1 /*- 2 * Copyright (c) 2006-2007 Robert N. M. Watson 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $P4: //depot/projects/trustedbsd/openbsm/test/bsm/generate.c#9 $ 27 */ 28 29 /* 30 * Generate a series of BSM token samples in the requested directory. 31 */ 32 33 #include <sys/types.h> 34 #include <sys/socket.h> 35 #include <sys/stat.h> 36 37 #include <netinet/in.h> 38 #include <netinet/in_systm.h> 39 #include <netinet/ip.h> 40 41 #include <arpa/inet.h> 42 43 #include <bsm/audit_kevents.h> 44 #include <bsm/libbsm.h> 45 46 #include <err.h> 47 #include <errno.h> 48 #include <fcntl.h> 49 #include <limits.h> 50 #include <stdio.h> 51 #include <stdlib.h> 52 #include <string.h> 53 #include <sysexits.h> 54 #include <unistd.h> 55 56 static int do_records, do_tokens; 57 58 static void 59 usage(void) 60 { 61 62 fprintf(stderr, "generate [-rt] path\n"); 63 exit(EX_USAGE); 64 } 65 66 static int 67 open_file(const char *directory, const char *name) 68 { 69 char pathname[PATH_MAX]; 70 int fd; 71 72 snprintf(pathname, PATH_MAX, "%s/%s", directory, name); 73 (void)unlink(pathname); 74 fd = open(pathname, O_WRONLY | O_CREAT | O_EXCL, 0600); 75 if (fd < 0) 76 err(EX_CANTCREAT, "open: %s", name); 77 return (fd); 78 } 79 80 static void 81 write_file(int fd, void *buffer, size_t buflen, const char *filename) 82 { 83 ssize_t len; 84 85 len = write(fd, buffer, buflen); 86 if (len < 0) 87 err(EX_OSERR, "write_file: %s", filename); 88 if (len < buflen) 89 err(EX_OSERR, "write_file: short write: %s", filename); 90 } 91 92 /* 93 * Write a single token to a file. 94 */ 95 static void 96 write_token(const char *directory, const char *filename, token_t *tok) 97 { 98 u_char buffer[MAX_AUDIT_RECORD_SIZE]; 99 size_t buflen; 100 int fd; 101 102 buflen = MAX_AUDIT_RECORD_SIZE; 103 if (au_close_token(tok, buffer, &buflen) < 0) 104 err(EX_UNAVAILABLE, "au_close_token"); 105 fd = open_file(directory, filename); 106 write_file(fd, buffer, buflen, filename); 107 close(fd); 108 } 109 110 /* 111 * Write a token to a file, wrapped in audit record header and trailer. 112 */ 113 static void 114 write_record(const char *directory, const char *filename, token_t *tok, 115 short event) 116 { 117 u_char buffer[MAX_AUDIT_RECORD_SIZE]; 118 size_t buflen; 119 int au, fd; 120 121 au = au_open(); 122 if (au < 0) 123 err(EX_UNAVAILABLE, "au_open"); 124 if (au_write(au, tok) < 0) 125 err(EX_UNAVAILABLE, "au_write"); 126 buflen = MAX_AUDIT_RECORD_SIZE; 127 if (au_close_buffer(au, event, buffer, &buflen) < 0) 128 err(EX_UNAVAILABLE, "au_close_buffer"); 129 fd = open_file(directory, filename); 130 write_file(fd, buffer, buflen, filename); 131 close(fd); 132 } 133 134 static struct timeval file_token_timeval = { 0x12345, 0x67890} ; 135 136 static void 137 generate_file_token(const char *directory, const char *token_filename) 138 { 139 token_t *file_token; 140 141 file_token = au_to_file("test", file_token_timeval); 142 if (file_token == NULL) 143 err(EX_UNAVAILABLE, "au_to_file"); 144 write_token(directory, token_filename, file_token); 145 } 146 147 static void 148 generate_file_record(const char *directory, const char *record_filename) 149 { 150 token_t *file_token; 151 152 file_token = au_to_file("test", file_token_timeval); 153 if (file_token == NULL) 154 err(EX_UNAVAILABLE, "au_to_file"); 155 write_record(directory, record_filename, file_token, AUE_NULL); 156 } 157 158 /* 159 * AUT_OHEADER 160 */ 161 162 static int trailer_token_len = 0x12345678; 163 164 static void 165 generate_trailer_token(const char *directory, const char *token_filename) 166 { 167 token_t *trailer_token; 168 169 trailer_token = au_to_trailer(trailer_token_len); 170 if (trailer_token == NULL) 171 err(EX_UNAVAILABLE, "au_to_trailer"); 172 write_token(directory, token_filename, trailer_token); 173 } 174 175 static int header32_token_len = 0x12345678; 176 static au_event_t header32_e_type = AUE_OPEN; 177 static au_emod_t header32_e_mod = 0x4567; 178 static struct timeval header32_tm = { 0x12345, 0x67890 }; 179 180 static void 181 generate_header32_token(const char *directory, const char *token_filename) 182 { 183 token_t *header32_token; 184 185 header32_token = au_to_header32_tm(header32_token_len, 186 header32_e_type, header32_e_mod, header32_tm); 187 if (header32_token == NULL) 188 err(EX_UNAVAILABLE, "au_to_header32"); 189 write_token(directory, token_filename, header32_token); 190 } 191 192 /* 193 * AUT_HEADER32_EX 194 */ 195 196 static char data_token_unit_print = AUP_STRING; 197 static char data_token_unit_type = AUR_CHAR; 198 static char *data_token_data = "SomeData"; 199 static char data_token_unit_count = sizeof("SomeData") + 1; 200 201 static void 202 generate_data_token(const char *directory, const char *token_filename) 203 { 204 token_t *data_token; 205 206 data_token = au_to_data(data_token_unit_print, data_token_unit_type, 207 data_token_unit_count, data_token_data); 208 if (data_token == NULL) 209 err(EX_UNAVAILABLE, "au_to_data"); 210 write_token(directory, token_filename, data_token); 211 } 212 213 static void 214 generate_data_record(const char *directory, const char *record_filename) 215 { 216 token_t *data_token; 217 218 data_token = au_to_data(data_token_unit_print, data_token_unit_type, 219 data_token_unit_count, data_token_data); 220 if (data_token == NULL) 221 err(EX_UNAVAILABLE, "au_to_data"); 222 write_record(directory, record_filename, data_token, AUE_NULL); 223 } 224 225 static char ipc_type = AT_IPC_MSG; 226 static int ipc_id = 0x12345678; 227 228 static void 229 generate_ipc_token(const char *directory, const char *token_filename) 230 { 231 token_t *ipc_token; 232 233 ipc_token = au_to_ipc(ipc_type, ipc_id); 234 if (ipc_token == NULL) 235 err(EX_UNAVAILABLE, "au_to_ipc"); 236 write_token(directory, token_filename, ipc_token); 237 } 238 239 static void 240 generate_ipc_record(const char *directory, const char *record_filename) 241 { 242 token_t *ipc_token; 243 244 ipc_token = au_to_ipc(ipc_type, ipc_id); 245 if (ipc_token == NULL) 246 err(EX_UNAVAILABLE, "au_to_ipc"); 247 write_record(directory, record_filename, ipc_token, AUE_NULL); 248 } 249 250 static char *path_token_path = "/test/this/is/a/test"; 251 252 static void 253 generate_path_token(const char *directory, const char *token_filename) 254 { 255 token_t *path_token; 256 257 path_token = au_to_path(path_token_path); 258 if (path_token == NULL) 259 err(EX_UNAVAILABLE, "au_to_path"); 260 write_token(directory, token_filename, path_token); 261 } 262 263 static void 264 generate_path_record(const char *directory, const char *record_filename) 265 { 266 token_t *path_token; 267 268 path_token = au_to_path(path_token_path); 269 if (path_token == NULL) 270 err(EX_UNAVAILABLE, "au_to_path"); 271 write_record(directory, record_filename, path_token, AUE_NULL); 272 } 273 274 static au_id_t subject32_auid = 0x12345678; 275 static uid_t subject32_euid = 0x01234567; 276 static gid_t subject32_egid = 0x23456789; 277 static uid_t subject32_ruid = 0x98765432; 278 static gid_t subject32_rgid = 0x09876543; 279 static pid_t subject32_pid = 0x13243546; 280 static au_asid_t subject32_sid = 0x97867564; 281 static au_tid_t subject32_tid = { 0x16593746 }; 282 static au_tid_addr_t subject32_tid_addr = { 0x16593746 }; 283 284 static void 285 generate_subject32_token(const char *directory, const char *token_filename) 286 { 287 token_t *subject32_token; 288 289 subject32_tid.machine = inet_addr("127.0.0.1"); 290 291 subject32_token = au_to_subject32(subject32_auid, subject32_euid, 292 subject32_egid, subject32_ruid, subject32_rgid, subject32_pid, 293 subject32_sid, &subject32_tid); 294 if (subject32_token == NULL) 295 err(EX_UNAVAILABLE, "au_to_subject32"); 296 write_token(directory, token_filename, subject32_token); 297 } 298 299 static void 300 generate_subject32_record(const char *directory, const char *record_filename) 301 { 302 token_t *subject32_token; 303 304 subject32_tid.machine = inet_addr("127.0.0.1"); 305 306 subject32_token = au_to_subject32(subject32_auid, subject32_euid, 307 subject32_egid, subject32_ruid, subject32_rgid, subject32_pid, 308 subject32_sid, &subject32_tid); 309 if (subject32_token == NULL) 310 err(EX_UNAVAILABLE, "au_to_subject32"); 311 write_record(directory, record_filename, subject32_token, AUE_NULL); 312 } 313 314 static void 315 generate_subject32ex_token(const char *directory, const char *token_filename, 316 u_int32_t type) 317 { 318 token_t *subject32ex_token; 319 char *buf; 320 321 buf = (char *)malloc(strlen(token_filename) + 6); 322 if (type == AU_IPv6) { 323 inet_pton(AF_INET6, "fe80::1", subject32_tid_addr.at_addr); 324 subject32_tid_addr.at_type = AU_IPv6; 325 sprintf(buf, "%s%s", token_filename, "-IPv6"); 326 } else { 327 subject32_tid_addr.at_addr[0] = inet_addr("127.0.0.1"); 328 subject32_tid_addr.at_type = AU_IPv4; 329 sprintf(buf, "%s%s", token_filename, "-IPv4"); 330 } 331 332 subject32ex_token = au_to_subject32_ex(subject32_auid, subject32_euid, 333 subject32_egid, subject32_ruid, subject32_rgid, subject32_pid, 334 subject32_sid, &subject32_tid_addr); 335 if (subject32ex_token == NULL) 336 err(EX_UNAVAILABLE, "au_to_subject32_ex"); 337 write_token(directory, buf, subject32ex_token); 338 free(buf); 339 } 340 341 static void 342 generate_subject32ex_record(const char *directory, const char *record_filename, 343 u_int32_t type) 344 { 345 token_t *subject32ex_token; 346 char *buf; 347 348 buf = (char *)malloc(strlen(record_filename) + 6); 349 if (type == AU_IPv6) { 350 inet_pton(AF_INET6, "fe80::1", subject32_tid_addr.at_addr); 351 subject32_tid_addr.at_type = AU_IPv6; 352 sprintf(buf, "%s%s", record_filename, "-IPv6"); 353 } else { 354 subject32_tid_addr.at_addr[0] = inet_addr("127.0.0.1"); 355 subject32_tid_addr.at_type = AU_IPv4; 356 sprintf(buf, "%s%s", record_filename, "-IPv4"); 357 } 358 359 subject32ex_token = au_to_subject32_ex(subject32_auid, subject32_euid, 360 subject32_egid, subject32_ruid, subject32_rgid, subject32_pid, 361 subject32_sid, &subject32_tid_addr); 362 if (subject32ex_token == NULL) 363 err(EX_UNAVAILABLE, "au_to_subject32_ex"); 364 write_record(directory, record_filename, subject32ex_token, AUE_NULL); 365 free(buf); 366 } 367 368 static au_id_t process32_auid = 0x12345678; 369 static uid_t process32_euid = 0x01234567; 370 static gid_t process32_egid = 0x23456789; 371 static uid_t process32_ruid = 0x98765432; 372 static gid_t process32_rgid = 0x09876543; 373 static pid_t process32_pid = 0x13243546; 374 static au_asid_t process32_sid = 0x97867564; 375 static au_tid_t process32_tid = { 0x16593746 }; 376 static au_tid_addr_t process32_tid_addr = { 0x16593746 }; 377 378 static void 379 generate_process32_token(const char *directory, const char *token_filename) 380 { 381 token_t *process32_token; 382 383 process32_tid.machine = inet_addr("127.0.0.1"); 384 385 process32_token = au_to_process32(process32_auid, process32_euid, 386 process32_egid, process32_ruid, process32_rgid, process32_pid, 387 process32_sid, &process32_tid); 388 if (process32_token == NULL) 389 err(EX_UNAVAILABLE, "au_to_process32"); 390 write_token(directory, token_filename, process32_token); 391 } 392 393 static void 394 generate_process32_record(const char *directory, const char *record_filename) 395 { 396 token_t *process32_token; 397 398 process32_tid.machine = inet_addr("127.0.0.1"); 399 400 process32_token = au_to_process32(process32_auid, process32_euid, 401 process32_egid, process32_ruid, process32_rgid, process32_pid, 402 process32_sid, &process32_tid); 403 if (process32_token == NULL) 404 err(EX_UNAVAILABLE, "au_ti_process32"); 405 write_record(directory, record_filename, process32_token, AUE_NULL); 406 } 407 408 static void 409 generate_process32ex_token(const char *directory, const char *token_filename, 410 u_int32_t type) 411 { 412 token_t *process32ex_token; 413 char *buf; 414 415 buf = (char *)malloc(strlen(token_filename) + 6); 416 if (type == AU_IPv6) { 417 inet_pton(AF_INET6, "fe80::1", process32_tid_addr.at_addr); 418 process32_tid_addr.at_type = AU_IPv6; 419 sprintf(buf, "%s%s", token_filename, "-IPv6"); 420 } else { 421 process32_tid_addr.at_addr[0] = inet_addr("127.0.0.1"); 422 process32_tid_addr.at_type = AU_IPv4; 423 sprintf(buf, "%s%s", token_filename, "-IPv4"); 424 } 425 426 process32ex_token = au_to_process32_ex(process32_auid, process32_euid, 427 process32_egid, process32_ruid, process32_rgid, process32_pid, 428 process32_sid, &process32_tid_addr); 429 if (process32ex_token == NULL) 430 err(EX_UNAVAILABLE, "au_to_process32_ex"); 431 write_token(directory, buf, process32ex_token); 432 free(buf); 433 } 434 435 static void 436 generate_process32ex_record(const char *directory, const char *record_filename, 437 u_int32_t type) 438 { 439 token_t *process32ex_token; 440 char *buf; 441 442 buf = (char *)malloc(strlen(record_filename) + 6); 443 if (type == AU_IPv6) { 444 inet_pton(AF_INET6, "fe80::1", process32_tid_addr.at_addr); 445 process32_tid_addr.at_type = AU_IPv6; 446 sprintf(buf, "%s%s", record_filename, "-IPv6"); 447 } else { 448 process32_tid_addr.at_addr[0] = inet_addr("127.0.0.1"); 449 process32_tid_addr.at_type = AU_IPv4; 450 sprintf(buf, "%s%s", record_filename, "-IPv4"); 451 } 452 453 process32ex_token = au_to_process32_ex(process32_auid, process32_euid, 454 process32_egid, process32_ruid, process32_rgid, process32_pid, 455 process32_sid, &process32_tid_addr); 456 if (process32ex_token == NULL) 457 err(EX_UNAVAILABLE, "au_to_process32_ex"); 458 write_record(directory, buf, process32ex_token, AUE_NULL); 459 free(buf); 460 } 461 462 static au_id_t process64_auid = 0x12345678; 463 static uid_t process64_euid = 0x01234567; 464 static gid_t process64_egid = 0x23456789; 465 static uid_t process64_ruid = 0x98765432; 466 static gid_t process64_rgid = 0x09876543; 467 static pid_t process64_pid = 0x13243546; 468 static au_asid_t process64_sid = 0x97867564; 469 static au_tid_t process64_tid = { 0x16593746 }; 470 static au_tid_addr_t process64_tid_addr = { 0x16593746 }; 471 472 static void 473 generate_process64_token(const char *directory, const char *token_filename) 474 { 475 token_t *process64_token; 476 477 process64_tid.machine = inet_addr("127.0.0.1"); 478 479 process64_token = au_to_process64(process64_auid, process64_euid, 480 process64_egid, process64_ruid, process64_rgid, process64_pid, 481 process64_sid, &process64_tid); 482 if (process64_token == NULL) 483 err(EX_UNAVAILABLE, "au_to_process64"); 484 write_token(directory, token_filename, process64_token); 485 } 486 487 static void 488 generate_process64_record(const char *directory, const char *record_filename) 489 { 490 token_t *process64_token; 491 492 process64_tid.machine = inet_addr("127.0.0.1"); 493 494 process64_token = au_to_process64(process64_auid, process64_euid, 495 process64_egid, process64_ruid, process64_rgid, process64_pid, 496 process64_sid, &process64_tid); 497 if (process64_token == NULL) 498 err(EX_UNAVAILABLE, "au_ti_process64"); 499 write_record(directory, record_filename, process64_token, AUE_NULL); 500 } 501 502 static void 503 generate_process64ex_token(const char *directory, const char *token_filename, 504 u_int32_t type) 505 { 506 token_t *process64ex_token; 507 char *buf; 508 509 buf = (char *)malloc(strlen(token_filename) + 6); 510 if (type == AU_IPv6) { 511 inet_pton(AF_INET6, "fe80::1", process64_tid_addr.at_addr); 512 process64_tid_addr.at_type = AU_IPv6; 513 sprintf(buf, "%s%s", token_filename, "-IPv6"); 514 } else { 515 process64_tid_addr.at_addr[0] = inet_addr("127.0.0.1"); 516 process64_tid_addr.at_type = AU_IPv4; 517 sprintf(buf, "%s%s", token_filename, "-IPv4"); 518 } 519 520 process64ex_token = au_to_process64_ex(process64_auid, process64_euid, 521 process64_egid, process64_ruid, process64_rgid, process64_pid, 522 process64_sid, &process64_tid_addr); 523 if (process64ex_token == NULL) 524 err(EX_UNAVAILABLE, "au_to_process64_ex"); 525 write_token(directory, buf, process64ex_token); 526 free(buf); 527 } 528 529 static void 530 generate_process64ex_record(const char *directory, const char *record_filename, 531 u_int32_t type) 532 { 533 token_t *process64ex_token; 534 char *buf; 535 536 buf = (char *)malloc(strlen(record_filename) + 6); 537 if (type == AU_IPv6) { 538 inet_pton(AF_INET6, "fe80::1", process64_tid_addr.at_addr); 539 process64_tid_addr.at_type = AU_IPv6; 540 sprintf(buf, "%s%s", record_filename, "-IPv6"); 541 } else { 542 process64_tid_addr.at_addr[0] = inet_addr("127.0.0.1"); 543 process64_tid_addr.at_type = AU_IPv4; 544 sprintf(buf, "%s%s", record_filename, "-IPv4"); 545 } 546 547 process64ex_token = au_to_process64_ex(process64_auid, process64_euid, 548 process64_egid, process64_ruid, process64_rgid, process64_pid, 549 process64_sid, &process64_tid_addr); 550 if (process64ex_token == NULL) 551 err(EX_UNAVAILABLE, "au_to_process64_ex"); 552 write_record(directory, buf, process64ex_token, AUE_NULL); 553 free(buf); 554 } 555 556 static char return32_status = 0xd7; 557 static uint32_t return32_ret = 0x12345678; 558 559 static void 560 generate_return32_token(const char *directory, const char *token_filename) 561 { 562 token_t *return32_token; 563 564 return32_token = au_to_return32(return32_status, return32_ret); 565 if (return32_token == NULL) 566 err(EX_UNAVAILABLE, "au_to_return32"); 567 write_token(directory, token_filename, return32_token); 568 } 569 570 static void 571 generate_return32_record(const char *directory, const char *record_filename) 572 { 573 token_t *return32_token; 574 575 return32_token = au_to_return32(return32_status, return32_ret); 576 if (return32_token == NULL) 577 err(EX_UNAVAILABLE, "au_to_return32"); 578 write_record(directory, record_filename, return32_token, AUE_NULL); 579 } 580 581 static char *text_token_text = "This is a test."; 582 583 static void 584 generate_text_token(const char *directory, const char *token_filename) 585 { 586 token_t *text_token; 587 588 text_token = au_to_text(text_token_text); 589 if (text_token == NULL) 590 err(EX_UNAVAILABLE, "au_to_text"); 591 write_token(directory, token_filename, text_token); 592 } 593 594 static void 595 generate_text_record(const char *directory, const char *record_filename) 596 { 597 token_t *text_token; 598 599 text_token = au_to_text(text_token_text); 600 if (text_token == NULL) 601 err(EX_UNAVAILABLE, "au_to_text"); 602 write_record(directory, record_filename, text_token, AUE_NULL); 603 } 604 605 static char opaque_token_data[] = {0xaa, 0xbb, 0xcc, 0xdd}; 606 static int opaque_token_bytes = sizeof(opaque_token_data); 607 608 static void 609 generate_opaque_token(const char *directory, const char *token_filename) 610 { 611 token_t *opaque_token; 612 613 opaque_token = au_to_opaque(opaque_token_data, opaque_token_bytes); 614 if (opaque_token == NULL) 615 err(EX_UNAVAILABLE, "au_to_opaque"); 616 write_token(directory, token_filename, opaque_token); 617 } 618 619 static void 620 generate_opaque_record(const char *directory, const char *record_filename) 621 { 622 token_t *opaque_token; 623 624 opaque_token = au_to_opaque(opaque_token_data, opaque_token_bytes); 625 if (opaque_token == NULL) 626 err(EX_UNAVAILABLE, "au_to_opaque"); 627 write_record(directory, record_filename, opaque_token, AUE_NULL); 628 } 629 630 static struct in_addr in_addr_token_addr; 631 632 static void 633 generate_in_addr_token(const char *directory, const char *token_filename) 634 { 635 token_t *in_addr_token; 636 637 in_addr_token_addr.s_addr = inet_addr("192.168.100.15"); 638 639 in_addr_token = au_to_in_addr(&in_addr_token_addr); 640 if (in_addr_token == NULL) 641 err(EX_UNAVAILABLE, "au_to_in_addr"); 642 write_token(directory, token_filename, in_addr_token); 643 } 644 645 static void 646 generate_in_addr_record(const char *directory, const char *record_filename) 647 { 648 token_t *in_addr_token; 649 650 in_addr_token_addr.s_addr = inet_addr("192.168.100.15"); 651 652 in_addr_token = au_to_in_addr(&in_addr_token_addr); 653 if (in_addr_token == NULL) 654 err(EX_UNAVAILABLE, "au_to_in_addr"); 655 write_record(directory, record_filename, in_addr_token, AUE_NULL); 656 } 657 658 static struct ip ip_token_ip; 659 static u_char ip_token_ip_v = 4; 660 static uint16_t ip_token_ip_id = 0x5478; 661 static u_char ip_token_ip_ttl = 64; 662 static u_char ip_token_ip_p = IPPROTO_ICMP; 663 static struct in_addr ip_token_ip_src; 664 static struct in_addr ip_token_ip_dst; 665 666 static void 667 generate_ip_token(const char *directory, const char *token_filename) 668 { 669 token_t *ip_token; 670 671 ip_token_ip_src.s_addr = inet_addr("192.168.100.155"); 672 ip_token_ip_dst.s_addr = inet_addr("192.168.110.48"); 673 674 memset(&ip_token_ip, 0, sizeof(ip_token_ip)); 675 ip_token_ip.ip_v = ip_token_ip_v; 676 ip_token_ip.ip_len = htons(sizeof(ip_token_ip)); 677 ip_token_ip.ip_id = htons(ip_token_ip_id); 678 ip_token_ip.ip_ttl = ip_token_ip_ttl; 679 ip_token_ip.ip_p = ip_token_ip_p; 680 ip_token_ip.ip_src = ip_token_ip_src; 681 ip_token_ip.ip_dst = ip_token_ip_dst; 682 683 ip_token = au_to_ip(&ip_token_ip); 684 if (ip_token == NULL) 685 err(EX_UNAVAILABLE, "au_to_ip"); 686 write_token(directory, token_filename, ip_token); 687 } 688 689 static void 690 generate_ip_record(const char *directory, const char *record_filename) 691 { 692 token_t *ip_token; 693 694 ip_token_ip_src.s_addr = inet_addr("192.168.100.155"); 695 ip_token_ip_dst.s_addr = inet_addr("192.168.110.48"); 696 697 memset(&ip_token_ip, 0, sizeof(ip_token_ip)); 698 ip_token_ip.ip_v = ip_token_ip_v; 699 ip_token_ip.ip_len = htons(sizeof(ip_token_ip)); 700 ip_token_ip.ip_id = htons(ip_token_ip_id); 701 ip_token_ip.ip_ttl = ip_token_ip_ttl; 702 ip_token_ip.ip_p = ip_token_ip_p; 703 ip_token_ip.ip_src = ip_token_ip_src; 704 ip_token_ip.ip_dst = ip_token_ip_dst; 705 706 ip_token = au_to_ip(&ip_token_ip); 707 if (ip_token == NULL) 708 err(EX_UNAVAILABLE, "au_to_ip"); 709 write_record(directory, record_filename, ip_token, AUE_NULL); 710 } 711 712 static u_int16_t iport_token_iport; 713 714 static void 715 generate_iport_token(const char *directory, const char *token_filename) 716 { 717 token_t *iport_token; 718 719 iport_token_iport = htons(80); 720 721 iport_token = au_to_iport(iport_token_iport); 722 if (iport_token == NULL) 723 err(EX_UNAVAILABLE, "au_to_iport"); 724 write_token(directory, token_filename, iport_token); 725 } 726 727 static void 728 generate_iport_record(const char *directory, const char *record_filename) 729 { 730 token_t *iport_token; 731 732 iport_token_iport = htons(80); 733 734 iport_token = au_to_iport(iport_token_iport); 735 if (iport_token == NULL) 736 err(EX_UNAVAILABLE, "au_to_iport"); 737 write_record(directory, record_filename, iport_token, AUE_NULL); 738 } 739 740 static char arg32_token_n = 3; 741 static char *arg32_token_text = "test_arg32_token"; 742 static uint32_t arg32_token_v = 0xabcdef00; 743 744 static void 745 generate_arg32_token(const char *directory, const char *token_filename) 746 { 747 token_t *arg32_token; 748 749 arg32_token = au_to_arg32(arg32_token_n, arg32_token_text, 750 arg32_token_v); 751 if (arg32_token == NULL) 752 err(EX_UNAVAILABLE, "au_to_arg32"); 753 write_token(directory, token_filename, arg32_token); 754 } 755 756 static void 757 generate_arg32_record(const char *directory, const char *record_filename) 758 { 759 token_t *arg32_token; 760 761 arg32_token = au_to_arg32(arg32_token_n, arg32_token_text, 762 arg32_token_v); 763 if (arg32_token == NULL) 764 err(EX_UNAVAILABLE, "au_to_arg32"); 765 write_record(directory, record_filename, arg32_token, AUE_NULL); 766 } 767 768 static long seq_audit_count = 0x12345678; 769 770 static void 771 generate_seq_token(const char *directory, const char *token_filename) 772 { 773 token_t *seq_token; 774 775 seq_token = au_to_seq(seq_audit_count); 776 if (seq_token == NULL) 777 err(EX_UNAVAILABLE, "au_to_seq"); 778 write_token(directory, token_filename, seq_token); 779 } 780 781 static void 782 generate_seq_record(const char *directory, const char *record_filename) 783 { 784 token_t *seq_token; 785 786 seq_token = au_to_seq(seq_audit_count); 787 if (seq_token == NULL) 788 err(EX_UNAVAILABLE, "au_to_seq"); 789 write_record(directory, record_filename, seq_token, AUE_NULL); 790 } 791 792 /* 793 * AUT_ACL 794 */ 795 796 static void 797 generate_attr_token(const char *directory, const char *token_filename) 798 { 799 token_t *attr_token; 800 801 } 802 803 static void 804 generate_attr_record(const char *directory, const char *record_filename) 805 { 806 token_t *attr_token; 807 808 } 809 810 static void 811 generate_ipc_perm_token(const char *directory, const char *token_filename) 812 { 813 token_t *ipc_perm_token; 814 815 } 816 817 static void 818 generate_ipc_perm_record(const char *directory, const char *record_filename) 819 { 820 token_t *ipc_perm_token; 821 822 } 823 824 /* 825 * AUT_LABEL 826 */ 827 828 static void 829 generate_groups_token(const char *directory, const char *token_filename) 830 { 831 token_t *groups_token; 832 833 } 834 835 static void 836 generate_groups_record(const char *directory, const char *record_filename) 837 { 838 token_t *groups_token; 839 840 } 841 842 /* 843 * AUT_ILABEL 844 */ 845 846 /* 847 * AUT_SLABEL 848 */ 849 850 /* 851 * AUT_CLEAR 852 */ 853 854 /* 855 * AUT_PRIV 856 */ 857 858 /* 859 * AUT_UPRIV 860 */ 861 862 /* 863 * AUT_LIAISON 864 */ 865 866 /* 867 * AUT_NEWGROUPS 868 */ 869 870 /* 871 * AUT_EXEC_ARGS 872 */ 873 874 /* 875 * AUT_EXEC_ENV 876 */ 877 878 static void 879 generate_attr32_token(const char *directory, const char *token_filename) 880 { 881 token_t *attr32_token; 882 883 } 884 885 static void 886 generate_attr32_record(const char *directory, const char *record_filename) 887 { 888 token_t *attr32_token; 889 890 } 891 892 static char *zonename_sample = "testzone"; 893 894 static void 895 generate_zonename_token(const char *directory, const char *token_filename) 896 { 897 token_t *zonename_token; 898 899 zonename_token = au_to_zonename(zonename_sample); 900 if (zonename_token == NULL) 901 err(EX_UNAVAILABLE, "au_to_zonename"); 902 write_token(directory, token_filename, zonename_token); 903 } 904 905 static void 906 generate_zonename_record(const char *directory, const char *record_filename) 907 { 908 token_t *zonename_token; 909 910 zonename_token = au_to_zonename(zonename_sample); 911 if (zonename_token == NULL) 912 err(EX_UNAVAILABLE, "au_to_zonename"); 913 write_record(directory, record_filename, zonename_token, AUE_NULL); 914 } 915 916 int 917 main(int argc, char *argv[]) 918 { 919 const char *directory; 920 int ch; 921 922 while ((ch = getopt(argc, argv, "rt")) != -1) { 923 switch (ch) { 924 case 'r': 925 do_records++; 926 break; 927 928 case 't': 929 do_tokens++; 930 break; 931 932 default: 933 usage(); 934 } 935 } 936 937 argc -= optind; 938 argv += optind; 939 940 if (argc != 1) 941 usage(); 942 943 directory = argv[0]; 944 945 if (mkdir(directory, 0755) < 0 && errno != EEXIST) 946 err(EX_OSERR, "mkdir: %s", directory); 947 948 if (do_tokens) { 949 generate_file_token(directory, "file_token"); 950 generate_trailer_token(directory, "trailer_token"); 951 generate_header32_token(directory, "header32_token"); 952 generate_data_token(directory, "data_token"); 953 generate_ipc_token(directory, "ipc_token"); 954 generate_path_token(directory, "path_token"); 955 generate_subject32_token(directory, "subject32_token"); 956 generate_subject32ex_token(directory, "subject32ex_token", 957 AU_IPv4); 958 generate_subject32ex_token(directory, "subject32ex_token", 959 AU_IPv6); 960 generate_process32_token(directory, "process32_token"); 961 generate_process32ex_token(directory, "process32ex_token", 962 AU_IPv4); 963 generate_process32ex_token(directory, "process32ex_token", 964 AU_IPv6); 965 generate_process64_token(directory, "process64_token"); 966 generate_process64ex_token(directory, "process64ex_token", 967 AU_IPv4); 968 generate_process64ex_token(directory, "process64ex_token", 969 AU_IPv6); 970 generate_return32_token(directory, "return32_token"); 971 generate_text_token(directory, "text_token"); 972 generate_opaque_token(directory, "opaque_token"); 973 generate_in_addr_token(directory, "in_addr_token"); 974 generate_ip_token(directory, "ip_token"); 975 generate_iport_token(directory, "iport_token"); 976 generate_arg32_token(directory, "arg32_token"); 977 generate_seq_token(directory, "seq_token"); 978 generate_attr_token(directory, "attr_token"); 979 generate_ipc_perm_token(directory, "ipc_perm_token"); 980 generate_groups_token(directory, "groups_token"); 981 generate_attr32_token(directory, "attr32_token"); 982 generate_zonename_token(directory, "zonename_token"); 983 } 984 985 if (do_records) { 986 generate_file_record(directory, "file_record"); 987 generate_data_record(directory, "data_record"); 988 generate_ipc_record(directory, "ipc_record"); 989 generate_path_record(directory, "path_record"); 990 generate_subject32_record(directory, "subject32_record"); 991 generate_subject32ex_record(directory, "subject32ex_record", 992 AU_IPv4); 993 generate_subject32ex_record(directory, "subject32ex_record", 994 AU_IPv6); 995 generate_process32_record(directory, "process32_record"); 996 generate_process32ex_record(directory, "process32ex_record", 997 AU_IPv4); 998 generate_process32ex_record(directory, "process32ex_record", 999 AU_IPv6); 1000 generate_process64_record(directory, "process64_record"); 1001 generate_process64ex_record(directory, "process64ex_record", 1002 AU_IPv4); 1003 generate_process64ex_record(directory, "process64ex_record", 1004 AU_IPv6); 1005 generate_return32_record(directory, "return32_record"); 1006 generate_text_record(directory, "text_record"); 1007 generate_opaque_record(directory, "opaque_record"); 1008 generate_in_addr_record(directory, "in_addr_record"); 1009 generate_ip_record(directory, "ip_record"); 1010 generate_iport_record(directory, "iport_record"); 1011 generate_arg32_record(directory, "arg32_record"); 1012 generate_seq_record(directory, "seq_record"); 1013 generate_attr_record(directory, "attr_record"); 1014 generate_ipc_perm_record(directory, "ipc_perm_record"); 1015 generate_groups_record(directory, "groups_record"); 1016 generate_attr32_record(directory, "attr32_record"); 1017 generate_zonename_record(directory, "zonename_record"); 1018 } 1019 1020 return (0); 1021 } 1022