libbsm/common/audit_kadmind.c

	audit_kadmind.c revision 2
2N/A/*
2N/A * CDDL HEADER START
2N/A *
2N/A * The contents of this file are subject to the terms of the
2N/A * Common Development and Distribution License (the "License").
2N/A * You may not use this file except in compliance with the License.
2N/A *
2N/A * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
2N/A * or http://www.opensolaris.org/os/licensing.
2N/A * See the License for the specific language governing permissions
2N/A * and limitations under the License.
2N/A *
2N/A * When distributing Covered Code, include this CDDL HEADER in each
2N/A * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
2N/A * If applicable, add the following below this CDDL HEADER, with the
2N/A * fields enclosed by brackets "[]" replaced with your own identifying
2N/A * information: Portions Copyright [yyyy] [name of copyright owner]
2N/A *
2N/A * CDDL HEADER END
2N/A */
2N/A/*
2N/A * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
2N/A * Use is subject to license terms.
2N/A *
2N/A */
2N/A#include <sys/types.h>
2N/A#include <sys/param.h>
2N/A#include <stdio.h>
2N/A#include <sys/fcntl.h>
2N/A#include <bsm/audit.h>
2N/A#include <bsm/audit_record.h>
2N/A#include <bsm/audit_uevents.h>
2N/A#include <bsm/libbsm.h>
2N/A#include <stdlib.h>
2N/A#include <string.h>
2N/A#include <syslog.h>
2N/A#include <netinet/in.h>
2N/A#include <sys/socket.h>
2N/A#include <rpc/rpc.h>
2N/A#include <tiuser.h>
2N/A#include <unistd.h>
2N/A#include <generic.h>
2N/A#include <note.h>
2N/A
2N/A#ifdef C2_DEBUG2
2N/A#define dprintf(x) { (void) printf x; }
2N/A#else
2N/A#define dprintf(x)
2N/A#endif
2N/A
2N/A/*
2N/A * netbuf2pm()
2N/A *
2N/A * Given an endpt in netbuf form,  return the port and machine.
2N/A * kadmind (currently) only works over IPv4, so only handle IPv4 addresses.
2N/A */
2N/Astatic void
2N/Anetbuf2pm(
2N/A    struct netbuf *addr,
2N/A    in_port_t *port,
2N/A    uint32_t *machine)
2N/A{
2N/A    struct sockaddr_in sin4;
2N/A
2N/A    if (!addr) {
2N/A        syslog(LOG_DEBUG, "netbuf2pm: addr == NULL");
2N/A        return;
2N/A    }
2N/A
2N/A    if (!addr->buf) {
2N/A        syslog(LOG_DEBUG, "netbuf2pm: addr->buf == NULL");
2N/A        return;
2N/A    }
2N/A
2N/A    (void) memcpy(&sin4, addr->buf, sizeof (struct sockaddr_in));
2N/A    if (sin4.sin_family == AF_INET) {
2N/A        if (machine)
2N/A            *machine = sin4.sin_addr.s_addr;
2N/A        if (port)
2N/A            *port = sin4.sin_port;
2N/A    } else {
2N/A        dprintf(("netbuf2pm: unknown caller IP address family %d",
2N/A            sin4.sin_family));
2N/A        syslog(LOG_DEBUG,
2N/A            "netbuf2pm: unknown caller IP address family %d",
2N/A            sin4.sin_family);
2N/A    }
2N/A}
2N/A
2N/A#define AUD_NULL_STR(s)     ((s) ? (s) : "(null)")
2N/A
2N/Astatic void
2N/Acommon_audit(
2N/A    au_event_t event,   /* audit event */
2N/A    SVCXPRT *xprt,      /* net transport handle */
2N/A    in_port_t l_port,   /* local port */
2N/A    char *op,       /* requested operation */
2N/A    char *prime_arg,    /* argument for op */
2N/A    char *clnt_name,    /* client principal name */
2N/A    int sorf)       /* flag for success or failure */
2N/A
2N/A{
2N/A    auditinfo_t ai;
2N/A    in_port_t r_port = 0;
2N/A    dev_t port;
2N/A    uint32_t machine = 0;
2N/A    char text_buf[512];
2N/A
2N/A    dprintf(("common_audit() start\n"));
2N/A
2N/A    /* if auditing turned off, then don't do anything */
2N/A    if (cannot_audit(0))
2N/A        return;
2N/A
2N/A    (void) aug_save_namask();
2N/A
2N/A    /*
2N/A     * set default values. We will overwrite them if appropriate.
2N/A     */
2N/A    if (getaudit(&ai)) {
2N/A        perror("kadmind");
2N/A        return;
2N/A    }
2N/A    aug_save_auid(ai.ai_auid);  /* Audit ID */
2N/A    aug_save_uid(getuid());     /* User ID */
2N/A    aug_save_euid(geteuid());   /* Effective User ID */
2N/A    aug_save_gid(getgid());     /* Group ID */
2N/A    aug_save_egid(getegid());   /* Effective Group ID */
2N/A    aug_save_pid(getpid());     /* process ID */
2N/A    aug_save_asid(getpid());    /* session ID */
2N/A
2N/A    aug_save_event(event);
2N/A    aug_save_sorf(sorf);
2N/A
2N/A    (void) snprintf(text_buf, sizeof (text_buf), "Op: %s",
2N/A        AUD_NULL_STR(op));
2N/A    aug_save_text(text_buf);
2N/A    (void) snprintf(text_buf, sizeof (text_buf), "Arg: %s",
2N/A        AUD_NULL_STR(prime_arg));
2N/A    aug_save_text1(text_buf);
2N/A    (void) snprintf(text_buf, sizeof (text_buf), "Client: %s",
2N/A        AUD_NULL_STR(clnt_name));
2N/A    aug_save_text2(text_buf);
2N/A
2N/A    netbuf2pm(svc_getrpccaller(xprt), &r_port, &machine);
2N/A
2N/A    dprintf(("common_audit(): l_port=%d, r_port=%d,\n",
2N/A        ntohs(l_port), ntohs(r_port)));
2N/A
2N/A    port = (r_port<<16 | l_port);
2N/A
2N/A    aug_save_tid_ex(port,  &machine, AU_IPv4);
2N/A
2N/A    (void) aug_audit();
2N/A}
2N/A
2N/Avoid
2N/Aaudit_kadmind_auth(
2N/A    SVCXPRT *xprt,
2N/A    in_port_t l_port,
2N/A    char *op,
2N/A    char *prime_arg,
2N/A    char *clnt_name,
2N/A    int sorf)
2N/A{
2N/A    common_audit(AUE_kadmind_auth, xprt, l_port, op, prime_arg,
2N/A        clnt_name, sorf);
2N/A}
2N/A
2N/Avoid
2N/Aaudit_kadmind_unauth(
2N/A    SVCXPRT *xprt,
2N/A    in_port_t l_port,
2N/A    char *op,
2N/A    char *prime_arg,
2N/A    char *clnt_name)
2N/A{
2N/A    common_audit(AUE_kadmind_unauth, xprt, l_port, op, prime_arg,
2N/A        clnt_name, 1);
2N/A}