain.h (contents, props changed) head/sys/bsm/audit_socket_type.h (contents, props changed) head/sys/security/audit/audit_bsm_domain.c (contents, props changed) head/sys/security/audit/audit_bsm_socket_type.c (contents, props changed) Modified: head/contrib/openbsm/ (props changed) head/contrib/openbsm/INSTALL head/contrib/openbsm/NEWS head/contrib/openbsm/VERSION head/contrib/openbsm/bin/auditd/auditd.8 head/contrib/openbsm/bin/auditd/auditd.c head/contrib/openbsm/bin/auditd/auditd_darwin.c head/contrib/openbsm/bin/auditd/auditd_fbsd.c head/contrib/openbsm/bin/auditreduce/auditreduce.c head/contrib/openbsm/bsm/auditd_lib.h head/contrib/openbsm/bsm/libbsm.h head/contrib/openbsm/configure head/contrib/openbsm/configure.ac head/contrib/openbsm/libauditd/Makefile.am head/contrib/openbsm/libauditd/Makefile.in head/contrib/openbsm/libauditd/auditd_lib.c head/contrib/openbsm/libbsm/Makefile.am head/contrib/openbsm/libbsm/Makefile.in head/contrib/openbsm/libbsm/au_token.3 head/contrib/openbsm/libbsm/bsm_audit.c head/contrib/openbsm/libbsm/bsm_errno.c head/contrib/openbsm/libbsm/bsm_io.c head/contrib/openbsm/libbsm/bsm_token.c head/contrib/openbsm/libbsm/libbsm.3 head/contrib/openbsm/man/audit_user.5 head/contrib/openbsm/sys/bsm/Makefile.am head/contrib/openbsm/sys/bsm/Makefile.in head/contrib/openbsm/sys/bsm/audit.h head/contrib/openbsm/sys/bsm/audit_errno.h head/contrib/openbsm/sys/bsm/audit_record.h head/contrib/openbsm/test/bsm/generate.c head/contrib/openbsm/test/reference/E2BIG_record head/contrib/openbsm/test/reference/EACCES_record head/contrib/openbsm/test/reference/EBADF_record head/contrib/openbsm/test/reference/EBUSY_record head/contrib/openbsm/test/reference/ECHILD_record head/contrib/openbsm/test/reference/EDEADLK_record head/contrib/openbsm/test/reference/EEXIST_record head/contrib/openbsm/test/reference/EFAULT_record head/contrib/openbsm/test/reference/EFBIG_record head/contrib/openbsm/test/reference/EINTR_record head/contrib/openbsm/test/reference/EINVAL_record head/contrib/openbsm/test/reference/EIO_record head/contrib/openbsm/test/reference/EISDIR_record head/contrib/openbsm/test/reference/EMFILE_record head/contrib/openbsm/test/reference/EMLINK_record head/contrib/openbsm/test/reference/ENFILE_record head/contrib/openbsm/test/reference/ENODEV_record head/contrib/openbsm/test/reference/ENOENT_record head/contrib/openbsm/test/reference/ENOEXEC_record head/contrib/openbsm/test/reference/ENOMEM_record head/contrib/openbsm/test/reference/ENOSPC_record head/contrib/openbsm/test/reference/ENOTBLK_record head/contrib/openbsm/test/reference/ENOTDIR_record head/contrib/openbsm/test/reference/ENOTTY_record head/contrib/openbsm/test/reference/ENXIO_record head/contrib/openbsm/test/reference/EPERM_record head/contrib/openbsm/test/reference/EPIPE_record head/contrib/openbsm/test/reference/EROFS_record head/contrib/openbsm/test/reference/ESPIPE_record head/contrib/openbsm/test/reference/ESRCH_record head/contrib/openbsm/test/reference/ETXTBSY_record head/contrib/openbsm/test/reference/EXDEV_record head/contrib/openbsm/test/reference/arg32_record head/contrib/openbsm/test/reference/data_record head/contrib/openbsm/test/reference/data_token head/contrib/openbsm/test/reference/file_record head/contrib/openbsm/test/reference/in_addr_record head/contrib/openbsm/test/reference/ip_record head/contrib/openbsm/test/reference/ipc_record head/contrib/openbsm/test/reference/iport_record head/contrib/openbsm/test/reference/opaque_record head/contrib/openbsm/test/reference/path_record head/contrib/openbsm/test/reference/process32_record head/contrib/openbsm/test/reference/process32ex_record-IPv4 head/contrib/openbsm/test/reference/process32ex_record-IPv6 head/contrib/openbsm/test/reference/process64_record head/contrib/openbsm/test/reference/process64ex_record-IPv4 head/contrib/openbsm/test/reference/process64ex_record-IPv6 head/contrib/openbsm/test/reference/return32_record head/contrib/openbsm/test/reference/seq_record head/contrib/openbsm/test/reference/socketex_record head/contrib/openbsm/test/reference/socketex_token head/contrib/openbsm/test/reference/subject32_record head/contrib/openbsm/test/reference/subject32ex_record head/contrib/openbsm/test/reference/text_record head/contrib/openbsm/test/reference/zonename_record head/lib/libbsm/Makefile head/sys/bsm/audit.h head/sys/bsm/audit_errno.h head/sys/bsm/audit_internal.h head/sys/bsm/audit_kevents.h head/sys/bsm/audit_record.h head/sys/conf/files head/sys/security/audit/audit_bsm_errno.c head/sys/security/audit/audit_bsm_token.c Modified: head/contrib/openbsm/INSTALL ============================================================================== --- head/contrib/openbsm/INSTALL Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/INSTALL Wed Jan 14 10:44:16 2009 (r187214) @@ -9,6 +9,12 @@ support are built conditionally. Typica ./configure make +If doing development work on OpenBSM with gcc, the following invocation of +configure may be preferred in order to generate full compiler warnings and +force the compile to fail if a warning is found: + + CFLAGS="-Wall -Werror" ./configure + To install, use: make install Modified: head/contrib/openbsm/NEWS ============================================================================== --- head/contrib/openbsm/NEWS Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/NEWS Wed Jan 14 10:44:16 2009 (r187214) @@ -1,5 +1,24 @@ OpenBSM Version History +OpenBSM 1.1 alpha 5 + +- Stub libauditd(3) man page added. +- All BSM error number constants with BSM_ERRNO_. +- Interfaces to convert between local and BSM socket types and protocol + families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3), + au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions + of constants in audit_domain.h and audit_socket_type.h. This improves + interoperability by converting local constant spaces, which vary by OS, to + and from Solaris constants (where available) or OpenBSM constants for + protocol domains not present in Solaris (a fair number). These routines + should be used when generating and interpreting extended socket tokens. +- Fix build warnings with full gcc warnings enabled on most supported + platforms. +- Don't compile error strings into bsm_errno.c when building it in the kernel + environment. +- When started by launchd, use the label com.apple.auditd rather than + org.trustedbsd.auditd. + OpenBSM 1.1 alpha 4 - With the addition of BSM error number mapping, we also need to map the @@ -393,4 +412,4 @@ OpenBSM 1.0 alpha 1 to support reloading of kernel event table. - Allow comments in /etc/security configuration files. -$P4: //depot/projects/trustedbsd/openbsm/NEWS#21 $ +$P4: //depot/projects/trustedbsd/openbsm/NEWS#27 $ Modified: head/contrib/openbsm/VERSION ============================================================================== --- head/contrib/openbsm/VERSION Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/VERSION Wed Jan 14 10:44:16 2009 (r187214) @@ -1 +1 @@ -OPENBSM_1_1_ALPHA_4 +OPENBSM_1_1_ALPHA_5 Modified: head/contrib/openbsm/bin/auditd/auditd.8 ============================================================================== --- head/contrib/openbsm/bin/auditd/auditd.8 Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/bin/auditd/auditd.8 Wed Jan 14 10:44:16 2009 (r187214) @@ -25,7 +25,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#16 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#17 $ .\" .Dd December 11, 2008 .Dt AUDITD 8 @@ -115,6 +115,7 @@ and are no longer available as arguments .Nm . .Sh SEE ALSO .Xr asl 3 , +.Xr libauditd 3 , .Xr audit 4 , .Xr audit_class 5 , .Xr audit_control 5 , Modified: head/contrib/openbsm/bin/auditd/auditd.c ============================================================================== --- head/contrib/openbsm/bin/auditd/auditd.c Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/bin/auditd/auditd.c Wed Jan 14 10:44:16 2009 (r187214) @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#40 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#41 $ */ #include <sys/types.h> @@ -252,7 +252,7 @@ do_trail_file(void) */ err = auditd_read_dirs(audit_warn_soft, audit_warn_hard); if (err) { - auditd_log_err("auditd_read_dirs() %s: %m", + auditd_log_err("auditd_read_dirs(): %s", auditd_strerror(err)); if (err == ADE_HARDLIM) audit_warn_allhard(); Modified: head/contrib/openbsm/bin/auditd/auditd_darwin.c ============================================================================== --- head/contrib/openbsm/bin/auditd/auditd_darwin.c Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/bin/auditd/auditd_darwin.c Wed Jan 14 10:44:16 2009 (r187214) @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#2 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_darwin.c#3 $ */ #include <sys/types.h> @@ -83,7 +83,7 @@ static int max_idletime = 0; #endif /* __BSM_INTERNAL_NOTIFY_KEY */ #ifndef __AUDIT_LAUNCHD_LABEL -#define __AUDIT_LAUNCHD_LABEL "org.trustedbsd.auditd" +#define __AUDIT_LAUNCHD_LABEL "com.apple.auditd" #endif /* __AUDIT_LAUNCHD_LABEL */ #define MAX_MSG_SIZE 4096 @@ -100,7 +100,7 @@ auditd_openlog(int debug, gid_t gid) if (debug) opt = ASL_OPT_STDERR; - au_aslclient = asl_open("auditd", "org.trustedbsd.auditd", opt); + au_aslclient = asl_open("auditd", "com.apple.auditd", opt); au_aslmsg = asl_new(ASL_TYPE_MSG); #ifdef ASL_KEY_READ_UID Modified: head/contrib/openbsm/bin/auditd/auditd_fbsd.c ============================================================================== --- head/contrib/openbsm/bin/auditd/auditd_fbsd.c Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/bin/auditd/auditd_fbsd.c Wed Jan 14 10:44:16 2009 (r187214) @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#1 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd_fbsd.c#2 $ */ #include <sys/types.h> @@ -35,9 +35,11 @@ #include <errno.h> #include <fcntl.h> +#include <stdarg.h> #include <signal.h> +#include <string.h> #include <syslog.h> -#include <stdarg.h> +#include <unistd.h> #include <bsm/audit.h> #include <bsm/audit_uevents.h> Modified: head/contrib/openbsm/bin/auditreduce/auditreduce.c ============================================================================== --- head/contrib/openbsm/bin/auditreduce/auditreduce.c Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/bin/auditreduce/auditreduce.c Wed Jan 14 10:44:16 2009 (r187214) @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#29 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#31 $ */ /* @@ -41,6 +41,9 @@ */ #include <config/config.h> + +#define _GNU_SOURCE /* Required for strptime() on glibc2. */ + #ifdef HAVE_FULL_QUEUE_H #include <sys/queue.h> #else Modified: head/contrib/openbsm/bsm/auditd_lib.h ============================================================================== --- head/contrib/openbsm/bsm/auditd_lib.h Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/bsm/auditd_lib.h Wed Jan 14 10:44:16 2009 (r187214) @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bsm/auditd_lib.h#2 $ + * $P4: //depot/projects/trustedbsd/openbsm/bsm/auditd_lib.h#3 $ */ #ifndef _BSM_AUDITD_LIB_H_ @@ -57,7 +57,7 @@ * Path of auditd plist file for launchd. */ #define AUDITD_PLIST_FILE \ - "/System/Library/LaunchDaemons/org.trustedbsd.auditd.plist" + "/System/Library/LaunchDaemons/com.apple.auditd.plist" /* * Error return codes for auditd_lib functions. Modified: head/contrib/openbsm/bsm/libbsm.h ============================================================================== --- head/contrib/openbsm/bsm/libbsm.h Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/bsm/libbsm.h Wed Jan 14 10:44:16 2009 (r187214) @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#40 $ + * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#41 $ */ #ifndef _LIBBSM_H_ @@ -821,14 +821,22 @@ void au_print_tok_xml(FILE *outfp, to */ void au_print_xml_header(FILE *outfp); void au_print_xml_footer(FILE *outfp); -__END_DECLS /* - * Functions relating to BSM<->errno conversion. - */ -int au_bsm_to_errno(u_char bsm_error, int *errorp); -u_char au_errno_to_bsm(int error); -const char *au_strerror(u_char bsm_error); + * BSM library routines for converting between local and BSM constant spaces. + * (Note: some of these are replicated in audit_record.h for the benefit of + * the FreeBSD and Mac OS X kernels) + */ +int au_bsm_to_domain(u_short bsm_domain, int *local_domainp); +int au_bsm_to_errno(u_char bsm_error, int *errorp); +int au_bsm_to_socket_type(u_short bsm_socket_type, + int *local_socket_typep); +u_short au_domain_to_bsm(int local_domain); +u_char au_errno_to_bsm(int local_errno); +u_short au_socket_type_to_bsm(int local_socket_type); + +const char *au_strerror(u_char bsm_error); +__END_DECLS /* * The remaining APIs are associated with Apple's BSM implementation, in Modified: head/contrib/openbsm/configure ============================================================================== --- head/contrib/openbsm/configure Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/configure Wed Jan 14 10:44:16 2009 (r187214) @@ -1,7 +1,7 @@ #! /bin/sh -# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#47 . +# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#49 . # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.61 for OpenBSM 1.1alpha4. +# Generated by GNU Autoconf 2.61 for OpenBSM 1.1alpha5. # # Report bugs to <trustedbsd-audit@TrustesdBSD.org>. # @@ -729,8 +729,8 @@ SHELL=${CONFIG_SHELL-/bin/sh} # Identity of this package. PACKAGE_NAME='OpenBSM' PACKAGE_TARNAME='openbsm' -PACKAGE_VERSION='1.1alpha4' -PACKAGE_STRING='OpenBSM 1.1alpha4' +PACKAGE_VERSION='1.1alpha5' +PACKAGE_STRING='OpenBSM 1.1alpha5' PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org' ac_unique_file="bin/auditreduce/auditreduce.c" @@ -1404,7 +1404,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures OpenBSM 1.1alpha4 to adapt to many kinds of systems. +\`configure' configures OpenBSM 1.1alpha5 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1474,7 +1474,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of OpenBSM 1.1alpha4:";; + short | recursive ) echo "Configuration of OpenBSM 1.1alpha5:";; esac cat <<\_ACEOF @@ -1580,7 +1580,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -OpenBSM configure 1.1alpha4 +OpenBSM configure 1.1alpha5 generated by GNU Autoconf 2.61 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, @@ -1594,7 +1594,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by OpenBSM $as_me 1.1alpha4, which was +It was created by OpenBSM $as_me 1.1alpha5, which was generated by GNU Autoconf 2.61. Invocation command line was $ $0 $@ @@ -19076,7 +19076,7 @@ fi # Define the identity of the package. PACKAGE=OpenBSM - VERSION=1.1alpha4 + VERSION=1.1alpha5 cat >>confdefs.h <<_ACEOF @@ -23584,7 +23584,7 @@ exec 6>&1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by OpenBSM $as_me 1.1alpha4, which was +This file was extended by OpenBSM $as_me 1.1alpha5, which was generated by GNU Autoconf 2.61. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -23637,7 +23637,7 @@ Report bugs to <bug-autoconf@gnu.org>." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -OpenBSM config.status 1.1alpha4 +OpenBSM config.status 1.1alpha5 configured by $0, generated by GNU Autoconf 2.61, with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" Modified: head/contrib/openbsm/configure.ac ============================================================================== --- head/contrib/openbsm/configure.ac Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/configure.ac Wed Jan 14 10:44:16 2009 (r187214) @@ -2,8 +2,8 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -AC_INIT([OpenBSM], [1.1alpha4], [trustedbsd-audit@TrustesdBSD.org],[openbsm]) -AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#48 $]) +AC_INIT([OpenBSM], [1.1alpha5], [trustedbsd-audit@TrustesdBSD.org],[openbsm]) +AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#49 $]) AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c]) AC_CONFIG_AUX_DIR(config) AC_CONFIG_HEADER([config/config.h]) Modified: head/contrib/openbsm/libauditd/Makefile.am ============================================================================== --- head/contrib/openbsm/libauditd/Makefile.am Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/libauditd/Makefile.am Wed Jan 14 10:44:16 2009 (r187214) @@ -1,5 +1,5 @@ # -# $P4: //depot/projects/trustedbsd/openbsm/libauditd/Makefile.am#1 $ +# $P4: //depot/projects/trustedbsd/openbsm/libauditd/Makefile.am#2 $ # if USE_NATIVE_INCLUDES @@ -13,5 +13,5 @@ lib_LTLIBRARIES = libauditd.la libauditd_la_SOURCES = \ auditd_lib.c -#man3_MANS = \ -# libauditd.3 +man3_MANS = \ + libauditd.3 Modified: head/contrib/openbsm/libauditd/Makefile.in ============================================================================== --- head/contrib/openbsm/libauditd/Makefile.in Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/libauditd/Makefile.in Wed Jan 14 10:44:16 2009 (r187214) @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/libauditd/Makefile.in#1 $ +# $P4: //depot/projects/trustedbsd/openbsm/libauditd/Makefile.in#2 $ # VPATH = @srcdir@ @@ -51,7 +51,7 @@ am__vpath_adj = case $$p in \ *) f=$$p;; \ esac; am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(libdir)" +am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(man3dir)" libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) libauditd_la_LIBADD = @@ -71,6 +71,9 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLF $(LDFLAGS) -o $@ SOURCES = $(libauditd_la_SOURCES) DIST_SOURCES = $(libauditd_la_SOURCES) +man3dir = $(mandir)/man3 +NROFF = nroff +MANS = $(man3_MANS) ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -188,6 +191,9 @@ lib_LTLIBRARIES = libauditd.la libauditd_la_SOURCES = \ auditd_lib.c +man3_MANS = \ + libauditd.3 + all: all-am .SUFFIXES: @@ -285,6 +291,51 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs +install-man3: $(man3_MANS) $(man_MANS) + @$(NORMAL_INSTALL) + test -z "$(man3dir)" || $(MKDIR_P) "$(DESTDIR)$(man3dir)" + @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ + l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ + for i in $$l2; do \ + case "$$i" in \ + *.3*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ + else file=$$i; fi; \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + case "$$ext" in \ + 3*) ;; \ + *) ext='3' ;; \ + esac; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst"; \ + done +uninstall-man3: + @$(NORMAL_UNINSTALL) + @list='$(man3_MANS) $(dist_man3_MANS) $(nodist_man3_MANS)'; \ + l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ + for i in $$l2; do \ + case "$$i" in \ + *.3*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + case "$$ext" in \ + 3*) ;; \ + *) ext='3' ;; \ + esac; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " rm -f '$(DESTDIR)$(man3dir)/$$inst'"; \ + rm -f "$(DESTDIR)$(man3dir)/$$inst"; \ + done ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ @@ -362,9 +413,9 @@ distdir: $(DISTFILES) done check-am: all-am check: check-am -all-am: Makefile $(LTLIBRARIES) +all-am: Makefile $(LTLIBRARIES) $(MANS) installdirs: - for dir in "$(DESTDIR)$(libdir)"; do \ + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(man3dir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am @@ -412,7 +463,7 @@ info: info-am info-am: -install-data-am: +install-data-am: install-man install-dvi: install-dvi-am @@ -422,7 +473,7 @@ install-html: install-html-am install-info: install-info-am -install-man: +install-man: install-man3 install-pdf: install-pdf-am @@ -448,7 +499,9 @@ ps: ps-am ps-am: -uninstall-am: uninstall-libLTLIBRARIES +uninstall-am: uninstall-libLTLIBRARIES uninstall-man + +uninstall-man: uninstall-man3 .MAKE: install-am install-strip @@ -459,16 +512,14 @@ uninstall-am: uninstall-libLTLIBRARIES install install-am install-data install-data-am install-dvi \ install-dvi-am install-exec install-exec-am install-html \ install-html-am install-info install-info-am \ - install-libLTLIBRARIES install-man install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ + install-libLTLIBRARIES install-man install-man3 install-pdf \ + install-pdf-am install-ps install-ps-am install-strip \ + installcheck installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-libLTLIBRARIES - + tags uninstall uninstall-am uninstall-libLTLIBRARIES \ + uninstall-man uninstall-man3 -#man3_MANS = \ -# libauditd.3 # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: Modified: head/contrib/openbsm/libauditd/auditd_lib.c ============================================================================== --- head/contrib/openbsm/libauditd/auditd_lib.c Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/libauditd/auditd_lib.c Wed Jan 14 10:44:16 2009 (r187214) @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#1 $ + * $P4: //depot/projects/trustedbsd/openbsm/libauditd/auditd_lib.c#2 $ */ #include <sys/param.h> @@ -823,7 +823,7 @@ audit_quick_stop(void) */ if (auditon(A_GETCOND, &cond, sizeof(cond)) < 0) return (-1); - if (cond == AUC_DISABLED) + if (cond == AUC_NOAUDIT) return (0); /* Copied: head/contrib/openbsm/libauditd/libauditd.3 (from r187065, vendor/openbsm/dist/libauditd/libauditd.3) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/contrib/openbsm/libauditd/libauditd.3 Wed Jan 14 10:44:16 2009 (r187214, copy of r187065, vendor/openbsm/dist/libauditd/libauditd.3) @@ -0,0 +1,60 @@ +.\"- +.\" Copyright (c) 2008 Apple Inc. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of Apple Inc. ("Apple") nor the names of +.\" its contributors may be used to endorse or promote products derived +.\" from this software without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR +.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING +.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +.\" POSSIBILITY OF SUCH DAMAGE. +.\" +.\" $P4: //depot/projects/trustedbsd/openbsm/libauditd/libauditd.3#1 $ +.\" +.Dd December 27, 2008 +.Dt LIBAUDITD 3 +.Os +.Sh NAME +.Nm libauditd +.Nd "auditd support library" +.Sh LIBRARY +.Lb libauditd +.Sh DESCRIPTION +The +.Nm +library provides the internal implementation of +.Xr auditd 8 . +.Sh INTERFACES +There are no public interfaces in +.Nm . +.Sh SEE ALSO +.Xr auditd 8 . +.Sh HISTORY +The OpenBSM implementation was created by McAfee Research, the security +division of McAfee Inc., under contract to Apple Computer, Inc., in 2004. +It was subsequently adopted by the TrustedBSD Project as the foundation for +the OpenBSM distribution. +.Sh AUTHORS +.An -nosplit +This software was created by +.An Stacey Son . +.Pp +The Basic Security Module (BSM) interface to audit records and audit event +stream format were defined by Sun Microsystems. Modified: head/contrib/openbsm/libbsm/Makefile.am ============================================================================== --- head/contrib/openbsm/libbsm/Makefile.am Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/libbsm/Makefile.am Wed Jan 14 10:44:16 2009 (r187214) @@ -1,5 +1,5 @@ # -# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#7 $ +# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.am#8 $ # if USE_NATIVE_INCLUDES @@ -14,11 +14,13 @@ libbsm_la_SOURCES = \ bsm_audit.c \ bsm_class.c \ bsm_control.c \ + bsm_domain.c \ bsm_errno.c \ bsm_event.c \ bsm_flags.c \ bsm_io.c \ bsm_mask.c \ + bsm_socket_type.c \ bsm_token.c \ bsm_user.c @@ -31,12 +33,14 @@ endif man3_MANS = \ au_class.3 \ au_control.3 \ + au_domain.3 \ au_errno.3 \ au_event.3 \ au_free_token.3 \ au_io.3 \ au_mask.3 \ au_open.3 \ + au_socket_type.3 \ au_token.3 \ au_user.3 \ libbsm.3 Modified: head/contrib/openbsm/libbsm/Makefile.in ============================================================================== --- head/contrib/openbsm/libbsm/Makefile.in Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/libbsm/Makefile.in Wed Jan 14 10:44:16 2009 (r187214) @@ -15,7 +15,7 @@ @SET_MAKE@ # -# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#12 $ +# $P4: //depot/projects/trustedbsd/openbsm/libbsm/Makefile.in#13 $ # VPATH = @srcdir@ @@ -60,13 +60,15 @@ libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) libbsm_la_LIBADD = am__libbsm_la_SOURCES_DIST = bsm_audit.c bsm_class.c bsm_control.c \ - bsm_errno.c bsm_event.c bsm_flags.c bsm_io.c bsm_mask.c \ - bsm_token.c bsm_user.c bsm_notify.c bsm_wrappers.c + bsm_domain.c bsm_errno.c bsm_event.c bsm_flags.c bsm_io.c \ + bsm_mask.c bsm_socket_type.c bsm_token.c bsm_user.c \ + bsm_notify.c bsm_wrappers.c @HAVE_AUDIT_SYSCALLS_TRUE@am__objects_1 = bsm_notify.lo \ @HAVE_AUDIT_SYSCALLS_TRUE@ bsm_wrappers.lo am_libbsm_la_OBJECTS = bsm_audit.lo bsm_class.lo bsm_control.lo \ - bsm_errno.lo bsm_event.lo bsm_flags.lo bsm_io.lo bsm_mask.lo \ - bsm_token.lo bsm_user.lo $(am__objects_1) + bsm_domain.lo bsm_errno.lo bsm_event.lo bsm_flags.lo bsm_io.lo \ + bsm_mask.lo bsm_socket_type.lo bsm_token.lo bsm_user.lo \ + $(am__objects_1) libbsm_la_OBJECTS = $(am_libbsm_la_OBJECTS) DEFAULT_INCLUDES = -I. -I$(top_builddir)/config@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/config/depcomp @@ -199,18 +201,20 @@ top_srcdir = @top_srcdir@ @USE_NATIVE_INCLUDES_FALSE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/sys @USE_NATIVE_INCLUDES_TRUE@INCLUDES = -I$(top_builddir) -I$(top_srcdir) lib_LTLIBRARIES = libbsm.la -libbsm_la_SOURCES = bsm_audit.c bsm_class.c bsm_control.c bsm_errno.c \ - bsm_event.c bsm_flags.c bsm_io.c bsm_mask.c bsm_token.c \ - bsm_user.c $(am__append_1) +libbsm_la_SOURCES = bsm_audit.c bsm_class.c bsm_control.c bsm_domain.c \ + bsm_errno.c bsm_event.c bsm_flags.c bsm_io.c bsm_mask.c \ + bsm_socket_type.c bsm_token.c bsm_user.c $(am__append_1) man3_MANS = \ au_class.3 \ au_control.3 \ + au_domain.3 \ au_errno.3 \ au_event.3 \ au_free_token.3 \ au_io.3 \ au_mask.3 \ au_open.3 \ + au_socket_type.3 \ au_token.3 \ au_user.3 \ libbsm.3 @@ -287,12 +291,14 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_audit.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_class.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_control.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_domain.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_errno.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_event.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_flags.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_io.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_mask.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_notify.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_socket_type.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_token.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_user.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bsm_wrappers.Plo@am__quote@ Copied: head/contrib/openbsm/libbsm/au_domain.3 (from r187065, vendor/openbsm/dist/libbsm/au_domain.3) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/contrib/openbsm/libbsm/au_domain.3 Wed Jan 14 10:44:16 2009 (r187214, copy of r187065, vendor/openbsm/dist/libbsm/au_domain.3) @@ -0,0 +1,87 @@ +.\"- +.\" Copyright (c) 2008 Apple Inc. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of Apple Inc. ("Apple") nor the names of +.\" its contributors may be used to endorse or promote products derived +.\" from this software without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR +.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING +.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +.\" POSSIBILITY OF SUCH DAMAGE. +.\" +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_domain.3#1 $ +.\" +.Dd December 28, 2008 +.Dt AU_BSM_TO_DOMAIN 3 +.Os +.Sh NAME +.Nm au_bsm_to_domain , +.Nm au_domain_to_bsm +.Nd "convert between BSM and local protocol domains" +.Sh LIBRARY +.Lb libbsm +.Sh SYNOPSIS +.In bsm/libbsm.h +.Ft int +.Fn au_bsm_to_domain "u_short bsm_domain" "int *local_domainp" +.Ft u_short +.Fn au_domain_to_bsm "int local_domain" +.Sh DESCRIPTION +These interfaces may be used to convert between the local and BSM protocol +domains. +The +.Fn au_bsm_to_domain +function accepts a BSM domain, +.Fa bsm_domain , +and converts it to a local domain, such as those passed to +.Xr socket 2 , +that will be stored in the integer pointed to by +.Fa local_domainp +if successful. +This call will fail if the BSM domain cannot be mapped into a local domain, +which may occur if the socket token was generated on another operating +system. +.Pp +.Fn au_domain_to_bsm +function accepts a local domain, and returns the BSM domain for it. +This call cannot fail, and instead returns a BSM domain indicating to a later +decoder that the domain could not be encoded. +.Sh RETURN VALULES +On success, +.Fn au_bsm_to_domain +returns 0 and a converted domain; on failure, it returns -1 but does not set +.Xr errno 2 . +.Sh SEE ALSO +.Xr au_bsm_to_socket_type 3 , +.Xr au_socket_type_to_bsm 3 , +.Xr au_to_socket_ex 3 , +.Xr libbsm 3 +.Sh HISTORY +.Fn au_bsm_to_domain +and +.Fn au_domain_to_bsm +were introduced in OpenBSM 1.1. +.Sh AUTHORS +These functions were implemented by +.An Robert Watson +under contract to Apple Inc. +.Pp +The Basic Security Module (BSM) interface to audit records and audit event +stream format were defined by Sun Microsystems. Copied: head/contrib/openbsm/libbsm/au_socket_type.3 (from r187065, vendor/openbsm/dist/libbsm/au_socket_type.3) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/contrib/openbsm/libbsm/au_socket_type.3 Wed Jan 14 10:44:16 2009 (r187214, copy of r187065, vendor/openbsm/dist/libbsm/au_socket_type.3) @@ -0,0 +1,93 @@ +.\"- +.\" Copyright (c) 2008 Apple Inc. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of Apple Inc. ("Apple") nor the names of +.\" its contributors may be used to endorse or promote products derived +.\" from this software without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR +.\" ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING +.\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +.\" POSSIBILITY OF SUCH DAMAGE. +.\" +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_socket_type.3#1 $ +.\" +.Dd December 28, 2008 +.Dt AU_BSM_TO_SOCKET_TYPE 3 +.Os +.Sh NAME +.Nm au_bsm_to_socket_type , +.Nm au_socket_type_to_bsm +.Nd "convert between BSM and local socket types" +.Sh LIBRARY +.Lb libbsm +.Sh SYNOPSIS +.In bsm/libbsm.h +.Ft int +.Fn au_bsm_to_socket_type "u_short bsm_socket_type" "int *local_socket_typep" +.Ft u_short +.Fn au_socket_type_to_bsm "int local_socket_type" +.Sh DESCRIPTION +These interfaces may be used to convert between the local and BSM socket +types. +The +.Fn au_bsm_to_socket_type +function accepts a BSM socket type, +.Fa bsm_socket_type , +and converts it to a local socket type, such as those passed to +.Xr socket 2 , +that will be stored in the integer pointed to by +.Fa local_socket_typep +if successful. +This call will fail if the BSM socket type cannot be mapped into a local +socket type, which may occur if the socket token was generated on another +operating system. +.Pp +.Fn au_socket_type_to_bsm +function accepts a local socket type, and returns the BSM socket type for it. +This call cannot fail, and instead returns a BSM socket type indicating to a +later decoder that the socket type could not be encoded. +.Sh RETURN VALULES +On success, +.Fn au_bsm_to_socket_type +returns 0 and a converted socket type; on failure, it returns -1 but does not +set +.Xr errno 2 . +.Pp +On success, +.Fn au_strerror +returns a pointer to an error string; on failure it will return +.Dv NULL . +.Sh SEE ALSO +.Xr au_bsm_to_domain 3 , +.Xr au_domain_to_bsm 3 , +.Xr au_to_socket_ex 3 , +.Xr libbsm 3 +.Sh HISTORY +.Fn au_bsm_to_socket_type +and +.Fn au_socket_type_to_bsm +were introduced in OpenBSM 1.1. +.Sh AUTHORS +These functions were implemented by +.An Robert Watson +under contract to Apple Inc. +.Pp +The Basic Security Module (BSM) interface to audit records and audit event +stream format were defined by Sun Microsystems. Modified: head/contrib/openbsm/libbsm/au_token.3 ============================================================================== --- head/contrib/openbsm/libbsm/au_token.3 Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/libbsm/au_token.3 Wed Jan 14 10:44:16 2009 (r187214) @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#16 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_token.3#17 $ .\" .Dd April 19, 2005 .Dt AU_TOKEN 3 @@ -60,6 +60,7 @@ .Nm au_to_sock_inet32 , .Nm au_to_sock_inet128 , .Nm au_to_sock_inet , +.Nm au_to_socket_ex , .Nm au_to_subject32 , .Nm au_to_subject64 , .Nm au_to_subject , @@ -156,6 +157,8 @@ .Ft "token_t *" .Fn au_to_sock_int "struct sockaddr_in *so" .Ft "token_t *" +.Fn au_to_socket_ex "u_short so_domain" "u_short so_type" "struct sockaddr *sa_local" "struct sockaddr *sa_remote" +.Ft "token_t *" .Fo au_to_subject32 .Fa "au_id_t auid" "uid_t euid" "gid_t egid" "uid_t ruid" .Fa "gid_t rgid" "pid_t pid" "au_asid_t sid" "au_tid_t *tid" Modified: head/contrib/openbsm/libbsm/bsm_audit.c ============================================================================== --- head/contrib/openbsm/libbsm/bsm_audit.c Wed Jan 14 10:17:35 2009 (r187213) +++ head/contrib/openbsm/libbsm/bsm_audit.c Wed Jan 14 10:44:16 2009 (r187214) @@ -30,7 +30,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#34 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_audit.c#35 $ */ #include <sys/types.h> @@ -219,13 +219,16 @@ au_write(int d, token_t *tok) static int au_assemble(au_record_t *rec, short event) { - token_t *header, *tok, *trailer; - size_t tot_rec_size, hdrsize; - u_char *dptr; +#ifdef HAVE_AUDIT_SYSCALLS struct in6_addr *aptr; - int error; struct auditinfo_addr aia; struct timeval tm; + size_t hdrsize; +#endif /* HAVE_AUDIT_SYSCALLS */ + token_t *header, *tok, *trailer; + size_t tot_rec_size; + u_char *dptr; + int error; #ifdef HAVE_AUDIT_SYSCALLS /* Copied: head/contrib/openbsm/libbsm/bsm_domain.c (from r187065, vendor/openbsm/dist/libbsm/bsm_domain.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/contrib/openbsm/libbsm/bsm_domain.c Wed Jan 14 10:44:16 2009 (r187214, copy of r187065, vendor/openbsm/dist/libbsm/bsm_domain.c) @@ -0,0 +1,499 @@ +/*- + * Copyright (c) 2008 Apple Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of Apple Inc. ("Apple") nor the names of + * its contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING + * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_domain.c#2 $ + */ + +#include <sys/types.h> +#include <sys/socket.h> + +#include <config/config.h> + +#include <bsm/audit_domain.h> +#include <bsm/libbsm.h> + +struct bsm_domain { + u_short bd_bsm_domain; + int bd_local_domain; +}; + +#define PF_NO_LOCAL_MAPPING -600 + +static const struct bsm_domain bsm_domains[] = { + { BSM_PF_UNSPEC, PF_UNSPEC }, + { BSM_PF_LOCAL, PF_LOCAL }, + { BSM_PF_INET, PF_INET }, + { BSM_PF_IMPLINK, +#ifdef PF_IMPLINK + PF_IMPLINK +#else + PF_NO_LOCAL_MAPPING +#endif + }, + { BSM_PF_PUP, +#ifdef PF_PUP + PF_PUP +#else + PF_NO_LOCAL_MAPPING +#endif *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901141044.n0EAiG2g039967>