Mercurial > trustbridge
annotate common/logging.c @ 1029:6684e5012b7a
(issue98) Set integrity level to medium on restricted token and
evaluate it to determine if the process is elevated.
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Thu, 04 Sep 2014 11:00:55 +0200 |
parents | 698b6a9bd75e |
children |
rev | line source |
---|---|
404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
2 * Software engineering by Intevation GmbH | |
3 * | |
4 * This file is Free Software under the GNU GPL (v>=2) | |
5 * and comes with ABSOLUTELY NO WARRANTY! | |
6 * See LICENSE.txt for details. | |
7 */ | |
252
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
8 #include "logging.h" |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
9 #include "strhelp.h" |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
10 |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
11 #include <stdio.h> |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
12 #include <stdarg.h> |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
13 #include <stdbool.h> |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
14 |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
15 #include <strhelp.h> |
252
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
16 |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
17 #include <certhelp.h> |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
18 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
19 #include <polarssl/sha256.h> |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
20 |
252
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
21 #ifdef WIN32 |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
22 # include <windows.h> |
620
bc02ee484067
Add dummy logging with ressourced messages.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
616
diff
changeset
|
23 # include "events.h" |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
24 #else |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
25 # include <syslog.h> |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
26 #endif |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
27 |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
28 #ifdef WIN32 |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
29 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
30 /** @brief helper to prepare common logging information */ |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
31 static void |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
32 win_do_log(WORD type, WORD category, DWORD eventID, WORD numStrings, LPCWSTR *strings) |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
33 { |
616
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
34 HANDLE log_src = NULL, |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
35 process_token = NULL; |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
36 PTOKEN_USER user_struct = NULL; |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
37 PSID user_sid = NULL; |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
38 BOOL success = FALSE; |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
39 |
620
bc02ee484067
Add dummy logging with ressourced messages.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
616
diff
changeset
|
40 log_src = RegisterEventSourceW (NULL, L"" LOG_NAME); |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
41 |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
42 if (log_src == NULL) |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
43 { |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
44 PRINTLASTERROR ("Failed to open log source."); |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
45 return; |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
46 } |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
47 |
616
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
48 /* Get the current user sid for logging */ |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
49 OpenProcessToken (GetCurrentProcess(), TOKEN_READ, &process_token); |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
50 if (process_token) |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
51 { |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
52 DWORD size = 0; |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
53 |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
54 // check how much space is needed |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
55 GetTokenInformation (process_token, TokenUser, NULL, 0, &size); |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
56 if (ERROR_INSUFFICIENT_BUFFER == GetLastError()) |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
57 { |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
58 user_struct = xmalloc (size); |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
59 GetTokenInformation (process_token, TokenUser, user_struct, size, &size); |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
60 user_sid = user_struct->User.Sid; |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
61 } |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
62 } |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
63 |
620
bc02ee484067
Add dummy logging with ressourced messages.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
616
diff
changeset
|
64 success = ReportEventW (log_src, |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
65 type, |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
66 category, |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
67 eventID, |
616
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
68 user_sid, |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
69 numStrings, |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
70 0, |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
71 strings, |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
72 NULL); |
620
bc02ee484067
Add dummy logging with ressourced messages.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
616
diff
changeset
|
73 if (!success) |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
74 { |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
75 PRINTLASTERROR ("Failed to report event."); |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
76 } |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
77 |
616
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
78 if (process_token) |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
79 { |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
80 CloseHandle(process_token); |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
81 } |
0172740f5c6e
Include user information in windows event log messages
Andre Heinecke <andre.heinecke@intevation.de>
parents:
615
diff
changeset
|
82 xfree (user_struct); |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
83 |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
84 if (!DeregisterEventSource (log_src)) |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
85 { |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
86 PRINTLASTERROR ("Failed to close log source."); |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
87 } |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
88 } |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
89 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
90 static void |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
91 win_log(const char *format, va_list ap, bool error) |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
92 { |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
93 wchar_t *wmsg = NULL; |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
94 char buffer[MAX_LOG+1]; |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
95 vsnprintf (buffer, MAX_LOG, format, ap); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
96 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
97 buffer[MAX_LOG] = '\0'; |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
98 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
99 wmsg = utf8_to_wchar (buffer, strlen(buffer)); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
100 if (wmsg == NULL) |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
101 { |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
102 ERRORPRINTF ("Failed to convert log message to utf-16"); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
103 return; |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
104 } |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
105 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
106 win_do_log (error ? EVENTLOG_ERROR_TYPE : EVENTLOG_INFORMATION_TYPE, |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
107 EVENT_CAT_TB, |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
108 error ? MSG_DEFAULT_ERROR : MSG_DEFAULT_INFO, |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
109 1, |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
110 (const WCHAR **) &wmsg); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
111 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
112 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
113 xfree (wmsg); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
114 |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
115 return; |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
116 } |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
117 |
252
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
118 char * |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
119 getLastErrorMsg() |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
120 { |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
121 LPWSTR bufPtr = NULL; |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
122 DWORD err = GetLastError(); |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
123 char *retval = NULL; |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
124 FormatMessageW (FORMAT_MESSAGE_ALLOCATE_BUFFER | |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
125 FORMAT_MESSAGE_FROM_SYSTEM | |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
126 FORMAT_MESSAGE_IGNORE_INSERTS, |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
127 NULL, err, 0, (LPWSTR) &bufPtr, 0, NULL); |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
128 if (!bufPtr) |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
129 { |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
130 HMODULE hWinhttp = GetModuleHandleW (L"crypt32"); |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
131 if (hWinhttp) |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
132 { |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
133 FormatMessageW (FORMAT_MESSAGE_ALLOCATE_BUFFER | |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
134 FORMAT_MESSAGE_FROM_HMODULE | |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
135 FORMAT_MESSAGE_IGNORE_INSERTS, |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
136 hWinhttp, HRESULT_CODE (err), 0, |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
137 (LPWSTR) &bufPtr, 0, NULL); |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
138 } |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
139 } |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
140 if (!bufPtr) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
141 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
142 fprintf (stderr, "Error getting last error for code: %lx \n", err); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
143 return NULL; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
144 } |
252
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
145 |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
146 retval = wchar_to_utf8(bufPtr, wcslen(bufPtr)); |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
147 LocalFree (bufPtr); |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
148 |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
149 return retval; |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
150 } |
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
151 |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
152 #else /* WIN32 */ |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
153 |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
154 static void |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
155 linux_log (const char *format, va_list ap, bool error) |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
156 { |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
157 openlog (LOG_NAME, LOG_CONS | LOG_PID | LOG_NDELAY, LOG_USER); |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
158 vsyslog ( error ? LOG_ERR : LOG_INFO, format, ap); |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
159 } |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
160 |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
161 #endif /* WIN32 */ |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
162 |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
163 void |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
164 log_certificate(const char* store, char *b64cert, bool install) |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
165 { |
625
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
166 char *der_data = NULL; |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
167 size_t der_size = 0; |
625
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
168 int ret = 0; |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
169 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
170 ret = str_base64_decode (&der_data, &der_size, b64cert, strlen(b64cert)); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
171 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
172 if (ret != 0) |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
173 { |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
174 ERRORPRINTF ("Error decoding certificate.\n"); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
175 return; |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
176 } |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
177 |
625
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
178 log_certificate_der (store, (unsigned char *) der_data, der_size, install); |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
179 |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
180 xfree (der_data); |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
181 } |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
182 |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
183 void |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
184 log_certificate_der(const char *store, unsigned char *der_data, size_t der_size, bool install) |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
185 { |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
186 char subject[MAX_LOG + 1]; |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
187 int ret = 0, |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
188 i = 0; |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
189 x509_crt chain; |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
190 unsigned char sha256sum[32]; |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
191 char fingerprint[32 * 3 + 1]; |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
192 |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
193 x509_crt_init(&chain); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
194 if (x509_crt_parse_der(&chain, (const unsigned char *)der_data, |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
195 der_size) != 0) |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
196 { |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
197 ERRORPRINTF("Failed to parse cert.."); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
198 return; |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
199 } |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
200 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
201 ret = x509_dn_gets(subject, MAX_LOG, &(chain.subject)); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
202 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
203 if (ret == -1) |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
204 { |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
205 ERRORPRINTF("Failed to parse subject.."); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
206 return; |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
207 } |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
208 subject[MAX_LOG] = '\0'; |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
209 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
210 sha256 (chain.raw.p, chain.raw.len, sha256sum, 0); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
211 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
212 for (i = 0; i < 31; i++) |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
213 { |
625
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
214 snprintf (fingerprint + (i * 3), 4, "%02X:", sha256sum[i]); |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
215 } |
625
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
216 snprintf (fingerprint + (31 * 3), 3, "%02X", sha256sum[31]); |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
217 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
218 fingerprint[32*3] = '\0'; |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
219 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
220 #ifdef WIN32 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
221 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
222 wchar_t *wstrings[3]; |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
223 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
224 wstrings[0] = utf8_to_wchar (subject, strnlen (subject, MAX_LOG)); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
225 wstrings[1] = utf8_to_wchar (fingerprint, strnlen (fingerprint, MAX_LOG)); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
226 wstrings[2] = utf8_to_wchar (store, strnlen (store, MAX_LOG)); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
227 |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
228 win_do_log (EVENTLOG_INFORMATION_TYPE, |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
229 EVENT_CAT_CINST, |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
230 install ? MSG_CERT_INSTALL : MSG_CERT_REMOVE, |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
231 3, |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
232 (const WCHAR**) wstrings); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
233 xfree (wstrings[0]); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
234 xfree (wstrings[1]); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
235 xfree (wstrings[2]); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
625
diff
changeset
|
236 } |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
237 #else |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
238 /* Please keep the following line in line with message from events.mc */ |
625
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
239 syslog_info_printf ("%s of root certificate: %s Sha256 thumbprint:<%s>. Certificate store \"%s\"", |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
240 install ? "Installation" : "Removal", |
2303caf56dbb
Add logging function for der data and add logging to NSS installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
623
diff
changeset
|
241 subject, fingerprint, store); |
623
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
242 #endif |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
243 x509_crt_free (&chain); |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
244 } |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
245 |
5042ace08cba
Add certificate specific logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
620
diff
changeset
|
246 void |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
247 syslog_info_printf(const char *format, ...) |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
248 { |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
249 va_list args; |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
250 va_start (args, format); |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
251 #ifdef WIN32 |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
252 win_log (format, args, false); |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
253 #else |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
254 linux_log (format, args, false); |
252
bd7fb50078b4
Add logging.h for some logging / debug functions
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
255 #endif |
615
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
256 va_end (args); |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
257 } |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
258 |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
259 void |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
260 syslog_error_printf(const char *format, ...) |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
261 { |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
262 va_list args; |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
263 va_start (args, format); |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
264 #ifdef WIN32 |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
265 win_log (format, args, true); |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
266 #else |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
267 linux_log (format, args, true); |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
268 #endif |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
269 va_end (args); |
2a4f7364ab81
Add first simple event logging functions
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
270 } |