EAP_FUNC_EXPORT eap_status_e eap_session_core_c::send_eap_identity_request( const eap_am_network_id_c * const receive_network_id) { EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); EAP_ASSERT(m_am_tools->get_global_mutex()->get_is_reserved() == true); eap_status_e status = eap_status_process_general_error; EAP_TRACE_DEBUG( m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("eap_session_core_c::send_eap_identity_request()\n"))); EAP_TRACE_RETURN_STRING(m_am_tools, "returns: eap_session_core_c::send_eap_identity_request()"); // Here we swap the addresses. eap_am_network_id_c send_network_id(m_am_tools, receive_network_id->get_destination_id(), receive_network_id->get_source_id(), receive_network_id->get_type()); if (send_network_id.get_is_valid_data() == false) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); } eap_network_id_selector_c selector( m_am_tools, &send_network_id); if (selector.get_is_valid() == false) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); } EAP_TRACE_DATA_DEBUG( m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("eap_session_core_c::send_eap_identity_request() EAP-session"), selector.get_data(selector.get_data_length()), selector.get_data_length())); eap_core_c *session = m_session_map.get_handler(&selector); if (session == 0) { // Create a new session. session = create_new_session(receive_network_id); } if (session != 0) { status = session->send_eap_identity_request(receive_network_id); (void)EAP_STATUS_RETURN(m_am_tools, status); } EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, status); }
EAP_FUNC_EXPORT eap_status_e eap_session_core_c::restart_authentication( const eap_am_network_id_c * const receive_network_id, const bool /* is_client_when_true */, const bool force_clean_restart, const bool /* from_timer */) { EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); EAP_ASSERT(m_am_tools->get_global_mutex()->get_is_reserved() == true); eap_status_e status = eap_status_process_general_error; // Here we swap the addresses. eap_am_network_id_c send_network_id(m_am_tools, receive_network_id->get_destination_id(), receive_network_id->get_source_id(), receive_network_id->get_type()); if (send_network_id.get_is_valid_data() == false) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); } eap_network_id_selector_c selector( m_am_tools, &send_network_id); if (selector.get_is_valid() == false) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); } EAP_TRACE_DATA_DEBUG( m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("eap_session_core_c::restart_authentication() EAP-session"), selector.get_data(selector.get_data_length()), selector.get_data_length())); eap_core_c *session = m_session_map.get_handler(&selector); if (session == 0) { // Create a new session. session = create_new_session(receive_network_id); } if (session != 0) { status = m_partner->restart_authentication( receive_network_id, m_is_client, force_clean_restart); } EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, status); }
int main(int argc, char *argv[]) { int i, use_stdin = 0; char *user = NULL, *file = NULL; struct passwd *p; auparse_state_t *au; setlocale (LC_ALL, ""); for (i=1; i<argc; i++) { if (argv[i][0] != '-') { //take input and lookup as if it were a user name //if that fails assume its a tty if (user == NULL) { p = getpwnam(argv[i]); if (p) { cuid = p->pw_uid; user = argv[i]; continue; } } if (cterm == NULL) { cterm = argv[i]; } else { usage(); return 1; } } else { if (strcmp(argv[i], "-f") == 0) { if (use_stdin == 0) { i++; file = argv[i]; } else { fprintf(stderr,"stdin already given\n"); return 1; } } else if (strcmp(argv[i], "--bad") == 0) { bad = 1; } else if (strcmp(argv[i], "--proof") == 0) { proof = 1; } else if (strcmp(argv[i], "--extract") == 0) { f = fopen("aulast.log", "wt"); } else if (strcmp(argv[i], "--stdin") == 0) { if (file == NULL) use_stdin = 1; else { fprintf(stderr, "file already given\n"); return 1; } } else if (strcmp(argv[i], "--debug") == 0) { debug = 1; } else { usage(); return 1; } } } list_create(&l); // Search for successful user logins if (file) au = auparse_init(AUSOURCE_FILE, file); else if (use_stdin) au = auparse_init(AUSOURCE_FILE_POINTER, stdin); else { if (getuid()) { fprintf(stderr, "You probably need to be root for this to work\n"); } au = auparse_init(AUSOURCE_LOGS, NULL); } if (au == NULL) { fprintf(stderr, "Error - %s\n", strerror(errno)); goto error_exit_1; } // The theory: iterate though events // 1) when LOGIN is found, create a new session node // 2) if that session number exists, close out the old one // 3) when USER_LOGIN is found, update session node // 4) When USER_END is found update session node and close it out // 5) When BOOT record found make new record and check for previous // 6) If previous boot found, set status to crash and logout everyone // 7) When SHUTDOWN found, close out reboot record while (auparse_next_event(au) > 0) { // We will take advantage of the fact that all events // of interest are one record long int type = auparse_get_type(au); if (type < 0) continue; switch (type) { case AUDIT_LOGIN: create_new_session(au); extract_record(au); break; case AUDIT_USER_LOGIN: update_session_login(au); extract_record(au); break; case AUDIT_USER_END: update_session_logout(au); extract_record(au); break; case AUDIT_SYSTEM_BOOT: process_bootup(au); extract_record(au); break; case AUDIT_SYSTEM_SHUTDOWN: process_shutdown(au); extract_record(au); break; case AUDIT_DAEMON_START: process_kernel(au); extract_record(au); break; } } auparse_destroy(au); // Now output the leftovers list_first(&l); do { lnode *cur = list_get_cur(&l); report_session(cur); } while (list_next(&l)); free(kernel); list_clear(&l); if (f) fclose(f); return 0; error_exit_1: list_clear(&l); if (f) fclose(f); return 1; }
EAP_FUNC_EXPORT eap_status_e eap_session_core_c::packet_process( const eap_am_network_id_c * const receive_network_id, eap_general_header_base_c * const packet_data, const u32_t packet_length) { EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); EAP_ASSERT(m_am_tools->get_global_mutex()->get_is_reserved() == true); eap_status_e status = eap_status_process_general_error; // Each EAP authentication session includes own eap_core_c object. // EAP authentication sessions are separated by eap_am_network_id_c object. if (packet_data == 0 || packet_length < eap_header_base_c::get_header_length()) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_process_illegal_packet_error); } if (receive_network_id == 0 || receive_network_id->get_is_valid_data() == false) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_illegal_parameter); } eap_header_wr_c eap( m_am_tools, packet_data->get_header_buffer(packet_data->get_header_buffer_length()), packet_data->get_header_buffer_length()); if (eap.get_is_valid() == false) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_process_illegal_packet_error); } if (packet_length < eap.get_length()) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_process_illegal_packet_error); } if (eap.get_code() == eap_code_none) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_process_illegal_packet_error); } EAP_TRACE_DEBUG( m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("-> EAP_session: %s, code=0x%02x=%s, identifier=0x%02x, ") EAPL("length=0x%04x, type=0x%08x=%s, packet length 0x%04x\n"), (m_is_client == true) ? "client": "server", eap.get_code(), eap.get_code_string(), eap.get_identifier(), eap.get_length(), convert_eap_type_to_u32_t(eap.get_type()), eap.get_type_string(), packet_length)); status = eap.check_header(); if (status != eap_status_ok) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, status); } // Here we swap the addresses. eap_am_network_id_c send_network_id(m_am_tools, receive_network_id->get_destination_id(), receive_network_id->get_source_id(), receive_network_id->get_type()); if (send_network_id.get_is_valid_data() == false) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); } eap_network_id_selector_c selector( m_am_tools, &send_network_id); if (selector.get_is_valid() == false) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); } EAP_TRACE_DATA_DEBUG( m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("eap_session_core_c::packet_process() EAP-session"), selector.get_data(selector.get_data_length()), selector.get_data_length())); eap_core_c *session = m_session_map.get_handler(&selector); if (session == 0) { // Create a new session. session = create_new_session(receive_network_id); } if (session != 0) { status = session->packet_process( receive_network_id, &eap, packet_length); EAP_GENERAL_HEADER_COPY_ERROR_PARAMETERS(packet_data, &eap); } else { status = eap_status_illegal_eap_type; } EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, status); }
EAP_FUNC_EXPORT eap_status_e eap_session_core_c::create_eap_session( const eap_am_network_id_c * const receive_network_id) { EAP_TRACE_BEGIN(m_am_tools, TRACE_FLAGS_DEFAULT); EAP_TRACE_DEBUG( m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("eap_session_core_c::create_eap_session(): this = 0x%08x => 0x%08x.\n"), this, dynamic_cast<abs_eap_base_timer_c *>(this))); eap_status_e status = eap_status_process_general_error; // Here we swap the addresses. eap_am_network_id_c send_network_id( m_am_tools, receive_network_id->get_destination_id(), receive_network_id->get_source_id(), receive_network_id->get_type()); if (send_network_id.get_is_valid_data() == false) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); } eap_network_id_selector_c selector( m_am_tools, &send_network_id); if (selector.get_is_valid() == false) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); } EAP_TRACE_DATA_DEBUG( m_am_tools, TRACE_FLAGS_DEFAULT, (EAPL("eap_session_core_c::create_eap_session() EAP-session"), selector.get_data(selector.get_data_length()), selector.get_data_length())); eap_core_c *session = m_session_map.get_handler(&selector); if (session == 0) { session = create_new_session(receive_network_id); if (session == 0) { EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, eap_status_allocation_error); } else { status = eap_status_ok; } } else { status = eap_status_ok; } EAP_TRACE_END(m_am_tools, TRACE_FLAGS_DEFAULT); return EAP_STATUS_RETURN(m_am_tools, status); }