mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
vfs_smb_traffic_analyzer.c: added function
static char *smb_traffic_analyzer_anonymize This takes a lot of code out of the main functions, and makes it a bit simpler. Do the anonymization in a function. Since we already anonymized the username we don't need to do this a second time in the v2 marshalling function.
This commit is contained in:
parent
c1fb55caa5
commit
002193d34b
@ -228,6 +228,47 @@ static void smb_traffic_analyzer_write_data( char *header, char *data,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Anonymize a string if required.
|
||||||
|
* TALLOC_CTX *ctx The talloc context to work on
|
||||||
|
* const char *str The string to anonymize
|
||||||
|
* vfs_handle_struct *handle The handle struct to work on
|
||||||
|
*
|
||||||
|
* Returns a newly allocated string, either the anonymized one,
|
||||||
|
* or a copy of const char *str. The caller has to take care for
|
||||||
|
* freeing the allocated memory.
|
||||||
|
*/
|
||||||
|
static char *smb_traffic_analyzer_anonymize( TALLOC_CTX *ctx,
|
||||||
|
const char *str,
|
||||||
|
vfs_handle_struct *handle )
|
||||||
|
{
|
||||||
|
const char *total_anonymization;
|
||||||
|
const char *anon_prefix;
|
||||||
|
char *output;
|
||||||
|
total_anonymization=lp_parm_const_string(SNUM(handle->conn),
|
||||||
|
"smb_traffic_analyzer",
|
||||||
|
"total_anonymization", NULL);
|
||||||
|
|
||||||
|
anon_prefix=lp_parm_const_string(SNUM(handle->conn),
|
||||||
|
"smb_traffic_analyzer",
|
||||||
|
"anonymize_prefix", NULL );
|
||||||
|
if (anon_prefix != NULL) {
|
||||||
|
if (total_anonymization != NULL) {
|
||||||
|
output = talloc_asprintf(ctx, "%s",
|
||||||
|
anon_prefix);
|
||||||
|
} else {
|
||||||
|
output = talloc_asprintf(ctx, "%s%i", anon_prefix,
|
||||||
|
str_checksum(str));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
output = talloc_asprintf(ctx, "%s", str);
|
||||||
|
}
|
||||||
|
|
||||||
|
return output;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* The marshaller for the protocol version 2. */
|
/* The marshaller for the protocol version 2. */
|
||||||
static char *smb_traffic_analyzer_create_string( TALLOC_CTX *ctx,
|
static char *smb_traffic_analyzer_create_string( TALLOC_CTX *ctx,
|
||||||
struct tm *tm, int seconds, vfs_handle_struct *handle, \
|
struct tm *tm, int seconds, vfs_handle_struct *handle, \
|
||||||
@ -242,10 +283,7 @@ static char *smb_traffic_analyzer_create_string( TALLOC_CTX *ctx,
|
|||||||
char *timestr = NULL;
|
char *timestr = NULL;
|
||||||
char *opstr = NULL;
|
char *opstr = NULL;
|
||||||
char *sidstr = NULL;
|
char *sidstr = NULL;
|
||||||
char *userstr = NULL;
|
|
||||||
char *usersid = NULL;
|
char *usersid = NULL;
|
||||||
const char *total_anonymization = NULL;
|
|
||||||
const char *anon_prefix = NULL;
|
|
||||||
/*
|
/*
|
||||||
* first create the data that is transfered with any VFS op
|
* first create the data that is transfered with any VFS op
|
||||||
* These are, in the following order:
|
* These are, in the following order:
|
||||||
@ -270,44 +308,20 @@ static char *smb_traffic_analyzer_create_string( TALLOC_CTX *ctx,
|
|||||||
talloc_free(opstr);
|
talloc_free(opstr);
|
||||||
/*
|
/*
|
||||||
* Handle anonymization. In protocol v2, we have to anonymize
|
* Handle anonymization. In protocol v2, we have to anonymize
|
||||||
* both the SID and the username.
|
* both the SID and the username. The name is already
|
||||||
|
* anonymized if needed, by the calling function.
|
||||||
*/
|
*/
|
||||||
total_anonymization=lp_parm_const_string(SNUM(handle->conn),
|
|
||||||
"smb_traffic_analyzer",
|
|
||||||
"total_anonymization", NULL);
|
|
||||||
|
|
||||||
anon_prefix=lp_parm_const_string(SNUM(handle->conn),
|
|
||||||
"smb_traffic_analyzer",
|
|
||||||
"anonymize_prefix", NULL );
|
|
||||||
usersid = dom_sid_string( ctx,
|
usersid = dom_sid_string( ctx,
|
||||||
&handle->conn->server_info->ptok->user_sids[0]);
|
&handle->conn->server_info->ptok->user_sids[0]);
|
||||||
if (anon_prefix != NULL) {
|
sidstr = smb_traffic_analyzer_anonymize(ctx, usersid, handle);
|
||||||
if (total_anonymization != NULL) {
|
talloc_free(usersid);
|
||||||
userstr = talloc_asprintf(ctx, "%s",
|
|
||||||
anon_prefix);
|
|
||||||
sidstr = talloc_asprintf(ctx, "%s",
|
|
||||||
anon_prefix);
|
|
||||||
} else {
|
|
||||||
userstr = talloc_asprintf(ctx, "%s%i",
|
|
||||||
anon_prefix,
|
|
||||||
str_checksum(username));
|
|
||||||
sidstr = talloc_asprintf(ctx, "%s%i",
|
|
||||||
anon_prefix,
|
|
||||||
str_checksum(usersid));
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
userstr = username;
|
|
||||||
sidstr = usersid;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* username */
|
/* username */
|
||||||
len = strlen( userstr );
|
len = strlen( username );
|
||||||
buf = talloc_asprintf_append(buf, "%04u%s", len, userstr);
|
buf = talloc_asprintf_append(buf, "%04u%s", len, username);
|
||||||
if (anon_prefix != NULL) talloc_free(userstr);
|
|
||||||
/* user SID */
|
/* user SID */
|
||||||
len = strlen( sidstr );
|
len = strlen( sidstr );
|
||||||
buf = talloc_asprintf_append(buf, "%04u%s", len, sidstr);
|
buf = talloc_asprintf_append(buf, "%04u%s", len, sidstr);
|
||||||
if (anon_prefix != NULL) talloc_free(sidstr);
|
talloc_free(sidstr);
|
||||||
/* affected share */
|
/* affected share */
|
||||||
len = strlen( handle->conn->connectpath );
|
len = strlen( handle->conn->connectpath );
|
||||||
buf = talloc_asprintf_append( buf, "%04u%s", len, \
|
buf = talloc_asprintf_append( buf, "%04u%s", len, \
|
||||||
@ -358,8 +372,6 @@ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle,
|
|||||||
char *str = NULL;
|
char *str = NULL;
|
||||||
char *username = NULL;
|
char *username = NULL;
|
||||||
char *header = NULL;
|
char *header = NULL;
|
||||||
const char *anon_prefix = NULL;
|
|
||||||
const char *total_anonymization = NULL;
|
|
||||||
const char *protocol_version = NULL;
|
const char *protocol_version = NULL;
|
||||||
bool Write = false;
|
bool Write = false;
|
||||||
size_t len;
|
size_t len;
|
||||||
@ -389,40 +401,23 @@ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle,
|
|||||||
seconds=(float) (tv.tv_usec / 1000);
|
seconds=(float) (tv.tv_usec / 1000);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Check if anonymization is required, and if yes do this only if
|
* Check if anonymization is required, and if yes do this only for
|
||||||
* we run on protocol version 1. Anonynization for protocol v2 is
|
* the username here, needed vor protocol version 1. In v2 we
|
||||||
* handled in it's marshaller function.
|
* additionally anonymize the SID, which is done in it's marshalling
|
||||||
|
* function.
|
||||||
*/
|
*/
|
||||||
total_anonymization=lp_parm_const_string(SNUM(handle->conn),"smb_traffic_analyzer",
|
username = smb_traffic_analyzer_anonymize( talloc_tos(),
|
||||||
"total_anonymization", NULL);
|
handle->conn->server_info->sanitized_username,
|
||||||
|
handle);
|
||||||
|
|
||||||
anon_prefix=lp_parm_const_string(SNUM(handle->conn),"smb_traffic_analyzer",\
|
if (!username) {
|
||||||
"anonymize_prefix", NULL );
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
protocol_version = lp_parm_const_string(SNUM(handle->conn),
|
protocol_version = lp_parm_const_string(SNUM(handle->conn),
|
||||||
"smb_traffic_analyzer",
|
"smb_traffic_analyzer",
|
||||||
"protocol_version", NULL );
|
"protocol_version", NULL );
|
||||||
|
|
||||||
if (anon_prefix!=NULL && strcmp(protocol_version,"V2") != 0) {
|
|
||||||
if (total_anonymization!=NULL) {
|
|
||||||
username = talloc_asprintf(talloc_tos(),
|
|
||||||
"%s",
|
|
||||||
anon_prefix);
|
|
||||||
} else {
|
|
||||||
username = talloc_asprintf(talloc_tos(),
|
|
||||||
"%s%i",
|
|
||||||
anon_prefix,
|
|
||||||
str_checksum(
|
|
||||||
handle->conn->server_info->sanitized_username ) );
|
|
||||||
}
|
|
||||||
|
|
||||||
} else {
|
|
||||||
username = handle->conn->server_info->sanitized_username;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!username) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ( protocol_version == NULL || strcmp( protocol_version,"V1") == 0) {
|
if ( protocol_version == NULL || strcmp( protocol_version,"V1") == 0) {
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user