void RightAuthenticationLogger::logSuccess(uid_t authenticator, uid_t target, const char *targetName) { if (false == open()) return; writeCommon(); // au_to_arg32() is really meant for auditing syscall arguments; // we're slightly abusing it to get descriptive strings for free. writeToken(au_to_arg32(1, authenticatorStr, authenticator), "authenticator"); string tmpStr(authenticatedAsStr); // targetName shouldn't be NULL on a successful authentication, but allow // for programmer screwups tmpStr += targetName ? targetName : unknownUserStr; writeToken(au_to_arg32(2, tmpStr.c_str(), target), "target"); writeReturn(0, 0); close(); }
static void generate_arg32_record(const char *directory, const char *record_filename) { token_t *arg32_token; arg32_token = au_to_arg32(arg32_token_n, arg32_token_text, arg32_token_v); if (arg32_token == NULL) err(EX_UNAVAILABLE, "au_to_arg32"); write_record(directory, record_filename, arg32_token, AUE_NULL); }
static void generate_arg32_token(const char *directory, const char *token_filename) { token_t *arg32_token; arg32_token = au_to_arg32(arg32_token_n, arg32_token_text, arg32_token_v); if (arg32_token == NULL) err(EX_UNAVAILABLE, "au_to_arg32"); write_token(directory, token_filename, arg32_token); }
void RightAuthenticationLogger::logFailure(uid_t authenticator, const char *targetName) { if (false == open()) return; writeCommon(); writeToken(au_to_arg32(1, authenticatorStr, authenticator), "authenticator"); if (NULL == targetName) writeToken(au_to_text(unknownUserStr), "target username"); else writeToken(au_to_text(targetName), "target username"); // @@@ EAUTH more appropriate, but !defined for _POSIX_C_SOURCE writeReturn(EPERM, errAuthorizationDenied); close(); }
token_t * au_to_arg(char n, const char *text, u_int32_t v) { return (au_to_arg32(n, text, v)); }