1ca0716f5SRobert Watson /* 2ca0716f5SRobert Watson * Copyright (c) 2004 Apple Computer, Inc. 3ca0716f5SRobert Watson * Copyright (c) 2005 SPARTA, Inc. 4ca0716f5SRobert Watson * All rights reserved. 5ca0716f5SRobert Watson * 6ca0716f5SRobert Watson * This code was developed in part by Robert N. M. Watson, Senior Principal 7ca0716f5SRobert Watson * Scientist, SPARTA, Inc. 8ca0716f5SRobert Watson * 9ca0716f5SRobert Watson * Redistribution and use in source and binary forms, with or without 10ca0716f5SRobert Watson * modification, are permitted provided that the following conditions 11ca0716f5SRobert Watson * are met: 12ca0716f5SRobert Watson * 1. Redistributions of source code must retain the above copyright 13ca0716f5SRobert Watson * notice, this list of conditions and the following disclaimer. 14ca0716f5SRobert Watson * 2. Redistributions in binary form must reproduce the above copyright 15ca0716f5SRobert Watson * notice, this list of conditions and the following disclaimer in the 16ca0716f5SRobert Watson * documentation and/or other materials provided with the distribution. 17ca0716f5SRobert Watson * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of 18ca0716f5SRobert Watson * its contributors may be used to endorse or promote products derived 19ca0716f5SRobert Watson * from this software without specific prior written permission. 20ca0716f5SRobert Watson * 21ca0716f5SRobert Watson * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND 22ca0716f5SRobert Watson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23ca0716f5SRobert Watson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24ca0716f5SRobert Watson * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR 25ca0716f5SRobert Watson * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26ca0716f5SRobert Watson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27ca0716f5SRobert Watson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28ca0716f5SRobert Watson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 29ca0716f5SRobert Watson * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 30ca0716f5SRobert Watson * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 31ca0716f5SRobert Watson * POSSIBILITY OF SUCH DAMAGE. 32ca0716f5SRobert Watson * 3322ccb20dSRobert Watson * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#51 $ 34ca0716f5SRobert Watson */ 35ca0716f5SRobert Watson 36ca0716f5SRobert Watson #include <sys/types.h> 373b97a967SRobert Watson 383b97a967SRobert Watson #include <config/config.h> 393b97a967SRobert Watson #ifdef HAVE_SYS_ENDIAN_H 40ca0716f5SRobert Watson #include <sys/endian.h> 413b97a967SRobert Watson #else /* !HAVE_SYS_ENDIAN_H */ 423b97a967SRobert Watson #ifdef HAVE_MACHINE_ENDIAN_H 433b97a967SRobert Watson #include <machine/endian.h> 443b97a967SRobert Watson #else /* !HAVE_MACHINE_ENDIAN_H */ 453b97a967SRobert Watson #ifdef HAVE_ENDIAN_H 463b97a967SRobert Watson #include <endian.h> 473b97a967SRobert Watson #else /* !HAVE_ENDIAN_H */ 483b97a967SRobert Watson #error "No supported endian.h" 493b97a967SRobert Watson #endif /* !HAVE_ENDIAN_H */ 503b97a967SRobert Watson #endif /* !HAVE_MACHINE_ENDIAN_H */ 513b97a967SRobert Watson #include <compat/endian.h> 523b97a967SRobert Watson #endif /* !HAVE_SYS_ENDIAN_H */ 533b97a967SRobert Watson #ifdef HAVE_FULL_QUEUE_H 543b97a967SRobert Watson #include <sys/queue.h> 553b97a967SRobert Watson #else /* !HAVE_FULL_QUEUE_H */ 563b97a967SRobert Watson #include <compat/queue.h> 573b97a967SRobert Watson #endif /* !HAVE_FULL_QUEUE_H */ 583b97a967SRobert Watson 59ca0716f5SRobert Watson #include <sys/socket.h> 60ca0716f5SRobert Watson #include <sys/time.h> 61ca0716f5SRobert Watson #include <sys/un.h> 62ca0716f5SRobert Watson 63ca0716f5SRobert Watson #include <sys/ipc.h> 64ca0716f5SRobert Watson 65ca0716f5SRobert Watson #include <netinet/in.h> 66ca0716f5SRobert Watson #include <netinet/in_systm.h> 67ca0716f5SRobert Watson #include <netinet/ip.h> 68ca0716f5SRobert Watson 69ca0716f5SRobert Watson #include <assert.h> 70ca0716f5SRobert Watson #include <errno.h> 71ca0716f5SRobert Watson #include <string.h> 72ca0716f5SRobert Watson #include <stdlib.h> 73ca0716f5SRobert Watson #include <unistd.h> 74ca0716f5SRobert Watson #include <sys/socketvar.h> 75ca0716f5SRobert Watson 76ca0716f5SRobert Watson #include <bsm/audit_internal.h> 77ca0716f5SRobert Watson #include <bsm/libbsm.h> 78ca0716f5SRobert Watson 79ca0716f5SRobert Watson #define GET_TOKEN_AREA(t, dptr, length) do { \ 80ca0716f5SRobert Watson (t) = malloc(sizeof(token_t)); \ 81ca0716f5SRobert Watson if ((t) != NULL) { \ 82ca0716f5SRobert Watson (t)->len = (length); \ 83ca0716f5SRobert Watson (dptr) = (t->t_data) = malloc((length) * sizeof(u_char)); \ 84ca0716f5SRobert Watson if ((dptr) == NULL) { \ 85ca0716f5SRobert Watson free(t); \ 86ca0716f5SRobert Watson (t) = NULL; \ 87ca0716f5SRobert Watson } else \ 88ca0716f5SRobert Watson memset((dptr), 0, (length)); \ 89ca0716f5SRobert Watson } else \ 90ca0716f5SRobert Watson (dptr) = NULL; \ 91ca0716f5SRobert Watson assert(t == NULL || dptr != NULL); \ 92ca0716f5SRobert Watson } while (0) 93ca0716f5SRobert Watson 94ca0716f5SRobert Watson /* 95ca0716f5SRobert Watson * token ID 1 byte 96ca0716f5SRobert Watson * argument # 1 byte 97ca0716f5SRobert Watson * argument value 4 bytes/8 bytes (32-bit/64-bit value) 98ca0716f5SRobert Watson * text length 2 bytes 99ca0716f5SRobert Watson * text N bytes + 1 terminating NULL byte 100ca0716f5SRobert Watson */ 101ca0716f5SRobert Watson token_t * 102ca0716f5SRobert Watson au_to_arg32(char n, char *text, u_int32_t v) 103ca0716f5SRobert Watson { 104ca0716f5SRobert Watson token_t *t; 105ca0716f5SRobert Watson u_char *dptr = NULL; 106ca0716f5SRobert Watson u_int16_t textlen; 107ca0716f5SRobert Watson 108ca0716f5SRobert Watson textlen = strlen(text); 109ca0716f5SRobert Watson textlen += 1; 110ca0716f5SRobert Watson 111ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int32_t) + 112ca0716f5SRobert Watson sizeof(u_int16_t) + textlen); 113ca0716f5SRobert Watson if (t == NULL) 114ca0716f5SRobert Watson return (NULL); 115ca0716f5SRobert Watson 116ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_ARG32); 117ca0716f5SRobert Watson ADD_U_CHAR(dptr, n); 118ca0716f5SRobert Watson ADD_U_INT32(dptr, v); 119ca0716f5SRobert Watson ADD_U_INT16(dptr, textlen); 120ca0716f5SRobert Watson ADD_STRING(dptr, text, textlen); 121ca0716f5SRobert Watson 122ca0716f5SRobert Watson return (t); 123ca0716f5SRobert Watson 124ca0716f5SRobert Watson } 125ca0716f5SRobert Watson 126ca0716f5SRobert Watson token_t * 127ca0716f5SRobert Watson au_to_arg64(char n, char *text, u_int64_t v) 128ca0716f5SRobert Watson { 129ca0716f5SRobert Watson token_t *t; 130ca0716f5SRobert Watson u_char *dptr = NULL; 131ca0716f5SRobert Watson u_int16_t textlen; 132ca0716f5SRobert Watson 133ca0716f5SRobert Watson textlen = strlen(text); 134ca0716f5SRobert Watson textlen += 1; 135ca0716f5SRobert Watson 136ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int64_t) + 137ca0716f5SRobert Watson sizeof(u_int16_t) + textlen); 138ca0716f5SRobert Watson if (t == NULL) 139ca0716f5SRobert Watson return (NULL); 140ca0716f5SRobert Watson 141ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_ARG64); 142ca0716f5SRobert Watson ADD_U_CHAR(dptr, n); 143ca0716f5SRobert Watson ADD_U_INT64(dptr, v); 144ca0716f5SRobert Watson ADD_U_INT16(dptr, textlen); 145ca0716f5SRobert Watson ADD_STRING(dptr, text, textlen); 146ca0716f5SRobert Watson 147ca0716f5SRobert Watson return (t); 148ca0716f5SRobert Watson 149ca0716f5SRobert Watson } 150ca0716f5SRobert Watson 151ca0716f5SRobert Watson token_t * 152ca0716f5SRobert Watson au_to_arg(char n, char *text, u_int32_t v) 153ca0716f5SRobert Watson { 154ca0716f5SRobert Watson 155ca0716f5SRobert Watson return (au_to_arg32(n, text, v)); 156ca0716f5SRobert Watson } 157ca0716f5SRobert Watson 158ca0716f5SRobert Watson #if defined(_KERNEL) || defined(KERNEL) 159ca0716f5SRobert Watson /* 160ca0716f5SRobert Watson * token ID 1 byte 161ca0716f5SRobert Watson * file access mode 4 bytes 162ca0716f5SRobert Watson * owner user ID 4 bytes 163ca0716f5SRobert Watson * owner group ID 4 bytes 164ca0716f5SRobert Watson * file system ID 4 bytes 165ca0716f5SRobert Watson * node ID 8 bytes 166ca0716f5SRobert Watson * device 4 bytes/8 bytes (32-bit/64-bit) 167ca0716f5SRobert Watson */ 168ca0716f5SRobert Watson token_t * 169ca0716f5SRobert Watson au_to_attr32(struct vnode_au_info *vni) 170ca0716f5SRobert Watson { 171ca0716f5SRobert Watson token_t *t; 172ca0716f5SRobert Watson u_char *dptr = NULL; 173ca0716f5SRobert Watson u_int16_t pad0_16 = 0; 174ca0716f5SRobert Watson u_int16_t pad0_32 = 0; 175ca0716f5SRobert Watson 176ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int16_t) + 177ca0716f5SRobert Watson 3 * sizeof(u_int32_t) + sizeof(u_int64_t) + sizeof(u_int32_t)); 178ca0716f5SRobert Watson if (t == NULL) 179ca0716f5SRobert Watson return (NULL); 180ca0716f5SRobert Watson 181ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_ATTR32); 182ca0716f5SRobert Watson 183ca0716f5SRobert Watson /* 184ca0716f5SRobert Watson * Darwin defines the size for the file mode 185ca0716f5SRobert Watson * as 2 bytes; BSM defines 4 so pad with 0 186ca0716f5SRobert Watson */ 187ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0_16); 188ca0716f5SRobert Watson ADD_U_INT16(dptr, vni->vn_mode); 189ca0716f5SRobert Watson 190ca0716f5SRobert Watson ADD_U_INT32(dptr, vni->vn_uid); 191ca0716f5SRobert Watson ADD_U_INT32(dptr, vni->vn_gid); 192ca0716f5SRobert Watson ADD_U_INT32(dptr, vni->vn_fsid); 193ca0716f5SRobert Watson 194ca0716f5SRobert Watson /* 195ca0716f5SRobert Watson * Some systems use 32-bit file ID's, other's use 64-bit file IDs. 196ca0716f5SRobert Watson * Attempt to handle both, and let the compiler sort it out. If we 197ca0716f5SRobert Watson * could pick this out at compile-time, it would be better, so as to 198ca0716f5SRobert Watson * avoid the else case below. 199ca0716f5SRobert Watson */ 200ca0716f5SRobert Watson if (sizeof(vni->vn_fileid) == sizeof(uint32_t)) { 201ca0716f5SRobert Watson ADD_U_INT32(dptr, pad0_32); 202ca0716f5SRobert Watson ADD_U_INT32(dptr, vni->vn_fileid); 203ca0716f5SRobert Watson } else if (sizeof(vni->vn_fileid) == sizeof(uint64_t)) 204ca0716f5SRobert Watson ADD_U_INT64(dptr, vni->vn_fileid); 205ca0716f5SRobert Watson else 206ca0716f5SRobert Watson ADD_U_INT64(dptr, 0LL); 207ca0716f5SRobert Watson 208ca0716f5SRobert Watson ADD_U_INT32(dptr, vni->vn_dev); 209ca0716f5SRobert Watson 210ca0716f5SRobert Watson return (t); 211ca0716f5SRobert Watson } 212ca0716f5SRobert Watson 213ca0716f5SRobert Watson token_t * 214ca0716f5SRobert Watson au_to_attr64(struct vnode_au_info *vni) 215ca0716f5SRobert Watson { 216ca0716f5SRobert Watson 217ca0716f5SRobert Watson errno = ENOTSUP; 218ca0716f5SRobert Watson return (NULL); 219ca0716f5SRobert Watson } 220ca0716f5SRobert Watson 221ca0716f5SRobert Watson token_t * 222ca0716f5SRobert Watson au_to_attr(struct vnode_au_info *vni) 223ca0716f5SRobert Watson { 224ca0716f5SRobert Watson 225ca0716f5SRobert Watson return (au_to_attr32(vni)); 226ca0716f5SRobert Watson } 227ca0716f5SRobert Watson #endif /* !(defined(_KERNEL) || defined(KERNEL) */ 228ca0716f5SRobert Watson 229ca0716f5SRobert Watson /* 230ca0716f5SRobert Watson * token ID 1 byte 231ca0716f5SRobert Watson * how to print 1 byte 232ca0716f5SRobert Watson * basic unit 1 byte 233ca0716f5SRobert Watson * unit count 1 byte 234ca0716f5SRobert Watson * data items (depends on basic unit) 235ca0716f5SRobert Watson */ 236ca0716f5SRobert Watson token_t * 237ca0716f5SRobert Watson au_to_data(char unit_print, char unit_type, char unit_count, char *p) 238ca0716f5SRobert Watson { 239ca0716f5SRobert Watson token_t *t; 240ca0716f5SRobert Watson u_char *dptr = NULL; 241ca0716f5SRobert Watson size_t datasize, totdata; 242ca0716f5SRobert Watson 243ca0716f5SRobert Watson /* Determine the size of the basic unit. */ 244ca0716f5SRobert Watson switch (unit_type) { 245ca0716f5SRobert Watson case AUR_BYTE: 246506764c6SRobert Watson /* case AUR_CHAR: */ 247ca0716f5SRobert Watson datasize = AUR_BYTE_SIZE; 248ca0716f5SRobert Watson break; 249ca0716f5SRobert Watson 250ca0716f5SRobert Watson case AUR_SHORT: 251ca0716f5SRobert Watson datasize = AUR_SHORT_SIZE; 252ca0716f5SRobert Watson break; 253ca0716f5SRobert Watson 254506764c6SRobert Watson case AUR_INT32: 255506764c6SRobert Watson /* case AUR_INT: */ 256506764c6SRobert Watson datasize = AUR_INT32_SIZE; 257506764c6SRobert Watson break; 258506764c6SRobert Watson 259506764c6SRobert Watson case AUR_INT64: 260506764c6SRobert Watson datasize = AUR_INT64_SIZE; 261ca0716f5SRobert Watson break; 262ca0716f5SRobert Watson 263ca0716f5SRobert Watson default: 264ca0716f5SRobert Watson errno = EINVAL; 265ca0716f5SRobert Watson return (NULL); 266ca0716f5SRobert Watson } 267ca0716f5SRobert Watson 268ca0716f5SRobert Watson totdata = datasize * unit_count; 269ca0716f5SRobert Watson 270506764c6SRobert Watson GET_TOKEN_AREA(t, dptr, 4 * sizeof(u_char) + totdata); 271ca0716f5SRobert Watson if (t == NULL) 272ca0716f5SRobert Watson return (NULL); 273ca0716f5SRobert Watson 274ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_DATA); 275ca0716f5SRobert Watson ADD_U_CHAR(dptr, unit_print); 276ca0716f5SRobert Watson ADD_U_CHAR(dptr, unit_type); 277ca0716f5SRobert Watson ADD_U_CHAR(dptr, unit_count); 278ca0716f5SRobert Watson ADD_MEM(dptr, p, totdata); 279ca0716f5SRobert Watson 280ca0716f5SRobert Watson return (t); 281ca0716f5SRobert Watson } 282ca0716f5SRobert Watson 283ca0716f5SRobert Watson 284ca0716f5SRobert Watson /* 285ca0716f5SRobert Watson * token ID 1 byte 286ca0716f5SRobert Watson * status 4 bytes 287ca0716f5SRobert Watson * return value 4 bytes 288ca0716f5SRobert Watson */ 289ca0716f5SRobert Watson token_t * 290ca0716f5SRobert Watson au_to_exit(int retval, int err) 291ca0716f5SRobert Watson { 292ca0716f5SRobert Watson token_t *t; 293ca0716f5SRobert Watson u_char *dptr = NULL; 294ca0716f5SRobert Watson 295ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int32_t)); 296ca0716f5SRobert Watson if (t == NULL) 297ca0716f5SRobert Watson return (NULL); 298ca0716f5SRobert Watson 299ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_EXIT); 300ca0716f5SRobert Watson ADD_U_INT32(dptr, err); 301ca0716f5SRobert Watson ADD_U_INT32(dptr, retval); 302ca0716f5SRobert Watson 303ca0716f5SRobert Watson return (t); 304ca0716f5SRobert Watson } 305ca0716f5SRobert Watson 306ca0716f5SRobert Watson /* 307ca0716f5SRobert Watson */ 308ca0716f5SRobert Watson token_t * 309ca0716f5SRobert Watson au_to_groups(int *groups) 310ca0716f5SRobert Watson { 311ca0716f5SRobert Watson 31222ccb20dSRobert Watson return (au_to_newgroups(AUDIT_MAX_GROUPS, groups)); 313ca0716f5SRobert Watson } 314ca0716f5SRobert Watson 315ca0716f5SRobert Watson /* 316ca0716f5SRobert Watson * token ID 1 byte 317ca0716f5SRobert Watson * number groups 2 bytes 318ca0716f5SRobert Watson * group list count * 4 bytes 319ca0716f5SRobert Watson */ 320ca0716f5SRobert Watson token_t * 321ca0716f5SRobert Watson au_to_newgroups(u_int16_t n, gid_t *groups) 322ca0716f5SRobert Watson { 323ca0716f5SRobert Watson token_t *t; 324ca0716f5SRobert Watson u_char *dptr = NULL; 325ca0716f5SRobert Watson int i; 326ca0716f5SRobert Watson 327ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + 328ca0716f5SRobert Watson n * sizeof(u_int32_t)); 329ca0716f5SRobert Watson if (t == NULL) 330ca0716f5SRobert Watson return (NULL); 331ca0716f5SRobert Watson 332ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_NEWGROUPS); 333ca0716f5SRobert Watson ADD_U_INT16(dptr, n); 334ca0716f5SRobert Watson for (i = 0; i < n; i++) 335ca0716f5SRobert Watson ADD_U_INT32(dptr, groups[i]); 336ca0716f5SRobert Watson 337ca0716f5SRobert Watson return (t); 338ca0716f5SRobert Watson } 339ca0716f5SRobert Watson 340ca0716f5SRobert Watson /* 341ca0716f5SRobert Watson * token ID 1 byte 342ca0716f5SRobert Watson * internet address 4 bytes 343ca0716f5SRobert Watson */ 344ca0716f5SRobert Watson token_t * 345ca0716f5SRobert Watson au_to_in_addr(struct in_addr *internet_addr) 346ca0716f5SRobert Watson { 347ca0716f5SRobert Watson token_t *t; 348ca0716f5SRobert Watson u_char *dptr = NULL; 349ca0716f5SRobert Watson 350506764c6SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(uint32_t)); 351ca0716f5SRobert Watson if (t == NULL) 352ca0716f5SRobert Watson return (NULL); 353ca0716f5SRobert Watson 354ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_IN_ADDR); 355506764c6SRobert Watson ADD_MEM(dptr, &internet_addr->s_addr, sizeof(uint32_t)); 356ca0716f5SRobert Watson 357ca0716f5SRobert Watson return (t); 358ca0716f5SRobert Watson } 359ca0716f5SRobert Watson 360ca0716f5SRobert Watson /* 361ca0716f5SRobert Watson * token ID 1 byte 362ca0716f5SRobert Watson * address type/length 4 bytes 363ca0716f5SRobert Watson * Address 16 bytes 364ca0716f5SRobert Watson */ 365ca0716f5SRobert Watson token_t * 366ca0716f5SRobert Watson au_to_in_addr_ex(struct in6_addr *internet_addr) 367ca0716f5SRobert Watson { 368ca0716f5SRobert Watson token_t *t; 369ca0716f5SRobert Watson u_char *dptr = NULL; 370ca0716f5SRobert Watson u_int32_t type = AF_INET6; 371ca0716f5SRobert Watson 372506764c6SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 5 * sizeof(uint32_t)); 373ca0716f5SRobert Watson if (t == NULL) 374ca0716f5SRobert Watson return (NULL); 375ca0716f5SRobert Watson 376ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_IN_ADDR_EX); 377ca0716f5SRobert Watson ADD_U_INT32(dptr, type); 378506764c6SRobert Watson ADD_MEM(dptr, internet_addr, 5 * sizeof(uint32_t)); 379ca0716f5SRobert Watson 380ca0716f5SRobert Watson return (t); 381ca0716f5SRobert Watson } 382ca0716f5SRobert Watson 383ca0716f5SRobert Watson /* 384ca0716f5SRobert Watson * token ID 1 byte 385ca0716f5SRobert Watson * ip header 20 bytes 386ca0716f5SRobert Watson */ 387ca0716f5SRobert Watson token_t * 388ca0716f5SRobert Watson au_to_ip(struct ip *ip) 389ca0716f5SRobert Watson { 390ca0716f5SRobert Watson token_t *t; 391ca0716f5SRobert Watson u_char *dptr = NULL; 392ca0716f5SRobert Watson 393ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(struct ip)); 394ca0716f5SRobert Watson if (t == NULL) 395ca0716f5SRobert Watson return (NULL); 396ca0716f5SRobert Watson 397ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_IP); 398ca0716f5SRobert Watson /* 399ca0716f5SRobert Watson * XXXRW: Any byte order work needed on the IP header before writing? 400ca0716f5SRobert Watson */ 401ca0716f5SRobert Watson ADD_MEM(dptr, ip, sizeof(struct ip)); 402ca0716f5SRobert Watson 403ca0716f5SRobert Watson return (t); 404ca0716f5SRobert Watson } 405ca0716f5SRobert Watson 406ca0716f5SRobert Watson /* 407ca0716f5SRobert Watson * token ID 1 byte 408ca0716f5SRobert Watson * object ID type 1 byte 409ca0716f5SRobert Watson * object ID 4 bytes 410ca0716f5SRobert Watson */ 411ca0716f5SRobert Watson token_t * 412ca0716f5SRobert Watson au_to_ipc(char type, int id) 413ca0716f5SRobert Watson { 414ca0716f5SRobert Watson token_t *t; 415ca0716f5SRobert Watson u_char *dptr = NULL; 416ca0716f5SRobert Watson 417ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int32_t)); 418ca0716f5SRobert Watson if (t == NULL) 419ca0716f5SRobert Watson return (NULL); 420ca0716f5SRobert Watson 421ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_IPC); 422ca0716f5SRobert Watson ADD_U_CHAR(dptr, type); 423ca0716f5SRobert Watson ADD_U_INT32(dptr, id); 424ca0716f5SRobert Watson 425ca0716f5SRobert Watson return (t); 426ca0716f5SRobert Watson } 427ca0716f5SRobert Watson 428ca0716f5SRobert Watson /* 429ca0716f5SRobert Watson * token ID 1 byte 430ca0716f5SRobert Watson * owner user ID 4 bytes 431ca0716f5SRobert Watson * owner group ID 4 bytes 432ca0716f5SRobert Watson * creator user ID 4 bytes 433ca0716f5SRobert Watson * creator group ID 4 bytes 434ca0716f5SRobert Watson * access mode 4 bytes 435ca0716f5SRobert Watson * slot sequence # 4 bytes 436ca0716f5SRobert Watson * key 4 bytes 437ca0716f5SRobert Watson */ 438ca0716f5SRobert Watson token_t * 439ca0716f5SRobert Watson au_to_ipc_perm(struct ipc_perm *perm) 440ca0716f5SRobert Watson { 441ca0716f5SRobert Watson token_t *t; 442ca0716f5SRobert Watson u_char *dptr = NULL; 443ca0716f5SRobert Watson u_int16_t pad0 = 0; 444ca0716f5SRobert Watson 445ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 12 * sizeof(u_int16_t) + sizeof(u_int32_t)); 446ca0716f5SRobert Watson if (t == NULL) 447ca0716f5SRobert Watson return (NULL); 448ca0716f5SRobert Watson 449ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_IPC_PERM); 450ca0716f5SRobert Watson 451ca0716f5SRobert Watson /* 452ca0716f5SRobert Watson * Darwin defines the sizes for ipc_perm members 453ca0716f5SRobert Watson * as 2 bytes; BSM defines 4 so pad with 0 454ca0716f5SRobert Watson */ 455ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0); 456ca0716f5SRobert Watson ADD_U_INT16(dptr, perm->uid); 457ca0716f5SRobert Watson 458ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0); 459ca0716f5SRobert Watson ADD_U_INT16(dptr, perm->gid); 460ca0716f5SRobert Watson 461ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0); 462ca0716f5SRobert Watson ADD_U_INT16(dptr, perm->cuid); 463ca0716f5SRobert Watson 464ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0); 465ca0716f5SRobert Watson ADD_U_INT16(dptr, perm->cgid); 466ca0716f5SRobert Watson 467ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0); 468ca0716f5SRobert Watson ADD_U_INT16(dptr, perm->mode); 469ca0716f5SRobert Watson 470ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0); 471ca0716f5SRobert Watson 4723b97a967SRobert Watson #ifdef HAVE_IPC_PERM___SEQ 4733b97a967SRobert Watson ADD_U_INT16(dptr, perm->__seq); 4743b97a967SRobert Watson #else 4753b97a967SRobert Watson ADD_U_INT16(dptr, perm->seq); 4763b97a967SRobert Watson #endif 4773b97a967SRobert Watson 4783b97a967SRobert Watson #ifdef HAVE_IPC_PERM___KEY 4793b97a967SRobert Watson ADD_U_INT32(dptr, perm->__key); 4803b97a967SRobert Watson #else 481ca0716f5SRobert Watson ADD_U_INT32(dptr, perm->key); 4823b97a967SRobert Watson #endif 483ca0716f5SRobert Watson 484ca0716f5SRobert Watson return (t); 485ca0716f5SRobert Watson } 486ca0716f5SRobert Watson 487ca0716f5SRobert Watson /* 488ca0716f5SRobert Watson * token ID 1 byte 489ca0716f5SRobert Watson * port IP address 2 bytes 490ca0716f5SRobert Watson */ 491ca0716f5SRobert Watson token_t * 492ca0716f5SRobert Watson au_to_iport(u_int16_t iport) 493ca0716f5SRobert Watson { 494ca0716f5SRobert Watson token_t *t; 495ca0716f5SRobert Watson u_char *dptr = NULL; 496ca0716f5SRobert Watson 497ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t)); 498ca0716f5SRobert Watson if (t == NULL) 499ca0716f5SRobert Watson return (NULL); 500ca0716f5SRobert Watson 501ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_IPORT); 502ca0716f5SRobert Watson ADD_U_INT16(dptr, iport); 503ca0716f5SRobert Watson 504ca0716f5SRobert Watson return (t); 505ca0716f5SRobert Watson } 506ca0716f5SRobert Watson 507ca0716f5SRobert Watson /* 508ca0716f5SRobert Watson * token ID 1 byte 509ca0716f5SRobert Watson * size 2 bytes 510ca0716f5SRobert Watson * data size bytes 511ca0716f5SRobert Watson */ 512ca0716f5SRobert Watson token_t * 513ca0716f5SRobert Watson au_to_opaque(char *data, u_int16_t bytes) 514ca0716f5SRobert Watson { 515ca0716f5SRobert Watson token_t *t; 516ca0716f5SRobert Watson u_char *dptr = NULL; 517ca0716f5SRobert Watson 518ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + bytes); 519ca0716f5SRobert Watson if (t == NULL) 520ca0716f5SRobert Watson return (NULL); 521ca0716f5SRobert Watson 522ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_OPAQUE); 523ca0716f5SRobert Watson ADD_U_INT16(dptr, bytes); 524ca0716f5SRobert Watson ADD_MEM(dptr, data, bytes); 525ca0716f5SRobert Watson 526ca0716f5SRobert Watson return (t); 527ca0716f5SRobert Watson } 528ca0716f5SRobert Watson 529ca0716f5SRobert Watson /* 530ca0716f5SRobert Watson * token ID 1 byte 531ca0716f5SRobert Watson * seconds of time 4 bytes 532ca0716f5SRobert Watson * milliseconds of time 4 bytes 533ca0716f5SRobert Watson * file name len 2 bytes 534ca0716f5SRobert Watson * file pathname N bytes + 1 terminating NULL byte 535ca0716f5SRobert Watson */ 536ca0716f5SRobert Watson token_t * 537ca0716f5SRobert Watson au_to_file(char *file, struct timeval tm) 538ca0716f5SRobert Watson { 539ca0716f5SRobert Watson token_t *t; 540ca0716f5SRobert Watson u_char *dptr = NULL; 541ca0716f5SRobert Watson u_int16_t filelen; 542ca0716f5SRobert Watson u_int32_t timems; 543ca0716f5SRobert Watson 544ca0716f5SRobert Watson filelen = strlen(file); 545ca0716f5SRobert Watson filelen += 1; 546ca0716f5SRobert Watson 547ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int32_t) + 548ca0716f5SRobert Watson sizeof(u_int16_t) + filelen); 549ca0716f5SRobert Watson if (t == NULL) 550ca0716f5SRobert Watson return (NULL); 551ca0716f5SRobert Watson 552ca0716f5SRobert Watson timems = tm.tv_usec/1000; 553ca0716f5SRobert Watson 554ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_OTHER_FILE32); 555ca0716f5SRobert Watson ADD_U_INT32(dptr, tm.tv_sec); 556ca0716f5SRobert Watson ADD_U_INT32(dptr, timems); /* We need time in ms. */ 557ca0716f5SRobert Watson ADD_U_INT16(dptr, filelen); 558ca0716f5SRobert Watson ADD_STRING(dptr, file, filelen); 559ca0716f5SRobert Watson 560ca0716f5SRobert Watson return (t); 561ca0716f5SRobert Watson } 562ca0716f5SRobert Watson 563ca0716f5SRobert Watson /* 564ca0716f5SRobert Watson * token ID 1 byte 565ca0716f5SRobert Watson * text length 2 bytes 566ca0716f5SRobert Watson * text N bytes + 1 terminating NULL byte 567ca0716f5SRobert Watson */ 568ca0716f5SRobert Watson token_t * 569ca0716f5SRobert Watson au_to_text(char *text) 570ca0716f5SRobert Watson { 571ca0716f5SRobert Watson token_t *t; 572ca0716f5SRobert Watson u_char *dptr = NULL; 573ca0716f5SRobert Watson u_int16_t textlen; 574ca0716f5SRobert Watson 575ca0716f5SRobert Watson textlen = strlen(text); 576ca0716f5SRobert Watson textlen += 1; 577ca0716f5SRobert Watson 578ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + textlen); 579ca0716f5SRobert Watson if (t == NULL) 580ca0716f5SRobert Watson return (NULL); 581ca0716f5SRobert Watson 582ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_TEXT); 583ca0716f5SRobert Watson ADD_U_INT16(dptr, textlen); 584ca0716f5SRobert Watson ADD_STRING(dptr, text, textlen); 585ca0716f5SRobert Watson 586ca0716f5SRobert Watson return (t); 587ca0716f5SRobert Watson } 588ca0716f5SRobert Watson 589ca0716f5SRobert Watson /* 590ca0716f5SRobert Watson * token ID 1 byte 591ca0716f5SRobert Watson * path length 2 bytes 592ca0716f5SRobert Watson * path N bytes + 1 terminating NULL byte 593ca0716f5SRobert Watson */ 594ca0716f5SRobert Watson token_t * 595ca0716f5SRobert Watson au_to_path(char *text) 596ca0716f5SRobert Watson { 597ca0716f5SRobert Watson token_t *t; 598ca0716f5SRobert Watson u_char *dptr = NULL; 599ca0716f5SRobert Watson u_int16_t textlen; 600ca0716f5SRobert Watson 601ca0716f5SRobert Watson textlen = strlen(text); 602ca0716f5SRobert Watson textlen += 1; 603ca0716f5SRobert Watson 604ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + textlen); 605ca0716f5SRobert Watson if (t == NULL) 606ca0716f5SRobert Watson return (NULL); 607ca0716f5SRobert Watson 608ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_PATH); 609ca0716f5SRobert Watson ADD_U_INT16(dptr, textlen); 610ca0716f5SRobert Watson ADD_STRING(dptr, text, textlen); 611ca0716f5SRobert Watson 612ca0716f5SRobert Watson return (t); 613ca0716f5SRobert Watson } 614ca0716f5SRobert Watson 615ca0716f5SRobert Watson /* 616ca0716f5SRobert Watson * token ID 1 byte 617ca0716f5SRobert Watson * audit ID 4 bytes 618ca0716f5SRobert Watson * effective user ID 4 bytes 619ca0716f5SRobert Watson * effective group ID 4 bytes 620ca0716f5SRobert Watson * real user ID 4 bytes 621ca0716f5SRobert Watson * real group ID 4 bytes 622ca0716f5SRobert Watson * process ID 4 bytes 623ca0716f5SRobert Watson * session ID 4 bytes 624ca0716f5SRobert Watson * terminal ID 625ca0716f5SRobert Watson * port ID 4 bytes/8 bytes (32-bit/64-bit value) 626ca0716f5SRobert Watson * machine address 4 bytes 627ca0716f5SRobert Watson */ 628ca0716f5SRobert Watson token_t * 629ca0716f5SRobert Watson au_to_process32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 630ca0716f5SRobert Watson pid_t pid, au_asid_t sid, au_tid_t *tid) 631ca0716f5SRobert Watson { 632ca0716f5SRobert Watson token_t *t; 633ca0716f5SRobert Watson u_char *dptr = NULL; 634ca0716f5SRobert Watson 635ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 9 * sizeof(u_int32_t)); 636ca0716f5SRobert Watson if (t == NULL) 637ca0716f5SRobert Watson return (NULL); 638ca0716f5SRobert Watson 639ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_PROCESS32); 640ca0716f5SRobert Watson ADD_U_INT32(dptr, auid); 641ca0716f5SRobert Watson ADD_U_INT32(dptr, euid); 642ca0716f5SRobert Watson ADD_U_INT32(dptr, egid); 643ca0716f5SRobert Watson ADD_U_INT32(dptr, ruid); 644ca0716f5SRobert Watson ADD_U_INT32(dptr, rgid); 645ca0716f5SRobert Watson ADD_U_INT32(dptr, pid); 646ca0716f5SRobert Watson ADD_U_INT32(dptr, sid); 647ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->port); 648506764c6SRobert Watson ADD_MEM(dptr, &tid->machine, sizeof(u_int32_t)); 649ca0716f5SRobert Watson 650ca0716f5SRobert Watson return (t); 651ca0716f5SRobert Watson } 652ca0716f5SRobert Watson 653ca0716f5SRobert Watson token_t * 654ca0716f5SRobert Watson au_to_process64(__unused au_id_t auid, __unused uid_t euid, 655ca0716f5SRobert Watson __unused gid_t egid, __unused uid_t ruid, __unused gid_t rgid, 656ca0716f5SRobert Watson __unused pid_t pid, __unused au_asid_t sid, __unused au_tid_t *tid) 657ca0716f5SRobert Watson { 658ca0716f5SRobert Watson 659ca0716f5SRobert Watson errno = ENOTSUP; 660ca0716f5SRobert Watson return (NULL); 661ca0716f5SRobert Watson } 662ca0716f5SRobert Watson 663ca0716f5SRobert Watson token_t * 664ca0716f5SRobert Watson au_to_process(__unused au_id_t auid, __unused uid_t euid, 665ca0716f5SRobert Watson __unused gid_t egid, __unused uid_t ruid, __unused gid_t rgid, 666ca0716f5SRobert Watson __unused pid_t pid, __unused au_asid_t sid, __unused au_tid_t *tid) 667ca0716f5SRobert Watson { 668ca0716f5SRobert Watson 669ca0716f5SRobert Watson return (au_to_process32(auid, euid, egid, ruid, rgid, pid, sid, 670ca0716f5SRobert Watson tid)); 671ca0716f5SRobert Watson } 672ca0716f5SRobert Watson 673ca0716f5SRobert Watson /* 674ca0716f5SRobert Watson * token ID 1 byte 675ca0716f5SRobert Watson * audit ID 4 bytes 676ca0716f5SRobert Watson * effective user ID 4 bytes 677ca0716f5SRobert Watson * effective group ID 4 bytes 678ca0716f5SRobert Watson * real user ID 4 bytes 679ca0716f5SRobert Watson * real group ID 4 bytes 680ca0716f5SRobert Watson * process ID 4 bytes 681ca0716f5SRobert Watson * session ID 4 bytes 682ca0716f5SRobert Watson * terminal ID 683ca0716f5SRobert Watson * port ID 4 bytes/8 bytes (32-bit/64-bit value) 684ca0716f5SRobert Watson * address type-len 4 bytes 685ca0716f5SRobert Watson * machine address 16 bytes 686ca0716f5SRobert Watson */ 687ca0716f5SRobert Watson token_t * 688ca0716f5SRobert Watson au_to_process32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 689ca0716f5SRobert Watson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 690ca0716f5SRobert Watson { 691ca0716f5SRobert Watson token_t *t; 692ca0716f5SRobert Watson u_char *dptr = NULL; 693ca0716f5SRobert Watson 694d9af45c4SRobert Watson if (tid->at_type == AU_IPv4) 695d9af45c4SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 696d9af45c4SRobert Watson 10 * sizeof(u_int32_t)); 697d9af45c4SRobert Watson else if (tid->at_type == AU_IPv6) 698d9af45c4SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 699d9af45c4SRobert Watson 13 * sizeof(u_int32_t)); 700d9af45c4SRobert Watson else { 701d9af45c4SRobert Watson errno = EINVAL; 702d9af45c4SRobert Watson return (NULL); 703d9af45c4SRobert Watson } 704ca0716f5SRobert Watson if (t == NULL) 705ca0716f5SRobert Watson return (NULL); 706ca0716f5SRobert Watson 707ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_PROCESS32_EX); 708ca0716f5SRobert Watson ADD_U_INT32(dptr, auid); 709ca0716f5SRobert Watson ADD_U_INT32(dptr, euid); 710ca0716f5SRobert Watson ADD_U_INT32(dptr, egid); 711ca0716f5SRobert Watson ADD_U_INT32(dptr, ruid); 712ca0716f5SRobert Watson ADD_U_INT32(dptr, rgid); 713ca0716f5SRobert Watson ADD_U_INT32(dptr, pid); 714ca0716f5SRobert Watson ADD_U_INT32(dptr, sid); 715ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_port); 716ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_type); 717ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[0]); 718d9af45c4SRobert Watson if (tid->at_type == AU_IPv6) { 719ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[1]); 720ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[2]); 721ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[3]); 722d9af45c4SRobert Watson } 723ca0716f5SRobert Watson 724ca0716f5SRobert Watson return (t); 725ca0716f5SRobert Watson } 726ca0716f5SRobert Watson 727ca0716f5SRobert Watson token_t * 728ca0716f5SRobert Watson au_to_process64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 729ca0716f5SRobert Watson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 730ca0716f5SRobert Watson { 731ca0716f5SRobert Watson 732ca0716f5SRobert Watson errno = ENOTSUP; 733ca0716f5SRobert Watson return (NULL); 734ca0716f5SRobert Watson } 735ca0716f5SRobert Watson 736ca0716f5SRobert Watson token_t * 737ca0716f5SRobert Watson au_to_process_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 738ca0716f5SRobert Watson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 739ca0716f5SRobert Watson { 740ca0716f5SRobert Watson 741ca0716f5SRobert Watson return (au_to_process32_ex(auid, euid, egid, ruid, rgid, pid, sid, 742ca0716f5SRobert Watson tid)); 743ca0716f5SRobert Watson } 744ca0716f5SRobert Watson 745ca0716f5SRobert Watson /* 746ca0716f5SRobert Watson * token ID 1 byte 747ca0716f5SRobert Watson * error status 1 byte 748ca0716f5SRobert Watson * return value 4 bytes/8 bytes (32-bit/64-bit value) 749ca0716f5SRobert Watson */ 750ca0716f5SRobert Watson token_t * 751ca0716f5SRobert Watson au_to_return32(char status, u_int32_t ret) 752ca0716f5SRobert Watson { 753ca0716f5SRobert Watson token_t *t; 754ca0716f5SRobert Watson u_char *dptr = NULL; 755ca0716f5SRobert Watson 756ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int32_t)); 757ca0716f5SRobert Watson if (t == NULL) 758ca0716f5SRobert Watson return (NULL); 759ca0716f5SRobert Watson 760ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_RETURN32); 761ca0716f5SRobert Watson ADD_U_CHAR(dptr, status); 762ca0716f5SRobert Watson ADD_U_INT32(dptr, ret); 763ca0716f5SRobert Watson 764ca0716f5SRobert Watson return (t); 765ca0716f5SRobert Watson } 766ca0716f5SRobert Watson 767ca0716f5SRobert Watson token_t * 768ca0716f5SRobert Watson au_to_return64(char status, u_int64_t ret) 769ca0716f5SRobert Watson { 770ca0716f5SRobert Watson token_t *t; 771ca0716f5SRobert Watson u_char *dptr = NULL; 772ca0716f5SRobert Watson 773ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int64_t)); 774ca0716f5SRobert Watson if (t == NULL) 775ca0716f5SRobert Watson return (NULL); 776ca0716f5SRobert Watson 777ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_RETURN64); 778ca0716f5SRobert Watson ADD_U_CHAR(dptr, status); 779ca0716f5SRobert Watson ADD_U_INT64(dptr, ret); 780ca0716f5SRobert Watson 781ca0716f5SRobert Watson return (t); 782ca0716f5SRobert Watson } 783ca0716f5SRobert Watson 784ca0716f5SRobert Watson token_t * 785ca0716f5SRobert Watson au_to_return(char status, u_int32_t ret) 786ca0716f5SRobert Watson { 787ca0716f5SRobert Watson 788ca0716f5SRobert Watson return (au_to_return32(status, ret)); 789ca0716f5SRobert Watson } 790ca0716f5SRobert Watson 791ca0716f5SRobert Watson /* 792ca0716f5SRobert Watson * token ID 1 byte 793ca0716f5SRobert Watson * sequence number 4 bytes 794ca0716f5SRobert Watson */ 795ca0716f5SRobert Watson token_t * 796ca0716f5SRobert Watson au_to_seq(long audit_count) 797ca0716f5SRobert Watson { 798ca0716f5SRobert Watson token_t *t; 799ca0716f5SRobert Watson u_char *dptr = NULL; 800ca0716f5SRobert Watson 801ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t)); 802ca0716f5SRobert Watson if (t == NULL) 803ca0716f5SRobert Watson return (NULL); 804ca0716f5SRobert Watson 805ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_SEQ); 806ca0716f5SRobert Watson ADD_U_INT32(dptr, audit_count); 807ca0716f5SRobert Watson 808ca0716f5SRobert Watson return (t); 809ca0716f5SRobert Watson } 810ca0716f5SRobert Watson 811ca0716f5SRobert Watson /* 812ca0716f5SRobert Watson * token ID 1 byte 813ca0716f5SRobert Watson * socket family 2 bytes 814ca0716f5SRobert Watson * path 104 bytes 815ca0716f5SRobert Watson */ 816ca0716f5SRobert Watson token_t * 817ca0716f5SRobert Watson au_to_sock_unix(struct sockaddr_un *so) 818ca0716f5SRobert Watson { 819ca0716f5SRobert Watson token_t *t; 820ca0716f5SRobert Watson u_char *dptr; 821ca0716f5SRobert Watson 822ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 3 * sizeof(u_char) + strlen(so->sun_path) + 1); 823ca0716f5SRobert Watson if (t == NULL) 824ca0716f5SRobert Watson return (NULL); 825ca0716f5SRobert Watson 826ca0716f5SRobert Watson ADD_U_CHAR(dptr, AU_SOCK_UNIX_TOKEN); 827ca0716f5SRobert Watson /* BSM token has two bytes for family */ 828ca0716f5SRobert Watson ADD_U_CHAR(dptr, 0); 829ca0716f5SRobert Watson ADD_U_CHAR(dptr, so->sun_family); 830ca0716f5SRobert Watson ADD_STRING(dptr, so->sun_path, strlen(so->sun_path) + 1); 831ca0716f5SRobert Watson 832ca0716f5SRobert Watson return (t); 833ca0716f5SRobert Watson } 834ca0716f5SRobert Watson 835ca0716f5SRobert Watson /* 836ca0716f5SRobert Watson * token ID 1 byte 837ca0716f5SRobert Watson * socket family 2 bytes 838ca0716f5SRobert Watson * local port 2 bytes 839ca0716f5SRobert Watson * socket address 4 bytes 840ca0716f5SRobert Watson */ 841ca0716f5SRobert Watson token_t * 842ca0716f5SRobert Watson au_to_sock_inet32(struct sockaddr_in *so) 843ca0716f5SRobert Watson { 844ca0716f5SRobert Watson token_t *t; 845ca0716f5SRobert Watson u_char *dptr = NULL; 846506764c6SRobert Watson uint16_t family; 847ca0716f5SRobert Watson 848506764c6SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(uint16_t) + 849506764c6SRobert Watson sizeof(uint32_t)); 850ca0716f5SRobert Watson if (t == NULL) 851ca0716f5SRobert Watson return (NULL); 852ca0716f5SRobert Watson 853ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_SOCKINET32); 854ca0716f5SRobert Watson /* 855506764c6SRobert Watson * BSM defines the family field as 16 bits, but many operating 856506764c6SRobert Watson * systems have an 8-bit sin_family field. Extend to 16 bits before 857506764c6SRobert Watson * writing into the token. Assume that both the port and the address 858506764c6SRobert Watson * in the sockaddr_in are already in network byte order, but family 859506764c6SRobert Watson * is in local byte order. 860506764c6SRobert Watson * 861506764c6SRobert Watson * XXXRW: Should a name space conversion be taking place on the value 862506764c6SRobert Watson * of sin_family? 863ca0716f5SRobert Watson */ 864506764c6SRobert Watson family = so->sin_family; 865506764c6SRobert Watson ADD_U_INT16(dptr, family); 866506764c6SRobert Watson ADD_MEM(dptr, &so->sin_port, sizeof(uint16_t)); 867506764c6SRobert Watson ADD_MEM(dptr, &so->sin_addr.s_addr, sizeof(uint32_t)); 868ca0716f5SRobert Watson 869ca0716f5SRobert Watson return (t); 870ca0716f5SRobert Watson 871ca0716f5SRobert Watson } 872ca0716f5SRobert Watson 873ca0716f5SRobert Watson token_t * 874ca0716f5SRobert Watson au_to_sock_inet128(struct sockaddr_in6 *so) 875ca0716f5SRobert Watson { 876ca0716f5SRobert Watson token_t *t; 877ca0716f5SRobert Watson u_char *dptr = NULL; 878ca0716f5SRobert Watson 879ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 3 * sizeof(u_char) + sizeof(u_int16_t) + 880ca0716f5SRobert Watson 4 * sizeof(u_int32_t)); 881ca0716f5SRobert Watson if (t == NULL) 882ca0716f5SRobert Watson return (NULL); 883ca0716f5SRobert Watson 884ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_SOCKINET128); 885ca0716f5SRobert Watson /* 886ca0716f5SRobert Watson * In Darwin, sin6_family is one octet, but BSM defines the token 887ca0716f5SRobert Watson * to store two. So we copy in a 0 first. 888ca0716f5SRobert Watson */ 889ca0716f5SRobert Watson ADD_U_CHAR(dptr, 0); 890ca0716f5SRobert Watson ADD_U_CHAR(dptr, so->sin6_family); 891ca0716f5SRobert Watson 892ca0716f5SRobert Watson ADD_U_INT16(dptr, so->sin6_port); 893506764c6SRobert Watson ADD_MEM(dptr, &so->sin6_addr, 4 * sizeof(uint32_t)); 894ca0716f5SRobert Watson 895ca0716f5SRobert Watson return (t); 896ca0716f5SRobert Watson 897ca0716f5SRobert Watson } 898ca0716f5SRobert Watson 899ca0716f5SRobert Watson token_t * 900ca0716f5SRobert Watson au_to_sock_inet(struct sockaddr_in *so) 901ca0716f5SRobert Watson { 902ca0716f5SRobert Watson 903ca0716f5SRobert Watson return (au_to_sock_inet32(so)); 904ca0716f5SRobert Watson } 905ca0716f5SRobert Watson 906ca0716f5SRobert Watson /* 907ca0716f5SRobert Watson * token ID 1 byte 908ca0716f5SRobert Watson * audit ID 4 bytes 909ca0716f5SRobert Watson * effective user ID 4 bytes 910ca0716f5SRobert Watson * effective group ID 4 bytes 911ca0716f5SRobert Watson * real user ID 4 bytes 912ca0716f5SRobert Watson * real group ID 4 bytes 913ca0716f5SRobert Watson * process ID 4 bytes 914ca0716f5SRobert Watson * session ID 4 bytes 915ca0716f5SRobert Watson * terminal ID 916ca0716f5SRobert Watson * port ID 4 bytes/8 bytes (32-bit/64-bit value) 917ca0716f5SRobert Watson * machine address 4 bytes 918ca0716f5SRobert Watson */ 919ca0716f5SRobert Watson token_t * 920ca0716f5SRobert Watson au_to_subject32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 921ca0716f5SRobert Watson pid_t pid, au_asid_t sid, au_tid_t *tid) 922ca0716f5SRobert Watson { 923ca0716f5SRobert Watson token_t *t; 924ca0716f5SRobert Watson u_char *dptr = NULL; 925ca0716f5SRobert Watson 926ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 9 * sizeof(u_int32_t)); 927ca0716f5SRobert Watson if (t == NULL) 928ca0716f5SRobert Watson return (NULL); 929ca0716f5SRobert Watson 930ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_SUBJECT32); 931ca0716f5SRobert Watson ADD_U_INT32(dptr, auid); 932ca0716f5SRobert Watson ADD_U_INT32(dptr, euid); 933ca0716f5SRobert Watson ADD_U_INT32(dptr, egid); 934ca0716f5SRobert Watson ADD_U_INT32(dptr, ruid); 935ca0716f5SRobert Watson ADD_U_INT32(dptr, rgid); 936ca0716f5SRobert Watson ADD_U_INT32(dptr, pid); 937ca0716f5SRobert Watson ADD_U_INT32(dptr, sid); 938ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->port); 939506764c6SRobert Watson ADD_MEM(dptr, &tid->machine, sizeof(u_int32_t)); 940ca0716f5SRobert Watson 941ca0716f5SRobert Watson return (t); 942ca0716f5SRobert Watson } 943ca0716f5SRobert Watson 944ca0716f5SRobert Watson token_t * 945ca0716f5SRobert Watson au_to_subject64(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 946ca0716f5SRobert Watson pid_t pid, au_asid_t sid, au_tid_t *tid) 947ca0716f5SRobert Watson { 948ca0716f5SRobert Watson 949ca0716f5SRobert Watson errno = ENOTSUP; 950ca0716f5SRobert Watson return (NULL); 951ca0716f5SRobert Watson } 952ca0716f5SRobert Watson 953ca0716f5SRobert Watson token_t * 954ca0716f5SRobert Watson au_to_subject(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 955ca0716f5SRobert Watson pid_t pid, au_asid_t sid, au_tid_t *tid) 956ca0716f5SRobert Watson { 957ca0716f5SRobert Watson 958ca0716f5SRobert Watson return (au_to_subject32(auid, euid, egid, ruid, rgid, pid, sid, 959ca0716f5SRobert Watson tid)); 960ca0716f5SRobert Watson } 961ca0716f5SRobert Watson 962ca0716f5SRobert Watson /* 963ca0716f5SRobert Watson * token ID 1 byte 964ca0716f5SRobert Watson * audit ID 4 bytes 965ca0716f5SRobert Watson * effective user ID 4 bytes 966ca0716f5SRobert Watson * effective group ID 4 bytes 967ca0716f5SRobert Watson * real user ID 4 bytes 968ca0716f5SRobert Watson * real group ID 4 bytes 969ca0716f5SRobert Watson * process ID 4 bytes 970ca0716f5SRobert Watson * session ID 4 bytes 971ca0716f5SRobert Watson * terminal ID 972ca0716f5SRobert Watson * port ID 4 bytes/8 bytes (32-bit/64-bit value) 973ca0716f5SRobert Watson * address type/length 4 bytes 974ca0716f5SRobert Watson * machine address 16 bytes 975ca0716f5SRobert Watson */ 976ca0716f5SRobert Watson token_t * 977ca0716f5SRobert Watson au_to_subject32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 978ca0716f5SRobert Watson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 979ca0716f5SRobert Watson { 980ca0716f5SRobert Watson token_t *t; 981ca0716f5SRobert Watson u_char *dptr = NULL; 982ca0716f5SRobert Watson 983d9af45c4SRobert Watson if (tid->at_type == AU_IPv4) 984d9af45c4SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 10 * 985d9af45c4SRobert Watson sizeof(u_int32_t)); 986d9af45c4SRobert Watson else if (tid->at_type == AU_IPv6) 987d9af45c4SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 * 988d9af45c4SRobert Watson sizeof(u_int32_t)); 989d9af45c4SRobert Watson else { 990d9af45c4SRobert Watson errno = EINVAL; 991d9af45c4SRobert Watson return (NULL); 992d9af45c4SRobert Watson } 993ca0716f5SRobert Watson if (t == NULL) 994ca0716f5SRobert Watson return (NULL); 995ca0716f5SRobert Watson 996ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_SUBJECT32_EX); 997ca0716f5SRobert Watson ADD_U_INT32(dptr, auid); 998ca0716f5SRobert Watson ADD_U_INT32(dptr, euid); 999ca0716f5SRobert Watson ADD_U_INT32(dptr, egid); 1000ca0716f5SRobert Watson ADD_U_INT32(dptr, ruid); 1001ca0716f5SRobert Watson ADD_U_INT32(dptr, rgid); 1002ca0716f5SRobert Watson ADD_U_INT32(dptr, pid); 1003ca0716f5SRobert Watson ADD_U_INT32(dptr, sid); 1004ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_port); 1005ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_type); 1006ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[0]); 1007d9af45c4SRobert Watson if (tid->at_type == AU_IPv6) { 1008ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[1]); 1009ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[2]); 1010ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[3]); 1011d9af45c4SRobert Watson } 1012ca0716f5SRobert Watson 1013ca0716f5SRobert Watson return (t); 1014ca0716f5SRobert Watson } 1015ca0716f5SRobert Watson 1016ca0716f5SRobert Watson token_t * 1017ca0716f5SRobert Watson au_to_subject64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 1018ca0716f5SRobert Watson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 1019ca0716f5SRobert Watson { 1020ca0716f5SRobert Watson 1021ca0716f5SRobert Watson errno = ENOTSUP; 1022ca0716f5SRobert Watson return (NULL); 1023ca0716f5SRobert Watson } 1024ca0716f5SRobert Watson 1025ca0716f5SRobert Watson token_t * 1026ca0716f5SRobert Watson au_to_subject_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 1027ca0716f5SRobert Watson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 1028ca0716f5SRobert Watson { 1029ca0716f5SRobert Watson 1030ca0716f5SRobert Watson return (au_to_subject32_ex(auid, euid, egid, ruid, rgid, pid, sid, 1031ca0716f5SRobert Watson tid)); 1032ca0716f5SRobert Watson } 1033ca0716f5SRobert Watson 10343b97a967SRobert Watson #if !defined(_KERNEL) && !defined(KERNEL) && defined(HAVE_AUDIT_SYSCALLS) 1035ca0716f5SRobert Watson /* 1036ca0716f5SRobert Watson * Collects audit information for the current process 1037ca0716f5SRobert Watson * and creates a subject token from it 1038ca0716f5SRobert Watson */ 1039ca0716f5SRobert Watson token_t * 1040ca0716f5SRobert Watson au_to_me(void) 1041ca0716f5SRobert Watson { 1042ca0716f5SRobert Watson auditinfo_t auinfo; 1043ca0716f5SRobert Watson 1044ca0716f5SRobert Watson if (getaudit(&auinfo) != 0) 1045ca0716f5SRobert Watson return (NULL); 1046ca0716f5SRobert Watson 1047ca0716f5SRobert Watson return (au_to_subject32(auinfo.ai_auid, geteuid(), getegid(), 1048ca0716f5SRobert Watson getuid(), getgid(), getpid(), auinfo.ai_asid, &auinfo.ai_termid)); 1049ca0716f5SRobert Watson } 1050ca0716f5SRobert Watson #endif 1051ca0716f5SRobert Watson 1052ca0716f5SRobert Watson /* 1053ca0716f5SRobert Watson * token ID 1 byte 1054ca0716f5SRobert Watson * count 4 bytes 1055ca0716f5SRobert Watson * text count null-terminated strings 1056ca0716f5SRobert Watson */ 1057ca0716f5SRobert Watson token_t * 105822ccb20dSRobert Watson au_to_exec_args(char **argv) 1059ca0716f5SRobert Watson { 1060ca0716f5SRobert Watson token_t *t; 1061ca0716f5SRobert Watson u_char *dptr = NULL; 1062ca0716f5SRobert Watson const char *nextarg; 1063ca0716f5SRobert Watson int i, count = 0; 1064ca0716f5SRobert Watson size_t totlen = 0; 1065ca0716f5SRobert Watson 106622ccb20dSRobert Watson nextarg = *argv; 1067ca0716f5SRobert Watson 1068ca0716f5SRobert Watson while (nextarg != NULL) { 1069ca0716f5SRobert Watson int nextlen; 1070ca0716f5SRobert Watson 1071ca0716f5SRobert Watson nextlen = strlen(nextarg); 1072ca0716f5SRobert Watson totlen += nextlen + 1; 1073ca0716f5SRobert Watson count++; 107422ccb20dSRobert Watson nextarg = *(argv + count); 1075ca0716f5SRobert Watson } 1076ca0716f5SRobert Watson 1077ca0716f5SRobert Watson totlen += count * sizeof(char); /* nul terminations. */ 1078ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) + totlen); 1079ca0716f5SRobert Watson if (t == NULL) 1080ca0716f5SRobert Watson return (NULL); 1081ca0716f5SRobert Watson 1082ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_EXEC_ARGS); 1083ca0716f5SRobert Watson ADD_U_INT32(dptr, count); 1084ca0716f5SRobert Watson 1085ca0716f5SRobert Watson for (i = 0; i < count; i++) { 108622ccb20dSRobert Watson nextarg = *(argv + i); 1087ca0716f5SRobert Watson ADD_MEM(dptr, nextarg, strlen(nextarg) + 1); 1088ca0716f5SRobert Watson } 1089ca0716f5SRobert Watson 1090ca0716f5SRobert Watson return (t); 1091ca0716f5SRobert Watson } 1092ca0716f5SRobert Watson 1093ca0716f5SRobert Watson /* 1094ca0716f5SRobert Watson * token ID 1 byte 1095ca0716f5SRobert Watson * count 4 bytes 1096ca0716f5SRobert Watson * text count null-terminated strings 1097ca0716f5SRobert Watson */ 1098ca0716f5SRobert Watson token_t * 109922ccb20dSRobert Watson au_to_exec_env(char **envp) 1100ca0716f5SRobert Watson { 1101ca0716f5SRobert Watson token_t *t; 1102ca0716f5SRobert Watson u_char *dptr = NULL; 1103ca0716f5SRobert Watson int i, count = 0; 1104ca0716f5SRobert Watson size_t totlen = 0; 1105ca0716f5SRobert Watson const char *nextenv; 1106ca0716f5SRobert Watson 110722ccb20dSRobert Watson nextenv = *envp; 1108ca0716f5SRobert Watson 1109ca0716f5SRobert Watson while (nextenv != NULL) { 1110ca0716f5SRobert Watson int nextlen; 1111ca0716f5SRobert Watson 1112ca0716f5SRobert Watson nextlen = strlen(nextenv); 1113ca0716f5SRobert Watson totlen += nextlen + 1; 1114ca0716f5SRobert Watson count++; 111522ccb20dSRobert Watson nextenv = *(envp + count); 1116ca0716f5SRobert Watson } 1117ca0716f5SRobert Watson 1118ca0716f5SRobert Watson totlen += sizeof(char) * count; 1119ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) + totlen); 1120ca0716f5SRobert Watson if (t == NULL) 1121ca0716f5SRobert Watson return (NULL); 1122ca0716f5SRobert Watson 1123ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_EXEC_ENV); 1124ca0716f5SRobert Watson ADD_U_INT32(dptr, count); 1125ca0716f5SRobert Watson 1126ca0716f5SRobert Watson for (i = 0; i < count; i++) { 112722ccb20dSRobert Watson nextenv = *(envp + i); 1128ca0716f5SRobert Watson ADD_MEM(dptr, nextenv, strlen(nextenv) + 1); 1129ca0716f5SRobert Watson } 1130ca0716f5SRobert Watson 1131ca0716f5SRobert Watson return (t); 1132ca0716f5SRobert Watson } 1133ca0716f5SRobert Watson 1134ca0716f5SRobert Watson /* 1135ca0716f5SRobert Watson * token ID 1 byte 1136ca0716f5SRobert Watson * record byte count 4 bytes 1137ca0716f5SRobert Watson * version # 1 byte [2] 1138ca0716f5SRobert Watson * event type 2 bytes 1139ca0716f5SRobert Watson * event modifier 2 bytes 1140ca0716f5SRobert Watson * seconds of time 4 bytes/8 bytes (32-bit/64-bit value) 1141ca0716f5SRobert Watson * milliseconds of time 4 bytes/8 bytes (32-bit/64-bit value) 1142ca0716f5SRobert Watson */ 1143ca0716f5SRobert Watson token_t * 1144506764c6SRobert Watson au_to_header32_tm(int rec_size, au_event_t e_type, au_emod_t e_mod, 1145ca0716f5SRobert Watson struct timeval tm) 1146ca0716f5SRobert Watson { 1147ca0716f5SRobert Watson token_t *t; 1148ca0716f5SRobert Watson u_char *dptr = NULL; 1149ca0716f5SRobert Watson u_int32_t timems; 1150ca0716f5SRobert Watson 1151ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) + 1152ca0716f5SRobert Watson sizeof(u_char) + 2 * sizeof(u_int16_t) + 2 * sizeof(u_int32_t)); 1153ca0716f5SRobert Watson if (t == NULL) 1154ca0716f5SRobert Watson return (NULL); 1155ca0716f5SRobert Watson 1156ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_HEADER32); 1157ca0716f5SRobert Watson ADD_U_INT32(dptr, rec_size); 115822ccb20dSRobert Watson ADD_U_CHAR(dptr, AUDIT_HEADER_VERSION_OPENBSM); 1159ca0716f5SRobert Watson ADD_U_INT16(dptr, e_type); 1160ca0716f5SRobert Watson ADD_U_INT16(dptr, e_mod); 1161ca0716f5SRobert Watson 1162ca0716f5SRobert Watson timems = tm.tv_usec/1000; 1163ca0716f5SRobert Watson /* Add the timestamp */ 1164ca0716f5SRobert Watson ADD_U_INT32(dptr, tm.tv_sec); 1165ca0716f5SRobert Watson ADD_U_INT32(dptr, timems); /* We need time in ms. */ 1166ca0716f5SRobert Watson 1167ca0716f5SRobert Watson return (t); 1168ca0716f5SRobert Watson } 1169ca0716f5SRobert Watson 1170506764c6SRobert Watson #if !defined(KERNEL) && !defined(_KERNEL) 1171506764c6SRobert Watson token_t * 1172506764c6SRobert Watson au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod) 1173506764c6SRobert Watson { 1174506764c6SRobert Watson struct timeval tm; 1175506764c6SRobert Watson 1176506764c6SRobert Watson if (gettimeofday(&tm, NULL) == -1) 1177506764c6SRobert Watson return (NULL); 1178506764c6SRobert Watson return (au_to_header32_tm(rec_size, e_type, e_mod, tm)); 1179506764c6SRobert Watson } 1180506764c6SRobert Watson 1181ca0716f5SRobert Watson token_t * 1182ca0716f5SRobert Watson au_to_header64(__unused int rec_size, __unused au_event_t e_type, 1183ca0716f5SRobert Watson __unused au_emod_t e_mod) 1184ca0716f5SRobert Watson { 1185ca0716f5SRobert Watson 1186ca0716f5SRobert Watson errno = ENOTSUP; 1187ca0716f5SRobert Watson return (NULL); 1188ca0716f5SRobert Watson } 1189ca0716f5SRobert Watson 1190ca0716f5SRobert Watson token_t * 1191ca0716f5SRobert Watson au_to_header(int rec_size, au_event_t e_type, au_emod_t e_mod) 1192ca0716f5SRobert Watson { 1193ca0716f5SRobert Watson 1194ca0716f5SRobert Watson return (au_to_header32(rec_size, e_type, e_mod)); 1195ca0716f5SRobert Watson } 1196506764c6SRobert Watson #endif 1197ca0716f5SRobert Watson 1198ca0716f5SRobert Watson /* 1199ca0716f5SRobert Watson * token ID 1 byte 1200ca0716f5SRobert Watson * trailer magic number 2 bytes 1201ca0716f5SRobert Watson * record byte count 4 bytes 1202ca0716f5SRobert Watson */ 1203ca0716f5SRobert Watson token_t * 1204ca0716f5SRobert Watson au_to_trailer(int rec_size) 1205ca0716f5SRobert Watson { 1206ca0716f5SRobert Watson token_t *t; 1207ca0716f5SRobert Watson u_char *dptr = NULL; 1208ca0716f5SRobert Watson u_int16_t magic = TRAILER_PAD_MAGIC; 1209ca0716f5SRobert Watson 1210ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + 1211ca0716f5SRobert Watson sizeof(u_int32_t)); 1212ca0716f5SRobert Watson if (t == NULL) 1213ca0716f5SRobert Watson return (NULL); 1214ca0716f5SRobert Watson 1215ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_TRAILER); 1216ca0716f5SRobert Watson ADD_U_INT16(dptr, magic); 1217ca0716f5SRobert Watson ADD_U_INT32(dptr, rec_size); 1218ca0716f5SRobert Watson 1219ca0716f5SRobert Watson return (t); 1220ca0716f5SRobert Watson } 1221