upstream/oracle/userland-gate: components/krb5/Solaris/audit/kadmind

7504 49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	1	/*
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	2	* CDDL HEADER START
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	3	*
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	4	* The contents of this file are subject to the terms of the
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	5	* Common Development and Distribution License (the "License").
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	6	* You may not use this file except in compliance with the License.
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	7	*
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	8	* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	9	* or http://www.opensolaris.org/os/licensing.
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	10	* See the License for the specific language governing permissions
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	11	* and limitations under the License.
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	12	*
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	13	* When distributing Covered Code, include this CDDL HEADER in each
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	14	* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	15	* If applicable, add the following below this CDDL HEADER, with the
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	16	* fields enclosed by brackets "[]" replaced with your own identifying
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	17	* information: Portions Copyright [yyyy] [name of copyright owner]
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	18	*
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	19	* CDDL HEADER END
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	20	*/
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	21
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	22	/*
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	23	* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	24	*/
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	25
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	26	#include <socket-utils.h>
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	27	#include <rpc/rpc.h>
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	28	#include <syslog.h>
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	29	#include <bsm/adt.h>
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	30	#include <bsm/adt_event.h>
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	31
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	32	void
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	33	audit_kadmind(char op, char target, char client, char service, char *status,
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	34	SVCXPRT *xprt, int failure)
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	35	{
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	36	adt_session_data_t *ah;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	37	adt_event_data_t *event;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	38	adt_termid_t *termid;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	39	int adtstat = failure ? ADT_FAILURE : ADT_SUCCESS;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	40	void p = (void )xprt->xp_rtaddr.buf;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	41	struct sockaddr_in *p4;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	42	struct sockaddr_in6 *p6;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	43
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	44	if (adt_start_session(&ah, NULL, ADT_USE_PROC_DATA) != 0) {
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	45	syslog(LOG_AUTH \| LOG_ALERT, "adt_start_session(): %m");
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	46	return;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	47	}
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	48
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	49	if ((event = adt_alloc_event(ah, ADT_kadmind)) == NULL) {
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	50	syslog(LOG_AUTH \| LOG_ALERT, "adt_alloc_event(): %m");
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	51	(void) adt_end_session(ah);
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	52	return;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	53	}
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	54
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	55	if (((struct sockaddr *)p)->sa_family == AF_INET) {
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	56	p4 = (struct sockaddr_in *)p;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	57	event->adt_kadmind.cl_port = ntohs(p4->sin_port);
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	58	event->adt_kadmind.cl_addr_type = ADT_IPv4;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	59	event->adt_kadmind.cl_addr_address[0] =
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	60	(uint32_t)p4->sin_addr.s_addr;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	61	} else if (((struct sockaddr *)p)->sa_family == AF_INET6) {
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	62	p6 = (struct sockaddr_in6 *)p;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	63	event->adt_kadmind.cl_port = ntohs(p6->sin6_port);
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	64	event->adt_kadmind.cl_addr_type = ADT_IPv6;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	65	(void) memcpy(event->adt_kadmind.cl_addr_address,
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	66	&p6->sin6_addr, 4 * sizeof (uint_t));
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	67	}
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	68
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	69	event->adt_kadmind.op = op;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	70	event->adt_kadmind.target = target;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	71	event->adt_kadmind.client = client;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	72	event->adt_kadmind.service = service;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	73	event->adt_kadmind.status = status;
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	74
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	75	if (adt_put_event(event, adtstat, adtstat) != 0)
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	76	syslog(LOG_AUTH \| LOG_ALERT, "adt_put_event(): %m");
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	77
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	78	adt_free_event(event);
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	79	(void) adt_end_session(ah);
49f3285e13a3 24435657 Provide Solaris audit plugin for MIT Kerberos KDC Shawn Emery <shawn.emery@oracle.com> parents: diff changeset	80	}

author	Shawn Emery <shawn.emery@oracle.com>
	Sat, 17 Dec 2016 21:18:50 -0800
changeset 7504	49f3285e13a3
permissions	-rw-r--r--