aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRobert Watson <rwatson@FreeBSD.org>2006-06-27 18:06:41 +0000
committerRobert Watson <rwatson@FreeBSD.org>2006-06-27 18:06:41 +0000
commitd9af45c4c898a89dbf1afe83446e003126dbf48b (patch)
treee75771e43b8b10a3afb7a3dbbe6f2bc79e8214a1
parent506764c6f65f497f91be0d771f4ae9fb3b9131aa (diff)
downloadsrc-d9af45c4c898a89dbf1afe83446e003126dbf48b.tar.gz
src-d9af45c4c898a89dbf1afe83446e003126dbf48b.zip
Vendor import of OpenBSM 1.0 alpha 7, with the following change history
notes: - Adopted Solaris-compatible format for subject32_ex and subject64_ex tokens, which previously did not correctly implement variable length address storage. - Prefer inttypes.h to stdint.h; enhance queue.h detection to test for TAILQ_FOREACH_SAFE(), which is present in recent BSD queue.h's, but not older ones. OpenBSM now builds on some FreeBSD 4.x version. - New event types for extended attributes, ACLs, and scheduling. Obtained from: TrustedBSD Project
Notes
Notes: svn path=/vendor/openbsm/dist/; revision=159985
-rw-r--r--contrib/openbsm/HISTORY12
-rw-r--r--contrib/openbsm/VERSION2
-rw-r--r--contrib/openbsm/bsm/audit_kevents.h21
-rw-r--r--contrib/openbsm/bsm/audit_record.h4
-rw-r--r--contrib/openbsm/bsm/libbsm.h4
-rw-r--r--contrib/openbsm/config/ltmain.sh633
-rwxr-xr-xcontrib/openbsm/configure38
-rw-r--r--contrib/openbsm/configure.ac20
-rw-r--r--contrib/openbsm/etc/audit_event45
-rw-r--r--contrib/openbsm/libbsm/bsm_notify.c4
-rw-r--r--contrib/openbsm/libbsm/bsm_token.c40
-rw-r--r--contrib/openbsm/man/audit.log.54
-rw-r--r--contrib/openbsm/test/bsm/generate.c53
13 files changed, 707 insertions, 173 deletions
diff --git a/contrib/openbsm/HISTORY b/contrib/openbsm/HISTORY
index e1e691115922..946f2ff9ed90 100644
--- a/contrib/openbsm/HISTORY
+++ b/contrib/openbsm/HISTORY
@@ -1,3 +1,13 @@
+OpenBSM 1.0 alpha 7
+
+- Adopted Solaris-compatible format for subject32_ex and subject64_ex
+ tokens, which previously did not correctly implement variable length
+ address storage.
+- Prefer inttypes.h to stdint.h; enhance queue.h detection to test for
+ TAILQ_FOREACH_SAFE(), which is present in recent BSD queue.h's, but not
+ older ones. OpenBSM now builds on some FreeBSD 4.x version.
+- New event types for extended attributes, ACLs, and scheduling.
+
OpenBSM 1.0 alpha 6
- Use AU_TO_WRITE and AU_NO_TO_WRITE for the 'keep' argument to au_close();
@@ -165,4 +175,4 @@ OpenBSM 1.0 alpha 1
to support reloading of kernel event table.
- Allow comments in /etc/security configuration files.
-$P4: //depot/projects/trustedbsd/openbsm/HISTORY#12 $
+$P4: //depot/projects/trustedbsd/openbsm/HISTORY#15 $
diff --git a/contrib/openbsm/VERSION b/contrib/openbsm/VERSION
index e2b0eb9fd41e..fe14dbb9a1cb 100644
--- a/contrib/openbsm/VERSION
+++ b/contrib/openbsm/VERSION
@@ -1 +1 @@
-OPENBSM_1_0_ALPHA_6
+OPENBSM_1_0_ALPHA_7
diff --git a/contrib/openbsm/bsm/audit_kevents.h b/contrib/openbsm/bsm/audit_kevents.h
index 335dc7dfa402..b323692409df 100644
--- a/contrib/openbsm/bsm/audit_kevents.h
+++ b/contrib/openbsm/bsm/audit_kevents.h
@@ -30,7 +30,7 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_kevents.h#37 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_kevents.h#38 $
*/
#ifndef _BSM_AUDIT_KEVENTS_H_
@@ -383,7 +383,24 @@
#define AUE_ACL_DELETE_FD 403 /* FreeBSD. */
#define AUE_ACL_CHECK_FILE 404 /* FreeBSD. */
#define AUE_ACL_CHECK_FD 405 /* FreeBSD. */
-#define AUE_SYSARCH 406 /* FreeBSD. */
+#define AUE_ACL_GET_LINK 406 /* FreeBSD. */
+#define AUE_ACL_SET_LINK 407 /* FreeBSD. */
+#define AUE_ACL_DELETE_LINK 408 /* FreeBSD. */
+#define AUE_ACL_CHECK_LINK 409 /* FreeBSD. */
+#define AUE_SYSARCH 410 /* FreeBSD. */
+#define AUE_EXTATTRCTL 411 /* FreeBSD. */
+#define AUE_EXTATTR_GET_FILE 412 /* FreeBSD. */
+#define AUE_EXTATTR_SET_FILE 413 /* FreeBSD. */
+#define AUE_EXTATTR_LIST_FILE 414 /* FreeBSD. */
+#define AUE_EXTATTR_DELETE_FILE 415 /* FreeBSD. */
+#define AUE_EXTATTR_GET_FD 416 /* FreeBSD. */
+#define AUE_EXTATTR_SET_FD 417 /* FreeBSD. */
+#define AUE_EXTATTR_LIST_FD 418 /* FreeBSD. */
+#define AUE_EXTATTR_DELETE_FD 419 /* FreeBSD. */
+#define AUE_EXTATTR_GET_LINK 420 /* FreeBSD. */
+#define AUE_EXTATTR_SET_LINK 421 /* FreeBSD. */
+#define AUE_EXTATTR_LIST_LINK 422 /* FreeBSD. */
+#define AUE_EXTATTR_DELETE_LINK 423 /* FreeBSD. */
/*
* Darwin BSM uses a number of AUE_O_* definitions, which are aliased to the
diff --git a/contrib/openbsm/bsm/audit_record.h b/contrib/openbsm/bsm/audit_record.h
index 9816112080d8..f9c0288b96fa 100644
--- a/contrib/openbsm/bsm/audit_record.h
+++ b/contrib/openbsm/bsm/audit_record.h
@@ -30,12 +30,14 @@
*
* @APPLE_BSD_LICENSE_HEADER_END@
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_record.h#17 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/audit_record.h#19 $
*/
#ifndef _BSM_AUDIT_RECORD_H_
#define _BSM_AUDIT_RECORD_H_
+#include <sys/time.h> /* struct timeval */
+
/*
* Token type identifiers.
*/
diff --git a/contrib/openbsm/bsm/libbsm.h b/contrib/openbsm/bsm/libbsm.h
index 45af63159e5d..2efdace43aaa 100644
--- a/contrib/openbsm/bsm/libbsm.h
+++ b/contrib/openbsm/bsm/libbsm.h
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#20 $
+ * $P4: //depot/projects/trustedbsd/openbsm/bsm/libbsm.h#21 $
*/
#ifndef _LIBBSM_H_
@@ -43,7 +43,7 @@
#include <sys/types.h>
#include <sys/cdefs.h>
-#include <stdint.h> /* Required for audit.h. */
+#include <inttypes.h> /* Required for audit.h. */
#include <time.h> /* Required for clock_t on Linux. */
#include <bsm/audit.h>
diff --git a/contrib/openbsm/config/ltmain.sh b/contrib/openbsm/config/ltmain.sh
index 9e71d27d86d4..a85567fc69fa 100644
--- a/contrib/openbsm/config/ltmain.sh
+++ b/contrib/openbsm/config/ltmain.sh
@@ -43,8 +43,8 @@ EXIT_FAILURE=1
PROGRAM=ltmain.sh
PACKAGE=libtool
-VERSION=1.5.20
-TIMESTAMP=" (1.1220.2.287 2005/08/31 18:54:15)"
+VERSION=1.5.22
+TIMESTAMP=" (1.1220.2.365 2005/12/18 22:14:06)"
# See if we are running on zsh, and set the options which allow our
# commands through without removal of \ escapes.
@@ -132,6 +132,8 @@ run=
show="$echo"
show_help=
execute_dlfiles=
+duplicate_deps=no
+preserve_args=
lo2o="s/\\.lo\$/.${objext}/"
o2lo="s/\\.${objext}\$/.lo/"
@@ -139,6 +141,43 @@ o2lo="s/\\.${objext}\$/.lo/"
# Shell function definitions:
# This seems to be the best place for them
+# func_mktempdir [string]
+# Make a temporary directory that won't clash with other running
+# libtool processes, and avoids race conditions if possible. If
+# given, STRING is the basename for that directory.
+func_mktempdir ()
+{
+ my_template="${TMPDIR-/tmp}/${1-$progname}"
+
+ if test "$run" = ":"; then
+ # Return a directory name, but don't create it in dry-run mode
+ my_tmpdir="${my_template}-$$"
+ else
+
+ # If mktemp works, use that first and foremost
+ my_tmpdir=`mktemp -d "${my_template}-XXXXXXXX" 2>/dev/null`
+
+ if test ! -d "$my_tmpdir"; then
+ # Failing that, at least try and use $RANDOM to avoid a race
+ my_tmpdir="${my_template}-${RANDOM-0}$$"
+
+ save_mktempdir_umask=`umask`
+ umask 0077
+ $mkdir "$my_tmpdir"
+ umask $save_mktempdir_umask
+ fi
+
+ # If we're not in dry-run mode, bomb out on failure
+ test -d "$my_tmpdir" || {
+ $echo "cannot create temporary directory \`$my_tmpdir'" 1>&2
+ exit $EXIT_FAILURE
+ }
+ fi
+
+ $echo "X$my_tmpdir" | $Xsed
+}
+
+
# func_win32_libid arg
# return the library type of file 'arg'
#
@@ -157,12 +196,11 @@ func_win32_libid ()
if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null | \
$EGREP -e 'file format pe-i386(.*architecture: i386)?' >/dev/null ; then
win32_nmres=`eval $NM -f posix -A $1 | \
- sed -n -e '1,100{/ I /{x;/import/!{s/^/import/;h;p;};x;};}'`
- if test "X$win32_nmres" = "Ximport" ; then
- win32_libid_type="x86 archive import"
- else
- win32_libid_type="x86 archive static"
- fi
+ $SED -n -e '1,100{/ I /{s,.*,import,;p;q;};}'`
+ case $win32_nmres in
+ import*) win32_libid_type="x86 archive import";;
+ *) win32_libid_type="x86 archive static";;
+ esac
fi
;;
*DLL*)
@@ -188,6 +226,20 @@ func_win32_libid ()
# arg is usually of the form 'gcc ...'
func_infer_tag ()
{
+ # FreeBSD-specific: where we install compilers with non-standard names
+ tag_compilers_CC="*cc cc* *gcc gcc*"
+ tag_compilers_CXX="*c++ c++* *g++ g++*"
+ base_compiler=`set -- "$@"; echo $1`
+
+ # If $tagname isn't set, then try to infer if the default "CC" tag applies
+ if test -z "$tagname"; then
+ for zp in $tag_compilers_CC; do
+ case $base_compiler in
+ $zp) tagname="CC"; break;;
+ esac
+ done
+ fi
+
if test -n "$available_tags" && test -z "$tagname"; then
CC_quoted=
for arg in $CC; do
@@ -228,7 +280,22 @@ func_infer_tag ()
break
;;
esac
- fi
+
+ # FreeBSD-specific: try compilers based on inferred tag
+ if test -z "$tagname"; then
+ eval "tag_compilers=\$tag_compilers_${z}"
+ if test -n "$tag_compilers"; then
+ for zp in $tag_compilers; do
+ case $base_compiler in
+ $zp) tagname=$z; break;;
+ esac
+ done
+ if test -n "$tagname"; then
+ break
+ fi
+ fi
+ fi
+ fi
done
# If $tagname still isn't set, then no tagged configuration
# was found and let the user know that the "--tag" command
@@ -295,9 +362,9 @@ func_extract_archives ()
$run ${rm}r "$my_xdir"
$show "$mkdir $my_xdir"
$run $mkdir "$my_xdir"
- status=$?
- if test "$status" -ne 0 && test ! -d "$my_xdir"; then
- exit $status
+ exit_status=$?
+ if test "$exit_status" -ne 0 && test ! -d "$my_xdir"; then
+ exit $exit_status
fi
case $host in
*-darwin*)
@@ -352,6 +419,8 @@ func_extract_archives ()
# Darwin sucks
eval std_shrext=\"$shrext_cmds\"
+disable_libs=no
+
# Parse our command line options once, thoroughly.
while test "$#" -gt 0
do
@@ -468,7 +537,11 @@ do
preserve_args="$preserve_args $arg"
;;
- --tag) prevopt="--tag" prev=tag ;;
+ --tag)
+ prevopt="--tag"
+ prev=tag
+ preserve_args="$preserve_args --tag"
+ ;;
--tag=*)
set tag "$optarg" ${1+"$@"}
shift
@@ -500,6 +573,18 @@ if test -n "$prevopt"; then
exit $EXIT_FAILURE
fi
+case $disable_libs in
+no)
+ ;;
+shared)
+ build_libtool_libs=no
+ build_old_libs=yes
+ ;;
+static)
+ build_old_libs=`case $build_libtool_libs in yes) echo no;; *) echo yes;; esac`
+ ;;
+esac
+
# If this variable is set in any of the actions, the command in it
# will be execed at the end. This prevents here-documents from being
# left over by shells.
@@ -856,9 +941,9 @@ EOF
if test ! -d "${xdir}$objdir"; then
$show "$mkdir ${xdir}$objdir"
$run $mkdir ${xdir}$objdir
- status=$?
- if test "$status" -ne 0 && test ! -d "${xdir}$objdir"; then
- exit $status
+ exit_status=$?
+ if test "$exit_status" -ne 0 && test ! -d "${xdir}$objdir"; then
+ exit $exit_status
fi
fi
@@ -1061,6 +1146,7 @@ EOF
no_install=no
objs=
non_pic_objects=
+ notinst_path= # paths that contain not-installed libtool libraries
precious_files_regex=
prefer_static_libs=no
preload=no
@@ -1089,14 +1175,15 @@ EOF
if test -n "$link_static_flag"; then
dlopen_self=$dlopen_self_static
fi
+ prefer_static_libs=yes
else
if test -z "$pic_flag" && test -n "$link_static_flag"; then
dlopen_self=$dlopen_self_static
fi
+ prefer_static_libs=built
fi
build_libtool_libs=no
build_old_libs=yes
- prefer_static_libs=yes
break
;;
esac
@@ -1271,6 +1358,11 @@ EOF
if test -z "$pic_object" || test "$pic_object" = none ; then
arg="$non_pic_object"
fi
+ else
+ # If the PIC object exists, use it instead.
+ # $xdir was prepended to $pic_object above.
+ non_pic_object="$pic_object"
+ non_pic_objects="$non_pic_objects $non_pic_object"
fi
else
# Only an error if not doing a dry-run.
@@ -1354,8 +1446,8 @@ EOF
prev=
continue
;;
- darwin_framework)
- compiler_flags="$compiler_flags $arg"
+ darwin_framework|darwin_framework_skip)
+ test "$prev" = "darwin_framework" && compiler_flags="$compiler_flags $arg"
compile_command="$compile_command $arg"
finalize_command="$finalize_command $arg"
prev=
@@ -1419,13 +1511,17 @@ EOF
continue
;;
- -framework|-arch)
- prev=darwin_framework
- compiler_flags="$compiler_flags $arg"
+ -framework|-arch|-isysroot)
+ case " $CC " in
+ *" ${arg} ${1} "* | *" ${arg} ${1} "*)
+ prev=darwin_framework_skip ;;
+ *) compiler_flags="$compiler_flags $arg"
+ prev=darwin_framework ;;
+ esac
compile_command="$compile_command $arg"
finalize_command="$finalize_command $arg"
- continue
- ;;
+ continue
+ ;;
-inst-prefix-dir)
prev=inst_prefix
@@ -1453,7 +1549,8 @@ EOF
absdir=`cd "$dir" && pwd`
if test -z "$absdir"; then
$echo "$modename: cannot determine absolute directory name of \`$dir'" 1>&2
- exit $EXIT_FAILURE
+ absdir="$dir"
+ notinst_path="$notinst_path $dir"
fi
dir="$absdir"
;;
@@ -1467,10 +1564,15 @@ EOF
esac
case $host in
*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*)
+ testbindir=`$echo "X$dir" | $Xsed -e 's*/lib$*/bin*'`
case :$dllsearchpath: in
*":$dir:"*) ;;
*) dllsearchpath="$dllsearchpath:$dir";;
esac
+ case :$dllsearchpath: in
+ *":$testbindir:"*) ;;
+ *) dllsearchpath="$dllsearchpath:$testbindir";;
+ esac
;;
esac
continue
@@ -1479,11 +1581,11 @@ EOF
-l*)
if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then
case $host in
- *-*-cygwin* | *-*-pw32* | *-*-beos*)
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos*)
# These systems don't actually have a C or math library (as such)
continue
;;
- *-*-mingw* | *-*-os2*)
+ *-*-os2*)
# These systems don't actually have a C library (as such)
test "X$arg" = "X-lc" && continue
;;
@@ -1495,6 +1597,15 @@ EOF
# Rhapsody C and math libraries are in the System framework
deplibs="$deplibs -framework System"
continue
+ ;;
+ *-*-sco3.2v5* | *-*-sco5v6*)
+ # Causes problems with __ctype
+ test "X$arg" = "X-lc" && continue
+ ;;
+ *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*)
+ # Compiler inserts libc in the correct place for threads to work
+ test "X$arg" = "X-lc" && continue
+ ;;
esac
elif test "X$arg" = "X-lc_r"; then
case $host in
@@ -1522,6 +1633,7 @@ EOF
compiler_flags="$compiler_flags $arg"
compile_command="$compile_command $arg"
finalize_command="$finalize_command $arg"
+ deplibs="$deplibs $arg"
continue
;;
@@ -1536,7 +1648,12 @@ EOF
# +DA*, +DD* enable 64-bit mode on the HP compiler
# -q* pass through compiler args for the IBM compiler
# -m* pass through architecture-specific compiler args for GCC
- -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*)
+ # -m*, -t[45]*, -txscale* pass through architecture-specific
+ # compiler args for GCC
+ # -pg pass through profiling flag for GCC
+ # @file GCC response files
+ -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*|-pg| \
+ -t[45]*|-txscale*|@*)
# Unknown arguments in both finalize_command and compile_command need
# to be aesthetically quoted because they are evaled later.
@@ -1548,9 +1665,7 @@ EOF
esac
compile_command="$compile_command $arg"
finalize_command="$finalize_command $arg"
- if test "$with_gcc" = "yes" ; then
- compiler_flags="$compiler_flags $arg"
- fi
+ compiler_flags="$compiler_flags $arg"
continue
;;
@@ -1788,6 +1903,11 @@ EOF
if test -z "$pic_object" || test "$pic_object" = none ; then
arg="$non_pic_object"
fi
+ else
+ # If the PIC object exists, use it instead.
+ # $xdir was prepended to $pic_object above.
+ non_pic_object="$pic_object"
+ non_pic_objects="$non_pic_objects $non_pic_object"
fi
else
# Only an error if not doing a dry-run.
@@ -1893,9 +2013,9 @@ EOF
if test ! -d "$output_objdir"; then
$show "$mkdir $output_objdir"
$run $mkdir $output_objdir
- status=$?
- if test "$status" -ne 0 && test ! -d "$output_objdir"; then
- exit $status
+ exit_status=$?
+ if test "$exit_status" -ne 0 && test ! -d "$output_objdir"; then
+ exit $exit_status
fi
fi
@@ -1958,7 +2078,6 @@ EOF
newlib_search_path=
need_relink=no # whether we're linking any uninstalled libtool libraries
notinst_deplibs= # not-installed libtool libraries
- notinst_path= # paths that contain not-installed libtool libraries
case $linkmode in
lib)
passes="conv link"
@@ -2012,6 +2131,29 @@ EOF
else
compiler_flags="$compiler_flags $deplib"
fi
+
+ case $linkmode in
+ lib)
+ deplibs="$deplib $deplibs"
+ test "$pass" = conv && continue
+ newdependency_libs="$deplib $newdependency_libs"
+ ;;
+ prog)
+ if test "$pass" = conv; then
+ deplibs="$deplib $deplibs"
+ continue
+ fi
+ if test "$pass" = scan; then
+ deplibs="$deplib $deplibs"
+ else
+ compile_deplibs="$deplib $compile_deplibs"
+ finalize_deplibs="$deplib $finalize_deplibs"
+ fi
+ ;;
+ *)
+ ;;
+ esac # linkmode
+
continue
;;
-l*)
@@ -2194,7 +2336,7 @@ EOF
esac # case $deplib
if test "$found" = yes || test -f "$lib"; then :
else
- $echo "$modename: cannot find the library \`$lib'" 1>&2
+ $echo "$modename: cannot find the library \`$lib' or unhandled argument \`$deplib'" 1>&2
exit $EXIT_FAILURE
fi
@@ -2445,8 +2587,12 @@ EOF
fi
link_static=no # Whether the deplib will be linked statically
+ use_static_libs=$prefer_static_libs
+ if test "$use_static_libs" = built && test "$installed" = yes ; then
+ use_static_libs=no
+ fi
if test -n "$library_names" &&
- { test "$prefer_static_libs" = no || test -z "$old_library"; }; then
+ { test "$use_static_libs" = no || test -z "$old_library"; }; then
if test "$installed" = no; then
notinst_deplibs="$notinst_deplibs $lib"
need_relink=yes
@@ -2559,11 +2705,15 @@ EOF
if test "$hardcode_direct" = no; then
add="$dir/$linklib"
case $host in
- *-*-sco3.2v5* ) add_dir="-L$dir" ;;
+ *-*-sco3.2v5.0.[024]*) add_dir="-L$dir" ;;
+ *-*-sysv4*uw2*) add_dir="-L$dir" ;;
+ *-*-sysv5OpenUNIX* | *-*-sysv5UnixWare7.[01].[10]* | \
+ *-*-unixware7*) add_dir="-L$dir" ;;
*-*-darwin* )
# if the lib is a module then we can not link against
# it, someone is ignoring the new warnings I added
- if /usr/bin/file -L $add 2> /dev/null | $EGREP "bundle" >/dev/null ; then
+ if /usr/bin/file -L $add 2> /dev/null |
+ $EGREP ": [^:]* bundle" >/dev/null ; then
$echo "** Warning, lib $linklib is a module, not a shared library"
if test -z "$old_library" ; then
$echo
@@ -3314,9 +3464,9 @@ EOF
# Eliminate all temporary directories.
for path in $notinst_path; do
- lib_search_path=`$echo "$lib_search_path " | ${SED} -e 's% $path % %g'`
- deplibs=`$echo "$deplibs " | ${SED} -e 's% -L$path % %g'`
- dependency_libs=`$echo "$dependency_libs " | ${SED} -e 's% -L$path % %g'`
+ lib_search_path=`$echo "$lib_search_path " | ${SED} -e "s% $path % %g"`
+ deplibs=`$echo "$deplibs " | ${SED} -e "s% -L$path % %g"`
+ dependency_libs=`$echo "$dependency_libs " | ${SED} -e "s% -L$path % %g"`
done
if test -n "$xrpath"; then
@@ -3369,7 +3519,12 @@ EOF
;;
*-*-openbsd* | *-*-freebsd* | *-*-dragonfly*)
# Do not include libc due to us having libc/libc_r.
- test "X$arg" = "X-lc" && continue
+ ;;
+ *-*-sco3.2v5* | *-*-sco5v6*)
+ # Causes problems with __ctype
+ ;;
+ *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*)
+ # Compiler inserts libc in the correct place for threads to work
;;
*)
# Add libc to deplibs on all other systems if necessary.
@@ -3413,7 +3568,7 @@ EOF
int main() { return 0; }
EOF
$rm conftest
- $LTCC -o conftest conftest.c $deplibs
+ $LTCC $LTCFLAGS -o conftest conftest.c $deplibs
if test "$?" -eq 0 ; then
ldd_output=`ldd conftest`
for i in $deplibs; do
@@ -3458,7 +3613,7 @@ EOF
# If $name is empty we are operating on a -L argument.
if test "$name" != "" && test "$name" != "0"; then
$rm conftest
- $LTCC -o conftest conftest.c $i
+ $LTCC $LTCFLAGS -o conftest conftest.c $i
# Did it work?
if test "$?" -eq 0 ; then
ldd_output=`ldd conftest`
@@ -3705,6 +3860,35 @@ EOF
deplibs=$newdeplibs
fi
+
+ # move library search paths that coincide with paths to not yet
+ # installed libraries to the beginning of the library search list
+ new_libs=
+ for path in $notinst_path; do
+ case " $new_libs " in
+ *" -L$path/$objdir "*) ;;
+ *)
+ case " $deplibs " in
+ *" -L$path/$objdir "*)
+ new_libs="$new_libs -L$path/$objdir" ;;
+ esac
+ ;;
+ esac
+ done
+ for deplib in $deplibs; do
+ case $deplib in
+ -L*)
+ case " $new_libs " in
+ *" $deplib "*) ;;
+ *) new_libs="$new_libs $deplib" ;;
+ esac
+ ;;
+ *) new_libs="$new_libs $deplib" ;;
+ esac
+ done
+ deplibs="$new_libs"
+
+
# All the library-specific variables (install_libdir is set above).
library_names=
old_library=
@@ -3788,6 +3972,7 @@ EOF
fi
lib="$output_objdir/$realname"
+ linknames=
for link
do
linknames="$linknames $link"
@@ -4219,6 +4404,35 @@ EOF
;;
esac
+
+ # move library search paths that coincide with paths to not yet
+ # installed libraries to the beginning of the library search list
+ new_libs=
+ for path in $notinst_path; do
+ case " $new_libs " in
+ *" -L$path/$objdir "*) ;;
+ *)
+ case " $compile_deplibs " in
+ *" -L$path/$objdir "*)
+ new_libs="$new_libs -L$path/$objdir" ;;
+ esac
+ ;;
+ esac
+ done
+ for deplib in $compile_deplibs; do
+ case $deplib in
+ -L*)
+ case " $new_libs " in
+ *" $deplib "*) ;;
+ *) new_libs="$new_libs $deplib" ;;
+ esac
+ ;;
+ *) new_libs="$new_libs $deplib" ;;
+ esac
+ done
+ compile_deplibs="$new_libs"
+
+
compile_command="$compile_command $compile_deplibs"
finalize_command="$finalize_command $finalize_deplibs"
@@ -4263,10 +4477,15 @@ EOF
fi
case $host in
*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*)
+ testbindir=`$echo "X$libdir" | $Xsed -e 's*/lib$*/bin*'`
case :$dllsearchpath: in
*":$libdir:"*) ;;
*) dllsearchpath="$dllsearchpath:$libdir";;
esac
+ case :$dllsearchpath: in
+ *":$testbindir:"*) ;;
+ *) dllsearchpath="$dllsearchpath:$testbindir";;
+ esac
;;
esac
done
@@ -4383,10 +4602,22 @@ extern \"C\" {
export_symbols="$output_objdir/$outputname.exp"
$run $rm $export_symbols
$run eval "${SED} -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"'
+ case $host in
+ *cygwin* | *mingw* )
+ $run eval "echo EXPORTS "'> "$output_objdir/$outputname.def"'
+ $run eval 'cat "$export_symbols" >> "$output_objdir/$outputname.def"'
+ ;;
+ esac
else
- $run eval "${SED} -e 's/\([ ][.*^$]\)/\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"'
+ $run eval "${SED} -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"'
$run eval 'grep -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T'
$run eval 'mv "$nlist"T "$nlist"'
+ case $host in
+ *cygwin* | *mingw* )
+ $run eval "echo EXPORTS "'> "$output_objdir/$outputname.def"'
+ $run eval 'cat "$nlist" >> "$output_objdir/$outputname.def"'
+ ;;
+ esac
fi
fi
@@ -4503,16 +4734,32 @@ static const void *lt_preloaded_setup() {
esac
# Now compile the dynamic symbol file.
- $show "(cd $output_objdir && $LTCC -c$no_builtin_flag$pic_flag_for_symtable \"$dlsyms\")"
- $run eval '(cd $output_objdir && $LTCC -c$no_builtin_flag$pic_flag_for_symtable "$dlsyms")' || exit $?
+ $show "(cd $output_objdir && $LTCC $LTCFLAGS -c$no_builtin_flag$pic_flag_for_symtable \"$dlsyms\")"
+ $run eval '(cd $output_objdir && $LTCC $LTCFLAGS -c$no_builtin_flag$pic_flag_for_symtable "$dlsyms")' || exit $?
# Clean up the generated files.
$show "$rm $output_objdir/$dlsyms $nlist ${nlist}S ${nlist}T"
$run $rm "$output_objdir/$dlsyms" "$nlist" "${nlist}S" "${nlist}T"
# Transform the symbol file into the correct name.
- compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"`
- finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"`
+ case $host in
+ *cygwin* | *mingw* )
+ if test -f "$output_objdir/${outputname}.def" ; then
+ compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}.def $output_objdir/${outputname}S.${objext}%"`
+ finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}.def $output_objdir/${outputname}S.${objext}%"`
+ else
+ compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"`
+ finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"`
+ fi
+ ;;
+ * )
+ compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"`
+ finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"`
+ ;;
+ esac
+ ;;
+ *-*-freebsd*)
+ # FreeBSD doesn't need this...
;;
*)
$echo "$modename: unknown suffix for \`$dlsyms'" 1>&2
@@ -4537,7 +4784,7 @@ static const void *lt_preloaded_setup() {
# We have no uninstalled library dependencies, so finalize right now.
$show "$link_command"
$run eval "$link_command"
- status=$?
+ exit_status=$?
# Delete the generated files.
if test -n "$dlsyms"; then
@@ -4545,7 +4792,7 @@ static const void *lt_preloaded_setup() {
$run $rm "$output_objdir/${outputname}S.${objext}"
fi
- exit $status
+ exit $exit_status
fi
if test -n "$shlibpath_var"; then
@@ -4685,10 +4932,12 @@ static const void *lt_preloaded_setup() {
esac
case $host in
*cygwin* | *mingw* )
- cwrappersource=`$echo ${objdir}/lt-${outputname}.c`
- cwrapper=`$echo ${output}.exe`
- $rm $cwrappersource $cwrapper
- trap "$rm $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15
+ output_name=`basename $output`
+ output_path=`dirname $output`
+ cwrappersource="$output_path/$objdir/lt-$output_name.c"
+ cwrapper="$output_path/$output_name.exe"
+ $rm $cwrappersource $cwrapper
+ trap "$rm $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15
cat > $cwrappersource <<EOF
@@ -4713,6 +4962,9 @@ EOF
#include <malloc.h>
#include <stdarg.h>
#include <assert.h>
+#include <string.h>
+#include <ctype.h>
+#include <sys/stat.h>
#if defined(PATH_MAX)
# define LT_PATHMAX PATH_MAX
@@ -4723,15 +4975,19 @@ EOF
#endif
#ifndef DIR_SEPARATOR
-#define DIR_SEPARATOR '/'
+# define DIR_SEPARATOR '/'
+# define PATH_SEPARATOR ':'
#endif
#if defined (_WIN32) || defined (__MSDOS__) || defined (__DJGPP__) || \
defined (__OS2__)
-#define HAVE_DOS_BASED_FILE_SYSTEM
-#ifndef DIR_SEPARATOR_2
-#define DIR_SEPARATOR_2 '\\'
-#endif
+# define HAVE_DOS_BASED_FILE_SYSTEM
+# ifndef DIR_SEPARATOR_2
+# define DIR_SEPARATOR_2 '\\'
+# endif
+# ifndef PATH_SEPARATOR_2
+# define PATH_SEPARATOR_2 ';'
+# endif
#endif
#ifndef DIR_SEPARATOR_2
@@ -4741,17 +4997,32 @@ EOF
(((ch) == DIR_SEPARATOR) || ((ch) == DIR_SEPARATOR_2))
#endif /* DIR_SEPARATOR_2 */
+#ifndef PATH_SEPARATOR_2
+# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR)
+#else /* PATH_SEPARATOR_2 */
+# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR_2)
+#endif /* PATH_SEPARATOR_2 */
+
#define XMALLOC(type, num) ((type *) xmalloc ((num) * sizeof(type)))
#define XFREE(stale) do { \
if (stale) { free ((void *) stale); stale = 0; } \
} while (0)
+/* -DDEBUG is fairly common in CFLAGS. */
+#undef DEBUG
+#if defined DEBUGWRAPPER
+# define DEBUG(format, ...) fprintf(stderr, format, __VA_ARGS__)
+#else
+# define DEBUG(format, ...)
+#endif
+
const char *program_name = NULL;
void * xmalloc (size_t num);
char * xstrdup (const char *string);
-char * basename (const char *name);
-char * fnqualify(const char *path);
+const char * base_name (const char *name);
+char * find_executable(const char *wrapper);
+int check_executable(const char *path);
char * strendzap(char *str, const char *pat);
void lt_fatal (const char *message, ...);
@@ -4761,29 +5032,50 @@ main (int argc, char *argv[])
char **newargz;
int i;
- program_name = (char *) xstrdup ((char *) basename (argv[0]));
+ program_name = (char *) xstrdup (base_name (argv[0]));
+ DEBUG("(main) argv[0] : %s\n",argv[0]);
+ DEBUG("(main) program_name : %s\n",program_name);
newargz = XMALLOC(char *, argc+2);
EOF
- cat >> $cwrappersource <<EOF
- newargz[0] = "$SHELL";
+ cat >> $cwrappersource <<EOF
+ newargz[0] = (char *) xstrdup("$SHELL");
EOF
- cat >> $cwrappersource <<"EOF"
- newargz[1] = fnqualify(argv[0]);
+ cat >> $cwrappersource <<"EOF"
+ newargz[1] = find_executable(argv[0]);
+ if (newargz[1] == NULL)
+ lt_fatal("Couldn't find %s", argv[0]);
+ DEBUG("(main) found exe at : %s\n",newargz[1]);
/* we know the script has the same name, without the .exe */
/* so make sure newargz[1] doesn't end in .exe */
strendzap(newargz[1],".exe");
for (i = 1; i < argc; i++)
newargz[i+1] = xstrdup(argv[i]);
newargz[argc+1] = NULL;
+
+ for (i=0; i<argc+1; i++)
+ {
+ DEBUG("(main) newargz[%d] : %s\n",i,newargz[i]);
+ ;
+ }
+
EOF
- cat >> $cwrappersource <<EOF
+ case $host_os in
+ mingw*)
+ cat >> $cwrappersource <<EOF
+ execv("$SHELL",(char const **)newargz);
+EOF
+ ;;
+ *)
+ cat >> $cwrappersource <<EOF
execv("$SHELL",newargz);
EOF
+ ;;
+ esac
- cat >> $cwrappersource <<"EOF"
+ cat >> $cwrappersource <<"EOF"
return 127;
}
@@ -4804,48 +5096,148 @@ xstrdup (const char *string)
;
}
-char *
-basename (const char *name)
+const char *
+base_name (const char *name)
{
const char *base;
#if defined (HAVE_DOS_BASED_FILE_SYSTEM)
/* Skip over the disk name in MSDOS pathnames. */
- if (isalpha (name[0]) && name[1] == ':')
+ if (isalpha ((unsigned char)name[0]) && name[1] == ':')
name += 2;
#endif
for (base = name; *name; name++)
if (IS_DIR_SEPARATOR (*name))
base = name + 1;
- return (char *) base;
+ return base;
}
+int
+check_executable(const char * path)
+{
+ struct stat st;
+
+ DEBUG("(check_executable) : %s\n", path ? (*path ? path : "EMPTY!") : "NULL!");
+ if ((!path) || (!*path))
+ return 0;
+
+ if ((stat (path, &st) >= 0) &&
+ (
+ /* MinGW & native WIN32 do not support S_IXOTH or S_IXGRP */
+#if defined (S_IXOTH)
+ ((st.st_mode & S_IXOTH) == S_IXOTH) ||
+#endif
+#if defined (S_IXGRP)
+ ((st.st_mode & S_IXGRP) == S_IXGRP) ||
+#endif
+ ((st.st_mode & S_IXUSR) == S_IXUSR))
+ )
+ return 1;
+ else
+ return 0;
+}
+
+/* Searches for the full path of the wrapper. Returns
+ newly allocated full path name if found, NULL otherwise */
char *
-fnqualify(const char *path)
+find_executable (const char* wrapper)
{
- size_t size;
- char *p;
+ int has_slash = 0;
+ const char* p;
+ const char* p_next;
+ /* static buffer for getcwd */
char tmp[LT_PATHMAX + 1];
+ int tmp_len;
+ char* concat_name;
+
+ DEBUG("(find_executable) : %s\n", wrapper ? (*wrapper ? wrapper : "EMPTY!") : "NULL!");
- assert(path != NULL);
+ if ((wrapper == NULL) || (*wrapper == '\0'))
+ return NULL;
- /* Is it qualified already? */
+ /* Absolute path? */
#if defined (HAVE_DOS_BASED_FILE_SYSTEM)
- if (isalpha (path[0]) && path[1] == ':')
- return xstrdup (path);
+ if (isalpha ((unsigned char)wrapper[0]) && wrapper[1] == ':')
+ {
+ concat_name = xstrdup (wrapper);
+ if (check_executable(concat_name))
+ return concat_name;
+ XFREE(concat_name);
+ }
+ else
+ {
+#endif
+ if (IS_DIR_SEPARATOR (wrapper[0]))
+ {
+ concat_name = xstrdup (wrapper);
+ if (check_executable(concat_name))
+ return concat_name;
+ XFREE(concat_name);
+ }
+#if defined (HAVE_DOS_BASED_FILE_SYSTEM)
+ }
#endif
- if (IS_DIR_SEPARATOR (path[0]))
- return xstrdup (path);
- /* prepend the current directory */
- /* doesn't handle '~' */
+ for (p = wrapper; *p; p++)
+ if (*p == '/')
+ {
+ has_slash = 1;
+ break;
+ }
+ if (!has_slash)
+ {
+ /* no slashes; search PATH */
+ const char* path = getenv ("PATH");
+ if (path != NULL)
+ {
+ for (p = path; *p; p = p_next)
+ {
+ const char* q;
+ size_t p_len;
+ for (q = p; *q; q++)
+ if (IS_PATH_SEPARATOR(*q))
+ break;
+ p_len = q - p;
+ p_next = (*q == '\0' ? q : q + 1);
+ if (p_len == 0)
+ {
+ /* empty path: current directory */
+ if (getcwd (tmp, LT_PATHMAX) == NULL)
+ lt_fatal ("getcwd failed");
+ tmp_len = strlen(tmp);
+ concat_name = XMALLOC(char, tmp_len + 1 + strlen(wrapper) + 1);
+ memcpy (concat_name, tmp, tmp_len);
+ concat_name[tmp_len] = '/';
+ strcpy (concat_name + tmp_len + 1, wrapper);
+ }
+ else
+ {
+ concat_name = XMALLOC(char, p_len + 1 + strlen(wrapper) + 1);
+ memcpy (concat_name, p, p_len);
+ concat_name[p_len] = '/';
+ strcpy (concat_name + p_len + 1, wrapper);
+ }
+ if (check_executable(concat_name))
+ return concat_name;
+ XFREE(concat_name);
+ }
+ }
+ /* not found in PATH; assume curdir */
+ }
+ /* Relative path | not found in path: prepend cwd */
if (getcwd (tmp, LT_PATHMAX) == NULL)
lt_fatal ("getcwd failed");
- size = strlen(tmp) + 1 + strlen(path) + 1; /* +2 for '/' and '\0' */
- p = XMALLOC(char, size);
- sprintf(p, "%s%c%s", tmp, DIR_SEPARATOR, path);
- return p;
+ tmp_len = strlen(tmp);
+ concat_name = XMALLOC(char, tmp_len + 1 + strlen(wrapper) + 1);
+ memcpy (concat_name, tmp, tmp_len);
+ concat_name[tmp_len] = '/';
+ strcpy (concat_name + tmp_len + 1, wrapper);
+
+ if (check_executable(concat_name))
+ return concat_name;
+ XFREE(concat_name);
+ return NULL;
}
char *
@@ -4889,16 +5281,16 @@ lt_fatal (const char *message, ...)
va_end (ap);
}
EOF
- # we should really use a build-platform specific compiler
- # here, but OTOH, the wrappers (shell script and this C one)
- # are only useful if you want to execute the "real" binary.
- # Since the "real" binary is built for $host, then this
- # wrapper might as well be built for $host, too.
- $run $LTCC -s -o $cwrapper $cwrappersource
- ;;
- esac
- $rm $output
- trap "$rm $output; exit $EXIT_FAILURE" 1 2 15
+ # we should really use a build-platform specific compiler
+ # here, but OTOH, the wrappers (shell script and this C one)
+ # are only useful if you want to execute the "real" binary.
+ # Since the "real" binary is built for $host, then this
+ # wrapper might as well be built for $host, too.
+ $run $LTCC $LTCFLAGS -s -o $cwrapper $cwrappersource
+ ;;
+ esac
+ $rm $output
+ trap "$rm $output; exit $EXIT_FAILURE" 1 2 15
$echo > $output "\
#! $SHELL
@@ -5128,9 +5520,9 @@ fi\
$run ${rm}r "$gentop"
$show "$mkdir $gentop"
$run $mkdir "$gentop"
- status=$?
- if test "$status" -ne 0 && test ! -d "$gentop"; then
- exit $status
+ exit_status=$?
+ if test "$exit_status" -ne 0 && test ! -d "$gentop"; then
+ exit $exit_status
fi
fi
@@ -5797,18 +6189,7 @@ relink_command=\"$relink_command\""
outputname=
if test "$fast_install" = no && test -n "$relink_command"; then
if test "$finalize" = yes && test -z "$run"; then
- tmpdir="/tmp"
- test -n "$TMPDIR" && tmpdir="$TMPDIR"
- tmpdir="$tmpdir/libtool-$$"
- save_umask=`umask`
- umask 0077
- if $mkdir "$tmpdir"; then
- umask $save_umask
- else
- umask $save_umask
- $echo "$modename: error: cannot create temporary directory \`$tmpdir'" 1>&2
- continue
- fi
+ tmpdir=`func_mktempdir`
file=`$echo "X$file$stripped_ext" | $Xsed -e 's%^.*/%%'`
outputname="$tmpdir/$file"
# Replace the output file specification.
@@ -5932,7 +6313,7 @@ relink_command=\"$relink_command\""
# Exit here if they wanted silent mode.
test "$show" = : && exit $EXIT_SUCCESS
- $echo "----------------------------------------------------------------------"
+ $echo "X----------------------------------------------------------------------" | $Xsed
$echo "Libraries have been installed in:"
for libdir in $libdirs; do
$echo " $libdir"
@@ -5965,7 +6346,7 @@ relink_command=\"$relink_command\""
$echo
$echo "See any operating system documentation about shared libraries for"
$echo "more information, such as the ld(1) and ld.so(8) manual pages."
- $echo "----------------------------------------------------------------------"
+ $echo "X----------------------------------------------------------------------" | $Xsed
exit $EXIT_SUCCESS
;;
@@ -6182,9 +6563,17 @@ relink_command=\"$relink_command\""
rmfiles="$rmfiles $objdir/$n"
done
test -n "$old_library" && rmfiles="$rmfiles $objdir/$old_library"
- test "$mode" = clean && rmfiles="$rmfiles $objdir/$name $objdir/${name}i"
- if test "$mode" = uninstall; then
+ case "$mode" in
+ clean)
+ case " $library_names " in
+ # " " in the beginning catches empty $dlname
+ *" $dlname "*) ;;
+ *) rmfiles="$rmfiles $objdir/$dlname" ;;
+ esac
+ test -n "$libdir" && rmfiles="$rmfiles $objdir/$name $objdir/${name}i"
+ ;;
+ uninstall)
if test -n "$library_names"; then
# Do each command in the postuninstall commands.
cmds=$postuninstall_cmds
@@ -6217,7 +6606,8 @@ relink_command=\"$relink_command\""
IFS="$save_ifs"
fi
# FIXME: should reinstall the best remaining shared library.
- fi
+ ;;
+ esac
fi
;;
@@ -6516,12 +6906,11 @@ exit $?
# configuration. But we'll never go from static-only to shared-only.
# ### BEGIN LIBTOOL TAG CONFIG: disable-shared
-build_libtool_libs=no
-build_old_libs=yes
+disable_libs=shared
# ### END LIBTOOL TAG CONFIG: disable-shared
# ### BEGIN LIBTOOL TAG CONFIG: disable-static
-build_old_libs=`case $build_libtool_libs in yes) $echo no;; *) $echo yes;; esac`
+disable_libs=static
# ### END LIBTOOL TAG CONFIG: disable-static
# Local Variables:
diff --git a/contrib/openbsm/configure b/contrib/openbsm/configure
index 06b326932298..c73a0012e775 100755
--- a/contrib/openbsm/configure
+++ b/contrib/openbsm/configure
@@ -1,7 +1,7 @@
#! /bin/sh
-# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#22 .
+# From configure.ac P4: //depot/projects/trustedbsd/openbsm/configure.ac#23 .
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a6.
+# Generated by GNU Autoconf 2.59 for OpenBSM 1.0a7.
#
# Report bugs to <trustedbsd-audit@TrustesdBSD.org>.
#
@@ -424,8 +424,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
# Identity of this package.
PACKAGE_NAME='OpenBSM'
PACKAGE_TARNAME='openbsm'
-PACKAGE_VERSION='1.0a6'
-PACKAGE_STRING='OpenBSM 1.0a6'
+PACKAGE_VERSION='1.0a7'
+PACKAGE_STRING='OpenBSM 1.0a7'
PACKAGE_BUGREPORT='trustedbsd-audit@TrustesdBSD.org'
ac_unique_file="bin/auditreduce/auditreduce.c"
@@ -955,7 +955,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures OpenBSM 1.0a6 to adapt to many kinds of systems.
+\`configure' configures OpenBSM 1.0a7 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1021,7 +1021,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of OpenBSM 1.0a6:";;
+ short | recursive ) echo "Configuration of OpenBSM 1.0a7:";;
esac
cat <<\_ACEOF
@@ -1162,7 +1162,7 @@ fi
test -n "$ac_init_help" && exit 0
if $ac_init_version; then
cat <<\_ACEOF
-OpenBSM configure 1.0a6
+OpenBSM configure 1.0a7
generated by GNU Autoconf 2.59
Copyright (C) 2003 Free Software Foundation, Inc.
@@ -1176,7 +1176,7 @@ cat >&5 <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by OpenBSM $as_me 1.0a6, which was
+It was created by OpenBSM $as_me 1.0a7, which was
generated by GNU Autoconf 2.59. Invocation command line was
$ $0 $@
@@ -19278,7 +19278,7 @@ fi
# Define the identity of the package.
PACKAGE=OpenBSM
- VERSION=1.0a6
+ VERSION=1.0a7
cat >>confdefs.h <<_ACEOF
@@ -22936,8 +22936,8 @@ done
# sys/queue.h exists on most systems, but its capabilities vary a great deal.
-# test for LIST_FIRST, which appears to not exist in all of them, and is
-# necessary for OpenBSM.
+# test for LIST_FIRST and TAILQ_FOREACH_SAFE, which appears to not exist in
+# all of them, and are necessary for OpenBSM.
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
@@ -22951,13 +22951,13 @@ int
main ()
{
- struct foo {
- LIST_ENTRY(foo) foo_entries;
- };
- LIST_HEAD(, foo) foo_list;
- struct foo *foo;
- foo = LIST_FIRST(&foo_list);
+ #ifndef LIST_FIRST
+ #error LIST_FIRST missing
+ #endif
+ #ifndef TAILQ_FOREACH_SAFE
+ #error TAILQ_FOREACH_SAFE
+ #endif
;
return 0;
@@ -23477,7 +23477,7 @@ _ASBOX
} >&5
cat >&5 <<_CSEOF
-This file was extended by OpenBSM $as_me 1.0a6, which was
+This file was extended by OpenBSM $as_me 1.0a7, which was
generated by GNU Autoconf 2.59. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -23540,7 +23540,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-OpenBSM config.status 1.0a6
+OpenBSM config.status 1.0a7
configured by $0, generated by GNU Autoconf 2.59,
with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
diff --git a/contrib/openbsm/configure.ac b/contrib/openbsm/configure.ac
index 1fca5b74acc5..48dd95e96b7d 100644
--- a/contrib/openbsm/configure.ac
+++ b/contrib/openbsm/configure.ac
@@ -2,8 +2,8 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
-AC_INIT([OpenBSM], [1.0a6], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
-AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#22 $])
+AC_INIT([OpenBSM], [1.0a7], [trustedbsd-audit@TrustesdBSD.org],[openbsm])
+AC_REVISION([$P4: //depot/projects/trustedbsd/openbsm/configure.ac#24 $])
AC_CONFIG_SRCDIR([bin/auditreduce/auditreduce.c])
AC_CONFIG_AUX_DIR(config)
AC_CONFIG_HEADER([config/config.h])
@@ -59,18 +59,18 @@ AC_FUNC_STRFTIME
AC_CHECK_FUNCS([bzero ftruncate gettimeofday inet_ntoa memset strchr strerror strrchr strstr strtol strtoul])
# sys/queue.h exists on most systems, but its capabilities vary a great deal.
-# test for LIST_FIRST, which appears to not exist in all of them, and is
-# necessary for OpenBSM.
+# test for LIST_FIRST and TAILQ_FOREACH_SAFE, which appears to not exist in
+# all of them, and are necessary for OpenBSM.
AC_TRY_LINK([
#include <sys/queue.h>
], [
- struct foo {
- LIST_ENTRY(foo) foo_entries;
- };
- LIST_HEAD(, foo) foo_list;
- struct foo *foo;
- foo = LIST_FIRST(&foo_list);
+ #ifndef LIST_FIRST
+ #error LIST_FIRST missing
+ #endif
+ #ifndef TAILQ_FOREACH_SAFE
+ #error TAILQ_FOREACH_SAFE
+ #endif
], [
AC_DEFINE(HAVE_FULL_QUEUE_H,, Define if queue.h includes LIST_FIRST)
])
diff --git a/contrib/openbsm/etc/audit_event b/contrib/openbsm/etc/audit_event
index 01a3a5b6cbd2..ae5021a84b21 100644
--- a/contrib/openbsm/etc/audit_event
+++ b/contrib/openbsm/etc/audit_event
@@ -1,5 +1,5 @@
#
-# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#10 $
+# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_event#11 $
#
0:AUE_NULL:indir system call:no
1:AUE_EXIT:exit(2):pc
@@ -314,6 +314,49 @@
378:AUE_KEVENT:kevent(2):no
379:AUE_FSYNC:fsync(2):fm
380:AUE_NMOUNT:nmount(2):ad
+381:AUE_BDFLUSH:bdflush(2):ad
+382:AUE_SETFSUID:setfsuid(2):ot
+383:AUE_SETFSGID:setfsgid(2):ot
+384:AUE_PERSONALITY:personality(2):pc
+385:AUE_SCHED_GETSCHEDULER:getscheduler(2):ad
+386:AUE_SCHED_SETSCHEDULER:setscheduler(2):ad
+387:AUE_PRCTL:prctl(2):pc
+388:AUE_GETCWD:getcwd(2):pc
+389:AUE_CAPGET:capget(2):pc
+390:AUE_CAPSET:capset(2):pc
+391:AUE_PIVOT_ROOT:pivot_root(2):pc
+392:AUE_RTPRIO::rtprio(2):pc
+393:AUE_SCHED_GETPARAM:sched_getparam(2):ad
+394:AUE_SCHED_SETPARAM:sched_setparam(2):ad
+395:AUE_SCHED_GET_PRIORITY_MAX:sched_get_priority_max(2):ad
+396:AUE_SCHED_GET_PRIORITY_MIN:sched_get_priority_min(2):ad
+397:AUE_SCHED_RR_GET_INTERVAL:sched_rr_get_interval(2):ad
+398:AUE_ACL_GET_FILE:acl_get_file(2):fa
+399:AUE_ACL_SET_FILE:acl_set_file(2):fm
+400:AUE_ACL_GET_FD:acl_get_fd(2):fa
+401:AUE_ACL_SET_FD:acl_set_fd(2):fm
+402:AUE_ACL_DELETE_FILE:acl_delete_file(2):fm
+403:AUE_ACL_DELETE_FD:acl_delete_fd(2):fm
+404:AUE_ACL_CHECK_FILE:acl_aclcheck_file(2):fa
+405:AUE_ACL_CHECK_FD:acl_aclcheck_fd(2):fa
+406:AUE_ACL_GET_LINK:acl_get_link(2):fa
+407:AUE_ACL_SET_LINK:acl_set_link(2):fm
+408:AUE_ACL_DELETE_LINK:acl_delete_link(2):fm
+409:AUE_ACL_CHECK_LINK:acl_aclcheck_link(2):fa
+410:AUE_SYSARCH:sysarch(2):na
+411:AUE_EXTATTRCTL:extattrctl(2):fm
+412:AUE_EXTATTR_GET_FILE:extattr_get_file(2):fa
+413:AUE_EXTATTR_SET_FILE:extattr_set_file(2):fm
+414:AUE_EXTATTR_LIST_FILE:extattr_list_file(2):fa
+415:AUE_EXTATTR_DELETE_FILE:extattr_delete_file(2):fm
+416:AUE_EXTATTR_GET_FD:extattr_get_fd(2):fa
+417:AUE_EXTATTR_SET_FD:extattr_set_fd(2):fm
+418:AUE_EXTATTR_LIST_FD:extattr_list_fd(2):fa
+419:AUE_EXTATTR_DELETE_FD:extattr_delete_fd(2):fm
+420:AUE_EXTATTR_GET_LINK:extattr_get_link(2):fa
+421:AUE_EXTATTR_SET_LINK:extattr_set_link(2):fm
+422:AUE_EXTATTR_LIST_LINK:extattr_list_link(2):fa
+423:AUE_EXTATTR_DELETE_LINK:extattr_delete_link(2):fm
6152:AUE_login:login - local:lo
6153:AUE_logout:logout - local:lo
6159:AUE_su:su(1):lo
diff --git a/contrib/openbsm/libbsm/bsm_notify.c b/contrib/openbsm/libbsm/bsm_notify.c
index d5a7601bbde2..3ebfb25b5423 100644
--- a/contrib/openbsm/libbsm/bsm_notify.c
+++ b/contrib/openbsm/libbsm/bsm_notify.c
@@ -26,7 +26,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#11 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_notify.c#12 $
*/
/*
@@ -45,7 +45,7 @@
#include <bsm/libbsm.h>
#include <errno.h>
-#include <stdint.h>
+#include <inttypes.h>
#include <stdarg.h>
#include <string.h>
#include <syslog.h>
diff --git a/contrib/openbsm/libbsm/bsm_token.c b/contrib/openbsm/libbsm/bsm_token.c
index 98991adfe2f3..7512c4227d50 100644
--- a/contrib/openbsm/libbsm/bsm_token.c
+++ b/contrib/openbsm/libbsm/bsm_token.c
@@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#47 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#48 $
*/
#include <sys/types.h>
@@ -691,7 +691,16 @@ au_to_process32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid,
token_t *t;
u_char *dptr = NULL;
- GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 * sizeof(u_int32_t));
+ if (tid->at_type == AU_IPv4)
+ GET_TOKEN_AREA(t, dptr, sizeof(u_char) +
+ 10 * sizeof(u_int32_t));
+ else if (tid->at_type == AU_IPv6)
+ GET_TOKEN_AREA(t, dptr, sizeof(u_char) +
+ 13 * sizeof(u_int32_t));
+ else {
+ errno = EINVAL;
+ return (NULL);
+ }
if (t == NULL)
return (NULL);
@@ -706,9 +715,11 @@ au_to_process32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid,
ADD_U_INT32(dptr, tid->at_port);
ADD_U_INT32(dptr, tid->at_type);
ADD_U_INT32(dptr, tid->at_addr[0]);
- ADD_U_INT32(dptr, tid->at_addr[1]);
- ADD_U_INT32(dptr, tid->at_addr[2]);
- ADD_U_INT32(dptr, tid->at_addr[3]);
+ if (tid->at_type == AU_IPv6) {
+ ADD_U_INT32(dptr, tid->at_addr[1]);
+ ADD_U_INT32(dptr, tid->at_addr[2]);
+ ADD_U_INT32(dptr, tid->at_addr[3]);
+ }
return (t);
}
@@ -969,7 +980,16 @@ au_to_subject32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid,
token_t *t;
u_char *dptr = NULL;
- GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 * sizeof(u_int32_t));
+ if (tid->at_type == AU_IPv4)
+ GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 10 *
+ sizeof(u_int32_t));
+ else if (tid->at_type == AU_IPv6)
+ GET_TOKEN_AREA(t, dptr, sizeof(u_char) + 13 *
+ sizeof(u_int32_t));
+ else {
+ errno = EINVAL;
+ return (NULL);
+ }
if (t == NULL)
return (NULL);
@@ -984,9 +1004,11 @@ au_to_subject32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid,
ADD_U_INT32(dptr, tid->at_port);
ADD_U_INT32(dptr, tid->at_type);
ADD_U_INT32(dptr, tid->at_addr[0]);
- ADD_U_INT32(dptr, tid->at_addr[1]);
- ADD_U_INT32(dptr, tid->at_addr[2]);
- ADD_U_INT32(dptr, tid->at_addr[3]);
+ if (tid->at_type == AU_IPv6) {
+ ADD_U_INT32(dptr, tid->at_addr[1]);
+ ADD_U_INT32(dptr, tid->at_addr[2]);
+ ADD_U_INT32(dptr, tid->at_addr[3]);
+ }
return (t);
}
diff --git a/contrib/openbsm/man/audit.log.5 b/contrib/openbsm/man/audit.log.5
index 87e1ab354c41..b53b1fc4f5e0 100644
--- a/contrib/openbsm/man/audit.log.5
+++ b/contrib/openbsm/man/audit.log.5
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.log.5#8 $
+.\" $P4: //depot/projects/trustedbsd/openbsm/man/audit.log.5#9 $
.\"
.Dd May 1, 2005
.Dt AUDIT.LOG 5
@@ -218,7 +218,7 @@ token can be created using
.It Li "Protocol" Ta "1 byte" Ta "IP protocol number"
.It Li "Checksum" Ta "2 bytes" Ta "IP header checksum, network byte order"
.It Li "Source Address" Ta "4 bytes" Ta "IPv4 source address"
-.It Li "Desintation Address" Ta "4 bytes" Ta "IPv4 destination address"
+.It Li "Destination Address" Ta "4 bytes" Ta "IPv4 destination address"
.El
.Ss Expanded ip Token
The
diff --git a/contrib/openbsm/test/bsm/generate.c b/contrib/openbsm/test/bsm/generate.c
index 89449313b5b1..12bc462904a9 100644
--- a/contrib/openbsm/test/bsm/generate.c
+++ b/contrib/openbsm/test/bsm/generate.c
@@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/test/bsm/generate.c#3 $
+ * $P4: //depot/projects/trustedbsd/openbsm/test/bsm/generate.c#4 $
*/
/*
@@ -31,6 +31,7 @@
*/
#include <sys/types.h>
+#include <sys/socket.h>
#include <sys/stat.h>
#include <netinet/in.h>
@@ -267,6 +268,7 @@ static gid_t subject32_rgid = 0x09876543;
static pid_t subject32_pid = 0x13243546;
static au_asid_t subject32_sid = 0x97867564;
static au_tid_t subject32_tid = { 0x16593746 };
+static au_tid_addr_t subject32_tid_addr = { 0x16593746 };
static void
generate_subject32_token(const char *directory, const char *token_filename)
@@ -298,6 +300,32 @@ generate_subject32_record(const char *directory, const char *record_filename)
write_record(directory, record_filename, subject32_token, AUE_NULL);
}
+static void
+generate_subject32ex_token(const char *directory, const char *token_filename,
+ u_int32_t type)
+{
+ token_t *subject32ex_token;
+ char *buf;
+
+ buf = (char *)malloc(strlen(token_filename) + 6);
+ if (type == AU_IPv6) {
+ inet_pton(AF_INET6, "fe80::1", subject32_tid_addr.at_addr);
+ subject32_tid_addr.at_type = AU_IPv6;
+ sprintf(buf, "%s%s", token_filename, "-IPv6");
+ } else {
+ subject32_tid_addr.at_addr[0] = inet_addr("127.0.0.1");
+ subject32_tid_addr.at_type = AU_IPv4;
+ sprintf(buf, "%s%s", token_filename, "-IPv4");
+ }
+
+ subject32ex_token = au_to_subject32_ex(subject32_auid, subject32_euid,
+ subject32_egid, subject32_ruid, subject32_rgid, subject32_pid,
+ subject32_sid, &subject32_tid_addr);
+ if (subject32ex_token == NULL)
+ err(EX_UNAVAILABLE, "au_to_subject32_ex");
+ write_token(directory, buf, subject32ex_token);
+}
+
static au_id_t process32_auid = 0x12345678;
static uid_t process32_euid = 0x01234567;
static gid_t process32_egid = 0x23456789;
@@ -306,6 +334,7 @@ static gid_t process32_rgid = 0x09876543;
static pid_t process32_pid = 0x13243546;
static au_asid_t process32_sid = 0x97867564;
static au_tid_t process32_tid = { 0x16593746 };
+static au_tid_addr_t process32_tid_addr = { 0x16593746 };
static void
generate_process32_token(const char *directory, const char *token_filename)
@@ -337,6 +366,22 @@ generate_process32_record(const char *directory, const char *record_filename)
write_record(directory, record_filename, process32_token, AUE_NULL);
}
+static void
+generate_process32ex_token(const char *directory, const char *token_filename)
+{
+ token_t *process32ex_token;
+
+ process32_tid_addr.at_addr[0] = inet_addr("127.0.0.1");
+ process32_tid_addr.at_type = AU_IPv4;
+
+ process32ex_token = au_to_process32_ex(process32_auid, process32_euid,
+ process32_egid, process32_ruid, process32_rgid, process32_pid,
+ process32_sid, &process32_tid_addr);
+ if (process32ex_token == NULL)
+ err(EX_UNAVAILABLE, "au_to_process32_ex");
+ write_token(directory, token_filename, process32ex_token);
+}
+
static char return32_status = 0xd7;
static uint32_t return32_ret = 0x12345678;
@@ -713,7 +758,10 @@ main(int argc, char *argv[])
generate_ipc_token(directory, "ipc_token");
generate_path_token(directory, "path_token");
generate_subject32_token(directory, "subject32_token");
+ generate_subject32ex_token(directory, "subject32ex_token", AU_IPv4);
+ generate_subject32ex_token(directory, "subject32ex_token", AU_IPv6);
generate_process32_token(directory, "process32_token");
+ generate_process32ex_token(directory, "process32ex_token");
generate_return32_token(directory, "return32_token");
generate_text_token(directory, "text_token");
generate_opaque_token(directory, "opaque_token");
@@ -736,7 +784,10 @@ main(int argc, char *argv[])
generate_ipc_token(directory, "ipc_record");
generate_path_token(directory, "path_record");
generate_subject32_token(directory, "subject32_record");
+ generate_subject32ex_token(directory, "subject32ex_record", AU_IPv4);
+ generate_subject32ex_token(directory, "subject32ex_record", AU_IPv6);
generate_process32_token(directory, "process32_record");
+ generate_process32ex_token(directory, "process32ex_token");
generate_return32_token(directory, "return32_record");
generate_text_token(directory, "text_record");
generate_opaque_token(directory, "opaque_record");