| libbsm.h (162621) | libbsm.h (168777) |
|---|---|
| 1/* 2 * Copyright (c) 2004 Apple Computer, Inc. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 12 unchanged lines hidden (view full) --- 21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 25 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 26 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 * POSSIBILITY OF SUCH DAMAGE. 28 * | 1/* 2 * Copyright (c) 2004 Apple Computer, Inc. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 12 unchanged lines hidden (view full) --- 21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 25 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 26 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 * POSSIBILITY OF SUCH DAMAGE. 28 * |
| 29 * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#30 $ | 29 * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#33 $ |
| 30 */ 31 32#ifndef _LIBBSM_H_ 33#define _LIBBSM_H_ 34 35/* 36 * NB: definitions, etc., marked with "OpenSSH compatibility" were introduced 37 * solely to allow OpenSSH to compile; Darwin/Apple code should not use them. --- 121 unchanged lines hidden (view full) --- 159} au_tid64_t; 160 161typedef struct au_tidaddr32 { 162 u_int32_t port; 163 u_int32_t type; 164 u_int32_t addr[4]; 165} au_tidaddr32_t; 166 | 30 */ 31 32#ifndef _LIBBSM_H_ 33#define _LIBBSM_H_ 34 35/* 36 * NB: definitions, etc., marked with "OpenSSH compatibility" were introduced 37 * solely to allow OpenSSH to compile; Darwin/Apple code should not use them. --- 121 unchanged lines hidden (view full) --- 159} au_tid64_t; 160 161typedef struct au_tidaddr32 { 162 u_int32_t port; 163 u_int32_t type; 164 u_int32_t addr[4]; 165} au_tidaddr32_t; 166 |
| 167typedef struct au_tidaddr64 { 168 u_int64_t port; 169 u_int32_t type; 170 u_int32_t addr[4]; 171} au_tidaddr64_t; 172 |
|
| 167/* 168 * argument # 1 byte 169 * argument value 4 bytes/8 bytes (32-bit/64-bit value) 170 * text length 2 bytes 171 * text N bytes + 1 terminating NULL byte 172 */ 173typedef struct { 174 u_char no; --- 303 unchanged lines hidden (view full) --- 478 u_int32_t egid; 479 u_int32_t ruid; 480 u_int32_t rgid; 481 u_int32_t pid; 482 u_int32_t sid; 483 au_tidaddr32_t tid; 484} au_proc32ex_t; 485 | 173/* 174 * argument # 1 byte 175 * argument value 4 bytes/8 bytes (32-bit/64-bit value) 176 * text length 2 bytes 177 * text N bytes + 1 terminating NULL byte 178 */ 179typedef struct { 180 u_char no; --- 303 unchanged lines hidden (view full) --- 484 u_int32_t egid; 485 u_int32_t ruid; 486 u_int32_t rgid; 487 u_int32_t pid; 488 u_int32_t sid; 489 au_tidaddr32_t tid; 490} au_proc32ex_t; 491 |
| 492typedef struct { 493 u_int32_t auid; 494 u_int32_t euid; 495 u_int32_t egid; 496 u_int32_t ruid; 497 u_int32_t rgid; 498 u_int32_t pid; 499 u_int32_t sid; 500 au_tidaddr64_t tid; 501} au_proc64ex_t; 502 |
|
| 486/* 487 * error status 1 byte 488 * return value 4 bytes/8 bytes (32-bit/64-bit value) 489 */ 490typedef struct { 491 u_char status; 492 u_int32_t ret; 493} au_ret32_t; --- 117 unchanged lines hidden (view full) --- 611 u_int32_t egid; 612 u_int32_t ruid; 613 u_int32_t rgid; 614 u_int32_t pid; 615 u_int32_t sid; 616 au_tidaddr32_t tid; 617} au_subject32ex_t; 618 | 503/* 504 * error status 1 byte 505 * return value 4 bytes/8 bytes (32-bit/64-bit value) 506 */ 507typedef struct { 508 u_char status; 509 u_int32_t ret; 510} au_ret32_t; --- 117 unchanged lines hidden (view full) --- 628 u_int32_t egid; 629 u_int32_t ruid; 630 u_int32_t rgid; 631 u_int32_t pid; 632 u_int32_t sid; 633 au_tidaddr32_t tid; 634} au_subject32ex_t; 635 |
| 636typedef struct { 637 u_int32_t auid; 638 u_int32_t euid; 639 u_int32_t egid; 640 u_int32_t ruid; 641 u_int32_t rgid; 642 u_int32_t pid; 643 u_int32_t sid; 644 au_tidaddr64_t tid; 645} au_subject64ex_t; 646 |
|
| 619/* 620 * text length 2 bytes 621 * text N bytes + 1 terminating NULL byte 622 */ 623typedef struct { 624 u_int16_t len; 625 char *text; 626} au_text_t; 627 | 647/* 648 * text length 2 bytes 649 * text N bytes + 1 terminating NULL byte 650 */ 651typedef struct { 652 u_int16_t len; 653 char *text; 654} au_text_t; 655 |
| 656/* 657 * zonename length 2 bytes 658 * zonename text N bytes + 1 NULL terminator 659 */ |
|
| 628typedef struct { | 660typedef struct { |
| 661 u_int16_t len; 662 char *zonename; 663} au_zonename_t; 664 665typedef struct { |
|
| 629 u_int32_t ident; 630 u_int16_t filter; 631 u_int16_t flags; 632 u_int32_t fflags; 633 u_int32_t data; 634} au_kevent_t; 635 636typedef struct { --- 33 unchanged lines hidden (view full) --- 670 au_inaddr_ex_t inaddr_ex; 671 au_ip_t ip; 672 au_ipc_t ipc; 673 au_ipcperm_t ipcperm; 674 au_iport_t iport; 675 au_opaque_t opaque; 676 au_path_t path; 677 au_proc32_t proc32; | 666 u_int32_t ident; 667 u_int16_t filter; 668 u_int16_t flags; 669 u_int32_t fflags; 670 u_int32_t data; 671} au_kevent_t; 672 673typedef struct { --- 33 unchanged lines hidden (view full) --- 707 au_inaddr_ex_t inaddr_ex; 708 au_ip_t ip; 709 au_ipc_t ipc; 710 au_ipcperm_t ipcperm; 711 au_iport_t iport; 712 au_opaque_t opaque; 713 au_path_t path; 714 au_proc32_t proc32; |
| 678 au_proc64_t proc64; | |
| 679 au_proc32ex_t proc32_ex; | 715 au_proc32ex_t proc32_ex; |
| 716 au_proc64_t proc64; 717 au_proc64ex_t proc64_ex; |
|
| 680 au_ret32_t ret32; 681 au_ret64_t ret64; 682 au_seq_t seq; 683 au_socket_t socket; 684 au_socket_ex32_t socket_ex32; 685 au_socketinet32_t sockinet32; 686 au_socketunix_t sockunix; 687 au_subject32_t subj32; | 718 au_ret32_t ret32; 719 au_ret64_t ret64; 720 au_seq_t seq; 721 au_socket_t socket; 722 au_socket_ex32_t socket_ex32; 723 au_socketinet32_t sockinet32; 724 au_socketunix_t sockunix; 725 au_subject32_t subj32; |
| 688 au_subject64_t subj64; | |
| 689 au_subject32ex_t subj32_ex; | 726 au_subject32ex_t subj32_ex; |
| 727 au_subject64_t subj64; 728 au_subject64ex_t subj64_ex; |
|
| 690 au_text_t text; 691 au_kevent_t kevent; 692 au_invalid_t invalid; 693 au_trailer_t trail; | 729 au_text_t text; 730 au_kevent_t kevent; 731 au_invalid_t invalid; 732 au_trailer_t trail; |
| 733 au_zonename_t zonename; |
|
| 694 } tt; /* The token is one of the above types */ 695}; 696 697typedef struct tokenstr tokenstr_t; 698 699int audit_submit(short au_event, au_id_t auid, 700 char status, int reterr, const char *fmt, ...); 701 --- 64 unchanged lines hidden (view full) --- 766/* 767 * Functions for reading and printing records and tokens from audit trails. 768 */ 769int au_read_rec(FILE *fp, u_char **buf); 770int au_fetch_tok(tokenstr_t *tok, u_char *buf, int len); 771//XXX The following interface has different prototype from BSM 772void au_print_tok(FILE *outfp, tokenstr_t *tok, 773 char *del, char raw, char sfrm); | 734 } tt; /* The token is one of the above types */ 735}; 736 737typedef struct tokenstr tokenstr_t; 738 739int audit_submit(short au_event, au_id_t auid, 740 char status, int reterr, const char *fmt, ...); 741 --- 64 unchanged lines hidden (view full) --- 806/* 807 * Functions for reading and printing records and tokens from audit trails. 808 */ 809int au_read_rec(FILE *fp, u_char **buf); 810int au_fetch_tok(tokenstr_t *tok, u_char *buf, int len); 811//XXX The following interface has different prototype from BSM 812void au_print_tok(FILE *outfp, tokenstr_t *tok, 813 char *del, char raw, char sfrm); |
| 814void au_print_tok_xml(FILE *outfp, tokenstr_t *tok, 815 char *del, char raw, char sfrm); 816 817/* 818 * Functions relating to XML output. 819 */ 820void au_print_xml_header(FILE *outfp); 821void au_print_xml_footer(FILE *outfp); |
|
| 774__END_DECLS 775 776/* 777 * The remaining APIs are associated with Apple's BSM implementation, in 778 * particular as relates to Mach IPC auditing and triggers passed via Mach 779 * IPC. 780 */ 781#ifdef __APPLE__ --- 406 unchanged lines hidden --- | 822__END_DECLS 823 824/* 825 * The remaining APIs are associated with Apple's BSM implementation, in 826 * particular as relates to Mach IPC auditing and triggers passed via Mach 827 * IPC. 828 */ 829#ifdef __APPLE__ --- 406 unchanged lines hidden --- |