LCOV - code coverage report
Current view: top level - source3/lib - audit.c (source / functions) Hit Total Coverage
Test: coverage report for abartlet/fix-coverage dd10fb34 Lines: 0 53 0.0 %
Date: 2021-09-23 10:06:22 Functions: 0 5 0.0 %

          Line data    Source code
       1             : /*
       2             :    Unix SMB/CIFS implementation.
       3             :    Auditing helper functions.
       4             :    Copyright (C) Guenther Deschner 2006
       5             : 
       6             :    This program is free software; you can redistribute it and/or modify
       7             :    it under the terms of the GNU General Public License as published by
       8             :    the Free Software Foundation; either version 3 of the License, or
       9             :    (at your option) any later version.
      10             : 
      11             :    This program is distributed in the hope that it will be useful,
      12             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      13             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      14             :    GNU General Public License for more details.
      15             : 
      16             :    You should have received a copy of the GNU General Public License
      17             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      18             : */
      19             : 
      20             : #include "includes.h"
      21             : #include "../librpc/gen_ndr/lsa.h"
      22             : 
      23             : static const struct audit_category_tab {
      24             :         uint32_t category;
      25             :         const char *category_str;
      26             :         const char *param_str;
      27             :         const char *description;
      28             : } audit_category_tab [] = {
      29             :         { LSA_AUDIT_CATEGORY_LOGON, 
      30             :          "LSA_AUDIT_CATEGORY_LOGON", 
      31             :          "LOGON", "Logon events" },
      32             :         { LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS, 
      33             :          "LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS", 
      34             :          "PRIVILEGE", "Privilege Use" },
      35             :         { LSA_AUDIT_CATEGORY_SYSTEM, 
      36             :          "LSA_AUDIT_CATEGORY_SYSTEM", 
      37             :          "SYSTEM", "System Events" },
      38             :         { LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES, 
      39             :          "LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES", 
      40             :          "POLICY", "Policy Change" },
      41             :         { LSA_AUDIT_CATEGORY_PROCCESS_TRACKING, 
      42             :          "LSA_AUDIT_CATEGORY_PROCCESS_TRACKING", 
      43             :          "PROCESS", "Process Tracking" },
      44             :         { LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS, 
      45             :          "LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS", 
      46             :          "OBJECT", "Object Access" },
      47             :         { LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT, 
      48             :          "LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT", 
      49             :          "SAM", "Account Management" },
      50             :         { LSA_AUDIT_CATEGORY_DIRECTORY_SERVICE_ACCESS, 
      51             :          "LSA_AUDIT_CATEGORY_DIRECTORY_SERVICE_ACCESS", 
      52             :          "DIRECTORY", "Directory service access" },
      53             :         { LSA_AUDIT_CATEGORY_ACCOUNT_LOGON, 
      54             :          "LSA_AUDIT_CATEGORY_ACCOUNT_LOGON", 
      55             :          "ACCOUNT", "Account logon events" },
      56             :         { .category = 0 }
      57             : };
      58             : 
      59           0 : const char *audit_category_str(uint32_t category)
      60             : {
      61             :         int i;
      62           0 :         for (i=0; audit_category_tab[i].category_str; i++) {
      63           0 :                 if (category == audit_category_tab[i].category) {
      64           0 :                         return audit_category_tab[i].category_str;
      65             :                 }
      66             :         }
      67           0 :         return NULL;
      68             : }
      69             : 
      70           0 : const char *audit_param_str(uint32_t category)
      71             : {
      72             :         int i;
      73           0 :         for (i=0; audit_category_tab[i].param_str; i++) {
      74           0 :                 if (category == audit_category_tab[i].category) {
      75           0 :                         return audit_category_tab[i].param_str;
      76             :                 }
      77             :         }
      78           0 :         return NULL;
      79             : }
      80             : 
      81           0 : const char *audit_description_str(uint32_t category)
      82             : {
      83             :         int i;
      84           0 :         for (i=0; audit_category_tab[i].description; i++) {
      85           0 :                 if (category == audit_category_tab[i].category) {
      86           0 :                         return audit_category_tab[i].description;
      87             :                 }
      88             :         }
      89           0 :         return NULL;
      90             : }
      91             : 
      92           0 : bool get_audit_category_from_param(const char *param, uint32_t *audit_category)
      93             : {
      94           0 :         *audit_category = Undefined;
      95             : 
      96           0 :         if (strequal(param, "SYSTEM")) {
      97           0 :                 *audit_category = LSA_AUDIT_CATEGORY_SYSTEM;
      98           0 :         } else if (strequal(param, "LOGON")) {
      99           0 :                 *audit_category = LSA_AUDIT_CATEGORY_LOGON;
     100           0 :         } else if (strequal(param, "OBJECT")) {
     101           0 :                 *audit_category = LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS;
     102           0 :         } else if (strequal(param, "PRIVILEGE")) {
     103           0 :                 *audit_category = LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS;
     104           0 :         } else if (strequal(param, "PROCESS")) {
     105           0 :                 *audit_category = LSA_AUDIT_CATEGORY_PROCCESS_TRACKING;
     106           0 :         } else if (strequal(param, "POLICY")) {
     107           0 :                 *audit_category = LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES;
     108           0 :         } else if (strequal(param, "SAM")) {
     109           0 :                 *audit_category = LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT;
     110           0 :         } else if (strequal(param, "DIRECTORY")) {
     111           0 :                 *audit_category = LSA_AUDIT_CATEGORY_DIRECTORY_SERVICE_ACCESS;
     112           0 :         } else if (strequal(param, "ACCOUNT")) {
     113           0 :                 *audit_category = LSA_AUDIT_CATEGORY_ACCOUNT_LOGON;
     114             :         } else {
     115           0 :                 DEBUG(0,("unknown parameter: %s\n", param));
     116           0 :                 return False;
     117             :         }
     118             : 
     119           0 :         return True;
     120             : }
     121             : 
     122           0 : const char *audit_policy_str(TALLOC_CTX *mem_ctx, uint32_t policy)
     123             : {
     124           0 :         const char *ret = NULL;
     125             : 
     126           0 :         if (policy == LSA_AUDIT_POLICY_NONE) {
     127           0 :                 return talloc_strdup(mem_ctx, "None");
     128             :         }
     129             : 
     130           0 :         if (policy & LSA_AUDIT_POLICY_SUCCESS) {
     131           0 :                 ret = talloc_strdup(mem_ctx, "Success");
     132           0 :                 if (ret == NULL) {
     133           0 :                         return NULL;
     134             :                 }
     135             :         }
     136             : 
     137           0 :         if (policy & LSA_AUDIT_POLICY_FAILURE) {
     138           0 :                 if (ret) {
     139           0 :                         ret = talloc_asprintf(mem_ctx, "%s, %s", ret, "Failure");
     140           0 :                         if (ret == NULL) {
     141           0 :                                 return NULL;
     142             :                         }
     143             :                 } else {
     144           0 :                         return talloc_strdup(mem_ctx, "Failure");
     145             :                 }
     146             :         }
     147             : 
     148           0 :         return ret;
     149             : }

Generated by: LCOV version 1.13