diff --git a/main.c b/main.c index d65dd5b..9c0225a 100644 --- a/main.c +++ b/main.c @@ -8,8 +8,9 @@ #include #include #include +#include -#define HOSTNAME "lalis" +#define HOSTNAME "localhost" struct connexion { @@ -24,6 +25,121 @@ struct connexion }; +struct config +{ + char commande[1024]; + char logfile[4096]; + char hostname[128]; + +}; + +int explode( char * str, char * separator, size_t m, size_t n, char exploded[m][n] ) +{ + char * pch; + int x=0 ; + + pch = strtok( str, separator ); + while( pch != NULL ) + { + //printf("%s\n", pch); + strcpy( exploded[x++], pch) ; + pch = strtok( NULL , separator ); + } + return x; +} + +// config function +int readconfig( struct config * cfg ) +{ + FILE * fh = NULL; + char path[2][30] = {"/etc/sshdetect.conf", ""}; + int x; + int retval=0; + char str[1024]; + char exploded[2][1024]; + char * homepath; + char * buff; + char logfilepath[1024]; + + homepath = getenv("HOME"); + if ( homepath != NULL ) + { + sprintf( path[1], "%s%s", homepath, "/.config/sshdetect.conf" ); + } + sprintf( logfilepath, "%s%s", homepath, "/.locale/share/sshdetect.log"); + for(x=0;x<2;x++) + { + if ((fh = fopen( path[x], "r")) == NULL) + { + perror(path[x]); + if(x==1) retval = -1; + }else + { + printf("Found config file: %s\n", path[x]); + x = 3; + } + } + if (fh != NULL) + { + while(fgets(str, 1024, fh) != NULL) + { + explode(str, "= \n", 2, 1024, exploded); + if ( strcmp( exploded[0], "commande") == 0 ) + { + if ( fopen(exploded[1],"r") != NULL) + { + strcpy( cfg->commande, exploded[1] ); + printf("Found command: %s\n", cfg->commande); + }else + { + perror(exploded[1]); + } + }else if( strcmp( exploded[0], "logfile") == 0) + { + sprintf( logfilepath, "%s%s", homepath, "/.config/sshdetect.log"); + if ( fopen(exploded[1], "a") != NULL ) + { + strcpy( cfg->logfile, exploded[1] ); + } + }else if( strcmp( exploded[0], "hostname") == 0 ) + { + strcpy( cfg->hostname, exploded[1] ); + } + } + } + if ( cfg->logfile[0] == 0 ) + { + if ( fopen("/var/log/sshdetect.log", "a") != NULL ) + { + strcpy( cfg->logfile, "/var/log/sshdetect.log" ); + }else if ( fopen(logfilepath, "a") != NULL ) + { + strcpy( cfg->logfile, logfilepath ); + }else + { + perror(logfilepath); + strcpy(cfg->logfile, "/dev/null"); + retval += 2; + } + } + if (cfg->hostname[0] == 0 ) + { + buff = getenv("HOSTNAME"); + if ( buff != NULL) + { + strcpy(cfg->hostname, buff); + }else + { + strcpy(cfg->hostname, HOSTNAME); + } + } + if (cfg->commande[0] == 0) + { + printf("command not found: no command will be executed"); + retval += 4; + } + return retval; +} //test if pid is in lsit of known sshd processus int isinarray( int pid, int array[], int n ) @@ -119,7 +235,8 @@ int null2space( char str[] ) if ( (int) str[x+1] != 0 ) { str[x] = ' '; - }else + }elsemv /etc/ssh/sshrc /etc/ssh/sshrc.old + { flag = 1; } @@ -151,7 +268,7 @@ int getpids(int pid, int exploded[]) pch = strtok( str, separator ); while( pch != NULL ) { - printf("%s\n", pch); + //printf("%s\n", pch); exploded[x++] = atoi( pch ); pch = strtok( NULL , separator ); @@ -176,6 +293,7 @@ int getprocinfo( struct connexion * conn ) int r; int level = 0; int retval = 0; + char tab[128]; time_t timet=0; //get connexion time @@ -197,6 +315,7 @@ int getprocinfo( struct connexion * conn ) }else if ( r != -1 ) { level++; + strcat(tab," "); conn->pid = child_pid[0]; }else { @@ -212,7 +331,6 @@ int getprocinfo( struct connexion * conn ) return 2; } fgets( str, 1024, fh1); - flag = 0; null2space( str ); sprintf(conn->cmdline, "%s", str); fclose(fh1); @@ -230,14 +348,14 @@ int getprocinfo( struct connexion * conn ) int main() { - FILE *fh; + FILE *fh = NULL; FILE *fh1; int n_ssh=10; int id; int pid; int x=0; int y=0; - int r; + int r=0; int i; int j; int n; @@ -247,64 +365,50 @@ int main() int flag[n_ssh]; int rinfo; int status; - char commande[] = "/usr/local/bin/send_sms"; - char logfile[] = "/var/log/sshdetect.log"; -// char cmd[24]; -// char cmdline[1000]; -// char user[24]=""; - char hostname[128]; char ip[42]=""; -// char host_ip[42]=""; -// char host_ipv6[42]=""; char str[1024]; char date[60]; - time_t now ; - char * locale; + time_t now = 0; char * language; char * buff; struct connexion conn; struct connexion connexions[n_ssh]; + struct config cfg = {"","",""}; //char * ptr; - if ( (fh = fopen(logfile, "a")) == NULL) - { - perror(logfile); - buff = basename(logfile); - sprintf( logfile, "%s%s", "~/.local/share/", buff); - if( (fh = fopen(logfile, "a"))) - { - perror(logfile); - return 1; - } - return 0; - } + readconfig( &cfg ); - buff = getenv("HOSTNAME"); - if ( buff != NULL) + //localizing + if ( (language = getenv("LANGUAGE")) != NULL) { - strcpy(hostname, buff); - }else + strtok (language, ":"); + }else if ( (language = getenv("LC_ALL")) == NULL ) { - strcpy(hostname, HOSTNAME); + language=""; } + setlocale(LC_ALL,language); - language = getenv("LANGUAGE"); - strtok (language, ":"); - locale = setlocale(LC_ALL,language); time( &now ); sprintf( date, "%s", frtime(now)); - if ( (fh = fopen(logfile, "a")) == NULL) + if ( (fh = fopen(cfg.logfile, "a")) == NULL) { - perror(logfile); - return 1; + perror(cfg.logfile); + return 7; } fprintf(fh, "%s: Démarrage de sshdetect\n", date); fclose(fh); - sprintf( str, "%s \"%s - %s: Démarrage de sshdetect\"", commande, HOSTNAME, date ); + sprintf( str, "%s \"%s - %s: Démarrage de sshdetect\"", cfg.commande, cfg.hostname, date ); id=fork(); if(id == 0) { - r = system( str ); + if (cfg.commande[0] != 0) + { + r = system( str ); + }else + { + printf("no command defined: no command launched\n"); + } + exit(r); }else if( id<0 ) { @@ -356,42 +460,52 @@ int main() if (conn.user[0] == '\0') { - sprintf( str, "%s \"%s: tunnel ouvert le %s depuis %s avec la commande: %s %s\"", commande, hostname, conn.date, ip, conn.cmd, conn.cmdline ); + sprintf( str, "%s \"%s: tunnel ouvert le %s depuis %s avec la commande: %s %s\"", cfg.commande, cfg.hostname, conn.date, ip, conn.cmd, conn.cmdline ); }else { - sprintf( str, "%s \"%s: %s s'est connecté le %s depuis %s avec la commande: %s %s\"", commande, hostname, conn.user, conn.date, ip, conn.cmd, conn.cmdline ); + sprintf( str, "%s \"%s: %s s'est connecté le %s depuis %s avec la commande: %s %s\"", cfg.commande, cfg.hostname, conn.user, conn.date, ip, conn.cmd, conn.cmdline ); } if ( start != 1 ) { id=fork(); - if(id>0) + if(id > 0) { - if ( (fh1 = fopen(logfile, "a")) == NULL) + if ( (fh1 = fopen(cfg.logfile, "a")) == NULL) { - perror(logfile); + perror(cfg.logfile); return 7; } fprintf(fh1, "%s: Connexion de %s depuis %s commande: %s %s\n", conn.date, conn.user, ip, conn.cmd, conn.cmdline); fclose(fh1); - }else if (id<0) + }else if (id < 0) { printf("erreur de création du fork: %s\n", str); }else { - printf("%s\n", str); - r = system( str ); - exit (r); + if (cfg.commande[0] != 0) + { + printf("%s\n", str); + r = system( str ); + }else + { + printf("no command defined: no command launched\n"); + } + exit(r); } }else { - if ( (fh1 = fopen(logfile, "a")) == NULL) + if ( (fh1 = fopen(cfg.logfile, "a")) == NULL) { - perror(logfile); + perror(cfg.logfile); return 7; } fprintf(fh1, "%s: %s Connecté depuis %s - %s %s\n", conn.date, conn.user, ip, conn.cmd, conn.cmdline); fclose(fh1); } + }else if (rinfo == -1) + { + + printf("%i => 2 pids : en cours de connexion\n", conn.pid); } }else { @@ -403,14 +517,14 @@ int main() if (flag[i] == 0 ) { time( &now ); - sprintf( date, "%s", frtime(now)); - printf("Session %d de %s terminée le %s\n", connexions[i].pid, connexions[i].user, date); - if ( (fh1 = fopen(logfile, "a")) == NULL) + sprintf( date, "%s", frtime(now) ); + printf( "Session %d de %s terminée le %s\n", connexions[i].pid, connexions[i].user, date ); + if ( (fh1 = fopen(cfg.logfile, "a")) == NULL) { - perror(logfile); + perror(cfg.logfile); return 7; } - fprintf(fh1, "%s: pid %d -Connexion de %s terminée le %s\n", hostname, connexions[i].pid, connexions[i].user, connexions[i].date); + fprintf(fh1, "%s: pid %d -Connexion de %s terminée le %s\n", cfg.hostname, connexions[i].pid, connexions[i].user, connexions[i].date); for( j=i; j