diff --git a/contrib/openbsm/HISTORY b/contrib/openbsm/HISTORY index 6464a0d85baa..147b3139d462 100644 --- a/contrib/openbsm/HISTORY +++ b/contrib/openbsm/HISTORY @@ -1,3 +1,14 @@ +OpenBSM 1.0 alpha 15 + +- Fix bug when processing in_addr_ex tokens. +- Restore the behavior of printing the string/text specified while + auditing arg32 tokens. +- Synchronized audit event list to Solaris, picking up the *at(2) system call + definitions, now required for FreeBSD and Linux. Added additional events + for *at(2) system calls not present in Solaris. +- Bugs in auditreduce(8) fixed allowing partial date strings to be used in + filtering events. + OpenBSM 1.0 alpha 14 - Fix endian issues when processing IPv6 addresses for extended subject @@ -284,4 +295,4 @@ OpenBSM 1.0 alpha 1 to support reloading of kernel event table. - Allow comments in /etc/security configuration files. -$P4: //depot/projects/trustedbsd/openbsm/HISTORY#50 $ +$P4: //depot/projects/trustedbsd/openbsm/HISTORY#55 $ diff --git a/contrib/openbsm/README b/contrib/openbsm/README index 2c45da1909c7..aa44d0eeab75 100644 --- a/contrib/openbsm/README +++ b/contrib/openbsm/README @@ -89,6 +89,7 @@ the development of OpenBSM: Ruslan Ermilov Martin Voros Diego Giagio + Alex Samorukov In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel Software's FlexeLint tool were used to identify a number of bugs in the @@ -110,4 +111,4 @@ Information on TrustedBSD may be found on the TrustedBSD home page: http://www.TrustedBSD.org/ -$P4: //depot/projects/trustedbsd/openbsm/README#23 $ +$P4: //depot/projects/trustedbsd/openbsm/README#24 $ diff --git a/contrib/openbsm/VERSION b/contrib/openbsm/VERSION index 2811a2a0b9d0..487760dd39ef 100644 --- a/contrib/openbsm/VERSION +++ b/contrib/openbsm/VERSION @@ -1 +1 @@ -OPENBSM_1_0_ALPHA_14 +OPENBSM_1_0_ALPHA_15 diff --git a/contrib/openbsm/bin/audit/audit.8 b/contrib/openbsm/bin/audit/audit.8 index 5e4d373d63f7..b73598128250 100644 --- a/contrib/openbsm/bin/audit/audit.8 +++ b/contrib/openbsm/bin/audit/audit.8 @@ -1,8 +1,6 @@ .\" Copyright (c) 2004 Apple Computer, Inc. .\" All rights reserved. .\" -.\" @APPLE_BSD_LICENSE_HEADER_START@ -.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -27,9 +25,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" @APPLE_BSD_LICENSE_HEADER_END@ -.\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.8#9 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.8#10 $ .\" .Dd October 2, 2006 .Dt AUDIT 8 diff --git a/contrib/openbsm/bin/audit/audit.c b/contrib/openbsm/bin/audit/audit.c index c35b16786be3..354046416fb4 100644 --- a/contrib/openbsm/bin/audit/audit.c +++ b/contrib/openbsm/bin/audit/audit.c @@ -2,8 +2,6 @@ * Copyright (c) 2005 Apple Computer, Inc. * All rights reserved. * - * @APPLE_BSD_LICENSE_HEADER_START@ - * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -28,9 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * @APPLE_BSD_LICENSE_HEADER_END@ - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#7 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/audit/audit.c#8 $ */ /* * Program to trigger the audit daemon with a message that is either: diff --git a/contrib/openbsm/bin/auditd/audit_warn.c b/contrib/openbsm/bin/auditd/audit_warn.c index 3239b67c7e3e..ef3de526846f 100644 --- a/contrib/openbsm/bin/auditd/audit_warn.c +++ b/contrib/openbsm/bin/auditd/audit_warn.c @@ -2,8 +2,6 @@ * Copyright (c) 2005 Apple Computer, Inc. * All rights reserved. * - * @APPLE_BSD_LICENSE_HEADER_START@ - * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -28,9 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * @APPLE_BSD_LICENSE_HEADER_END@ - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_warn.c#7 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/audit_warn.c#8 $ */ #include diff --git a/contrib/openbsm/bin/auditd/auditd.8 b/contrib/openbsm/bin/auditd/auditd.8 index a4e0dbfdf407..ec6b99a84eba 100644 --- a/contrib/openbsm/bin/auditd/auditd.8 +++ b/contrib/openbsm/bin/auditd/auditd.8 @@ -1,8 +1,6 @@ .\" Copyright (c) 2004 Apple Computer, Inc. .\" All rights reserved. .\" -.\" @APPLE_BSD_LICENSE_HEADER_START@ -.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -27,9 +25,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" @APPLE_BSD_LICENSE_HEADER_END@ -.\" -.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#12 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.8#13 $ .\" .Dd October 2, 2006 .Dt AUDITD 8 diff --git a/contrib/openbsm/bin/auditd/auditd.c b/contrib/openbsm/bin/auditd/auditd.c index 9b5ba0795d88..fb6fbd5ee73c 100644 --- a/contrib/openbsm/bin/auditd/auditd.c +++ b/contrib/openbsm/bin/auditd/auditd.c @@ -2,8 +2,6 @@ * Copyright (c) 2004 Apple Computer, Inc. * All rights reserved. * - * @APPLE_BSD_LICENSE_HEADER_START@ - * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -28,9 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * @APPLE_BSD_LICENSE_HEADER_END@ - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#25 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#26 $ */ #include diff --git a/contrib/openbsm/bin/auditd/auditd.h b/contrib/openbsm/bin/auditd/auditd.h index 9c5ae287c17b..8b2416a50a79 100644 --- a/contrib/openbsm/bin/auditd/auditd.h +++ b/contrib/openbsm/bin/auditd/auditd.h @@ -2,8 +2,6 @@ * Copyright (c) 2005 Apple Computer, Inc. * All rights reserved. * - * @APPLE_BSD_LICENSE_HEADER_START@ - * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -28,9 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * @APPLE_BSD_LICENSE_HEADER_END@ - * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#7 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#8 $ */ #ifndef _AUDITD_H_ diff --git a/contrib/openbsm/bin/auditreduce/auditreduce.c b/contrib/openbsm/bin/auditreduce/auditreduce.c index 31bd8922e41c..367a667597a1 100644 --- a/contrib/openbsm/bin/auditreduce/auditreduce.c +++ b/contrib/openbsm/bin/auditreduce/auditreduce.c @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#18 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#19 $ */ /* @@ -629,6 +629,7 @@ main(int argc, char **argv) usage("d is exclusive with a and b"); } SETOPT(opttochk, OPT_a); + bzero(&tm, sizeof(tm)); strptime(optarg, "%Y%m%d%H%M%S", &tm); strftime(timestr, sizeof(timestr), "%Y%m%d%H%M%S", &tm); @@ -641,6 +642,7 @@ main(int argc, char **argv) usage("d is exclusive with a and b"); } SETOPT(opttochk, OPT_b); + bzero(&tm, sizeof(tm)); strptime(optarg, "%Y%m%d%H%M%S", &tm); strftime(timestr, sizeof(timestr), "%Y%m%d%H%M%S", &tm); @@ -661,6 +663,7 @@ main(int argc, char **argv) OPT_a)) usage("'d' is exclusive with 'a' and 'b'"); SETOPT(opttochk, OPT_d); + bzero(&tm, sizeof(tm)); strptime(optarg, "%Y%m%d", &tm); strftime(timestr, sizeof(timestr), "%Y%m%d", &tm); /* fprintf(stderr, "Time converted = %s\n", timestr); */ diff --git a/contrib/openbsm/configure b/contrib/openbsm/configure index 8508c00dd47b..2ae78d6712a2 100755 --- a/contrib/openbsm/configure +++ b/contrib/openbsm/configure @@ -1,7 +1,7 @@ #! /bin/sh # From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#33 . # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.59 for OpenBSM 1.0alpha14. +# Generated by GNU Autoconf 2.59 for OpenBSM 1.0alpha15. # # Report bugs to . # @@ -424,8 +424,8 @@ SHELL=${CONFIG_SHELL-/bin/sh} # Identity of this package. PACKAGE_NAME='OpenBSM' PACKAGE_TARNAME='openbsm' -PACKAGE_VERSION='1.0alpha14' -PACKAGE_STRING='OpenBSM 1.0alpha14' +PACKAGE_VERSION='1.0alpha15' +PACKAGE_STRING='OpenBSM 1.0alpha15' PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org' ac_unique_file="bin/auditreduce/auditreduce.c" @@ -955,7 +955,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures OpenBSM 1.0alpha14 to adapt to many kinds of systems. +\`configure' configures OpenBSM 1.0alpha15 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1021,7 +1021,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of OpenBSM 1.0alpha14:";; + short | recursive ) echo "Configuration of OpenBSM 1.0alpha15:";; esac cat <<\_ACEOF @@ -1162,7 +1162,7 @@ fi test -n "$ac_init_help" && exit 0 if $ac_init_version; then cat <<\_ACEOF -OpenBSM configure 1.0alpha14 +OpenBSM configure 1.0alpha15 generated by GNU Autoconf 2.59 Copyright (C) 2003 Free Software Foundation, Inc. @@ -1176,7 +1176,7 @@ cat >&5 <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by OpenBSM $as_me 1.0alpha14, which was +It was created by OpenBSM $as_me 1.0alpha15, which was generated by GNU Autoconf 2.59. Invocation command line was $ $0 $@ @@ -19278,7 +19278,7 @@ fi # Define the identity of the package. PACKAGE=OpenBSM - VERSION=1.0alpha14 + VERSION=1.0alpha15 cat >>confdefs.h <<_ACEOF @@ -23479,7 +23479,7 @@ _ASBOX } >&5 cat >&5 <<_CSEOF -This file was extended by OpenBSM $as_me 1.0alpha14, which was +This file was extended by OpenBSM $as_me 1.0alpha15, which was generated by GNU Autoconf 2.59. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -23542,7 +23542,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -OpenBSM config.status 1.0alpha14 +OpenBSM config.status 1.0alpha15 configured by $0, generated by GNU Autoconf 2.59, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" diff --git a/contrib/openbsm/configure.ac b/contrib/openbsm/configure.ac index 0d30dcea579c..1af6dcba2001 100644 --- a/contrib/openbsm/configure.ac +++ b/contrib/openbsm/configure.ac @@ -2,8 +2,8 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -AC_INIT([OpenBSM], [1.0alpha14], [trustedbsd-audit@TrustesdBSD.org],[openbsm]) -AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#34 $]) +AC_INIT([OpenBSM], [1.0alpha15], [trustedbsd-audit@TrustesdBSD.org],[openbsm]) +AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#35 $]) AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c]) AC_CONFIG_AUX_DIR(config) AC_CONFIG_HEADER([config/config.h]) diff --git a/contrib/openbsm/libbsm/au_control.3 b/contrib/openbsm/libbsm/au_control.3 index daf045fcfe4a..e17ae16e12ae 100644 --- a/contrib/openbsm/libbsm/au_control.3 +++ b/contrib/openbsm/libbsm/au_control.3 @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#8 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_control.3#9 $ .\" .Dd April 19, 2005 .Dt AU_CONTROL 3 @@ -77,7 +77,7 @@ resets the database iterator to the beginning of the database; see the section for more information. .Pp The -.Fn sendac +.Fn endac function closes the .Xr audit_control 5 diff --git a/contrib/openbsm/libbsm/au_event.3 b/contrib/openbsm/libbsm/au_event.3 index 8abaaa898620..8fe25b45e956 100644 --- a/contrib/openbsm/libbsm/au_event.3 +++ b/contrib/openbsm/libbsm/au_event.3 @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_event.3#7 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/au_event.3#8 $ .\" .Dd April 19, 2005 .Dt AU_EVENT 3 @@ -131,7 +131,7 @@ Functions .Fn getauevnum , .Fn getauevnum_r , and -.Fn getauevnuam +.Fn getauevnonam will return a reference to a .Vt "struct au_event_ent" or diff --git a/contrib/openbsm/libbsm/audit_submit.3 b/contrib/openbsm/libbsm/audit_submit.3 index 46cb21768ba6..609468ceb614 100644 --- a/contrib/openbsm/libbsm/audit_submit.3 +++ b/contrib/openbsm/libbsm/audit_submit.3 @@ -27,7 +27,7 @@ .\" IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/audit_submit.3#11 $ +.\" $P4: //depot/projects/trustedbsd/openbsm/libbsm/audit_submit.3#12 $ .\" .Dd May 29, 2006 .Dt audit_submit 3 @@ -54,7 +54,7 @@ The header will contain the event class specified by .Fa au_event . The subject token will be generated based on .Fa au_ctx . -The return token is dependant on the +The return token is dependent on the .Fa status and .Fa reterr diff --git a/contrib/openbsm/libbsm/bsm_io.c b/contrib/openbsm/libbsm/bsm_io.c index afb0fd4c0ad2..b1ffe45ba70d 100644 --- a/contrib/openbsm/libbsm/bsm_io.c +++ b/contrib/openbsm/libbsm/bsm_io.c @@ -32,7 +32,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#48 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#49 $ */ #include @@ -1306,6 +1306,7 @@ print_arg32_tok(FILE *fp, tokenstr_t *tok, char *del, char raw, print_delim(fp, del); print_4_bytes(fp, tok->tt.arg32.val, "0x%x"); print_delim(fp, del); + print_string(fp, tok->tt.arg32.text, tok->tt.arg32.len); } } diff --git a/contrib/openbsm/libbsm/bsm_token.c b/contrib/openbsm/libbsm/bsm_token.c index 86c1f6048321..c6608954abb8 100644 --- a/contrib/openbsm/libbsm/bsm_token.c +++ b/contrib/openbsm/libbsm/bsm_token.c @@ -30,7 +30,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#62 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#63 $ */ #include @@ -411,7 +411,7 @@ au_to_in_addr_ex(struct in6_addr *internet_addr) ADD_U_CHAR(dptr, AUT_IN_ADDR_EX); ADD_U_INT32(dptr, type); - ADD_MEM(dptr, internet_addr, 5 * sizeof(uint32_t)); + ADD_MEM(dptr, internet_addr, 4 * sizeof(uint32_t)); return (t); }