summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog3
-rw-r--r--LICENCE1
-rw-r--r--Makefile.in5
-rw-r--r--audit-bsm.c6
-rw-r--r--audit-linux.c126
-rw-r--r--audit.c10
-rw-r--r--audit.h9
-rw-r--r--configure.ac16
-rw-r--r--defines.h7
-rw-r--r--loginrec.c4
10 files changed, 167 insertions, 20 deletions
diff --git a/ChangeLog b/ChangeLog
index 6230fdc26..f393ca491 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -22,6 +22,9 @@
22 - (tim) [regress/agent-getpeereid.sh] shell portability fix. 22 - (tim) [regress/agent-getpeereid.sh] shell portability fix.
23 - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror on 23 - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror on
24 the tinderbox. 24 the tinderbox.
25 - (dtucker) [LICENCE Makefile.in audit-bsm.c audit-linux.c audit.c audit.h
26 configure.ac defines.h loginrec.c] Bug #1402: add linux audit subsystem
27 support, based on patches from Tomas Mraz and jchadima at redhat.
25 28
2620110116 2920110116
27 - (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-based 30 - (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-based
diff --git a/LICENCE b/LICENCE
index 3964b1d77..120d6fd54 100644
--- a/LICENCE
+++ b/LICENCE
@@ -206,6 +206,7 @@ OpenSSH contains no GPL code.
206 Sun Microsystems 206 Sun Microsystems
207 The SCO Group 207 The SCO Group
208 Daniel Walsh 208 Daniel Walsh
209 Red Hat, Inc
209 210
210 * Redistribution and use in source and binary forms, with or without 211 * Redistribution and use in source and binary forms, with or without
211 * modification, are permitted provided that the following conditions 212 * modification, are permitted provided that the following conditions
diff --git a/Makefile.in b/Makefile.in
index c4011daf7..77a78aa61 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
1# $Id: Makefile.in,v 1.319 2011/01/16 07:28:10 dtucker Exp $ 1# $Id: Makefile.in,v 1.320 2011/01/17 10:15:29 dtucker Exp $
2 2
3# uncomment if you run a non bourne compatable shell. Ie. csh 3# uncomment if you run a non bourne compatable shell. Ie. csh
4#SHELL = @SH@ 4#SHELL = @SH@
@@ -82,6 +82,7 @@ SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
82 roaming_common.o roaming_client.o 82 roaming_common.o roaming_client.o
83 83
84SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ 84SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
85 audit.o audit-bsm.o audit-linux.o platform.o \
85 sshpty.o sshlogin.o servconf.o serverloop.o \ 86 sshpty.o sshlogin.o servconf.o serverloop.o \
86 auth.o auth1.o auth2.o auth-options.o session.o \ 87 auth.o auth1.o auth2.o auth-options.o session.o \
87 auth-chall.o auth2-chall.o groupaccess.o \ 88 auth-chall.o auth2-chall.o groupaccess.o \
@@ -91,7 +92,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
91 auth-krb5.o \ 92 auth-krb5.o \
92 auth2-gss.o gss-serv.o gss-serv-krb5.o \ 93 auth2-gss.o gss-serv.o gss-serv-krb5.o \
93 loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ 94 loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
94 audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o \ 95 sftp-server.o sftp-common.o \
95 roaming_common.o roaming_serv.o 96 roaming_common.o roaming_serv.o
96 97
97MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out 98MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out
diff --git a/audit-bsm.c b/audit-bsm.c
index 2c417bc27..f196d4f1e 100644
--- a/audit-bsm.c
+++ b/audit-bsm.c
@@ -1,4 +1,4 @@
1/* $Id: audit-bsm.c,v 1.6 2008/02/25 10:05:04 dtucker Exp $ */ 1/* $Id: audit-bsm.c,v 1.7 2011/01/17 10:15:29 dtucker Exp $ */
2 2
3/* 3/*
4 * TODO 4 * TODO
@@ -305,13 +305,13 @@ audit_run_command(const char *command)
305} 305}
306 306
307void 307void
308audit_session_open(const char *ttyn) 308audit_session_open(struct logininfo *li)
309{ 309{
310 /* not implemented */ 310 /* not implemented */
311} 311}
312 312
313void 313void
314audit_session_close(const char *ttyn) 314audit_session_close(struct logininfo *li)
315{ 315{
316 /* not implemented */ 316 /* not implemented */
317} 317}
diff --git a/audit-linux.c b/audit-linux.c
new file mode 100644
index 000000000..b3ee2f4da
--- /dev/null
+++ b/audit-linux.c
@@ -0,0 +1,126 @@
1/* $Id: audit-linux.c,v 1.1 2011/01/17 10:15:30 dtucker Exp $ */
2
3/*
4 * Copyright 2010 Red Hat, Inc. All rights reserved.
5 * Use is subject to license terms.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 *
27 * Red Hat author: Jan F. Chadima <jchadima@redhat.com>
28 */
29
30#include "includes.h"
31#if defined(USE_LINUX_AUDIT)
32#include <libaudit.h>
33#include <unistd.h>
34#include <string.h>
35
36#include "log.h"
37#include "audit.h"
38#include "canohost.h"
39
40const char* audit_username(void);
41
42int
43linux_audit_record_event(int uid, const char *username,
44 const char *hostname, const char *ip, const char *ttyn, int success)
45{
46 int audit_fd, rc, saved_errno;
47
48 audit_fd = audit_open();
49 if (audit_fd < 0) {
50 if (errno == EINVAL || errno == EPROTONOSUPPORT ||
51 errno == EAFNOSUPPORT)
52 return 1; /* No audit support in kernel */
53 else
54 return 0; /* Must prevent login */
55 }
56 rc = audit_log_acct_message(audit_fd, AUDIT_USER_LOGIN,
57 NULL, "login", username ? username : "(unknown)",
58 username == NULL ? uid : -1, hostname, ip, ttyn, success);
59 saved_errno = errno;
60 close(audit_fd);
61 /*
62 * Do not report error if the error is EPERM and sshd is run as non
63 * root user.
64 */
65 if ((rc == -EPERM) && (geteuid() != 0))
66 rc = 0;
67 errno = saved_errno;
68 return (rc >= 0);
69}
70
71/* Below is the sshd audit API code */
72
73void
74audit_connection_from(const char *host, int port)
75{
76}
77 /* not implemented */
78
79void
80audit_run_command(const char *command)
81{
82 /* not implemented */
83}
84
85void
86audit_session_open(struct logininfo *li)
87{
88 if (linux_audit_record_event(li->uid, NULL, li->hostname,
89 NULL, li->line, 1) == 0)
90 fatal("linux_audit_write_entry failed: %s", strerror(errno));
91}
92
93void
94audit_session_close(struct logininfo *li)
95{
96 /* not implemented */
97}
98
99void
100audit_event(ssh_audit_event_t event)
101{
102 switch(event) {
103 case SSH_AUTH_SUCCESS:
104 case SSH_CONNECTION_CLOSE:
105 case SSH_NOLOGIN:
106 case SSH_LOGIN_EXCEED_MAXTRIES:
107 case SSH_LOGIN_ROOT_DENIED:
108 break;
109
110 case SSH_AUTH_FAIL_NONE:
111 case SSH_AUTH_FAIL_PASSWD:
112 case SSH_AUTH_FAIL_KBDINT:
113 case SSH_AUTH_FAIL_PUBKEY:
114 case SSH_AUTH_FAIL_HOSTBASED:
115 case SSH_AUTH_FAIL_GSSAPI:
116 case SSH_INVALID_USER:
117 linux_audit_record_event(-1, audit_username(), NULL,
118 get_remote_ipaddr(), "sshd", 0);
119 break;
120
121 default:
122 debug("%s: unhandled event %d", __func__, event);
123 }
124}
125
126#endif /* USE_LINUX_AUDIT */
diff --git a/audit.c b/audit.c
index dbea34cb2..ced57fa64 100644
--- a/audit.c
+++ b/audit.c
@@ -1,4 +1,4 @@
1/* $Id: audit.c,v 1.5 2006/09/01 05:38:36 djm Exp $ */ 1/* $Id: audit.c,v 1.6 2011/01/17 10:15:30 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved. 4 * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved.
@@ -147,9 +147,9 @@ audit_event(ssh_audit_event_t event)
147 * within a single connection. 147 * within a single connection.
148 */ 148 */
149void 149void
150audit_session_open(const char *ttyn) 150audit_session_open(struct logininfo *li)
151{ 151{
152 const char *t = ttyn ? ttyn : "(no tty)"; 152 const char *t = li->line ? li->line : "(no tty)";
153 153
154 debug("audit session open euid %d user %s tty name %s", geteuid(), 154 debug("audit session open euid %d user %s tty name %s", geteuid(),
155 audit_username(), t); 155 audit_username(), t);
@@ -163,9 +163,9 @@ audit_session_open(const char *ttyn)
163 * within a single connection. 163 * within a single connection.
164 */ 164 */
165void 165void
166audit_session_close(const char *ttyn) 166audit_session_close(struct logininfo *li)
167{ 167{
168 const char *t = ttyn ? ttyn : "(no tty)"; 168 const char *t = li->line ? li->line : "(no tty)";
169 169
170 debug("audit session close euid %d user %s tty name %s", geteuid(), 170 debug("audit session close euid %d user %s tty name %s", geteuid(),
171 audit_username(), t); 171 audit_username(), t);
diff --git a/audit.h b/audit.h
index 695f72354..92ede5bc4 100644
--- a/audit.h
+++ b/audit.h
@@ -1,4 +1,4 @@
1/* $Id: audit.h,v 1.3 2006/08/05 14:05:10 dtucker Exp $ */ 1/* $Id: audit.h,v 1.4 2011/01/17 10:15:30 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved. 4 * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved.
@@ -26,6 +26,9 @@
26 26
27#ifndef _SSH_AUDIT_H 27#ifndef _SSH_AUDIT_H
28# define _SSH_AUDIT_H 28# define _SSH_AUDIT_H
29
30#include "loginrec.h"
31
29enum ssh_audit_event_type { 32enum ssh_audit_event_type {
30 SSH_LOGIN_EXCEED_MAXTRIES, 33 SSH_LOGIN_EXCEED_MAXTRIES,
31 SSH_LOGIN_ROOT_DENIED, 34 SSH_LOGIN_ROOT_DENIED,
@@ -46,8 +49,8 @@ typedef enum ssh_audit_event_type ssh_audit_event_t;
46 49
47void audit_connection_from(const char *, int); 50void audit_connection_from(const char *, int);
48void audit_event(ssh_audit_event_t); 51void audit_event(ssh_audit_event_t);
49void audit_session_open(const char *); 52void audit_session_open(struct logininfo *);
50void audit_session_close(const char *); 53void audit_session_close(struct logininfo *);
51void audit_run_command(const char *); 54void audit_run_command(const char *);
52ssh_audit_event_t audit_classify_auth(const char *); 55ssh_audit_event_t audit_classify_auth(const char *);
53 56
diff --git a/configure.ac b/configure.ac
index 02e8423c0..233d3cfa1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
1# $Id: configure.ac,v 1.466 2011/01/17 05:17:09 djm Exp $ 1# $Id: configure.ac,v 1.467 2011/01/17 10:15:30 dtucker Exp $
2# 2#
3# Copyright (c) 1999-2004 Damien Miller 3# Copyright (c) 1999-2004 Damien Miller
4# 4#
@@ -15,7 +15,7 @@
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 16
17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
18AC_REVISION($Revision: 1.466 $) 18AC_REVISION($Revision: 1.467 $)
19AC_CONFIG_SRCDIR([ssh.c]) 19AC_CONFIG_SRCDIR([ssh.c])
20 20
21# local macros 21# local macros
@@ -1378,7 +1378,7 @@ int main(void)
1378 1378
1379AUDIT_MODULE=none 1379AUDIT_MODULE=none
1380AC_ARG_WITH(audit, 1380AC_ARG_WITH(audit,
1381 [ --with-audit=module Enable EXPERIMENTAL audit support (modules=debug,bsm)], 1381 [ --with-audit=module Enable audit support (modules=debug,bsm,linux)],
1382 [ 1382 [
1383 AC_MSG_CHECKING(for supported audit module) 1383 AC_MSG_CHECKING(for supported audit module)
1384 case "$withval" in 1384 case "$withval" in
@@ -1402,10 +1402,18 @@ AC_ARG_WITH(audit,
1402 AC_CHECK_FUNCS(getaudit_addr aug_get_machine) 1402 AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
1403 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module]) 1403 AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
1404 ;; 1404 ;;
1405 linux)
1406 AC_MSG_RESULT(linux)
1407 AUDIT_MODULE=linux
1408 dnl Checks for headers, libs and functions
1409 AC_CHECK_HEADERS(libaudit.h)
1410 SSHDLIBS="$SSHDLIBS -laudit"
1411 AC_DEFINE(USE_LINUX_AUDIT, 1, [Use Linux audit module])
1412 ;;
1405 debug) 1413 debug)
1406 AUDIT_MODULE=debug 1414 AUDIT_MODULE=debug
1407 AC_MSG_RESULT(debug) 1415 AC_MSG_RESULT(debug)
1408 AC_DEFINE(SSH_AUDIT_EVENTS, 1, Use audit debugging module) 1416 AC_DEFINE(SSH_AUDIT_EVENTS, 1, [Use audit debugging module])
1409 ;; 1417 ;;
1410 no) 1418 no)
1411 AC_MSG_RESULT(no) 1419 AC_MSG_RESULT(no)
diff --git a/defines.h b/defines.h
index ed438bd88..cd273066d 100644
--- a/defines.h
+++ b/defines.h
@@ -25,7 +25,7 @@
25#ifndef _DEFINES_H 25#ifndef _DEFINES_H
26#define _DEFINES_H 26#define _DEFINES_H
27 27
28/* $Id: defines.h,v 1.163 2010/11/23 23:50:05 djm Exp $ */ 28/* $Id: defines.h,v 1.164 2011/01/17 10:15:31 dtucker Exp $ */
29 29
30 30
31/* Constants */ 31/* Constants */
@@ -607,6 +607,11 @@ struct winsize {
607# define CUSTOM_SSH_AUDIT_EVENTS 607# define CUSTOM_SSH_AUDIT_EVENTS
608#endif 608#endif
609 609
610#ifdef USE_LINUX_AUDIT
611# define SSH_AUDIT_EVENTS
612# define CUSTOM_SSH_AUDIT_EVENTS
613#endif
614
610#if !defined(HAVE___func__) && defined(HAVE___FUNCTION__) 615#if !defined(HAVE___func__) && defined(HAVE___FUNCTION__)
611# define __func__ __FUNCTION__ 616# define __func__ __FUNCTION__
612#elif !defined(HAVE___func__) 617#elif !defined(HAVE___func__)
diff --git a/loginrec.c b/loginrec.c
index 587d55f7d..32941c985 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -469,9 +469,9 @@ login_write(struct logininfo *li)
469#endif 469#endif
470#ifdef SSH_AUDIT_EVENTS 470#ifdef SSH_AUDIT_EVENTS
471 if (li->type == LTYPE_LOGIN) 471 if (li->type == LTYPE_LOGIN)
472 audit_session_open(li->line); 472 audit_session_open(li);
473 else if (li->type == LTYPE_LOGOUT) 473 else if (li->type == LTYPE_LOGOUT)
474 audit_session_close(li->line); 474 audit_session_close(li);
475#endif 475#endif
476 return (0); 476 return (0);
477} 477}