praudit.c (155364) | praudit.c (168777) |
---|---|
1/* 2 * Copyright (c) 2004 Apple Computer, Inc. | 1/* 2 * Copyright (c) 2004 Apple Computer, Inc. |
3 * Copyright (c) 2006 Martin Voros |
|
3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright --- 10 unchanged lines hidden (view full) --- 21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 25 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 26 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 * POSSIBILITY OF SUCH DAMAGE. 28 * | 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright --- 10 unchanged lines hidden (view full) --- 22 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 26 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 27 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * POSSIBILITY OF SUCH DAMAGE. 29 * |
29 * $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.c#9 $ | 30 * $P4: //depot/projects/trustedbsd/openbsm/bin/praudit/praudit.c#11 $ |
30 */ 31 32/* 33 * Tool used to parse audit records conforming to the BSM structure. 34 */ 35 36/* | 31 */ 32 33/* 34 * Tool used to parse audit records conforming to the BSM structure. 35 */ 36 37/* |
37 * praudit [-lrs] [-ddel] [filenames] | 38 * praudit [-lpx] [-r | -s] [-d del] [file ...] |
38 */ 39 40#include <bsm/libbsm.h> 41 42#include <stdio.h> 43#include <stdlib.h> 44#include <unistd.h> 45 46extern char *optarg; 47extern int optind, optopt, opterr,optreset; 48 49static char *del = ","; /* Default delimiter. */ 50static int oneline = 0; 51static int raw = 0; 52static int shortfrm = 0; 53static int partial = 0; | 39 */ 40 41#include <bsm/libbsm.h> 42 43#include <stdio.h> 44#include <stdlib.h> 45#include <unistd.h> 46 47extern char *optarg; 48extern int optind, optopt, opterr,optreset; 49 50static char *del = ","; /* Default delimiter. */ 51static int oneline = 0; 52static int raw = 0; 53static int shortfrm = 0; 54static int partial = 0; |
55static int xml = 0; |
|
54 55static void | 56 57static void |
56usage() | 58usage(void) |
57{ 58 | 59{ 60 |
59 fprintf(stderr, "Usage: praudit [-lrs] [-ddel] [filenames]\n"); | 61 fprintf(stderr, "usage: praudit [-lpx] [-r | -s] [-d del] " 62 "[file ...]\n"); |
60 exit(1); 61} 62 63/* 64 * Token printing for each token type . 65 */ 66static int 67print_tokens(FILE *fp) --- 15 unchanged lines hidden (view full) --- 83 84 while ((reclen = au_read_rec(fp, &buf)) != -1) { 85 bytesread = 0; 86 while (bytesread < reclen) { 87 /* Is this an incomplete record? */ 88 if (-1 == au_fetch_tok(&tok, buf + bytesread, 89 reclen - bytesread)) 90 break; | 63 exit(1); 64} 65 66/* 67 * Token printing for each token type . 68 */ 69static int 70print_tokens(FILE *fp) --- 15 unchanged lines hidden (view full) --- 86 87 while ((reclen = au_read_rec(fp, &buf)) != -1) { 88 bytesread = 0; 89 while (bytesread < reclen) { 90 /* Is this an incomplete record? */ 91 if (-1 == au_fetch_tok(&tok, buf + bytesread, 92 reclen - bytesread)) 93 break; |
91 au_print_tok(stdout, &tok, del, raw, shortfrm); 92 bytesread += tok.len; 93 if (oneline) 94 printf("%s", del); | 94 if (xml) 95 au_print_tok_xml(stdout, &tok, del, raw, 96 shortfrm); |
95 else | 97 else |
98 au_print_tok(stdout, &tok, del, raw, 99 shortfrm); 100 bytesread += tok.len; 101 if (oneline) { 102 if (!xml) 103 printf("%s", del); 104 } else |
|
96 printf("\n"); 97 } 98 free(buf); 99 if (oneline) 100 printf("\n"); 101 } 102 return (0); 103} 104 105int 106main(int argc, char **argv) 107{ 108 int ch; 109 int i; 110 FILE *fp; 111 | 105 printf("\n"); 106 } 107 free(buf); 108 if (oneline) 109 printf("\n"); 110 } 111 return (0); 112} 113 114int 115main(int argc, char **argv) 116{ 117 int ch; 118 int i; 119 FILE *fp; 120 |
112 while ((ch = getopt(argc, argv, "lprsd:")) != -1) { | 121 while ((ch = getopt(argc, argv, "d:lprsx")) != -1) { |
113 switch(ch) { | 122 switch(ch) { |
123 case 'd': 124 del = optarg; 125 break; 126 |
|
114 case 'l': 115 oneline = 1; 116 break; 117 | 127 case 'l': 128 oneline = 1; 129 break; 130 |
131 case 'p': 132 partial = 1; 133 break; 134 |
|
118 case 'r': 119 if (shortfrm) 120 usage(); /* Exclusive from shortfrm. */ 121 raw = 1; 122 break; 123 124 case 's': 125 if (raw) 126 usage(); /* Exclusive from raw. */ 127 shortfrm = 1; 128 break; 129 | 135 case 'r': 136 if (shortfrm) 137 usage(); /* Exclusive from shortfrm. */ 138 raw = 1; 139 break; 140 141 case 's': 142 if (raw) 143 usage(); /* Exclusive from raw. */ 144 shortfrm = 1; 145 break; 146 |
130 case 'd': 131 del = optarg; | 147 case 'x': 148 xml = 1; |
132 break; 133 | 149 break; 150 |
134 case 'p': 135 partial = 1; 136 break; 137 | |
138 case '?': 139 default: 140 usage(); 141 } 142 } 143 | 151 case '?': 152 default: 153 usage(); 154 } 155 } 156 |
157 if (xml) 158 au_print_xml_header(stdout); 159 |
|
144 /* For each of the files passed as arguments dump the contents. */ 145 if (optind == argc) { 146 print_tokens(stdin); 147 return (1); 148 } 149 for (i = optind; i < argc; i++) { 150 fp = fopen(argv[i], "r"); 151 if ((fp == NULL) || (print_tokens(fp) == -1)) 152 perror(argv[i]); 153 if (fp != NULL) 154 fclose(fp); 155 } | 160 /* For each of the files passed as arguments dump the contents. */ 161 if (optind == argc) { 162 print_tokens(stdin); 163 return (1); 164 } 165 for (i = optind; i < argc; i++) { 166 fp = fopen(argv[i], "r"); 167 if ((fp == NULL) || (print_tokens(fp) == -1)) 168 perror(argv[i]); 169 if (fp != NULL) 170 fclose(fp); 171 } |
172 173 if (xml) 174 au_print_xml_footer(stdout); 175 |
|
156 return (1); 157} | 176 return (1); 177} |