1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

auth_log: Prepared to allow logging JSON events to a server over the message bus

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
This commit is contained in:
Andrew Bartlett 2017-03-07 16:50:38 +13:00
parent c008687ffb
commit a70cde046a
2 changed files with 83 additions and 3 deletions

View File

@ -51,6 +51,11 @@
#include "lib/util/util_str_escape.h" #include "lib/util/util_str_escape.h"
#include "libcli/security/dom_sid.h" #include "libcli/security/dom_sid.h"
#include "libcli/security/security_token.h" #include "libcli/security/security_token.h"
#include "librpc/gen_ndr/server_id.h"
#include "source4/lib/messaging/messaging.h"
#include "source4/lib/messaging/irpc.h"
#include "lib/util/server_id_db.h"
#include "lib/param/param.h"
/* /*
* Get a human readable timestamp. * Get a human readable timestamp.
@ -116,6 +121,81 @@ struct json_context {
bool error; bool error;
}; };
static NTSTATUS get_auth_event_server(struct imessaging_context *msg_ctx,
struct server_id *auth_event_server)
{
NTSTATUS status;
TALLOC_CTX *frame = talloc_stackframe();
unsigned num_servers, i;
struct server_id *servers;
status = irpc_servers_byname(msg_ctx, frame,
AUTH_EVENT_NAME,
&num_servers, &servers);
if (!NT_STATUS_IS_OK(status)) {
DBG_NOTICE("Failed to find 'auth_event' registered on the "
"message bus to send JSON authentication events to: %s\n",
nt_errstr(status));
TALLOC_FREE(frame);
return status;
}
/*
* Select the first server that is listening, because
* we get connection refused as
* NT_STATUS_OBJECT_NAME_NOT_FOUND without waiting
*/
for (i = 0; i < num_servers; i++) {
status = imessaging_send(msg_ctx, servers[i], MSG_PING,
&data_blob_null);
if (NT_STATUS_IS_OK(status)) {
*auth_event_server = servers[i];
TALLOC_FREE(frame);
return NT_STATUS_OK;
}
}
DBG_NOTICE("Failed to find a running 'auth_event' server "
"registered on the message bus to send JSON "
"authentication events to\n");
TALLOC_FREE(frame);
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
static void auth_message_send(struct imessaging_context *msg_ctx,
const char *json)
{
struct server_id auth_event_server;
NTSTATUS status;
DATA_BLOB json_blob = data_blob_string_const(json);
if (msg_ctx == NULL) {
return;
}
/* Need to refetch the address each time as the destination server may
* have disconnected and reconnected in the interim, in which case
* messages may get lost, manifests in the auth_log tests
*/
status = get_auth_event_server(msg_ctx, &auth_event_server);
if (!NT_STATUS_IS_OK(status)) {
return;
}
status = imessaging_send(msg_ctx, auth_event_server, MSG_AUTH_LOG,
&json_blob);
/* If the server crashed, try to find it again */
if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
status = get_auth_event_server(msg_ctx, &auth_event_server);
if (!NT_STATUS_IS_OK(status)) {
return;
}
imessaging_send(msg_ctx, auth_event_server, MSG_AUTH_LOG,
&json_blob);
}
}
/* /*
* Write the json object to the debug lines. * Write the json object to the debug lines.
* *

View File

@ -2,9 +2,9 @@
bld.SAMBA_LIBRARY('common_auth', bld.SAMBA_LIBRARY('common_auth',
source='auth_sam_reply.c wbc_auth_util.c auth_log.c', source='auth_sam_reply.c wbc_auth_util.c auth_log.c',
deps='talloc samba-security samba-util util_str_escape LIBTSOCKET jansson MESSAGING_SEND server_id_db', deps='talloc samba-security samba-util util_str_escape LIBTSOCKET jansson MESSAGING_SEND server_id_db ',
private_library=True private_library=True,
) allow_warnings=True)
bld.RECURSE('gensec') bld.RECURSE('gensec')
bld.RECURSE('ntlmssp') bld.RECURSE('ntlmssp')