X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/b0d623f7f2ae71ed96e60569f61f9a9a27016e80..HEAD:/bsd/security/audit/audit_bsm_token.c diff --git a/bsd/security/audit/audit_bsm_token.c b/bsd/security/audit/audit_bsm_token.c index cf0b781a8..0e38a6405 100644 --- a/bsd/security/audit/audit_bsm_token.c +++ b/bsd/security/audit/audit_bsm_token.c @@ -56,11 +56,11 @@ #include #if CONFIG_AUDIT -#define GET_TOKEN_AREA(t, dptr, length) do { \ - t = malloc(sizeof(token_t), M_AUDITBSM, M_WAITOK); \ - t->t_data = malloc(length, M_AUDITBSM, M_WAITOK | M_ZERO); \ - t->len = length; \ - dptr = t->t_data; \ +#define GET_TOKEN_AREA(t, dptr, length) do { \ + t = malloc(sizeof(token_t), M_AUDITBSM, M_WAITOK); \ + t->t_data = malloc(length, M_AUDITBSM, M_WAITOK | M_ZERO); \ + t->len = length; \ + dptr = t->t_data; \ } while (0) /* @@ -89,7 +89,7 @@ au_to_arg32(char n, const char *text, u_int32_t v) ADD_U_INT16(dptr, textlen); ADD_STRING(dptr, text, textlen); - return (t); + return t; } token_t * @@ -111,14 +111,13 @@ au_to_arg64(char n, const char *text, u_int64_t v) ADD_U_INT16(dptr, textlen); ADD_STRING(dptr, text, textlen); - return (t); + return t; } token_t * au_to_arg(char n, const char *text, u_int32_t v) { - - return (au_to_arg32(n, text, v)); + return au_to_arg32(n, text, v); } #if defined(_KERNEL) || defined(KERNEL) @@ -164,14 +163,15 @@ au_to_attr32(struct vnode_au_info *vni) if (sizeof(vni->vn_fileid) == sizeof(uint32_t)) { ADD_U_INT32(dptr, pad0_32); ADD_U_INT32(dptr, vni->vn_fileid); - } else if (sizeof(vni->vn_fileid) == sizeof(uint64_t)) + } else if (sizeof(vni->vn_fileid) == sizeof(uint64_t)) { ADD_U_INT64(dptr, vni->vn_fileid); - else + } else { ADD_U_INT64(dptr, 0LL); + } ADD_U_INT32(dptr, vni->vn_dev); - return (t); + return t; } token_t * @@ -188,7 +188,7 @@ au_to_attr64(struct vnode_au_info *vni) ADD_U_CHAR(dptr, AUT_ATTR64); /* - * Darwin defines the size for the file mode + * Darwin defines the size for the file mode * as 2 bytes; BSM defines 4 so pad with 0 */ ADD_U_INT16(dptr, pad0_16); @@ -207,21 +207,21 @@ au_to_attr64(struct vnode_au_info *vni) if (sizeof(vni->vn_fileid) == sizeof(uint32_t)) { ADD_U_INT32(dptr, pad0_32); ADD_U_INT32(dptr, vni->vn_fileid); - } else if (sizeof(vni->vn_fileid) == sizeof(uint64_t)) + } else if (sizeof(vni->vn_fileid) == sizeof(uint64_t)) { ADD_U_INT64(dptr, vni->vn_fileid); - else + } else { ADD_U_INT64(dptr, 0LL); + } ADD_U_INT64(dptr, vni->vn_dev); - return (t); + return t; } token_t * au_to_attr(struct vnode_au_info *vni) { - - return (au_to_attr32(vni)); + return au_to_attr32(vni); } #endif /* defined(_KERNEL) || defined(KERNEL) */ @@ -242,7 +242,7 @@ au_to_data(char unit_print, char unit_type, char unit_count, const char *p) /* Determine the size of the basic unit. */ switch (unit_type) { case AUR_BYTE: - /* case AUR_CHAR: */ + /* case AUR_CHAR: */ datasize = AUR_BYTE_SIZE; break; @@ -251,7 +251,7 @@ au_to_data(char unit_print, char unit_type, char unit_count, const char *p) break; case AUR_INT32: - /* case AUR_INT: */ + /* case AUR_INT: */ datasize = AUR_INT32_SIZE; break; @@ -275,7 +275,7 @@ au_to_data(char unit_print, char unit_type, char unit_count, const char *p) ADD_U_CHAR(dptr, unit_count); ADD_MEM(dptr, p, totdata); - return (t); + return t; } /* @@ -295,7 +295,7 @@ au_to_exit(int retval, int err) ADD_U_INT32(dptr, err); ADD_U_INT32(dptr, retval); - return (t); + return t; } /* @@ -303,8 +303,7 @@ au_to_exit(int retval, int err) token_t * au_to_groups(int *groups) { - - return (au_to_newgroups(AUDIT_MAX_GROUPS, (gid_t *)groups)); + return au_to_newgroups(AUDIT_MAX_GROUPS, (gid_t *)groups); } /* @@ -324,10 +323,11 @@ au_to_newgroups(u_int16_t n, gid_t *groups) ADD_U_CHAR(dptr, AUT_NEWGROUPS); ADD_U_INT16(dptr, n); - for (i = 0; i < n; i++) + for (i = 0; i < n; i++) { ADD_U_INT32(dptr, groups[i]); + } - return (t); + return t; } /* @@ -345,7 +345,7 @@ au_to_in_addr(struct in_addr *internet_addr) ADD_U_CHAR(dptr, AUT_IN_ADDR); ADD_MEM(dptr, &internet_addr->s_addr, sizeof(uint32_t)); - return (t); + return t; } /* @@ -366,7 +366,7 @@ au_to_in_addr_ex(struct in6_addr *internet_addr) ADD_U_INT32(dptr, type); ADD_MEM(dptr, internet_addr, 4 * sizeof(uint32_t)); - return (t); + return t; } /* @@ -386,7 +386,7 @@ au_to_ip(struct ip *ip) ADD_U_CHAR(dptr, AUT_IP); ADD_MEM(dptr, ip, sizeof(struct ip)); - return (t); + return t; } /* @@ -406,7 +406,7 @@ au_to_ipc(char type, int id) ADD_U_CHAR(dptr, type); ADD_U_INT32(dptr, id); - return (t); + return t; } /* @@ -426,8 +426,9 @@ au_to_ipc_perm(struct ipc_perm *perm) u_char *dptr = NULL; u_int16_t pad0 = 0; - if (perm == NULL) + if (perm == NULL) { return NULL; + } GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 12 * sizeof(u_int16_t) + sizeof(u_int32_t)); @@ -435,7 +436,7 @@ au_to_ipc_perm(struct ipc_perm *perm) ADD_U_CHAR(dptr, AUT_IPC_PERM); /* - * Darwin defines the size for the file mode + * Darwin defines the size for the file mode * as 2 bytes; BSM defines 4 so pad with 0 */ ADD_U_INT32(dptr, perm->uid); @@ -452,7 +453,7 @@ au_to_ipc_perm(struct ipc_perm *perm) ADD_U_INT16(dptr, pad0); ADD_U_INT16(dptr, perm->_key); - return (t); + return t; } /* @@ -470,7 +471,7 @@ au_to_iport(u_int16_t iport) ADD_U_CHAR(dptr, AUT_IPORT); ADD_U_INT16(dptr, iport); - return (t); + return t; } /* @@ -490,7 +491,7 @@ au_to_opaque(const char *data, uint16_t bytes) ADD_U_INT16(dptr, bytes); ADD_MEM(dptr, data, bytes); - return (t); + return t; } /* @@ -514,15 +515,15 @@ au_to_file(const char *file, struct timeval tm) GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int32_t) + sizeof(u_int16_t) + filelen); - timems = tm.tv_usec/1000; + timems = tm.tv_usec / 1000; ADD_U_CHAR(dptr, AUT_OTHER_FILE32); ADD_U_INT32(dptr, tm.tv_sec); - ADD_U_INT32(dptr, timems); /* We need time in ms. */ + ADD_U_INT32(dptr, timems); /* We need time in ms. */ ADD_U_INT16(dptr, filelen); ADD_STRING(dptr, file, filelen); - return (t); + return t; } /* @@ -546,7 +547,7 @@ au_to_text(const char *text) ADD_U_INT16(dptr, textlen); ADD_STRING(dptr, text, textlen); - return (t); + return t; } /* @@ -570,7 +571,7 @@ au_to_path(const char *text) ADD_U_INT16(dptr, textlen); ADD_STRING(dptr, text, textlen); - return (t); + return t; } /* @@ -606,7 +607,7 @@ au_to_process32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, ADD_U_INT32(dptr, tid->port); ADD_MEM(dptr, &tid->machine, sizeof(u_int32_t)); - return (t); + return t; } token_t * @@ -630,16 +631,15 @@ au_to_process64(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, ADD_U_INT64(dptr, tid->port); ADD_MEM(dptr, &tid->machine, sizeof(u_int32_t)); - return (t); + return t; } token_t * au_to_process(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, pid_t pid, au_asid_t sid, au_tid_t *tid) { - - return (au_to_process32(auid, euid, egid, ruid, rgid, pid, sid, - tid)); + return au_to_process32(auid, euid, egid, ruid, rgid, pid, sid, + tid); } /* @@ -665,12 +665,13 @@ au_to_process32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, KASSERT((tid->at_type == AU_IPv4) || (tid->at_type == AU_IPv6), ("au_to_process32_ex: type %u", (unsigned int)tid->at_type)); - if (tid->at_type == AU_IPv6) + if (tid->at_type == AU_IPv6) { GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 * sizeof(u_int32_t)); - else + } else { GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 10 * sizeof(u_int32_t)); + } ADD_U_CHAR(dptr, AUT_PROCESS32_EX); ADD_U_INT32(dptr, auid); @@ -682,12 +683,13 @@ au_to_process32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, ADD_U_INT32(dptr, sid); ADD_U_INT32(dptr, tid->at_port); ADD_U_INT32(dptr, tid->at_type); - if (tid->at_type == AU_IPv6) + if (tid->at_type == AU_IPv6) { ADD_MEM(dptr, &tid->at_addr[0], 4 * sizeof(u_int32_t)); - else + } else { ADD_MEM(dptr, &tid->at_addr[0], sizeof(u_int32_t)); + } - return (t); + return t; } token_t * @@ -697,17 +699,18 @@ au_to_process64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, token_t *t = NULL; u_char *dptr = NULL; - if (tid->at_type == AU_IPv4) + if (tid->at_type == AU_IPv4) { GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 7 * sizeof(u_int32_t) + sizeof(u_int64_t) + 2 * sizeof(u_int32_t)); - else if (tid->at_type == AU_IPv6) + } else if (tid->at_type == AU_IPv6) { GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 7 * sizeof(u_int32_t) + sizeof(u_int64_t) + 5 * sizeof(u_int32_t)); - else + } else { panic("au_to_process64_ex: invalidate at_type (%d)", tid->at_type); + } ADD_U_CHAR(dptr, AUT_PROCESS64_EX); ADD_U_INT32(dptr, auid); @@ -726,16 +729,15 @@ au_to_process64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, ADD_MEM(dptr, &tid->at_addr[3], sizeof(u_int32_t)); } - return (t); + return t; } token_t * au_to_process_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) { - - return (au_to_process32_ex(auid, euid, egid, ruid, rgid, pid, sid, - tid)); + return au_to_process32_ex(auid, euid, egid, ruid, rgid, pid, sid, + tid); } /* @@ -755,7 +757,7 @@ au_to_return32(char status, u_int32_t ret) ADD_U_CHAR(dptr, status); ADD_U_INT32(dptr, ret); - return (t); + return t; } token_t * @@ -770,14 +772,13 @@ au_to_return64(char status, u_int64_t ret) ADD_U_CHAR(dptr, status); ADD_U_INT64(dptr, ret); - return (t); + return t; } token_t * au_to_return(char status, u_int32_t ret) { - - return (au_to_return32(status, ret)); + return au_to_return32(status, ret); } /* @@ -795,7 +796,7 @@ au_to_seq(long audit_count) ADD_U_CHAR(dptr, AUT_SEQ); ADD_U_INT32(dptr, (u_int32_t) audit_count); - return (t); + return t; } /* @@ -817,14 +818,15 @@ au_to_socket_ex(u_short so_domain, u_short so_type, struct sockaddr_in *sin; struct sockaddr_in6 *sin6; - if (so_domain == AF_INET) + if (so_domain == AF_INET) { GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 5 * sizeof(u_int16_t) + 2 * sizeof(u_int32_t)); - else if (so_domain == AF_INET6) + } else if (so_domain == AF_INET6) { GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 5 * sizeof(u_int16_t) + 8 * sizeof(u_int32_t)); - else - return (NULL); + } else { + return NULL; + } ADD_U_CHAR(dptr, AUT_SOCKET_EX); ADD_U_INT16(dptr, au_domain_to_bsm(so_domain)); @@ -832,12 +834,12 @@ au_to_socket_ex(u_short so_domain, u_short so_type, if (so_domain == AF_INET) { ADD_U_INT16(dptr, AU_IPv4); sin = (struct sockaddr_in *)sa_local; - ADD_MEM(dptr, &sin->sin_port, sizeof(uint16_t)); + ADD_MEM(dptr, &sin->sin_port, sizeof(uint16_t)); ADD_MEM(dptr, &sin->sin_addr.s_addr, sizeof(uint32_t)); sin = (struct sockaddr_in *)sa_remote; ADD_MEM(dptr, &sin->sin_port, sizeof(uint16_t)); ADD_MEM(dptr, &sin->sin_addr.s_addr, sizeof(uint32_t)); - } else /* if (so_domain == AF_INET6) */ { + } else { /* if (so_domain == AF_INET6) */ ADD_U_INT16(dptr, AU_IPv6); sin6 = (struct sockaddr_in6 *)sa_local; ADD_MEM(dptr, &sin6->sin6_port, sizeof(uint16_t)); @@ -847,7 +849,7 @@ au_to_socket_ex(u_short so_domain, u_short so_type, ADD_MEM(dptr, &sin6->sin6_addr, 4 * sizeof(uint32_t)); } - return (t); + return t; } /* @@ -866,11 +868,12 @@ au_to_sock_unix(struct sockaddr_un *so) * Please note that sun_len may not be correctly set and sun_path may * not be NULL terminated. */ - if (so->sun_len >= offsetof(struct sockaddr_un, sun_path)) + if (so->sun_len >= offsetof(struct sockaddr_un, sun_path)) { slen = min(so->sun_len - offsetof(struct sockaddr_un, sun_path), strnlen(so->sun_path, sizeof(so->sun_path))); - else + } else { slen = strnlen(so->sun_path, sizeof(so->sun_path)); + } GET_TOKEN_AREA(t, dptr, 3 * sizeof(u_char) + slen + 1); @@ -878,11 +881,12 @@ au_to_sock_unix(struct sockaddr_un *so) /* BSM token has two bytes for family */ ADD_U_CHAR(dptr, 0); ADD_U_CHAR(dptr, so->sun_family); - if (slen) + if (slen) { ADD_MEM(dptr, so->sun_path, slen); + } ADD_U_CHAR(dptr, '\0'); /* make the path a null-terminated string */ - return (t); + return t; } /* @@ -910,7 +914,7 @@ au_to_sock_inet32(struct sockaddr_in *so) ADD_MEM(dptr, &so->sin_port, sizeof(uint16_t)); ADD_MEM(dptr, &so->sin_addr.s_addr, sizeof(uint32_t)); - return (t); + return t; } /* @@ -934,14 +938,13 @@ au_to_sock_inet128(struct sockaddr_in6 *so) ADD_U_INT16(dptr, so->sin6_port); ADD_MEM(dptr, &so->sin6_addr, 4 * sizeof(uint32_t)); - return (t); + return t; } token_t * au_to_sock_inet(struct sockaddr_in *so) { - - return (au_to_sock_inet32(so)); + return au_to_sock_inet32(so); } /* @@ -977,7 +980,7 @@ au_to_subject32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, ADD_U_INT32(dptr, tid->port); ADD_MEM(dptr, &tid->machine, sizeof(u_int32_t)); - return (t); + return t; } token_t * @@ -1001,16 +1004,15 @@ au_to_subject64(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, ADD_U_INT64(dptr, tid->port); ADD_MEM(dptr, &tid->machine, sizeof(u_int32_t)); - return (t); + return t; } token_t * au_to_subject(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, pid_t pid, au_asid_t sid, au_tid_t *tid) { - - return (au_to_subject32(auid, euid, egid, ruid, rgid, pid, sid, - tid)); + return au_to_subject32(auid, euid, egid, ruid, rgid, pid, sid, + tid); } /* @@ -1036,12 +1038,13 @@ au_to_subject32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, KASSERT((tid->at_type == AU_IPv4) || (tid->at_type == AU_IPv6), ("au_to_subject32_ex: type %u", (unsigned int)tid->at_type)); - if (tid->at_type == AU_IPv6) + if (tid->at_type == AU_IPv6) { GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 * sizeof(u_int32_t)); - else + } else { GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 10 * sizeof(u_int32_t)); + } ADD_U_CHAR(dptr, AUT_SUBJECT32_EX); ADD_U_INT32(dptr, auid); @@ -1053,12 +1056,13 @@ au_to_subject32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, ADD_U_INT32(dptr, sid); ADD_U_INT32(dptr, tid->at_port); ADD_U_INT32(dptr, tid->at_type); - if (tid->at_type == AU_IPv6) + if (tid->at_type == AU_IPv6) { ADD_MEM(dptr, &tid->at_addr[0], 4 * sizeof(u_int32_t)); - else + } else { ADD_MEM(dptr, &tid->at_addr[0], sizeof(u_int32_t)); + } - return (t); + return t; } token_t * @@ -1068,17 +1072,18 @@ au_to_subject64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, token_t *t = NULL; u_char *dptr = NULL; - if (tid->at_type == AU_IPv4) + if (tid->at_type == AU_IPv4) { GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 7 * sizeof(u_int32_t) + sizeof(u_int64_t) + 2 * sizeof(u_int32_t)); - else if (tid->at_type == AU_IPv6) + } else if (tid->at_type == AU_IPv6) { GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 7 * sizeof(u_int32_t) + sizeof(u_int64_t) + 5 * sizeof(u_int32_t)); - else + } else { panic("au_to_subject64_ex: invalid at_type (%d)", tid->at_type); + } ADD_U_CHAR(dptr, AUT_SUBJECT64_EX); ADD_U_INT32(dptr, auid); @@ -1090,21 +1095,21 @@ au_to_subject64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, ADD_U_INT32(dptr, sid); ADD_U_INT64(dptr, tid->at_port); ADD_U_INT32(dptr, tid->at_type); - if (tid->at_type == AU_IPv6) + if (tid->at_type == AU_IPv6) { ADD_MEM(dptr, &tid->at_addr[0], 4 * sizeof(u_int32_t)); - else + } else { ADD_MEM(dptr, &tid->at_addr[0], sizeof(u_int32_t)); + } - return (t); + return t; } token_t * au_to_subject_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) { - - return (au_to_subject32_ex(auid, euid, egid, ruid, rgid, pid, sid, - tid)); + return au_to_subject32_ex(auid, euid, egid, ruid, rgid, pid, sid, + tid); } #if !defined(_KERNEL) && !defined(KERNEL) && defined(HAVE_AUDIT_SYSCALLS) @@ -1117,11 +1122,12 @@ au_to_me(void) { auditinfo_t auinfo; - if (getaudit(&auinfo) != 0) - return (NULL); + if (getaudit(&auinfo) != 0) { + return NULL; + } - return (au_to_subject32(auinfo.ai_auid, geteuid(), getegid(), - getuid(), getgid(), getpid(), auinfo.ai_asid, &auinfo.ai_termid)); + return au_to_subject32(auinfo.ai_auid, geteuid(), getegid(), + getuid(), getgid(), getpid(), auinfo.ai_asid, &auinfo.ai_termid); } #endif @@ -1147,7 +1153,7 @@ au_to_exec_strings(const char *strs, int count, u_char type) ADD_U_INT32(dptr, count); ADD_STRING(dptr, strs, totlen); - return (t); + return t; } /* @@ -1158,8 +1164,7 @@ au_to_exec_strings(const char *strs, int count, u_char type) token_t * au_to_exec_args(char *args, int argc) { - - return (au_to_exec_strings(args, argc, AUT_EXEC_ARGS)); + return au_to_exec_strings(args, argc, AUT_EXEC_ARGS); } /* @@ -1170,8 +1175,29 @@ au_to_exec_args(char *args, int argc) token_t * au_to_exec_env(char *envs, int envc) { + return au_to_exec_strings(envs, envc, AUT_EXEC_ENV); +} + +/* + * token ID 1 byte + * count 4 bytes + * text count null-terminated strings + */ +token_t * +au_to_certificate_hash(char *hashes, int hashc) +{ + return au_to_exec_strings(hashes, hashc, AUT_CERT_HASH); +} - return (au_to_exec_strings(envs, envc, AUT_EXEC_ENV)); +/* + * token ID 1 byte + * count 4 bytes + * text count null-terminated strings + */ +token_t * +au_to_krb5_principal(char *principals, int princ) +{ + return au_to_exec_strings(principals, princ, AUT_KRB5_PRINCIPAL); } #else /* @@ -1199,7 +1225,7 @@ au_to_exec_args(char **argv) nextarg = *(argv + count); } - totlen += count * sizeof(char); /* nul terminations. */ + totlen += count * sizeof(char); /* nul terminations. */ GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) + totlen); ADD_U_CHAR(dptr, AUT_EXEC_ARGS); @@ -1210,7 +1236,7 @@ au_to_exec_args(char **argv) ADD_MEM(dptr, nextarg, strlen(nextarg) + 1); } - return (t); + return t; } /* @@ -1231,7 +1257,7 @@ au_to_zonename(char *zonename) ADD_U_CHAR(dptr, AUT_ZONENAME); ADD_U_INT16(dptr, textlen); ADD_STRING(dptr, zonename, textlen); - return (t); + return t; } /* @@ -1269,10 +1295,73 @@ au_to_exec_env(char **envp) ADD_MEM(dptr, nextenv, strlen(nextenv) + 1); } - return (t); + return t; } #endif /* !(defined(_KERNEL) || defined(KERNEL)) */ +/* + * token ID 1 byte + * signer type 4 bytes + * signer id length 2 bytes + * signer id n bytes + * signer id truncated 1 byte + * team id length 2 bytes + * team id n bytes + * team id truncated 1 byte + * cdhash length 2 bytes + * cdhash n bytes + */ +token_t* +au_to_identity(uint32_t signer_type, const char* signing_id, + u_char signing_id_trunc, const char* team_id, u_char team_id_trunc, + uint8_t* cdhash, uint16_t cdhash_len) +{ + token_t *t = NULL; + u_char *dptr = NULL; + size_t signing_id_len = 0; + size_t team_id_len = 0; + size_t totlen = 0; + + if (signing_id) { + signing_id_len = strlen(signing_id); + } + + if (team_id) { + team_id_len = strlen(team_id); + } + + totlen = + sizeof(u_char) + // token id + sizeof(uint32_t) + // signer type + sizeof(uint16_t) + // singing id length + signing_id_len + // length of signing id to copy + sizeof(u_char) + // null terminator for signing id + sizeof(u_char) + // if signing id truncated + sizeof(uint16_t) + // team id length + team_id_len + // length of team id to copy + sizeof(u_char) + // null terminator for team id + sizeof(u_char) + // if team id truncated + sizeof(uint16_t) + // cdhash length + cdhash_len; // cdhash buffer + + GET_TOKEN_AREA(t, dptr, totlen); + + ADD_U_CHAR(dptr, AUT_IDENTITY); // token id + ADD_U_INT32(dptr, signer_type); // signer type + ADD_U_INT16(dptr, signing_id_len + 1); // signing id length+null + ADD_STRING(dptr, signing_id, signing_id_len); // truncated signing id + ADD_U_CHAR(dptr, 0); // null terminator byte + ADD_U_CHAR(dptr, signing_id_trunc); // if signing id is trunc + ADD_U_INT16(dptr, team_id_len + 1); // team id length+null + ADD_STRING(dptr, team_id, team_id_len); // truncated team id + ADD_U_CHAR(dptr, 0); // null terminator byte + ADD_U_CHAR(dptr, team_id_trunc); // if team id is trunc + ADD_U_INT16(dptr, cdhash_len); // cdhash length + ADD_MEM(dptr, cdhash, cdhash_len); // cdhash + + return t; +} + /* * token ID 1 byte * record byte count 4 bytes @@ -1282,7 +1371,7 @@ au_to_exec_env(char **envp) * address type/length 4 bytes * machine address 4 bytes/16 bytes (IPv4/IPv6 address) * seconds of time 4 bytes/8 bytes (32/64-bits) - * milliseconds of time 4 bytes/8 bytes (32/64-bits) + * milliseconds of time 4 bytes/8 bytes (32/64-bits) */ token_t * au_to_header32_ex_tm(int rec_size, au_event_t e_type, au_emod_t e_mod, @@ -1307,15 +1396,16 @@ au_to_header32_ex_tm(int rec_size, au_event_t e_type, au_emod_t e_mod, ADD_U_INT16(dptr, e_type); ADD_U_INT16(dptr, e_mod); ADD_U_INT32(dptr, tid->at_type); - if (tid->at_type == AU_IPv6) + if (tid->at_type == AU_IPv6) { ADD_MEM(dptr, &tid->at_addr[0], 4 * sizeof(u_int32_t)); - else + } else { ADD_MEM(dptr, &tid->at_addr[0], sizeof(u_int32_t)); + } timems = tm.tv_usec / 1000; /* Add the timestamp */ ADD_U_INT32(dptr, tm.tv_sec); - ADD_U_INT32(dptr, timems); /* We need time in ms. */ - return (t); + ADD_U_INT32(dptr, timems); /* We need time in ms. */ + return t; } /* @@ -1344,12 +1434,12 @@ au_to_header32_tm(int rec_size, au_event_t e_type, au_emod_t e_mod, ADD_U_INT16(dptr, e_type); ADD_U_INT16(dptr, e_mod); - timems = tm.tv_usec/1000; + timems = tm.tv_usec / 1000; /* Add the timestamp */ ADD_U_INT32(dptr, tm.tv_sec); - ADD_U_INT32(dptr, timems); /* We need time in ms. */ + ADD_U_INT32(dptr, timems); /* We need time in ms. */ - return (t); + return t; } token_t * @@ -1369,12 +1459,12 @@ au_to_header64_tm(int rec_size, au_event_t e_type, au_emod_t e_mod, ADD_U_INT16(dptr, e_type); ADD_U_INT16(dptr, e_mod); - timems = tm.tv_usec/1000; + timems = tm.tv_usec / 1000; /* Add the timestamp */ ADD_U_INT64(dptr, tm.tv_sec); - ADD_U_INT64(dptr, timems); /* We need time in ms. */ + ADD_U_INT64(dptr, timems); /* We need time in ms. */ - return (t); + return t; } /* @@ -1396,6 +1486,6 @@ au_to_trailer(int rec_size) ADD_U_INT16(dptr, magic); ADD_U_INT32(dptr, rec_size); - return (t); + return t; } #endif /* CONFIG_AUDIT */