1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #pragma ident "%Z%%M% %I% %E% SMI" 27 28 #include <ctype.h> 29 #include <dirent.h> 30 #include <grp.h> 31 #include <libintl.h> 32 #include <limits.h> 33 #include <locale.h> 34 #include <pwd.h> 35 #include <stdio.h> 36 #include <stdlib.h> 37 #include <string.h> 38 #include <sys/types.h> 39 #include <sys/inttypes.h> 40 #include <sys/file.h> 41 #include <sys/param.h> 42 #include <sys/uio.h> 43 #include <sys/stat.h> 44 #include <sys/acl.h> 45 #include <sys/socket.h> 46 #include <sys/errno.h> 47 #include <sys/ipc.h> 48 #include <sys/sem.h> 49 #include <sys/systm.h> 50 #include <netinet/in.h> 51 #include <sys/tiuser.h> 52 #include <rpc/types.h> 53 #include <rpc/auth.h> 54 #include <rpc/auth_unix.h> 55 #include <rpc/svc.h> 56 #include <rpc/xdr.h> 57 #include <nfs/nfs.h> 58 #include <sys/fs/ufs_quota.h> 59 #include <sys/time.h> 60 #include <sys/mkdev.h> 61 #include <unistd.h> 62 63 #include <bsm/audit.h> 64 #include <bsm/audit_record.h> 65 #include <bsm/libbsm.h> 66 67 #include <tsol/label.h> 68 #include <sys/tsol/label_macro.h> 69 70 #include "praudit.h" 71 #include "toktable.h" 72 73 #include <netdb.h> 74 #include <arpa/inet.h> 75 76 static char *anchor_path(char *); 77 static char *collapse_path(char *); 78 79 80 /* 81 * ----------------------------------------------------------------------- 82 * is_file_token: 83 * Tests whether the specified token id represents a type 84 * of file token. 85 * return codes : 1 - tokenid is a file token type 86 * : 0 - otherwise 87 * ----------------------------------------------------------------------- 88 */ 89 int 90 is_file_token(int tokenid) 91 { 92 if ((tokenid == AUT_OTHER_FILE32) || (tokenid == AUT_OTHER_FILE64)) 93 return (1); 94 95 return (0); 96 } 97 98 /* 99 * ----------------------------------------------------------------------- 100 * is_header_token: 101 * Tests whether the specified token id represents a type 102 * of header token (signifying the start of a record). 103 * return codes : 1 - tokenid is a header type 104 * : 0 - otherwise 105 * ----------------------------------------------------------------------- 106 */ 107 int 108 is_header_token(int tokenid) 109 { 110 if ((tokenid == AUT_OHEADER) || (tokenid == AUT_HEADER32) || 111 (tokenid == AUT_HEADER32_EX) || (tokenid == AUT_HEADER64) || 112 (tokenid == AUT_HEADER64_EX)) 113 return (1); 114 115 return (0); 116 } 117 118 /* 119 * ----------------------------------------------------------------------- 120 * is_token: 121 * Tests whether the specified token id represents a true 122 * token, as opposed to a regular tag. 123 * return codes : 1 - tokenid is a true token 124 * : 0 - otherwise 125 * ----------------------------------------------------------------------- 126 */ 127 int 128 is_token(int tokenid) 129 { 130 if ((tokenid > 0) && (tokenid <= MAXTOKEN)) 131 return (1); 132 133 return (0); 134 } 135 136 137 /* 138 * ----------------------------------------------------------------------- 139 * exit_token() : Process information label token and display contents 140 * return codes : -1 - error 141 * : 0 - successful 142 * NOTE: At the time of call, the label token id has been retrieved 143 * 144 * Format of exit token: 145 * exit token id adr_char 146 * ----------------------------------------------------------------------- 147 */ 148 int 149 exit_token(pr_context_t *context) 150 { 151 int returnstat; 152 int retval; 153 uval_t uval; 154 155 if ((returnstat = open_tag(context, TAG_ERRVAL)) != 0) 156 return (returnstat); 157 158 if ((returnstat = pr_adr_int32(context, (int32_t *)&retval, 1)) == 0) { 159 if (!(context->format & PRF_RAWM)) { 160 char *emsg = strerror(retval); 161 162 if (emsg == NULL) 163 uval.string_val = gettext("Unknown errno"); 164 else 165 uval.string_val = gettext(emsg); 166 uval.uvaltype = PRA_STRING; 167 } else { 168 uval.uvaltype = PRA_INT32; 169 uval.int32_val = retval; 170 } 171 returnstat = pa_print(context, &uval, 0); 172 } 173 if (returnstat == 0) 174 returnstat = close_tag(context, TAG_ERRVAL); 175 176 return (process_tag(context, TAG_RETVAL, returnstat, 1)); 177 } 178 179 /* 180 * ------------------------------------------------------------------ 181 * file_token() : prints out seconds of time and other file name 182 * return codes : -1 - error 183 * : 0 - successful, valid file token fields 184 * At the time of entry, the file token ID has already been retrieved 185 * 186 * Format of file token: 187 * file token id adr_char 188 * seconds of time adr_u_int 189 * name of other file adr_string 190 * ------------------------------------------------------------------ 191 */ 192 int 193 file_token(pr_context_t *context) 194 { 195 int returnstat; 196 197 returnstat = pa_utime32(context, 0, 0); /* time from usecs */ 198 199 /* other file name */ 200 returnstat = pa_file_string(context, returnstat, 1); 201 202 return (returnstat); 203 } 204 205 int 206 file64_token(pr_context_t *context) 207 { 208 int returnstat; 209 210 returnstat = pa_utime64(context, 0, 0); /* time from usecs */ 211 212 /* other file name */ 213 returnstat = pa_file_string(context, returnstat, 1); 214 215 return (returnstat); 216 } 217 218 /* 219 * ----------------------------------------------------------------------- 220 * header_token() : Process record header token and display contents 221 * return codes : -1 - error 222 * : 0 - successful 223 * : 1 - warning, password entry not found 224 * 225 * NOTE: At the time of call, the header token id has been retrieved 226 * 227 * Format of header token: 228 * header token id adr_char 229 * record byte count adr_u_int 230 * event type adr_u_short (printed either ASCII or raw) 231 * event class adr_u_int (printed either ASCII or raw) 232 * event action adr_u_int 233 * if extended: extended host name (IPv4/IPv6) 234 * seconds of time adr_u_int (printed either ASCII or raw) 235 * nanoseconds of time adr_u_int 236 * ----------------------------------------------------------------------- 237 */ 238 int 239 header_token(pr_context_t *context) 240 { 241 int returnstat; 242 243 returnstat = pa_reclen(context, 0); /* record byte */ 244 /* version ID */ 245 returnstat = process_tag(context, TAG_TOKVERS, returnstat, 0); 246 /* event type */ 247 returnstat = process_tag(context, TAG_EVTYPE, returnstat, 0); 248 /* event modifier */ 249 returnstat = pa_event_modifier(context, returnstat, 0); 250 /* time from nsec */ 251 returnstat = pa_ntime32(context, returnstat, 1); 252 253 return (returnstat); 254 } 255 256 int 257 header64_token(pr_context_t *context) 258 { 259 int returnstat; 260 261 returnstat = pa_reclen(context, 0); /* record byte */ 262 /* version ID */ 263 returnstat = process_tag(context, TAG_TOKVERS, returnstat, 0); 264 /* event type */ 265 returnstat = process_tag(context, TAG_EVTYPE, returnstat, 0); 266 /* event modifier */ 267 returnstat = pa_event_modifier(context, returnstat, 0); 268 /* time from nsec */ 269 returnstat = pa_ntime64(context, returnstat, 1); 270 271 return (returnstat); 272 } 273 274 int 275 header32_ex_token(pr_context_t *context) 276 { 277 int returnstat; 278 279 returnstat = pa_reclen(context, 0); /* record byte */ 280 /* version ID */ 281 returnstat = process_tag(context, TAG_TOKVERS, returnstat, 0); 282 /* event type */ 283 returnstat = process_tag(context, TAG_EVTYPE, returnstat, 0); 284 /* event modifier */ 285 returnstat = pa_event_modifier(context, returnstat, 0); 286 /* machine name */ 287 returnstat = pa_hostname_ex(context, returnstat, 0); 288 /* time from nsec */ 289 returnstat = pa_ntime32(context, returnstat, 1); 290 291 return (returnstat); 292 } 293 294 int 295 header64_ex_token(pr_context_t *context) 296 { 297 int returnstat; 298 299 returnstat = pa_reclen(context, 0); /* record byte */ 300 /* version ID */ 301 returnstat = process_tag(context, TAG_TOKVERS, returnstat, 0); 302 /* event type */ 303 returnstat = process_tag(context, TAG_EVTYPE, returnstat, 0); 304 /* event modifier */ 305 returnstat = pa_event_modifier(context, returnstat, 0); 306 /* machine name */ 307 returnstat = pa_hostname_ex(context, returnstat, 0); 308 /* time from nsec */ 309 returnstat = pa_ntime64(context, returnstat, 1); 310 311 return (returnstat); 312 } 313 314 /* 315 * ----------------------------------------------------------------------- 316 * trailer_token() : Process record trailer token and display contents 317 * return codes : -1 - error 318 * : 0 - successful 319 * NOTE: At the time of call, the trailer token id has already been 320 * retrieved 321 * 322 * Format of trailer token: 323 * trailer token id adr_char 324 * record sequence no adr_u_short (should be AUT_TRAILER_MAGIC) 325 * record byte count adr_u_int 326 * ----------------------------------------------------------------------- 327 */ 328 int 329 trailer_token(pr_context_t *context) 330 { 331 short magic_number; 332 333 if (pr_adr_u_short(context, (ushort_t *)&magic_number, 1) < 0) { 334 (void) fprintf(stderr, gettext( 335 "praudit: Cannot retrieve trailer magic number\n")); 336 return (-1); 337 } else { 338 if (magic_number != AUT_TRAILER_MAGIC) { 339 (void) fprintf(stderr, gettext( 340 "praudit: Invalid trailer magic number\n")); 341 return (-1); 342 } else 343 /* Do not display trailer in XML mode */ 344 if (context->format & PRF_XMLM) { 345 uint32_t junk; 346 int retstat; 347 348 retstat = pr_adr_u_int32(context, &junk, 1); 349 return (retstat); 350 } else { 351 return (pa_adr_u_int32(context, 0, 1)); 352 } 353 } 354 } 355 356 /* 357 * ----------------------------------------------------------------------- 358 * arbitrary_data_token(): 359 * Process arbitrary data token and display contents 360 * return codes : -1 - error 361 * : 0 - successful 362 * NOTE: At the time of call, the arbitrary data token id has already 363 * been retrieved 364 * 365 * Format of arbitrary data token: 366 * arbitrary data token id adr char 367 * how to print adr_char 368 * From audit_record.h, this may be either: 369 * AUP_BINARY binary 370 * AUP_OCTAL octal 371 * AUP_DECIMAL decimal 372 * AUP_HEX hexadecimal 373 * basic unit adr_char 374 * From audit_record.h, this may be either: 375 * AUR_BYTE byte 376 * AUR_CHAR char 377 * AUR_SHORT short 378 * AUR_INT32 int32_t 379 * AUR_INT64 int64_t 380 * unit count adr_char, specifying number of units of 381 * data in the "data items" parameter below 382 * data items depends on basic unit 383 * 384 * ----------------------------------------------------------------------- 385 */ 386 int 387 arbitrary_data_token(pr_context_t *context) 388 { 389 int returnstat; 390 int i; 391 char c1; 392 short c2; 393 int32_t c3; 394 int64_t c4; 395 char how_to_print, basic_unit, unit_count, fwid; 396 char *p; 397 int index = 0; 398 char *pformat = "%*s"; 399 400 uval_t uval; 401 402 if ((returnstat = pr_adr_char(context, &how_to_print, 1)) != 0) 403 return (returnstat); 404 405 if ((returnstat = pr_adr_char(context, &basic_unit, 1)) != 0) 406 return (returnstat); 407 408 if ((returnstat = pr_adr_char(context, &unit_count, 1)) != 0) 409 return (returnstat); 410 411 if (!(context->format & PRF_RAWM)) { 412 uval.uvaltype = PRA_STRING; 413 uval.string_val = htp2string(how_to_print); 414 } else { 415 uval.uvaltype = PRA_INT32; 416 uval.int32_val = (int)how_to_print; 417 } 418 419 if ((returnstat = open_tag(context, TAG_ARBPRINT)) != 0) 420 return (returnstat); 421 if ((returnstat = pa_print(context, &uval, 0)) < 0) 422 return (returnstat); 423 if ((returnstat = close_tag(context, TAG_ARBPRINT)) != 0) 424 return (returnstat); 425 426 if (!(context->format & PRF_RAWM)) { 427 uval.uvaltype = PRA_STRING; 428 uval.string_val = bu2string(basic_unit); 429 } else { 430 uval.uvaltype = PRA_INT32; 431 uval.int32_val = (int32_t)basic_unit; 432 } 433 434 if ((returnstat = open_tag(context, TAG_ARBTYPE)) != 0) 435 return (returnstat); 436 if ((returnstat = pa_print(context, &uval, 0)) < 0) 437 return (returnstat); 438 if ((returnstat = close_tag(context, TAG_ARBTYPE)) != 0) 439 return (returnstat); 440 441 uval.uvaltype = PRA_INT32; 442 uval.int32_val = (int32_t)unit_count; 443 444 if ((returnstat = open_tag(context, TAG_ARBCOUNT)) != 0) 445 return (returnstat); 446 if ((returnstat = pa_print(context, &uval, 1)) < 0) 447 return (returnstat); 448 if ((returnstat = close_tag(context, TAG_ARBCOUNT)) != 0) 449 return (returnstat); 450 451 /* Done with attributes; force end of token open */ 452 if ((returnstat = finish_open_tag(context)) != 0) 453 return (returnstat); 454 455 /* get the field width in case we need to format output */ 456 fwid = findfieldwidth(basic_unit, how_to_print); 457 p = (char *)malloc(80); 458 459 /* now get the data items and print them */ 460 for (i = 0; (i < unit_count); i++) { 461 switch (basic_unit) { 462 /* case AUR_BYTE: */ 463 case AUR_CHAR: 464 if (pr_adr_char(context, &c1, 1) == 0) 465 (void) convert_char_to_string(how_to_print, 466 c1, p); 467 else { 468 free(p); 469 return (-1); 470 } 471 break; 472 case AUR_SHORT: 473 if (pr_adr_short(context, &c2, 1) == 0) 474 (void) convert_short_to_string(how_to_print, 475 c2, p); 476 else { 477 free(p); 478 return (-1); 479 } 480 break; 481 case AUR_INT32: 482 if (pr_adr_int32(context, &c3, 1) == 0) 483 (void) convert_int32_to_string(how_to_print, 484 c3, p); 485 else { 486 free(p); 487 return (-1); 488 } 489 break; 490 case AUR_INT64: 491 if (pr_adr_int64(context, &c4, 1) == 0) 492 (void) convert_int64_to_string(how_to_print, 493 c4, p); 494 else { 495 free(p); 496 return (-1); 497 } 498 break; 499 default: 500 free(p); 501 return (-1); 502 /*NOTREACHED*/ 503 } 504 505 /* 506 * At this point, we have successfully retrieved a data 507 * item and converted it into an ASCII string pointed to 508 * by p. If all output is to be printed on one line, 509 * simply separate the data items by a space (or by the 510 * delimiter if this is the last data item), otherwise, we 511 * need to format the output before display. 512 */ 513 if (context->format & PRF_ONELINE) { 514 returnstat = pr_printf(context, "%s", p); 515 if ((returnstat >= 0) && (i == (unit_count - 1))) 516 returnstat = pr_printf(context, "%s", 517 context->SEPARATOR); 518 else 519 returnstat = pr_putchar(context, ' '); 520 } else { /* format output */ 521 returnstat = pr_printf(context, pformat, fwid, p); 522 index += fwid; 523 if ((returnstat >= 0) && 524 (((index + fwid) > 75) || 525 (i == (unit_count - 1)))) { 526 returnstat = pr_putchar(context, '\n'); 527 index = 0; 528 } 529 } /* else if PRF_ONELINE */ 530 if (returnstat < 0) { 531 free(p); 532 return (returnstat); 533 } 534 } 535 free(p); 536 537 return (returnstat); 538 } 539 540 /* 541 * ----------------------------------------------------------------------- 542 * opaque_token() : Process opaque token and display contents 543 * return codes : -1 - error 544 * : 0 - successful 545 * NOTE: At the time of call, the opaque token id has already been 546 * retrieved 547 * 548 * Format of opaque token: 549 * opaque token id adr_char 550 * size adr_short 551 * data adr_char, size times 552 * ----------------------------------------------------------------------- 553 */ 554 int 555 opaque_token(pr_context_t *context) 556 { 557 int returnstat; 558 short size; 559 char *charp; 560 uval_t uval; 561 562 563 /* print the size of the token */ 564 if (pr_adr_short(context, &size, 1) == 0) { 565 uval.uvaltype = PRA_SHORT; 566 uval.short_val = size; 567 returnstat = pa_print(context, &uval, 0); 568 } else 569 returnstat = -1; 570 571 /* now print out the data field in hexadecimal */ 572 if (returnstat >= 0) { 573 /* try to allocate memory for the character string */ 574 if ((charp = (char *)malloc(size * sizeof (char))) == NULL) 575 returnstat = -1; 576 else { 577 if ((returnstat = pr_adr_char(context, charp, 578 size)) == 0) { 579 /* print out in hexadecimal format */ 580 uval.uvaltype = PRA_STRING; 581 uval.string_val = hexconvert(charp, size, size); 582 if (uval.string_val) { 583 returnstat = pa_print(context, 584 &uval, 1); 585 free(uval.string_val); 586 } 587 } 588 free(charp); 589 } 590 } 591 592 return (returnstat); 593 } 594 595 /* 596 * ----------------------------------------------------------------------- 597 * path_token() : Process path token and display contents 598 * return codes : -1 - error 599 * : 0 - successful 600 * NOTE: At the time of call, the path token id has been retrieved 601 * 602 * Format of path token: 603 * token id adr_char 604 * path adr_string 605 * ----------------------------------------------------------------------- 606 */ 607 int 608 path_token(pr_context_t *context) 609 { 610 char *path; /* path */ 611 char *apath; /* anchored path */ 612 char *cpath; /* collapsed path */ 613 short length; 614 int returnstat; 615 uval_t uval; 616 617 /* 618 * We need to know how much space to allocate for our string, so 619 * read the length first, then call pr_adr_char to read those bytes. 620 */ 621 if (pr_adr_short(context, &length, 1) == 0) { 622 if ((path = (char *)malloc(length + 1)) == NULL) { 623 returnstat = -1; 624 } else if (pr_adr_char(context, path, length) == 0) { 625 path[length] = '\0'; 626 uval.uvaltype = PRA_STRING; 627 if (*path != '/') { 628 apath = anchor_path(path); 629 free(path); 630 } else 631 apath = path; 632 cpath = collapse_path(apath); 633 uval.string_val = cpath; 634 returnstat = pa_print(context, &uval, 1); 635 free(cpath); 636 } else { 637 free(path); 638 returnstat = -1; 639 } 640 return (returnstat); 641 } else 642 return (-1); 643 } 644 645 /* 646 * anchor a path name with a slash 647 */ 648 char * 649 anchor_path(char *sp) 650 { 651 char *dp; /* destination path */ 652 char *tp; /* temporary path */ 653 size_t len; 654 655 len = strlen(sp) + 2; 656 if ((dp = tp = (char *)calloc(1, len)) == (char *)0) 657 return ((char *)0); 658 659 *dp++ = '/'; 660 661 (void) strlcpy(dp, sp, len); 662 663 return (tp); 664 } 665 666 /* 667 * copy path to collapsed path. 668 * collapsed path does not contain: 669 * successive slashes 670 * instances of dot-slash 671 * instances of dot-dot-slash 672 * passed path must be anchored with a '/' 673 */ 674 char * 675 collapse_path(char *s) 676 { 677 int id; /* index of where we are in destination string */ 678 int is; /* index of where we are in source string */ 679 int slashseen; /* have we seen a slash */ 680 int ls; /* length of source string */ 681 682 ls = strlen(s) + 1; 683 684 slashseen = 0; 685 for (is = 0, id = 0; is < ls; is++) { 686 /* thats all folks, we've reached the end of input */ 687 if (s[is] == '\0') { 688 if (id > 1 && s[id-1] == '/') { 689 --id; 690 } 691 s[id++] = '\0'; 692 break; 693 } 694 /* previous character was a / */ 695 if (slashseen) { 696 if (s[is] == '/') 697 continue; /* another slash, ignore it */ 698 } else if (s[is] == '/') { 699 /* we see a /, just copy it and try again */ 700 slashseen = 1; 701 s[id++] = '/'; 702 continue; 703 } 704 /* /./ seen */ 705 if (s[is] == '.' && s[is+1] == '/') { 706 is += 1; 707 continue; 708 } 709 /* XXX/. seen */ 710 if (s[is] == '.' && s[is+1] == '\0') { 711 if (id > 1) 712 id--; 713 continue; 714 } 715 /* XXX/.. seen */ 716 if (s[is] == '.' && s[is+1] == '.' && s[is+2] == '\0') { 717 is += 1; 718 if (id > 0) 719 id--; 720 while (id > 0 && s[--id] != '/'); 721 id++; 722 continue; 723 } 724 /* XXX/../ seen */ 725 if (s[is] == '.' && s[is+1] == '.' && s[is+2] == '/') { 726 is += 2; 727 if (id > 0) 728 id--; 729 while (id > 0 && s[--id] != '/'); 730 id++; 731 continue; 732 } 733 while (is < ls && (s[id++] = s[is++]) != '/'); 734 is--; 735 } 736 return (s); 737 } 738 739 /* 740 * ----------------------------------------------------------------------- 741 * cmd_token() : Process cmd token and display contents 742 * return codes : -1 - error 743 * : 0 - successful 744 * NOTE: At the time of call, the cmd token id has been retrieved 745 * 746 * Format of command token: 747 * token id adr_char 748 * argc adr_short 749 * N*argv[i] adr_string (short, string) 750 * env cnt adr_short 751 * N*arge[i] adr_string (short, string) 752 * ----------------------------------------------------------------------- 753 */ 754 int 755 cmd_token(pr_context_t *context) 756 { 757 int returnstat; 758 short num; 759 760 returnstat = pr_adr_short(context, &num, 1); 761 if (returnstat < 0) 762 return (returnstat); 763 764 if (!(context->format & PRF_XMLM)) { 765 returnstat = pr_printf(context, "%s%s%d%s", 766 (context->format & PRF_ONELINE) ? "" : gettext("argcnt"), 767 (context->format & PRF_ONELINE) ? "" : context->SEPARATOR, 768 num, context->SEPARATOR); 769 if (returnstat < 0) 770 return (returnstat); 771 } 772 773 for (; num > 0; num--) { 774 if ((returnstat = process_tag(context, TAG_ARGV, 775 returnstat, 0)) < 0) 776 return (returnstat); 777 } 778 779 if ((returnstat = pr_adr_short(context, &num, 1)) < 0) 780 return (returnstat); 781 782 if (!(context->format & PRF_XMLM)) { 783 returnstat = pr_printf(context, "%s%s%d%s", 784 (context->format & PRF_ONELINE) ? "" : gettext("envcnt"), 785 (context->format & PRF_ONELINE) ? "" : context->SEPARATOR, 786 num, context->SEPARATOR); 787 if (returnstat < 0) 788 return (returnstat); 789 } 790 791 if ((num == 0) && !(context->format & PRF_XMLM)) { 792 returnstat = pr_putchar(context, '\n'); 793 if (returnstat < 0) 794 return (returnstat); 795 } 796 797 for (; num > 1; num--) { 798 if ((returnstat = process_tag(context, TAG_ARGE, 799 returnstat, 0)) < 0) 800 return (returnstat); 801 } 802 if (num) 803 returnstat = process_tag(context, TAG_ARGE, returnstat, 1); 804 805 return (returnstat); 806 807 } 808 809 /* 810 * ----------------------------------------------------------------------- 811 * argument32_token() : Process argument token and display contents 812 * return codes : -1 - error 813 * : 0 - successful 814 * NOTE: At the time of call, the arg token id has been retrieved 815 * 816 * Format of argument token: 817 * current directory token id adr_char 818 * argument number adr_char 819 * argument value adr_int32 820 * argument description adr_string 821 * ----------------------------------------------------------------------- 822 */ 823 int 824 argument32_token(pr_context_t *context) 825 { 826 int returnstat; 827 828 returnstat = process_tag(context, TAG_ARGNUM, 0, 0); 829 returnstat = process_tag(context, TAG_ARGVAL32, returnstat, 0); 830 returnstat = process_tag(context, TAG_ARGDESC, returnstat, 1); 831 832 return (returnstat); 833 834 } 835 836 /* 837 * ----------------------------------------------------------------------- 838 * argument64_token() : Process argument token and display contents 839 * return codes : -1 - error 840 * : 0 - successful 841 * NOTE: At the time of call, the arg token id has been retrieved 842 * 843 * Format of 64 bit argument token: 844 * current directory token id adr_char 845 * argument number adr_char 846 * argument value adr_int64 847 * argument description adr_string 848 * ----------------------------------------------------------------------- 849 */ 850 int 851 argument64_token(pr_context_t *context) 852 { 853 int returnstat; 854 855 returnstat = process_tag(context, TAG_ARGNUM, 0, 0); 856 returnstat = process_tag(context, TAG_ARGVAL64, returnstat, 0); 857 returnstat = process_tag(context, TAG_ARGDESC, returnstat, 1); 858 859 return (returnstat); 860 861 } 862 863 /* 864 * ----------------------------------------------------------------------- 865 * process_token() : Process process token and display contents 866 * return codes : -1 - error 867 * : 0 - successful 868 * NOTE: At the time of call, the process token id has been retrieved 869 * 870 * Format of process token: 871 * process token id adr_char 872 * auid adr_u_int32 873 * euid adr_u_int32 874 * egid adr_u_int32 875 * ruid adr_u_int32 876 * egid adr_u_int32 877 * pid adr_u_int32 878 * sid adr_u_int32 879 * tid adr_u_int32, adr_u_int32 880 * ----------------------------------------------------------------------- 881 */ 882 int 883 process32_token(pr_context_t *context) 884 { 885 int returnstat; 886 887 /* auid */ 888 returnstat = process_tag(context, TAG_AUID, 0, 0); 889 /* uid */ 890 returnstat = process_tag(context, TAG_UID, returnstat, 0); 891 /* gid */ 892 returnstat = process_tag(context, TAG_GID, returnstat, 0); 893 /* ruid */ 894 returnstat = process_tag(context, TAG_RUID, returnstat, 0); 895 /* rgid */ 896 returnstat = process_tag(context, TAG_RGID, returnstat, 0); 897 /* pid */ 898 returnstat = process_tag(context, TAG_PID, returnstat, 0); 899 /* sid */ 900 returnstat = process_tag(context, TAG_SID, returnstat, 0); 901 /* tid */ 902 returnstat = process_tag(context, TAG_TID32, returnstat, 1); 903 904 return (returnstat); 905 } 906 907 int 908 process64_token(pr_context_t *context) 909 { 910 int returnstat; 911 912 /* auid */ 913 returnstat = process_tag(context, TAG_AUID, 0, 0); 914 /* uid */ 915 returnstat = process_tag(context, TAG_UID, returnstat, 0); 916 /* gid */ 917 returnstat = process_tag(context, TAG_GID, returnstat, 0); 918 /* ruid */ 919 returnstat = process_tag(context, TAG_RUID, returnstat, 0); 920 /* rgid */ 921 returnstat = process_tag(context, TAG_RGID, returnstat, 0); 922 /* pid */ 923 returnstat = process_tag(context, TAG_PID, returnstat, 0); 924 /* sid */ 925 returnstat = process_tag(context, TAG_SID, returnstat, 0); 926 /* tid */ 927 returnstat = process_tag(context, TAG_TID64, returnstat, 1); 928 929 return (returnstat); 930 } 931 932 /* 933 * ----------------------------------------------------------------------- 934 * process_ex_token() : Process process token and display contents 935 * return codes : -1 - error 936 * : 0 - successful 937 * NOTE: At the time of call, the process token id has been retrieved 938 * 939 * Format of extended process token: 940 * process token id adr_char 941 * auid adr_u_int32 942 * euid adr_u_int32 943 * egid adr_u_int32 944 * ruid adr_u_int32 945 * egid adr_u_int32 946 * pid adr_u_int32 947 * sid adr_u_int32 948 * tid adr_u_int32, adr_u_int32, 4*adr_u_int32 949 * ----------------------------------------------------------------------- 950 */ 951 int 952 process32_ex_token(pr_context_t *context) 953 { 954 int returnstat; 955 956 /* auid */ 957 returnstat = process_tag(context, TAG_AUID, 0, 0); 958 /* uid */ 959 returnstat = process_tag(context, TAG_UID, returnstat, 0); 960 /* gid */ 961 returnstat = process_tag(context, TAG_GID, returnstat, 0); 962 /* ruid */ 963 returnstat = process_tag(context, TAG_RUID, returnstat, 0); 964 /* rgid */ 965 returnstat = process_tag(context, TAG_RGID, returnstat, 0); 966 /* pid */ 967 returnstat = process_tag(context, TAG_PID, returnstat, 0); 968 /* sid */ 969 returnstat = process_tag(context, TAG_SID, returnstat, 0); 970 /* tid */ 971 returnstat = process_tag(context, TAG_TID32_EX, returnstat, 1); 972 973 return (returnstat); 974 } 975 976 int 977 process64_ex_token(pr_context_t *context) 978 { 979 int returnstat; 980 981 /* auid */ 982 returnstat = process_tag(context, TAG_AUID, 0, 0); 983 /* uid */ 984 returnstat = process_tag(context, TAG_UID, returnstat, 0); 985 /* gid */ 986 returnstat = process_tag(context, TAG_GID, returnstat, 0); 987 /* ruid */ 988 returnstat = process_tag(context, TAG_RUID, returnstat, 0); 989 /* rgid */ 990 returnstat = process_tag(context, TAG_RGID, returnstat, 0); 991 /* pid */ 992 returnstat = process_tag(context, TAG_PID, returnstat, 0); 993 /* sid */ 994 returnstat = process_tag(context, TAG_SID, returnstat, 0); 995 /* tid */ 996 returnstat = process_tag(context, TAG_TID64_EX, returnstat, 1); 997 998 return (returnstat); 999 } 1000 1001 /* 1002 * ----------------------------------------------------------------------- 1003 * return_value32_token(): Process return value and display contents 1004 * return codes : -1 - error 1005 * : 0 - successful 1006 * NOTE: At the time of call, the return value token id has been retrieved 1007 * 1008 * Format of return value token: 1009 * return value token id adr_char 1010 * error number adr_char 1011 * return value adr_int32 1012 * ----------------------------------------------------------------------- 1013 */ 1014 int 1015 return_value32_token(pr_context_t *context) 1016 { 1017 int returnstat; 1018 uchar_t number; 1019 int32_t value; 1020 char pb[512]; /* print buffer */ 1021 uval_t uval; 1022 bool_t used_ret_val = 0; 1023 1024 /* 1025 * Every audit record generated contains a return token. 1026 * 1027 * The return token is a special token. It indicates the success 1028 * or failure of the event that contains it. 1029 * The return32 token contains two pieces of data: 1030 * 1031 * char number; 1032 * int32_t return_value; 1033 * 1034 * For audit records generated by the kernel: 1035 * The kernel always puts a positive value in "number". 1036 * Upon success "number" is 0. 1037 * Upon failure "number" is a positive errno value that is less than 1038 * sys_nerr. 1039 * 1040 * For audit records generated at the user level: 1041 * Upon success "number" is 0. 1042 * Upon failure "number" is -1. 1043 * 1044 * For both kernel and user land the value of "return_value" is 1045 * arbitrary. For the kernel it contains the return value of 1046 * the system call. For user land it contains an arbitrary return 1047 * value if it is less than ADT_FAIL_VALUE; ADT_FAIL_VALUE 1048 * and above are messages defined in adt_event.h. ADT_FAIL_PAM and 1049 * above are messages from pam_strerror(). No interpretation is done 1050 * on "return_value" if it is outside the range of ADT_FAIL_VALUE_* or 1051 * ADT_FAIL_PAM values. 1052 */ 1053 if ((returnstat = open_tag(context, TAG_ERRVAL)) != 0) 1054 return (returnstat); 1055 1056 if ((returnstat = pr_adr_u_char(context, &number, 1)) == 0) { 1057 if (!(context->format & PRF_RAWM)) { 1058 used_ret_val = 1; 1059 pa_error(number, pb, sizeof (pb)); 1060 uval.uvaltype = PRA_STRING; 1061 uval.string_val = pb; 1062 if ((returnstat = pa_print(context, &uval, 0)) != 0) 1063 return (returnstat); 1064 if ((returnstat = close_tag(context, TAG_ERRVAL)) != 0) 1065 return (returnstat); 1066 if ((returnstat = open_tag(context, TAG_RETVAL)) != 0) 1067 return (returnstat); 1068 1069 if ((returnstat = pr_adr_int32( 1070 context, &value, 1)) != 0) 1071 return (returnstat); 1072 1073 pa_retval(value, pb, sizeof (pb)); 1074 } else { 1075 uval.uvaltype = PRA_INT32; 1076 if ((char)number == -1) 1077 uval.int32_val = -1; 1078 else 1079 uval.int32_val = number; 1080 } 1081 returnstat = pa_print(context, &uval, used_ret_val); 1082 } 1083 if (used_ret_val) { 1084 if (returnstat == 0) 1085 returnstat = close_tag(context, TAG_RETVAL); 1086 return (returnstat); 1087 } 1088 if (!returnstat) 1089 if (returnstat = close_tag(context, TAG_ERRVAL)) 1090 return (returnstat); 1091 1092 return (process_tag(context, TAG_RETVAL, returnstat, 1)); 1093 } 1094 1095 /* 1096 * ----------------------------------------------------------------------- 1097 * return_value64_token(): Process return value and display contents 1098 * return codes : -1 - error 1099 * : 0 - successful 1100 * NOTE: At the time of call, the return value token id has been retrieved 1101 * 1102 * Format of return value token: 1103 * return value token id adr_char 1104 * error number adr_char 1105 * return value adr_int64 1106 * 1107 * HOWEVER, the 64 bit return value is a concatenation of two 1108 * 32 bit return values; the first of which is the same as is 1109 * carried in the return32 token. The second 32 bits are ignored 1110 * here so that the displayed return token will have the same 1111 * number whether the application is 32 or 64 bits. 1112 * ----------------------------------------------------------------------- 1113 */ 1114 int 1115 return_value64_token(pr_context_t *context) 1116 { 1117 int returnstat; 1118 uchar_t number; 1119 rval_t rval; 1120 char pb[512]; /* print buffer */ 1121 uval_t uval; 1122 1123 /* 1124 * Every audit record generated contains a return token. 1125 * 1126 * The return token is a special token. It indicates the success 1127 * or failure of the event that contains it. 1128 * The return64 token contains two pieces of data: 1129 * 1130 * char number; 1131 * int64_t return_value; 1132 * 1133 * For audit records generated by the kernel: 1134 * The kernel always puts a positive value in "number". 1135 * Upon success "number" is 0. 1136 * Upon failure "number" is a positive errno value that is less than 1137 * sys_nerr. 1138 * 1139 * For audit records generated at the user level: 1140 * Upon success "number" is 0. 1141 * Upon failure "number" is -1. 1142 * 1143 * For both kernel and user land the value of "return_value" is 1144 * arbitrary. For the kernel it contains the return value of 1145 * the system call. For user land it contains an arbitrary return 1146 * value if it is less than ADT_FAIL_VALUE; ADT_FAIL_VALUE 1147 * and above are messages defined in adt_event.h. ADT_FAIL_PAM and 1148 * above are messages from pam_strerror(). No interpretation is done 1149 * on "return_value" if it is outside the range of ADT_FAIL_VALUE_* or 1150 * ADT_FAIL_PAM values. 1151 * 1152 * The 64 bit return value consists of two 32bit parts; for 1153 * system calls, the first part is the value returned by the 1154 * system call and the second part depends on the system call 1155 * implementation. In most cases, the second part is either 0 1156 * or garbage; because of that, it is omitted from the praudit 1157 * output. 1158 */ 1159 if ((returnstat = open_tag(context, TAG_ERRVAL)) != 0) 1160 return (returnstat); 1161 1162 if ((returnstat = pr_adr_u_char(context, &number, 1)) == 0) { 1163 if (!(context->format & PRF_RAWM)) { 1164 pa_error(number, pb, sizeof (pb)); 1165 uval.uvaltype = PRA_STRING; 1166 uval.string_val = pb; 1167 if ((returnstat = pa_print(context, &uval, 0)) != 0) 1168 return (returnstat); 1169 1170 if ((returnstat = close_tag(context, TAG_ERRVAL)) != 0) 1171 return (returnstat); 1172 if ((returnstat = open_tag(context, TAG_RETVAL)) != 0) 1173 return (returnstat); 1174 1175 if ((returnstat = pr_adr_int64(context, 1176 &rval.r_vals, 1)) != 0) 1177 return (returnstat); 1178 pa_retval(rval.r_val1, pb, sizeof (pb)); 1179 } else { 1180 uval.uvaltype = PRA_INT32; 1181 if ((char)number == -1) 1182 uval.int32_val = -1; 1183 else 1184 uval.int32_val = number; 1185 1186 if ((returnstat = pa_print(context, &uval, 0)) != 0) 1187 return (returnstat); 1188 1189 if ((returnstat = close_tag(context, TAG_ERRVAL)) != 0) 1190 return (returnstat); 1191 if ((returnstat = open_tag(context, TAG_RETVAL)) != 0) 1192 return (returnstat); 1193 1194 if ((returnstat = pr_adr_int64(context, 1195 &rval.r_vals, 1)) != 0) 1196 return (returnstat); 1197 uval.int32_val = rval.r_val1; 1198 } 1199 returnstat = pa_print(context, &uval, 1); 1200 } else { 1201 return (returnstat); 1202 } 1203 1204 if (returnstat == 0) 1205 returnstat = close_tag(context, TAG_RETVAL); 1206 1207 return (returnstat); 1208 } 1209 1210 /* 1211 * ----------------------------------------------------------------------- 1212 * subject32_token() : Process subject token and display contents 1213 * return codes : -1 - error 1214 * : 0 - successful 1215 * NOTE: At the time of call, the subject token id has been retrieved 1216 * 1217 * Format of subject token: 1218 * subject token id adr_char 1219 * auid adr_u_int32 1220 * euid adr_u_int32 1221 * egid adr_u_int32 1222 * ruid adr_u_int32 1223 * egid adr_u_int32 1224 * pid adr_u_int32 1225 * sid adr_u_int32 1226 * tid adr_u_int32, adr_u_int32 1227 * ----------------------------------------------------------------------- 1228 */ 1229 int 1230 subject32_token(pr_context_t *context) 1231 { 1232 int returnstat; 1233 1234 /* auid */ 1235 returnstat = process_tag(context, TAG_AUID, 0, 0); 1236 /* uid */ 1237 returnstat = process_tag(context, TAG_UID, returnstat, 0); 1238 /* gid */ 1239 returnstat = process_tag(context, TAG_GID, returnstat, 0); 1240 /* ruid */ 1241 returnstat = process_tag(context, TAG_RUID, returnstat, 0); 1242 /* rgid */ 1243 returnstat = process_tag(context, TAG_RGID, returnstat, 0); 1244 /* pid */ 1245 returnstat = process_tag(context, TAG_PID, returnstat, 0); 1246 /* sid */ 1247 returnstat = process_tag(context, TAG_SID, returnstat, 0); 1248 /* tid */ 1249 returnstat = process_tag(context, TAG_TID32, returnstat, 1); 1250 1251 return (returnstat); 1252 } 1253 1254 int 1255 subject64_token(pr_context_t *context) 1256 { 1257 int returnstat; 1258 1259 /* auid */ 1260 returnstat = process_tag(context, TAG_AUID, 0, 0); 1261 /* uid */ 1262 returnstat = process_tag(context, TAG_UID, returnstat, 0); 1263 /* gid */ 1264 returnstat = process_tag(context, TAG_GID, returnstat, 0); 1265 /* ruid */ 1266 returnstat = process_tag(context, TAG_RUID, returnstat, 0); 1267 /* rgid */ 1268 returnstat = process_tag(context, TAG_RGID, returnstat, 0); 1269 /* pid */ 1270 returnstat = process_tag(context, TAG_PID, returnstat, 0); 1271 /* sid */ 1272 returnstat = process_tag(context, TAG_SID, returnstat, 0); 1273 /* tid */ 1274 returnstat = process_tag(context, TAG_TID64, returnstat, 1); 1275 1276 return (returnstat); 1277 } 1278 1279 /* 1280 * ----------------------------------------------------------------------- 1281 * subject_ex_token(): Process subject token and display contents 1282 * return codes : -1 - error 1283 * : 0 - successful 1284 * NOTE: At the time of call, the subject token id has been retrieved 1285 * 1286 * Format of extended subject token: 1287 * subject token id adr_char 1288 * auid adr_u_int32 1289 * euid adr_u_int32 1290 * egid adr_u_int32 1291 * ruid adr_u_int32 1292 * egid adr_u_int32 1293 * pid adr_u_int32 1294 * sid adr_u_int32 1295 * tid adr_u_int32, adr_u_int32 1296 * ----------------------------------------------------------------------- 1297 */ 1298 int 1299 subject32_ex_token(pr_context_t *context) 1300 { 1301 int returnstat; 1302 1303 /* auid */ 1304 returnstat = process_tag(context, TAG_AUID, 0, 0); 1305 /* uid */ 1306 returnstat = process_tag(context, TAG_UID, returnstat, 0); 1307 /* gid */ 1308 returnstat = process_tag(context, TAG_GID, returnstat, 0); 1309 /* ruid */ 1310 returnstat = process_tag(context, TAG_RUID, returnstat, 0); 1311 /* rgid */ 1312 returnstat = process_tag(context, TAG_RGID, returnstat, 0); 1313 /* pid */ 1314 returnstat = process_tag(context, TAG_PID, returnstat, 0); 1315 /* sid */ 1316 returnstat = process_tag(context, TAG_SID, returnstat, 0); 1317 /* tid */ 1318 returnstat = process_tag(context, TAG_TID32_EX, returnstat, 1); 1319 1320 return (returnstat); 1321 } 1322 1323 int 1324 subject64_ex_token(pr_context_t *context) 1325 { 1326 int returnstat; 1327 1328 /* auid */ 1329 returnstat = process_tag(context, TAG_AUID, 0, 0); 1330 /* uid */ 1331 returnstat = process_tag(context, TAG_UID, returnstat, 0); 1332 /* gid */ 1333 returnstat = process_tag(context, TAG_GID, returnstat, 0); 1334 /* ruid */ 1335 returnstat = process_tag(context, TAG_RUID, returnstat, 0); 1336 /* rgid */ 1337 returnstat = process_tag(context, TAG_RGID, returnstat, 0); 1338 /* pid */ 1339 returnstat = process_tag(context, TAG_PID, returnstat, 0); 1340 /* sid */ 1341 returnstat = process_tag(context, TAG_SID, returnstat, 0); 1342 /* tid */ 1343 returnstat = process_tag(context, TAG_TID64_EX, returnstat, 1); 1344 1345 return (returnstat); 1346 } 1347 1348 /* 1349 * ----------------------------------------------------------------------- 1350 * s5_IPC_token() : Process System V IPC token and display contents 1351 * return codes : -1 - error 1352 * : 0 - successful 1353 * NOTE: At the time of call, the System V IPC id has been retrieved 1354 * 1355 * Format of System V IPC token: 1356 * System V IPC token id adr_char 1357 * object id adr_int32 1358 * ----------------------------------------------------------------------- 1359 */ 1360 int 1361 s5_IPC_token(pr_context_t *context) 1362 { 1363 int returnstat; 1364 uchar_t ipctype; 1365 uval_t uval; 1366 1367 /* 1368 * TRANSLATION_NOTE 1369 * These names refer to the type of System V IPC object: 1370 * message queue, semaphore, shared memory. 1371 */ 1372 1373 if (pr_adr_u_char(context, &ipctype, 1) == 0) { 1374 if ((returnstat = open_tag(context, TAG_IPCTYPE)) != 0) 1375 return (returnstat); 1376 1377 if (!(context->format & PRF_RAWM)) { 1378 /* print in ASCII form */ 1379 uval.uvaltype = PRA_STRING; 1380 switch (ipctype) { 1381 case AT_IPC_MSG: 1382 uval.string_val = gettext("msg"); 1383 break; 1384 case AT_IPC_SEM: 1385 uval.string_val = gettext("sem"); 1386 break; 1387 case AT_IPC_SHM: 1388 uval.string_val = gettext("shm"); 1389 break; 1390 } 1391 returnstat = pa_print(context, &uval, 0); 1392 } 1393 /* print in integer form */ 1394 if ((context->format & PRF_RAWM) || (returnstat == 1)) { 1395 uval.uvaltype = PRA_BYTE; 1396 uval.char_val = ipctype; 1397 returnstat = pa_print(context, &uval, 0); 1398 } 1399 if ((returnstat = close_tag(context, TAG_IPCTYPE)) != 0) 1400 return (returnstat); 1401 1402 /* next get and print ipc id */ 1403 return (process_tag(context, TAG_IPCID, returnstat, 1)); 1404 } else { 1405 /* cannot retrieve ipc type */ 1406 return (-1); 1407 } 1408 } 1409 1410 /* 1411 * ----------------------------------------------------------------------- 1412 * text_token() : Process text token and display contents 1413 * return codes : -1 - error 1414 * : 0 - successful 1415 * NOTE: At the time of call, the text token id has been retrieved 1416 * 1417 * Format of text token: 1418 * text token id adr_char 1419 * text adr_string 1420 * ----------------------------------------------------------------------- 1421 */ 1422 int 1423 text_token(pr_context_t *context) 1424 { 1425 return (pa_adr_string(context, 0, 1)); 1426 } 1427 1428 /* 1429 * ----------------------------------------------------------------------- 1430 * tid_token() : Process a generic terminal id token / AUT_TID 1431 * return codes : -1 - error 1432 * : 0 - successful 1433 * NOTE: At the time of call, the token id has been retrieved 1434 * 1435 * Format of tid token: 1436 * ip token id adr_char 1437 * terminal type adr_char 1438 * terminal type = AU_IPADR: 1439 * remote port: adr_short 1440 * local port: adr_short 1441 * IP type: adt_int32 -- AU_IPv4 or AU_IPv6 1442 * address: adr_int32 if IPv4, else 4 * adr_int32 1443 * ----------------------------------------------------------------------- 1444 */ 1445 int 1446 tid_token(pr_context_t *context) 1447 { 1448 int returnstat; 1449 uchar_t type; 1450 uval_t uval; 1451 1452 if ((returnstat = pr_adr_u_char(context, &type, 1)) != 0) 1453 return (returnstat); 1454 uval.uvaltype = PRA_STRING; 1455 if ((returnstat = open_tag(context, TAG_TID_TYPE)) != 0) 1456 return (returnstat); 1457 1458 switch (type) { 1459 default: 1460 return (-1); /* other than IP type is not implemented */ 1461 case AU_IPADR: 1462 uval.string_val = "ip"; 1463 returnstat = pa_print(context, &uval, 0); 1464 returnstat = close_tag(context, TAG_TID_TYPE); 1465 returnstat = open_tag(context, TAG_IP); 1466 returnstat = process_tag(context, TAG_IP_REMOTE, returnstat, 0); 1467 returnstat = process_tag(context, TAG_IP_LOCAL, returnstat, 0); 1468 returnstat = process_tag(context, TAG_IP_ADR, returnstat, 1); 1469 returnstat = close_tag(context, TAG_IP); 1470 break; 1471 } 1472 return (returnstat); 1473 } 1474 1475 /* 1476 * ----------------------------------------------------------------------- 1477 * ip_addr_token() : Process ip token and display contents 1478 * return codes : -1 - error 1479 * : 0 - successful 1480 * NOTE: At the time of call, the ip token id has been retrieved 1481 * 1482 * Format of ip address token: 1483 * ip token id adr_char 1484 * address adr_int32 (printed in hex) 1485 * ----------------------------------------------------------------------- 1486 */ 1487 1488 int 1489 ip_addr_token(pr_context_t *context) 1490 { 1491 return (pa_hostname(context, 0, 1)); 1492 } 1493 1494 int 1495 ip_addr_ex_token(pr_context_t *context) 1496 { 1497 int returnstat; 1498 uint32_t ip_addr[16]; 1499 uint32_t ip_type; 1500 struct in_addr ia; 1501 char *ipstring; 1502 char buf[256]; 1503 uval_t uval; 1504 1505 /* get address type */ 1506 if ((returnstat = pr_adr_u_int32(context, &ip_type, 1)) != 0) 1507 return (returnstat); 1508 1509 /* legal address types are either AU_IPv4 or AU_IPv6 only */ 1510 if ((ip_type != AU_IPv4) && (ip_type != AU_IPv6)) 1511 return (-1); 1512 1513 /* get address (4/16) */ 1514 if ((returnstat = pr_adr_char(context, (char *)ip_addr, ip_type)) != 0) 1515 return (returnstat); 1516 1517 uval.uvaltype = PRA_STRING; 1518 if (ip_type == AU_IPv4) { 1519 uval.string_val = buf; 1520 1521 if (!(context->format & PRF_RAWM)) { 1522 get_Hname(ip_addr[0], buf, sizeof (buf)); 1523 return (pa_print(context, &uval, 1)); 1524 } 1525 1526 ia.s_addr = ip_addr[0]; 1527 if ((ipstring = inet_ntoa(ia)) == NULL) 1528 return (-1); 1529 1530 (void) snprintf(buf, sizeof (buf), "%s", ipstring); 1531 1532 } else { 1533 uval.string_val = buf; 1534 1535 if (!(context->format & PRF_RAWM)) { 1536 get_Hname_ex(ip_addr, buf, sizeof (buf)); 1537 return (pa_print(context, &uval, 1)); 1538 } 1539 1540 (void) inet_ntop(AF_INET6, (void *) ip_addr, buf, 1541 sizeof (buf)); 1542 1543 } 1544 1545 return (pa_print(context, &uval, 1)); 1546 } 1547 1548 /* 1549 * ----------------------------------------------------------------------- 1550 * ip_token() : Process ip header token and display contents 1551 * return codes : -1 - error 1552 * : 0 - successful 1553 * NOTE: At the time of call, the ip token id has been retrieved 1554 * 1555 * Format of ip header token: 1556 * ip header token id adr_char 1557 * version adr_char (printed in hex) 1558 * type of service adr_char (printed in hex) 1559 * length adr_short 1560 * id adr_u_short 1561 * offset adr_u_short 1562 * ttl adr_char (printed in hex) 1563 * protocol adr_char (printed in hex) 1564 * checksum adr_u_short 1565 * source address adr_int32 (printed in hex) 1566 * destination address adr_int32 (printed in hex) 1567 * ----------------------------------------------------------------------- 1568 */ 1569 int 1570 ip_token(pr_context_t *context) 1571 { 1572 int returnstat; 1573 1574 returnstat = process_tag(context, TAG_IPVERS, 0, 0); 1575 returnstat = process_tag(context, TAG_IPSERV, returnstat, 0); 1576 returnstat = process_tag(context, TAG_IPLEN, returnstat, 0); 1577 returnstat = process_tag(context, TAG_IPID, returnstat, 0); 1578 returnstat = process_tag(context, TAG_IPOFFS, returnstat, 0); 1579 returnstat = process_tag(context, TAG_IPTTL, returnstat, 0); 1580 returnstat = process_tag(context, TAG_IPPROTO, returnstat, 0); 1581 returnstat = process_tag(context, TAG_IPCKSUM, returnstat, 0); 1582 returnstat = process_tag(context, TAG_IPSRC, returnstat, 0); 1583 returnstat = process_tag(context, TAG_IPDEST, returnstat, 1); 1584 1585 return (returnstat); 1586 } 1587 1588 /* 1589 * ----------------------------------------------------------------------- 1590 * iport_token() : Process ip port address token and display contents 1591 * return codes : -1 - error 1592 * : 0 - successful 1593 * NOTE: At time of call, the ip port address token id has been retrieved 1594 * 1595 * Format of ip port token: 1596 * ip port address token id adr_char 1597 * port address adr_short (in hex) 1598 * ----------------------------------------------------------------------- 1599 */ 1600 int 1601 iport_token(pr_context_t *context) 1602 { 1603 return (pa_adr_shorthex(context, 0, 1)); 1604 } 1605 1606 /* 1607 * ----------------------------------------------------------------------- 1608 * socket_token() : Process socket token and display contents 1609 * return codes : -1 - error 1610 * : 0 - successful 1611 * NOTE: At time of call, the socket token id has been retrieved 1612 * 1613 * Format of socket token: 1614 * ip socket token id adr_char 1615 * socket type adr_short (in hex) 1616 * foreign port adr_short (in hex) 1617 * foreign internet address adr_hostname/adr_int32 (in ascii/hex) 1618 * ----------------------------------------------------------------------- 1619 * 1620 * Note: local port and local internet address have been removed for 5.x 1621 */ 1622 int 1623 socket_token(pr_context_t *context) 1624 { 1625 int returnstat; 1626 1627 returnstat = process_tag(context, TAG_SOCKTYPE, 0, 0); 1628 returnstat = process_tag(context, TAG_SOCKPORT, returnstat, 0); 1629 if (returnstat != 0) 1630 return (returnstat); 1631 1632 if ((returnstat = open_tag(context, TAG_SOCKADDR)) != 0) 1633 return (returnstat); 1634 1635 if ((returnstat = pa_hostname(context, returnstat, 1)) != 0) 1636 return (returnstat); 1637 1638 return (close_tag(context, TAG_SOCKADDR)); 1639 } 1640 1641 /* 1642 * ----------------------------------------------------------------------- 1643 * socket_ex_token() : Process socket token and display contents 1644 * return codes : -1 - error 1645 * : 0 - successful 1646 * NOTE: At time of call, the extended socket token id has been retrieved 1647 * 1648 * Format of extended socket token: 1649 * token id adr_char 1650 * socket domain adr_short (in hex) 1651 * socket type adr_short (in hex) 1652 * IP address type adr_short (in hex) [not displayed] 1653 * local port adr_short (in hex) 1654 * local internet address adr_hostname/adr_int32 (in ascii/hex) 1655 * foreign port adr_short (in hex) 1656 * foreign internet address adr_hostname/adr_int32 (in ascii/hex) 1657 * ----------------------------------------------------------------------- 1658 * 1659 * Note: local port and local internet address have been removed for 5.x 1660 */ 1661 int 1662 socket_ex_token(pr_context_t *context) 1663 { 1664 int returnstat; 1665 1666 returnstat = process_tag(context, TAG_SOCKEXDOM, 0, 0); 1667 returnstat = process_tag(context, TAG_SOCKEXTYPE, returnstat, 0); 1668 returnstat = pa_hostname_so(context, returnstat, 1); 1669 1670 return (returnstat); 1671 } 1672 1673 /* 1674 * ----------------------------------------------------------------------- 1675 * sequence_token() : Process sequence token and display contents 1676 * return codes : -1 - error 1677 * : 0 - successful 1678 * NOTE: At time of call, the socket token id has been retrieved 1679 * 1680 * Format of sequence token: 1681 * sequence token id adr_char 1682 * sequence number adr_u_int32 (in hex) 1683 * ----------------------------------------------------------------------- 1684 */ 1685 int 1686 sequence_token(pr_context_t *context) 1687 { 1688 return (process_tag(context, TAG_SEQNUM, 0, 1)); 1689 } 1690 1691 /* 1692 * ----------------------------------------------------------------------- 1693 * acl_token() : Process access control list term 1694 * return codes : -1 - error 1695 * : 0 - successful 1696 * 1697 * Format of acl token: 1698 * token id adr_char 1699 * term type adr_u_int32 1700 * term value adr_u_int32 (depends on type) 1701 * file mode adr_u_int (in octal) 1702 * ----------------------------------------------------------------------- 1703 */ 1704 int 1705 acl_token(pr_context_t *context) 1706 { 1707 int returnstat; 1708 1709 returnstat = pa_pw_uid_gr_gid(context, 0, 0); 1710 1711 return (process_tag(context, TAG_MODE, returnstat, 1)); 1712 } 1713 1714 /* 1715 * ----------------------------------------------------------------------- 1716 * attribute_token() : Process attribute token and display contents 1717 * return codes : -1 - error 1718 * : 0 - successful 1719 * NOTE: At the time of call, the attribute token id has been retrieved 1720 * 1721 * Format of attribute token: 1722 * attribute token id adr_char 1723 * mode adr_u_int (printed in octal) 1724 * uid adr_u_int 1725 * gid adr_u_int 1726 * file system id adr_int 1727 * 1728 * node id adr_int (attribute_token 1729 * pre SunOS 5.7) 1730 * device adr_u_int 1731 * or 1732 * node id adr_int64 (attribute32_token) 1733 * device adr_u_int 1734 * or 1735 * node id adr_int64 (attribute64_token) 1736 * device adr_u_int64 1737 * ----------------------------------------------------------------------- 1738 */ 1739 int 1740 attribute_token(pr_context_t *context) 1741 { 1742 int returnstat; 1743 1744 returnstat = process_tag(context, TAG_MODE, 0, 0); 1745 returnstat = process_tag(context, TAG_UID, returnstat, 0); 1746 returnstat = process_tag(context, TAG_GID, returnstat, 0); 1747 returnstat = process_tag(context, TAG_FSID, returnstat, 0); 1748 returnstat = process_tag(context, TAG_NODEID32, returnstat, 0); 1749 returnstat = process_tag(context, TAG_DEVICE32, returnstat, 1); 1750 1751 return (returnstat); 1752 } 1753 1754 int 1755 attribute32_token(pr_context_t *context) 1756 { 1757 int returnstat; 1758 1759 returnstat = process_tag(context, TAG_MODE, 0, 0); 1760 returnstat = process_tag(context, TAG_UID, returnstat, 0); 1761 returnstat = process_tag(context, TAG_GID, returnstat, 0); 1762 returnstat = process_tag(context, TAG_FSID, returnstat, 0); 1763 returnstat = process_tag(context, TAG_NODEID64, returnstat, 0); 1764 returnstat = process_tag(context, TAG_DEVICE32, returnstat, 1); 1765 1766 return (returnstat); 1767 } 1768 1769 int 1770 attribute64_token(pr_context_t *context) 1771 { 1772 int returnstat; 1773 1774 returnstat = process_tag(context, TAG_MODE, 0, 0); 1775 returnstat = process_tag(context, TAG_UID, returnstat, 0); 1776 returnstat = process_tag(context, TAG_GID, returnstat, 0); 1777 returnstat = process_tag(context, TAG_FSID, returnstat, 0); 1778 returnstat = process_tag(context, TAG_NODEID64, returnstat, 0); 1779 returnstat = process_tag(context, TAG_DEVICE64, returnstat, 1); 1780 1781 return (returnstat); 1782 } 1783 1784 /* 1785 * ----------------------------------------------------------------------- 1786 * group_token() : Process group token and display contents 1787 * return codes : -1 - error 1788 * : 0 - successful 1789 * NOTE: At the time of call, the group token id has been retrieved 1790 * 1791 * Format of group token: 1792 * group token id adr_char 1793 * group list adr_long, 16 times 1794 * ----------------------------------------------------------------------- 1795 */ 1796 int 1797 group_token(pr_context_t *context) 1798 { 1799 int returnstat = 0; 1800 int i; 1801 1802 for (i = 0; i < NGROUPS_MAX - 1; i++) { 1803 if ((returnstat = process_tag(context, TAG_GROUPID, 1804 returnstat, 0)) < 0) 1805 return (returnstat); 1806 } 1807 1808 return (process_tag(context, TAG_GROUPID, returnstat, 1)); 1809 } 1810 1811 /* 1812 * ----------------------------------------------------------------------- 1813 * newgroup_token() : Process group token and display contents 1814 * return codes : -1 - error 1815 * : 0 - successful 1816 * NOTE: At the time of call, the group token id has been retrieved 1817 * 1818 * Format of new group token: 1819 * group token id adr_char 1820 * group number adr_short 1821 * group list adr_int32, group number times 1822 * ----------------------------------------------------------------------- 1823 */ 1824 int 1825 newgroup_token(pr_context_t *context) 1826 { 1827 int returnstat; 1828 int i, num; 1829 short n_groups; 1830 1831 returnstat = pr_adr_short(context, &n_groups, 1); 1832 if (returnstat != 0) 1833 return (returnstat); 1834 1835 num = (int)n_groups; 1836 if (num == 0) { 1837 if (!(context->format & PRF_XMLM)) { 1838 /* sigh, have to put out a '\n' */ 1839 returnstat = pr_putchar(context, '\n'); 1840 } 1841 return (returnstat); 1842 } 1843 for (i = 0; i < num - 1; i++) { 1844 if ((returnstat = process_tag(context, TAG_GROUPID, 1845 returnstat, 0)) < 0) 1846 return (returnstat); 1847 } 1848 1849 return (process_tag(context, TAG_GROUPID, returnstat, 1)); 1850 } 1851 1852 static int 1853 string_token_common(pr_context_t *context, int tag) 1854 { 1855 int returnstat; 1856 int num; 1857 1858 returnstat = pr_adr_int32(context, (int32_t *)&num, 1); 1859 if (returnstat != 0) 1860 return (returnstat); 1861 1862 if (!(context->format & PRF_XMLM)) { 1863 returnstat = pr_printf(context, "%d%s", num, 1864 context->SEPARATOR); 1865 if (returnstat != 0) 1866 return (returnstat); 1867 } 1868 1869 if (num == 0) 1870 return (0); 1871 1872 for (; num > 1; num--) { 1873 if ((returnstat = (process_tag(context, tag, 1874 returnstat, 0))) < 0) 1875 return (returnstat); 1876 } 1877 1878 return (process_tag(context, tag, returnstat, 1)); 1879 } 1880 1881 int 1882 path_attr_token(pr_context_t *context) 1883 { 1884 return (string_token_common(context, TAG_XAT)); 1885 } 1886 1887 int 1888 exec_args_token(pr_context_t *context) 1889 { 1890 return (string_token_common(context, TAG_ARG)); 1891 } 1892 1893 int 1894 exec_env_token(pr_context_t *context) 1895 { 1896 return (string_token_common(context, TAG_ENV)); 1897 } 1898 1899 /* 1900 * ----------------------------------------------------------------------- 1901 * s5_IPC_perm_token() : Process System V IPC permission token and display 1902 * contents 1903 * return codes : -1 - error 1904 * : 0 - successful 1905 * NOTE: At the time of call, the System V IPC permission token id 1906 * has been retrieved 1907 * 1908 * Format of System V IPC permission token: 1909 * System V IPC permission token id adr_char 1910 * uid adr_u_int32 1911 * gid adr_u_int32 1912 * cuid adr_u_int32 1913 * cgid adr_u_int32 1914 * mode adr_u_int32 1915 * seq adr_u_int32 1916 * key adr_int32 1917 * ----------------------------------------------------------------------- 1918 */ 1919 int 1920 s5_IPC_perm_token(pr_context_t *context) 1921 { 1922 int returnstat; 1923 1924 returnstat = process_tag(context, TAG_UID, 0, 0); 1925 returnstat = process_tag(context, TAG_GID, returnstat, 0); 1926 returnstat = process_tag(context, TAG_CUID, returnstat, 0); 1927 returnstat = process_tag(context, TAG_CGID, returnstat, 0); 1928 returnstat = process_tag(context, TAG_MODE, returnstat, 0); 1929 returnstat = process_tag(context, TAG_SEQ, returnstat, 0); 1930 returnstat = process_tag(context, TAG_KEY, returnstat, 1); 1931 1932 return (returnstat); 1933 } 1934 1935 /* 1936 * ----------------------------------------------------------------------- 1937 * host_token() : Process host token and display contents 1938 * return codes : -1 - error 1939 * : 0 - successful 1940 * NOTE: At the time of call, the host token id has been retrieved 1941 * 1942 * Format of host token: 1943 * host token id adr_char 1944 * hostid adr_u_int32 1945 * ----------------------------------------------------------------------- 1946 */ 1947 int 1948 host_token(pr_context_t *context) 1949 { 1950 return (pa_hostname(context, 0, 1)); 1951 } 1952 1953 /* 1954 * ----------------------------------------------------------------------- 1955 * liaison_token() : Process liaison token and display contents 1956 * return codes : -1 - error 1957 * : 0 - successful 1958 * NOTE: At the time of call, the liaison token id has been retrieved 1959 * 1960 * Format of liaison token: 1961 * liaison token id adr_char 1962 * liaison adr_u_int32 1963 * ----------------------------------------------------------------------- 1964 */ 1965 int 1966 liaison_token(pr_context_t *context) 1967 { 1968 return (pa_liaison(context, 0, 1)); 1969 } 1970 1971 /* 1972 * ----------------------------------------------------------------------- 1973 * useofauth_token(): Process useofauth token and display contents 1974 * return codes : -1 - error 1975 * : 0 - successful 1976 * NOTE: At the time of call, the uauth token id has been retrieved 1977 * 1978 * Format of useofauth token: 1979 * uauth token id adr_char 1980 * uauth adr_string 1981 * ----------------------------------------------------------------------- 1982 */ 1983 int 1984 useofauth_token(pr_context_t *context) 1985 { 1986 return (pa_adr_string(context, 0, 1)); 1987 } 1988 1989 /* 1990 * ----------------------------------------------------------------------- 1991 * zonename_token(): Process zonename token and display contents 1992 * return codes : -1 - error 1993 * : 0 - successful 1994 * NOTE: At the time of call, the zonename token id has been retrieved 1995 * 1996 * Format of zonename token: 1997 * zonename token id adr_char 1998 * zone name adr_string 1999 * ----------------------------------------------------------------------- 2000 */ 2001 int 2002 zonename_token(pr_context_t *context) 2003 { 2004 return (process_tag(context, TAG_ZONENAME, 0, 1)); 2005 } 2006 2007 /* 2008 * ----------------------------------------------------------------------- 2009 * xatom_token() : Process Xatom token and display contents in hex. 2010 * return codes : -1 - error 2011 * : 0 - successful 2012 * NOTE: At the time of call, the xatom token id has been retrieved 2013 * 2014 * Format of xatom token: 2015 * token id adr_char 2016 * length adr_short 2017 * atom adr_char length times 2018 * ----------------------------------------------------------------------- 2019 */ 2020 int 2021 xatom_token(pr_context_t *context) 2022 { 2023 return (pa_adr_string(context, 0, 1)); 2024 } 2025 2026 int 2027 xcolormap_token(pr_context_t *context) 2028 { 2029 return (pa_xgeneric(context)); 2030 } 2031 2032 int 2033 xcursor_token(pr_context_t *context) 2034 { 2035 return (pa_xgeneric(context)); 2036 } 2037 2038 int 2039 xfont_token(pr_context_t *context) 2040 { 2041 return (pa_xgeneric(context)); 2042 } 2043 2044 int 2045 xgc_token(pr_context_t *context) 2046 { 2047 return (pa_xgeneric(context)); 2048 } 2049 2050 int 2051 xpixmap_token(pr_context_t *context) 2052 { 2053 return (pa_xgeneric(context)); 2054 } 2055 2056 int 2057 xwindow_token(pr_context_t *context) 2058 { 2059 return (pa_xgeneric(context)); 2060 } 2061 2062 /* 2063 * ----------------------------------------------------------------------- 2064 * xproperty_token(): Process Xproperty token and display contents 2065 * 2066 * return codes : -1 - error 2067 * : 0 - successful 2068 * NOTE: At the time of call, the xproperty token id has been retrieved 2069 * 2070 * Format of xproperty token: 2071 * token id adr_char 2072 * XID adr_u_int32 2073 * creator UID adr_u_int32 2074 * text adr_text 2075 * ----------------------------------------------------------------------- 2076 */ 2077 int 2078 xproperty_token(pr_context_t *context) 2079 { 2080 int returnstat; 2081 2082 returnstat = process_tag(context, TAG_XID, 0, 0); 2083 returnstat = process_tag(context, TAG_XCUID, returnstat, 0); 2084 2085 /* Done with attributes; force end of token open */ 2086 if (returnstat == 0) 2087 returnstat = finish_open_tag(context); 2088 2089 returnstat = pa_adr_string(context, returnstat, 1); 2090 2091 return (returnstat); 2092 } 2093 2094 /* 2095 * ----------------------------------------------------------------------- 2096 * xselect_token(): Process Xselect token and display contents in hex 2097 * 2098 * return codes : -1 - error 2099 * : 0 - successful 2100 * NOTE: At the time of call, the xselect token id has been retrieved 2101 * 2102 * Format of xselect token 2103 * text token id adr_char 2104 * property text adr_string 2105 * property type adr_string 2106 * property data adr_string 2107 * ----------------------------------------------------------------------- 2108 */ 2109 int 2110 xselect_token(pr_context_t *context) 2111 { 2112 int returnstat; 2113 2114 returnstat = process_tag(context, TAG_XSELTEXT, 0, 0); 2115 returnstat = process_tag(context, TAG_XSELTYPE, returnstat, 0); 2116 returnstat = process_tag(context, TAG_XSELDATA, returnstat, 1); 2117 2118 return (returnstat); 2119 } 2120 2121 /* 2122 * ----------------------------------------------------------------------- 2123 * xclient_token(): Process Xclient token and display contents in hex. 2124 * 2125 * return codes : -1 - error 2126 * : 0 - successful 2127 * 2128 * Format of xclient token: 2129 * token id adr_char 2130 * client adr_int32 2131 * ----------------------------------------------------------------------- 2132 */ 2133 int 2134 xclient_token(pr_context_t *context) 2135 { 2136 return (pa_adr_int32(context, 0, 1)); 2137 } 2138 2139 /* 2140 * ----------------------------------------------------------------------- 2141 * slabel_token() : Process sensitivity label token and display contents 2142 * return codes : -1 - error 2143 * : 0 - successful 2144 * NOTE: At the time of call, the slabel token id has been retrieved 2145 * 2146 * Format of sensitivity label token: 2147 * slabel token id adr_char 2148 * label adr_char, sizeof (bslabel_t) bytes 2149 * ----------------------------------------------------------------------- 2150 */ 2151 /*ARGSUSED*/ 2152 int 2153 slabel_token(pr_context_t *context) 2154 { 2155 bslabel_t label; 2156 int returnstat; 2157 char strbuf[2048]; 2158 char *sp = strbuf; 2159 uval_t uval; 2160 2161 if ((returnstat = pr_adr_char(context, (char *)&label, 2162 sizeof (label))) == 0) { 2163 uval.uvaltype = PRA_STRING; 2164 if (!(context->format & PRF_RAWM)) { 2165 /* print in ASCII form */ 2166 if (label_to_str(&label, &sp, M_LABEL, 2167 DEF_NAMES) == 0) { 2168 uval.string_val = sp; 2169 returnstat = pa_print(context, &uval, 1); 2170 } else /* cannot convert to string */ 2171 returnstat = 1; 2172 } 2173 /* print in hexadecimal form */ 2174 if ((context->format & PRF_RAWM) || (returnstat == 1)) { 2175 uval.string_val = hexconvert((char *)&label, 2176 sizeof (bslabel_t), sizeof (bslabel_t)); 2177 if (uval.string_val) { 2178 returnstat = pa_print(context, &uval, 1); 2179 free(uval.string_val); 2180 } 2181 } 2182 } 2183 return (returnstat); 2184 } 2185 2186 /* 2187 * ----------------------------------------------------------------------- 2188 * useofpriv_token() : Process priv token and display contents 2189 * return codes : -1 - error 2190 * : 0 - successful 2191 * NOTE: At the time of call, the useofpriv token id has been retrieved 2192 * 2193 * Format of useofpriv token: 2194 * useofpriv token id adr_char 2195 * success/failure flag adr_char 2196 * priv adr_int32 (Trusted Solaris) 2197 * priv_set '\0' separated privileges. 2198 * ----------------------------------------------------------------------- 2199 */ 2200 /*ARGSUSED*/ 2201 int 2202 useofpriv_token(pr_context_t *context) 2203 { 2204 int returnstat; 2205 char sf; 2206 uval_t uval; 2207 2208 if ((returnstat = pr_adr_char(context, &sf, 1)) != 0) { 2209 return (returnstat); 2210 } 2211 if (!(context->format & PRF_RAWM)) { 2212 /* print in ASCII form */ 2213 2214 if ((returnstat = open_tag(context, TAG_RESULT)) != 0) 2215 return (returnstat); 2216 2217 uval.uvaltype = PRA_STRING; 2218 if (sf) { 2219 uval.string_val = gettext("successful use of priv"); 2220 returnstat = pa_print(context, &uval, 0); 2221 } else { 2222 uval.string_val = gettext("failed use of priv"); 2223 returnstat = pa_print(context, &uval, 0); 2224 } 2225 if (returnstat == 0) 2226 returnstat = close_tag(context, TAG_RESULT); 2227 2228 /* Done with attributes; force end of token open */ 2229 if (returnstat == 0) 2230 returnstat = finish_open_tag(context); 2231 } else { 2232 /* print in hexadecimal form */ 2233 if ((returnstat = open_tag(context, TAG_RESULT)) != 0) 2234 return (returnstat); 2235 uval.uvaltype = PRA_SHORT; 2236 uval.short_val = sf; 2237 returnstat = pa_print(context, &uval, 0); 2238 if (returnstat == 0) 2239 returnstat = close_tag(context, TAG_RESULT); 2240 2241 /* Done with attributes; force end of token open */ 2242 if (returnstat == 0) 2243 returnstat = finish_open_tag(context); 2244 } 2245 return (pa_adr_string(context, 0, 1)); 2246 } 2247 2248 /* 2249 * ----------------------------------------------------------------------- 2250 * privilege_token() : Process privilege token and display contents 2251 * return codes : -1 - error 2252 * : 0 - successful 2253 * NOTE: At the time of call, the privilege token id has been retrieved 2254 * 2255 * Format of privilege token: 2256 * privilege token id adr_char 2257 * privilege type adr_string 2258 * privilege adr_string 2259 * ----------------------------------------------------------------------- 2260 */ 2261 int 2262 privilege_token(pr_context_t *context) 2263 { 2264 int returnstat; 2265 2266 /* privilege type: */ 2267 returnstat = process_tag(context, TAG_SETTYPE, 0, 0); 2268 2269 /* Done with attributes; force end of token open */ 2270 if (returnstat == 0) 2271 returnstat = finish_open_tag(context); 2272 2273 /* privilege: */ 2274 return (pa_adr_string(context, returnstat, 1)); 2275 } 2276