xref: /illumos-gate/usr/src/lib/libbsm/common/audit_krb5kdc.c (revision 1a2d662a91cee3bf82f41cd47c7ae6f3825d9db2) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  *
25  */
26 
27 #include <sys/types.h>
28 #include <stdio.h>
29 #include <sys/fcntl.h>
30 #include <bsm/audit.h>
31 #include <bsm/audit_record.h>
32 #include <bsm/audit_uevents.h>
33 #include <bsm/libbsm.h>
34 #include <stdlib.h>
35 #include <string.h>
36 #include <syslog.h>
37 #include <netinet/in.h>
38 #include <unistd.h>
39 #include <generic.h>
40 
41 #ifdef C2_DEBUG2
42 #define	dprintf(x) { (void) printf x; }
43 #else
44 #define	dprintf(x)
45 #endif
46 
47 #define	AUD_NULL_STR(s)	((s) ? (s) : "(null)")
48 
49 void
50 audit_krb5kdc_setup()
51 {
52 	dprintf(("audit_krb5kdc_setup()\n"));
53 
54 }
55 
56 static void
57 common_audit(
58 	au_event_t event,		/* audit event */
59 	struct in_addr *r_addr,		/* remote ipv4 addr */
60 	in_port_t r_port,		/* remote port */
61 	in_port_t l_port,		/* local port */
62 	char *cname,			/* client principal name */
63 	char *sname,			/* requested service name */
64 	int sorf)			/* flag for success or failure */
65 {
66 	auditinfo_t ai;
67 	dev_t port = 0;
68 	uint32_t machine;
69 	char text_buf[512];
70 
71 	dprintf(("common_audit() start\n"));
72 
73 	/* if auditing turned off, then don't do anything */
74 	if (cannot_audit(0))
75 		return;
76 
77 	(void) aug_save_namask();
78 
79 	if (getaudit(&ai)) {
80 		perror("krb5kdc");
81 		return;
82 	}
83 	aug_save_auid(ai.ai_auid);	/* Audit ID */
84 	aug_save_uid(getuid());		/* User ID */
85 	aug_save_euid(geteuid());	/* Effective User ID */
86 	aug_save_gid(getgid());		/* Group ID */
87 	aug_save_egid(getegid());	/* Effective Group ID */
88 	aug_save_pid(getpid());		/* process ID */
89 	aug_save_asid(getpid());	/* session ID */
90 
91 	aug_save_event(event);
92 	aug_save_sorf(sorf);
93 
94 	(void) snprintf(text_buf, sizeof (text_buf), "Client: %s",
95 	    AUD_NULL_STR(cname));
96 	aug_save_text1(text_buf);
97 	(void) snprintf(text_buf, sizeof (text_buf), "Service: %s",
98 	    AUD_NULL_STR(sname));
99 	aug_save_text2(text_buf);
100 
101 	dprintf(("audit_krb5kdc: r_port=%d, l_port=%d\n", r_port, l_port));
102 	port = (htons(r_port)<<16 | htons(l_port));
103 
104 	machine = r_addr ? (uint32_t)r_addr->s_addr : 0;
105 
106 	aug_save_tid_ex(port, &machine, AU_IPv4);
107 
108 	(void) aug_audit();
109 }
110 
111 void
112 audit_krb5kdc_as_req(
113 	struct in_addr *r_addr,		/* remote ipv4 addr */
114 	in_port_t r_port,		/* remote port */
115 	in_port_t l_port,		/* local port */
116 	char *cname,			/* client principal name */
117 	char *sname,			/* requested service name */
118 	int sorf)			/* flag for success or failure */
119 {
120 	common_audit(AUE_krb5kdc_as_req, r_addr, r_port, l_port, cname,
121 	    sname, sorf);
122 }
123 
124 void
125 audit_krb5kdc_tgs_req(
126 	struct in_addr *r_addr,		/* remote ipv4 addr */
127 	in_port_t r_port,		/* remote port */
128 	in_port_t l_port,		/* local port */
129 	char *cname,			/* client principal name */
130 	char *sname,			/* requested service name */
131 	int sorf)			/* flag for success or failure */
132 {
133 	common_audit(AUE_krb5kdc_tgs_req, r_addr, r_port, l_port, cname,
134 	    sname, sorf);
135 }
136 
137 void
138 audit_krb5kdc_tgs_req_2ndtktmm(
139 	struct in_addr *r_addr,		/* remote ipv4 addr */
140 	in_port_t r_port,		/* remote port */
141 	in_port_t l_port,		/* local port */
142 	char *cname,			/* client principal name */
143 	char *sname)			/* requested service name */
144 {
145 	common_audit(AUE_krb5kdc_tgs_req_2ndtktmm, r_addr, r_port, l_port,
146 	    cname, sname, 1);
147 }
148 
149 void
150 audit_krb5kdc_tgs_req_alt_tgt(
151 	struct in_addr *r_addr,		/* remote ipv4 addr */
152 	in_port_t r_port,		/* remote port */
153 	in_port_t l_port,		/* local port */
154 	char *cname,			/* client principal name */
155 	char *sname,			/* requested service name */
156 	int sorf)			/* flag for success or failure */
157 {
158 	common_audit(AUE_krb5kdc_tgs_req_alt_tgt, r_addr, r_port, l_port,
159 	    cname, sname, sorf);
160 }
161