From 49a4fc689f09f668766e760840ad81bf16e659b3 Mon Sep 17 00:00:00 2001
From: "wtchang%redhat.com" <wtchang%redhat.com>
Date: Tue, 16 May 2006 01:04:05 +0000
Subject: [PATCH] Bugzilla Bug 298506: a first cut at Solaris auditing.  The
 patch is contributed by Glen Beasley of Sun. r=wtc. Modified Files: 
 cmd/platlibs.mk lib/softoken/config.mk lib/softoken/fipstokn.c

---
 security/nss/cmd/platlibs.mk         |  4 ++++
 security/nss/lib/softoken/config.mk  |  1 +
 security/nss/lib/softoken/fipstokn.c | 33 ++++++++++++++++++++++++++++
 3 files changed, 38 insertions(+)

diff --git a/security/nss/cmd/platlibs.mk b/security/nss/cmd/platlibs.mk
index 734f38d307b3..8deb8a40d60c 100644
--- a/security/nss/cmd/platlibs.mk
+++ b/security/nss/cmd/platlibs.mk
@@ -136,6 +136,10 @@ EXTRA_SHARED_LIBS += \
 	-lnspr4 \
 	$(NULL)
 endif
+
+ifeq ($(OS_TARGET), SunOS)
+OS_LIBS += -lbsm
+endif
 endif
 
 else # USE_STATIC_LIBS
diff --git a/security/nss/lib/softoken/config.mk b/security/nss/lib/softoken/config.mk
index 2e097c8a588c..bc48130aa3ed 100644
--- a/security/nss/lib/softoken/config.mk
+++ b/security/nss/lib/softoken/config.mk
@@ -91,6 +91,7 @@ ifeq ($(OS_TARGET),SunOS)
 # The -R '$ORIGIN' linker option instructs this library to search for its
 # dependencies in the same directory where it resides.
 MKSHLIB += -R '$$ORIGIN'
+OS_LIBS += -lbsm 
 endif
 
 ifeq ($(OS_TARGET),WINCE)
diff --git a/security/nss/lib/softoken/fipstokn.c b/security/nss/lib/softoken/fipstokn.c
index 472b3cad0de5..fc114f792037 100644
--- a/security/nss/lib/softoken/fipstokn.c
+++ b/security/nss/lib/softoken/fipstokn.c
@@ -66,6 +66,11 @@
 #include <unistd.h>
 #endif
 
+#ifdef SOLARIS
+#include <bsm/libbsm.h>
+#define AUE_FIPS_AUDIT 34444
+#endif
+
 #ifdef LINUX
 #include <pthread.h>
 #include <dlfcn.h>
@@ -354,6 +359,34 @@ sftk_LogAuditMessage(NSSAuditSeverity severity, const char *msg)
 	PR_smprintf_free(message);
     }
 #endif /* LINUX */
+#ifdef SOLARIS
+    {
+        int rd;
+        char *message = PR_smprintf("NSS " SOFTOKEN_LIB_NAME ": %s", msg);
+
+        if (!message) {
+            return;
+        }
+
+        /* open the record descriptor */
+        if ((rd = au_open()) == -1) {
+            PR_smprintf_free(message);
+            return;
+        }
+
+        /* write the audit tokens to the audit record */
+        if (au_write(rd, au_to_text(message))) {
+            (void)au_close(rd, AU_TO_NO_WRITE, AUE_FIPS_AUDIT);
+            PR_smprintf_free(message);
+            return;
+        }
+
+        /* close the record and send it to the audit trail */
+        (void)au_close(rd, AU_TO_WRITE, AUE_FIPS_AUDIT);
+
+        PR_smprintf_free(message);
+    }
+#endif /* SOLARIS */
 #else
     /* do nothing */
 #endif