17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate * CDDL HEADER START
37c478bd9Sstevel@tonic-gate *
47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the
57c478bd9Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only
67c478bd9Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance
77c478bd9Sstevel@tonic-gate * with the License.
87c478bd9Sstevel@tonic-gate *
97c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
107c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
117c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions
127c478bd9Sstevel@tonic-gate * and limitations under the License.
137c478bd9Sstevel@tonic-gate *
147c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
157c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
167c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
177c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
187c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
197c478bd9Sstevel@tonic-gate *
207c478bd9Sstevel@tonic-gate * CDDL HEADER END
217c478bd9Sstevel@tonic-gate */
227c478bd9Sstevel@tonic-gate /*
237c478bd9Sstevel@tonic-gate * Copyright 1992 Sun Microsystems, Inc. All rights reserved.
247c478bd9Sstevel@tonic-gate * Use is subject to license terms.
257c478bd9Sstevel@tonic-gate */
267c478bd9Sstevel@tonic-gate
27*5d54f3d8Smuffin #pragma ident "%Z%%M% %I% %E% SMI"
287c478bd9Sstevel@tonic-gate
297c478bd9Sstevel@tonic-gate #include <stdio.h>
307c478bd9Sstevel@tonic-gate #include <string.h>
317c478bd9Sstevel@tonic-gate #include <sys/types.h>
327c478bd9Sstevel@tonic-gate #include <sys/label.h>
337c478bd9Sstevel@tonic-gate #include <sys/audit.h>
347c478bd9Sstevel@tonic-gate #include <auevents.h>
357c478bd9Sstevel@tonic-gate
367c478bd9Sstevel@tonic-gate #define ON 1
377c478bd9Sstevel@tonic-gate #define OK 0
387c478bd9Sstevel@tonic-gate #define OFF -1
397c478bd9Sstevel@tonic-gate #define COMMA ','
407c478bd9Sstevel@tonic-gate #define COMMASTR ","
417c478bd9Sstevel@tonic-gate
427c478bd9Sstevel@tonic-gate #define COMMON 0
437c478bd9Sstevel@tonic-gate #define SUCCESS 1
447c478bd9Sstevel@tonic-gate #define FAILURE 2
457c478bd9Sstevel@tonic-gate
467c478bd9Sstevel@tonic-gate #define MAXFLDLEN 25
477c478bd9Sstevel@tonic-gate #define MAXSTRLEN 360
487c478bd9Sstevel@tonic-gate #define MAXEVENT 11
497c478bd9Sstevel@tonic-gate
507c478bd9Sstevel@tonic-gate /* GLOBALS */
517c478bd9Sstevel@tonic-gate
527c478bd9Sstevel@tonic-gate static int length;
537c478bd9Sstevel@tonic-gate static int pos = 0;
547c478bd9Sstevel@tonic-gate
557c478bd9Sstevel@tonic-gate struct list {
567c478bd9Sstevel@tonic-gate short count;
577c478bd9Sstevel@tonic-gate short on[MAXEVENT+1];
587c478bd9Sstevel@tonic-gate short off;
597c478bd9Sstevel@tonic-gate };
607c478bd9Sstevel@tonic-gate typedef struct list list_t;
617c478bd9Sstevel@tonic-gate
627c478bd9Sstevel@tonic-gate struct exception {
637c478bd9Sstevel@tonic-gate short type;
647c478bd9Sstevel@tonic-gate short exception;
657c478bd9Sstevel@tonic-gate };
667c478bd9Sstevel@tonic-gate typedef struct exception except_t;
677c478bd9Sstevel@tonic-gate
68*5d54f3d8Smuffin static int stringcopy(char *, char *, int);
69*5d54f3d8Smuffin
707c478bd9Sstevel@tonic-gate /*
717c478bd9Sstevel@tonic-gate * getauditflagschar() - convert bit flag to character string
727c478bd9Sstevel@tonic-gate *
737c478bd9Sstevel@tonic-gate * input: masks->as_success - audit on success
747c478bd9Sstevel@tonic-gate * masks->as_failure - audit on failure
757c478bd9Sstevel@tonic-gate * verbose - string format. 0 if short name; 1 if long name;
767c478bd9Sstevel@tonic-gate *
777c478bd9Sstevel@tonic-gate * output: auditstring - resultant audit string
787c478bd9Sstevel@tonic-gate *
797c478bd9Sstevel@tonic-gate * returns: 0 - entry read ok
807c478bd9Sstevel@tonic-gate * -1 - error
817c478bd9Sstevel@tonic-gate */
827c478bd9Sstevel@tonic-gate
83*5d54f3d8Smuffin int
getauditflagschar(char * auditstring,audit_state_t * masks,int verbose)84*5d54f3d8Smuffin getauditflagschar(char *auditstring, audit_state_t *masks, int verbose)
857c478bd9Sstevel@tonic-gate {
867c478bd9Sstevel@tonic-gate int i, j, k, mask_num;
877c478bd9Sstevel@tonic-gate int list = -1, retstat = 0;
887c478bd9Sstevel@tonic-gate int except_list[3];
897c478bd9Sstevel@tonic-gate char *prefix = " ";
907c478bd9Sstevel@tonic-gate except_t except[2];
917c478bd9Sstevel@tonic-gate list_t lists[3];
927c478bd9Sstevel@tonic-gate
937c478bd9Sstevel@tonic-gate /*
947c478bd9Sstevel@tonic-gate * initialize input buffer
957c478bd9Sstevel@tonic-gate */
967c478bd9Sstevel@tonic-gate strcpy(auditstring, "");
977c478bd9Sstevel@tonic-gate /*
987c478bd9Sstevel@tonic-gate * initialize lists struct
997c478bd9Sstevel@tonic-gate */
1007c478bd9Sstevel@tonic-gate for (mask_num = COMMON; mask_num <= FAILURE; mask_num++) {
1017c478bd9Sstevel@tonic-gate lists[mask_num].count = 0;
1027c478bd9Sstevel@tonic-gate lists[mask_num].off = -1;
1037c478bd9Sstevel@tonic-gate for (i=0;i<MAXEVENT+1;i++)
1047c478bd9Sstevel@tonic-gate lists[mask_num].on[i] = -1;
1057c478bd9Sstevel@tonic-gate }
1067c478bd9Sstevel@tonic-gate /*
1077c478bd9Sstevel@tonic-gate * initialize exception lists
1087c478bd9Sstevel@tonic-gate */
1097c478bd9Sstevel@tonic-gate for (i = 0; i < 2; i++) {
1107c478bd9Sstevel@tonic-gate except[i].type = -1;
1117c478bd9Sstevel@tonic-gate except[i].exception = -1;
1127c478bd9Sstevel@tonic-gate }
1137c478bd9Sstevel@tonic-gate
1147c478bd9Sstevel@tonic-gate for (i = 0; i < 3; i++)
1157c478bd9Sstevel@tonic-gate except_list[i] = 0;
1167c478bd9Sstevel@tonic-gate
1177c478bd9Sstevel@tonic-gate /*
1187c478bd9Sstevel@tonic-gate * set length global
1197c478bd9Sstevel@tonic-gate */
1207c478bd9Sstevel@tonic-gate length = verbose;
1217c478bd9Sstevel@tonic-gate pos = 0;
1227c478bd9Sstevel@tonic-gate
1237c478bd9Sstevel@tonic-gate /*
1247c478bd9Sstevel@tonic-gate * find turned-on events - if on, store index of event
1257c478bd9Sstevel@tonic-gate * in one of the three event lists, common, success, failure.
1267c478bd9Sstevel@tonic-gate */
1277c478bd9Sstevel@tonic-gate for ( i = 0; i < MAXEVENT; i++) {
1287c478bd9Sstevel@tonic-gate if (((event_class[i].event_mask & masks->as_success) > 0) ||
1297c478bd9Sstevel@tonic-gate ((event_class[i].event_mask & masks->as_failure) > 0)) {
1307c478bd9Sstevel@tonic-gate
1317c478bd9Sstevel@tonic-gate /*
1327c478bd9Sstevel@tonic-gate * check for events in common
1337c478bd9Sstevel@tonic-gate */
1347c478bd9Sstevel@tonic-gate if (((event_class[i].event_mask & masks->as_success) >
1357c478bd9Sstevel@tonic-gate 0) &&
1367c478bd9Sstevel@tonic-gate ((event_class[i].event_mask & masks->as_failure) > 0))
1377c478bd9Sstevel@tonic-gate lists[COMMON].on[lists[COMMON].count++] = i;
1387c478bd9Sstevel@tonic-gate
1397c478bd9Sstevel@tonic-gate /*
1407c478bd9Sstevel@tonic-gate * check for success events
1417c478bd9Sstevel@tonic-gate */
1427c478bd9Sstevel@tonic-gate if ((event_class[i].event_mask & masks->as_success) > 0)
1437c478bd9Sstevel@tonic-gate lists[SUCCESS].on[lists[SUCCESS].count++] = i;
1447c478bd9Sstevel@tonic-gate else {
1457c478bd9Sstevel@tonic-gate except_list[SUCCESS]++;
1467c478bd9Sstevel@tonic-gate if (lists[SUCCESS].off == -1)
1477c478bd9Sstevel@tonic-gate lists[SUCCESS].off = i;
1487c478bd9Sstevel@tonic-gate }
1497c478bd9Sstevel@tonic-gate /*
1507c478bd9Sstevel@tonic-gate * check for failure events
1517c478bd9Sstevel@tonic-gate */
1527c478bd9Sstevel@tonic-gate if ((event_class[i].event_mask & masks->as_failure) > 0)
1537c478bd9Sstevel@tonic-gate lists[FAILURE].on[lists[FAILURE].count++] = i;
1547c478bd9Sstevel@tonic-gate else {
1557c478bd9Sstevel@tonic-gate except_list[FAILURE]++;
1567c478bd9Sstevel@tonic-gate if (lists[FAILURE].off == -1)
1577c478bd9Sstevel@tonic-gate lists[FAILURE].off = i;
1587c478bd9Sstevel@tonic-gate }
1597c478bd9Sstevel@tonic-gate } else {
1607c478bd9Sstevel@tonic-gate except_list[COMMON]++;
1617c478bd9Sstevel@tonic-gate if (lists[COMMON].off == -1)
1627c478bd9Sstevel@tonic-gate lists[COMMON].off = i;
1637c478bd9Sstevel@tonic-gate }
1647c478bd9Sstevel@tonic-gate }
1657c478bd9Sstevel@tonic-gate /*
1667c478bd9Sstevel@tonic-gate * check for all set or all-1 set - output all and common exceptions.
1677c478bd9Sstevel@tonic-gate * the all or common state is exclusive; only one of the
1687c478bd9Sstevel@tonic-gate * three, (+-)all, allowed
1697c478bd9Sstevel@tonic-gate */
1707c478bd9Sstevel@tonic-gate /*
1717c478bd9Sstevel@tonic-gate * no exceptions
1727c478bd9Sstevel@tonic-gate */
1737c478bd9Sstevel@tonic-gate if (lists[COMMON].count >= MAXEVENT-2) {
1747c478bd9Sstevel@tonic-gate if (lists[COMMON].count == MAXEVENT)
1757c478bd9Sstevel@tonic-gate list = COMMON;
1767c478bd9Sstevel@tonic-gate
1777c478bd9Sstevel@tonic-gate /*
1787c478bd9Sstevel@tonic-gate * one exception
1797c478bd9Sstevel@tonic-gate */
1807c478bd9Sstevel@tonic-gate else if (lists[COMMON].count == MAXEVENT-1) {
1817c478bd9Sstevel@tonic-gate for (i=COMMON;i<=FAILURE && (list == -1);i++) {
1827c478bd9Sstevel@tonic-gate if (except_list[i] == 1) {
1837c478bd9Sstevel@tonic-gate list = COMMON;
1847c478bd9Sstevel@tonic-gate except[0].type = i;
1857c478bd9Sstevel@tonic-gate except[0].exception = lists[i].off;
1867c478bd9Sstevel@tonic-gate }
1877c478bd9Sstevel@tonic-gate }
1887c478bd9Sstevel@tonic-gate }
1897c478bd9Sstevel@tonic-gate /*
1907c478bd9Sstevel@tonic-gate * two exceptions
1917c478bd9Sstevel@tonic-gate */
1927c478bd9Sstevel@tonic-gate else if (lists[COMMON].count == MAXEVENT-2) {
1937c478bd9Sstevel@tonic-gate if (except_list[COMMON] == 1) {
1947c478bd9Sstevel@tonic-gate list = COMMON;
1957c478bd9Sstevel@tonic-gate except[0].type = COMMON;
1967c478bd9Sstevel@tonic-gate except[0].exception = lists[COMMON].off;
1977c478bd9Sstevel@tonic-gate for (i=SUCCESS;i<=FAILURE;i++) {
1987c478bd9Sstevel@tonic-gate if (except_list[i] == 1) {
1997c478bd9Sstevel@tonic-gate except[1].type = i;
2007c478bd9Sstevel@tonic-gate except[1].exception = lists[i].off;
2017c478bd9Sstevel@tonic-gate }
2027c478bd9Sstevel@tonic-gate }
2037c478bd9Sstevel@tonic-gate
2047c478bd9Sstevel@tonic-gate } else if (except_list[COMMON] == 0) {
2057c478bd9Sstevel@tonic-gate for (i=SUCCESS,j=0;i<=FAILURE;i++) {
2067c478bd9Sstevel@tonic-gate if (except_list[i] == 1) {
2077c478bd9Sstevel@tonic-gate list = COMMON;
2087c478bd9Sstevel@tonic-gate except[j].type = i;
2097c478bd9Sstevel@tonic-gate except[j++].exception = lists[i].off;
2107c478bd9Sstevel@tonic-gate }
2117c478bd9Sstevel@tonic-gate }
2127c478bd9Sstevel@tonic-gate }
2137c478bd9Sstevel@tonic-gate }
2147c478bd9Sstevel@tonic-gate } else {
2157c478bd9Sstevel@tonic-gate /*
2167c478bd9Sstevel@tonic-gate * check for +all or -all
2177c478bd9Sstevel@tonic-gate */
2187c478bd9Sstevel@tonic-gate for (i=SUCCESS,j=0;i<=FAILURE;i++) {
2197c478bd9Sstevel@tonic-gate if (lists[i].count >= MAXEVENT-1) {
2207c478bd9Sstevel@tonic-gate list = i;
2217c478bd9Sstevel@tonic-gate except[j].type = i;
2227c478bd9Sstevel@tonic-gate if (lists[i].count != MAXEVENT) {
2237c478bd9Sstevel@tonic-gate if (lists[i].off != -1)
2247c478bd9Sstevel@tonic-gate except[j++].exception =
2257c478bd9Sstevel@tonic-gate lists[i].off;
2267c478bd9Sstevel@tonic-gate else
2277c478bd9Sstevel@tonic-gate except[j++].exception =
2287c478bd9Sstevel@tonic-gate lists[COMMON].off;
2297c478bd9Sstevel@tonic-gate }
2307c478bd9Sstevel@tonic-gate }
2317c478bd9Sstevel@tonic-gate }
2327c478bd9Sstevel@tonic-gate }
2337c478bd9Sstevel@tonic-gate /*
2347c478bd9Sstevel@tonic-gate * output all and exceptions
2357c478bd9Sstevel@tonic-gate */
2367c478bd9Sstevel@tonic-gate if (list != -1) {
2377c478bd9Sstevel@tonic-gate if(list==SUCCESS) {
2387c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring, "+", 0)) == -1)
2397c478bd9Sstevel@tonic-gate retstat = -1;
2407c478bd9Sstevel@tonic-gate }
2417c478bd9Sstevel@tonic-gate if(list==FAILURE) {
2427c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring, "-", 0)) == -1)
2437c478bd9Sstevel@tonic-gate retstat = -1;
2447c478bd9Sstevel@tonic-gate }
2457c478bd9Sstevel@tonic-gate
2467c478bd9Sstevel@tonic-gate if (retstat == 0) {
2477c478bd9Sstevel@tonic-gate if (length) {
2487c478bd9Sstevel@tonic-gate if
2497c478bd9Sstevel@tonic-gate ((stringcopy(auditstring,event_class[11].event_lname,1)) == -1)
2507c478bd9Sstevel@tonic-gate retstat = -1;
2517c478bd9Sstevel@tonic-gate } else
2527c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring, event_class[11].event_sname,1)) == -1)
2537c478bd9Sstevel@tonic-gate retstat = -1;
2547c478bd9Sstevel@tonic-gate }
2557c478bd9Sstevel@tonic-gate
2567c478bd9Sstevel@tonic-gate if (retstat == 0) {
2577c478bd9Sstevel@tonic-gate /*
2587c478bd9Sstevel@tonic-gate * output exceptions
2597c478bd9Sstevel@tonic-gate */
2607c478bd9Sstevel@tonic-gate for (i=0;i<2 && except[i].exception != -1; i++) {
2617c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring, "^", 0)) == -1)
2627c478bd9Sstevel@tonic-gate retstat = -1;
2637c478bd9Sstevel@tonic-gate if(except[i].type==SUCCESS) {
2647c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring, "+", 0)) == -1)
2657c478bd9Sstevel@tonic-gate retstat = -1;
2667c478bd9Sstevel@tonic-gate }
2677c478bd9Sstevel@tonic-gate if (except[i].type==FAILURE) {
2687c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring, "-", 0)) == -1)
2697c478bd9Sstevel@tonic-gate retstat = -1;
2707c478bd9Sstevel@tonic-gate }
2717c478bd9Sstevel@tonic-gate if (length == 1 && retstat == 0) {
2727c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring,
2737c478bd9Sstevel@tonic-gate event_class[except[i].exception].event_lname, 1))==-1)
2747c478bd9Sstevel@tonic-gate retstat = -1;
2757c478bd9Sstevel@tonic-gate } else if (retstat == 0) {
2767c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring,
2777c478bd9Sstevel@tonic-gate event_class[except[i].exception].event_sname, 1))==-1)
2787c478bd9Sstevel@tonic-gate retstat = -1;
2797c478bd9Sstevel@tonic-gate }
2807c478bd9Sstevel@tonic-gate }
2817c478bd9Sstevel@tonic-gate }
2827c478bd9Sstevel@tonic-gate } /* end of " all " processing */
2837c478bd9Sstevel@tonic-gate
2847c478bd9Sstevel@tonic-gate /*
2857c478bd9Sstevel@tonic-gate * process common events if no "all" was output
2867c478bd9Sstevel@tonic-gate */
2877c478bd9Sstevel@tonic-gate if (list == -1 && (lists[COMMON].count > 0) && retstat == 0) {
2887c478bd9Sstevel@tonic-gate /*
2897c478bd9Sstevel@tonic-gate * output common events first
2907c478bd9Sstevel@tonic-gate */
2917c478bd9Sstevel@tonic-gate for (j=0;j<lists[COMMON].count;j++) {
2927c478bd9Sstevel@tonic-gate if (length == 1) {
2937c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring,
2947c478bd9Sstevel@tonic-gate event_class[lists[COMMON].on[j]].event_lname, 1)) == -1)
2957c478bd9Sstevel@tonic-gate retstat = -1;
2967c478bd9Sstevel@tonic-gate } else if ((stringcopy(auditstring,
2977c478bd9Sstevel@tonic-gate event_class[lists[COMMON].on[j]].event_sname, 1)) == -1)
2987c478bd9Sstevel@tonic-gate retstat = -1;
2997c478bd9Sstevel@tonic-gate }
3007c478bd9Sstevel@tonic-gate /*
3017c478bd9Sstevel@tonic-gate * remove common events from individual lists
3027c478bd9Sstevel@tonic-gate */
3037c478bd9Sstevel@tonic-gate if (retstat == 0) {
3047c478bd9Sstevel@tonic-gate for (i=SUCCESS;i<=FAILURE;i++) {
3057c478bd9Sstevel@tonic-gate for(j=0;j<lists[COMMON].count;j++) {
3067c478bd9Sstevel@tonic-gate for(k=0;k < lists[i].count;k++) {
3077c478bd9Sstevel@tonic-gate if (lists[COMMON].on[j] ==
3087c478bd9Sstevel@tonic-gate lists[i].on[k])
3097c478bd9Sstevel@tonic-gate lists[i].on[k] = -1;
3107c478bd9Sstevel@tonic-gate }
3117c478bd9Sstevel@tonic-gate }
3127c478bd9Sstevel@tonic-gate }
3137c478bd9Sstevel@tonic-gate }
3147c478bd9Sstevel@tonic-gate }
3157c478bd9Sstevel@tonic-gate
3167c478bd9Sstevel@tonic-gate /*
3177c478bd9Sstevel@tonic-gate * start processing individual event flags in success
3187c478bd9Sstevel@tonic-gate * and failure lists
3197c478bd9Sstevel@tonic-gate */
3207c478bd9Sstevel@tonic-gate if (list != COMMON && retstat == 0) {
3217c478bd9Sstevel@tonic-gate for (i=SUCCESS;i<=FAILURE;i++) {
3227c478bd9Sstevel@tonic-gate if(list != i) {
3237c478bd9Sstevel@tonic-gate if (i==SUCCESS) strcpy(prefix, "+");
3247c478bd9Sstevel@tonic-gate if (i==FAILURE) strcpy(prefix, "-");
3257c478bd9Sstevel@tonic-gate for (j=0;j<MAXEVENT && j<lists[i].count;j++) {
3267c478bd9Sstevel@tonic-gate if (lists[i].on[j] != -1) {
3277c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring, prefix, 0)) == -1)
3287c478bd9Sstevel@tonic-gate retstat = -1;
3297c478bd9Sstevel@tonic-gate if (length == 1 &&
3307c478bd9Sstevel@tonic-gate retstat == 0) {
3317c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring,
3327c478bd9Sstevel@tonic-gate event_class[lists[i].on[j]].event_lname, 1))==-1)
3337c478bd9Sstevel@tonic-gate retstat = -1;
3347c478bd9Sstevel@tonic-gate } else if (retstat == 0) {
3357c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring,
3367c478bd9Sstevel@tonic-gate event_class[lists[i].on[j]].event_sname, 1))==-1)
3377c478bd9Sstevel@tonic-gate retstat = -1;
3387c478bd9Sstevel@tonic-gate }
3397c478bd9Sstevel@tonic-gate }
3407c478bd9Sstevel@tonic-gate }
3417c478bd9Sstevel@tonic-gate }
3427c478bd9Sstevel@tonic-gate }
3437c478bd9Sstevel@tonic-gate }
3447c478bd9Sstevel@tonic-gate if ((stringcopy(auditstring, "\0", 2)) == -1)
3457c478bd9Sstevel@tonic-gate retstat = -1;
3467c478bd9Sstevel@tonic-gate
3477c478bd9Sstevel@tonic-gate return (retstat);
3487c478bd9Sstevel@tonic-gate }
3497c478bd9Sstevel@tonic-gate
350*5d54f3d8Smuffin static int
stringcopy(char * auditstring,char * event,int flag)351*5d54f3d8Smuffin stringcopy(char *auditstring, char *event,
352*5d54f3d8Smuffin int flag) /* if set, output comma after event */
3537c478bd9Sstevel@tonic-gate {
3547c478bd9Sstevel@tonic-gate int retstat = 0;
3557c478bd9Sstevel@tonic-gate
3567c478bd9Sstevel@tonic-gate /*
3577c478bd9Sstevel@tonic-gate * check size
3587c478bd9Sstevel@tonic-gate */
3597c478bd9Sstevel@tonic-gate if (pos >= MAXSTRLEN) {
3607c478bd9Sstevel@tonic-gate fprintf(stderr,"getauditflagschar: Inputted buffer too small.\n");
3617c478bd9Sstevel@tonic-gate retstat = -1;
3627c478bd9Sstevel@tonic-gate } else if (flag != 2) {
3637c478bd9Sstevel@tonic-gate strcpy(auditstring+pos, event);
3647c478bd9Sstevel@tonic-gate pos += strlen(event);
3657c478bd9Sstevel@tonic-gate if(flag) {
3667c478bd9Sstevel@tonic-gate strcpy(auditstring+pos, COMMASTR);
3677c478bd9Sstevel@tonic-gate pos += strlen(COMMASTR);
3687c478bd9Sstevel@tonic-gate }
3697c478bd9Sstevel@tonic-gate } else {
3707c478bd9Sstevel@tonic-gate /*
3717c478bd9Sstevel@tonic-gate * add null terminator only
3727c478bd9Sstevel@tonic-gate */
3737c478bd9Sstevel@tonic-gate if (pos)
3747c478bd9Sstevel@tonic-gate strcpy(auditstring+(pos-1), event);
3757c478bd9Sstevel@tonic-gate
3767c478bd9Sstevel@tonic-gate }
3777c478bd9Sstevel@tonic-gate return (retstat);
3787c478bd9Sstevel@tonic-gate }
3797c478bd9Sstevel@tonic-gate
3807c478bd9Sstevel@tonic-gate /*
3817c478bd9Sstevel@tonic-gate * getauditflagsbin() - converts character string to success and
3827c478bd9Sstevel@tonic-gate * failure bit masks
3837c478bd9Sstevel@tonic-gate *
3847c478bd9Sstevel@tonic-gate * input: auditstring - audit string
3857c478bd9Sstevel@tonic-gate * cnt - number of elements in the masks array
3867c478bd9Sstevel@tonic-gate *
3877c478bd9Sstevel@tonic-gate * output: masks->as_success - audit on success
3887c478bd9Sstevel@tonic-gate * masks->as_failure - audit on failure
3897c478bd9Sstevel@tonic-gate *
3907c478bd9Sstevel@tonic-gate * returns: 0 - ok
3917c478bd9Sstevel@tonic-gate * -1 - error - string contains characters which do
3927c478bd9Sstevel@tonic-gate * not match event flag names
3937c478bd9Sstevel@tonic-gate */
3947c478bd9Sstevel@tonic-gate
395*5d54f3d8Smuffin int
getauditflagsbin(char * auditstring,audit_state_t * masks)396*5d54f3d8Smuffin getauditflagsbin(char *auditstring, audit_state_t *masks)
3977c478bd9Sstevel@tonic-gate {
3987c478bd9Sstevel@tonic-gate int i, gotone, done = 0, invert = 0, tryagain;
3997c478bd9Sstevel@tonic-gate int retstat = 0, succ_event, fail_event;
4007c478bd9Sstevel@tonic-gate char *ptr, tmp_buff[MAXFLDLEN];
4017c478bd9Sstevel@tonic-gate
4027c478bd9Sstevel@tonic-gate /*
4037c478bd9Sstevel@tonic-gate * process character string
4047c478bd9Sstevel@tonic-gate */
4057c478bd9Sstevel@tonic-gate do {
4067c478bd9Sstevel@tonic-gate gotone = 0;
4077c478bd9Sstevel@tonic-gate /*
4087c478bd9Sstevel@tonic-gate * read through string storing chars. until a comma
4097c478bd9Sstevel@tonic-gate */
4107c478bd9Sstevel@tonic-gate for (ptr=tmp_buff; !gotone;) {
4117c478bd9Sstevel@tonic-gate if(*auditstring!=COMMA && *auditstring!='\0' &&
4127c478bd9Sstevel@tonic-gate *auditstring!='\n' && *auditstring!=' ')
4137c478bd9Sstevel@tonic-gate *ptr++ = *auditstring++;
4147c478bd9Sstevel@tonic-gate else if (*auditstring == ' ')
4157c478bd9Sstevel@tonic-gate *auditstring++;
4167c478bd9Sstevel@tonic-gate else {
4177c478bd9Sstevel@tonic-gate if (*auditstring == '\0' ||
4187c478bd9Sstevel@tonic-gate *auditstring == '\n') {
4197c478bd9Sstevel@tonic-gate done = 1;
4207c478bd9Sstevel@tonic-gate if (ptr == tmp_buff)
4217c478bd9Sstevel@tonic-gate done = 2;
4227c478bd9Sstevel@tonic-gate }
4237c478bd9Sstevel@tonic-gate gotone = 1;
4247c478bd9Sstevel@tonic-gate }
4257c478bd9Sstevel@tonic-gate }
4267c478bd9Sstevel@tonic-gate /*
4277c478bd9Sstevel@tonic-gate * process audit state
4287c478bd9Sstevel@tonic-gate */
4297c478bd9Sstevel@tonic-gate if(gotone && done != 2) {
4307c478bd9Sstevel@tonic-gate if(!done) auditstring++;
4317c478bd9Sstevel@tonic-gate *ptr++ = '\0';
4327c478bd9Sstevel@tonic-gate ptr = tmp_buff;
4337c478bd9Sstevel@tonic-gate gotone = 0;
4347c478bd9Sstevel@tonic-gate succ_event = ON;
4357c478bd9Sstevel@tonic-gate fail_event = ON;
4367c478bd9Sstevel@tonic-gate tryagain = 1;
4377c478bd9Sstevel@tonic-gate invert = 0;
4387c478bd9Sstevel@tonic-gate
4397c478bd9Sstevel@tonic-gate /*
4407c478bd9Sstevel@tonic-gate * get flags
4417c478bd9Sstevel@tonic-gate */
4427c478bd9Sstevel@tonic-gate do {
4437c478bd9Sstevel@tonic-gate switch (*ptr++) {
4447c478bd9Sstevel@tonic-gate case '^':
4457c478bd9Sstevel@tonic-gate invert = 1;
4467c478bd9Sstevel@tonic-gate succ_event = OFF;
4477c478bd9Sstevel@tonic-gate fail_event = OFF;
4487c478bd9Sstevel@tonic-gate break;
4497c478bd9Sstevel@tonic-gate case '+':
4507c478bd9Sstevel@tonic-gate if (invert)
4517c478bd9Sstevel@tonic-gate fail_event = OK;
4527c478bd9Sstevel@tonic-gate else {
4537c478bd9Sstevel@tonic-gate succ_event = ON;
4547c478bd9Sstevel@tonic-gate fail_event = OK;
4557c478bd9Sstevel@tonic-gate }
4567c478bd9Sstevel@tonic-gate break;
4577c478bd9Sstevel@tonic-gate case '-':
4587c478bd9Sstevel@tonic-gate if (invert)
4597c478bd9Sstevel@tonic-gate succ_event = OK;
4607c478bd9Sstevel@tonic-gate else {
4617c478bd9Sstevel@tonic-gate fail_event = ON;
4627c478bd9Sstevel@tonic-gate succ_event = OK;
4637c478bd9Sstevel@tonic-gate }
4647c478bd9Sstevel@tonic-gate break;
4657c478bd9Sstevel@tonic-gate default:
4667c478bd9Sstevel@tonic-gate tryagain = 0;
4677c478bd9Sstevel@tonic-gate ptr--;
4687c478bd9Sstevel@tonic-gate break;
4697c478bd9Sstevel@tonic-gate }
4707c478bd9Sstevel@tonic-gate } while(tryagain);
4717c478bd9Sstevel@tonic-gate
4727c478bd9Sstevel@tonic-gate /* add audit state to mask */
4737c478bd9Sstevel@tonic-gate for (i=0;i<MAXEVENT+1 && !gotone;i++) {
4747c478bd9Sstevel@tonic-gate if ((!(strcmp(ptr, event_class[i].event_sname))) ||
4757c478bd9Sstevel@tonic-gate (!(strcmp(ptr, event_class[i].event_lname)))) {
4767c478bd9Sstevel@tonic-gate if (succ_event == ON)
4777c478bd9Sstevel@tonic-gate masks->as_success |= event_class[i].event_mask;
4787c478bd9Sstevel@tonic-gate else if (succ_event == OFF)
4797c478bd9Sstevel@tonic-gate masks->as_success &= ~(event_class[i].event_mask);
4807c478bd9Sstevel@tonic-gate if (fail_event == ON)
4817c478bd9Sstevel@tonic-gate masks->as_failure |= event_class[i].event_mask;
4827c478bd9Sstevel@tonic-gate else if (fail_event == OFF)
4837c478bd9Sstevel@tonic-gate masks->as_failure &= ~(event_class[i].event_mask);
4847c478bd9Sstevel@tonic-gate gotone = 1;
4857c478bd9Sstevel@tonic-gate }
4867c478bd9Sstevel@tonic-gate }
4877c478bd9Sstevel@tonic-gate if(!gotone) {
4887c478bd9Sstevel@tonic-gate retstat = -1;
4897c478bd9Sstevel@tonic-gate done = 1;
4907c478bd9Sstevel@tonic-gate }
4917c478bd9Sstevel@tonic-gate }
4927c478bd9Sstevel@tonic-gate } while (!done);
4937c478bd9Sstevel@tonic-gate
4947c478bd9Sstevel@tonic-gate return (retstat);
4957c478bd9Sstevel@tonic-gate }
496