2 * Copyright (c) 2012 The FreeBSD Foundation
5 * This software was developed by Pawel Jakub Dawidek under sponsorship from
6 * the FreeBSD Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * $P4: //depot/projects/trustedbsd/openbsm/bin/auditdistd/auditdistd.h#2 $
32 #ifndef _AUDITDISTD_H_
33 #define _AUDITDISTD_H_
35 #include <sys/param.h>
36 #include <sys/queue.h>
37 #include <sys/socket.h>
39 #include <arpa/inet.h>
41 #include <netinet/in.h>
49 #include <compat/compat.h>
57 #define ADIST_VERSION 0
59 #define ADIST_ROLE_UNDEF 0
60 #define ADIST_ROLE_SENDER 1
61 #define ADIST_ROLE_RECEIVER 2
63 #define ADIST_USER "auditdistd"
64 #define ADIST_TIMEOUT 20
65 #define ADIST_CONFIG "/etc/security/auditdistd.conf"
66 #define ADIST_TCP_PORT "7878"
67 #define ADIST_LISTEN_TLS_TCP4 "tls://0.0.0.0:" ADIST_TCP_PORT
68 #define ADIST_LISTEN_TLS_TCP6 "tls://[::]:" ADIST_TCP_PORT
69 #define ADIST_PIDFILE "/var/run/auditdistd.pid"
70 #define ADIST_DIRECTORY_SENDER "/var/audit/dist"
71 #define ADIST_DIRECTORY_RECEIVER "/var/audit/remote"
72 #define ADIST_CERTFILE "/etc/security/auditdistd.cert.pem"
73 #define ADIST_KEYFILE "/etc/security/auditdistd.key.pem"
75 #define ADIST_ERROR_WRONG_ORDER 1
76 #define ADIST_ERROR_INVALID_NAME 2
77 #define ADIST_ERROR_OPEN_OLD 3
78 #define ADIST_ERROR_CREATE 4
79 #define ADIST_ERROR_OPEN 5
80 #define ADIST_ERROR_READ 6
81 #define ADIST_ERROR_WRITE 7
82 #define ADIST_ERROR_RENAME 8
84 #define ADIST_ADDRSIZE 1024
85 #define ADIST_HOSTSIZE 256
86 #define ADIST_PATHSIZE 256
87 #define ADIST_PASSWORDSIZE 128
88 #define ADIST_FINGERPRINTSIZE 256
90 /* Number of seconds to sleep between reconnect retries or keepalive packets. */
91 #define ADIST_KEEPALIVE 10
94 /* Address to listen on. */
95 char adl_addr[ADIST_ADDRSIZE];
96 /* Protocol-specific data. */
97 struct proto_conn *adl_conn;
98 TAILQ_ENTRY(adist_listen) adl_next;
101 struct adist_config {
103 char adc_name[ADIST_HOSTSIZE];
105 char adc_pidfile[PATH_MAX];
106 /* Connection timeout. */
108 /* Path to receiver's certificate file. */
109 char adc_certfile[PATH_MAX];
110 /* Path to receiver's private key file. */
111 char adc_keyfile[PATH_MAX];
112 /* List of addresses to listen on. */
113 TAILQ_HEAD(, adist_listen) adc_listen;
115 TAILQ_HEAD(, adist_host) adc_hosts;
118 #define ADIST_COMPRESSION_NONE 0
119 #define ADIST_COMPRESSION_LZF 1
121 #define ADIST_CHECKSUM_NONE 0
122 #define ADIST_CHECKSUM_CRC32 1
123 #define ADIST_CHECKSUM_SHA256 2
126 * Structure that describes single host (either sender or receiver).
130 char adh_name[ADIST_HOSTSIZE];
131 /* Host role: ADIST_ROLE_{SENDER,RECEIVER}. */
133 /* Protocol version negotiated. */
136 /* Local address to bind to. */
137 char adh_localaddr[ADIST_ADDRSIZE];
138 /* Address of the remote component. */
139 char adh_remoteaddr[ADIST_ADDRSIZE];
140 /* Connection with remote host. */
141 struct proto_conn *adh_remote;
142 /* Connection was reestablished, reset the state. */
146 * Directory from which audit trail files should be send in
147 * ADIST_ROLE_SENDER case or stored into in ADIST_ROLE_RECEIVER case.
149 char adh_directory[PATH_MAX];
150 /* Compression algorithm. Currently unused. */
152 /* Checksum algorithm. Currently unused. */
155 /* Sender's password. */
156 char adh_password[ADIST_PASSWORDSIZE];
157 /* Fingerprint of receiver's public key. */
158 char adh_fingerprint[ADIST_FINGERPRINTSIZE];
160 /* PID of child worker process. 0 - no child. */
161 pid_t adh_worker_pid;
162 /* Connection requests from sender to main. */
163 struct proto_conn *adh_conn;
165 /* Receiver-specific fields. */
166 char adh_trail_name[ADIST_PATHSIZE];
169 DIR *adh_trail_dirfp;
170 /* Sender-specific fields. */
171 uint64_t adh_trail_offset;
174 TAILQ_ENTRY(adist_host) adh_next;
177 #define ADIST_BYTEORDER_UNDEFINED 0
178 #define ADIST_BYTEORDER_LITTLE_ENDIAN 1
179 #define ADIST_BYTEORDER_BIG_ENDIAN 2
181 #if _BYTE_ORDER == _LITTLE_ENDIAN
182 #define ADIST_BYTEORDER ADIST_BYTEORDER_LITTLE_ENDIAN
183 #elif _BYTE_ORDER == _BIG_ENDIAN
184 #define ADIST_BYTEORDER ADIST_BYTEORDER_BIG_ENDIAN
186 #error Unknown byte order.
190 uint8_t adp_byteorder;
191 #define ADIST_CMD_UNDEFINED 0
192 #define ADIST_CMD_OPEN 1
193 #define ADIST_CMD_APPEND 2
194 #define ADIST_CMD_CLOSE 3
195 #define ADIST_CMD_KEEPALIVE 4
196 #define ADIST_CMD_ERROR 5
199 uint32_t adp_datasize;
200 unsigned char adp_data[0];
205 TAILQ_ENTRY(adreq) adr_next;
206 struct adpkt adr_packet;
209 #define adr_byteorder adr_packet.adp_byteorder
210 #define adr_cmd adr_packet.adp_cmd
211 #define adr_seq adr_packet.adp_seq
212 #define adr_datasize adr_packet.adp_datasize
213 #define adr_data adr_packet.adp_data
215 #define ADPKT_SIZE(adreq) (sizeof((adreq)->adr_packet) + (adreq)->adr_datasize)
218 uint8_t adrp_byteorder;
223 #define ADIST_QUEUE_SIZE 16
224 #define ADIST_BUF_SIZE 65536
226 #define QUEUE_TAKE(adreq, list, timeout) do { \
227 mtx_lock(list##_lock); \
228 if ((timeout) == 0) { \
229 while (((adreq) = TAILQ_FIRST(list)) == NULL) \
230 cv_wait(list##_cond, list##_lock); \
232 (adreq) = TAILQ_FIRST(list); \
233 if ((adreq) == NULL) { \
234 cv_timedwait(list##_cond, list##_lock, \
236 (adreq) = TAILQ_FIRST(list); \
239 if ((adreq) != NULL) \
240 TAILQ_REMOVE((list), (adreq), adr_next); \
241 mtx_unlock(list##_lock); \
243 #define QUEUE_INSERT(adreq, list) do { \
246 mtx_lock(list##_lock); \
247 _wakeup = TAILQ_EMPTY(list); \
248 TAILQ_INSERT_TAIL((list), (adreq), adr_next); \
249 mtx_unlock(list##_lock); \
251 cv_signal(list##_cond); \
253 #define QUEUE_WAIT(list) do { \
254 mtx_lock(list##_lock); \
255 while (TAILQ_EMPTY(list)) \
256 cv_wait(list##_cond, list##_lock); \
257 mtx_unlock(list##_lock); \
260 extern const char *cfgpath;
261 extern bool sigexit_received;
262 extern struct pidfh *pfh;
264 void descriptors_cleanup(struct adist_host *adhost);
265 void descriptors_assert(const struct adist_host *adhost, int pjdlogmode);
267 void adist_sender(struct adist_config *config, struct adist_host *adhost);
268 void adist_receiver(struct adist_config *config, struct adist_host *adhost);
270 struct adist_config *yy_config_parse(const char *config, bool exitonerror);
271 void yy_config_free(struct adist_config *config);
273 void yyerror(const char *);
276 #endif /* !_AUDITDISTD_H_ */