xref: /titanic_41/usr/src/lib/libbsm/common/audit_kadmind.c (revision ea394cb00fd96864e34d2841b4a22357b621c78f) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  *
25  */
26 #include <sys/types.h>
27 #include <sys/param.h>
28 #include <stdio.h>
29 #include <sys/fcntl.h>
30 #include <bsm/audit.h>
31 #include <bsm/audit_record.h>
32 #include <bsm/audit_uevents.h>
33 #include <bsm/libbsm.h>
34 #include <stdlib.h>
35 #include <string.h>
36 #include <syslog.h>
37 #include <netinet/in.h>
38 #include <sys/socket.h>
39 #include <rpc/rpc.h>
40 #include <tiuser.h>
41 #include <unistd.h>
42 #include <generic.h>
43 #include <note.h>
44 
45 #ifdef C2_DEBUG2
46 #define	dprintf(x) { (void) printf x; }
47 #else
48 #define	dprintf(x)
49 #endif
50 
51 /*
52  * netbuf2pm()
53  *
54  * Given an endpt in netbuf form,  return the port and machine.
55  * kadmind (currently) only works over IPv4, so only handle IPv4 addresses.
56  */
57 static void
58 netbuf2pm(
59 	struct netbuf *addr,
60 	in_port_t *port,
61 	uint32_t *machine)
62 {
63 	struct sockaddr_in sin4;
64 
65 	if (!addr) {
66 		syslog(LOG_DEBUG, "netbuf2pm: addr == NULL");
67 		return;
68 	}
69 
70 	if (!addr->buf) {
71 		syslog(LOG_DEBUG, "netbuf2pm: addr->buf == NULL");
72 		return;
73 	}
74 
75 	(void) memcpy(&sin4, addr->buf, sizeof (struct sockaddr_in));
76 	if (sin4.sin_family == AF_INET) {
77 		if (machine)
78 			*machine = sin4.sin_addr.s_addr;
79 		if (port)
80 			*port = sin4.sin_port;
81 	} else {
82 		dprintf(("netbuf2pm: unknown caller IP address family %d",
83 		    sin4.sin_family));
84 		syslog(LOG_DEBUG,
85 		    "netbuf2pm: unknown caller IP address family %d",
86 		    sin4.sin_family);
87 	}
88 }
89 
90 #define	AUD_NULL_STR(s)		((s) ? (s) : "(null)")
91 
92 static void
93 common_audit(
94 	au_event_t event,	/* audit event */
95 	SVCXPRT *xprt,		/* net transport handle */
96 	in_port_t l_port,	/* local port */
97 	char *op,		/* requested operation */
98 	char *prime_arg,	/* argument for op */
99 	char *clnt_name,	/* client principal name */
100 	int sorf) 		/* flag for success or failure */
101 
102 {
103 	auditinfo_t ai;
104 	in_port_t r_port = 0;
105 	dev_t port;
106 	uint32_t machine = 0;
107 	char text_buf[512];
108 
109 	dprintf(("common_audit() start\n"));
110 
111 	/* if auditing turned off, then don't do anything */
112 	if (cannot_audit(0))
113 		return;
114 
115 	(void) aug_save_namask();
116 
117 	/*
118 	 * set default values. We will overwrite them if appropriate.
119 	 */
120 	if (getaudit(&ai)) {
121 		perror("kadmind");
122 		return;
123 	}
124 	aug_save_auid(ai.ai_auid);	/* Audit ID */
125 	aug_save_uid(getuid());		/* User ID */
126 	aug_save_euid(geteuid());	/* Effective User ID */
127 	aug_save_gid(getgid());		/* Group ID */
128 	aug_save_egid(getegid());	/* Effective Group ID */
129 	aug_save_pid(getpid());		/* process ID */
130 	aug_save_asid(getpid());	/* session ID */
131 
132 	aug_save_event(event);
133 	aug_save_sorf(sorf);
134 
135 	(void) snprintf(text_buf, sizeof (text_buf), "Op: %s",
136 		AUD_NULL_STR(op));
137 	aug_save_text(text_buf);
138 	(void) snprintf(text_buf, sizeof (text_buf), "Arg: %s",
139 		AUD_NULL_STR(prime_arg));
140 	aug_save_text1(text_buf);
141 	(void) snprintf(text_buf, sizeof (text_buf), "Client: %s",
142 		AUD_NULL_STR(clnt_name));
143 	aug_save_text2(text_buf);
144 
145 	netbuf2pm(svc_getrpccaller(xprt), &r_port, &machine);
146 
147 	dprintf(("common_audit(): l_port=%d, r_port=%d,\n",
148 		ntohs(l_port), ntohs(r_port)));
149 
150 	port = (r_port<<16 | l_port);
151 
152 	aug_save_tid_ex(port,  &machine, AU_IPv4);
153 
154 	(void) aug_audit();
155 }
156 
157 void
158 audit_kadmind_auth(
159 	SVCXPRT *xprt,
160 	in_port_t l_port,
161 	char *op,
162 	char *prime_arg,
163 	char *clnt_name,
164 	int sorf)
165 {
166 	common_audit(AUE_kadmind_auth, xprt, l_port, op, prime_arg,
167 	    clnt_name, sorf);
168 }
169 
170 void
171 audit_kadmind_unauth(
172 	SVCXPRT *xprt,
173 	in_port_t l_port,
174 	char *op,
175 	char *prime_arg,
176 	char *clnt_name)
177 {
178 	common_audit(AUE_kadmind_unauth, xprt, l_port, op, prime_arg,
179 	    clnt_name, 1);
180 }
181