| auditfilterd_conf.c (159248) | auditfilterd_conf.c (161630) |
|---|---|
| 1/*- 2 * Copyright (c) 2006 Robert N. M. Watson 3 * All rights reserved. 4 * 5 * This software was developed by Robert Watson for the TrustedBSD Project. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions --- 11 unchanged lines hidden (view full) --- 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * | 1/*- 2 * Copyright (c) 2006 Robert N. M. Watson 3 * All rights reserved. 4 * 5 * This software was developed by Robert Watson for the TrustedBSD Project. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions --- 11 unchanged lines hidden (view full) --- 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * |
| 28 * $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd_conf.c#3 $ | 28 * $P4: //depot/projects/trustedbsd/openbsm/bin/auditfilterd/auditfilterd_conf.c#5 $ |
| 29 */ 30 31/* 32 * Configuration file parser for auditfilterd. The configuration file is a 33 * very simple format, similar to other BSM configuration files, consisting 34 * of configuration entries of one line each. The configuration function is 35 * aware of previous runs, and will update the current configuration as 36 * needed. 37 * 38 * Modules are in one of two states: attached, or detached. If attach fails, 39 * detach is not called because it was not attached. If a module is attached 40 * and a call to its reinit method fails, we will detach it. | 29 */ 30 31/* 32 * Configuration file parser for auditfilterd. The configuration file is a 33 * very simple format, similar to other BSM configuration files, consisting 34 * of configuration entries of one line each. The configuration function is 35 * aware of previous runs, and will update the current configuration as 36 * needed. 37 * 38 * Modules are in one of two states: attached, or detached. If attach fails, 39 * detach is not called because it was not attached. If a module is attached 40 * and a call to its reinit method fails, we will detach it. |
| 41 * 42 * Modules are passed a (void *) reference to their configuration state so 43 * that they may pass this into any common APIs we provide which may rely on 44 * that state. Currently, the only such API is the cookie API, which allows 45 * per-instance state to be maintained by a module. In the future, this will 46 * also be used to support per-instance preselection state. |
|
| 41 */ 42 43#include <sys/types.h> 44 45#include <config/config.h> 46#ifdef HAVE_FULL_QUEUE_H 47#include <sys/queue.h> 48#else --- 51 unchanged lines hidden (view full) --- 100 * Detach an attached module from an auditfilter_module structure. Does not 101 * free the data structure itself. 102 */ 103static void 104auditfilter_module_detach(struct auditfilter_module *am) 105{ 106 107 if (am->am_detach != NULL) | 47 */ 48 49#include <sys/types.h> 50 51#include <config/config.h> 52#ifdef HAVE_FULL_QUEUE_H 53#include <sys/queue.h> 54#else --- 51 unchanged lines hidden (view full) --- 106 * Detach an attached module from an auditfilter_module structure. Does not 107 * free the data structure itself. 108 */ 109static void 110auditfilter_module_detach(struct auditfilter_module *am) 111{ 112 113 if (am->am_detach != NULL) |
| 108 am->am_detach(am->am_instance); 109 am->am_instance = NULL; | 114 am->am_detach(am); 115 am->am_cookie = NULL; |
| 110 (void)dlclose(am->am_dlhandle); 111 am->am_dlhandle = NULL; 112} 113 114/* 115 * Walk an auditfilter_module list, detaching each module. Intended to be 116 * combined with auditfilter_module_list_free(). 117 */ --- 26 unchanged lines hidden (view full) --- 144 /* 145 * Not implementing these is not considered a failure condition, 146 * although we might want to consider warning if obvious stuff is 147 * not implemented, such as am_record. 148 */ 149 am->am_attach = dlsym(am->am_dlhandle, AUDIT_FILTER_ATTACH_STRING); 150 am->am_reinit = dlsym(am->am_dlhandle, AUDIT_FILTER_REINIT_STRING); 151 am->am_record = dlsym(am->am_dlhandle, AUDIT_FILTER_RECORD_STRING); | 116 (void)dlclose(am->am_dlhandle); 117 am->am_dlhandle = NULL; 118} 119 120/* 121 * Walk an auditfilter_module list, detaching each module. Intended to be 122 * combined with auditfilter_module_list_free(). 123 */ --- 26 unchanged lines hidden (view full) --- 150 /* 151 * Not implementing these is not considered a failure condition, 152 * although we might want to consider warning if obvious stuff is 153 * not implemented, such as am_record. 154 */ 155 am->am_attach = dlsym(am->am_dlhandle, AUDIT_FILTER_ATTACH_STRING); 156 am->am_reinit = dlsym(am->am_dlhandle, AUDIT_FILTER_REINIT_STRING); 157 am->am_record = dlsym(am->am_dlhandle, AUDIT_FILTER_RECORD_STRING); |
| 152 am->am_bsmrecord = dlsym(am->am_dlhandle, 153 AUDIT_FILTER_BSMRECORD_STRING); | 158 am->am_rawrecord = dlsym(am->am_dlhandle, 159 AUDIT_FILTER_RAWRECORD_STRING); |
| 154 am->am_detach = dlsym(am->am_dlhandle, AUDIT_FILTER_DETACH_STRING); 155 156 if (am->am_attach != NULL) { | 160 am->am_detach = dlsym(am->am_dlhandle, AUDIT_FILTER_DETACH_STRING); 161 162 if (am->am_attach != NULL) { |
| 157 if (am->am_attach(&am->am_instance, am->am_argc, am->am_argv) | 163 if (am->am_attach(am, am->am_argc, am->am_argv) |
| 158 != AUDIT_FILTER_SUCCESS) { 159 warnx("auditfilter_module_attach: %s: failed", 160 am->am_modulename); 161 dlclose(am->am_dlhandle); 162 am->am_dlhandle = NULL; | 164 != AUDIT_FILTER_SUCCESS) { 165 warnx("auditfilter_module_attach: %s: failed", 166 am->am_modulename); 167 dlclose(am->am_dlhandle); 168 am->am_dlhandle = NULL; |
| 169 am->am_cookie = NULL; |
|
| 163 am->am_attach = NULL; 164 am->am_reinit = NULL; 165 am->am_record = NULL; | 170 am->am_attach = NULL; 171 am->am_reinit = NULL; 172 am->am_record = NULL; |
| 166 am->am_bsmrecord = NULL; | 173 am->am_rawrecord = NULL; |
| 167 am->am_detach = NULL; 168 return (-1); 169 } 170 } 171 172 return (0); 173} 174 --- 4 unchanged lines hidden (view full) --- 179 */ 180static int 181auditfilter_module_reinit(struct auditfilter_module *am) 182{ 183 184 if (am->am_reinit == NULL) 185 return (0); 186 | 174 am->am_detach = NULL; 175 return (-1); 176 } 177 } 178 179 return (0); 180} 181 --- 4 unchanged lines hidden (view full) --- 186 */ 187static int 188auditfilter_module_reinit(struct auditfilter_module *am) 189{ 190 191 if (am->am_reinit == NULL) 192 return (0); 193 |
| 187 if (am->am_reinit(&am->am_instance, am->am_argc, am->am_argv) != | 194 if (am->am_reinit(am, am->am_argc, am->am_argv) != |
| 188 AUDIT_FILTER_SUCCESS) { 189 warnx("auditfilter_module_reinit: %s: failed", 190 am->am_modulename); 191 return (-1); 192 } 193 194 return (0); 195} --- 282 unchanged lines hidden (view full) --- 478 */ 479void 480auditfilterd_conf_shutdown(void) 481{ 482 483 auditfilter_module_list_detach(&filter_list); 484 auditfilter_module_list_free(&filter_list); 485} | 195 AUDIT_FILTER_SUCCESS) { 196 warnx("auditfilter_module_reinit: %s: failed", 197 am->am_modulename); 198 return (-1); 199 } 200 201 return (0); 202} --- 282 unchanged lines hidden (view full) --- 485 */ 486void 487auditfilterd_conf_shutdown(void) 488{ 489 490 auditfilter_module_list_detach(&filter_list); 491 auditfilter_module_list_free(&filter_list); 492} |
| 493 494/* 495 * APIs to allow modules to query and set their per-instance cookie. 496 */ 497void 498audit_filter_getcookie(void *instance, void **cookie) 499{ 500 struct auditfilter_module *am; 501 502 am = (struct auditfilter_module *)instance; 503 *cookie = am->am_cookie; 504} 505 506void 507audit_filter_setcookie(void *instance, void *cookie) 508{ 509 struct auditfilter_module *am; 510 511 am = (struct auditfilter_module *)instance; 512 am->am_cookie = cookie; 513} |
|