source: trunk/src/sh_calls.c@ 500

Last change on this file since 500 was 481, checked in by katerina, 9 years ago

Enhancements and fixes for tickets #374, #375, #376, #377, #378, and #379.

File size: 23.4 KB
RevLine 
[1]1/* SAMHAIN file system integrity testing */
2/* Copyright (C) 1999 Rainer Wichmann */
3/* */
4/* This program is free software; you can redistribute it */
5/* and/or modify */
6/* it under the terms of the GNU General Public License as */
7/* published by */
8/* the Free Software Foundation; either version 2 of the License, or */
9/* (at your option) any later version. */
10/* */
11/* This program is distributed in the hope that it will be useful, */
12/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
13/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
14/* GNU General Public License for more details. */
15/* */
16/* You should have received a copy of the GNU General Public License */
17/* along with this program; if not, write to the Free Software */
18/* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
19
20#include "config_xor.h"
21
22#ifdef HOST_IS_HPUX
23#define _XOPEN_SOURCE_EXTENDED
24#endif
25
26#include <stdlib.h>
27#include <string.h>
28#include <errno.h>
29
30#include <sys/types.h>
31#include <unistd.h>
32#include <sys/stat.h>
33#include <fcntl.h>
34#include <signal.h>
35#include <sys/socket.h>
[361]36#include <netdb.h>
[1]37#include <netinet/in.h>
38
39#ifndef S_SPLINT_S
40#include <arpa/inet.h>
41#else
42#define AF_INET 2
43#endif
44
45#include <time.h>
46
47#ifndef HAVE_LSTAT
48#define lstat stat
49#endif
50
51#include "samhain.h"
52#include "sh_error.h"
53#include "sh_calls.h"
[295]54#include "sh_ipvx.h"
[315]55#include "sh_sub.h"
56#include "sh_utils.h"
[1]57
58#undef FIL__
59#define FIL__ _("sh_calls.c")
60
[361]61extern int flag_err_debug;
62
[1]63char aud_err_message[64];
64
65typedef struct cht_struct
66{
[170]67 const char * str;
[1]68 unsigned long val;
69} cht_type;
70
71static cht_type aud_tab[] =
72{
73 { N_("execve"), AUD_EXEC },
74 { N_("utime"), AUD_UTIME },
75 { N_("unlink"), AUD_UNLINK },
76 { N_("dup"), AUD_DUP },
77 { N_("chdir"), AUD_CHDIR },
78 { N_("open"), AUD_OPEN },
79 { N_("kill"), AUD_KILL },
80 { N_("exit"), AUD_EXIT },
81 { N_("fork"), AUD_FORK },
82 { N_("setuid"), AUD_SETUID },
83 { N_("setgid"), AUD_SETGID },
84 { N_("pipe"), AUD_PIPE },
85 { NULL, 0 }
86};
87
88/* Set aud functions
89 */
[22]90int sh_aud_set_functions(const char * str_s)
[1]91{
92 int i = 0;
93
94 SL_ENTER(_("sh_aud_set_functions"));
95
96 if (str_s == NULL)
97 return -1;
98
99 while (aud_tab[i].str != NULL)
100 {
101 if (NULL != sl_strstr (str_s, _(aud_tab[i].str)))
102 {
103 sh.flag.audit = 1;
104 sh.flag.aud_mask |= aud_tab[i].val;
105 }
106 ++i;
107 }
108
109 SL_RETURN(0,_("sh_aud_set_functions"));
110}
111
112
113
114
115/* Need to catch EINTR for these functions.
116 */
[170]117long int retry_sigaction(const char * file, int line,
[1]118 int signum, const struct sigaction *act,
119 struct sigaction *oldact)
120{
121 int error;
122 long int val_retry = -1;
[132]123 char errbuf[SH_ERRBUF_SIZE];
[1]124 errno = 0;
125
126 SL_ENTER(_("retry_sigaction"));
127
128 do {
129 val_retry = sigaction(signum, act, oldact);
130 } while (val_retry < 0 && errno == EINTR);
131
132 error = errno;
133 if (val_retry < 0) {
134 sh_error_handle ((-1), file, line, error, MSG_ERR_SIGACT,
[132]135 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]136 (long) signum );
137 }
138 errno = error;
139 SL_RETURN(val_retry, _("retry_sigaction"));
140}
141
[295]142static struct sh_sockaddr bind_addr;
[1]143static int use_bind_addr = 0;
144
[20]145int sh_calls_set_bind_addr (const char * str)
[1]146{
[3]147 static int reject = 0;
148
149 if (reject == 1)
150 return (0);
151
152 if (sh.flag.opts == S_TRUE)
153 reject = 1;
154
[295]155 if (0 == sh_ipvx_aton(str, &bind_addr))
156 return -1;
157
[1]158 use_bind_addr = 1;
159 return 0;
160}
161
162
[170]163long int retry_connect(const char * file, int line, int sockfd,
[1]164 struct sockaddr *serv_addr, int addrlen)
165{
166 int error;
[472]167 int err_bind = 0;
[1]168 long int val_retry = 0;
[132]169 char errbuf[SH_ERRBUF_SIZE];
[1]170
171 SL_ENTER(_("retry_connect"));
172
173 errno = 0;
174
[472]175 if (use_bind_addr)
[1]176 {
[295]177 int slen = SH_SS_LEN(bind_addr);
[472]178 struct sockaddr *b_addr = sh_ipvx_sockaddr_cast(&bind_addr);
[295]179
[472]180 if (bind_addr.ss_family == AF_INET)
181 b_addr->sa_family = AF_INET;
182#if defined(USE_IPVX)
183 else
184 b_addr->sa_family = AF_INET6;
185#endif
186 val_retry = bind(sockfd, b_addr, slen);
[1]187 }
188
189 if (val_retry == 0)
190 {
191 do {
[295]192 val_retry = connect(sockfd, serv_addr, addrlen);
[171]193 } while (val_retry < 0 && (errno == EINTR || errno == EINPROGRESS));
[1]194 }
[472]195 else
196 {
197 err_bind = 1;
198 }
[1]199
200 error = errno;
201 if (val_retry != 0) {
[473]202 long eport = 0;
[295]203 char eaddr[SH_IP_BUF];
[472]204 char emesg[SH_BUFSIZE];
205 struct sockaddr *err_addr = serv_addr;
206 struct sh_sockaddr ss;
[295]207
[472]208 if (err_bind)
209 err_addr = sh_ipvx_sockaddr_cast(&bind_addr);
210
211 sh_ipvx_save(&ss, err_addr->sa_family, err_addr);
[295]212 sh_ipvx_ntoa(eaddr, sizeof(eaddr), &ss);
213
[472]214 if (err_addr->sa_family == AF_INET)
[295]215 eport = (long) ntohs(((struct sockaddr_in *)serv_addr)->sin_port);
[472]216#if defined(USE_IPVX)
[295]217 else
218 eport = (long) ntohs(((struct sockaddr_in6 *)serv_addr)->sin6_port);
[472]219#endif
[295]220
[472]221 sl_strlcpy(emesg, sh_error_message(error, errbuf, sizeof(errbuf)), sizeof(emesg));
222 sl_strlcat(emesg,
223 (err_addr->sa_family == AF_INET) ? _(", AF_INET") : _(", AF_INET6"),
224 sizeof(emesg));
225
226 sl_strlcat(emesg,
227 (err_bind) ? _(", bind") : _(", connect"),
228 sizeof(emesg));
229
230 sh_error_handle ((-1), file, line, error, MSG_ERR_CONNECT,
231 emesg,
[295]232 (long) sockfd, eport, eaddr);
[1]233 }
234 errno = error;
235 SL_RETURN(val_retry, _("retry_connect"));
236}
237
[170]238long int retry_accept(const char * file, int line, int fd,
[295]239 struct sh_sockaddr *serv_addr, int * addrlen)
[1]240{
241 int error;
242 long int val_retry = -1;
[132]243 char errbuf[SH_ERRBUF_SIZE];
[295]244 struct sockaddr_storage ss;
[132]245
[295]246 ACCEPT_TYPE_ARG3 my_addrlen = sizeof(ss);
[1]247
248 errno = 0;
249
250 SL_ENTER(_("retry_accept"));
251
252 do {
[295]253 val_retry = accept(fd, (struct sockaddr *)&ss, &my_addrlen);
[1]254 } while (val_retry < 0 && errno == EINTR);
[295]255
[1]256 error = errno;
257 if (val_retry < 0) {
258 sh_error_handle ((-1), file, line, error, MSG_ERR_ACCEPT,
[132]259 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]260 (long) fd );
261 }
[295]262 errno = error;
263
[481]264 if (flag_err_debug == S_TRUE)
[361]265 {
266 char ipbuf[SH_IP_BUF];
267 char buf[SH_BUFSIZE];
268#if defined(USE_IPVX)
269 sl_strlcpy(errbuf, _("Address family: "), sizeof(errbuf));
270 sl_strlcat(errbuf,
271 (ss.ss_family == AF_INET6) ? _("AF_INET6") : _("AF_INET"),
272 sizeof(errbuf));
273 getnameinfo((struct sockaddr *)&ss, my_addrlen,
274 ipbuf, sizeof(ipbuf), NULL, 0, NI_NUMERICHOST);
275#else
276 struct sockaddr_in sa;
277 char * p;
278 memcpy(&(sa), (struct sockaddr_in*)&ss, sizeof(struct sockaddr_in));
279 p = inet_ntoa(sa.sin_addr);
280 sl_strlcpy(ipbuf, p, sizeof(ipbuf));
281 sl_strlcpy(errbuf, _("Address family: AF_INET"), sizeof(errbuf));
282#endif
283 sl_strlcpy(buf, _("Address: "), sizeof(buf));
284 sl_strlcat(buf, ipbuf, sizeof(buf));
285 sh_error_handle (SH_ERR_ALL, FIL__, __LINE__, 0, MSG_E_SUBGEN,
286 errbuf, _("retry_accept"));
287 sh_error_handle (SH_ERR_ALL, FIL__, __LINE__, 0, MSG_E_SUBGEN,
288 buf, _("retry_accept"));
289 }
290
[295]291 sh_ipvx_save(serv_addr, ss.ss_family, (struct sockaddr *) &ss);
292
[481]293 if (flag_err_debug == S_TRUE)
[361]294 {
295 char ipbuf[SH_IP_BUF];
296 char ipbuf2[SH_IP_BUF];
297 char buf[SH_BUFSIZE];
298#if defined(USE_IPVX)
299 int len = (serv_addr->ss_family == AF_INET) ?
300 sizeof(struct sockaddr_in) :
301 sizeof(struct sockaddr_in6);
302 getnameinfo(sh_ipvx_sockaddr_cast(serv_addr), len,
303 ipbuf2, sizeof(ipbuf2), NULL, 0, NI_NUMERICHOST);
304#else
305 char * p = inet_ntoa((serv_addr->sin).sin_addr);
306 sl_strlcpy(ipbuf2, p, sizeof(ipbuf2));
307#endif
308 sh_ipvx_ntoa (ipbuf, sizeof(ipbuf), serv_addr);
309 sl_snprintf(buf, sizeof(buf), _("Address: %s / %s"),
310 ipbuf, ipbuf2);
311 sh_error_handle (SH_ERR_ALL, FIL__, __LINE__, 0, MSG_E_SUBGEN,
312 buf, _("retry_accept"));
313 }
314
[307]315 *addrlen = (int) my_addrlen;
[1]316 SL_RETURN(val_retry, _("retry_accept"));
317}
318
[317]319static int sh_enable_use_sub = 0;
320
321#if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
322static int sh_use_sub = 1;
323#else
[315]324static int sh_use_sub = 0;
[317]325#endif
[315]326
[317]327void sh_calls_enable_sub()
328{
329 sh_enable_use_sub = 1;
330 return;
331}
332
[315]333int sh_calls_set_sub (const char * str)
334{
[317]335 int ret = sh_util_flagval(str, &sh_use_sub);
336
337 if ((ret == 0) && (!sh_use_sub))
338 {
339 sh_kill_sub();
340 }
341 return ret;
[315]342}
343
[317]344long int retry_lstat_ns(const char * file, int line,
345 const char *file_name, struct stat *buf)
346{
347 int error;
348 long int val_retry = -1;
349 char errbuf[SH_ERRBUF_SIZE];
350
351 SL_ENTER(_("retry_lstat_ns"));
352
353 do {
354 val_retry = /*@-unrecog@*/lstat (file_name, buf)/*@+unrecog@*/;
355 } while (val_retry < 0 && errno == EINTR);
356
357 error = errno;
358 if (val_retry < 0) {
359 (void) sh_error_message(error, aud_err_message, 64);
360 sh_error_handle ((-1), file, line, error, MSG_ERR_LSTAT,
361 sh_error_message(error, errbuf, sizeof(errbuf)),
362 file_name );
363 }
364 errno = error;
365
366 SL_RETURN(val_retry, _("retry_lstat_ns"));
367}
368
[170]369long int retry_lstat(const char * file, int line,
[1]370 const char *file_name, struct stat *buf)
371{
372 int error;
373 long int val_retry = -1;
[132]374 char errbuf[SH_ERRBUF_SIZE];
[1]375
376 SL_ENTER(_("retry_lstat"));
377
[317]378 if (sh_use_sub && sh_enable_use_sub)
[315]379 {
380 val_retry = sh_sub_lstat (file_name, buf);
381 }
382 else
383 {
384 do {
385 val_retry = /*@-unrecog@*/lstat (file_name, buf)/*@+unrecog@*/;
386 } while (val_retry < 0 && errno == EINTR);
387 }
388
[1]389 error = errno;
390 if (val_retry < 0) {
[134]391 (void) sh_error_message(error, aud_err_message, 64);
[1]392 sh_error_handle ((-1), file, line, error, MSG_ERR_LSTAT,
[132]393 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]394 file_name );
395 }
396 errno = error;
[315]397
[1]398 SL_RETURN(val_retry, _("retry_lstat"));
399}
400
[170]401long int retry_stat(const char * file, int line,
[1]402 const char *file_name, struct stat *buf)
403{
404 int error;
405 long int val_retry = -1;
[132]406 char errbuf[SH_ERRBUF_SIZE];
[1]407
408 SL_ENTER(_("retry_stat"));
409
[317]410 if (sh_use_sub && sh_enable_use_sub)
[315]411 {
412 val_retry = sh_sub_stat (file_name, buf);
413 }
414 else
415 {
416 do {
417 val_retry = stat (file_name, buf);
418 } while (val_retry < 0 && errno == EINTR);
419 }
420
[1]421 error = errno;
422 if (val_retry < 0) {
[134]423 (void) sh_error_message(error, aud_err_message, 64);
[1]424 sh_error_handle ((-1), file, line, error, MSG_ERR_STAT,
[132]425 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]426 file_name );
427 }
428 errno = error;
[315]429
[1]430 SL_RETURN(val_retry, _("retry_stat"));
431}
432
[170]433long int retry_fstat(const char * file, int line, int filed, struct stat *buf)
[1]434{
435 int error;
436 long int val_retry = -1;
[132]437 char errbuf[SH_ERRBUF_SIZE];
[1]438
439 SL_ENTER(_("retry_fstat"));
440
441 do {
442 val_retry = fstat (filed, buf);
443 } while (val_retry < 0 && errno == EINTR);
444 error = errno;
445 if (val_retry < 0) {
446 sh_error_handle ((-1), file, line, error, MSG_ERR_FSTAT,
[132]447 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]448 (long) filed );
449 }
450 errno = error;
451 SL_RETURN(val_retry, _("retry_fstat"));
452}
453
[170]454long int retry_fcntl(const char * file, int line, int fd, int cmd, long arg)
[1]455{
456 int error;
457 long int val_retry = -1;
[132]458 char errbuf[SH_ERRBUF_SIZE];
[1]459 errno = 0;
460
461 SL_ENTER(_("retry_fcntl"));
462
463 if (cmd == F_GETFD || cmd == F_GETFL)
464 {
465 do {
466 val_retry = fcntl(fd, cmd);
467 } while (val_retry < 0 && errno == EINTR);
468 }
469 else
470 {
471 do {
472 val_retry = fcntl(fd, cmd, arg);
473 } while (val_retry < 0 && errno == EINTR);
474 }
475 error = errno;
476 if (val_retry < 0) {
477 sh_error_handle ((-1), file, line, error, MSG_ERR_FCNTL,
[132]478 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]479 (long) fd, (long) cmd, arg );
480 }
481 errno = error;
482 SL_RETURN(val_retry, _("retry_fcntl"));
483}
484
485long int retry_msleep (int sec, int millisec)
486{
487 int result = 0;
488#if defined(HAVE_NANOSLEEP)
489 struct timespec req, rem;
490#endif
491
492 errno = 0;
493 if (millisec > 999) millisec = 999;
494 if (millisec < 0) millisec = 0;
495 if (sec < 0) sec = 0;
496
497#if defined(HAVE_NANOSLEEP)
498 /*@-usedef@*/
499 req.tv_sec = sec; rem.tv_sec = 0;
500 req.tv_nsec = millisec * 1000000; rem.tv_nsec = 0;
501 /*@+usedef@*/
502 do {
503 result = /*@-unrecog@*/nanosleep(&req, &rem)/*@+unrecog@*/;
504
505 req.tv_sec = rem.tv_sec; rem.tv_sec = 0;
506 req.tv_nsec = rem.tv_nsec; rem.tv_nsec = 0;
507
508 } while ((result == -1) && (errno == EINTR));
509#else
510 if (sec > 0)
[481]511 sleep (sec); /* nanosleep not available */
512 else {
[1]513#ifdef HAVE_USLEEP
[481]514 if (millisec > 0)
515 usleep(1000 * millisec);
[1]516#else
[481]517 if (millisec > 0)
518 sleep (1);
[1]519#endif
[481]520 }
[1]521#endif
[481]522 return result;
[1]523}
524
525/***************************************************
526 *
527 * Audit these functions.
528 *
529 ***************************************************/
530
[170]531long int retry_aud_execve (const char * file, int line,
[1]532 const char *dateiname, char * argv[],
533 char * envp[])
534{
535 uid_t a = geteuid();
536 gid_t b = getegid();
537 int i;
538 int error;
[132]539 char errbuf[SH_ERRBUF_SIZE];
[1]540
541 SL_ENTER(_("retry_aud_execve"));
542
543 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_EXEC) != 0)
544 sh_error_handle ((-1), file, line, 0, MSG_AUD_EXEC,
545 dateiname, (long) a, (long) b );
546 do {
547 i = execve(dateiname, argv, envp);
548 } while (i < 0 && errno == EINTR);
549
550 error = errno;
551 if (i < 0) {
[132]552 sh_error_handle ((-1), file, line, error, MSG_ERR_EXEC,
553 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]554 dateiname, (long) a, (long) b );
555 }
556 errno = error;
557 SL_RETURN(i, _("retry_aud_execve"));
558}
559
560
[170]561long int retry_aud_utime (const char * file, int line,
562 char * path, struct utimbuf *buf)
[1]563{
564 long int val_return;
565 int error;
[132]566 char errbuf[SH_ERRBUF_SIZE];
[1]567 errno = 0;
568
569 SL_ENTER(_("retry_aud_utime"));
570
571 do {
572 val_return = utime (path, buf);
573 } while (val_return < 0 && errno == EINTR);
574
575 error = errno;
576 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_UTIME) != 0)
577 sh_error_handle ((-1), file, line, 0, MSG_AUD_UTIME,
578 path,
579 (unsigned long) buf->actime,
580 (unsigned long) buf->modtime);
581 if (val_return < 0) {
582 sh_error_handle ((-1), file, line, error, MSG_ERR_UTIME,
[132]583 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]584 path,
585 (unsigned long) buf->actime,
586 (unsigned long) buf->modtime);
587 }
588 errno = error;
589 SL_RETURN(val_return, _("retry_aud_utime"));
590}
591
[170]592long int retry_aud_unlink (const char * file, int line,
[1]593 char * path)
594{
595 long int val_return;
596 int error;
[132]597 char errbuf[SH_ERRBUF_SIZE];
[1]598 errno = 0;
599
600 SL_ENTER(_("retry_aud_unlink"));
601
602 do {
603 val_return = unlink (path);
604 } while (val_return < 0 && errno == EINTR);
605
606 error = errno;
607 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_UNLINK) != 0)
608 sh_error_handle ((-1), file, line, 0, MSG_AUD_UNLINK,
609 path);
610 if (val_return < 0) {
[132]611 sh_error_handle ((-1), file, line, error, MSG_ERR_UNLINK,
612 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]613 path);
614 }
615 errno = error;
616 SL_RETURN(val_return, _("retry_aud_unlink"));
617}
618
[170]619long int retry_aud_dup2 (const char * file, int line,
[1]620 int fd, int fd2)
621{
622 long int val_return;
623 int error;
[132]624 char errbuf[SH_ERRBUF_SIZE];
[1]625 errno = 0;
626
627 SL_ENTER(_("retry_aud_dup2"));
628
629 do {
630 val_return = dup2 (fd, fd2);
631 } while (val_return < 0 && errno == EINTR);
632
633 error = errno;
634 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_DUP) != 0)
635 sh_error_handle ((-1), file, line, 0, MSG_AUD_DUP,
636 (long) fd, val_return);
637 if (val_return < 0) {
638 sh_error_handle ((-1), file, line, error, MSG_ERR_DUP,
[132]639 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]640 (long) fd, val_return);
641 }
642 errno = error;
643 SL_RETURN(val_return, _("retry_aud_dup2"));
644}
645
[170]646long int retry_aud_dup (const char * file, int line,
[1]647 int fd)
648{
649 long int val_return;
650 int error;
[132]651 char errbuf[SH_ERRBUF_SIZE];
[1]652 errno = 0;
653
654 SL_ENTER(_("retry_aud_dup"));
655
656 do {
657 val_return = dup (fd);
658 } while (val_return < 0 && errno == EINTR);
659 error = errno;
660 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_DUP) != 0)
661 sh_error_handle ((-1), file, line, 0, MSG_AUD_DUP,
662 (long) fd, val_return);
663 if (val_return < 0) {
664 sh_error_handle ((-1), file, line, error, MSG_ERR_DUP,
[132]665 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]666 (long) fd, val_return);
667 }
668 errno = error;
669 SL_RETURN(val_return, _("retry_aud_dup"));
670}
671
672
673
[170]674long int retry_aud_chdir (const char * file, int line,
[1]675 const char *path)
676{
677 long int val_return;
678 int error = 0;
[132]679 char errbuf[SH_ERRBUF_SIZE];
[1]680 errno = 0;
681
682 SL_ENTER(_("retry_aud_chdir"));
683
684 do {
685 val_return = chdir (path);
686 } while (val_return < 0 && errno == EINTR);
687
688 error = errno;
689 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_CHDIR) != 0)
690 sh_error_handle ((-1), file, line, 0, MSG_AUD_CHDIR,
691 path);
692 if (val_return < 0) {
[132]693 sh_error_handle ((-1), file, line, error, MSG_ERR_CHDIR,
694 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]695 path);
696 }
697 errno = error;
698 SL_RETURN(val_return, _("retry_aud_chdir"));
699}
700
701
[170]702long int aud_open_noatime (const char * file, int line, int privs,
[1]703 const char *pathname, int flags, mode_t mode,
704 int * o_noatime)
705{
706 long int val_return;
707 int error;
[132]708 char errbuf[SH_ERRBUF_SIZE];
[1]709
710 SL_ENTER(_("aud_open"));
711
[412]712#ifdef USE_SUID
713 if (0 == strcmp(pathname, "/usr/bin/sudo"))
714 {
715 uid_t ruid; uid_t euid; uid_t suid;
716 getresuid(&ruid, &euid, &suid);
717 }
718 if (privs == SL_YESPRIV)
719 sl_set_suid();
720#else
721 /*@-noeffect@*/
722 (void) privs; /* fix compiler warning */
723 /*@+noeffect@*/
724#endif
725
[1]726 val_return = open (pathname, *o_noatime|flags, mode);
[412]727
728#ifdef USE_SUID
729 if (privs == SL_YESPRIV)
730 sl_unset_suid();
731#endif
732
[1]733 if ((val_return < 0) && (*o_noatime != 0))
734 {
735 val_return = open (pathname, flags, mode);
736 if (val_return >= 0)
737 *o_noatime = 0;
738 }
739 error = errno;
740
741 if (val_return < 0)
742 {
[134]743 (void) sh_error_message(error, aud_err_message, 64);
[1]744 }
745
746 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_OPEN) != 0)
747 {
748 sh_error_handle ((-1), file, line, 0, MSG_AUD_OPEN,
749 pathname, (long) flags, (long) mode, val_return);
750 }
751 if (val_return < 0) {
752 sh_error_handle ((-1), file, line, error, MSG_ERR_OPEN,
[132]753 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]754 pathname, (long) flags, (long) mode, val_return);
755 }
756 errno = error;
757 SL_RETURN(val_return, _("aud_open"));
758}
759
[170]760long int aud_open (const char * file, int line, int privs,
[1]761 const char *pathname, int flags, mode_t mode)
762{
763 long int val_return;
764 int error;
[132]765 char errbuf[SH_ERRBUF_SIZE];
[1]766
767 SL_ENTER(_("aud_open"));
768
[412]769#ifdef USE_SUID
770 if (privs == SL_YESPRIV)
771 sl_set_suid();
772#else
[1]773 /*@-noeffect@*/
774 (void) privs; /* fix compiler warning */
775 /*@+noeffect@*/
[412]776#endif
[1]777
[412]778 val_return = open (pathname, flags, mode);
779
780#ifdef USE_SUID
781 if (privs == SL_YESPRIV)
782 sl_unset_suid();
783#endif
784
785 error = errno;
786
[1]787 if (val_return < 0)
788 {
[134]789 (void) sh_error_message(error, aud_err_message, 64);
[1]790 }
791
792 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_OPEN) != 0)
793 {
794 sh_error_handle ((-1), file, line, 0, MSG_AUD_OPEN,
795 pathname, (long) flags, (long) mode, val_return);
796 }
797 if (val_return < 0) {
798 sh_error_handle ((-1), file, line, error, MSG_ERR_OPEN,
[132]799 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]800 pathname, (long) flags, (long) mode, val_return);
801 }
802 errno = error;
803 SL_RETURN(val_return, _("aud_open"));
804}
805
[170]806long int aud_kill (const char * file, int line, pid_t pid, int sig)
[1]807{
808 int myerror;
809 long int val_return = kill (pid, sig);
[132]810 char errbuf[SH_ERRBUF_SIZE];
[1]811 myerror = errno;
812
813 SL_ENTER(_("aud_kill"));
814
815 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_KILL) != 0)
816 sh_error_handle ((-1), file, line, 0, MSG_AUD_KILL,
817 (long) pid, (long) sig);
818 if (val_return < 0) {
819 sh_error_handle ((-1), file, line, myerror, MSG_ERR_KILL,
[132]820 sh_error_message(myerror, errbuf, sizeof(errbuf)),
[1]821 (long) pid, (long) sig);
822 }
823 errno = myerror;
824 SL_RETURN(val_return, _("aud_kill"));
825}
826
827/*@noreturn@*/
[481]828void aud_exit (const char * file, int line, int exitval)
[1]829{
830 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_EXIT) != 0)
831 sh_error_handle ((-1), file, line, 0, MSG_AUD_EXIT,
[481]832 (long) exitval);
[1]833
834 SL_ENTER(_("aud_exit"));
835
[481]836 sh.flag.exit = exitval;
837 exit(exitval);
[1]838}
839
840/*@noreturn@*/
[481]841void aud__exit (const char * file, int line, int exitval)
[1]842{
843 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_EXIT) != 0)
844 sh_error_handle ((-1), file, line, 0, MSG_AUD_EXIT,
[481]845 (long) exitval);
[1]846
847 SL_ENTER(_("aud__exit"));
848
[481]849 sh.flag.exit = exitval;
850 _exit(exitval);
[1]851}
852
[170]853pid_t aud_fork (const char * file, int line)
[1]854{
855 int error;
856 pid_t i = fork();
[132]857 char errbuf[SH_ERRBUF_SIZE];
[1]858
859 error = errno;
860 SL_ENTER(_("aud_fork"));
861
862 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_FORK) != 0 && (i > 0))
863 sh_error_handle ((-1), file, line, 0, MSG_AUD_FORK,
864 (long) i);
865 if (i == (pid_t) -1) {
866 sh_error_handle ((-1), file, line, error, MSG_ERR_FORK,
[132]867 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]868 (long) i);
869 }
870 errno = error;
871 SL_RETURN(i, _("aud_fork"));
872}
873
[170]874int aud_setuid (const char * file, int line, uid_t uid)
[1]875{
876 int error = 0;
877 int i = 0;
[132]878 char errbuf[SH_ERRBUF_SIZE];
[1]879
880 SL_ENTER(_("aud_setuid"));
881
882 if (uid != (uid_t) 0) {
883 i = setuid(uid);
884 error = errno;
885 }
886 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_SETUID) != 0)
887 sh_error_handle ((-1), file, line, 0, MSG_AUD_SETUID,
888 (long) uid);
889 if (uid == (uid_t) 0) {
890 i = setuid(uid);
891 error = errno;
892 }
893 if (i < 0) {
894 sh_error_handle ((-1), file, line, error, MSG_ERR_SETUID,
[132]895 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]896 (long) uid);
897 }
898 errno = error;
899 SL_RETURN(i, _("aud_setuid"));
900}
901
[170]902int aud_setgid (const char * file, int line, gid_t gid)
[1]903{
904 int error = 0;
905 int i = 0;
[132]906 char errbuf[SH_ERRBUF_SIZE];
[1]907
908 SL_ENTER(_("aud_setgid"));
909
910 if (gid != (gid_t) 0) {
911 i = setgid(gid);
912 error = errno;
913 }
914
915 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_SETGID) != 0)
916 sh_error_handle ((-1), file, line, 0, MSG_AUD_SETGID,
917 (long) gid);
918 if (gid == (gid_t) 0) {
919 i = setgid(gid);
920 error = errno;
921 }
922 if (i < 0) {
923 sh_error_handle ((-1), file, line, error, MSG_ERR_SETGID,
[132]924 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]925 (long) gid);
926 }
927 errno = error;
928 SL_RETURN(i, _("aud_setgid"));
929}
930
[170]931int aud_pipe (const char * file, int line, int * modus)
[1]932{
933 int error;
934 int i = pipe (modus);
[132]935 char errbuf[SH_ERRBUF_SIZE];
[1]936
937 SL_ENTER(_("aud_pipe"));
938
939 error = errno;
940 if (sh.flag.audit != 0 && (sh.flag.aud_mask & AUD_PIPE) != 0)
941 {
942 if (i < 0)
943 sh_error_handle ((-1), file, line, 0, MSG_AUD_PIPE,
944 (long) 0, (long) 0);
945 else
946 sh_error_handle ((-1), file, line, 0, MSG_AUD_PIPE,
947 (long) modus[0], (long) modus[1]);
948 }
949 if (i < 0) {
950 if (i < 0)
951 sh_error_handle ((-1), file, line, error, MSG_ERR_PIPE,
[137]952 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]953 (long) 0, (long) 0);
954 else
955 sh_error_handle ((-1), file, line, error, MSG_ERR_PIPE,
[132]956 sh_error_message(error, errbuf, sizeof(errbuf)),
[1]957 (long) modus[0], (long) modus[1]);
958 }
959 SL_RETURN(i, _("aud_pipe"));
960}
Note: See TracBrowser for help on using the repository browser.