2 * Copyright (c) 2004 Apple Inc.
3 * Copyright (c) 2006 Robert N. M. Watson
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 3. Neither the name of Apple Inc. ("Apple") nor the names of
15 * its contributors may be used to endorse or promote products derived
16 * from this software without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR
22 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
27 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28 * POSSIBILITY OF SUCH DAMAGE.
31 #include <config/config.h>
33 #include <bsm/libbsm.h>
36 #ifdef HAVE_PTHREAD_MUTEX_LOCK
43 #include <compat/strlcpy.h>
47 * Parse the contents of the audit_class file to return struct au_class_ent
50 static FILE *fp = NULL;
51 static char linestr[AU_LINE_MAX];
52 static const char *classdelim = ":";
54 #ifdef HAVE_PTHREAD_MUTEX_LOCK
55 static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
59 * Parse a single line from the audit_class file passed in str to the struct
60 * au_class_ent elements; store the result in c.
62 static struct au_class_ent *
63 classfromstr(char *str, struct au_class_ent *c)
65 char *classname, *classdesc, *classflag;
68 /* Each line contains flag:name:desc. */
69 classflag = strtok_r(str, classdelim, &last);
70 classname = strtok_r(NULL, classdelim, &last);
71 classdesc = strtok_r(NULL, classdelim, &last);
73 if ((classflag == NULL) || (classname == NULL) || (classdesc == NULL))
77 * Check for very large classnames.
79 if (strlen(classname) >= AU_CLASS_NAME_MAX)
81 strlcpy(c->ac_name, classname, AU_CLASS_NAME_MAX);
84 * Check for very large class description.
86 if (strlen(classdesc) >= AU_CLASS_DESC_MAX)
88 strlcpy(c->ac_desc, classdesc, AU_CLASS_DESC_MAX);
89 c->ac_class = strtoul(classflag, (char **) NULL, 0);
95 * Return the next au_class_ent structure from the file setauclass should be
96 * called before invoking this function for the first time.
98 * Must be called with mutex held.
100 static struct au_class_ent *
101 getauclassent_r_locked(struct au_class_ent *c)
105 if ((fp == NULL) && ((fp = fopen(AUDIT_CLASS_FILE, "r")) == NULL))
109 * Read until next non-comment line is found, or EOF.
112 if (fgets(linestr, AU_LINE_MAX, fp) == NULL)
116 if (linestr[0] == '#')
119 /* Remove trailing new line character. */
120 if ((nl = strrchr(linestr, '\n')) != NULL)
123 /* Parse tokptr to au_class_ent components. */
125 if (classfromstr(tokptr, c) == NULL)
133 struct au_class_ent *
134 getauclassent_r(struct au_class_ent *c)
136 struct au_class_ent *cp;
138 #ifdef HAVE_PTHREAD_MUTEX_LOCK
139 pthread_mutex_lock(&mutex);
141 cp = getauclassent_r_locked(c);
142 #ifdef HAVE_PTHREAD_MUTEX_LOCK
143 pthread_mutex_unlock(&mutex);
148 struct au_class_ent *
151 static char class_ent_name[AU_CLASS_NAME_MAX];
152 static char class_ent_desc[AU_CLASS_DESC_MAX];
153 static struct au_class_ent c, *cp;
155 bzero(&c, sizeof(c));
156 bzero(class_ent_name, sizeof(class_ent_name));
157 bzero(class_ent_desc, sizeof(class_ent_desc));
158 c.ac_name = class_ent_name;
159 c.ac_desc = class_ent_desc;
161 #ifdef HAVE_PTHREAD_MUTEX_LOCK
162 pthread_mutex_lock(&mutex);
164 cp = getauclassent_r_locked(&c);
165 #ifdef HAVE_PTHREAD_MUTEX_LOCK
166 pthread_mutex_unlock(&mutex);
172 * Rewind to the beginning of the enumeration.
174 * Must be called with mutex held.
177 setauclass_locked(void)
181 fseek(fp, 0, SEEK_SET);
188 #ifdef HAVE_PTHREAD_MUTEX_LOCK
189 pthread_mutex_lock(&mutex);
192 #ifdef HAVE_PTHREAD_MUTEX_LOCK
193 pthread_mutex_unlock(&mutex);
198 * Return the next au_class_entry having the given class name.
200 struct au_class_ent *
201 getauclassnam_r(struct au_class_ent *c, const char *name)
203 struct au_class_ent *cp;
208 #ifdef HAVE_PTHREAD_MUTEX_LOCK
209 pthread_mutex_lock(&mutex);
212 while ((cp = getauclassent_r_locked(c)) != NULL) {
213 if (strcmp(name, cp->ac_name) == 0) {
214 #ifdef HAVE_PTHREAD_MUTEX_LOCK
215 pthread_mutex_unlock(&mutex);
220 #ifdef HAVE_PTHREAD_MUTEX_LOCK
221 pthread_mutex_unlock(&mutex);
226 struct au_class_ent *
227 getauclassnam(const char *name)
229 static char class_ent_name[AU_CLASS_NAME_MAX];
230 static char class_ent_desc[AU_CLASS_DESC_MAX];
231 static struct au_class_ent c;
233 bzero(&c, sizeof(c));
234 bzero(class_ent_name, sizeof(class_ent_name));
235 bzero(class_ent_desc, sizeof(class_ent_desc));
236 c.ac_name = class_ent_name;
237 c.ac_desc = class_ent_desc;
239 return (getauclassnam_r(&c, name));
244 * Return the next au_class_entry having the given class number.
248 struct au_class_ent *
249 getauclassnum_r(struct au_class_ent *c, au_class_t class_number)
251 struct au_class_ent *cp;
253 #ifdef HAVE_PTHREAD_MUTEX_LOCK
254 pthread_mutex_lock(&mutex);
257 while ((cp = getauclassent_r_locked(c)) != NULL) {
258 if (class_number == cp->ac_class)
261 #ifdef HAVE_PTHREAD_MUTEX_LOCK
262 pthread_mutex_unlock(&mutex);
267 struct au_class_ent *
268 getauclassnum(au_class_t class_number)
270 static char class_ent_name[AU_CLASS_NAME_MAX];
271 static char class_ent_desc[AU_CLASS_DESC_MAX];
272 static struct au_class_ent c;
274 bzero(&c, sizeof(c));
275 bzero(class_ent_name, sizeof(class_ent_name));
276 bzero(class_ent_desc, sizeof(class_ent_desc));
277 c.ac_name = class_ent_name;
278 c.ac_desc = class_ent_desc;
280 return (getauclassnum_r(&c, class_number));
284 * audit_class processing is complete; close any open files.
290 #ifdef HAVE_PTHREAD_MUTEX_LOCK
291 pthread_mutex_lock(&mutex);
297 #ifdef HAVE_PTHREAD_MUTEX_LOCK
298 pthread_mutex_unlock(&mutex);