src/kauth/kalog.c

   1 /*
   2  * Copyright 2000, International Business Machines Corporation and others.
   3  * All Rights Reserved.
   4  *
   5  * This software has been released under the terms of the IBM Public
   6  * License.  For details, see the LICENSE file in the top-level source
   7  * directory or online at http://www.openafs.org/dl/license10.html
   8  */
   9
  10 /*
  11  * ALL RIGHTS RESERVED
  12  */
  13
  14 /*
  15  * Routines to log kaserver activity
  16  *
  17  */
  18
  19 #include <afsconfig.h>
  20 #include <afs/param.h>
  21
  22 #include <roken.h>
  23
  24 #include <afs/afsutil.h>
  25 #include "kauth.h"
  26 #include "kalog.h"
  27
  28 extern afs_int32 verbose_track;
  29
  30 #ifdef AUTH_DBM_LOG
  31
  32 DBM *kalog_db;
  33
  34 void
  35 kalog_Init(void)
  36 {
  37     struct logOptions logopts;
  38
  39     memset(&logopts, 0, sizeof(logopts));
  40     logopts.lopt_dest = logDest_file;
  41     logopts.lopt_filename = AFSDIR_SERVER_KALOGDB_FILEPATH;
  42     logopts.lopt_rotateOnOpen = 1;
  43     logopts.lopt_rotateStyle = logRotate_old;
  44     OpenLog(&logopts);
  45     SetupLogSignals();
  46     kalog_db =
  47         dbm_open(AFSDIR_SERVER_KALOG_FILEPATH, O_WRONLY | O_CREAT,
  48                  KALOG_DB_MODE);
  49     if (!kalog_db)
  50         ViceLog(0, ("Cannot open dbm database - no DB logging possible\n"));
  51 }
  52
  53 /* log a ticket usage */
  54 void
  55 kalog_log(char *principal, char *instance, char *sprincipal,
  56           char *sinstance, char *realm, int hostaddr, int type)
  57 {
  58     char keybuf[512];           /* not random! 63 . 63 , 63 . 63 max key */
  59     datum key, data;
  60     kalog_elt rdata;
  61
  62     if (!kalog_db)
  63         return;
  64     if (*principal)
  65         strcpy(keybuf, principal);
  66     if (realm) {
  67         strcat(keybuf, "@");
  68         strcat(keybuf, realm);
  69     }
  70     if (*instance) {
  71         strcat(keybuf, ".");
  72         strcat(keybuf, instance);
  73     }
  74
  75     /* unlike the name/instance, the services can come down as NULL */
  76     if (sprincipal && *sprincipal) {
  77         strcat(keybuf, ",");
  78         strcat(keybuf, sprincipal);
  79         if (sinstance && *sinstance) {
  80             strcat(keybuf, ".");
  81             strcat(keybuf, sinstance);
  82         }
  83     }
  84     switch (type) {
  85     case LOG_CRUSER:
  86         strcat(keybuf, ":cruser");
  87         break;
  88     case LOG_CHPASSWD:
  89         strcat(keybuf, ":chp");
  90         break;
  91     case LOG_AUTHENTICATE:
  92         strcat(keybuf, ":auth");
  93         break;
  94     case LOG_AUTHFAILED:
  95         strcat(keybuf, ":authnot");
  96         break;
  97     case LOG_SETFIELDS:
  98         strcat(keybuf, ":setf");
  99         break;
 100     case LOG_DELUSER:
 101         strcat(keybuf, ":delu");
 102         break;
 103     case LOG_UNLOCK:
 104         strcat(keybuf, ":unlok");
 105         break;
 106     case LOG_GETTICKET:
 107         strcat(keybuf, ":gtck");
 108         break;
 109     case LOG_TGTREQUEST:
 110         strcat(keybuf, ":tgtreq");
 111         break;
 112     default:
 113         break;
 114     }
 115
 116     key.dptr = keybuf;
 117     key.dsize = strlen(keybuf) + 1;     /* store the key in a string w/ null */
 118     rdata.last_use = time((time_t *) 0);
 119     rdata.host = hostaddr;
 120     data.dptr = (char *)&rdata;
 121     data.dsize = sizeof(kalog_elt);
 122
 123     dbm_store(kalog_db, key, data, DBM_REPLACE);
 124
 125     ViceLog(verbose_track, ("%s from %x\n", keybuf, hostaddr));
 126 }
 127
 128
 129 #endif /* AUTH_DBM_LOG */
 130
 131
 132 /* log a ticket usage to the text log */
 133 void
 134 ka_log(char *principal, char *instance, char *sprincipal, char *sinstance,
 135        char *realm, int hostaddr, int type)
 136 {
 137     char logbuf[512];           /* not random! 63 . 63 , 63 . 63 max key */
 138
 139     logbuf[0] = '\0';           /* Empty string */
 140
 141     if (*principal)
 142         strlcpy(logbuf, principal, sizeof(logbuf));
 143     if (realm) {
 144         strlcat(logbuf, "@", sizeof(logbuf));
 145         strlcat(logbuf, realm, sizeof(logbuf));
 146     }
 147     if (*instance) {
 148         strlcat(logbuf, ".", sizeof(logbuf));
 149         strlcat(logbuf, instance, sizeof(logbuf));
 150     }
 151
 152     /* unlike the name/instance, the services can come down as NULL */
 153     if (sprincipal && *sprincipal) {
 154         strlcat(logbuf, ",", sizeof(logbuf));
 155         strlcat(logbuf, sprincipal, sizeof(logbuf));
 156         if (sinstance && *sinstance) {
 157             strlcat(logbuf, ".", sizeof(logbuf));
 158             strlcat(logbuf, sinstance, sizeof(logbuf));
 159         }
 160     }
 161     switch (type) {
 162     case LOG_CRUSER:
 163         strlcat(logbuf, ":cruser", sizeof(logbuf));
 164         break;
 165     case LOG_CHPASSWD:
 166         strlcat(logbuf, ":chp", sizeof(logbuf));
 167         break;
 168     case LOG_AUTHENTICATE:
 169         strlcat(logbuf, ":auth", sizeof(logbuf));
 170         break;
 171     case LOG_AUTHFAILED:
 172         strlcat(logbuf, ":authnot", sizeof(logbuf));
 173         break;
 174     case LOG_SETFIELDS:
 175         strlcat(logbuf, ":setf", sizeof(logbuf));
 176         break;
 177     case LOG_DELUSER:
 178         strlcat(logbuf, ":delu", sizeof(logbuf));
 179         break;
 180     case LOG_UNLOCK:
 181         strlcat(logbuf, ":unlok", sizeof(logbuf));
 182         break;
 183     case LOG_GETTICKET:
 184         strlcat(logbuf, ":gtck", sizeof(logbuf));
 185         break;
 186     case LOG_TGTREQUEST:
 187         strlcat(logbuf, ":tgtreq", sizeof(logbuf));
 188         break;
 189     default:
 190         break;
 191     }
 192
 193     ViceLog(verbose_track, ("%s from %x\n", logbuf, hostaddr));
 194 }