[thirdparty/sarg.git] / authfail.c

/*
 * SARG Squid Analysis Report Generator      http://sarg.sourceforge.net
 *                                                            1998, 2010
 *
 * SARG donations:
 *      please look at http://sarg.sourceforge.net/donations.php
 * Support:
 *     http://sourceforge.net/projects/sarg/forums/forum/363374
 * ---------------------------------------------------------------------
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
 *
 */

#include "include/conf.h"
#include "include/defs.h"

void authfail_report(void)
{

   FILE *fp_in = NULL, *fp_ou = NULL;

   char *buf;
   char *url;
   char authfail_in[MAXLEN];
   char report[MAXLEN];
   char ip[MAXLEN];
   char oip[MAXLEN];
   char user[MAXLEN];
   char ouser[MAXLEN];
   char ouser2[MAXLEN];
   char data[15];
   char hora[15];
   char tmp4[MAXLEN];
   char csort[MAXLEN];
   int  z=0;
   int  count=0;
   int  cstatus;
   bool new_user;
   struct getwordstruct gwarea;
   longline line;
   struct userinfostruct *uinfo;

   if(DataFile[0] != '\0') return;

   ouser[0]='\0';
   ouser2[0]='\0';
   oip[0]='\0';

   snprintf(tmp4,sizeof(tmp4),"%s/sarg/authfail.log.unsort",TempDir);

   if(authfail_count == 0) {
      unlink(tmp4);
      return;
   }

   snprintf(authfail_in,sizeof(authfail_in),"%s/authfail.log",TempDir);
   snprintf(report,sizeof(report),"%s/authfail.html",outdirname);

   snprintf(csort,sizeof(csort),"sort -b -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", TempDir, authfail_in, tmp4);
   cstatus=system(csort);
   if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
      debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));
      debuga(_("sort command: %s\n"),csort);
      exit(EXIT_FAILURE);
   }
   if((fp_in=MY_FOPEN(authfail_in,"r"))==NULL) {
      debuga(_("(authfail) Cannot open file %s\n"),authfail_in);
      debuga(_("sort command: %s\n"),csort);
      exit(EXIT_FAILURE);
   }
   unlink(tmp4);

   if((fp_ou=MY_FOPEN(report,"w"))==NULL) {
     debuga(_("(authfail) Cannot open file %s\n"),report);
     exit(EXIT_FAILURE);
   }

   write_html_header(fp_ou,(IndexTree == INDEX_TREE_DATE) ? 3 : 1,_("Authentication Failures"));
   fputs("<tr><td class=\"header_c\">",fp_ou);
   fprintf(fp_ou,_("Period: %s"),period.html);
   fputs("</td></tr>\n",fp_ou);
   fprintf(fp_ou,"<tr><th class=\"header_c\">%s</th></tr>\n",_("Authentication Failures"));
   close_html_header(fp_ou);

   fputs("<div class=\"report\"><table cellpadding=\"0\" cellspacing=\"2\">\n",fp_ou);
   fprintf(fp_ou,"<tr><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th></tr>\n",_("USERID"),_("IP/NAME"),_("DATE/TIME"),_("ACCESSED SITE"));

   if ((line=longline_create())==NULL) {
      debuga(_("Not enough memory to read file %s\n"),authfail_in);
      exit(EXIT_FAILURE);
   }

   while((buf=longline_read(fp_in,line))!=NULL) {
      getword_start(&gwarea,buf);
      if (getword(data,sizeof(data),&gwarea,'\t')<0) {
         debuga(_("There is a broken date in file %s\n"),authfail_in);
         exit(EXIT_FAILURE);
      }
      if (getword(hora,sizeof(hora),&gwarea,'\t')<0) {
         debuga(_("There is a broken time in file %s\n"),authfail_in);
         exit(EXIT_FAILURE);
      }
      if (getword(user,sizeof(user),&gwarea,'\t')<0) {
         debuga(_("There is a broken user ID in file %s\n"),authfail_in);
         exit(EXIT_FAILURE);
      }
      if (getword(ip,sizeof(ip),&gwarea,'\t')<0) {
         debuga(_("There is a broken IP address in file %s\n"),authfail_in);
         exit(EXIT_FAILURE);
      }
      if (getword_ptr(buf,&url,&gwarea,'\t')<0) {
         debuga(_("There is a broken url in file %s\n"),authfail_in);
         exit(EXIT_FAILURE);
      }

      uinfo=userinfo_find_from_id(user);
      if (!uinfo) {
         debuga(_("Unknown user ID %s in file %s\n"),user,authfail_in);
         exit(EXIT_FAILURE);
      }

      new_user=false;
      if(z == 0) {
         strcpy(ouser,user);
         strcpy(oip,ip);
         z++;
         new_user=true;
      } else {
         if(strcmp(ouser,user) != 0) {
            strcpy(ouser,user);
            new_user=true;
         }
         if(strcmp(oip,ip) != 0) {
            strcpy(oip,ip);
            new_user=true;
         }
      }

     if(AuthfailReportLimit>0) {
        if(strcmp(ouser2,uinfo->label) == 0) {
            count++;
         } else {
            count=1;
            strcpy(ouser2,uinfo->label);
         }
         if(count >= AuthfailReportLimit)
            continue;
      }

      fputs("<tr>",fp_ou);
      if (new_user)
         fprintf(fp_ou,"<td class=\"data2\">%s</td><td class=\"data2\">%s</td>",uinfo->label,ip);
      else
         fputs("<td class=\"data2\"></td><td class=\"data2\"></td>",fp_ou);
      fprintf(fp_ou,"<td class=\"data2\">%s-%s</td><td class=\"data2\">",data,hora);
      if(BlockIt[0]!='\0') {
         fprintf(fp_ou,"<a href=\"%s%s?url=",wwwDocumentRoot,BlockIt);
         output_html_url(fp_ou,url);
         fputs("\"><img src=\"../images/sarg-squidguard-block.png\"></a>&nbsp;",fp_ou);
      }
      fputs("<a href=\"",fp_ou);
      output_html_url(fp_ou,url);
      fputs("\">",fp_ou);
      output_html_string(fp_ou,url,100);
      fputs("</a></td></th>\n",fp_ou);
   }
   fclose(fp_in);
   longline_destroy(&line);

   fputs("</table></div>\n",fp_ou);
   if (write_html_trailer(fp_ou)<0)
      debuga(_("Write error in file %s\n"),report);
   if (fclose(fp_ou)==EOF)
      debuga(_("Failed to close file %s - %s\n"),report,strerror(errno));

   unlink(authfail_in);

   return;
}
Commit	Line	Data
25697a35	1	/*
94ff9470	2	* SARG Squid Analysis Report Generator http://sarg.sourceforge.net
1164c474	3	* 1998, 2010
94ff9470 GS	4	*
	5	* SARG donations:
	6	* please look at http://sarg.sourceforge.net/donations.php
1164c474 FM	7	* Support:
1164c474 FM	8	* http://sourceforge.net/projects/sarg/forums/forum/363374
25697a35 GS	9	* ---------------------------------------------------------------------
	10	*
	11	* This program is free software; you can redistribute it and/or modify
	12	* it under the terms of the GNU General Public License as published by
	13	* the Free Software Foundation; either version 2 of the License, or
	14	* (at your option) any later version.
	15	*
	16	* This program is distributed in the hope that it will be useful,
	17	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	18	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	19	* GNU General Public License for more details.
	20	*
	21	* You should have received a copy of the GNU General Public License
	22	* along with this program; if not, write to the Free Software
	23	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
	24	*
	25	*/
	26
	27	#include "include/conf.h"
5f3cfd1d	28	#include "include/defs.h"
25697a35	29
32e71fa4	30	void authfail_report(void)
25697a35 GS	31	{
	32
	33	FILE fp_in = NULL, fp_ou = NULL;
120d768c	34
ac422f9b	35	char *buf;
e5b2c6f0	36	char *url;
25697a35	37	char authfail_in[MAXLEN];
25697a35	38	char report[MAXLEN];
25697a35 GS	39	char ip[MAXLEN];
	40	char oip[MAXLEN];
	41	char user[MAXLEN];
	42	char ouser[MAXLEN];
	43	char ouser2[MAXLEN];
	44	char data[15];
	45	char hora[15];
2240dcea FM	46	char tmp4[MAXLEN];
2240dcea FM	47	char csort[MAXLEN];
25697a35 GS	48	int z=0;
25697a35 GS	49	int count=0;
456d78a5	50	int cstatus;
06b39c87	51	bool new_user;
9c7c6346	52	struct getwordstruct gwarea;
afaa3b67	53	longline line;
f2ec8c75	54	struct userinfostruct *uinfo;
25697a35	55
0a4e18e1	56	if(DataFile[0] != '\0') return;
25697a35 GS	57
25697a35 GS	58	ouser[0]='\0';
e5b2c6f0	59	ouser2[0]='\0';
06b39c87	60	oip[0]='\0';
25697a35	61
06b39c87	62	snprintf(tmp4,sizeof(tmp4),"%s/sarg/authfail.log.unsort",TempDir);
120d768c	63
06b39c87	64	if(authfail_count == 0) {
25697a35 GS	65	unlink(tmp4);
	66	return;
	67	}
	68
06b39c87	69	snprintf(authfail_in,sizeof(authfail_in),"%s/authfail.log",TempDir);
06b39c87	70	snprintf(report,sizeof(report),"%s/authfail.html",outdirname);
25697a35	71
06b39c87	72	snprintf(csort,sizeof(csort),"sort -b -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", TempDir, authfail_in, tmp4);
456d78a5 FM	73	cstatus=system(csort);
456d78a5 FM	74	if (!WIFEXITED(cstatus) \|\| WEXITSTATUS(cstatus)) {
10210234 FM	75	debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));
10210234 FM	76	debuga(_("sort command: %s\n"),csort);
06b39c87	77	exit(EXIT_FAILURE);
456d78a5	78	}
936c9905	79	if((fp_in=MY_FOPEN(authfail_in,"r"))==NULL) {
06b39c87	80	debuga(_("(authfail) Cannot open file %s\n"),authfail_in);
10210234	81	debuga(_("sort command: %s\n"),csort);
06b39c87	82	exit(EXIT_FAILURE);
25697a35	83	}
456d78a5	84	unlink(tmp4);
25697a35	85
936c9905	86	if((fp_ou=MY_FOPEN(report,"w"))==NULL) {
06b39c87 FM	87	debuga(_("(authfail) Cannot open file %s\n"),report);
06b39c87 FM	88	exit(EXIT_FAILURE);
25697a35 GS	89	}
25697a35 GS	90
c0ec9cc7	91	write_html_header(fp_ou,(IndexTree == INDEX_TREE_DATE) ? 3 : 1,_("Authentication Failures"));
94558017	92	fputs("<tr><td class=\"header_c\">",fp_ou);
fd46f082	93	fprintf(fp_ou,_("Period: %s"),period.html);
fa6552b0	94	fputs("</td></tr>\n",fp_ou);
c36c7384	95	fprintf(fp_ou,"<tr><th class=\"header_c\">%s</th></tr>\n",_("Authentication Failures"));
c0ec9cc7	96	close_html_header(fp_ou);
25697a35	97
c0ec9cc7	98	fputs("<div class=\"report\"><table cellpadding=\"0\" cellspacing=\"2\">\n",fp_ou);
c36c7384	99	fprintf(fp_ou,"<tr><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th></tr>\n",_("USERID"),_("IP/NAME"),_("DATE/TIME"),_("ACCESSED SITE"));
25697a35	100
afaa3b67	101	if ((line=longline_create())==NULL) {
10210234	102	debuga(_("Not enough memory to read file %s\n"),authfail_in);
06b39c87	103	exit(EXIT_FAILURE);
ac422f9b FM	104	}
ac422f9b FM	105
afaa3b67	106	while((buf=longline_read(fp_in,line))!=NULL) {
9c7c6346	107	getword_start(&gwarea,buf);
06b39c87 FM	108	if (getword(data,sizeof(data),&gwarea,'\t')<0) {
	109	debuga(_("There is a broken date in file %s\n"),authfail_in);
	110	exit(EXIT_FAILURE);
	111	}
	112	if (getword(hora,sizeof(hora),&gwarea,'\t')<0) {
	113	debuga(_("There is a broken time in file %s\n"),authfail_in);
	114	exit(EXIT_FAILURE);
	115	}
	116	if (getword(user,sizeof(user),&gwarea,'\t')<0) {
	117	debuga(_("There is a broken user ID in file %s\n"),authfail_in);
	118	exit(EXIT_FAILURE);
	119	}
	120	if (getword(ip,sizeof(ip),&gwarea,'\t')<0) {
	121	debuga(_("There is a broken IP address in file %s\n"),authfail_in);
	122	exit(EXIT_FAILURE);
e5b2c6f0 FM	123	}
e5b2c6f0 FM	124	if (getword_ptr(buf,&url,&gwarea,'\t')<0) {
10210234	125	debuga(_("There is a broken url in file %s\n"),authfail_in);
06b39c87	126	exit(EXIT_FAILURE);
4bcb77cf	127	}
25697a35	128
f2ec8c75 FM	129	uinfo=userinfo_find_from_id(user);
f2ec8c75 FM	130	if (!uinfo) {
10210234	131	debuga(_("Unknown user ID %s in file %s\n"),user,authfail_in);
06b39c87	132	exit(EXIT_FAILURE);
25697a35 GS	133	}
25697a35 GS	134
06b39c87 FM	135	new_user=false;
06b39c87 FM	136	if(z == 0) {
25697a35 GS	137	strcpy(ouser,user);
	138	strcpy(oip,ip);
	139	z++;
06b39c87	140	new_user=true;
25697a35	141	} else {
d25d4e6a	142	if(strcmp(ouser,user) != 0) {
25697a35	143	strcpy(ouser,user);
06b39c87	144	new_user=true;
d25d4e6a FM	145	}
d25d4e6a FM	146	if(strcmp(oip,ip) != 0) {
25697a35	147	strcpy(oip,ip);
06b39c87	148	new_user=true;
d25d4e6a	149	}
25697a35 GS	150	}
25697a35 GS	151
06b39c87	152	if(AuthfailReportLimit>0) {
f2ec8c75	153	if(strcmp(ouser2,uinfo->label) == 0) {
25697a35 GS	154	count++;
	155	} else {
	156	count=1;
f2ec8c75	157	strcpy(ouser2,uinfo->label);
25697a35 GS	158	}
	159	if(count >= AuthfailReportLimit)
	160	continue;
	161	}
	162
d25d4e6a FM	163	fputs("<tr>",fp_ou);
	164	if (new_user)
	165	fprintf(fp_ou,"<td class=\"data2\">%s</td><td class=\"data2\">%s</td>",uinfo->label,ip);
	166	else
	167	fputs("<td class=\"data2\"></td><td class=\"data2\"></td>",fp_ou);
	168	fprintf(fp_ou,"<td class=\"data2\">%s-%s</td><td class=\"data2\">",data,hora);
ac422f9b FM	169	if(BlockIt[0]!='\0') {
	170	fprintf(fp_ou,"<a href=\"%s%s?url=",wwwDocumentRoot,BlockIt);
	171	output_html_url(fp_ou,url);
	172	fputs("\"><img src=\"../images/sarg-squidguard-block.png\"></a> ",fp_ou);
	173	}
	174	fputs("<a href=\"",fp_ou);
	175	output_html_url(fp_ou,url);
	176	fputs("\">",fp_ou);
	177	output_html_string(fp_ou,url,100);
	178	fputs("</a></td></th>\n",fp_ou);
25697a35	179	}
25697a35	180	fclose(fp_in);
afaa3b67	181	longline_destroy(&line);
c0ec9cc7 FM	182
c0ec9cc7 FM	183	fputs("</table></div>\n",fp_ou);
fa6552b0 FM	184	if (write_html_trailer(fp_ou)<0)
	185	debuga(_("Write error in file %s\n"),report);
	186	if (fclose(fp_ou)==EOF)
	187	debuga(_("Failed to close file %s - %s\n"),report,strerror(errno));
25697a35 GS	188
	189	unlink(authfail_in);
	190
	191	return;
	192	}