]>
git.ipfire.org Git - thirdparty/sarg.git/blob - authfail.c
2 * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
6 * please look at http://sarg.sourceforge.net/donations.php
8 * http://sourceforge.net/projects/sarg/forums/forum/363374
9 * ---------------------------------------------------------------------
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
27 #include "include/conf.h"
28 #include "include/defs.h"
30 static void show_ignored_auth ( FILE * fp_ou
, int count
)
34 snprintf ( ignored
, sizeof ( ignored
), ngettext ( "%d more authentication failure not shown here…" , "%d more authentication failures not shown here…" , count
), count
);
35 fprintf ( fp_ou
, "<tr><td class= \" data \" ></td><td class= \" data \" ></td><td class= \" data \" ></td><td class= \" data2 more \" >%s</td></tr> \n " , ignored
);
38 void authfail_report ( void )
40 FILE * fp_in
= NULL
, * fp_ou
= NULL
;
44 char authfail_in
[ MAXLEN
];
60 struct getwordstruct gwarea
;
62 struct userinfostruct
* uinfo
;
65 if ( DataFile
[ 0 ] != '\0' ) return ;
71 snprintf ( tmp4
, sizeof ( tmp4
), "%s/authfail.int_unsort" , tmp
);
73 if ( authfail_count
== 0 ) {
74 if (! KeepTempLog
&& unlink ( tmp4
)) {
75 debuga ( _ ( "Cannot delete \" %s \" : %s \n " ), tmp4
, strerror ( errno
));
77 if ( debugz
) debugaz ( _ ( "Authentication failures report not produced because it is empty \n " ));
81 snprintf ( authfail_in
, sizeof ( authfail_in
), "%s/authfail.int_log" , tmp
);
82 snprintf ( report
, sizeof ( report
), "%s/authfail.html" , outdirname
);
84 snprintf ( csort
, sizeof ( csort
), "sort -b -t \"\t\" -T \" %s \" -k 3,3 -k 5,5 -o \" %s \" \" %s \" " , tmp
, authfail_in
, tmp4
);
85 cstatus
= system ( csort
);
86 if (! WIFEXITED ( cstatus
) || WEXITSTATUS ( cstatus
)) {
87 debuga ( _ ( "sort command return status %d \n " ), WEXITSTATUS ( cstatus
));
88 debuga ( _ ( "sort command: %s \n " ), csort
);
91 if (( fp_in
= MY_FOPEN ( authfail_in
, "r" ))== NULL
) {
92 debuga ( _ ( "(authfail) Cannot open file %s \n " ), authfail_in
);
93 debuga ( _ ( "sort command: %s \n " ), csort
);
96 if (! KeepTempLog
&& unlink ( tmp4
)) {
97 debuga ( _ ( "Cannot delete \" %s \" : %s \n " ), tmp4
, strerror ( errno
));
101 if (( fp_ou
= MY_FOPEN ( report
, "w" ))== NULL
) {
102 debuga ( _ ( "(authfail) Cannot open file %s \n " ), report
);
106 write_html_header ( fp_ou
,( IndexTree
== INDEX_TREE_DATE
) ? 3 : 1 , _ ( "Authentication Failures" ), HTML_JS_NONE
);
107 fputs ( "<tr><td class= \" header_c \" >" , fp_ou
);
108 fprintf ( fp_ou
, _ ( "Period: %s" ), period
. html
);
109 fputs ( "</td></tr> \n " , fp_ou
);
110 fprintf ( fp_ou
, "<tr><th class= \" header_c \" >%s</th></tr> \n " , _ ( "Authentication Failures" ));
111 close_html_header ( fp_ou
);
113 fputs ( "<div class= \" report \" ><table cellpadding= \" 0 \" cellspacing= \" 2 \" > \n " , fp_ou
);
114 fprintf ( fp_ou
, "<tr><th class= \" header_l \" >%s</th><th class= \" header_l \" >%s</th><th class= \" header_l \" >%s</th><th class= \" header_l \" >%s</th></tr> \n " , _ ( "USERID" ), _ ( "IP/NAME" ), _ ( "DATE/TIME" ), _ ( "ACCESSED SITE" ));
116 if (( line
= longline_create ())== NULL
) {
117 debuga ( _ ( "Not enough memory to read file %s \n " ), authfail_in
);
121 while (( buf
= longline_read ( fp_in
, line
))!= NULL
) {
122 getword_start (& gwarea
, buf
);
123 if ( getword ( data
, sizeof ( data
),& gwarea
, ' \t ' )< 0 ) {
124 debuga ( _ ( "There is a broken date in file %s \n " ), authfail_in
);
127 if ( getword ( hora
, sizeof ( hora
),& gwarea
, ' \t ' )< 0 ) {
128 debuga ( _ ( "There is a broken time in file %s \n " ), authfail_in
);
131 if ( getword ( user
, sizeof ( user
),& gwarea
, ' \t ' )< 0 ) {
132 debuga ( _ ( "There is a broken user ID in file %s \n " ), authfail_in
);
135 if ( getword ( ip
, sizeof ( ip
),& gwarea
, ' \t ' )< 0 ) {
136 debuga ( _ ( "There is a broken IP address in file %s \n " ), authfail_in
);
139 if ( getword_ptr ( buf
,& url
,& gwarea
, ' \t ' )< 0 ) {
140 debuga ( _ ( "There is a broken url in file %s \n " ), authfail_in
);
143 if ( sscanf ( data
, "%d/%d/%d" ,& day
,& month
,& year
)!= 3 ) continue ;
144 computedate ( year
, month
, day
,& t
);
145 strftime ( data
, sizeof ( data
), "%x" ,& t
);
147 uinfo
= userinfo_find_from_id ( user
);
149 debuga ( _ ( "Unknown user ID %s in file %s \n " ), user
, authfail_in
);
160 if ( strcmp ( ouser
, user
) != 0 ) {
164 if ( strcmp ( oip
, ip
) != 0 ) {
170 if ( AuthfailReportLimit
> 0 ) {
171 if ( strcmp ( ouser2
, uinfo
-> label
) == 0 ) {
174 if ( count
> AuthfailReportLimit
&& AuthfailReportLimit
> 0 )
175 show_ignored_auth ( fp_ou
, count
- AuthfailReportLimit
);
177 strcpy ( ouser2
, uinfo
-> label
);
179 if ( count
> AuthfailReportLimit
)
185 fprintf ( fp_ou
, "<td class= \" data2 \" >%s</td><td class= \" data2 \" >%s</td>" , uinfo
-> label
, ip
);
187 fputs ( "<td class= \" data2 \" ></td><td class= \" data2 \" ></td>" , fp_ou
);
188 fprintf ( fp_ou
, "<td class= \" data2 \" >%s-%s</td><td class= \" data2 \" >" , data
, hora
);
189 if ( BlockIt
[ 0 ]!= '\0' && url
[ 0 ]!= ALIAS_PREFIX
) {
190 fprintf ( fp_ou
, "<a href= \" %s%s?url=" , wwwDocumentRoot
, BlockIt
);
191 output_html_url ( fp_ou
, url
);
192 fputs ( " \" ><img src= \" ../images/sarg-squidguard-block.png \" ></a> " , fp_ou
);
194 output_html_link ( fp_ou
, url
, 100 );
195 fputs ( "</td></th> \n " , fp_ou
);
198 longline_destroy (& line
);
200 if ( count
> AuthfailReportLimit
&& AuthfailReportLimit
> 0 )
201 show_ignored_auth ( fp_ou
, count
- AuthfailReportLimit
);
203 fputs ( "</table></div> \n " , fp_ou
);
204 if ( write_html_trailer ( fp_ou
)< 0 )
205 debuga ( _ ( "Write error in file %s \n " ), report
);
206 if ( fclose ( fp_ou
)== EOF
)
207 debuga ( _ ( "Failed to close file %s - %s \n " ), report
, strerror ( errno
));
209 if (! KeepTempLog
&& unlink ( authfail_in
)) {
210 debuga ( _ ( "Cannot delete \" %s \" : %s \n " ), authfail_in
, strerror ( errno
));