1 martin 1.3 //%LICENSE////////////////////////////////////////////////////////////////
|
2 martin 1.4 //
|
3 martin 1.3 // Licensed to The Open Group (TOG) under one or more contributor license
4 // agreements. Refer to the OpenPegasusNOTICE.txt file distributed with
5 // this work for additional information regarding copyright ownership.
6 // Each contributor licenses this file to you under the OpenPegasus Open
7 // Source License; you may not use this file except in compliance with the
8 // License.
|
9 martin 1.4 //
|
10 martin 1.3 // Permission is hereby granted, free of charge, to any person obtaining a
11 // copy of this software and associated documentation files (the "Software"),
12 // to deal in the Software without restriction, including without limitation
13 // the rights to use, copy, modify, merge, publish, distribute, sublicense,
14 // and/or sell copies of the Software, and to permit persons to whom the
15 // Software is furnished to do so, subject to the following conditions:
|
16 martin 1.4 //
|
17 martin 1.3 // The above copyright notice and this permission notice shall be included
18 // in all copies or substantial portions of the Software.
|
19 martin 1.4 //
|
20 martin 1.3 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
21 martin 1.4 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
22 martin 1.3 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
23 // IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
24 // CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
25 // TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
26 // SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
27 martin 1.4 //
|
28 martin 1.3 //////////////////////////////////////////////////////////////////////////
|
29 thilo.boehm 1.1 //
30 //%/////////////////////////////////////////////////////////////////////////////
31
32 #include <Pegasus/Common/Config.h>
33 #include <Pegasus/Common/Constants.h>
34 #include <Pegasus/Common/Logger.h>
35 #include <Pegasus/Common/AuditLogger.h>
36 #include <Pegasus/Common/Audit_zOS_SMF.h>
37
38 #include <stdlib.h>
39
40 #ifndef PEGASUS_DISABLE_AUDIT_LOGGER
41
42 PEGASUS_USING_STD;
43
44 PEGASUS_NAMESPACE_BEGIN
45
46 // Initialize the global and static variables:
47 // - Audit logging is disabled.
48 Boolean AuditLogger::_auditLogFlag = false;
49
50 thilo.boehm 1.1 // - The initiation call back is set to zero.
51 AuditLogger::PEGASUS_AUDITLOGINITIALIZE_CALLBACK_T
52 AuditLogger::_auditLogInitializeCallback = 0;
53
54 // - The interanl writer for audit messages is used
55 AuditLogger::PEGASUS_AUDITLOG_CALLBACK_T AuditLogger::_writeAuditMessage =
56 Audit_zOS_SMF::writeRecord ;
57 Boolean _isInternalWriterUsed = true;
58
59 // - Instantiate the smf helper class.
60 Audit_zOS_SMF _smf;
61
|
62 kumpf 1.5 // Definition of the CIM operation types for the
|
63 thilo.boehm 1.1 // CIM operation SMF record.
64 enum _smf_cim_oper_type {
65 CLASS_OPERATION=0,
66 QUALIFER_OPERATION=1,
67 INSTANCE_OPERATION=2,
68 INVOKE_METHOD=3
69 } ;
70
71 // Definition of the CIM authentication mode for the
72 // CIM authentication SMF record.
73 enum _smf_cim_auth_mode {
74 LOCAL=0,
75 BASIC=1,
76 ATTLS=2,
77 } ;
78
79
80 void AuditLogger::setInitializeCallback(
81 PEGASUS_AUDITLOGINITIALIZE_CALLBACK_T auditLogInitializeCallback)
82 {
83 _auditLogInitializeCallback = auditLogInitializeCallback;
84 thilo.boehm 1.1 }
85
86
87 void AuditLogger::setAuditLogWriterCallback(
88 PEGASUS_AUDITLOG_CALLBACK_T writeAuditLogCallback)
89 {
90 _writeAuditMessage = writeAuditLogCallback;
91 _isInternalWriterUsed = false;
92 }
93
94 void AuditLogger::logCurrentConfig(
95 const Array<String> & propertyNames,
96 const Array<String> & propertyValues)
97 {
98 // check if SMF is gathering this type of records.
99 if (_smf.isRecording(CONFIGURATION) ||
100 (! _isInternalWriterUsed) )
|
101 kumpf 1.5 {
|
102 thilo.boehm 1.1 unsigned char * confRecord;
103 unsigned char * cursor;
104 int cursorOffset;
105
106 _smf86_configuration * confSection;
107 int nameLen;
|
108 kumpf 1.5 int valueLen;
|
109 thilo.boehm 1.1
110 // For all properties write a record.
111 for (Uint32 i = 0; i < propertyNames.size(); i++)
112 {
113 // +1 for the 0x00 termination.
114 nameLen = propertyNames[i].size()+1;
115 valueLen = propertyValues[i].size()+1;
116
117 // Allocate the full record.
118 confRecord = (unsigned char *) calloc(1,
119 sizeof(_smf86_configuration_record) + nameLen + valueLen );
120
121 // Initialize the header and product section.
122 // The length is the total of subtype section + variable parts.
123 _smf.initMyProlog((_smf86_record_prolog *)confRecord, CONFIGURATION,
124 sizeof(_smf86_configuration) + nameLen + valueLen );
125
126 // Set the pointer to the subtype section.
127 confSection = (_smf86_configuration *)
128 (confRecord + sizeof(_smf86_record_prolog));
129
130 thilo.boehm 1.1 // No user Id for logging current configuration.
131 _smf.setEBCDICRecordField(confSection->UserID, "",
132 sizeof(confSection->UserID),false);
133
134 // Configutation is listed
135 confSection->PropChange = 0;
136
|
137 kumpf 1.5 // The variable values are starting
|
138 thilo.boehm 1.1 // at the end of the subtype section.
139 cursor = confRecord + sizeof(_smf86_configuration_record);
140 cursorOffset = sizeof(_smf86_configuration);
141
|
142 kumpf 1.5 // Set the propety name
|
143 thilo.boehm 1.1 confSection->NameOf = cursorOffset;
144 confSection->NameNo = 1;
145 confSection->NameLen = nameLen;
146 _smf.setEBCDICRecordField(cursor,
147 (const char*)propertyNames[i].getCString(),
148 nameLen,true);
149
150 cursor = cursor + nameLen;
151 cursorOffset = cursorOffset + nameLen;
|
152 kumpf 1.5
|
153 thilo.boehm 1.1 // Set the property value.
154 confSection->ValueOf = cursorOffset;
155 confSection->ValueNo = 1;
156 confSection->ValueLen = valueLen;
157 _smf.setEBCDICRecordField(cursor,
158 (const char*)propertyValues[i].getCString(),
159 valueLen,true);
160
161 // New property is set to 0, not used at listing the configuration.
162 confSection->NewValueOf = 0;
163 confSection->NewValueNo = 0;
164 confSection->NewValueLen = 0;
165
166 _writeAuditMessage(CONFIGURATION,(char *)confRecord);
167 free(confRecord);
168 } // End for all properties do.
169 }
170 }
171
172 void AuditLogger::logCurrentRegProvider(
173 const Array < CIMInstance > & instances)
174 thilo.boehm 1.1 {
175 // check if SMF is gathering this type of records.
176 if (_smf.isRecording(CONFIGURATION) ||
177 (! _isInternalWriterUsed) )
|
178 kumpf 1.5 {
|
179 thilo.boehm 1.1 unsigned char * provStatRecord;
180 unsigned char * cursor;
181 int cursorOffset;
182
183 _smf86_provider_status * provStatSection;
184
185 String moduleName;
186 int moduleNameLen;
187 String statusValue;
188 Uint32 pos;
189
190 // For all current registered providers.
191 for (Uint32 i = 0; i < instances.size(); i++)
192 {
193 // Get the module name.
194 instances[i].getProperty(instances[i].findProperty(
195 _PROPERTY_PROVIDERMODULE_NAME)).getValue().get(moduleName);
196
197 // +1 for the 0x00 termination.
198 moduleNameLen = moduleName.size()+1;
199
200 thilo.boehm 1.1 // Allocate the full record.
201 provStatRecord = (unsigned char *) calloc(1,
202 sizeof(_smf86_provider_status_record) + moduleNameLen );
203
204 // Initialize the header and product section.
205 // The length is the total of subtype section + variable parts.
|
206 kumpf 1.5 _smf.initMyProlog((_smf86_record_prolog *)provStatRecord,
|
207 thilo.boehm 1.1 PROVIDER_STATUS,
208 sizeof(_smf86_provider_status) + moduleNameLen );
209
210 // Set the pointer to the subtype section.
211 provStatSection = (_smf86_provider_status *)
212 (provStatRecord + sizeof(_smf86_record_prolog));
213
214 pos = instances[i].findProperty(_PROPERTY_OPERATIONALSTATUS);
215
216 if (pos == PEG_NOT_FOUND)
217 {
218 provStatSection->CurrStatus = 0;
219 }
220 else
221 {
222 CIMValue theValue = instances[i].getProperty(pos).getValue();
223 if (theValue.isNull())
224 {
225 provStatSection->CurrStatus = 0;
226 }
227 else
228 thilo.boehm 1.1 {
229 Array<Uint16> moduleStatus;
230 // Get the module status
231 theValue.get(moduleStatus);
|
232 kumpf 1.5 // reset the smf record field
|
233 thilo.boehm 1.1 provStatSection->CurrStatus = 0;
234 for (int j = 0; j < moduleStatus.size();j++)
235 {
|
236 kumpf 1.5 // Accumulate the status of the provider
|
237 thilo.boehm 1.1 // by shifting a bit the value of moduleStatus
238 // times to the left to get the right bit set.
|
239 kumpf 1.5 provStatSection->CurrStatus =
240 provStatSection->CurrStatus +
|
241 thilo.boehm 1.1 ( 1 << moduleStatus[j] );
242 }
243
244 }
245 } // End of status set.
246
247 // The provider does not change its state.
248 provStatSection->IsChanging=0;
249 provStatSection->NewStatus=0;
250
|
251 kumpf 1.5 // The variable values are starting
|
252 thilo.boehm 1.1 // at the end of the subtype section.
253 cursor = provStatRecord + sizeof(_smf86_provider_status_record);
254 cursorOffset = sizeof(_smf86_provider_status);
255
256 // Set the provider module name.
257 provStatSection->ProvNameOf = cursorOffset;
258 provStatSection->ProvNameNo = 1;
259 provStatSection->ProvNameLen = moduleNameLen;
260 _smf.setEBCDICRecordField(cursor,
261 (const char*)moduleName.getCString(),
262 moduleNameLen,true);
263
264 _writeAuditMessage(PROVIDER_STATUS,(char *)provStatRecord);
265 free(provStatRecord);
266
267 } // For all current registered providers.
268 }
269 }
270
271 void AuditLogger::logCurrentEnvironmentVar()
272 {
273 thilo.boehm 1.1 // This logging is currently not done within z/OS
274 }
275
276 void AuditLogger::logSetConfigProperty(
277 const String & userName,
278 const String & propertyName,
279 const String & prePropertyValue,
280 const String & newPropertyValue,
281 Boolean isPlanned)
282 {
283 // check if SMF is gathering this type of records.
284
285 if (_smf.isRecording(CONFIGURATION) ||
286 (! _isInternalWriterUsed) )
287 {
288 unsigned char * confRecord;
289 unsigned char * cursor;
290 int cursorOffset;
291
292 _smf86_configuration * confSection;
293
294 thilo.boehm 1.1 // +1 for the 0x00 termination
295 int nameLen = propertyName.size()+1;
296 int valueLen = prePropertyValue.size()+1;
297 int newValueLen = newPropertyValue.size()+1;
298
299 // allocate the full record.
300 confRecord = (unsigned char *) calloc(1,
|
301 kumpf 1.5 sizeof(_smf86_configuration_record)
|
302 thilo.boehm 1.1 + nameLen + valueLen + newValueLen );
303
304 // Initialize the header and product section.
305 // The length is the total of subtype section + variable parts.
306 _smf.initMyProlog((_smf86_record_prolog *)confRecord,
307 CONFIGURATION,sizeof(_smf86_configuration) +
308 nameLen + valueLen + newValueLen );
309
310
311 // Set the pointer to the subtype section.
312 confSection = (_smf86_configuration *)
313 (confRecord + sizeof(_smf86_record_prolog));
314
315 // Set the user id.
316 _smf.setEBCDICRecordField(confSection->UserID,
317 (const char*)userName.getCString(),
318 sizeof(confSection->UserID),false);
319
320 if (isPlanned)
321 {
322 // It is a planed configuration change.
323 thilo.boehm 1.1 confSection->PropChange = 2;
|
324 kumpf 1.5 }
|
325 thilo.boehm 1.1 else
326 {
327 // It is a current configuration change.
328 confSection->PropChange = 1;
329 }
330
331
|
332 kumpf 1.5 // The variable values are starting
|
333 thilo.boehm 1.1 // at the end of the subtype section.
334 cursor = confRecord + sizeof(_smf86_configuration_record);
335 cursorOffset = sizeof(_smf86_configuration);
336
|
337 kumpf 1.5 // set the propety name
|
338 thilo.boehm 1.1 confSection->NameOf = cursorOffset;
339 confSection->NameNo = 1;
340 confSection->NameLen = nameLen;
341 _smf.setEBCDICRecordField(cursor,
342 (const char*)propertyName.getCString(),
343 nameLen,true);
344
345 cursor = cursor + nameLen;
346 cursorOffset = cursorOffset + nameLen;
347
348 // set the property value
349 confSection->ValueOf = cursorOffset;
350 confSection->ValueNo = 1;
351 confSection->ValueLen = valueLen;
352 _smf.setEBCDICRecordField(cursor,
353 (const char*)prePropertyValue.getCString(),
354 valueLen,true);
355
356 cursor = cursor + valueLen;
357 cursorOffset = cursorOffset + valueLen;
358
359 thilo.boehm 1.1 // set the new property value
360 confSection->NewValueOf = cursorOffset;
361 confSection->NewValueNo = 1;
362 confSection->NewValueLen = newValueLen;
363 _smf.setEBCDICRecordField(cursor,
364 (const char*)newPropertyValue.getCString(),
365 newValueLen,true);
366
367 _writeAuditMessage(CONFIGURATION,(char *)confRecord);
368 free(confRecord);
369 }
370 }
371
372 void AuditLogger::logUpdateClassOperation(
373 const char* cimMethodName,
374 AuditEvent eventType,
375 const String& userName,
376 const String& ipAddr,
377 const CIMNamespaceName& nameSpace,
378 const CIMName& className,
379 CIMStatusCode statusCode)
380 thilo.boehm 1.1 {
381 // check if SMF is gathering this type of records.
382 if (_smf.isRecording(CIM_OPERATION) ||
383 (! _isInternalWriterUsed) )
|
384 kumpf 1.5 {
|
385 thilo.boehm 1.1 _writeCIMOperationRecord(
386 CLASS_OPERATION, userName, statusCode,
387 ipAddr, cimMethodName, className.getString(),
388 nameSpace.getString(), String::EMPTY, String::EMPTY );
389 }
390 }
391
392 void AuditLogger::logUpdateQualifierOperation(
393 const char* cimMethodName,
394 AuditEvent eventType,
395 const String& userName,
396 const String& ipAddr,
397 const CIMNamespaceName& nameSpace,
398 const CIMName& className,
399 CIMStatusCode statusCode)
400 {
401 // check if SMF is gathering this type of records.
402 if (_smf.isRecording(CIM_OPERATION) ||
403 (! _isInternalWriterUsed) )
|
404 kumpf 1.5 {
|
405 thilo.boehm 1.1 _writeCIMOperationRecord(
406 QUALIFER_OPERATION, userName, statusCode,
407 ipAddr, cimMethodName, className.getString(),
408 nameSpace.getString(), String::EMPTY, String::EMPTY );
409 }
410 }
411
412 void AuditLogger::logUpdateInstanceOperation(
413 const char* cimMethodName,
414 AuditEvent eventType,
415 const String& userName,
416 const String& ipAddr,
417 const CIMNamespaceName& nameSpace,
418 const CIMObjectPath& instanceName,
419 const String& moduleName,
420 const String& providerName,
421 CIMStatusCode statusCode)
422 {
423 // check if SMF is gathering this type of records.
424 if (_smf.isRecording(CIM_OPERATION) ||
425 (! _isInternalWriterUsed) )
|
426 kumpf 1.5 {
427 String cimInstanceName =
|
428 thilo.boehm 1.1 CIMObjectPath("", CIMNamespaceName(), instanceName.getClassName(),
429 instanceName.getKeyBindings()).toString();
430
431 _writeCIMOperationRecord(
432 INSTANCE_OPERATION, userName, statusCode,
433 ipAddr, cimMethodName, cimInstanceName,
434 nameSpace.getString(), providerName, moduleName );
435 }
436 }
437
438 void AuditLogger::logInvokeMethodOperation(
439 const String& userName,
440 const String& ipAddr,
441 const CIMNamespaceName& nameSpace,
442 const CIMObjectPath& objectName,
443 const CIMName& methodName,
444 const String& moduleName,
445 const String& providerName,
446 CIMStatusCode statusCode)
447 {
448 // check if SMF is gathering this type of records.
449 thilo.boehm 1.1 if (_smf.isRecording(CIM_OPERATION) ||
450 (! _isInternalWriterUsed) )
|
451 kumpf 1.5 {
452 String cimObjectName =
|
453 thilo.boehm 1.1 CIMObjectPath("", CIMNamespaceName(), objectName.getClassName(),
454 objectName.getKeyBindings()).toString();
455
456 _writeCIMOperationRecord(
457 INVOKE_METHOD, userName, statusCode,
458 ipAddr, methodName.getString(), cimObjectName,
459 nameSpace.getString(), providerName,moduleName );
460 }
461 }
462
|
463 venkat.puvvada 1.6 void AuditLogger::logSetProvModuleGroupName(
464 const String & moduleName,
465 const String & oldModuleGroupName,
466 const String & newModuleGroupName)
467 {
468 // ATTN: Implement for z/OS.
469 }
470
|
471 thilo.boehm 1.1 void AuditLogger::logUpdateProvModuleStatus(
472 const String & moduleName,
473 const Array<Uint16> currentModuleStatus,
474 const Array<Uint16> newModuleStatus)
475 {
476 // check if SMF is gathering this type of records.
477 if (_smf.isRecording(CONFIGURATION) ||
478 (! _isInternalWriterUsed) )
|
479 kumpf 1.5 {
|
480 thilo.boehm 1.1 unsigned char * provStatRecord;
481 unsigned char * cursor;
482 int cursorOffset;
483
484 _smf86_provider_status * provStatSection;
485
486 // +1 for the 0x00 termination.
487 int moduleNameLen = moduleName.size()+1;;
488 String statusValue;
489 Uint32 pos;
490
491 // Allocate the full record.
492 provStatRecord = (unsigned char *) calloc(1,
493 sizeof(_smf86_provider_status_record) + moduleNameLen );
494
495 // Initialize the header and product section.
496 // The length is the total of subtype section + variable parts.
|
497 kumpf 1.5 _smf.initMyProlog((_smf86_record_prolog *)provStatRecord,
|
498 thilo.boehm 1.1 PROVIDER_STATUS,
499 sizeof(_smf86_provider_status) + moduleNameLen );
500
501 // Set the pointer to the subtype section.
502 provStatSection = (_smf86_provider_status *)
503 (provStatRecord + sizeof(_smf86_record_prolog));
504
505 provStatSection->CurrStatus = 0;
506
507 if (currentModuleStatus.size() > 0)
508 {
509 for (int j = 0; j < currentModuleStatus.size();j++)
510 {
|
511 kumpf 1.5 // Accumulate the status of the provider
|
512 thilo.boehm 1.1 // by shifting a bit the value of moduleStatus
513 // times to the left to get the right bit set.
|
514 kumpf 1.5 provStatSection->CurrStatus =
515 provStatSection->CurrStatus +
|
516 thilo.boehm 1.1 ( 1 << currentModuleStatus[j] );
517 }
|
518 kumpf 1.5
|
519 thilo.boehm 1.1 }
520
521 // The provider does change.
522 provStatSection->IsChanging=1;
523
524 provStatSection->NewStatus=0;
525
526 if (newModuleStatus.size() > 0)
527 {
|
528 kumpf 1.5 // Accumulate the new status of the provider
|
529 thilo.boehm 1.1 // by shifting a bit the value of moduleStatus
530 // times to the left to get the right bit set.
531 for (int j = 0; j < newModuleStatus.size();j++)
532 {
|
533 kumpf 1.5 provStatSection->NewStatus =
|
534 thilo.boehm 1.1 provStatSection->NewStatus + ( 1 << newModuleStatus[j] );
535 }
536
537 }
538
|
539 kumpf 1.5 // The variable values are starting
|
540 thilo.boehm 1.1 // at the end of the subtype section.
541 cursor = provStatRecord + sizeof(_smf86_provider_status_record);
542 cursorOffset = sizeof(_smf86_provider_status);
543
544 // Set the provider module name.
545 provStatSection->ProvNameOf =cursorOffset;
546 provStatSection->ProvNameNo = 1;
547 provStatSection->ProvNameLen = moduleNameLen;
548 _smf.setEBCDICRecordField(cursor,
549 (const char*)moduleName.getCString(),
550 moduleNameLen,true);
551
552 _writeAuditMessage(PROVIDER_STATUS,(char *)provStatRecord);
553 free(provStatRecord);
554 }
555
556 }
557
558 void AuditLogger::logLocalAuthentication(
559 const String& userName,
560 Boolean successful)
|
561 kumpf 1.5 {
|
562 thilo.boehm 1.1 // check if SMF is gathering this type of records.
563 if (_smf.isRecording(AUTHENTICATION) ||
564 (! _isInternalWriterUsed) )
|
565 kumpf 1.5 {
|
566 thilo.boehm 1.1 _writeAuthenticationRecord(LOCAL,userName,successful,
567 "localhost");
568 }
569 }
570
571 void AuditLogger::logBasicAuthentication(
572 const String& userName,
573 const String& ipAddr,
574 Boolean successful)
575 {
576 // check if SMF is gathering this type of records.
577 if (_smf.isRecording(AUTHENTICATION) ||
578 (! _isInternalWriterUsed) )
|
579 kumpf 1.5 {
|
580 thilo.boehm 1.1 _writeAuthenticationRecord(BASIC,userName,successful,
581 ipAddr);
582 }
583 }
584
585 void AuditLogger::logCertificateBasedAuthentication(
586 const String& issuerName,
587 const String& subjectName,
588 const String& serialNumber,
589 const String& ipAddr,
590 Boolean successful)
591 {
592 // This fuction is unimplemented within z/OS.
593 // AT-TLS is doing this kind of logging.
594 }
595
596 void AuditLogger::logCertificateBasedUserValidation(
597 const String& userName,
598 const String& issuerName,
599 const String& subjectName,
600 const String& serialNumber,
601 thilo.boehm 1.1 const String& ipAddr,
602 Boolean successful)
603 {
604 // check if SMF is gathering this type of records.
605 if (_smf.isRecording(AUTHENTICATION) ||
606 (! _isInternalWriterUsed) )
|
607 kumpf 1.5 {
|
608 thilo.boehm 1.1 _writeAuthenticationRecord(ATTLS,userName,successful,
609 ipAddr);
610 }
611
612 }
613
614
615 void AuditLogger::setEnabled(Boolean enable)
616 {
617 if (enable)
618 {
619 if (!_auditLogFlag)
620 {
|
621 kumpf 1.5 Logger::put_l(Logger::STANDARD_LOG, System::CIMSERVER,
|
622 thilo.boehm 1.1 Logger::INFORMATION,
|
623 kumpf 1.2 MessageLoaderParms(
624 "Common.AuditLogger.ENABLE_AUDIT_LOG",
625 "Audit logging is enabled."));
|
626 thilo.boehm 1.1
627 // only call the audit intiialzation call back if set.
628 if (_auditLogInitializeCallback != 0)
629 {
630 _auditLogInitializeCallback();
631 }
632 }
633 }
634 else
635 {
636 if (_auditLogFlag)
637 {
|
638 kumpf 1.5 Logger::put_l(Logger::STANDARD_LOG, System::CIMSERVER,
|
639 thilo.boehm 1.1 Logger::INFORMATION,
|
640 kumpf 1.2 MessageLoaderParms(
641 "Common.AuditLogger.DISABLE_AUDIT_LOG",
642 "Audit logging is disabled."));
|
643 thilo.boehm 1.1 }
644 }
645
646 _auditLogFlag = enable;
647
648 }
649
650 inline void AuditLogger::_writeCIMOperationRecord(
651 unsigned short cimOpType,
652 String userID,
653 unsigned short cimStatusCode,
654 String clientIP,
655 String operName,
656 String objPath,
657 String nameSpace,
658 String provName,
659 String provModName
660 )
661 {
662 unsigned char * cimOperRecord;
663 unsigned char * cursor;
664 thilo.boehm 1.1 int cursorOffset;
665
666 _smf86_cim_operation * cimOperSection;
667
668 int operNameLen = operName.size();
669 int objPathLen = objPath.size();
670 int nameSpaceLen = nameSpace.size();
671 int provNameLen = provName.size();
672 int provModNameLen = provModName.size();
673
674 // if a string is not empty, + 1 for the trailing 0x00
675 if( operNameLen > 0 )
676 operNameLen = operNameLen + 1 ;
677
678 if( objPathLen > 0 )
679 objPathLen = objPathLen + 1;
680
681 if( nameSpaceLen > 0 )
682 nameSpaceLen = nameSpaceLen + 1;
683
684 if( provNameLen > 0 )
685 thilo.boehm 1.1 provNameLen = provNameLen + 1;
686
687 if( provModNameLen > 0 )
688 provModNameLen = provModNameLen + 1;
689
690 // Allocate the full record.
691 cimOperRecord = (unsigned char *) calloc(1,
692 sizeof(_smf86_cim_operation_record)+
|
693 kumpf 1.5 operNameLen + objPathLen + nameSpaceLen +
|
694 thilo.boehm 1.1 provNameLen + provModNameLen );
695
696 // Initialize the header and product section.
697 // The length is the total of subtype section + variable parts.
|
698 kumpf 1.5 _smf.initMyProlog((_smf86_record_prolog *)cimOperRecord,
|
699 thilo.boehm 1.1 CIM_OPERATION, sizeof(_smf86_cim_operation)+
|
700 kumpf 1.5 operNameLen + objPathLen + nameSpaceLen +
|
701 thilo.boehm 1.1 provNameLen + provModNameLen );
702
703 // Set the pointer to the subtype section.
|
704 kumpf 1.5 cimOperSection = (_smf86_cim_operation *)
|
705 thilo.boehm 1.1 (cimOperRecord + sizeof(_smf86_record_prolog));
706
707 // Set cim operation type.
708 cimOperSection->CIMOpType = cimOpType;
709
710 // Set cim operation status code
711 cimOperSection->CIMStatusCode = cimStatusCode;
712
713 // Set the user id.
714 _smf.setEBCDICRecordField(cimOperSection->UserID,
715 (const char*)userID.getCString(),
716 sizeof(cimOperSection->UserID),false);
717
718 // Set the client IP adress.
719 _smf.setEBCDICRecordField(cimOperSection->ClientIP,
720 (const char*)clientIP.getCString(),
721 sizeof(cimOperSection->ClientIP),false);
722
|
723 kumpf 1.5
|
724 thilo.boehm 1.1 // The operation name starts from the end of the static record information.
725 cursor = cimOperRecord + sizeof(_smf86_cim_operation_record);
726 cursorOffset = sizeof(_smf86_cim_operation);
727
|
728 kumpf 1.5 // Set operation name
|
729 thilo.boehm 1.1 if (operNameLen > 0 )
730 {
731 cimOperSection->OperNameOf = cursorOffset;
732 cimOperSection->OperNameLen = operNameLen;
733 cimOperSection->OperNameNo = 1;
734 _smf.setEBCDICRecordField(cursor,(const char*)operName.getCString(),
735 operNameLen,true);
736 cursor = cursor + operNameLen;
737 cursorOffset = cursorOffset + operNameLen;
|
738 kumpf 1.5 }
|
739 thilo.boehm 1.1 else
740 {
741 cimOperSection->OperNameOf = 0;
742 cimOperSection->OperNameLen = 0;
743 cimOperSection->OperNameNo = 0;
744 }
|
745 kumpf 1.5
|
746 thilo.boehm 1.1 // Set object path
747 if (objPathLen > 0 )
748 {
749 cimOperSection->ObjPathOf = cursorOffset;
750 cimOperSection->ObjPathLen = objPathLen;
751 cimOperSection->ObjPathNo = 1;
752 _smf.setEBCDICRecordField(cursor,(const char*)objPath.getCString(),
753 objPathLen,true);
754 cursor = cursor + objPathLen;
755 cursorOffset = cursorOffset + objPathLen;
756 }
757 else
758 {
759 cimOperSection->ObjPathOf = 0;
760 cimOperSection->ObjPathLen = 0;
761 cimOperSection->ObjPathNo = 0;
762 }
763
764 // Set name space
765 if (nameSpaceLen > 0 )
766 {
767 thilo.boehm 1.1 cimOperSection->NameSpaceOf = cursorOffset;
768 cimOperSection->NameSpaceLen = nameSpaceLen;
769 cimOperSection->NameSpaceNo = 1;
770 _smf.setEBCDICRecordField(cursor,(const char*)nameSpace.getCString(),
771 nameSpaceLen,true);
772 cursor = cursor + nameSpaceLen;
773 cursorOffset = cursorOffset + nameSpaceLen;
774 }
775 else
776 {
777 cimOperSection->NameSpaceOf = 0;
778 cimOperSection->NameSpaceLen = 0;
779 cimOperSection->NameSpaceNo = 0;
780 }
781
782 // Set provider name
783 if (provNameLen > 0 )
784 {
785 cimOperSection->ProvNameOf = cursorOffset;
786 cimOperSection->ProvNameLen = provNameLen;
787 cimOperSection->ProvNameNo = 1;
788 thilo.boehm 1.1 _smf.setEBCDICRecordField(cursor,(const char*)provName.getCString(),
789 provNameLen,true);
790 cursor = cursor + provNameLen;
791 cursorOffset = cursorOffset + provNameLen;
792 }
793 else
794 {
795 cimOperSection->ProvNameOf = 0;
796 cimOperSection->ProvNameLen = 0;
797 cimOperSection->ProvNameNo = 0;
798 }
799
800 // Set provider module name
801 if (provModNameLen > 0 )
802 {
803 cimOperSection->ProvModNameOf = cursorOffset;
804 cimOperSection->ProvModNameLen = provModNameLen;
805 cimOperSection->ProvModNameNo = 1;
806 _smf.setEBCDICRecordField(cursor,(const char*)provModName.getCString(),
807 provModNameLen,true);
808 cursor = cursor + provModNameLen;
809 thilo.boehm 1.1 cursorOffset = cursorOffset + provModNameLen;
810 }
811 else
812 {
813 cimOperSection->ProvModNameOf = 0;
814 cimOperSection->ProvModNameLen = 0;
815 cimOperSection->ProvModNameNo = 0;
816 }
|
817 kumpf 1.5
|
818 thilo.boehm 1.1 _writeAuditMessage(CIM_OPERATION,(char *)cimOperRecord);
819 free(cimOperRecord);
820
821
822 }
823
824 inline void AuditLogger::_writeAuthenticationRecord(
825 unsigned short authMode,
826 String userID,
827 Boolean isAuthenticated,
828 String clientIP )
829 {
830 unsigned char * authenticationRecord;
831 _smf86_authentication * authenticationSection;
832
833 // Allocate the full record.
834 authenticationRecord = (unsigned char *) calloc(1,
835 sizeof(_smf86_auththentication_record));
836
837 // Initialize the header and product section.
838 // The length is the total of subtype section + variable parts.
|
839 kumpf 1.5 _smf.initMyProlog((_smf86_record_prolog *)authenticationRecord,
|
840 thilo.boehm 1.1 AUTHENTICATION, sizeof(_smf86_authentication));
841
842 // Set the pointer to the subtype section.
843 authenticationSection = (_smf86_authentication *)
844 (authenticationRecord + sizeof(_smf86_record_prolog));
845
846 authenticationSection->AuthMode = authMode;
847
848 // Set the user id.
849 _smf.setEBCDICRecordField(authenticationSection->UserID,
850 (const char*)userID.getCString(),
851 sizeof(authenticationSection->UserID),false);
852
853 if(isAuthenticated)
854 {
855 authenticationSection->AuthResult=0;
856 }
857 else
858 {
859 authenticationSection->AuthResult=1;
860 }
861 thilo.boehm 1.1
862 // Set the client IP adress.
863 _smf.setEBCDICRecordField(authenticationSection->ClientIP,
864 (const char*)clientIP.getCString(),
865 sizeof(authenticationSection->ClientIP),false);
866
867 _writeAuditMessage(AUTHENTICATION,(char *)authenticationRecord);
868 free(authenticationRecord);
869 }
870
871 PEGASUS_NAMESPACE_END
872
873 #endif
|