/*- * Copyright (c) 2006 Robert N. M. Watson * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $P4: //depot/projects/trustedbsd/openbsm/test/bsm/generate.c#3 $ */ /* * Generate a series of BSM token samples in the requested directory. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include static int do_records, do_tokens; static void usage(void) { fprintf(stderr, "generate [-rt] path\n"); exit(EX_USAGE); } static int open_file(const char *directory, const char *name) { char pathname[PATH_MAX]; int fd; snprintf(pathname, PATH_MAX, "%s/%s", directory, name); (void)unlink(pathname); fd = open(pathname, O_WRONLY | O_CREAT | O_EXCL, 0600); if (fd < 0) err(EX_CANTCREAT, "open: %s", name); return (fd); } static void write_file(int fd, void *buffer, size_t buflen, const char *filename) { ssize_t len; len = write(fd, buffer, buflen); if (len < 0) err(EX_OSERR, "write_file: %s", filename); if (len < buflen) err(EX_OSERR, "write_file: short write: %s", filename); } /* * Write a single token to a file. */ static void write_token(const char *directory, const char *filename, token_t *tok) { u_char buffer[MAX_AUDIT_RECORD_SIZE]; size_t buflen; int fd; buflen = MAX_AUDIT_RECORD_SIZE; if (au_close_token(tok, buffer, &buflen) < 0) err(EX_UNAVAILABLE, "au_close_token"); fd = open_file(directory, filename); write_file(fd, buffer, buflen, filename); close(fd); } /* * Write a token to a file, wrapped in audit record header and trailer. */ static void write_record(const char *directory, const char *filename, token_t *tok, short event) { u_char buffer[MAX_AUDIT_RECORD_SIZE]; size_t buflen; int au, fd; au = au_open(); if (au < 0) err(EX_UNAVAILABLE, "au_open"); if (au_write(au, tok) < 0) err(EX_UNAVAILABLE, "au_write"); buflen = MAX_AUDIT_RECORD_SIZE; if (au_close_buffer(au, event, buffer, &buflen) < 0) err(EX_UNAVAILABLE, "au_close_buffer"); fd = open_file(directory, filename); write_file(fd, buffer, buflen, filename); close(fd); } static struct timeval file_token_timeval = { 0x12345, 0x67890} ; static void generate_file_token(const char *directory, const char *token_filename) { token_t *file_token; file_token = au_to_file("test", file_token_timeval); if (file_token == NULL) err(EX_UNAVAILABLE, "au_to_file"); write_token(directory, token_filename, file_token); } /* * AUT_OHEADER */ static int trailer_token_len = 0x12345678; static void generate_trailer_token(const char *directory, const char *token_filename) { token_t *trailer_token; trailer_token = au_to_trailer(trailer_token_len); if (trailer_token == NULL) err(EX_UNAVAILABLE, "au_to_trailer"); write_token(directory, token_filename, trailer_token); } static int header32_token_len = 0x12345678; static au_event_t header32_e_type = AUE_OPEN; static au_emod_t header32_e_mod = 0x4567; static struct timeval header32_tm = { 0x12345, 0x67890 }; static void generate_header32_token(const char *directory, const char *token_filename) { token_t *header32_token; header32_token = au_to_header32_tm(header32_token_len, header32_e_type, header32_e_mod, header32_tm); if (header32_token == NULL) err(EX_UNAVAILABLE, "au_to_header32"); write_token(directory, token_filename, header32_token); } /* * AUT_HEADER32_EX */ static char data_token_unit_print = AUP_STRING; static char data_token_unit_type = AUR_CHAR; static char *data_token_data = "SomeData"; static char data_token_unit_count = sizeof("SomeData") + 1; static void generate_data_token(const char *directory, const char *token_filename) { token_t *data_token; data_token = au_to_data(data_token_unit_print, data_token_unit_type, data_token_unit_count, data_token_data); if (data_token == NULL) err(EX_UNAVAILABLE, "au_to_data"); write_token(directory, token_filename, data_token); } static void generate_data_record(const char *directory, const char *record_filename) { token_t *data_token; data_token = au_to_data(data_token_unit_print, data_token_unit_type, data_token_unit_count, data_token_data); if (data_token == NULL) err(EX_UNAVAILABLE, "au_to_data"); write_record(directory, record_filename, data_token, AUE_NULL); } static char ipc_type = AT_IPC_MSG; static int ipc_id = 0x12345678; static void generate_ipc_token(const char *directory, const char *token_filename) { token_t *ipc_token; ipc_token = au_to_ipc(ipc_type, ipc_id); if (ipc_token == NULL) err(EX_UNAVAILABLE, "au_to_ipc"); write_token(directory, token_filename, ipc_token); } static void generate_ipc_record(const char *directory, const char *record_filename) { token_t *ipc_token; ipc_token = au_to_ipc(ipc_type, ipc_id); if (ipc_token == NULL) err(EX_UNAVAILABLE, "au_to_ipc"); write_record(directory, record_filename, ipc_token, AUE_NULL); } static char *path_token_path = "/test/this/is/a/test"; static void generate_path_token(const char *directory, const char *token_filename) { token_t *path_token; path_token = au_to_path(path_token_path); if (path_token == NULL) err(EX_UNAVAILABLE, "au_to_path"); write_token(directory, token_filename, path_token); } static void generate_path_record(const char *directory, const char *record_filename) { token_t *path_token; path_token = au_to_path(path_token_path); if (path_token == NULL) err(EX_UNAVAILABLE, "au_to_path"); write_record(directory, record_filename, path_token, AUE_NULL); } static au_id_t subject32_auid = 0x12345678; static uid_t subject32_euid = 0x01234567; static gid_t subject32_egid = 0x23456789; static uid_t subject32_ruid = 0x98765432; static gid_t subject32_rgid = 0x09876543; static pid_t subject32_pid = 0x13243546; static au_asid_t subject32_sid = 0x97867564; static au_tid_t subject32_tid = { 0x16593746 }; static void generate_subject32_token(const char *directory, const char *token_filename) { token_t *subject32_token; subject32_tid.machine = inet_addr("127.0.0.1"); subject32_token = au_to_subject32(subject32_auid, subject32_euid, subject32_egid, subject32_ruid, subject32_rgid, subject32_pid, subject32_sid, &subject32_tid); if (subject32_token == NULL) err(EX_UNAVAILABLE, "au_to_subject32"); write_token(directory, token_filename, subject32_token); } static void generate_subject32_record(const char *directory, const char *record_filename) { token_t *subject32_token; subject32_tid.machine = inet_addr("127.0.0.1"); subject32_token = au_to_subject32(subject32_auid, subject32_euid, subject32_egid, subject32_ruid, subject32_rgid, subject32_pid, subject32_sid, &subject32_tid); if (subject32_token == NULL) err(EX_UNAVAILABLE, "au_to_subject32"); write_record(directory, record_filename, subject32_token, AUE_NULL); } static au_id_t process32_auid = 0x12345678; static uid_t process32_euid = 0x01234567; static gid_t process32_egid = 0x23456789; static uid_t process32_ruid = 0x98765432; static gid_t process32_rgid = 0x09876543; static pid_t process32_pid = 0x13243546; static au_asid_t process32_sid = 0x97867564; static au_tid_t process32_tid = { 0x16593746 }; static void generate_process32_token(const char *directory, const char *token_filename) { token_t *process32_token; process32_tid.machine = inet_addr("127.0.0.1"); process32_token = au_to_process32(process32_auid, process32_euid, process32_egid, process32_ruid, process32_rgid, process32_pid, process32_sid, &process32_tid); if (process32_token == NULL) err(EX_UNAVAILABLE, "au_to_process32"); write_token(directory, token_filename, process32_token); } static void generate_process32_record(const char *directory, const char *record_filename) { token_t *process32_token; process32_tid.machine = inet_addr("127.0.0.1"); process32_token = au_to_process32(process32_auid, process32_euid, process32_egid, process32_ruid, process32_rgid, process32_pid, process32_sid, &process32_tid); if (process32_token == NULL) err(EX_UNAVAILABLE, "au_ti_process32"); write_record(directory, record_filename, process32_token, AUE_NULL); } static char return32_status = 0xd7; static uint32_t return32_ret = 0x12345678; static void generate_return32_token(const char *directory, const char *token_filename) { token_t *return32_token; return32_token = au_to_return32(return32_status, return32_ret); if (return32_token == NULL) err(EX_UNAVAILABLE, "au_to_return32"); write_token(directory, token_filename, return32_token); } static void generate_return32_record(const char *directory, const char *record_filename) { token_t *return32_token; return32_token = au_to_return32(return32_status, return32_ret); if (return32_token == NULL) err(EX_UNAVAILABLE, "au_to_return32"); write_record(directory, record_filename, return32_token, AUE_NULL); } static char *text_token_text = "This is a test."; static void generate_text_token(const char *directory, const char *token_filename) { token_t *text_token; text_token = au_to_text(text_token_text); if (text_token == NULL) err(EX_UNAVAILABLE, "au_to_text"); write_token(directory, token_filename, text_token); } static void generate_text_record(const char *directory, const char *record_filename) { token_t *text_token; text_token = au_to_text(text_token_text); if (text_token == NULL) err(EX_UNAVAILABLE, "au_to_text"); write_record(directory, record_filename, text_token, AUE_NULL); } static char opaque_token_data[] = {0xaa, 0xbb, 0xcc, 0xdd}; static int opaque_token_bytes = sizeof(opaque_token_data); static void generate_opaque_token(const char *directory, const char *token_filename) { token_t *opaque_token; opaque_token = au_to_opaque(opaque_token_data, opaque_token_bytes); if (opaque_token == NULL) err(EX_UNAVAILABLE, "au_to_opaque"); write_token(directory, token_filename, opaque_token); } static void generate_opaque_record(const char *directory, const char *record_filename) { token_t *opaque_token; opaque_token = au_to_opaque(opaque_token_data, opaque_token_bytes); if (opaque_token == NULL) err(EX_UNAVAILABLE, "au_to_opaque"); write_record(directory, record_filename, opaque_token, AUE_NULL); } static struct in_addr in_addr_token_addr; static void generate_in_addr_token(const char *directory, const char *token_filename) { token_t *in_addr_token; in_addr_token_addr.s_addr = inet_addr("192.168.100.15"); in_addr_token = au_to_in_addr(&in_addr_token_addr); if (in_addr_token == NULL) err(EX_UNAVAILABLE, "au_to_in_addr"); write_token(directory, token_filename, in_addr_token); } static void generate_in_addr_record(const char *directory, const char *record_filename) { token_t *in_addr_token; in_addr_token_addr.s_addr = inet_addr("192.168.100.15"); in_addr_token = au_to_in_addr(&in_addr_token_addr); if (in_addr_token == NULL) err(EX_UNAVAILABLE, "au_to_in_addr"); write_record(directory, record_filename, in_addr_token, AUE_NULL); } static struct ip ip_token_ip; static u_char ip_token_ip_v = 4; static uint16_t ip_token_ip_id = 0x5478; static u_char ip_token_ip_ttl = 64; static u_char ip_token_ip_p = IPPROTO_ICMP; static struct in_addr ip_token_ip_src; static struct in_addr ip_token_ip_dst; static void generate_ip_token(const char *directory, const char *token_filename) { token_t *ip_token; ip_token_ip_src.s_addr = inet_addr("192.168.100.155"); ip_token_ip_dst.s_addr = inet_addr("192.168.110.48"); memset(&ip_token_ip, 0, sizeof(ip_token_ip)); ip_token_ip.ip_v = ip_token_ip_v; ip_token_ip.ip_len = htons(sizeof(ip_token_ip)); ip_token_ip.ip_id = htons(ip_token_ip_id); ip_token_ip.ip_ttl = ip_token_ip_ttl; ip_token_ip.ip_p = ip_token_ip_p; ip_token_ip.ip_src = ip_token_ip_src; ip_token_ip.ip_dst = ip_token_ip_dst; ip_token = au_to_ip(&ip_token_ip); if (ip_token == NULL) err(EX_UNAVAILABLE, "au_to_ip"); write_token(directory, token_filename, ip_token); } static void generate_ip_record(const char *directory, const char *record_filename) { token_t *ip_token; ip_token_ip_src.s_addr = inet_addr("192.168.100.155"); ip_token_ip_dst.s_addr = inet_addr("192.168.110.48"); memset(&ip_token_ip, 0, sizeof(ip_token_ip)); ip_token_ip.ip_v = ip_token_ip_v; ip_token_ip.ip_len = htons(sizeof(ip_token_ip)); ip_token_ip.ip_id = htons(ip_token_ip_id); ip_token_ip.ip_ttl = ip_token_ip_ttl; ip_token_ip.ip_p = ip_token_ip_p; ip_token_ip.ip_src = ip_token_ip_src; ip_token_ip.ip_dst = ip_token_ip_dst; ip_token = au_to_ip(&ip_token_ip); if (ip_token == NULL) err(EX_UNAVAILABLE, "au_to_ip"); write_record(directory, record_filename, ip_token, AUE_NULL); } static u_int16_t iport_token_iport; static void generate_iport_token(const char *directory, const char *token_filename) { token_t *iport_token; iport_token_iport = htons(80); iport_token = au_to_iport(iport_token_iport); if (iport_token == NULL) err(EX_UNAVAILABLE, "au_to_iport"); write_token(directory, token_filename, iport_token); } static void generate_iport_record(const char *directory, const char *record_filename) { token_t *iport_token; iport_token_iport = htons(80); iport_token = au_to_iport(iport_token_iport); if (iport_token == NULL) err(EX_UNAVAILABLE, "au_to_iport"); write_record(directory, record_filename, iport_token, AUE_NULL); } static char arg32_token_n = 3; static char *arg32_token_text = "test_arg32_token"; static uint32_t arg32_token_v = 0xabcdef00; static void generate_arg32_token(const char *directory, const char *token_filename) { token_t *arg32_token; arg32_token = au_to_arg32(arg32_token_n, arg32_token_text, arg32_token_v); if (arg32_token == NULL) err(EX_UNAVAILABLE, "au_to_arg32"); write_token(directory, token_filename, arg32_token); } static void generate_arg32_record(const char *directory, const char *record_filename) { token_t *arg32_token; arg32_token = au_to_arg32(arg32_token_n, arg32_token_text, arg32_token_v); if (arg32_token == NULL) err(EX_UNAVAILABLE, "au_to_arg32"); write_record(directory, record_filename, arg32_token, AUE_NULL); } static long seq_audit_count = 0x12345678; static void generate_seq_token(const char *directory, const char *token_filename) { token_t *seq_token; seq_token = au_to_seq(seq_audit_count); if (seq_token == NULL) err(EX_UNAVAILABLE, "au_to_seq"); write_token(directory, token_filename, seq_token); } static void generate_seq_record(const char *directory, const char *record_filename) { token_t *seq_token; seq_token = au_to_seq(seq_audit_count); if (seq_token == NULL) err(EX_UNAVAILABLE, "au_to_seq"); write_record(directory, record_filename, seq_token, AUE_NULL); } /* * AUT_ACL */ static void generate_attr_token(const char *directory, const char *token_filename) { token_t *attr_token; } static void generate_attr_record(const char *directory, const char *record_filename) { token_t *attr_token; } static void generate_ipc_perm_token(const char *directory, const char *token_filename) { token_t *ipc_perm_token; } static void generate_ipc_perm_record(const char *directory, const char *record_filename) { token_t *ipc_perm_token; } /* * AUT_LABEL */ static void generate_groups_token(const char *directory, const char *token_filename) { token_t *groups_token; } static void generate_groups_record(const char *directory, const char *record_filename) { token_t *groups_token; } /* * AUT_ILABEL */ /* * AUT_SLABEL */ /* * AUT_CLEAR */ /* * AUT_PRIV */ /* * AUT_UPRIV */ /* * AUT_LIAISON */ /* * AUT_NEWGROUPS */ /* * AUT_EXEC_ARGS */ /* * AUT_EXEC_ENV */ static void generate_attr32_token(const char *directory, const char *token_filename) { token_t *attr32_token; } static void generate_attr32_record(const char *directory, const char *record_filename) { token_t *attr32_token; } int main(int argc, char *argv[]) { const char *directory; int ch; while ((ch = getopt(argc, argv, "rt")) != -1) { switch (ch) { case 'r': do_records++; break; case 't': do_tokens++; break; default: usage(); } } argc -= optind; argv += optind; if (argc != 1) usage(); directory = argv[0]; if (mkdir(directory, 0755) < 0 && errno != EEXIST) err(EX_OSERR, "mkdir: %s", directory); if (do_tokens) { generate_file_token(directory, "file_token"); generate_trailer_token(directory, "trailer_token"); generate_header32_token(directory, "header32_token"); generate_data_token(directory, "data_token"); generate_ipc_token(directory, "ipc_token"); generate_path_token(directory, "path_token"); generate_subject32_token(directory, "subject32_token"); generate_process32_token(directory, "process32_token"); generate_return32_token(directory, "return32_token"); generate_text_token(directory, "text_token"); generate_opaque_token(directory, "opaque_token"); generate_in_addr_token(directory, "in_addr_token"); generate_ip_token(directory, "ip_token"); generate_iport_token(directory, "iport_token"); generate_arg32_token(directory, "arg32_token"); generate_seq_token(directory, "seq_token"); generate_attr_token(directory, "attr_token"); generate_ipc_perm_token(directory, "ipc_perm_token"); generate_groups_token(directory, "groups_token"); generate_attr32_token(directory, "attr32_token"); } if (do_records) { generate_file_token(directory, "file_token"); generate_trailer_token(directory, "trailer_token"); generate_header32_token(directory, "header32_token"); generate_data_token(directory, "data_record"); generate_ipc_token(directory, "ipc_record"); generate_path_token(directory, "path_record"); generate_subject32_token(directory, "subject32_record"); generate_process32_token(directory, "process32_record"); generate_return32_token(directory, "return32_record"); generate_text_token(directory, "text_record"); generate_opaque_token(directory, "opaque_record"); generate_in_addr_token(directory, "in_addr_record"); generate_ip_token(directory, "ip_record"); generate_iport_token(directory, "iport_record"); generate_arg32_token(directory, "arg32_record"); generate_seq_token(directory, "seq_record"); generate_attr_token(directory, "attr_record"); generate_ipc_perm_token(directory, "ipc_perm_record"); generate_groups_token(directory, "groups_record"); generate_attr32_token(directory, "attr32_record"); } return (0); }