Home | History | Annotate | Download | only in common
      1 /*
      2  * CDDL HEADER START
      3  *
      4  * The contents of this file are subject to the terms of the
      5  * Common Development and Distribution License, Version 1.0 only
      6  * (the "License").  You may not use this file except in compliance
      7  * with the License.
      8  *
      9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
     10  * or http://www.opensolaris.org/os/licensing.
     11  * See the License for the specific language governing permissions
     12  * and limitations under the License.
     13  *
     14  * When distributing Covered Code, include this CDDL HEADER in each
     15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
     16  * If applicable, add the following below this CDDL HEADER, with the
     17  * fields enclosed by brackets "[]" replaced with your own identifying
     18  * information: Portions Copyright [yyyy] [name of copyright owner]
     19  *
     20  * CDDL HEADER END
     21  */
     22 /*
     23  * Copyright (c) 2000 by Sun Microsystems, Inc.
     24  * All rights reserved.
     25  */
     26 
     27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
     28 
     29 #include <sys/types.h>
     30 #include <stdio.h>
     31 #include <sys/fcntl.h>
     32 #include <bsm/audit.h>
     33 #include <bsm/audit_record.h>
     34 #include <bsm/audit_uevents.h>
     35 #include <bsm/libbsm.h>
     36 #include <stdlib.h>
     37 #include <string.h>
     38 #include <syslog.h>
     39 #include <netinet/in.h>
     40 #include <unistd.h>
     41 #include <generic.h>
     42 
     43 #ifdef C2_DEBUG2
     44 #define	dprintf(x) { printf x; }
     45 #else
     46 #define	dprintf(x)
     47 #endif
     48 
     49 #define	AUD_NULL_STR(s)	((s) ? (s) : "(null)")
     50 
     51 void
     52 audit_krb5kdc_setup()
     53 {
     54 	dprintf(("audit_krb5kdc_setup()\n"));
     55 
     56 }
     57 
     58 static void
     59 common_audit(
     60 	au_event_t event,		/* audit event */
     61 	struct in_addr *r_addr,		/* remote ipv4 addr */
     62 	in_port_t r_port,		/* remote port */
     63 	in_port_t l_port,		/* local port */
     64 	char *cname,			/* client principal name */
     65 	char *sname,			/* requested service name */
     66 	int sorf)			/* flag for success or failure */
     67 {
     68 	auditinfo_t ai;
     69 	dev_t port = 0;
     70 	uint32_t machine;
     71 	char text_buf[512];
     72 
     73 	dprintf(("common_audit() start\n"));
     74 
     75 	/* if auditing turned off, then don't do anything */
     76 	if (cannot_audit(0))
     77 		return;
     78 
     79 	(void) aug_save_namask();
     80 
     81 	if (getaudit(&ai)) {
     82 		perror("krb5kdc");
     83 		return;
     84 	}
     85 	aug_save_auid(ai.ai_auid);	/* Audit ID */
     86 	aug_save_uid(getuid());		/* User ID */
     87 	aug_save_euid(geteuid());	/* Effective User ID */
     88 	aug_save_gid(getgid());		/* Group ID */
     89 	aug_save_egid(getegid());	/* Effective Group ID */
     90 	aug_save_pid(getpid());		/* process ID */
     91 	aug_save_asid(getpid());	/* session ID */
     92 
     93 	aug_save_event(event);
     94 	aug_save_sorf(sorf);
     95 
     96 	(void) snprintf(text_buf, sizeof (text_buf), "Client: %s",
     97 			AUD_NULL_STR(cname));
     98 	aug_save_text1(text_buf);
     99 	(void) snprintf(text_buf, sizeof (text_buf), "Service: %s",
    100 			AUD_NULL_STR(sname));
    101 	aug_save_text2(text_buf);
    102 
    103 	dprintf(("audit_krb5kdc: r_port=%d, l_port=%d\n", r_port, l_port));
    104 	port = (htons(r_port)<<16 | htons(l_port));
    105 
    106 	machine = r_addr ? (uint32_t)r_addr->s_addr : 0;
    107 
    108 	aug_save_tid_ex(port, &machine, AU_IPv4);
    109 
    110 	(void) aug_audit();
    111 }
    112 
    113 void
    114 audit_krb5kdc_as_req(
    115 	struct in_addr *r_addr,		/* remote ipv4 addr */
    116 	in_port_t r_port,		/* remote port */
    117 	in_port_t l_port,		/* local port */
    118 	char *cname,			/* client principal name */
    119 	char *sname,			/* requested service name */
    120 	int sorf)			/* flag for success or failure */
    121 {
    122 	common_audit(AUE_krb5kdc_as_req, r_addr, r_port, l_port, cname,
    123 		    sname, sorf);
    124 }
    125 
    126 void
    127 audit_krb5kdc_tgs_req(
    128 	struct in_addr *r_addr,		/* remote ipv4 addr */
    129 	in_port_t r_port,		/* remote port */
    130 	in_port_t l_port,		/* local port */
    131 	char *cname,			/* client principal name */
    132 	char *sname,			/* requested service name */
    133 	int sorf)			/* flag for success or failure */
    134 {
    135 	common_audit(AUE_krb5kdc_tgs_req, r_addr, r_port, l_port, cname,
    136 		    sname, sorf);
    137 }
    138 
    139 void
    140 audit_krb5kdc_tgs_req_2ndtktmm(
    141 	struct in_addr *r_addr,		/* remote ipv4 addr */
    142 	in_port_t r_port,		/* remote port */
    143 	in_port_t l_port,		/* local port */
    144 	char *cname,			/* client principal name */
    145 	char *sname)			/* requested service name */
    146 {
    147 	common_audit(AUE_krb5kdc_tgs_req_2ndtktmm, r_addr, r_port, l_port,
    148 		    cname, sname, 1);
    149 }
    150 
    151 void
    152 audit_krb5kdc_tgs_req_alt_tgt(
    153 	struct in_addr *r_addr,		/* remote ipv4 addr */
    154 	in_port_t r_port,		/* remote port */
    155 	in_port_t l_port,		/* local port */
    156 	char *cname,			/* client principal name */
    157 	char *sname,			/* requested service name */
    158 	int sorf)			/* flag for success or failure */
    159 {
    160 	common_audit(AUE_krb5kdc_tgs_req_alt_tgt, r_addr, r_port, l_port,
    161 		    cname, sname, sorf);
    162 }
    163