#ifndef _H_CCAUDIT
#define _H_CCAUDIT
#include <security_utilities/utilities.h>
#include <mach/message.h> // audit_token_t
#include <bsm/audit.h> // au_tid_t, etc.
#include <bsm/audit_kevents.h> // AUE_NULL
namespace Security {
namespace CommonCriteria {
class AuditToken;
class TerminalId: public PodWrapper<TerminalId, au_tid_t>
{
public:
TerminalId();
TerminalId(const TerminalId &t) { set(t); }
TerminalId(const au_tid_t &tid) { set(tid); }
~TerminalId() { }
void set(const au_tid_t &tid) { port = tid.port; machine = tid.machine; }
};
class AuditToken {
public:
AuditToken(const audit_token_t &token);
~AuditToken() { }
audit_token_t auditToken() const { return mAuditToken; }
uid_t auditId() const { return mAuditId; }
uid_t euid() const { return mEuid; }
gid_t egid() const { return mEgid; }
uid_t ruid() const { return mRuid; }
gid_t rgid() const { return mRgid; }
pid_t pid() const { return mPid; }
au_asid_t sessionId() const { return mSessionId; }
const au_tid_t &terminalId() const { return mTerminalId; }
private:
audit_token_t mAuditToken;
uid_t mAuditId;
uid_t mEuid;
gid_t mEgid;
uid_t mRuid;
gid_t mRgid;
pid_t mPid; au_asid_t mSessionId;
TerminalId mTerminalId;
};
class AuditInfo : public PodWrapper<AuditInfo, auditinfo_addr_t> {
public:
void get();
void get(au_asid_t session);
void getPid(pid_t pid);
void set();
void create(uint64_t flags, uid_t auid = AU_DEFAUDITID);
uid_t uid() const { return this->ai_auid; }
uint64_t flags() const { return this->ai_flags; }
au_asid_t sessionId() const { return this->ai_asid; }
static AuditInfo current() { AuditInfo info; info.get(); return info; }
};
enum ExternalErrors
{
errNone = 0,
errInvalidCredential = 1111, errUserCanceled,
errTooManyTries,
errAuthDenied, errEndOfExternalErrors };
class AuditMask
{
public:
AuditMask(unsigned int s = AUE_NULL, unsigned int f = AUE_NULL)
{
mMask.am_success = s; mMask.am_failure = f;
}
~AuditMask() { }
const au_mask_t &get(void) const { return mMask; }
private:
au_mask_t mMask;
};
class AuditSession
{
public:
AuditSession(au_id_t auid, au_asid_t sid)
: mAuditId(auid), mSessionId(sid) { }
~AuditSession() { }
void registerSession(void);
void auditId(au_id_t auid) { mAuditId = auid; }
void eventMask(AuditMask &mask) { mEventMask = mask; }
void terminalId(TerminalId &tid) { mTerminalId = tid; }
void sessionId(au_asid_t sid) { mSessionId = sid; }
au_id_t auditId(void) { return mAuditId; }
AuditMask &eventMask(void) { return mEventMask; }
TerminalId &terminalId(void) { return mTerminalId; }
au_asid_t sessionId(void) { return mSessionId; }
private:
au_id_t mAuditId;
AuditMask mEventMask;
TerminalId mTerminalId;
au_asid_t mSessionId;
};
class AuditRecord
{
public:
AuditRecord(const AuditToken &auditToken)
: mAuditToken(auditToken) { }
AuditRecord(const audit_token_t &auditToken)
: mAuditToken(auditToken) { }
~AuditRecord() { }
void submit(const short event_code, const int returnCode,
const char *msg = NULL);
private:
AuditToken mAuditToken;
};
} }
#endif // _H_CCAUDIT