1ca0716f5SRobert Watson /* 2ca0716f5SRobert Watson * Copyright (c) 2004 Apple Computer, Inc. 3ca0716f5SRobert Watson * Copyright (c) 2005 SPARTA, Inc. 4ca0716f5SRobert Watson * All rights reserved. 5ca0716f5SRobert Watson * 6ca0716f5SRobert Watson * This code was developed in part by Robert N. M. Watson, Senior Principal 7ca0716f5SRobert Watson * Scientist, SPARTA, Inc. 8ca0716f5SRobert Watson * 9ca0716f5SRobert Watson * Redistribution and use in source and binary forms, with or without 10ca0716f5SRobert Watson * modification, are permitted provided that the following conditions 11ca0716f5SRobert Watson * are met: 12ca0716f5SRobert Watson * 1. Redistributions of source code must retain the above copyright 13ca0716f5SRobert Watson * notice, this list of conditions and the following disclaimer. 14ca0716f5SRobert Watson * 2. Redistributions in binary form must reproduce the above copyright 15ca0716f5SRobert Watson * notice, this list of conditions and the following disclaimer in the 16ca0716f5SRobert Watson * documentation and/or other materials provided with the distribution. 17ca0716f5SRobert Watson * 3. Neither the name of Apple Computer, Inc. ("Apple") nor the names of 18ca0716f5SRobert Watson * its contributors may be used to endorse or promote products derived 19ca0716f5SRobert Watson * from this software without specific prior written permission. 20ca0716f5SRobert Watson * 21ca0716f5SRobert Watson * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND 22ca0716f5SRobert Watson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23ca0716f5SRobert Watson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24ca0716f5SRobert Watson * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR 25ca0716f5SRobert Watson * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26ca0716f5SRobert Watson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27ca0716f5SRobert Watson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28ca0716f5SRobert Watson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 29ca0716f5SRobert Watson * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 30ca0716f5SRobert Watson * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 31ca0716f5SRobert Watson * POSSIBILITY OF SUCH DAMAGE. 32ca0716f5SRobert Watson * 333b97a967SRobert Watson * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#43 $ 34ca0716f5SRobert Watson */ 35ca0716f5SRobert Watson 36ca0716f5SRobert Watson #include <sys/types.h> 373b97a967SRobert Watson 383b97a967SRobert Watson #include <config/config.h> 393b97a967SRobert Watson #ifdef HAVE_SYS_ENDIAN_H 40ca0716f5SRobert Watson #include <sys/endian.h> 413b97a967SRobert Watson #else /* !HAVE_SYS_ENDIAN_H */ 423b97a967SRobert Watson #ifdef HAVE_MACHINE_ENDIAN_H 433b97a967SRobert Watson #include <machine/endian.h> 443b97a967SRobert Watson #else /* !HAVE_MACHINE_ENDIAN_H */ 453b97a967SRobert Watson #ifdef HAVE_ENDIAN_H 463b97a967SRobert Watson #include <endian.h> 473b97a967SRobert Watson #else /* !HAVE_ENDIAN_H */ 483b97a967SRobert Watson #error "No supported endian.h" 493b97a967SRobert Watson #endif /* !HAVE_ENDIAN_H */ 503b97a967SRobert Watson #endif /* !HAVE_MACHINE_ENDIAN_H */ 513b97a967SRobert Watson #include <compat/endian.h> 523b97a967SRobert Watson #endif /* !HAVE_SYS_ENDIAN_H */ 533b97a967SRobert Watson #ifdef HAVE_FULL_QUEUE_H 543b97a967SRobert Watson #include <sys/queue.h> 553b97a967SRobert Watson #else /* !HAVE_FULL_QUEUE_H */ 563b97a967SRobert Watson #include <compat/queue.h> 573b97a967SRobert Watson #endif /* !HAVE_FULL_QUEUE_H */ 583b97a967SRobert Watson 59ca0716f5SRobert Watson #include <sys/socket.h> 60ca0716f5SRobert Watson #include <sys/time.h> 61ca0716f5SRobert Watson #include <sys/un.h> 62ca0716f5SRobert Watson 63ca0716f5SRobert Watson #include <sys/ipc.h> 64ca0716f5SRobert Watson 65ca0716f5SRobert Watson #include <netinet/in.h> 66ca0716f5SRobert Watson #include <netinet/in_systm.h> 67ca0716f5SRobert Watson #include <netinet/ip.h> 68ca0716f5SRobert Watson 69ca0716f5SRobert Watson #include <assert.h> 70ca0716f5SRobert Watson #include <errno.h> 71ca0716f5SRobert Watson #include <string.h> 72ca0716f5SRobert Watson #include <stdlib.h> 73ca0716f5SRobert Watson #include <unistd.h> 74ca0716f5SRobert Watson #include <sys/socketvar.h> 75ca0716f5SRobert Watson 76ca0716f5SRobert Watson #include <bsm/audit_internal.h> 77ca0716f5SRobert Watson #include <bsm/libbsm.h> 78ca0716f5SRobert Watson 79ca0716f5SRobert Watson #define GET_TOKEN_AREA(t, dptr, length) do { \ 80ca0716f5SRobert Watson (t) = malloc(sizeof(token_t)); \ 81ca0716f5SRobert Watson if ((t) != NULL) { \ 82ca0716f5SRobert Watson (t)->len = (length); \ 83ca0716f5SRobert Watson (dptr) = (t->t_data) = malloc((length) * sizeof(u_char)); \ 84ca0716f5SRobert Watson if ((dptr) == NULL) { \ 85ca0716f5SRobert Watson free(t); \ 86ca0716f5SRobert Watson (t) = NULL; \ 87ca0716f5SRobert Watson } else \ 88ca0716f5SRobert Watson memset((dptr), 0, (length)); \ 89ca0716f5SRobert Watson } else \ 90ca0716f5SRobert Watson (dptr) = NULL; \ 91ca0716f5SRobert Watson assert(t == NULL || dptr != NULL); \ 92ca0716f5SRobert Watson } while (0) 93ca0716f5SRobert Watson 94ca0716f5SRobert Watson /* 95ca0716f5SRobert Watson * token ID 1 byte 96ca0716f5SRobert Watson * argument # 1 byte 97ca0716f5SRobert Watson * argument value 4 bytes/8 bytes (32-bit/64-bit value) 98ca0716f5SRobert Watson * text length 2 bytes 99ca0716f5SRobert Watson * text N bytes + 1 terminating NULL byte 100ca0716f5SRobert Watson */ 101ca0716f5SRobert Watson token_t * 102ca0716f5SRobert Watson au_to_arg32(char n, char *text, u_int32_t v) 103ca0716f5SRobert Watson { 104ca0716f5SRobert Watson token_t *t; 105ca0716f5SRobert Watson u_char *dptr = NULL; 106ca0716f5SRobert Watson u_int16_t textlen; 107ca0716f5SRobert Watson 108ca0716f5SRobert Watson textlen = strlen(text); 109ca0716f5SRobert Watson textlen += 1; 110ca0716f5SRobert Watson 111ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int32_t) + 112ca0716f5SRobert Watson sizeof(u_int16_t) + textlen); 113ca0716f5SRobert Watson if (t == NULL) 114ca0716f5SRobert Watson return (NULL); 115ca0716f5SRobert Watson 116ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_ARG32); 117ca0716f5SRobert Watson ADD_U_CHAR(dptr, n); 118ca0716f5SRobert Watson ADD_U_INT32(dptr, v); 119ca0716f5SRobert Watson ADD_U_INT16(dptr, textlen); 120ca0716f5SRobert Watson ADD_STRING(dptr, text, textlen); 121ca0716f5SRobert Watson 122ca0716f5SRobert Watson return (t); 123ca0716f5SRobert Watson 124ca0716f5SRobert Watson } 125ca0716f5SRobert Watson 126ca0716f5SRobert Watson token_t * 127ca0716f5SRobert Watson au_to_arg64(char n, char *text, u_int64_t v) 128ca0716f5SRobert Watson { 129ca0716f5SRobert Watson token_t *t; 130ca0716f5SRobert Watson u_char *dptr = NULL; 131ca0716f5SRobert Watson u_int16_t textlen; 132ca0716f5SRobert Watson 133ca0716f5SRobert Watson textlen = strlen(text); 134ca0716f5SRobert Watson textlen += 1; 135ca0716f5SRobert Watson 136ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int64_t) + 137ca0716f5SRobert Watson sizeof(u_int16_t) + textlen); 138ca0716f5SRobert Watson if (t == NULL) 139ca0716f5SRobert Watson return (NULL); 140ca0716f5SRobert Watson 141ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_ARG64); 142ca0716f5SRobert Watson ADD_U_CHAR(dptr, n); 143ca0716f5SRobert Watson ADD_U_INT64(dptr, v); 144ca0716f5SRobert Watson ADD_U_INT16(dptr, textlen); 145ca0716f5SRobert Watson ADD_STRING(dptr, text, textlen); 146ca0716f5SRobert Watson 147ca0716f5SRobert Watson return (t); 148ca0716f5SRobert Watson 149ca0716f5SRobert Watson } 150ca0716f5SRobert Watson 151ca0716f5SRobert Watson token_t * 152ca0716f5SRobert Watson au_to_arg(char n, char *text, u_int32_t v) 153ca0716f5SRobert Watson { 154ca0716f5SRobert Watson 155ca0716f5SRobert Watson return (au_to_arg32(n, text, v)); 156ca0716f5SRobert Watson } 157ca0716f5SRobert Watson 158ca0716f5SRobert Watson #if defined(_KERNEL) || defined(KERNEL) 159ca0716f5SRobert Watson /* 160ca0716f5SRobert Watson * token ID 1 byte 161ca0716f5SRobert Watson * file access mode 4 bytes 162ca0716f5SRobert Watson * owner user ID 4 bytes 163ca0716f5SRobert Watson * owner group ID 4 bytes 164ca0716f5SRobert Watson * file system ID 4 bytes 165ca0716f5SRobert Watson * node ID 8 bytes 166ca0716f5SRobert Watson * device 4 bytes/8 bytes (32-bit/64-bit) 167ca0716f5SRobert Watson */ 168ca0716f5SRobert Watson token_t * 169ca0716f5SRobert Watson au_to_attr32(struct vnode_au_info *vni) 170ca0716f5SRobert Watson { 171ca0716f5SRobert Watson token_t *t; 172ca0716f5SRobert Watson u_char *dptr = NULL; 173ca0716f5SRobert Watson u_int16_t pad0_16 = 0; 174ca0716f5SRobert Watson u_int16_t pad0_32 = 0; 175ca0716f5SRobert Watson 176ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int16_t) + 177ca0716f5SRobert Watson 3 * sizeof(u_int32_t) + sizeof(u_int64_t) + sizeof(u_int32_t)); 178ca0716f5SRobert Watson if (t == NULL) 179ca0716f5SRobert Watson return (NULL); 180ca0716f5SRobert Watson 181ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_ATTR32); 182ca0716f5SRobert Watson 183ca0716f5SRobert Watson /* 184ca0716f5SRobert Watson * Darwin defines the size for the file mode 185ca0716f5SRobert Watson * as 2 bytes; BSM defines 4 so pad with 0 186ca0716f5SRobert Watson */ 187ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0_16); 188ca0716f5SRobert Watson ADD_U_INT16(dptr, vni->vn_mode); 189ca0716f5SRobert Watson 190ca0716f5SRobert Watson ADD_U_INT32(dptr, vni->vn_uid); 191ca0716f5SRobert Watson ADD_U_INT32(dptr, vni->vn_gid); 192ca0716f5SRobert Watson ADD_U_INT32(dptr, vni->vn_fsid); 193ca0716f5SRobert Watson 194ca0716f5SRobert Watson /* 195ca0716f5SRobert Watson * Some systems use 32-bit file ID's, other's use 64-bit file IDs. 196ca0716f5SRobert Watson * Attempt to handle both, and let the compiler sort it out. If we 197ca0716f5SRobert Watson * could pick this out at compile-time, it would be better, so as to 198ca0716f5SRobert Watson * avoid the else case below. 199ca0716f5SRobert Watson */ 200ca0716f5SRobert Watson if (sizeof(vni->vn_fileid) == sizeof(uint32_t)) { 201ca0716f5SRobert Watson ADD_U_INT32(dptr, pad0_32); 202ca0716f5SRobert Watson ADD_U_INT32(dptr, vni->vn_fileid); 203ca0716f5SRobert Watson } else if (sizeof(vni->vn_fileid) == sizeof(uint64_t)) 204ca0716f5SRobert Watson ADD_U_INT64(dptr, vni->vn_fileid); 205ca0716f5SRobert Watson else 206ca0716f5SRobert Watson ADD_U_INT64(dptr, 0LL); 207ca0716f5SRobert Watson 208ca0716f5SRobert Watson ADD_U_INT32(dptr, vni->vn_dev); 209ca0716f5SRobert Watson 210ca0716f5SRobert Watson return (t); 211ca0716f5SRobert Watson } 212ca0716f5SRobert Watson 213ca0716f5SRobert Watson token_t * 214ca0716f5SRobert Watson au_to_attr64(struct vnode_au_info *vni) 215ca0716f5SRobert Watson { 216ca0716f5SRobert Watson 217ca0716f5SRobert Watson errno = ENOTSUP; 218ca0716f5SRobert Watson return (NULL); 219ca0716f5SRobert Watson } 220ca0716f5SRobert Watson 221ca0716f5SRobert Watson token_t * 222ca0716f5SRobert Watson au_to_attr(struct vnode_au_info *vni) 223ca0716f5SRobert Watson { 224ca0716f5SRobert Watson 225ca0716f5SRobert Watson return (au_to_attr32(vni)); 226ca0716f5SRobert Watson } 227ca0716f5SRobert Watson #endif /* !(defined(_KERNEL) || defined(KERNEL) */ 228ca0716f5SRobert Watson 229ca0716f5SRobert Watson /* 230ca0716f5SRobert Watson * token ID 1 byte 231ca0716f5SRobert Watson * how to print 1 byte 232ca0716f5SRobert Watson * basic unit 1 byte 233ca0716f5SRobert Watson * unit count 1 byte 234ca0716f5SRobert Watson * data items (depends on basic unit) 235ca0716f5SRobert Watson */ 236ca0716f5SRobert Watson token_t * 237ca0716f5SRobert Watson au_to_data(char unit_print, char unit_type, char unit_count, char *p) 238ca0716f5SRobert Watson { 239ca0716f5SRobert Watson token_t *t; 240ca0716f5SRobert Watson u_char *dptr = NULL; 241ca0716f5SRobert Watson size_t datasize, totdata; 242ca0716f5SRobert Watson 243ca0716f5SRobert Watson /* Determine the size of the basic unit. */ 244ca0716f5SRobert Watson switch (unit_type) { 245ca0716f5SRobert Watson case AUR_BYTE: 246ca0716f5SRobert Watson datasize = AUR_BYTE_SIZE; 247ca0716f5SRobert Watson break; 248ca0716f5SRobert Watson 249ca0716f5SRobert Watson case AUR_SHORT: 250ca0716f5SRobert Watson datasize = AUR_SHORT_SIZE; 251ca0716f5SRobert Watson break; 252ca0716f5SRobert Watson 253ca0716f5SRobert Watson case AUR_LONG: 254ca0716f5SRobert Watson datasize = AUR_LONG_SIZE; 255ca0716f5SRobert Watson break; 256ca0716f5SRobert Watson 257ca0716f5SRobert Watson default: 258ca0716f5SRobert Watson errno = EINVAL; 259ca0716f5SRobert Watson return (NULL); 260ca0716f5SRobert Watson } 261ca0716f5SRobert Watson 262ca0716f5SRobert Watson totdata = datasize * unit_count; 263ca0716f5SRobert Watson 264ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, totdata + 4 * sizeof(u_char)); 265ca0716f5SRobert Watson if (t == NULL) 266ca0716f5SRobert Watson return (NULL); 267ca0716f5SRobert Watson 268ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_DATA); 269ca0716f5SRobert Watson ADD_U_CHAR(dptr, unit_print); 270ca0716f5SRobert Watson ADD_U_CHAR(dptr, unit_type); 271ca0716f5SRobert Watson ADD_U_CHAR(dptr, unit_count); 272ca0716f5SRobert Watson ADD_MEM(dptr, p, totdata); 273ca0716f5SRobert Watson 274ca0716f5SRobert Watson return (t); 275ca0716f5SRobert Watson } 276ca0716f5SRobert Watson 277ca0716f5SRobert Watson 278ca0716f5SRobert Watson /* 279ca0716f5SRobert Watson * token ID 1 byte 280ca0716f5SRobert Watson * status 4 bytes 281ca0716f5SRobert Watson * return value 4 bytes 282ca0716f5SRobert Watson */ 283ca0716f5SRobert Watson token_t * 284ca0716f5SRobert Watson au_to_exit(int retval, int err) 285ca0716f5SRobert Watson { 286ca0716f5SRobert Watson token_t *t; 287ca0716f5SRobert Watson u_char *dptr = NULL; 288ca0716f5SRobert Watson 289ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int32_t)); 290ca0716f5SRobert Watson if (t == NULL) 291ca0716f5SRobert Watson return (NULL); 292ca0716f5SRobert Watson 293ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_EXIT); 294ca0716f5SRobert Watson ADD_U_INT32(dptr, err); 295ca0716f5SRobert Watson ADD_U_INT32(dptr, retval); 296ca0716f5SRobert Watson 297ca0716f5SRobert Watson return (t); 298ca0716f5SRobert Watson } 299ca0716f5SRobert Watson 300ca0716f5SRobert Watson /* 301ca0716f5SRobert Watson */ 302ca0716f5SRobert Watson token_t * 303ca0716f5SRobert Watson au_to_groups(int *groups) 304ca0716f5SRobert Watson { 305ca0716f5SRobert Watson 306ca0716f5SRobert Watson return (au_to_newgroups(BSM_MAX_GROUPS, groups)); 307ca0716f5SRobert Watson } 308ca0716f5SRobert Watson 309ca0716f5SRobert Watson /* 310ca0716f5SRobert Watson * token ID 1 byte 311ca0716f5SRobert Watson * number groups 2 bytes 312ca0716f5SRobert Watson * group list count * 4 bytes 313ca0716f5SRobert Watson */ 314ca0716f5SRobert Watson token_t * 315ca0716f5SRobert Watson au_to_newgroups(u_int16_t n, gid_t *groups) 316ca0716f5SRobert Watson { 317ca0716f5SRobert Watson token_t *t; 318ca0716f5SRobert Watson u_char *dptr = NULL; 319ca0716f5SRobert Watson int i; 320ca0716f5SRobert Watson 321ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + 322ca0716f5SRobert Watson n * sizeof(u_int32_t)); 323ca0716f5SRobert Watson if (t == NULL) 324ca0716f5SRobert Watson return (NULL); 325ca0716f5SRobert Watson 326ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_NEWGROUPS); 327ca0716f5SRobert Watson ADD_U_INT16(dptr, n); 328ca0716f5SRobert Watson for (i = 0; i < n; i++) 329ca0716f5SRobert Watson ADD_U_INT32(dptr, groups[i]); 330ca0716f5SRobert Watson 331ca0716f5SRobert Watson return (t); 332ca0716f5SRobert Watson } 333ca0716f5SRobert Watson 334ca0716f5SRobert Watson /* 335ca0716f5SRobert Watson * token ID 1 byte 336ca0716f5SRobert Watson * internet address 4 bytes 337ca0716f5SRobert Watson */ 338ca0716f5SRobert Watson token_t * 339ca0716f5SRobert Watson au_to_in_addr(struct in_addr *internet_addr) 340ca0716f5SRobert Watson { 341ca0716f5SRobert Watson token_t *t; 342ca0716f5SRobert Watson u_char *dptr = NULL; 343ca0716f5SRobert Watson 344ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t)); 345ca0716f5SRobert Watson if (t == NULL) 346ca0716f5SRobert Watson return (NULL); 347ca0716f5SRobert Watson 348ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_IN_ADDR); 349ca0716f5SRobert Watson ADD_U_INT32(dptr, internet_addr->s_addr); 350ca0716f5SRobert Watson 351ca0716f5SRobert Watson return (t); 352ca0716f5SRobert Watson } 353ca0716f5SRobert Watson 354ca0716f5SRobert Watson /* 355ca0716f5SRobert Watson * token ID 1 byte 356ca0716f5SRobert Watson * address type/length 4 bytes 357ca0716f5SRobert Watson * Address 16 bytes 358ca0716f5SRobert Watson */ 359ca0716f5SRobert Watson token_t * 360ca0716f5SRobert Watson au_to_in_addr_ex(struct in6_addr *internet_addr) 361ca0716f5SRobert Watson { 362ca0716f5SRobert Watson token_t *t; 363ca0716f5SRobert Watson u_char *dptr = NULL; 364ca0716f5SRobert Watson u_int32_t type = AF_INET6; 365ca0716f5SRobert Watson 366ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 5 * sizeof(u_int32_t)); 367ca0716f5SRobert Watson if (t == NULL) 368ca0716f5SRobert Watson return (NULL); 369ca0716f5SRobert Watson 370ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_IN_ADDR_EX); 371ca0716f5SRobert Watson ADD_U_INT32(dptr, type); 3723b97a967SRobert Watson ADD_MEM(dptr, internet_addr, sizeof(*internet_addr)); 373ca0716f5SRobert Watson 374ca0716f5SRobert Watson return (t); 375ca0716f5SRobert Watson } 376ca0716f5SRobert Watson 377ca0716f5SRobert Watson /* 378ca0716f5SRobert Watson * token ID 1 byte 379ca0716f5SRobert Watson * ip header 20 bytes 380ca0716f5SRobert Watson */ 381ca0716f5SRobert Watson token_t * 382ca0716f5SRobert Watson au_to_ip(struct ip *ip) 383ca0716f5SRobert Watson { 384ca0716f5SRobert Watson token_t *t; 385ca0716f5SRobert Watson u_char *dptr = NULL; 386ca0716f5SRobert Watson 387ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(struct ip)); 388ca0716f5SRobert Watson if (t == NULL) 389ca0716f5SRobert Watson return (NULL); 390ca0716f5SRobert Watson 391ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_IP); 392ca0716f5SRobert Watson /* 393ca0716f5SRobert Watson * XXXRW: Any byte order work needed on the IP header before writing? 394ca0716f5SRobert Watson */ 395ca0716f5SRobert Watson ADD_MEM(dptr, ip, sizeof(struct ip)); 396ca0716f5SRobert Watson 397ca0716f5SRobert Watson return (t); 398ca0716f5SRobert Watson } 399ca0716f5SRobert Watson 400ca0716f5SRobert Watson /* 401ca0716f5SRobert Watson * token ID 1 byte 402ca0716f5SRobert Watson * object ID type 1 byte 403ca0716f5SRobert Watson * object ID 4 bytes 404ca0716f5SRobert Watson */ 405ca0716f5SRobert Watson token_t * 406ca0716f5SRobert Watson au_to_ipc(char type, int id) 407ca0716f5SRobert Watson { 408ca0716f5SRobert Watson token_t *t; 409ca0716f5SRobert Watson u_char *dptr = NULL; 410ca0716f5SRobert Watson 411ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int32_t)); 412ca0716f5SRobert Watson if (t == NULL) 413ca0716f5SRobert Watson return (NULL); 414ca0716f5SRobert Watson 415ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_IPC); 416ca0716f5SRobert Watson ADD_U_CHAR(dptr, type); 417ca0716f5SRobert Watson ADD_U_INT32(dptr, id); 418ca0716f5SRobert Watson 419ca0716f5SRobert Watson return (t); 420ca0716f5SRobert Watson } 421ca0716f5SRobert Watson 422ca0716f5SRobert Watson /* 423ca0716f5SRobert Watson * token ID 1 byte 424ca0716f5SRobert Watson * owner user ID 4 bytes 425ca0716f5SRobert Watson * owner group ID 4 bytes 426ca0716f5SRobert Watson * creator user ID 4 bytes 427ca0716f5SRobert Watson * creator group ID 4 bytes 428ca0716f5SRobert Watson * access mode 4 bytes 429ca0716f5SRobert Watson * slot sequence # 4 bytes 430ca0716f5SRobert Watson * key 4 bytes 431ca0716f5SRobert Watson */ 432ca0716f5SRobert Watson token_t * 433ca0716f5SRobert Watson au_to_ipc_perm(struct ipc_perm *perm) 434ca0716f5SRobert Watson { 435ca0716f5SRobert Watson token_t *t; 436ca0716f5SRobert Watson u_char *dptr = NULL; 437ca0716f5SRobert Watson u_int16_t pad0 = 0; 438ca0716f5SRobert Watson 439ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 12 * sizeof(u_int16_t) + sizeof(u_int32_t)); 440ca0716f5SRobert Watson if (t == NULL) 441ca0716f5SRobert Watson return (NULL); 442ca0716f5SRobert Watson 443ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_IPC_PERM); 444ca0716f5SRobert Watson 445ca0716f5SRobert Watson /* 446ca0716f5SRobert Watson * Darwin defines the sizes for ipc_perm members 447ca0716f5SRobert Watson * as 2 bytes; BSM defines 4 so pad with 0 448ca0716f5SRobert Watson */ 449ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0); 450ca0716f5SRobert Watson ADD_U_INT16(dptr, perm->uid); 451ca0716f5SRobert Watson 452ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0); 453ca0716f5SRobert Watson ADD_U_INT16(dptr, perm->gid); 454ca0716f5SRobert Watson 455ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0); 456ca0716f5SRobert Watson ADD_U_INT16(dptr, perm->cuid); 457ca0716f5SRobert Watson 458ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0); 459ca0716f5SRobert Watson ADD_U_INT16(dptr, perm->cgid); 460ca0716f5SRobert Watson 461ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0); 462ca0716f5SRobert Watson ADD_U_INT16(dptr, perm->mode); 463ca0716f5SRobert Watson 464ca0716f5SRobert Watson ADD_U_INT16(dptr, pad0); 465ca0716f5SRobert Watson 4663b97a967SRobert Watson #ifdef HAVE_IPC_PERM___SEQ 4673b97a967SRobert Watson ADD_U_INT16(dptr, perm->__seq); 4683b97a967SRobert Watson #else 4693b97a967SRobert Watson ADD_U_INT16(dptr, perm->seq); 4703b97a967SRobert Watson #endif 4713b97a967SRobert Watson 4723b97a967SRobert Watson #ifdef HAVE_IPC_PERM___KEY 4733b97a967SRobert Watson ADD_U_INT32(dptr, perm->__key); 4743b97a967SRobert Watson #else 475ca0716f5SRobert Watson ADD_U_INT32(dptr, perm->key); 4763b97a967SRobert Watson #endif 477ca0716f5SRobert Watson 478ca0716f5SRobert Watson return (t); 479ca0716f5SRobert Watson } 480ca0716f5SRobert Watson 481ca0716f5SRobert Watson /* 482ca0716f5SRobert Watson * token ID 1 byte 483ca0716f5SRobert Watson * port IP address 2 bytes 484ca0716f5SRobert Watson */ 485ca0716f5SRobert Watson token_t * 486ca0716f5SRobert Watson au_to_iport(u_int16_t iport) 487ca0716f5SRobert Watson { 488ca0716f5SRobert Watson token_t *t; 489ca0716f5SRobert Watson u_char *dptr = NULL; 490ca0716f5SRobert Watson 491ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t)); 492ca0716f5SRobert Watson if (t == NULL) 493ca0716f5SRobert Watson return (NULL); 494ca0716f5SRobert Watson 495ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_IPORT); 496ca0716f5SRobert Watson ADD_U_INT16(dptr, iport); 497ca0716f5SRobert Watson 498ca0716f5SRobert Watson return (t); 499ca0716f5SRobert Watson } 500ca0716f5SRobert Watson 501ca0716f5SRobert Watson /* 502ca0716f5SRobert Watson * token ID 1 byte 503ca0716f5SRobert Watson * size 2 bytes 504ca0716f5SRobert Watson * data size bytes 505ca0716f5SRobert Watson */ 506ca0716f5SRobert Watson token_t * 507ca0716f5SRobert Watson au_to_opaque(char *data, u_int16_t bytes) 508ca0716f5SRobert Watson { 509ca0716f5SRobert Watson token_t *t; 510ca0716f5SRobert Watson u_char *dptr = NULL; 511ca0716f5SRobert Watson 512ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + bytes); 513ca0716f5SRobert Watson if (t == NULL) 514ca0716f5SRobert Watson return (NULL); 515ca0716f5SRobert Watson 516ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_OPAQUE); 517ca0716f5SRobert Watson ADD_U_INT16(dptr, bytes); 518ca0716f5SRobert Watson ADD_MEM(dptr, data, bytes); 519ca0716f5SRobert Watson 520ca0716f5SRobert Watson return (t); 521ca0716f5SRobert Watson } 522ca0716f5SRobert Watson 523ca0716f5SRobert Watson /* 524ca0716f5SRobert Watson * token ID 1 byte 525ca0716f5SRobert Watson * seconds of time 4 bytes 526ca0716f5SRobert Watson * milliseconds of time 4 bytes 527ca0716f5SRobert Watson * file name len 2 bytes 528ca0716f5SRobert Watson * file pathname N bytes + 1 terminating NULL byte 529ca0716f5SRobert Watson */ 530ca0716f5SRobert Watson token_t * 531ca0716f5SRobert Watson #if defined(KERNEL) || defined(_KERNEL) 532ca0716f5SRobert Watson au_to_file(char *file, struct timeval tm) 533ca0716f5SRobert Watson #else 534ca0716f5SRobert Watson au_to_file(char *file) 535ca0716f5SRobert Watson #endif 536ca0716f5SRobert Watson { 537ca0716f5SRobert Watson token_t *t; 538ca0716f5SRobert Watson u_char *dptr = NULL; 539ca0716f5SRobert Watson u_int16_t filelen; 540ca0716f5SRobert Watson u_int32_t timems; 541ca0716f5SRobert Watson #if !defined(KERNEL) && !defined(_KERNEL) 542ca0716f5SRobert Watson struct timeval tm; 543ca0716f5SRobert Watson struct timezone tzp; 544ca0716f5SRobert Watson 545ca0716f5SRobert Watson if (gettimeofday(&tm, &tzp) == -1) 546ca0716f5SRobert Watson return (NULL); 547ca0716f5SRobert Watson #endif 548ca0716f5SRobert Watson 549ca0716f5SRobert Watson filelen = strlen(file); 550ca0716f5SRobert Watson filelen += 1; 551ca0716f5SRobert Watson 552ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 2 * sizeof(u_int32_t) + 553ca0716f5SRobert Watson sizeof(u_int16_t) + filelen); 554ca0716f5SRobert Watson if (t == NULL) 555ca0716f5SRobert Watson return (NULL); 556ca0716f5SRobert Watson 557ca0716f5SRobert Watson timems = tm.tv_usec/1000; 558ca0716f5SRobert Watson 559ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_OTHER_FILE32); 560ca0716f5SRobert Watson ADD_U_INT32(dptr, tm.tv_sec); 561ca0716f5SRobert Watson ADD_U_INT32(dptr, timems); /* We need time in ms. */ 562ca0716f5SRobert Watson ADD_U_INT16(dptr, filelen); 563ca0716f5SRobert Watson ADD_STRING(dptr, file, filelen); 564ca0716f5SRobert Watson 565ca0716f5SRobert Watson return (t); 566ca0716f5SRobert Watson } 567ca0716f5SRobert Watson 568ca0716f5SRobert Watson /* 569ca0716f5SRobert Watson * token ID 1 byte 570ca0716f5SRobert Watson * text length 2 bytes 571ca0716f5SRobert Watson * text N bytes + 1 terminating NULL byte 572ca0716f5SRobert Watson */ 573ca0716f5SRobert Watson token_t * 574ca0716f5SRobert Watson au_to_text(char *text) 575ca0716f5SRobert Watson { 576ca0716f5SRobert Watson token_t *t; 577ca0716f5SRobert Watson u_char *dptr = NULL; 578ca0716f5SRobert Watson u_int16_t textlen; 579ca0716f5SRobert Watson 580ca0716f5SRobert Watson textlen = strlen(text); 581ca0716f5SRobert Watson textlen += 1; 582ca0716f5SRobert Watson 583ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + textlen); 584ca0716f5SRobert Watson if (t == NULL) 585ca0716f5SRobert Watson return (NULL); 586ca0716f5SRobert Watson 587ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_TEXT); 588ca0716f5SRobert Watson ADD_U_INT16(dptr, textlen); 589ca0716f5SRobert Watson ADD_STRING(dptr, text, textlen); 590ca0716f5SRobert Watson 591ca0716f5SRobert Watson return (t); 592ca0716f5SRobert Watson } 593ca0716f5SRobert Watson 594ca0716f5SRobert Watson /* 595ca0716f5SRobert Watson * token ID 1 byte 596ca0716f5SRobert Watson * path length 2 bytes 597ca0716f5SRobert Watson * path N bytes + 1 terminating NULL byte 598ca0716f5SRobert Watson */ 599ca0716f5SRobert Watson token_t * 600ca0716f5SRobert Watson au_to_path(char *text) 601ca0716f5SRobert Watson { 602ca0716f5SRobert Watson token_t *t; 603ca0716f5SRobert Watson u_char *dptr = NULL; 604ca0716f5SRobert Watson u_int16_t textlen; 605ca0716f5SRobert Watson 606ca0716f5SRobert Watson textlen = strlen(text); 607ca0716f5SRobert Watson textlen += 1; 608ca0716f5SRobert Watson 609ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + textlen); 610ca0716f5SRobert Watson if (t == NULL) 611ca0716f5SRobert Watson return (NULL); 612ca0716f5SRobert Watson 613ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_PATH); 614ca0716f5SRobert Watson ADD_U_INT16(dptr, textlen); 615ca0716f5SRobert Watson ADD_STRING(dptr, text, textlen); 616ca0716f5SRobert Watson 617ca0716f5SRobert Watson return (t); 618ca0716f5SRobert Watson } 619ca0716f5SRobert Watson 620ca0716f5SRobert Watson /* 621ca0716f5SRobert Watson * token ID 1 byte 622ca0716f5SRobert Watson * audit ID 4 bytes 623ca0716f5SRobert Watson * effective user ID 4 bytes 624ca0716f5SRobert Watson * effective group ID 4 bytes 625ca0716f5SRobert Watson * real user ID 4 bytes 626ca0716f5SRobert Watson * real group ID 4 bytes 627ca0716f5SRobert Watson * process ID 4 bytes 628ca0716f5SRobert Watson * session ID 4 bytes 629ca0716f5SRobert Watson * terminal ID 630ca0716f5SRobert Watson * port ID 4 bytes/8 bytes (32-bit/64-bit value) 631ca0716f5SRobert Watson * machine address 4 bytes 632ca0716f5SRobert Watson */ 633ca0716f5SRobert Watson token_t * 634ca0716f5SRobert Watson au_to_process32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 635ca0716f5SRobert Watson pid_t pid, au_asid_t sid, au_tid_t *tid) 636ca0716f5SRobert Watson { 637ca0716f5SRobert Watson token_t *t; 638ca0716f5SRobert Watson u_char *dptr = NULL; 639ca0716f5SRobert Watson 640ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 9 * sizeof(u_int32_t)); 641ca0716f5SRobert Watson if (t == NULL) 642ca0716f5SRobert Watson return (NULL); 643ca0716f5SRobert Watson 644ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_PROCESS32); 645ca0716f5SRobert Watson ADD_U_INT32(dptr, auid); 646ca0716f5SRobert Watson ADD_U_INT32(dptr, euid); 647ca0716f5SRobert Watson ADD_U_INT32(dptr, egid); 648ca0716f5SRobert Watson ADD_U_INT32(dptr, ruid); 649ca0716f5SRobert Watson ADD_U_INT32(dptr, rgid); 650ca0716f5SRobert Watson ADD_U_INT32(dptr, pid); 651ca0716f5SRobert Watson ADD_U_INT32(dptr, sid); 652ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->port); 653ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->machine); 654ca0716f5SRobert Watson 655ca0716f5SRobert Watson return (t); 656ca0716f5SRobert Watson } 657ca0716f5SRobert Watson 658ca0716f5SRobert Watson token_t * 659ca0716f5SRobert Watson au_to_process64(__unused au_id_t auid, __unused uid_t euid, 660ca0716f5SRobert Watson __unused gid_t egid, __unused uid_t ruid, __unused gid_t rgid, 661ca0716f5SRobert Watson __unused pid_t pid, __unused au_asid_t sid, __unused au_tid_t *tid) 662ca0716f5SRobert Watson { 663ca0716f5SRobert Watson 664ca0716f5SRobert Watson errno = ENOTSUP; 665ca0716f5SRobert Watson return (NULL); 666ca0716f5SRobert Watson } 667ca0716f5SRobert Watson 668ca0716f5SRobert Watson token_t * 669ca0716f5SRobert Watson au_to_process(__unused au_id_t auid, __unused uid_t euid, 670ca0716f5SRobert Watson __unused gid_t egid, __unused uid_t ruid, __unused gid_t rgid, 671ca0716f5SRobert Watson __unused pid_t pid, __unused au_asid_t sid, __unused au_tid_t *tid) 672ca0716f5SRobert Watson { 673ca0716f5SRobert Watson 674ca0716f5SRobert Watson return (au_to_process32(auid, euid, egid, ruid, rgid, pid, sid, 675ca0716f5SRobert Watson tid)); 676ca0716f5SRobert Watson } 677ca0716f5SRobert Watson 678ca0716f5SRobert Watson /* 679ca0716f5SRobert Watson * token ID 1 byte 680ca0716f5SRobert Watson * audit ID 4 bytes 681ca0716f5SRobert Watson * effective user ID 4 bytes 682ca0716f5SRobert Watson * effective group ID 4 bytes 683ca0716f5SRobert Watson * real user ID 4 bytes 684ca0716f5SRobert Watson * real group ID 4 bytes 685ca0716f5SRobert Watson * process ID 4 bytes 686ca0716f5SRobert Watson * session ID 4 bytes 687ca0716f5SRobert Watson * terminal ID 688ca0716f5SRobert Watson * port ID 4 bytes/8 bytes (32-bit/64-bit value) 689ca0716f5SRobert Watson * address type-len 4 bytes 690ca0716f5SRobert Watson * machine address 16 bytes 691ca0716f5SRobert Watson */ 692ca0716f5SRobert Watson token_t * 693ca0716f5SRobert Watson au_to_process32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 694ca0716f5SRobert Watson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 695ca0716f5SRobert Watson { 696ca0716f5SRobert Watson token_t *t; 697ca0716f5SRobert Watson u_char *dptr = NULL; 698ca0716f5SRobert Watson 699ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 * sizeof(u_int32_t)); 700ca0716f5SRobert Watson if (t == NULL) 701ca0716f5SRobert Watson return (NULL); 702ca0716f5SRobert Watson 703ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_PROCESS32_EX); 704ca0716f5SRobert Watson ADD_U_INT32(dptr, auid); 705ca0716f5SRobert Watson ADD_U_INT32(dptr, euid); 706ca0716f5SRobert Watson ADD_U_INT32(dptr, egid); 707ca0716f5SRobert Watson ADD_U_INT32(dptr, ruid); 708ca0716f5SRobert Watson ADD_U_INT32(dptr, rgid); 709ca0716f5SRobert Watson ADD_U_INT32(dptr, pid); 710ca0716f5SRobert Watson ADD_U_INT32(dptr, sid); 711ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_port); 712ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_type); 713ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[0]); 714ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[1]); 715ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[2]); 716ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[3]); 717ca0716f5SRobert Watson 718ca0716f5SRobert Watson return (t); 719ca0716f5SRobert Watson } 720ca0716f5SRobert Watson 721ca0716f5SRobert Watson token_t * 722ca0716f5SRobert Watson au_to_process64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 723ca0716f5SRobert Watson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 724ca0716f5SRobert Watson { 725ca0716f5SRobert Watson 726ca0716f5SRobert Watson errno = ENOTSUP; 727ca0716f5SRobert Watson return (NULL); 728ca0716f5SRobert Watson } 729ca0716f5SRobert Watson 730ca0716f5SRobert Watson token_t * 731ca0716f5SRobert Watson au_to_process_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 732ca0716f5SRobert Watson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 733ca0716f5SRobert Watson { 734ca0716f5SRobert Watson 735ca0716f5SRobert Watson return (au_to_process32_ex(auid, euid, egid, ruid, rgid, pid, sid, 736ca0716f5SRobert Watson tid)); 737ca0716f5SRobert Watson } 738ca0716f5SRobert Watson 739ca0716f5SRobert Watson /* 740ca0716f5SRobert Watson * token ID 1 byte 741ca0716f5SRobert Watson * error status 1 byte 742ca0716f5SRobert Watson * return value 4 bytes/8 bytes (32-bit/64-bit value) 743ca0716f5SRobert Watson */ 744ca0716f5SRobert Watson token_t * 745ca0716f5SRobert Watson au_to_return32(char status, u_int32_t ret) 746ca0716f5SRobert Watson { 747ca0716f5SRobert Watson token_t *t; 748ca0716f5SRobert Watson u_char *dptr = NULL; 749ca0716f5SRobert Watson 750ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int32_t)); 751ca0716f5SRobert Watson if (t == NULL) 752ca0716f5SRobert Watson return (NULL); 753ca0716f5SRobert Watson 754ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_RETURN32); 755ca0716f5SRobert Watson ADD_U_CHAR(dptr, status); 756ca0716f5SRobert Watson ADD_U_INT32(dptr, ret); 757ca0716f5SRobert Watson 758ca0716f5SRobert Watson return (t); 759ca0716f5SRobert Watson } 760ca0716f5SRobert Watson 761ca0716f5SRobert Watson token_t * 762ca0716f5SRobert Watson au_to_return64(char status, u_int64_t ret) 763ca0716f5SRobert Watson { 764ca0716f5SRobert Watson token_t *t; 765ca0716f5SRobert Watson u_char *dptr = NULL; 766ca0716f5SRobert Watson 767ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 2 * sizeof(u_char) + sizeof(u_int64_t)); 768ca0716f5SRobert Watson if (t == NULL) 769ca0716f5SRobert Watson return (NULL); 770ca0716f5SRobert Watson 771ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_RETURN64); 772ca0716f5SRobert Watson ADD_U_CHAR(dptr, status); 773ca0716f5SRobert Watson ADD_U_INT64(dptr, ret); 774ca0716f5SRobert Watson 775ca0716f5SRobert Watson return (t); 776ca0716f5SRobert Watson } 777ca0716f5SRobert Watson 778ca0716f5SRobert Watson token_t * 779ca0716f5SRobert Watson au_to_return(char status, u_int32_t ret) 780ca0716f5SRobert Watson { 781ca0716f5SRobert Watson 782ca0716f5SRobert Watson return (au_to_return32(status, ret)); 783ca0716f5SRobert Watson } 784ca0716f5SRobert Watson 785ca0716f5SRobert Watson /* 786ca0716f5SRobert Watson * token ID 1 byte 787ca0716f5SRobert Watson * sequence number 4 bytes 788ca0716f5SRobert Watson */ 789ca0716f5SRobert Watson token_t * 790ca0716f5SRobert Watson au_to_seq(long audit_count) 791ca0716f5SRobert Watson { 792ca0716f5SRobert Watson token_t *t; 793ca0716f5SRobert Watson u_char *dptr = NULL; 794ca0716f5SRobert Watson 795ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t)); 796ca0716f5SRobert Watson if (t == NULL) 797ca0716f5SRobert Watson return (NULL); 798ca0716f5SRobert Watson 799ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_SEQ); 800ca0716f5SRobert Watson ADD_U_INT32(dptr, audit_count); 801ca0716f5SRobert Watson 802ca0716f5SRobert Watson return (t); 803ca0716f5SRobert Watson } 804ca0716f5SRobert Watson 805ca0716f5SRobert Watson /* 806ca0716f5SRobert Watson * token ID 1 byte 807ca0716f5SRobert Watson * socket family 2 bytes 808ca0716f5SRobert Watson * path 104 bytes 809ca0716f5SRobert Watson */ 810ca0716f5SRobert Watson token_t * 811ca0716f5SRobert Watson au_to_sock_unix(struct sockaddr_un *so) 812ca0716f5SRobert Watson { 813ca0716f5SRobert Watson token_t *t; 814ca0716f5SRobert Watson u_char *dptr; 815ca0716f5SRobert Watson 816ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 3 * sizeof(u_char) + strlen(so->sun_path) + 1); 817ca0716f5SRobert Watson if (t == NULL) 818ca0716f5SRobert Watson return (NULL); 819ca0716f5SRobert Watson 820ca0716f5SRobert Watson ADD_U_CHAR(dptr, AU_SOCK_UNIX_TOKEN); 821ca0716f5SRobert Watson /* BSM token has two bytes for family */ 822ca0716f5SRobert Watson ADD_U_CHAR(dptr, 0); 823ca0716f5SRobert Watson ADD_U_CHAR(dptr, so->sun_family); 824ca0716f5SRobert Watson ADD_STRING(dptr, so->sun_path, strlen(so->sun_path) + 1); 825ca0716f5SRobert Watson 826ca0716f5SRobert Watson return (t); 827ca0716f5SRobert Watson } 828ca0716f5SRobert Watson 829ca0716f5SRobert Watson /* 830ca0716f5SRobert Watson * token ID 1 byte 831ca0716f5SRobert Watson * socket family 2 bytes 832ca0716f5SRobert Watson * local port 2 bytes 833ca0716f5SRobert Watson * socket address 4 bytes 834ca0716f5SRobert Watson */ 835ca0716f5SRobert Watson token_t * 836ca0716f5SRobert Watson au_to_sock_inet32(struct sockaddr_in *so) 837ca0716f5SRobert Watson { 838ca0716f5SRobert Watson token_t *t; 839ca0716f5SRobert Watson u_char *dptr = NULL; 840ca0716f5SRobert Watson 841ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 3 * sizeof(u_char) + sizeof(u_int16_t) + 842ca0716f5SRobert Watson sizeof(u_int32_t)); 843ca0716f5SRobert Watson if (t == NULL) 844ca0716f5SRobert Watson return (NULL); 845ca0716f5SRobert Watson 846ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_SOCKINET32); 847ca0716f5SRobert Watson /* 848ca0716f5SRobert Watson * In Darwin, sin_family is one octet, but BSM defines the token 849ca0716f5SRobert Watson * to store two. So we copy in a 0 first. 850ca0716f5SRobert Watson */ 851ca0716f5SRobert Watson ADD_U_CHAR(dptr, 0); 852ca0716f5SRobert Watson ADD_U_CHAR(dptr, so->sin_family); 853ca0716f5SRobert Watson ADD_U_INT16(dptr, so->sin_port); 854ca0716f5SRobert Watson ADD_U_INT32(dptr, so->sin_addr.s_addr); 855ca0716f5SRobert Watson 856ca0716f5SRobert Watson return (t); 857ca0716f5SRobert Watson 858ca0716f5SRobert Watson } 859ca0716f5SRobert Watson 860ca0716f5SRobert Watson token_t * 861ca0716f5SRobert Watson au_to_sock_inet128(struct sockaddr_in6 *so) 862ca0716f5SRobert Watson { 863ca0716f5SRobert Watson token_t *t; 864ca0716f5SRobert Watson u_char *dptr = NULL; 865ca0716f5SRobert Watson 866ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, 3 * sizeof(u_char) + sizeof(u_int16_t) + 867ca0716f5SRobert Watson 4 * sizeof(u_int32_t)); 868ca0716f5SRobert Watson if (t == NULL) 869ca0716f5SRobert Watson return (NULL); 870ca0716f5SRobert Watson 871ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_SOCKINET128); 872ca0716f5SRobert Watson /* 873ca0716f5SRobert Watson * In Darwin, sin6_family is one octet, but BSM defines the token 874ca0716f5SRobert Watson * to store two. So we copy in a 0 first. 875ca0716f5SRobert Watson */ 876ca0716f5SRobert Watson ADD_U_CHAR(dptr, 0); 877ca0716f5SRobert Watson ADD_U_CHAR(dptr, so->sin6_family); 878ca0716f5SRobert Watson 879ca0716f5SRobert Watson ADD_U_INT16(dptr, so->sin6_port); 8803b97a967SRobert Watson ADD_MEM(dptr, &so->sin6_addr, sizeof(so->sin6_addr)); 881ca0716f5SRobert Watson 882ca0716f5SRobert Watson return (t); 883ca0716f5SRobert Watson 884ca0716f5SRobert Watson } 885ca0716f5SRobert Watson 886ca0716f5SRobert Watson token_t * 887ca0716f5SRobert Watson au_to_sock_inet(struct sockaddr_in *so) 888ca0716f5SRobert Watson { 889ca0716f5SRobert Watson 890ca0716f5SRobert Watson return (au_to_sock_inet32(so)); 891ca0716f5SRobert Watson } 892ca0716f5SRobert Watson 893ca0716f5SRobert Watson /* 894ca0716f5SRobert Watson * token ID 1 byte 895ca0716f5SRobert Watson * audit ID 4 bytes 896ca0716f5SRobert Watson * effective user ID 4 bytes 897ca0716f5SRobert Watson * effective group ID 4 bytes 898ca0716f5SRobert Watson * real user ID 4 bytes 899ca0716f5SRobert Watson * real group ID 4 bytes 900ca0716f5SRobert Watson * process ID 4 bytes 901ca0716f5SRobert Watson * session ID 4 bytes 902ca0716f5SRobert Watson * terminal ID 903ca0716f5SRobert Watson * port ID 4 bytes/8 bytes (32-bit/64-bit value) 904ca0716f5SRobert Watson * machine address 4 bytes 905ca0716f5SRobert Watson */ 906ca0716f5SRobert Watson token_t * 907ca0716f5SRobert Watson au_to_subject32(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 908ca0716f5SRobert Watson pid_t pid, au_asid_t sid, au_tid_t *tid) 909ca0716f5SRobert Watson { 910ca0716f5SRobert Watson token_t *t; 911ca0716f5SRobert Watson u_char *dptr = NULL; 912ca0716f5SRobert Watson 913ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 9 * sizeof(u_int32_t)); 914ca0716f5SRobert Watson if (t == NULL) 915ca0716f5SRobert Watson return (NULL); 916ca0716f5SRobert Watson 917ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_SUBJECT32); 918ca0716f5SRobert Watson ADD_U_INT32(dptr, auid); 919ca0716f5SRobert Watson ADD_U_INT32(dptr, euid); 920ca0716f5SRobert Watson ADD_U_INT32(dptr, egid); 921ca0716f5SRobert Watson ADD_U_INT32(dptr, ruid); 922ca0716f5SRobert Watson ADD_U_INT32(dptr, rgid); 923ca0716f5SRobert Watson ADD_U_INT32(dptr, pid); 924ca0716f5SRobert Watson ADD_U_INT32(dptr, sid); 925ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->port); 926ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->machine); 927ca0716f5SRobert Watson 928ca0716f5SRobert Watson return (t); 929ca0716f5SRobert Watson } 930ca0716f5SRobert Watson 931ca0716f5SRobert Watson token_t * 932ca0716f5SRobert Watson au_to_subject64(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 933ca0716f5SRobert Watson pid_t pid, au_asid_t sid, au_tid_t *tid) 934ca0716f5SRobert Watson { 935ca0716f5SRobert Watson 936ca0716f5SRobert Watson errno = ENOTSUP; 937ca0716f5SRobert Watson return (NULL); 938ca0716f5SRobert Watson } 939ca0716f5SRobert Watson 940ca0716f5SRobert Watson token_t * 941ca0716f5SRobert Watson au_to_subject(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, gid_t rgid, 942ca0716f5SRobert Watson pid_t pid, au_asid_t sid, au_tid_t *tid) 943ca0716f5SRobert Watson { 944ca0716f5SRobert Watson 945ca0716f5SRobert Watson return (au_to_subject32(auid, euid, egid, ruid, rgid, pid, sid, 946ca0716f5SRobert Watson tid)); 947ca0716f5SRobert Watson } 948ca0716f5SRobert Watson 949ca0716f5SRobert Watson /* 950ca0716f5SRobert Watson * token ID 1 byte 951ca0716f5SRobert Watson * audit ID 4 bytes 952ca0716f5SRobert Watson * effective user ID 4 bytes 953ca0716f5SRobert Watson * effective group ID 4 bytes 954ca0716f5SRobert Watson * real user ID 4 bytes 955ca0716f5SRobert Watson * real group ID 4 bytes 956ca0716f5SRobert Watson * process ID 4 bytes 957ca0716f5SRobert Watson * session ID 4 bytes 958ca0716f5SRobert Watson * terminal ID 959ca0716f5SRobert Watson * port ID 4 bytes/8 bytes (32-bit/64-bit value) 960ca0716f5SRobert Watson * address type/length 4 bytes 961ca0716f5SRobert Watson * machine address 16 bytes 962ca0716f5SRobert Watson */ 963ca0716f5SRobert Watson token_t * 964ca0716f5SRobert Watson au_to_subject32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 965ca0716f5SRobert Watson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 966ca0716f5SRobert Watson { 967ca0716f5SRobert Watson token_t *t; 968ca0716f5SRobert Watson u_char *dptr = NULL; 969ca0716f5SRobert Watson 970ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 * sizeof(u_int32_t)); 971ca0716f5SRobert Watson if (t == NULL) 972ca0716f5SRobert Watson return (NULL); 973ca0716f5SRobert Watson 974ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_SUBJECT32_EX); 975ca0716f5SRobert Watson ADD_U_INT32(dptr, auid); 976ca0716f5SRobert Watson ADD_U_INT32(dptr, euid); 977ca0716f5SRobert Watson ADD_U_INT32(dptr, egid); 978ca0716f5SRobert Watson ADD_U_INT32(dptr, ruid); 979ca0716f5SRobert Watson ADD_U_INT32(dptr, rgid); 980ca0716f5SRobert Watson ADD_U_INT32(dptr, pid); 981ca0716f5SRobert Watson ADD_U_INT32(dptr, sid); 982ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_port); 983ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_type); 984ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[0]); 985ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[1]); 986ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[2]); 987ca0716f5SRobert Watson ADD_U_INT32(dptr, tid->at_addr[3]); 988ca0716f5SRobert Watson 989ca0716f5SRobert Watson return (t); 990ca0716f5SRobert Watson } 991ca0716f5SRobert Watson 992ca0716f5SRobert Watson token_t * 993ca0716f5SRobert Watson au_to_subject64_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 994ca0716f5SRobert Watson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 995ca0716f5SRobert Watson { 996ca0716f5SRobert Watson 997ca0716f5SRobert Watson errno = ENOTSUP; 998ca0716f5SRobert Watson return (NULL); 999ca0716f5SRobert Watson } 1000ca0716f5SRobert Watson 1001ca0716f5SRobert Watson token_t * 1002ca0716f5SRobert Watson au_to_subject_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid, 1003ca0716f5SRobert Watson gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid) 1004ca0716f5SRobert Watson { 1005ca0716f5SRobert Watson 1006ca0716f5SRobert Watson return (au_to_subject32_ex(auid, euid, egid, ruid, rgid, pid, sid, 1007ca0716f5SRobert Watson tid)); 1008ca0716f5SRobert Watson } 1009ca0716f5SRobert Watson 10103b97a967SRobert Watson #if !defined(_KERNEL) && !defined(KERNEL) && defined(HAVE_AUDIT_SYSCALLS) 1011ca0716f5SRobert Watson /* 1012ca0716f5SRobert Watson * Collects audit information for the current process 1013ca0716f5SRobert Watson * and creates a subject token from it 1014ca0716f5SRobert Watson */ 1015ca0716f5SRobert Watson token_t * 1016ca0716f5SRobert Watson au_to_me(void) 1017ca0716f5SRobert Watson { 1018ca0716f5SRobert Watson auditinfo_t auinfo; 1019ca0716f5SRobert Watson 1020ca0716f5SRobert Watson if (getaudit(&auinfo) != 0) 1021ca0716f5SRobert Watson return (NULL); 1022ca0716f5SRobert Watson 1023ca0716f5SRobert Watson return (au_to_subject32(auinfo.ai_auid, geteuid(), getegid(), 1024ca0716f5SRobert Watson getuid(), getgid(), getpid(), auinfo.ai_asid, &auinfo.ai_termid)); 1025ca0716f5SRobert Watson } 1026ca0716f5SRobert Watson #endif 1027ca0716f5SRobert Watson 1028ca0716f5SRobert Watson /* 1029ca0716f5SRobert Watson * token ID 1 byte 1030ca0716f5SRobert Watson * count 4 bytes 1031ca0716f5SRobert Watson * text count null-terminated strings 1032ca0716f5SRobert Watson */ 1033ca0716f5SRobert Watson token_t * 1034ca0716f5SRobert Watson au_to_exec_args(const char **args) 1035ca0716f5SRobert Watson { 1036ca0716f5SRobert Watson token_t *t; 1037ca0716f5SRobert Watson u_char *dptr = NULL; 1038ca0716f5SRobert Watson const char *nextarg; 1039ca0716f5SRobert Watson int i, count = 0; 1040ca0716f5SRobert Watson size_t totlen = 0; 1041ca0716f5SRobert Watson 1042ca0716f5SRobert Watson nextarg = *args; 1043ca0716f5SRobert Watson 1044ca0716f5SRobert Watson while (nextarg != NULL) { 1045ca0716f5SRobert Watson int nextlen; 1046ca0716f5SRobert Watson 1047ca0716f5SRobert Watson nextlen = strlen(nextarg); 1048ca0716f5SRobert Watson totlen += nextlen + 1; 1049ca0716f5SRobert Watson count++; 1050ca0716f5SRobert Watson nextarg = *(args + count); 1051ca0716f5SRobert Watson } 1052ca0716f5SRobert Watson 1053ca0716f5SRobert Watson totlen += count * sizeof(char); /* nul terminations. */ 1054ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) + totlen); 1055ca0716f5SRobert Watson if (t == NULL) 1056ca0716f5SRobert Watson return (NULL); 1057ca0716f5SRobert Watson 1058ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_EXEC_ARGS); 1059ca0716f5SRobert Watson ADD_U_INT32(dptr, count); 1060ca0716f5SRobert Watson 1061ca0716f5SRobert Watson for (i = 0; i < count; i++) { 1062ca0716f5SRobert Watson nextarg = *(args + i); 1063ca0716f5SRobert Watson ADD_MEM(dptr, nextarg, strlen(nextarg) + 1); 1064ca0716f5SRobert Watson } 1065ca0716f5SRobert Watson 1066ca0716f5SRobert Watson return (t); 1067ca0716f5SRobert Watson } 1068ca0716f5SRobert Watson 1069ca0716f5SRobert Watson /* 1070ca0716f5SRobert Watson * token ID 1 byte 1071ca0716f5SRobert Watson * count 4 bytes 1072ca0716f5SRobert Watson * text count null-terminated strings 1073ca0716f5SRobert Watson */ 1074ca0716f5SRobert Watson token_t * 1075ca0716f5SRobert Watson au_to_exec_env(const char **env) 1076ca0716f5SRobert Watson { 1077ca0716f5SRobert Watson token_t *t; 1078ca0716f5SRobert Watson u_char *dptr = NULL; 1079ca0716f5SRobert Watson int i, count = 0; 1080ca0716f5SRobert Watson size_t totlen = 0; 1081ca0716f5SRobert Watson const char *nextenv; 1082ca0716f5SRobert Watson 1083ca0716f5SRobert Watson nextenv = *env; 1084ca0716f5SRobert Watson 1085ca0716f5SRobert Watson while (nextenv != NULL) { 1086ca0716f5SRobert Watson int nextlen; 1087ca0716f5SRobert Watson 1088ca0716f5SRobert Watson nextlen = strlen(nextenv); 1089ca0716f5SRobert Watson totlen += nextlen + 1; 1090ca0716f5SRobert Watson count++; 1091ca0716f5SRobert Watson nextenv = *(env + count); 1092ca0716f5SRobert Watson } 1093ca0716f5SRobert Watson 1094ca0716f5SRobert Watson totlen += sizeof(char) * count; 1095ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) + totlen); 1096ca0716f5SRobert Watson if (t == NULL) 1097ca0716f5SRobert Watson return (NULL); 1098ca0716f5SRobert Watson 1099ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_EXEC_ENV); 1100ca0716f5SRobert Watson ADD_U_INT32(dptr, count); 1101ca0716f5SRobert Watson 1102ca0716f5SRobert Watson for (i = 0; i < count; i++) { 1103ca0716f5SRobert Watson nextenv = *(env + i); 1104ca0716f5SRobert Watson ADD_MEM(dptr, nextenv, strlen(nextenv) + 1); 1105ca0716f5SRobert Watson } 1106ca0716f5SRobert Watson 1107ca0716f5SRobert Watson return (t); 1108ca0716f5SRobert Watson } 1109ca0716f5SRobert Watson 1110ca0716f5SRobert Watson /* 1111ca0716f5SRobert Watson * token ID 1 byte 1112ca0716f5SRobert Watson * record byte count 4 bytes 1113ca0716f5SRobert Watson * version # 1 byte [2] 1114ca0716f5SRobert Watson * event type 2 bytes 1115ca0716f5SRobert Watson * event modifier 2 bytes 1116ca0716f5SRobert Watson * seconds of time 4 bytes/8 bytes (32-bit/64-bit value) 1117ca0716f5SRobert Watson * milliseconds of time 4 bytes/8 bytes (32-bit/64-bit value) 1118ca0716f5SRobert Watson */ 1119ca0716f5SRobert Watson token_t * 1120ca0716f5SRobert Watson #if defined(KERNEL) || defined(_KERNEL) 1121ca0716f5SRobert Watson au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod, 1122ca0716f5SRobert Watson struct timeval tm) 1123ca0716f5SRobert Watson #else 1124ca0716f5SRobert Watson au_to_header32(int rec_size, au_event_t e_type, au_emod_t e_mod) 1125ca0716f5SRobert Watson #endif 1126ca0716f5SRobert Watson { 1127ca0716f5SRobert Watson token_t *t; 1128ca0716f5SRobert Watson u_char *dptr = NULL; 1129ca0716f5SRobert Watson u_int32_t timems; 1130ca0716f5SRobert Watson #if !defined(KERNEL) && !defined(_KERNEL) 1131ca0716f5SRobert Watson struct timeval tm; 1132ca0716f5SRobert Watson struct timezone tzp; 1133ca0716f5SRobert Watson 1134ca0716f5SRobert Watson if (gettimeofday(&tm, &tzp) == -1) 1135ca0716f5SRobert Watson return (NULL); 1136ca0716f5SRobert Watson #endif 1137ca0716f5SRobert Watson 1138ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int32_t) + 1139ca0716f5SRobert Watson sizeof(u_char) + 2 * sizeof(u_int16_t) + 2 * sizeof(u_int32_t)); 1140ca0716f5SRobert Watson if (t == NULL) 1141ca0716f5SRobert Watson return (NULL); 1142ca0716f5SRobert Watson 1143ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_HEADER32); 1144ca0716f5SRobert Watson ADD_U_INT32(dptr, rec_size); 1145ca0716f5SRobert Watson ADD_U_CHAR(dptr, HEADER_VERSION); 1146ca0716f5SRobert Watson ADD_U_INT16(dptr, e_type); 1147ca0716f5SRobert Watson ADD_U_INT16(dptr, e_mod); 1148ca0716f5SRobert Watson 1149ca0716f5SRobert Watson timems = tm.tv_usec/1000; 1150ca0716f5SRobert Watson /* Add the timestamp */ 1151ca0716f5SRobert Watson ADD_U_INT32(dptr, tm.tv_sec); 1152ca0716f5SRobert Watson ADD_U_INT32(dptr, timems); /* We need time in ms. */ 1153ca0716f5SRobert Watson 1154ca0716f5SRobert Watson return (t); 1155ca0716f5SRobert Watson } 1156ca0716f5SRobert Watson 1157ca0716f5SRobert Watson token_t * 1158ca0716f5SRobert Watson au_to_header64(__unused int rec_size, __unused au_event_t e_type, 1159ca0716f5SRobert Watson __unused au_emod_t e_mod) 1160ca0716f5SRobert Watson { 1161ca0716f5SRobert Watson 1162ca0716f5SRobert Watson errno = ENOTSUP; 1163ca0716f5SRobert Watson return (NULL); 1164ca0716f5SRobert Watson } 1165ca0716f5SRobert Watson 1166ca0716f5SRobert Watson token_t * 1167ca0716f5SRobert Watson au_to_header(int rec_size, au_event_t e_type, au_emod_t e_mod) 1168ca0716f5SRobert Watson { 1169ca0716f5SRobert Watson 1170ca0716f5SRobert Watson return (au_to_header32(rec_size, e_type, e_mod)); 1171ca0716f5SRobert Watson } 1172ca0716f5SRobert Watson 1173ca0716f5SRobert Watson /* 1174ca0716f5SRobert Watson * token ID 1 byte 1175ca0716f5SRobert Watson * trailer magic number 2 bytes 1176ca0716f5SRobert Watson * record byte count 4 bytes 1177ca0716f5SRobert Watson */ 1178ca0716f5SRobert Watson token_t * 1179ca0716f5SRobert Watson au_to_trailer(int rec_size) 1180ca0716f5SRobert Watson { 1181ca0716f5SRobert Watson token_t *t; 1182ca0716f5SRobert Watson u_char *dptr = NULL; 1183ca0716f5SRobert Watson u_int16_t magic = TRAILER_PAD_MAGIC; 1184ca0716f5SRobert Watson 1185ca0716f5SRobert Watson GET_TOKEN_AREA(t, dptr, sizeof(u_char) + sizeof(u_int16_t) + 1186ca0716f5SRobert Watson sizeof(u_int32_t)); 1187ca0716f5SRobert Watson if (t == NULL) 1188ca0716f5SRobert Watson return (NULL); 1189ca0716f5SRobert Watson 1190ca0716f5SRobert Watson ADD_U_CHAR(dptr, AUT_TRAILER); 1191ca0716f5SRobert Watson ADD_U_INT16(dptr, magic); 1192ca0716f5SRobert Watson ADD_U_INT32(dptr, rec_size); 1193ca0716f5SRobert Watson 1194ca0716f5SRobert Watson return (t); 1195ca0716f5SRobert Watson } 1196