From mboxrd@z Thu Jan  1 00:00:00 1970
From: Zhang Xiliang <zhangxiliang@cn.fujitsu.com>
Subject: [PATCH 2/2] Use a new funtion to instead of outing error message
 for field checking
Date: Thu, 07 Aug 2008 18:58:29 +0800
Message-ID: <489AD555.2080500@cn.fujitsu.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: Steve Grubb <sgrubb@redhat.com>, Linux Audit <linux-audit@redhat.com>
List-Id: linux-audit@redhat.com

Hello Steve,

The method of outing error message for field checking is too big. It is disadvantage to modify.
Create a helper function to output error messages.
It should be more pretty and smart.

Signed-off-by: Zhang Xiliang <zhangxiliang@cn.fujitsu.com>
---
 lib/Makefile.am    |    2 +-
 lib/errormsg.h     |   58 ++++++++++++++++++++++
 lib/libaudit.c     |   26 ++++++++++
 src/auditctl.c     |  135 ++++------------------------------------------------
 src/mt/Makefile.am |    4 +-
 5 files changed, 97 insertions(+), 128 deletions(-)
 create mode 100644 lib/errormsg.h

diff --git a/lib/Makefile.am b/lib/Makefile.am
index 13ccbb9..c5b2c6c 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -30,7 +30,7 @@ lib_LTLIBRARIES = libaudit.la
 include_HEADERS = libaudit.h
 libaudit_la_SOURCES = libaudit.c message.c netlink.c \
 	lookup_table.c audit_logging.c deprecated.c \
-	private.h $(BUILT_SOURCES)
+	private.h errormsg.h $(BUILT_SOURCES)
 libaudit_la_LIBADD =
 libaudit_la_DEPENDENCIES = $(libaudit_la_SOURCES) ../config.h
 libaudit_la_LDFLAGS = -Wl,-z,relro
diff --git a/lib/errormsg.h b/lib/errormsg.h
new file mode 100644
index 0000000..6ee68d1
--- /dev/null
+++ b/lib/errormsg.h
@@ -0,0 +1,58 @@
+/* errormsg.h --
+ * Copyright 2008 FUJITSU Inc.
+ * All Rights Reserved.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ *
+ * Authors:
+ *      Zhang Xiliang <zhangxiliang@cn.fujitsu.com>
+ */
+
+struct msg_tab {
+    int key; /* error number */
+    /*
+     * the field string position in the error message
+     * 0: don't output field string
+     * 1: output field string before error message
+     * 2: output field string after error message
+     */
+    int position;
+    const char	*cvalue;
+};
+
+static const struct msg_tab err_msgtab[] = {
+    { -1,    2,    "-F missing opration for" },
+    { -2,    2,    "-F unknown field:" },
+    { -3,    1,    "must be before -S" },
+    { -4,    1,    "machine type not found" },
+    { -5,    1,    "elf mapping not found" },
+    { -6,    1,    "requested bit level not supported by machine" },
+    { -7,    1,    "can only be used with exit filter list" },
+    { -8,    2,    "-F unknown message type -" },
+    { -9,    0,    "msgtype field can only be used with exclude filter list" },
+    { -10,    0,    "Failed upgrading rule" },
+    { -11,    0,    "String value too long" },
+    { -12,    0,    "Only msgtype field can be used with exclude filter" },
+    { -13,    1,    "only takes = or != operators" },
+    { -14,    0,    "Permission can only contain  \'rwxa\'" },
+    { -15,    2,    "-F unknown errno -"},
+    { -16,    2,    "-F unknown file type - " },
+    { -17,    1,    "can only be used with exit and entry filter list" },
+    { -18,    1,    "can not be used with exclude filter list" },
+    { -19,    0,    "Key field needs a watch or syscall given prior to it" },
+    { -20,    2,    "-F missing value after opration for" },
+    { -21,    2,    "-F value should be number for" },
+    { -22,    2,    "-F missing field name before operator for" }
+};
diff --git a/lib/libaudit.c b/lib/libaudit.c
index e0f108a..7d48d78 100644
--- a/lib/libaudit.c
+++ b/lib/libaudit.c
@@ -39,6 +39,7 @@
 
 #include "libaudit.h"
 #include "private.h"
+#include "errormsg.h"
 
 /* #defines for the audit failure query  */
 #define CONFIG_FILE "/etc/libaudit.conf"
@@ -1153,3 +1154,28 @@ int audit_detect_machine(void)
 	return -1;
 }
 hidden_def(audit_detect_machine)
+
+void audit_number_to_errmsg(int errnumber, const char *opt)
+{
+	unsigned int i;
+	
+	for (i = 0; i < sizeof(err_msgtab)/sizeof(struct msg_tab); i++) {
+		if (err_msgtab[i].key == errnumber) {
+			switch (err_msgtab[i].position)
+			{
+				case 0:
+					fprintf(stderr, "%s\n", err_msgtab[i].cvalue);
+					break;
+				case 1:
+					fprintf(stderr, "%s %s\n", opt, err_msgtab[i].cvalue);
+					break;
+				case 2:
+					fprintf(stderr, "%s %s\n", err_msgtab[i].cvalue, opt);
+					break;
+				default:
+					break;
+			}
+			return;
+		}
+	}
+}
diff --git a/src/auditctl.c b/src/auditctl.c
index 6144795..96aebe7 100644
--- a/src/auditctl.c
+++ b/src/auditctl.c
@@ -733,133 +733,16 @@ static int setopt(int count, char *vars[])
 		}
 		if (which == NEW) 
 			rc = audit_rule_fieldpair_data(&rule_new,optarg,flags);
-//FIXME: make this a function
-		switch (rc)
-		{
-			case 0:
-				if (which == NEW && rule_new->fields[rule_new->field_count-1] ==
-							AUDIT_PERM)
-					audit_permadded = 1;
-				break;
-			case -1:
-				fprintf(stderr, "-F missing operator for %s\n", 
-					optarg);
-				retval = -1;
-				break;
-			case -2:
-				fprintf(stderr, "-F unknown field: %s\n", 
-					optarg);
-				retval = -1;
-				break;
-			case -3:
-				fprintf(stderr, 
-					"-F %s must be before -S\n", 
-					optarg);
-				retval = -1;
-				break;
-			case -4:
-				fprintf(stderr, 
-					"-F %s machine type not found\n", 
-					optarg);
-				retval = -1;
-				break;
-			case -5:
-				fprintf(stderr, 
-					"-F %s elf mapping not found\n", 
-					optarg);
-				retval = -1;
-				break;
-			case -6:
-				fprintf(stderr, 
-			"-F %s requested bit level not supported by machine\n", 
-					optarg);
-				retval = -1;
-				break;
-			case -7:
-				fprintf(stderr,
-			 "Field %s can only be used with exit filter list\n",
-					 optarg);
-				retval = -1;
-				break;
-			case -8:
-				fprintf(stderr, 
-					"-F unknown message type - %s\n",
-					 optarg);
-				retval = -1;
-				break;
-			case -9:
-				fprintf(stderr,
-		 "msgtype field can only be used with exclude filter list\n");
-				retval = -1;
-				break;
-			case -10:
-				fprintf(stderr,
-					"Failed upgrading rule\n");
-				retval = -1;
-			case -11:
-				fprintf(stderr,
-					"String value too long\n");
-				retval = -1;
-				break;
-			case -12:
-				fprintf(stderr,
-			"Only msgtype field can be used with exclude filter\n");
-				retval = -1;
-				break;
-			case -13:
-				fprintf(stderr,
-			"Field (%s) only takes = or != operators\n", optarg);
-				retval = -1;
-				break;
-			case -14:
-				fprintf(stderr,
-				"Permission (%s) can only contain \'rwxa\n",
-					optarg);
-				retval = -1;
-				break;
-			case -15:
-				fprintf(stderr, 
-					"-F unknown errno - %s\n", optarg);
-				retval = -1;
-				break;
-			case -16:
-				fprintf(stderr, 
-					"-F unknown file type - %s\n", optarg);
-				retval = -1;
-				break;
-			case -17:
-				fprintf(stderr,
-					"Field %s can only be used with exit and entry filter list\n", optarg);
-				retval = -1;
-				break;
-			case -18:
-				fprintf(stderr,
-					"Field %s can not be used with exclude filter list\n", optarg);
-				retval = -1;
-				break;
-			case -19:
-				fprintf(stderr,
-					"Key field needs a watch or syscall given prior to it\n");
-				retval = -1;
-				break;
-			case -20:
-				fprintf(stderr,
-					"-F missing value after operator for %s\n", optarg);
-				retval = -1;
-				break;
-			case -21:
-				fprintf(stderr,
-					"-F value should be a number for %s\n", optarg);
-				retval = -1;
-				break;
-			case -22:
-				fprintf(stderr,
-					"-F missing field name before operator for %s\n", optarg);
-				retval = -1;
-			default:
-				retval = -1;
-				break;
+
+		if (rc != 0) {
+			audit_number_to_errmsg(rc, optarg);
+			retval = -1;
+		} else {
+			if (which == NEW && rule_new->fields[rule_new->field_count-1] ==
+						AUDIT_PERM)
+				audit_permadded = 1;
 		}
+
 		break;
         case 'm':
 		if (audit_log_user_message( fd, AUDIT_USER, optarg, NULL, 
diff --git a/src/mt/Makefile.am b/src/mt/Makefile.am
index e840287..7581225 100644
--- a/src/mt/Makefile.am
+++ b/src/mt/Makefile.am
@@ -43,7 +43,7 @@ lib_OBJECTS = $(libauditmt_a_OBJECTS)
 
 libaudit.h:
 	cp ${top_srcdir}/lib/libaudit.h .
-libaudit.c: libaudit.h private.h
+libaudit.c: libaudit.h private.h errormsg.h
 	cp ${top_srcdir}/lib/libaudit.c .
 message.c: libaudit.h
 	cp ${top_srcdir}/lib/message.c .
@@ -89,6 +89,8 @@ optabs.h:
 	cp ${top_builddir}/lib/optabs.h .
 errtabs.h:
 	cp ${top_builddir}/lib/errtabs.h .
+errormsg.h:
+	cp ${top_builddir}/lib/errormsg.h .
 
 lookup_table.o: ${top_builddir}/config.h gen_tables.h i386_tables.h \
 	ia64_tables.h ppc_tables.h s390_tables.h s390x_tables.h \