Daniel Tartavel 11 months ago
parent
commit
5c8bcb434c
2 changed files with 174 additions and 57 deletions
  1. 171 57
      main.c
  2. 3 0
      sshdetect.conf

+ 171 - 57
main.c

@@ -8,8 +8,9 @@
8 8
 #include <utmp.h>
9 9
 #include <locale.h>
10 10
 #include <libgen.h>
11
+#include <libconfig.h>
11 12
 
12
-#define HOSTNAME "lalis"
13
+#define HOSTNAME "localhost"
13 14
 
14 15
 struct connexion
15 16
 {
@@ -24,6 +25,121 @@ struct connexion
24 25
 
25 26
 };
26 27
 
28
+struct config
29
+{
30
+	char commande[1024];
31
+	char logfile[4096];
32
+	char hostname[128];
33
+
34
+};
35
+
36
+int explode( char * str, char * separator, size_t m, size_t n, char exploded[m][n] )
37
+{
38
+	char * pch;
39
+	int x=0 ;
40
+
41
+	pch = strtok( str, separator );
42
+	while( pch != NULL )
43
+	{
44
+		//printf("%s\n", pch);
45
+		strcpy( exploded[x++], pch) ;
46
+		pch = strtok( NULL , separator );
47
+	}
48
+	return x;
49
+}
50
+
51
+// config function
52
+int readconfig( struct config * cfg )
53
+{
54
+	FILE * fh = NULL;
55
+	char path[2][30] = {"/etc/sshdetect.conf", ""};
56
+	int x;
57
+	int retval=0;
58
+	char str[1024];
59
+	char exploded[2][1024];
60
+	char * homepath;
61
+	char * buff;
62
+	char logfilepath[1024];
63
+
64
+	homepath = getenv("HOME");
65
+	if ( homepath != NULL )
66
+	{
67
+		sprintf( path[1], "%s%s", homepath, "/.config/sshdetect.conf" );
68
+	}
69
+	sprintf( logfilepath, "%s%s", homepath, "/.locale/share/sshdetect.log");
70
+	for(x=0;x<2;x++)
71
+	{
72
+		if ((fh = fopen( path[x], "r")) == NULL)
73
+		{
74
+			perror(path[x]);
75
+			if(x==1) retval = -1;
76
+		}else
77
+		{
78
+			printf("Found config file: %s\n", path[x]);
79
+			x = 3;
80
+		}
81
+	}
82
+	if (fh != NULL)
83
+	{
84
+		while(fgets(str, 1024, fh) != NULL)
85
+		{
86
+			explode(str, "= \n", 2, 1024, exploded);
87
+			if ( strcmp( exploded[0], "commande") == 0 )
88
+			{
89
+				if ( fopen(exploded[1],"r") != NULL)
90
+				{
91
+					strcpy( cfg->commande, exploded[1] );
92
+					printf("Found command: %s\n", cfg->commande);
93
+				}else
94
+				{
95
+					perror(exploded[1]);
96
+				}
97
+			}else if( strcmp( exploded[0], "logfile") == 0)
98
+			{
99
+				sprintf( logfilepath, "%s%s", homepath, "/.config/sshdetect.log");
100
+				if ( fopen(exploded[1], "a") != NULL )
101
+				{
102
+					strcpy( cfg->logfile, exploded[1] );
103
+				}
104
+			}else if( strcmp( exploded[0], "hostname") == 0 )
105
+			{
106
+				strcpy( cfg->hostname, exploded[1] );
107
+			}
108
+		}
109
+	}
110
+	if ( cfg->logfile[0] == 0 )
111
+	{
112
+		if ( fopen("/var/log/sshdetect.log", "a") != NULL )
113
+		{
114
+			strcpy( cfg->logfile, "/var/log/sshdetect.log" );
115
+		}else if ( fopen(logfilepath, "a") != NULL )
116
+		{
117
+			strcpy( cfg->logfile, logfilepath );
118
+		}else
119
+		{
120
+			perror(logfilepath);
121
+			strcpy(cfg->logfile, "/dev/null");
122
+			retval += 2;
123
+		}
124
+	}
125
+	if (cfg->hostname[0] == 0 )
126
+	{
127
+		buff = getenv("HOSTNAME");
128
+		if ( buff  != NULL)
129
+		{
130
+			strcpy(cfg->hostname, buff);
131
+		}else
132
+		{
133
+			strcpy(cfg->hostname, HOSTNAME);
134
+		}
135
+	}
136
+	if (cfg->commande[0] == 0)
137
+	{
138
+		printf("command not found: no command will be executed");
139
+		retval += 4;
140
+	}
141
+	return retval;
142
+}
27 143
 
28 144
 //test if pid is in lsit of known sshd processus
29 145
 int isinarray( int pid, int array[], int n )
@@ -119,7 +235,8 @@ int null2space( char str[] )
119 235
 			if ( (int) str[x+1] != 0 )
120 236
 			{
121 237
 				str[x] = ' ';
122
-			}else
238
+			}elsemv /etc/ssh/sshrc /etc/ssh/sshrc.old
239
+
123 240
 			{
124 241
 				flag = 1;
125 242
 			}
@@ -151,7 +268,7 @@ int getpids(int pid, int exploded[])
151 268
 		pch = strtok( str, separator );
152 269
 		while( pch != NULL )
153 270
 		{
154
-			printf("%s\n", pch);
271
+			//printf("%s\n", pch);
155 272
 			exploded[x++] = atoi( pch  );
156 273
 			pch = strtok( NULL , separator );
157 274
 
@@ -176,6 +293,7 @@ int getprocinfo( struct connexion * conn )
176 293
 	int r;
177 294
 	int level = 0;
178 295
 	int retval = 0;
296
+	char tab[128];
179 297
 	time_t  timet=0;
180 298
 
181 299
 	//get connexion time
@@ -197,6 +315,7 @@ int getprocinfo( struct connexion * conn )
197 315
 		}else if ( r != -1 )
198 316
 		{
199 317
 			level++;
318
+			strcat(tab,"    ");
200 319
 			conn->pid = child_pid[0];
201 320
 		}else
202 321
 		{
@@ -212,7 +331,6 @@ int getprocinfo( struct connexion * conn )
212 331
 		return 2;
213 332
 	}
214 333
 	fgets( str, 1024, fh1);
215
-	flag = 0;
216 334
 	null2space( str );
217 335
 	sprintf(conn->cmdline, "%s", str);
218 336
 	fclose(fh1);
@@ -230,14 +348,14 @@ int getprocinfo( struct connexion * conn )
230 348
 
231 349
 int main()
232 350
 {
233
-	FILE *fh;
351
+	FILE *fh = NULL;
234 352
 	FILE *fh1;
235 353
 	int n_ssh=10;
236 354
 	int id;
237 355
 	int pid;
238 356
 	int x=0;
239 357
 	int y=0;
240
-	int r;
358
+	int r=0;
241 359
 	int i;
242 360
 	int j;
243 361
 	int n;
@@ -247,64 +365,50 @@ int main()
247 365
 	int flag[n_ssh];
248 366
 	int rinfo;
249 367
 	int status;
250
-	char commande[] = "/usr/local/bin/send_sms";
251
-	char logfile[] = "/var/log/sshdetect.log";
252
-//	char cmd[24];
253
-//	char cmdline[1000];
254
-//	char user[24]="";
255
-	char hostname[128];
256 368
 	char ip[42]="";
257
-//	char host_ip[42]="";
258
-//	char host_ipv6[42]="";
259 369
 	char str[1024];
260 370
 	char date[60];
261
-	time_t now ;
262
-	char * locale;
371
+	time_t now = 0;
263 372
 	char * language;
264 373
 	char * buff;
265 374
 	struct connexion conn;
266 375
 	struct connexion connexions[n_ssh];
376
+	struct config cfg = {"","",""};
267 377
 	//char * ptr;
268 378
 
269
-	if ( (fh = fopen(logfile, "a")) == NULL)
270
-	{
271
-		perror(logfile);
272
-		buff = basename(logfile);
273
-		sprintf( logfile, "%s%s", "~/.local/share/", buff);
274
-		if( (fh = fopen(logfile, "a")))
275
-		{
276
-			perror(logfile);
277
-			return 1;
278
-		}
279
-		return 0;
280
-	}
379
+	readconfig( &cfg );
281 380
 
282
-	buff = getenv("HOSTNAME");
283
-	if ( buff  != NULL)
381
+	//localizing
382
+	if ( (language = getenv("LANGUAGE")) != NULL)
284 383
 	{
285
-		 strcpy(hostname, buff);
286
-	}else
384
+		strtok (language, ":");
385
+	}else if ( (language = getenv("LC_ALL")) == NULL )
287 386
 	{
288
-		strcpy(hostname, HOSTNAME);
387
+		language="";
289 388
 	}
389
+	setlocale(LC_ALL,language);
290 390
 
291
-	language = getenv("LANGUAGE");
292
-	strtok (language, ":");
293
-	locale = setlocale(LC_ALL,language);
294 391
 	time( &now );
295 392
 	sprintf( date, "%s", frtime(now));
296
-	if ( (fh = fopen(logfile, "a")) == NULL)
393
+	if ( (fh = fopen(cfg.logfile, "a")) == NULL)
297 394
 	{
298
-		perror(logfile);
299
-		return 1;
395
+		perror(cfg.logfile);
396
+		return 7;
300 397
 	}
301 398
 	fprintf(fh, "%s: Démarrage de sshdetect\n", date);
302 399
 	fclose(fh);
303
-	sprintf( str, "%s \"%s - %s: Démarrage de sshdetect\"", commande, HOSTNAME, date );
400
+	sprintf( str, "%s \"%s - %s: Démarrage de sshdetect\"", cfg.commande, cfg.hostname, date );
304 401
 	id=fork();
305 402
 	if(id == 0)
306 403
 	{
307
-		r = system( str );
404
+		if (cfg.commande[0] != 0)
405
+		{
406
+			r = system( str );
407
+		}else
408
+		{
409
+			printf("no command defined: no command launched\n");
410
+		}
411
+
308 412
 		exit(r);
309 413
 	}else if( id<0 )
310 414
 	{
@@ -356,42 +460,52 @@ int main()
356 460
 
357 461
 						if (conn.user[0] == '\0')
358 462
 						{
359
-							sprintf( str, "%s \"%s: tunnel ouvert le %s depuis %s avec la commande: %s %s\"", commande, hostname, conn.date, ip, conn.cmd, conn.cmdline );
463
+							sprintf( str, "%s \"%s: tunnel ouvert le %s depuis %s avec la commande: %s %s\"", cfg.commande, cfg.hostname, conn.date, ip, conn.cmd, conn.cmdline );
360 464
 						}else
361 465
 						{
362
-							sprintf( str, "%s \"%s: %s s'est connecté le %s depuis %s avec la commande: %s %s\"", commande, hostname, conn.user, conn.date, ip, conn.cmd, conn.cmdline );
466
+							sprintf( str, "%s \"%s: %s s'est connecté le %s depuis %s avec la commande: %s %s\"", cfg.commande, cfg.hostname, conn.user, conn.date, ip, conn.cmd, conn.cmdline );
363 467
 						}
364 468
 						if ( start != 1 )
365 469
 						{
366 470
 							id=fork();
367
-							if(id>0)
471
+							if(id > 0)
368 472
 							{
369
-								if ( (fh1 = fopen(logfile, "a")) == NULL)
473
+								if ( (fh1 = fopen(cfg.logfile, "a")) == NULL)
370 474
 								{
371
-									perror(logfile);
475
+									perror(cfg.logfile);
372 476
 									return 7;
373 477
 								}
374 478
 								fprintf(fh1, "%s: Connexion de %s depuis %s commande: %s %s\n", conn.date, conn.user, ip, conn.cmd, conn.cmdline);
375 479
 								fclose(fh1);
376
-							}else if (id<0)
480
+							}else if (id < 0)
377 481
 							{
378 482
 								printf("erreur de création du fork: %s\n", str);
379 483
 							}else
380 484
 							{
381
-								printf("%s\n", str);
382
-								r = system( str );
383
-								exit (r);
485
+								if (cfg.commande[0] != 0)
486
+								{
487
+									printf("%s\n", str);
488
+									r = system( str );
489
+								}else
490
+								{
491
+									printf("no command defined: no command launched\n");
492
+								}
493
+								exit(r);
384 494
 							}
385 495
 						}else
386 496
 						{
387
-							if ( (fh1 = fopen(logfile, "a")) == NULL)
497
+							if ( (fh1 = fopen(cfg.logfile, "a")) == NULL)
388 498
 							{
389
-								perror(logfile);
499
+								perror(cfg.logfile);
390 500
 								return 7;
391 501
 							}
392 502
 							fprintf(fh1, "%s: %s Connecté depuis %s - %s  %s\n", conn.date, conn.user, ip, conn.cmd, conn.cmdline);
393 503
 							fclose(fh1);
394 504
 						}
505
+					}else if (rinfo == -1)
506
+					{
507
+
508
+						printf("%i => 2 pids : en cours de connexion\n", conn.pid);
395 509
 					}
396 510
 				}else
397 511
 				{
@@ -403,14 +517,14 @@ int main()
403 517
 				if (flag[i] == 0 )
404 518
 				{
405 519
 					time( &now );
406
-					sprintf( date, "%s", frtime(now));
407
-					printf("Session %d de %s terminée le %s\n", connexions[i].pid, connexions[i].user, date);
408
-					if ( (fh1 = fopen(logfile, "a")) == NULL)
520
+					sprintf( date, "%s", frtime(now) );
521
+					printf( "Session %d de %s terminée le %s\n", connexions[i].pid, connexions[i].user, date );
522
+					if ( (fh1 = fopen(cfg.logfile, "a")) == NULL)
409 523
 					{
410
-						perror(logfile);
524
+						perror(cfg.logfile);
411 525
 						return 7;
412 526
 					}
413
-					fprintf(fh1, "%s: pid %d -Connexion de %s terminée le %s\n", hostname, connexions[i].pid, connexions[i].user, connexions[i].date);
527
+					fprintf(fh1, "%s: pid %d -Connexion de %s terminée le %s\n", cfg.hostname, connexions[i].pid, connexions[i].user, connexions[i].date);
414 528
 					for( j=i; j<x; j++ )
415 529
 					{
416 530
 						childrens[j] = childrens[j+1];

+ 3 - 0
sshdetect.conf

@@ -0,0 +1,3 @@
1
+hostname = portable
2
+commande = /usr/local/bin/send_sms
3
+#logfile = /var/log/sshdetect1.log