From d797b2cf497587355bbf25cd27d59edd1c3f2915 Mon Sep 17 00:00:00 2001 From: Nicola Ruggero Date: Thu, 4 Nov 2010 12:14:03 +0100 Subject: Implemented client IP logging --- common/os_calls.c | 29 +++++++++++++++++++++++++++++ common/os_calls.h | 2 ++ libxrdp/libxrdpinc.h | 1 + libxrdp/xrdp_rdp.c | 1 + sesman/libscp/libscp_session.c | 23 +++++++++++++++++++++++ sesman/libscp/libscp_session.h | 3 +++ sesman/libscp/libscp_types.h | 1 + sesman/libscp/libscp_v0.c | 11 +++++++++++ sesman/scp_v0.c | 22 +++++++++++++++++++--- sesman/scp_v1.c | 23 ++++++++++++++++++----- sesman/session.c | 12 +++++++----- sesman/session.h | 3 ++- xrdp/xrdp_mm.c | 8 ++++++++ 13 files changed, 125 insertions(+), 14 deletions(-) diff --git a/common/os_calls.c b/common/os_calls.c index 617f3d60..4004fdfc 100644 --- a/common/os_calls.c +++ b/common/os_calls.c @@ -492,6 +492,35 @@ g_tcp_accept(int sck) return accept(sck, (struct sockaddr*)&s, &i); } +/*****************************************************************************/ +void APP_CC +g_write_ip_address(int rcv_sck, char* ip_address) +{ + struct sockaddr_in s; + struct in_addr in; + int len; + int ip_port; + + memset(&s,0,sizeof(&s)); + len = sizeof(s); + getpeername(rcv_sck,(struct sockaddr*)&s, &len); + + memset(&in,0,sizeof(in)); + in.s_addr = s.sin_addr.s_addr; + + ip_port = ntohs(s.sin_port); + + if (ip_port != 0) + { + sprintf(ip_address, "%s:%d - socket: %d", inet_ntoa(in), ip_port, rcv_sck); + } + else + { + sprintf(ip_address, "NULL:NULL - socket: %d", rcv_sck); + } + +} + /*****************************************************************************/ void APP_CC g_sleep(int msecs) diff --git a/common/os_calls.h b/common/os_calls.h index 377b1174..e550cecf 100644 --- a/common/os_calls.h +++ b/common/os_calls.h @@ -100,6 +100,8 @@ g_tcp_can_recv(int sck, int millis); int APP_CC g_tcp_select(int sck1, int sck2); void APP_CC +g_write_ip_address(int rcv_sck, char* ip_address); +void APP_CC g_sleep(int msecs); tbus APP_CC g_create_wait_obj(char* name); diff --git a/libxrdp/libxrdpinc.h b/libxrdp/libxrdpinc.h index a8ee6640..a32fdce5 100644 --- a/libxrdp/libxrdpinc.h +++ b/libxrdp/libxrdpinc.h @@ -63,6 +63,7 @@ struct xrdp_client_info int rdp5_performanceflags; int brush_cache_code; /* 0 = no cache 1 = 8x8 standard cache 2 = arbitrary dimensions */ + char client_ip[256]; }; struct xrdp_brush diff --git a/libxrdp/xrdp_rdp.c b/libxrdp/xrdp_rdp.c index 686e567c..fa833765 100644 --- a/libxrdp/xrdp_rdp.c +++ b/libxrdp/xrdp_rdp.c @@ -145,6 +145,7 @@ xrdp_rdp_create(struct xrdp_session* session, struct trans* trans) self->client_info.cache2_size = 1024; self->client_info.cache3_entries = 262; self->client_info.cache3_size = 4096; + g_write_ip_address(trans->sck, self->client_info.client_ip); /* load client ip info */ DEBUG(("out xrdp_rdp_create")); return self; } diff --git a/sesman/libscp/libscp_session.c b/sesman/libscp/libscp_session.c index 38f801e9..8ac94d25 100644 --- a/sesman/libscp/libscp_session.c +++ b/sesman/libscp/libscp_session.c @@ -268,6 +268,28 @@ scp_session_set_directory(struct SCP_SESSION* s, char* str) return 0; } +/*******************************************************************/ +int +scp_session_set_client_ip(struct SCP_SESSION* s, char* str) +{ + if (0 == str) + { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_client_ip: null ip", __LINE__); + return 1; + } + if (0 != s->client_ip) + { + g_free(s->client_ip); + } + s->client_ip = g_strdup(str); + if (0 == s->client_ip) + { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_client_ip: strdup error", __LINE__); + return 1; + } + return 0; +} + /*******************************************************************/ int scp_session_set_hostname(struct SCP_SESSION* s, char* str) @@ -380,6 +402,7 @@ scp_session_destroy(struct SCP_SESSION* s) g_free(s->domain); g_free(s->program); g_free(s->directory); + g_free(s->client_ip); g_free(s->errstr); g_free(s->mng); g_free(s); diff --git a/sesman/libscp/libscp_session.h b/sesman/libscp/libscp_session.h index cf2b3ab2..f5fe413e 100644 --- a/sesman/libscp/libscp_session.h +++ b/sesman/libscp/libscp_session.h @@ -77,6 +77,9 @@ scp_session_set_program(struct SCP_SESSION* s, char* str); int scp_session_set_directory(struct SCP_SESSION* s, char* str); +int +scp_session_set_client_ip(struct SCP_SESSION* s, char* str); + int scp_session_set_hostname(struct SCP_SESSION* s, char* str); diff --git a/sesman/libscp/libscp_types.h b/sesman/libscp/libscp_types.h index 25fad7d9..7a54545a 100644 --- a/sesman/libscp/libscp_types.h +++ b/sesman/libscp/libscp_types.h @@ -86,6 +86,7 @@ struct SCP_SESSION char* domain; char* program; char* directory; + char* client_ip; }; struct SCP_DISCONNECTED_SESSION diff --git a/sesman/libscp/libscp_v0.c b/sesman/libscp/libscp_v0.c index 541a7c41..d46d6afa 100644 --- a/sesman/libscp/libscp_v0.c +++ b/sesman/libscp/libscp_v0.c @@ -265,6 +265,17 @@ scp_v0s_accept(struct SCP_CONNECTION* c, struct SCP_SESSION** s, int skipVchk) scp_session_set_directory(session, buf); } } + if (s_check_rem(c->in_s, 2)) + { + /* reading client IP address */ + in_uint16_be(c->in_s, sz); + if (sz > 0) + { + in_uint8a(c->in_s, buf, sz); + buf[sz] = '\0'; + scp_session_set_client_ip(session, buf); + } + } } else { diff --git a/sesman/scp_v0.c b/sesman/scp_v0.c index af84f80a..c3c9def6 100644 --- a/sesman/scp_v0.c +++ b/sesman/scp_v0.c @@ -45,6 +45,14 @@ scp_v0_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) if (s_item != 0) { display = s_item->display; + if (0 != s->client_ip) + { + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "++ reconnected session: username %s, display :%d.0, session_pid %d, ip %s", s->username, display, s_item->pid, s->client_ip); + } + else + { + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "++ reconnected session: username %s, display :%d.0, session_pid %d", s->username, display, s_item->pid); + } auth_end(data); /* don't set data to null here */ } @@ -53,20 +61,28 @@ scp_v0_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) LOG_DBG(&(g_cfg->log), "pre auth"); if (1 == access_login_allowed(s->username)) { - log_message(&(g_cfg->log), LOG_LEVEL_INFO, "granted TS access to user %s", s->username); + if (0 != s->client_ip) + { + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "++ created session (access granted): username %s, ip %s", s->username, s->client_ip); + } + else + { + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "++ created session (access granted): username %s", s->username); + } + if (SCP_SESSION_TYPE_XVNC == s->type) { log_message(&(g_cfg->log), LOG_LEVEL_INFO, "starting Xvnc session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XVNC, - s->domain, s->program, s->directory); + s->domain, s->program, s->directory, s->client_ip); } else { log_message(&(g_cfg->log), LOG_LEVEL_INFO, "starting X11rdp session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XRDP, - s->domain, s->program, s->directory); + s->domain, s->program, s->directory, s->client_ip); } } else diff --git a/sesman/scp_v1.c b/sesman/scp_v1.c index 4f3a6b38..5c303bb2 100644 --- a/sesman/scp_v1.c +++ b/sesman/scp_v1.c @@ -107,20 +107,27 @@ scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) if (scount == 0) { /* no disconnected sessions - start a new one */ - log_message(&(g_cfg->log), LOG_LEVEL_INFO, "granted TS access to user %s", s->username); + if (0 != s->client_ip) + { + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "++ created session (access granted): username %s, ip %s", s->username, s->client_ip); + } + else + { + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "++ created session (access granted): username %s", s->username); + } if (SCP_SESSION_TYPE_XVNC == s->type) { log_message(&(g_cfg->log), LOG_LEVEL_INFO, "starting Xvnc session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XVNC, - s->domain, s->program, s->directory); + s->domain, s->program, s->directory, s->client_ip); } else { log_message(&(g_cfg->log), LOG_LEVEL_INFO, "starting X11rdp session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XRDP, - s->domain, s->program, s->directory); + s->domain, s->program, s->directory, s->client_ip); } e = scp_v1s_connect_new_session(c, display); @@ -160,8 +167,14 @@ scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) display=sitem->display; /*e=scp_v1s_reconnect_session(c, sitem, display);*/ e=scp_v1s_reconnect_session(c, display); - log_message(&(g_cfg->log), LOG_LEVEL_INFO, "User %s reconnected to session %d on port %d", \ - s->username, sitem->pid, display); + if (0 != s->client_ip) + { + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "++ reconnected session: username %s, display :%d.0, session_pid %d, ip %s", s->username, display, sitem->pid, s->client_ip); + } + else + { + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "++ reconnected session: username %s, display :%d.0, session_pid %d", s->username, display, sitem->pid); + } g_free(sitem); } break; diff --git a/sesman/session.c b/sesman/session.c index fd94ae3f..ad221c85 100644 --- a/sesman/session.c +++ b/sesman/session.c @@ -45,6 +45,7 @@ static char* g_sync_password; static char* g_sync_domain; static char* g_sync_program; static char* g_sync_directory; +static char* g_sync_client_ip; static tbus g_sync_data; static tui8 g_sync_type; static int g_sync_result; @@ -305,7 +306,7 @@ wait_for_xserver(int display) static int APP_CC session_start_fork(int width, int height, int bpp, char* username, char* password, tbus data, tui8 type, char* domain, - char* program, char* directory) + char* program, char* directory, char* client_ip) { int display = 0; int pid = 0; @@ -556,6 +557,7 @@ session_start_fork(int width, int height, int bpp, char* username, temp->item->height = height; temp->item->bpp = bpp; temp->item->data = data; + g_strncpy(temp->item->client_ip, client_ip, 255); /* store client ip data */ g_strncpy(temp->item->name, username, 255); ltime = g_time1(); @@ -584,7 +586,7 @@ session_start_fork(int width, int height, int bpp, char* username, int DEFAULT_CC session_start(int width, int height, int bpp, char* username, char* password, long data, tui8 type, char* domain, char* program, - char* directory) + char* directory, char* client_ip) { int display; @@ -599,6 +601,7 @@ session_start(int width, int height, int bpp, char* username, char* password, g_sync_domain = domain; g_sync_program = program; g_sync_directory = directory; + g_sync_client_ip = client_ip; g_sync_data = data; g_sync_type = type; /* set event for main thread to see */ @@ -620,7 +623,7 @@ session_sync_start(void) g_sync_result = session_start_fork(g_sync_width, g_sync_height, g_sync_bpp, g_sync_username, g_sync_password, g_sync_data, g_sync_type, g_sync_domain, - g_sync_program, g_sync_directory); + g_sync_program, g_sync_directory, g_sync_client_ip); lock_sync_sem_release(); return 0; } @@ -662,8 +665,7 @@ session_kill(int pid) if (tmp->item->pid == pid) { /* deleting the session */ - log_message(&(g_cfg->log), LOG_LEVEL_INFO, "session %d - user %s - " - "terminated", tmp->item->pid, tmp->item->name); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "++ terminated session: username %s, display :%d.0, session_pid %d, ip %s", tmp->item->name, tmp->item->display, tmp->item->pid, tmp->item->client_ip); g_free(tmp->item); if (prev == 0) { diff --git a/sesman/session.h b/sesman/session.h index d4043146..23aed823 100644 --- a/sesman/session.h +++ b/sesman/session.h @@ -75,6 +75,7 @@ struct session_item struct session_date connect_time; struct session_date disconnect_time; struct session_date idle_time; + char client_ip[256]; }; struct session_chain @@ -104,7 +105,7 @@ session_get_bydata(char* name, int width, int height, int bpp, int type); int DEFAULT_CC session_start(int width, int height, int bpp, char* username, char* password, long data, tui8 type, char* domain, char* program, - char* directory); + char* directory, char* client_ip); /** * diff --git a/xrdp/xrdp_mm.c b/xrdp/xrdp_mm.c index 67d9314b..af7c0474 100644 --- a/xrdp/xrdp_mm.c +++ b/xrdp/xrdp_mm.c @@ -172,11 +172,19 @@ xrdp_mm_send_login(struct xrdp_mm* self) index = g_strlen(self->wm->client_info->program); out_uint16_be(s, index); out_uint8a(s, self->wm->client_info->program, index); + /* send directory */ index = g_strlen(self->wm->client_info->directory); out_uint16_be(s, index); out_uint8a(s, self->wm->client_info->directory, index); + + /* send client ip */ + index = g_strlen(self->wm->client_info->client_ip); + out_uint16_be(s, index); + out_uint8a(s, self->wm->client_info->client_ip, index); + s_mark_end(s); + s_pop_layer(s, channel_hdr); out_uint32_be(s, 0); /* version */ index = (int)(s->end - s->data); -- cgit v1.2.1