Bugzilla – Attachment 618 Details for
Bug 125
add BSM audit support
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Unpacked patch for commenting
patch-bs-3.8p1 (text/plain), 29.14 KB, created by
Damien Miller
on 2004-04-26 10:51:46 AEST
(
hide
)
Description:
Unpacked patch for commenting
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2004-04-26 10:51:46 AEST
Size:
29.14 KB
patch
obsolete
>Index: INSTALL >--- INSTALL~ 2003-11-21 07:48:55.000000000 -0500 >+++ INSTALL 2004-03-03 17:37:39.133022000 -0500 >@@ -99,6 +99,21 @@ > configuration will work with sshd (sshd will match the other service > name). > >+If you enable BSM auditing on Solaris, you need to update audit_event(4) >+for praudit(1m) to give sensible output. The following line needs to be >+added to /etc/security/audit_event: >+ >+ 32800:AUE_openssh:OpenSSH login:lo >+ >+If the contrib/buildpkg.sh script is used, the included postinstall >+script will add the line for you. >+ >+The BSM audit event range available for third party TCB applications is >+32768 - 65535. Event number 32800 has been choosen for AUE_openssh. >+There is no official registry of 3rd party event numbers, so if this >+number is already in use on your system, change the value of >+AUE_openssh in openbsd-compat/bsd-solaris.h and rebuild. >+ > There are a few other options to the configure script: > > --with-pam enables PAM support. If PAM support is compiled in, it must >Index: auth.c >--- auth.c~ 2004-02-21 17:43:15.000000000 -0500 >+++ auth.c 2004-03-03 17:37:39.143021000 -0500 >@@ -482,6 +482,9 @@ > #endif > struct passwd *pw; > >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ solaris_audit_save_name(user); >+#endif /* BSM */ > pw = getpwnam(user); > if (pw == NULL) { > logit("Illegal user %.100s from %.100s", >@@ -489,18 +492,19 @@ > #ifdef CUSTOM_FAILED_LOGIN > record_failed_login(user, "ssh"); > #endif >- return (NULL); > } >- if (!allowed_user(pw)) >- return (NULL); >+ if (pw != NULL && !allowed_user(pw)) >+ pw = NULL; > #ifdef HAVE_LOGIN_CAP >- if ((lc = login_getclass(pw->pw_class)) == NULL) { >+ if (pw != NULL && (lc = login_getclass(pw->pw_class)) == NULL) { > debug("unable to get login class: %s", user); >- return (NULL); >+ pw = NULL; > } > #ifdef BSD_AUTH >- if ((as = auth_open()) == NULL || auth_setpwd(as, pw) != 0 || >- auth_approval(as, lc, pw->pw_name, "ssh") <= 0) { >+ as = NULL; >+ if (pw != NULL >+ && ((as = auth_open()) == NULL || auth_setpwd(as, pw) != 0 || >+ auth_approval(as, lc, pw->pw_name, "ssh") <= 0)) { > debug("Approval failure for %s", user); > pw = NULL; > } >@@ -508,9 +512,13 @@ > auth_close(as); > #endif > #endif >- if (pw != NULL) >- return (pwcopy(pw)); >- return (NULL); >+ if (pw != NULL) { >+ pw = pwcopy(pw); >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ solaris_audit_save_pw(pw); >+#endif /* BSM */ >+ } >+ return (pw); > } > > void >Index: auth1.c >--- auth1.c~ 2003-11-21 22:15:30.000000000 -0500 >+++ auth1.c 2004-03-03 17:37:39.153016000 -0500 >@@ -241,8 +241,12 @@ > #else > /* Special handling for root */ > if (authenticated && authctxt->pw->pw_uid == 0 && >- !auth_root_allowed(get_authname(type))) >+ !auth_root_allowed(get_authname(type))) { > authenticated = 0; >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ PRIVSEP(solaris_audit_not_console()); >+#endif /* BSM */ >+ } > #endif > > #ifdef USE_PAM >@@ -262,8 +266,15 @@ > if (authenticated) > return; > >- if (authctxt->failures++ > AUTH_FAIL_MAX) >+ if (authctxt->failures++ > AUTH_FAIL_MAX) { >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ PRIVSEP(solaris_audit_maxtrys()); >+#endif /* BSM */ > packet_disconnect(AUTH_FAIL_MSG, authctxt->user); >+ } >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ PRIVSEP(solaris_audit_bad_pw("authorization")); >+#endif /* BSM */ > > packet_start(SSH_SMSG_FAILURE); > packet_send(); >Index: auth2-kbdint.c >--- auth2-kbdint.c~ 2003-05-10 04:28:02.000000000 -0500 >+++ auth2-kbdint.c 2004-03-03 17:37:39.153041000 -0500 >@@ -28,6 +28,7 @@ > #include "packet.h" > #include "auth.h" > #include "log.h" >+#include "monitor_wrap.h" > #include "servconf.h" > #include "xmalloc.h" > >@@ -53,8 +54,13 @@ > xfree(lang); > #ifdef HAVE_CYGWIN > if (check_nt_auth(0, authctxt->pw) == 0) >- return(0); >+ authenticated = 0; > #endif >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ if (!authenticated) { >+ PRIVSEP(solaris_audit_bad_pw("interactive password entry")); >+ } >+#endif /* BSM */ > return authenticated; > } > >Index: auth2-passwd.c >--- auth2-passwd.c~ 2003-12-30 19:43:24.000000000 -0500 >+++ auth2-passwd.c 2004-03-03 17:37:39.163031000 -0500 >@@ -63,6 +63,11 @@ > authenticated = 1; > memset(password, 0, len); > xfree(password); >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ if (!authenticated) { >+ PRIVSEP(solaris_audit_bad_pw("password")); >+ } >+#endif /* BSM */ > return authenticated; > } > >Index: auth2-pubkey.c >--- auth2-pubkey.c~ 2004-01-20 19:02:50.000000000 -0500 >+++ auth2-pubkey.c 2004-03-03 17:37:39.173020000 -0500 >@@ -158,8 +158,13 @@ > xfree(pkblob); > #ifdef HAVE_CYGWIN > if (check_nt_auth(0, authctxt->pw) == 0) >- return(0); >+ authenticated = 0; > #endif >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ if (!authenticated) { >+ PRIVSEP(solaris_audit_bad_pw("public key")); >+ } >+#endif /* BSM */ > return authenticated; > } > >Index: auth2.c >--- auth2.c~ 2003-11-17 05:13:41.000000000 -0500 >+++ auth2.c 2004-03-03 17:37:39.183021000 -0500 >@@ -164,6 +164,9 @@ > if (options.use_pam) > PRIVSEP(start_pam(user)); > #endif >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ PRIVSEP(solaris_audit_bad_pw("name")); >+#endif /* BSM */ > } > setproctitle("%s%s", authctxt->pw ? user : "unknown", > use_privsep ? " [net]" : ""); >@@ -212,8 +215,12 @@ > > /* Special handling for root */ > if (authenticated && authctxt->pw->pw_uid == 0 && >- !auth_root_allowed(method)) >+ !auth_root_allowed(method)) { > authenticated = 0; >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ PRIVSEP(solaris_audit_not_console()); >+#endif /* BSM */ >+ } > > #ifdef USE_PAM > if (options.use_pam && authenticated && !PRIVSEP(do_pam_account())) >@@ -243,8 +250,15 @@ > /* now we can break out */ > authctxt->success = 1; > } else { >- if (authctxt->failures++ > AUTH_FAIL_MAX) >+ if (authctxt->failures++ > AUTH_FAIL_MAX) { >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ PRIVSEP(solaris_audit_maxtrys()); >+#endif /* BSM */ > packet_disconnect(AUTH_FAIL_MSG, authctxt->user); >+ } >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ PRIVSEP(solaris_audit_bad_pw("authorization")); >+#endif /* BSM */ > methods = authmethods_get(); > packet_start(SSH2_MSG_USERAUTH_FAILURE); > packet_put_cstring(methods); >Index: configure.ac >--- configure.ac~ 2004-02-24 00:47:04.000000000 -0500 >+++ configure.ac 2004-03-03 17:37:39.193036000 -0500 >@@ -649,6 +649,20 @@ > AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)]) > AC_CHECK_FUNCS(logout updwtmp logwtmp) > >+dnl Checks for libbsm functions >+AC_CHECK_HEADERS(bsm/audit.h) >+AC_CHECK_LIB(bsm, getaudit) >+AC_CHECK_FUNC(getaudit, AC_DEFINE(HAVE_GETAUDIT, >+ 1, >+ [Define if libbsm has `getaudit'.] >+ ) >+ ) >+AC_CHECK_FUNC(getaudit_addr, AC_DEFINE(HAVE_GETAUDIT_ADDR, >+ 1, >+ [Define if libbsm has `getaudit_addr'.] >+ ) >+ ) >+ > AC_FUNC_STRFTIME > > # Check for ALTDIRFUNC glob() extension >Index: contrib/solaris/buildpkg.sh >--- contrib/solaris/buildpkg.sh~ 2004-01-22 19:10:03.000000000 -0500 >+++ contrib/solaris/buildpkg.sh 2004-03-03 17:37:39.203023000 -0500 >@@ -191,6 +191,12 @@ > cat > postinstall << _EOF > #! /sbin/sh > # >+audit_event=/etc/security/audit_event >+ >+if [ -z "\`grep AUE_openssh \$audit_event\`" ] ; then >+ echo "32800:AUE_openssh:OpenSSH login:lo" >> \$audit_event >+fi >+# > [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\ > cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\ > \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config >Index: monitor.c >--- monitor.c~ 2004-02-06 00:40:27.000000000 -0500 >+++ monitor.c 2004-03-03 17:37:39.213035000 -0500 >@@ -137,6 +137,12 @@ > int mm_answer_gss_checkmic(int, Buffer *); > #endif > >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+int mm_answer_bad_pw(int, Buffer *); >+int mm_answer_maxtrys(int, Buffer *); >+int mm_answer_not_console(int, Buffer *); >+#endif /* BSM */ >+ > static Authctxt *authctxt; > static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */ > >@@ -196,6 +202,11 @@ > {MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok}, > {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic}, > #endif >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ {MONITOR_REQ_AUDIT_BAD_PW, MON_PERMIT, mm_answer_bad_pw}, >+ {MONITOR_REQ_AUDIT_MAXTRYS, MON_PERMIT, mm_answer_maxtrys}, >+ {MONITOR_REQ_AUDIT_NOT_CONSOLE, MON_PERMIT, mm_answer_not_console}, >+#endif /* BSM */ > {0, 0, NULL} > }; > >@@ -233,6 +244,11 @@ > {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, > {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, > #endif >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ {MONITOR_REQ_AUDIT_BAD_PW, MON_PERMIT, mm_answer_bad_pw}, >+ {MONITOR_REQ_AUDIT_MAXTRYS, MON_PERMIT, mm_answer_maxtrys}, >+ {MONITOR_REQ_AUDIT_NOT_CONSOLE, MON_PERMIT, mm_answer_not_console}, >+#endif /* BSM */ > {0, 0, NULL} > }; > >@@ -1482,6 +1498,50 @@ > exit (res); > } > >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ >+/* Report that the user or password is invalid */ >+ >+int >+mm_answer_bad_pw(int socket, Buffer *m) >+{ >+ char *what; >+ >+ debug3("%s", __func__); >+ >+ what = buffer_get_string(m, NULL); >+ solaris_audit_bad_pw(what); >+ xfree(what); >+ >+ return (0); >+} >+ >+/* Report that too many attemps have been made */ >+ >+int >+mm_answer_maxtrys(int socket, Buffer *m) >+{ >+ debug3("%s", __func__); >+ >+ solaris_audit_maxtrys(); >+ >+ return (0); >+} >+ >+/* Report that console access is not allowed */ >+ >+int >+mm_answer_not_console(int socket, Buffer *m) >+{ >+ debug3("%s", __func__); >+ >+ solaris_audit_not_console(); >+ >+ return (0); >+} >+ >+#endif /* BSM */ >+ > void > monitor_apply_keystate(struct monitor *pmonitor) > { >Index: monitor.h >--- monitor.h~ 2003-11-17 06:18:22.000000000 -0500 >+++ monitor.h 2004-03-03 17:37:39.223027000 -0500 >@@ -46,6 +46,9 @@ > MONITOR_REQ_PTYCLEANUP, > MONITOR_REQ_SESSKEY, MONITOR_ANS_SESSKEY, > MONITOR_REQ_SESSID, >+ MONITOR_REQ_AUDIT_BAD_PW, >+ MONITOR_REQ_AUDIT_MAXTRYS, >+ MONITOR_REQ_AUDIT_NOT_CONSOLE, > MONITOR_REQ_RSAKEYALLOWED, MONITOR_ANS_RSAKEYALLOWED, > MONITOR_REQ_RSACHALLENGE, MONITOR_ANS_RSACHALLENGE, > MONITOR_REQ_RSARESPONSE, MONITOR_ANS_RSARESPONSE, >Index: monitor_wrap.c >--- monitor_wrap.c~ 2003-11-21 07:56:47.000000000 -0500 >+++ monitor_wrap.c 2004-03-03 17:37:39.233025000 -0500 >@@ -1172,3 +1172,47 @@ > return (authenticated); > } > #endif /* GSSAPI */ >+ >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ >+void >+mm_solaris_audit_bad_pw(const char *what) >+{ >+ Buffer m; >+ >+ debug3("%s entering", __func__); >+ >+ buffer_init(&m); >+ buffer_put_string(&m, what, strlen(what) + 1); >+ >+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_BAD_PW, &m); >+ buffer_free(&m); >+} >+ >+void >+mm_solaris_audit_maxtrys(void) >+{ >+ Buffer m; >+ >+ debug3("%s entering", __func__); >+ >+ buffer_init(&m); >+ >+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_MAXTRYS, &m); >+ buffer_free(&m); >+} >+ >+void >+mm_solaris_audit_not_console(void) >+{ >+ Buffer m; >+ >+ debug3("%s entering", __func__); >+ >+ buffer_init(&m); >+ >+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_NOT_CONSOLE, &m); >+ buffer_free(&m); >+} >+ >+#endif /* BSM */ >Index: monitor_wrap.h >--- monitor_wrap.h~ 2003-11-17 06:18:22.000000000 -0500 >+++ monitor_wrap.h 2004-03-03 17:37:39.243017000 -0500 >@@ -99,6 +99,12 @@ > int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **); > int mm_skey_respond(void *, u_int, char **); > >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+void mm_solaris_audit_bad_pw(const char *what); >+void mm_solaris_audit_maxtrys(void); >+void mm_solaris_audit_not_console(void); >+#endif /* BSM */ >+ > /* zlib allocation hooks */ > > void *mm_zalloc(struct mm_master *, u_int, u_int); >Index: openbsd-compat/Makefile.in >--- openbsd-compat/Makefile.in~ 2004-01-21 01:07:23.000000000 -0500 >+++ openbsd-compat/Makefile.in 2004-03-03 17:37:39.243034000 -0500 >@@ -16,9 +16,24 @@ > INSTALL=@INSTALL@ > LDFLAGS=-L. @LDFLAGS@ > >-OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o strtoul.o vis.o >- >-COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o xmmap.o xcrypt.o >+OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o \ >+ getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o \ >+ inet_aton.o inet_ntoa.o inet_ntop.o \ >+ mktemp.o readpassphrase.o realpath.o rresvport.o \ >+ setenv.o setproctitle.o sigact.o \ >+ strlcat.o strlcpy.o strmode.o strsep.o \ >+ strtoul.o vis.o >+ >+COMPAT=bsd-arc4random.o \ >+ bsd-cray.o \ >+ bsd-cygwin_util.o \ >+ bsd-nextstep.o \ >+ bsd-solaris.o \ >+ bsd-getpeereid.o bsd-misc.o bsd-snprintf.o \ >+ bsd-waitpid.o bsd-openpty.o \ >+ fake-rfc2553.o \ >+ xmmap.o \ >+ xcrypt.o > > PORTS=port-irix.o port-aix.o > >Index: openbsd-compat/bsd-solaris.c >--- openbsd-compat/bsd-solaris.c~ 2004-03-03 17:37:39.253019000 -0500 >+++ openbsd-compat/bsd-solaris.c 2004-03-03 17:38:15.103435000 -0500 >@@ -0,0 +1,447 @@ >+/* >+ * Copyright 1988-2002 Sun Microsystems, Inc. All rights reserved. >+ * Use is subject to license terms. >+ * >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR >+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES >+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. >+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, >+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT >+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, >+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY >+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF >+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >+ * >+ */ >+#pragma ident "@(#)bsmaudit.c 1.1 01/09/17 SMI" >+ >+#include "includes.h" >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+#include <sys/systeminfo.h> >+#include <sys/param.h> >+#include <sys/types.h> >+#include <sys/socket.h> >+#include <sys/systeminfo.h> >+#include <sys/stat.h> >+#include <sys/wait.h> >+#include <netinet/in.h> >+#include <netdb.h> >+#include <signal.h> >+ >+#include <pwd.h> >+#include <shadow.h> >+#include <utmpx.h> >+#include <unistd.h> >+#include <string.h> >+ >+#include <bsm/audit.h> >+#include <bsm/libbsm.h> >+#include <bsm/audit_uevents.h> >+#include <bsm/audit_record.h> >+#include "openbsd-compat/bsd-solaris.h" >+ >+#include <locale.h> >+ >+#include "ssh.h" >+#include "log.h" >+#include "xmalloc.h" >+ >+#if defined(HAVE_GETAUDIT_ADDR) >+#define AuditInfoStruct auditinfo_addr >+#define AuditInfoTermID au_tid_addr_t >+#define GetAuditFunc(a,b) getaudit_addr((a),(b)) >+#define GetAuditFuncText "getaudit_addr" >+#define SetAuditFunc(a,b) setaudit_addr((a),(b)) >+#define SetAuditFuncText "setaudit_addr" >+#define AUToSubjectFunc au_to_subject_ex >+#define AUToReturnFunc(a,b) au_to_return32((a), (int32_t)(b)) >+#else >+#define AuditInfoStruct auditinfo >+#define AuditInfoTermID au_tid_t >+#define GetAuditFunc(a,b) getaudit(a) >+#define GetAuditFuncText "getaudit" >+#define SetAuditFunc(a,b) setaudit(a) >+#define SetAuditFuncText "setaudit" >+#define AUToSubjectFunc au_to_subject >+#define AUToReturnFunc(a,b) au_to_return((a), (u_int)(b)) >+#endif >+ >+static void solaris_audit_record(int typ, char *string, au_event_t event_no); >+static void solaris_audit_session_setup(void); >+static int selected(char *nam, uid_t uid, au_event_t event, int sf); >+ >+static void get_terminal_id(AuditInfoTermID *tid); >+ >+extern int cannot_audit(int); >+extern void aug_init(void); >+extern dev_t aug_get_port(void); >+extern int aug_get_machine(char *, uint32_t *, uint32_t *); >+extern void aug_save_auid(au_id_t); >+extern void aug_save_uid(uid_t); >+extern void aug_save_euid(uid_t); >+extern void aug_save_gid(gid_t); >+extern void aug_save_egid(gid_t); >+extern void aug_save_pid(pid_t); >+extern void aug_save_asid(au_asid_t); >+extern void aug_save_tid(dev_t, unsigned int); >+extern void aug_save_tid_ex(dev_t, uint32_t *, uint32_t); >+extern int aug_save_me(void); >+extern int aug_save_namask(void); >+extern void aug_save_event(au_event_t); >+extern void aug_save_sorf(int); >+extern void aug_save_text(char *); >+extern void aug_save_text1(char *); >+extern void aug_save_text2(char *); >+extern void aug_save_na(int); >+extern void aug_save_user(char *); >+extern void aug_save_path(char *); >+extern int aug_save_policy(void); >+extern void aug_save_afunc(int (*)(int)); >+extern int aug_audit(void); >+extern int aug_na_selected(void); >+extern int aug_selected(void); >+extern int aug_daemon_session(void); >+ >+static char sav_ttyn[512]; >+static char sav_name[512]; >+static uid_t sav_uid; >+static gid_t sav_gid; >+static dev_t sav_port; >+static uint32_t sav_machine[4]; >+static uint32_t sav_iptype; >+static char sav_host[MAXHOSTNAMELEN]; >+static char *sav_cmd = NULL; >+ >+void >+solaris_audit_save_port(int port) >+{ >+ if (cannot_audit(0)) { >+ return; >+ } >+ sav_port = port; >+ debug3("BSM audit: sav_port=%ld", (long)sav_port); >+} >+ >+void >+solaris_audit_save_host(const char *host) >+{ >+ int i; >+#if !defined(HAVE_GETAUDIT_ADDR) >+ in_addr_t ia; >+#endif >+ >+ if (cannot_audit(0)) { >+ return; >+ } >+ (void) strlcpy(sav_host, host, sizeof (sav_host)); >+ debug3("BSM audit: sav_host=%s", sav_host); >+ memset(sav_machine, 0, sizeof(sav_machine)); >+#if defined(HAVE_GETAUDIT_ADDR) >+ (void) aug_get_machine(sav_host, &sav_machine[0], &sav_iptype); >+ debug3("BSM audit: sav_iptype=%ld", (long)sav_iptype); >+#else >+ ia = inet_addr(host); >+ memcpy(&sav_machine[0], &ia, sizeof(sav_machine[0])); >+ sav_iptype = 0; /* not used, but just in case */ >+#endif >+ for (i = 0; i < sizeof(sav_machine) / sizeof(sav_machine[0]); i++) { >+ debug3("BSM audit: sav_machine[%d]=%08lx", >+ i, (long)sav_machine[i]); >+ } >+} >+ >+void >+solaris_audit_save_command(const char *command) >+{ >+ if (cannot_audit(0)) { >+ return; >+ } >+ if (sav_cmd != NULL) { >+ free(sav_cmd); >+ sav_cmd = NULL; >+ } >+ sav_cmd = xstrdup(command); >+ debug3("BSM audit: sav_cmd=%s", sav_cmd); >+} >+ >+void >+solaris_audit_save_ttyn(const char *ttyn) >+{ >+ if (cannot_audit(0)) { >+ return; >+ } >+ (void) strlcpy(sav_ttyn, ttyn, sizeof (sav_ttyn)); >+ debug3("BSM audit: sav_ttyn=%s", sav_ttyn); >+} >+ >+void >+solaris_audit_save_name(const char *name) >+{ >+ if (cannot_audit(0)) { >+ return; >+ } >+ (void) strlcpy(sav_name, name, sizeof (sav_name)); >+ debug3("BSM audit: sav_name=%s", sav_name); >+} >+ >+void >+solaris_audit_save_pw(struct passwd *pwd) >+{ >+ if (cannot_audit(0)) { >+ return; >+ } >+ if (pwd == NULL) { >+ sav_uid = -1; >+ sav_gid = -1; >+ } else { >+ (void) strlcpy(sav_name, pwd->pw_name, sizeof (sav_name)); >+ sav_uid = pwd->pw_uid; >+ sav_gid = pwd->pw_gid; >+ } >+ debug3("BSM audit: sav_name=%s", sav_name); >+ debug3("BSM audit: sav_uid=%ld", (long)sav_uid); >+ debug3("BSM audit: sav_gid=%ld", (long)sav_gid); >+} >+ >+void >+solaris_audit_nologin(void) >+{ >+ if (cannot_audit(0)) { >+ return; >+ } >+ solaris_audit_record(1, gettext("logins disabled by /etc/nologin"), >+ AUE_openssh); >+} >+ >+void >+solaris_audit_maxtrys(void) >+{ >+ char textbuf[BSM_TEXTBUFSZ]; >+ >+ if (cannot_audit(0)) { >+ return; >+ } >+ (void) snprintf(textbuf, sizeof (textbuf), >+ gettext("too many tries for user %s"), sav_name); >+ solaris_audit_record(1, textbuf, AUE_openssh); >+} >+ >+void >+solaris_audit_not_console(void) >+{ >+ if (cannot_audit(0)) { >+ return; >+ } >+ solaris_audit_record(2, gettext("not_console"), AUE_openssh); >+} >+ >+void >+solaris_audit_bad_pw(const char *what) >+{ >+ char textbuf[BSM_TEXTBUFSZ]; >+ >+ if (cannot_audit(0)) { >+ return; >+ } >+ if (sav_uid == -1) { >+ (void) snprintf(textbuf, sizeof (textbuf), >+ gettext("invalid user name \"%s\""), sav_name); >+ solaris_audit_record(3, textbuf, AUE_openssh); >+ } else { >+ (void) snprintf(textbuf, sizeof (textbuf), >+ gettext("invalid %s for user %s"), what, sav_name); >+ solaris_audit_record(4, textbuf, AUE_openssh); >+ } >+} >+ >+void >+solaris_audit_success(void) >+{ >+ char textbuf[BSM_TEXTBUFSZ]; >+ >+ if (cannot_audit(0)) { >+ return; >+ } >+ >+ solaris_audit_session_setup(); >+ (void) snprintf(textbuf, sizeof (textbuf), >+ gettext("successful login %s"), sav_name); >+ solaris_audit_record(0, textbuf, AUE_openssh); >+} >+ >+static void >+solaris_audit_record(int typ, char *string, au_event_t event_no) >+{ >+ int ad, rc, sel; >+ uid_t uid; >+ gid_t gid; >+ pid_t pid; >+ AuditInfoTermID tid; >+ >+ uid = sav_uid; >+ gid = sav_gid; >+ pid = getpid(); >+ >+ get_terminal_id(&tid); >+ >+ if (typ == 0) { >+ rc = 0; >+ } else { >+ /* >+ * The typ value is passed to the au_return function as >+ * the error number. We used to use small integer values >+ * (e.g. 4) to distinguish between the various errors, >+ * but praudit treats the field as an errno value and >+ * passes it through strerror(), so they would show >+ * up as (e.g.) "interrupted system call" (4 is EINTR) >+ * which was confusing: >+ * >+ * return,failure: Interrupted system call,-1 >+ * >+ * I tried setting rc to the negative of the typ and typ >+ * to zero, but that shows up as a success rather than a >+ * failure: >+ * >+ * return,success,-4 >+ * >+ * Sigh. >+ * >+ * Experimentally, using numbers outside the range of >+ * valid errno values show up as integers, e.g.: >+ * >+ * return,failure: 244,-1 >+ * >+ * which seems much more reasonable. >+ * >+ * According to the audit.log documentation, the field >+ * is only a char type (actually, probably unsigned char) >+ * so we have to keep it under 255. >+ */ >+ typ += 240; >+ if (typ > 255) { >+ typ = EINVAL; /* caller goofed */ >+ } >+ rc = -1; >+ } >+ >+ sel = selected(sav_name, uid, event_no, rc); >+ debug3("BSM audit: typ %d rc %d \"%s\"", typ, rc, string); >+ if (!sel) >+ return; >+ >+ ad = au_open(); >+ >+ (void) au_write(ad, AUToSubjectFunc(uid, uid, gid, uid, gid, >+ pid, pid, &tid)); >+ (void) au_write(ad, au_to_text(string)); >+ if (sav_cmd != NULL) { >+ (void) au_write(ad, au_to_text(sav_cmd)); >+ } >+ (void) au_write(ad, AUToReturnFunc(typ, rc)); >+ >+ rc = au_close(ad, AU_TO_WRITE, event_no); >+ if (rc < 0) { >+ error("BSM audit: solaris_audit_record failed to write \"%s\" record: %s", >+ string, strerror(errno)); >+ } >+} >+ >+static void >+solaris_audit_session_setup(void) >+{ >+ int rc; >+ struct AuditInfoStruct info; >+ au_mask_t mask; >+ struct AuditInfoStruct now; >+ >+ info.ai_auid = sav_uid; >+ info.ai_asid = getpid(); >+ mask.am_success = 0; >+ mask.am_failure = 0; >+ >+ (void) au_user_mask(sav_name, &mask); >+ >+ info.ai_mask.am_success = mask.am_success; >+ info.ai_mask.am_failure = mask.am_failure; >+ >+ /* see if terminal id already set */ >+ if (GetAuditFunc(&now, sizeof (now)) < 0) { >+ error("BSM audit: solaris_audit_session_setup: %s failed: %s", >+ GetAuditFuncText, strerror(errno)); >+ } >+ >+ debug("BSM solaris_audit_setup_session: calling get_terminal_id"); >+ get_terminal_id(&(info.ai_termid)); >+ >+ rc = SetAuditFunc(&info, sizeof (info)); >+ if (rc < 0) { >+ error("BSM audit: solaris_audit_session_setup: %s failed: %s", >+ SetAuditFuncText, strerror(errno)); >+ } >+} >+ >+ >+static void >+get_terminal_id(AuditInfoTermID *tid) >+{ >+#if defined(HAVE_GETAUDIT_ADDR) >+ tid->at_port = sav_port; >+ tid->at_type = sav_iptype; >+ tid->at_addr[0] = sav_machine[0]; >+ tid->at_addr[1] = sav_machine[1]; >+ tid->at_addr[2] = sav_machine[2]; >+ tid->at_addr[3] = sav_machine[3]; >+#else >+ tid->port = sav_port; >+ tid->machine = sav_machine[0]; >+#endif >+} >+ >+void >+solaris_audit_logout(void) >+{ >+ char textbuf[BSM_TEXTBUFSZ]; >+ >+ (void) snprintf(textbuf, sizeof (textbuf), >+ gettext("sshd logout %s"), sav_name); >+ >+ solaris_audit_record(0, textbuf, AUE_logout); >+} >+ >+static int >+selected(char *nam, uid_t uid, au_event_t event, int sf) >+{ >+ int rc, sorf; >+ char naflags[512]; >+ struct au_mask mask; >+ >+ mask.am_success = mask.am_failure = 0; >+ if (uid < 0) { >+ rc = getacna(naflags, 256); /* get non-attrib flags */ >+ if (rc == 0) >+ (void) getauditflagsbin(naflags, &mask); >+ } else { >+ rc = au_user_mask(nam, &mask); >+ } >+ >+ if (sf == 0) { >+ sorf = AU_PRS_SUCCESS; >+ } else { >+ sorf = AU_PRS_FAILURE; >+ } >+ rc = au_preselect(event, &mask, sorf, AU_PRS_REREAD); >+ >+ return (rc); >+} >+#endif /* BSM */ >Index: openbsd-compat/bsd-solaris.h >--- openbsd-compat/bsd-solaris.h~ 2004-03-03 17:37:39.253033000 -0500 >+++ openbsd-compat/bsd-solaris.h 2004-03-03 17:37:39.253037000 -0500 >@@ -0,0 +1,60 @@ >+/* >+ * Copyright 1993-2002 Sun Microsystems, Inc. All rights reserved. >+ * Use is subject to license terms. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR >+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES >+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. >+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, >+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT >+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, >+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY >+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF >+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >+ * >+ */ >+ >+#ifndef _BSD_SOLARIS_H >+#define _BSD_SOLARIS_H >+ >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ >+#pragma ident "@(#)bsmaudit.h 1.1 01/09/17 SMI" >+ >+#ifdef __cplusplus >+extern "C" { >+#endif >+ >+#include <bsm/audit.h> >+#define AUE_openssh 32800 >+ >+void solaris_audit_maxtrys(void); >+void solaris_audit_nologin(void); >+void solaris_audit_save_name(const char *name); >+void solaris_audit_save_pw(struct passwd *pwd); >+void solaris_audit_not_console(void); >+void solaris_audit_bad_pw(const char *what); >+void solaris_audit_save_host(const char *host); >+void solaris_audit_save_ttyn(const char *ttyn); >+void solaris_audit_save_port(int port); >+void solaris_audit_save_command(const char *command); >+void solaris_audit_success(void); >+void solaris_audit_logout(void); >+ >+#ifdef __cplusplus >+} >+#endif >+ >+#endif /* BSM */ >+ >+#endif /* _BSD_SOLARIS_H */ >Index: openbsd-compat/openbsd-compat.h >--- openbsd-compat/openbsd-compat.h~ 2004-01-21 01:07:23.000000000 -0500 >+++ openbsd-compat/openbsd-compat.h 2004-03-03 17:37:39.263025000 -0500 >@@ -162,6 +162,7 @@ > > /* Routines for a single OS platform */ > #include "bsd-cray.h" >+#include "bsd-solaris.h" > #include "bsd-cygwin_util.h" > #include "port-irix.h" > #include "port-aix.h" >Index: session.c >--- session.c~ 2004-02-23 08:01:27.000000000 -0500 >+++ session.c 2004-03-03 17:37:39.273034000 -0500 >@@ -559,6 +559,10 @@ > cray_init_job(s->pw); /* set up cray jid and tmpdir */ > #endif /* _UNICOS */ > do_login(s, command); >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ if (s->tty != NULL) >+ solaris_audit_save_ttyn(s->tty); >+#endif /* BSM */ > } > # ifdef LOGIN_NEEDS_UTMPX > else >@@ -1218,6 +1222,9 @@ > while (fgets(buf, sizeof(buf), f)) > fputs(buf, stderr); > fclose(f); >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ solaris_audit_nologin(); >+#endif /* BSM */ > fflush(NULL); > exit(254); > } >@@ -1414,6 +1421,10 @@ > do_motd(); > #else /* HAVE_OSF_SIA */ > do_nologin(pw); >+# if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ if (command != NULL) >+ solaris_audit_save_command(command); >+# endif /* BSM */ > do_setusercontext(pw); > #endif /* HAVE_OSF_SIA */ > } >Index: sshd.c >--- sshd.c~ 2004-02-23 17:20:29.000000000 -0500 >+++ sshd.c 2004-03-03 17:37:39.293026000 -0500 >@@ -1432,7 +1432,10 @@ > > remote_port = get_remote_port(); > remote_ip = get_remote_ipaddr(); >- >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ solaris_audit_save_host(remote_ip); >+ solaris_audit_save_port(remote_port); >+#endif /* BSM */ > #ifdef LIBWRAP > /* Check whether logins are denied from this host. */ > { >@@ -1502,6 +1505,11 @@ > } > > authenticated: >+ >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ solaris_audit_success(); >+#endif /* BSM */ >+ > /* > * In privilege separation, we fork another child and prepare > * file descriptor passing. >Index: sshlogin.c >--- sshlogin.c~ 2003-06-18 05:25:33.000000000 -0500 >+++ sshlogin.c 2004-03-03 17:37:39.303018000 -0500 >@@ -98,4 +98,7 @@ > li = login_alloc_entry(pid, user, NULL, ttyname); > login_logout(li); > login_free_entry(li); >+#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) >+ solaris_audit_logout(); >+#endif /* BSM */ > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=618">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 125
:
131
|
192
|
355
|
438
|
500
|
560
| 618 |
619
|
647
|
753
|
754
|
755
|
756
|
793
|
794
|
795
|
796
|
800
|
804
|
820
|
826
|
845
|
846