diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2017-03-07 16:50:38 +1300 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2017-03-29 02:37:28 +0200 |
| commit | a70cde046a925614978a75359425667fc6de5323 (patch) | |
| tree | 03a796f0a6615cf3bf9a07445d27ca55f241e6d5 /auth/auth_log.c | |
| parent | c008687ffbf18a3327dd4ad41ca5a9e01c30f9d1 (diff) | |
| download | samba-a70cde046a925614978a75359425667fc6de5323.tar.gz | |
auth_log: Prepared to allow logging JSON events to a server over the message bus
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Diffstat (limited to 'auth/auth_log.c')
| -rw-r--r-- | auth/auth_log.c | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/auth/auth_log.c b/auth/auth_log.c index 9ff2491dee3..ca08e6bfe24 100644 --- a/auth/auth_log.c +++ b/auth/auth_log.c @@ -51,6 +51,11 @@ #include "lib/util/util_str_escape.h" #include "libcli/security/dom_sid.h" #include "libcli/security/security_token.h" +#include "librpc/gen_ndr/server_id.h" +#include "source4/lib/messaging/messaging.h" +#include "source4/lib/messaging/irpc.h" +#include "lib/util/server_id_db.h" +#include "lib/param/param.h" /* * Get a human readable timestamp. @@ -116,6 +121,81 @@ struct json_context { bool error; }; +static NTSTATUS get_auth_event_server(struct imessaging_context *msg_ctx, + struct server_id *auth_event_server) +{ + NTSTATUS status; + TALLOC_CTX *frame = talloc_stackframe(); + unsigned num_servers, i; + struct server_id *servers; + + status = irpc_servers_byname(msg_ctx, frame, + AUTH_EVENT_NAME, + &num_servers, &servers); + + if (!NT_STATUS_IS_OK(status)) { + DBG_NOTICE("Failed to find 'auth_event' registered on the " + "message bus to send JSON authentication events to: %s\n", + nt_errstr(status)); + TALLOC_FREE(frame); + return status; + } + + /* + * Select the first server that is listening, because + * we get connection refused as + * NT_STATUS_OBJECT_NAME_NOT_FOUND without waiting + */ + for (i = 0; i < num_servers; i++) { + status = imessaging_send(msg_ctx, servers[i], MSG_PING, + &data_blob_null); + if (NT_STATUS_IS_OK(status)) { + *auth_event_server = servers[i]; + TALLOC_FREE(frame); + return NT_STATUS_OK; + } + } + DBG_NOTICE("Failed to find a running 'auth_event' server " + "registered on the message bus to send JSON " + "authentication events to\n"); + TALLOC_FREE(frame); + return NT_STATUS_OBJECT_NAME_NOT_FOUND; +} + +static void auth_message_send(struct imessaging_context *msg_ctx, + const char *json) +{ + struct server_id auth_event_server; + NTSTATUS status; + DATA_BLOB json_blob = data_blob_string_const(json); + if (msg_ctx == NULL) { + return; + } + + /* Need to refetch the address each time as the destination server may + * have disconnected and reconnected in the interim, in which case + * messages may get lost, manifests in the auth_log tests + */ + status = get_auth_event_server(msg_ctx, &auth_event_server); + if (!NT_STATUS_IS_OK(status)) { + return; + } + + status = imessaging_send(msg_ctx, auth_event_server, MSG_AUTH_LOG, + &json_blob); + + /* If the server crashed, try to find it again */ + if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) { + status = get_auth_event_server(msg_ctx, &auth_event_server); + if (!NT_STATUS_IS_OK(status)) { + return; + } + imessaging_send(msg_ctx, auth_event_server, MSG_AUTH_LOG, + &json_blob); + + } +} + /* * Write the json object to the debug lines. * |