"Fossies" - the Fresh Open Source Software Archive

Member "sarg-2.4.0/authfail.c" (24 Dec 2019, 10436 Bytes) of package /linux/privat/sarg-2.4.0.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "authfail.c" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 2.3.11_vs_2.4.0.

    1 /*
    2  * SARG Squid Analysis Report Generator      http://sarg.sourceforge.net
    3  *                                                            1998, 2015
    4  *
    5  * SARG donations:
    6  *      please look at http://sarg.sourceforge.net/donations.php
    7  * Support:
    8  *     http://sourceforge.net/projects/sarg/forums/forum/363374
    9  * ---------------------------------------------------------------------
   10  *
   11  *  This program is free software; you can redistribute it and/or modify
   12  *  it under the terms of the GNU General Public License as published by
   13  *  the Free Software Foundation; either version 2 of the License, or
   14  *  (at your option) any later version.
   15  *
   16  *  This program is distributed in the hope that it will be useful,
   17  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
   18  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   19  *  GNU General Public License for more details.
   20  *
   21  *  You should have received a copy of the GNU General Public License
   22  *  along with this program; if not, write to the Free Software
   23  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
   24  *
   25  */
   26 
   27 #include "include/conf.h"
   28 #include "include/defs.h"
   29 #include "include/readlog.h"
   30 
   31 //! Name of the file containing the unsorted authentication failure entries.
   32 static char authfail_unsort[MAXLEN]="";
   33 //! The file handle to write the entries.
   34 static FILE *fp_authfail=NULL;
   35 //! \c True if at least one anthentication failure entry exists.
   36 static bool authfail_exists=false;
   37 
   38 /*!
   39 Open a file to store the authentication failure.
   40 
   41 \return The file handle or NULL if no file is necessary.
   42 */
   43 void authfail_open(void)
   44 {
   45     if ((ReportType & REPORT_TYPE_AUTH_FAILURES) == 0) {
   46         if (debugz>=LogLevel_Process) debugaz(__FILE__,__LINE__,_("Authentication failures report not produced as it is not requested\n"));
   47         return;
   48     }
   49     if (Privacy) {
   50         if (debugz>=LogLevel_Process) debugaz(__FILE__,__LINE__,_("Authentication failures report not produced because privacy option is active\n"));
   51         return;
   52     }
   53 
   54     format_path(__FILE__, __LINE__, authfail_unsort, sizeof(authfail_unsort), "%s/authfail.int_unsort", tmp);
   55     if ((fp_authfail=MY_FOPEN(authfail_unsort,"w"))==NULL) {
   56         debuga(__FILE__,__LINE__,_("Cannot open file \"%s\": %s\n"),authfail_unsort,strerror(errno));
   57         exit(EXIT_FAILURE);
   58     }
   59     return;
   60 }
   61 
   62 /*!
   63 Write one entry in the unsorted authentication file file provided that it is required.
   64 
   65 \param log_entry The entry to write into the log file.
   66 */
   67 void authfail_write(const struct ReadLogStruct *log_entry)
   68 {
   69     char date[80];
   70 
   71     if (fp_authfail && (strstr(log_entry->HttpCode,"DENIED/401") != 0 || strstr(log_entry->HttpCode,"DENIED/407") != 0)) {
   72         strftime(date,sizeof(date),"%d/%m/%Y\t%H:%M:%S",&log_entry->EntryTime);
   73         fprintf(fp_authfail, "%s\t%s\t%s\t%s\n",date,log_entry->User,log_entry->Ip,log_entry->Url);
   74         authfail_exists=true;
   75     }
   76 }
   77 
   78 /*!
   79 Close the file opened by authfail_open().
   80 */
   81 void authfail_close(void)
   82 {
   83     if (fp_authfail)
   84     {
   85         if (fclose(fp_authfail)==EOF) {
   86             debuga(__FILE__,__LINE__,_("Write error in \"%s\": %s\n"),authfail_unsort,strerror(errno));
   87             exit(EXIT_FAILURE);
   88         }
   89         fp_authfail=NULL;
   90     }
   91 }
   92 
   93 /*!
   94 Tell the caller if a authentication failure report exists.
   95 
   96 \return \c True if the report is available or \c false if no report
   97 was generated.
   98 */
   99 bool is_authfail(void)
  100 {
  101     return(authfail_exists);
  102 }
  103 
  104 
  105 static void show_ignored_auth(FILE *fp_ou,int count)
  106 {
  107     char ignored[80];
  108 
  109     snprintf(ignored,sizeof(ignored),ngettext("%d more authentication failure not shown here…","%d more authentication failures not shown here…",count),count);
  110     fprintf(fp_ou,"<tr><td class=\"data\"></td><td class=\"data\"></td><td class=\"data\"></td><td class=\"data2 more\">%s</td></tr>\n",ignored);
  111 }
  112 
  113 void authfail_report(void)
  114 {
  115     FileObject *fp_in = NULL;
  116     FILE *fp_ou = NULL;
  117 
  118     char *buf;
  119     char *url;
  120     char authfail_sort[MAXLEN];
  121     char report[MAXLEN];
  122     char ip[MAXLEN];
  123     char oip[MAXLEN]="";
  124     char user[MAXLEN];
  125     char ouser[MAXLEN]="";
  126     char ouser2[MAXLEN]="";
  127     char data[15];
  128     char hora[15];
  129     char csort[MAXLEN];
  130     int z=0;
  131     int count=0;
  132     int cstatus;
  133     int day,month,year;
  134     bool new_user;
  135     struct getwordstruct gwarea;
  136     longline line;
  137     struct userinfostruct *uinfo;
  138     struct tm t;
  139 
  140     if (!authfail_exists) {
  141         if (!KeepTempLog && authfail_unsort[0]!='\0' && unlink(authfail_unsort))
  142             debuga(__FILE__,__LINE__,_("Failed to delete \"%s\": %s\n"),authfail_unsort,strerror(errno));
  143 
  144         authfail_unsort[0]='\0';
  145         if (debugz>=LogLevel_Process) debugaz(__FILE__,__LINE__,_("Authentication failures report not produced because it is empty\n"));
  146         return;
  147     }
  148     if (debugz>=LogLevel_Process)
  149         debuga(__FILE__,__LINE__,_("Creating authentication failures report...\n"));
  150 
  151     format_path(__FILE__, __LINE__, authfail_sort, sizeof(authfail_sort), "%s/authfail.int_log", tmp);
  152     format_path(__FILE__, __LINE__, report, sizeof(report), "%s/authfail.html", outdirname);
  153 
  154     if (snprintf(csort, sizeof(csort), "sort -b -t \"\t\" -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", tmp, authfail_sort, authfail_unsort) >= sizeof(csort)) {
  155         debuga(__FILE__,__LINE__,_("Sort command too long when sorting file \"%s\" to \"%s\"\n"), authfail_unsort, authfail_sort);
  156         debuga_more("sort -b -t \"\t\" -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", tmp, authfail_sort, authfail_unsort);
  157         exit(EXIT_FAILURE);
  158     }
  159     cstatus=system(csort);
  160     if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
  161         debuga(__FILE__,__LINE__,_("sort command return status %d\n"),WEXITSTATUS(cstatus));
  162         debuga(__FILE__,__LINE__,_("sort command: %s\n"),csort);
  163         exit(EXIT_FAILURE);
  164     }
  165     if ((fp_in=FileObject_Open(authfail_sort))==NULL) {
  166         debuga(__FILE__,__LINE__,_("Cannot open file \"%s\": %s\n"),authfail_sort,FileObject_GetLastOpenError());
  167         debuga(__FILE__,__LINE__,_("sort command: %s\n"),csort);
  168         exit(EXIT_FAILURE);
  169     }
  170     if (!KeepTempLog && unlink(authfail_unsort)) {
  171         debuga(__FILE__,__LINE__,_("Cannot delete \"%s\": %s\n"),authfail_unsort,strerror(errno));
  172         exit(EXIT_FAILURE);
  173     }
  174     authfail_unsort[0]='\0';
  175 
  176     if ((fp_ou=MY_FOPEN(report,"w"))==NULL) {
  177         debuga(__FILE__,__LINE__,_("Cannot open file \"%s\": %s\n"),report,strerror(errno));
  178         exit(EXIT_FAILURE);
  179     }
  180 
  181     write_html_header(fp_ou,(IndexTree == INDEX_TREE_DATE) ? 3 : 1,_("Authentication Failures"),HTML_JS_NONE);
  182     fputs("<tr><td class=\"header_c\">",fp_ou);
  183     fprintf(fp_ou,_("Period: %s"),period.html);
  184     fputs("</td></tr>\n",fp_ou);
  185     fprintf(fp_ou,"<tr><th class=\"header_c\">%s</th></tr>\n",_("Authentication Failures"));
  186     close_html_header(fp_ou);
  187 
  188     fputs("<div class=\"report\"><table cellpadding=\"0\" cellspacing=\"2\">\n",fp_ou);
  189     fprintf(fp_ou,"<tr><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th></tr>\n",_("USERID"),_("IP/NAME"),_("DATE/TIME"),_("ACCESSED SITE"));
  190 
  191     if ((line=longline_create())==NULL) {
  192         debuga(__FILE__,__LINE__,_("Not enough memory to read file \"%s\"\n"),authfail_sort);
  193         exit(EXIT_FAILURE);
  194     }
  195 
  196     while((buf=longline_read(fp_in,line))!=NULL) {
  197         getword_start(&gwarea,buf);
  198         if (getword(data,sizeof(data),&gwarea,'\t')<0) {
  199             debuga(__FILE__,__LINE__,_("Invalid date in file \"%s\"\n"),authfail_sort);
  200             exit(EXIT_FAILURE);
  201         }
  202         if (getword(hora,sizeof(hora),&gwarea,'\t')<0) {
  203             debuga(__FILE__,__LINE__,_("Invalid time in file \"%s\"\n"),authfail_sort);
  204             exit(EXIT_FAILURE);
  205         }
  206         if (getword(user,sizeof(user),&gwarea,'\t')<0) {
  207             debuga(__FILE__,__LINE__,_("Invalid user ID in file \"%s\"\n"),authfail_sort);
  208             exit(EXIT_FAILURE);
  209         }
  210         if (getword(ip,sizeof(ip),&gwarea,'\t')<0) {
  211             debuga(__FILE__,__LINE__,_("Invalid IP address in file \"%s\"\n"),authfail_sort);
  212             exit(EXIT_FAILURE);
  213         }
  214         if (getword_ptr(buf,&url,&gwarea,'\t')<0) {
  215             debuga(__FILE__,__LINE__,_("Invalid url in file \"%s\"\n"),authfail_sort);
  216             exit(EXIT_FAILURE);
  217         }
  218         if (sscanf(data,"%d/%d/%d",&day,&month,&year)!=3) continue;
  219         computedate(year,month,day,&t);
  220         strftime(data,sizeof(data),"%x",&t);
  221 
  222         uinfo=userinfo_find_from_id(user);
  223         if (!uinfo) {
  224             debuga(__FILE__,__LINE__,_("Unknown user ID %s in file \"%s\"\n"),user,authfail_sort);
  225             exit(EXIT_FAILURE);
  226         }
  227 
  228         new_user=false;
  229         if (z == 0) {
  230             strcpy(ouser,user);
  231             strcpy(oip,ip);
  232             z++;
  233             new_user=true;
  234         } else {
  235             if (strcmp(ouser,user) != 0) {
  236                 strcpy(ouser,user);
  237                 new_user=true;
  238             }
  239             if (strcmp(oip,ip) != 0) {
  240                 strcpy(oip,ip);
  241                 new_user=true;
  242             }
  243         }
  244 
  245         if (AuthfailReportLimit>0) {
  246             if (strcmp(ouser2,uinfo->label) == 0) {
  247                 count++;
  248             } else {
  249                 if (count>AuthfailReportLimit && AuthfailReportLimit>0)
  250                     show_ignored_auth(fp_ou,count-AuthfailReportLimit);
  251                 count=1;
  252                 strcpy(ouser2,uinfo->label);
  253             }
  254             if (count > AuthfailReportLimit)
  255                 continue;
  256         }
  257 
  258         fputs("<tr>",fp_ou);
  259         if (new_user)
  260             fprintf(fp_ou,"<td class=\"data2\">%s</td><td class=\"data2\">%s</td>",uinfo->label,ip);
  261         else
  262             fputs("<td class=\"data2\"></td><td class=\"data2\"></td>",fp_ou);
  263         fprintf(fp_ou,"<td class=\"data2\">%s-%s</td><td class=\"data2\">",data,hora);
  264         if (BlockIt[0]!='\0' && url[0]!=ALIAS_PREFIX) {
  265             fprintf(fp_ou,"<a href=\"%s%s?url=",wwwDocumentRoot,BlockIt);
  266             output_html_url(fp_ou,url);
  267             fputs("\"><img src=\"../images/sarg-squidguard-block.png\"></a>&nbsp;",fp_ou);
  268         }
  269         output_html_link(fp_ou,url,100);
  270         fputs("</td></th>\n",fp_ou);
  271     }
  272     if (FileObject_Close(fp_in)) {
  273         debuga(__FILE__,__LINE__,_("Read error in \"%s\": %s\n"),authfail_sort,FileObject_GetLastCloseError());
  274         exit(EXIT_FAILURE);
  275     }
  276     longline_destroy(&line);
  277 
  278     if (count>AuthfailReportLimit && AuthfailReportLimit>0)
  279         show_ignored_auth(fp_ou,count-AuthfailReportLimit);
  280 
  281     fputs("</table></div>\n",fp_ou);
  282     write_html_trailer(fp_ou);
  283     if (fclose(fp_ou)==EOF) {
  284         debuga(__FILE__,__LINE__,_("Write error in \"%s\": %s\n"),report,strerror(errno));
  285         exit(EXIT_FAILURE);
  286     }
  287 
  288     if (!KeepTempLog && unlink(authfail_sort)) {
  289         debuga(__FILE__,__LINE__,_("Cannot delete \"%s\": %s\n"),authfail_sort,strerror(errno));
  290         exit(EXIT_FAILURE);
  291     }
  292 
  293     return;
  294 }
  295 
  296 /*!
  297 Remove any temporary file left by the authfail module.
  298 */
  299 void authfail_cleanup(void)
  300 {
  301     if (fp_authfail) {
  302         if (fclose(fp_authfail)==EOF) {
  303             debuga(__FILE__,__LINE__,_("Write error in \"%s\": %s\n"),authfail_unsort,strerror(errno));
  304             exit(EXIT_FAILURE);
  305         }
  306         fp_authfail=NULL;
  307     }
  308     if (authfail_unsort[0]) {
  309         if (!KeepTempLog && unlink(authfail_unsort)==-1)
  310             debuga(__FILE__,__LINE__,_("Failed to delete \"%s\": %s\n"),authfail_unsort,strerror(errno));
  311     }
  312 }