Home | History | Annotate | Download | only in common
      1 /*
      2  * CDDL HEADER START
      3  *
      4  * The contents of this file are subject to the terms of the
      5  * Common Development and Distribution License, Version 1.0 only
      6  * (the "License").  You may not use this file except in compliance
      7  * with the License.
      8  *
      9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
     10  * or http://www.opensolaris.org/os/licensing.
     11  * See the License for the specific language governing permissions
     12  * and limitations under the License.
     13  *
     14  * When distributing Covered Code, include this CDDL HEADER in each
     15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
     16  * If applicable, add the following below this CDDL HEADER, with the
     17  * fields enclosed by brackets "[]" replaced with your own identifying
     18  * information: Portions Copyright [yyyy] [name of copyright owner]
     19  *
     20  * CDDL HEADER END
     21  */
     22 /*
     23  * Copyright (c) 2000 by Sun Microsystems, Inc.
     24  * All rights reserved.
     25  */
     26 
     27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
     28 
     29 #include <sys/types.h>
     30 #include <sys/param.h>
     31 #include <stdio.h>
     32 #include <sys/fcntl.h>
     33 #include <bsm/audit.h>
     34 #include <bsm/audit_record.h>
     35 #include <bsm/audit_uevents.h>
     36 #include <bsm/libbsm.h>
     37 #include <stdlib.h>
     38 #include <string.h>
     39 #include <syslog.h>
     40 #include <netinet/in.h>
     41 #include <sys/socket.h>
     42 #include <rpc/rpc.h>
     43 #include <tiuser.h>
     44 #include <unistd.h>
     45 #include <generic.h>
     46 #include <note.h>
     47 
     48 #ifdef C2_DEBUG2
     49 #define	dprintf(x) { printf x; }
     50 #else
     51 #define	dprintf(x)
     52 #endif
     53 
     54 /*
     55  * netbuf2pm()
     56  *
     57  * Given an endpt in netbuf form,  return the port and machine.
     58  * kadmind (currently) only works over IPv4, so only handle IPv4 addresses.
     59  */
     60 static void
     61 netbuf2pm(
     62 	struct netbuf *addr,
     63 	in_port_t *port,
     64 	uint32_t *machine)
     65 {
     66 	struct sockaddr_in sin4;
     67 
     68 	if (!addr) {
     69 		syslog(LOG_DEBUG, "netbuf2pm: addr == NULL");
     70 		return;
     71 	}
     72 
     73 	if (!addr->buf) {
     74 		syslog(LOG_DEBUG, "netbuf2pm: addr->buf == NULL");
     75 		return;
     76 	}
     77 
     78 	(void) memcpy(&sin4, addr->buf, sizeof (struct sockaddr_in));
     79 	if (sin4.sin_family == AF_INET) {
     80 		if (machine)
     81 			*machine = sin4.sin_addr.s_addr;
     82 		if (port)
     83 			*port = sin4.sin_port;
     84 	} else {
     85 		dprintf(("netbuf2pm: unknown caller IP address family %d",
     86 			sin4.sin_family));
     87 		syslog(LOG_DEBUG,
     88 		    "netbuf2pm: unknown caller IP address family %d",
     89 		    sin4.sin_family);
     90 	}
     91 }
     92 
     93 #define	AUD_NULL_STR(s)		((s) ? (s) : "(null)")
     94 
     95 static void
     96 common_audit(
     97 	au_event_t event,	/* audit event */
     98 	SVCXPRT *xprt,		/* net transport handle */
     99 	in_port_t l_port,	/* local port */
    100 	char *op,		/* requested operation */
    101 	char *prime_arg,	/* argument for op */
    102 	char *clnt_name,	/* client principal name */
    103 	int sorf) 		/* flag for success or failure */
    104 
    105 {
    106 	auditinfo_t ai;
    107 	in_port_t r_port = 0;
    108 	dev_t port;
    109 	uint32_t machine = 0;
    110 	char text_buf[512];
    111 
    112 	dprintf(("common_audit() start\n"));
    113 
    114 	/* if auditing turned off, then don't do anything */
    115 	if (cannot_audit(0))
    116 		return;
    117 
    118 	(void) aug_save_namask();
    119 
    120 	/*
    121 	 * set default values. We will overwrite them if appropriate.
    122 	 */
    123 	if (getaudit(&ai)) {
    124 		perror("kadmind");
    125 		return;
    126 	}
    127 	aug_save_auid(ai.ai_auid);	/* Audit ID */
    128 	aug_save_uid(getuid());		/* User ID */
    129 	aug_save_euid(geteuid());	/* Effective User ID */
    130 	aug_save_gid(getgid());		/* Group ID */
    131 	aug_save_egid(getegid());	/* Effective Group ID */
    132 	aug_save_pid(getpid());		/* process ID */
    133 	aug_save_asid(getpid());	/* session ID */
    134 
    135 	aug_save_event(event);
    136 	aug_save_sorf(sorf);
    137 
    138 	(void) snprintf(text_buf, sizeof (text_buf), "Op: %s",
    139 		AUD_NULL_STR(op));
    140 	aug_save_text(text_buf);
    141 	(void) snprintf(text_buf, sizeof (text_buf), "Arg: %s",
    142 		AUD_NULL_STR(prime_arg));
    143 	aug_save_text1(text_buf);
    144 	(void) snprintf(text_buf, sizeof (text_buf), "Client: %s",
    145 		AUD_NULL_STR(clnt_name));
    146 	aug_save_text2(text_buf);
    147 
    148 	netbuf2pm(svc_getrpccaller(xprt), &r_port, &machine);
    149 
    150 	dprintf(("common_audit(): l_port=%d, r_port=%d,\n",
    151 		ntohs(l_port), ntohs(r_port)));
    152 
    153 	port = (r_port<<16 | l_port);
    154 
    155 	aug_save_tid_ex(port,  &machine, AU_IPv4);
    156 
    157 	(void) aug_audit();
    158 }
    159 
    160 void
    161 audit_kadmind_auth(
    162 	SVCXPRT *xprt,
    163 	in_port_t l_port,
    164 	char *op,
    165 	char *prime_arg,
    166 	char *clnt_name,
    167 	int sorf)
    168 {
    169 	common_audit(AUE_kadmind_auth, xprt, l_port, op, prime_arg,
    170 		    clnt_name, sorf);
    171 }
    172 
    173 void
    174 audit_kadmind_unauth(
    175 	SVCXPRT *xprt,
    176 	in_port_t l_port,
    177 	char *op,
    178 	char *prime_arg,
    179 	char *clnt_name)
    180 {
    181 	common_audit(AUE_kadmind_unauth, xprt, l_port, op, prime_arg,
    182 		    clnt_name, 1);
    183 }
    184