]> git.ipfire.org Git - thirdparty/sarg.git/blob - authfail.c
projects / thirdparty / sarg.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add a safety to prevent the deletion of files that haven't been created
[thirdparty/sarg.git] / authfail.c
1 /*
2 * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
3 * 1998, 2012
4 *
5 * SARG donations:
6 * please look at http://sarg.sourceforge.net/donations.php
7 * Support:
8 * http://sourceforge.net/projects/sarg/forums/forum/363374
9 * ---------------------------------------------------------------------
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
24 *
25 */
26
27 #include "include/conf.h"
28 #include "include/defs.h"
29 #include "include/readlog.h"
30
31 //! Name of the file containing the unsorted authentication failure entries.
32 static char authfail_unsort[MAXLEN]="";
33 //! The file handle to write the entries.
34 static FILE *fp_authfail=NULL;
35 //! \c True if at least one anthentication failure entry exists.
36 static bool authfail_exists=false;
37
38 /*!
39 Open a file to store the authentication failure.
40
41 \return The file handle or NULL if no file is necessary.
42 */
43 void authfail_open(void)
44 {
45 if ((ReportType & REPORT_TYPE_AUTH_FAILURES) == 0) {
46 if (debugz) debugaz(_("Authentication failure report not produced as it is not requested\n"));
47 return;
48 }
49 if (Privacy) {
50 if (debugz) debugaz(_("Authentication failure report not produced because privacy option is active\n"));
51 return;
52 }
53
54 snprintf(authfail_unsort,sizeof(authfail_unsort),"%s/authfail.int_unsort",tmp);
55 if ((fp_authfail=MY_FOPEN(authfail_unsort,"w"))==NULL) {
56 debuga(_("(log) Cannot open file: %s - %s\n"),authfail_unsort,strerror(errno));
57 exit(EXIT_FAILURE);
58 }
59 return;
60 }
61
62 /*!
63 Write one entry in the unsorted authentication file file provided that it is required.
64
65 \param log_entry The entry to write into the log file.
66 */
67 void authfail_write(const struct ReadLogStruct *log_entry)
68 {
69 char date[80];
70
71 if (fp_authfail && (strstr(log_entry->HttpCode,"DENIED/401") != 0 || strstr(log_entry->HttpCode,"DENIED/407") != 0)) {
72 strftime(date,sizeof(date),"%d/%m/%Y\t%H:%M:%S",&log_entry->EntryTime);
73 fprintf(fp_authfail, "%s\t%s\t%s\t%s\n",date,log_entry->User,log_entry->Ip,log_entry->Url);
74 authfail_exists=true;
75 }
76 }
77
78 /*!
79 Close the file opened by authfail_open().
80 */
81 void authfail_close(void)
82 {
83 if (fp_authfail)
84 {
85 if (fclose(fp_authfail)==EOF)
86 {
87 debuga(_("Write error in %s: %s\n"),authfail_unsort,strerror(errno));
88 exit(EXIT_FAILURE);
89 }
90 fp_authfail=NULL;
91 }
92 }
93
94 /*!
95 Tell the caller if a authentication failure report exists.
96
97 \return \c True if the report is available or \c false if no report
98 was generated.
99 */
100 bool is_authfail(void)
101 {
102 return(authfail_exists);
103 }
104
105
106 static void show_ignored_auth(FILE *fp_ou,int count)
107 {
108 char ignored[80];
109
110 snprintf(ignored,sizeof(ignored),ngettext("%d more authentication failure not shown here…","%d more authentication failures not shown here…",count),count);
111 fprintf(fp_ou,"<tr><td class=\"data\"></td><td class=\"data\"></td><td class=\"data\"></td><td class=\"data2 more\">%s</td></tr>\n",ignored);
112 }
113
114 void authfail_report(void)
115 {
116 FILE *fp_in = NULL, *fp_ou = NULL;
117
118 char *buf;
119 char *url;
120 char authfail_sort[MAXLEN];
121 char report[MAXLEN];
122 char ip[MAXLEN];
123 char oip[MAXLEN]="";
124 char user[MAXLEN];
125 char ouser[MAXLEN]="";
126 char ouser2[MAXLEN]="";
127 char data[15];
128 char hora[15];
129 char csort[MAXLEN];
130 int z=0;
131 int count=0;
132 int cstatus;
133 int day,month,year;
134 bool new_user;
135 struct getwordstruct gwarea;
136 longline line;
137 struct userinfostruct *uinfo;
138 struct tm t;
139
140 if (!authfail_exists) {
141 if (!KeepTempLog && authfail_unsort[0]!='\0' && unlink(authfail_unsort))
142 debuga(_("Failed to delete \"%s\": %s\n"),authfail_unsort,strerror(errno));
143
144 authfail_unsort[0]='\0';
145 if (debugz) debugaz(_("Authentication failures report not produced because it is empty\n"));
146 return;
147 }
148
149 snprintf(authfail_sort,sizeof(authfail_sort),"%s/authfail.int_log",tmp);
150 snprintf(report,sizeof(report),"%s/authfail.html",outdirname);
151
152 snprintf(csort,sizeof(csort),"sort -b -t \"\t\" -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", tmp, authfail_sort, authfail_unsort);
153 cstatus=system(csort);
154 if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
155 debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));
156 debuga(_("sort command: %s\n"),csort);
157 exit(EXIT_FAILURE);
158 }
159 if((fp_in=MY_FOPEN(authfail_sort,"r"))==NULL) {
160 debuga(_("(authfail) Cannot open file %s\n"),authfail_sort);
161 debuga(_("sort command: %s\n"),csort);
162 exit(EXIT_FAILURE);
163 }
164 if (!KeepTempLog && unlink(authfail_unsort)) {
165 debuga(_("Cannot delete \"%s\": %s\n"),authfail_unsort,strerror(errno));
166 exit(EXIT_FAILURE);
167 }
168 authfail_unsort[0]='\0';
169
170 if((fp_ou=MY_FOPEN(report,"w"))==NULL) {
171 debuga(_("(authfail) Cannot open file %s\n"),report);
172 exit(EXIT_FAILURE);
173 }
174
175 write_html_header(fp_ou,(IndexTree == INDEX_TREE_DATE) ? 3 : 1,_("Authentication Failures"),HTML_JS_NONE);
176 fputs("<tr><td class=\"header_c\">",fp_ou);
177 fprintf(fp_ou,_("Period: %s"),period.html);
178 fputs("</td></tr>\n",fp_ou);
179 fprintf(fp_ou,"<tr><th class=\"header_c\">%s</th></tr>\n",_("Authentication Failures"));
180 close_html_header(fp_ou);
181
182 fputs("<div class=\"report\"><table cellpadding=\"0\" cellspacing=\"2\">\n",fp_ou);
183 fprintf(fp_ou,"<tr><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th><th class=\"header_l\">%s</th></tr>\n",_("USERID"),_("IP/NAME"),_("DATE/TIME"),_("ACCESSED SITE"));
184
185 if ((line=longline_create())==NULL) {
186 debuga(_("Not enough memory to read file %s\n"),authfail_sort);
187 exit(EXIT_FAILURE);
188 }
189
190 while((buf=longline_read(fp_in,line))!=NULL) {
191 getword_start(&gwarea,buf);
192 if (getword(data,sizeof(data),&gwarea,'\t')<0) {
193 debuga(_("There is a broken date in file %s\n"),authfail_sort);
194 exit(EXIT_FAILURE);
195 }
196 if (getword(hora,sizeof(hora),&gwarea,'\t')<0) {
197 debuga(_("There is a broken time in file %s\n"),authfail_sort);
198 exit(EXIT_FAILURE);
199 }
200 if (getword(user,sizeof(user),&gwarea,'\t')<0) {
201 debuga(_("There is a broken user ID in file %s\n"),authfail_sort);
202 exit(EXIT_FAILURE);
203 }
204 if (getword(ip,sizeof(ip),&gwarea,'\t')<0) {
205 debuga(_("There is a broken IP address in file %s\n"),authfail_sort);
206 exit(EXIT_FAILURE);
207 }
208 if (getword_ptr(buf,&url,&gwarea,'\t')<0) {
209 debuga(_("There is a broken url in file %s\n"),authfail_sort);
210 exit(EXIT_FAILURE);
211 }
212 if (sscanf(data,"%d/%d/%d",&day,&month,&year)!=3) continue;
213 computedate(year,month,day,&t);
214 strftime(data,sizeof(data),"%x",&t);
215
216 uinfo=userinfo_find_from_id(user);
217 if (!uinfo) {
218 debuga(_("Unknown user ID %s in file %s\n"),user,authfail_sort);
219 exit(EXIT_FAILURE);
220 }
221
222 new_user=false;
223 if(z == 0) {
224 strcpy(ouser,user);
225 strcpy(oip,ip);
226 z++;
227 new_user=true;
228 } else {
229 if(strcmp(ouser,user) != 0) {
230 strcpy(ouser,user);
231 new_user=true;
232 }
233 if(strcmp(oip,ip) != 0) {
234 strcpy(oip,ip);
235 new_user=true;
236 }
237 }
238
239 if(AuthfailReportLimit>0) {
240 if(strcmp(ouser2,uinfo->label) == 0) {
241 count++;
242 } else {
243 if(count>AuthfailReportLimit && AuthfailReportLimit>0)
244 show_ignored_auth(fp_ou,count-AuthfailReportLimit);
245 count=1;
246 strcpy(ouser2,uinfo->label);
247 }
248 if(count > AuthfailReportLimit)
249 continue;
250 }
251
252 fputs("<tr>",fp_ou);
253 if (new_user)
254 fprintf(fp_ou,"<td class=\"data2\">%s</td><td class=\"data2\">%s</td>",uinfo->label,ip);
255 else
256 fputs("<td class=\"data2\"></td><td class=\"data2\"></td>",fp_ou);
257 fprintf(fp_ou,"<td class=\"data2\">%s-%s</td><td class=\"data2\">",data,hora);
258 if(BlockIt[0]!='\0' && url[0]!=ALIAS_PREFIX) {
259 fprintf(fp_ou,"<a href=\"%s%s?url=",wwwDocumentRoot,BlockIt);
260 output_html_url(fp_ou,url);
261 fputs("\"><img src=\"../images/sarg-squidguard-block.png\"></a>&nbsp;",fp_ou);
262 }
263 output_html_link(fp_ou,url,100);
264 fputs("</td></th>\n",fp_ou);
265 }
266 fclose(fp_in);
267 longline_destroy(&line);
268
269 if(count>AuthfailReportLimit && AuthfailReportLimit>0)
270 show_ignored_auth(fp_ou,count-AuthfailReportLimit);
271
272 fputs("</table></div>\n",fp_ou);
273 if (write_html_trailer(fp_ou)<0)
274 debuga(_("Write error in file %s\n"),report);
275 if (fclose(fp_ou)==EOF)
276 debuga(_("Failed to close file %s - %s\n"),report,strerror(errno));
277
278 if (!KeepTempLog && unlink(authfail_sort)) {
279 debuga(_("Cannot delete %s - %s\n"),authfail_sort,strerror(errno));
280 exit(EXIT_FAILURE);
281 }
282
283 return;
284 }
285
286 /*!
287 Remove any temporary file left by the authfail module.
288 */
289 void authfail_cleanup(void)
290 {
291 if (fp_authfail)
292 {
293 fclose(fp_authfail);
294 fp_authfail=NULL;
295 }
296 if(authfail_unsort[0]) {
297 if (!KeepTempLog && unlink(authfail_unsort)==-1)
298 debuga(_("Failed to delete %s: %s\n"),authfail_unsort,strerror(errno));
299 }
300 }
Unnamed repository; edit this file 'description' to name the repository.