Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/krb5/src/plugins/audit/simple/au_simple_main.c
34914 views
1
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */

2
/* plugins/audit/au_simple_main.c - Sample Audit plugin implementation */

3
/*

4
 * Copyright (C) 2013 by the Massachusetts Institute of Technology.

5
 * All rights reserved.

6
 *

7
 * Redistribution and use in source and binary forms, with or without

8
 * modification, are permitted provided that the following conditions

9
 * are met:

10
 *

11
 * * Redistributions of source code must retain the above copyright

12
 *   notice, this list of conditions and the following disclaimer.

13
 *

14
 * * Redistributions in binary form must reproduce the above copyright

15
 *   notice, this list of conditions and the following disclaimer in

16
 *   the documentation and/or other materials provided with the

17
 *   distribution.

18
 *

19
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS

20
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

21
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS

22
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

23
 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,

24
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

25
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR

26
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

27
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

28
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

29
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

30
 * OF THE POSSIBILITY OF SUCH DAMAGE.

31
 */

32


33
/*

34
 * This is a demo implementation of Audit JSON-based module.

35
 * It utilizes MIT Kerberos <kdc_j_encode.h> routines for JSON processing and

36
 * the Fedora/Debian libaudit library for audit logs.

37
 */

38


39
#include <k5-int.h>

40
#include <krb5/audit_plugin.h>

41
#include <libaudit.h>

42
#include <kdc_j_encode.h>

43


44
krb5_error_code

45
audit_simple_initvt(krb5_context context, int maj_ver, int min_ver,

46
                    krb5_plugin_vtable vtable);

47


48
struct krb5_audit_moddata_st {

49
    int fd;

50
};

51


52
/* Open connection to the audit system. Returns 0 on success. */

53
static krb5_error_code

54
open_au(krb5_audit_moddata *auctx_out)

55
{

56
    krb5_error_code ret;

57
    int fd = 0;

58
    krb5_audit_moddata auctx;

59


60
    auctx = k5calloc(1, sizeof(*auctx), &ret);

61
    if (ret)

62
        return ENOMEM;

63
    fd = audit_open();

64
    if (fd < 0)

65
        return KRB5_PLUGIN_NO_HANDLE; /* audit module is unavailable */

66


67
    auctx->fd = fd;

68
    *auctx_out = auctx;

69


70
    return 0;

71
}

72


73
/* Close connection to the audit system. Returns 0 on success. */

74
static krb5_error_code

75
close_au(krb5_audit_moddata auctx)

76
{

77
    int fd = auctx->fd;

78


79
    audit_close(fd);

80
    return 0;

81
}

82


83
/* Log KDC-start event. Returns 0 on success. */

84
static krb5_error_code

85
j_kdc_start(krb5_audit_moddata auctx, krb5_boolean ev_success)

86
{

87
    krb5_error_code ret = 0;

88
    int local_type = AUDIT_USER_START;

89
    int fd = auctx->fd;

90
    char *jout = NULL;

91


92
    if (fd < 0)

93
        return KRB5_PLUGIN_NO_HANDLE; /* audit module is unavailable */

94


95
    ret = kau_j_kdc_start(ev_success, &jout);

96
    if (ret)

97
        return ret;

98
    if (audit_log_user_message(fd, local_type, jout,

99
                               NULL, NULL, NULL, ev_success) <= 0)

100
        ret = EIO;

101
    free(jout);

102
    return ret;

103
}

104


105
/* Log KDC-stop event. Returns 0 on success. */

106
static krb5_error_code

107
j_kdc_stop(krb5_audit_moddata auctx, krb5_boolean ev_success)

108
{

109
    krb5_error_code ret = 0;

110
    int local_type = AUDIT_USER_END;

111
    int fd = auctx->fd;

112
    char *jout = NULL;

113


114
    if (fd < 0)

115
        return KRB5_PLUGIN_NO_HANDLE; /* audit module is unavailable */

116


117
    ret = kau_j_kdc_stop(ev_success, &jout);

118
    if (ret)

119
        return ret;

120
    if (audit_log_user_message(fd, local_type, jout,

121
                               NULL, NULL, NULL, ev_success) <= 0)

122
        ret = EIO;

123
    free(jout);

124
    return ret;

125
}

126


127
/* Log AS_REQ event. Returns 0 on success */

128
static krb5_error_code

129
j_as_req(krb5_audit_moddata auctx, krb5_boolean ev_success,

130
         krb5_audit_state *state)

131
{

132
    krb5_error_code ret = 0;

133
    int local_type = AUDIT_USER_AUTH;

134
    int fd = auctx->fd;

135
    char *jout = NULL;

136


137
    if (fd < 0)

138
        return KRB5_PLUGIN_NO_HANDLE; /* audit module is unavailable */

139


140
    ret = kau_j_as_req(ev_success, state, &jout);

141
    if (ret)

142
        return ret;

143
    if (audit_log_user_message(fd, local_type, jout,

144
                               NULL, NULL, NULL, ev_success) <= 0)

145
        ret = EIO;

146
    free(jout);

147
    return ret;

148
}

149


150
/* Log TGS_REQ event. Returns 0 on success */

151
static krb5_error_code

152
j_tgs_req(krb5_audit_moddata auctx, krb5_boolean ev_success,

153
          krb5_audit_state *state)

154
{

155
    krb5_error_code ret = 0;

156
    int local_type = AUDIT_USER_AUTH;

157
    int fd = auctx->fd;

158
    char *jout = NULL;

159


160
    if (fd < 0)

161
        return KRB5_PLUGIN_NO_HANDLE; /* audit module is unavailable */

162


163
    ret = kau_j_tgs_req(ev_success, state, &jout);

164
    if (ret)

165
        return ret;

166
    if (audit_log_user_message(fd, local_type, jout,

167
                               NULL, NULL, NULL, ev_success) <= 0)

168
        ret = EIO;

169
    free(jout);

170
    return ret;

171
}

172


173
/* Log S4U2SELF event. Returns 0 on success */

174
static krb5_error_code

175
j_tgs_s4u2self(krb5_audit_moddata auctx, krb5_boolean ev_success,

176
               krb5_audit_state *state)

177
{

178
    krb5_error_code ret = 0;

179
    int local_type = AUDIT_USER_AUTH;

180
    int fd = auctx->fd;

181
    char *jout = NULL;

182


183
    if (fd < 0)

184
        return KRB5_PLUGIN_NO_HANDLE; /* audit module is unavailable */

185


186
    ret = kau_j_tgs_s4u2self(ev_success, state, &jout);

187
    if (ret)

188
        return ret;

189
    if (audit_log_user_message(fd, local_type, jout,

190
                               NULL, NULL, NULL, ev_success) <= 0)

191
        ret = EIO;

192
    free(jout);

193
    return ret;

194
}

195


196
/* Log S4U2PROXY event. Returns 0 on success */

197
static krb5_error_code

198
j_tgs_s4u2proxy(krb5_audit_moddata auctx, krb5_boolean ev_success,

199
                krb5_audit_state *state)

200
{

201
    krb5_error_code ret = 0;

202
    int local_type = AUDIT_USER_AUTH;

203
    int fd = auctx->fd;

204
    char *jout = NULL;

205


206
    if (fd < 0)

207
        return KRB5_PLUGIN_NO_HANDLE; /* audit module is unavailable */

208


209
    ret = kau_j_tgs_s4u2proxy(ev_success, state, &jout);

210
    if (ret)

211
        return ret;

212
    if (audit_log_user_message(fd, local_type, jout,

213
                               NULL, NULL, NULL, ev_success) <= 0)

214
        ret = EIO;

215
    free(jout);

216
    return ret;

217
}

218


219
/* Log user-to-user event. Returns 0 on success */

220
static krb5_error_code

221
j_tgs_u2u(krb5_audit_moddata auctx, krb5_boolean ev_success,

222
          krb5_audit_state *state)

223
{

224
    krb5_error_code ret = 0;

225
    int local_type = AUDIT_USER_AUTH;

226
    int fd = auctx->fd;

227
    char *jout = NULL;

228


229
    if (fd < 0)

230
        return KRB5_PLUGIN_NO_HANDLE; /* audit module is unavailable */

231


232
    ret = kau_j_tgs_u2u(ev_success, state, &jout);

233
    if (ret)

234
        return ret;

235
    if (audit_log_user_message(fd, local_type, jout,

236
                               NULL, NULL, NULL, ev_success) <= 0)

237
        ret = EIO;

238
    free(jout);

239
    return ret;

240
}

241


242
krb5_error_code

243
audit_simple_initvt(krb5_context context, int maj_ver,

244
                    int min_ver, krb5_plugin_vtable vtable)

245
{

246
    krb5_audit_vtable vt;

247


248
    if (maj_ver != 1)

249
        return KRB5_PLUGIN_VER_NOTSUPP;

250


251
    vt = (krb5_audit_vtable)vtable;

252
    vt->name = "simple";

253
    vt->open = open_au;

254
    vt->close = close_au;

255
    vt->kdc_start = j_kdc_start;

256
    vt->kdc_stop = j_kdc_stop;

257
    vt->as_req = j_as_req;

258
    vt->tgs_req = j_tgs_req;

259
    vt->tgs_s4u2self = j_tgs_s4u2self;

260
    vt->tgs_s4u2proxy = j_tgs_s4u2proxy;

261
    vt->tgs_u2u = j_tgs_u2u;

262
    return 0;

263
}

264


265