10Sstevel@tonic-gate /*
20Sstevel@tonic-gate * CDDL HEADER START
30Sstevel@tonic-gate *
40Sstevel@tonic-gate * The contents of this file are subject to the terms of the
51676Sjpk * Common Development and Distribution License (the "License").
61676Sjpk * You may not use this file except in compliance with the License.
70Sstevel@tonic-gate *
80Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
90Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
100Sstevel@tonic-gate * See the License for the specific language governing permissions
110Sstevel@tonic-gate * and limitations under the License.
120Sstevel@tonic-gate *
130Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
140Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
150Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
160Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
170Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
180Sstevel@tonic-gate *
190Sstevel@tonic-gate * CDDL HEADER END
200Sstevel@tonic-gate */
210Sstevel@tonic-gate /*
2211866SJan.Friedel@Sun.COM * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
230Sstevel@tonic-gate * Use is subject to license terms.
240Sstevel@tonic-gate */
250Sstevel@tonic-gate
260Sstevel@tonic-gate
270Sstevel@tonic-gate /*
280Sstevel@tonic-gate * Token processing for auditreduce.
290Sstevel@tonic-gate */
300Sstevel@tonic-gate
310Sstevel@tonic-gate #include <locale.h>
320Sstevel@tonic-gate #include <sys/zone.h>
330Sstevel@tonic-gate #include "auditr.h"
340Sstevel@tonic-gate #include "toktable.h"
350Sstevel@tonic-gate
360Sstevel@tonic-gate extern int re_exec2(char *);
370Sstevel@tonic-gate
380Sstevel@tonic-gate static void anchor_path(char *path);
390Sstevel@tonic-gate static char *collapse_path(char *s);
400Sstevel@tonic-gate static void get_string(adr_t *adr, char **p);
410Sstevel@tonic-gate static int ipc_type_match(int flag, char type);
420Sstevel@tonic-gate static void skip_string(adr_t *adr);
430Sstevel@tonic-gate static int xgeneric(adr_t *adr);
440Sstevel@tonic-gate
450Sstevel@tonic-gate #if AUDIT_REC
460Sstevel@tonic-gate void
print_id(int id)470Sstevel@tonic-gate print_id(int id)
480Sstevel@tonic-gate {
490Sstevel@tonic-gate char *suffix;
500Sstevel@tonic-gate
510Sstevel@tonic-gate if ((id < 0) || (id > MAXTOKEN) ||
520Sstevel@tonic-gate (tokentable[id].func == NOFUNC)) {
530Sstevel@tonic-gate (void) fprintf(stderr,
540Sstevel@tonic-gate "token_processing: token %d not found\n", id);
550Sstevel@tonic-gate return;
560Sstevel@tonic-gate }
570Sstevel@tonic-gate
580Sstevel@tonic-gate switch (id) {
590Sstevel@tonic-gate case AUT_NEWGROUPS:
600Sstevel@tonic-gate suffix = "_new";
610Sstevel@tonic-gate break;
620Sstevel@tonic-gate case AUT_ATTR32:
630Sstevel@tonic-gate suffix = "32";
640Sstevel@tonic-gate break;
650Sstevel@tonic-gate case AUT_ARG64:
660Sstevel@tonic-gate case AUT_RETURN64:
670Sstevel@tonic-gate case AUT_ATTR64:
680Sstevel@tonic-gate case AUT_HEADER64:
690Sstevel@tonic-gate case AUT_SUBJECT64:
700Sstevel@tonic-gate case AUT_PROCESS64:
710Sstevel@tonic-gate case AUT_OTHER_FILE64:
720Sstevel@tonic-gate suffix = "64";
730Sstevel@tonic-gate break;
740Sstevel@tonic-gate case AUT_SOCKET_EX:
750Sstevel@tonic-gate case AUT_IN_ADDR_EX:
760Sstevel@tonic-gate suffix = "_ex";
770Sstevel@tonic-gate break;
780Sstevel@tonic-gate case AUT_HEADER32_EX:
790Sstevel@tonic-gate case AUT_SUBJECT32_EX:
800Sstevel@tonic-gate case AUT_PROCESS32_EX:
810Sstevel@tonic-gate suffix = "32_ex";
820Sstevel@tonic-gate break;
830Sstevel@tonic-gate case AUT_HEADER64_EX:
840Sstevel@tonic-gate case AUT_SUBJECT64_EX:
850Sstevel@tonic-gate case AUT_PROCESS64_EX:
860Sstevel@tonic-gate suffix = "64_ex";
870Sstevel@tonic-gate break;
880Sstevel@tonic-gate default:
890Sstevel@tonic-gate suffix = "";
900Sstevel@tonic-gate break;
910Sstevel@tonic-gate }
920Sstevel@tonic-gate (void) fprintf(stderr, "token_processing: %s%s\n",
930Sstevel@tonic-gate tokentable[id].t_name, suffix);
940Sstevel@tonic-gate }
950Sstevel@tonic-gate #endif /* AUDIT_REC */
960Sstevel@tonic-gate
970Sstevel@tonic-gate /*
980Sstevel@tonic-gate * Process a token in a record to determine whether the record is interesting.
990Sstevel@tonic-gate */
1000Sstevel@tonic-gate
1010Sstevel@tonic-gate int
token_processing(adr_t * adr,int tokenid)1020Sstevel@tonic-gate token_processing(adr_t *adr, int tokenid)
1030Sstevel@tonic-gate {
1040Sstevel@tonic-gate if ((tokenid > 0) && (tokenid <= MAXTOKEN) &&
1050Sstevel@tonic-gate (tokentable[tokenid].func != NOFUNC)) {
1060Sstevel@tonic-gate #if AUDIT_REC
1070Sstevel@tonic-gate print_id(tokenid);
1080Sstevel@tonic-gate #endif /* AUDIT_REC */
1090Sstevel@tonic-gate return ((*tokentable[tokenid].func)(adr));
1100Sstevel@tonic-gate }
1110Sstevel@tonic-gate
1120Sstevel@tonic-gate /* here if token id is not in table */
1130Sstevel@tonic-gate return (-2);
1140Sstevel@tonic-gate }
1150Sstevel@tonic-gate
1160Sstevel@tonic-gate
1170Sstevel@tonic-gate /* There should not be any file or header tokens in the middle of a record */
1180Sstevel@tonic-gate
1190Sstevel@tonic-gate /* ARGSUSED */
1200Sstevel@tonic-gate int
file_token(adr_t * adr)1210Sstevel@tonic-gate file_token(adr_t *adr)
1220Sstevel@tonic-gate {
1230Sstevel@tonic-gate return (-2);
1240Sstevel@tonic-gate }
1250Sstevel@tonic-gate
1260Sstevel@tonic-gate /* ARGSUSED */
1270Sstevel@tonic-gate int
file64_token(adr_t * adr)1280Sstevel@tonic-gate file64_token(adr_t *adr)
1290Sstevel@tonic-gate {
1300Sstevel@tonic-gate return (-2);
1310Sstevel@tonic-gate }
1320Sstevel@tonic-gate
1330Sstevel@tonic-gate /* ARGSUSED */
1340Sstevel@tonic-gate int
header_token(adr_t * adr)1350Sstevel@tonic-gate header_token(adr_t *adr)
1360Sstevel@tonic-gate {
1370Sstevel@tonic-gate return (-2);
1380Sstevel@tonic-gate }
1390Sstevel@tonic-gate
1400Sstevel@tonic-gate /* ARGSUSED */
1410Sstevel@tonic-gate int
header32_ex_token(adr_t * adr)1420Sstevel@tonic-gate header32_ex_token(adr_t *adr)
1430Sstevel@tonic-gate {
1440Sstevel@tonic-gate return (-2);
1450Sstevel@tonic-gate }
1460Sstevel@tonic-gate
1470Sstevel@tonic-gate /* ARGSUSED */
1480Sstevel@tonic-gate int
header64_ex_token(adr_t * adr)1490Sstevel@tonic-gate header64_ex_token(adr_t *adr)
1500Sstevel@tonic-gate {
1510Sstevel@tonic-gate return (-2);
1520Sstevel@tonic-gate }
1530Sstevel@tonic-gate
1540Sstevel@tonic-gate /* ARGSUSED */
1550Sstevel@tonic-gate int
header64_token(adr_t * adr)1560Sstevel@tonic-gate header64_token(adr_t *adr)
1570Sstevel@tonic-gate {
1580Sstevel@tonic-gate return (-2);
1590Sstevel@tonic-gate }
1600Sstevel@tonic-gate
1610Sstevel@tonic-gate
1620Sstevel@tonic-gate /*
1630Sstevel@tonic-gate * ======================================================
1640Sstevel@tonic-gate * The following token processing routines return
1650Sstevel@tonic-gate * -1: if the record is not interesting
1660Sstevel@tonic-gate * -2: if an error is found
1670Sstevel@tonic-gate * ======================================================
1680Sstevel@tonic-gate */
1690Sstevel@tonic-gate
1700Sstevel@tonic-gate int
trailer_token(adr_t * adr)1710Sstevel@tonic-gate trailer_token(adr_t *adr)
1720Sstevel@tonic-gate {
1730Sstevel@tonic-gate short magic_number;
1740Sstevel@tonic-gate uint32_t bytes;
1750Sstevel@tonic-gate
1760Sstevel@tonic-gate adrm_u_short(adr, (ushort_t *)&magic_number, 1);
1770Sstevel@tonic-gate if (magic_number != AUT_TRAILER_MAGIC) {
1780Sstevel@tonic-gate (void) fprintf(stderr, "%s\n",
1795344Stz204579 gettext("auditreduce: Bad trailer token"));
1800Sstevel@tonic-gate return (-2);
1810Sstevel@tonic-gate }
1820Sstevel@tonic-gate adrm_u_int32(adr, &bytes, 1);
1830Sstevel@tonic-gate
1840Sstevel@tonic-gate return (-1);
1850Sstevel@tonic-gate }
1860Sstevel@tonic-gate
1870Sstevel@tonic-gate
1880Sstevel@tonic-gate /*
1890Sstevel@tonic-gate * Format of arbitrary data token:
1900Sstevel@tonic-gate * arbitrary data token id adr char
1910Sstevel@tonic-gate * how to print adr_char
1920Sstevel@tonic-gate * basic unit adr_char
1930Sstevel@tonic-gate * unit count adr_char, specifying number of units of
1940Sstevel@tonic-gate * data items depends on basic unit
1950Sstevel@tonic-gate */
1960Sstevel@tonic-gate int
arbitrary_data_token(adr_t * adr)1970Sstevel@tonic-gate arbitrary_data_token(adr_t *adr)
1980Sstevel@tonic-gate {
1990Sstevel@tonic-gate int i;
2000Sstevel@tonic-gate char c1;
2010Sstevel@tonic-gate short c2;
2020Sstevel@tonic-gate int32_t c3;
2030Sstevel@tonic-gate int64_t c4;
2040Sstevel@tonic-gate char how_to_print, basic_unit, unit_count;
2050Sstevel@tonic-gate
2060Sstevel@tonic-gate /* get how_to_print, basic_unit, and unit_count */
2070Sstevel@tonic-gate adrm_char(adr, &how_to_print, 1);
2080Sstevel@tonic-gate adrm_char(adr, &basic_unit, 1);
2090Sstevel@tonic-gate adrm_char(adr, &unit_count, 1);
2100Sstevel@tonic-gate for (i = 0; i < unit_count; i++) {
2110Sstevel@tonic-gate switch (basic_unit) {
2120Sstevel@tonic-gate /* case AUR_BYTE: has same value as AUR_CHAR */
2130Sstevel@tonic-gate case AUR_CHAR:
2140Sstevel@tonic-gate adrm_char(adr, &c1, 1);
2150Sstevel@tonic-gate break;
2160Sstevel@tonic-gate case AUR_SHORT:
2170Sstevel@tonic-gate adrm_short(adr, &c2, 1);
2180Sstevel@tonic-gate break;
2190Sstevel@tonic-gate case AUR_INT32:
2200Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&c3, 1);
2210Sstevel@tonic-gate break;
2220Sstevel@tonic-gate case AUR_INT64:
2230Sstevel@tonic-gate adrm_int64(adr, (int64_t *)&c4, 1);
2240Sstevel@tonic-gate break;
2250Sstevel@tonic-gate default:
2260Sstevel@tonic-gate return (-2);
2270Sstevel@tonic-gate break;
2280Sstevel@tonic-gate }
2290Sstevel@tonic-gate }
2300Sstevel@tonic-gate return (-1);
2310Sstevel@tonic-gate }
2320Sstevel@tonic-gate
2330Sstevel@tonic-gate
2340Sstevel@tonic-gate /*
2350Sstevel@tonic-gate * Format of opaque token:
2360Sstevel@tonic-gate * opaque token id adr_char
2370Sstevel@tonic-gate * size adr_short
2380Sstevel@tonic-gate * data adr_char, size times
2390Sstevel@tonic-gate */
2400Sstevel@tonic-gate int
opaque_token(adr_t * adr)2410Sstevel@tonic-gate opaque_token(adr_t *adr)
2420Sstevel@tonic-gate {
2430Sstevel@tonic-gate skip_string(adr);
2440Sstevel@tonic-gate return (-1);
2450Sstevel@tonic-gate }
2460Sstevel@tonic-gate
2470Sstevel@tonic-gate
2480Sstevel@tonic-gate
2490Sstevel@tonic-gate /*
2500Sstevel@tonic-gate * Format of return32 value token:
2510Sstevel@tonic-gate * return value token id adr_char
2520Sstevel@tonic-gate * error number adr_char
2530Sstevel@tonic-gate * return value adr_u_int32
2540Sstevel@tonic-gate */
2550Sstevel@tonic-gate int
return_value32_token(adr_t * adr)2560Sstevel@tonic-gate return_value32_token(adr_t *adr)
2570Sstevel@tonic-gate {
2580Sstevel@tonic-gate char errnum;
2590Sstevel@tonic-gate uint32_t value;
2600Sstevel@tonic-gate
2610Sstevel@tonic-gate adrm_char(adr, &errnum, 1);
2620Sstevel@tonic-gate adrm_u_int32(adr, &value, 1);
2630Sstevel@tonic-gate if ((flags & M_SORF) &&
2645344Stz204579 ((global_class & mask.am_success) && (errnum == 0)) ||
2655344Stz204579 ((global_class & mask.am_failure) && (errnum != 0))) {
2665344Stz204579 checkflags |= M_SORF;
2670Sstevel@tonic-gate }
2680Sstevel@tonic-gate return (-1);
2690Sstevel@tonic-gate }
2700Sstevel@tonic-gate
2710Sstevel@tonic-gate /*
2720Sstevel@tonic-gate * Format of return64 value token:
2730Sstevel@tonic-gate * return value token id adr_char
2740Sstevel@tonic-gate * error number adr_char
2750Sstevel@tonic-gate * return value adr_u_int64
2760Sstevel@tonic-gate */
2770Sstevel@tonic-gate int
return_value64_token(adr_t * adr)2780Sstevel@tonic-gate return_value64_token(adr_t *adr)
2790Sstevel@tonic-gate {
2800Sstevel@tonic-gate char errnum;
2810Sstevel@tonic-gate uint64_t value;
2820Sstevel@tonic-gate
2830Sstevel@tonic-gate adrm_char(adr, &errnum, 1);
2840Sstevel@tonic-gate adrm_u_int64(adr, &value, 1);
2850Sstevel@tonic-gate if ((flags & M_SORF) &&
2865344Stz204579 ((global_class & mask.am_success) && (errnum == 0)) ||
2875344Stz204579 ((global_class & mask.am_failure) && (errnum != 0))) {
2885344Stz204579 checkflags |= M_SORF;
2890Sstevel@tonic-gate }
2900Sstevel@tonic-gate return (-1);
2910Sstevel@tonic-gate }
2920Sstevel@tonic-gate
2930Sstevel@tonic-gate
2940Sstevel@tonic-gate /*
2950Sstevel@tonic-gate * Format of sequence token:
2960Sstevel@tonic-gate * sequence token id adr_char
2970Sstevel@tonic-gate * audit_count int32_t
2980Sstevel@tonic-gate */
2990Sstevel@tonic-gate int
sequence_token(adr_t * adr)3000Sstevel@tonic-gate sequence_token(adr_t *adr)
3010Sstevel@tonic-gate {
3020Sstevel@tonic-gate int32_t audit_count;
3030Sstevel@tonic-gate
3040Sstevel@tonic-gate adrm_int32(adr, &audit_count, 1);
3050Sstevel@tonic-gate return (-1);
3060Sstevel@tonic-gate }
3070Sstevel@tonic-gate
3080Sstevel@tonic-gate
3090Sstevel@tonic-gate /*
3100Sstevel@tonic-gate * Format of text token:
3110Sstevel@tonic-gate * text token id adr_char
3120Sstevel@tonic-gate * text adr_string
3130Sstevel@tonic-gate */
3140Sstevel@tonic-gate int
text_token(adr_t * adr)3150Sstevel@tonic-gate text_token(adr_t *adr)
3160Sstevel@tonic-gate {
3170Sstevel@tonic-gate skip_string(adr);
3180Sstevel@tonic-gate return (-1);
3190Sstevel@tonic-gate }
3200Sstevel@tonic-gate
3210Sstevel@tonic-gate
3220Sstevel@tonic-gate /*
3230Sstevel@tonic-gate * Format of ip_addr token:
3240Sstevel@tonic-gate * ip token id adr_char
3250Sstevel@tonic-gate * address adr_int32
3260Sstevel@tonic-gate */
3270Sstevel@tonic-gate int
ip_addr_token(adr_t * adr)3280Sstevel@tonic-gate ip_addr_token(adr_t *adr)
3290Sstevel@tonic-gate {
3300Sstevel@tonic-gate int32_t address;
3310Sstevel@tonic-gate
3320Sstevel@tonic-gate adrm_char(adr, (char *)&address, 4);
3330Sstevel@tonic-gate
3340Sstevel@tonic-gate return (-1);
3350Sstevel@tonic-gate }
3360Sstevel@tonic-gate
3370Sstevel@tonic-gate /*
3380Sstevel@tonic-gate * Format of ip_addr_ex token:
3390Sstevel@tonic-gate * ip token id adr_char
3400Sstevel@tonic-gate * ip type adr_int32
34111866SJan.Friedel@Sun.COM * ip address adr_u_char*type
3420Sstevel@tonic-gate */
3430Sstevel@tonic-gate int
ip_addr_ex_token(adr_t * adr)3440Sstevel@tonic-gate ip_addr_ex_token(adr_t *adr)
3450Sstevel@tonic-gate {
3460Sstevel@tonic-gate int32_t type;
34711866SJan.Friedel@Sun.COM uchar_t address[16];
3480Sstevel@tonic-gate
3490Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&type, 1);
35011866SJan.Friedel@Sun.COM adrm_u_char(adr, address, type);
3510Sstevel@tonic-gate
3520Sstevel@tonic-gate return (-1);
3530Sstevel@tonic-gate }
3540Sstevel@tonic-gate
3550Sstevel@tonic-gate /*
3560Sstevel@tonic-gate * Format of ip token:
3570Sstevel@tonic-gate * ip header token id adr_char
3580Sstevel@tonic-gate * version adr_char
3590Sstevel@tonic-gate * type of service adr_char
3600Sstevel@tonic-gate * length adr_short
3610Sstevel@tonic-gate * id adr_u_short
3620Sstevel@tonic-gate * offset adr_u_short
3630Sstevel@tonic-gate * ttl adr_char
3640Sstevel@tonic-gate * protocol adr_char
3650Sstevel@tonic-gate * checksum adr_u_short
3660Sstevel@tonic-gate * source address adr_int32
3670Sstevel@tonic-gate * destination address adr_int32
3680Sstevel@tonic-gate */
3690Sstevel@tonic-gate int
ip_token(adr_t * adr)3700Sstevel@tonic-gate ip_token(adr_t *adr)
3710Sstevel@tonic-gate {
3720Sstevel@tonic-gate char version;
3730Sstevel@tonic-gate char type;
3740Sstevel@tonic-gate short len;
3750Sstevel@tonic-gate unsigned short id, offset, checksum;
3760Sstevel@tonic-gate char ttl, protocol;
3770Sstevel@tonic-gate int32_t src, dest;
3780Sstevel@tonic-gate
3790Sstevel@tonic-gate adrm_char(adr, &version, 1);
3800Sstevel@tonic-gate adrm_char(adr, &type, 1);
3810Sstevel@tonic-gate adrm_short(adr, &len, 1);
3820Sstevel@tonic-gate adrm_u_short(adr, &id, 1);
3830Sstevel@tonic-gate adrm_u_short(adr, &offset, 1);
3840Sstevel@tonic-gate adrm_char(adr, &ttl, 1);
3850Sstevel@tonic-gate adrm_char(adr, &protocol, 1);
3860Sstevel@tonic-gate adrm_u_short(adr, &checksum, 1);
3870Sstevel@tonic-gate adrm_char(adr, (char *)&src, 4);
3880Sstevel@tonic-gate adrm_char(adr, (char *)&dest, 4);
3890Sstevel@tonic-gate
3900Sstevel@tonic-gate return (-1);
3910Sstevel@tonic-gate }
3920Sstevel@tonic-gate
3930Sstevel@tonic-gate
3940Sstevel@tonic-gate /*
3950Sstevel@tonic-gate * Format of iport token:
3960Sstevel@tonic-gate * ip port address token id adr_char
3970Sstevel@tonic-gate * port address adr_short
3980Sstevel@tonic-gate */
3990Sstevel@tonic-gate int
iport_token(adr_t * adr)4000Sstevel@tonic-gate iport_token(adr_t *adr)
4010Sstevel@tonic-gate {
4020Sstevel@tonic-gate short address;
4030Sstevel@tonic-gate
4040Sstevel@tonic-gate adrm_short(adr, &address, 1);
4050Sstevel@tonic-gate
4060Sstevel@tonic-gate return (-1);
4070Sstevel@tonic-gate }
4080Sstevel@tonic-gate
4090Sstevel@tonic-gate
4100Sstevel@tonic-gate /*
4110Sstevel@tonic-gate * Format of groups token:
4120Sstevel@tonic-gate * group token id adr_char
4130Sstevel@tonic-gate * group list adr_int32, 16 times
4140Sstevel@tonic-gate */
4150Sstevel@tonic-gate int
group_token(adr_t * adr)4160Sstevel@tonic-gate group_token(adr_t *adr)
4170Sstevel@tonic-gate {
4180Sstevel@tonic-gate int gid[16];
4190Sstevel@tonic-gate int i;
4200Sstevel@tonic-gate int flag = 0;
4210Sstevel@tonic-gate
4220Sstevel@tonic-gate for (i = 0; i < 16; i++) {
4230Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&gid[i], 1);
4240Sstevel@tonic-gate if (flags & M_GROUPR) {
4250Sstevel@tonic-gate if ((unsigned short)m_groupr == gid[i])
4260Sstevel@tonic-gate flag = 1;
4270Sstevel@tonic-gate }
4280Sstevel@tonic-gate }
4290Sstevel@tonic-gate
4300Sstevel@tonic-gate if (flags & M_GROUPR) {
4310Sstevel@tonic-gate if (flag)
4320Sstevel@tonic-gate checkflags |= M_GROUPR;
4330Sstevel@tonic-gate }
4340Sstevel@tonic-gate return (-1);
4350Sstevel@tonic-gate }
4360Sstevel@tonic-gate
4370Sstevel@tonic-gate /*
4380Sstevel@tonic-gate * Format of newgroups token:
4390Sstevel@tonic-gate * group token id adr_char
4400Sstevel@tonic-gate * number of groups adr_short
4410Sstevel@tonic-gate * group list adr_int32, "number" times
4420Sstevel@tonic-gate */
4430Sstevel@tonic-gate int
newgroup_token(adr_t * adr)4440Sstevel@tonic-gate newgroup_token(adr_t *adr)
4450Sstevel@tonic-gate {
4460Sstevel@tonic-gate gid_t gid;
4470Sstevel@tonic-gate int i;
4480Sstevel@tonic-gate short int number;
4490Sstevel@tonic-gate
4500Sstevel@tonic-gate adrm_short(adr, &number, 1);
4510Sstevel@tonic-gate
4520Sstevel@tonic-gate for (i = 0; i < number; i++) {
4530Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&gid, 1);
4540Sstevel@tonic-gate if (flags & M_GROUPR) {
4550Sstevel@tonic-gate if (m_groupr == gid)
4560Sstevel@tonic-gate checkflags |= M_GROUPR;
4570Sstevel@tonic-gate }
4580Sstevel@tonic-gate }
4590Sstevel@tonic-gate
4600Sstevel@tonic-gate return (-1);
4610Sstevel@tonic-gate }
4620Sstevel@tonic-gate
4630Sstevel@tonic-gate /*
4640Sstevel@tonic-gate * Format of argument32 token:
4650Sstevel@tonic-gate * argument token id adr_char
4660Sstevel@tonic-gate * argument number adr_char
4670Sstevel@tonic-gate * argument value adr_int32
4680Sstevel@tonic-gate * argument description adr_string
4690Sstevel@tonic-gate */
4700Sstevel@tonic-gate int
argument32_token(adr_t * adr)4710Sstevel@tonic-gate argument32_token(adr_t *adr)
4720Sstevel@tonic-gate {
4730Sstevel@tonic-gate char arg_num;
4740Sstevel@tonic-gate int32_t arg_val;
4750Sstevel@tonic-gate
4760Sstevel@tonic-gate adrm_char(adr, &arg_num, 1);
4770Sstevel@tonic-gate adrm_int32(adr, &arg_val, 1);
4780Sstevel@tonic-gate skip_string(adr);
4790Sstevel@tonic-gate
4800Sstevel@tonic-gate return (-1);
4810Sstevel@tonic-gate }
4820Sstevel@tonic-gate
4830Sstevel@tonic-gate /*
4840Sstevel@tonic-gate * Format of argument64 token:
4850Sstevel@tonic-gate * argument token id adr_char
4860Sstevel@tonic-gate * argument number adr_char
4870Sstevel@tonic-gate * argument value adr_int64
4880Sstevel@tonic-gate * argument description adr_string
4890Sstevel@tonic-gate */
4900Sstevel@tonic-gate int
argument64_token(adr_t * adr)4910Sstevel@tonic-gate argument64_token(adr_t *adr)
4920Sstevel@tonic-gate {
4930Sstevel@tonic-gate char arg_num;
4940Sstevel@tonic-gate int64_t arg_val;
4950Sstevel@tonic-gate
4960Sstevel@tonic-gate adrm_char(adr, &arg_num, 1);
4970Sstevel@tonic-gate adrm_int64(adr, &arg_val, 1);
4980Sstevel@tonic-gate skip_string(adr);
4990Sstevel@tonic-gate
5000Sstevel@tonic-gate return (-1);
5010Sstevel@tonic-gate }
5020Sstevel@tonic-gate
5035344Stz204579 /*
5045344Stz204579 * Format of acl token:
5055344Stz204579 * acl token id adr_char
5065344Stz204579 * acl type adr_u_int32
5075344Stz204579 * acl value adr_u_int32 (depends on type)
5085344Stz204579 * file mode adr_u_int (in octal)
5095344Stz204579 */
5100Sstevel@tonic-gate int
acl_token(adr_t * adr)5110Sstevel@tonic-gate acl_token(adr_t *adr)
5120Sstevel@tonic-gate {
5130Sstevel@tonic-gate
5140Sstevel@tonic-gate int32_t id;
5150Sstevel@tonic-gate int32_t mode;
5160Sstevel@tonic-gate int32_t type;
5170Sstevel@tonic-gate
5180Sstevel@tonic-gate adrm_int32(adr, &type, 1);
5190Sstevel@tonic-gate adrm_int32(adr, &id, 1);
5200Sstevel@tonic-gate adrm_int32(adr, &mode, 1);
5210Sstevel@tonic-gate
5220Sstevel@tonic-gate return (-1);
5230Sstevel@tonic-gate }
5240Sstevel@tonic-gate
5250Sstevel@tonic-gate /*
5265344Stz204579 * Format of ace token:
5275344Stz204579 * ace token id adr_char
5285344Stz204579 * ace who adr_u_int32 (uid/gid)
5295344Stz204579 * access mask adr_u_int32
5305344Stz204579 * ace flags adr_u_int16
5315344Stz204579 * ace type adr_u_int16
5325344Stz204579 */
5335344Stz204579 int
ace_token(adr_t * adr)5345344Stz204579 ace_token(adr_t *adr)
5355344Stz204579 {
5365344Stz204579 uid_t who;
5375344Stz204579 uint32_t access_mask;
5385344Stz204579 uint16_t flags, type;
5395344Stz204579
5405344Stz204579 adrm_uid(adr, &who, 1);
5415344Stz204579 adrm_u_int32(adr, &access_mask, 1);
5425344Stz204579 adrm_u_short(adr, &flags, 1);
5435344Stz204579 adrm_u_short(adr, &type, 1);
5445344Stz204579
5455344Stz204579 return (-1);
5465344Stz204579 }
5475344Stz204579
5485344Stz204579 /*
5490Sstevel@tonic-gate * Format of attribute token: (old pre SunOS 5.7 format)
5500Sstevel@tonic-gate * attribute token id adr_char
5510Sstevel@tonic-gate * mode adr_int32 (printed in octal)
5520Sstevel@tonic-gate * uid adr_int32
5530Sstevel@tonic-gate * gid adr_int32
5540Sstevel@tonic-gate * file system id adr_int32
5550Sstevel@tonic-gate * node id adr_int32
5560Sstevel@tonic-gate * device adr_int32
5570Sstevel@tonic-gate */
5580Sstevel@tonic-gate int
attribute_token(adr_t * adr)5590Sstevel@tonic-gate attribute_token(adr_t *adr)
5600Sstevel@tonic-gate {
5610Sstevel@tonic-gate int32_t dev;
5620Sstevel@tonic-gate int32_t file_sysid;
5630Sstevel@tonic-gate int32_t gid;
5640Sstevel@tonic-gate int32_t mode;
5650Sstevel@tonic-gate int32_t nodeid;
5660Sstevel@tonic-gate int32_t uid;
5670Sstevel@tonic-gate
5680Sstevel@tonic-gate adrm_int32(adr, &mode, 1);
5690Sstevel@tonic-gate adrm_int32(adr, &uid, 1);
5700Sstevel@tonic-gate adrm_int32(adr, &gid, 1);
5710Sstevel@tonic-gate adrm_int32(adr, &file_sysid, 1);
5720Sstevel@tonic-gate adrm_int32(adr, &nodeid, 1);
5730Sstevel@tonic-gate adrm_int32(adr, &dev, 1);
5740Sstevel@tonic-gate
5750Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) {
5760Sstevel@tonic-gate if (m_usere == uid)
5770Sstevel@tonic-gate checkflags |= M_USERE;
5780Sstevel@tonic-gate }
5790Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) {
5800Sstevel@tonic-gate if (m_groupe == gid)
5810Sstevel@tonic-gate checkflags |= M_GROUPE;
5820Sstevel@tonic-gate }
5830Sstevel@tonic-gate
5840Sstevel@tonic-gate if (flags & M_OBJECT) {
5850Sstevel@tonic-gate if ((obj_flag & OBJ_FGROUP) &&
5860Sstevel@tonic-gate (obj_group == gid))
5870Sstevel@tonic-gate checkflags |= M_OBJECT;
5880Sstevel@tonic-gate else if ((obj_flag & OBJ_FOWNER) &&
5890Sstevel@tonic-gate (obj_owner == uid))
5900Sstevel@tonic-gate checkflags |= M_OBJECT;
5910Sstevel@tonic-gate }
5920Sstevel@tonic-gate return (-1);
5930Sstevel@tonic-gate }
5940Sstevel@tonic-gate
5950Sstevel@tonic-gate /*
5960Sstevel@tonic-gate * Format of attribute32 token:
5970Sstevel@tonic-gate * attribute token id adr_char
5980Sstevel@tonic-gate * mode adr_int32 (printed in octal)
5990Sstevel@tonic-gate * uid adr_int32
6000Sstevel@tonic-gate * gid adr_int32
6010Sstevel@tonic-gate * file system id adr_int32
6020Sstevel@tonic-gate * node id adr_int64
6030Sstevel@tonic-gate * device adr_int32
6040Sstevel@tonic-gate */
6050Sstevel@tonic-gate int
attribute32_token(adr_t * adr)6060Sstevel@tonic-gate attribute32_token(adr_t *adr)
6070Sstevel@tonic-gate {
6080Sstevel@tonic-gate int32_t dev;
6090Sstevel@tonic-gate int32_t file_sysid;
6100Sstevel@tonic-gate int32_t gid;
6110Sstevel@tonic-gate int32_t mode;
6120Sstevel@tonic-gate int64_t nodeid;
6130Sstevel@tonic-gate int32_t uid;
6140Sstevel@tonic-gate
6150Sstevel@tonic-gate adrm_int32(adr, &mode, 1);
6160Sstevel@tonic-gate adrm_int32(adr, &uid, 1);
6170Sstevel@tonic-gate adrm_int32(adr, &gid, 1);
6180Sstevel@tonic-gate adrm_int32(adr, &file_sysid, 1);
6190Sstevel@tonic-gate adrm_int64(adr, &nodeid, 1);
6200Sstevel@tonic-gate adrm_int32(adr, &dev, 1);
6210Sstevel@tonic-gate
6220Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) {
6230Sstevel@tonic-gate if (m_usere == uid)
6240Sstevel@tonic-gate checkflags |= M_USERE;
6250Sstevel@tonic-gate }
6260Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) {
6270Sstevel@tonic-gate if (m_groupe == gid)
6280Sstevel@tonic-gate checkflags |= M_GROUPE;
6290Sstevel@tonic-gate }
6300Sstevel@tonic-gate
6310Sstevel@tonic-gate if (flags & M_OBJECT) {
6320Sstevel@tonic-gate if ((obj_flag & OBJ_FGROUP) &&
6330Sstevel@tonic-gate (obj_group == gid))
6340Sstevel@tonic-gate checkflags |= M_OBJECT;
6350Sstevel@tonic-gate else if ((obj_flag & OBJ_FOWNER) &&
6360Sstevel@tonic-gate (obj_owner == uid))
6370Sstevel@tonic-gate checkflags |= M_OBJECT;
6380Sstevel@tonic-gate }
6390Sstevel@tonic-gate return (-1);
6400Sstevel@tonic-gate }
6410Sstevel@tonic-gate
6420Sstevel@tonic-gate /*
6430Sstevel@tonic-gate * Format of attribute64 token:
6440Sstevel@tonic-gate * attribute token id adr_char
6450Sstevel@tonic-gate * mode adr_int32 (printed in octal)
6460Sstevel@tonic-gate * uid adr_int32
6470Sstevel@tonic-gate * gid adr_int32
6480Sstevel@tonic-gate * file system id adr_int32
6490Sstevel@tonic-gate * node id adr_int64
6500Sstevel@tonic-gate * device adr_int64
6510Sstevel@tonic-gate */
6520Sstevel@tonic-gate int
attribute64_token(adr_t * adr)6530Sstevel@tonic-gate attribute64_token(adr_t *adr)
6540Sstevel@tonic-gate {
6550Sstevel@tonic-gate int64_t dev;
6560Sstevel@tonic-gate int32_t file_sysid;
6570Sstevel@tonic-gate int32_t gid;
6580Sstevel@tonic-gate int32_t mode;
6590Sstevel@tonic-gate int64_t nodeid;
6600Sstevel@tonic-gate int32_t uid;
6610Sstevel@tonic-gate
6620Sstevel@tonic-gate adrm_int32(adr, &mode, 1);
6630Sstevel@tonic-gate adrm_int32(adr, &uid, 1);
6640Sstevel@tonic-gate adrm_int32(adr, &gid, 1);
6650Sstevel@tonic-gate adrm_int32(adr, &file_sysid, 1);
6660Sstevel@tonic-gate adrm_int64(adr, &nodeid, 1);
6670Sstevel@tonic-gate adrm_int64(adr, &dev, 1);
6680Sstevel@tonic-gate
6690Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) {
6700Sstevel@tonic-gate if (m_usere == uid)
6710Sstevel@tonic-gate checkflags |= M_USERE;
6720Sstevel@tonic-gate }
6730Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) {
6740Sstevel@tonic-gate if (m_groupe == gid)
6750Sstevel@tonic-gate checkflags |= M_GROUPE;
6760Sstevel@tonic-gate }
6770Sstevel@tonic-gate
6780Sstevel@tonic-gate if (flags & M_OBJECT) {
6790Sstevel@tonic-gate if ((obj_flag & OBJ_FGROUP) &&
6800Sstevel@tonic-gate (obj_group == gid))
6810Sstevel@tonic-gate checkflags |= M_OBJECT;
6820Sstevel@tonic-gate else if ((obj_flag & OBJ_FOWNER) &&
6830Sstevel@tonic-gate (obj_owner == uid))
6840Sstevel@tonic-gate checkflags |= M_OBJECT;
6850Sstevel@tonic-gate }
6860Sstevel@tonic-gate return (-1);
6870Sstevel@tonic-gate }
6880Sstevel@tonic-gate
6890Sstevel@tonic-gate
6900Sstevel@tonic-gate /*
6910Sstevel@tonic-gate * Format of command token:
6920Sstevel@tonic-gate * attribute token id adr_char
6930Sstevel@tonic-gate * argc adr_short
6940Sstevel@tonic-gate * argv len adr_short variable amount of argv len
6950Sstevel@tonic-gate * argv text argv len and text
6960Sstevel@tonic-gate * .
6970Sstevel@tonic-gate * .
6980Sstevel@tonic-gate * .
6990Sstevel@tonic-gate * envp count adr_short variable amount of envp len
7000Sstevel@tonic-gate * envp len adr_short and text
7010Sstevel@tonic-gate * envp text envp len
7020Sstevel@tonic-gate * .
7030Sstevel@tonic-gate * .
7040Sstevel@tonic-gate * .
7050Sstevel@tonic-gate */
7060Sstevel@tonic-gate int
cmd_token(adr_t * adr)7070Sstevel@tonic-gate cmd_token(adr_t *adr)
7080Sstevel@tonic-gate {
7090Sstevel@tonic-gate short cnt;
7100Sstevel@tonic-gate short i;
7110Sstevel@tonic-gate
7120Sstevel@tonic-gate adrm_short(adr, &cnt, 1);
7130Sstevel@tonic-gate
7140Sstevel@tonic-gate for (i = 0; i < cnt; i++)
7150Sstevel@tonic-gate skip_string(adr);
7160Sstevel@tonic-gate
7170Sstevel@tonic-gate adrm_short(adr, &cnt, 1);
7180Sstevel@tonic-gate
7190Sstevel@tonic-gate for (i = 0; i < cnt; i++)
7200Sstevel@tonic-gate skip_string(adr);
7210Sstevel@tonic-gate
7220Sstevel@tonic-gate return (-1);
7230Sstevel@tonic-gate }
7240Sstevel@tonic-gate
7250Sstevel@tonic-gate
7260Sstevel@tonic-gate /*
7270Sstevel@tonic-gate * Format of exit token:
7280Sstevel@tonic-gate * attribute token id adr_char
7290Sstevel@tonic-gate * return value adr_int32
7300Sstevel@tonic-gate * errno adr_int32
7310Sstevel@tonic-gate */
7320Sstevel@tonic-gate int
exit_token(adr_t * adr)7330Sstevel@tonic-gate exit_token(adr_t *adr)
7340Sstevel@tonic-gate {
7350Sstevel@tonic-gate int32_t retval;
7360Sstevel@tonic-gate int32_t errno;
7370Sstevel@tonic-gate
7380Sstevel@tonic-gate adrm_int32(adr, &retval, 1);
7390Sstevel@tonic-gate adrm_int32(adr, &errno, 1);
7400Sstevel@tonic-gate return (-1);
7410Sstevel@tonic-gate }
7420Sstevel@tonic-gate
7430Sstevel@tonic-gate /*
7440Sstevel@tonic-gate * Format of strings array token:
7450Sstevel@tonic-gate * token id adr_char
7460Sstevel@tonic-gate * count value adr_int32
7470Sstevel@tonic-gate * strings null terminated strings
7480Sstevel@tonic-gate */
7490Sstevel@tonic-gate static int
strings_common_token(adr_t * adr)7500Sstevel@tonic-gate strings_common_token(adr_t *adr)
7510Sstevel@tonic-gate {
7520Sstevel@tonic-gate int count, i;
7530Sstevel@tonic-gate char c;
7540Sstevel@tonic-gate
7550Sstevel@tonic-gate adrm_int32(adr, (int32_t *)&count, 1);
7560Sstevel@tonic-gate for (i = 1; i <= count; i++) {
7570Sstevel@tonic-gate adrm_char(adr, &c, 1);
7580Sstevel@tonic-gate while (c != (char)0)
7590Sstevel@tonic-gate adrm_char(adr, &c, 1);
7600Sstevel@tonic-gate }
7610Sstevel@tonic-gate /* no dump option here, since we will have variable length fields */
7620Sstevel@tonic-gate return (-1);
7630Sstevel@tonic-gate }
7640Sstevel@tonic-gate
7650Sstevel@tonic-gate int
path_attr_token(adr_t * adr)7660Sstevel@tonic-gate path_attr_token(adr_t *adr)
7670Sstevel@tonic-gate {
7680Sstevel@tonic-gate return (strings_common_token(adr));
7690Sstevel@tonic-gate }
7700Sstevel@tonic-gate
7710Sstevel@tonic-gate int
exec_args_token(adr_t * adr)7720Sstevel@tonic-gate exec_args_token(adr_t *adr)
7730Sstevel@tonic-gate {
7740Sstevel@tonic-gate return (strings_common_token(adr));
7750Sstevel@tonic-gate }
7760Sstevel@tonic-gate
7770Sstevel@tonic-gate int
exec_env_token(adr_t * adr)7780Sstevel@tonic-gate exec_env_token(adr_t *adr)
7790Sstevel@tonic-gate {
7800Sstevel@tonic-gate return (strings_common_token(adr));
7810Sstevel@tonic-gate }
7820Sstevel@tonic-gate
7830Sstevel@tonic-gate /*
7840Sstevel@tonic-gate * Format of liaison token:
7850Sstevel@tonic-gate */
7860Sstevel@tonic-gate int
liaison_token(adr_t * adr)7870Sstevel@tonic-gate liaison_token(adr_t *adr)
7880Sstevel@tonic-gate {
7890Sstevel@tonic-gate int32_t li;
7900Sstevel@tonic-gate
7910Sstevel@tonic-gate adrm_int32(adr, &li, 1);
7920Sstevel@tonic-gate return (-1);
7930Sstevel@tonic-gate }
7940Sstevel@tonic-gate
7950Sstevel@tonic-gate
7960Sstevel@tonic-gate /*
7970Sstevel@tonic-gate * Format of path token:
7980Sstevel@tonic-gate * path adr_string
7990Sstevel@tonic-gate */
8000Sstevel@tonic-gate int
path_token(adr_t * adr)8010Sstevel@tonic-gate path_token(adr_t *adr)
8020Sstevel@tonic-gate {
8030Sstevel@tonic-gate if ((flags & M_OBJECT) && (obj_flag == OBJ_PATH)) {
8040Sstevel@tonic-gate char *path;
8050Sstevel@tonic-gate
8060Sstevel@tonic-gate get_string(adr, &path);
8070Sstevel@tonic-gate if (path[0] != '/')
8080Sstevel@tonic-gate /*
8090Sstevel@tonic-gate * anchor the path. user apps may not do it.
8100Sstevel@tonic-gate */
8110Sstevel@tonic-gate anchor_path(path);
8120Sstevel@tonic-gate /*
8130Sstevel@tonic-gate * match against the collapsed path. that is what user sees.
8140Sstevel@tonic-gate */
8150Sstevel@tonic-gate if (re_exec2(collapse_path(path)) == 1)
8160Sstevel@tonic-gate checkflags |= M_OBJECT;
8170Sstevel@tonic-gate free(path);
8180Sstevel@tonic-gate } else {
8190Sstevel@tonic-gate skip_string(adr);
8200Sstevel@tonic-gate }
8210Sstevel@tonic-gate return (-1);
8220Sstevel@tonic-gate }
8230Sstevel@tonic-gate
8240Sstevel@tonic-gate
8250Sstevel@tonic-gate /*
8260Sstevel@tonic-gate * Format of System V IPC permission token:
8270Sstevel@tonic-gate * System V IPC permission token id adr_char
8280Sstevel@tonic-gate * uid adr_int32
8290Sstevel@tonic-gate * gid adr_int32
8300Sstevel@tonic-gate * cuid adr_int32
8310Sstevel@tonic-gate * cgid adr_int32
8320Sstevel@tonic-gate * mode adr_int32
8330Sstevel@tonic-gate * seq adr_int32
8340Sstevel@tonic-gate * key adr_int32
8350Sstevel@tonic-gate */
8360Sstevel@tonic-gate int
s5_IPC_perm_token(adr_t * adr)8370Sstevel@tonic-gate s5_IPC_perm_token(adr_t *adr)
8380Sstevel@tonic-gate {
8390Sstevel@tonic-gate int32_t uid, gid, cuid, cgid, mode, seq;
8400Sstevel@tonic-gate int32_t key;
8410Sstevel@tonic-gate
8420Sstevel@tonic-gate adrm_int32(adr, &uid, 1);
8430Sstevel@tonic-gate adrm_int32(adr, &gid, 1);
8440Sstevel@tonic-gate adrm_int32(adr, &cuid, 1);
8450Sstevel@tonic-gate adrm_int32(adr, &cgid, 1);
8460Sstevel@tonic-gate adrm_int32(adr, &mode, 1);
8470Sstevel@tonic-gate adrm_int32(adr, &seq, 1);
8480Sstevel@tonic-gate adrm_int32(adr, &key, 1);
8490Sstevel@tonic-gate
8500Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) {
8510Sstevel@tonic-gate if (m_usere == uid)
8520Sstevel@tonic-gate checkflags |= M_USERE;
8530Sstevel@tonic-gate }
8540Sstevel@tonic-gate
8550Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) {
8560Sstevel@tonic-gate if (m_usere == cuid)
8570Sstevel@tonic-gate checkflags |= M_USERE;
8580Sstevel@tonic-gate }
8590Sstevel@tonic-gate
8600Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) {
8610Sstevel@tonic-gate if (m_groupr == gid)
8620Sstevel@tonic-gate checkflags |= M_GROUPR;
8630Sstevel@tonic-gate }
8640Sstevel@tonic-gate
8650Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) {
8660Sstevel@tonic-gate if (m_groupr == cgid)
8670Sstevel@tonic-gate checkflags |= M_GROUPR;
8680Sstevel@tonic-gate }
8690Sstevel@tonic-gate
8700Sstevel@tonic-gate if ((flags & M_OBJECT) &&
8710Sstevel@tonic-gate ((obj_owner == uid) ||
8720Sstevel@tonic-gate (obj_owner == cuid) ||
8730Sstevel@tonic-gate (obj_group == gid) ||
8740Sstevel@tonic-gate (obj_group == cgid))) {
8750Sstevel@tonic-gate
8760Sstevel@tonic-gate switch (obj_flag) {
8770Sstevel@tonic-gate case OBJ_MSGGROUP:
8780Sstevel@tonic-gate case OBJ_MSGOWNER:
8790Sstevel@tonic-gate if (ipc_type_match(OBJ_MSG, ipc_type))
8800Sstevel@tonic-gate checkflags |= M_OBJECT;
8810Sstevel@tonic-gate break;
8820Sstevel@tonic-gate case OBJ_SEMGROUP:
8830Sstevel@tonic-gate case OBJ_SEMOWNER:
8840Sstevel@tonic-gate if (ipc_type_match(OBJ_SEM, ipc_type))
8850Sstevel@tonic-gate checkflags |= M_OBJECT;
8860Sstevel@tonic-gate break;
8870Sstevel@tonic-gate case OBJ_SHMGROUP:
8880Sstevel@tonic-gate case OBJ_SHMOWNER:
8890Sstevel@tonic-gate if (ipc_type_match(OBJ_SHM, ipc_type))
8900Sstevel@tonic-gate checkflags |= M_OBJECT;
8910Sstevel@tonic-gate break;
8920Sstevel@tonic-gate }
8930Sstevel@tonic-gate }
8940Sstevel@tonic-gate return (-1);
8950Sstevel@tonic-gate }
8960Sstevel@tonic-gate
8970Sstevel@tonic-gate
8980Sstevel@tonic-gate /*
8990Sstevel@tonic-gate * Format of process32 token:
9000Sstevel@tonic-gate * process token id adr_char
9010Sstevel@tonic-gate * auid adr_int32
9020Sstevel@tonic-gate * euid adr_int32
9030Sstevel@tonic-gate * egid adr_int32
9040Sstevel@tonic-gate * ruid adr_int32
9050Sstevel@tonic-gate * rgid adr_int32
9060Sstevel@tonic-gate * pid adr_int32
9070Sstevel@tonic-gate * sid adr_int32
9080Sstevel@tonic-gate * termid adr_int32*2
9090Sstevel@tonic-gate */
9100Sstevel@tonic-gate int
process32_token(adr_t * adr)9110Sstevel@tonic-gate process32_token(adr_t *adr)
9120Sstevel@tonic-gate {
9130Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid;
9140Sstevel@tonic-gate int32_t sid;
9150Sstevel@tonic-gate int32_t port, machine;
9160Sstevel@tonic-gate
9170Sstevel@tonic-gate adrm_int32(adr, &auid, 1);
9180Sstevel@tonic-gate adrm_int32(adr, &euid, 1);
9190Sstevel@tonic-gate adrm_int32(adr, &egid, 1);
9200Sstevel@tonic-gate adrm_int32(adr, &ruid, 1);
9210Sstevel@tonic-gate adrm_int32(adr, &rgid, 1);
9220Sstevel@tonic-gate adrm_int32(adr, &pid, 1);
9230Sstevel@tonic-gate adrm_int32(adr, &sid, 1);
9240Sstevel@tonic-gate adrm_int32(adr, &port, 1);
9250Sstevel@tonic-gate adrm_int32(adr, &machine, 1);
9260Sstevel@tonic-gate
9270Sstevel@tonic-gate if (!new_mode && (flags & M_USERA)) {
9280Sstevel@tonic-gate if (m_usera == auid)
9290Sstevel@tonic-gate checkflags |= M_USERA;
9300Sstevel@tonic-gate }
9310Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) {
9320Sstevel@tonic-gate if (m_usere == euid)
9330Sstevel@tonic-gate checkflags |= M_USERE;
9340Sstevel@tonic-gate }
9350Sstevel@tonic-gate if (!new_mode && (flags & M_USERR)) {
9360Sstevel@tonic-gate if (m_userr == ruid)
9370Sstevel@tonic-gate checkflags |= M_USERR;
9380Sstevel@tonic-gate }
9390Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) {
9400Sstevel@tonic-gate if (m_groupr == rgid)
9410Sstevel@tonic-gate checkflags |= M_GROUPR;
9420Sstevel@tonic-gate }
9430Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) {
9440Sstevel@tonic-gate if (m_groupe == egid)
9450Sstevel@tonic-gate checkflags |= M_GROUPE;
9460Sstevel@tonic-gate }
9470Sstevel@tonic-gate
9480Sstevel@tonic-gate if (flags & M_OBJECT) {
9490Sstevel@tonic-gate if ((obj_flag & OBJ_PROC) &&
9500Sstevel@tonic-gate (obj_id == pid)) {
9510Sstevel@tonic-gate checkflags |= M_OBJECT;
9520Sstevel@tonic-gate } else if ((obj_flag & OBJ_PGROUP) &&
9530Sstevel@tonic-gate ((obj_group == egid) ||
9540Sstevel@tonic-gate (obj_group == rgid))) {
9550Sstevel@tonic-gate checkflags |= M_OBJECT;
9560Sstevel@tonic-gate } else if ((obj_flag & OBJ_POWNER) &&
9570Sstevel@tonic-gate ((obj_owner == euid) ||
9580Sstevel@tonic-gate (obj_group == ruid))) {
9590Sstevel@tonic-gate checkflags |= M_OBJECT;
9600Sstevel@tonic-gate }
9610Sstevel@tonic-gate }
9620Sstevel@tonic-gate return (-1);
9630Sstevel@tonic-gate }
9640Sstevel@tonic-gate
9650Sstevel@tonic-gate /*
96611866SJan.Friedel@Sun.COM * Format of process32_ex token:
9670Sstevel@tonic-gate * process token id adr_char
9680Sstevel@tonic-gate * auid adr_int32
9690Sstevel@tonic-gate * euid adr_int32
9700Sstevel@tonic-gate * egid adr_int32
9710Sstevel@tonic-gate * ruid adr_int32
9720Sstevel@tonic-gate * rgid adr_int32
9730Sstevel@tonic-gate * pid adr_int32
9740Sstevel@tonic-gate * sid adr_int32
97511866SJan.Friedel@Sun.COM * termid
97611866SJan.Friedel@Sun.COM * port adr_int32
97711866SJan.Friedel@Sun.COM * type adr_int32
97811866SJan.Friedel@Sun.COM * ip address adr_u_char*type
9790Sstevel@tonic-gate */
9800Sstevel@tonic-gate int
process32_ex_token(adr_t * adr)9810Sstevel@tonic-gate process32_ex_token(adr_t *adr)
9820Sstevel@tonic-gate {
9830Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid;
9840Sstevel@tonic-gate int32_t sid;
98511866SJan.Friedel@Sun.COM int32_t port, type;
98611866SJan.Friedel@Sun.COM uchar_t addr[16];
9870Sstevel@tonic-gate
9880Sstevel@tonic-gate adrm_int32(adr, &auid, 1);
9890Sstevel@tonic-gate adrm_int32(adr, &euid, 1);
9900Sstevel@tonic-gate adrm_int32(adr, &egid, 1);
9910Sstevel@tonic-gate adrm_int32(adr, &ruid, 1);
9920Sstevel@tonic-gate adrm_int32(adr, &rgid, 1);
9930Sstevel@tonic-gate adrm_int32(adr, &pid, 1);
9940Sstevel@tonic-gate adrm_int32(adr, &sid, 1);
9950Sstevel@tonic-gate adrm_int32(adr, &port, 1);
9960Sstevel@tonic-gate adrm_int32(adr, &type, 1);
99711866SJan.Friedel@Sun.COM adrm_u_char(adr, addr, type);
9980Sstevel@tonic-gate
9990Sstevel@tonic-gate if (!new_mode && (flags & M_USERA)) {
10000Sstevel@tonic-gate if (m_usera == auid)
10010Sstevel@tonic-gate checkflags = checkflags | M_USERA;
10020Sstevel@tonic-gate }
10030Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) {
10040Sstevel@tonic-gate if (m_usere == euid)
10050Sstevel@tonic-gate checkflags = checkflags | M_USERE;
10060Sstevel@tonic-gate }
10070Sstevel@tonic-gate if (!new_mode && (flags & M_USERR)) {
10080Sstevel@tonic-gate if (m_userr == ruid)
10090Sstevel@tonic-gate checkflags = checkflags | M_USERR;
10100Sstevel@tonic-gate }
10110Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) {
10120Sstevel@tonic-gate if (m_groupr == egid)
10130Sstevel@tonic-gate checkflags = checkflags | M_GROUPR;
10140Sstevel@tonic-gate }
10150Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) {
10160Sstevel@tonic-gate if (m_groupe == egid)
10170Sstevel@tonic-gate checkflags = checkflags | M_GROUPE;
10180Sstevel@tonic-gate }
10190Sstevel@tonic-gate
10200Sstevel@tonic-gate if (flags & M_OBJECT) {
10210Sstevel@tonic-gate if ((obj_flag & OBJ_PROC) &&
10220Sstevel@tonic-gate (obj_id == pid)) {
10230Sstevel@tonic-gate checkflags = checkflags | M_OBJECT;
10240Sstevel@tonic-gate } else if ((obj_flag & OBJ_PGROUP) &&
10250Sstevel@tonic-gate ((obj_group == egid) ||
10260Sstevel@tonic-gate (obj_group == rgid))) {
10270Sstevel@tonic-gate checkflags = checkflags | M_OBJECT;
10280Sstevel@tonic-gate } else if ((obj_flag & OBJ_POWNER) &&
10290Sstevel@tonic-gate ((obj_owner == euid) ||
10300Sstevel@tonic-gate (obj_group == ruid))) {
10310Sstevel@tonic-gate checkflags = checkflags | M_OBJECT;
10320Sstevel@tonic-gate }
10330Sstevel@tonic-gate }
10340Sstevel@tonic-gate return (-1);
10350Sstevel@tonic-gate }
10360Sstevel@tonic-gate
10370Sstevel@tonic-gate /*
10380Sstevel@tonic-gate * Format of process64 token:
10390Sstevel@tonic-gate * process token id adr_char
10400Sstevel@tonic-gate * auid adr_int32
10410Sstevel@tonic-gate * euid adr_int32
10420Sstevel@tonic-gate * egid adr_int32
10430Sstevel@tonic-gate * ruid adr_int32
10440Sstevel@tonic-gate * rgid adr_int32
10450Sstevel@tonic-gate * pid adr_int32
10460Sstevel@tonic-gate * sid adr_int32
10470Sstevel@tonic-gate * termid adr_int64+adr_int32
10480Sstevel@tonic-gate */
10490Sstevel@tonic-gate int
process64_token(adr_t * adr)10500Sstevel@tonic-gate process64_token(adr_t *adr)
10510Sstevel@tonic-gate {
10520Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid;
10530Sstevel@tonic-gate int32_t sid;
10540Sstevel@tonic-gate int64_t port;
10550Sstevel@tonic-gate int32_t machine;
10560Sstevel@tonic-gate
10570Sstevel@tonic-gate adrm_int32(adr, &auid, 1);
10580Sstevel@tonic-gate adrm_int32(adr, &euid, 1);
10590Sstevel@tonic-gate adrm_int32(adr, &egid, 1);
10600Sstevel@tonic-gate adrm_int32(adr, &ruid, 1);
10610Sstevel@tonic-gate adrm_int32(adr, &rgid, 1);
10620Sstevel@tonic-gate adrm_int32(adr, &pid, 1);
10630Sstevel@tonic-gate adrm_int32(adr, &sid, 1);
10640Sstevel@tonic-gate adrm_int64(adr, &port, 1);
10650Sstevel@tonic-gate adrm_int32(adr, &machine, 1);
10660Sstevel@tonic-gate
10670Sstevel@tonic-gate if (!new_mode && (flags & M_USERA)) {
10680Sstevel@tonic-gate if (m_usera == auid)
10690Sstevel@tonic-gate checkflags |= M_USERA;
10700Sstevel@tonic-gate }
10710Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) {
10720Sstevel@tonic-gate if (m_usere == euid)
10730Sstevel@tonic-gate checkflags |= M_USERE;
10740Sstevel@tonic-gate }
10750Sstevel@tonic-gate if (!new_mode && (flags & M_USERR)) {
10760Sstevel@tonic-gate if (m_userr == ruid)
10770Sstevel@tonic-gate checkflags |= M_USERR;
10780Sstevel@tonic-gate }
10790Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) {
10800Sstevel@tonic-gate if (m_groupr == rgid)
10810Sstevel@tonic-gate checkflags |= M_GROUPR;
10820Sstevel@tonic-gate }
10830Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) {
10840Sstevel@tonic-gate if (m_groupe == egid)
10850Sstevel@tonic-gate checkflags |= M_GROUPE;
10860Sstevel@tonic-gate }
10870Sstevel@tonic-gate
10880Sstevel@tonic-gate if (flags & M_OBJECT) {
10890Sstevel@tonic-gate if ((obj_flag & OBJ_PROC) &&
10900Sstevel@tonic-gate (obj_id == pid)) {
10910Sstevel@tonic-gate checkflags |= M_OBJECT;
10920Sstevel@tonic-gate } else if ((obj_flag & OBJ_PGROUP) &&
10930Sstevel@tonic-gate ((obj_group == egid) ||
10940Sstevel@tonic-gate (obj_group == rgid))) {
10950Sstevel@tonic-gate checkflags |= M_OBJECT;
10960Sstevel@tonic-gate } else if ((obj_flag & OBJ_POWNER) &&
10970Sstevel@tonic-gate ((obj_owner == euid) ||
10980Sstevel@tonic-gate (obj_group == ruid))) {
10990Sstevel@tonic-gate checkflags |= M_OBJECT;
11000Sstevel@tonic-gate }
11010Sstevel@tonic-gate }
11020Sstevel@tonic-gate return (-1);
11030Sstevel@tonic-gate }
11040Sstevel@tonic-gate
11050Sstevel@tonic-gate /*
110611866SJan.Friedel@Sun.COM * Format of process64_ex token:
11070Sstevel@tonic-gate * process token id adr_char
11080Sstevel@tonic-gate * auid adr_int32
11090Sstevel@tonic-gate * euid adr_int32
11100Sstevel@tonic-gate * egid adr_int32
11110Sstevel@tonic-gate * ruid adr_int32
11120Sstevel@tonic-gate * rgid adr_int32
11130Sstevel@tonic-gate * pid adr_int32
11140Sstevel@tonic-gate * sid adr_int32
111511866SJan.Friedel@Sun.COM * termid
111611866SJan.Friedel@Sun.COM * port adr_int64
111711866SJan.Friedel@Sun.COM * type adr_int32
111811866SJan.Friedel@Sun.COM * ip address adr_u_char*type
11190Sstevel@tonic-gate */
11200Sstevel@tonic-gate int
process64_ex_token(adr_t * adr)11210Sstevel@tonic-gate process64_ex_token(adr_t *adr)
11220Sstevel@tonic-gate {
11230Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid;
11240Sstevel@tonic-gate int32_t sid;
11250Sstevel@tonic-gate int64_t port;
112611866SJan.Friedel@Sun.COM int32_t type;
112711866SJan.Friedel@Sun.COM uchar_t addr[16];
11280Sstevel@tonic-gate
11290Sstevel@tonic-gate adrm_int32(adr, &auid, 1);
11300Sstevel@tonic-gate adrm_int32(adr, &euid, 1);
11310Sstevel@tonic-gate adrm_int32(adr, &egid, 1);
11320Sstevel@tonic-gate adrm_int32(adr, &ruid, 1);
11330Sstevel@tonic-gate adrm_int32(adr, &rgid, 1);
11340Sstevel@tonic-gate adrm_int32(adr, &pid, 1);
11350Sstevel@tonic-gate adrm_int32(adr, &sid, 1);
11360Sstevel@tonic-gate adrm_int64(adr, &port, 1);
11370Sstevel@tonic-gate adrm_int32(adr, &type, 1);
113811866SJan.Friedel@Sun.COM adrm_u_char(adr, addr, type);
11390Sstevel@tonic-gate
11400Sstevel@tonic-gate if (!new_mode && (flags & M_USERA)) {
11410Sstevel@tonic-gate if (m_usera == auid)
11420Sstevel@tonic-gate checkflags = checkflags | M_USERA;
11430Sstevel@tonic-gate }
11440Sstevel@tonic-gate if (!new_mode && (flags & M_USERE)) {
11450Sstevel@tonic-gate if (m_usere == euid)
11460Sstevel@tonic-gate checkflags = checkflags | M_USERE;
11470Sstevel@tonic-gate }
11480Sstevel@tonic-gate if (!new_mode && (flags & M_USERR)) {
11490Sstevel@tonic-gate if (m_userr == ruid)
11500Sstevel@tonic-gate checkflags = checkflags | M_USERR;
11510Sstevel@tonic-gate }
11520Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPR)) {
11530Sstevel@tonic-gate if (m_groupr == egid)
11540Sstevel@tonic-gate checkflags = checkflags | M_GROUPR;
11550Sstevel@tonic-gate }
11560Sstevel@tonic-gate if (!new_mode && (flags & M_GROUPE)) {
11570Sstevel@tonic-gate if (m_groupe == egid)
11580Sstevel@tonic-gate checkflags = checkflags | M_GROUPE;
11590Sstevel@tonic-gate }
11600Sstevel@tonic-gate
11610Sstevel@tonic-gate if (flags & M_OBJECT) {
11620Sstevel@tonic-gate if ((obj_flag & OBJ_PROC) &&
11630Sstevel@tonic-gate (obj_id == pid)) {
11640Sstevel@tonic-gate checkflags = checkflags | M_OBJECT;
11650Sstevel@tonic-gate } else if ((obj_flag & OBJ_PGROUP) &&
11660Sstevel@tonic-gate ((obj_group == egid) ||
11670Sstevel@tonic-gate (obj_group == rgid))) {
11680Sstevel@tonic-gate checkflags = checkflags | M_OBJECT;
11690Sstevel@tonic-gate } else if ((obj_flag & OBJ_POWNER) &&
11700Sstevel@tonic-gate ((obj_owner == euid) ||
11710Sstevel@tonic-gate (obj_group == ruid))) {
11720Sstevel@tonic-gate checkflags = checkflags | M_OBJECT;
11730Sstevel@tonic-gate }
11740Sstevel@tonic-gate }
11750Sstevel@tonic-gate return (-1);
11760Sstevel@tonic-gate }
11770Sstevel@tonic-gate
11780Sstevel@tonic-gate /*
11790Sstevel@tonic-gate * Format of System V IPC token:
11800Sstevel@tonic-gate * System V IPC token id adr_char
11810Sstevel@tonic-gate * object id adr_int32
11820Sstevel@tonic-gate */
11830Sstevel@tonic-gate int
s5_IPC_token(adr_t * adr)11840Sstevel@tonic-gate s5_IPC_token(adr_t *adr)
11850Sstevel@tonic-gate {
11860Sstevel@tonic-gate int32_t ipc_id;
11870Sstevel@tonic-gate
11880Sstevel@tonic-gate adrm_char(adr, &ipc_type, 1); /* Global */
11890Sstevel@tonic-gate adrm_int32(adr, &ipc_id, 1);
11900Sstevel@tonic-gate
11910Sstevel@tonic-gate if ((flags & M_OBJECT) &&
11920Sstevel@tonic-gate ipc_type_match(obj_flag, ipc_type) &&
11930Sstevel@tonic-gate (obj_id == ipc_id))
11940Sstevel@tonic-gate checkflags |= M_OBJECT;
11950Sstevel@tonic-gate
11960Sstevel@tonic-gate return (-1);
11970Sstevel@tonic-gate }
11980Sstevel@tonic-gate
11990Sstevel@tonic-gate
12000Sstevel@tonic-gate /*
12010Sstevel@tonic-gate * Format of socket token:
12020Sstevel@tonic-gate * socket_type adrm_short
12030Sstevel@tonic-gate * remote_port adrm_short
12040Sstevel@tonic-gate * remote_inaddr adrm_int32
12050Sstevel@tonic-gate */
12060Sstevel@tonic-gate int
socket_token(adr_t * adr)12070Sstevel@tonic-gate socket_token(adr_t *adr)
12080Sstevel@tonic-gate {
12090Sstevel@tonic-gate short socket_type;
12100Sstevel@tonic-gate short remote_port;
12110Sstevel@tonic-gate int32_t remote_inaddr;
12120Sstevel@tonic-gate
12130Sstevel@tonic-gate adrm_short(adr, &socket_type, 1);
12140Sstevel@tonic-gate adrm_short(adr, &remote_port, 1);
12150Sstevel@tonic-gate adrm_char(adr, (char *)&remote_inaddr, 4);
12160Sstevel@tonic-gate
12170Sstevel@tonic-gate if ((flags & M_OBJECT) && (obj_flag == OBJ_SOCK)) {
12180Sstevel@tonic-gate if (socket_flag == SOCKFLG_MACHINE) {
12190Sstevel@tonic-gate if (remote_inaddr == obj_id)
12200Sstevel@tonic-gate checkflags |= M_OBJECT;
12210Sstevel@tonic-gate } else if (socket_flag == SOCKFLG_PORT) {
12220Sstevel@tonic-gate if (remote_port == obj_id)
12230Sstevel@tonic-gate checkflags |= M_OBJECT;
12240Sstevel@tonic-gate }
12250Sstevel@tonic-gate }
12260Sstevel@tonic-gate return (-1);
12270Sstevel@tonic-gate }
12280Sstevel@tonic-gate
12290Sstevel@tonic-gate
12300Sstevel@tonic-gate /*
123111866SJan.Friedel@Sun.COM * Format of socket_ex token:
123211866SJan.Friedel@Sun.COM * socket_domain adrm_short
12330Sstevel@tonic-gate * socket_type adrm_short
123411866SJan.Friedel@Sun.COM * address_type adrm_short
123511866SJan.Friedel@Sun.COM * local_port adrm_short
123611866SJan.Friedel@Sun.COM * local_inaddr adrm_u_char*address_type
12370Sstevel@tonic-gate * remote_port adrm_short
123811866SJan.Friedel@Sun.COM * remote_inaddr adrm_u_char*address_type
12390Sstevel@tonic-gate */
12400Sstevel@tonic-gate int
socket_ex_token(adr_t * adr)12410Sstevel@tonic-gate socket_ex_token(adr_t *adr)
12420Sstevel@tonic-gate {
12430Sstevel@tonic-gate short socket_domain;
12440Sstevel@tonic-gate short socket_type;
12450Sstevel@tonic-gate short ip_size;
12460Sstevel@tonic-gate short local_port;
124711866SJan.Friedel@Sun.COM uchar_t local_inaddr[16];
12480Sstevel@tonic-gate short remote_port;
124911866SJan.Friedel@Sun.COM uchar_t remote_inaddr[16];
125011866SJan.Friedel@Sun.COM uchar_t *caddr = (uchar_t *)&obj_id;
12510Sstevel@tonic-gate
12520Sstevel@tonic-gate adrm_short(adr, &socket_domain, 1);
12530Sstevel@tonic-gate adrm_short(adr, &socket_type, 1);
12540Sstevel@tonic-gate adrm_short(adr, &ip_size, 1);
12550Sstevel@tonic-gate
12560Sstevel@tonic-gate /* validate ip size */
12570Sstevel@tonic-gate if ((ip_size != AU_IPv6) && (ip_size != AU_IPv4))
12580Sstevel@tonic-gate return (0);
12590Sstevel@tonic-gate
12600Sstevel@tonic-gate adrm_short(adr, &local_port, 1);
12610Sstevel@tonic-gate adrm_char(adr, (char *)local_inaddr, ip_size);
12620Sstevel@tonic-gate
12630Sstevel@tonic-gate adrm_short(adr, &remote_port, 1);
12640Sstevel@tonic-gate adrm_char(adr, (char *)remote_inaddr, ip_size);
12650Sstevel@tonic-gate
12660Sstevel@tonic-gate /* if IP type mis-match, then nothing to do */
12670Sstevel@tonic-gate if (ip_size != ip_type)
12680Sstevel@tonic-gate return (-1);
12690Sstevel@tonic-gate
12700Sstevel@tonic-gate if ((flags & M_OBJECT) && (obj_flag == OBJ_SOCK)) {
12710Sstevel@tonic-gate if (socket_flag == SOCKFLG_MACHINE) {
127211866SJan.Friedel@Sun.COM if (ip_type == AU_IPv6) {
127311866SJan.Friedel@Sun.COM caddr = (uchar_t *)ip_ipv6;
127411866SJan.Friedel@Sun.COM }
127511866SJan.Friedel@Sun.COM if ((memcmp(local_inaddr, caddr, ip_type) == 0) ||
127611866SJan.Friedel@Sun.COM (memcmp(remote_inaddr, caddr, ip_type) == 0)) {
127711866SJan.Friedel@Sun.COM checkflags |= M_OBJECT;
12780Sstevel@tonic-gate }
12790Sstevel@tonic-gate } else if (socket_flag == SOCKFLG_PORT) {
128011866SJan.Friedel@Sun.COM if ((local_port == obj_id) || (remote_port == obj_id)) {
12810Sstevel@tonic-gate checkflags |= M_OBJECT;
128211866SJan.Friedel@Sun.COM }
12830Sstevel@tonic-gate }
12840Sstevel@tonic-gate }
12850Sstevel@tonic-gate return (-1);
12860Sstevel@tonic-gate }
12870Sstevel@tonic-gate
12880Sstevel@tonic-gate
12890Sstevel@tonic-gate /*
12900Sstevel@tonic-gate * Format of subject32 token:
12910Sstevel@tonic-gate * subject token id adr_char
12920Sstevel@tonic-gate * auid adr_int32
12930Sstevel@tonic-gate * euid adr_int32
12940Sstevel@tonic-gate * egid adr_int32
12950Sstevel@tonic-gate * ruid adr_int32
12960Sstevel@tonic-gate * rgid adr_int32
12970Sstevel@tonic-gate * pid adr_int32
12980Sstevel@tonic-gate * sid adr_int32
12990Sstevel@tonic-gate * termid adr_int32*2
13000Sstevel@tonic-gate */
13010Sstevel@tonic-gate int
subject32_token(adr_t * adr)13020Sstevel@tonic-gate subject32_token(adr_t *adr)
13030Sstevel@tonic-gate {
13040Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid;
13050Sstevel@tonic-gate int32_t sid;
13060Sstevel@tonic-gate int32_t port, machine;
13070Sstevel@tonic-gate
13080Sstevel@tonic-gate adrm_int32(adr, &auid, 1);
13090Sstevel@tonic-gate adrm_int32(adr, &euid, 1);
13100Sstevel@tonic-gate adrm_int32(adr, &egid, 1);
13110Sstevel@tonic-gate adrm_int32(adr, &ruid, 1);
13120Sstevel@tonic-gate adrm_int32(adr, &rgid, 1);
13130Sstevel@tonic-gate adrm_int32(adr, &pid, 1);
13140Sstevel@tonic-gate adrm_int32(adr, &sid, 1);
13150Sstevel@tonic-gate adrm_int32(adr, &port, 1);
13160Sstevel@tonic-gate adrm_int32(adr, &machine, 1);
13170Sstevel@tonic-gate
13180Sstevel@tonic-gate if (flags & M_SUBJECT) {
13190Sstevel@tonic-gate if (subj_id == pid)
13200Sstevel@tonic-gate checkflags |= M_SUBJECT;
13210Sstevel@tonic-gate }
13220Sstevel@tonic-gate if (flags & M_USERA) {
13230Sstevel@tonic-gate if (m_usera == auid)
13240Sstevel@tonic-gate checkflags |= M_USERA;
13250Sstevel@tonic-gate }
13260Sstevel@tonic-gate if (flags & M_USERE) {
13270Sstevel@tonic-gate if (m_usere == euid)
13280Sstevel@tonic-gate checkflags |= M_USERE;
13290Sstevel@tonic-gate }
13300Sstevel@tonic-gate if (flags & M_USERR) {
13310Sstevel@tonic-gate if (m_userr == ruid)
13320Sstevel@tonic-gate checkflags |= M_USERR;
13330Sstevel@tonic-gate }
13340Sstevel@tonic-gate if (flags & M_GROUPR) {
13350Sstevel@tonic-gate if (m_groupr == rgid)
13360Sstevel@tonic-gate checkflags |= M_GROUPR;
13370Sstevel@tonic-gate }
13380Sstevel@tonic-gate if (flags & M_GROUPE) {
13390Sstevel@tonic-gate if (m_groupe == egid)
13400Sstevel@tonic-gate checkflags |= M_GROUPE;
13410Sstevel@tonic-gate }
1342601Sgww if (flags & M_SID) {
13437753STon.Nguyen@Sun.COM if (m_sid == (au_asid_t)sid)
1344601Sgww checkflags |= M_SID;
1345601Sgww }
13460Sstevel@tonic-gate return (-1);
13470Sstevel@tonic-gate }
13480Sstevel@tonic-gate
13490Sstevel@tonic-gate /*
13500Sstevel@tonic-gate * Format of subject32_ex token:
13510Sstevel@tonic-gate * subject token id adr_char
13520Sstevel@tonic-gate * auid adr_int32
13530Sstevel@tonic-gate * euid adr_int32
13540Sstevel@tonic-gate * egid adr_int32
13550Sstevel@tonic-gate * ruid adr_int32
13560Sstevel@tonic-gate * rgid adr_int32
13570Sstevel@tonic-gate * pid adr_int32
13580Sstevel@tonic-gate * sid adr_int32
135911866SJan.Friedel@Sun.COM * termid
136011866SJan.Friedel@Sun.COM * port adr_int32
136111866SJan.Friedel@Sun.COM * type adr_int32
136211866SJan.Friedel@Sun.COM * ip address adr_u_char*type
13630Sstevel@tonic-gate */
13640Sstevel@tonic-gate int
subject32_ex_token(adr_t * adr)13650Sstevel@tonic-gate subject32_ex_token(adr_t *adr)
13660Sstevel@tonic-gate {
13670Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid;
13680Sstevel@tonic-gate int32_t sid;
136911866SJan.Friedel@Sun.COM int32_t port, type;
137011866SJan.Friedel@Sun.COM uchar_t addr[16];
13710Sstevel@tonic-gate
13720Sstevel@tonic-gate adrm_int32(adr, &auid, 1);
13730Sstevel@tonic-gate adrm_int32(adr, &euid, 1);
13740Sstevel@tonic-gate adrm_int32(adr, &egid, 1);
13750Sstevel@tonic-gate adrm_int32(adr, &ruid, 1);
13760Sstevel@tonic-gate adrm_int32(adr, &rgid, 1);
13770Sstevel@tonic-gate adrm_int32(adr, &pid, 1);
13780Sstevel@tonic-gate adrm_int32(adr, &sid, 1);
13790Sstevel@tonic-gate adrm_int32(adr, &port, 1);
13800Sstevel@tonic-gate adrm_int32(adr, &type, 1);
138111866SJan.Friedel@Sun.COM adrm_u_char(adr, addr, type);
13820Sstevel@tonic-gate
13830Sstevel@tonic-gate if (flags & M_SUBJECT) {
13840Sstevel@tonic-gate if (subj_id == pid)
13850Sstevel@tonic-gate checkflags = checkflags | M_SUBJECT;
13860Sstevel@tonic-gate }
13870Sstevel@tonic-gate if (flags & M_USERA) {
13880Sstevel@tonic-gate if (m_usera == auid)
13890Sstevel@tonic-gate checkflags = checkflags | M_USERA;
13900Sstevel@tonic-gate }
13910Sstevel@tonic-gate if (flags & M_USERE) {
13920Sstevel@tonic-gate if (m_usere == euid)
13930Sstevel@tonic-gate checkflags = checkflags | M_USERE;
13940Sstevel@tonic-gate }
13950Sstevel@tonic-gate if (flags & M_USERR) {
13960Sstevel@tonic-gate if (m_userr == ruid)
13970Sstevel@tonic-gate checkflags = checkflags | M_USERR;
13980Sstevel@tonic-gate }
13990Sstevel@tonic-gate if (flags & M_GROUPR) {
14000Sstevel@tonic-gate if (m_groupr == egid)
14010Sstevel@tonic-gate checkflags = checkflags | M_GROUPR;
14020Sstevel@tonic-gate }
14030Sstevel@tonic-gate if (flags & M_GROUPE) {
14040Sstevel@tonic-gate if (m_groupe == egid)
14050Sstevel@tonic-gate checkflags = checkflags | M_GROUPE;
14060Sstevel@tonic-gate }
1407601Sgww if (flags & M_SID) {
14087753STon.Nguyen@Sun.COM if (m_sid == (au_asid_t)sid)
1409601Sgww checkflags = checkflags | M_SID;
1410601Sgww }
14110Sstevel@tonic-gate return (-1);
14120Sstevel@tonic-gate }
14130Sstevel@tonic-gate
14140Sstevel@tonic-gate /*
14150Sstevel@tonic-gate * Format of subject64 token:
14160Sstevel@tonic-gate * subject token id adr_char
14170Sstevel@tonic-gate * auid adr_int32
14180Sstevel@tonic-gate * euid adr_int32
14190Sstevel@tonic-gate * egid adr_int32
14200Sstevel@tonic-gate * ruid adr_int32
14210Sstevel@tonic-gate * rgid adr_int32
14220Sstevel@tonic-gate * pid adr_int32
14230Sstevel@tonic-gate * sid adr_int32
14240Sstevel@tonic-gate * termid adr_int64+adr_int32
14250Sstevel@tonic-gate */
14260Sstevel@tonic-gate int
subject64_token(adr_t * adr)14270Sstevel@tonic-gate subject64_token(adr_t *adr)
14280Sstevel@tonic-gate {
14290Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid;
14300Sstevel@tonic-gate int32_t sid;
14310Sstevel@tonic-gate int64_t port;
14320Sstevel@tonic-gate int32_t machine;
14330Sstevel@tonic-gate
14340Sstevel@tonic-gate adrm_int32(adr, &auid, 1);
14350Sstevel@tonic-gate adrm_int32(adr, &euid, 1);
14360Sstevel@tonic-gate adrm_int32(adr, &egid, 1);
14370Sstevel@tonic-gate adrm_int32(adr, &ruid, 1);
14380Sstevel@tonic-gate adrm_int32(adr, &rgid, 1);
14390Sstevel@tonic-gate adrm_int32(adr, &pid, 1);
14400Sstevel@tonic-gate adrm_int32(adr, &sid, 1);
14410Sstevel@tonic-gate adrm_int64(adr, &port, 1);
14420Sstevel@tonic-gate adrm_int32(adr, &machine, 1);
14430Sstevel@tonic-gate
14440Sstevel@tonic-gate if (flags & M_SUBJECT) {
14450Sstevel@tonic-gate if (subj_id == pid)
14460Sstevel@tonic-gate checkflags |= M_SUBJECT;
14470Sstevel@tonic-gate }
14480Sstevel@tonic-gate if (flags & M_USERA) {
14490Sstevel@tonic-gate if (m_usera == auid)
14500Sstevel@tonic-gate checkflags |= M_USERA;
14510Sstevel@tonic-gate }
14520Sstevel@tonic-gate if (flags & M_USERE) {
14530Sstevel@tonic-gate if (m_usere == euid)
14540Sstevel@tonic-gate checkflags |= M_USERE;
14550Sstevel@tonic-gate }
14560Sstevel@tonic-gate if (flags & M_USERR) {
14570Sstevel@tonic-gate if (m_userr == ruid)
14580Sstevel@tonic-gate checkflags |= M_USERR;
14590Sstevel@tonic-gate }
14600Sstevel@tonic-gate if (flags & M_GROUPR) {
14610Sstevel@tonic-gate if (m_groupr == rgid)
14620Sstevel@tonic-gate checkflags |= M_GROUPR;
14630Sstevel@tonic-gate }
14640Sstevel@tonic-gate if (flags & M_GROUPE) {
14650Sstevel@tonic-gate if (m_groupe == egid)
14660Sstevel@tonic-gate checkflags |= M_GROUPE;
14670Sstevel@tonic-gate }
1468601Sgww if (flags & M_SID) {
14697753STon.Nguyen@Sun.COM if (m_sid == (au_asid_t)sid)
1470601Sgww checkflags |= M_SID;
1471601Sgww }
14720Sstevel@tonic-gate return (-1);
14730Sstevel@tonic-gate }
14740Sstevel@tonic-gate
14750Sstevel@tonic-gate /*
147611866SJan.Friedel@Sun.COM * Format of subject64_ex token:
14770Sstevel@tonic-gate * subject token id adr_char
14780Sstevel@tonic-gate * auid adr_int32
14790Sstevel@tonic-gate * euid adr_int32
14800Sstevel@tonic-gate * egid adr_int32
14810Sstevel@tonic-gate * ruid adr_int32
14820Sstevel@tonic-gate * rgid adr_int32
14830Sstevel@tonic-gate * pid adr_int32
14840Sstevel@tonic-gate * sid adr_int32
148511866SJan.Friedel@Sun.COM * termid
148611866SJan.Friedel@Sun.COM * port adr_int64
148711866SJan.Friedel@Sun.COM * type adr_int32
148811866SJan.Friedel@Sun.COM * ip address adr_u_char*type
14890Sstevel@tonic-gate */
14900Sstevel@tonic-gate int
subject64_ex_token(adr_t * adr)14910Sstevel@tonic-gate subject64_ex_token(adr_t *adr)
14920Sstevel@tonic-gate {
14930Sstevel@tonic-gate int32_t auid, euid, egid, ruid, rgid, pid;
14940Sstevel@tonic-gate int32_t sid;
14950Sstevel@tonic-gate int64_t port;
149611866SJan.Friedel@Sun.COM int32_t type;
149711866SJan.Friedel@Sun.COM uchar_t addr[16];
14980Sstevel@tonic-gate
14990Sstevel@tonic-gate adrm_int32(adr, &auid, 1);
15000Sstevel@tonic-gate adrm_int32(adr, &euid, 1);
15010Sstevel@tonic-gate adrm_int32(adr, &egid, 1);
15020Sstevel@tonic-gate adrm_int32(adr, &ruid, 1);
15030Sstevel@tonic-gate adrm_int32(adr, &rgid, 1);
15040Sstevel@tonic-gate adrm_int32(adr, &pid, 1);
15050Sstevel@tonic-gate adrm_int32(adr, &sid, 1);
15060Sstevel@tonic-gate adrm_int64(adr, &port, 1);
15070Sstevel@tonic-gate adrm_int32(adr, &type, 1);
150811866SJan.Friedel@Sun.COM adrm_u_char(adr, addr, type);
15090Sstevel@tonic-gate
15100Sstevel@tonic-gate if (flags & M_SUBJECT) {
15110Sstevel@tonic-gate if (subj_id == pid)
15120Sstevel@tonic-gate checkflags = checkflags | M_SUBJECT;
15130Sstevel@tonic-gate }
15140Sstevel@tonic-gate if (flags & M_USERA) {
15150Sstevel@tonic-gate if (m_usera == auid)
15160Sstevel@tonic-gate checkflags = checkflags | M_USERA;
15170Sstevel@tonic-gate }
15180Sstevel@tonic-gate if (flags & M_USERE) {
15190Sstevel@tonic-gate if (m_usere == euid)
15200Sstevel@tonic-gate checkflags = checkflags | M_USERE;
15210Sstevel@tonic-gate }
15220Sstevel@tonic-gate if (flags & M_USERR) {
15230Sstevel@tonic-gate if (m_userr == ruid)
15240Sstevel@tonic-gate checkflags = checkflags | M_USERR;
15250Sstevel@tonic-gate }
15260Sstevel@tonic-gate if (flags & M_GROUPR) {
15270Sstevel@tonic-gate if (m_groupr == egid)
15280Sstevel@tonic-gate checkflags = checkflags | M_GROUPR;
15290Sstevel@tonic-gate }
15300Sstevel@tonic-gate if (flags & M_GROUPE) {
15310Sstevel@tonic-gate if (m_groupe == egid)
15320Sstevel@tonic-gate checkflags = checkflags | M_GROUPE;
15330Sstevel@tonic-gate }
1534601Sgww if (flags & M_SID) {
15357753STon.Nguyen@Sun.COM if (m_sid == (au_asid_t)sid)
1536601Sgww checkflags = checkflags | M_SID;
1537601Sgww }
15380Sstevel@tonic-gate return (-1);
15390Sstevel@tonic-gate }
15400Sstevel@tonic-gate
15410Sstevel@tonic-gate /*
15420Sstevel@tonic-gate * -----------------------------------------------------------------------
15430Sstevel@tonic-gate * tid_token(): Process tid token and display contents
15440Sstevel@tonic-gate *
15450Sstevel@tonic-gate * Format of tid token:
15460Sstevel@tonic-gate * tid token id adr_char
15470Sstevel@tonic-gate * address type adr_char
15480Sstevel@tonic-gate * For address type of AU_IPADR...
15490Sstevel@tonic-gate * remote port adr_short
15500Sstevel@tonic-gate * local port adr_short
15510Sstevel@tonic-gate * IP type adr_int32
15520Sstevel@tonic-gate * IP addr adr_int32 if IPv4
15530Sstevel@tonic-gate * IP addr 4 x adr_int32 if IPv6
15540Sstevel@tonic-gate * address types other than AU_IPADR are not yet defined
15550Sstevel@tonic-gate * -----------------------------------------------------------------------
15560Sstevel@tonic-gate */
15570Sstevel@tonic-gate int
tid_token(adr_t * adr)15580Sstevel@tonic-gate tid_token(adr_t *adr)
15590Sstevel@tonic-gate {
15600Sstevel@tonic-gate int32_t address[4];
15610Sstevel@tonic-gate int32_t ip_type;
15620Sstevel@tonic-gate char tid_type;
15630Sstevel@tonic-gate short rport;
15640Sstevel@tonic-gate short lport;
15650Sstevel@tonic-gate
15660Sstevel@tonic-gate adrm_char(adr, &tid_type, 1);
15670Sstevel@tonic-gate switch (tid_type) {
15680Sstevel@tonic-gate case AU_IPADR:
15690Sstevel@tonic-gate adrm_short(adr, &rport, 1);
15700Sstevel@tonic-gate adrm_short(adr, &lport, 1);
15710Sstevel@tonic-gate adrm_int32(adr, &ip_type, 1);
15720Sstevel@tonic-gate adrm_char(adr, (char *)&address, ip_type);
15730Sstevel@tonic-gate break;
15740Sstevel@tonic-gate default:
15750Sstevel@tonic-gate return (0);
15760Sstevel@tonic-gate }
15770Sstevel@tonic-gate return (-1);
15780Sstevel@tonic-gate }
15790Sstevel@tonic-gate
15800Sstevel@tonic-gate /*
15810Sstevel@tonic-gate * -----------------------------------------------------------------------
15820Sstevel@tonic-gate * zonename_token(): Process zonename token and display contents
15830Sstevel@tonic-gate *
15840Sstevel@tonic-gate * Format of zonename token:
15850Sstevel@tonic-gate * zonename token id adr_char
15860Sstevel@tonic-gate * zone name adr_string
15870Sstevel@tonic-gate * -----------------------------------------------------------------------
15880Sstevel@tonic-gate */
15890Sstevel@tonic-gate int
zonename_token(adr_t * adr)15900Sstevel@tonic-gate zonename_token(adr_t *adr)
15910Sstevel@tonic-gate {
15920Sstevel@tonic-gate char *name;
15930Sstevel@tonic-gate
15940Sstevel@tonic-gate if (flags & M_ZONENAME) {
15950Sstevel@tonic-gate get_string(adr, &name);
15960Sstevel@tonic-gate if (strncmp(zonename, name, ZONENAME_MAX) == 0)
15970Sstevel@tonic-gate checkflags |= M_ZONENAME;
15980Sstevel@tonic-gate free(name);
15990Sstevel@tonic-gate } else {
16000Sstevel@tonic-gate skip_string(adr);
16010Sstevel@tonic-gate }
16020Sstevel@tonic-gate return (-1);
16030Sstevel@tonic-gate }
16040Sstevel@tonic-gate
16050Sstevel@tonic-gate /*
16061780Sgww * fmri_token():
16071780Sgww *
16081780Sgww * Format of fmri token:
16091780Sgww * fmri adr_string
16101780Sgww */
16111780Sgww int
fmri_token(adr_t * adr)16121780Sgww fmri_token(adr_t *adr)
16131780Sgww {
16141780Sgww if ((flags & M_OBJECT) && (obj_flag == OBJ_FMRI)) {
16151780Sgww char *fmri_name;
16161780Sgww
16171780Sgww get_string(adr, &fmri_name);
16181780Sgww
16191780Sgww /* match token against service instance */
16201780Sgww if (scf_cmp_pattern(fmri_name, &fmri) == 1) {
16211780Sgww checkflags |= M_OBJECT;
16221780Sgww }
16231780Sgww free(fmri_name);
16241780Sgww } else {
16251780Sgww skip_string(adr);
16261780Sgww }
16271780Sgww return (-1);
16281780Sgww }
16291780Sgww
16301780Sgww /*
16310Sstevel@tonic-gate * Format of xatom token:
16320Sstevel@tonic-gate */
16330Sstevel@tonic-gate int
xatom_token(adr_t * adr)16340Sstevel@tonic-gate xatom_token(adr_t *adr)
16350Sstevel@tonic-gate {
16360Sstevel@tonic-gate skip_string(adr);
16370Sstevel@tonic-gate
16380Sstevel@tonic-gate return (-1);
16390Sstevel@tonic-gate }
16400Sstevel@tonic-gate
16410Sstevel@tonic-gate /*
16420Sstevel@tonic-gate * Format of xselect token:
16430Sstevel@tonic-gate */
16440Sstevel@tonic-gate int
xselect_token(adr_t * adr)16450Sstevel@tonic-gate xselect_token(adr_t *adr)
16460Sstevel@tonic-gate {
16470Sstevel@tonic-gate skip_string(adr);
16480Sstevel@tonic-gate skip_string(adr);
16490Sstevel@tonic-gate skip_string(adr);
16500Sstevel@tonic-gate
16510Sstevel@tonic-gate return (-1);
16520Sstevel@tonic-gate }
16530Sstevel@tonic-gate
16540Sstevel@tonic-gate /*
16550Sstevel@tonic-gate * anchor a path name with a slash
16560Sstevel@tonic-gate * assume we have enough space
16570Sstevel@tonic-gate */
16580Sstevel@tonic-gate void
anchor_path(char * path)16590Sstevel@tonic-gate anchor_path(char *path)
16600Sstevel@tonic-gate {
16610Sstevel@tonic-gate (void) memmove((void *)(path + 1), (void *)path, strlen(path) + 1);
16620Sstevel@tonic-gate *path = '/';
16630Sstevel@tonic-gate }
16640Sstevel@tonic-gate
16650Sstevel@tonic-gate
16660Sstevel@tonic-gate /*
16670Sstevel@tonic-gate * copy path to collapsed path.
16680Sstevel@tonic-gate * collapsed path does not contain:
16690Sstevel@tonic-gate * successive slashes
16700Sstevel@tonic-gate * instances of dot-slash
16710Sstevel@tonic-gate * instances of dot-dot-slash
16720Sstevel@tonic-gate * passed path must be anchored with a '/'
16730Sstevel@tonic-gate */
16740Sstevel@tonic-gate char *
collapse_path(char * s)16750Sstevel@tonic-gate collapse_path(char *s)
16760Sstevel@tonic-gate {
16770Sstevel@tonic-gate int id; /* index of where we are in destination string */
16780Sstevel@tonic-gate int is; /* index of where we are in source string */
16790Sstevel@tonic-gate int slashseen; /* have we seen a slash */
16800Sstevel@tonic-gate int ls; /* length of source string */
16810Sstevel@tonic-gate
16820Sstevel@tonic-gate ls = strlen(s) + 1;
16830Sstevel@tonic-gate
16840Sstevel@tonic-gate slashseen = 0;
16850Sstevel@tonic-gate for (is = 0, id = 0; is < ls; is++) {
16860Sstevel@tonic-gate /* thats all folks, we've reached the end of input */
16870Sstevel@tonic-gate if (s[is] == '\0') {
16880Sstevel@tonic-gate if (id > 1 && s[id-1] == '/') {
16890Sstevel@tonic-gate --id;
16900Sstevel@tonic-gate }
16910Sstevel@tonic-gate s[id++] = '\0';
16920Sstevel@tonic-gate break;
16930Sstevel@tonic-gate }
16940Sstevel@tonic-gate /* previous character was a / */
16950Sstevel@tonic-gate if (slashseen) {
16960Sstevel@tonic-gate if (s[is] == '/')
16970Sstevel@tonic-gate continue; /* another slash, ignore it */
16980Sstevel@tonic-gate } else if (s[is] == '/') {
16990Sstevel@tonic-gate /* we see a /, just copy it and try again */
17000Sstevel@tonic-gate slashseen = 1;
17010Sstevel@tonic-gate s[id++] = '/';
17020Sstevel@tonic-gate continue;
17030Sstevel@tonic-gate }
17040Sstevel@tonic-gate /* /./ seen */
17050Sstevel@tonic-gate if (s[is] == '.' && s[is+1] == '/') {
17060Sstevel@tonic-gate is += 1;
17070Sstevel@tonic-gate continue;
17080Sstevel@tonic-gate }
17090Sstevel@tonic-gate /* XXX/. seen */
17100Sstevel@tonic-gate if (s[is] == '.' && s[is+1] == '\0') {
17110Sstevel@tonic-gate if (id > 1)
17120Sstevel@tonic-gate id--;
17130Sstevel@tonic-gate continue;
17140Sstevel@tonic-gate }
17150Sstevel@tonic-gate /* XXX/.. seen */
17160Sstevel@tonic-gate if (s[is] == '.' && s[is+1] == '.' && s[is+2] == '\0') {
17170Sstevel@tonic-gate is += 1;
17180Sstevel@tonic-gate if (id > 0)
17190Sstevel@tonic-gate id--;
17205344Stz204579 while (id > 0 && s[--id] != '/')
17215344Stz204579 ;
17220Sstevel@tonic-gate id++;
17230Sstevel@tonic-gate continue;
17240Sstevel@tonic-gate }
17250Sstevel@tonic-gate /* XXX/../ seen */
17260Sstevel@tonic-gate if (s[is] == '.' && s[is+1] == '.' && s[is+2] == '/') {
17270Sstevel@tonic-gate is += 2;
17280Sstevel@tonic-gate if (id > 0)
17290Sstevel@tonic-gate id--;
17305344Stz204579 while (id > 0 && s[--id] != '/')
17315344Stz204579 ;
17320Sstevel@tonic-gate id++;
17330Sstevel@tonic-gate continue;
17340Sstevel@tonic-gate }
17355344Stz204579 while (is < ls && (s[id++] = s[is++]) != '/')
17365344Stz204579 ;
17370Sstevel@tonic-gate is--;
17380Sstevel@tonic-gate }
17390Sstevel@tonic-gate return (s);
17400Sstevel@tonic-gate }
17410Sstevel@tonic-gate
17420Sstevel@tonic-gate
17430Sstevel@tonic-gate int
ipc_type_match(int flag,char type)17440Sstevel@tonic-gate ipc_type_match(int flag, char type)
17450Sstevel@tonic-gate {
17460Sstevel@tonic-gate if (flag == OBJ_SEM && type == AT_IPC_SEM)
17470Sstevel@tonic-gate return (1);
17480Sstevel@tonic-gate
17490Sstevel@tonic-gate if (flag == OBJ_MSG && type == AT_IPC_MSG)
17500Sstevel@tonic-gate return (1);
17510Sstevel@tonic-gate
17520Sstevel@tonic-gate if (flag == OBJ_SHM && type == AT_IPC_SHM)
17530Sstevel@tonic-gate return (1);
17540Sstevel@tonic-gate
17550Sstevel@tonic-gate return (0);
17560Sstevel@tonic-gate }
17570Sstevel@tonic-gate
17580Sstevel@tonic-gate
17590Sstevel@tonic-gate void
skip_string(adr_t * adr)17600Sstevel@tonic-gate skip_string(adr_t *adr)
17610Sstevel@tonic-gate {
17620Sstevel@tonic-gate ushort_t c;
17630Sstevel@tonic-gate
17640Sstevel@tonic-gate adrm_u_short(adr, &c, 1);
17650Sstevel@tonic-gate adr->adr_now += c;
17660Sstevel@tonic-gate }
17670Sstevel@tonic-gate
17680Sstevel@tonic-gate
17690Sstevel@tonic-gate void
get_string(adr_t * adr,char ** p)17700Sstevel@tonic-gate get_string(adr_t *adr, char **p)
17710Sstevel@tonic-gate {
17720Sstevel@tonic-gate ushort_t c;
17730Sstevel@tonic-gate
17740Sstevel@tonic-gate adrm_u_short(adr, &c, 1);
17750Sstevel@tonic-gate *p = a_calloc(1, (size_t)c);
17760Sstevel@tonic-gate adrm_char(adr, *p, c);
17770Sstevel@tonic-gate }
17780Sstevel@tonic-gate
17790Sstevel@tonic-gate
17800Sstevel@tonic-gate /*
17810Sstevel@tonic-gate * Format of host token:
17820Sstevel@tonic-gate * host ard_uint32
17830Sstevel@tonic-gate */
17840Sstevel@tonic-gate int
host_token(adr_t * adr)17850Sstevel@tonic-gate host_token(adr_t *adr)
17860Sstevel@tonic-gate {
17870Sstevel@tonic-gate uint32_t host;
17880Sstevel@tonic-gate
17890Sstevel@tonic-gate adrm_u_int32(adr, &host, 1);
17900Sstevel@tonic-gate
17910Sstevel@tonic-gate return (-1);
17920Sstevel@tonic-gate }
17930Sstevel@tonic-gate
17940Sstevel@tonic-gate /*
17950Sstevel@tonic-gate * Format of useofauth token:
17960Sstevel@tonic-gate * uauth token id adr_char
17970Sstevel@tonic-gate * uauth adr_string
17980Sstevel@tonic-gate */
17990Sstevel@tonic-gate int
useofauth_token(adr_t * adr)18000Sstevel@tonic-gate useofauth_token(adr_t *adr)
18010Sstevel@tonic-gate {
18020Sstevel@tonic-gate skip_string(adr);
18030Sstevel@tonic-gate return (-1);
18040Sstevel@tonic-gate }
18050Sstevel@tonic-gate
1806*11893Sgww@eng.sun.com /*
1807*11893Sgww@eng.sun.com * Format of user token:
1808*11893Sgww@eng.sun.com * user token id adr_char
1809*11893Sgww@eng.sun.com * uid adr_uid
1810*11893Sgww@eng.sun.com * username adr_string
1811*11893Sgww@eng.sun.com */
1812*11893Sgww@eng.sun.com int
user_token(adr_t * adr)1813*11893Sgww@eng.sun.com user_token(adr_t *adr)
1814*11893Sgww@eng.sun.com {
1815*11893Sgww@eng.sun.com uid_t uid;
1816*11893Sgww@eng.sun.com
1817*11893Sgww@eng.sun.com adrm_uid(adr, &uid, 1);
1818*11893Sgww@eng.sun.com skip_string(adr);
1819*11893Sgww@eng.sun.com
1820*11893Sgww@eng.sun.com if ((flags & M_OBJECT) && (obj_flag == OBJ_USER) &&
1821*11893Sgww@eng.sun.com (uid == obj_user)) {
1822*11893Sgww@eng.sun.com checkflags |= M_OBJECT;
1823*11893Sgww@eng.sun.com }
1824*11893Sgww@eng.sun.com
1825*11893Sgww@eng.sun.com return (-1);
1826*11893Sgww@eng.sun.com }
1827*11893Sgww@eng.sun.com
18280Sstevel@tonic-gate int
xcolormap_token(adr_t * adr)18290Sstevel@tonic-gate xcolormap_token(adr_t *adr)
18300Sstevel@tonic-gate {
18310Sstevel@tonic-gate return (xgeneric(adr));
18320Sstevel@tonic-gate }
18330Sstevel@tonic-gate
18340Sstevel@tonic-gate int
xcursor_token(adr_t * adr)18350Sstevel@tonic-gate xcursor_token(adr_t *adr)
18360Sstevel@tonic-gate {
18370Sstevel@tonic-gate return (xgeneric(adr));
18380Sstevel@tonic-gate }
18390Sstevel@tonic-gate
18400Sstevel@tonic-gate int
xfont_token(adr_t * adr)18410Sstevel@tonic-gate xfont_token(adr_t *adr)
18420Sstevel@tonic-gate {
18430Sstevel@tonic-gate return (xgeneric(adr));
18440Sstevel@tonic-gate }
18450Sstevel@tonic-gate
18460Sstevel@tonic-gate int
xgc_token(adr_t * adr)18470Sstevel@tonic-gate xgc_token(adr_t *adr)
18480Sstevel@tonic-gate {
18490Sstevel@tonic-gate return (xgeneric(adr));
18500Sstevel@tonic-gate }
18510Sstevel@tonic-gate
18520Sstevel@tonic-gate int
xpixmap_token(adr_t * adr)18530Sstevel@tonic-gate xpixmap_token(adr_t *adr)
18540Sstevel@tonic-gate {
18550Sstevel@tonic-gate return (xgeneric(adr));
18560Sstevel@tonic-gate }
18570Sstevel@tonic-gate
18580Sstevel@tonic-gate int
xwindow_token(adr_t * adr)18590Sstevel@tonic-gate xwindow_token(adr_t *adr)
18600Sstevel@tonic-gate {
18610Sstevel@tonic-gate return (xgeneric(adr));
18620Sstevel@tonic-gate }
18630Sstevel@tonic-gate
18640Sstevel@tonic-gate
18650Sstevel@tonic-gate /*
18660Sstevel@tonic-gate * Format of xgeneric token:
18670Sstevel@tonic-gate * XID adr_int32
18680Sstevel@tonic-gate * creator UID adr_int32
18690Sstevel@tonic-gate *
18700Sstevel@tonic-gate * Includes: xcolormap, xcursor, xfont, xgc, xpixmap, and xwindow
18710Sstevel@tonic-gate */
18720Sstevel@tonic-gate int
xgeneric(adr_t * adr)18730Sstevel@tonic-gate xgeneric(adr_t *adr)
18740Sstevel@tonic-gate {
18750Sstevel@tonic-gate int32_t xid;
18760Sstevel@tonic-gate int32_t uid;
18770Sstevel@tonic-gate
18780Sstevel@tonic-gate adrm_int32(adr, &xid, 1);
18790Sstevel@tonic-gate adrm_int32(adr, &uid, 1);
18800Sstevel@tonic-gate
18810Sstevel@tonic-gate if (flags & M_USERE) {
18820Sstevel@tonic-gate if (m_usere == uid)
18830Sstevel@tonic-gate checkflags = checkflags | M_USERE;
18840Sstevel@tonic-gate }
18850Sstevel@tonic-gate
18860Sstevel@tonic-gate return (-1);
18870Sstevel@tonic-gate }
18880Sstevel@tonic-gate
18890Sstevel@tonic-gate
18900Sstevel@tonic-gate /*
18910Sstevel@tonic-gate * Format of xproperty token:
18920Sstevel@tonic-gate * XID adr_int32
18930Sstevel@tonic-gate * creator UID adr_int32
18940Sstevel@tonic-gate * atom string adr_string
18950Sstevel@tonic-gate */
18960Sstevel@tonic-gate int
xproperty_token(adr_t * adr)18970Sstevel@tonic-gate xproperty_token(adr_t *adr)
18980Sstevel@tonic-gate {
18990Sstevel@tonic-gate int32_t xid;
19000Sstevel@tonic-gate int32_t uid;
19010Sstevel@tonic-gate
19020Sstevel@tonic-gate adrm_int32(adr, &xid, 1);
19030Sstevel@tonic-gate adrm_int32(adr, &uid, 1);
19040Sstevel@tonic-gate skip_string(adr);
19050Sstevel@tonic-gate
19060Sstevel@tonic-gate if (flags & M_USERE) {
19070Sstevel@tonic-gate if (m_usere == uid)
19080Sstevel@tonic-gate checkflags = checkflags | M_USERE;
19090Sstevel@tonic-gate }
19100Sstevel@tonic-gate
19110Sstevel@tonic-gate return (-1);
19120Sstevel@tonic-gate }
19130Sstevel@tonic-gate
19140Sstevel@tonic-gate
19150Sstevel@tonic-gate /*
19160Sstevel@tonic-gate * Format of xclient token:
19170Sstevel@tonic-gate * xclient id adr_int32
19180Sstevel@tonic-gate */
19190Sstevel@tonic-gate int
xclient_token(adr_t * adr)19200Sstevel@tonic-gate xclient_token(adr_t *adr)
19210Sstevel@tonic-gate {
19220Sstevel@tonic-gate int32_t client_id;
19230Sstevel@tonic-gate
19240Sstevel@tonic-gate adrm_int32(adr, &client_id, 1);
19250Sstevel@tonic-gate
19260Sstevel@tonic-gate return (-1);
19270Sstevel@tonic-gate }
19280Sstevel@tonic-gate
19290Sstevel@tonic-gate /*
19300Sstevel@tonic-gate * Format of privilege set token:
19310Sstevel@tonic-gate * priv_set type string
19320Sstevel@tonic-gate * priv_set string
19330Sstevel@tonic-gate */
19340Sstevel@tonic-gate
19350Sstevel@tonic-gate int
privilege_token(adr_t * adr)19360Sstevel@tonic-gate privilege_token(adr_t *adr)
19370Sstevel@tonic-gate {
19380Sstevel@tonic-gate skip_string(adr); /* set type name */
19390Sstevel@tonic-gate skip_string(adr); /* privilege set */
19400Sstevel@tonic-gate return (-1);
19410Sstevel@tonic-gate }
19420Sstevel@tonic-gate
19430Sstevel@tonic-gate /*
19442101Sgww * Format of label token:
19452101Sgww * label ID 1 byte
19462101Sgww * compartment length 1 byte
19472101Sgww * classification 2 bytes
19482101Sgww * compartment words <compartment length> * 4 bytes
19490Sstevel@tonic-gate */
19500Sstevel@tonic-gate int
label_token(adr_t * adr)19512101Sgww label_token(adr_t *adr)
19520Sstevel@tonic-gate {
19532101Sgww static m_label_t *label = NULL;
19549112STon.Nguyen@Sun.COM static size32_t l_size;
19552101Sgww int len;
19562101Sgww
19572101Sgww if (label == NULL) {
19582101Sgww label = m_label_alloc(MAC_LABEL);
19592101Sgww l_size = blabel_size() - 4;
19602101Sgww }
19612101Sgww
19622101Sgww if (label == NULL) {
19632101Sgww /* out of memory, should never happen; skip label */
19642101Sgww char l; /* length */
19650Sstevel@tonic-gate
19662101Sgww adr->adr_now += sizeof (char);
19672101Sgww adrm_char(adr, (char *)&l, 1);
19682101Sgww adr->adr_now += sizeof (short) + (4 * l);
19692101Sgww return (-1);
19702101Sgww }
19712101Sgww
19722101Sgww adrm_char(adr, (char *)label, 4);
19732101Sgww len = (int)(((char *)label)[1] * 4);
19742101Sgww if (len > l_size) {
19752101Sgww return (-1);
19762101Sgww }
19772101Sgww adrm_char(adr, &((char *)label)[4], len);
19780Sstevel@tonic-gate
19791676Sjpk if (flags & M_LABEL) {
19802101Sgww if (blinrange(label, m_label))
19811676Sjpk checkflags = checkflags | M_LABEL;
19820Sstevel@tonic-gate }
19830Sstevel@tonic-gate
19840Sstevel@tonic-gate return (-1);
19850Sstevel@tonic-gate }
19860Sstevel@tonic-gate
19870Sstevel@tonic-gate
19880Sstevel@tonic-gate /*
19890Sstevel@tonic-gate * Format of useofpriv token:
19900Sstevel@tonic-gate * success/failure adr_char
19910Sstevel@tonic-gate * privilege(s) adr_string
19920Sstevel@tonic-gate */
19930Sstevel@tonic-gate /* ARGSUSED */
19940Sstevel@tonic-gate int
useofpriv_token(adr_t * adr)19950Sstevel@tonic-gate useofpriv_token(adr_t *adr)
19960Sstevel@tonic-gate {
19970Sstevel@tonic-gate char flag;
19980Sstevel@tonic-gate
19990Sstevel@tonic-gate adrm_char(adr, &flag, 1);
20000Sstevel@tonic-gate skip_string(adr);
20010Sstevel@tonic-gate return (-1);
20020Sstevel@tonic-gate }
2003