/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License, Version 1.0 only
 * (the "License").  You may not use this file except in compliance
 * with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
/*
 * Copyright (c) 2000 by Sun Microsystems, Inc.
 * All rights reserved.
 */

#pragma ident	"%Z%%M%	%I%	%E% SMI"

#include <sys/types.h>
#include <sys/param.h>
#include <stdio.h>
#include <sys/fcntl.h>
#include <bsm/audit.h>
#include <bsm/audit_record.h>
#include <bsm/audit_uevents.h>
#include <bsm/libbsm.h>
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <rpc/rpc.h>
#include <tiuser.h>
#include <unistd.h>
#include <generic.h>
#include <note.h>

#ifdef C2_DEBUG2
#define	dprintf(x) { printf x; }
#else
#define	dprintf(x)
#endif

/*
 * netbuf2pm()
 *
 * Given an endpt in netbuf form,  return the port and machine.
 * kadmind (currently) only works over IPv4, so only handle IPv4 addresses.
 */
static void
netbuf2pm(
	struct netbuf *addr,
	in_port_t *port,
	uint32_t *machine)
{
	struct sockaddr_in sin4;

	if (!addr) {
		syslog(LOG_DEBUG, "netbuf2pm: addr == NULL");
		return;
	}

	if (!addr->buf) {
		syslog(LOG_DEBUG, "netbuf2pm: addr->buf == NULL");
		return;
	}

	(void) memcpy(&sin4, addr->buf, sizeof (struct sockaddr_in));
	if (sin4.sin_family == AF_INET) {
		if (machine)
			*machine = sin4.sin_addr.s_addr;
		if (port)
			*port = sin4.sin_port;
	} else {
		dprintf(("netbuf2pm: unknown caller IP address family %d",
			sin4.sin_family));
		syslog(LOG_DEBUG,
		    "netbuf2pm: unknown caller IP address family %d",
		    sin4.sin_family);
	}
}

#define	AUD_NULL_STR(s)		((s) ? (s) : "(null)")

static void
common_audit(
	au_event_t event,	/* audit event */
	SVCXPRT *xprt,		/* net transport handle */
	in_port_t l_port,	/* local port */
	char *op,		/* requested operation */
	char *prime_arg,	/* argument for op */
	char *clnt_name,	/* client principal name */
	int sorf) 		/* flag for success or failure */

{
	auditinfo_t ai;
	in_port_t r_port = 0;
	dev_t port;
	uint32_t machine = 0;
	char text_buf[512];

	dprintf(("common_audit() start\n"));

	/* if auditing turned off, then don't do anything */
	if (cannot_audit(0))
		return;

	(void) aug_save_namask();

	/*
	 * set default values. We will overwrite them if appropriate.
	 */
	if (getaudit(&ai)) {
		perror("kadmind");
		return;
	}
	aug_save_auid(ai.ai_auid);	/* Audit ID */
	aug_save_uid(getuid());		/* User ID */
	aug_save_euid(geteuid());	/* Effective User ID */
	aug_save_gid(getgid());		/* Group ID */
	aug_save_egid(getegid());	/* Effective Group ID */
	aug_save_pid(getpid());		/* process ID */
	aug_save_asid(getpid());	/* session ID */

	aug_save_event(event);
	aug_save_sorf(sorf);

	(void) snprintf(text_buf, sizeof (text_buf), "Op: %s",
		AUD_NULL_STR(op));
	aug_save_text(text_buf);
	(void) snprintf(text_buf, sizeof (text_buf), "Arg: %s",
		AUD_NULL_STR(prime_arg));
	aug_save_text1(text_buf);
	(void) snprintf(text_buf, sizeof (text_buf), "Client: %s",
		AUD_NULL_STR(clnt_name));
	aug_save_text2(text_buf);

	netbuf2pm(svc_getrpccaller(xprt), &r_port, &machine);

	dprintf(("common_audit(): l_port=%d, r_port=%d,\n",
		ntohs(l_port), ntohs(r_port)));

	port = (r_port<<16 | l_port);

	aug_save_tid_ex(port,  &machine, AU_IPv4);

	(void) aug_audit();
}

void
audit_kadmind_auth(
	SVCXPRT *xprt,
	in_port_t l_port,
	char *op,
	char *prime_arg,
	char *clnt_name,
	int sorf)
{
	common_audit(AUE_kadmind_auth, xprt, l_port, op, prime_arg,
		    clnt_name, sorf);
}

void
audit_kadmind_unauth(
	SVCXPRT *xprt,
	in_port_t l_port,
	char *op,
	char *prime_arg,
	char *clnt_name)
{
	common_audit(AUE_kadmind_unauth, xprt, l_port, op, prime_arg,
		    clnt_name, 1);
}