d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
eb3365211a
freebsd-nq/contrib/openbsm/test/bsm/generate.c
Robert Watson bc168a6cdd Vendor import TrustedBSD OpenBSM 1.0 alpha 14, with the following change 
history notes since the last import:

OpenBSM 1.0 alpha 14

- Fix endian issues when processing IPv6 addresses for extended subject
  and process tokens.
- gcc41 warnings clean.
- Teach audit_submit(3) about getaudit_addr(2).
- Add support for zonename tokens.

OpenBSM 1.0 alpha 13

- compat/clock_gettime.h now provides a compatibility implementation of
  clock_gettime(), which fixes building on Mac OS X.
- Countless man page improvements, markup fixes, content fixs, etc.
- XML printing support via "praudit -x".
- audit.log.5 expanded to include additional BSM token types.
- Added encoding and decoding routines for process64_ex, process32_ex,
  subject32_ex, header64, and attr64 tokens.
- Additional audit event identifiers for listen, mlockall/munlockall,
  getpath, POSIX message queues, and mandatory access control.

Approved by:	re (bmah)
MFC after:	3 weeks
Obtained from:	TrustedBSD Project
2007-04-16 15:37:10 +00:00

1022 lines
28 KiB
C
Raw Blame History

/*-
* Copyright (c) 2006-2007 Robert N. M. Watson
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $P4: //depot/projects/trustedbsd/openbsm/test/bsm/generate.c#9 $
*/
/*
* Generate a series of BSM token samples in the requested directory.
*/
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <arpa/inet.h>
#include <bsm/audit_kevents.h>
#include <bsm/libbsm.h>
#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sysexits.h>
#include <unistd.h>
static int do_records, do_tokens;
static void
usage(void)
{
fprintf(stderr, "generate [-rt] path\n");
exit(EX_USAGE);
}
static int
open_file(const char *directory, const char *name)
{
char pathname[PATH_MAX];
int fd;
snprintf(pathname, PATH_MAX, "%s/%s", directory, name);
(void)unlink(pathname);
fd = open(pathname, O_WRONLY | O_CREAT | O_EXCL, 0600);
if (fd < 0)
err(EX_CANTCREAT, "open: %s", name);
return (fd);
}
static void
write_file(int fd, void *buffer, size_t buflen, const char *filename)
{
ssize_t len;
len = write(fd, buffer, buflen);
if (len < 0)
err(EX_OSERR, "write_file: %s", filename);
if (len < buflen)
err(EX_OSERR, "write_file: short write: %s", filename);
}
/*
* Write a single token to a file.
*/
static void
write_token(const char *directory, const char *filename, token_t *tok)
{
u_char buffer[MAX_AUDIT_RECORD_SIZE];
size_t buflen;
int fd;
buflen = MAX_AUDIT_RECORD_SIZE;
if (au_close_token(tok, buffer, &buflen) < 0)
err(EX_UNAVAILABLE, "au_close_token");
fd = open_file(directory, filename);
write_file(fd, buffer, buflen, filename);
close(fd);
}
/*
* Write a token to a file, wrapped in audit record header and trailer.
*/
static void
write_record(const char *directory, const char *filename, token_t *tok,
short event)
{
u_char buffer[MAX_AUDIT_RECORD_SIZE];
size_t buflen;
int au, fd;
au = au_open();
if (au < 0)
err(EX_UNAVAILABLE, "au_open");
if (au_write(au, tok) < 0)
err(EX_UNAVAILABLE, "au_write");
buflen = MAX_AUDIT_RECORD_SIZE;
if (au_close_buffer(au, event, buffer, &buflen) < 0)
err(EX_UNAVAILABLE, "au_close_buffer");
fd = open_file(directory, filename);
write_file(fd, buffer, buflen, filename);
close(fd);
}
static struct timeval file_token_timeval = { 0x12345, 0x67890} ;
static void
generate_file_token(const char *directory, const char *token_filename)
{
token_t *file_token;
file_token = au_to_file("test", file_token_timeval);
if (file_token == NULL)
err(EX_UNAVAILABLE, "au_to_file");
write_token(directory, token_filename, file_token);
}
static void
generate_file_record(const char *directory, const char *record_filename)
{
token_t *file_token;
file_token = au_to_file("test", file_token_timeval);
if (file_token == NULL)
err(EX_UNAVAILABLE, "au_to_file");
write_record(directory, record_filename, file_token, AUE_NULL);
}
/*
* AUT_OHEADER
*/
static int trailer_token_len = 0x12345678;
static void
generate_trailer_token(const char *directory, const char *token_filename)
{
token_t *trailer_token;
trailer_token = au_to_trailer(trailer_token_len);
if (trailer_token == NULL)
err(EX_UNAVAILABLE, "au_to_trailer");
write_token(directory, token_filename, trailer_token);
}
static int header32_token_len = 0x12345678;
static au_event_t header32_e_type = AUE_OPEN;
static au_emod_t header32_e_mod = 0x4567;
static struct timeval header32_tm = { 0x12345, 0x67890 };
static void
generate_header32_token(const char *directory, const char *token_filename)
{
token_t *header32_token;
header32_token = au_to_header32_tm(header32_token_len,
header32_e_type, header32_e_mod, header32_tm);
if (header32_token == NULL)
err(EX_UNAVAILABLE, "au_to_header32");
write_token(directory, token_filename, header32_token);
}
/*
* AUT_HEADER32_EX
*/
static char data_token_unit_print = AUP_STRING;
static char data_token_unit_type = AUR_CHAR;
static char *data_token_data = "SomeData";
static char data_token_unit_count = sizeof("SomeData") + 1;
static void
generate_data_token(const char *directory, const char *token_filename)
{
token_t *data_token;
data_token = au_to_data(data_token_unit_print, data_token_unit_type,
data_token_unit_count, data_token_data);
if (data_token == NULL)
err(EX_UNAVAILABLE, "au_to_data");
write_token(directory, token_filename, data_token);
}
static void
generate_data_record(const char *directory, const char *record_filename)
{
token_t *data_token;
data_token = au_to_data(data_token_unit_print, data_token_unit_type,
data_token_unit_count, data_token_data);
if (data_token == NULL)
err(EX_UNAVAILABLE, "au_to_data");
write_record(directory, record_filename, data_token, AUE_NULL);
}
static char ipc_type = AT_IPC_MSG;
static int ipc_id = 0x12345678;
static void
generate_ipc_token(const char *directory, const char *token_filename)
{
token_t *ipc_token;
ipc_token = au_to_ipc(ipc_type, ipc_id);
if (ipc_token == NULL)
err(EX_UNAVAILABLE, "au_to_ipc");
write_token(directory, token_filename, ipc_token);
}
static void
generate_ipc_record(const char *directory, const char *record_filename)
{
token_t *ipc_token;
ipc_token = au_to_ipc(ipc_type, ipc_id);
if (ipc_token == NULL)
err(EX_UNAVAILABLE, "au_to_ipc");
write_record(directory, record_filename, ipc_token, AUE_NULL);
}
static char *path_token_path = "/test/this/is/a/test";
static void
generate_path_token(const char *directory, const char *token_filename)
{
token_t *path_token;
path_token = au_to_path(path_token_path);
if (path_token == NULL)
err(EX_UNAVAILABLE, "au_to_path");
write_token(directory, token_filename, path_token);
}
static void
generate_path_record(const char *directory, const char *record_filename)
{
token_t *path_token;
path_token = au_to_path(path_token_path);
if (path_token == NULL)
err(EX_UNAVAILABLE, "au_to_path");
write_record(directory, record_filename, path_token, AUE_NULL);
}
static au_id_t subject32_auid = 0x12345678;
static uid_t subject32_euid = 0x01234567;
static gid_t subject32_egid = 0x23456789;
static uid_t subject32_ruid = 0x98765432;
static gid_t subject32_rgid = 0x09876543;
static pid_t subject32_pid = 0x13243546;
static au_asid_t subject32_sid = 0x97867564;
static au_tid_t subject32_tid = { 0x16593746 };
static au_tid_addr_t subject32_tid_addr = { 0x16593746 };
static void
generate_subject32_token(const char *directory, const char *token_filename)
{
token_t *subject32_token;
subject32_tid.machine = inet_addr("127.0.0.1");
subject32_token = au_to_subject32(subject32_auid, subject32_euid,
subject32_egid, subject32_ruid, subject32_rgid, subject32_pid,
subject32_sid, &subject32_tid);
if (subject32_token == NULL)
err(EX_UNAVAILABLE, "au_to_subject32");
write_token(directory, token_filename, subject32_token);
}
static void
generate_subject32_record(const char *directory, const char *record_filename)
{
token_t *subject32_token;
subject32_tid.machine = inet_addr("127.0.0.1");
subject32_token = au_to_subject32(subject32_auid, subject32_euid,
subject32_egid, subject32_ruid, subject32_rgid, subject32_pid,
subject32_sid, &subject32_tid);
if (subject32_token == NULL)
err(EX_UNAVAILABLE, "au_to_subject32");
write_record(directory, record_filename, subject32_token, AUE_NULL);
}
static void
generate_subject32ex_token(const char *directory, const char *token_filename,
u_int32_t type)
{
token_t *subject32ex_token;
char *buf;
buf = (char *)malloc(strlen(token_filename) + 6);
if (type == AU_IPv6) {
inet_pton(AF_INET6, "fe80::1", subject32_tid_addr.at_addr);
subject32_tid_addr.at_type = AU_IPv6;
sprintf(buf, "%s%s", token_filename, "-IPv6");
} else {
subject32_tid_addr.at_addr[0] = inet_addr("127.0.0.1");
subject32_tid_addr.at_type = AU_IPv4;
sprintf(buf, "%s%s", token_filename, "-IPv4");
}
subject32ex_token = au_to_subject32_ex(subject32_auid, subject32_euid,
subject32_egid, subject32_ruid, subject32_rgid, subject32_pid,
subject32_sid, &subject32_tid_addr);
if (subject32ex_token == NULL)
err(EX_UNAVAILABLE, "au_to_subject32_ex");
write_token(directory, buf, subject32ex_token);
free(buf);
}
static void
generate_subject32ex_record(const char *directory, const char *record_filename,
u_int32_t type)
{
token_t *subject32ex_token;
char *buf;
buf = (char *)malloc(strlen(record_filename) + 6);
if (type == AU_IPv6) {
inet_pton(AF_INET6, "fe80::1", subject32_tid_addr.at_addr);
subject32_tid_addr.at_type = AU_IPv6;
sprintf(buf, "%s%s", record_filename, "-IPv6");
} else {
subject32_tid_addr.at_addr[0] = inet_addr("127.0.0.1");
subject32_tid_addr.at_type = AU_IPv4;
sprintf(buf, "%s%s", record_filename, "-IPv4");
}
subject32ex_token = au_to_subject32_ex(subject32_auid, subject32_euid,
subject32_egid, subject32_ruid, subject32_rgid, subject32_pid,
subject32_sid, &subject32_tid_addr);
if (subject32ex_token == NULL)
err(EX_UNAVAILABLE, "au_to_subject32_ex");
write_record(directory, record_filename, subject32ex_token, AUE_NULL);
free(buf);
}
static au_id_t process32_auid = 0x12345678;
static uid_t process32_euid = 0x01234567;
static gid_t process32_egid = 0x23456789;
static uid_t process32_ruid = 0x98765432;
static gid_t process32_rgid = 0x09876543;
static pid_t process32_pid = 0x13243546;
static au_asid_t process32_sid = 0x97867564;
static au_tid_t process32_tid = { 0x16593746 };
static au_tid_addr_t process32_tid_addr = { 0x16593746 };
static void
generate_process32_token(const char *directory, const char *token_filename)
{
token_t *process32_token;
process32_tid.machine = inet_addr("127.0.0.1");
process32_token = au_to_process32(process32_auid, process32_euid,
process32_egid, process32_ruid, process32_rgid, process32_pid,
process32_sid, &process32_tid);
if (process32_token == NULL)
err(EX_UNAVAILABLE, "au_to_process32");
write_token(directory, token_filename, process32_token);
}
static void
generate_process32_record(const char *directory, const char *record_filename)
{
token_t *process32_token;
process32_tid.machine = inet_addr("127.0.0.1");
process32_token = au_to_process32(process32_auid, process32_euid,
process32_egid, process32_ruid, process32_rgid, process32_pid,
process32_sid, &process32_tid);
if (process32_token == NULL)
err(EX_UNAVAILABLE, "au_ti_process32");
write_record(directory, record_filename, process32_token, AUE_NULL);
}
static void
generate_process32ex_token(const char *directory, const char *token_filename,
u_int32_t type)
{
token_t *process32ex_token;
char *buf;
buf = (char *)malloc(strlen(token_filename) + 6);
if (type == AU_IPv6) {
inet_pton(AF_INET6, "fe80::1", process32_tid_addr.at_addr);
process32_tid_addr.at_type = AU_IPv6;
sprintf(buf, "%s%s", token_filename, "-IPv6");
} else {
process32_tid_addr.at_addr[0] = inet_addr("127.0.0.1");
process32_tid_addr.at_type = AU_IPv4;
sprintf(buf, "%s%s", token_filename, "-IPv4");
}
process32ex_token = au_to_process32_ex(process32_auid, process32_euid,
process32_egid, process32_ruid, process32_rgid, process32_pid,
process32_sid, &process32_tid_addr);
if (process32ex_token == NULL)
err(EX_UNAVAILABLE, "au_to_process32_ex");
write_token(directory, buf, process32ex_token);
free(buf);
}
static void
generate_process32ex_record(const char *directory, const char *record_filename,
u_int32_t type)
{
token_t *process32ex_token;
char *buf;
buf = (char *)malloc(strlen(record_filename) + 6);
if (type == AU_IPv6) {
inet_pton(AF_INET6, "fe80::1", process32_tid_addr.at_addr);
process32_tid_addr.at_type = AU_IPv6;
sprintf(buf, "%s%s", record_filename, "-IPv6");
} else {
process32_tid_addr.at_addr[0] = inet_addr("127.0.0.1");
process32_tid_addr.at_type = AU_IPv4;
sprintf(buf, "%s%s", record_filename, "-IPv4");
}
process32ex_token = au_to_process32_ex(process32_auid, process32_euid,
process32_egid, process32_ruid, process32_rgid, process32_pid,
process32_sid, &process32_tid_addr);
if (process32ex_token == NULL)
err(EX_UNAVAILABLE, "au_to_process32_ex");
write_record(directory, buf, process32ex_token, AUE_NULL);
free(buf);
}
static au_id_t process64_auid = 0x12345678;
static uid_t process64_euid = 0x01234567;
static gid_t process64_egid = 0x23456789;
static uid_t process64_ruid = 0x98765432;
static gid_t process64_rgid = 0x09876543;
static pid_t process64_pid = 0x13243546;
static au_asid_t process64_sid = 0x97867564;
static au_tid_t process64_tid = { 0x16593746 };
static au_tid_addr_t process64_tid_addr = { 0x16593746 };
static void
generate_process64_token(const char *directory, const char *token_filename)
{
token_t *process64_token;
process64_tid.machine = inet_addr("127.0.0.1");
process64_token = au_to_process64(process64_auid, process64_euid,
process64_egid, process64_ruid, process64_rgid, process64_pid,
process64_sid, &process64_tid);
if (process64_token == NULL)
err(EX_UNAVAILABLE, "au_to_process64");
write_token(directory, token_filename, process64_token);
}
static void
generate_process64_record(const char *directory, const char *record_filename)
{
token_t *process64_token;
process64_tid.machine = inet_addr("127.0.0.1");
process64_token = au_to_process64(process64_auid, process64_euid,
process64_egid, process64_ruid, process64_rgid, process64_pid,
process64_sid, &process64_tid);
if (process64_token == NULL)
err(EX_UNAVAILABLE, "au_ti_process64");
write_record(directory, record_filename, process64_token, AUE_NULL);
}
static void
generate_process64ex_token(const char *directory, const char *token_filename,
u_int32_t type)
{
token_t *process64ex_token;
char *buf;
buf = (char *)malloc(strlen(token_filename) + 6);
if (type == AU_IPv6) {
inet_pton(AF_INET6, "fe80::1", process64_tid_addr.at_addr);
process64_tid_addr.at_type = AU_IPv6;
sprintf(buf, "%s%s", token_filename, "-IPv6");
} else {
process64_tid_addr.at_addr[0] = inet_addr("127.0.0.1");
process64_tid_addr.at_type = AU_IPv4;
sprintf(buf, "%s%s", token_filename, "-IPv4");
}
process64ex_token = au_to_process64_ex(process64_auid, process64_euid,
process64_egid, process64_ruid, process64_rgid, process64_pid,
process64_sid, &process64_tid_addr);
if (process64ex_token == NULL)
err(EX_UNAVAILABLE, "au_to_process64_ex");
write_token(directory, buf, process64ex_token);
free(buf);
}
static void
generate_process64ex_record(const char *directory, const char *record_filename,
u_int32_t type)
{
token_t *process64ex_token;
char *buf;
buf = (char *)malloc(strlen(record_filename) + 6);
if (type == AU_IPv6) {
inet_pton(AF_INET6, "fe80::1", process64_tid_addr.at_addr);
process64_tid_addr.at_type = AU_IPv6;
sprintf(buf, "%s%s", record_filename, "-IPv6");
} else {
process64_tid_addr.at_addr[0] = inet_addr("127.0.0.1");
process64_tid_addr.at_type = AU_IPv4;
sprintf(buf, "%s%s", record_filename, "-IPv4");
}
process64ex_token = au_to_process64_ex(process64_auid, process64_euid,
process64_egid, process64_ruid, process64_rgid, process64_pid,
process64_sid, &process64_tid_addr);
if (process64ex_token == NULL)
err(EX_UNAVAILABLE, "au_to_process64_ex");
write_record(directory, buf, process64ex_token, AUE_NULL);
free(buf);
}
static char return32_status = 0xd7;
static uint32_t return32_ret = 0x12345678;
static void
generate_return32_token(const char *directory, const char *token_filename)
{
token_t *return32_token;
return32_token = au_to_return32(return32_status, return32_ret);
if (return32_token == NULL)
err(EX_UNAVAILABLE, "au_to_return32");
write_token(directory, token_filename, return32_token);
}
static void
generate_return32_record(const char *directory, const char *record_filename)
{
token_t *return32_token;
return32_token = au_to_return32(return32_status, return32_ret);
if (return32_token == NULL)
err(EX_UNAVAILABLE, "au_to_return32");
write_record(directory, record_filename, return32_token, AUE_NULL);
}
static char *text_token_text = "This is a test.";
static void
generate_text_token(const char *directory, const char *token_filename)
{
token_t *text_token;
text_token = au_to_text(text_token_text);
if (text_token == NULL)
err(EX_UNAVAILABLE, "au_to_text");
write_token(directory, token_filename, text_token);
}
static void
generate_text_record(const char *directory, const char *record_filename)
{
token_t *text_token;
text_token = au_to_text(text_token_text);
if (text_token == NULL)
err(EX_UNAVAILABLE, "au_to_text");
write_record(directory, record_filename, text_token, AUE_NULL);
}
static char opaque_token_data[] = {0xaa, 0xbb, 0xcc, 0xdd};
static int opaque_token_bytes = sizeof(opaque_token_data);
static void
generate_opaque_token(const char *directory, const char *token_filename)
{
token_t *opaque_token;
opaque_token = au_to_opaque(opaque_token_data, opaque_token_bytes);
if (opaque_token == NULL)
err(EX_UNAVAILABLE, "au_to_opaque");
write_token(directory, token_filename, opaque_token);
}
static void
generate_opaque_record(const char *directory, const char *record_filename)
{
token_t *opaque_token;
opaque_token = au_to_opaque(opaque_token_data, opaque_token_bytes);
if (opaque_token == NULL)
err(EX_UNAVAILABLE, "au_to_opaque");
write_record(directory, record_filename, opaque_token, AUE_NULL);
}
static struct in_addr in_addr_token_addr;
static void
generate_in_addr_token(const char *directory, const char *token_filename)
{
token_t *in_addr_token;
in_addr_token_addr.s_addr = inet_addr("192.168.100.15");
in_addr_token = au_to_in_addr(&in_addr_token_addr);
if (in_addr_token == NULL)
err(EX_UNAVAILABLE, "au_to_in_addr");
write_token(directory, token_filename, in_addr_token);
}
static void
generate_in_addr_record(const char *directory, const char *record_filename)
{
token_t *in_addr_token;
in_addr_token_addr.s_addr = inet_addr("192.168.100.15");
in_addr_token = au_to_in_addr(&in_addr_token_addr);
if (in_addr_token == NULL)
err(EX_UNAVAILABLE, "au_to_in_addr");
write_record(directory, record_filename, in_addr_token, AUE_NULL);
}
static struct ip ip_token_ip;
static u_char ip_token_ip_v = 4;
static uint16_t ip_token_ip_id = 0x5478;
static u_char ip_token_ip_ttl = 64;
static u_char ip_token_ip_p = IPPROTO_ICMP;
static struct in_addr ip_token_ip_src;
static struct in_addr ip_token_ip_dst;
static void
generate_ip_token(const char *directory, const char *token_filename)
{
token_t *ip_token;
ip_token_ip_src.s_addr = inet_addr("192.168.100.155");
ip_token_ip_dst.s_addr = inet_addr("192.168.110.48");
memset(&ip_token_ip, 0, sizeof(ip_token_ip));
ip_token_ip.ip_v = ip_token_ip_v;
ip_token_ip.ip_len = htons(sizeof(ip_token_ip));
ip_token_ip.ip_id = htons(ip_token_ip_id);
ip_token_ip.ip_ttl = ip_token_ip_ttl;
ip_token_ip.ip_p = ip_token_ip_p;
ip_token_ip.ip_src = ip_token_ip_src;
ip_token_ip.ip_dst = ip_token_ip_dst;
ip_token = au_to_ip(&ip_token_ip);
if (ip_token == NULL)
err(EX_UNAVAILABLE, "au_to_ip");
write_token(directory, token_filename, ip_token);
}
static void
generate_ip_record(const char *directory, const char *record_filename)
{
token_t *ip_token;
ip_token_ip_src.s_addr = inet_addr("192.168.100.155");
ip_token_ip_dst.s_addr = inet_addr("192.168.110.48");
memset(&ip_token_ip, 0, sizeof(ip_token_ip));
ip_token_ip.ip_v = ip_token_ip_v;
ip_token_ip.ip_len = htons(sizeof(ip_token_ip));
ip_token_ip.ip_id = htons(ip_token_ip_id);
ip_token_ip.ip_ttl = ip_token_ip_ttl;
ip_token_ip.ip_p = ip_token_ip_p;
ip_token_ip.ip_src = ip_token_ip_src;
ip_token_ip.ip_dst = ip_token_ip_dst;
ip_token = au_to_ip(&ip_token_ip);
if (ip_token == NULL)
err(EX_UNAVAILABLE, "au_to_ip");
write_record(directory, record_filename, ip_token, AUE_NULL);
}
static u_int16_t iport_token_iport;
static void
generate_iport_token(const char *directory, const char *token_filename)
{
token_t *iport_token;
iport_token_iport = htons(80);
iport_token = au_to_iport(iport_token_iport);
if (iport_token == NULL)
err(EX_UNAVAILABLE, "au_to_iport");
write_token(directory, token_filename, iport_token);
}
static void
generate_iport_record(const char *directory, const char *record_filename)
{
token_t *iport_token;
iport_token_iport = htons(80);
iport_token = au_to_iport(iport_token_iport);
if (iport_token == NULL)
err(EX_UNAVAILABLE, "au_to_iport");
write_record(directory, record_filename, iport_token, AUE_NULL);
}
static char arg32_token_n = 3;
static char *arg32_token_text = "test_arg32_token";
static uint32_t arg32_token_v = 0xabcdef00;
static void
generate_arg32_token(const char *directory, const char *token_filename)
{
token_t *arg32_token;
arg32_token = au_to_arg32(arg32_token_n, arg32_token_text,
arg32_token_v);
if (arg32_token == NULL)
err(EX_UNAVAILABLE, "au_to_arg32");
write_token(directory, token_filename, arg32_token);
}
static void
generate_arg32_record(const char *directory, const char *record_filename)
{
token_t *arg32_token;
arg32_token = au_to_arg32(arg32_token_n, arg32_token_text,
arg32_token_v);
if (arg32_token == NULL)
err(EX_UNAVAILABLE, "au_to_arg32");
write_record(directory, record_filename, arg32_token, AUE_NULL);
}
static long seq_audit_count = 0x12345678;
static void
generate_seq_token(const char *directory, const char *token_filename)
{
token_t *seq_token;
seq_token = au_to_seq(seq_audit_count);
if (seq_token == NULL)
err(EX_UNAVAILABLE, "au_to_seq");
write_token(directory, token_filename, seq_token);
}
static void
generate_seq_record(const char *directory, const char *record_filename)
{
token_t *seq_token;
seq_token = au_to_seq(seq_audit_count);
if (seq_token == NULL)
err(EX_UNAVAILABLE, "au_to_seq");
write_record(directory, record_filename, seq_token, AUE_NULL);
}
/*
* AUT_ACL
*/
static void
generate_attr_token(const char *directory, const char *token_filename)
{
token_t *attr_token;
}
static void
generate_attr_record(const char *directory, const char *record_filename)
{
token_t *attr_token;
}
static void
generate_ipc_perm_token(const char *directory, const char *token_filename)
{
token_t *ipc_perm_token;
}
static void
generate_ipc_perm_record(const char *directory, const char *record_filename)
{
token_t *ipc_perm_token;
}
/*
* AUT_LABEL
*/
static void
generate_groups_token(const char *directory, const char *token_filename)
{
token_t *groups_token;
}
static void
generate_groups_record(const char *directory, const char *record_filename)
{
token_t *groups_token;
}
/*
* AUT_ILABEL
*/
/*
* AUT_SLABEL
*/
/*
* AUT_CLEAR
*/
/*
* AUT_PRIV
*/
/*
* AUT_UPRIV
*/
/*
* AUT_LIAISON
*/
/*
* AUT_NEWGROUPS
*/
/*
* AUT_EXEC_ARGS
*/
/*
* AUT_EXEC_ENV
*/
static void
generate_attr32_token(const char *directory, const char *token_filename)
{
token_t *attr32_token;
}
static void
generate_attr32_record(const char *directory, const char *record_filename)
{
token_t *attr32_token;
}
static char *zonename_sample = "testzone";
static void
generate_zonename_token(const char *directory, const char *token_filename)
{
token_t *zonename_token;
zonename_token = au_to_zonename(zonename_sample);
if (zonename_token == NULL)
err(EX_UNAVAILABLE, "au_to_zonename");
write_token(directory, token_filename, zonename_token);
}
static void
generate_zonename_record(const char *directory, const char *record_filename)
{
token_t *zonename_token;
zonename_token = au_to_zonename(zonename_sample);
if (zonename_token == NULL)
err(EX_UNAVAILABLE, "au_to_zonename");
write_record(directory, record_filename, zonename_token, AUE_NULL);
}
int
main(int argc, char *argv[])
{
const char *directory;
int ch;
while ((ch = getopt(argc, argv, "rt")) != -1) {
switch (ch) {
case 'r':
do_records++;
break;
case 't':
do_tokens++;
break;
default:
usage();
}
}
argc -= optind;
argv += optind;
if (argc != 1)
usage();
directory = argv[0];
if (mkdir(directory, 0755) < 0 && errno != EEXIST)
err(EX_OSERR, "mkdir: %s", directory);
if (do_tokens) {
generate_file_token(directory, "file_token");
generate_trailer_token(directory, "trailer_token");
generate_header32_token(directory, "header32_token");
generate_data_token(directory, "data_token");
generate_ipc_token(directory, "ipc_token");
generate_path_token(directory, "path_token");
generate_subject32_token(directory, "subject32_token");
generate_subject32ex_token(directory, "subject32ex_token",
AU_IPv4);
generate_subject32ex_token(directory, "subject32ex_token",
AU_IPv6);
generate_process32_token(directory, "process32_token");
generate_process32ex_token(directory, "process32ex_token",
AU_IPv4);
generate_process32ex_token(directory, "process32ex_token",
AU_IPv6);
generate_process64_token(directory, "process64_token");
generate_process64ex_token(directory, "process64ex_token",
AU_IPv4);
generate_process64ex_token(directory, "process64ex_token",
AU_IPv6);
generate_return32_token(directory, "return32_token");
generate_text_token(directory, "text_token");
generate_opaque_token(directory, "opaque_token");
generate_in_addr_token(directory, "in_addr_token");
generate_ip_token(directory, "ip_token");
generate_iport_token(directory, "iport_token");
generate_arg32_token(directory, "arg32_token");
generate_seq_token(directory, "seq_token");
generate_attr_token(directory, "attr_token");
generate_ipc_perm_token(directory, "ipc_perm_token");
generate_groups_token(directory, "groups_token");
generate_attr32_token(directory, "attr32_token");
generate_zonename_token(directory, "zonename_token");
}
if (do_records) {
generate_file_record(directory, "file_record");
generate_data_record(directory, "data_record");
generate_ipc_record(directory, "ipc_record");
generate_path_record(directory, "path_record");
generate_subject32_record(directory, "subject32_record");
generate_subject32ex_record(directory, "subject32ex_record",
AU_IPv4);
generate_subject32ex_record(directory, "subject32ex_record",
AU_IPv6);
generate_process32_record(directory, "process32_record");
generate_process32ex_record(directory, "process32ex_record",
AU_IPv4);
generate_process32ex_record(directory, "process32ex_record",
AU_IPv6);
generate_process64_record(directory, "process64_record");
generate_process64ex_record(directory, "process64ex_record",
AU_IPv4);
generate_process64ex_record(directory, "process64ex_record",
AU_IPv6);
generate_return32_record(directory, "return32_record");
generate_text_record(directory, "text_record");
generate_opaque_record(directory, "opaque_record");
generate_in_addr_record(directory, "in_addr_record");
generate_ip_record(directory, "ip_record");
generate_iport_record(directory, "iport_record");
generate_arg32_record(directory, "arg32_record");
generate_seq_record(directory, "seq_record");
generate_attr_record(directory, "attr_record");
generate_ipc_perm_record(directory, "ipc_perm_record");
generate_groups_record(directory, "groups_record");
generate_attr32_record(directory, "attr32_record");
generate_zonename_record(directory, "zonename_record");
}
return (0);
}
Reference in New Issue View Git Blame Copy Permalink