aboutsummaryrefslogtreecommitdiffstats
path: root/libbsm/bsm_token.c
diff options
context:
space:
mode:
Diffstat (limited to 'libbsm/bsm_token.c')
-rw-r--r--libbsm/bsm_token.c29
1 files changed, 22 insertions, 7 deletions
diff --git a/libbsm/bsm_token.c b/libbsm/bsm_token.c
index bceab6cb9ab7..a37dd630c57c 100644
--- a/libbsm/bsm_token.c
+++ b/libbsm/bsm_token.c
@@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#91 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#93 $
*/
#include <sys/types.h>
@@ -996,7 +996,7 @@ au_to_socket_ex(u_short so_domain, u_short so_type,
/*
* token ID 1 byte
* socket family 2 bytes
- * path 104 bytes
+ * path (up to) 104 bytes + NULL (NULL terminated string)
*/
token_t *
au_to_sock_unix(struct sockaddr_un *so)
@@ -1270,12 +1270,27 @@ token_t *
au_to_me(void)
{
auditinfo_t auinfo;
+ auditinfo_addr_t aia;
- if (getaudit(&auinfo) != 0)
- return (NULL);
-
- return (au_to_subject32(auinfo.ai_auid, geteuid(), getegid(),
- getuid(), getgid(), getpid(), auinfo.ai_asid, &auinfo.ai_termid));
+ /*
+ * Try to use getaudit_addr(2) first. If this kernel does not support
+ * it, then fall back on to getaudit(2).
+ */
+ if (getaudit_addr(&aia, sizeof(aia)) != 0) {
+ if (errno == ENOSYS) {
+ if (getaudit(&auinfo) != 0)
+ return (NULL);
+ return (au_to_subject32(auinfo.ai_auid, geteuid(),
+ getegid(), getuid(), getgid(), getpid(),
+ auinfo.ai_asid, &auinfo.ai_termid));
+ } else {
+ /* getaudit_addr(2) failed for some other reason. */
+ return (NULL);
+ }
+ }
+
+ return (au_to_subject32_ex(aia.ai_auid, geteuid(), getegid(), getuid(),
+ getgid(), getpid(), aia.ai_asid, &aia.ai_termid));
}
#endif