]> git.ipfire.org Git - thirdparty/sarg.git/blob - authfail.c
projects / thirdparty / sarg.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Be more thorough when ensuring a file is correctly written
[thirdparty/sarg.git] / authfail.c
1 /*
2 * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
3 * 1998, 2012
4 *
5 * SARG donations:
6 * please look at http://sarg.sourceforge.net/donations.php
7 * Support:
8 * http://sourceforge.net/projects/sarg/forums/forum/363374
9 * ---------------------------------------------------------------------
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
24 *
25 */
26
27 #include "include/conf.h"
28 #include "include/defs.h"
29 #include "include/readlog.h"
30
31 //! Name of the file containing the unsorted authentication failure entries.
32 static char authfail_unsort[MAXLEN]="";
33 //! The file handle to write the entries.
34 static FILE *fp_authfail=NULL;
35 //! \c True if at least one anthentication failure entry exists.
36 static bool authfail_exists=false;
37
38 /*!
39 Open a file to store the authentication failure.
40
41 \return The file handle or NULL if no file is necessary.
42 */
43 void authfail_open(void)
44 {
45 if ((ReportType & REPORT_TYPE_AUTH_FAILURES) == 0) {
46 if (debugz) debugaz(_("Authentication failure report not produced as it is not requested\n"));
47 return;
48 }
49 if (Privacy) {
50 if (debugz) debugaz(_("Authentication failure report not produced because privacy option is active\n"));
51 return;
52 }
53
54 snprintf(authfail_unsort,sizeof(authfail_unsort),"%s/authfail.int_unsort",tmp);
55 if ((fp_authfail=MY_FOPEN(authfail_unsort,"w"))==NULL) {
56 debuga(_("(log) Cannot open file %s: %s\n"),authfail_unsort,strerror(errno));
57 exit(EXIT_FAILURE);
58 }
59 return;
60 }
61
62 /*!
63 Write one entry in the unsorted authentication file file provided that it is required.
64
65 \param log_entry The entry to write into the log file.
66 */
67 void authfail_write(const struct ReadLogStruct *log_entry)
68 {
69 char date[80];
70
71 if (fp_authfail && (strstr(log_entry->HttpCode,"DENIED/401") != 0 || strstr(log_entry->HttpCode,"DENIED/407") != 0)) {
72 strftime(date,sizeof(date),"%d/%m/%Y\t%H:%M:%S",&log_entry->EntryTime);
73 fprintf(fp_authfail, "%s\t%s\t%s\t%s\n",date,log_entry->User,log_entry->Ip,log_entry->Url);
74 authfail_exists=true;
75 }
76 }
77
78 /*!
79 Close the file opened by authfail_open().
80 */
81 void authfail_close(void)
82 {
83 if (fp_authfail)
84 {
85 if (fclose(fp_authfail)==EOF) {
86 debuga(_("Write error in %s: %s\n"),authfail_unsort,strerror(errno));
87 exit(EXIT_FAILURE);
88 }
89 fp_authfail=NULL;
90 }
91 }
92
93 /*!
94 Tell the caller if a authentication failure report exists.
95
96 \return \c True if the report is available or \c false if no report
97 was generated.
98 */
99 bool is_authfail(void)
100 {
101 return(authfail_exists);
102 }
103
104
105 static void show_ignored_auth(FILE *fp_ou,int count)
106 {
107 char ignored[80];
108
109 snprintf(ignored,sizeof(ignored),ngettext("%d more authentication failure not shown here…","%d more authentication failures not shown here…",count),count);
110 fprintf(fp_ou,"<tr><td class=\"data\"></td><td class=\"data\"></td><td class=\"data\"></td><td class=\"data2 more\">%s</td></tr>\n",ignored);
111 }
112
113 void authfail_report(void)
114 {
115 FILE *fp_in = NULL, *fp_ou = NULL;
116
117 char *buf;
118 char *url;
119 char authfail_sort[MAXLEN];
120 char report[MAXLEN];
121 char ip[MAXLEN];
122 char oip[MAXLEN]="";
123 char user[MAXLEN];
124 char ouser[MAXLEN]="";
125 char ouser2[MAXLEN]="";
126 char data[15];
127 char hora[15];
128 char csort[MAXLEN];
129 int z=0;
130 int count=0;
131 int cstatus;
132 int day,month,year;
133 bool new_user;
134 struct getwordstruct gwarea;
135 longline line;
136 struct userinfostruct *uinfo;
137 struct tm t;
138
139 if (!authfail_exists) {
140 if (!KeepTempLog && authfail_unsort[0]!='\0' && unlink(authfail_unsort))
141 debuga(_("Failed to delete \"%s\": %s\n"),authfail_unsort,strerror(errno));
142
143 authfail_unsort[0]='\0';
144 if (debugz) debugaz(_("Authentication failures report not produced because it is empty\n"));
145 return;
146 }
147
148 snprintf(authfail_sort,sizeof(authfail_sort),"%s/authfail.int_log",tmp);
149 snprintf(report,sizeof(report),"%s/authfail.html",outdirname);
150
151 snprintf(csort,sizeof(csort),"sort -b -t \"\t\" -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", tmp, authfail_sort, authfail_unsort);
152 cstatus=system(csort);
153 if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
154 debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));
155 debuga(_("sort command: %s\n"),csort);
156 exit(EXIT_FAILURE);
157 }
158 if((fp_in=MY_FOPEN(authfail_sort,"r"))==NULL) {
159 debuga(_("(authfail) Cannot open file %s: %s\n"),authfail_sort,strerror(errno));
160 debuga(_("sort command: %s\n"),csort);
161 exit(EXIT_FAILURE);
162 }
163 if (!KeepTempLog && unlink(authfail_unsort)) {
164 debuga(_("Cannot delete \"%s\": %s\n"),authfail_unsort,strerror(errno));
165 exit(EXIT_FAILURE);
166 }
167 authfail_unsort[0]='\0';
168
169 if((fp_ou=MY_FOPEN(report,"w"))==NULL) {
170 debuga(_("(authfail) Cannot open file %s: %s\n"),report,strerror(errno));
171 exit(EXIT_FAILURE);
172 }
173
174 write_html_header(fp_ou,(IndexTree == INDEX_TREE_DATE) ? 3 : 1,_("Authentication Failures"),HTML_JS_NONE);
175 fputs("<tr><td class=\"header_c\">",fp_ou);
176 fprintf(fp_ou,_("Period: %s"),period.html);
177 fputs("</td></tr>\n",fp_ou);
178 fprintf(fp_ou,"<tr><th class=\"header_c\">%s</th></tr>\n",_("Authentication Failures"));
179 close_html_header(fp_ou);
180
181 fputs("<div class=\"report\"><table cellpadding=\"0\" cellspacing=\"2\">\n",fp_ou);
182 fprintf(fp_ou,"<tr><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th></tr>\n",_("USERID"),_("IP/NAME"),_("DATE/TIME"),_("ACCESSED SITE"));
183
184 if ((line=longline_create())==NULL) {
185 debuga(_("Not enough memory to read file %s\n"),authfail_sort);
186 exit(EXIT_FAILURE);
187 }
188
189 while((buf=longline_read(fp_in,line))!=NULL) {
190 getword_start(&gwarea,buf);
191 if (getword(data,sizeof(data),&gwarea,'\t')<0) {
192 debuga(_("There is a broken date in file %s\n"),authfail_sort);
193 exit(EXIT_FAILURE);
194 }
195 if (getword(hora,sizeof(hora),&gwarea,'\t')<0) {
196 debuga(_("There is a broken time in file %s\n"),authfail_sort);
197 exit(EXIT_FAILURE);
198 }
199 if (getword(user,sizeof(user),&gwarea,'\t')<0) {
200 debuga(_("There is a broken user ID in file %s\n"),authfail_sort);
201 exit(EXIT_FAILURE);
202 }
203 if (getword(ip,sizeof(ip),&gwarea,'\t')<0) {
204 debuga(_("There is a broken IP address in file %s\n"),authfail_sort);
205 exit(EXIT_FAILURE);
206 }
207 if (getword_ptr(buf,&url,&gwarea,'\t')<0) {
208 debuga(_("There is a broken url in file %s\n"),authfail_sort);
209 exit(EXIT_FAILURE);
210 }
211 if (sscanf(data,"%d/%d/%d",&day,&month,&year)!=3) continue;
212 computedate(year,month,day,&t);
213 strftime(data,sizeof(data),"%x",&t);
214
215 uinfo=userinfo_find_from_id(user);
216 if (!uinfo) {
217 debuga(_("Unknown user ID %s in file %s\n"),user,authfail_sort);
218 exit(EXIT_FAILURE);
219 }
220
221 new_user=false;
222 if(z == 0) {
223 strcpy(ouser,user);
224 strcpy(oip,ip);
225 z++;
226 new_user=true;
227 } else {
228 if(strcmp(ouser,user) != 0) {
229 strcpy(ouser,user);
230 new_user=true;
231 }
232 if(strcmp(oip,ip) != 0) {
233 strcpy(oip,ip);
234 new_user=true;
235 }
236 }
237
238 if(AuthfailReportLimit>0) {
239 if(strcmp(ouser2,uinfo->label) == 0) {
240 count++;
241 } else {
242 if(count>AuthfailReportLimit && AuthfailReportLimit>0)
243 show_ignored_auth(fp_ou,count-AuthfailReportLimit);
244 count=1;
245 strcpy(ouser2,uinfo->label);
246 }
247 if(count > AuthfailReportLimit)
248 continue;
249 }
250
251 fputs("<tr>",fp_ou);
252 if (new_user)
253 fprintf(fp_ou,"<td class=\"data2\">%s</td><td class=\"data2\">%s</td>",uinfo->label,ip);
254 else
255 fputs("<td class=\"data2\"></td><td class=\"data2\"></td>",fp_ou);
256 fprintf(fp_ou,"<td class=\"data2\">%s-%s</td><td class=\"data2\">",data,hora);
257 if(BlockIt[0]!='\0' && url[0]!=ALIAS_PREFIX) {
258 fprintf(fp_ou,"<a href=\"%s%s?url=",wwwDocumentRoot,BlockIt);
259 output_html_url(fp_ou,url);
260 fputs("\"><img src=\"../images/sarg-squidguard-block.png\"></a>&nbsp;",fp_ou);
261 }
262 output_html_link(fp_ou,url,100);
263 fputs("</td></th>\n",fp_ou);
264 }
265 fclose(fp_in);
266 longline_destroy(&line);
267
268 if(count>AuthfailReportLimit && AuthfailReportLimit>0)
269 show_ignored_auth(fp_ou,count-AuthfailReportLimit);
270
271 fputs("</table></div>\n",fp_ou);
272 if (write_html_trailer(fp_ou)<0)
273 debuga(_("Write error in file %s\n"),report);
274 if (fclose(fp_ou)==EOF) {
275 debuga(_("Write error in %s: %s\n"),report,strerror(errno));
276 exit(EXIT_FAILURE);
277 }
278
279 if (!KeepTempLog && unlink(authfail_sort)) {
280 debuga(_("Cannot delete %s - %s\n"),authfail_sort,strerror(errno));
281 exit(EXIT_FAILURE);
282 }
283
284 return;
285 }
286
287 /*!
288 Remove any temporary file left by the authfail module.
289 */
290 void authfail_cleanup(void)
291 {
292 if (fp_authfail) {
293 if (fclose(fp_authfail)==EOF) {
294 debuga(_("Write error in %s: %s\n"),authfail_unsort,strerror(errno));
295 exit(EXIT_FAILURE);
296 }
297 fp_authfail=NULL;
298 }
299 if(authfail_unsort[0]) {
300 if (!KeepTempLog && unlink(authfail_unsort)==-1)
301 debuga(_("Failed to delete %s: %s\n"),authfail_unsort,strerror(errno));
302 }
303 }
Unnamed repository; edit this file 'description' to name the repository.