From a74e9b64e20e92d70c2d17bd424b076113ff09dd Mon Sep 17 00:00:00 2001
From: dtucker <dtucker>
Date: Mon, 25 Feb 2008 10:05:04 +0000
Subject: [PATCH]  - (dtucker) [configure.ac audit-bsm.c] Bug #1420: Add a
 local implementation    of aug_get_machine for systems that don't have their
 own (eg OS X, FreeBSD).    Help and testing from csjp at FreeBSD org, vgiffin
 at apple com.  ok djm@

---
 ChangeLog    |  3 +++
 audit-bsm.c  | 55 ++++++++++++++++++++++++++++++++++++++++++++++------
 configure.ac |  7 ++++++-
 3 files changed, 58 insertions(+), 7 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index e5e6587a..fa4df0b7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,9 @@
  - (dtucker) [openbsd-compat/fake-rfc2553.h] rename ssh_gai_strerror hack
    since it now conflicts with the helper function in misc.c.  From
    vinschen AT redhat.com.
+ - (dtucker) [configure.ac audit-bsm.c] Bug #1420: Add a local implementation
+   of aug_get_machine for systems that don't have their own (eg OS X, FreeBSD).
+   Help and testing from csjp at FreeBSD org, vgiffin at apple com.  ok djm@
 
 20080224
  - (tim) [contrib/cygwin/ssh-host-config]
diff --git a/audit-bsm.c b/audit-bsm.c
index 6e8bc492..f8322459 100644
--- a/audit-bsm.c
+++ b/audit-bsm.c
@@ -40,7 +40,9 @@
 #include <sys/types.h>
 
 #include <errno.h>
+#include <netdb.h>
 #include <stdarg.h>
+#include <string.h>
 #include <unistd.h>
 
 #include "ssh.h"
@@ -62,8 +64,6 @@
 #if defined(HAVE_GETAUDIT_ADDR)
 #define	AuditInfoStruct		auditinfo_addr
 #define AuditInfoTermID		au_tid_addr_t
-#define GetAuditFunc(a,b)	getaudit_addr((a),(b))
-#define GetAuditFuncText	"getaudit_addr"
 #define SetAuditFunc(a,b)	setaudit_addr((a),(b))
 #define SetAuditFuncText	"setaudit_addr"
 #define AUToSubjectFunc		au_to_subject_ex
@@ -71,18 +71,16 @@
 #else
 #define	AuditInfoStruct		auditinfo
 #define AuditInfoTermID		au_tid_t
-#define GetAuditFunc(a,b)	getaudit(a)
-#define GetAuditFuncText	"getaudit"
 #define SetAuditFunc(a,b)	setaudit(a)
 #define SetAuditFuncText	"setaudit"
 #define AUToSubjectFunc		au_to_subject
 #define AUToReturnFunc(a,b)	au_to_return((a), (u_int)(b))
 #endif
 
+#ifndef cannot_audit
 extern int	cannot_audit(int);
+#endif
 extern void	aug_init(void);
-extern dev_t	aug_get_port(void);
-extern int 	aug_get_machine(char *, u_int32_t *, u_int32_t *);
 extern void	aug_save_auid(au_id_t);
 extern void	aug_save_uid(uid_t);
 extern void	aug_save_euid(uid_t);
@@ -118,6 +116,51 @@ static AuditInfoTermID ssh_bsm_tid;
 
 /* Below is the low-level BSM interface code */
 
+/*
+ * aug_get_machine is only required on IPv6 capable machines, we use a
+ * different mechanism in audit_connection_from() for IPv4-only machines.
+ * getaudit_addr() is only present on IPv6 capable machines.
+ */
+#if defined(HAVE_AUG_GET_MACHINE) || !defined(HAVE_GETAUDIT_ADDR)
+extern int 	aug_get_machine(char *, u_int32_t *, u_int32_t *);
+#else
+static int
+aug_get_machine(char *host, u_int32_t *addr, u_int32_t *type)
+{
+	struct addrinfo *ai; 
+	struct sockaddr_in *in4;
+	struct sockaddr_in6 *in6;
+	int ret = 0, r;
+
+	if ((r = getaddrinfo(host, NULL, NULL, &ai)) != 0) {
+		error("BSM audit: getaddrinfo failed for %.100s: %.100s", host,
+		    r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r));
+		return -1;
+	}
+	
+	switch (ai->ai_family) {
+	case AF_INET:
+		in4 = (struct sockaddr_in *)ai->ai_addr;
+		*type = AU_IPv4;
+		memcpy(addr, &in4->sin_addr, sizeof(struct in_addr));
+		break;
+#ifdef AU_IPv6
+	case AF_INET6: 
+		in6 = (struct sockaddr_in6 *)ai->ai_addr;
+		*type = AU_IPv6;
+		memcpy(addr, &in6->sin6_addr, sizeof(struct in6_addr));
+		break;
+#endif
+	default:
+		error("BSM audit: unknown address family for %.100s: %d",
+		    host, ai->ai_family);
+		ret = -1;
+	}
+	freeaddrinfo(ai);
+	return ret;
+}
+#endif
+
 /*
  * Check if the specified event is selected (enabled) for auditing.
  * Returns 1 if the event is selected, 0 if not and -1 on failure.
diff --git a/configure.ac b/configure.ac
index 14047f68..02022a9f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -423,6 +423,11 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
 	    [Use tunnel device compatibility to OpenBSD])
 	AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
 	    [Prepend the address family to IP tunnel traffic])
+	m4_pattern_allow(AU_IPv)
+	AC_CHECK_DECL(AU_IPv4, [], 
+	    AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
+	    [#include <bsm/audit.h>]
+	)
 	;;
 *-*-dragonfly*)
 	SSHDLIBS="$SSHDLIBS -lcrypt"
@@ -1226,7 +1231,7 @@ AC_ARG_WITH(audit,
 		AC_CHECK_FUNCS(getaudit, [],
 		    [AC_MSG_ERROR(BSM enabled and required function not found)])
 		# These are optional
-		AC_CHECK_FUNCS(getaudit_addr)
+		AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
 		AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
 		;;
 	  debug)
-- 
2.45.2