[thirdparty/sarg.git] / authfail.c

/*
 * SARG Squid Analysis Report Generator      http://sarg.sourceforge.net
 *                                                            1998, 2010
 *
 * SARG donations:
 *      please look at http://sarg.sourceforge.net/donations.php
 * Support:
 *     http://sourceforge.net/projects/sarg/forums/forum/363374
 * ---------------------------------------------------------------------
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
 *
 */

#include "include/conf.h"
#include "include/defs.h"

void authfail_report(void)
{

   FILE *fp_in = NULL, *fp_ou = NULL;

   char *buf;
   char *url;
   char authfail_in[MAXLEN];
   char per[MAXLEN];
   char report[MAXLEN];
   char period[100];
   char ip[MAXLEN];
   char oip[MAXLEN];
   char user[MAXLEN];
   char ouser[MAXLEN];
   char ouser2[MAXLEN];
   char data[15];
   char hora[15];
   char tmp4[MAXLEN];
   char csort[MAXLEN];
   int  z=0;
   int  count=0;
   int  cstatus;
   bool new_user;
   struct getwordstruct gwarea;
   longline line;
   struct userinfostruct *uinfo;

   if(DataFile[0] != '\0') return;

   ouser[0]='\0';
   ouser2[0]='\0';
   oip[0]='\0';

   snprintf(tmp4,sizeof(tmp4),"%s/sarg/authfail.log.unsort",TempDir);

   if(authfail_count == 0) {
      unlink(tmp4);
      return;
   }

   snprintf(authfail_in,sizeof(authfail_in),"%s/authfail.log",TempDir);
   snprintf(per,sizeof(per),"%s/sarg-period",outdirname);
   snprintf(report,sizeof(report),"%s/authfail.html",outdirname);

   if ((fp_in = fopen(per, "r")) == NULL) {
      debuga(_("(authfail) Cannot open file %s\n"),per);
      exit(EXIT_FAILURE);
   }
   if (!fgets(period,sizeof(period),fp_in)) {
      debuga(_("(authfail) read error in %s\n"),per);
      exit(EXIT_FAILURE);
   }
   fclose(fp_in);

   snprintf(csort,sizeof(csort),"sort -b -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", TempDir, authfail_in, tmp4);
   cstatus=system(csort);
   if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
      debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));
      debuga(_("sort command: %s\n"),csort);
      exit(EXIT_FAILURE);
   }
   if((fp_in=MY_FOPEN(authfail_in,"r"))==NULL) {
      debuga(_("(authfail) Cannot open file %s\n"),authfail_in);
      debuga(_("sort command: %s\n"),csort);
      exit(EXIT_FAILURE);
   }
   unlink(tmp4);

   if((fp_ou=MY_FOPEN(report,"w"))==NULL) {
     debuga(_("(authfail) Cannot open file %s\n"),report);
     exit(EXIT_FAILURE);
   }

   write_html_header(fp_ou,(IndexTree == INDEX_TREE_DATE) ? 3 : 1,_("Authentication Failures"));
   fprintf(fp_ou,"<tr><td class=\"header_l\">%s: %s</td></tr>\n",_("Period"),period);
   fprintf(fp_ou,"<tr><th class=\"header_c\">%s</th></tr>\n",_("Authentication Failures"));
   close_html_header(fp_ou);

   fputs("<div class=\"report\"><table cellpadding=\"0\" cellspacing=\"2\">\n",fp_ou);
   fputs("<tr><td></td></tr>\n",fp_ou);
   fputs("<tr><td></td></tr>\n",fp_ou);
   fputs("<tr><td></td></tr>\n",fp_ou);
   fprintf(fp_ou,"<tr><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th></tr>\n",_("USERID"),_("IP/NAME"),_("DATE/TIME"),_("ACCESSED SITE"));

   if ((line=longline_create())==NULL) {
      debuga(_("Not enough memory to read file %s\n"),authfail_in);
      exit(EXIT_FAILURE);
   }

   while((buf=longline_read(fp_in,line))!=NULL) {
      getword_start(&gwarea,buf);
      if (getword(data,sizeof(data),&gwarea,'\t')<0) {
         debuga(_("There is a broken date in file %s\n"),authfail_in);
         exit(EXIT_FAILURE);
      }
      if (getword(hora,sizeof(hora),&gwarea,'\t')<0) {
         debuga(_("There is a broken time in file %s\n"),authfail_in);
         exit(EXIT_FAILURE);
      }
      if (getword(user,sizeof(user),&gwarea,'\t')<0) {
         debuga(_("There is a broken user ID in file %s\n"),authfail_in);
         exit(EXIT_FAILURE);
      }
      if (getword(ip,sizeof(ip),&gwarea,'\t')<0) {
         debuga(_("There is a broken IP address in file %s\n"),authfail_in);
         exit(EXIT_FAILURE);
      }
      if (getword_ptr(buf,&url,&gwarea,'\t')<0) {
         debuga(_("There is a broken url in file %s\n"),authfail_in);
         exit(EXIT_FAILURE);
      }

      uinfo=userinfo_find_from_id(user);
      if (!uinfo) {
         debuga(_("Unknown user ID %s in file %s\n"),user,authfail_in);
         exit(EXIT_FAILURE);
      }

      new_user=false;
      if(z == 0) {
         strcpy(ouser,user);
         strcpy(oip,ip);
         z++;
         new_user=true;
      } else {
         if(strcmp(ouser,user) != 0) {
            strcpy(ouser,user);
            new_user=true;
         }
         if(strcmp(oip,ip) != 0) {
            strcpy(oip,ip);
            new_user=true;
         }
      }

     if(AuthfailReportLimit>0) {
        if(strcmp(ouser2,uinfo->label) == 0) {
            count++;
         } else {
            count=1;
            strcpy(ouser2,uinfo->label);
         }
         if(count >= AuthfailReportLimit)
            continue;
      }

      fputs("<tr>",fp_ou);
      if (new_user)
         fprintf(fp_ou,"<td class=\"data2\">%s</td><td class=\"data2\">%s</td>",uinfo->label,ip);
      else
         fputs("<td class=\"data2\"></td><td class=\"data2\"></td>",fp_ou);
      fprintf(fp_ou,"<td class=\"data2\">%s-%s</td><td class=\"data2\">",data,hora);
      if(BlockIt[0]!='\0') {
         fprintf(fp_ou,"<a href=\"%s%s?url=",wwwDocumentRoot,BlockIt);
         output_html_url(fp_ou,url);
         fputs("\"><img src=\"../images/sarg-squidguard-block.png\"></a>&nbsp;",fp_ou);
      }
      fputs("<a href=\"",fp_ou);
      output_html_url(fp_ou,url);
      fputs("\">",fp_ou);
      output_html_string(fp_ou,url,100);
      fputs("</a></td></th>\n",fp_ou);
   }
   fclose(fp_in);
   longline_destroy(&line);

   fputs("</table></div>\n",fp_ou);
   write_html_trailer(fp_ou);
   fclose(fp_ou);

   unlink(authfail_in);

   return;
}
Commit	Line	Data
25697a35	1	/*
94ff9470	2	* SARG Squid Analysis Report Generator http://sarg.sourceforge.net
1164c474	3	* 1998, 2010
94ff9470 GS	4	*
	5	* SARG donations:
	6	* please look at http://sarg.sourceforge.net/donations.php
1164c474 FM	7	* Support:
1164c474 FM	8	* http://sourceforge.net/projects/sarg/forums/forum/363374
25697a35 GS	9	* ---------------------------------------------------------------------
	10	*
	11	* This program is free software; you can redistribute it and/or modify
	12	* it under the terms of the GNU General Public License as published by
	13	* the Free Software Foundation; either version 2 of the License, or
	14	* (at your option) any later version.
	15	*
	16	* This program is distributed in the hope that it will be useful,
	17	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	18	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	19	* GNU General Public License for more details.
	20	*
	21	* You should have received a copy of the GNU General Public License
	22	* along with this program; if not, write to the Free Software
	23	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
	24	*
	25	*/
	26
	27	#include "include/conf.h"
5f3cfd1d	28	#include "include/defs.h"
25697a35	29
32e71fa4	30	void authfail_report(void)
25697a35 GS	31	{
	32
	33	FILE fp_in = NULL, fp_ou = NULL;
120d768c	34
ac422f9b	35	char *buf;
e5b2c6f0	36	char *url;
25697a35 GS	37	char authfail_in[MAXLEN];
	38	char per[MAXLEN];
	39	char report[MAXLEN];
d6e703cc	40	char period[100];
25697a35 GS	41	char ip[MAXLEN];
	42	char oip[MAXLEN];
	43	char user[MAXLEN];
	44	char ouser[MAXLEN];
	45	char ouser2[MAXLEN];
	46	char data[15];
	47	char hora[15];
2240dcea FM	48	char tmp4[MAXLEN];
2240dcea FM	49	char csort[MAXLEN];
25697a35 GS	50	int z=0;
25697a35 GS	51	int count=0;
456d78a5	52	int cstatus;
06b39c87	53	bool new_user;
9c7c6346	54	struct getwordstruct gwarea;
afaa3b67	55	longline line;
f2ec8c75	56	struct userinfostruct *uinfo;
25697a35	57
0a4e18e1	58	if(DataFile[0] != '\0') return;
25697a35 GS	59
25697a35 GS	60	ouser[0]='\0';
e5b2c6f0	61	ouser2[0]='\0';
06b39c87	62	oip[0]='\0';
25697a35	63
06b39c87	64	snprintf(tmp4,sizeof(tmp4),"%s/sarg/authfail.log.unsort",TempDir);
120d768c	65
06b39c87	66	if(authfail_count == 0) {
25697a35 GS	67	unlink(tmp4);
	68	return;
	69	}
	70
06b39c87 FM	71	snprintf(authfail_in,sizeof(authfail_in),"%s/authfail.log",TempDir);
	72	snprintf(per,sizeof(per),"%s/sarg-period",outdirname);
	73	snprintf(report,sizeof(report),"%s/authfail.html",outdirname);
25697a35	74
06b39c87 FM	75	if ((fp_in = fopen(per, "r")) == NULL) {
	76	debuga(_("(authfail) Cannot open file %s\n"),per);
	77	exit(EXIT_FAILURE);
25697a35	78	}
05b90947	79	if (!fgets(period,sizeof(period),fp_in)) {
10210234	80	debuga(_("(authfail) read error in %s\n"),per);
06b39c87	81	exit(EXIT_FAILURE);
05b90947	82	}
25697a35 GS	83	fclose(fp_in);
25697a35 GS	84
06b39c87	85	snprintf(csort,sizeof(csort),"sort -b -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", TempDir, authfail_in, tmp4);
456d78a5 FM	86	cstatus=system(csort);
456d78a5 FM	87	if (!WIFEXITED(cstatus) \|\| WEXITSTATUS(cstatus)) {
10210234 FM	88	debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));
10210234 FM	89	debuga(_("sort command: %s\n"),csort);
06b39c87	90	exit(EXIT_FAILURE);
456d78a5	91	}
936c9905	92	if((fp_in=MY_FOPEN(authfail_in,"r"))==NULL) {
06b39c87	93	debuga(_("(authfail) Cannot open file %s\n"),authfail_in);
10210234	94	debuga(_("sort command: %s\n"),csort);
06b39c87	95	exit(EXIT_FAILURE);
25697a35	96	}
456d78a5	97	unlink(tmp4);
25697a35	98
936c9905	99	if((fp_ou=MY_FOPEN(report,"w"))==NULL) {
06b39c87 FM	100	debuga(_("(authfail) Cannot open file %s\n"),report);
06b39c87 FM	101	exit(EXIT_FAILURE);
25697a35 GS	102	}
25697a35 GS	103
c0ec9cc7	104	write_html_header(fp_ou,(IndexTree == INDEX_TREE_DATE) ? 3 : 1,_("Authentication Failures"));
c36c7384 FM	105	fprintf(fp_ou,"<tr><td class=\"header_l\">%s: %s</td></tr>\n",_("Period"),period);
c36c7384 FM	106	fprintf(fp_ou,"<tr><th class=\"header_c\">%s</th></tr>\n",_("Authentication Failures"));
c0ec9cc7	107	close_html_header(fp_ou);
25697a35	108
c0ec9cc7	109	fputs("<div class=\"report\"><table cellpadding=\"0\" cellspacing=\"2\">\n",fp_ou);
25697a35 GS	110	fputs("<tr><td></td></tr>\n",fp_ou);
	111	fputs("<tr><td></td></tr>\n",fp_ou);
	112	fputs("<tr><td></td></tr>\n",fp_ou);
c36c7384	113	fprintf(fp_ou,"<tr><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th></tr>\n",_("USERID"),_("IP/NAME"),_("DATE/TIME"),_("ACCESSED SITE"));
25697a35	114
afaa3b67	115	if ((line=longline_create())==NULL) {
10210234	116	debuga(_("Not enough memory to read file %s\n"),authfail_in);
06b39c87	117	exit(EXIT_FAILURE);
ac422f9b FM	118	}
ac422f9b FM	119
afaa3b67	120	while((buf=longline_read(fp_in,line))!=NULL) {
9c7c6346	121	getword_start(&gwarea,buf);
06b39c87 FM	122	if (getword(data,sizeof(data),&gwarea,'\t')<0) {
	123	debuga(_("There is a broken date in file %s\n"),authfail_in);
	124	exit(EXIT_FAILURE);
	125	}
	126	if (getword(hora,sizeof(hora),&gwarea,'\t')<0) {
	127	debuga(_("There is a broken time in file %s\n"),authfail_in);
	128	exit(EXIT_FAILURE);
	129	}
	130	if (getword(user,sizeof(user),&gwarea,'\t')<0) {
	131	debuga(_("There is a broken user ID in file %s\n"),authfail_in);
	132	exit(EXIT_FAILURE);
	133	}
	134	if (getword(ip,sizeof(ip),&gwarea,'\t')<0) {
	135	debuga(_("There is a broken IP address in file %s\n"),authfail_in);
	136	exit(EXIT_FAILURE);
e5b2c6f0 FM	137	}
e5b2c6f0 FM	138	if (getword_ptr(buf,&url,&gwarea,'\t')<0) {
10210234	139	debuga(_("There is a broken url in file %s\n"),authfail_in);
06b39c87	140	exit(EXIT_FAILURE);
4bcb77cf	141	}
25697a35	142
f2ec8c75 FM	143	uinfo=userinfo_find_from_id(user);
f2ec8c75 FM	144	if (!uinfo) {
10210234	145	debuga(_("Unknown user ID %s in file %s\n"),user,authfail_in);
06b39c87	146	exit(EXIT_FAILURE);
25697a35 GS	147	}
25697a35 GS	148
06b39c87 FM	149	new_user=false;
06b39c87 FM	150	if(z == 0) {
25697a35 GS	151	strcpy(ouser,user);
	152	strcpy(oip,ip);
	153	z++;
06b39c87	154	new_user=true;
25697a35	155	} else {
d25d4e6a	156	if(strcmp(ouser,user) != 0) {
25697a35	157	strcpy(ouser,user);
06b39c87	158	new_user=true;
d25d4e6a FM	159	}
d25d4e6a FM	160	if(strcmp(oip,ip) != 0) {
25697a35	161	strcpy(oip,ip);
06b39c87	162	new_user=true;
d25d4e6a	163	}
25697a35 GS	164	}
25697a35 GS	165
06b39c87	166	if(AuthfailReportLimit>0) {
f2ec8c75	167	if(strcmp(ouser2,uinfo->label) == 0) {
25697a35 GS	168	count++;
	169	} else {
	170	count=1;
f2ec8c75	171	strcpy(ouser2,uinfo->label);
25697a35 GS	172	}
	173	if(count >= AuthfailReportLimit)
	174	continue;
	175	}
	176
d25d4e6a FM	177	fputs("<tr>",fp_ou);
	178	if (new_user)
	179	fprintf(fp_ou,"<td class=\"data2\">%s</td><td class=\"data2\">%s</td>",uinfo->label,ip);
	180	else
	181	fputs("<td class=\"data2\"></td><td class=\"data2\"></td>",fp_ou);
	182	fprintf(fp_ou,"<td class=\"data2\">%s-%s</td><td class=\"data2\">",data,hora);
ac422f9b FM	183	if(BlockIt[0]!='\0') {
	184	fprintf(fp_ou,"<a href=\"%s%s?url=",wwwDocumentRoot,BlockIt);
	185	output_html_url(fp_ou,url);
	186	fputs("\"><img src=\"../images/sarg-squidguard-block.png\"></a> ",fp_ou);
	187	}
	188	fputs("<a href=\"",fp_ou);
	189	output_html_url(fp_ou,url);
	190	fputs("\">",fp_ou);
	191	output_html_string(fp_ou,url,100);
	192	fputs("</a></td></th>\n",fp_ou);
25697a35	193	}
25697a35	194	fclose(fp_in);
afaa3b67	195	longline_destroy(&line);
c0ec9cc7 FM	196
	197	fputs("</table></div>\n",fp_ou);
	198	write_html_trailer(fp_ou);
25697a35 GS	199	fclose(fp_ou);
	200
	201	unlink(authfail_in);
	202
	203	return;
	204	}