usr/src/lib/libbsm/common/audit_krb5kdc.c

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  23  * Use is subject to license terms.
  24  *
  25  */
  26
  27 #include <sys/types.h>
  28 #include <stdio.h>
  29 #include <sys/fcntl.h>
  30 #include <bsm/audit.h>
  31 #include <bsm/audit_record.h>
  32 #include <bsm/audit_uevents.h>
  33 #include <bsm/libbsm.h>
  34 #include <stdlib.h>
  35 #include <string.h>
  36 #include <syslog.h>
  37 #include <netinet/in.h>
  38 #include <unistd.h>
  39 #include <generic.h>
  40
  41 #ifdef C2_DEBUG2
  42 #define dprintf(x) { (void) printf x; }
  43 #else
  44 #define dprintf(x)
  45 #endif
  46
  47 #define AUD_NULL_STR(s) ((s) ? (s) : "(null)")
  48
  49 void
  50 audit_krb5kdc_setup()
  51 {
  52         dprintf(("audit_krb5kdc_setup()\n"));
  53
  54 }
  55
  56 static void
  57 common_audit(
  58         au_event_t event,               /* audit event */
  59         struct in_addr *r_addr,         /* remote ipv4 addr */
  60         in_port_t r_port,               /* remote port */
  61         in_port_t l_port,               /* local port */
  62         char *cname,                    /* client principal name */
  63         char *sname,                    /* requested service name */
  64         int sorf)                       /* flag for success or failure */
  65 {
  66         auditinfo_t ai;
  67         dev_t port = 0;
  68         uint32_t machine;
  69         char text_buf[512];
  70
  71         dprintf(("common_audit() start\n"));
  72
  73         /* if auditing turned off, then don't do anything */
  74         if (cannot_audit(0))
  75                 return;
  76
  77         (void) aug_save_namask();
  78
  79         if (getaudit(&ai)) {
  80                 perror("krb5kdc");
  81                 return;
  82         }
  83         aug_save_auid(ai.ai_auid);      /* Audit ID */
  84         aug_save_uid(getuid());         /* User ID */
  85         aug_save_euid(geteuid());       /* Effective User ID */
  86         aug_save_gid(getgid());         /* Group ID */
  87         aug_save_egid(getegid());       /* Effective Group ID */
  88         aug_save_pid(getpid());         /* process ID */
  89         aug_save_asid(getpid());        /* session ID */
  90
  91         aug_save_event(event);
  92         aug_save_sorf(sorf);
  93
  94         (void) snprintf(text_buf, sizeof (text_buf), "Client: %s",
  95             AUD_NULL_STR(cname));
  96         aug_save_text1(text_buf);
  97         (void) snprintf(text_buf, sizeof (text_buf), "Service: %s",
  98             AUD_NULL_STR(sname));
  99         aug_save_text2(text_buf);
 100
 101         dprintf(("audit_krb5kdc: r_port=%d, l_port=%d\n", r_port, l_port));
 102         port = (htons(r_port)<<16 | htons(l_port));
 103
 104         machine = r_addr ? (uint32_t)r_addr->s_addr : 0;
 105
 106         aug_save_tid_ex(port, &machine, AU_IPv4);
 107
 108         (void) aug_audit();
 109 }
 110
 111 void
 112 audit_krb5kdc_as_req(
 113         struct in_addr *r_addr,         /* remote ipv4 addr */
 114         in_port_t r_port,               /* remote port */
 115         in_port_t l_port,               /* local port */
 116         char *cname,                    /* client principal name */
 117         char *sname,                    /* requested service name */
 118         int sorf)                       /* flag for success or failure */
 119 {
 120         common_audit(AUE_krb5kdc_as_req, r_addr, r_port, l_port, cname,
 121             sname, sorf);
 122 }
 123
 124 void
 125 audit_krb5kdc_tgs_req(
 126         struct in_addr *r_addr,         /* remote ipv4 addr */
 127         in_port_t r_port,               /* remote port */
 128         in_port_t l_port,               /* local port */
 129         char *cname,                    /* client principal name */
 130         char *sname,                    /* requested service name */
 131         int sorf)                       /* flag for success or failure */
 132 {
 133         common_audit(AUE_krb5kdc_tgs_req, r_addr, r_port, l_port, cname,
 134             sname, sorf);
 135 }
 136
 137 void
 138 audit_krb5kdc_tgs_req_2ndtktmm(
 139         struct in_addr *r_addr,         /* remote ipv4 addr */
 140         in_port_t r_port,               /* remote port */
 141         in_port_t l_port,               /* local port */
 142         char *cname,                    /* client principal name */
 143         char *sname)                    /* requested service name */
 144 {
 145         common_audit(AUE_krb5kdc_tgs_req_2ndtktmm, r_addr, r_port, l_port,
 146             cname, sname, 1);
 147 }
 148
 149 void
 150 audit_krb5kdc_tgs_req_alt_tgt(
 151         struct in_addr *r_addr,         /* remote ipv4 addr */
 152         in_port_t r_port,               /* remote port */
 153         in_port_t l_port,               /* local port */
 154         char *cname,                    /* client principal name */
 155         char *sname,                    /* requested service name */
 156         int sorf)                       /* flag for success or failure */
 157 {
 158         common_audit(AUE_krb5kdc_tgs_req_alt_tgt, r_addr, r_port, l_port,
 159             cname, sname, sorf);
 160 }