Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/krb5/src/plugins/audit/test/au_test.c
34907 views
1
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */

2
/* plugins/audit/au_test.c - Test Audit plugin implementation */

3
/*

4
 * Copyright (C) 2013 by the Massachusetts Institute of Technology.

5
 * All rights reserved.

6
 *

7
 * Redistribution and use in source and binary forms, with or without

8
 * modification, are permitted provided that the following conditions

9
 * are met:

10
 *

11
 * * Redistributions of source code must retain the above copyright

12
 *   notice, this list of conditions and the following disclaimer.

13
 *

14
 * * Redistributions in binary form must reproduce the above copyright

15
 *   notice, this list of conditions and the following disclaimer in

16
 *   the documentation and/or other materials provided with the

17
 *   distribution.

18
 *

19
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS

20
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

21
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS

22
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

23
 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,

24
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

25
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR

26
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

27
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

28
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

29
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

30
 * OF THE POSSIBILITY OF SUCH DAMAGE.

31
 */

32
/*

33
 * This test is to verify the JSON-based KDC audit functionality.

34
 * It utilized MIT Kerberos <kdc_j_encode.h> routines for JSON processing.

35
 */

36


37
#include <k5-int.h>

38
#include <krb5/audit_plugin.h>

39
#include <kdc_j_encode.h>

40
#include "k5-thread.h"

41


42
struct krb5_audit_moddata_st {

43
    int au_fd;

44
};

45


46
krb5_error_code

47
audit_test_initvt(krb5_context context, int maj_ver, int min_ver,

48
                  krb5_plugin_vtable vtable);

49


50
static FILE *au_fd;

51
static k5_mutex_t lock = K5_MUTEX_PARTIAL_INITIALIZER;

52


53
/* Open connection to the audit system. Returns 0 on success. */

54
static krb5_error_code

55
open_au(krb5_audit_moddata *auctx)

56
{

57
    au_fd = fopen("au.log", "a+");

58
    if (au_fd == NULL)

59
        return KRB5_PLUGIN_NO_HANDLE; /* audit module is unavailable */

60
    k5_mutex_init(&lock);

61
    return 0;

62
}

63


64
/* Close connection to the audit system. Returns 0. */

65
static krb5_error_code

66
close_au(krb5_audit_moddata auctx)

67
{

68
    fclose(au_fd);

69
    k5_mutex_destroy(&lock);

70
    return 0;

71
}

72


73
/* Log KDC-start event. Returns 0 on success. */

74
static krb5_error_code

75
j_kdc_start(krb5_audit_moddata auctx, krb5_boolean ev_success)

76
{

77
    krb5_error_code ret = 0;

78
    char *jout = NULL;

79


80
    ret = kau_j_kdc_start(ev_success, &jout);

81
    if (ret)

82
        return ret;

83
    k5_mutex_lock(&lock);

84
    fprintf(au_fd,"%s\n", jout);

85
    fflush(au_fd);

86
    k5_mutex_unlock(&lock);

87
    free(jout);

88
    return ret;

89
}

90


91
/* Log KDC-stop event. Returns 0 on success. */

92
static krb5_error_code

93
j_kdc_stop(krb5_audit_moddata auctx, krb5_boolean ev_success)

94
{

95
    krb5_error_code ret = 0;

96
    char *jout = NULL;

97


98
    ret = kau_j_kdc_stop(ev_success, &jout);

99
    if (ret)

100
        return ret;

101
    k5_mutex_lock(&lock);

102
    fprintf(au_fd,"%s\n", jout);

103
    fflush(au_fd);

104
    k5_mutex_unlock(&lock);

105
    free(jout);

106
    return ret;

107
}

108


109
/* Log AS_REQ event. Returns 0 on success. */

110
static krb5_error_code

111
j_as_req(krb5_audit_moddata auctx, krb5_boolean ev_success,

112
         krb5_audit_state *state)

113
{

114
    krb5_error_code ret = 0;

115
    char *jout = NULL;

116


117
    ret = kau_j_as_req(ev_success, state, &jout);

118
    if (ret)

119
        return ret;

120
    k5_mutex_lock(&lock);

121
    fprintf(au_fd,"%s\n", jout);

122
    fflush(au_fd);

123
    k5_mutex_unlock(&lock);

124
    free(jout);

125
    return ret;

126
}

127


128
/* Log TGS_REQ event. Returns 0 on success. */

129
static krb5_error_code

130
j_tgs_req(krb5_audit_moddata auctx, krb5_boolean ev_success,

131
          krb5_audit_state *state)

132
{

133
    krb5_error_code ret = 0;

134
    char *jout = NULL;

135


136
    ret = kau_j_tgs_req(ev_success, state, &jout);

137
    if (ret)

138
        return ret;

139
    k5_mutex_lock(&lock);

140
    fprintf(au_fd,"%s\n", jout);

141
    fflush(au_fd);

142
    k5_mutex_unlock(&lock);

143
    free(jout);

144
    return ret;

145
}

146


147
/* Log S4U2SELF event. Returns 0 on success. */

148
static krb5_error_code

149
j_tgs_s4u2self(krb5_audit_moddata auctx, krb5_boolean ev_success,

150
               krb5_audit_state *state)

151
{

152
    krb5_error_code ret = 0;

153
    char *jout = NULL;

154


155
    ret = kau_j_tgs_s4u2self(ev_success, state, &jout);

156
    if (ret)

157
        return ret;

158
    k5_mutex_lock(&lock);

159
    fprintf(au_fd,"%s\n", jout);

160
    fflush(au_fd);

161
    k5_mutex_unlock(&lock);

162
    free(jout);

163
    return ret;

164
}

165


166
/* Log S4U2PROXY event. Returns 0 on success. */

167
static krb5_error_code

168
j_tgs_s4u2proxy(krb5_audit_moddata auctx, krb5_boolean ev_success,

169
                krb5_audit_state *state)

170
{

171
    krb5_error_code ret = 0;

172
    char *jout = NULL;

173


174
    ret = kau_j_tgs_s4u2proxy(ev_success, state, &jout);

175
    if (ret)

176
        return ret;

177
    k5_mutex_lock(&lock);

178
    fprintf(au_fd,"%s\n", jout);

179
    fflush(au_fd);

180
    k5_mutex_unlock(&lock);

181
    free(jout);

182
    return ret;

183
}

184


185
/* Log user-to-user event. Returns 0 on success. */

186
static krb5_error_code

187
j_tgs_u2u(krb5_audit_moddata auctx, krb5_boolean ev_success,

188
          krb5_audit_state *state)

189
{

190
    krb5_error_code ret = 0;

191
    char *jout = NULL;

192


193
    ret = kau_j_tgs_u2u(ev_success, state, &jout);

194
    if (ret)

195
        return ret;

196
    k5_mutex_lock(&lock);

197
    fprintf(au_fd,"%s\n", jout);

198
    fflush(au_fd);

199
    k5_mutex_unlock(&lock);

200
    free(jout);

201
    return ret;

202
}

203


204
krb5_error_code

205
audit_test_initvt(krb5_context context, int maj_ver, int min_ver,

206
                  krb5_plugin_vtable vtable)

207
{

208
    krb5_audit_vtable vt;

209


210
    if (maj_ver != 1)

211
        return KRB5_PLUGIN_VER_NOTSUPP;

212


213
    vt = (krb5_audit_vtable)vtable;

214
    vt->name = "test";

215


216
    vt->open = open_au;

217
    vt->close = close_au;

218
    vt->kdc_start = j_kdc_start;

219
    vt->kdc_stop = j_kdc_stop;

220
    vt->as_req = j_as_req;

221
    vt->tgs_req = j_tgs_req;

222
    vt->tgs_s4u2self = j_tgs_s4u2self;

223
    vt->tgs_s4u2proxy = j_tgs_s4u2proxy;

224
    vt->tgs_u2u = j_tgs_u2u;

225


226
    return 0;

227
}

228


229