/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License, Version 1.0 only
 * (the "License").  You may not use this file except in compliance
 * with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
/*
 * Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 */

#include <sys/socket.h>
#include <netinet/in.h>
#include <strings.h>
#include <sys/socket.h>

#include <bsm/audit.h>
#include <bsm/libbsm.h>
#include <bsm/audit_private.h>
#include <generic.h>

static int do_ipv6_address(struct sockaddr_in6 *, struct sockaddr_in6 *);
static int do_ipv4_address(struct sockaddr_in *, struct sockaddr_in *);

int
audit_settid(int fd)
{
	struct sockaddr_in6 peer;
	struct sockaddr_in6 sock;
	int peerlen = sizeof (peer);
	int socklen = sizeof (sock);
	int rv;

	if (cannot_audit(0)) {
		return (0);
	}

	/* get peer name */
	if (getpeername(fd, (struct sockaddr *)&peer, (socklen_t *)&peerlen)
		< 0) {
		return (1);
	}

	/* get sock name */
	if (getsockname(fd, (struct sockaddr *)&sock, (socklen_t *)&socklen)
		< 0) {
		return (1);
	}

	if (peer.sin6_family == AF_INET6)
		rv = do_ipv6_address(&peer, &sock);
	else
		rv = do_ipv4_address((struct sockaddr_in *)&peer,
			(struct sockaddr_in *)&sock);

	return (rv);
}

static int
do_ipv6_address(struct sockaddr_in6 *peer, struct sockaddr_in6 *sock)
{
	auditinfo_addr_t ai;

	/* get audit characteristics of process */
	if (getaudit_addr(&ai, sizeof (ai)) < 0) {
		return (errno);
	}

	/*
	 * if terminal ID already set, i.e. non-zero, then just return
	 */
	if (ai.ai_termid.at_port ||
	    ai.ai_termid.at_addr[0] ||
	    ai.ai_termid.at_addr[1] ||
	    ai.ai_termid.at_addr[2] ||
	    ai.ai_termid.at_addr[3]) {
		return (0);
	}

	ai.ai_termid.at_port = ((peer->sin6_port<<16) | (sock->sin6_port));
	ai.ai_termid.at_type = AU_IPv6;
	bcopy(&peer->sin6_addr, ai.ai_termid.at_addr, 16);

	if (setaudit_addr(&ai, sizeof (ai)) < 0) {
		return (errno);
	}

	return (0);
}

static int
do_ipv4_address(struct sockaddr_in *peer, struct sockaddr_in *sock)
{
	auditinfo_t ai;

	/* get audit characteristics of process */
	if (getaudit(&ai) < 0) {
		return (errno);
	}

	/*
	 * if terminal ID already set, i.e. non-zero, then just return
	 */
	if (ai.ai_termid.port || ai.ai_termid.machine) {
		return (0);
	}

	ai.ai_termid.port = (peer->sin_port<<16 | sock->sin_port);
	ai.ai_termid.machine = (uint32_t)peer->sin_addr.s_addr;

	if (setaudit(&ai) < 0) {
		return (errno);
	}

	return (0);
}