svn commit: r363655 - in head/contrib/openbsm: . bin/auditd bin/auditdistd libauditd libbsm man sys/bsm
Christian S.J. Peron
csjp at FreeBSD.org
Tue Jul 28 20:06:19 UTC 2020
Author: csjp
Date: Tue Jul 28 20:06:16 2020
New Revision: 363655
URL: https://svnweb.freebsd.org/changeset/base/363655
Log:
Fixup some incorrect information and some comments. These changes
were cherry picked up the upstream OpenBSD repository. At some point we
will look at doing another import, but the diffs are substantial and will
require some careful testing.
Differential Revision: https://reviews.freebsd.org/D25021
MFC after: 2 weeks
Submitted by: gbe
Reviewed by: myself, bcr
Modified:
head/contrib/openbsm/CREDITS
head/contrib/openbsm/bin/auditd/auditd.c
head/contrib/openbsm/bin/auditdistd/auditdistd.c
head/contrib/openbsm/bin/auditdistd/proto_tls.c
head/contrib/openbsm/libauditd/auditd_lib.c
head/contrib/openbsm/libbsm/au_control.3
head/contrib/openbsm/libbsm/au_domain.3
head/contrib/openbsm/libbsm/au_errno.3
head/contrib/openbsm/libbsm/au_socket_type.3
head/contrib/openbsm/man/audit.log.5
head/contrib/openbsm/man/getaudit.2
head/contrib/openbsm/sys/bsm/audit.h
Modified: head/contrib/openbsm/CREDITS
==============================================================================
--- head/contrib/openbsm/CREDITS Tue Jul 28 19:50:39 2020 (r363654)
+++ head/contrib/openbsm/CREDITS Tue Jul 28 20:06:16 2020 (r363655)
@@ -36,6 +36,9 @@ the development of OpenBSM:
Ryan Steinmetz
The FreeBSD Foundation
Brooks Davis
+ Mateusz Piotrowski
+ Alan Somers
+ Aniket Pandey
In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel
Software's FlexeLint tool were used to identify a number of bugs in the
Modified: head/contrib/openbsm/bin/auditd/auditd.c
==============================================================================
--- head/contrib/openbsm/bin/auditd/auditd.c Tue Jul 28 19:50:39 2020 (r363654)
+++ head/contrib/openbsm/bin/auditd/auditd.c Tue Jul 28 20:06:16 2020 (r363655)
@@ -712,7 +712,7 @@ auditd_config_controls(void)
*/
err = auditd_set_qsize();
if (err) {
- auditd_log_err("audit_set_qsize() %s: %m",
+ auditd_log_err("auditd_set_qsize() %s: %m",
auditd_strerror(err));
ret = -1;
} else
Modified: head/contrib/openbsm/bin/auditdistd/auditdistd.c
==============================================================================
--- head/contrib/openbsm/bin/auditdistd/auditdistd.c Tue Jul 28 19:50:39 2020 (r363654)
+++ head/contrib/openbsm/bin/auditdistd/auditdistd.c Tue Jul 28 20:06:16 2020 (r363655)
@@ -523,7 +523,7 @@ main_loop(void)
}
TAILQ_FOREACH(adhost, &adcfg->adc_hosts, adh_next) {
if (adhost->adh_role == ADIST_ROLE_SENDER) {
- /* Only sender workers asks for connections. */
+ /* Only sender workers ask for connections. */
PJDLOG_ASSERT(adhost->adh_conn != NULL);
fd = proto_descriptor(adhost->adh_conn);
PJDLOG_ASSERT(fd >= 0);
Modified: head/contrib/openbsm/bin/auditdistd/proto_tls.c
==============================================================================
--- head/contrib/openbsm/bin/auditdistd/proto_tls.c Tue Jul 28 19:50:39 2020 (r363654)
+++ head/contrib/openbsm/bin/auditdistd/proto_tls.c Tue Jul 28 20:06:16 2020 (r363655)
@@ -413,7 +413,7 @@ tls_exec_client(const char *user, int startfd, const c
tls_certificate_verify(ssl, fingerprint);
/*
- * The following byte is send to make proto_connect_wait() to work.
+ * The following byte is sent to make proto_connect_wait() work.
*/
connected = 1;
for (;;) {
@@ -460,7 +460,7 @@ tls_call_exec_client(struct proto_conn *sock, const ch
proto_close(sock);
} else {
/*
- * The FD_CLOEXEC is cleared by dup2(2), so when we not
+ * The FD_CLOEXEC is cleared by dup2(2), so when we do not
* call it, we have to clear it by hand in case it is set.
*/
if (fcntl(startfd, F_SETFD, 0) == -1)
Modified: head/contrib/openbsm/libauditd/auditd_lib.c
==============================================================================
--- head/contrib/openbsm/libauditd/auditd_lib.c Tue Jul 28 19:50:39 2020 (r363654)
+++ head/contrib/openbsm/libauditd/auditd_lib.c Tue Jul 28 20:06:16 2020 (r363655)
@@ -498,7 +498,7 @@ auditd_expire_trails(int (*warn_expired)(char *))
* update the mtime of the trail file to the current
* time. This is so we don't prematurely remove a trail
* file that was created while the system clock reset
- * to the * "beginning of time" but later the system
+ * to the "beginning of time" but later the system
* clock is set to the correct current time.
*/
if (current_time >= JAN_01_2000 &&
Modified: head/contrib/openbsm/libbsm/au_control.3
==============================================================================
--- head/contrib/openbsm/libbsm/au_control.3 Tue Jul 28 19:50:39 2020 (r363654)
+++ head/contrib/openbsm/libbsm/au_control.3 Tue Jul 28 20:06:16 2020 (r363655)
@@ -201,7 +201,7 @@ converts an audit policy flags string,
.Fa polstr ,
to a numeric audit policy mask returned via
.Fa policy .
-.Sh RETURN VALULES
+.Sh RETURN VALUES
The
.Fn getacfilesz ,
.Fn getacdir ,
Modified: head/contrib/openbsm/libbsm/au_domain.3
==============================================================================
--- head/contrib/openbsm/libbsm/au_domain.3 Tue Jul 28 19:50:39 2020 (r363654)
+++ head/contrib/openbsm/libbsm/au_domain.3 Tue Jul 28 20:06:16 2020 (r363655)
@@ -62,7 +62,7 @@ The
function accepts a local domain, and returns the BSM domain for it.
This call cannot fail, and instead returns a BSM domain indicating to a later
decoder that the domain could not be encoded.
-.Sh RETURN VALULES
+.Sh RETURN VALUES
On success,
.Fn au_bsm_to_domain
returns 0 and a converted domain; on failure, it returns -1 but does not set
Modified: head/contrib/openbsm/libbsm/au_errno.3
==============================================================================
--- head/contrib/openbsm/libbsm/au_errno.3 Tue Jul 28 19:50:39 2020 (r363654)
+++ head/contrib/openbsm/libbsm/au_errno.3 Tue Jul 28 20:06:16 2020 (r363655)
@@ -76,7 +76,7 @@ function converts a BSM error value to a string, gener
local error number and using the local
.Xr strerror 3
function, but will also work for errors that are not locally defined.
-.Sh RETURN VALULES
+.Sh RETURN VALUES
On success,
.Fn au_bsm_to_errno
returns 0 and a converted error value; on failure, it returns -1 but does not
Modified: head/contrib/openbsm/libbsm/au_socket_type.3
==============================================================================
--- head/contrib/openbsm/libbsm/au_socket_type.3 Tue Jul 28 19:50:39 2020 (r363654)
+++ head/contrib/openbsm/libbsm/au_socket_type.3 Tue Jul 28 20:06:16 2020 (r363655)
@@ -61,7 +61,7 @@ operating system.
function accepts a local socket type, and returns the BSM socket type for it.
This call cannot fail, and instead returns a BSM socket type indicating to a
later decoder that the socket type could not be encoded.
-.Sh RETURN VALULES
+.Sh RETURN VALUES
On success,
.Fn au_bsm_to_socket_type
returns 0 and a converted socket type; on failure, it returns -1 but does not
Modified: head/contrib/openbsm/man/audit.log.5
==============================================================================
--- head/contrib/openbsm/man/audit.log.5 Tue Jul 28 19:50:39 2020 (r363654)
+++ head/contrib/openbsm/man/audit.log.5 Tue Jul 28 20:06:16 2020 (r363655)
@@ -102,7 +102,7 @@ token can be created using
.It Sy "Field Bytes Description"
.It "Token ID 1 byte Token ID"
.It "Record Byte Count 4 bytes Number of bytes in record"
-.It "Version Number 2 bytes Record version number"
+.It "Version Number 1 byte Record version number"
.It "Event Type 2 bytes Event type"
.It "Event Modifier 2 bytes Event sub-type"
.It "Seconds 4/8 bytes Record time stamp (32/64-bits)"
@@ -126,7 +126,7 @@ token can be created using
.It Sy "Field Bytes Description"
.It "Token ID 1 byte Token ID"
.It "Record Byte Count 4 bytes Number of bytes in record"
-.It "Version Number 2 bytes Record version number"
+.It "Version Number 1 byte Record version number"
.It "Event Type 2 bytes Event type"
.It "Event Modifier 2 bytes Event sub-type"
.It "Address Type/Length 1 byte Host address type and length"
@@ -325,7 +325,7 @@ or
.It "Process ID 4 bytes Process ID"
.It "Session ID 4 bytes Audit session ID"
.It "Terminal Port ID 4/8 bytes Terminal port ID (32/64-bits)"
-.It "Terminal Address Type/Length 1 byte Length of machine address"
+.It "Terminal Address Type/Length 4 bytes Length of machine address"
.It "Terminal Machine Address 4 bytes IPv4 or IPv6 address of machine"
.El
.Ss Return Token
Modified: head/contrib/openbsm/man/getaudit.2
==============================================================================
--- head/contrib/openbsm/man/getaudit.2 Tue Jul 28 19:50:39 2020 (r363654)
+++ head/contrib/openbsm/man/getaudit.2 Tue Jul 28 20:06:16 2020 (r363655)
@@ -24,7 +24,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd October 19, 2008
+.Dd March 14, 2018
.Dt GETAUDIT 2
.Os
.Sh NAME
@@ -62,6 +62,7 @@ struct auditinfo {
au_mask_t ai_mask; /* Audit masks */
au_tid_t ai_termid; /* Terminal ID */
au_asid_t ai_asid; /* Audit session ID */
+ au_asflgs_t ai_flags; /* Audit session flags. */
};
typedef struct auditinfo auditinfo_t;
.Ed
Modified: head/contrib/openbsm/sys/bsm/audit.h
==============================================================================
--- head/contrib/openbsm/sys/bsm/audit.h Tue Jul 28 19:50:39 2020 (r363654)
+++ head/contrib/openbsm/sys/bsm/audit.h Tue Jul 28 20:06:16 2020 (r363655)
@@ -46,7 +46,7 @@
#define MIN_AUDIT_FILE_SIZE (512 * 1024)
/*
- * Minimum noumber of free blocks on the filesystem containing the audit
+ * Minimum number of free blocks on the filesystem containing the audit
* log necessary to avoid a hard log rotation. DO NOT SET THIS VALUE TO 0
* as the kernel does an unsigned compare, plus we want to leave a few blocks
* free so userspace can terminate the log, etc.
@@ -249,14 +249,14 @@ typedef struct au_token token_t;
/*
* Kernel audit queue control parameters:
* Default: Maximum:
- * aq_hiwater: AQ_HIWATER (100) AQ_MAXHIGH (10000)
+ * aq_hiwater: AQ_HIWATER (100) AQ_MAXHIGH (10000)
* aq_lowater: AQ_LOWATER (10) <aq_hiwater
* aq_bufsz: AQ_BUFSZ (32767) AQ_MAXBUFSZ (1048576)
- * aq_delay: 20 20000 (not used)
+ * aq_delay: 20 20000 (not used)
*/
struct au_qctrl {
int aq_hiwater; /* Max # of audit recs in queue when */
- /* threads with new ARs get blocked. */
+ /* threads with new ARs get blocked. */
int aq_lowater; /* # of audit recs in queue when */
/* blocked threads get unblocked. */
More information about the svn-src-head
mailing list