#include "dsdb/samdb/samdb.h"
#include "dsdb/samdb/ldb_modules/util.h"
+#include "dsdb/samdb/ldb_modules/audit_util_proto.h"
#include "libcli/security/dom_sid.h"
#include "auth/common_auth.h"
#include "param/param.h"
+#include "librpc/gen_ndr/windows_event_ids.h"
#define OPERATION_JSON_TYPE "dsdbChange"
#define OPERATION_HR_TAG "DSDB Change"
#define PASSWORD_JSON_TYPE "passwordChange"
#define PASSWORD_HR_TAG "Password Change"
#define PASSWORD_MAJOR 1
-#define PASSWORD_MINOR 0
+#define PASSWORD_MINOR 1
#define PASSWORD_LOG_LVL 5
#define TRANSACTION_JSON_TYPE "dsdbTransaction"
/*
* Private data for the module, stored in the ldb_module private data
*/
-struct audit_context {
+struct audit_private {
/*
* Should details of database operations be sent over the
* messaging bus.
return false;
}
+/*
+ * @brief get the password change windows event id
+ *
+ * Get the Windows Event Id for the action being performed on the user password.
+ *
+ * This routine assumes that the request contains password attributes and that the
+ * password ACL checks have been performed by acl.c
+ *
+ * @param request the ldb_request to inspect
+ * @param reply the ldb_reply, will contain the password controls
+ *
+ * @return The windows event code.
+ */
+static enum event_id_type get_password_windows_event_id(
+ const struct ldb_request *request,
+ const struct ldb_reply *reply)
+{
+ if(request->operation == LDB_ADD) {
+ return EVT_ID_PASSWORD_RESET;
+ } else {
+ struct ldb_control *pav_ctrl = NULL;
+ struct dsdb_control_password_acl_validation *pav = NULL;
+
+ pav_ctrl = ldb_reply_get_control(
+ discard_const(reply),
+ DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID);
+ if (pav_ctrl == NULL) {
+ return EVT_ID_PASSWORD_RESET;
+ }
+
+ pav = talloc_get_type_abort(
+ pav_ctrl->data,
+ struct dsdb_control_password_acl_validation);
+
+ if (pav->pwd_reset) {
+ return EVT_ID_PASSWORD_RESET;
+ } else {
+ return EVT_ID_PASSWORD_CHANGE;
+ }
+ }
+}
/*
* @brief Is the request a password "Change" or a "Reset"
*
}
}
-
-#ifdef HAVE_JANSSON
/*
* @brief generate a JSON object detailing an ldb operation.
*
*
* @return the generated JSON object, should be freed with json_free.
*
+ *
*/
static struct json_object operation_json(
struct ldb_module *module,
struct ldb_context *ldb = NULL;
const struct dom_sid *sid = NULL;
bool as_system = false;
- struct json_object wrapper;
- struct json_object audit;
+ struct json_object wrapper = json_empty_object;
+ struct json_object audit = json_empty_object;
const struct tsocket_address *remote = NULL;
const char *dn = NULL;
const char* operation = NULL;
const struct GUID *unique_session_token = NULL;
const struct ldb_message *message = NULL;
- struct audit_context *ac = talloc_get_type(
- ldb_module_get_private(module),
- struct audit_context);
+ struct audit_private *audit_private
+ = talloc_get_type_abort(ldb_module_get_private(module),
+ struct audit_private);
+ int rc = 0;
ldb = ldb_module_get_ctx(module);
operation = dsdb_audit_get_operation_name(request);
audit = json_new_object();
- json_add_version(&audit, OPERATION_MAJOR, OPERATION_MINOR);
- json_add_int(&audit, "statusCode", reply->error);
- json_add_string(&audit, "status", ldb_strerror(reply->error));
- json_add_string(&audit, "operation", operation);
- json_add_address(&audit, "remoteAddress", remote);
- json_add_bool(&audit, "performedAsSystem", as_system);
- json_add_sid(&audit, "userSid", sid);
- json_add_string(&audit, "dn", dn);
- json_add_guid(&audit, "transactionId", &ac->transaction_guid);
- json_add_guid(&audit, "sessionId", unique_session_token);
+ if (json_is_invalid(&audit)) {
+ goto failure;
+ }
+ rc = json_add_version(&audit, OPERATION_MAJOR, OPERATION_MINOR);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_int(&audit, "statusCode", reply->error);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "status", ldb_strerror(reply->error));
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "operation", operation);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_address(&audit, "remoteAddress", remote);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_bool(&audit, "performedAsSystem", as_system);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_sid(&audit, "userSid", sid);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "dn", dn);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_guid(
+ &audit, "transactionId", &audit_private->transaction_guid);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_guid(&audit, "sessionId", unique_session_token);
+ if (rc != 0) {
+ goto failure;
+ }
message = dsdb_audit_get_message(request);
if (message != NULL) {
dsdb_audit_attributes_json(
request->operation,
message);
- json_add_object(&audit, "attributes", &attributes);
+ if (json_is_invalid(&attributes)) {
+ goto failure;
+ }
+ rc = json_add_object(&audit, "attributes", &attributes);
+ if (rc != 0) {
+ goto failure;
+ }
}
wrapper = json_new_object();
- json_add_timestamp(&wrapper);
- json_add_string(&wrapper, "type", OPERATION_JSON_TYPE);
- json_add_object(&wrapper, OPERATION_JSON_TYPE, &audit);
+ if (json_is_invalid(&wrapper)) {
+ goto failure;
+ }
+ rc = json_add_timestamp(&wrapper);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&wrapper, "type", OPERATION_JSON_TYPE);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_object(&wrapper, OPERATION_JSON_TYPE, &audit);
+ if (rc != 0) {
+ goto failure;
+ }
+ return wrapper;
+
+failure:
+ /*
+ * On a failure audit will not have been added to wrapper so it
+ * needs to free it to avoid a leak.
+ *
+ * wrapper is freed to invalidate it as it will have only been
+ * partially constructed and may be inconsistent.
+ *
+ * All the json manipulation routines handle a freed object correctly
+ */
+ json_free(&audit);
+ json_free(&wrapper);
+ DBG_ERR("Unable to create ldb operation JSON audit message\n");
return wrapper;
}
* @paran reply the result of the operation
*
* @return the generated JSON object, should be freed with json_free.
+ * NULL if there was an error generating the message.
*
*/
static struct json_object replicated_update_json(
const struct ldb_request *request,
const struct ldb_reply *reply)
{
- struct json_object wrapper;
- struct json_object audit;
- struct audit_context *ac = talloc_get_type(
- ldb_module_get_private(module),
- struct audit_context);
+ struct json_object wrapper = json_empty_object;
+ struct json_object audit = json_empty_object;
+ struct audit_private *audit_private
+ = talloc_get_type_abort(ldb_module_get_private(module),
+ struct audit_private);
struct dsdb_extended_replicated_objects *ro = talloc_get_type(
request->op.extended.data,
struct dsdb_extended_replicated_objects);
const char *partition_dn = NULL;
const char *error = NULL;
+ int rc = 0;
partition_dn = ldb_dn_get_linearized(ro->partition_dn);
error = get_friendly_werror_msg(ro->error);
audit = json_new_object();
- json_add_version(&audit, REPLICATION_MAJOR, REPLICATION_MINOR);
- json_add_int(&audit, "statusCode", reply->error);
- json_add_string(&audit, "status", ldb_strerror(reply->error));
- json_add_guid(&audit, "transactionId", &ac->transaction_guid);
- json_add_int(&audit, "objectCount", ro->num_objects);
- json_add_int(&audit, "linkCount", ro->linked_attributes_count);
- json_add_string(&audit, "partitionDN", partition_dn);
- json_add_string(&audit, "error", error);
- json_add_int(&audit, "errorCode", W_ERROR_V(ro->error));
- json_add_guid(
- &audit,
- "sourceDsa",
- &ro->source_dsa->source_dsa_obj_guid);
- json_add_guid(
- &audit,
- "invocationId",
- &ro->source_dsa->source_dsa_invocation_id);
+ if (json_is_invalid(&audit)) {
+ goto failure;
+ }
+ rc = json_add_version(&audit, REPLICATION_MAJOR, REPLICATION_MINOR);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_int(&audit, "statusCode", reply->error);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "status", ldb_strerror(reply->error));
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_guid(
+ &audit, "transactionId", &audit_private->transaction_guid);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_int(&audit, "objectCount", ro->num_objects);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_int(&audit, "linkCount", ro->linked_attributes_count);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "partitionDN", partition_dn);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "error", error);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_int(&audit, "errorCode", W_ERROR_V(ro->error));
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_guid(
+ &audit, "sourceDsa", &ro->source_dsa->source_dsa_obj_guid);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_guid(
+ &audit, "invocationId", &ro->source_dsa->source_dsa_invocation_id);
+ if (rc != 0) {
+ goto failure;
+ }
wrapper = json_new_object();
- json_add_timestamp(&wrapper);
- json_add_string(&wrapper, "type", REPLICATION_JSON_TYPE);
- json_add_object(&wrapper, REPLICATION_JSON_TYPE, &audit);
+ if (json_is_invalid(&wrapper)) {
+ goto failure;
+ }
+ rc = json_add_timestamp(&wrapper);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&wrapper, "type", REPLICATION_JSON_TYPE);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_object(&wrapper, REPLICATION_JSON_TYPE, &audit);
+ if (rc != 0) {
+ goto failure;
+ }
+ return wrapper;
+failure:
+ /*
+ * On a failure audit will not have been added to wrapper so it
+ * needs to be freed it to avoid a leak.
+ *
+ * wrapper is freed to invalidate it as it will have only been
+ * partially constructed and may be inconsistent.
+ *
+ * All the json manipulation routines handle a freed object correctly
+ */
+ json_free(&audit);
+ json_free(&wrapper);
+ DBG_ERR("Unable to create replicated update JSON audit message\n");
return wrapper;
}
{
struct ldb_context *ldb = NULL;
const struct dom_sid *sid = NULL;
- const char* dn = NULL;
- struct json_object wrapper;
- struct json_object audit;
+ const char *dn = NULL;
+ struct json_object wrapper = json_empty_object;
+ struct json_object audit = json_empty_object;
const struct tsocket_address *remote = NULL;
const char* action = NULL;
const struct GUID *unique_session_token = NULL;
- struct audit_context *ac = talloc_get_type(
- ldb_module_get_private(module),
- struct audit_context);
-
+ struct audit_private *audit_private
+ = talloc_get_type_abort(ldb_module_get_private(module),
+ struct audit_private);
+ int rc = 0;
+ enum event_id_type event_id;
ldb = ldb_module_get_ctx(module);
dn = dsdb_audit_get_primary_dn(request);
action = get_password_action(request, reply);
unique_session_token = dsdb_audit_get_unique_session_token(module);
+ event_id = get_password_windows_event_id(request, reply);
audit = json_new_object();
- json_add_version(&audit, PASSWORD_MAJOR, PASSWORD_MINOR);
- json_add_int(&audit, "statusCode", reply->error);
- json_add_string(&audit, "status", ldb_strerror(reply->error));
- json_add_address(&audit, "remoteAddress", remote);
- json_add_sid(&audit, "userSid", sid);
- json_add_string(&audit, "dn", dn);
- json_add_string(&audit, "action", action);
- json_add_guid(&audit, "transactionId", &ac->transaction_guid);
- json_add_guid(&audit, "sessionId", unique_session_token);
+ if (json_is_invalid(&audit)) {
+ goto failure;
+ }
+ rc = json_add_version(&audit, PASSWORD_MAJOR, PASSWORD_MINOR);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_int(&audit, "eventId", event_id);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_int(&audit, "statusCode", reply->error);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "status", ldb_strerror(reply->error));
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_address(&audit, "remoteAddress", remote);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_sid(&audit, "userSid", sid);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "dn", dn);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "action", action);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_guid(
+ &audit, "transactionId", &audit_private->transaction_guid);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_guid(&audit, "sessionId", unique_session_token);
+ if (rc != 0) {
+ goto failure;
+ }
wrapper = json_new_object();
- json_add_timestamp(&wrapper);
- json_add_string(&wrapper, "type", PASSWORD_JSON_TYPE);
- json_add_object(&wrapper, PASSWORD_JSON_TYPE, &audit);
+ if (json_is_invalid(&wrapper)) {
+ goto failure;
+ }
+ rc = json_add_timestamp(&wrapper);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&wrapper, "type", PASSWORD_JSON_TYPE);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_object(&wrapper, PASSWORD_JSON_TYPE, &audit);
+ if (rc != 0) {
+ goto failure;
+ }
+ return wrapper;
+failure:
+ /*
+ * On a failure audit will not have been added to wrapper so it
+ * needs to free it to avoid a leak.
+ *
+ * wrapper is freed to invalidate it as it will have only been
+ * partially constructed and may be inconsistent.
+ *
+ * All the json manipulation routines handle a freed object correctly
+ */
+ json_free(&wrapper);
+ json_free(&audit);
+ DBG_ERR("Unable to create password change JSON audit message\n");
return wrapper;
}
struct GUID *transaction_id,
const int64_t duration)
{
- struct json_object wrapper;
- struct json_object audit;
+ struct json_object wrapper = json_empty_object;
+ struct json_object audit = json_empty_object;
+ int rc = 0;
audit = json_new_object();
- json_add_version(&audit, TRANSACTION_MAJOR, TRANSACTION_MINOR);
- json_add_string(&audit, "action", action);
- json_add_guid(&audit, "transactionId", transaction_id);
- json_add_int(&audit, "duration", duration);
+ if (json_is_invalid(&audit)) {
+ goto failure;
+ }
+ rc = json_add_version(&audit, TRANSACTION_MAJOR, TRANSACTION_MINOR);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "action", action);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_guid(&audit, "transactionId", transaction_id);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_int(&audit, "duration", duration);
+ if (rc != 0) {
+ goto failure;
+ }
wrapper = json_new_object();
- json_add_timestamp(&wrapper);
- json_add_string(&wrapper, "type", TRANSACTION_JSON_TYPE);
- json_add_object(&wrapper, TRANSACTION_JSON_TYPE, &audit);
+ if (json_is_invalid(&wrapper)) {
+ goto failure;
+ }
+ rc = json_add_timestamp(&wrapper);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&wrapper, "type", TRANSACTION_JSON_TYPE);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_object(&wrapper, TRANSACTION_JSON_TYPE, &audit);
+ if (rc != 0) {
+ goto failure;
+ }
+ return wrapper;
+failure:
+ /*
+ * On a failure audit will not have been added to wrapper so it
+ * needs to free it to avoid a leak.
+ *
+ * wrapper is freed to invalidate it as it will have only been
+ * partially constructed and may be inconsistent.
+ *
+ * All the json manipulation routines handle a freed object correctly
+ */
+ json_free(&wrapper);
+ json_free(&audit);
+ DBG_ERR("Unable to create transaction JSON audit message\n");
return wrapper;
}
const char *reason,
struct GUID *transaction_id)
{
- struct json_object wrapper;
- struct json_object audit;
+ struct json_object wrapper = json_empty_object;
+ struct json_object audit = json_empty_object;
+ int rc = 0;
audit = json_new_object();
- json_add_version(&audit, TRANSACTION_MAJOR, TRANSACTION_MINOR);
- json_add_string(&audit, "action", action);
- json_add_guid(&audit, "transactionId", transaction_id);
- json_add_int(&audit, "duration", duration);
- json_add_int(&audit, "statusCode", status);
- json_add_string(&audit, "status", ldb_strerror(status));
- json_add_string(&audit, "reason", reason);
+ if (json_is_invalid(&audit)) {
+ goto failure;
+ }
+ rc = json_add_version(&audit, TRANSACTION_MAJOR, TRANSACTION_MINOR);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "action", action);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_guid(&audit, "transactionId", transaction_id);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_int(&audit, "duration", duration);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_int(&audit, "statusCode", status);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "status", ldb_strerror(status));
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&audit, "reason", reason);
+ if (rc != 0) {
+ goto failure;
+ }
wrapper = json_new_object();
- json_add_timestamp(&wrapper);
- json_add_string(&wrapper, "type", TRANSACTION_JSON_TYPE);
- json_add_object(&wrapper, TRANSACTION_JSON_TYPE, &audit);
+ if (json_is_invalid(&wrapper)) {
+ goto failure;
+ }
+ rc = json_add_timestamp(&wrapper);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_string(&wrapper, "type", TRANSACTION_JSON_TYPE);
+ if (rc != 0) {
+ goto failure;
+ }
+ rc = json_add_object(&wrapper, TRANSACTION_JSON_TYPE, &audit);
+ if (rc != 0) {
+ goto failure;
+ }
+ return wrapper;
+failure:
+ /*
+ * On a failure audit will not have been added to wrapper so it
+ * needs to free it to avoid a leak.
+ *
+ * wrapper is freed to invalidate it as it will have only been
+ * partially constructed and may be inconsistent.
+ *
+ * All the json manipulation routines handle a freed object correctly
+ */
+ json_free(&audit);
+ json_free(&wrapper);
+ DBG_ERR("Unable to create commit failure JSON audit message\n");
return wrapper;
}
-#endif
/*
* @brief Print a human readable log line for a password change event.
*
struct ldb_context *ldb = NULL;
const char *remote_host = NULL;
const struct dom_sid *sid = NULL;
- const char *user_sid = NULL;
+ struct dom_sid_buf user_sid;
const char *timestamp = NULL;
char *log_entry = NULL;
const char *action = NULL;
remote_host = dsdb_audit_get_remote_host(ldb, ctx);
sid = dsdb_audit_get_user_sid(module);
- user_sid = dom_sid_string(ctx, sid);
timestamp = audit_get_timestamp(ctx);
action = get_password_action(request, reply);
dn = dsdb_audit_get_primary_dn(request);
timestamp,
ldb_strerror(reply->error),
remote_host,
- user_sid,
+ dom_sid_str_buf(sid, &user_sid),
dn);
TALLOC_FREE(ctx);
return log_entry;
enum ldb_request_type operation,
const struct ldb_message *message)
{
- int i, j;
+ size_t i, j;
for (i=0;i<message->num_elements;i++) {
if (i > 0) {
buffer = talloc_asprintf_append_buffer(buffer, " ");
ldb,
LDB_DEBUG_ERROR,
"Error: Invalid element name (NULL) at "
- "position %d", i);
+ "position %zu", i);
return NULL;
}
for (j=0;j<message->elements[i].num_values;j++) {
struct ldb_val v;
bool use_b64_encode = false;
- int length;
+ size_t length;
if (j > 0) {
buffer = talloc_asprintf_append_buffer(
buffer,
buffer = talloc_asprintf_append_buffer(
buffer,
"[%*.*s%s]",
- length,
- length,
+ (int)length,
+ (int)length,
(char *)v.data,
(v.length > MAX_LENGTH ? "..." : ""));
}
{
struct ldb_context *ldb = NULL;
const char *remote_host = NULL;
+ const struct tsocket_address *remote = NULL;
const struct dom_sid *sid = NULL;
- const char *user_sid = NULL;
+ struct dom_sid_buf user_sid;
const char *timestamp = NULL;
const char *op_name = NULL;
char *log_entry = NULL;
ldb = ldb_module_get_ctx(module);
remote_host = dsdb_audit_get_remote_host(ldb, ctx);
- if (remote_host != NULL && dsdb_audit_is_system_session(module)) {
+ remote = dsdb_audit_get_remote_address(ldb);
+ if (remote != NULL && dsdb_audit_is_system_session(module)) {
sid = dsdb_audit_get_actual_sid(ldb);
} else {
sid = dsdb_audit_get_user_sid(module);
}
- user_sid = dom_sid_string(ctx, sid);
timestamp = audit_get_timestamp(ctx);
op_name = dsdb_audit_get_operation_name(request);
dn = dsdb_audit_get_primary_dn(request);
timestamp,
ldb_strerror(reply->error),
remote_host,
- user_sid,
+ dom_sid_str_buf(sid, &user_sid),
dn);
if (new_dn != NULL) {
log_entry = talloc_asprintf_append_buffer(
log_entry = talloc_asprintf(
mem_ctx,
- "[%s] at [%s] duration [%ld]",
+ "[%s] at [%s] duration [%"PRIi64"]",
action,
timestamp,
duration);
log_entry = talloc_asprintf(
mem_ctx,
- "[%s] at [%s] duration [%ld] status [%d] reason [%s]",
+ "[%s] at [%s] duration [%"PRIi64"] status [%d] reason [%s]",
action,
timestamp,
duration,
const struct ldb_message *message = dsdb_audit_get_message(request);
bool password_changed = has_password_changed(message);
- struct audit_context *ac =
- talloc_get_type(ldb_module_get_private(module),
- struct audit_context);
+ struct audit_private *audit_private =
+ talloc_get_type_abort(ldb_module_get_private(module),
+ struct audit_private);
TALLOC_CTX *ctx = talloc_new(NULL);
TALLOC_FREE(entry);
}
}
-#ifdef HAVE_JANSSON
if (CHECK_DEBUGLVLC(DBGC_DSDB_AUDIT_JSON, OPERATION_LOG_LVL) ||
- (ac->msg_ctx && ac->send_samdb_events)) {
+ (audit_private->msg_ctx
+ && audit_private->send_samdb_events)) {
struct json_object json;
json = operation_json(module, request, reply);
audit_log_json(
- OPERATION_JSON_TYPE,
&json,
DBGC_DSDB_AUDIT_JSON,
OPERATION_LOG_LVL);
- if (ac->msg_ctx && ac->send_password_events) {
+ if (audit_private->msg_ctx
+ && audit_private->send_samdb_events) {
audit_message_send(
- ac->msg_ctx,
+ audit_private->msg_ctx,
DSDB_EVENT_NAME,
MSG_DSDB_LOG,
&json);
json_free(&json);
}
if (CHECK_DEBUGLVLC(DBGC_DSDB_PWD_AUDIT_JSON, PASSWORD_LOG_LVL) ||
- (ac->msg_ctx && ac->send_password_events)) {
+ (audit_private->msg_ctx
+ && audit_private->send_password_events)) {
if (password_changed) {
struct json_object json;
json = password_change_json(module, request, reply);
audit_log_json(
- PASSWORD_JSON_TYPE,
&json,
DBGC_DSDB_PWD_AUDIT_JSON,
PASSWORD_LOG_LVL);
- if (ac->send_password_events) {
+ if (audit_private->send_password_events) {
audit_message_send(
- ac->msg_ctx,
+ audit_private->msg_ctx,
DSDB_PWD_EVENT_NAME,
MSG_DSDB_PWD_LOG,
&json);
json_free(&json);
}
}
-#endif
TALLOC_FREE(ctx);
}
const struct ldb_reply *reply)
{
- struct audit_context *ac =
- talloc_get_type(ldb_module_get_private(module),
- struct audit_context);
+ struct audit_private *audit_private =
+ talloc_get_type_abort(ldb_module_get_private(module),
+ struct audit_private);
TALLOC_CTX *ctx = talloc_new(NULL);
REPLICATION_LOG_LVL);
TALLOC_FREE(entry);
}
-#ifdef HAVE_JANSSON
if (CHECK_DEBUGLVLC(DBGC_DSDB_AUDIT_JSON, REPLICATION_LOG_LVL) ||
- (ac->msg_ctx && ac->send_samdb_events)) {
+ (audit_private->msg_ctx && audit_private->send_samdb_events)) {
struct json_object json;
json = replicated_update_json(module, request, reply);
audit_log_json(
- REPLICATION_JSON_TYPE,
&json,
DBGC_DSDB_AUDIT_JSON,
REPLICATION_LOG_LVL);
- if (ac->send_samdb_events) {
+ if (audit_private->send_samdb_events) {
audit_message_send(
- ac->msg_ctx,
+ audit_private->msg_ctx,
DSDB_EVENT_NAME,
MSG_DSDB_LOG,
&json);
}
json_free(&json);
}
-#endif
TALLOC_FREE(ctx);
}
int log_level)
{
- struct audit_context *ac =
- talloc_get_type(ldb_module_get_private(module),
- struct audit_context);
+ struct audit_private *audit_private =
+ talloc_get_type_abort(ldb_module_get_private(module),
+ struct audit_private);
const struct timeval now = timeval_current();
- const int64_t duration = usec_time_diff(&now, &ac->transaction_start);
+ const int64_t duration = usec_time_diff(&now, &audit_private->transaction_start);
TALLOC_CTX *ctx = talloc_new(NULL);
log_level);
TALLOC_FREE(entry);
}
-#ifdef HAVE_JANSSON
if (CHECK_DEBUGLVLC(DBGC_DSDB_TXN_AUDIT_JSON, log_level) ||
- (ac->msg_ctx && ac->send_samdb_events)) {
+ (audit_private->msg_ctx && audit_private->send_samdb_events)) {
struct json_object json;
json = transaction_json(
action,
- &ac->transaction_guid,
+ &audit_private->transaction_guid,
duration);
audit_log_json(
- TRANSACTION_JSON_TYPE,
&json,
DBGC_DSDB_TXN_AUDIT_JSON,
log_level);
- if (ac->send_samdb_events) {
+ if (audit_private->send_samdb_events) {
audit_message_send(
- ac->msg_ctx,
+ audit_private->msg_ctx,
DSDB_EVENT_NAME,
MSG_DSDB_LOG,
&json);
}
json_free(&json);
}
-#endif
TALLOC_FREE(ctx);
}
int status)
{
- struct audit_context *ac =
- talloc_get_type(ldb_module_get_private(module),
- struct audit_context);
+ struct audit_private *audit_private =
+ talloc_get_type_abort(ldb_module_get_private(module),
+ struct audit_private);
const char* reason = dsdb_audit_get_ldb_error_string(module, status);
const int log_level = TRANSACTION_LOG_FAILURE_LVL;
const struct timeval now = timeval_current();
- const int64_t duration = usec_time_diff(&now, &ac->transaction_start);
+ const int64_t duration = usec_time_diff(&now,
+ &audit_private->transaction_start);
TALLOC_CTX *ctx = talloc_new(NULL);
TRANSACTION_LOG_FAILURE_LVL);
TALLOC_FREE(entry);
}
-#ifdef HAVE_JANSSON
if (CHECK_DEBUGLVLC(DBGC_DSDB_TXN_AUDIT_JSON, log_level) ||
- (ac->msg_ctx && ac->send_samdb_events)) {
+ (audit_private->msg_ctx
+ && audit_private->send_samdb_events)) {
struct json_object json;
json = commit_failure_json(
action,
duration,
status,
reason,
- &ac->transaction_guid);
+ &audit_private->transaction_guid);
audit_log_json(
- TRANSACTION_JSON_TYPE,
&json,
DBGC_DSDB_TXN_AUDIT_JSON,
log_level);
- if (ac->send_samdb_events) {
- audit_message_send(ac->msg_ctx,
+ if (audit_private->send_samdb_events) {
+ audit_message_send(audit_private->msg_ctx,
DSDB_EVENT_NAME,
MSG_DSDB_LOG,
&json);
}
json_free(&json);
}
-#endif
TALLOC_FREE(ctx);
}
struct ldb_module *module,
struct ldb_request *req)
{
- struct audit_context *ac =
- talloc_get_type(ldb_module_get_private(module),
- struct audit_context);
+ struct audit_private *audit_private =
+ talloc_get_type_abort(ldb_module_get_private(module),
+ struct audit_private);
struct dsdb_control_transaction_identifier *transaction_id;
int ret;
struct ldb_context *ldb = ldb_module_get_ctx(module);
return ldb_oom(ldb);
}
- transaction_id->transaction_guid = ac->transaction_guid;
+ transaction_id->transaction_guid = audit_private->transaction_guid;
ret = ldb_request_add_control(req,
DSDB_CONTROL_TRANSACTION_IDENTIFIER_OID,
false,
*/
static int log_start_transaction(struct ldb_module *module)
{
- struct audit_context *ac =
- talloc_get_type(ldb_module_get_private(module),
- struct audit_context);
+ struct audit_private *audit_private =
+ talloc_get_type_abort(ldb_module_get_private(module),
+ struct audit_private);
/*
* We do not log transaction begins
* time so that we can log the transaction duration.
*
*/
- ac->transaction_guid = GUID_random();
- ac->transaction_start = timeval_current();
+ audit_private->transaction_guid = GUID_random();
+ audit_private->transaction_start = timeval_current();
return ldb_next_start_trans(module);
}
*/
static int log_end_transaction(struct ldb_module *module)
{
- struct audit_context *ac =
- talloc_get_type(ldb_module_get_private(module),
- struct audit_context);
+ struct audit_private *audit_private =
+ talloc_get_type_abort(ldb_module_get_private(module),
+ struct audit_private);
int ret = 0;
/*
* Clear the transaction id inserted by log_start_transaction
*/
- memset(&ac->transaction_guid, 0, sizeof(struct GUID));
+ audit_private->transaction_guid = GUID_zero();
return ret;
}
*/
static int log_del_transaction(struct ldb_module *module)
{
- struct audit_context *ac =
- talloc_get_type(ldb_module_get_private(module),
- struct audit_context);
+ struct audit_private *audit_private =
+ talloc_get_type_abort(ldb_module_get_private(module),
+ struct audit_private);
log_transaction(module, "rollback", TRANSACTION_LOG_FAILURE_LVL);
- memset(&ac->transaction_guid, 0, sizeof(struct GUID));
+ audit_private->transaction_guid = GUID_zero();
return ldb_next_del_trans(module);
}
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
- struct audit_context *context = NULL;
+ struct audit_private *audit_private = NULL;
struct loadparm_context *lp_ctx
= talloc_get_type_abort(ldb_get_opaque(ldb, "loadparm"),
struct loadparm_context);
- struct tevent_context *ec = ldb_get_event_context(ldb);
+ struct tevent_context *ev = ldb_get_event_context(ldb);
bool sdb_events = false;
bool pwd_events = false;
- context = talloc_zero(module, struct audit_context);
- if (context == NULL) {
+ audit_private = talloc_zero(module, struct audit_private);
+ if (audit_private == NULL) {
return ldb_module_oom(module);
}
pwd_events = lpcfg_dsdb_password_event_notification(lp_ctx);
}
if (sdb_events || pwd_events) {
- context->send_samdb_events = sdb_events;
- context->send_password_events = pwd_events;
- context->msg_ctx = imessaging_client_init(ec, lp_ctx, ec);
+ audit_private->send_samdb_events = sdb_events;
+ audit_private->send_password_events = pwd_events;
+ audit_private->msg_ctx
+ = imessaging_client_init(audit_private,
+ lp_ctx,
+ ev);
}
- ldb_module_set_private(module, context);
+ ldb_module_set_private(module, audit_private);
return ldb_next_init(module);
}