From: Eric Bollengier <eric@baculasystems.com>
Date: Wed, 6 Apr 2022 12:49:49 +0000 (+0200)
Subject: Send security events after incorrect connexion with SD/DIR
X-Git-Tag: Beta-15.0.0~605
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7e6df10fc324d4b6e9c91b40aa4b7f736a8d27a5;p=thirdparty%2Fbacula.git

Send security events after incorrect connexion with SD/DIR
---

diff --git a/bacula/src/dird/ua_server.c b/bacula/src/dird/ua_server.c
index 0132a8bd8..8e90773ab 100644
--- a/bacula/src/dird/ua_server.c
+++ b/bacula/src/dird/ua_server.c
@@ -229,6 +229,10 @@ static void *handle_UA_client_request(void *arg)
 
    user->recv();             /* Get first message */
    if (!authenticate_user_agent(ua)) {
+      events_send_msg(ua->jcr, "DS0001", EVENTS_TYPE_SECURITY,
+                      user->host(), (intptr_t)ua->jcr,
+                      "Authentication failed from %s",
+                      user->host());
       goto getout;
    }
 
diff --git a/bacula/src/filed/job.c b/bacula/src/filed/job.c
index d745e97ae..8ad7a6dba 100644
--- a/bacula/src/filed/job.c
+++ b/bacula/src/filed/job.c
@@ -353,10 +353,6 @@ static void *handle_director_request(BSOCK *dir)
    bool found, quit;
    bool first = true;
    JCR *jcr;
-
-   char from[512];
-   dir->get_peer(from, sizeof(from));
-
    suspendres_t suspend;
    prevent_os_suspensions(suspend);   /* do not suspend during backup/restore */
 
@@ -457,9 +453,11 @@ static void *handle_director_request(BSOCK *dir)
 
 bail_out:
    /* Keep track of the important events */
-   if (dir && !jcr->authenticated) {
+   if (dir && jcr && !jcr->authenticated) {
       events_send_msg(jcr, "FS0001", EVENTS_TYPE_SECURITY,
-                      from, (intptr_t)jcr, "Authentication failed");
+                      dir->host(), (intptr_t)jcr,
+                      "Authentication failed from %s",
+                      dir->host());
    }
 
    dequeue_messages(jcr);  /* send any queued messages, will no longer impact
diff --git a/bacula/src/stored/hello.c b/bacula/src/stored/hello.c
index a93d7c489..9b5d4e31f 100644
--- a/bacula/src/stored/hello.c
+++ b/bacula/src/stored/hello.c
@@ -127,6 +127,11 @@ bool validate_dir_hello(JCR* jcr)
       Qmsg3(jcr, M_SECURITY, 0, _("Connection from unknown Director %s at %s:%s rejected.\n"
             "Please see " MANUAL_AUTH_URL " for help.\n"),
             dirname, dir->who(), dir->host());
+
+      events_send_msg(jcr, "SS0001", EVENTS_TYPE_SECURITY,
+                      dir->host(), (intptr_t)jcr,
+                      "Authentication failed from %s",
+                      dir->host());
       free_pool_memory(dirname);
       sleep(5);
       return false;