]> git.ipfire.org Git - thirdparty/sarg.git/blob - authfail.c
projects / thirdparty / sarg.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add support to decompress xz files
[thirdparty/sarg.git] / authfail.c
1 /*
2 * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
3 * 1998, 2015
4 *
5 * SARG donations:
6 * please look at http://sarg.sourceforge.net/donations.php
7 * Support:
8 * http://sourceforge.net/projects/sarg/forums/forum/363374
9 * ---------------------------------------------------------------------
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
24 *
25 */
26
27 #include "include/conf.h"
28 #include "include/defs.h"
29 #include "include/readlog.h"
30
31 //! Name of the file containing the unsorted authentication failure entries.
32 static char authfail_unsort[MAXLEN]="";
33 //! The file handle to write the entries.
34 static FILE *fp_authfail=NULL;
35 //! \c True if at least one anthentication failure entry exists.
36 static bool authfail_exists=false;
37
38 /*!
39 Open a file to store the authentication failure.
40
41 \return The file handle or NULL if no file is necessary.
42 */
43 void authfail_open(void)
44 {
45 if ((ReportType & REPORT_TYPE_AUTH_FAILURES) == 0) {
46 if (debugz>=LogLevel_Process) debugaz(__FILE__,__LINE__,_("Authentication failures report not produced as it is not requested\n"));
47 return;
48 }
49 if (Privacy) {
50 if (debugz>=LogLevel_Process) debugaz(__FILE__,__LINE__,_("Authentication failures report not produced because privacy option is active\n"));
51 return;
52 }
53
54 snprintf(authfail_unsort,sizeof(authfail_unsort),"%s/authfail.int_unsort",tmp);
55 if ((fp_authfail=MY_FOPEN(authfail_unsort,"w"))==NULL) {
56 debuga(__FILE__,__LINE__,_("Cannot open file \"%s\": %s\n"),authfail_unsort,strerror(errno));
57 exit(EXIT_FAILURE);
58 }
59 return;
60 }
61
62 /*!
63 Write one entry in the unsorted authentication file file provided that it is required.
64
65 \param log_entry The entry to write into the log file.
66 */
67 void authfail_write(const struct ReadLogStruct *log_entry)
68 {
69 char date[80];
70
71 if (fp_authfail && (strstr(log_entry->HttpCode,"DENIED/401") != 0 || strstr(log_entry->HttpCode,"DENIED/407") != 0)) {
72 strftime(date,sizeof(date),"%d/%m/%Y\t%H:%M:%S",&log_entry->EntryTime);
73 fprintf(fp_authfail, "%s\t%s\t%s\t%s\n",date,log_entry->User,log_entry->Ip,log_entry->Url);
74 authfail_exists=true;
75 }
76 }
77
78 /*!
79 Close the file opened by authfail_open().
80 */
81 void authfail_close(void)
82 {
83 if (fp_authfail)
84 {
85 if (fclose(fp_authfail)==EOF) {
86 debuga(__FILE__,__LINE__,_("Write error in \"%s\": %s\n"),authfail_unsort,strerror(errno));
87 exit(EXIT_FAILURE);
88 }
89 fp_authfail=NULL;
90 }
91 }
92
93 /*!
94 Tell the caller if a authentication failure report exists.
95
96 \return \c True if the report is available or \c false if no report
97 was generated.
98 */
99 bool is_authfail(void)
100 {
101 return(authfail_exists);
102 }
103
104
105 static void show_ignored_auth(FILE *fp_ou,int count)
106 {
107 char ignored[80];
108
109 snprintf(ignored,sizeof(ignored),ngettext("%d more authentication failure not shown here…","%d more authentication failures not shown here…",count),count);
110 fprintf(fp_ou,"<tr><td class=\"data\"></td><td class=\"data\"></td><td class=\"data\"></td><td class=\"data2 more\">%s</td></tr>\n",ignored);
111 }
112
113 void authfail_report(void)
114 {
115 FileObject *fp_in = NULL;
116 FILE *fp_ou = NULL;
117
118 char *buf;
119 char *url;
120 char authfail_sort[MAXLEN];
121 char report[MAXLEN];
122 char ip[MAXLEN];
123 char oip[MAXLEN]="";
124 char user[MAXLEN];
125 char ouser[MAXLEN]="";
126 char ouser2[MAXLEN]="";
127 char data[15];
128 char hora[15];
129 char csort[MAXLEN];
130 int z=0;
131 int count=0;
132 int cstatus;
133 int day,month,year;
134 bool new_user;
135 struct getwordstruct gwarea;
136 longline line;
137 struct userinfostruct *uinfo;
138 struct tm t;
139
140 if (!authfail_exists) {
141 if (!KeepTempLog && authfail_unsort[0]!='\0' && unlink(authfail_unsort))
142 debuga(__FILE__,__LINE__,_("Failed to delete \"%s\": %s\n"),authfail_unsort,strerror(errno));
143
144 authfail_unsort[0]='\0';
145 if (debugz>=LogLevel_Process) debugaz(__FILE__,__LINE__,_("Authentication failures report not produced because it is empty\n"));
146 return;
147 }
148 if (debugz>=LogLevel_Process)
149 debuga(__FILE__,__LINE__,_("Creating authentication failures report...\n"));
150
151 snprintf(authfail_sort,sizeof(authfail_sort),"%s/authfail.int_log",tmp);
152 snprintf(report,sizeof(report),"%s/authfail.html",outdirname);
153
154 snprintf(csort,sizeof(csort),"sort -b -t \"\t\" -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", tmp, authfail_sort, authfail_unsort);
155 cstatus=system(csort);
156 if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
157 debuga(__FILE__,__LINE__,_("sort command return status %d\n"),WEXITSTATUS(cstatus));
158 debuga(__FILE__,__LINE__,_("sort command: %s\n"),csort);
159 exit(EXIT_FAILURE);
160 }
161 if((fp_in=FileObject_Open(authfail_sort))==NULL) {
162 debuga(__FILE__,__LINE__,_("Cannot open file \"%s\": %s\n"),authfail_sort,FileObject_GetLastOpenError());
163 debuga(__FILE__,__LINE__,_("sort command: %s\n"),csort);
164 exit(EXIT_FAILURE);
165 }
166 if (!KeepTempLog && unlink(authfail_unsort)) {
167 debuga(__FILE__,__LINE__,_("Cannot delete \"%s\": %s\n"),authfail_unsort,strerror(errno));
168 exit(EXIT_FAILURE);
169 }
170 authfail_unsort[0]='\0';
171
172 if((fp_ou=MY_FOPEN(report,"w"))==NULL) {
173 debuga(__FILE__,__LINE__,_("Cannot open file \"%s\": %s\n"),report,strerror(errno));
174 exit(EXIT_FAILURE);
175 }
176
177 write_html_header(fp_ou,(IndexTree == INDEX_TREE_DATE) ? 3 : 1,_("Authentication Failures"),HTML_JS_NONE);
178 fputs("<tr><td class=\"header_c\">",fp_ou);
179 fprintf(fp_ou,_("Period: %s"),period.html);
180 fputs("</td></tr>\n",fp_ou);
181 fprintf(fp_ou,"<tr><th class=\"header_c\">%s</th></tr>\n",_("Authentication Failures"));
182 close_html_header(fp_ou);
183
184 fputs("<div class=\"report\"><table cellpadding=\"0\" cellspacing=\"2\">\n",fp_ou);
185 fprintf(fp_ou,"<tr><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th></tr>\n",_("USERID"),_("IP/NAME"),_("DATE/TIME"),_("ACCESSED SITE"));
186
187 if ((line=longline_create())==NULL) {
188 debuga(__FILE__,__LINE__,_("Not enough memory to read file \"%s\"\n"),authfail_sort);
189 exit(EXIT_FAILURE);
190 }
191
192 while((buf=longline_read(fp_in,line))!=NULL) {
193 getword_start(&gwarea,buf);
194 if (getword(data,sizeof(data),&gwarea,'\t')<0) {
195 debuga(__FILE__,__LINE__,_("Invalid date in file \"%s\"\n"),authfail_sort);
196 exit(EXIT_FAILURE);
197 }
198 if (getword(hora,sizeof(hora),&gwarea,'\t')<0) {
199 debuga(__FILE__,__LINE__,_("Invalid time in file \"%s\"\n"),authfail_sort);
200 exit(EXIT_FAILURE);
201 }
202 if (getword(user,sizeof(user),&gwarea,'\t')<0) {
203 debuga(__FILE__,__LINE__,_("Invalid user ID in file \"%s\"\n"),authfail_sort);
204 exit(EXIT_FAILURE);
205 }
206 if (getword(ip,sizeof(ip),&gwarea,'\t')<0) {
207 debuga(__FILE__,__LINE__,_("Invalid IP address in file \"%s\"\n"),authfail_sort);
208 exit(EXIT_FAILURE);
209 }
210 if (getword_ptr(buf,&url,&gwarea,'\t')<0) {
211 debuga(__FILE__,__LINE__,_("Invalid url in file \"%s\"\n"),authfail_sort);
212 exit(EXIT_FAILURE);
213 }
214 if (sscanf(data,"%d/%d/%d",&day,&month,&year)!=3) continue;
215 computedate(year,month,day,&t);
216 strftime(data,sizeof(data),"%x",&t);
217
218 uinfo=userinfo_find_from_id(user);
219 if (!uinfo) {
220 debuga(__FILE__,__LINE__,_("Unknown user ID %s in file \"%s\"\n"),user,authfail_sort);
221 exit(EXIT_FAILURE);
222 }
223
224 new_user=false;
225 if(z == 0) {
226 strcpy(ouser,user);
227 strcpy(oip,ip);
228 z++;
229 new_user=true;
230 } else {
231 if(strcmp(ouser,user) != 0) {
232 strcpy(ouser,user);
233 new_user=true;
234 }
235 if(strcmp(oip,ip) != 0) {
236 strcpy(oip,ip);
237 new_user=true;
238 }
239 }
240
241 if(AuthfailReportLimit>0) {
242 if(strcmp(ouser2,uinfo->label) == 0) {
243 count++;
244 } else {
245 if(count>AuthfailReportLimit && AuthfailReportLimit>0)
246 show_ignored_auth(fp_ou,count-AuthfailReportLimit);
247 count=1;
248 strcpy(ouser2,uinfo->label);
249 }
250 if(count > AuthfailReportLimit)
251 continue;
252 }
253
254 fputs("<tr>",fp_ou);
255 if (new_user)
256 fprintf(fp_ou,"<td class=\"data2\">%s</td><td class=\"data2\">%s</td>",uinfo->label,ip);
257 else
258 fputs("<td class=\"data2\"></td><td class=\"data2\"></td>",fp_ou);
259 fprintf(fp_ou,"<td class=\"data2\">%s-%s</td><td class=\"data2\">",data,hora);
260 if(BlockIt[0]!='\0' && url[0]!=ALIAS_PREFIX) {
261 fprintf(fp_ou,"<a href=\"%s%s?url=",wwwDocumentRoot,BlockIt);
262 output_html_url(fp_ou,url);
263 fputs("\"><img src=\"../images/sarg-squidguard-block.png\"></a>&nbsp;",fp_ou);
264 }
265 output_html_link(fp_ou,url,100);
266 fputs("</td></th>\n",fp_ou);
267 }
268 if (FileObject_Close(fp_in)) {
269 debuga(__FILE__,__LINE__,_("Read error in \"%s\": %s\n"),authfail_sort,FileObject_GetLastCloseError());
270 exit(EXIT_FAILURE);
271 }
272 longline_destroy(&line);
273
274 if(count>AuthfailReportLimit && AuthfailReportLimit>0)
275 show_ignored_auth(fp_ou,count-AuthfailReportLimit);
276
277 fputs("</table></div>\n",fp_ou);
278 write_html_trailer(fp_ou);
279 if (fclose(fp_ou)==EOF) {
280 debuga(__FILE__,__LINE__,_("Write error in \"%s\": %s\n"),report,strerror(errno));
281 exit(EXIT_FAILURE);
282 }
283
284 if (!KeepTempLog && unlink(authfail_sort)) {
285 debuga(__FILE__,__LINE__,_("Cannot delete \"%s\": %s\n"),authfail_sort,strerror(errno));
286 exit(EXIT_FAILURE);
287 }
288
289 return;
290 }
291
292 /*!
293 Remove any temporary file left by the authfail module.
294 */
295 void authfail_cleanup(void)
296 {
297 if (fp_authfail) {
298 if (fclose(fp_authfail)==EOF) {
299 debuga(__FILE__,__LINE__,_("Write error in \"%s\": %s\n"),authfail_unsort,strerror(errno));
300 exit(EXIT_FAILURE);
301 }
302 fp_authfail=NULL;
303 }
304 if(authfail_unsort[0]) {
305 if (!KeepTempLog && unlink(authfail_unsort)==-1)
306 debuga(__FILE__,__LINE__,_("Failed to delete \"%s\": %s\n"),authfail_unsort,strerror(errno));
307 }
308 }
Unnamed repository; edit this file 'description' to name the repository.