Mercurial > trustbridge

comparison common/logging.c @ 623:5042ace08cba

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add certificate specific logging functions
author Andre Heinecke <andre.heinecke@intevation.de>
date Fri, 20 Jun 2014 12:17:32 +0200
parents bc02ee484067
children 2303caf56dbb
comparison
equal deleted inserted replaced
622:c0f988e3df9f 623:5042ace08cba
12 #include <stdarg.h> 12 #include <stdarg.h>
13 #include <stdbool.h> 13 #include <stdbool.h>
14 14
15 #include <strhelp.h> 15 #include <strhelp.h>
16 16
17 #include <certhelp.h>
18
19 #include <polarssl/sha256.h>
20
17 #ifdef WIN32 21 #ifdef WIN32
18 # include <windows.h> 22 # include <windows.h>
19 # include "events.h" 23 # include "events.h"
20 #else 24 #else
21 # include <syslog.h> 25 # include <syslog.h>
22 #endif 26 #endif
23 27
24 28 #ifdef WIN32
25 #ifdef WIN32 29
30 /** @brief helper to prepare common logging information */
26 static void 31 static void
27 win_log(const char *format, va_list ap, bool error) 32 win_do_log(WORD type, WORD category, DWORD eventID, WORD numStrings, LPCWSTR *strings)
28 { 33 {
29 HANDLE log_src = NULL, 34 HANDLE log_src = NULL,
30 process_token = NULL; 35 process_token = NULL;
31 wchar_t *wmsg = NULL;
32 BOOL success = FALSE;
33 char buffer[MAX_LOG+1];
34 PTOKEN_USER user_struct = NULL; 36 PTOKEN_USER user_struct = NULL;
35 PSID user_sid = NULL; 37 PSID user_sid = NULL;
36 38 BOOL success = FALSE;
37 vsnprintf (buffer, MAX_LOG, format, ap);
38 buffer[MAX_LOG] = '\0';
39 39
40 log_src = RegisterEventSourceW (NULL, L"" LOG_NAME); 40 log_src = RegisterEventSourceW (NULL, L"" LOG_NAME);
41 41
42 if (log_src == NULL) 42 if (log_src == NULL)
43 { 43 {
44 PRINTLASTERROR ("Failed to open log source."); 44 PRINTLASTERROR ("Failed to open log source.");
45 return; 45 return;
46 } 46 }
47 47
48 wmsg = utf8_to_wchar (buffer, strlen(buffer));
49 if (wmsg == NULL)
50 {
51 ERRORPRINTF ("Failed to convert log message to utf-16");
52 goto done;
53 }
54
55 /* Get the current user sid for logging */ 48 /* Get the current user sid for logging */
56
57 OpenProcessToken (GetCurrentProcess(), TOKEN_READ, &process_token); 49 OpenProcessToken (GetCurrentProcess(), TOKEN_READ, &process_token);
58 if (process_token) 50 if (process_token)
59 { 51 {
60 DWORD size = 0; 52 DWORD size = 0;
61 53
67 GetTokenInformation (process_token, TokenUser, user_struct, size, &size); 59 GetTokenInformation (process_token, TokenUser, user_struct, size, &size);
68 user_sid = user_struct->User.Sid; 60 user_sid = user_struct->User.Sid;
69 } 61 }
70 } 62 }
71 63
72
73 success = ReportEventW (log_src, 64 success = ReportEventW (log_src,
74 error ? EVENTLOG_ERROR_TYPE : EVENTLOG_INFORMATION_TYPE, 65 type,
75 EVENT_CAT_TB, 66 category,
76 error ? MSG_DEFAULT_ERROR : MSG_DEFAULT_INFO, 67 eventID,
77 user_sid, 68 user_sid,
78 1, 69 numStrings,
79 0, 70 0,
80 (const WCHAR **) &wmsg, 71 strings,
81 NULL); 72 NULL);
82 if (!success) 73 if (!success)
83 { 74 {
84 PRINTLASTERROR ("Failed to report event."); 75 PRINTLASTERROR ("Failed to report event.");
85 } 76 }
86 77
87 done:
88 if (process_token) 78 if (process_token)
89 { 79 {
90 CloseHandle(process_token); 80 CloseHandle(process_token);
91 } 81 }
92 xfree (user_struct); 82 xfree (user_struct);
83
84 if (!DeregisterEventSource (log_src))
85 {
86 PRINTLASTERROR ("Failed to close log source.");
87 }
88 }
89
90 static void
91 win_log(const char *format, va_list ap, bool error)
92 {
93 wchar_t *wmsg = NULL;
94 char buffer[MAX_LOG+1];
95 vsnprintf (buffer, MAX_LOG, format, ap);
96
97 buffer[MAX_LOG] = '\0';
98
99 wmsg = utf8_to_wchar (buffer, strlen(buffer));
100 if (wmsg == NULL)
101 {
102 ERRORPRINTF ("Failed to convert log message to utf-16");
103 return;
104 }
105
106 win_do_log (error ? EVENTLOG_ERROR_TYPE : EVENTLOG_INFORMATION_TYPE,
107 EVENT_CAT_TB,
108 error ? MSG_DEFAULT_ERROR : MSG_DEFAULT_INFO,
109 1,
110 (const WCHAR **) &wmsg);
111
112
93 xfree (wmsg); 113 xfree (wmsg);
94 114
95 if (!DeregisterEventSource (log_src))
96 {
97 PRINTLASTERROR ("Failed to close log source.");
98 }
99 return; 115 return;
100 } 116 }
101 117
102 char * 118 char *
103 getLastErrorMsg() 119 getLastErrorMsg()
132 return retval; 148 return retval;
133 } 149 }
134 150
135 #else /* WIN32 */ 151 #else /* WIN32 */
136 152
137
138 static void 153 static void
139 linux_log (const char *format, va_list ap, bool error) 154 linux_log (const char *format, va_list ap, bool error)
140 { 155 {
141 openlog (LOG_NAME, LOG_CONS | LOG_PID | LOG_NDELAY, LOG_USER); 156 openlog (LOG_NAME, LOG_CONS | LOG_PID | LOG_NDELAY, LOG_USER);
142 vsyslog ( error ? LOG_ERR : LOG_INFO, format, ap); 157 vsyslog ( error ? LOG_ERR : LOG_INFO, format, ap);
143 } 158 }
144 159
145 #endif /* WIN32 */ 160 #endif /* WIN32 */
146 161
147 void 162 void
163 log_certificate(const char* store, char *b64cert, bool install)
164 {
165 char subject[MAX_LOG + 1],
166 *der_data = NULL;
167 size_t der_size = 0;
168 int ret = 0,
169 i = 0;
170 x509_crt chain;
171 unsigned char sha256sum[32];
172 char fingerprint[32 * 3 + 1];
173
174 ret = str_base64_decode (&der_data, &der_size, b64cert, strlen(b64cert));
175
176 if (ret != 0)
177 {
178 ERRORPRINTF ("Error decoding certificate.\n");
179 return;
180 }
181
182 x509_crt_init(&chain);
183 if (x509_crt_parse_der(&chain, (const unsigned char *)der_data,
184 der_size) != 0)
185 {
186 ERRORPRINTF("Failed to parse cert..");
187 xfree (der_data);
188 return;
189 }
190
191 ret = x509_dn_gets(subject, MAX_LOG, &(chain.subject));
192
193 if (ret == -1)
194 {
195 ERRORPRINTF("Failed to parse subject..");
196 xfree (der_data);
197 return;
198 }
199 subject[MAX_LOG] = '\0';
200
201 sha256 (chain.raw.p, chain.raw.len, sha256sum, 0);
202
203 for (i = 0; i < 31; i++)
204 {
205 snprintf (fingerprint + i * 3, 3, "%02X:", sha256sum[i]);
206 }
207 snprintf (fingerprint + 31 * 3, 2, "%02X", sha256sum[31]);
208
209 fingerprint[32*3] = '\0';
210
211 #ifdef WIN32
212 {
213 wchar_t *wstrings[3];
214
215 wstrings[0] = utf8_to_wchar (subject, strnlen (subject, MAX_LOG));
216 wstrings[1] = utf8_to_wchar (fingerprint, strnlen (fingerprint, MAX_LOG));
217 wstrings[2] = utf8_to_wchar (store, strnlen (store, MAX_LOG));
218
219 win_do_log (EVENTLOG_INFORMATION_TYPE,
220 EVENT_CAT_CINST,
221 install ? MSG_CERT_INSTALL : MSG_CERT_REMOVE,
222 3,
223 (const WCHAR**) wstrings);
224 xfree (wstrings[0]);
225 xfree (wstrings[1]);
226 xfree (wstrings[2]);
227 }
228 #else
229 /* Please keep the following line in line with message from events.mc */
230 linux_log ("%s of root certificate: %s\nSha256 thumbprint:<%s>.\nCertificate store \"%s\"",
231 install ? "Installation" : "Removal",
232 subject, fingerprint, store);
233 #endif
234 x509_crt_free (&chain);
235 xfree (der_data);
236 }
237
238 void
148 syslog_info_printf(const char *format, ...) 239 syslog_info_printf(const char *format, ...)
149 { 240 {
150 va_list args; 241 va_list args;
151 va_start (args, format); 242 va_start (args, format);
152 #ifdef WIN32 243 #ifdef WIN32
http://wald.intevation.org/projects/trustbridge/