]> git.ipfire.org Git - thirdparty/sarg.git/blob - squidguard_log.c
projects / thirdparty / sarg.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Protection against buffer overflows in getword and friends and report the origin...
[thirdparty/sarg.git] / squidguard_log.c
1 /*
2 * AUTHOR: Pedro Lineu Orso pedro.orso@gmail.com
3 * 1998, 2008
4 * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
5 *
6 * SARG donations:
7 * please look at http://sarg.sourceforge.net/donations.php
8 * ---------------------------------------------------------------------
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
23 *
24 */
25
26 #include "include/conf.h"
27
28 static char **files_done = NULL;
29 static int nfiles_done = 0;
30
31
32 void read_log(char *wentp, FILE *fp_ou)
33 {
34 FILE *fp_in = NULL;
35 char bufbsf[255];
36 char leks[5], sep[2], res[MAXLEN];
37 char mon[10], hour[15];
38 char list[MAXLEN];
39 char wdata[127];
40 int idata=0;
41 int i;
42
43 if(debug) {
44 strcpy(buf,text[7]);
45 if (getword(urly,sizeof(urly),buf,' ')<0 || getword(href,sizeof(href),buf,' ')<0) {
46 printf("SARG: Maybe you have a broken record or garbage in your %s string.\n",text[7]);
47 exit(1);
48 }
49 sprintf(msg,"%s squidGuard %s: %s",urly,buf,wentp);
50 debuga(msg);
51 }
52
53 /* With squidGuard, you can log groups in only one log file.
54 We must parse each log files only one time. Example :
55 dest porn {
56 domainlist porn/domains
57 urllist porn/urls
58 log file1.log
59 }
60 dest aggressive {
61 domainlist aggressive/domains
62 urllist aggressive/urls
63 log file2.log
64 }
65 dest audio-video {
66 domainlist audio-video/domains
67 urllist audio-video/urls
68 log file1.log
69 }
70 */
71 for (i=0; i<nfiles_done; i++)
72 if (!strcmp(wentp, files_done[i])) return;
73
74 nfiles_done++;
75 files_done = realloc(files_done, nfiles_done*sizeof(char *));
76 if (!files_done) {
77 perror("parse squidGuard - realloc");
78 exit(EXIT_FAILURE);
79 }
80 files_done[nfiles_done-1] = strdup(wentp);
81 if (!files_done[nfiles_done-1]) {
82 perror("parse squidGuard - strdup");
83 exit(EXIT_FAILURE);
84 }
85
86 if ((fp_in=fopen(wentp,"r"))==NULL) {
87 fprintf(stderr, "SARG: (squidguard) %s: %s\n",text[8],wentp);
88 exit(1);
89 }
90
91 if ((fp_in=fopen(wentp,"r"))==NULL) {
92 fprintf(stderr, "SARG: (squidguard) %s: %s\n",text[8],wentp);
93 exit(1);
94 }
95
96 while (fgets(buf,sizeof(buf),fp_in) != NULL) {
97 if(strlen(SquidGuardLogFormat) > 0) {
98 strcpy(bufbsf,SquidGuardLogFormat);
99 leks[0]='\0';
100 if (getword(leks,sizeof(leks),bufbsf,'#')<0) {
101 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",wentp);
102 exit(1);
103 }
104 while(strcmp(leks,"end") != 0) {
105 if (getword(leks,sizeof(leks),bufbsf,'#')<0 || getword(sep,sizeof(sep),bufbsf,'#')<0) {
106 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",wentp);
107 exit(1);
108 }
109 if(strcmp(leks,"end") != 0) {
110 if (getword(res,sizeof(res),buf,sep[0])<0) {
111 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",wentp);
112 exit(1);
113 }
114 if(strcmp(leks,"year") == 0)
115 strcpy(year,res);
116 else if(strcmp(leks,"year") == 0)
117 strcpy(year,res);
118 else if(strcmp(leks,"mon") == 0)
119 strcpy(mon,res);
120 else if(strcmp(leks,"day") == 0)
121 strcpy(day,res);
122 else if(strcmp(leks,"hour") == 0)
123 strcpy(hour,res);
124 else if(strcmp(leks,"list") == 0)
125 strcpy(list,res);
126 else if(strcmp(leks,"ip") == 0)
127 strcpy(ip,res);
128 else if(strcmp(leks,"user") == 0)
129 strcpy(user,res);
130 else if(strcmp(leks,"url") == 0)
131 strcpy(url,res);
132 }
133 }
134 } else {
135 if (getword(year,sizeof(year),buf,'-')<0 || getword(mon,sizeof(mon),buf,'-')<0 ||
136 getword(day,sizeof(day),buf,' ')<0 || getword(hour,sizeof(hour),buf,' ')<0 ||
137 getword(list,sizeof(list),buf,'/')<0 || getword(list,sizeof(list),buf,'/')<0 ||
138 getword(tmp5,sizeof(tmp5),buf,'/')<0 || getword(tmp5,sizeof(tmp5),buf,'/')<0 ||
139 getword(url,sizeof(url),buf,'/')<0 || getword(tmp5,sizeof(tmp5),buf,' ')<0 ||
140 getword(ip,sizeof(ip),buf,'/')<0 || getword(user,sizeof(user),buf,' ')<0 ||
141 getword(user,sizeof(user),buf,' ')<0) {
142 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",wentp);
143 exit(1);
144 }
145 }
146
147 sprintf(warea,"%s%s%s",year,mon,day);
148 sprintf(wdata,"%s%s%s",year,mon,day);
149 idata = atoi(wdata);
150
151 if(strcmp(SquidguardIgnoreDate,"on") == 0) {
152 if(idata < dfrom && idata > duntil)
153 continue;
154 }
155
156 if (strcmp(user,"-") == 0) {
157 strcpy(user,ip);
158 bzero(ip, 30);
159 }
160 sprintf(tmp6,"%s %s%s%s %s %s %s %s\n",user,year,mon,day,hour,ip,url,list);
161 fputs(tmp6, fp_ou);
162 squidguard_count++;
163 }
164 if (fp_in) fclose(fp_in);
165 return;
166 }
167
168
169 int squidguard_log()
170 {
171
172 FILE *fp_ou = NULL, *fp_guard = NULL;
173 char guard_in[MAXLEN];
174 char guard_ou[MAXLEN];
175 char logdir[MAXLEN];
176 char year[10], day[10], mon[10];
177 char user[MAXLEN];
178 char ip[30];
179 int x, y;
180
181 str2 = user;
182
183 if(strlen(SquidGuardConf) < 1 && strlen(SquidGuardLogAlternate) < 1)
184 return;
185
186 if (strlen(SquidGuardLogAlternate) > 0)
187 SquidGuardConf[0]='\0';
188
189 sprintf(guard_in,"%s/squidguard.unsort",tmp);
190 sprintf(guard_ou,"%s/squidguard.log",tmp);
191 if((fp_ou=fopen(guard_in,"a"))==NULL) {
192 fprintf(stderr, "SARG: (squidguard) %s: %s\n",text[8],guard_in);
193 exit(1);
194 }
195
196 bzero(day, 3);
197 bzero(mon, 4);
198 bzero(year, 5);
199
200 if(strcmp(SquidguardIgnoreDate,"on") == 0) {
201 if(strcmp(df,"e") == 0) {
202 strncpy(day,period,2);
203 strncpy(mon,period+2,3);
204 strncpy(year,period+5,4);
205 conv_month(mon);
206 sprintf(warea,"%s%s%s",year,mon,day);
207 dfrom=atoi(warea);
208 strncpy(day,period+10,2);
209 strncpy(mon,period+12,3);
210 strncpy(year,period+15,4);
211 conv_month(mon);
212 sprintf(warea,"%s%s%s",year,mon,day);
213 duntil=atoi(warea);
214 } else {
215 strncpy(day,period+7,2);
216 strncpy(mon,period+4,3);
217 strncpy(year,period,4);
218 conv_month(mon);
219 sprintf(warea,"%s%s%s",year,mon,day);
220 dfrom=atoi(warea);
221 strncpy(day,period+17,2);
222 strncpy(mon,period+14,3);
223 strncpy(year,period+10,4);
224 conv_month(mon);
225 sprintf(warea,"%s%s%s",year,mon,day);
226 duntil=atoi(warea);
227 }
228 }
229
230 if(strlen(SquidGuardConf) > 0) {
231 if(access(SquidGuardConf, R_OK) != 0) {
232 sprintf(msg,"Cannot open squidGuard config file: %s",SquidGuardConf);
233 debuga(msg);
234 exit(1);
235 }
236
237 if((fp_guard=fopen(SquidGuardConf,"r"))==NULL) {
238 fprintf(stderr, "SARG: (squidguard) %s: %s\n",text[8],SquidGuardConf);
239 exit(1);
240 }
241
242 while(fgets(buf,sizeof(buf),fp_guard)!=NULL) {
243 if(strstr(buf,"\n") != 0)
244 buf[strlen(buf)-1]='\0';
245 if(strstr(buf,"logdir ") != 0) {
246 if (getword(logdir,sizeof(logdir),buf,' ')<0 || getword(logdir,sizeof(logdir),buf,' ')<0) {
247 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",SquidGuardConf);
248 exit(1);
249 }
250 }
251 if((str=(char *) strstr(buf, "log")) != (char *) NULL ) {
252 str=str+3;
253 str2[0]='\0';
254 y=0;
255 while(*str == ' ')
256 str++;
257 if (str == (char *) strstr(str, "anonymous"))
258 str+=9;
259
260 for (x=0; x<=strlen(str); x++) {
261 if (str[x] != ' ' && str[x] != '\t') {
262 str2[y] = str[x];
263 y++;
264 }
265 }
266 if(strchr(str2,' ') != 0) {
267 if (getword(warea,sizeof(warea),str2,' ')<0) {
268 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",SquidGuardConf);
269 exit(1);
270 }
271 strcpy(str2,warea);
272 }
273 if(strchr(str2,'#') != 0) {
274 if (getword(warea,sizeof(warea),str2,'#')<0) {
275 printf("SARG: Maybe you have a broken record or garbage in your %s file.\n",SquidGuardConf);
276 exit(1);
277 }
278 strcpy(str2,warea);
279 }
280 sprintf(wentp,"%s/%s",logdir,str2);
281 read_log(wentp,fp_ou);
282 }
283 }
284 } else {
285 sprintf(wentp,"%s",SquidGuardLogAlternate);
286 read_log(wentp,fp_ou);
287 }
288
289 if (fp_guard) fclose(fp_guard);
290 if (fp_ou) fclose(fp_ou);
291
292 if(debug) {
293 sprintf(msg,"%s: %s",text[54],guard_ou);
294 debuga(msg);
295 }
296
297 sprintf(tmp6,"sort -k 1,1 -k 2,2 -k 4,4 '%s' -o '%s'",guard_in, guard_ou);
298 system(tmp6);
299
300 unlink(guard_in);
301 return;
302 }
Unnamed repository; edit this file 'description' to name the repository.