xref: /illumos-gate/usr/src/cmd/praudit/token.c (revision 8c754b1b0941ce71249cc956888b3470525b995f)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 #include <ctype.h>
29 #include <dirent.h>
30 #include <grp.h>
31 #include <libintl.h>
32 #include <limits.h>
33 #include <locale.h>
34 #include <pwd.h>
35 #include <stdio.h>
36 #include <stdlib.h>
37 #include <string.h>
38 #include <sys/types.h>
39 #include <sys/inttypes.h>
40 #include <sys/file.h>
41 #include <sys/param.h>
42 #include <sys/uio.h>
43 #include <sys/stat.h>
44 #include <sys/acl.h>
45 #include <sys/socket.h>
46 #include <sys/errno.h>
47 #include <sys/ipc.h>
48 #include <sys/sem.h>
49 #include <sys/systm.h>
50 #include <netinet/in.h>
51 #include <sys/tiuser.h>
52 #include <rpc/types.h>
53 #include <rpc/auth.h>
54 #include <rpc/auth_unix.h>
55 #include <rpc/svc.h>
56 #include <rpc/xdr.h>
57 #include <nfs/nfs.h>
58 #include <sys/fs/ufs_quota.h>
59 #include <sys/time.h>
60 #include <sys/mkdev.h>
61 #include <unistd.h>
62 
63 #include <bsm/audit.h>
64 #include <bsm/audit_record.h>
65 #include <bsm/libbsm.h>
66 
67 #include <tsol/label.h>
68 
69 #include "praudit.h"
70 #include "toktable.h"
71 
72 #include <netdb.h>
73 #include <arpa/inet.h>
74 
75 static char *anchor_path(char *);
76 static char *collapse_path(char *);
77 
78 
79 /*
80  * -----------------------------------------------------------------------
81  * is_file_token:
82  *		  Tests whether the specified token id represents a type
83  *		  of file token.
84  * return codes :  1 - tokenid is a file token type
85  *		:  0 - otherwise
86  * -----------------------------------------------------------------------
87  */
88 int
89 is_file_token(int tokenid)
90 {
91 	if ((tokenid == AUT_OTHER_FILE32) || (tokenid == AUT_OTHER_FILE64))
92 		return (1);
93 
94 	return (0);
95 }
96 
97 /*
98  * -----------------------------------------------------------------------
99  * is_header_token:
100  *		  Tests whether the specified token id represents a type
101  *		  of header token (signifying the start of a record).
102  * return codes :  1 - tokenid is a header type
103  *		:  0 - otherwise
104  * -----------------------------------------------------------------------
105  */
106 int
107 is_header_token(int tokenid)
108 {
109 	if ((tokenid == AUT_OHEADER) || (tokenid == AUT_HEADER32) ||
110 	    (tokenid == AUT_HEADER32_EX) || (tokenid == AUT_HEADER64) ||
111 	    (tokenid == AUT_HEADER64_EX))
112 		return (1);
113 
114 	return (0);
115 }
116 
117 /*
118  * -----------------------------------------------------------------------
119  * is_token:
120  *		  Tests whether the specified token id represents a true
121  *		  token, as opposed to a regular tag.
122  * return codes :  1 - tokenid is a true token
123  *		:  0 - otherwise
124  * -----------------------------------------------------------------------
125  */
126 int
127 is_token(int tokenid)
128 {
129 	if ((tokenid > 0) && (tokenid <= MAXTOKEN))
130 		return (1);
131 
132 	return (0);
133 }
134 
135 
136 /*
137  * -----------------------------------------------------------------------
138  * exit_token() 	: Process information label token and display contents
139  * return codes		: -1 - error
140  *			:  0 - successful
141  * NOTE: At the time of call, the label token id has been retrieved
142  *
143  * Format of exit token:
144  *	exit token id		adr_char
145  * -----------------------------------------------------------------------
146  */
147 int
148 exit_token(pr_context_t *context)
149 {
150 	int	returnstat;
151 	int	retval;
152 	uval_t	uval;
153 
154 	if ((returnstat = open_tag(context, TAG_ERRVAL)) != 0)
155 		return (returnstat);
156 
157 	if ((returnstat = pr_adr_int32(context, (int32_t *)&retval, 1)) == 0) {
158 		if (!(context->format & PRF_RAWM)) {
159 			char *emsg = strerror(retval);
160 
161 			if (emsg == NULL)
162 				uval.string_val = gettext("Unknown errno");
163 			else
164 				uval.string_val = gettext(emsg);
165 			uval.uvaltype = PRA_STRING;
166 		} else {
167 			uval.uvaltype = PRA_INT32;
168 			uval.int32_val = retval;
169 		}
170 		returnstat = pa_print(context, &uval, 0);
171 	}
172 	if (returnstat == 0)
173 		returnstat = close_tag(context, TAG_ERRVAL);
174 
175 	return (process_tag(context, TAG_RETVAL, returnstat, 1));
176 }
177 
178 /*
179  * ------------------------------------------------------------------
180  * file_token()	: prints out seconds of time and other file name
181  * return codes : -1 - error
182  *		:  0 - successful, valid file token fields
183  * At the time of entry, the file token ID has already been retrieved
184  *
185  * Format of file token:
186  *	file token id		adr_char
187  *	seconds of time		adr_u_int
188  *	name of other file	adr_string
189  * ------------------------------------------------------------------
190  */
191 int
192 file_token(pr_context_t *context)
193 {
194 	int	returnstat;
195 
196 	returnstat = pa_utime32(context, 0, 0);		/* time from usecs */
197 
198 	/* other file name */
199 	returnstat = pa_file_string(context, returnstat, 1);
200 
201 	return (returnstat);
202 }
203 
204 int
205 file64_token(pr_context_t *context)
206 {
207 	int	returnstat;
208 
209 	returnstat = pa_utime64(context, 0, 0);		/* time from usecs */
210 
211 	/* other file name */
212 	returnstat = pa_file_string(context, returnstat, 1);
213 
214 	return (returnstat);
215 }
216 
217 /*
218  * -----------------------------------------------------------------------
219  * header_token()	: Process record header token and display contents
220  * return codes		: -1 - error
221  *			:  0 - successful
222  *			:  1 - warning, password entry not found
223  *
224  * NOTE: At the time of call, the header token id has been retrieved
225  *
226  * Format of header token:
227  *	header token id 	adr_char
228  * 	record byte count	adr_u_int
229  *	event type		adr_u_short (printed either ASCII or raw)
230  *	event class		adr_u_int   (printed either ASCII or raw)
231  *	event action		adr_u_int
232  *	if extended:		extended host name (IPv4/IPv6)
233  *	seconds of time		adr_u_int   (printed either ASCII or raw)
234  *	nanoseconds of time	adr_u_int
235  * -----------------------------------------------------------------------
236  */
237 int
238 header_token(pr_context_t *context)
239 {
240 	int	returnstat;
241 
242 	returnstat = pa_reclen(context, 0);		/* record byte */
243 	/* version ID */
244 	returnstat = process_tag(context, TAG_TOKVERS, returnstat, 0);
245 	/* event type */
246 	returnstat = process_tag(context, TAG_EVTYPE, returnstat, 0);
247 	/* event modifier */
248 	returnstat = pa_event_modifier(context, returnstat, 0);
249 	/* time from nsec */
250 	returnstat = pa_ntime32(context, returnstat, 1);
251 
252 	return (returnstat);
253 }
254 
255 int
256 header64_token(pr_context_t *context)
257 {
258 	int	returnstat;
259 
260 	returnstat = pa_reclen(context, 0);		/* record byte */
261 	/* version ID */
262 	returnstat = process_tag(context, TAG_TOKVERS, returnstat, 0);
263 	/* event type */
264 	returnstat = process_tag(context, TAG_EVTYPE, returnstat, 0);
265 	/* event modifier */
266 	returnstat = pa_event_modifier(context, returnstat, 0);
267 	/* time from nsec */
268 	returnstat = pa_ntime64(context, returnstat, 1);
269 
270 	return (returnstat);
271 }
272 
273 int
274 header32_ex_token(pr_context_t *context)
275 {
276 	int	returnstat;
277 
278 	returnstat = pa_reclen(context, 0);		/* record byte */
279 	/* version ID */
280 	returnstat = process_tag(context, TAG_TOKVERS, returnstat, 0);
281 	/* event type */
282 	returnstat = process_tag(context, TAG_EVTYPE, returnstat, 0);
283 	/* event modifier */
284 	returnstat = pa_event_modifier(context, returnstat, 0);
285 	/* machine name */
286 	returnstat = pa_hostname_ex(context, returnstat, 0);
287 	/* time from nsec */
288 	returnstat = pa_ntime32(context, returnstat, 1);
289 
290 	return (returnstat);
291 }
292 
293 int
294 header64_ex_token(pr_context_t *context)
295 {
296 	int	returnstat;
297 
298 	returnstat = pa_reclen(context, 0);		/* record byte */
299 	/* version ID */
300 	returnstat = process_tag(context, TAG_TOKVERS, returnstat, 0);
301 	/* event type */
302 	returnstat = process_tag(context, TAG_EVTYPE, returnstat, 0);
303 	/* event modifier */
304 	returnstat = pa_event_modifier(context, returnstat, 0);
305 	/* machine name */
306 	returnstat = pa_hostname_ex(context, returnstat, 0);
307 	/* time from nsec */
308 	returnstat = pa_ntime64(context, returnstat, 1);
309 
310 	return (returnstat);
311 }
312 
313 /*
314  * -----------------------------------------------------------------------
315  * trailer_token()	: Process record trailer token and display contents
316  * return codes		: -1 - error
317  *			:  0 - successful
318  * NOTE: At the time of call, the trailer token id has already been
319  * retrieved
320  *
321  * Format of trailer token:
322  * 	trailer token id	adr_char
323  * 	record sequence no	adr_u_short (should be AUT_TRAILER_MAGIC)
324  *	record byte count	adr_u_int
325  * -----------------------------------------------------------------------
326  */
327 int
328 trailer_token(pr_context_t *context)
329 {
330 	short	magic_number;
331 
332 	if (pr_adr_u_short(context, (ushort_t *)&magic_number, 1) < 0) {
333 		(void) fprintf(stderr, gettext(
334 		    "praudit: Cannot retrieve trailer magic number\n"));
335 		return (-1);
336 	} else {
337 		if (magic_number != AUT_TRAILER_MAGIC) {
338 			(void) fprintf(stderr, gettext(
339 			    "praudit: Invalid trailer magic number\n"));
340 			return (-1);
341 		} else
342 			/* Do not display trailer in XML mode */
343 			if (context->format & PRF_XMLM) {
344 				uint32_t	junk;
345 				int		retstat;
346 
347 				retstat = pr_adr_u_int32(context, &junk, 1);
348 				return (retstat);
349 			} else {
350 				return (pa_adr_u_int32(context, 0, 1));
351 			}
352 	}
353 }
354 
355 /*
356  * -----------------------------------------------------------------------
357  * arbitrary_data_token():
358  *			  Process arbitrary data token and display contents
359  * return codes		: -1 - error
360  *			:  0 - successful
361  * NOTE: At the time of call, the arbitrary data token id has already
362  * been retrieved
363  *
364  * Format of arbitrary data token:
365  *	arbitrary data token id	adr char
366  * 	how to print		adr_char
367  *				From audit_record.h, this may be either:
368  *				AUP_BINARY	binary
369  *				AUP_OCTAL	octal
370  *				AUP_DECIMAL	decimal
371  *				AUP_HEX		hexadecimal
372  *	basic unit		adr_char
373  *				From audit_record.h, this may be either:
374  *				AUR_BYTE	byte
375  *				AUR_CHAR	char
376  *				AUR_SHORT	short
377  *				AUR_INT32	int32_t
378  *				AUR_INT64	int64_t
379  *	unit count		adr_char, specifying number of units of
380  *				data in the "data items" parameter below
381  *	data items		depends on basic unit
382  *
383  * -----------------------------------------------------------------------
384  */
385 int
386 arbitrary_data_token(pr_context_t *context)
387 {
388 	int	returnstat;
389 	int	i;
390 	char	c1;
391 	short	c2;
392 	int32_t	c3;
393 	int64_t c4;
394 	char	how_to_print, basic_unit, unit_count, fwid;
395 	char	*p;
396 	int	index = 0;
397 	char	*pformat = "%*s";
398 
399 	uval_t	uval;
400 
401 	if ((returnstat = pr_adr_char(context, &how_to_print, 1)) != 0)
402 		return (returnstat);
403 
404 	if ((returnstat = pr_adr_char(context, &basic_unit, 1)) != 0)
405 		return (returnstat);
406 
407 	if ((returnstat = pr_adr_char(context, &unit_count, 1)) != 0)
408 		return (returnstat);
409 
410 	if (!(context->format & PRF_RAWM)) {
411 		uval.uvaltype = PRA_STRING;
412 		uval.string_val = htp2string(how_to_print);
413 	} else {
414 		uval.uvaltype = PRA_INT32;
415 		uval.int32_val = (int)how_to_print;
416 	}
417 
418 	if ((returnstat = open_tag(context, TAG_ARBPRINT)) != 0)
419 		return (returnstat);
420 	if ((returnstat = pa_print(context, &uval, 0)) < 0)
421 		return (returnstat);
422 	if ((returnstat = close_tag(context, TAG_ARBPRINT)) != 0)
423 		return (returnstat);
424 
425 	if (!(context->format & PRF_RAWM)) {
426 		uval.uvaltype = PRA_STRING;
427 		uval.string_val = bu2string(basic_unit);
428 	} else {
429 		uval.uvaltype = PRA_INT32;
430 		uval.int32_val = (int32_t)basic_unit;
431 	}
432 
433 	if ((returnstat = open_tag(context, TAG_ARBTYPE)) != 0)
434 		return (returnstat);
435 	if ((returnstat = pa_print(context, &uval, 0)) < 0)
436 		return (returnstat);
437 	if ((returnstat = close_tag(context, TAG_ARBTYPE)) != 0)
438 		return (returnstat);
439 
440 	uval.uvaltype = PRA_INT32;
441 	uval.int32_val = (int32_t)unit_count;
442 
443 	if ((returnstat = open_tag(context, TAG_ARBCOUNT)) != 0)
444 		return (returnstat);
445 	if ((returnstat = pa_print(context, &uval, 1)) < 0)
446 		return (returnstat);
447 	if ((returnstat = close_tag(context, TAG_ARBCOUNT)) != 0)
448 		return (returnstat);
449 
450 	/* Done with attributes; force end of token open */
451 	if ((returnstat = finish_open_tag(context)) != 0)
452 		return (returnstat);
453 
454 	/* get the field width in case we need to format output */
455 	fwid = findfieldwidth(basic_unit, how_to_print);
456 	p = (char *)malloc(80);
457 
458 	/* now get the data items and print them */
459 	for (i = 0; (i < unit_count); i++) {
460 		switch (basic_unit) {
461 			/* case AUR_BYTE: */
462 		case AUR_CHAR:
463 			if (pr_adr_char(context, &c1, 1) == 0)
464 				(void) convert_char_to_string(how_to_print,
465 					c1, p);
466 			else {
467 				free(p);
468 				return (-1);
469 			}
470 			break;
471 		case AUR_SHORT:
472 			if (pr_adr_short(context, &c2, 1) == 0)
473 				(void) convert_short_to_string(how_to_print,
474 					c2, p);
475 			else {
476 				free(p);
477 				return (-1);
478 			}
479 			break;
480 		case AUR_INT32:
481 			if (pr_adr_int32(context, &c3, 1) == 0)
482 				(void) convert_int32_to_string(how_to_print,
483 					c3, p);
484 			else {
485 				free(p);
486 				return (-1);
487 			}
488 			break;
489 		case AUR_INT64:
490 			if (pr_adr_int64(context, &c4, 1) == 0)
491 				(void) convert_int64_to_string(how_to_print,
492 					c4, p);
493 			else {
494 				free(p);
495 				return (-1);
496 			}
497 			break;
498 		default:
499 			free(p);
500 			return (-1);
501 			/*NOTREACHED*/
502 		}
503 
504 		/*
505 		 * At this point, we have successfully retrieved a data
506 		 * item and converted it into an ASCII string pointed to
507 		 * by p. If all output is to be printed on one line,
508 		 * simply separate the data items by a space (or by the
509 		 * delimiter if this is the last data item), otherwise, we
510 		 * need to format the output before display.
511 		 */
512 		if (context->format & PRF_ONELINE) {
513 			returnstat = pr_printf(context, "%s", p);
514 			if ((returnstat >= 0) && (i == (unit_count - 1)))
515 				returnstat = pr_printf(context, "%s",
516 				    context->SEPARATOR);
517 			else
518 				returnstat = pr_putchar(context, ' ');
519 		} else {	/* format output */
520 			returnstat = pr_printf(context, pformat, fwid, p);
521 			index += fwid;
522 			if ((returnstat >= 0) &&
523 			    (((index + fwid) > 75) ||
524 			    (i == (unit_count - 1)))) {
525 				returnstat = pr_putchar(context, '\n');
526 				index = 0;
527 			}
528 		} /* else if PRF_ONELINE */
529 		if (returnstat < 0) {
530 			free(p);
531 			return (returnstat);
532 		}
533 	}
534 	free(p);
535 
536 	return (returnstat);
537 }
538 
539 /*
540  * -----------------------------------------------------------------------
541  * opaque_token() 	: Process opaque token and display contents
542  * return codes		: -1 - error
543  *			:  0 - successful
544  * NOTE: At the time of call, the opaque token id has already been
545  * retrieved
546  *
547  * Format of opaque token:
548  *	opaque token id		adr_char
549  *	size			adr_short
550  *	data			adr_char, size times
551  * -----------------------------------------------------------------------
552  */
553 int
554 opaque_token(pr_context_t *context)
555 {
556 	int	returnstat;
557 	short	size;
558 	char	*charp;
559 	uval_t	uval;
560 
561 
562 	/* print the size of the token */
563 	if (pr_adr_short(context, &size, 1) == 0) {
564 		uval.uvaltype = PRA_SHORT;
565 		uval.short_val = size;
566 		returnstat = pa_print(context, &uval, 0);
567 	} else
568 		returnstat = -1;
569 
570 	/* now print out the data field in hexadecimal */
571 	if (returnstat >= 0) {
572 		/* try to allocate memory for the character string */
573 		if ((charp = (char *)malloc(size * sizeof (char))) == NULL)
574 			returnstat = -1;
575 		else {
576 			if ((returnstat = pr_adr_char(context, charp,
577 			    size)) == 0) {
578 				/* print out in hexadecimal format */
579 				uval.uvaltype = PRA_STRING;
580 				uval.string_val = hexconvert(charp, size, size);
581 				if (uval.string_val) {
582 					returnstat = pa_print(context,
583 					    &uval, 1);
584 					free(uval.string_val);
585 				}
586 			}
587 			free(charp);
588 		}
589 	}
590 
591 	return (returnstat);
592 }
593 
594 /*
595  * -----------------------------------------------------------------------
596  * path_token() 	: Process path token and display contents
597  * return codes		: -1 - error
598  *			:  0 - successful
599  * NOTE: At the time of call, the path token id has been retrieved
600  *
601  * Format of path token:
602  *	token id	adr_char
603  *	path		adr_string
604  * -----------------------------------------------------------------------
605  */
606 int
607 path_token(pr_context_t *context)
608 {
609 	char	*path;	/* path */
610 	char	*apath;	/* anchored path */
611 	char	*cpath;	/* collapsed path */
612 	short	length;
613 	int	returnstat;
614 	uval_t	uval;
615 
616 	/*
617 	 * We need to know how much space to allocate for our string, so
618 	 * read the length first, then call pr_adr_char to read those bytes.
619 	 */
620 	if (pr_adr_short(context, &length, 1) == 0) {
621 		if ((path = (char *)malloc(length + 1)) == NULL) {
622 			returnstat = -1;
623 		} else if (pr_adr_char(context, path, length) == 0) {
624 			path[length] = '\0';
625 			uval.uvaltype = PRA_STRING;
626 			if (*path != '/') {
627 				apath = anchor_path(path);
628 				free(path);
629 			} else
630 				apath = path;
631 			cpath = collapse_path(apath);
632 			uval.string_val = cpath;
633 			returnstat = pa_print(context, &uval, 1);
634 			free(cpath);
635 		} else {
636 			free(path);
637 			returnstat = -1;
638 		}
639 		return (returnstat);
640 	} else
641 		return (-1);
642 }
643 
644 /*
645  * anchor a path name with a slash
646  */
647 char *
648 anchor_path(char *sp)
649 {
650 	char	*dp; /* destination path */
651 	char	*tp; /* temporary path */
652 	size_t	len;
653 
654 	len = strlen(sp) + 2;
655 	if ((dp = tp = (char *)calloc(1, len)) == (char *)0)
656 		return ((char *)0);
657 
658 	*dp++ = '/';
659 
660 	(void) strlcpy(dp, sp, len);
661 
662 	return (tp);
663 }
664 
665 /*
666  * copy path to collapsed path.
667  * collapsed path does not contain:
668  *	successive slashes
669  *	instances of dot-slash
670  *	instances of dot-dot-slash
671  * passed path must be anchored with a '/'
672  */
673 char *
674 collapse_path(char *s)
675 {
676 	int	id;	/* index of where we are in destination string */
677 	int	is;		/* index of where we are in source string */
678 	int	slashseen;	/* have we seen a slash */
679 	int	ls;		/* length of source string */
680 
681 	ls = strlen(s) + 1;
682 
683 	slashseen = 0;
684 	for (is = 0, id = 0; is < ls; is++) {
685 		/* thats all folks, we've reached the end of input */
686 		if (s[is] == '\0') {
687 			if (id > 1 && s[id-1] == '/') {
688 				--id;
689 			}
690 			s[id++] = '\0';
691 			break;
692 		}
693 		/* previous character was a / */
694 		if (slashseen) {
695 			if (s[is] == '/')
696 				continue;	/* another slash, ignore it */
697 		} else if (s[is] == '/') {
698 			/* we see a /, just copy it and try again */
699 			slashseen = 1;
700 			s[id++] = '/';
701 			continue;
702 		}
703 		/* /./ seen */
704 		if (s[is] == '.' && s[is+1] == '/') {
705 			is += 1;
706 			continue;
707 		}
708 		/* XXX/. seen */
709 		if (s[is] == '.' && s[is+1] == '\0') {
710 			if (id > 1)
711 				id--;
712 			continue;
713 		}
714 		/* XXX/.. seen */
715 		if (s[is] == '.' && s[is+1] == '.' && s[is+2] == '\0') {
716 			is += 1;
717 			if (id > 0)
718 				id--;
719 			while (id > 0 && s[--id] != '/');
720 			id++;
721 			continue;
722 		}
723 		/* XXX/../ seen */
724 		if (s[is] == '.' && s[is+1] == '.' && s[is+2] == '/') {
725 			is += 2;
726 			if (id > 0)
727 				id--;
728 			while (id > 0 && s[--id] != '/');
729 			id++;
730 			continue;
731 		}
732 		while (is < ls && (s[id++] = s[is++]) != '/');
733 		is--;
734 	}
735 	return (s);
736 }
737 
738 /*
739  * -----------------------------------------------------------------------
740  * cmd_token()		: Process cmd token and display contents
741  * return codes		: -1 - error
742  *			:  0 - successful
743  * NOTE: At the time of call, the cmd token id has been retrieved
744  *
745  * Format of command token:
746  *	token id	adr_char
747  *	argc		adr_short
748  *	N*argv[i]	adr_string (short, string)
749  *	env cnt		adr_short
750  *	N*arge[i]	adr_string (short, string)
751  * -----------------------------------------------------------------------
752  */
753 int
754 cmd_token(pr_context_t *context)
755 {
756 	int	returnstat;
757 	short num;
758 
759 	returnstat = pr_adr_short(context, &num, 1);
760 	if (returnstat < 0)
761 		return (returnstat);
762 
763 	if (!(context->format & PRF_XMLM)) {
764 		returnstat = pr_printf(context, "%s%s%d%s",
765 		    (context->format & PRF_ONELINE) ? "" : gettext("argcnt"),
766 		    (context->format & PRF_ONELINE) ? "" : context->SEPARATOR,
767 		    num, context->SEPARATOR);
768 		if (returnstat < 0)
769 			return (returnstat);
770 	}
771 
772 	for (; num > 0; num--) {
773 		if ((returnstat = process_tag(context, TAG_ARGV,
774 		    returnstat, 0)) < 0)
775 			return (returnstat);
776 	}
777 
778 	if ((returnstat = pr_adr_short(context, &num, 1)) < 0)
779 		return (returnstat);
780 
781 	if (!(context->format & PRF_XMLM)) {
782 		returnstat = pr_printf(context, "%s%s%d%s",
783 		    (context->format & PRF_ONELINE) ? "" : gettext("envcnt"),
784 		    (context->format & PRF_ONELINE) ? "" : context->SEPARATOR,
785 		    num, context->SEPARATOR);
786 		if (returnstat < 0)
787 			return (returnstat);
788 	}
789 
790 	if ((num == 0) && !(context->format & PRF_XMLM)) {
791 		returnstat = do_newline(context, 1);
792 		if (returnstat < 0)
793 			return (returnstat);
794 	}
795 
796 	for (; num > 1; num--) {
797 		if ((returnstat = process_tag(context, TAG_ARGE,
798 		    returnstat, 0)) < 0)
799 			return (returnstat);
800 	}
801 	if (num)
802 		returnstat = process_tag(context, TAG_ARGE, returnstat, 1);
803 
804 	return (returnstat);
805 
806 }
807 
808 /*
809  * -----------------------------------------------------------------------
810  * argument32_token()	: Process argument token and display contents
811  * return codes		: -1 - error
812  *			:  0 - successful
813  * NOTE: At the time of call, the arg token id has been retrieved
814  *
815  * Format of argument token:
816  *	current directory token id	adr_char
817  *	argument number			adr_char
818  *	argument value			adr_int32
819  *	argument description		adr_string
820  * -----------------------------------------------------------------------
821  */
822 int
823 argument32_token(pr_context_t *context)
824 {
825 	int	returnstat;
826 
827 	returnstat = process_tag(context, TAG_ARGNUM, 0, 0);
828 	returnstat = process_tag(context, TAG_ARGVAL32, returnstat, 0);
829 	returnstat = process_tag(context, TAG_ARGDESC, returnstat, 1);
830 
831 	return (returnstat);
832 
833 }
834 
835 /*
836  * -----------------------------------------------------------------------
837  * argument64_token()	: Process argument token and display contents
838  * return codes		: -1 - error
839  *			:  0 - successful
840  * NOTE: At the time of call, the arg token id has been retrieved
841  *
842  * Format of 64 bit argument token:
843  *	current directory token id	adr_char
844  *	argument number			adr_char
845  *	argument value			adr_int64
846  *	argument description		adr_string
847  * -----------------------------------------------------------------------
848  */
849 int
850 argument64_token(pr_context_t *context)
851 {
852 	int	returnstat;
853 
854 	returnstat = process_tag(context, TAG_ARGNUM, 0, 0);
855 	returnstat = process_tag(context, TAG_ARGVAL64, returnstat, 0);
856 	returnstat = process_tag(context, TAG_ARGDESC, returnstat, 1);
857 
858 	return (returnstat);
859 
860 }
861 
862 /*
863  * -----------------------------------------------------------------------
864  * process_token() 	: Process process token and display contents
865  * return codes		: -1 - error
866  *			:  0 - successful
867  * NOTE: At the time of call, the process token id has been retrieved
868  *
869  * Format of process token:
870  *	process token id	adr_char
871  *	auid			adr_u_int32
872  *	euid			adr_u_int32
873  *	egid			adr_u_int32
874  *	ruid			adr_u_int32
875  *	egid			adr_u_int32
876  *	pid			adr_u_int32
877  *	sid			adr_u_int32
878  *	tid			adr_u_int32, adr_u_int32
879  * -----------------------------------------------------------------------
880  */
881 int
882 process32_token(pr_context_t *context)
883 {
884 	int	returnstat;
885 
886 		/* auid */
887 	returnstat = process_tag(context, TAG_AUID, 0, 0);
888 		/* uid */
889 	returnstat = process_tag(context, TAG_UID, returnstat, 0);
890 		/* gid */
891 	returnstat = process_tag(context, TAG_GID, returnstat, 0);
892 		/* ruid */
893 	returnstat = process_tag(context, TAG_RUID, returnstat, 0);
894 		/* rgid */
895 	returnstat = process_tag(context, TAG_RGID, returnstat, 0);
896 		/* pid */
897 	returnstat = process_tag(context, TAG_PID, returnstat, 0);
898 		/* sid */
899 	returnstat = process_tag(context, TAG_SID, returnstat, 0);
900 		/* tid */
901 	returnstat = process_tag(context, TAG_TID32, returnstat, 1);
902 
903 	return (returnstat);
904 }
905 
906 int
907 process64_token(pr_context_t *context)
908 {
909 	int	returnstat;
910 
911 		/* auid */
912 	returnstat = process_tag(context, TAG_AUID, 0, 0);
913 		/* uid */
914 	returnstat = process_tag(context, TAG_UID, returnstat, 0);
915 		/* gid */
916 	returnstat = process_tag(context, TAG_GID, returnstat, 0);
917 		/* ruid */
918 	returnstat = process_tag(context, TAG_RUID, returnstat, 0);
919 		/* rgid */
920 	returnstat = process_tag(context, TAG_RGID, returnstat, 0);
921 		/* pid */
922 	returnstat = process_tag(context, TAG_PID, returnstat, 0);
923 		/* sid */
924 	returnstat = process_tag(context, TAG_SID, returnstat, 0);
925 		/* tid */
926 	returnstat = process_tag(context, TAG_TID64, returnstat, 1);
927 
928 	return (returnstat);
929 }
930 
931 /*
932  * -----------------------------------------------------------------------
933  * process_ex_token()	: Process process token and display contents
934  * return codes		: -1 - error
935  *			:  0 - successful
936  * NOTE: At the time of call, the process token id has been retrieved
937  *
938  * Format of extended process token:
939  *	process token id	adr_char
940  *	auid			adr_u_int32
941  *	euid			adr_u_int32
942  *	egid			adr_u_int32
943  *	ruid			adr_u_int32
944  *	egid			adr_u_int32
945  *	pid			adr_u_int32
946  *	sid			adr_u_int32
947  *	tid			adr_u_int32, adr_u_int32, 4*adr_u_int32
948  * -----------------------------------------------------------------------
949  */
950 int
951 process32_ex_token(pr_context_t *context)
952 {
953 	int	returnstat;
954 
955 		/* auid */
956 	returnstat = process_tag(context, TAG_AUID, 0, 0);
957 		/* uid */
958 	returnstat = process_tag(context, TAG_UID, returnstat, 0);
959 		/* gid */
960 	returnstat = process_tag(context, TAG_GID, returnstat, 0);
961 		/* ruid */
962 	returnstat = process_tag(context, TAG_RUID, returnstat, 0);
963 		/* rgid */
964 	returnstat = process_tag(context, TAG_RGID, returnstat, 0);
965 		/* pid */
966 	returnstat = process_tag(context, TAG_PID, returnstat, 0);
967 		/* sid */
968 	returnstat = process_tag(context, TAG_SID, returnstat, 0);
969 		/* tid */
970 	returnstat = process_tag(context, TAG_TID32_EX, returnstat, 1);
971 
972 	return (returnstat);
973 }
974 
975 int
976 process64_ex_token(pr_context_t *context)
977 {
978 	int	returnstat;
979 
980 		/* auid */
981 	returnstat = process_tag(context, TAG_AUID, 0, 0);
982 		/* uid */
983 	returnstat = process_tag(context, TAG_UID, returnstat, 0);
984 		/* gid */
985 	returnstat = process_tag(context, TAG_GID, returnstat, 0);
986 		/* ruid */
987 	returnstat = process_tag(context, TAG_RUID, returnstat, 0);
988 		/* rgid */
989 	returnstat = process_tag(context, TAG_RGID, returnstat, 0);
990 		/* pid */
991 	returnstat = process_tag(context, TAG_PID, returnstat, 0);
992 		/* sid */
993 	returnstat = process_tag(context, TAG_SID, returnstat, 0);
994 		/* tid */
995 	returnstat = process_tag(context, TAG_TID64_EX, returnstat, 1);
996 
997 	return (returnstat);
998 }
999 
1000 /*
1001  * -----------------------------------------------------------------------
1002  * return_value32_token(): Process return value and display contents
1003  * return codes		: -1 - error
1004  *			:  0 - successful
1005  * NOTE: At the time of call, the return value token id has been retrieved
1006  *
1007  * Format of return value token:
1008  * 	return value token id	adr_char
1009  *	error number		adr_char
1010  *	return value		adr_int32
1011  * -----------------------------------------------------------------------
1012  */
1013 int
1014 return_value32_token(pr_context_t *context)
1015 {
1016 	int		returnstat;
1017 	uchar_t		number;
1018 	int32_t		value;
1019 	char		pb[512];    /* print buffer */
1020 	uval_t		uval;
1021 	bool_t		used_ret_val = 0;
1022 
1023 	/*
1024 	 * Every audit record generated contains a return token.
1025 	 *
1026 	 * The return token is a special token. It indicates the success
1027 	 * or failure of the event that contains it.
1028 	 * The return32 token contains two pieces of data:
1029 	 *
1030 	 * 	char	number;
1031 	 * 	int32_t	return_value;
1032 	 *
1033 	 * For audit records generated by the kernel:
1034 	 * The kernel always puts a positive value in "number".
1035 	 * Upon success "number" is 0.
1036 	 * Upon failure "number" is a positive errno value that is less than
1037 	 * sys_nerr.
1038 	 *
1039 	 * For audit records generated at the user level:
1040 	 * Upon success "number" is 0.
1041 	 * Upon failure "number" is -1.
1042 	 *
1043 	 * For both kernel and user land the value of "return_value" is
1044 	 * arbitrary. For the kernel it contains the return value of
1045 	 * the system call. For user land it contains an arbitrary return
1046 	 * value if it is less than ADT_FAIL_VALUE; ADT_FAIL_VALUE
1047 	 * and above are messages defined in adt_event.h.   ADT_FAIL_PAM and
1048 	 * above are messages from pam_strerror().  No interpretation is done
1049 	 * on "return_value" if it is outside the range of ADT_FAIL_VALUE_* or
1050 	 * ADT_FAIL_PAM values.
1051 	 */
1052 	if ((returnstat = open_tag(context, TAG_ERRVAL)) != 0)
1053 		return (returnstat);
1054 
1055 	if ((returnstat = pr_adr_u_char(context, &number, 1)) == 0) {
1056 		if (!(context->format & PRF_RAWM)) {
1057 			used_ret_val = 1;
1058 			pa_error(number, pb, sizeof (pb));
1059 			uval.uvaltype = PRA_STRING;
1060 			uval.string_val = pb;
1061 			if ((returnstat = pa_print(context, &uval, 0)) != 0)
1062 				return (returnstat);
1063 			if ((returnstat = close_tag(context, TAG_ERRVAL)) != 0)
1064 				return (returnstat);
1065 			if ((returnstat = open_tag(context, TAG_RETVAL)) != 0)
1066 				return (returnstat);
1067 
1068 			if ((returnstat = pr_adr_int32(
1069 			    context, &value, 1)) != 0)
1070 				return (returnstat);
1071 
1072 			pa_retval(value, pb, sizeof (pb));
1073 		} else {
1074 			uval.uvaltype = PRA_INT32;
1075 			if ((char)number == -1)
1076 				uval.int32_val = -1;
1077 			else
1078 				uval.int32_val = number;
1079 		}
1080 		returnstat = pa_print(context, &uval, used_ret_val);
1081 	}
1082 	if (used_ret_val) {
1083 		if (returnstat == 0)
1084 			returnstat = close_tag(context, TAG_RETVAL);
1085 		return (returnstat);
1086 	}
1087 	if (!returnstat)
1088 		if (returnstat = close_tag(context, TAG_ERRVAL))
1089 			return (returnstat);
1090 
1091 	return (process_tag(context, TAG_RETVAL, returnstat, 1));
1092 }
1093 
1094 /*
1095  * -----------------------------------------------------------------------
1096  * return_value64_token(): Process return value and display contents
1097  * return codes		: -1 - error
1098  *			:  0 - successful
1099  * NOTE: At the time of call, the return value token id has been retrieved
1100  *
1101  * Format of return value token:
1102  * 	return value token id	adr_char
1103  *	error number		adr_char
1104  *	return value		adr_int64
1105  *
1106  * HOWEVER, the 64 bit return value is a concatenation of two
1107  * 32 bit return values; the first of which is the same as is
1108  * carried in the return32 token.  The second 32 bits are ignored
1109  * here so that the displayed return token will have the same
1110  * number whether the application is 32 or 64 bits.
1111  * -----------------------------------------------------------------------
1112  */
1113 int
1114 return_value64_token(pr_context_t *context)
1115 {
1116 	int		returnstat;
1117 	uchar_t		number;
1118 	rval_t		rval;
1119 	char		pb[512];    /* print buffer */
1120 	uval_t		uval;
1121 
1122 	/*
1123 	 * Every audit record generated contains a return token.
1124 	 *
1125 	 * The return token is a special token. It indicates the success
1126 	 * or failure of the event that contains it.
1127 	 * The return64 token contains two pieces of data:
1128 	 *
1129 	 * 	char	number;
1130 	 * 	int64_t	return_value;
1131 	 *
1132 	 * For audit records generated by the kernel:
1133 	 * The kernel always puts a positive value in "number".
1134 	 * Upon success "number" is 0.
1135 	 * Upon failure "number" is a positive errno value that is less than
1136 	 * sys_nerr.
1137 	 *
1138 	 * For audit records generated at the user level:
1139 	 * Upon success "number" is 0.
1140 	 * Upon failure "number" is -1.
1141 	 *
1142 	 * For both kernel and user land the value of "return_value" is
1143 	 * arbitrary. For the kernel it contains the return value of
1144 	 * the system call. For user land it contains an arbitrary return
1145 	 * value if it is less than ADT_FAIL_VALUE; ADT_FAIL_VALUE
1146 	 * and above are messages defined in adt_event.h.   ADT_FAIL_PAM and
1147 	 * above are messages from pam_strerror().  No interpretation is done
1148 	 * on "return_value" if it is outside the range of ADT_FAIL_VALUE_* or
1149 	 * ADT_FAIL_PAM values.
1150 	 *
1151 	 * The 64 bit return value consists of two 32bit parts; for
1152 	 * system calls, the first part is the value returned by the
1153 	 * system call and the second part depends on the system call
1154 	 * implementation.  In most cases, the second part is either 0
1155 	 * or garbage; because of that, it is omitted from the praudit
1156 	 * output.
1157 	 */
1158 	if ((returnstat = open_tag(context, TAG_ERRVAL)) != 0)
1159 		return (returnstat);
1160 
1161 	if ((returnstat = pr_adr_u_char(context, &number, 1)) == 0) {
1162 		if (!(context->format & PRF_RAWM)) {
1163 			pa_error(number, pb, sizeof (pb));
1164 			uval.uvaltype = PRA_STRING;
1165 			uval.string_val = pb;
1166 			if ((returnstat = pa_print(context, &uval, 0)) != 0)
1167 				return (returnstat);
1168 
1169 			if ((returnstat = close_tag(context, TAG_ERRVAL)) != 0)
1170 				return (returnstat);
1171 			if ((returnstat = open_tag(context, TAG_RETVAL)) != 0)
1172 				return (returnstat);
1173 
1174 			if ((returnstat = pr_adr_int64(context,
1175 			    &rval.r_vals, 1)) != 0)
1176 				return (returnstat);
1177 			pa_retval(rval.r_val1, pb, sizeof (pb));
1178 		} else {
1179 			uval.uvaltype = PRA_INT32;
1180 			if ((char)number == -1)
1181 				uval.int32_val = -1;
1182 			else
1183 				uval.int32_val = number;
1184 
1185 			if ((returnstat = pa_print(context, &uval, 0)) != 0)
1186 				return (returnstat);
1187 
1188 			if ((returnstat = close_tag(context, TAG_ERRVAL)) != 0)
1189 				return (returnstat);
1190 			if ((returnstat = open_tag(context, TAG_RETVAL)) != 0)
1191 				return (returnstat);
1192 
1193 			if ((returnstat = pr_adr_int64(context,
1194 			    &rval.r_vals, 1)) != 0)
1195 				return (returnstat);
1196 			uval.int32_val = rval.r_val1;
1197 		}
1198 		returnstat = pa_print(context, &uval, 1);
1199 	} else {
1200 		return (returnstat);
1201 	}
1202 
1203 	if (returnstat == 0)
1204 		returnstat = close_tag(context, TAG_RETVAL);
1205 
1206 	return (returnstat);
1207 }
1208 
1209 /*
1210  * -----------------------------------------------------------------------
1211  * subject32_token()	: Process subject token and display contents
1212  * return codes		: -1 - error
1213  *			:  0 - successful
1214  * NOTE: At the time of call, the subject token id has been retrieved
1215  *
1216  * Format of subject token:
1217  *	subject token id	adr_char
1218  *	auid			adr_u_int32
1219  *	euid			adr_u_int32
1220  *	egid			adr_u_int32
1221  *	ruid			adr_u_int32
1222  *	egid			adr_u_int32
1223  *	pid			adr_u_int32
1224  *	sid			adr_u_int32
1225  *	tid			adr_u_int32, adr_u_int32
1226  * -----------------------------------------------------------------------
1227  */
1228 int
1229 subject32_token(pr_context_t *context)
1230 {
1231 	int	returnstat;
1232 
1233 		/* auid */
1234 	returnstat = process_tag(context, TAG_AUID, 0, 0);
1235 		/* uid */
1236 	returnstat = process_tag(context, TAG_UID, returnstat, 0);
1237 		/* gid */
1238 	returnstat = process_tag(context, TAG_GID, returnstat, 0);
1239 		/* ruid */
1240 	returnstat = process_tag(context, TAG_RUID, returnstat, 0);
1241 		/* rgid */
1242 	returnstat = process_tag(context, TAG_RGID, returnstat, 0);
1243 		/* pid */
1244 	returnstat = process_tag(context, TAG_PID, returnstat, 0);
1245 		/* sid */
1246 	returnstat = process_tag(context, TAG_SID, returnstat, 0);
1247 		/* tid */
1248 	returnstat = process_tag(context, TAG_TID32, returnstat, 1);
1249 
1250 	return (returnstat);
1251 }
1252 
1253 int
1254 subject64_token(pr_context_t *context)
1255 {
1256 	int	returnstat;
1257 
1258 		/* auid */
1259 	returnstat = process_tag(context, TAG_AUID, 0, 0);
1260 		/* uid */
1261 	returnstat = process_tag(context, TAG_UID, returnstat, 0);
1262 		/* gid */
1263 	returnstat = process_tag(context, TAG_GID, returnstat, 0);
1264 		/* ruid */
1265 	returnstat = process_tag(context, TAG_RUID, returnstat, 0);
1266 		/* rgid */
1267 	returnstat = process_tag(context, TAG_RGID, returnstat, 0);
1268 		/* pid */
1269 	returnstat = process_tag(context, TAG_PID, returnstat, 0);
1270 		/* sid */
1271 	returnstat = process_tag(context, TAG_SID, returnstat, 0);
1272 		/* tid */
1273 	returnstat = process_tag(context, TAG_TID64, returnstat, 1);
1274 
1275 	return (returnstat);
1276 }
1277 
1278 /*
1279  * -----------------------------------------------------------------------
1280  * subject_ex_token(): Process subject token and display contents
1281  * return codes		: -1 - error
1282  *			:  0 - successful
1283  * NOTE: At the time of call, the subject token id has been retrieved
1284  *
1285  * Format of extended subject token:
1286  *	subject token id	adr_char
1287  *	auid			adr_u_int32
1288  *	euid			adr_u_int32
1289  *	egid			adr_u_int32
1290  *	ruid			adr_u_int32
1291  *	egid			adr_u_int32
1292  *	pid			adr_u_int32
1293  *	sid			adr_u_int32
1294  *	tid			adr_u_int32, adr_u_int32
1295  * -----------------------------------------------------------------------
1296  */
1297 int
1298 subject32_ex_token(pr_context_t *context)
1299 {
1300 	int	returnstat;
1301 
1302 		/* auid */
1303 	returnstat = process_tag(context, TAG_AUID, 0, 0);
1304 		/* uid */
1305 	returnstat = process_tag(context, TAG_UID, returnstat, 0);
1306 		/* gid */
1307 	returnstat = process_tag(context, TAG_GID, returnstat, 0);
1308 		/* ruid */
1309 	returnstat = process_tag(context, TAG_RUID, returnstat, 0);
1310 		/* rgid */
1311 	returnstat = process_tag(context, TAG_RGID, returnstat, 0);
1312 		/* pid */
1313 	returnstat = process_tag(context, TAG_PID, returnstat, 0);
1314 		/* sid */
1315 	returnstat = process_tag(context, TAG_SID, returnstat, 0);
1316 		/* tid */
1317 	returnstat = process_tag(context, TAG_TID32_EX, returnstat, 1);
1318 
1319 	return (returnstat);
1320 }
1321 
1322 int
1323 subject64_ex_token(pr_context_t *context)
1324 {
1325 	int	returnstat;
1326 
1327 		/* auid */
1328 	returnstat = process_tag(context, TAG_AUID, 0, 0);
1329 		/* uid */
1330 	returnstat = process_tag(context, TAG_UID, returnstat, 0);
1331 		/* gid */
1332 	returnstat = process_tag(context, TAG_GID, returnstat, 0);
1333 		/* ruid */
1334 	returnstat = process_tag(context, TAG_RUID, returnstat, 0);
1335 		/* rgid */
1336 	returnstat = process_tag(context, TAG_RGID, returnstat, 0);
1337 		/* pid */
1338 	returnstat = process_tag(context, TAG_PID, returnstat, 0);
1339 		/* sid */
1340 	returnstat = process_tag(context, TAG_SID, returnstat, 0);
1341 		/* tid */
1342 	returnstat = process_tag(context, TAG_TID64_EX, returnstat, 1);
1343 
1344 	return (returnstat);
1345 }
1346 
1347 /*
1348  * -----------------------------------------------------------------------
1349  * s5_IPC_token()	: Process System V IPC token and display contents
1350  * return codes		: -1 - error
1351  *			:  0 - successful
1352  * NOTE: At the time of call, the System V IPC id has been retrieved
1353  *
1354  * Format of System V IPC token:
1355  *	System V IPC token id	adr_char
1356  *	object id		adr_int32
1357  * -----------------------------------------------------------------------
1358  */
1359 int
1360 s5_IPC_token(pr_context_t *context)
1361 {
1362 	int	returnstat;
1363 	uchar_t ipctype;
1364 	uval_t	uval;
1365 
1366 	/*
1367 	 * TRANSLATION_NOTE
1368 	 * These names refer to the type of System V IPC object:
1369 	 * message queue, semaphore, shared memory.
1370 	 */
1371 
1372 	if (pr_adr_u_char(context, &ipctype, 1) == 0) {
1373 		if ((returnstat = open_tag(context, TAG_IPCTYPE)) != 0)
1374 			return (returnstat);
1375 
1376 		if (!(context->format & PRF_RAWM)) {
1377 			/* print in ASCII form */
1378 			uval.uvaltype = PRA_STRING;
1379 			switch (ipctype) {
1380 			case AT_IPC_MSG:
1381 				uval.string_val = gettext("msg");
1382 				break;
1383 			case AT_IPC_SEM:
1384 				uval.string_val = gettext("sem");
1385 				break;
1386 			case AT_IPC_SHM:
1387 				uval.string_val = gettext("shm");
1388 				break;
1389 			}
1390 			returnstat = pa_print(context, &uval, 0);
1391 		}
1392 		/* print in integer form */
1393 		if ((context->format & PRF_RAWM) || (returnstat == 1)) {
1394 			uval.uvaltype = PRA_BYTE;
1395 			uval.char_val = ipctype;
1396 			returnstat = pa_print(context, &uval, 0);
1397 		}
1398 		if ((returnstat = close_tag(context, TAG_IPCTYPE)) != 0)
1399 			return (returnstat);
1400 
1401 		/* next get and print ipc id */
1402 		return (process_tag(context, TAG_IPCID, returnstat, 1));
1403 	} else {
1404 		/* cannot retrieve ipc type */
1405 		return (-1);
1406 	}
1407 }
1408 
1409 /*
1410  * -----------------------------------------------------------------------
1411  * text_token()	: Process text token and display contents
1412  * return codes	: -1 - error
1413  *		:  0 - successful
1414  * NOTE: At the time of call, the text token id has been retrieved
1415  *
1416  * Format of text token:
1417  *	text token id		adr_char
1418  * 	text			adr_string
1419  * -----------------------------------------------------------------------
1420  */
1421 int
1422 text_token(pr_context_t *context)
1423 {
1424 	return (pa_adr_string(context, 0, 1));
1425 }
1426 
1427 /*
1428  * -----------------------------------------------------------------------
1429  * tid_token()		: Process a generic terminal id token / AUT_TID
1430  * return codes 	: -1 - error
1431  *			:  0 - successful
1432  * NOTE: At the time of call, the token id has been retrieved
1433  *
1434  * Format of tid token:
1435  *	ip token id	adr_char
1436  *	terminal type	adr_char
1437  *  terminal type = AU_IPADR:
1438  *	remote port:	adr_short
1439  *	local port:	adr_short
1440  *	IP type:	adt_int32 -- AU_IPv4 or AU_IPv6
1441  *	address:	adr_int32 if IPv4, else 4 * adr_int32
1442  * -----------------------------------------------------------------------
1443  */
1444 int
1445 tid_token(pr_context_t *context)
1446 {
1447 	int		returnstat;
1448 	uchar_t		type;
1449 	uval_t		uval;
1450 
1451 	if ((returnstat = pr_adr_u_char(context, &type, 1)) != 0)
1452 		return (returnstat);
1453 	uval.uvaltype = PRA_STRING;
1454 	if ((returnstat = open_tag(context, TAG_TID_TYPE)) != 0)
1455 		return (returnstat);
1456 
1457 	switch (type) {
1458 	default:
1459 		return (-1);	/* other than IP type is not implemented */
1460 	case AU_IPADR:
1461 		uval.string_val = "ip";
1462 		returnstat = pa_print(context, &uval, 0);
1463 		returnstat = close_tag(context, TAG_TID_TYPE);
1464 		returnstat = open_tag(context, TAG_IP);
1465 		returnstat = process_tag(context, TAG_IP_REMOTE, returnstat, 0);
1466 		returnstat = process_tag(context, TAG_IP_LOCAL, returnstat, 0);
1467 		returnstat = process_tag(context, TAG_IP_ADR, returnstat, 1);
1468 		returnstat = close_tag(context, TAG_IP);
1469 		break;
1470 	}
1471 	return (returnstat);
1472 }
1473 
1474 /*
1475  * -----------------------------------------------------------------------
1476  * ip_addr_token() 	: Process ip token and display contents
1477  * return codes 	: -1 - error
1478  *			:  0 - successful
1479  * NOTE: At the time of call, the ip token id has been retrieved
1480  *
1481  * Format of ip address token:
1482  *	ip token id	adr_char
1483  *	address		adr_int32 (printed in hex)
1484  * -----------------------------------------------------------------------
1485  */
1486 
1487 int
1488 ip_addr_token(pr_context_t *context)
1489 {
1490 	return (pa_hostname(context, 0, 1));
1491 }
1492 
1493 int
1494 ip_addr_ex_token(pr_context_t *context)
1495 {
1496 	int	returnstat;
1497 	uint32_t	ip_addr[16];
1498 	uint32_t	ip_type;
1499 	struct in_addr	ia;
1500 	char		*ipstring;
1501 	char		buf[256];
1502 	uval_t		uval;
1503 
1504 	/* get address type */
1505 	if ((returnstat = pr_adr_u_int32(context, &ip_type, 1)) != 0)
1506 		return (returnstat);
1507 
1508 	/* legal address types are either AU_IPv4 or AU_IPv6 only */
1509 	if ((ip_type != AU_IPv4) && (ip_type != AU_IPv6))
1510 		return (-1);
1511 
1512 	/* get address (4/16) */
1513 	if ((returnstat = pr_adr_char(context, (char *)ip_addr, ip_type)) != 0)
1514 		return (returnstat);
1515 
1516 	uval.uvaltype = PRA_STRING;
1517 	if (ip_type == AU_IPv4) {
1518 		uval.string_val = buf;
1519 
1520 		if (!(context->format & PRF_RAWM)) {
1521 			get_Hname(ip_addr[0], buf, sizeof (buf));
1522 			return (pa_print(context, &uval, 1));
1523 		}
1524 
1525 		ia.s_addr = ip_addr[0];
1526 		if ((ipstring = inet_ntoa(ia)) == NULL)
1527 			return (-1);
1528 
1529 		(void) snprintf(buf, sizeof (buf), "%s", ipstring);
1530 
1531 	} else {
1532 		uval.string_val = buf;
1533 
1534 		if (!(context->format & PRF_RAWM)) {
1535 			get_Hname_ex(ip_addr, buf, sizeof (buf));
1536 			return (pa_print(context, &uval, 1));
1537 		}
1538 
1539 		(void) inet_ntop(AF_INET6, (void *) ip_addr, buf,
1540 		    sizeof (buf));
1541 
1542 	}
1543 
1544 	return (pa_print(context, &uval, 1));
1545 }
1546 
1547 /*
1548  * -----------------------------------------------------------------------
1549  * ip_token()		: Process ip header token and display contents
1550  * return codes 	: -1 - error
1551  *			:  0 - successful
1552  * NOTE: At the time of call, the ip token id has been retrieved
1553  *
1554  * Format of ip header token:
1555  *	ip header token id	adr_char
1556  *	version			adr_char (printed in hex)
1557  *	type of service		adr_char (printed in hex)
1558  *	length			adr_short
1559  *	id			adr_u_short
1560  *	offset			adr_u_short
1561  *	ttl			adr_char (printed in hex)
1562  *	protocol		adr_char (printed in hex)
1563  *	checksum		adr_u_short
1564  *	source address		adr_int32 (printed in hex)
1565  *	destination address	adr_int32 (printed in hex)
1566  * -----------------------------------------------------------------------
1567  */
1568 int
1569 ip_token(pr_context_t *context)
1570 {
1571 	int	returnstat;
1572 
1573 	returnstat = process_tag(context, TAG_IPVERS, 0, 0);
1574 	returnstat = process_tag(context, TAG_IPSERV, returnstat, 0);
1575 	returnstat = process_tag(context, TAG_IPLEN, returnstat, 0);
1576 	returnstat = process_tag(context, TAG_IPID, returnstat, 0);
1577 	returnstat = process_tag(context, TAG_IPOFFS, returnstat, 0);
1578 	returnstat = process_tag(context, TAG_IPTTL, returnstat, 0);
1579 	returnstat = process_tag(context, TAG_IPPROTO, returnstat, 0);
1580 	returnstat = process_tag(context, TAG_IPCKSUM, returnstat, 0);
1581 	returnstat = process_tag(context, TAG_IPSRC, returnstat, 0);
1582 	returnstat = process_tag(context, TAG_IPDEST, returnstat, 1);
1583 
1584 	return (returnstat);
1585 }
1586 
1587 /*
1588  * -----------------------------------------------------------------------
1589  * iport_token() 	: Process ip port address token and display contents
1590  * return codes		: -1 - error
1591  *			:  0 - successful
1592  * NOTE: At time of call, the ip port address token id has been retrieved
1593  *
1594  * Format of ip port token:
1595  *	ip port address token id	adr_char
1596  *	port address			adr_short (in hex)
1597  * -----------------------------------------------------------------------
1598  */
1599 int
1600 iport_token(pr_context_t *context)
1601 {
1602 	return (pa_adr_shorthex(context, 0, 1));
1603 }
1604 
1605 /*
1606  * -----------------------------------------------------------------------
1607  * socket_token() 	: Process socket token and display contents
1608  * return codes		: -1 - error
1609  *			:  0 - successful
1610  * NOTE: At time of call, the socket token id has been retrieved
1611  *
1612  * Format of socket token:
1613  *	ip socket token id		adr_char
1614  *	socket type			adr_short (in hex)
1615  *	foreign port			adr_short (in hex)
1616  *	foreign internet address	adr_hostname/adr_int32 (in ascii/hex)
1617  * -----------------------------------------------------------------------
1618  *
1619  * Note: local port and local internet address have been removed for 5.x
1620  */
1621 int
1622 socket_token(pr_context_t *context)
1623 {
1624 	int	returnstat;
1625 
1626 	returnstat = process_tag(context, TAG_SOCKTYPE, 0, 0);
1627 	returnstat = process_tag(context, TAG_SOCKPORT, returnstat, 0);
1628 	if (returnstat != 0)
1629 		return (returnstat);
1630 
1631 	if ((returnstat = open_tag(context, TAG_SOCKADDR)) != 0)
1632 		return (returnstat);
1633 
1634 	if ((returnstat = pa_hostname(context, returnstat, 1)) != 0)
1635 		return (returnstat);
1636 
1637 	return (close_tag(context, TAG_SOCKADDR));
1638 }
1639 
1640 /*
1641  * -----------------------------------------------------------------------
1642  * socket_ex_token()	: Process socket token and display contents
1643  * return codes		: -1 - error
1644  *			:  0 - successful
1645  * NOTE: At time of call, the extended socket token id has been retrieved
1646  *
1647  * Format of extended socket token:
1648  *	token id			adr_char
1649  *	socket domain			adr_short (in hex)
1650  *	socket type			adr_short (in hex)
1651  *	IP address type			adr_short (in hex) [not displayed]
1652  *	local port			adr_short (in hex)
1653  *	local internet address		adr_hostname/adr_int32 (in ascii/hex)
1654  *	foreign port			adr_short (in hex)
1655  *	foreign internet address	adr_hostname/adr_int32 (in ascii/hex)
1656  * -----------------------------------------------------------------------
1657  *
1658  * Note: local port and local internet address have been removed for 5.x
1659  */
1660 int
1661 socket_ex_token(pr_context_t *context)
1662 {
1663 	int	returnstat;
1664 
1665 	returnstat = process_tag(context, TAG_SOCKEXDOM, 0, 0);
1666 	returnstat = process_tag(context, TAG_SOCKEXTYPE, returnstat, 0);
1667 	returnstat = pa_hostname_so(context, returnstat, 1);
1668 
1669 	return (returnstat);
1670 }
1671 
1672 /*
1673  * -----------------------------------------------------------------------
1674  * sequence_token()	: Process sequence token and display contents
1675  * return codes		: -1 - error
1676  *			:  0 - successful
1677  * NOTE: At time of call, the socket token id has been retrieved
1678  *
1679  * Format of sequence token:
1680  *	sequence token id		adr_char
1681  *	sequence number 		adr_u_int32 (in hex)
1682  * -----------------------------------------------------------------------
1683  */
1684 int
1685 sequence_token(pr_context_t *context)
1686 {
1687 	return (process_tag(context, TAG_SEQNUM, 0, 1));
1688 }
1689 
1690 /*
1691  * -----------------------------------------------------------------------
1692  * acl_token()	: Process access control list term
1693  * return codes	: -1 - error
1694  *		:  0 - successful
1695  *
1696  * Format of acl token:
1697  *	token id	adr_char
1698  *	term type	adr_u_int32
1699  *	term value	adr_u_int32 (depends on type)
1700  *	file mode	adr_u_int (in octal)
1701  * -----------------------------------------------------------------------
1702  */
1703 int
1704 acl_token(pr_context_t *context)
1705 {
1706 	int	returnstat;
1707 
1708 	returnstat = pa_pw_uid_gr_gid(context, 0, 0);
1709 
1710 	return (process_tag(context, TAG_MODE, returnstat, 1));
1711 }
1712 
1713 /*
1714  * -----------------------------------------------------------------------
1715  * attribute_token()	: Process attribute token and display contents
1716  * return codes 	: -1 - error
1717  *			:  0 - successful
1718  * NOTE: At the time of call, the attribute token id has been retrieved
1719  *
1720  * Format of attribute token:
1721  *	attribute token id	adr_char
1722  * 	mode			adr_u_int (printed in octal)
1723  *	uid			adr_u_int
1724  *	gid			adr_u_int
1725  *	file system id		adr_int
1726  *
1727  *	node id			adr_int		(attribute_token
1728  *						 pre SunOS 5.7)
1729  *	device			adr_u_int
1730  * or
1731  *	node id			adr_int64	(attribute32_token)
1732  *	device			adr_u_int
1733  * or
1734  *	node id			adr_int64	(attribute64_token)
1735  *	device			adr_u_int64
1736  * -----------------------------------------------------------------------
1737  */
1738 int
1739 attribute_token(pr_context_t *context)
1740 {
1741 	int	returnstat;
1742 
1743 	returnstat = process_tag(context, TAG_MODE, 0, 0);
1744 	returnstat = process_tag(context, TAG_UID, returnstat, 0);
1745 	returnstat = process_tag(context, TAG_GID, returnstat, 0);
1746 	returnstat = process_tag(context, TAG_FSID, returnstat, 0);
1747 	returnstat = process_tag(context, TAG_NODEID32, returnstat, 0);
1748 	returnstat = process_tag(context, TAG_DEVICE32, returnstat, 1);
1749 
1750 	return (returnstat);
1751 }
1752 
1753 int
1754 attribute32_token(pr_context_t *context)
1755 {
1756 	int	returnstat;
1757 
1758 	returnstat = process_tag(context, TAG_MODE, 0, 0);
1759 	returnstat = process_tag(context, TAG_UID, returnstat, 0);
1760 	returnstat = process_tag(context, TAG_GID, returnstat, 0);
1761 	returnstat = process_tag(context, TAG_FSID, returnstat, 0);
1762 	returnstat = process_tag(context, TAG_NODEID64, returnstat, 0);
1763 	returnstat = process_tag(context, TAG_DEVICE32, returnstat, 1);
1764 
1765 	return (returnstat);
1766 }
1767 
1768 int
1769 attribute64_token(pr_context_t *context)
1770 {
1771 	int	returnstat;
1772 
1773 	returnstat = process_tag(context, TAG_MODE, 0, 0);
1774 	returnstat = process_tag(context, TAG_UID, returnstat, 0);
1775 	returnstat = process_tag(context, TAG_GID, returnstat, 0);
1776 	returnstat = process_tag(context, TAG_FSID, returnstat, 0);
1777 	returnstat = process_tag(context, TAG_NODEID64, returnstat, 0);
1778 	returnstat = process_tag(context, TAG_DEVICE64, returnstat, 1);
1779 
1780 	return (returnstat);
1781 }
1782 
1783 /*
1784  * -----------------------------------------------------------------------
1785  * group_token() 	: Process group token and display contents
1786  * return codes 	: -1 - error
1787  *			:  0 - successful
1788  * NOTE: At the time of call, the group token id has been retrieved
1789  *
1790  * Format of group token:
1791  *	group token id		adr_char
1792  *	group list		adr_long, 16 times
1793  * -----------------------------------------------------------------------
1794  */
1795 int
1796 group_token(pr_context_t *context)
1797 {
1798 	int	returnstat = 0;
1799 	int	i;
1800 
1801 	for (i = 0; i < NGROUPS_MAX - 1; i++) {
1802 		if ((returnstat = process_tag(context, TAG_GROUPID,
1803 		    returnstat, 0)) < 0)
1804 			return (returnstat);
1805 	}
1806 
1807 	return (process_tag(context, TAG_GROUPID, returnstat, 1));
1808 }
1809 
1810 /*
1811  * -----------------------------------------------------------------------
1812  * newgroup_token() 	: Process group token and display contents
1813  * return codes 	: -1 - error
1814  *			:  0 - successful
1815  * NOTE: At the time of call, the group token id has been retrieved
1816  *
1817  * Format of new group token:
1818  *	group token id		adr_char
1819  *	group number		adr_short
1820  *	group list		adr_int32, group number times
1821  * -----------------------------------------------------------------------
1822  */
1823 int
1824 newgroup_token(pr_context_t *context)
1825 {
1826 	int	returnstat;
1827 	int	i, num;
1828 	short	n_groups;
1829 
1830 	returnstat = pr_adr_short(context, &n_groups, 1);
1831 	if (returnstat != 0)
1832 		return (returnstat);
1833 
1834 	num = (int)n_groups;
1835 	if (num == 0) {
1836 		if (!(context->format & PRF_XMLM)) {
1837 			returnstat = do_newline(context, 1);
1838 		}
1839 		return (returnstat);
1840 	}
1841 	for (i = 0; i < num - 1; i++) {
1842 		if ((returnstat = process_tag(context, TAG_GROUPID,
1843 		    returnstat, 0)) < 0)
1844 			return (returnstat);
1845 	}
1846 
1847 	return (process_tag(context, TAG_GROUPID, returnstat, 1));
1848 }
1849 
1850 static int
1851 string_token_common(pr_context_t *context, int tag)
1852 {
1853 	int	returnstat;
1854 	int	num;
1855 
1856 	returnstat = pr_adr_int32(context, (int32_t *)&num, 1);
1857 	if (returnstat != 0)
1858 		return (returnstat);
1859 
1860 	if (!(context->format & PRF_XMLM)) {
1861 		returnstat = pr_printf(context, "%d%s", num,
1862 		    context->SEPARATOR);
1863 		if (returnstat != 0)
1864 			return (returnstat);
1865 	}
1866 
1867 	if (num == 0)
1868 		return (0);
1869 
1870 	for (; num > 1; num--) {
1871 		if ((returnstat = (process_tag(context, tag,
1872 		    returnstat, 0))) < 0)
1873 			return (returnstat);
1874 	}
1875 
1876 	return (process_tag(context, tag, returnstat, 1));
1877 }
1878 
1879 int
1880 path_attr_token(pr_context_t *context)
1881 {
1882 	return (string_token_common(context, TAG_XAT));
1883 }
1884 
1885 int
1886 exec_args_token(pr_context_t *context)
1887 {
1888 	return (string_token_common(context, TAG_ARG));
1889 }
1890 
1891 int
1892 exec_env_token(pr_context_t *context)
1893 {
1894 	return (string_token_common(context, TAG_ENV));
1895 }
1896 
1897 /*
1898  * -----------------------------------------------------------------------
1899  * s5_IPC_perm_token() : Process System V IPC permission token and display
1900  *			 contents
1901  * return codes 	: -1 - error
1902  *			:  0 - successful
1903  * NOTE: At the time of call, the System V IPC permission token id
1904  * has been retrieved
1905  *
1906  * Format of System V IPC permission token:
1907  *	System V IPC permission token id	adr_char
1908  * 	uid					adr_u_int32
1909  *	gid					adr_u_int32
1910  *	cuid					adr_u_int32
1911  *	cgid					adr_u_int32
1912  *	mode					adr_u_int32
1913  *	seq					adr_u_int32
1914  *	key					adr_int32
1915  * -----------------------------------------------------------------------
1916  */
1917 int
1918 s5_IPC_perm_token(pr_context_t *context)
1919 {
1920 	int	returnstat;
1921 
1922 	returnstat = process_tag(context, TAG_UID, 0, 0);
1923 	returnstat = process_tag(context, TAG_GID, returnstat, 0);
1924 	returnstat = process_tag(context, TAG_CUID, returnstat, 0);
1925 	returnstat = process_tag(context, TAG_CGID, returnstat, 0);
1926 	returnstat = process_tag(context, TAG_MODE, returnstat, 0);
1927 	returnstat = process_tag(context, TAG_SEQ, returnstat, 0);
1928 	returnstat = process_tag(context, TAG_KEY, returnstat, 1);
1929 
1930 	return (returnstat);
1931 }
1932 
1933 /*
1934  * -----------------------------------------------------------------------
1935  * host_token()	: Process host token and display contents
1936  * return codes	: -1 - error
1937  *		:  0 - successful
1938  * NOTE: At the time of call, the host token id has been retrieved
1939  *
1940  * Format of host token:
1941  *	host token id		adr_char
1942  *	hostid			adr_u_int32
1943  * -----------------------------------------------------------------------
1944  */
1945 int
1946 host_token(pr_context_t *context)
1947 {
1948 	return (pa_hostname(context, 0, 1));
1949 }
1950 
1951 /*
1952  * -----------------------------------------------------------------------
1953  * liaison_token()	: Process liaison token and display contents
1954  * return codes 	: -1 - error
1955  *			:  0 - successful
1956  * NOTE: At the time of call, the liaison token id has been retrieved
1957  *
1958  * Format of liaison token:
1959  *	liaison token id	adr_char
1960  *	liaison			adr_u_int32
1961  * -----------------------------------------------------------------------
1962  */
1963 int
1964 liaison_token(pr_context_t *context)
1965 {
1966 	return (pa_liaison(context, 0, 1));
1967 }
1968 
1969 /*
1970  * -----------------------------------------------------------------------
1971  * useofauth_token(): Process useofauth token and display contents
1972  * return codes	: -1 - error
1973  *		:  0 - successful
1974  * NOTE: At the time of call, the uauth token id has been retrieved
1975  *
1976  * Format of useofauth token:
1977  *	uauth token id		adr_char
1978  * 	uauth			adr_string
1979  * -----------------------------------------------------------------------
1980  */
1981 int
1982 useofauth_token(pr_context_t *context)
1983 {
1984 	return (pa_adr_string(context, 0, 1));
1985 }
1986 
1987 /*
1988  * -----------------------------------------------------------------------
1989  * zonename_token(): Process zonename token and display contents
1990  * return codes	: -1 - error
1991  *		:  0 - successful
1992  * NOTE: At the time of call, the zonename token id has been retrieved
1993  *
1994  * Format of zonename token:
1995  *	zonename token id	adr_char
1996  * 	zone name		adr_string
1997  * -----------------------------------------------------------------------
1998  */
1999 int
2000 zonename_token(pr_context_t *context)
2001 {
2002 	return (process_tag(context, TAG_ZONENAME, 0, 1));
2003 }
2004 
2005 /*
2006  * -----------------------------------------------------------------------
2007  * fmri_token(): Process fmri token and display contents
2008  * return codes	: -1 - error
2009  *		:  0 - successful
2010  * NOTE: At the time of call, the fmri token id has been retrieved
2011  *
2012  * Format of fmri token:
2013  *	fmri token id		adr_char
2014  * 	service instance name	adr_string
2015  * -----------------------------------------------------------------------
2016  */
2017 int
2018 fmri_token(pr_context_t *context)
2019 {
2020 	return (pa_adr_string(context, 0, 1));
2021 }
2022 
2023 /*
2024  * -----------------------------------------------------------------------
2025  * xatom_token()	: Process Xatom token and display contents in hex.
2026  * return codes		: -1 - error
2027  *			:  0 - successful
2028  * NOTE: At the time of call, the xatom token id has been retrieved
2029  *
2030  * Format of xatom token:
2031  *	token id		adr_char
2032  * 	length			adr_short
2033  * 	atom			adr_char length times
2034  * -----------------------------------------------------------------------
2035  */
2036 int
2037 xatom_token(pr_context_t *context)
2038 {
2039 	return (pa_adr_string(context, 0, 1));
2040 }
2041 
2042 int
2043 xcolormap_token(pr_context_t *context)
2044 {
2045 	return (pa_xgeneric(context));
2046 }
2047 
2048 int
2049 xcursor_token(pr_context_t *context)
2050 {
2051 	return (pa_xgeneric(context));
2052 }
2053 
2054 int
2055 xfont_token(pr_context_t *context)
2056 {
2057 	return (pa_xgeneric(context));
2058 }
2059 
2060 int
2061 xgc_token(pr_context_t *context)
2062 {
2063 	return (pa_xgeneric(context));
2064 }
2065 
2066 int
2067 xpixmap_token(pr_context_t *context)
2068 {
2069 	return (pa_xgeneric(context));
2070 }
2071 
2072 int
2073 xwindow_token(pr_context_t *context)
2074 {
2075 	return (pa_xgeneric(context));
2076 }
2077 
2078 /*
2079  * -----------------------------------------------------------------------
2080  * xproperty_token(): Process Xproperty token and display contents
2081  *
2082  * return codes		: -1 - error
2083  *			:  0 - successful
2084  * NOTE: At the time of call, the xproperty token id has been retrieved
2085  *
2086  * Format of xproperty token:
2087  *	token id		adr_char
2088  *	XID			adr_u_int32
2089  *	creator UID		adr_u_int32
2090  *	text			adr_text
2091  * -----------------------------------------------------------------------
2092  */
2093 int
2094 xproperty_token(pr_context_t *context)
2095 {
2096 	int	returnstat;
2097 
2098 	returnstat = process_tag(context, TAG_XID, 0, 0);
2099 	returnstat = process_tag(context, TAG_XCUID, returnstat, 0);
2100 
2101 	/* Done with attributes; force end of token open */
2102 	if (returnstat == 0)
2103 		returnstat = finish_open_tag(context);
2104 
2105 	returnstat = pa_adr_string(context, returnstat, 1);
2106 
2107 	return (returnstat);
2108 }
2109 
2110 /*
2111  * -----------------------------------------------------------------------
2112  * xselect_token(): Process Xselect token and display contents in hex
2113  *
2114  * return codes		: -1 - error
2115  *			:  0 - successful
2116  * NOTE: At the time of call, the xselect token id has been retrieved
2117  *
2118  * Format of xselect token
2119  *	text token id		adr_char
2120  * 	property text		adr_string
2121  * 	property type		adr_string
2122  * 	property data		adr_string
2123  * -----------------------------------------------------------------------
2124  */
2125 int
2126 xselect_token(pr_context_t *context)
2127 {
2128 	int	returnstat;
2129 
2130 	returnstat = process_tag(context, TAG_XSELTEXT, 0, 0);
2131 	returnstat = process_tag(context, TAG_XSELTYPE, returnstat, 0);
2132 	returnstat = process_tag(context, TAG_XSELDATA, returnstat, 1);
2133 
2134 	return (returnstat);
2135 }
2136 
2137 /*
2138  * -----------------------------------------------------------------------
2139  * xclient_token(): Process Xclient token and display contents in hex.
2140  *
2141  * return codes		: -1 - error
2142  *			:  0 - successful
2143  *
2144  * Format of xclient token:
2145  *	token id		adr_char
2146  * 	client			adr_int32
2147  * -----------------------------------------------------------------------
2148  */
2149 int
2150 xclient_token(pr_context_t *context)
2151 {
2152 	return (pa_adr_int32(context, 0, 1));
2153 }
2154 
2155 /*
2156  * -----------------------------------------------------------------------
2157  * label_token() 	: Process label token and display contents
2158  * return codes 	: -1 - error
2159  *			: 0 - successful
2160  * NOTE: At the time of call, the label token id has been retrieved
2161  *
2162  * Format of label token:
2163  *	label token id			adr_char
2164  *      label ID                	adr_char
2165  *      label compartment length	adr_char
2166  *      label classification		adr_short
2167  *      label compartment words		<compartment length> * 4 adr_char
2168  * -----------------------------------------------------------------------
2169  */
2170 /*ARGSUSED*/
2171 int
2172 label_token(pr_context_t *context)
2173 {
2174 	static m_label_t *label = NULL;
2175 	static size_t l_size;
2176 	int	len;
2177 	int	returnstat;
2178 	uval_t	uval;
2179 
2180 	if (label == NULL) {
2181 		if ((label = m_label_alloc(MAC_LABEL)) == NULL) {
2182 			return (-1);
2183 		}
2184 		l_size = blabel_size() - 4;
2185 	}
2186 	if ((returnstat = pr_adr_char(context, (char *)label, 4)) == 0) {
2187 		len = (int)(((char *)label)[1] * 4);
2188 		if ((len > l_size) ||
2189 		    (pr_adr_char(context, &((char *)label)[4], len) != 0)) {
2190 			return (-1);
2191 		}
2192 		uval.uvaltype = PRA_STRING;
2193 		if (!(context->format & PRF_RAWM)) {
2194 			/* print in ASCII form */
2195 			if (label_to_str(label, &uval.string_val, M_LABEL,
2196 			    DEF_NAMES) == 0) {
2197 				returnstat = pa_print(context, &uval, 1);
2198 			} else /* cannot convert to string */
2199 				returnstat = 1;
2200 		}
2201 		/* print in hexadecimal form */
2202 		if ((context->format & PRF_RAWM) || (returnstat == 1)) {
2203 			uval.string_val = hexconvert((char *)label, len, len);
2204 			if (uval.string_val) {
2205 				returnstat = pa_print(context, &uval, 1);
2206 			}
2207 		}
2208 		free(uval.string_val);
2209 	}
2210 	return (returnstat);
2211 }
2212 
2213 /*
2214  * -----------------------------------------------------------------------
2215  * useofpriv_token() : Process priv token and display contents
2216  * return codes 	: -1 - error
2217  *			:  0 - successful
2218  * NOTE: At the time of call, the useofpriv token id has been retrieved
2219  *
2220  * Format of useofpriv token:
2221  *	useofpriv token id	adr_char
2222  *	success/failure flag	adr_char
2223  *	priv			adr_int32 (Trusted Solaris)
2224  *	priv_set		'\0' separated privileges.
2225  * -----------------------------------------------------------------------
2226  */
2227 /*ARGSUSED*/
2228 int
2229 useofpriv_token(pr_context_t *context)
2230 {
2231 	int	returnstat;
2232 	char	sf;
2233 	uval_t	uval;
2234 
2235 	if ((returnstat = pr_adr_char(context, &sf, 1)) != 0) {
2236 		return (returnstat);
2237 	}
2238 	if (!(context->format & PRF_RAWM)) {
2239 		/* print in ASCII form */
2240 
2241 		if ((returnstat = open_tag(context, TAG_RESULT)) != 0)
2242 			return (returnstat);
2243 
2244 		uval.uvaltype = PRA_STRING;
2245 		if (sf) {
2246 			uval.string_val = gettext("successful use of priv");
2247 			returnstat = pa_print(context, &uval, 0);
2248 		} else {
2249 			uval.string_val = gettext("failed use of priv");
2250 			returnstat = pa_print(context, &uval, 0);
2251 		}
2252 		if (returnstat == 0)
2253 			returnstat = close_tag(context, TAG_RESULT);
2254 
2255 		/* Done with attributes; force end of token open */
2256 		if (returnstat == 0)
2257 			returnstat = finish_open_tag(context);
2258 	} else {
2259 		/* print in hexadecimal form */
2260 		if ((returnstat = open_tag(context, TAG_RESULT)) != 0)
2261 			return (returnstat);
2262 		uval.uvaltype = PRA_SHORT;
2263 		uval.short_val = sf;
2264 		returnstat = pa_print(context, &uval, 0);
2265 		if (returnstat == 0)
2266 			returnstat = close_tag(context, TAG_RESULT);
2267 
2268 		/* Done with attributes; force end of token open */
2269 		if (returnstat == 0)
2270 			returnstat = finish_open_tag(context);
2271 	}
2272 	return (pa_adr_string(context, 0, 1));
2273 }
2274 
2275 /*
2276  * -----------------------------------------------------------------------
2277  * privilege_token()	: Process privilege token and display contents
2278  * return codes 	: -1 - error
2279  *			:  0 - successful
2280  * NOTE: At the time of call, the privilege token id has been retrieved
2281  *
2282  * Format of privilege token:
2283  *	privilege token id	adr_char
2284  *	privilege type		adr_string
2285  *	privilege		adr_string
2286  * -----------------------------------------------------------------------
2287  */
2288 int
2289 privilege_token(pr_context_t *context)
2290 {
2291 	int	returnstat;
2292 
2293 	/* privilege type: */
2294 	returnstat = process_tag(context, TAG_SETTYPE, 0, 0);
2295 
2296 	/* Done with attributes; force end of token open */
2297 	if (returnstat == 0)
2298 		returnstat = finish_open_tag(context);
2299 
2300 	/* privilege: */
2301 	return (pa_adr_string(context, returnstat, 1));
2302 }
2303