1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 /* 27 * File name: praudit.h 28 * praudit.c defines, globals 29 */ 30 31 #ifndef _PRAUDIT_H 32 #define _PRAUDIT_H 33 34 #pragma ident "%Z%%M% %I% %E% SMI" 35 36 #ifdef __cplusplus 37 extern "C" { 38 #endif 39 40 /* DEFINES */ 41 42 /* 43 * output value types 44 */ 45 #define PRA_INT32 0 46 #define PRA_UINT32 1 47 #define PRA_INT64 2 48 #define PRA_UINT64 3 49 #define PRA_SHORT 4 50 #define PRA_USHORT 5 51 #define PRA_CHAR 6 52 #define PRA_UCHAR 7 53 #define PRA_STRING 8 54 #define PRA_HEX32 9 55 #define PRA_HEX64 10 56 #define PRA_SHEX 11 57 #define PRA_OCT 12 58 #define PRA_BYTE 13 59 #define PRA_OUTREC 14 60 #define PRA_LOCT 15 61 62 /* 63 * Formatting flags 64 */ 65 #define PRF_DEFAULTM 0x0000 /* Default mode */ 66 #define PRF_RAWM 0x0001 /* Raw mode */ 67 #define PRF_SHORTM 0x0002 /* Short mode */ 68 #define PRF_XMLM 0x0004 /* XML format */ 69 #define PRF_ONELINE 0x0008 /* one-line output */ 70 #define PRF_NOCACHE 0x0010 /* don't cache event names */ 71 72 /* 73 * source of audit data (data_mode) 74 */ 75 #define FILEMODE 1 76 #define PIPEMODE 2 77 #define BUFMODE 3 78 79 /* 80 * max. number of audit file names entered on command line 81 */ 82 #define MAXFILENAMES 100 83 84 /* 85 * max. size of file name 86 */ 87 #define MAXFILELEN MAXPATHLEN+MAXNAMLEN+1 88 89 /* 90 * used to store value to be output 91 */ 92 typedef union u_tag { 93 int32_t int32_val; 94 uint32_t uint32_val; 95 int64_t int64_val; 96 uint64_t uint64_val; 97 short short_val; 98 ushort_t ushort_val; 99 char char_val; 100 char uchar_val; 101 char *string_val; 102 } u_tag_t; 103 typedef struct u_val { 104 int uvaltype; 105 u_tag_t tag; 106 } uval_t; 107 #define int32_val tag.int32_val 108 #define uint32_val tag.uint32_val 109 #define int64_val tag.int64_val 110 #define uint64_val tag.uint64_val 111 #define short_val tag.short_val 112 #define ushort_val tag.ushort_val 113 #define char_val tag.char_val 114 #define uchar_val tag.uchar_val 115 #define string_val tag.string_val 116 117 118 /* 119 * Strings and things for xml prolog & ending printing. 120 */ 121 #define prolog1 "<?xml version='1.0' encoding='UTF-8' ?>\n" 122 #define prolog2 "\n<!DOCTYPE audit PUBLIC " \ 123 "'-//Sun Microsystems, Inc.//DTD Audit V1//EN' " \ 124 "'file:///usr/share/lib/xml/dtd/adt_record.dtd.1'>\n\n" 125 #define prolog_xsl "<?xml-stylesheet type='text/xsl' " \ 126 "href='file:///usr/share/lib/xml/style/adt_record.xsl.1' ?>\n" 127 128 /* Special main element: */ 129 #define xml_start "<audit>" 130 #define xml_ending "\n</audit>\n" 131 132 #define xml_prolog_len (sizeof (prolog1) + sizeof (prolog2) + \ 133 sizeof (prolog_xsl) + sizeof (xml_start) + 1) 134 #define xml_end_len (sizeof (xml_ending) + 1) 135 136 /* 137 * used to save context for print_audit and related functions. 138 */ 139 140 #define SEP_SIZE 4 141 142 struct pr_context { 143 int format; 144 int data_mode; 145 char SEPARATOR[SEP_SIZE]; /* field separator */ 146 signed char tokenid; /* initial token ID */ 147 adr_t *audit_adr; /* audit record */ 148 adrf_t *audit_adrf; /* audit record, file mode */ 149 int audit_rec_len; 150 char *audit_rec_start; 151 152 char *inbuf_start; 153 char *inbuf_last; /* ptr to byte after latest completed */ 154 /* header or file token in the input */ 155 int inbuf_totalsize; 156 char *outbuf_p; 157 char *outbuf_start; 158 char *outbuf_last; /* ptr to byte after latest completed */ 159 /* header or file token in the output */ 160 int outbuf_remain_len; 161 162 int pending_flag; /* open of extended tag not completed */ 163 int current_rec; /* id of current record */ 164 }; 165 typedef struct pr_context pr_context_t; 166 167 168 extern void init_tokens(void); 169 170 extern int open_tag(pr_context_t *context, int); 171 extern int finish_open_tag(pr_context_t *context); 172 extern int check_close_rec(pr_context_t *context, int); 173 extern int close_tag(pr_context_t *context, int); 174 extern int process_tag(pr_context_t *context, int, int, int); 175 176 extern int is_file_token(int); 177 extern int is_header_token(int); 178 extern int is_token(int); 179 extern int do_newline(pr_context_t *context, int); 180 181 extern char *bu2string(char basic_unit); 182 extern int convert_char_to_string(char printmode, char c, char *p); 183 extern int convert_int32_to_string(char printmode, int32_t c, char *p); 184 extern int convert_int64_to_string(char printmode, int64_t c, char *p); 185 extern int convert_short_to_string(char printmode, short c, char *p); 186 extern int findfieldwidth(char basicunit, char howtoprint); 187 extern void get_Hname(uint32_t addr, char *buf, size_t buflen); 188 extern void get_Hname_ex(uint32_t *addr, char *buf, size_t buflen); 189 extern char *hexconvert(char *c, int size, int chunk); 190 extern char *htp2string(char print_sugg); 191 extern int pa_print(pr_context_t *context, uval_t *uval, int flag); 192 extern int pa_reclen(pr_context_t *context, int status); 193 extern int pa_file_string(pr_context_t *context, int status, int flag); 194 extern int pa_adr_int32(pr_context_t *context, int status, int flag); 195 extern int pa_adr_int64(pr_context_t *context, int status, int flag); 196 extern int pa_utime32(pr_context_t *context, int status, int flag); 197 extern int pa_ntime32(pr_context_t *context, int status, int flag); 198 extern int pa_utime64(pr_context_t *context, int status, int flag); 199 extern int pa_ntime64(pr_context_t *context, int status, int flag); 200 extern int pa_adr_string(pr_context_t *context, int status, int flag); 201 extern int pa_adr_u_int32(pr_context_t *context, int status, int flag); 202 extern int pa_adr_u_int64(pr_context_t *context, int status, int flag); 203 extern int pa_adr_byte(pr_context_t *context, int status, int flag); 204 extern int pa_event_type(pr_context_t *context, int status, int flag); 205 extern int pa_event_modifier(pr_context_t *context, int status, int flag); 206 extern int pa_adr_int32hex(pr_context_t *context, int status, int flag); 207 extern int pa_adr_int64hex(pr_context_t *context, int status, int flag); 208 extern int pa_pw_uid(pr_context_t *context, int status, int flag); 209 extern int pa_gr_uid(pr_context_t *context, int status, int flag); 210 extern int pa_pw_uid_gr_gid(pr_context_t *context, int status, int flag); 211 extern int pa_ace(pr_context_t *context, int status, int flag); 212 extern int pa_hostname(pr_context_t *context, int status, int flag); 213 extern int pa_hostname_ex(pr_context_t *context, int status, int flag); 214 extern int pa_hostname_so(pr_context_t *context, int status, int flag); 215 extern int pa_adr_u_short(pr_context_t *context, int status, int flag); 216 extern int pa_tid32(pr_context_t *context, int status, int flag); 217 extern int pa_tid64(pr_context_t *context, int status, int flag); 218 extern int pa_tid32_ex(pr_context_t *context, int status, int flag); 219 extern int pa_tid64_ex(pr_context_t *context, int status, int flag); 220 extern int pa_adr_charhex(pr_context_t *context, int status, int flag); 221 extern int pa_adr_short(pr_context_t *context, int status, int flag); 222 extern int pa_adr_shorthex(pr_context_t *context, int status, int flag); 223 extern int pa_mode(pr_context_t *context, int status, int flag); 224 extern int pa_cmd(pr_context_t *context, int status, int flag); 225 extern int pa_string(pr_context_t *context, int status, int flag); 226 extern int pa_liaison(pr_context_t *context, int status, int flag); 227 extern int pa_xgeneric(pr_context_t *context); 228 extern int pa_xid(pr_context_t *context, int status, int flag); 229 extern void pa_error(const uchar_t err, char *buf, size_t buflen); 230 extern void pa_retval(const uchar_t, const int32_t, char *, size_t); 231 extern int pa_ip_addr(pr_context_t *context, int status, int flag); 232 extern int pr_adr_char(pr_context_t *context, char *cp, int count); 233 extern int pr_adr_short(pr_context_t *context, short *sp, int count); 234 extern int pr_adr_int32(pr_context_t *context, int32_t *lp, int count); 235 extern int pr_adr_int64(pr_context_t *context, int64_t *lp, int count); 236 extern int pr_adr_u_int32(pr_context_t *context, uint32_t *cp, int count); 237 extern int pr_adr_u_char(pr_context_t *context, uchar_t *cp, int count); 238 extern int pr_adr_u_int64(pr_context_t *context, uint64_t *lp, int count); 239 extern int pr_adr_u_short(pr_context_t *context, ushort_t *sp, int count); 240 extern int pr_putchar(pr_context_t *context, char); 241 extern int pr_printf(pr_context_t *context, const char *format, ...); 242 extern int pr_input_remaining(pr_context_t *context, size_t size); 243 244 /* 245 * Functions that format audit data 246 */ 247 extern int print_audit(const int, const char *); 248 extern int print_audit_buf(char **, int *, char **, int *, const int, 249 const char *); 250 extern void print_audit_xml_prolog(void); 251 extern void print_audit_xml_ending(void); 252 extern int print_audit_xml_prolog_buf(char *out_buf, 253 const int out_buf_len); 254 extern int print_audit_xml_ending_buf(char *out_buf, 255 const int out_buf_len); 256 257 258 #ifdef __cplusplus 259 } 260 #endif 261 262 #endif /* _PRAUDIT_H */ 263
Indexes created Wed Feb 10 02:29:26 UTC 2010
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Site Map |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
© 2010, Oracle Corporation and/or its affiliates
