|
version 1.7, 2006/04/04 08:47:42
|
version 1.7.2.9, 2009/09/29 21:43:53
|
|
Line 1
|
Line 1
|
| /* auditlog.c - log modifications for audit/history purposes */ |
/* auditlog.c - log modifications for audit/history purposes */ |
| /* $OpenLDAP: pkg/ldap/servers/slapd/overlays/auditlog.c,v 1.6 2006/04/02 17:54:26 hallvard Exp $ */ |
/* $OpenLDAP$ */ |
| /* This work is part of OpenLDAP Software <http://www.openldap.org/>. |
/* This work is part of OpenLDAP Software <http://www.openldap.org/>. |
| * |
* |
| * Copyright 2005-2006 The OpenLDAP Foundation. |
* Copyright 2005-2009 The OpenLDAP Foundation. |
| * Portions copyright 2004-2005 Symas Corporation. |
* Portions copyright 2004-2005 Symas Corporation. |
| * All rights reserved. |
* All rights reserved. |
| * |
* |
|
Line 29
|
Line 29
|
| #include <ac/ctype.h> |
#include <ac/ctype.h> |
| |
|
| #include "slap.h" |
#include "slap.h" |
| |
#include "config.h" |
| #include "ldif.h" |
#include "ldif.h" |
| |
|
| typedef struct auditlog_data { |
typedef struct auditlog_data { |
|
Line 36 typedef struct auditlog_data {
|
Line 37 typedef struct auditlog_data {
|
| char *ad_logfile; |
char *ad_logfile; |
| } auditlog_data; |
} auditlog_data; |
| |
|
| |
static ConfigTable auditlogcfg[] = { |
| |
{ "auditlog", "filename", 2, 2, 0, |
| |
ARG_STRING|ARG_OFFSET, |
| |
(void *)offsetof(auditlog_data, ad_logfile), |
| |
"( OLcfgOvAt:15.1 NAME 'olcAuditlogFile' " |
| |
"DESC 'Filename for auditlogging' " |
| |
"SYNTAX OMsDirectoryString )", NULL, NULL }, |
| |
{ NULL, NULL, 0, 0, 0, ARG_IGNORED } |
| |
}; |
| |
|
| |
static ConfigOCs auditlogocs[] = { |
| |
{ "( OLcfgOvOc:15.1 " |
| |
"NAME 'olcAuditlogConfig' " |
| |
"DESC 'Auditlog configuration' " |
| |
"SUP olcOverlayConfig " |
| |
"MAY ( olcAuditlogFile ) )", |
| |
Cft_Overlay, auditlogcfg }, |
| |
{ NULL, 0, NULL } |
| |
}; |
| |
|
| static int fprint_ldif(FILE *f, char *name, char *val, ber_len_t len) { |
static int fprint_ldif(FILE *f, char *name, char *val, ber_len_t len) { |
| char *s; |
char *s; |
| if((s = ldif_put(LDIF_PUT_VALUE, name, val, len)) == NULL) |
if((s = ldif_put(LDIF_PUT_VALUE, name, val, len)) == NULL) |
|
Line 51 static int auditlog_response(Operation *
|
Line 72 static int auditlog_response(Operation *
|
| FILE *f; |
FILE *f; |
| Attribute *a; |
Attribute *a; |
| Modifications *m; |
Modifications *m; |
| struct berval *b; |
struct berval *b, *who = NULL; |
| char *what, *suffix, *who = NULL; |
char *what, *whatm, *suffix; |
| long stamp = slap_get_time(); |
time_t stamp; |
| int i; |
int i; |
| |
|
| if ( rs->sr_err != LDAP_SUCCESS ) return SLAP_CB_CONTINUE; |
if ( rs->sr_err != LDAP_SUCCESS ) return SLAP_CB_CONTINUE; |
|
Line 71 static int auditlog_response(Operation *
|
Line 92 static int auditlog_response(Operation *
|
| what = "add"; |
what = "add"; |
| for(a = op->ora_e->e_attrs; a; a = a->a_next) |
for(a = op->ora_e->e_attrs; a; a = a->a_next) |
| if( a->a_desc == slap_schema.si_ad_modifiersName ) { |
if( a->a_desc == slap_schema.si_ad_modifiersName ) { |
| who = a->a_vals[0].bv_val; |
who = &a->a_vals[0]; |
| break; |
break; |
| } |
} |
| break; |
break; |
|
Line 81 static int auditlog_response(Operation *
|
Line 102 static int auditlog_response(Operation *
|
| if( m->sml_desc == slap_schema.si_ad_modifiersName && |
if( m->sml_desc == slap_schema.si_ad_modifiersName && |
| ( m->sml_op == LDAP_MOD_ADD || |
( m->sml_op == LDAP_MOD_ADD || |
| m->sml_op == LDAP_MOD_REPLACE )) { |
m->sml_op == LDAP_MOD_REPLACE )) { |
| who = m->sml_values[0].bv_val; |
who = &m->sml_values[0]; |
| break; |
break; |
| } |
} |
| break; |
break; |
|
Line 96 static int auditlog_response(Operation *
|
Line 117 static int auditlog_response(Operation *
|
| ** note: this means requestor's dn when modifiersName is null |
** note: this means requestor's dn when modifiersName is null |
| */ |
*/ |
| if ( !who ) |
if ( !who ) |
| who = op->o_dn.bv_val; |
who = &op->o_dn; |
| |
|
| ldap_pvt_thread_mutex_lock(&ad->ad_mutex); |
ldap_pvt_thread_mutex_lock(&ad->ad_mutex); |
| if((f = fopen(ad->ad_logfile, "a")) == NULL) { |
if((f = fopen(ad->ad_logfile, "a")) == NULL) { |
|
Line 104 static int auditlog_response(Operation *
|
Line 125 static int auditlog_response(Operation *
|
| return SLAP_CB_CONTINUE; |
return SLAP_CB_CONTINUE; |
| } |
} |
| |
|
| fprintf(f, "# %s %ld %s%s%s\ndn: %s\nchangetype: %s\n", |
stamp = slap_get_time(); |
| what, stamp, suffix, who ? " " : "", who ? who : "", |
fprintf(f, "# %s %ld %s%s%s\n", |
| |
what, (long)stamp, suffix, who ? " " : "", who ? who->bv_val : ""); |
| |
|
| |
if ( !BER_BVISEMPTY( &op->o_conn->c_dn ) && |
| |
(!who || !dn_match( who, &op->o_conn->c_dn ))) |
| |
fprintf(f, "# realdn: %s\n", op->o_conn->c_dn.bv_val ); |
| |
|
| |
fprintf(f, "dn: %s\nchangetype: %s\n", |
| op->o_req_dn.bv_val, what); |
op->o_req_dn.bv_val, what); |
| |
|
| switch(op->o_tag) { |
switch(op->o_tag) { |
|
Line 119 static int auditlog_response(Operation *
|
Line 147 static int auditlog_response(Operation *
|
| case LDAP_REQ_MODIFY: |
case LDAP_REQ_MODIFY: |
| for(m = op->orm_modlist; m; m = m->sml_next) { |
for(m = op->orm_modlist; m; m = m->sml_next) { |
| switch(m->sml_op & LDAP_MOD_OP) { |
switch(m->sml_op & LDAP_MOD_OP) { |
| case LDAP_MOD_ADD: what = "add"; break; |
case LDAP_MOD_ADD: whatm = "add"; break; |
| case LDAP_MOD_REPLACE: what = "replace"; break; |
case LDAP_MOD_REPLACE: whatm = "replace"; break; |
| case LDAP_MOD_DELETE: what = "delete"; break; |
case LDAP_MOD_DELETE: whatm = "delete"; break; |
| case LDAP_MOD_INCREMENT: what = "increment"; break; |
case LDAP_MOD_INCREMENT: whatm = "increment"; break; |
| default: |
default: |
| fprintf(f, "# MOD_TYPE_UNKNOWN:%02x\n", m->sml_op & LDAP_MOD_OP); |
fprintf(f, "# MOD_TYPE_UNKNOWN:%02x\n", m->sml_op & LDAP_MOD_OP); |
| continue; |
continue; |
| } |
} |
| fprintf(f, "%s: %s\n", what, m->sml_desc->ad_cname.bv_val); |
fprintf(f, "%s: %s\n", whatm, m->sml_desc->ad_cname.bv_val); |
| if((b = m->sml_values) != NULL) |
if((b = m->sml_values) != NULL) |
| for(i = 0; b[i].bv_val; i++) |
for(i = 0; b[i].bv_val; i++) |
| fprint_ldif(f, m->sml_desc->ad_cname.bv_val, b[i].bv_val, b[i].bv_len); |
fprint_ldif(f, m->sml_desc->ad_cname.bv_val, b[i].bv_val, b[i].bv_len); |
|
Line 146 static int auditlog_response(Operation *
|
Line 174 static int auditlog_response(Operation *
|
| break; |
break; |
| } |
} |
| |
|
| fprintf(f, "# end %s %ld\n\n", what, stamp); |
fprintf(f, "# end %s %ld\n\n", what, (long)stamp); |
| |
|
| fclose(f); |
fclose(f); |
| ldap_pvt_thread_mutex_unlock(&ad->ad_mutex); |
ldap_pvt_thread_mutex_unlock(&ad->ad_mutex); |
|
Line 157 static slap_overinst auditlog;
|
Line 185 static slap_overinst auditlog;
|
| |
|
| static int |
static int |
| auditlog_db_init( |
auditlog_db_init( |
| BackendDB *be |
BackendDB *be, |
| |
ConfigReply *cr |
| ) |
) |
| { |
{ |
| slap_overinst *on = (slap_overinst *)be->bd_info; |
slap_overinst *on = (slap_overinst *)be->bd_info; |
| auditlog_data *ad = ch_malloc(sizeof(auditlog_data)); |
auditlog_data *ad = ch_calloc(1, sizeof(auditlog_data)); |
| |
|
| on->on_bi.bi_private = ad; |
on->on_bi.bi_private = ad; |
| ldap_pvt_thread_mutex_init( &ad->ad_mutex ); |
ldap_pvt_thread_mutex_init( &ad->ad_mutex ); |
|
Line 170 auditlog_db_init(
|
Line 199 auditlog_db_init(
|
| |
|
| static int |
static int |
| auditlog_db_close( |
auditlog_db_close( |
| BackendDB *be |
BackendDB *be, |
| |
ConfigReply *cr |
| ) |
) |
| { |
{ |
| slap_overinst *on = (slap_overinst *)be->bd_info; |
slap_overinst *on = (slap_overinst *)be->bd_info; |
|
Line 183 auditlog_db_close(
|
Line 213 auditlog_db_close(
|
| |
|
| static int |
static int |
| auditlog_db_destroy( |
auditlog_db_destroy( |
| BackendDB *be |
BackendDB *be, |
| |
ConfigReply *cr |
| ) |
) |
| { |
{ |
| slap_overinst *on = (slap_overinst *)be->bd_info; |
slap_overinst *on = (slap_overinst *)be->bd_info; |
|
Line 194 auditlog_db_destroy(
|
Line 225 auditlog_db_destroy(
|
| return 0; |
return 0; |
| } |
} |
| |
|
| static int |
|
| auditlog_config( |
|
| BackendDB *be, |
|
| const char *fname, |
|
| int lineno, |
|
| int argc, |
|
| char **argv |
|
| ) |
|
| { |
|
| slap_overinst *on = (slap_overinst *) be->bd_info; |
|
| auditlog_data *ad = on->on_bi.bi_private; |
|
| |
|
| /* history log file */ |
|
| if ( strcasecmp( argv[0], "auditlog" ) == 0 ) { |
|
| if ( argc < 2 ) { |
|
| Debug( LDAP_DEBUG_ANY, |
|
| "%s: line %d: missing filename in \"auditlog <filename>\" line\n", |
|
| fname, lineno, 0 ); |
|
| return( 1 ); |
|
| } |
|
| ad->ad_logfile = ch_strdup( argv[1] ); |
|
| return 0; |
|
| } |
|
| return SLAP_CONF_UNKNOWN; |
|
| } |
|
| |
|
| int auditlog_initialize() { |
int auditlog_initialize() { |
| |
int rc; |
| |
|
| auditlog.on_bi.bi_type = "auditlog"; |
auditlog.on_bi.bi_type = "auditlog"; |
| auditlog.on_bi.bi_db_init = auditlog_db_init; |
auditlog.on_bi.bi_db_init = auditlog_db_init; |
| auditlog.on_bi.bi_db_config = auditlog_config; |
|
| auditlog.on_bi.bi_db_close = auditlog_db_close; |
auditlog.on_bi.bi_db_close = auditlog_db_close; |
| auditlog.on_bi.bi_db_destroy = auditlog_db_destroy; |
auditlog.on_bi.bi_db_destroy = auditlog_db_destroy; |
| auditlog.on_response = auditlog_response; |
auditlog.on_response = auditlog_response; |
| |
|
| |
auditlog.on_bi.bi_cf_ocs = auditlogocs; |
| |
rc = config_register_schema( auditlogcfg, auditlogocs ); |
| |
if ( rc ) return rc; |
| |
|
| return overlay_register(&auditlog); |
return overlay_register(&auditlog); |
| } |
} |
| |
|
![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to auditlog.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [OpenLDAP] / servers / slapd / overlays