Date: Wed, 27 Aug 2008 02:57:05 GMT From: Diego Giagio <diego@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 148576 for review Message-ID: <200808270257.m7R2v5Tb068922@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=148576 Change 148576 by diego@diego_black on 2008/08/27 02:56:36 Teach OpenBSM library and utilities about Sun OpenSolaris socket_ex token. Affected files ... .. //depot/projects/soc2008/diego-audit/src/contrib/openbsm/bsm/libbsm.h#2 edit .. //depot/projects/soc2008/diego-audit/src/contrib/openbsm/libbsm/bsm_io.c#2 edit Differences ... ==== //depot/projects/soc2008/diego-audit/src/contrib/openbsm/bsm/libbsm.h#2 (text) ==== @@ -537,21 +537,21 @@ } au_socket_t; /* + * socket domain 2 bytes * socket type 2 bytes + * ip address type 2 bytes * local port 2 bytes - * address type/length 4 bytes - * local Internet address 4 bytes/16 bytes (IPv4/IPv6 address) - * remote port 4 bytes - * address type/length 4 bytes - * remote Internet address 4 bytes/16 bytes (IPv4/IPv6 address) + * local address 4 bytes/16 bytes (IPv4/IPv6 address) + * remote port 2 bytes + * remote address 4 bytes/16 bytes (IPv4/IPv6 address) */ typedef struct { + u_int16_t domain; u_int16_t type; + u_int16_t addr_type; u_int16_t l_port; - u_int32_t l_ad_type; u_int32_t l_addr; - u_int32_t r_port; - u_int32_t r_ad_type; + u_int16_t r_port; u_int32_t r_addr; } au_socket_ex32_t; ==== //depot/projects/soc2008/diego-audit/src/contrib/openbsm/libbsm/bsm_io.c#2 (text) ==== @@ -557,7 +557,7 @@ break; case AUT_SOCKET_EX: - fprintf(fp, "<socket "); + fprintf(fp, "<socket_ex "); break; case AUT_DATA: @@ -3746,31 +3746,36 @@ } /* + * socket domain 2 bytes * socket type 2 bytes + * ip address type 2 bytes * local port 2 bytes - * address type/length 4 bytes - * local Internet address 4 bytes - * remote port 4 bytes - * address type/length 4 bytes - * remote Internet address 4 bytes + * local address 4 bytes/16 bytes (IPv4/IPv6 address) + * remote port 2 bytes + * remote address 4 bytes/16 bytes (IPv4/IPv6 address) */ static int fetch_socketex32_tok(tokenstr_t *tok, u_char *buf, int len) { int err = 0; + READ_TOKEN_U_INT16(buf, len, tok->tt.socket_ex32.domain, tok->len, + err); + if (err) + return (-1); + READ_TOKEN_U_INT16(buf, len, tok->tt.socket_ex32.type, tok->len, err); if (err) return (-1); - READ_TOKEN_BYTES(buf, len, &tok->tt.socket_ex32.l_port, - sizeof(uint16_t), tok->len, err); + READ_TOKEN_U_INT16(buf, len, tok->tt.socket_ex32.addr_type, tok->len, + err); if (err) return (-1); - READ_TOKEN_U_INT32(buf, len, tok->tt.socket_ex32.l_ad_type, tok->len, - err); + READ_TOKEN_BYTES(buf, len, &tok->tt.socket_ex32.l_port, + sizeof(uint16_t), tok->len, err); if (err) return (-1); @@ -3784,11 +3789,6 @@ if (err) return (-1); - READ_TOKEN_U_INT32(buf, len, tok->tt.socket_ex32.r_ad_type, tok->len, - err); - if (err) - return (-1); - READ_TOKEN_BYTES(buf, len, &tok->tt.socket_ex32.r_addr, sizeof(tok->tt.socket_ex32.r_addr), tok->len, err); if (err) @@ -3802,8 +3802,11 @@ __unused char sfrm, int xml) { - print_tok_type(fp, tok->id, "socket", raw, xml); + print_tok_type(fp, tok->id, "socket_ex", raw, xml); if (xml) { + open_attr(fp, "sock_domain"); + print_2_bytes(fp, tok->tt.socket_ex32.domain, "%#x"); + close_attr(fp); open_attr(fp, "sock_type"); print_2_bytes(fp, tok->tt.socket_ex32.type, "%#x"); close_attr(fp); @@ -3822,6 +3825,8 @@ close_tag(fp, tok->id); } else { print_delim(fp, del); + print_2_bytes(fp, tok->tt.socket_ex32.domain, "%#x"); + print_delim(fp, del); print_2_bytes(fp, tok->tt.socket_ex32.type, "%#x"); print_delim(fp, del); print_2_bytes(fp, ntohs(tok->tt.socket_ex32.l_port), "%#x");
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200808270257.m7R2v5Tb068922>