mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
auth_log: Prepared to allow logging JSON events to a server over the message bus
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
This commit is contained in:
parent
c008687ffb
commit
a70cde046a
@ -51,6 +51,11 @@
|
||||
#include "lib/util/util_str_escape.h"
|
||||
#include "libcli/security/dom_sid.h"
|
||||
#include "libcli/security/security_token.h"
|
||||
#include "librpc/gen_ndr/server_id.h"
|
||||
#include "source4/lib/messaging/messaging.h"
|
||||
#include "source4/lib/messaging/irpc.h"
|
||||
#include "lib/util/server_id_db.h"
|
||||
#include "lib/param/param.h"
|
||||
|
||||
/*
|
||||
* Get a human readable timestamp.
|
||||
@ -116,6 +121,81 @@ struct json_context {
|
||||
bool error;
|
||||
};
|
||||
|
||||
static NTSTATUS get_auth_event_server(struct imessaging_context *msg_ctx,
|
||||
struct server_id *auth_event_server)
|
||||
{
|
||||
NTSTATUS status;
|
||||
TALLOC_CTX *frame = talloc_stackframe();
|
||||
unsigned num_servers, i;
|
||||
struct server_id *servers;
|
||||
|
||||
status = irpc_servers_byname(msg_ctx, frame,
|
||||
AUTH_EVENT_NAME,
|
||||
&num_servers, &servers);
|
||||
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DBG_NOTICE("Failed to find 'auth_event' registered on the "
|
||||
"message bus to send JSON authentication events to: %s\n",
|
||||
nt_errstr(status));
|
||||
TALLOC_FREE(frame);
|
||||
return status;
|
||||
}
|
||||
|
||||
/*
|
||||
* Select the first server that is listening, because
|
||||
* we get connection refused as
|
||||
* NT_STATUS_OBJECT_NAME_NOT_FOUND without waiting
|
||||
*/
|
||||
for (i = 0; i < num_servers; i++) {
|
||||
status = imessaging_send(msg_ctx, servers[i], MSG_PING,
|
||||
&data_blob_null);
|
||||
if (NT_STATUS_IS_OK(status)) {
|
||||
*auth_event_server = servers[i];
|
||||
TALLOC_FREE(frame);
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
}
|
||||
DBG_NOTICE("Failed to find a running 'auth_event' server "
|
||||
"registered on the message bus to send JSON "
|
||||
"authentication events to\n");
|
||||
TALLOC_FREE(frame);
|
||||
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
|
||||
}
|
||||
|
||||
static void auth_message_send(struct imessaging_context *msg_ctx,
|
||||
const char *json)
|
||||
{
|
||||
struct server_id auth_event_server;
|
||||
NTSTATUS status;
|
||||
DATA_BLOB json_blob = data_blob_string_const(json);
|
||||
if (msg_ctx == NULL) {
|
||||
return;
|
||||
}
|
||||
|
||||
/* Need to refetch the address each time as the destination server may
|
||||
* have disconnected and reconnected in the interim, in which case
|
||||
* messages may get lost, manifests in the auth_log tests
|
||||
*/
|
||||
status = get_auth_event_server(msg_ctx, &auth_event_server);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return;
|
||||
}
|
||||
|
||||
status = imessaging_send(msg_ctx, auth_event_server, MSG_AUTH_LOG,
|
||||
&json_blob);
|
||||
|
||||
/* If the server crashed, try to find it again */
|
||||
if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
|
||||
status = get_auth_event_server(msg_ctx, &auth_event_server);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return;
|
||||
}
|
||||
imessaging_send(msg_ctx, auth_event_server, MSG_AUTH_LOG,
|
||||
&json_blob);
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Write the json object to the debug lines.
|
||||
*
|
||||
|
@ -2,9 +2,9 @@
|
||||
|
||||
bld.SAMBA_LIBRARY('common_auth',
|
||||
source='auth_sam_reply.c wbc_auth_util.c auth_log.c',
|
||||
deps='talloc samba-security samba-util util_str_escape LIBTSOCKET jansson MESSAGING_SEND server_id_db',
|
||||
private_library=True
|
||||
)
|
||||
deps='talloc samba-security samba-util util_str_escape LIBTSOCKET jansson MESSAGING_SEND server_id_db ',
|
||||
private_library=True,
|
||||
allow_warnings=True)
|
||||
|
||||
bld.RECURSE('gensec')
|
||||
bld.RECURSE('ntlmssp')
|
||||
|
Loading…
Reference in New Issue
Block a user