mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
auth_log: Prepared to allow logging JSON events to a server over the message bus
Signed-off-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
This commit is contained in:
parent
c008687ffb
commit
a70cde046a
@ -51,6 +51,11 @@
|
|||||||
#include "lib/util/util_str_escape.h"
|
#include "lib/util/util_str_escape.h"
|
||||||
#include "libcli/security/dom_sid.h"
|
#include "libcli/security/dom_sid.h"
|
||||||
#include "libcli/security/security_token.h"
|
#include "libcli/security/security_token.h"
|
||||||
|
#include "librpc/gen_ndr/server_id.h"
|
||||||
|
#include "source4/lib/messaging/messaging.h"
|
||||||
|
#include "source4/lib/messaging/irpc.h"
|
||||||
|
#include "lib/util/server_id_db.h"
|
||||||
|
#include "lib/param/param.h"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Get a human readable timestamp.
|
* Get a human readable timestamp.
|
||||||
@ -116,6 +121,81 @@ struct json_context {
|
|||||||
bool error;
|
bool error;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
static NTSTATUS get_auth_event_server(struct imessaging_context *msg_ctx,
|
||||||
|
struct server_id *auth_event_server)
|
||||||
|
{
|
||||||
|
NTSTATUS status;
|
||||||
|
TALLOC_CTX *frame = talloc_stackframe();
|
||||||
|
unsigned num_servers, i;
|
||||||
|
struct server_id *servers;
|
||||||
|
|
||||||
|
status = irpc_servers_byname(msg_ctx, frame,
|
||||||
|
AUTH_EVENT_NAME,
|
||||||
|
&num_servers, &servers);
|
||||||
|
|
||||||
|
if (!NT_STATUS_IS_OK(status)) {
|
||||||
|
DBG_NOTICE("Failed to find 'auth_event' registered on the "
|
||||||
|
"message bus to send JSON authentication events to: %s\n",
|
||||||
|
nt_errstr(status));
|
||||||
|
TALLOC_FREE(frame);
|
||||||
|
return status;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Select the first server that is listening, because
|
||||||
|
* we get connection refused as
|
||||||
|
* NT_STATUS_OBJECT_NAME_NOT_FOUND without waiting
|
||||||
|
*/
|
||||||
|
for (i = 0; i < num_servers; i++) {
|
||||||
|
status = imessaging_send(msg_ctx, servers[i], MSG_PING,
|
||||||
|
&data_blob_null);
|
||||||
|
if (NT_STATUS_IS_OK(status)) {
|
||||||
|
*auth_event_server = servers[i];
|
||||||
|
TALLOC_FREE(frame);
|
||||||
|
return NT_STATUS_OK;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
DBG_NOTICE("Failed to find a running 'auth_event' server "
|
||||||
|
"registered on the message bus to send JSON "
|
||||||
|
"authentication events to\n");
|
||||||
|
TALLOC_FREE(frame);
|
||||||
|
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void auth_message_send(struct imessaging_context *msg_ctx,
|
||||||
|
const char *json)
|
||||||
|
{
|
||||||
|
struct server_id auth_event_server;
|
||||||
|
NTSTATUS status;
|
||||||
|
DATA_BLOB json_blob = data_blob_string_const(json);
|
||||||
|
if (msg_ctx == NULL) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Need to refetch the address each time as the destination server may
|
||||||
|
* have disconnected and reconnected in the interim, in which case
|
||||||
|
* messages may get lost, manifests in the auth_log tests
|
||||||
|
*/
|
||||||
|
status = get_auth_event_server(msg_ctx, &auth_event_server);
|
||||||
|
if (!NT_STATUS_IS_OK(status)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
status = imessaging_send(msg_ctx, auth_event_server, MSG_AUTH_LOG,
|
||||||
|
&json_blob);
|
||||||
|
|
||||||
|
/* If the server crashed, try to find it again */
|
||||||
|
if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
|
||||||
|
status = get_auth_event_server(msg_ctx, &auth_event_server);
|
||||||
|
if (!NT_STATUS_IS_OK(status)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
imessaging_send(msg_ctx, auth_event_server, MSG_AUTH_LOG,
|
||||||
|
&json_blob);
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Write the json object to the debug lines.
|
* Write the json object to the debug lines.
|
||||||
*
|
*
|
||||||
|
@ -2,9 +2,9 @@
|
|||||||
|
|
||||||
bld.SAMBA_LIBRARY('common_auth',
|
bld.SAMBA_LIBRARY('common_auth',
|
||||||
source='auth_sam_reply.c wbc_auth_util.c auth_log.c',
|
source='auth_sam_reply.c wbc_auth_util.c auth_log.c',
|
||||||
deps='talloc samba-security samba-util util_str_escape LIBTSOCKET jansson MESSAGING_SEND server_id_db',
|
deps='talloc samba-security samba-util util_str_escape LIBTSOCKET jansson MESSAGING_SEND server_id_db ',
|
||||||
private_library=True
|
private_library=True,
|
||||||
)
|
allow_warnings=True)
|
||||||
|
|
||||||
bld.RECURSE('gensec')
|
bld.RECURSE('gensec')
|
||||||
bld.RECURSE('ntlmssp')
|
bld.RECURSE('ntlmssp')
|
||||||
|
Loading…
Reference in New Issue
Block a user