Grid Community Toolkit  6.2.1653033972 (tag: v6.2.20220524)
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
audit.h
1 /*
2  * Copyright (c) 2004, 2005 Darren Tucker. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  * notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  * notice, this list of conditions and the following disclaimer in the
11  * documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
15  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
16  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
17  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
18  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
19  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
20  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
22  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23  */
24 
25 #ifndef _SSH_AUDIT_H
26 # define _SSH_AUDIT_H
27 
28 #include "loginrec.h"
29 #include "sshkey.h"
30 
31 struct ssh;
32 
33 enum ssh_audit_event_type {
34  SSH_LOGIN_EXCEED_MAXTRIES,
35  SSH_LOGIN_ROOT_DENIED,
36  SSH_AUTH_SUCCESS,
37  SSH_AUTH_FAIL_NONE,
38  SSH_AUTH_FAIL_PASSWD,
39  SSH_AUTH_FAIL_KBDINT, /* keyboard-interactive or challenge-response */
40  SSH_AUTH_FAIL_PUBKEY, /* ssh2 pubkey or ssh1 rsa */
41  SSH_AUTH_FAIL_HOSTBASED, /* ssh2 hostbased or ssh1 rhostsrsa */
42  SSH_AUTH_FAIL_GSSAPI,
43  SSH_INVALID_USER,
44  SSH_NOLOGIN, /* denied by /etc/nologin, not implemented */
45  SSH_CONNECTION_CLOSE, /* closed after attempting auth or session */
46  SSH_CONNECTION_ABANDON, /* closed without completing auth */
47  SSH_AUDIT_UNKNOWN
48 };
49 
50 enum ssh_audit_kex {
51  SSH_AUDIT_UNSUPPORTED_CIPHER,
52  SSH_AUDIT_UNSUPPORTED_MAC,
53  SSH_AUDIT_UNSUPPORTED_COMPRESSION
54 };
55 typedef enum ssh_audit_event_type ssh_audit_event_t;
56 
57 int listening_for_clients(void);
58 
59 void audit_connection_from(const char *, int);
60 void audit_event(struct ssh *, ssh_audit_event_t);
61 void audit_count_session_open(void);
62 void audit_session_open(struct logininfo *);
63 void audit_session_close(struct logininfo *);
64 int audit_run_command(struct ssh *, const char *);
65 void audit_end_command(struct ssh *, int, const char *);
66 ssh_audit_event_t audit_classify_auth(const char *);
67 int audit_keyusage(struct ssh *, int, char *, int);
68 void audit_key(struct ssh *, int, int *, const struct sshkey *);
69 void audit_unsupported(struct ssh *, int);
70 void audit_kex(struct ssh *, int, char *, char *, char *, char *);
71 void audit_unsupported_body(struct ssh *, int);
72 void audit_kex_body(struct ssh *, int, char *, char *, char *, char *, pid_t, uid_t);
73 void audit_session_key_free(struct ssh *, int ctos);
74 void audit_session_key_free_body(struct ssh *, int ctos, pid_t, uid_t);
75 void audit_destroy_sensitive_data(struct ssh *, const char *, pid_t, uid_t);
76 
77 #endif /* _SSH_AUDIT_H */