diff options
Diffstat (limited to 'contrib/openbsm/bin/auditdistd/auditdistd.h')
-rw-r--r-- | contrib/openbsm/bin/auditdistd/auditdistd.h | 276 |
1 files changed, 276 insertions, 0 deletions
diff --git a/contrib/openbsm/bin/auditdistd/auditdistd.h b/contrib/openbsm/bin/auditdistd/auditdistd.h new file mode 100644 index 0000000..9ac2850 --- /dev/null +++ b/contrib/openbsm/bin/auditdistd/auditdistd.h @@ -0,0 +1,276 @@ +/*- + * Copyright (c) 2012 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#2 $ + */ + +#ifndef _AUDITDISTD_H_ +#define _AUDITDISTD_H_ + +#include <sys/param.h> +#include <sys/queue.h> +#include <sys/socket.h> + +#include <arpa/inet.h> + +#include <netinet/in.h> + +#include <dirent.h> +#include <limits.h> +#include <pthread.h> +#include <stdbool.h> +#include <stdint.h> + +#include <compat/compat.h> + +#include "proto.h" + +/* + * Version history: + * 0 - initial version + */ +#define ADIST_VERSION 0 + +#define ADIST_ROLE_UNDEF 0 +#define ADIST_ROLE_SENDER 1 +#define ADIST_ROLE_RECEIVER 2 + +#define ADIST_USER "auditdistd" +#define ADIST_TIMEOUT 20 +#define ADIST_CONFIG "/etc/security/auditdistd.conf" +#define ADIST_TCP_PORT "7878" +#define ADIST_LISTEN_TLS_TCP4 "tls://0.0.0.0:" ADIST_TCP_PORT +#define ADIST_LISTEN_TLS_TCP6 "tls://[::]:" ADIST_TCP_PORT +#define ADIST_PIDFILE "/var/run/auditdistd.pid" +#define ADIST_DIRECTORY_SENDER "/var/audit/dist" +#define ADIST_DIRECTORY_RECEIVER "/var/audit/remote" +#define ADIST_CERTFILE "/etc/security/auditdistd.cert.pem" +#define ADIST_KEYFILE "/etc/security/auditdistd.key.pem" + +#define ADIST_ERROR_WRONG_ORDER 1 +#define ADIST_ERROR_INVALID_NAME 2 +#define ADIST_ERROR_OPEN_OLD 3 +#define ADIST_ERROR_CREATE 4 +#define ADIST_ERROR_OPEN 5 +#define ADIST_ERROR_READ 6 +#define ADIST_ERROR_WRITE 7 +#define ADIST_ERROR_RENAME 8 + +#define ADIST_ADDRSIZE 1024 +#define ADIST_HOSTSIZE 256 +#define ADIST_PATHSIZE 256 +#define ADIST_PASSWORDSIZE 128 +#define ADIST_FINGERPRINTSIZE 256 + +/* Number of seconds to sleep between reconnect retries or keepalive packets. */ +#define ADIST_KEEPALIVE 10 + +struct adist_listen { + /* Address to listen on. */ + char adl_addr[ADIST_ADDRSIZE]; + /* Protocol-specific data. */ + struct proto_conn *adl_conn; + TAILQ_ENTRY(adist_listen) adl_next; +}; + +struct adist_config { + /* Our name. */ + char adc_name[ADIST_HOSTSIZE]; + /* PID file path. */ + char adc_pidfile[PATH_MAX]; + /* Connection timeout. */ + int adc_timeout; + /* Path to receiver's certificate file. */ + char adc_certfile[PATH_MAX]; + /* Path to receiver's private key file. */ + char adc_keyfile[PATH_MAX]; + /* List of addresses to listen on. */ + TAILQ_HEAD(, adist_listen) adc_listen; + /* List of hosts. */ + TAILQ_HEAD(, adist_host) adc_hosts; +}; + +#define ADIST_COMPRESSION_NONE 0 +#define ADIST_COMPRESSION_LZF 1 + +#define ADIST_CHECKSUM_NONE 0 +#define ADIST_CHECKSUM_CRC32 1 +#define ADIST_CHECKSUM_SHA256 2 + +/* + * Structure that describes single host (either sender or receiver). + */ +struct adist_host { + /* Host name. */ + char adh_name[ADIST_HOSTSIZE]; + /* Host role: ADIST_ROLE_{SENDER,RECEIVER}. */ + int adh_role; + /* Protocol version negotiated. */ + int adh_version; + + /* Local address to bind to. */ + char adh_localaddr[ADIST_ADDRSIZE]; + /* Address of the remote component. */ + char adh_remoteaddr[ADIST_ADDRSIZE]; + /* Connection with remote host. */ + struct proto_conn *adh_remote; + /* Connection was reestablished, reset the state. */ + bool adh_reset; + + /* + * Directory from which audit trail files should be send in + * ADIST_ROLE_SENDER case or stored into in ADIST_ROLE_RECEIVER case. + */ + char adh_directory[PATH_MAX]; + /* Compression algorithm. Currently unused. */ + int adh_compression; + /* Checksum algorithm. Currently unused. */ + int adh_checksum; + + /* Sender's password. */ + char adh_password[ADIST_PASSWORDSIZE]; + /* Fingerprint of receiver's public key. */ + char adh_fingerprint[ADIST_FINGERPRINTSIZE]; + + /* PID of child worker process. 0 - no child. */ + pid_t adh_worker_pid; + /* Connection requests from sender to main. */ + struct proto_conn *adh_conn; + + /* Receiver-specific fields. */ + char adh_trail_name[ADIST_PATHSIZE]; + int adh_trail_fd; + int adh_trail_dirfd; + DIR *adh_trail_dirfp; + /* Sender-specific fields. */ + uint64_t adh_trail_offset; + + /* Next resource. */ + TAILQ_ENTRY(adist_host) adh_next; +}; + +#define ADIST_BYTEORDER_UNDEFINED 0 +#define ADIST_BYTEORDER_LITTLE_ENDIAN 1 +#define ADIST_BYTEORDER_BIG_ENDIAN 2 + +#if _BYTE_ORDER == _LITTLE_ENDIAN +#define ADIST_BYTEORDER ADIST_BYTEORDER_LITTLE_ENDIAN +#elif _BYTE_ORDER == _BIG_ENDIAN +#define ADIST_BYTEORDER ADIST_BYTEORDER_BIG_ENDIAN +#else +#error Unknown byte order. +#endif + +struct adpkt { + uint8_t adp_byteorder; +#define ADIST_CMD_UNDEFINED 0 +#define ADIST_CMD_OPEN 1 +#define ADIST_CMD_APPEND 2 +#define ADIST_CMD_CLOSE 3 +#define ADIST_CMD_KEEPALIVE 4 +#define ADIST_CMD_ERROR 5 + uint8_t adp_cmd; + uint64_t adp_seq; + uint32_t adp_datasize; + unsigned char adp_data[0]; +} __packed; + +struct adreq { + int adr_error; + TAILQ_ENTRY(adreq) adr_next; + struct adpkt adr_packet; +}; + +#define adr_byteorder adr_packet.adp_byteorder +#define adr_cmd adr_packet.adp_cmd +#define adr_seq adr_packet.adp_seq +#define adr_datasize adr_packet.adp_datasize +#define adr_data adr_packet.adp_data + +#define ADPKT_SIZE(adreq) (sizeof((adreq)->adr_packet) + (adreq)->adr_datasize) + +struct adrep { + uint8_t adrp_byteorder; + uint64_t adrp_seq; + uint16_t adrp_error; +} __packed; + +#define ADIST_QUEUE_SIZE 16 +#define ADIST_BUF_SIZE 65536 + +#define QUEUE_TAKE(adreq, list, timeout) do { \ + mtx_lock(list##_lock); \ + if ((timeout) == 0) { \ + while (((adreq) = TAILQ_FIRST(list)) == NULL) \ + cv_wait(list##_cond, list##_lock); \ + } else { \ + (adreq) = TAILQ_FIRST(list); \ + if ((adreq) == NULL) { \ + cv_timedwait(list##_cond, list##_lock, \ + (timeout)); \ + (adreq) = TAILQ_FIRST(list); \ + } \ + } \ + if ((adreq) != NULL) \ + TAILQ_REMOVE((list), (adreq), adr_next); \ + mtx_unlock(list##_lock); \ +} while (0) +#define QUEUE_INSERT(adreq, list) do { \ + bool _wakeup; \ + \ + mtx_lock(list##_lock); \ + _wakeup = TAILQ_EMPTY(list); \ + TAILQ_INSERT_TAIL((list), (adreq), adr_next); \ + mtx_unlock(list##_lock); \ + if (_wakeup) \ + cv_signal(list##_cond); \ +} while (0) +#define QUEUE_WAIT(list) do { \ + mtx_lock(list##_lock); \ + while (TAILQ_EMPTY(list)) \ + cv_wait(list##_cond, list##_lock); \ + mtx_unlock(list##_lock); \ +} while (0) + +extern const char *cfgpath; +extern bool sigexit_received; +extern struct pidfh *pfh; + +void descriptors_cleanup(struct adist_host *adhost); +void descriptors_assert(const struct adist_host *adhost, int pjdlogmode); + +void adist_sender(struct adist_config *config, struct adist_host *adhost); +void adist_receiver(struct adist_config *config, struct adist_host *adhost); + +struct adist_config *yy_config_parse(const char *config, bool exitonerror); +void yy_config_free(struct adist_config *config); + +void yyerror(const char *); +int yylex(void); + +#endif /* !_AUDITDISTD_H_ */ |