Jason Tang jtang@tresys.com
This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Definition in file filter-internal.c.
#include "seaudit_internal.h"
#include "filter-internal.h"
#include <apol/util.h>
#include <errno.h>
#include <fnmatch.h>
#include <stdbool.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <libxml/uri.h>
Go to the source code of this file.
Classes | |
| struct | filter_criteria_t |
Typedefs | |
| typedef bool( | filter_is_set_func )(const seaudit_filter_t *filter) |
| typedef int( | filter_support_func )(const seaudit_message_t *msg) |
| typedef int( | filter_accept_func )(const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| typedef void( | filter_print_func )(const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
Functions | |
| int | filter_string_vector_read (apol_vector_t **v, const xmlChar *ch) |
| int | filter_string_read (char **dest, const xmlChar *ch) |
| int | filter_ulong_read (unsigned long *dest, const xmlChar *ch) |
| unsigned int | filter_uint_read (unsigned int *dest, const xmlChar *ch) |
| int | filter_int_read (int *dest, const xmlChar *ch) |
| void | filter_string_vector_print (const char *criteria_name, apol_vector_t *v, FILE *f, int tabs) |
| void | filter_string_print (const char *criteria_name, const char *s, FILE *f, int tabs) |
| void | filter_ulong_print (const char *criteria_name, const unsigned long val, FILE *f, int tabs) |
| void | filter_uint_print (const char *criteria_name, const unsigned int val, FILE *f, int tabs) |
| void | filter_int_print (const char *criteria_name, const int val, FILE *f, int tabs) |
| bool | filter_src_user_is_set (const seaudit_filter_t *filter) |
| int | filter_src_user_support (const seaudit_message_t *msg) |
| int | filter_src_user_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_src_user_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_src_user_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_src_role_is_set (const seaudit_filter_t *filter) |
| int | filter_src_role_support (const seaudit_message_t *msg) |
| int | filter_src_role_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_src_role_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_src_role_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_src_type_is_set (const seaudit_filter_t *filter) |
| int | filter_src_type_support (const seaudit_message_t *msg) |
| int | filter_src_type_read (seaudit_filter_t *filter, const xmlChar *ch) |
| int | filter_src_type_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| void | filter_src_type_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_tgt_user_is_set (const seaudit_filter_t *filter) |
| int | filter_tgt_user_support (const seaudit_message_t *msg) |
| int | filter_tgt_user_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_tgt_user_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_tgt_user_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_tgt_role_is_set (const seaudit_filter_t *filter) |
| int | filter_tgt_role_support (const seaudit_message_t *msg) |
| int | filter_tgt_role_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_tgt_role_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_tgt_role_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_tgt_type_is_set (const seaudit_filter_t *filter) |
| int | filter_tgt_type_support (const seaudit_message_t *msg) |
| int | filter_tgt_type_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_tgt_type_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_tgt_type_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_tgt_class_is_set (const seaudit_filter_t *filter) |
| int | filter_tgt_class_support (const seaudit_message_t *msg) |
| int | filter_tgt_class_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_tgt_class_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_tgt_class_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_perm_is_set (const seaudit_filter_t *filter) |
| int | filter_perm_support (const seaudit_message_t *msg) |
| int | filter_perm_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_perm_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_perm_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_exe_is_set (const seaudit_filter_t *filter) |
| int | filter_exe_support (const seaudit_message_t *msg) |
| int | filter_exe_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_exe_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_exe_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_host_is_set (const seaudit_filter_t *filter) |
| int | filter_host_support (const seaudit_message_t *msg) |
| int | filter_host_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_host_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_host_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_path_is_set (const seaudit_filter_t *filter) |
| int | filter_path_support (const seaudit_message_t *msg) |
| int | filter_path_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_path_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_path_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_inode_is_set (const seaudit_filter_t *filter) |
| int | filter_inode_support (const seaudit_message_t *msg) |
| int | filter_inode_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_inode_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_inode_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_pid_is_set (const seaudit_filter_t *filter) |
| int | filter_pid_support (const seaudit_message_t *msg) |
| int | filter_pid_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_pid_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_pid_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_comm_is_set (const seaudit_filter_t *filter) |
| int | filter_comm_support (const seaudit_message_t *msg) |
| int | filter_comm_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_comm_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_comm_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_anyaddr_is_set (const seaudit_filter_t *filter) |
| int | filter_anyaddr_support (const seaudit_message_t *msg) |
| int | filter_anyaddr_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_anyaddr_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_anyaddr_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_anyport_is_set (const seaudit_filter_t *filter) |
| int | filter_anyport_support (const seaudit_message_t *msg) |
| int | filter_anyport_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_anyport_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_anyport_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_laddr_is_set (const seaudit_filter_t *filter) |
| int | filter_laddr_support (const seaudit_message_t *msg) |
| int | filter_laddr_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_laddr_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_laddr_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_lport_is_set (const seaudit_filter_t *filter) |
| int | filter_lport_support (const seaudit_message_t *msg) |
| int | filter_lport_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_lport_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_lport_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_faddr_is_set (const seaudit_filter_t *filter) |
| int | filter_faddr_support (const seaudit_message_t *msg) |
| int | filter_faddr_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_faddr_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_faddr_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_fport_is_set (const seaudit_filter_t *filter) |
| int | filter_fport_support (const seaudit_message_t *msg) |
| int | filter_fport_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_fport_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_fport_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_saddr_is_set (const seaudit_filter_t *filter) |
| int | filter_saddr_support (const seaudit_message_t *msg) |
| int | filter_saddr_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_saddr_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_saddr_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_sport_is_set (const seaudit_filter_t *filter) |
| int | filter_sport_support (const seaudit_message_t *msg) |
| int | filter_sport_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_sport_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_sport_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_daddr_is_set (const seaudit_filter_t *filter) |
| int | filter_daddr_support (const seaudit_message_t *msg) |
| int | filter_daddr_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_daddr_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_daddr_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_dport_is_set (const seaudit_filter_t *filter) |
| int | filter_dport_support (const seaudit_message_t *msg) |
| int | filter_dport_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_dport_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_dport_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_port_is_set (const seaudit_filter_t *filter) |
| int | filter_port_support (const seaudit_message_t *msg) |
| int | filter_port_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_port_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_port_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_netif_is_set (const seaudit_filter_t *filter) |
| int | filter_netif_support (const seaudit_message_t *msg) |
| int | filter_netif_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_netif_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_netif_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_key_is_set (const seaudit_filter_t *filter) |
| int | filter_key_support (const seaudit_message_t *msg) |
| int | filter_key_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_key_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_key_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_cap_is_set (const seaudit_filter_t *filter) |
| int | filter_cap_support (const seaudit_message_t *msg) |
| int | filter_cap_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_cap_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_cap_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_avc_msg_type_is_set (const seaudit_filter_t *filter) |
| int | filter_avc_msg_type_support (const seaudit_message_t *msg __attribute__((unused))) |
| int | filter_avc_msg_type_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_avc_msg_type_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_avc_msg_type_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| bool | filter_date_is_set (const seaudit_filter_t *filter) |
| int | filter_date_support (const seaudit_message_t *msg) |
| int | filter_date_comp (const struct tm *t1, const struct tm *t2) |
| Given two dates compare them. | |
| int | filter_date_accept (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| int | filter_date_read (seaudit_filter_t *filter, const xmlChar *ch) |
| void | filter_date_print (const seaudit_filter_t *filter, const char *name, FILE *f, int tabs) |
| int | filter_is_accepted (const seaudit_filter_t *filter, const seaudit_message_t *msg) |
| Given a filter and a message, return non-zero if the msg is accepted by the filter according to the filter's criteria. | |
| bool | filter_parse_is_valid_tag (const xmlChar *tag) |
| filter_read_func * | filter_get_read_func (const xmlChar *name) |
| void | filter_parse_start_element (void *user_data, const xmlChar *name, const xmlChar **attrs) |
| void | filter_parse_end_element (void *user_data, const xmlChar *name) |
| void | filter_parse_characters (void *user_data, const xmlChar *ch, int len) |
| int | filter_parse_xml (struct filter_parse_state *state, const char *filename) |
| Parse the given XML file and fill in the passed in struct. | |
| void | filter_append_to_file (const seaudit_filter_t *filter, FILE *file, int tabs) |
| Append the given filter's values, in XML format, to a file handler. | |
Variables | |
| const struct filter_criteria_t | filter_criteria [] |
| Filter criteria are actually implemented as entries within this function pointer table. | |
|
|
Definition at line 1106 of file filter-internal.c. |
|
|
Definition at line 1107 of file filter-internal.c. |
|
|
Definition at line 1108 of file filter-internal.c. |
|
|
Definition at line 1109 of file filter-internal.c. |
|
||||||||||||
|
Definition at line 40 of file filter-internal.c. References apol_vector_append(), apol_vector_create_with_capacity(), and apol_vector_t. Referenced by filter_src_role_read(), filter_src_type_read(), filter_src_user_read(), filter_tgt_class_read(), filter_tgt_role_read(), filter_tgt_type_read(), and filter_tgt_user_read(). 00041 {
00042 char *s;
00043 if (*v == NULL && (*v = apol_vector_create_with_capacity(1, free)) == NULL) {
00044 return -1;
00045 }
00046 if ((s = xmlURIUnescapeString((const char *)ch, 0, NULL)) == NULL || apol_vector_append(*v, s) < 0) {
00047 free(s);
00048 return -1;
00049 }
00050 return 0;
00051 }
|
|
||||||||||||
|
Definition at line 53 of file filter-internal.c. Referenced by filter_anyaddr_read(), filter_comm_read(), filter_daddr_read(), filter_exe_read(), filter_faddr_read(), filter_host_read(), filter_laddr_read(), filter_netif_read(), filter_path_read(), filter_perm_read(), and filter_saddr_read(). 00054 {
00055 free(*dest);
00056 *dest = NULL;
00057 if ((*dest = xmlURIUnescapeString((const char *)ch, 0, NULL)) == NULL) {
00058 return -1;
00059 }
00060 return 0;
00061 }
|
|
||||||||||||
|
Definition at line 63 of file filter-internal.c. Referenced by filter_inode_read(). 00064 {
00065 char *s, *endptr;
00066 int retval = -1;
00067 if ((s = xmlURIUnescapeString((const char *)ch, 0, NULL)) == NULL) {
00068 return -1;
00069 }
00070 *dest = strtoul(s, &endptr, 10);
00071 if (*s != '\0' && *endptr == '\0') {
00072 retval = 0;
00073 }
00074 free(s);
00075 return retval;
00076 }
|
|
||||||||||||
|
Definition at line 78 of file filter-internal.c. Referenced by filter_pid_read(). 00079 {
00080 char *s, *endptr;
00081 int retval = -1;
00082 if ((s = xmlURIUnescapeString((const char *)ch, 0, NULL)) == NULL) {
00083 return -1;
00084 }
00085 *dest = (unsigned int)(strtoul(s, &endptr, 10));
00086 if (*s != '\0' && *endptr == '\0') {
00087 retval = 0;
00088 }
00089 free(s);
00090 return retval;
00091 }
|
|
||||||||||||
|
Definition at line 93 of file filter-internal.c. Referenced by filter_anyport_read(), filter_cap_read(), filter_dport_read(), filter_fport_read(), filter_key_read(), filter_lport_read(), filter_port_read(), and filter_sport_read(). 00094 {
00095 char *s, *endptr;
00096 int retval = -1;
00097 if ((s = xmlURIUnescapeString((const char *)ch, 0, NULL)) == NULL) {
00098 return -1;
00099 }
00100 *dest = (int)(strtol(s, &endptr, 10));
00101 if (*s != '\0' && *endptr == '\0') {
00102 retval = 0;
00103 }
00104 free(s);
00105 return retval;
00106 }
|
|
||||||||||||||||||||
|
Definition at line 108 of file filter-internal.c. References apol_vector_get_element(), apol_vector_get_size(), and apol_vector_t. Referenced by filter_src_role_print(), filter_src_type_print(), filter_src_user_print(), filter_tgt_class_print(), filter_tgt_role_print(), filter_tgt_type_print(), and filter_tgt_user_print(). 00109 {
00110 int i;
00111 size_t j;
00112 if (v == NULL) {
00113 return;
00114 }
00115 for (i = 0; i < tabs; i++)
00116 fprintf(f, "\t");
00117 fprintf(f, "<criteria type=\"%s\">\n", criteria_name);
00118 for (j = 0; j < apol_vector_get_size(v); j++) {
00119 xmlChar *s = xmlCharStrdup(apol_vector_get_element(v, j));
00120 xmlChar *escaped = xmlURIEscapeStr(s, NULL);
00121 for (i = 0; i < tabs + 1; i++) {
00122 fprintf(f, "\t");
00123 }
00124 fprintf(f, "<item>%s</item>\n", escaped);
00125 free(escaped);
00126 free(s);
00127 }
00128 for (i = 0; i < tabs; i++)
00129 fprintf(f, "\t");
00130 fprintf(f, "</criteria>\n");
00131 }
|
|
||||||||||||||||||||
|
Definition at line 133 of file filter-internal.c. Referenced by filter_anyaddr_print(), filter_comm_print(), filter_daddr_print(), filter_exe_print(), filter_faddr_print(), filter_host_print(), filter_laddr_print(), filter_netif_print(), filter_path_print(), filter_perm_print(), and filter_saddr_print(). 00134 {
00135 int i;
00136 xmlChar *t, *escaped;
00137 if (s == NULL) {
00138 return;
00139 }
00140 t = xmlCharStrdup(s);
00141 escaped = xmlURIEscapeStr(t, NULL);
00142 for (i = 0; i < tabs; i++)
00143 fprintf(f, "\t");
00144 fprintf(f, "<criteria type=\"%s\">\n", criteria_name);
00145 for (i = 0; i < tabs + 1; i++) {
00146 fprintf(f, "\t");
00147 }
00148 fprintf(f, "<item>%s</item>\n", escaped);
00149 for (i = 0; i < tabs; i++)
00150 fprintf(f, "\t");
00151 fprintf(f, "</criteria>\n");
00152 free(escaped);
00153 free(t);
00154 }
|
|
||||||||||||||||||||
|
Definition at line 156 of file filter-internal.c. Referenced by filter_inode_print(). 00157 {
00158 int i;
00159 for (i = 0; i < tabs; i++)
00160 fprintf(f, "\t");
00161 fprintf(f, "<criteria type=\"%s\">\n", criteria_name);
00162 for (i = 0; i < tabs + 1; i++) {
00163 fprintf(f, "\t");
00164 }
00165 fprintf(f, "<item>%lu</item>\n", val);
00166 for (i = 0; i < tabs; i++)
00167 fprintf(f, "\t");
00168 fprintf(f, "</criteria>\n");
00169 }
|
|
||||||||||||||||||||
|
Definition at line 171 of file filter-internal.c. Referenced by filter_pid_print(). 00172 {
00173 int i;
00174 for (i = 0; i < tabs; i++)
00175 fprintf(f, "\t");
00176 fprintf(f, "<criteria type=\"%s\">\n", criteria_name);
00177 for (i = 0; i < tabs + 1; i++) {
00178 fprintf(f, "\t");
00179 }
00180 fprintf(f, "<item>%u</item>\n", val);
00181 for (i = 0; i < tabs; i++)
00182 fprintf(f, "\t");
00183 fprintf(f, "</criteria>\n");
00184 }
|
|
||||||||||||||||||||
|
Definition at line 186 of file filter-internal.c. Referenced by filter_anyport_print(), filter_cap_print(), filter_dport_print(), filter_fport_print(), filter_key_print(), filter_lport_print(), filter_port_print(), and filter_sport_print(). 00187 {
00188 int i;
00189 for (i = 0; i < tabs; i++)
00190 fprintf(f, "\t");
00191 fprintf(f, "<criteria type=\"%s\">\n", criteria_name);
00192 for (i = 0; i < tabs + 1; i++) {
00193 fprintf(f, "\t");
00194 }
00195 fprintf(f, "<item>%d</item>\n", val);
00196 for (i = 0; i < tabs; i++)
00197 fprintf(f, "\t");
00198 fprintf(f, "</criteria>\n");
00199 }
|
|
|
Definition at line 203 of file filter-internal.c. References seaudit_filter_t, and seaudit_filter::src_users. 00204 {
00205 return filter->src_users != NULL;
00206 }
|
|
|
Definition at line 208 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, seaudit_avc_message::suser, and seaudit_message::type. 00209 {
00210 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->suser != NULL;
00211 }
|
|
||||||||||||
|
Definition at line 213 of file filter-internal.c. References apol_str_strcmp(), apol_vector_get_index(), seaudit_message::avc, seaudit_message::data, seaudit_filter_t, seaudit_message_t, seaudit_filter::src_users, and seaudit_avc_message::suser. 00214 {
00215 size_t i;
00216 return apol_vector_get_index(filter->src_users, msg->data.avc->suser, apol_str_strcmp, NULL, &i) == 0;
00217 }
|
|
||||||||||||
|
Definition at line 219 of file filter-internal.c. References filter_string_vector_read(), seaudit_filter_t, and seaudit_filter::src_users. 00220 {
00221 return filter_string_vector_read(&filter->src_users, ch);
00222 }
|
|
||||||||||||||||||||
|
Definition at line 224 of file filter-internal.c. References filter_string_vector_print(), seaudit_filter_t, and seaudit_filter::src_users. 00225 {
00226 filter_string_vector_print(name, filter->src_users, f, tabs);
00227 }
|
|
|
Definition at line 229 of file filter-internal.c. References seaudit_filter_t, and seaudit_filter::src_roles. 00230 {
00231 return filter->src_roles != NULL;
00232 }
|
|
|
Definition at line 234 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, seaudit_avc_message::srole, and seaudit_message::type. 00235 {
00236 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->srole != NULL;
00237 }
|
|
||||||||||||
|
Definition at line 239 of file filter-internal.c. References apol_str_strcmp(), apol_vector_get_index(), seaudit_message::avc, seaudit_message::data, seaudit_filter_t, seaudit_message_t, seaudit_filter::src_roles, and seaudit_avc_message::srole. 00240 {
00241 size_t i;
00242 return apol_vector_get_index(filter->src_roles, msg->data.avc->srole, apol_str_strcmp, NULL, &i) == 0;
00243 }
|
|
||||||||||||
|
Definition at line 245 of file filter-internal.c. References filter_string_vector_read(), seaudit_filter_t, and seaudit_filter::src_roles. 00246 {
00247 return filter_string_vector_read(&filter->src_roles, ch);
00248 }
|
|
||||||||||||||||||||
|
Definition at line 250 of file filter-internal.c. References filter_string_vector_print(), seaudit_filter_t, and seaudit_filter::src_roles. 00251 {
00252 filter_string_vector_print(name, filter->src_roles, f, tabs);
00253 }
|
|
|
Definition at line 255 of file filter-internal.c. References seaudit_filter_t, and seaudit_filter::src_types. 00256 {
00257 return filter->src_types != NULL;
00258 }
|
|
|
Definition at line 260 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, seaudit_avc_message::stype, and seaudit_message::type. 00261 {
00262 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->stype != NULL;
00263 }
|
|
||||||||||||
|
Definition at line 265 of file filter-internal.c. References filter_string_vector_read(), seaudit_filter_t, and seaudit_filter::src_types. 00266 {
00267 return filter_string_vector_read(&filter->src_types, ch);
00268 }
|
|
||||||||||||
|
Definition at line 270 of file filter-internal.c. References apol_str_strcmp(), apol_vector_get_index(), seaudit_message::avc, seaudit_message::data, seaudit_filter_t, seaudit_message_t, seaudit_filter::src_types, and seaudit_avc_message::stype. 00271 {
00272 size_t i;
00273 return apol_vector_get_index(filter->src_types, msg->data.avc->stype, apol_str_strcmp, NULL, &i) == 0;
00274 }
|
|
||||||||||||||||||||
|
Definition at line 276 of file filter-internal.c. References filter_string_vector_print(), seaudit_filter_t, and seaudit_filter::src_types. 00277 {
00278 filter_string_vector_print(name, filter->src_types, f, tabs);
00279 }
|
|
|
Definition at line 281 of file filter-internal.c. References seaudit_filter_t, and seaudit_filter::tgt_users. 00282 {
00283 return filter->tgt_users != NULL;
00284 }
|
|
|
Definition at line 286 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, seaudit_avc_message::tuser, and seaudit_message::type. 00287 {
00288 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->tuser != NULL;
00289 }
|
|
||||||||||||
|
Definition at line 291 of file filter-internal.c. References apol_str_strcmp(), apol_vector_get_index(), seaudit_message::avc, seaudit_message::data, seaudit_filter_t, seaudit_message_t, seaudit_filter::tgt_users, and seaudit_avc_message::tuser. 00292 {
00293 size_t i;
00294 return apol_vector_get_index(filter->tgt_users, msg->data.avc->tuser, apol_str_strcmp, NULL, &i) == 0;
00295 }
|
|
||||||||||||
|
Definition at line 297 of file filter-internal.c. References filter_string_vector_read(), seaudit_filter_t, and seaudit_filter::tgt_users. 00298 {
00299 return filter_string_vector_read(&filter->tgt_users, ch);
00300 }
|
|
||||||||||||||||||||
|
Definition at line 302 of file filter-internal.c. References filter_string_vector_print(), seaudit_filter_t, and seaudit_filter::tgt_users. 00303 {
00304 filter_string_vector_print(name, filter->tgt_users, f, tabs);
00305 }
|
|
|
Definition at line 307 of file filter-internal.c. References seaudit_filter_t, and seaudit_filter::tgt_roles. 00308 {
00309 return filter->tgt_roles != NULL;
00310 }
|
|
|
Definition at line 312 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, seaudit_avc_message::trole, and seaudit_message::type. 00313 {
00314 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->trole != NULL;
00315 }
|
|
||||||||||||
|
Definition at line 317 of file filter-internal.c. References apol_str_strcmp(), apol_vector_get_index(), seaudit_message::avc, seaudit_message::data, seaudit_filter_t, seaudit_message_t, seaudit_filter::tgt_roles, and seaudit_avc_message::trole. 00318 {
00319 size_t i;
00320 return apol_vector_get_index(filter->tgt_roles, msg->data.avc->trole, apol_str_strcmp, NULL, &i) == 0;
00321 }
|
|
||||||||||||
|
Definition at line 323 of file filter-internal.c. References filter_string_vector_read(), seaudit_filter_t, and seaudit_filter::tgt_roles. 00324 {
00325 return filter_string_vector_read(&filter->tgt_roles, ch);
00326 }
|
|
||||||||||||||||||||
|
Definition at line 328 of file filter-internal.c. References filter_string_vector_print(), seaudit_filter_t, and seaudit_filter::tgt_roles. 00329 {
00330 filter_string_vector_print(name, filter->tgt_roles, f, tabs);
00331 }
|
|
|
Definition at line 333 of file filter-internal.c. References seaudit_filter_t, and seaudit_filter::tgt_types. 00334 {
00335 return filter->tgt_types != NULL;
00336 }
|
|
|
Definition at line 338 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, seaudit_avc_message::ttype, and seaudit_message::type. 00339 {
00340 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->ttype != NULL;
00341 }
|
|
||||||||||||
|
Definition at line 343 of file filter-internal.c. References apol_str_strcmp(), apol_vector_get_index(), seaudit_message::avc, seaudit_message::data, seaudit_filter_t, seaudit_message_t, seaudit_filter::tgt_types, and seaudit_avc_message::ttype. 00344 {
00345 size_t i;
00346 return apol_vector_get_index(filter->tgt_types, msg->data.avc->ttype, apol_str_strcmp, NULL, &i) == 0;
00347 }
|
|
||||||||||||
|
Definition at line 349 of file filter-internal.c. References filter_string_vector_read(), seaudit_filter_t, and seaudit_filter::tgt_types. 00350 {
00351 return filter_string_vector_read(&filter->tgt_types, ch);
00352 }
|
|
||||||||||||||||||||
|
Definition at line 354 of file filter-internal.c. References filter_string_vector_print(), seaudit_filter_t, and seaudit_filter::tgt_types. 00355 {
00356 filter_string_vector_print(name, filter->tgt_types, f, tabs);
00357 }
|
|
|
Definition at line 359 of file filter-internal.c. References seaudit_filter_t, and seaudit_filter::tgt_classes. 00360 {
00361 return filter->tgt_classes != NULL;
00362 }
|
|
|
Definition at line 364 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, seaudit_avc_message::tclass, and seaudit_message::type. 00365 {
00366 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->tclass != NULL;
00367 }
|
|
||||||||||||
|
Definition at line 369 of file filter-internal.c. References apol_str_strcmp(), apol_vector_get_index(), seaudit_message::avc, seaudit_message::data, seaudit_filter_t, seaudit_message_t, seaudit_avc_message::tclass, and seaudit_filter::tgt_classes. 00370 {
00371 size_t i;
00372 return apol_vector_get_index(filter->tgt_classes, msg->data.avc->tclass, apol_str_strcmp, NULL, &i) == 0;
00373 }
|
|
||||||||||||
|
Definition at line 375 of file filter-internal.c. References filter_string_vector_read(), seaudit_filter_t, and seaudit_filter::tgt_classes. 00376 {
00377 return filter_string_vector_read(&filter->tgt_classes, ch);
00378 }
|
|
||||||||||||||||||||
|
Definition at line 380 of file filter-internal.c. References filter_string_vector_print(), seaudit_filter_t, and seaudit_filter::tgt_classes. 00381 {
00382 filter_string_vector_print(name, filter->tgt_classes, f, tabs);
00383 }
|
|
|
Definition at line 385 of file filter-internal.c. References seaudit_filter::perm, and seaudit_filter_t. 00386 {
00387 return filter->perm != NULL;
00388 }
|
|
|
Definition at line 390 of file filter-internal.c. References apol_vector_get_size(), seaudit_message::avc, seaudit_message::data, seaudit_avc_message::perms, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00391 {
00392 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->perms != NULL &&
00393 apol_vector_get_size(msg->data.avc->perms) >= 1;
00394 }
|
|
||||||||||||
|
Definition at line 396 of file filter-internal.c. References apol_vector_get_element(), apol_vector_get_size(), seaudit_message::avc, seaudit_message::data, seaudit_filter::perm, seaudit_avc_message::perms, seaudit_filter_t, and seaudit_message_t. 00397 {
00398 size_t i;
00399 for (i = 0; i < apol_vector_get_size(msg->data.avc->perms); i++) {
00400 const char *p = apol_vector_get_element(msg->data.avc->perms, i);
00401 if (fnmatch(filter->perm, p, 0) == 0) {
00402 return 1;
00403 }
00404 }
00405 return 0;
00406 }
|
|
||||||||||||
|
Definition at line 408 of file filter-internal.c. References filter_string_read(), seaudit_filter::perm, and seaudit_filter_t. 00409 {
00410 return filter_string_read(&filter->perm, ch);
00411 }
|
|
||||||||||||||||||||
|
Definition at line 413 of file filter-internal.c. References filter_string_print(), seaudit_filter::perm, and seaudit_filter_t. 00414 {
00415 filter_string_print(name, filter->perm, f, tabs);
00416 }
|
|
|
Definition at line 418 of file filter-internal.c. References seaudit_filter::exe, and seaudit_filter_t. 00419 {
00420 return filter->exe != NULL;
00421 }
|
|
|
Definition at line 423 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::exe, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00424 {
00425 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->exe != NULL;
00426 }
|
|
||||||||||||
|
Definition at line 428 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::exe, seaudit_filter::exe, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 433 of file filter-internal.c. References seaudit_filter::exe, filter_string_read(), and seaudit_filter_t. 00434 {
00435 return filter_string_read(&filter->exe, ch);
00436 }
|
|
||||||||||||||||||||
|
Definition at line 438 of file filter-internal.c. References seaudit_filter::exe, filter_string_print(), and seaudit_filter_t. 00439 {
00440 filter_string_print(name, filter->exe, f, tabs);
00441 }
|
|
|
Definition at line 443 of file filter-internal.c. References seaudit_filter::host, and seaudit_filter_t. 00444 {
00445 return filter->host != NULL;
00446 }
|
|
|
Definition at line 448 of file filter-internal.c. References seaudit_message::host, and seaudit_message_t. 00449 {
00450 return msg->host != NULL;
00451 }
|
|
||||||||||||
|
Definition at line 453 of file filter-internal.c. References seaudit_message::host, seaudit_filter::host, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 458 of file filter-internal.c. References filter_string_read(), seaudit_filter::host, and seaudit_filter_t. 00459 {
00460 return filter_string_read(&filter->host, ch);
00461 }
|
|
||||||||||||||||||||
|
Definition at line 463 of file filter-internal.c. References filter_string_print(), seaudit_filter::host, and seaudit_filter_t. 00464 {
00465 filter_string_print(name, filter->host, f, tabs);
00466 }
|
|
|
Definition at line 468 of file filter-internal.c. References seaudit_filter::path, and seaudit_filter_t. 00469 {
00470 return filter->path != NULL;
00471 }
|
|
|
Definition at line 473 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::path, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00474 {
00475 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->path != NULL;
00476 }
|
|
||||||||||||
|
Definition at line 478 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::path, seaudit_filter::path, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 483 of file filter-internal.c. References filter_string_read(), seaudit_filter::path, and seaudit_filter_t. 00484 {
00485 return filter_string_read(&filter->path, ch);
00486 }
|
|
||||||||||||||||||||
|
Definition at line 488 of file filter-internal.c. References filter_string_print(), seaudit_filter::path, and seaudit_filter_t. 00489 {
00490 filter_string_print(name, filter->path, f, tabs);
00491 }
|
|
|
Definition at line 493 of file filter-internal.c. References seaudit_filter::inode, and seaudit_filter_t. 00494 {
00495 return filter->inode != 0;
00496 }
|
|
|
Definition at line 498 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::is_inode, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00499 {
00500 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->is_inode;
00501 }
|
|
||||||||||||
|
Definition at line 503 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::inode, seaudit_filter::inode, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 508 of file filter-internal.c. References filter_ulong_read(), seaudit_filter::inode, and seaudit_filter_t. 00509 {
00510 return filter_ulong_read(&filter->inode, ch);
00511 }
|
|
||||||||||||||||||||
|
Definition at line 513 of file filter-internal.c. References filter_ulong_print(), seaudit_filter::inode, and seaudit_filter_t. 00514 {
00515 filter_ulong_print(name, filter->inode, f, tabs);
00516 }
|
|
|
Definition at line 518 of file filter-internal.c. References seaudit_filter::pid, and seaudit_filter_t. 00519 {
00520 return filter->pid != 0;
00521 }
|
|
|
Definition at line 523 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::is_pid, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00524 {
00525 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->is_pid;
00526 }
|
|
||||||||||||
|
Definition at line 528 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::pid, seaudit_filter::pid, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 533 of file filter-internal.c. References filter_uint_read(), seaudit_filter::pid, and seaudit_filter_t. 00534 {
00535 return filter_uint_read(&filter->pid, ch);
00536 }
|
|
||||||||||||||||||||
|
Definition at line 538 of file filter-internal.c. References filter_uint_print(), seaudit_filter::pid, and seaudit_filter_t. 00539 {
00540 filter_uint_print(name, filter->pid, f, tabs);
00541 }
|
|
|
Definition at line 543 of file filter-internal.c. References seaudit_filter::comm, and seaudit_filter_t. 00544 {
00545 return filter->comm != NULL;
00546 }
|
|
|
Definition at line 548 of file filter-internal.c. References seaudit_message::avc, seaudit_avc_message::comm, seaudit_message::data, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00549 {
00550 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->comm != NULL;
00551 }
|
|
||||||||||||
|
Definition at line 553 of file filter-internal.c. References seaudit_message::avc, seaudit_avc_message::comm, seaudit_filter::comm, seaudit_message::data, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 558 of file filter-internal.c. References seaudit_filter::comm, filter_string_read(), and seaudit_filter_t. 00559 {
00560 return filter_string_read(&filter->comm, ch);
00561 }
|
|
||||||||||||||||||||
|
Definition at line 563 of file filter-internal.c. References seaudit_filter::comm, filter_string_print(), and seaudit_filter_t. 00564 {
00565 filter_string_print(name, filter->comm, f, tabs);
00566 }
|
|
|
Definition at line 568 of file filter-internal.c. References seaudit_filter::anyaddr, and seaudit_filter_t. 00569 {
00570 return filter->anyaddr != NULL;
00571 }
|
|
|
Definition at line 573 of file filter-internal.c. References seaudit_message::avc, seaudit_avc_message::daddr, seaudit_message::data, seaudit_avc_message::faddr, seaudit_avc_message::ipaddr, seaudit_avc_message::laddr, seaudit_avc_message::saddr, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00574 {
00575 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && (msg->data.avc->saddr != NULL
00576 || msg->data.avc->daddr != NULL
00577 || msg->data.avc->faddr != NULL
00578 || msg->data.avc->laddr != NULL || msg->data.avc->ipaddr != NULL);
00579 }
|
|
||||||||||||
|
Definition at line 581 of file filter-internal.c. References seaudit_filter::anyaddr, seaudit_message::avc, seaudit_avc_message::daddr, seaudit_message::data, seaudit_avc_message::faddr, seaudit_avc_message::ipaddr, seaudit_avc_message::laddr, seaudit_avc_message::saddr, seaudit_filter_t, and seaudit_message_t. 00582 {
00583 if (msg->data.avc->saddr && fnmatch(filter->anyaddr, msg->data.avc->saddr, 0) == 0)
00584 return 1;
00585 if (msg->data.avc->daddr && fnmatch(filter->anyaddr, msg->data.avc->daddr, 0) == 0)
00586 return 1;
00587 if (msg->data.avc->faddr && fnmatch(filter->anyaddr, msg->data.avc->faddr, 0) == 0)
00588 return 1;
00589 if (msg->data.avc->laddr && fnmatch(filter->anyaddr, msg->data.avc->laddr, 0) == 0)
00590 return 1;
00591 if (msg->data.avc->ipaddr && fnmatch(filter->anyaddr, msg->data.avc->ipaddr, 0) == 0)
00592 return 1;
00593 return 0;
00594 }
|
|
||||||||||||
|
Definition at line 596 of file filter-internal.c. References seaudit_filter::anyaddr, filter_string_read(), and seaudit_filter_t. 00597 {
00598 return filter_string_read(&filter->anyaddr, ch);
00599 }
|
|
||||||||||||||||||||
|
Definition at line 601 of file filter-internal.c. References seaudit_filter::anyaddr, filter_string_print(), and seaudit_filter_t. 00602 {
00603 filter_string_print(name, filter->anyaddr, f, tabs);
00604 }
|
|
|
Definition at line 606 of file filter-internal.c. References seaudit_filter::anyport, and seaudit_filter_t. 00607 {
00608 return filter->anyport != 0;
00609 }
|
|
|
Definition at line 611 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::dest, seaudit_avc_message::fport, seaudit_avc_message::lport, seaudit_avc_message::port, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, seaudit_avc_message::source, and seaudit_message::type. 00612 {
00613 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && (msg->data.avc->port != 0 ||
00614 msg->data.avc->source != 0 ||
00615 msg->data.avc->dest != 0 ||
00616 msg->data.avc->fport != 0 || msg->data.avc->lport != 0);
00617 }
|
|
||||||||||||
|
Definition at line 619 of file filter-internal.c. References seaudit_filter::anyport, seaudit_message::avc, seaudit_message::data, seaudit_avc_message::dest, seaudit_avc_message::fport, seaudit_avc_message::lport, seaudit_avc_message::port, seaudit_filter_t, seaudit_message_t, and seaudit_avc_message::source. 00620 {
00621 if (msg->data.avc->port != 0 && filter->anyport == msg->data.avc->port) {
00622 return 1;
00623 }
00624 if (msg->data.avc->source != 0 && filter->anyport == msg->data.avc->source) {
00625 return 1;
00626 }
00627 if (msg->data.avc->dest != 0 && filter->anyport == msg->data.avc->dest) {
00628 return 1;
00629 }
00630 if (msg->data.avc->fport != 0 && filter->anyport == msg->data.avc->fport) {
00631 return 1;
00632 }
00633 if (msg->data.avc->lport != 0 && filter->anyport == msg->data.avc->lport) {
00634 return 1;
00635 }
00636 return 0;
00637 }
|
|
||||||||||||
|
Definition at line 639 of file filter-internal.c. References seaudit_filter::anyport, filter_int_read(), and seaudit_filter_t. 00640 {
00641 return filter_int_read(&filter->anyport, ch);
00642 }
|
|
||||||||||||||||||||
|
Definition at line 644 of file filter-internal.c. References seaudit_filter::anyport, filter_int_print(), and seaudit_filter_t. 00645 {
00646 filter_int_print(name, filter->anyport, f, tabs);
00647 }
|
|
|
Definition at line 649 of file filter-internal.c. References seaudit_filter::laddr, and seaudit_filter_t. 00650 {
00651 return filter->laddr != NULL;
00652 }
|
|
|
Definition at line 654 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::laddr, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00655 {
00656 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->laddr != NULL;
00657 }
|
|
||||||||||||
|
Definition at line 659 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::laddr, seaudit_filter::laddr, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 664 of file filter-internal.c. References filter_string_read(), seaudit_filter::laddr, and seaudit_filter_t. 00665 {
00666 return filter_string_read(&filter->laddr, ch);
00667 }
|
|
||||||||||||||||||||
|
Definition at line 669 of file filter-internal.c. References filter_string_print(), seaudit_filter::laddr, and seaudit_filter_t. 00670 {
00671 filter_string_print(name, filter->laddr, f, tabs);
00672 }
|
|
|
Definition at line 674 of file filter-internal.c. References seaudit_filter::lport, and seaudit_filter_t. 00675 {
00676 return filter->lport != 0;
00677 }
|
|
|
Definition at line 679 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::lport, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00680 {
00681 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->lport != 0;
00682 }
|
|
||||||||||||
|
Definition at line 684 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::lport, seaudit_filter::lport, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 689 of file filter-internal.c. References filter_int_read(), seaudit_filter::lport, and seaudit_filter_t. 00690 {
00691 return filter_int_read(&filter->lport, ch);
00692 }
|
|
||||||||||||||||||||
|
Definition at line 694 of file filter-internal.c. References filter_int_print(), seaudit_filter::lport, and seaudit_filter_t. 00695 {
00696 filter_int_print(name, filter->lport, f, tabs);
00697 }
|
|
|
Definition at line 699 of file filter-internal.c. References seaudit_filter::faddr, and seaudit_filter_t. 00700 {
00701 return filter->faddr != NULL;
00702 }
|
|
|
Definition at line 704 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::faddr, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00705 {
00706 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->faddr != NULL;
00707 }
|
|
||||||||||||
|
Definition at line 709 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::faddr, seaudit_filter::faddr, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 714 of file filter-internal.c. References seaudit_filter::faddr, filter_string_read(), and seaudit_filter_t. 00715 {
00716 return filter_string_read(&filter->faddr, ch);
00717 }
|
|
||||||||||||||||||||
|
Definition at line 719 of file filter-internal.c. References seaudit_filter::faddr, filter_string_print(), and seaudit_filter_t. 00720 {
00721 filter_string_print(name, filter->faddr, f, tabs);
00722 }
|
|
|
Definition at line 724 of file filter-internal.c. References seaudit_filter::fport, and seaudit_filter_t. 00725 {
00726 return filter->fport != 0;
00727 }
|
|
|
Definition at line 729 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::fport, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00730 {
00731 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->fport != 0;
00732 }
|
|
||||||||||||
|
Definition at line 734 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::fport, seaudit_filter::fport, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 739 of file filter-internal.c. References filter_int_read(), seaudit_filter::fport, and seaudit_filter_t. 00740 {
00741 return filter_int_read(&filter->fport, ch);
00742 }
|
|
||||||||||||||||||||
|
Definition at line 744 of file filter-internal.c. References filter_int_print(), seaudit_filter::fport, and seaudit_filter_t. 00745 {
00746 filter_int_print(name, filter->fport, f, tabs);
00747 }
|
|
|
Definition at line 749 of file filter-internal.c. References seaudit_filter::saddr, and seaudit_filter_t. 00750 {
00751 return filter->saddr != NULL;
00752 }
|
|
|
Definition at line 754 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::saddr, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00755 {
00756 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->saddr != NULL;
00757 }
|
|
||||||||||||
|
Definition at line 759 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::saddr, seaudit_filter::saddr, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 764 of file filter-internal.c. References filter_string_read(), seaudit_filter::saddr, and seaudit_filter_t. 00765 {
00766 return filter_string_read(&filter->saddr, ch);
00767 }
|
|
||||||||||||||||||||
|
Definition at line 769 of file filter-internal.c. References filter_string_print(), seaudit_filter::saddr, and seaudit_filter_t. 00770 {
00771 filter_string_print(name, filter->saddr, f, tabs);
00772 }
|
|
|
Definition at line 774 of file filter-internal.c. References seaudit_filter_t, and seaudit_filter::sport. 00775 {
00776 return filter->sport != 0;
00777 }
|
|
|
Definition at line 779 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, seaudit_avc_message::source, and seaudit_message::type. 00780 {
00781 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->source != 0;
00782 }
|
|
||||||||||||
|
Definition at line 784 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_filter_t, seaudit_message_t, seaudit_avc_message::source, and seaudit_filter::sport.
|
|
||||||||||||
|
Definition at line 789 of file filter-internal.c. References filter_int_read(), seaudit_filter_t, and seaudit_filter::sport. 00790 {
00791 return filter_int_read(&filter->sport, ch);
00792 }
|
|
||||||||||||||||||||
|
Definition at line 794 of file filter-internal.c. References filter_int_print(), seaudit_filter_t, and seaudit_filter::sport. 00795 {
00796 filter_int_print(name, filter->sport, f, tabs);
00797 }
|
|
|
Definition at line 799 of file filter-internal.c. References seaudit_filter::daddr, and seaudit_filter_t. 00800 {
00801 return filter->daddr != NULL;
00802 }
|
|
|
Definition at line 804 of file filter-internal.c. References seaudit_message::avc, seaudit_avc_message::daddr, seaudit_message::data, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00805 {
00806 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->daddr != NULL;
00807 }
|
|
||||||||||||
|
Definition at line 809 of file filter-internal.c. References seaudit_message::avc, seaudit_avc_message::daddr, seaudit_filter::daddr, seaudit_message::data, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 814 of file filter-internal.c. References seaudit_filter::daddr, filter_string_read(), and seaudit_filter_t. 00815 {
00816 return filter_string_read(&filter->daddr, ch);
00817 }
|
|
||||||||||||||||||||
|
Definition at line 819 of file filter-internal.c. References seaudit_filter::daddr, filter_string_print(), and seaudit_filter_t. 00820 {
00821 filter_string_print(name, filter->daddr, f, tabs);
00822 }
|
|
|
Definition at line 824 of file filter-internal.c. References seaudit_filter::dport, and seaudit_filter_t. 00825 {
00826 return filter->dport != 0;
00827 }
|
|
|
Definition at line 829 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::dest, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00830 {
00831 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->dest != 0;
00832 }
|
|
||||||||||||
|
Definition at line 834 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::dest, seaudit_filter::dport, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 839 of file filter-internal.c. References seaudit_filter::dport, filter_int_read(), and seaudit_filter_t. 00840 {
00841 return filter_int_read(&filter->dport, ch);
00842 }
|
|
||||||||||||||||||||
|
Definition at line 844 of file filter-internal.c. References seaudit_filter::dport, filter_int_print(), and seaudit_filter_t. 00845 {
00846 filter_int_print(name, filter->dport, f, tabs);
00847 }
|
|
|
Definition at line 849 of file filter-internal.c. References seaudit_filter::port, and seaudit_filter_t. 00850 {
00851 return filter->port != 0;
00852 }
|
|
|
Definition at line 854 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::port, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00855 {
00856 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->port != 0;
00857 }
|
|
||||||||||||
|
Definition at line 859 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::port, seaudit_filter::port, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 864 of file filter-internal.c. References filter_int_read(), seaudit_filter::port, and seaudit_filter_t. 00865 {
00866 return filter_int_read(&filter->port, ch);
00867 }
|
|
||||||||||||||||||||
|
Definition at line 869 of file filter-internal.c. References filter_int_print(), seaudit_filter::port, and seaudit_filter_t. 00870 {
00871 filter_int_print(name, filter->port, f, tabs);
00872 }
|
|
|
Definition at line 874 of file filter-internal.c. References seaudit_filter::netif, and seaudit_filter_t. 00875 {
00876 return filter->netif != NULL;
00877 }
|
|
|
Definition at line 879 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::netif, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00880 {
00881 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->netif != NULL;
00882 }
|
|
||||||||||||
|
Definition at line 884 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::netif, seaudit_filter::netif, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 889 of file filter-internal.c. References filter_string_read(), seaudit_filter::netif, and seaudit_filter_t. 00890 {
00891 return filter_string_read(&filter->netif, ch);
00892 }
|
|
||||||||||||||||||||
|
Definition at line 894 of file filter-internal.c. References filter_string_print(), seaudit_filter::netif, and seaudit_filter_t. 00895 {
00896 filter_string_print(name, filter->netif, f, tabs);
00897 }
|
|
|
Definition at line 899 of file filter-internal.c. References seaudit_filter::key, and seaudit_filter_t. 00900 {
00901 return filter->key != 0;
00902 }
|
|
|
Definition at line 904 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::is_key, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00905 {
00906 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->is_key;
00907 }
|
|
||||||||||||
|
Definition at line 909 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::key, seaudit_filter::key, seaudit_filter_t, and seaudit_message_t.
|
|
||||||||||||
|
Definition at line 914 of file filter-internal.c. References filter_int_read(), seaudit_filter::key, and seaudit_filter_t. 00915 {
00916 return filter_int_read(&filter->key, ch);
00917 }
|
|
||||||||||||||||||||
|
Definition at line 919 of file filter-internal.c. References filter_int_print(), seaudit_filter::key, and seaudit_filter_t. 00920 {
00921 filter_int_print(name, filter->key, f, tabs);
00922 }
|
|
|
Definition at line 924 of file filter-internal.c. References seaudit_filter::cap, and seaudit_filter_t. 00925 {
00926 return filter->cap != 0;
00927 }
|
|
|
Definition at line 929 of file filter-internal.c. References seaudit_message::avc, seaudit_message::data, seaudit_avc_message::is_capability, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00930 {
00931 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && msg->data.avc->is_capability;
00932 }
|
|
||||||||||||
|
Definition at line 934 of file filter-internal.c. References seaudit_message::avc, seaudit_avc_message::capability, seaudit_message::data, seaudit_filter::key, seaudit_filter_t, and seaudit_message_t. 00935 {
00936 return filter->key == msg->data.avc->capability;
00937 }
|
|
||||||||||||
|
Definition at line 939 of file filter-internal.c. References seaudit_filter::cap, filter_int_read(), and seaudit_filter_t. 00940 {
00941 return filter_int_read(&filter->cap, ch);
00942 }
|
|
||||||||||||||||||||
|
Definition at line 944 of file filter-internal.c. References seaudit_filter::cap, filter_int_print(), and seaudit_filter_t. 00945 {
00946 filter_int_print(name, filter->cap, f, tabs);
00947 }
|
|
|
Definition at line 949 of file filter-internal.c. References seaudit_filter::avc_msg_type, and seaudit_filter_t. 00950 {
00951 return filter->avc_msg_type != SEAUDIT_AVC_UNKNOWN;
00952 }
|
|
|
Definition at line 954 of file filter-internal.c. References seaudit_message_t. 00955 {
00956 return 1;
00957 }
|
|
||||||||||||
|
Definition at line 959 of file filter-internal.c. References seaudit_message::avc, seaudit_filter::avc_msg_type, seaudit_message::data, seaudit_avc_message::msg, seaudit_filter_t, seaudit_message_t, SEAUDIT_MESSAGE_TYPE_AVC, and seaudit_message::type. 00960 {
00961 return msg->type == SEAUDIT_MESSAGE_TYPE_AVC && filter->avc_msg_type == msg->data.avc->msg;
00962 }
|
|
||||||||||||
|
Definition at line 964 of file filter-internal.c. References seaudit_filter::avc_msg_type, and seaudit_filter_t. 00965 {
00966 char *s;
00967 if ((s = xmlURIUnescapeString((const char *)ch, 0, NULL)) == NULL) {
00968 return -1;
00969 }
00970 filter->avc_msg_type = atoi(s);
00971 free(s);
00972 return 0;
00973 }
|
|
||||||||||||||||||||
|
Definition at line 975 of file filter-internal.c. References seaudit_filter::avc_msg_type, and seaudit_filter_t. 00976 {
00977 int i;
00978 if (filter->avc_msg_type == SEAUDIT_AVC_UNKNOWN) {
00979 return;
00980 }
00981 for (i = 0; i < tabs; i++)
00982 fprintf(f, "\t");
00983 fprintf(f, "<criteria type=\"%s\">\n", name);
00984 for (i = 0; i < tabs + 1; i++) {
00985 fprintf(f, "\t");
00986 }
00987 fprintf(f, "<item>%d</item>\n", filter->avc_msg_type);
00988 for (i = 0; i < tabs; i++)
00989 fprintf(f, "\t");
00990 fprintf(f, "</criteria>\n");
00991 }
|
|
|
Definition at line 993 of file filter-internal.c. References seaudit_filter_t, and seaudit_filter::start. 00994 {
00995 return filter->start != NULL;
00996 }
|
|
|
Definition at line 998 of file filter-internal.c. References seaudit_message::date_stamp, and seaudit_message_t. 00999 {
01000 return msg->date_stamp != NULL;
01001 }
|
|
||||||||||||
|
Given two dates compare them. If both structs have years that are not zeroes then also compare their years. Definition at line 1007 of file filter-internal.c. Referenced by filter_date_accept(). 01008 {
01009 /* tm has year, month, day, hour, min, sec */
01010 /* check if we should compare the years */
01011 int retval;
01012 if (t1->tm_year != 0 && t2->tm_year != 0 && (retval = t1->tm_year - t2->tm_year) != 0) {
01013 return retval;
01014 }
01015 if ((retval = t1->tm_mon - t2->tm_mon) != 0) {
01016 return retval;
01017 }
01018 if ((retval = t1->tm_mday - t2->tm_mday) != 0) {
01019 return retval;
01020 }
01021 if ((retval = t1->tm_hour - t2->tm_hour) != 0) {
01022 return retval;
01023 }
01024 if ((retval = t1->tm_min - t2->tm_min) != 0) {
01025 return retval;
01026 }
01027 if ((retval = t1->tm_sec - t2->tm_sec) != 0) {
01028 return retval;
01029 }
01030 return 0;
01031 }
|
|
||||||||||||
|
Definition at line 1033 of file filter-internal.c. References seaudit_filter::date_match, seaudit_message::date_stamp, seaudit_filter::end, filter_date_comp(), seaudit_filter_t, seaudit_message_t, and seaudit_filter::start. 01034 {
01035 int compval = filter_date_comp(filter->start, msg->date_stamp);
01036 if (filter->date_match == SEAUDIT_FILTER_DATE_MATCH_BEFORE) {
01037 return compval > 0;
01038 } else if (filter->date_match == SEAUDIT_FILTER_DATE_MATCH_AFTER) {
01039 return compval < 0;
01040 } else {
01041 if (compval > 0)
01042 return 0;
01043 compval = filter_date_comp(msg->date_stamp, filter->end);
01044 return compval < 0;
01045 }
01046 }
|
|
||||||||||||
|
Definition at line 1048 of file filter-internal.c. References seaudit_filter::date_match, seaudit_filter::end, seaudit_filter_t, and seaudit_filter::start. 01049 {
01050 char *s;
01051 if ((s = xmlURIUnescapeString((const char *)ch, 0, NULL)) == NULL) {
01052 return -1;
01053 }
01054 if (filter->start == NULL) {
01055 if ((filter->start = calloc(1, sizeof(*(filter->start)))) == NULL) {
01056 free(s);
01057 return -1;
01058 }
01059 strptime(s, "%a %b %d %T %Y", filter->start);
01060 } else if (filter->end == NULL) {
01061 if ((filter->end = calloc(1, sizeof(*(filter->end)))) == NULL) {
01062 free(s);
01063 return -1;
01064 }
01065 strptime(s, "%a %b %d %T %Y", filter->end);
01066 } else {
01067 filter->date_match = atoi(s);
01068 }
01069 free(s);
01070 return 0;
01071 }
|
|
||||||||||||||||||||
|
Definition at line 1073 of file filter-internal.c. References seaudit_filter::date_match, seaudit_filter::end, seaudit_filter_t, and seaudit_filter::start. 01074 {
01075 int i;
01076 xmlChar *s, *escaped;
01077 if (filter->start == NULL) {
01078 return;
01079 }
01080 for (i = 0; i < tabs; i++)
01081 fprintf(f, "\t");
01082 fprintf(f, "<criteria type=\"%s\">\n", name);
01083 s = xmlCharStrdup(asctime(filter->start));
01084 escaped = xmlURIEscapeStr(s, NULL);
01085 for (i = 0; i < tabs + 1; i++) {
01086 fprintf(f, "\t");
01087 }
01088 fprintf(f, "<item>%s</item>\n", escaped);
01089 free(s);
01090 free(escaped);
01091 s = xmlCharStrdup(asctime(filter->end));
01092 escaped = xmlURIEscapeStr(s, NULL);
01093 for (i = 0; i < tabs + 1; i++)
01094 fprintf(f, "\t");
01095 fprintf(f, "<item>%s</item>\n", escaped);
01096 free(s);
01097 free(escaped);
01098 for (i = 0; i < tabs + 1; i++)
01099 fprintf(f, "\t");
01100 fprintf(f, "<item>%d</item>\n", filter->date_match);
01101 for (i = 0; i < tabs; i++)
01102 fprintf(f, "\t");
01103 fprintf(f, "</criteria>\n");
01104 }
|
|
||||||||||||
|
Given a filter and a message, return non-zero if the msg is accepted by the filter according to the filter's criteria. If the filter does not have enough information to decide (because the message is incomplete) then this should return 0.
Definition at line 1173 of file filter-internal.c. References filter_criteria_t::accept, filter_criteria, filter_criteria_t::is_set, seaudit_filter::match, SEAUDIT_FILTER_MATCH_ALL, SEAUDIT_FILTER_MATCH_ANY, seaudit_filter_t, seaudit_message_t, seaudit_filter::strict, and filter_criteria_t::support. Referenced by model_filter_message(). 01174 {
01175 bool tried_criterion = false;
01176 int acceptval;
01177 size_t i;
01178
01179 for (i = 0; i < sizeof(filter_criteria) / sizeof(filter_criteria[0]); i++) {
01180 if (filter_criteria[i].is_set(filter)) {
01181 tried_criterion = true;
01182 if (filter_criteria[i].support(msg)) {
01183 acceptval = filter_criteria[i].accept(filter, msg);
01184 } else if (filter->strict) {
01185 /* if filter is strict, then an
01186 unsupported criterion is assumed to
01187 not match */
01188 acceptval = 0;
01189 } else {
01190 /* for unstrict filters, unsupported
01191 criterion is assumed to be a don't
01192 care state */
01193 continue;
01194 }
01195 if (filter->match == SEAUDIT_FILTER_MATCH_ANY && acceptval == 1) {
01196 return 1;
01197 }
01198 if (filter->match == SEAUDIT_FILTER_MATCH_ALL && acceptval == 0) {
01199 return 0;
01200 }
01201 }
01202 }
01203 if (!tried_criterion) {
01204 /* if got here, then the filter had no set criterion */
01205 if (filter->strict) {
01206 /* a strict empty filter matches nothing */
01207 return 0;
01208 }
01209 return 1;
01210 }
01211 if (filter->match == SEAUDIT_FILTER_MATCH_ANY) {
01212 /* if got here, then no criterion was met */
01213 return 0;
01214 }
01215 /* if got here, then all criteria were met */
01216 return 1;
01217 }
|
|
|
Definition at line 1219 of file filter-internal.c. Referenced by filter_parse_end_element(), and filter_parse_start_element(). 01220 {
01221 static const char *parse_valid_tags[] = { "item", "criteria", "view", "filter", "desc", NULL };
01222 size_t i;
01223 for (i = 0; parse_valid_tags[i] != NULL; i++) {
01224 if (xmlStrcmp(tag, (xmlChar *) parse_valid_tags[i]) == 0) {
01225 return 1;
01226 }
01227 }
01228 return 0;
01229 }
|
|
|
Definition at line 1231 of file filter-internal.c. References filter_criteria, filter_read_func, and filter_criteria_t::read. Referenced by filter_parse_start_element(). 01232 {
01233 size_t i;
01234 for (i = 0; i < sizeof(filter_criteria) / sizeof(filter_criteria[0]); i++) {
01235 if (xmlStrcmp(name, (xmlChar *) filter_criteria[i].name) == 0) {
01236 return filter_criteria[i].read;
01237 }
01238 }
01239 return NULL;
01240 }
|
|
||||||||||||||||
|
Definition at line 1242 of file filter-internal.c. References apol_vector_append(), filter_parse_state::cur_filter, filter_parse_state::cur_filter_read, filter_parse_state::cur_string, filter_get_read_func(), filter_parse_is_valid_tag(), filter_parse_state::filters, seaudit_filter_create(), seaudit_filter_destroy(), seaudit_filter_match_e, seaudit_filter_set_match(), seaudit_filter_set_strict(), filter_parse_state::view_match, filter_parse_state::view_name, filter_parse_state::view_visible, and filter_parse_state::warnings. 01243 {
01244 struct filter_parse_state *state = user_data;
01245 size_t i;
01246 if (!filter_parse_is_valid_tag(name)) {
01247 state->warnings = 1;
01248 return;
01249 }
01250 if (xmlStrcmp(name, (xmlChar *) "view") == 0) {
01251 for (i = 0; attrs[i] != NULL && attrs[i + 1] != NULL; i += 2) {
01252 if (xmlStrcmp(attrs[i], (xmlChar *) "name") == 0) {
01253 free(state->view_name);
01254 state->view_name = xmlURIUnescapeString((const char *)attrs[i + 1], 0, NULL);
01255 } else if (xmlStrcmp(attrs[i], (xmlChar *) "match") == 0) {
01256 if (xmlStrcmp(attrs[i + 1], (xmlChar *) "all") == 0) {
01257 state->view_match = SEAUDIT_FILTER_MATCH_ALL;
01258 } else if (xmlStrcmp(attrs[i + 1], (xmlChar *) "any") == 0) {
01259 state->view_match = SEAUDIT_FILTER_MATCH_ANY;
01260 }
01261 } else if (xmlStrcmp(attrs[i], (xmlChar *) "show") == 0) {
01262 if (xmlStrcmp(attrs[i + 1], (xmlChar *) "true") == 0) {
01263 state->view_visible = SEAUDIT_FILTER_VISIBLE_SHOW;
01264 } else if (xmlStrcmp(attrs[i + 1], (xmlChar *) "hide") == 0) {
01265 state->view_visible = SEAUDIT_FILTER_VISIBLE_HIDE;
01266 }
01267 }
01268 }
01269 } else if (xmlStrcmp(name, (xmlChar *) "filter") == 0) {
01270 /* create a new filter and set it to be the one that is currently being parsed */
01271 char *filter_name = NULL;
01272 seaudit_filter_match_e match = SEAUDIT_FILTER_MATCH_ALL;
01273 bool strict = false;
01274 for (i = 0; attrs[i] != NULL && attrs[i + 1] != NULL; i += 2) {
01275 if (xmlStrcmp(attrs[i], (xmlChar *) "name") == 0) {
01276 free(filter_name);
01277 filter_name = xmlURIUnescapeString((const char *)attrs[i + 1], 0, NULL);
01278 } else if (xmlStrcmp(attrs[i], (xmlChar *) "match") == 0) {
01279 if (xmlStrcmp(attrs[i + 1], (xmlChar *) "all") == 0) {
01280 match = SEAUDIT_FILTER_MATCH_ALL;
01281 } else if (xmlStrcmp(attrs[i + 1], (xmlChar *) "any") == 0) {
01282 match = SEAUDIT_FILTER_MATCH_ANY;
01283 }
01284 } else if (xmlStrcmp(attrs[i], (xmlChar *) "strict") == 0) {
01285 if (xmlStrcmp(attrs[i + 1], (xmlChar *) "true") == 0) {
01286 strict = true;
01287 } else if (xmlStrcmp(attrs[i + 1], (xmlChar *) "false") == 0) {
01288 strict = false;
01289 }
01290 }
01291 }
01292 if ((state->cur_filter = seaudit_filter_create(filter_name)) != NULL) {
01293 if (apol_vector_append(state->filters, state->cur_filter) < 0) {
01294 seaudit_filter_destroy(&state->cur_filter);
01295 } else {
01296 seaudit_filter_set_match(state->cur_filter, match);
01297 seaudit_filter_set_strict(state->cur_filter, strict);
01298 }
01299 }
01300 free(filter_name);
01301 } else if (xmlStrcmp(name, (xmlChar *) "criteria") == 0) {
01302 for (i = 0; attrs[i] != NULL && attrs[i + 1] != NULL; i += 2) {
01303 if (xmlStrcmp(attrs[i], (xmlChar *) "type") == 0) {
01304 state->cur_filter_read = filter_get_read_func(attrs[i + 1]);
01305 }
01306 }
01307 }
01308 free(state->cur_string);
01309 state->cur_string = NULL;
01310 }
|
|
||||||||||||
|
Definition at line 1312 of file filter-internal.c. References filter_parse_state::cur_filter, filter_parse_state::cur_filter_read, filter_parse_state::cur_string, filter_parse_is_valid_tag(), seaudit_filter_set_description(), and filter_parse_state::warnings. 01313 {
01314 struct filter_parse_state *state = user_data;
01315 char *s;
01316 if (!filter_parse_is_valid_tag(name)) {
01317 state->warnings = 1;
01318 return;
01319 }
01320 if (xmlStrcmp(name, (xmlChar *) "desc") == 0) {
01321 if (state->cur_filter == NULL) {
01322 state->warnings = 1;
01323 } else {
01324 s = xmlURIUnescapeString((const char *)state->cur_string, 0, NULL);
01325 seaudit_filter_set_description(state->cur_filter, s);
01326 free(s);
01327 }
01328 } else if (xmlStrcmp(name, (xmlChar *) "item") == 0) {
01329 if (state->cur_filter == NULL || state->cur_filter_read == NULL) {
01330 state->warnings = 1;
01331 } else {
01332 state->cur_filter_read(state->cur_filter, state->cur_string);
01333 }
01334 } else if (xmlStrcmp(name, (xmlChar *) "filter") == 0) {
01335 state->cur_filter = NULL;
01336 } else if (xmlStrcmp(name, (xmlChar *) "criteria") == 0) {
01337 state->cur_filter_read = NULL;
01338 }
01339 free(state->cur_string);
01340 state->cur_string = NULL;
01341 }
|
|
||||||||||||||||
|
Definition at line 1343 of file filter-internal.c. References filter_parse_state::cur_string. 01344 {
01345 struct filter_parse_state *state = user_data;
01346 free(state->cur_string);
01347 state->cur_string = xmlStrndup(ch, len);
01348 }
|
|
||||||||||||
|
Parse the given XML file and fill in the passed in struct. The caller must create the struct and the vector within. Upon return, the caller must destroy the vector and free view_name.
Definition at line 1350 of file filter-internal.c. References filter_parse_state::cur_string, and filter_parse_state::warnings. Referenced by seaudit_filter_create_from_file(), and seaudit_model_create_from_file(). 01351 {
01352 xmlSAXHandler handler;
01353 int err;
01354
01355 memset(&handler, 0, sizeof(xmlSAXHandler));
01356 handler.startElement = filter_parse_start_element;
01357 handler.endElement = filter_parse_end_element;
01358 handler.characters = filter_parse_characters;
01359 err = xmlSAXUserParseFile(&handler, state, filename);
01360 free(state->cur_string);
01361 state->cur_string = NULL;
01362 if (err) {
01363 errno = EIO;
01364 return -1;
01365 }
01366 if (state->warnings) {
01367 return 1;
01368 }
01369 return 0;
01370 }
|
|
||||||||||||||||
|
Append the given filter's values, in XML format, to a file handler. This includes the filter's name and criteria.
Definition at line 1372 of file filter-internal.c. References seaudit_filter::desc, filter_criteria, seaudit_filter::match, seaudit_filter::name, filter_criteria_t::print, SEAUDIT_FILTER_MATCH_ALL, seaudit_filter_t, and seaudit_filter::strict. Referenced by seaudit_filter_save_to_file(), and seaudit_model_save_to_file(). 01373 {
01374 xmlChar *escaped;
01375 xmlChar *str_xml;
01376 int i;
01377 size_t j;
01378
01379 if (filter == NULL || file == NULL) {
01380 errno = EINVAL;
01381 return;
01382 }
01383
01384 if (filter->name == NULL) {
01385 str_xml = xmlCharStrdup("Unnamed");
01386 } else {
01387 str_xml = xmlCharStrdup(filter->name);
01388 }
01389 escaped = xmlURIEscapeStr(str_xml, NULL);
01390 for (i = 0; i < tabs; i++)
01391 fprintf(file, "\t");
01392 fprintf(file, "<filter name=\"%s\" match=\"%s\" strict=\"%s\">\n", escaped,
01393 filter->match == SEAUDIT_FILTER_MATCH_ALL ? "all" : "any", filter->strict ? "true" : "false");
01394 free(escaped);
01395 free(str_xml);
01396
01397 if (filter->desc != NULL) {
01398 str_xml = xmlCharStrdup(filter->desc);
01399 escaped = xmlURIEscapeStr(str_xml, NULL);
01400 for (i = 0; i < tabs + 1; i++)
01401 fprintf(file, "\t");
01402 fprintf(file, "<desc>%s</desc>\n", escaped);
01403 free(escaped);
01404 free(str_xml);
01405 }
01406 for (j = 0; j < sizeof(filter_criteria) / sizeof(filter_criteria[0]); j++) {
01407 filter_criteria[j].print(filter, filter_criteria[j].name, file, tabs + 1);
01408 }
01409 for (i = 0; i < tabs; i++)
01410 fprintf(file, "\t");
01411 fprintf(file, "</filter>\n");
01412 }
|
|
|
Filter criteria are actually implemented as entries within this function pointer table. During filter_is_accepted() each element of this table is retrieved; if the support functions returns non-zero then the accept function is called. To add new filter criteria, implement their support and accept functions and then append new entries to this table. Definition at line 1129 of file filter-internal.c. Referenced by filter_append_to_file(), filter_get_read_func(), and filter_is_accepted(). |
