update instructions

Author: stevegrubb

AGENTS.md

@@ -117,8 +117,7 @@ intended ordering.
 ## Summary
 
 - Build with `autoreconf`, `configure`, and `make`.
-- Run `make check` to execute the self-tests. (auparse tests are failing
-  because of a mismatch in mapping uid to accounts. Igonore these.)
+- Run `make check` to execute the self-tests.
 - Follow Linux Kernel coding style (tabs, 80 columns).
 - Follow glibc style for man(3) pages.
 - Keep commit messages short and descriptive.

audisp/audispd.c

@@ -504,7 +504,7 @@ static int write_to_plugin(event_t *e, const char *string, size_t string_len,
 		vec[0].iov_len = sizeof(struct audit_dispatcher_header);
 
 		vec[1].iov_base = e->data;
-		vec[1].iov_len = MAX_AUDIT_MESSAGE_LENGTH;
+		vec[1].iov_len = e->hdr.size;
 		do {
 			rc = writev(conf->p->plug_pipe[1], vec, 2);
 		} while (rc < 0 && errno == EINTR);

audisp/plugins/af_unix/audisp-af_unix.c

@@ -197,7 +197,7 @@ int setup_socket(int argc, char *argv[])
 }
 
 static int event_to_string(struct audit_dispatcher_header *hdr,
-			   char *data, char **out, int *outlen)
+				char *data, char **out, int *outlen)
 {
 	char *v = NULL, *ptr, unknown[32];
 	int len;
@@ -246,75 +246,161 @@ static int event_to_string(struct audit_dispatcher_header *hdr,
 	return 1;
 }
 
-void read_audit_record(int ifd)
+/*
+ * read_binary_record - read a binary dispatcher record
+ * @fd:  input descriptor
+ * @hdr: pointer to header storage
+ * @data: pointer to data storage
+ *
+ * This function reads exactly sizeof(*hdr) bytes followed by hdr->size
+ * bytes from @fd.  It returns the total bytes read or -1 on error and
+ * 0 when EOF is reached.
+ */
+static int read_binary_record(int fd, struct audit_dispatcher_header *hdr,
+                              char *data)
 {
-	do {
-		int len;
+	size_t len = sizeof(*hdr);
+	char *ptr = (char *)hdr;
+	ssize_t rc;
+
+	while (len) {
+		rc = read(fd, ptr, len);
+		if (rc <= 0) {
+			if (rc < 0 && errno == EINTR)
+				continue;
+			return rc;
+		}
+		ptr += rc;
+		len -= rc;
+	}
 
-		// Read stdin
-		if ((len = auplugin_fgets(rx_buf,MAX_AUDIT_EVENT_FRAME_SIZE + 1,
-				       ifd)) > 0) {
-#ifdef DEBUG
-			write(1, rx_buf, len);
-#endif
-			if (client && !stop) {
-				// Send it to the client
-				int rc;
-				struct audit_dispatcher_header *hdr =
-				    (struct audit_dispatcher_header *)rx_buf;
-				char *data = rx_buf +
-					sizeof(struct audit_dispatcher_header);
-
-				if (inbound_protocol == -1) {
-					if (hdr->ver == AUDISP_PROTOCOL_VER ||
-						hdr->ver == AUDISP_PROTOCOL_VER2)
-						inbound_protocol = F_BINARY;
-					else
-						inbound_protocol = F_STRING;
-				}
+	if (hdr->size > MAX_AUDIT_MESSAGE_LENGTH)
+		hdr->size = MAX_AUDIT_MESSAGE_LENGTH;
+
+	len = hdr->size;
+	ptr = data;
+	while (len) {
+		rc = read(fd, ptr, len);
+		if (rc <= 0) {
+			if (rc < 0 && errno == EINTR)
+				continue;
+			return rc;
+		}
+		ptr += rc;
+		len -= rc;
+	}
 
-				if (format == F_STRING) {
+	return sizeof(*hdr) + hdr->size;
+}
 
-					char *str = NULL;
-					int str_len = 0;
-					if (event_to_string(hdr, data, &str,
-							    &str_len) < 0) {
-						// what to do with error?
-						continue;
-					}
+void read_audit_record(int ifd)
+{
+	int len;
 
-					do {
-						rc = write(conn, str, str_len);
-					} while (rc < 0 && errno == EINTR);
-					free(str);
-				} else if (format == F_BINARY) {
-					struct iovec vec[2];
+	if (inbound_protocol == F_BINARY || inbound_protocol == -1) {
+		struct audit_dispatcher_header *hdr =
+				(struct audit_dispatcher_header *)rx_buf;
+		char *data = rx_buf + sizeof(*hdr);
 
-					vec[0].iov_base = hdr;
-					vec[0].iov_len =
+		len = read_binary_record(ifd, hdr, data);
+		if (len <= 0) {
+			if (len == 0)
+				stop = 1;
+			return;
+		}
+		if (inbound_protocol == -1)
+			inbound_protocol = F_BINARY;
+
+		if (client && !stop) {
+			int rc;
+
+			if (format == F_STRING) {
+				char *str = NULL;
+				int str_len = 0;
+
+				if (event_to_string(hdr, data, &str,
+							&str_len) < 0)
+					return;
+
+				do {
+					rc = write(conn, str, str_len);
+				} while (rc < 0 && errno == EINTR);
+				free(str);
+			} else if (format == F_BINARY) {
+				struct iovec vec[2];
+
+				vec[0].iov_base = hdr;
+				vec[0].iov_len = sizeof(*hdr);
+
+				vec[1].iov_base = data;
+				vec[1].iov_len = hdr->size;
+
+				do {
+					rc = writev(conn, vec, 2);
+				} while (rc < 0 && errno == EINTR);
+				if (rc < 0 && errno == EPIPE) {
+					close(conn);
+					conn = -1; // FIXME: is this right?
+					client = 0;
+					auplugin_fgets_clear();
+				}
+			}
+		}
+	} else {
+		do {
+			len = auplugin_fgets(rx_buf,
+					MAX_AUDIT_EVENT_FRAME_SIZE + 1, ifd);
+			if (len > 0) {
+				if (inbound_protocol == -1)
+					inbound_protocol = F_STRING;
+				if (client && !stop) {
+					int rc;
+					char *data = rx_buf +
 					 sizeof(struct audit_dispatcher_header);
-
-					vec[1].iov_base = data;
-					vec[1].iov_len =
-						MAX_AUDIT_MESSAGE_LENGTH;
-
-					do {
-						rc = writev(conn, vec, 2);
-					} while (rc < 0 && errno == EINTR);
-					if (rc < 0 && errno == EPIPE) {
-						close(conn);
-						conn = -1;
-						client = 0;
-						auplugin_fgets_clear();
+					struct audit_dispatcher_header *hdr =
+					 (struct audit_dispatcher_header *)rx_buf;
+
+					if (format == F_STRING) {
+						char *str = NULL;
+						int str_len = 0;
+						if (event_to_string(hdr, data,
+								    &str,
+								&str_len) < 0)
+							continue;
+
+						do {
+							rc = write(conn, str,
+								   str_len);
+						} while (rc < 0 && errno == EINTR);
+						free(str);
+					} else if (format == F_BINARY) {
+						struct iovec vec[2];
+
+						vec[0].iov_base = hdr;
+						vec[0].iov_len =
+								sizeof(*hdr);
+
+						vec[1].iov_base = data;
+						vec[1].iov_len =
+						    MAX_AUDIT_MESSAGE_LENGTH;
+
+						do {
+							rc = writev(conn, vec,
+									2);
+						} while (rc < 0 && errno == EINTR);
+						if (rc < 0 && errno == EPIPE) {
+							close(conn);
+							conn = -1;
+							client = 0;
+							auplugin_fgets_clear();
+						}
 					}
-					//if (rc >= 0 && rc != len) {
-					// what to do with leftovers?
-					//}
 				}
-			}
-		} else if (auplugin_fgets_eof())
-			stop = 1;
-	} while (!stop && auplugin_fgets_more(MAX_AUDIT_EVENT_FRAME_SIZE));
+			} else if (auplugin_fgets_eof())
+				stop = 1;
+		} while (!stop &&
+			auplugin_fgets_more(MAX_AUDIT_EVENT_FRAME_SIZE));
+	}
 }
 
 void accept_connection(void)