diff options
Diffstat (limited to 'libseaudit/include/seaudit/message.h')
-rw-r--r-- | libseaudit/include/seaudit/message.h | 133 |
1 files changed, 133 insertions, 0 deletions
diff --git a/libseaudit/include/seaudit/message.h b/libseaudit/include/seaudit/message.h new file mode 100644 index 0000000..2266ee8 --- /dev/null +++ b/libseaudit/include/seaudit/message.h @@ -0,0 +1,133 @@ +/** + * @file + * Public interface for a single seaudit log message. Note that this + * is an abstract class. + * + * @author Jeremy A. Mowery jmowery@tresys.com + * @author Jason Tang jtang@tresys.com + * + * Copyright (C) 2006-2007 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef SEAUDIT_MESSAGE_H +#define SEAUDIT_MESSAGE_H + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include <time.h> + + typedef struct seaudit_message seaudit_message_t; + +/** + * This enum defines the different types of audit messages this + * library will handle. Message types are put in alphabetical order + * to make msg_field_compare() in sort.c easier. + */ + typedef enum seaudit_message_type + { + SEAUDIT_MESSAGE_TYPE_INVALID = 0, + /** BOOL is the message that results when changing + booleans in a conditional policy. */ + SEAUDIT_MESSAGE_TYPE_BOOL, + /** AVC is a standard 'allowed' or 'denied' type + message. */ + SEAUDIT_MESSAGE_TYPE_AVC, + /** LOAD is the message that results when a policy is + loaded into the system. */ + SEAUDIT_MESSAGE_TYPE_LOAD + } seaudit_message_type_e; + +/** + * Get a pointer to a message's specific data. This returns a void + * pointer; the caller must cast it to one of seaudit_avc_message_t, + * seaudit_bool_message_t, or seaudit_load_message_t. Use the + * returned value from the second parameter to determine which type + * this message really is. + * + * @param msg Message from which to get data. + * @param type Reference to the message specific type. + * + * @return Pointer to message's specific type, or NULL upon error. + */ + extern void *seaudit_message_get_data(const seaudit_message_t * msg, seaudit_message_type_e * type); + +/** + * Return the time that this audit message was generated. + * + * @param msg Message from which to get its time. + * + * @return Time of the message. Treat the contents of this struct as + * const. + * + * @see localtime(3) + */ + extern const struct tm *seaudit_message_get_time(const seaudit_message_t * msg); + +/** + * Return the name of the host that generated this audit message. + * + * @param msg Message from which to get its time. + * + * @return Host of the message. Do not modify this string. + */ + extern const char *seaudit_message_get_host(const seaudit_message_t * msg); + +/** + * Given a message, allocate and return a string that approximates the + * message as it had appeared within the original log file. + * + * @param msg Message to convert. + * + * @return String representation for message, or NULL upon error. The + * caller is responsible for free()ing the string afterwards. + */ + extern char *seaudit_message_to_string(const seaudit_message_t * msg); + +/** + * Given a message, allocate and return a string, formatted in HTML, + * that approximates the message as it had appeared within the + * original log file. + * + * @param msg Message to convert. + * + * @return HTML String representation for message, or NULL upon error. + * The caller is responsible for free()ing the string afterwards. + */ + extern char *seaudit_message_to_string_html(const seaudit_message_t * msg); + +/** + * Given a message, allocate and return a string that gives + * miscellaneous (i.e., uncategorized) information about the message. + * To get the more important values you will need to use more specific + * accessor methods. + * + * @param msg Message from which to get miscellaneous information. + * + * @return Miscellaneous message string representation, or NULL upon + * error. The caller is responsible for free()ing the string + * afterwards. + */ + extern char *seaudit_message_to_misc_string(const seaudit_message_t * msg); + +#ifdef __cplusplus +} +#endif + +#endif |