Attachment 94 Details for Bug 2 – Current revision of Solaris BSM audit diffs - missing autoconf changes and it hasn't been tested (may not compile). Needs to link with -lbsm

[patch] Current revision of Solaris BSM audit diffs - missing autoconf changes and it hasn't been tested (may not compile). Needs to link with -lbsm

openssh-bsm.diff (text/plain), 15.46 KB, created by Darren J Moffat on 2002-05-10 06:10:20 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Darren J Moffat

Created: 2002-05-10 06:10:20 AEST

Size: 15.46 KB

patch

obsolete

>diff -Nur openssh/auth1.c openssh-bsm/auth1.c
>--- openssh/auth1.c	Thu May  9 12:06:39 2002
>+++ openssh-bsm/auth1.c	Thu May  9 12:38:53 2002
>@@ -96,6 +96,10 @@
> 
> 	client_user = NULL;
> 
>+#ifdef HAVE_BSM_AUDIT_H
>+	audit_sshd_save_pw(pw);
>+#endif /* HAVE_BSM_AUDIT_H */
>+
> 	for (;;) {
> 		/* default to fail */
> 		authenticated = 0;
>@@ -302,8 +306,12 @@
> #else
> 		/* Special handling for root */
> 		if (authenticated && authctxt->pw->pw_uid == 0 &&
>-		    !auth_root_allowed(get_authname(type)))
>+		    !auth_root_allowed(get_authname(type))) {
> 			authenticated = 0;
>+#ifdef HAVE_BSM_AUDIT_H
>+			audit_sshd_not_console();
>+#endif /* HAVE_BSM_AUDIT_H */
>+		}
> #endif
> #ifdef USE_PAM
> 		if (!use_privsep && authenticated && 
>@@ -328,8 +336,14 @@
> 			    get_canonical_hostname(options.verify_reverse_mapping),
> 			    "ssh");
> #endif /* WITH_AIXAUTHENTICATE */
>+#ifdef HAVE_BSM_AUDIT_H
>+			audit_sshd_maxtrys();
>+#endif /* HAVE_BSM_AUDIT_H */
> 			packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
> 		}
>+#ifdef HAVE_BSM_AUDIT_H
>+		audit_sshd_bad_pw();
>+#endif /* HAVE_BSM_AUDIT_H */
> 
> 		packet_start(SSH_SMSG_FAILURE);
> 		packet_send();
>diff -Nur openssh/auth2.c openssh-bsm/auth2.c
>--- openssh/auth2.c	Thu May  9 12:06:39 2002
>+++ openssh-bsm/auth2.c	Thu May  9 12:38:54 2002
>@@ -187,6 +187,11 @@
> 	if (authctxt->attempt++ == 0) {
> 		/* setup auth context */
> 		authctxt->pw = PRIVSEP(getpwnamallow(user));
>+
>+#ifdef HAVE_BSM_AUDIT_H
>+		audit_sshd_save_pw(pw);
>+#endif /* HAVE_BSM_AUDIT_H */
>+	}
> 		if (authctxt->pw && strcmp(service, "ssh-connection")==0) {
> 			authctxt->valid = 1;
> 			debug2("input_userauth_request: setting up authctxt for %s", user);
>@@ -198,6 +203,9 @@
> #ifdef USE_PAM
> 			PRIVSEP(start_pam("NOUSER"));
> #endif
>+#ifdef HAVE_BSM_AUDIT_H
>+			audit_sshd_bad_pw();
>+#endif /* HAVE_BSM_AUDIT_H */
> 		}
> 		setproctitle("%s%s", authctxt->pw ? user : "unknown",
> 		    use_privsep ? " [net]" : "");
>@@ -240,8 +248,12 @@
> 
> 	/* Special handling for root */
> 	if (authenticated && authctxt->pw->pw_uid == 0 &&
>-	    !auth_root_allowed(method))
>+	    !auth_root_allowed(method)) {
> 		authenticated = 0;
>+#ifdef HAVE_BSM_AUDIT_H
>+		audit_sshd_not_console();
>+#endif /* HAVE_BSM_AUDIT_H */
>+	}
> 
> #ifdef USE_PAM
> 	if (!use_privsep && authenticated && authctxt->user && 
>@@ -350,8 +362,12 @@
> #ifdef HAVE_CYGWIN
> 	    check_nt_auth(1, authctxt->pw) &&
> #endif
>-	    PRIVSEP(auth_password(authctxt, password)) == 1)
>+	    PRIVSEP(auth_password(authctxt, password)) == 1) {
> 		authenticated = 1;
>+#ifdef HAVE_BSM_AUDIT_H
>+		audit_sshd_bad_pw();
>+#endif /* HAVE_BSM_AUDIT_H */
>+	}
> 	memset(password, 0, len);
> 	xfree(password);
> 	return authenticated;
>@@ -382,6 +398,12 @@
> 	if (check_nt_auth(0, authctxt->pw) == 0)
> 		return(0);
> #endif
>+#ifdef HAVE_BSM_AUDIT_H
>+	if (!authenticated) {
>+		audit_sshd_bad_pw();
>+	}
>+#endif /* HAVE_BSM_AUDIT_H */
>+
> 	return authenticated;
> }
> 
>diff -Nur openssh/bsmaudit.c openssh-bsm/bsmaudit.c
>--- openssh/bsmaudit.c	Wed Dec 31 16:00:00 1969
>+++ openssh-bsm/bsmaudit.c	Thu May  9 12:16:45 2002
>@@ -0,0 +1,334 @@
>+/*
>+ * Copyright 1988-2002 Sun Microsystems, Inc.  All rights reserved.
>+ * Use is subject to license terms.
>+ *
>+ *
>+ * Redistribution and use in source and binary forms, with or without
>+ * modification, are permitted provided that the following conditions
>+ * are met:
>+ * 1. Redistributions of source code must retain the above copyright
>+ *    notice, this list of conditions and the following disclaimer.
>+ * 2. Redistributions in binary form must reproduce the above copyright
>+ *    notice, this list of conditions and the following disclaimer in the
>+ *    documentation and/or other materials provided with the distribution.
>+ *
>+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+ *
>+ */
>+#pragma ident	"@(#)bsmaudit.c	1.1	01/09/17 SMI"
>+
>+#include <sys/systeminfo.h>
>+#include <sys/param.h>
>+#include <sys/types.h>
>+#include <sys/socket.h>
>+#include <sys/systeminfo.h>
>+#include <sys/stat.h>
>+#include <sys/wait.h>
>+#include <netinet/in.h>
>+#include <netdb.h>
>+#include <signal.h>
>+
>+#include <pwd.h>
>+#include <shadow.h>
>+#include <utmpx.h>
>+#include <unistd.h>
>+#include <string.h>
>+
>+#include <bsm/audit.h>
>+#include <bsm/libbsm.h>
>+#include <bsm/audit_uevents.h>
>+#include <bsm/audit_record.h>
>+#include "bsmaudit.h"
>+
>+#include <locale.h>
>+
>+#include "includes.h"
>+#include "ssh.h"
>+#include "log.h"
>+
>+static void audit_sshd_record(int typ, char *string, au_event_t event_no);
>+static void audit_sshd_session_setup(void);
>+static int selected(char *nam, uid_t uid, au_event_t event, int sf);
>+
>+static void get_terminal_id();
>+
>+extern int	cannot_audit(int);
>+extern void	aug_init(void);
>+extern dev_t	aug_get_port(void);
>+extern int 	aug_get_machine(char *, uint32_t *, uint32_t *);
>+extern void	aug_save_auid(au_id_t);
>+extern void	aug_save_uid(uid_t);
>+extern void	aug_save_euid(uid_t);
>+extern void	aug_save_gid(gid_t);
>+extern void	aug_save_egid(gid_t);
>+extern void	aug_save_pid(pid_t);
>+extern void	aug_save_asid(au_asid_t);
>+extern void	aug_save_tid(dev_t, unsigned int);
>+extern void	aug_save_tid_ex(dev_t, uint32_t *, uint32_t);
>+extern int	aug_save_me(void);
>+extern int	aug_save_namask(void);
>+extern void	aug_save_event(au_event_t);
>+extern void	aug_save_sorf(int);
>+extern void	aug_save_text(char *);
>+extern void	aug_save_text1(char *);
>+extern void	aug_save_text2(char *);
>+extern void	aug_save_na(int);
>+extern void	aug_save_user(char *);
>+extern void	aug_save_path(char *);
>+extern int	aug_save_policy(void);
>+extern void	aug_save_afunc(int (*)(int));
>+extern int	aug_audit(void);
>+extern int	aug_na_selected(void);
>+extern int	aug_selected(void);
>+extern int	aug_daemon_session(void);
>+
>+static char	sav_ttyn[512];
>+static char	sav_name[512];
>+static uid_t	sav_uid;
>+static gid_t	sav_gid;
>+static dev_t	sav_port;
>+static uint32_t	sav_machine[4];
>+static uint32_t	sav_iptype;
>+static char	sav_host[MAXHOSTNAMELEN];
>+static char	*sav_cmd;
>+
>+void
>+audit_sshd_save_port(int port)
>+{
>+	if (cannot_audit(0)) {
>+		return;
>+	}
>+	sav_port = port;
>+}
>+
>+void
>+audit_sshd_save_host(const char *host)
>+{
>+	if (cannot_audit(0)) {
>+		return;
>+	}
>+	(void) strlcpy(sav_host, host, sizeof (sav_host));
>+	(void) aug_get_machine(sav_host, &sav_machine[0], &sav_iptype);
>+}
>+
>+void
>+audit_sshd_save_command(const char *command)
>+{
>+	if (cannot_audit(0)) {
>+		return;
>+	}
>+	sav_cmd = strdup(command);
>+}
>+
>+void
>+audit_sshd_save_ttyn(const char *ttyn)
>+{
>+	if (cannot_audit(0)) {
>+		return;
>+	}
>+	(void) strlcpy(sav_ttyn, ttyn, sizeof (sav_ttyn));
>+}
>+
>+void
>+audit_sshd_save_pw(struct passwd *pwd)
>+{
>+	if (cannot_audit(0)) {
>+		return;
>+	}
>+	if (pwd == NULL) {
>+		sav_name[0] = '\0';
>+		sav_uid = -1;
>+		sav_gid = -1;
>+	} else {
>+		(void) strlcpy(sav_name, pwd->pw_name, sizeof (sav_name));
>+		sav_uid = pwd->pw_uid;
>+		sav_gid = pwd->pw_gid;
>+	}
>+}
>+
>+void
>+audit_sshd_nologin(void)
>+{
>+	if (cannot_audit(0)) {
>+		return;
>+	}
>+	audit_sshd_record(1, gettext("logins disabled by /etc/nologin"),
>+	    AUE_ssh);
>+}
>+
>+void
>+audit_sshd_maxtrys(void)
>+{
>+	if (cannot_audit(0)) {
>+		return;
>+	}
>+	audit_sshd_record(1, gettext("maxtrys"), AUE_ssh);
>+}
>+
>+void
>+audit_sshd_not_console(void)
>+{
>+	if (cannot_audit(0)) {
>+		return;
>+	}
>+	audit_sshd_record(2, gettext("not_console"), AUE_ssh);
>+}
>+
>+void
>+audit_sshd_bad_pw(void)
>+{
>+	if (cannot_audit(0)) {
>+		return;
>+	}
>+	if (sav_uid == -1) {
>+		audit_sshd_record(3, gettext("invalid user name"), AUE_ssh);
>+	} else {
>+		audit_sshd_record(4, gettext("invalid password or publickey"),
>+		    AUE_ssh);
>+	}
>+}
>+
>+void
>+audit_sshd_success(void)
>+{
>+	if (cannot_audit(0)) {
>+		return;
>+	}
>+
>+	audit_sshd_session_setup();
>+	audit_sshd_record(0, gettext("successful login"), AUE_ssh);
>+}
>+
>+static void
>+audit_sshd_record(int typ, char *string, au_event_t event_no)
>+{
>+	int		ad, rc;
>+	uid_t		uid;
>+	gid_t		gid;
>+	pid_t		pid;
>+	au_tid_addr_t	tid;
>+
>+	uid = sav_uid;
>+	gid = sav_gid;
>+	pid = getpid();
>+
>+	get_terminal_id(&tid);
>+
>+	if (typ == 0) {
>+		rc = 0;
>+	} else {
>+		rc = -1;
>+	}
>+
>+	if (!selected(sav_name, uid, event_no, rc))
>+		return;
>+
>+	debug3("BSM audit: sav_host=%s", sav_host);
>+	ad = au_open();
>+
>+	(void) au_write(ad, au_to_subject_ex(uid, uid, gid, uid, gid,
>+	    pid, pid, &tid));
>+	(void) au_write(ad, au_to_text(string));
>+	if (sav_cmd != NULL) {
>+		(void) au_write(ad, au_to_text(sav_cmd));
>+	}
>+	(void) au_write(ad, au_to_return32(typ, (int32_t)rc));
>+
>+	rc = au_close(ad, AU_TO_WRITE, event_no);
>+	if (rc < 0) {
>+		fatal("audit_sshd_record failed to write record: %s",
>+		    strerror(errno));
>+	}
>+}
>+
>+static void
>+audit_sshd_session_setup(void)
>+{
>+	int	rc;
>+	struct auditinfo_addr info;
>+	au_mask_t mask;
>+	struct auditinfo_addr now;
>+
>+	info.ai_auid = sav_uid;
>+	info.ai_asid = getpid();
>+	mask.am_success = 0;
>+	mask.am_failure = 0;
>+
>+	(void) au_user_mask(sav_name, &mask);
>+
>+	info.ai_mask.am_success  = mask.am_success;
>+	info.ai_mask.am_failure  = mask.am_failure;
>+
>+	/* see if terminal id already set */
>+	if (getaudit_addr(&now, sizeof (now)) < 0) {
>+		fatal("audit_sshd_session_setup: getaudit_addr failed: %s",
>+		    strerror(errno));
>+	}
>+
>+	debug("BSM audit_sshd_setup_session: calling get_terminal_id");
>+	get_terminal_id(&(info.ai_termid));
>+
>+	rc = setaudit_addr(&info, sizeof (info));
>+	if (rc < 0) {
>+		fatal("audit_sshd_session_setup: setaudit_addr failed: %s",
>+		    strerror(errno));
>+	}
>+}
>+
>+
>+static void
>+get_terminal_id(au_tid_addr_t *tid)
>+{
>+	tid->at_port = sav_port;
>+	tid->at_type = sav_iptype;
>+	tid->at_addr[0] = sav_machine[0];
>+	tid->at_addr[1] = sav_machine[1];
>+	tid->at_addr[2] = sav_machine[2];
>+	tid->at_addr[3] = sav_machine[3];
>+}
>+
>+void
>+audit_sshd_logout(void)
>+{
>+	char    textbuf[BSM_TEXTBUFSZ];
>+
>+	(void) snprintf(textbuf, sizeof (textbuf),
>+		gettext("sshd logout %s"), sav_name);
>+
>+	audit_sshd_record(0, textbuf, AUE_logout);
>+}
>+
>+static int
>+selected(char *nam, uid_t uid, au_event_t event, int sf)
>+{
>+	int	rc, sorf;
>+	char	naflags[512];
>+	struct au_mask mask;
>+
>+	mask.am_success = mask.am_failure = 0;
>+	if (uid < 0) {
>+		rc = getacna(naflags, 256); /* get non-attrib flags */
>+		if (rc == 0)
>+			(void) getauditflagsbin(naflags, &mask);
>+	} else {
>+		rc = au_user_mask(nam, &mask);
>+	}
>+
>+	if (sf == 0) {
>+		sorf = AU_PRS_SUCCESS;
>+	} else {
>+		sorf = AU_PRS_FAILURE;
>+	}
>+	rc = au_preselect(event, &mask, sorf, AU_PRS_REREAD);
>+
>+	return (rc);
>+}
>diff -Nur openssh/bsmaudit.h openssh-bsm/bsmaudit.h
>--- openssh/bsmaudit.h	Wed Dec 31 16:00:00 1969
>+++ openssh-bsm/bsmaudit.h	Thu May  9 12:41:24 2002
>@@ -0,0 +1,54 @@
>+/*
>+ * Copyright 1993-2002 Sun Microsystems, Inc.  All rights reserved.
>+ * Use is subject to license terms.
>+ *
>+ * Redistribution and use in source and binary forms, with or without
>+ * modification, are permitted provided that the following conditions
>+ * are met:
>+ * 1. Redistributions of source code must retain the above copyright
>+ *    notice, this list of conditions and the following disclaimer.
>+ * 2. Redistributions in binary form must reproduce the above copyright
>+ *    notice, this list of conditions and the following disclaimer in the
>+ *    documentation and/or other materials provided with the distribution.
>+ *
>+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+ *
>+ */
>+
>+#ifndef	_BSMAUDIT_H
>+#define	_BSMAUDIT_H
>+
>+#pragma ident	"@(#)bsmaudit.h	1.1	01/09/17 SMI"
>+
>+#ifdef	__cplusplus
>+extern "C" {
>+#endif
>+
>+#include <bsm/audit.h>
>+
>+void audit_sshd_maxtrys(void);
>+void audit_sshd_nologin(void);
>+void audit_sshd_save_pw(struct passwd *pwd);
>+void audit_sshd_not_console(void);
>+void audit_sshd_bad_pw(void);
>+void audit_sshd_save_host(const char *host);
>+void audit_sshd_save_ttyn(const char *ttyn);
>+void audit_sshd_save_port(int port);
>+void audit_sshd_save_command(const char *command);
>+void audit_sshd_success(void);
>+void audit_sshd_logout(void);
>+
>+#ifdef	__cplusplus
>+}
>+#endif
>+
>+#endif	/* _BSMAUDIT_H */
>diff -Nur openssh/includes.h openssh-bsm/includes.h
>--- openssh/includes.h	Thu May  9 12:06:41 2002
>+++ openssh-bsm/includes.h	Thu May  9 12:40:38 2002
>@@ -143,6 +143,10 @@
> # include <security/pam_appl.h>
> #endif
> 
>+#ifdef HAVE_BSM_AUDIT_H
>+# include "bsmaudit.h"
>+#endif
>+
> #include <openssl/opensslv.h> /* For OPENSSL_VERSION_NUMBER */
> 
> #include "defines.h"
>diff -Nur openssh/session.c openssh-bsm/session.c
>--- openssh/session.c	Thu May  9 12:06:42 2002
>+++ openssh-bsm/session.c	Thu May  9 12:38:54 2002
>@@ -516,10 +516,14 @@
> 
> 		/* record login, etc. similar to login(1) */
> #ifndef HAVE_OSF_SIA
>-		if (!(options.use_login && command == NULL))
>+		if (!(options.use_login && command == NULL)) {
> 			do_login(s, command);
>+#ifdef HAVE_BSM_AUDIT_H
>+			if (s->tty != NULL)
>+				audit_sshd_save_ttyn(s->tty);
>+#endif /* HAVE_BSM_AUDIT_H */
> # ifdef LOGIN_NEEDS_UTMPX
>-		else
>+		} else
> 			do_pre_login(s);
> # endif
> #endif
>@@ -1048,6 +1052,9 @@
> 		while (fgets(buf, sizeof(buf), f))
> 			fputs(buf, stderr);
> 		fclose(f);
>+#ifdef HAVE_BSM_AUDIT_H
>+		audit_sshd_nologin();
>+#endif /* HAVE_BSM_AUDIT_H */
> 		exit(254);
> 	}
> }
>@@ -1100,6 +1107,9 @@
> # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY)
> 		irix_setusercontext(pw);
> #  endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */
>+#ifdef HAVE_BSM_AUDIT_H
>+		audit_sshd_success();
>+#endif /* HAVE_BSM_AUDIT_H */
> 		/* Permanently switch to the desired uid. */
> 		permanently_set_uid(pw);
> #endif
>@@ -1165,6 +1175,10 @@
> # ifdef _AIX
> 		aix_usrinfo(pw, s->tty, s->ttyfd);
> # endif /* _AIX */
>+#ifdef HAVE_BSM_AUDIT_H
>+		if (command != NULL)
>+			audit_sshd_save_command(command);
>+#endif /* HAVE_BSM_AUDIT_H */
> 		do_setusercontext(pw);
> #endif /* HAVE_OSF_SIA */
> 	}
>diff -Nur openssh/sshd.c openssh-bsm/sshd.c
>--- openssh/sshd.c	Thu May  9 12:06:44 2002
>+++ openssh-bsm/sshd.c	Thu May  9 12:38:54 2002
>@@ -1358,7 +1358,10 @@
> 
> 	remote_port = get_remote_port();
> 	remote_ip = get_remote_ipaddr();
>-
>+#ifdef HAVE_BSM_AUDIT_H
>+	audit_sshd_save_host(remote_ip);
>+	audit_sshd_save_port(remote_port);
>+#endif /* HAVE_BSM_AUDIT_H */
> #ifdef LIBWRAP
> 	/* Check whether logins are denied from this host. */
> 	{
>diff -Nur openssh/sshlogin.c openssh-bsm/sshlogin.c
>--- openssh/sshlogin.c	Mon Feb 25 08:44:50 2002
>+++ openssh-bsm/sshlogin.c	Thu May  9 12:38:54 2002
>@@ -101,4 +101,7 @@
>   li = login_alloc_entry(pid, user, NULL, ttyname);
>   login_logout(li);
>   login_free_entry(li);
>+#ifdef HAVE_BSM_AUDIT_H
>+  audit_sshd_logout();
>+#endif /* HAVE_BSM_AUDIT_H */
> }

Actions: View | Diff

Attachments on bug 2: 94 | 95