From: Frédéric Marchal Date: Thu, 5 Jul 2012 13:47:45 +0000 (+0200) Subject: Make a module out of the authentication failures report X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=16b013cc5e486f294390c46e62b691f255c64ddb;p=thirdparty%2Fsarg.git Make a module out of the authentication failures report The authentication failures report is similar to the denied accesses report and was changed to reflect the same changes. --- diff --git a/authfail.c b/authfail.c index b390202..8a212c6 100644 --- a/authfail.c +++ b/authfail.c @@ -26,6 +26,82 @@ #include "include/conf.h" #include "include/defs.h" +#include "include/readlog.h" + +//! Name of the file containing the unsorted authentication failure entries. +static char authfail_unsort[MAXLEN]=""; +//! The file handle to write the entries. +static FILE *fp_authfail=NULL; +//! \c True if at least one anthentication failure entry exists. +static bool authfail_exists=false; + +/*! +Open a file to store the authentication failure. + +\return The file handle or NULL if no file is necessary. +*/ +void authfail_open(void) +{ + if ((ReportType & REPORT_TYPE_AUTH_FAILURES) == 0) { + if (debugz) debugaz(_("Authentication failure report not produced as it is not requested\n")); + return; + } + if (Privacy) { + if (debugz) debugaz(_("Authentication failure report not produced because privacy option is active\n")); + return; + } + + snprintf(authfail_unsort,sizeof(authfail_unsort),"%s/authfail.int_unsort",tmp); + if ((fp_authfail=MY_FOPEN(authfail_unsort,"w"))==NULL) { + debuga(_("(log) Cannot open file: %s - %s\n"),authfail_unsort,strerror(errno)); + exit(EXIT_FAILURE); + } + return; +} + +/*! +Write one entry in the unsorted authentication file file provided that it is required. + +\param log_entry The entry to write into the log file. +*/ +void authfail_write(const struct ReadLogStruct *log_entry) +{ + char date[80]; + + if (fp_authfail && (strstr(log_entry->HttpCode,"DENIED/401") != 0 || strstr(log_entry->HttpCode,"DENIED/407") != 0)) { + strftime(date,sizeof(date),"%d/%m/%Y\t%H:%M:%S",log_entry->EntryTime); + fprintf(fp_authfail, "%s\t%s\t%s\t%s\n",date,log_entry->User,log_entry->Ip,log_entry->Url); + authfail_exists=true; + } +} + +/*! +Close the file opened by authfail_open(). +*/ +void authfail_close(void) +{ + if (fp_authfail) + { + if (fclose(fp_authfail)==EOF) + { + debuga(_("Write error in %s: %s\n"),authfail_unsort,strerror(errno)); + exit(EXIT_FAILURE); + } + fp_authfail=NULL; + } +} + +/*! +Tell the caller if a authentication failure report exists. + +\return \c True if the report is available or \c false if no report +was generated. +*/ +bool is_authfail(void) +{ + return(authfail_exists); +} + static void show_ignored_auth(FILE *fp_ou,int count) { @@ -41,20 +117,19 @@ void authfail_report(void) char *buf; char *url; - char authfail_in[MAXLEN]; + char authfail_sort[MAXLEN]; char report[MAXLEN]; char ip[MAXLEN]; - char oip[MAXLEN]; + char oip[MAXLEN]=""; char user[MAXLEN]; - char ouser[MAXLEN]; - char ouser2[MAXLEN]; + char ouser[MAXLEN]=""; + char ouser2[MAXLEN]=""; char data[15]; char hora[15]; - char tmp4[MAXLEN]; char csort[MAXLEN]; - int z=0; - int count=0; - int cstatus; + int z=0; + int count=0; + int cstatus; int day,month,year; bool new_user; struct getwordstruct gwarea; @@ -62,39 +137,36 @@ void authfail_report(void) struct userinfostruct *uinfo; struct tm t; - if(DataFile[0] != '\0') return; - - ouser[0]='\0'; - ouser2[0]='\0'; - oip[0]='\0'; - - snprintf(tmp4,sizeof(tmp4),"%s/authfail.int_unsort",tmp); - - if(authfail_count == 0) { - unlink(tmp4); + if (!authfail_exists) { + if (unlink(authfail_unsort)==-1) + { + debuga(_("Failed to delete %s: %s\n"),authfail_unsort,strerror(errno)); + } + authfail_unsort[0]='\0'; if (debugz) debugaz(_("Authentication failures report not produced because it is empty\n")); return; } - snprintf(authfail_in,sizeof(authfail_in),"%s/authfail.int_log",tmp); + snprintf(authfail_sort,sizeof(authfail_sort),"%s/authfail.int_log",tmp); snprintf(report,sizeof(report),"%s/authfail.html",outdirname); - snprintf(csort,sizeof(csort),"sort -b -t \"\t\" -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", tmp, authfail_in, tmp4); + snprintf(csort,sizeof(csort),"sort -b -t \"\t\" -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", tmp, authfail_sort, authfail_unsort); cstatus=system(csort); if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) { debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus)); debuga(_("sort command: %s\n"),csort); exit(EXIT_FAILURE); } - if((fp_in=MY_FOPEN(authfail_in,"r"))==NULL) { - debuga(_("(authfail) Cannot open file %s\n"),authfail_in); + if((fp_in=MY_FOPEN(authfail_sort,"r"))==NULL) { + debuga(_("(authfail) Cannot open file %s\n"),authfail_sort); debuga(_("sort command: %s\n"),csort); exit(EXIT_FAILURE); } - if (unlink(tmp4)) { - debuga(_("Cannot delete %s - %s\n"),tmp4,strerror(errno)); + if (unlink(authfail_unsort)) { + debuga(_("Cannot delete %s - %s\n"),authfail_unsort,strerror(errno)); exit(EXIT_FAILURE); } + authfail_unsort[0]='\0'; if((fp_ou=MY_FOPEN(report,"w"))==NULL) { debuga(_("(authfail) Cannot open file %s\n"),report); @@ -112,30 +184,30 @@ void authfail_report(void) fprintf(fp_ou,"%s%s%s%s\n",_("USERID"),_("IP/NAME"),_("DATE/TIME"),_("ACCESSED SITE")); if ((line=longline_create())==NULL) { - debuga(_("Not enough memory to read file %s\n"),authfail_in); + debuga(_("Not enough memory to read file %s\n"),authfail_sort); exit(EXIT_FAILURE); } while((buf=longline_read(fp_in,line))!=NULL) { getword_start(&gwarea,buf); if (getword(data,sizeof(data),&gwarea,'\t')<0) { - debuga(_("There is a broken date in file %s\n"),authfail_in); + debuga(_("There is a broken date in file %s\n"),authfail_sort); exit(EXIT_FAILURE); } if (getword(hora,sizeof(hora),&gwarea,'\t')<0) { - debuga(_("There is a broken time in file %s\n"),authfail_in); + debuga(_("There is a broken time in file %s\n"),authfail_sort); exit(EXIT_FAILURE); } if (getword(user,sizeof(user),&gwarea,'\t')<0) { - debuga(_("There is a broken user ID in file %s\n"),authfail_in); + debuga(_("There is a broken user ID in file %s\n"),authfail_sort); exit(EXIT_FAILURE); } if (getword(ip,sizeof(ip),&gwarea,'\t')<0) { - debuga(_("There is a broken IP address in file %s\n"),authfail_in); + debuga(_("There is a broken IP address in file %s\n"),authfail_sort); exit(EXIT_FAILURE); } if (getword_ptr(buf,&url,&gwarea,'\t')<0) { - debuga(_("There is a broken url in file %s\n"),authfail_in); + debuga(_("There is a broken url in file %s\n"),authfail_sort); exit(EXIT_FAILURE); } if (sscanf(data,"%d/%d/%d",&day,&month,&year)!=3) continue; @@ -144,7 +216,7 @@ void authfail_report(void) uinfo=userinfo_find_from_id(user); if (!uinfo) { - debuga(_("Unknown user ID %s in file %s\n"),user,authfail_in); + debuga(_("Unknown user ID %s in file %s\n"),user,authfail_sort); exit(EXIT_FAILURE); } @@ -204,10 +276,26 @@ void authfail_report(void) if (fclose(fp_ou)==EOF) debuga(_("Failed to close file %s - %s\n"),report,strerror(errno)); - if (unlink(authfail_in)) { - debuga(_("Cannot delete %s - %s\n"),authfail_in,strerror(errno)); + if (unlink(authfail_sort)) { + debuga(_("Cannot delete %s - %s\n"),authfail_sort,strerror(errno)); exit(EXIT_FAILURE); } return; } + +/*! +Remove any temporary file left by the authfail module. +*/ +void authfail_cleanup(void) +{ + if (fp_authfail) + { + fclose(fp_authfail); + fp_authfail=NULL; + } + if(authfail_unsort[0]) { + if (unlink(authfail_unsort)==-1) + debuga(_("Failed to delete %s: %s\n"),authfail_unsort,strerror(errno)); + } +} diff --git a/include/conf.h b/include/conf.h index 7da17d9..c90be1a 100755 --- a/include/conf.h +++ b/include/conf.h @@ -440,7 +440,6 @@ char HostAliasFile[512]; int idate; int download_count; -int authfail_count; int dansguardian_count; int redirector_count; int useragent_count; diff --git a/include/defs.h b/include/defs.h index 8b8b154..2c27e6c 100755 --- a/include/defs.h +++ b/include/defs.h @@ -114,7 +114,12 @@ struct ReadLogDataStruct void htaccess(const struct userinfostruct *uinfo); // authfail.c +void authfail_open(void); +void authfail_write(const struct ReadLogStruct *log_entry); +void authfail_close(void); +bool is_authfail(void); void authfail_report(void); +void authfail_cleanup(void); // charset.c void ccharset(char *CharSet); diff --git a/log.c b/log.c index 491b34f..0bf0e56 100644 --- a/log.c +++ b/log.c @@ -221,7 +221,6 @@ int main(int argc,char *argv[]) HostAliasFile[0]='\0'; download_count=0; - authfail_count=0; dansguardian_count=0; redirector_count=0; useragent_count=0; @@ -700,6 +699,7 @@ int main(int argc,char *argv[]) gerarel(); denied_cleanup(); + authfail_cleanup(); if(strcmp(tmp,"/tmp") != 0) { unlinkdir(tmp,0); diff --git a/readlog.c b/readlog.c index 7a27516..569eb92 100644 --- a/readlog.c +++ b/readlog.c @@ -92,7 +92,6 @@ int ReadLogFile(struct ReadLogDataStruct *Filter) char tmp3[MAXLEN]; char sz_Download_Unsort[20000]; char start_hour[128]; - char authfail_unsort[MAXLEN]; char download_url[MAXLEN]; char smartfilter[MAXLEN]; const char *arq; @@ -117,7 +116,6 @@ int ReadLogFile(struct ReadLogDataStruct *Filter) long long int iyear, imonth, iday; FILE *fp_in=NULL; FILE *fp_log=NULL; - FILE *fp_authfail=NULL; FILE *fp_Download_Unsort=NULL; bool from_pipe; bool from_stdin; @@ -141,17 +139,10 @@ int ReadLogFile(struct ReadLogDataStruct *Filter) first_user_file=NULL; snprintf(sz_Download_Unsort,sizeof(sz_Download_Unsort),"%s/download.int_unsort", tmp); - snprintf(authfail_unsort,sizeof(authfail_unsort),"%s/authfail.int_unsort",tmp); if(DataFile[0]=='\0') { denied_open(); - - if((ReportType & REPORT_TYPE_DENIED) != 0 || (ReportType & REPORT_TYPE_AUTH_FAILURES) != 0) { - if((fp_authfail=MY_FOPEN(authfail_unsort,"w"))==NULL) { - debuga(_("(log) Cannot open file: %s - %s\n"),authfail_unsort,strerror(errno)); - exit(EXIT_FAILURE); - } - } + authfail_open(); } if ((line=longline_create())==NULL) { @@ -860,12 +851,7 @@ int ReadLogFile(struct ReadLogDataStruct *Filter) } denied_write(&log_entry); - if((ReportType & REPORT_TYPE_AUTH_FAILURES) != 0) { - if(fp_authfail && (strstr(log_entry.HttpCode,"DENIED/401") != 0 || strstr(log_entry.HttpCode,"DENIED/407") != 0)) { - fprintf(fp_authfail, "%s\t%s\t%s\t%s\t%s\n",dia,hora,log_entry.User,log_entry.Ip,log_entry.Url); - authfail_count++; - } - } + authfail_write(&log_entry); if (ilf!=ILF_Sarg) { if(!totper || idata%s\n",_("Redirector")); if ((ReportType & REPORT_TYPE_DOWNLOADS) != 0 && download_count && !Privacy && ndownload) fprintf(fp_top3,"%s\n",_("Downloads")); if (is_denied()) fprintf(fp_top3,"%s\n",_("Denied accesses")); - if ((ReportType & REPORT_TYPE_AUTH_FAILURES) != 0 && authfail_count && !Privacy) fprintf(fp_top3,"%s\n",_("Authentication Failures")); + if (is_authfail()) fprintf(fp_top3,"%s\n",_("Authentication Failures")); if(smartfilter) fprintf(fp_top3,"%s\n",_("SmartFilter")); if(UserAgentLog[0] != '\0' && useragent_count) fprintf(fp_top3,"%s\n",_("Useragent")); fputs("\n\n",fp_top3);