EAP_FUNC_EXPORT eap_status_e eap_session_core_c::send_eap_identity_request(
const eap_am_network_id_c * const receive_network_id)
{
EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
EAP_ASSERT(m_am_tools->get_global_mutex()->get_is_reserved() == true);
eap_status_e status = eap_status_process_general_error;
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
(EAPL("eap_session_core_c::send_eap_identity_request()\n")));
EAP_TRACE_RETURN_STRING(m_am_tools, "returns: eap_session_core_c::send_eap_identity_request()");
// Here we swap the addresses.
eap_am_network_id_c send_network_id(m_am_tools,
receive_network_id->get_destination_id(),
receive_network_id->get_source_id(),
receive_network_id->get_type());
if (send_network_id.get_is_valid_data() == false)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);
}
eap_network_id_selector_c selector(
m_am_tools,
&send_network_id);
if (selector.get_is_valid() == false)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);
}
EAP_TRACE_DATA_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
(EAPL("eap_session_core_c::send_eap_identity_request() EAP-session"),
selector.get_data(selector.get_data_length()),
selector.get_data_length()));
eap_core_c *session = m_session_map.get_handler(&selector);
if (session == 0)
{
// Create a new session.
session = create_new_session(receive_network_id);
}
if (session != 0)
{
status = session->send_eap_identity_request(receive_network_id);
(void)EAP_STATUS_RETURN(m_am_tools, status);
}
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, status);
}
EAP_FUNC_EXPORT eap_status_e eap_session_core_c::restart_authentication(
const eap_am_network_id_c * const receive_network_id,
const bool /* is_client_when_true */,
const bool force_clean_restart,
const bool /* from_timer */)
{
EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
EAP_ASSERT(m_am_tools->get_global_mutex()->get_is_reserved() == true);
eap_status_e status = eap_status_process_general_error;
// Here we swap the addresses.
eap_am_network_id_c send_network_id(m_am_tools,
receive_network_id->get_destination_id(),
receive_network_id->get_source_id(),
receive_network_id->get_type());
if (send_network_id.get_is_valid_data() == false)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);
}
eap_network_id_selector_c selector(
m_am_tools,
&send_network_id);
if (selector.get_is_valid() == false)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);
}
EAP_TRACE_DATA_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
(EAPL("eap_session_core_c::restart_authentication() EAP-session"),
selector.get_data(selector.get_data_length()),
selector.get_data_length()));
eap_core_c *session = m_session_map.get_handler(&selector);
if (session == 0)
{
// Create a new session.
session = create_new_session(receive_network_id);
}
if (session != 0)
{
status = m_partner->restart_authentication(
receive_network_id,
m_is_client,
force_clean_restart);
}
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, status);
}
int main(int argc, char *argv[])
{
int i, use_stdin = 0;
char *user = NULL, *file = NULL;
struct passwd *p;
auparse_state_t *au;
setlocale (LC_ALL, "");
for (i=1; i<argc; i++) {
if (argv[i][0] != '-') {
//take input and lookup as if it were a user name
//if that fails assume its a tty
if (user == NULL) {
p = getpwnam(argv[i]);
if (p) {
cuid = p->pw_uid;
user = argv[i];
continue;
}
}
if (cterm == NULL) {
cterm = argv[i];
} else {
usage();
return 1;
}
} else {
if (strcmp(argv[i], "-f") == 0) {
if (use_stdin == 0) {
i++;
file = argv[i];
} else {
fprintf(stderr,"stdin already given\n");
return 1;
}
} else if (strcmp(argv[i], "--bad") == 0) {
bad = 1;
} else if (strcmp(argv[i], "--proof") == 0) {
proof = 1;
} else if (strcmp(argv[i], "--extract") == 0) {
f = fopen("aulast.log", "wt");
} else if (strcmp(argv[i], "--stdin") == 0) {
if (file == NULL)
use_stdin = 1;
else {
fprintf(stderr, "file already given\n");
return 1;
}
} else if (strcmp(argv[i], "--debug") == 0) {
debug = 1;
} else {
usage();
return 1;
}
}
}
list_create(&l);
// Search for successful user logins
if (file)
au = auparse_init(AUSOURCE_FILE, file);
else if (use_stdin)
au = auparse_init(AUSOURCE_FILE_POINTER, stdin);
else {
if (getuid()) {
fprintf(stderr, "You probably need to be root for this to work\n");
}
au = auparse_init(AUSOURCE_LOGS, NULL);
}
if (au == NULL) {
fprintf(stderr, "Error - %s\n", strerror(errno));
goto error_exit_1;
}
// The theory: iterate though events
// 1) when LOGIN is found, create a new session node
// 2) if that session number exists, close out the old one
// 3) when USER_LOGIN is found, update session node
// 4) When USER_END is found update session node and close it out
// 5) When BOOT record found make new record and check for previous
// 6) If previous boot found, set status to crash and logout everyone
// 7) When SHUTDOWN found, close out reboot record
while (auparse_next_event(au) > 0) {
// We will take advantage of the fact that all events
// of interest are one record long
int type = auparse_get_type(au);
if (type < 0)
continue;
switch (type)
{
case AUDIT_LOGIN:
create_new_session(au);
extract_record(au);
break;
case AUDIT_USER_LOGIN:
update_session_login(au);
extract_record(au);
break;
case AUDIT_USER_END:
update_session_logout(au);
extract_record(au);
break;
case AUDIT_SYSTEM_BOOT:
process_bootup(au);
extract_record(au);
break;
case AUDIT_SYSTEM_SHUTDOWN:
process_shutdown(au);
extract_record(au);
break;
case AUDIT_DAEMON_START:
process_kernel(au);
extract_record(au);
break;
}
}
auparse_destroy(au);
// Now output the leftovers
list_first(&l);
do {
lnode *cur = list_get_cur(&l);
report_session(cur);
} while (list_next(&l));
free(kernel);
list_clear(&l);
if (f)
fclose(f);
return 0;
error_exit_1:
list_clear(&l);
if (f)
fclose(f);
return 1;
}
EAP_FUNC_EXPORT eap_status_e eap_session_core_c::packet_process(
const eap_am_network_id_c * const receive_network_id,
eap_general_header_base_c * const packet_data,
const u32_t packet_length)
{
EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
EAP_ASSERT(m_am_tools->get_global_mutex()->get_is_reserved() == true);
eap_status_e status = eap_status_process_general_error;
// Each EAP authentication session includes own eap_core_c object.
// EAP authentication sessions are separated by eap_am_network_id_c object.
if (packet_data == 0
|| packet_length < eap_header_base_c::get_header_length())
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_process_illegal_packet_error);
}
if (receive_network_id == 0
|| receive_network_id->get_is_valid_data() == false)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_illegal_parameter);
}
eap_header_wr_c eap(
m_am_tools,
packet_data->get_header_buffer(packet_data->get_header_buffer_length()),
packet_data->get_header_buffer_length());
if (eap.get_is_valid() == false)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_process_illegal_packet_error);
}
if (packet_length < eap.get_length())
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_process_illegal_packet_error);
}
if (eap.get_code() == eap_code_none)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_process_illegal_packet_error);
}
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
(EAPL("-> EAP_session: %s, code=0x%02x=%s, identifier=0x%02x, ")
EAPL("length=0x%04x, type=0x%08x=%s, packet length 0x%04x\n"),
(m_is_client == true) ? "client": "server",
eap.get_code(),
eap.get_code_string(),
eap.get_identifier(),
eap.get_length(),
convert_eap_type_to_u32_t(eap.get_type()),
eap.get_type_string(),
packet_length));
status = eap.check_header();
if (status != eap_status_ok)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, status);
}
// Here we swap the addresses.
eap_am_network_id_c send_network_id(m_am_tools,
receive_network_id->get_destination_id(),
receive_network_id->get_source_id(),
receive_network_id->get_type());
if (send_network_id.get_is_valid_data() == false)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);
}
eap_network_id_selector_c selector(
m_am_tools,
&send_network_id);
if (selector.get_is_valid() == false)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);
}
EAP_TRACE_DATA_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
(EAPL("eap_session_core_c::packet_process() EAP-session"),
selector.get_data(selector.get_data_length()),
selector.get_data_length()));
eap_core_c *session = m_session_map.get_handler(&selector);
if (session == 0)
{
// Create a new session.
session = create_new_session(receive_network_id);
}
if (session != 0)
{
status = session->packet_process(
receive_network_id,
&eap,
packet_length);
EAP_GENERAL_HEADER_COPY_ERROR_PARAMETERS(packet_data, &eap);
}
else
{
status = eap_status_illegal_eap_type;
}
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, status);
}
EAP_FUNC_EXPORT eap_status_e eap_session_core_c::create_eap_session(
const eap_am_network_id_c * const receive_network_id)
{
EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT);
EAP_TRACE_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
(EAPL("eap_session_core_c::create_eap_session(): this = 0x%08x => 0x%08x.\n"),
this,
dynamic_cast<abs_eap_base_timer_c *>(this)));
eap_status_e status = eap_status_process_general_error;
// Here we swap the addresses.
eap_am_network_id_c send_network_id(
m_am_tools,
receive_network_id->get_destination_id(),
receive_network_id->get_source_id(),
receive_network_id->get_type());
if (send_network_id.get_is_valid_data() == false)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);
}
eap_network_id_selector_c selector(
m_am_tools,
&send_network_id);
if (selector.get_is_valid() == false)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);
}
EAP_TRACE_DATA_DEBUG(
m_am_tools,
TRACE_FLAGS_DEFAULT,
(EAPL("eap_session_core_c::create_eap_session() EAP-session"),
selector.get_data(selector.get_data_length()),
selector.get_data_length()));
eap_core_c *session = m_session_map.get_handler(&selector);
if (session == 0)
{
session = create_new_session(receive_network_id);
if (session == 0)
{
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error);
}
else
{
status = eap_status_ok;
}
}
else
{
status = eap_status_ok;
}
EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT);
return EAP_STATUS_RETURN(m_am_tools, status);
}
