Attachment #94 for bug #2

Lines 96-101 Link Here

(-)openssh/auth1.c (-1 / +15 lines)
96		96
97	client_user = NULL;	97	client_user = NULL;
98		98
		99	#ifdef HAVE_BSM_AUDIT_H
		100	audit_sshd_save_pw(pw);
		101	#endif /* HAVE_BSM_AUDIT_H */
		102
99	for (;;) {	103	for (;;) {
100	/* default to fail */	104	/* default to fail */
101	authenticated = 0;	105	authenticated = 0;
Lines 302-309 Link Here
302	#else	306	#else
303	/* Special handling for root */	307	/* Special handling for root */
304	if (authenticated && authctxt->pw->pw_uid == 0 &&	308	if (authenticated && authctxt->pw->pw_uid == 0 &&
305	!auth_root_allowed(get_authname(type)))	309	!auth_root_allowed(get_authname(type))) {
306	authenticated = 0;	310	authenticated = 0;
		311	#ifdef HAVE_BSM_AUDIT_H
		312	audit_sshd_not_console();
		313	#endif /* HAVE_BSM_AUDIT_H */
		314	}
307	#endif	315	#endif
308	#ifdef USE_PAM	316	#ifdef USE_PAM
309	if (!use_privsep && authenticated &&	317	if (!use_privsep && authenticated &&
Lines 328-335 Link Here
328	get_canonical_hostname(options.verify_reverse_mapping),	336	get_canonical_hostname(options.verify_reverse_mapping),
329	"ssh");	337	"ssh");
330	#endif /* WITH_AIXAUTHENTICATE */	338	#endif /* WITH_AIXAUTHENTICATE */
		339	#ifdef HAVE_BSM_AUDIT_H
		340	audit_sshd_maxtrys();
		341	#endif /* HAVE_BSM_AUDIT_H */
331	packet_disconnect(AUTH_FAIL_MSG, authctxt->user);	342	packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
332	}	343	}
		344	#ifdef HAVE_BSM_AUDIT_H
		345	audit_sshd_bad_pw();
		346	#endif /* HAVE_BSM_AUDIT_H */
333		347
334	packet_start(SSH_SMSG_FAILURE);	348	packet_start(SSH_SMSG_FAILURE);
335	packet_send();	349	packet_send();

Lines 187-192 Link Here

(-)openssh/auth2.c (-2 / +24 lines)
187	if (authctxt->attempt++ == 0) {	187	if (authctxt->attempt++ == 0) {
188	/* setup auth context */	188	/* setup auth context */
189	authctxt->pw = PRIVSEP(getpwnamallow(user));	189	authctxt->pw = PRIVSEP(getpwnamallow(user));
		190
		191	#ifdef HAVE_BSM_AUDIT_H
		192	audit_sshd_save_pw(pw);
		193	#endif /* HAVE_BSM_AUDIT_H */
		194	}
190	if (authctxt->pw && strcmp(service, "ssh-connection")==0) {	195	if (authctxt->pw && strcmp(service, "ssh-connection")==0) {
191	authctxt->valid = 1;	196	authctxt->valid = 1;
192	debug2("input_userauth_request: setting up authctxt for %s", user);	197	debug2("input_userauth_request: setting up authctxt for %s", user);
Lines 198-203 Link Here
198	#ifdef USE_PAM	203	#ifdef USE_PAM
199	PRIVSEP(start_pam("NOUSER"));	204	PRIVSEP(start_pam("NOUSER"));
200	#endif	205	#endif
		206	#ifdef HAVE_BSM_AUDIT_H
		207	audit_sshd_bad_pw();
		208	#endif /* HAVE_BSM_AUDIT_H */
201	}	209	}
202	setproctitle("%s%s", authctxt->pw ? user : "unknown",	210	setproctitle("%s%s", authctxt->pw ? user : "unknown",
203	use_privsep ? " [net]" : "");	211	use_privsep ? " [net]" : "");
Lines 240-247 Link Here
240		248
241	/* Special handling for root */	249	/* Special handling for root */
242	if (authenticated && authctxt->pw->pw_uid == 0 &&	250	if (authenticated && authctxt->pw->pw_uid == 0 &&
243	!auth_root_allowed(method))	251	!auth_root_allowed(method)) {
244	authenticated = 0;	252	authenticated = 0;
		253	#ifdef HAVE_BSM_AUDIT_H
		254	audit_sshd_not_console();
		255	#endif /* HAVE_BSM_AUDIT_H */
		256	}
245		257
246	#ifdef USE_PAM	258	#ifdef USE_PAM
247	if (!use_privsep && authenticated && authctxt->user &&	259	if (!use_privsep && authenticated && authctxt->user &&
Lines 350-357 Link Here
350	#ifdef HAVE_CYGWIN	362	#ifdef HAVE_CYGWIN
351	check_nt_auth(1, authctxt->pw) &&	363	check_nt_auth(1, authctxt->pw) &&
352	#endif	364	#endif
353	PRIVSEP(auth_password(authctxt, password)) == 1)	365	PRIVSEP(auth_password(authctxt, password)) == 1) {
354	authenticated = 1;	366	authenticated = 1;
		367	#ifdef HAVE_BSM_AUDIT_H
		368	audit_sshd_bad_pw();
		369	#endif /* HAVE_BSM_AUDIT_H */
		370	}
355	memset(password, 0, len);	371	memset(password, 0, len);
356	xfree(password);	372	xfree(password);
357	return authenticated;	373	return authenticated;
Lines 382-387 Link Here
382	if (check_nt_auth(0, authctxt->pw) == 0)	398	if (check_nt_auth(0, authctxt->pw) == 0)
383	return(0);	399	return(0);
384	#endif	400	#endif
		401	#ifdef HAVE_BSM_AUDIT_H
		402	if (!authenticated) {
		403	audit_sshd_bad_pw();
		404	}
		405	#endif /* HAVE_BSM_AUDIT_H */
		406
385	return authenticated;	407	return authenticated;
386	}	408	}
387		409




/*
 * Copyright 1988-2002 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 *
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 */
#pragma ident	"@(#)bsmaudit.c	1.1	01/09/17 SMI"

#include <sys/systeminfo.h>
#include <sys/param.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/systeminfo.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <netinet/in.h>
#include <netdb.h>
#include <signal.h>

#include <pwd.h>
#include <shadow.h>
#include <utmpx.h>
#include <unistd.h>
#include <string.h>

#include <bsm/audit.h>
#include <bsm/libbsm.h>
#include <bsm/audit_uevents.h>
#include <bsm/audit_record.h>
#include "bsmaudit.h"

#include <locale.h>

#include "includes.h"
#include "ssh.h"
#include "log.h"

static void audit_sshd_record(int typ, char *string, au_event_t event_no);
static void audit_sshd_session_setup(void);
static int selected(char *nam, uid_t uid, au_event_t event, int sf);

static void get_terminal_id();

extern int	cannot_audit(int);
extern void	aug_init(void);
extern dev_t	aug_get_port(void);
extern int 	aug_get_machine(char *, uint32_t *, uint32_t *);
extern void	aug_save_auid(au_id_t);
extern void	aug_save_uid(uid_t);
extern void	aug_save_euid(uid_t);
extern void	aug_save_gid(gid_t);
extern void	aug_save_egid(gid_t);
extern void	aug_save_pid(pid_t);
extern void	aug_save_asid(au_asid_t);
extern void	aug_save_tid(dev_t, unsigned int);
extern void	aug_save_tid_ex(dev_t, uint32_t *, uint32_t);
extern int	aug_save_me(void);
extern int	aug_save_namask(void);
extern void	aug_save_event(au_event_t);
extern void	aug_save_sorf(int);
extern void	aug_save_text(char *);
extern void	aug_save_text1(char *);
extern void	aug_save_text2(char *);
extern void	aug_save_na(int);
extern void	aug_save_user(char *);
extern void	aug_save_path(char *);
extern int	aug_save_policy(void);
extern void	aug_save_afunc(int (*)(int));
extern int	aug_audit(void);
extern int	aug_na_selected(void);
extern int	aug_selected(void);
extern int	aug_daemon_session(void);

static char	sav_ttyn[512];
static char	sav_name[512];
static uid_t	sav_uid;
static gid_t	sav_gid;
static dev_t	sav_port;
static uint32_t	sav_machine[4];
static uint32_t	sav_iptype;
static char	sav_host[MAXHOSTNAMELEN];
static char	*sav_cmd;

void
audit_sshd_save_port(int port)
{
	if (cannot_audit(0)) {
		return;
	}
	sav_port = port;
}

void
audit_sshd_save_host(const char *host)
{
	if (cannot_audit(0)) {
		return;
	}
	(void) strlcpy(sav_host, host, sizeof (sav_host));
	(void) aug_get_machine(sav_host, &sav_machine[0], &sav_iptype);
}

void
audit_sshd_save_command(const char *command)
{
	if (cannot_audit(0)) {
		return;
	}
	sav_cmd = strdup(command);
}

void
audit_sshd_save_ttyn(const char *ttyn)
{
	if (cannot_audit(0)) {
		return;
	}
	(void) strlcpy(sav_ttyn, ttyn, sizeof (sav_ttyn));
}

void
audit_sshd_save_pw(struct passwd *pwd)
{
	if (cannot_audit(0)) {
		return;
	}
	if (pwd == NULL) {
		sav_name[0] = '\0';
		sav_uid = -1;
		sav_gid = -1;
	} else {
		(void) strlcpy(sav_name, pwd->pw_name, sizeof (sav_name));
		sav_uid = pwd->pw_uid;
		sav_gid = pwd->pw_gid;
	}
}

void
audit_sshd_nologin(void)
{
	if (cannot_audit(0)) {
		return;
	}
	audit_sshd_record(1, gettext("logins disabled by /etc/nologin"),
	    AUE_ssh);
}

void
audit_sshd_maxtrys(void)
{
	if (cannot_audit(0)) {
		return;
	}
	audit_sshd_record(1, gettext("maxtrys"), AUE_ssh);
}

void
audit_sshd_not_console(void)
{
	if (cannot_audit(0)) {
		return;
	}
	audit_sshd_record(2, gettext("not_console"), AUE_ssh);
}

void
audit_sshd_bad_pw(void)
{
	if (cannot_audit(0)) {
		return;
	}
	if (sav_uid == -1) {
		audit_sshd_record(3, gettext("invalid user name"), AUE_ssh);
	} else {
		audit_sshd_record(4, gettext("invalid password or publickey"),
		    AUE_ssh);
	}
}

void
audit_sshd_success(void)
{
	if (cannot_audit(0)) {
		return;
	}

	audit_sshd_session_setup();
	audit_sshd_record(0, gettext("successful login"), AUE_ssh);
}

static void
audit_sshd_record(int typ, char *string, au_event_t event_no)
{
	int		ad, rc;
	uid_t		uid;
	gid_t		gid;
	pid_t		pid;
	au_tid_addr_t	tid;

	uid = sav_uid;
	gid = sav_gid;
	pid = getpid();

	get_terminal_id(&tid);

	if (typ == 0) {
		rc = 0;
	} else {
		rc = -1;
	}

	if (!selected(sav_name, uid, event_no, rc))
		return;

	debug3("BSM audit: sav_host=%s", sav_host);
	ad = au_open();

	(void) au_write(ad, au_to_subject_ex(uid, uid, gid, uid, gid,
	    pid, pid, &tid));
	(void) au_write(ad, au_to_text(string));
	if (sav_cmd != NULL) {
		(void) au_write(ad, au_to_text(sav_cmd));
	}
	(void) au_write(ad, au_to_return32(typ, (int32_t)rc));

	rc = au_close(ad, AU_TO_WRITE, event_no);
	if (rc < 0) {
		fatal("audit_sshd_record failed to write record: %s",
		    strerror(errno));
	}
}

static void
audit_sshd_session_setup(void)
{
	int	rc;
	struct auditinfo_addr info;
	au_mask_t mask;
	struct auditinfo_addr now;

	info.ai_auid = sav_uid;
	info.ai_asid = getpid();
	mask.am_success = 0;
	mask.am_failure = 0;

	(void) au_user_mask(sav_name, &mask);

	info.ai_mask.am_success  = mask.am_success;
	info.ai_mask.am_failure  = mask.am_failure;

	/* see if terminal id already set */
	if (getaudit_addr(&now, sizeof (now)) < 0) {
		fatal("audit_sshd_session_setup: getaudit_addr failed: %s",
		    strerror(errno));
	}

	debug("BSM audit_sshd_setup_session: calling get_terminal_id");
	get_terminal_id(&(info.ai_termid));

	rc = setaudit_addr(&info, sizeof (info));
	if (rc < 0) {
		fatal("audit_sshd_session_setup: setaudit_addr failed: %s",
		    strerror(errno));
	}
}


static void
get_terminal_id(au_tid_addr_t *tid)
{
	tid->at_port = sav_port;
	tid->at_type = sav_iptype;
	tid->at_addr[0] = sav_machine[0];
	tid->at_addr[1] = sav_machine[1];
	tid->at_addr[2] = sav_machine[2];
	tid->at_addr[3] = sav_machine[3];
}

void
audit_sshd_logout(void)
{
	char    textbuf[BSM_TEXTBUFSZ];

	(void) snprintf(textbuf, sizeof (textbuf),
		gettext("sshd logout %s"), sav_name);

	audit_sshd_record(0, textbuf, AUE_logout);
}

static int
selected(char *nam, uid_t uid, au_event_t event, int sf)
{
	int	rc, sorf;
	char	naflags[512];
	struct au_mask mask;

	mask.am_success = mask.am_failure = 0;
	if (uid < 0) {
		rc = getacna(naflags, 256); /* get non-attrib flags */
		if (rc == 0)
			(void) getauditflagsbin(naflags, &mask);
	} else {
		rc = au_user_mask(nam, &mask);
	}

	if (sf == 0) {
		sorf = AU_PRS_SUCCESS;
	} else {
		sorf = AU_PRS_FAILURE;
	}
	rc = au_preselect(event, &mask, sorf, AU_PRS_REREAD);

	return (rc);
}




/*
 * Copyright 1993-2002 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 */

#ifndef	_BSMAUDIT_H
#define	_BSMAUDIT_H

#pragma ident	"@(#)bsmaudit.h	1.1	01/09/17 SMI"

#ifdef	__cplusplus
extern "C" {
#endif

#include <bsm/audit.h>

void audit_sshd_maxtrys(void);
void audit_sshd_nologin(void);
void audit_sshd_save_pw(struct passwd *pwd);
void audit_sshd_not_console(void);
void audit_sshd_bad_pw(void);
void audit_sshd_save_host(const char *host);
void audit_sshd_save_ttyn(const char *ttyn);
void audit_sshd_save_port(int port);
void audit_sshd_save_command(const char *command);
void audit_sshd_success(void);
void audit_sshd_logout(void);

#ifdef	__cplusplus
}
#endif

#endif	/* _BSMAUDIT_H */

Lines 143-148 Link Here

(-)openssh/includes.h (+4 lines)
143	# include <security/pam_appl.h>	143	# include <security/pam_appl.h>
144	#endif	144	#endif
145		145
		146	#ifdef HAVE_BSM_AUDIT_H
		147	# include "bsmaudit.h"
		148	#endif
		149
146	#include <openssl/opensslv.h> /* For OPENSSL_VERSION_NUMBER */	150	#include <openssl/opensslv.h> /* For OPENSSL_VERSION_NUMBER */
147		151
148	#include "defines.h"	152	#include "defines.h"

Lines 516-525 Link Here

(-)openssh/session.c (-2 / +16 lines)
516		516
517	/* record login, etc. similar to login(1) */	517	/* record login, etc. similar to login(1) */
518	#ifndef HAVE_OSF_SIA	518	#ifndef HAVE_OSF_SIA
519	if (!(options.use_login && command == NULL))	519	if (!(options.use_login && command == NULL)) {
520	do_login(s, command);	520	do_login(s, command);
		521	#ifdef HAVE_BSM_AUDIT_H
		522	if (s->tty != NULL)
		523	audit_sshd_save_ttyn(s->tty);
		524	#endif /* HAVE_BSM_AUDIT_H */
521	# ifdef LOGIN_NEEDS_UTMPX	525	# ifdef LOGIN_NEEDS_UTMPX
522	else	526	} else
523	do_pre_login(s);	527	do_pre_login(s);
524	# endif	528	# endif
525	#endif	529	#endif
Lines 1048-1053 Link Here
1048	while (fgets(buf, sizeof(buf), f))	1052	while (fgets(buf, sizeof(buf), f))
1049	fputs(buf, stderr);	1053	fputs(buf, stderr);
1050	fclose(f);	1054	fclose(f);
		1055	#ifdef HAVE_BSM_AUDIT_H
		1056	audit_sshd_nologin();
		1057	#endif /* HAVE_BSM_AUDIT_H */
1051	exit(254);	1058	exit(254);
1052	}	1059	}
1053	}	1060	}
Lines 1100-1105 Link Here
1100	# if defined(WITH_IRIX_PROJECT) \|\| defined(WITH_IRIX_JOBS) \|\| defined(WITH_IRIX_ARRAY)	1107	# if defined(WITH_IRIX_PROJECT) \|\| defined(WITH_IRIX_JOBS) \|\| defined(WITH_IRIX_ARRAY)
1101	irix_setusercontext(pw);	1108	irix_setusercontext(pw);
1102	# endif /* defined(WITH_IRIX_PROJECT) \|\| defined(WITH_IRIX_JOBS) \|\| defined(WITH_IRIX_ARRAY) */	1109	# endif /* defined(WITH_IRIX_PROJECT) \|\| defined(WITH_IRIX_JOBS) \|\| defined(WITH_IRIX_ARRAY) */
		1110	#ifdef HAVE_BSM_AUDIT_H
		1111	audit_sshd_success();
		1112	#endif /* HAVE_BSM_AUDIT_H */
1103	/* Permanently switch to the desired uid. */	1113	/* Permanently switch to the desired uid. */
1104	permanently_set_uid(pw);	1114	permanently_set_uid(pw);
1105	#endif	1115	#endif
Lines 1165-1170 Link Here
1165	# ifdef _AIX	1175	# ifdef _AIX
1166	aix_usrinfo(pw, s->tty, s->ttyfd);	1176	aix_usrinfo(pw, s->tty, s->ttyfd);
1167	# endif /* _AIX */	1177	# endif /* _AIX */
		1178	#ifdef HAVE_BSM_AUDIT_H
		1179	if (command != NULL)
		1180	audit_sshd_save_command(command);
		1181	#endif /* HAVE_BSM_AUDIT_H */
1168	do_setusercontext(pw);	1182	do_setusercontext(pw);
1169	#endif /* HAVE_OSF_SIA */	1183	#endif /* HAVE_OSF_SIA */
1170	}	1184	}

Lines 1358-1364 Link Here

(-)openssh/sshd.c (-1 / +4 lines)
1358		1358
1359	remote_port = get_remote_port();	1359	remote_port = get_remote_port();
1360	remote_ip = get_remote_ipaddr();	1360	remote_ip = get_remote_ipaddr();
1361		1361	#ifdef HAVE_BSM_AUDIT_H
		1362	audit_sshd_save_host(remote_ip);
		1363	audit_sshd_save_port(remote_port);
		1364	#endif /* HAVE_BSM_AUDIT_H */
1362	#ifdef LIBWRAP	1365	#ifdef LIBWRAP
1363	/* Check whether logins are denied from this host. */	1366	/* Check whether logins are denied from this host. */
1364	{	1367	{

Lines 101-104 Link Here

(-)openssh/sshlogin.c (+3 lines)
101	li = login_alloc_entry(pid, user, NULL, ttyname);	101	li = login_alloc_entry(pid, user, NULL, ttyname);
102	login_logout(li);	102	login_logout(li);
103	login_free_entry(li);	103	login_free_entry(li);
		104	#ifdef HAVE_BSM_AUDIT_H
		105	audit_sshd_logout();
		106	#endif /* HAVE_BSM_AUDIT_H */
104	}	107	}

Return to bug 2

Line 0 Link Here

(-)openssh/bsmaudit.c (+334 lines)
		1	/*
		2	* Copyright 1988-2002 Sun Microsystems, Inc. All rights reserved.
		3	* Use is subject to license terms.
		4	*
		5	*
		6	* Redistribution and use in source and binary forms, with or without
		7	* modification, are permitted provided that the following conditions
		8	* are met:
		9	* 1. Redistributions of source code must retain the above copyright
		10	* notice, this list of conditions and the following disclaimer.
		11	* 2. Redistributions in binary form must reproduce the above copyright
		12	* notice, this list of conditions and the following disclaimer in the
		13	* documentation and/or other materials provided with the distribution.
		14	*
		15	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
		16	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
		17	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
		18	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
		19	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
		20	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
		21	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
		22	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
		23	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
		24	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
		25	*
		26	*/
		27	#pragma ident "@(#)bsmaudit.c 1.1 01/09/17 SMI"
		28
		29	#include <sys/systeminfo.h>
		30	#include <sys/param.h>
		31	#include <sys/types.h>
		32	#include <sys/socket.h>
		33	#include <sys/systeminfo.h>
		34	#include <sys/stat.h>
		35	#include <sys/wait.h>
		36	#include <netinet/in.h>
		37	#include <netdb.h>
		38	#include <signal.h>
		39
		40	#include <pwd.h>
		41	#include <shadow.h>
		42	#include <utmpx.h>
		43	#include <unistd.h>
		44	#include <string.h>
		45
		46	#include <bsm/audit.h>
		47	#include <bsm/libbsm.h>
		48	#include <bsm/audit_uevents.h>
		49	#include <bsm/audit_record.h>
		50	#include "bsmaudit.h"
		51
		52	#include <locale.h>
		53
		54	#include "includes.h"
		55	#include "ssh.h"
		56	#include "log.h"
		57
		58	static void audit_sshd_record(int typ, char *string, au_event_t event_no);
		59	static void audit_sshd_session_setup(void);
		60	static int selected(char *nam, uid_t uid, au_event_t event, int sf);
		61
		62	static void get_terminal_id();
		63
		64	extern int cannot_audit(int);
65	extern void aug_init(void);
66	extern dev_t aug_get_port(void);
67	extern int aug_get_machine(char , uint32_t , uint32_t *);
68	extern void aug_save_auid(au_id_t);
69	extern void aug_save_uid(uid_t);
70	extern void aug_save_euid(uid_t);
71	extern void aug_save_gid(gid_t);
72	extern void aug_save_egid(gid_t);
73	extern void aug_save_pid(pid_t);
74	extern void aug_save_asid(au_asid_t);
75	extern void aug_save_tid(dev_t, unsigned int);
76	extern void aug_save_tid_ex(dev_t, uint32_t *, uint32_t);
77	extern int aug_save_me(void);
78	extern int aug_save_namask(void);
79	extern void aug_save_event(au_event_t);
80	extern void aug_save_sorf(int);
81	extern void aug_save_text(char *);
82	extern void aug_save_text1(char *);
83	extern void aug_save_text2(char *);
84	extern void aug_save_na(int);
85	extern void aug_save_user(char *);
86	extern void aug_save_path(char *);
87	extern int aug_save_policy(void);
88	extern void aug_save_afunc(int (*)(int));
89	extern int aug_audit(void);
90	extern int aug_na_selected(void);
91	extern int aug_selected(void);
92	extern int aug_daemon_session(void);
93
94	static char sav_ttyn[512];
95	static char sav_name[512];
96	static uid_t sav_uid;
97	static gid_t sav_gid;
98	static dev_t sav_port;
99	static uint32_t sav_machine[4];
100	static uint32_t sav_iptype;
101	static char sav_host[MAXHOSTNAMELEN];
102	static char *sav_cmd;
103
104	void
105	audit_sshd_save_port(int port)
106	{
107	if (cannot_audit(0)) {
108	return;
109	}
110	sav_port = port;
111	}
112
113	void
114	audit_sshd_save_host(const char *host)
115	{
116	if (cannot_audit(0)) {
117	return;
118	}
119	(void) strlcpy(sav_host, host, sizeof (sav_host));
120	(void) aug_get_machine(sav_host, &sav_machine[0], &sav_iptype);
121	}
122
123	void
124	audit_sshd_save_command(const char *command)
125	{
126	if (cannot_audit(0)) {
127	return;
128	}
129	sav_cmd = strdup(command);
130	}
131
132	void
133	audit_sshd_save_ttyn(const char *ttyn)
134	{
135	if (cannot_audit(0)) {
136	return;
137	}
138	(void) strlcpy(sav_ttyn, ttyn, sizeof (sav_ttyn));
139	}
140
141	void
142	audit_sshd_save_pw(struct passwd *pwd)
143	{
144	if (cannot_audit(0)) {
145	return;
146	}
147	if (pwd == NULL) {
148	sav_name[0] = '\0';
149	sav_uid = -1;
150	sav_gid = -1;
151	} else {
152	(void) strlcpy(sav_name, pwd->pw_name, sizeof (sav_name));
153	sav_uid = pwd->pw_uid;
154	sav_gid = pwd->pw_gid;
155	}
156	}
157
158	void
159	audit_sshd_nologin(void)
160	{
161	if (cannot_audit(0)) {
162	return;
163	}
164	audit_sshd_record(1, gettext("logins disabled by /etc/nologin"),
165	AUE_ssh);
166	}
167
168	void
169	audit_sshd_maxtrys(void)
170	{
171	if (cannot_audit(0)) {
172	return;
173	}
174	audit_sshd_record(1, gettext("maxtrys"), AUE_ssh);
175	}
176
177	void
178	audit_sshd_not_console(void)
179	{
180	if (cannot_audit(0)) {
181	return;
182	}
183	audit_sshd_record(2, gettext("not_console"), AUE_ssh);
184	}
185
186	void
187	audit_sshd_bad_pw(void)
188	{
189	if (cannot_audit(0)) {
190	return;
191	}
192	if (sav_uid == -1) {
193	audit_sshd_record(3, gettext("invalid user name"), AUE_ssh);
194	} else {
195	audit_sshd_record(4, gettext("invalid password or publickey"),
196	AUE_ssh);
197	}
198	}
199
200	void
201	audit_sshd_success(void)
202	{
203	if (cannot_audit(0)) {
204	return;
205	}
206
207	audit_sshd_session_setup();
208	audit_sshd_record(0, gettext("successful login"), AUE_ssh);
209	}
210
211	static void
212	audit_sshd_record(int typ, char *string, au_event_t event_no)
213	{
214	int ad, rc;
215	uid_t uid;
216	gid_t gid;
217	pid_t pid;
218	au_tid_addr_t tid;
219
220	uid = sav_uid;
221	gid = sav_gid;
222	pid = getpid();
223
224	get_terminal_id(&tid);
225
226	if (typ == 0) {
227	rc = 0;
228	} else {
229	rc = -1;
230	}
231
232	if (!selected(sav_name, uid, event_no, rc))
233	return;
234
235	debug3("BSM audit: sav_host=%s", sav_host);
236	ad = au_open();
237
238	(void) au_write(ad, au_to_subject_ex(uid, uid, gid, uid, gid,
239	pid, pid, &tid));
240	(void) au_write(ad, au_to_text(string));
241	if (sav_cmd != NULL) {
242	(void) au_write(ad, au_to_text(sav_cmd));
243	}
244	(void) au_write(ad, au_to_return32(typ, (int32_t)rc));
245
246	rc = au_close(ad, AU_TO_WRITE, event_no);
247	if (rc < 0) {
248	fatal("audit_sshd_record failed to write record: %s",
249	strerror(errno));
250	}
251	}
252
253	static void
254	audit_sshd_session_setup(void)
255	{
256	int rc;
257	struct auditinfo_addr info;
258	au_mask_t mask;
259	struct auditinfo_addr now;
260
261	info.ai_auid = sav_uid;
262	info.ai_asid = getpid();
263	mask.am_success = 0;
264	mask.am_failure = 0;
265
266	(void) au_user_mask(sav_name, &mask);
267
268	info.ai_mask.am_success = mask.am_success;
269	info.ai_mask.am_failure = mask.am_failure;
270
271	/* see if terminal id already set */
272	if (getaudit_addr(&now, sizeof (now)) < 0) {
273	fatal("audit_sshd_session_setup: getaudit_addr failed: %s",
274	strerror(errno));
275	}
276
277	debug("BSM audit_sshd_setup_session: calling get_terminal_id");
278	get_terminal_id(&(info.ai_termid));
279
280	rc = setaudit_addr(&info, sizeof (info));
281	if (rc < 0) {
282	fatal("audit_sshd_session_setup: setaudit_addr failed: %s",
283	strerror(errno));
284	}
285	}
286
287
288	static void
289	get_terminal_id(au_tid_addr_t *tid)
290	{
291	tid->at_port = sav_port;
292	tid->at_type = sav_iptype;
293	tid->at_addr[0] = sav_machine[0];
294	tid->at_addr[1] = sav_machine[1];
295	tid->at_addr[2] = sav_machine[2];
296	tid->at_addr[3] = sav_machine[3];
297	}
298
299	void
300	audit_sshd_logout(void)
301	{
302	char textbuf[BSM_TEXTBUFSZ];
303
304	(void) snprintf(textbuf, sizeof (textbuf),
305	gettext("sshd logout %s"), sav_name);
306
307	audit_sshd_record(0, textbuf, AUE_logout);
308	}
309
310	static int
311	selected(char *nam, uid_t uid, au_event_t event, int sf)
312	{
313	int rc, sorf;
314	char naflags[512];
315	struct au_mask mask;
316
317	mask.am_success = mask.am_failure = 0;
318	if (uid < 0) {
319	rc = getacna(naflags, 256); /* get non-attrib flags */
320	if (rc == 0)
321	(void) getauditflagsbin(naflags, &mask);
322	} else {
323	rc = au_user_mask(nam, &mask);
324	}
325
326	if (sf == 0) {
327	sorf = AU_PRS_SUCCESS;
328	} else {
329	sorf = AU_PRS_FAILURE;
330	}
331	rc = au_preselect(event, &mask, sorf, AU_PRS_REREAD);
332
333	return (rc);
334	}

Line 0 Link Here

(-)openssh/bsmaudit.h (+54 lines)
	1	/*
	2	* Copyright 1993-2002 Sun Microsystems, Inc. All rights reserved.
	3	* Use is subject to license terms.
	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions
	7	* are met:
	8	* 1. Redistributions of source code must retain the above copyright
	9	* notice, this list of conditions and the following disclaimer.
	10	* 2. Redistributions in binary form must reproduce the above copyright
	11	* notice, this list of conditions and the following disclaimer in the
	12	* documentation and/or other materials provided with the distribution.
	13	*
	14	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	15	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	16	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	17	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	18	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	19	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	20	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	21	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	22	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	23	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	24	*
	25	*/
	26
	27	#ifndef _BSMAUDIT_H
	28	#define _BSMAUDIT_H
	29
	30	#pragma ident "@(#)bsmaudit.h 1.1 01/09/17 SMI"
	31
	32	#ifdef __cplusplus
	33	extern "C" {
	34	#endif
	35
	36	#include <bsm/audit.h>
	37
	38	void audit_sshd_maxtrys(void);
	39	void audit_sshd_nologin(void);
	40	void audit_sshd_save_pw(struct passwd *pwd);
	41	void audit_sshd_not_console(void);
	42	void audit_sshd_bad_pw(void);
	43	void audit_sshd_save_host(const char *host);
	44	void audit_sshd_save_ttyn(const char *ttyn);
	45	void audit_sshd_save_port(int port);
	46	void audit_sshd_save_command(const char *command);
	47	void audit_sshd_success(void);
	48	void audit_sshd_logout(void);
	49
	50	#ifdef __cplusplus
	51	}
	52	#endif
	53
	54	#endif /* _BSMAUDIT_H */