xref: /titanic_41/usr/src/lib/libbsm/common/audit_krb5kdc.c (revision 7c478bd95313f5f23a4c958a745db2134aa03244) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright (c) 2000 by Sun Microsystems, Inc.
24  * All rights reserved.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 #include <sys/types.h>
30 #include <stdio.h>
31 #include <sys/fcntl.h>
32 #include <bsm/audit.h>
33 #include <bsm/audit_record.h>
34 #include <bsm/audit_uevents.h>
35 #include <bsm/libbsm.h>
36 #include <stdlib.h>
37 #include <string.h>
38 #include <syslog.h>
39 #include <netinet/in.h>
40 #include <unistd.h>
41 #include <generic.h>
42 
43 #ifdef C2_DEBUG2
44 #define	dprintf(x) { printf x; }
45 #else
46 #define	dprintf(x)
47 #endif
48 
49 #define	AUD_NULL_STR(s)	((s) ? (s) : "(null)")
50 
51 void
52 audit_krb5kdc_setup()
53 {
54 	dprintf(("audit_krb5kdc_setup()\n"));
55 
56 }
57 
58 static void
59 common_audit(
60 	au_event_t event,		/* audit event */
61 	struct in_addr *r_addr,		/* remote ipv4 addr */
62 	in_port_t r_port,		/* remote port */
63 	in_port_t l_port,		/* local port */
64 	char *cname,			/* client principal name */
65 	char *sname,			/* requested service name */
66 	int sorf)			/* flag for success or failure */
67 {
68 	auditinfo_t ai;
69 	dev_t port = 0;
70 	uint32_t machine;
71 	char text_buf[512];
72 
73 	dprintf(("common_audit() start\n"));
74 
75 	/* if auditing turned off, then don't do anything */
76 	if (cannot_audit(0))
77 		return;
78 
79 	(void) aug_save_namask();
80 
81 	if (getaudit(&ai)) {
82 		perror("krb5kdc");
83 		return;
84 	}
85 	aug_save_auid(ai.ai_auid);	/* Audit ID */
86 	aug_save_uid(getuid());		/* User ID */
87 	aug_save_euid(geteuid());	/* Effective User ID */
88 	aug_save_gid(getgid());		/* Group ID */
89 	aug_save_egid(getegid());	/* Effective Group ID */
90 	aug_save_pid(getpid());		/* process ID */
91 	aug_save_asid(getpid());	/* session ID */
92 
93 	aug_save_event(event);
94 	aug_save_sorf(sorf);
95 
96 	(void) snprintf(text_buf, sizeof (text_buf), "Client: %s",
97 			AUD_NULL_STR(cname));
98 	aug_save_text1(text_buf);
99 	(void) snprintf(text_buf, sizeof (text_buf), "Service: %s",
100 			AUD_NULL_STR(sname));
101 	aug_save_text2(text_buf);
102 
103 	dprintf(("audit_krb5kdc: r_port=%d, l_port=%d\n", r_port, l_port));
104 	port = (htons(r_port)<<16 | htons(l_port));
105 
106 	machine = r_addr ? (uint32_t)r_addr->s_addr : 0;
107 
108 	aug_save_tid_ex(port, &machine, AU_IPv4);
109 
110 	(void) aug_audit();
111 }
112 
113 void
114 audit_krb5kdc_as_req(
115 	struct in_addr *r_addr,		/* remote ipv4 addr */
116 	in_port_t r_port,		/* remote port */
117 	in_port_t l_port,		/* local port */
118 	char *cname,			/* client principal name */
119 	char *sname,			/* requested service name */
120 	int sorf)			/* flag for success or failure */
121 {
122 	common_audit(AUE_krb5kdc_as_req, r_addr, r_port, l_port, cname,
123 		    sname, sorf);
124 }
125 
126 void
127 audit_krb5kdc_tgs_req(
128 	struct in_addr *r_addr,		/* remote ipv4 addr */
129 	in_port_t r_port,		/* remote port */
130 	in_port_t l_port,		/* local port */
131 	char *cname,			/* client principal name */
132 	char *sname,			/* requested service name */
133 	int sorf)			/* flag for success or failure */
134 {
135 	common_audit(AUE_krb5kdc_tgs_req, r_addr, r_port, l_port, cname,
136 		    sname, sorf);
137 }
138 
139 void
140 audit_krb5kdc_tgs_req_2ndtktmm(
141 	struct in_addr *r_addr,		/* remote ipv4 addr */
142 	in_port_t r_port,		/* remote port */
143 	in_port_t l_port,		/* local port */
144 	char *cname,			/* client principal name */
145 	char *sname)			/* requested service name */
146 {
147 	common_audit(AUE_krb5kdc_tgs_req_2ndtktmm, r_addr, r_port, l_port,
148 		    cname, sname, 1);
149 }
150 
151 void
152 audit_krb5kdc_tgs_req_alt_tgt(
153 	struct in_addr *r_addr,		/* remote ipv4 addr */
154 	in_port_t r_port,		/* remote port */
155 	in_port_t l_port,		/* local port */
156 	char *cname,			/* client principal name */
157 	char *sname,			/* requested service name */
158 	int sorf)			/* flag for success or failure */
159 {
160 	common_audit(AUE_krb5kdc_tgs_req_alt_tgt, r_addr, r_port, l_port,
161 		    cname, sname, sorf);
162 }
163