1243730Srwatson/*- 2243730Srwatson * Copyright (c) 2012 The FreeBSD Foundation 3243730Srwatson * All rights reserved. 4243730Srwatson * 5243730Srwatson * This software was developed by Pawel Jakub Dawidek under sponsorship from 6243730Srwatson * the FreeBSD Foundation. 7243730Srwatson * 8243730Srwatson * Redistribution and use in source and binary forms, with or without 9243730Srwatson * modification, are permitted provided that the following conditions 10243730Srwatson * are met: 11243730Srwatson * 1. Redistributions of source code must retain the above copyright 12243730Srwatson * notice, this list of conditions and the following disclaimer. 13243730Srwatson * 2. Redistributions in binary form must reproduce the above copyright 14243730Srwatson * notice, this list of conditions and the following disclaimer in the 15243730Srwatson * documentation and/or other materials provided with the distribution. 16243730Srwatson * 17243730Srwatson * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND 18243730Srwatson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19243730Srwatson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20243730Srwatson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE 21243730Srwatson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22243730Srwatson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23243730Srwatson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24243730Srwatson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25243730Srwatson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26243730Srwatson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27243730Srwatson * SUCH DAMAGE. 28243730Srwatson * 29243730Srwatson * $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#2 $ 30243730Srwatson */ 31243730Srwatson 32243730Srwatson#ifndef _AUDITDISTD_H_ 33243730Srwatson#define _AUDITDISTD_H_ 34243730Srwatson 35243730Srwatson#include <sys/param.h> 36243730Srwatson#include <sys/queue.h> 37243730Srwatson#include <sys/socket.h> 38243730Srwatson 39243730Srwatson#include <arpa/inet.h> 40243730Srwatson 41243730Srwatson#include <netinet/in.h> 42243730Srwatson 43243730Srwatson#include <dirent.h> 44243730Srwatson#include <limits.h> 45243730Srwatson#include <pthread.h> 46243730Srwatson#include <stdbool.h> 47243730Srwatson#include <stdint.h> 48243730Srwatson 49243730Srwatson#include <compat/compat.h> 50243730Srwatson 51243730Srwatson#include "proto.h" 52243730Srwatson 53243730Srwatson/* 54243730Srwatson * Version history: 55243730Srwatson * 0 - initial version 56243730Srwatson */ 57243730Srwatson#define ADIST_VERSION 0 58243730Srwatson 59243730Srwatson#define ADIST_ROLE_UNDEF 0 60243730Srwatson#define ADIST_ROLE_SENDER 1 61243730Srwatson#define ADIST_ROLE_RECEIVER 2 62243730Srwatson 63243730Srwatson#define ADIST_USER "auditdistd" 64243730Srwatson#define ADIST_TIMEOUT 20 65243730Srwatson#define ADIST_CONFIG "/etc/security/auditdistd.conf" 66243730Srwatson#define ADIST_TCP_PORT "7878" 67243730Srwatson#define ADIST_LISTEN_TLS_TCP4 "tls://0.0.0.0:" ADIST_TCP_PORT 68243730Srwatson#define ADIST_LISTEN_TLS_TCP6 "tls://[::]:" ADIST_TCP_PORT 69243730Srwatson#define ADIST_PIDFILE "/var/run/auditdistd.pid" 70243730Srwatson#define ADIST_DIRECTORY_SENDER "/var/audit/dist" 71243730Srwatson#define ADIST_DIRECTORY_RECEIVER "/var/audit/remote" 72243730Srwatson#define ADIST_CERTFILE "/etc/security/auditdistd.cert.pem" 73243730Srwatson#define ADIST_KEYFILE "/etc/security/auditdistd.key.pem" 74243730Srwatson 75243730Srwatson#define ADIST_ERROR_WRONG_ORDER 1 76243730Srwatson#define ADIST_ERROR_INVALID_NAME 2 77243730Srwatson#define ADIST_ERROR_OPEN_OLD 3 78243730Srwatson#define ADIST_ERROR_CREATE 4 79243730Srwatson#define ADIST_ERROR_OPEN 5 80243730Srwatson#define ADIST_ERROR_READ 6 81243730Srwatson#define ADIST_ERROR_WRITE 7 82243730Srwatson#define ADIST_ERROR_RENAME 8 83243730Srwatson 84243730Srwatson#define ADIST_ADDRSIZE 1024 85243730Srwatson#define ADIST_HOSTSIZE 256 86243730Srwatson#define ADIST_PATHSIZE 256 87243730Srwatson#define ADIST_PASSWORDSIZE 128 88243730Srwatson#define ADIST_FINGERPRINTSIZE 256 89243730Srwatson 90243730Srwatson/* Number of seconds to sleep between reconnect retries or keepalive packets. */ 91243730Srwatson#define ADIST_KEEPALIVE 10 92243730Srwatson 93243730Srwatsonstruct adist_listen { 94243730Srwatson /* Address to listen on. */ 95243730Srwatson char adl_addr[ADIST_ADDRSIZE]; 96243730Srwatson /* Protocol-specific data. */ 97243730Srwatson struct proto_conn *adl_conn; 98243730Srwatson TAILQ_ENTRY(adist_listen) adl_next; 99243730Srwatson}; 100243730Srwatson 101243730Srwatsonstruct adist_config { 102243730Srwatson /* Our name. */ 103243730Srwatson char adc_name[ADIST_HOSTSIZE]; 104243730Srwatson /* PID file path. */ 105243730Srwatson char adc_pidfile[PATH_MAX]; 106243730Srwatson /* Connection timeout. */ 107243730Srwatson int adc_timeout; 108243730Srwatson /* Path to receiver's certificate file. */ 109243730Srwatson char adc_certfile[PATH_MAX]; 110243730Srwatson /* Path to receiver's private key file. */ 111243730Srwatson char adc_keyfile[PATH_MAX]; 112243730Srwatson /* List of addresses to listen on. */ 113243730Srwatson TAILQ_HEAD(, adist_listen) adc_listen; 114243730Srwatson /* List of hosts. */ 115243730Srwatson TAILQ_HEAD(, adist_host) adc_hosts; 116243730Srwatson}; 117243730Srwatson 118243730Srwatson#define ADIST_COMPRESSION_NONE 0 119243730Srwatson#define ADIST_COMPRESSION_LZF 1 120243730Srwatson 121243730Srwatson#define ADIST_CHECKSUM_NONE 0 122243730Srwatson#define ADIST_CHECKSUM_CRC32 1 123243730Srwatson#define ADIST_CHECKSUM_SHA256 2 124243730Srwatson 125243730Srwatson/* 126243730Srwatson * Structure that describes single host (either sender or receiver). 127243730Srwatson */ 128243730Srwatsonstruct adist_host { 129243730Srwatson /* Host name. */ 130243730Srwatson char adh_name[ADIST_HOSTSIZE]; 131243730Srwatson /* Host role: ADIST_ROLE_{SENDER,RECEIVER}. */ 132243730Srwatson int adh_role; 133243730Srwatson /* Protocol version negotiated. */ 134243730Srwatson int adh_version; 135243730Srwatson 136243730Srwatson /* Local address to bind to. */ 137243730Srwatson char adh_localaddr[ADIST_ADDRSIZE]; 138243730Srwatson /* Address of the remote component. */ 139243730Srwatson char adh_remoteaddr[ADIST_ADDRSIZE]; 140243730Srwatson /* Connection with remote host. */ 141243730Srwatson struct proto_conn *adh_remote; 142243730Srwatson /* Connection was reestablished, reset the state. */ 143243730Srwatson bool adh_reset; 144243730Srwatson 145243730Srwatson /* 146243730Srwatson * Directory from which audit trail files should be send in 147243730Srwatson * ADIST_ROLE_SENDER case or stored into in ADIST_ROLE_RECEIVER case. 148243730Srwatson */ 149243730Srwatson char adh_directory[PATH_MAX]; 150243730Srwatson /* Compression algorithm. Currently unused. */ 151243730Srwatson int adh_compression; 152243730Srwatson /* Checksum algorithm. Currently unused. */ 153243730Srwatson int adh_checksum; 154243730Srwatson 155243730Srwatson /* Sender's password. */ 156243730Srwatson char adh_password[ADIST_PASSWORDSIZE]; 157243730Srwatson /* Fingerprint of receiver's public key. */ 158243730Srwatson char adh_fingerprint[ADIST_FINGERPRINTSIZE]; 159243730Srwatson 160243730Srwatson /* PID of child worker process. 0 - no child. */ 161243730Srwatson pid_t adh_worker_pid; 162243730Srwatson /* Connection requests from sender to main. */ 163243730Srwatson struct proto_conn *adh_conn; 164243730Srwatson 165243730Srwatson /* Receiver-specific fields. */ 166243730Srwatson char adh_trail_name[ADIST_PATHSIZE]; 167243730Srwatson int adh_trail_fd; 168243730Srwatson int adh_trail_dirfd; 169243730Srwatson DIR *adh_trail_dirfp; 170243730Srwatson /* Sender-specific fields. */ 171243730Srwatson uint64_t adh_trail_offset; 172243730Srwatson 173243730Srwatson /* Next resource. */ 174243730Srwatson TAILQ_ENTRY(adist_host) adh_next; 175243730Srwatson}; 176243730Srwatson 177243730Srwatson#define ADIST_BYTEORDER_UNDEFINED 0 178243730Srwatson#define ADIST_BYTEORDER_LITTLE_ENDIAN 1 179243730Srwatson#define ADIST_BYTEORDER_BIG_ENDIAN 2 180243730Srwatson 181243730Srwatson#if _BYTE_ORDER == _LITTLE_ENDIAN 182243730Srwatson#define ADIST_BYTEORDER ADIST_BYTEORDER_LITTLE_ENDIAN 183243730Srwatson#elif _BYTE_ORDER == _BIG_ENDIAN 184243730Srwatson#define ADIST_BYTEORDER ADIST_BYTEORDER_BIG_ENDIAN 185243730Srwatson#else 186243730Srwatson#error Unknown byte order. 187243730Srwatson#endif 188243730Srwatson 189243730Srwatsonstruct adpkt { 190243730Srwatson uint8_t adp_byteorder; 191243730Srwatson#define ADIST_CMD_UNDEFINED 0 192243730Srwatson#define ADIST_CMD_OPEN 1 193243730Srwatson#define ADIST_CMD_APPEND 2 194243730Srwatson#define ADIST_CMD_CLOSE 3 195243730Srwatson#define ADIST_CMD_KEEPALIVE 4 196243730Srwatson#define ADIST_CMD_ERROR 5 197243730Srwatson uint8_t adp_cmd; 198243730Srwatson uint64_t adp_seq; 199243730Srwatson uint32_t adp_datasize; 200243730Srwatson unsigned char adp_data[0]; 201243730Srwatson} __packed; 202243730Srwatson 203243730Srwatsonstruct adreq { 204243730Srwatson int adr_error; 205243730Srwatson TAILQ_ENTRY(adreq) adr_next; 206243730Srwatson struct adpkt adr_packet; 207243730Srwatson}; 208243730Srwatson 209243730Srwatson#define adr_byteorder adr_packet.adp_byteorder 210243730Srwatson#define adr_cmd adr_packet.adp_cmd 211243730Srwatson#define adr_seq adr_packet.adp_seq 212243730Srwatson#define adr_datasize adr_packet.adp_datasize 213243730Srwatson#define adr_data adr_packet.adp_data 214243730Srwatson 215243730Srwatson#define ADPKT_SIZE(adreq) (sizeof((adreq)->adr_packet) + (adreq)->adr_datasize) 216243730Srwatson 217243730Srwatsonstruct adrep { 218243730Srwatson uint8_t adrp_byteorder; 219243730Srwatson uint64_t adrp_seq; 220243730Srwatson uint16_t adrp_error; 221243730Srwatson} __packed; 222243730Srwatson 223243730Srwatson#define ADIST_QUEUE_SIZE 16 224243730Srwatson#define ADIST_BUF_SIZE 65536 225243730Srwatson 226243730Srwatson#define QUEUE_TAKE(adreq, list, timeout) do { \ 227243730Srwatson mtx_lock(list##_lock); \ 228243730Srwatson if ((timeout) == 0) { \ 229243730Srwatson while (((adreq) = TAILQ_FIRST(list)) == NULL) \ 230243730Srwatson cv_wait(list##_cond, list##_lock); \ 231243730Srwatson } else { \ 232243730Srwatson (adreq) = TAILQ_FIRST(list); \ 233243730Srwatson if ((adreq) == NULL) { \ 234243730Srwatson cv_timedwait(list##_cond, list##_lock, \ 235243730Srwatson (timeout)); \ 236243730Srwatson (adreq) = TAILQ_FIRST(list); \ 237243730Srwatson } \ 238243730Srwatson } \ 239243730Srwatson if ((adreq) != NULL) \ 240243730Srwatson TAILQ_REMOVE((list), (adreq), adr_next); \ 241243730Srwatson mtx_unlock(list##_lock); \ 242243730Srwatson} while (0) 243243730Srwatson#define QUEUE_INSERT(adreq, list) do { \ 244243730Srwatson bool _wakeup; \ 245243730Srwatson \ 246243730Srwatson mtx_lock(list##_lock); \ 247243730Srwatson _wakeup = TAILQ_EMPTY(list); \ 248243730Srwatson TAILQ_INSERT_TAIL((list), (adreq), adr_next); \ 249243730Srwatson mtx_unlock(list##_lock); \ 250243730Srwatson if (_wakeup) \ 251243730Srwatson cv_signal(list##_cond); \ 252243730Srwatson} while (0) 253243730Srwatson#define QUEUE_WAIT(list) do { \ 254243730Srwatson mtx_lock(list##_lock); \ 255243730Srwatson while (TAILQ_EMPTY(list)) \ 256243730Srwatson cv_wait(list##_cond, list##_lock); \ 257243730Srwatson mtx_unlock(list##_lock); \ 258243730Srwatson} while (0) 259243730Srwatson 260243730Srwatsonextern const char *cfgpath; 261243730Srwatsonextern bool sigexit_received; 262243730Srwatsonextern struct pidfh *pfh; 263243730Srwatson 264243730Srwatsonvoid descriptors_cleanup(struct adist_host *adhost); 265243730Srwatsonvoid descriptors_assert(const struct adist_host *adhost, int pjdlogmode); 266243730Srwatson 267243730Srwatsonvoid adist_sender(struct adist_config *config, struct adist_host *adhost); 268243730Srwatsonvoid adist_receiver(struct adist_config *config, struct adist_host *adhost); 269243730Srwatson 270243730Srwatsonstruct adist_config *yy_config_parse(const char *config, bool exitonerror); 271243730Srwatsonvoid yy_config_free(struct adist_config *config); 272243730Srwatson 273243730Srwatsonvoid yyerror(const char *); 274243730Srwatsonint yylex(void); 275243730Srwatson 276243730Srwatson#endif /* !_AUDITDISTD_H_ */ 277