From bb02dee918cc476dba0981cc5330717b008ffd56 Mon Sep 17 00:00:00 2001 From: yunchao_liu Date: Tue, 3 Jul 2018 20:59:19 +0000 Subject: [PATCH 1/6] add syslog --- eventmon/monitord/api.go | 2 ++ eventmon/monitord/impl.go | 27 +++++++++++++++++++++++---- 2 files changed, 25 insertions(+), 4 deletions(-) diff --git a/eventmon/monitord/api.go b/eventmon/monitord/api.go index 36bf594..3aea620 100644 --- a/eventmon/monitord/api.go +++ b/eventmon/monitord/api.go @@ -7,6 +7,7 @@ import ( "github.com/Symantec/Dominator/lib/log" "golang.org/x/crypto/ssh" + "log/syslog" ) type AuthInfo struct { @@ -42,6 +43,7 @@ type Monitor struct { X509CertChannel <-chan *x509.Certificate mutex sync.RWMutex // Lock all below. keymasterStatus map[string]error // Key: IP address. + sysLog *syslog.Writer // Record to syslog } func New(keymasterServerHostname string, keymasterServerPortNum uint, diff --git a/eventmon/monitord/impl.go b/eventmon/monitord/impl.go index 94bf26d..2d539d6 100644 --- a/eventmon/monitord/impl.go +++ b/eventmon/monitord/impl.go @@ -8,6 +8,7 @@ import ( "errors" "fmt" "io" + "log/syslog" "net" "net/http" "strings" @@ -37,6 +38,11 @@ func newMonitor(keymasterServerHostname string, keymasterServerPortNum uint, webLoginChannel := make(chan string, bufferLength) x509RawCertChannel := make(chan []byte, bufferLength) x509CertChannel := make(chan *x509.Certificate, bufferLength) + sysLog, err := syslog.New(syslog.LOG_NOTICE|syslog.LOG_AUTHPRIV, "keymaster") + if err != nil { + logger.Fatalf("System log failed") + } + defer sysLog.Close() monitor := &Monitor{ keymasterServerHostname: keymasterServerHostname, keymasterServerPortNum: keymasterServerPortNum, @@ -58,6 +64,7 @@ func newMonitor(keymasterServerHostname string, keymasterServerPortNum uint, X509RawCertChannel: x509RawCertChannel, X509CertChannel: x509CertChannel, keymasterStatus: make(map[string]error), + sysLog: sysLog, } go monitor.monitorForever(logger) return monitor, nil @@ -140,7 +147,7 @@ func (m *Monitor) startMonitoring(ip string, closeChannel <-chan struct{}, continue } logger.Println("connected, starting monitoring") - forget, err := m.monitor(conn, closeChannel, logger) + forget, err := m.monitor(conn, closeChannel, ip, logger) if forget { return } @@ -175,6 +182,7 @@ func (m *Monitor) connect(rawConn net.Conn) (net.Conn, error) { } conn := tls.Client(rawConn, &tls.Config{ServerName: m.keymasterServerHostname}) + if err := conn.Handshake(); err != nil { return nil, err } @@ -195,7 +203,7 @@ func (m *Monitor) connect(rawConn net.Conn) (net.Conn, error) { } func (m *Monitor) monitor(conn net.Conn, closeChannel <-chan struct{}, - logger log.Logger) (bool, error) { + ip string, logger log.Logger) (bool, error) { closedChannel := make(chan struct{}, 1) exitChannel := make(chan struct{}) go func() { @@ -219,7 +227,7 @@ func (m *Monitor) monitor(conn net.Conn, closeChannel <-chan struct{}, } return false, err } else { - m.notify(receiveData, logger) + m.notify(receiveData, ip, logger) } } } @@ -265,7 +273,7 @@ func (m *Monitor) writeHtml(writer io.Writer) { fmt.Fprintln(writer, "") } -func (m *Monitor) notify(event eventmon.EventV0, logger log.Logger) { +func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { switch event.Type { case eventmon.EventTypeAuth: authType := event.AuthType @@ -282,6 +290,7 @@ func (m *Monitor) notify(event eventmon.EventV0, logger log.Logger) { } } logger.Printf("User %s authentication: %s\n", authType, event.Username) + m.sysLog.Write([]byte(fmt.Sprintf("%s: User %s authentication: %s", ip, authType, event.Username))) select { // Non-blocking notification. case m.authChannel <- AuthInfo{ AuthType: event.AuthType, @@ -293,6 +302,7 @@ func (m *Monitor) notify(event eventmon.EventV0, logger log.Logger) { case eventmon.EventTypeServiceProviderLogin: logger.Printf("User %s logged into service: %s\n", event.Username, event.ServiceProviderUrl) + m.sysLog.Write([]byte(fmt.Sprintf("%s: User %s logged into service: %s", ip, event.Username, event.ServiceProviderUrl))) select { // Non-blocking notification. case m.serviceProviderLoginChannel <- SPLoginInfo{ URL: event.ServiceProviderUrl, @@ -307,19 +317,25 @@ func (m *Monitor) notify(event eventmon.EventV0, logger log.Logger) { } if pubKey, err := ssh.ParsePublicKey(event.CertData); err != nil { logger.Println(err) + m.sysLog.Write([]byte(fmt.Sprintf("%s: " + err.Error(), ip))) } else if sshCert, ok := pubKey.(*ssh.Certificate); !ok { logger.Println("SSH public key is not a certificate") + m.sysLog.Write([]byte(fmt.Sprintf("%s: SSH public key is not a certificate"))) + } else { switch len(sshCert.ValidPrincipals) { case 0: logger.Println( "Received SSH certificate with no valid principals") + m.sysLog.Write([]byte(fmt.Sprintf("%s: Received SSH certificate with no valid principals", ip))) case 1: logger.Printf("Received SSH certificate for: %s", sshCert.ValidPrincipals[0]) + m.sysLog.Write([]byte(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals[0]))) default: logger.Printf("Received SSH certificate for: %s", sshCert.ValidPrincipals) + m.sysLog.Write([]byte(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals))) } select { // Non-blocking notification. case m.sshCertChannel <- sshCert: @@ -328,6 +344,7 @@ func (m *Monitor) notify(event eventmon.EventV0, logger log.Logger) { } case eventmon.EventTypeWebLogin: logger.Printf("Web login for: %s\n", event.Username) + m.sysLog.Write([]byte(fmt.Sprintf("%s: Web login for: %s", ip, event.Username))) select { // Non-blocking notification. case m.webLoginChannel <- event.Username: default: @@ -342,6 +359,7 @@ func (m *Monitor) notify(event eventmon.EventV0, logger log.Logger) { } else { logger.Printf("Received X509 certificate for: %s\n", x509Cert.Subject.CommonName) + m.sysLog.Write([]byte(fmt.Sprintf("%s: Received X509 certificate for: %s", ip, x509Cert.Subject.CommonName))) select { // Non-blocking notification. case m.x509CertChannel <- x509Cert: default: @@ -349,5 +367,6 @@ func (m *Monitor) notify(event eventmon.EventV0, logger log.Logger) { } default: logger.Printf("Invalid event type: %s\n", event.Type) + m.sysLog.Write([]byte(fmt.Sprintf("%s: Invalid event type: %s", ip, event.Type))) } } From cca5a70f8fc9a5db731a8c064ab33eff3b86a933 Mon Sep 17 00:00:00 2001 From: yunchao_liu Date: Tue, 3 Jul 2018 20:59:58 +0000 Subject: [PATCH 2/6] add syslog --- eventmon/monitord/api.go | 2 +- eventmon/monitord/impl.go | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/eventmon/monitord/api.go b/eventmon/monitord/api.go index 3aea620..ab20d8f 100644 --- a/eventmon/monitord/api.go +++ b/eventmon/monitord/api.go @@ -43,7 +43,7 @@ type Monitor struct { X509CertChannel <-chan *x509.Certificate mutex sync.RWMutex // Lock all below. keymasterStatus map[string]error // Key: IP address. - sysLog *syslog.Writer // Record to syslog + sysLog *syslog.Writer // Record to syslog } func New(keymasterServerHostname string, keymasterServerPortNum uint, diff --git a/eventmon/monitord/impl.go b/eventmon/monitord/impl.go index 2d539d6..253cd9d 100644 --- a/eventmon/monitord/impl.go +++ b/eventmon/monitord/impl.go @@ -39,10 +39,10 @@ func newMonitor(keymasterServerHostname string, keymasterServerPortNum uint, x509RawCertChannel := make(chan []byte, bufferLength) x509CertChannel := make(chan *x509.Certificate, bufferLength) sysLog, err := syslog.New(syslog.LOG_NOTICE|syslog.LOG_AUTHPRIV, "keymaster") - if err != nil { - logger.Fatalf("System log failed") - } - defer sysLog.Close() + if err != nil { + logger.Fatalf("System log failed") + } + defer sysLog.Close() monitor := &Monitor{ keymasterServerHostname: keymasterServerHostname, keymasterServerPortNum: keymasterServerPortNum, @@ -64,7 +64,7 @@ func newMonitor(keymasterServerHostname string, keymasterServerPortNum uint, X509RawCertChannel: x509RawCertChannel, X509CertChannel: x509CertChannel, keymasterStatus: make(map[string]error), - sysLog: sysLog, + sysLog: sysLog, } go monitor.monitorForever(logger) return monitor, nil @@ -182,7 +182,7 @@ func (m *Monitor) connect(rawConn net.Conn) (net.Conn, error) { } conn := tls.Client(rawConn, &tls.Config{ServerName: m.keymasterServerHostname}) - + if err := conn.Handshake(); err != nil { return nil, err } @@ -317,11 +317,11 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { } if pubKey, err := ssh.ParsePublicKey(event.CertData); err != nil { logger.Println(err) - m.sysLog.Write([]byte(fmt.Sprintf("%s: " + err.Error(), ip))) + m.sysLog.Write([]byte(fmt.Sprintf("%s: "+err.Error(), ip))) } else if sshCert, ok := pubKey.(*ssh.Certificate); !ok { logger.Println("SSH public key is not a certificate") m.sysLog.Write([]byte(fmt.Sprintf("%s: SSH public key is not a certificate"))) - + } else { switch len(sshCert.ValidPrincipals) { case 0: @@ -331,7 +331,7 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { case 1: logger.Printf("Received SSH certificate for: %s", sshCert.ValidPrincipals[0]) - m.sysLog.Write([]byte(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals[0]))) + m.sysLog.Write([]byte(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals[0]))) default: logger.Printf("Received SSH certificate for: %s", sshCert.ValidPrincipals) From a90db7e1a646277d0ad037f150399c48384e2ab4 Mon Sep 17 00:00:00 2001 From: yunchao_liu Date: Mon, 9 Jul 2018 21:03:13 +0000 Subject: [PATCH 3/6] use teelogger --- eventmon/monitord/api.go | 8 +++++++- eventmon/monitord/impl.go | 34 ++++++++++++++++++++-------------- 2 files changed, 27 insertions(+), 15 deletions(-) diff --git a/eventmon/monitord/api.go b/eventmon/monitord/api.go index ab20d8f..922b228 100644 --- a/eventmon/monitord/api.go +++ b/eventmon/monitord/api.go @@ -6,6 +6,7 @@ import ( "sync" "github.com/Symantec/Dominator/lib/log" +// "github.com/Symantec/keymaster/eventmon/tee_logger" "golang.org/x/crypto/ssh" "log/syslog" ) @@ -21,6 +22,11 @@ type SPLoginInfo struct { Username string } +type TeeLogger struct { + one *syslog.Writer + two log.Logger +} + type Monitor struct { keymasterServerHostname string keymasterServerPortNum uint @@ -43,7 +49,7 @@ type Monitor struct { X509CertChannel <-chan *x509.Certificate mutex sync.RWMutex // Lock all below. keymasterStatus map[string]error // Key: IP address. - sysLog *syslog.Writer // Record to syslog + TeeLogger } func New(keymasterServerHostname string, keymasterServerPortNum uint, diff --git a/eventmon/monitord/impl.go b/eventmon/monitord/impl.go index 253cd9d..f9a0137 100644 --- a/eventmon/monitord/impl.go +++ b/eventmon/monitord/impl.go @@ -18,11 +18,14 @@ import ( "github.com/Symantec/Dominator/lib/log/prefixlogger" "github.com/Symantec/Dominator/lib/verstr" "github.com/Symantec/keymaster/proto/eventmon" + //"github.com/Symantec/keymaster/eventmon/tee_logger" "golang.org/x/crypto/ssh" ) const ( bufferLength = 16 + priority = syslog.LOG_AUTHPRIV + log_name = "keymaster" ) var ( @@ -38,7 +41,7 @@ func newMonitor(keymasterServerHostname string, keymasterServerPortNum uint, webLoginChannel := make(chan string, bufferLength) x509RawCertChannel := make(chan []byte, bufferLength) x509CertChannel := make(chan *x509.Certificate, bufferLength) - sysLog, err := syslog.New(syslog.LOG_NOTICE|syslog.LOG_AUTHPRIV, "keymaster") + sysLog, err := syslog.New(priority, log_name) if err != nil { logger.Fatalf("System log failed") } @@ -64,7 +67,10 @@ func newMonitor(keymasterServerHostname string, keymasterServerPortNum uint, X509RawCertChannel: x509RawCertChannel, X509CertChannel: x509CertChannel, keymasterStatus: make(map[string]error), - sysLog: sysLog, + TeeLogger: TeeLogger{ + one: sysLog, + two: logger, + }, } go monitor.monitorForever(logger) return monitor, nil @@ -182,7 +188,7 @@ func (m *Monitor) connect(rawConn net.Conn) (net.Conn, error) { } conn := tls.Client(rawConn, &tls.Config{ServerName: m.keymasterServerHostname}) - + if err := conn.Handshake(); err != nil { return nil, err } @@ -290,7 +296,7 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { } } logger.Printf("User %s authentication: %s\n", authType, event.Username) - m.sysLog.Write([]byte(fmt.Sprintf("%s: User %s authentication: %s", ip, authType, event.Username))) + m.TeeLogger.one.Notice(fmt.Sprintf("%s: User %s authentication: %s", ip, authType, event.Username)) select { // Non-blocking notification. case m.authChannel <- AuthInfo{ AuthType: event.AuthType, @@ -302,7 +308,7 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { case eventmon.EventTypeServiceProviderLogin: logger.Printf("User %s logged into service: %s\n", event.Username, event.ServiceProviderUrl) - m.sysLog.Write([]byte(fmt.Sprintf("%s: User %s logged into service: %s", ip, event.Username, event.ServiceProviderUrl))) + m.TeeLogger.one.Notice(fmt.Sprintf("%s: User %s logged into service: %s", ip, event.Username, event.ServiceProviderUrl)) select { // Non-blocking notification. case m.serviceProviderLoginChannel <- SPLoginInfo{ URL: event.ServiceProviderUrl, @@ -317,25 +323,25 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { } if pubKey, err := ssh.ParsePublicKey(event.CertData); err != nil { logger.Println(err) - m.sysLog.Write([]byte(fmt.Sprintf("%s: "+err.Error(), ip))) + m.TeeLogger.one.Notice(fmt.Sprintf("%s: " + err.Error(), ip)) } else if sshCert, ok := pubKey.(*ssh.Certificate); !ok { logger.Println("SSH public key is not a certificate") - m.sysLog.Write([]byte(fmt.Sprintf("%s: SSH public key is not a certificate"))) - + m.TeeLogger.one.Notice(fmt.Sprintf("%s: SSH public key is not a certificate")) + } else { switch len(sshCert.ValidPrincipals) { case 0: logger.Println( "Received SSH certificate with no valid principals") - m.sysLog.Write([]byte(fmt.Sprintf("%s: Received SSH certificate with no valid principals", ip))) + m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received SSH certificate with no valid principals", ip)) case 1: logger.Printf("Received SSH certificate for: %s", sshCert.ValidPrincipals[0]) - m.sysLog.Write([]byte(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals[0]))) + m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals[0])) default: logger.Printf("Received SSH certificate for: %s", sshCert.ValidPrincipals) - m.sysLog.Write([]byte(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals))) + m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals)) } select { // Non-blocking notification. case m.sshCertChannel <- sshCert: @@ -344,7 +350,7 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { } case eventmon.EventTypeWebLogin: logger.Printf("Web login for: %s\n", event.Username) - m.sysLog.Write([]byte(fmt.Sprintf("%s: Web login for: %s", ip, event.Username))) + m.TeeLogger.one.Notice(fmt.Sprintf("%s: Web login for: %s", ip, event.Username)) select { // Non-blocking notification. case m.webLoginChannel <- event.Username: default: @@ -359,7 +365,7 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { } else { logger.Printf("Received X509 certificate for: %s\n", x509Cert.Subject.CommonName) - m.sysLog.Write([]byte(fmt.Sprintf("%s: Received X509 certificate for: %s", ip, x509Cert.Subject.CommonName))) + m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received X509 certificate for: %s", ip, x509Cert.Subject.CommonName)) select { // Non-blocking notification. case m.x509CertChannel <- x509Cert: default: @@ -367,6 +373,6 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { } default: logger.Printf("Invalid event type: %s\n", event.Type) - m.sysLog.Write([]byte(fmt.Sprintf("%s: Invalid event type: %s", ip, event.Type))) + m.TeeLogger.one.Notice(fmt.Sprintf("%s: Invalid event type: %s", ip, event.Type)) } } From bb94c84c177587821e86914a57b72187123d00e4 Mon Sep 17 00:00:00 2001 From: yunchao_liu Date: Mon, 9 Jul 2018 21:06:08 +0000 Subject: [PATCH 4/6] use teelogger --- eventmon/monitord/api.go | 1 - eventmon/monitord/impl.go | 1 - 2 files changed, 2 deletions(-) diff --git a/eventmon/monitord/api.go b/eventmon/monitord/api.go index 922b228..0cc92be 100644 --- a/eventmon/monitord/api.go +++ b/eventmon/monitord/api.go @@ -6,7 +6,6 @@ import ( "sync" "github.com/Symantec/Dominator/lib/log" -// "github.com/Symantec/keymaster/eventmon/tee_logger" "golang.org/x/crypto/ssh" "log/syslog" ) diff --git a/eventmon/monitord/impl.go b/eventmon/monitord/impl.go index f9a0137..1b6f5b0 100644 --- a/eventmon/monitord/impl.go +++ b/eventmon/monitord/impl.go @@ -18,7 +18,6 @@ import ( "github.com/Symantec/Dominator/lib/log/prefixlogger" "github.com/Symantec/Dominator/lib/verstr" "github.com/Symantec/keymaster/proto/eventmon" - //"github.com/Symantec/keymaster/eventmon/tee_logger" "golang.org/x/crypto/ssh" ) From 89ede68b2c73830f82d5e1f64f85cae593939d17 Mon Sep 17 00:00:00 2001 From: yunchao_liu Date: Wed, 11 Jul 2018 07:11:33 +0000 Subject: [PATCH 5/6] syslog wrapper --- eventmon/monitord/api.go | 7 ---- eventmon/monitord/impl.go | 64 +++++++++++++++++------------------- eventmon/systeelogger/api.go | 40 ++++++++++++++++++++++ 3 files changed, 70 insertions(+), 41 deletions(-) create mode 100644 eventmon/systeelogger/api.go diff --git a/eventmon/monitord/api.go b/eventmon/monitord/api.go index 0cc92be..36bf594 100644 --- a/eventmon/monitord/api.go +++ b/eventmon/monitord/api.go @@ -7,7 +7,6 @@ import ( "github.com/Symantec/Dominator/lib/log" "golang.org/x/crypto/ssh" - "log/syslog" ) type AuthInfo struct { @@ -21,11 +20,6 @@ type SPLoginInfo struct { Username string } -type TeeLogger struct { - one *syslog.Writer - two log.Logger -} - type Monitor struct { keymasterServerHostname string keymasterServerPortNum uint @@ -48,7 +42,6 @@ type Monitor struct { X509CertChannel <-chan *x509.Certificate mutex sync.RWMutex // Lock all below. keymasterStatus map[string]error // Key: IP address. - TeeLogger } func New(keymasterServerHostname string, keymasterServerPortNum uint, diff --git a/eventmon/monitord/impl.go b/eventmon/monitord/impl.go index 1b6f5b0..2258ef0 100644 --- a/eventmon/monitord/impl.go +++ b/eventmon/monitord/impl.go @@ -8,27 +8,30 @@ import ( "errors" "fmt" "io" - "log/syslog" "net" "net/http" "strings" "time" "github.com/Symantec/Dominator/lib/log" + "github.com/Symantec/Dominator/lib/log/nulllogger" "github.com/Symantec/Dominator/lib/log/prefixlogger" + "github.com/Symantec/Dominator/lib/log/teelogger" "github.com/Symantec/Dominator/lib/verstr" + "github.com/Symantec/keymaster/eventmon/systeelogger" "github.com/Symantec/keymaster/proto/eventmon" "golang.org/x/crypto/ssh" ) const ( bufferLength = 16 - priority = syslog.LOG_AUTHPRIV - log_name = "keymaster" ) var ( ErrorKeymasterDaemonNotReady = errors.New("keymasterd not ready") + One = systeelogger.New() + Two = nulllogger.New() //remain for the future use + Teelog teelogger.Logger ) func newMonitor(keymasterServerHostname string, keymasterServerPortNum uint, @@ -40,11 +43,8 @@ func newMonitor(keymasterServerHostname string, keymasterServerPortNum uint, webLoginChannel := make(chan string, bufferLength) x509RawCertChannel := make(chan []byte, bufferLength) x509CertChannel := make(chan *x509.Certificate, bufferLength) - sysLog, err := syslog.New(priority, log_name) - if err != nil { - logger.Fatalf("System log failed") - } - defer sysLog.Close() + Teelog := teelogger.New(One, Two) + defer One.Close() monitor := &Monitor{ keymasterServerHostname: keymasterServerHostname, keymasterServerPortNum: keymasterServerPortNum, @@ -66,12 +66,8 @@ func newMonitor(keymasterServerHostname string, keymasterServerPortNum uint, X509RawCertChannel: x509RawCertChannel, X509CertChannel: x509CertChannel, keymasterStatus: make(map[string]error), - TeeLogger: TeeLogger{ - one: sysLog, - two: logger, - }, } - go monitor.monitorForever(logger) + go monitor.monitorForever(logger, Teelog) return monitor, nil } @@ -84,13 +80,13 @@ func checkForEvent(channel <-chan struct{}) bool { } } -func (m *Monitor) monitorForever(logger log.Logger) { +func (m *Monitor) monitorForever(logger log.Logger, Teelog log.Logger) { for ; ; time.Sleep(time.Minute * 2) { - m.updateNotifierList(logger) + m.updateNotifierList(logger, Teelog) } } -func (m *Monitor) updateNotifierList(logger log.Logger) { +func (m *Monitor) updateNotifierList(logger log.Logger, Teelog log.Logger) { addrsToDelete := make(map[string]struct{}) for addr := range m.closers { addrsToDelete[addr] = struct{}{} @@ -107,7 +103,7 @@ func (m *Monitor) updateNotifierList(logger log.Logger) { closeChannel := make(chan struct{}, 1) m.closers[addr] = closeChannel go m.startMonitoring(addr, closeChannel, - prefixlogger.New(addr+": ", logger)) + prefixlogger.New(addr+": ", logger), Teelog) } } for addr := range addrsToDelete { @@ -127,7 +123,7 @@ func (m *Monitor) setKeymasterStatus(addr string, err error) { } func (m *Monitor) startMonitoring(ip string, closeChannel <-chan struct{}, - logger log.Logger) { + logger log.Logger, Teelog log.Logger) { m.setKeymasterStatus(ip, errors.New("not yet probed")) addr := fmt.Sprintf("%s:%d", ip, m.keymasterServerPortNum) reportedNotReady := false @@ -152,7 +148,7 @@ func (m *Monitor) startMonitoring(ip string, closeChannel <-chan struct{}, continue } logger.Println("connected, starting monitoring") - forget, err := m.monitor(conn, closeChannel, ip, logger) + forget, err := m.monitor(conn, closeChannel, ip, logger, Teelog) if forget { return } @@ -187,7 +183,7 @@ func (m *Monitor) connect(rawConn net.Conn) (net.Conn, error) { } conn := tls.Client(rawConn, &tls.Config{ServerName: m.keymasterServerHostname}) - + if err := conn.Handshake(); err != nil { return nil, err } @@ -208,7 +204,7 @@ func (m *Monitor) connect(rawConn net.Conn) (net.Conn, error) { } func (m *Monitor) monitor(conn net.Conn, closeChannel <-chan struct{}, - ip string, logger log.Logger) (bool, error) { + ip string, logger log.Logger, Teelog log.Logger) (bool, error) { closedChannel := make(chan struct{}, 1) exitChannel := make(chan struct{}) go func() { @@ -232,7 +228,7 @@ func (m *Monitor) monitor(conn net.Conn, closeChannel <-chan struct{}, } return false, err } else { - m.notify(receiveData, ip, logger) + m.notify(receiveData, ip, logger, Teelog) } } } @@ -278,7 +274,7 @@ func (m *Monitor) writeHtml(writer io.Writer) { fmt.Fprintln(writer, "") } -func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { +func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger, Teelog log.Logger) { switch event.Type { case eventmon.EventTypeAuth: authType := event.AuthType @@ -295,7 +291,7 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { } } logger.Printf("User %s authentication: %s\n", authType, event.Username) - m.TeeLogger.one.Notice(fmt.Sprintf("%s: User %s authentication: %s", ip, authType, event.Username)) + Teelog.Print(fmt.Sprintf("%s: User %s authentication: %s", ip, authType, event.Username)) select { // Non-blocking notification. case m.authChannel <- AuthInfo{ AuthType: event.AuthType, @@ -307,7 +303,7 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { case eventmon.EventTypeServiceProviderLogin: logger.Printf("User %s logged into service: %s\n", event.Username, event.ServiceProviderUrl) - m.TeeLogger.one.Notice(fmt.Sprintf("%s: User %s logged into service: %s", ip, event.Username, event.ServiceProviderUrl)) + //m.TeeLogger.one.Notice(fmt.Sprintf("%s: User %s logged into service: %s", ip, event.Username, event.ServiceProviderUrl)) select { // Non-blocking notification. case m.serviceProviderLoginChannel <- SPLoginInfo{ URL: event.ServiceProviderUrl, @@ -322,25 +318,25 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { } if pubKey, err := ssh.ParsePublicKey(event.CertData); err != nil { logger.Println(err) - m.TeeLogger.one.Notice(fmt.Sprintf("%s: " + err.Error(), ip)) + //m.TeeLogger.one.Notice(fmt.Sprintf("%s: " + err.Error(), ip)) } else if sshCert, ok := pubKey.(*ssh.Certificate); !ok { logger.Println("SSH public key is not a certificate") - m.TeeLogger.one.Notice(fmt.Sprintf("%s: SSH public key is not a certificate")) - + //m.TeeLogger.one.Notice(fmt.Sprintf("%s: SSH public key is not a certificate")) + } else { switch len(sshCert.ValidPrincipals) { case 0: logger.Println( "Received SSH certificate with no valid principals") - m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received SSH certificate with no valid principals", ip)) + //m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received SSH certificate with no valid principals", ip)) case 1: logger.Printf("Received SSH certificate for: %s", sshCert.ValidPrincipals[0]) - m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals[0])) + //m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals[0])) default: logger.Printf("Received SSH certificate for: %s", sshCert.ValidPrincipals) - m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals)) + //m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals)) } select { // Non-blocking notification. case m.sshCertChannel <- sshCert: @@ -349,7 +345,7 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { } case eventmon.EventTypeWebLogin: logger.Printf("Web login for: %s\n", event.Username) - m.TeeLogger.one.Notice(fmt.Sprintf("%s: Web login for: %s", ip, event.Username)) + //m.TeeLogger.one.Notice(fmt.Sprintf("%s: Web login for: %s", ip, event.Username)) select { // Non-blocking notification. case m.webLoginChannel <- event.Username: default: @@ -364,7 +360,7 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { } else { logger.Printf("Received X509 certificate for: %s\n", x509Cert.Subject.CommonName) - m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received X509 certificate for: %s", ip, x509Cert.Subject.CommonName)) + //m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received X509 certificate for: %s", ip, x509Cert.Subject.CommonName)) select { // Non-blocking notification. case m.x509CertChannel <- x509Cert: default: @@ -372,6 +368,6 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger) { } default: logger.Printf("Invalid event type: %s\n", event.Type) - m.TeeLogger.one.Notice(fmt.Sprintf("%s: Invalid event type: %s", ip, event.Type)) + //m.TeeLogger.one.Notice(fmt.Sprintf("%s: Invalid event type: %s", ip, event.Type)) } } diff --git a/eventmon/systeelogger/api.go b/eventmon/systeelogger/api.go new file mode 100644 index 0000000..5757eb6 --- /dev/null +++ b/eventmon/systeelogger/api.go @@ -0,0 +1,40 @@ +package systeelogger + +import ( + "log/syslog" + //"github.com/Symantec/Dominator/lib/log" + "fmt" +) + +const ( + priority = syslog.LOG_AUTHPRIV + log_name = "keymaster" +) + +type Logger struct{ + One *syslog.Writer +} + +func New() *Logger { + sysLog, err := syslog.New(priority, log_name) + if err != nil { + fmt.Print("System log failed") + } + return &Logger{sysLog} +} + +func (l *Logger) Fatal(v ...interface{}) {} +func (l *Logger) Fatalf(format string, v ...interface{}) {} +func (l *Logger) Fatalln(v ...interface{}) {} +func (l *Logger) Panic(v ...interface{}) {} +func (l *Logger) Panicf(format string, v ...interface{}) {} +func (l *Logger) Panicln(v ...interface{}) {} +func (l *Logger) Print(v ...interface{}) { + msg := fmt.Sprintln(v...) + l.One.Notice(msg) +} +func (l *Logger) Printf(format string, v ...interface{}) {} +func (l *Logger) Println(v ...interface{}) {} +func (l *Logger) Close() { + l.One.Close() +} From d292037a6301a3a2ef4dd6fc6114c75095eaed1c Mon Sep 17 00:00:00 2001 From: yunchao_liu Date: Wed, 11 Jul 2018 18:02:54 +0000 Subject: [PATCH 6/6] syslog wrapper update --- eventmon/monitord/impl.go | 17 ++++++++--------- eventmon/systeelogger/api.go | 25 ++++++++++++------------- 2 files changed, 20 insertions(+), 22 deletions(-) diff --git a/eventmon/monitord/impl.go b/eventmon/monitord/impl.go index 2258ef0..56ceb21 100644 --- a/eventmon/monitord/impl.go +++ b/eventmon/monitord/impl.go @@ -303,7 +303,7 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger, T case eventmon.EventTypeServiceProviderLogin: logger.Printf("User %s logged into service: %s\n", event.Username, event.ServiceProviderUrl) - //m.TeeLogger.one.Notice(fmt.Sprintf("%s: User %s logged into service: %s", ip, event.Username, event.ServiceProviderUrl)) + Teelog.Print(fmt.Sprintf("%s: User %s logged into service: %s", ip, event.Username, event.ServiceProviderUrl)) select { // Non-blocking notification. case m.serviceProviderLoginChannel <- SPLoginInfo{ URL: event.ServiceProviderUrl, @@ -318,25 +318,25 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger, T } if pubKey, err := ssh.ParsePublicKey(event.CertData); err != nil { logger.Println(err) - //m.TeeLogger.one.Notice(fmt.Sprintf("%s: " + err.Error(), ip)) + Teelog.Print(fmt.Sprintf("%s: "+err.Error(), ip)) } else if sshCert, ok := pubKey.(*ssh.Certificate); !ok { logger.Println("SSH public key is not a certificate") - //m.TeeLogger.one.Notice(fmt.Sprintf("%s: SSH public key is not a certificate")) + Teelog.Print(fmt.Sprintf("%s: SSH public key is not a certificate")) } else { switch len(sshCert.ValidPrincipals) { case 0: logger.Println( "Received SSH certificate with no valid principals") - //m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received SSH certificate with no valid principals", ip)) + Teelog.Print(fmt.Sprintf("%s: Received SSH certificate with no valid principals", ip)) case 1: logger.Printf("Received SSH certificate for: %s", sshCert.ValidPrincipals[0]) - //m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals[0])) + Teelog.Print(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals[0])) default: logger.Printf("Received SSH certificate for: %s", sshCert.ValidPrincipals) - //m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals)) + Teelog.Print(fmt.Sprintf("%s: Received SSH certificate for: %s", ip, sshCert.ValidPrincipals)) } select { // Non-blocking notification. case m.sshCertChannel <- sshCert: @@ -345,7 +345,6 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger, T } case eventmon.EventTypeWebLogin: logger.Printf("Web login for: %s\n", event.Username) - //m.TeeLogger.one.Notice(fmt.Sprintf("%s: Web login for: %s", ip, event.Username)) select { // Non-blocking notification. case m.webLoginChannel <- event.Username: default: @@ -360,7 +359,7 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger, T } else { logger.Printf("Received X509 certificate for: %s\n", x509Cert.Subject.CommonName) - //m.TeeLogger.one.Notice(fmt.Sprintf("%s: Received X509 certificate for: %s", ip, x509Cert.Subject.CommonName)) + Teelog.Print(fmt.Sprintf("%s: Received X509 certificate for: %s", ip, x509Cert.Subject.CommonName)) select { // Non-blocking notification. case m.x509CertChannel <- x509Cert: default: @@ -368,6 +367,6 @@ func (m *Monitor) notify(event eventmon.EventV0, ip string, logger log.Logger, T } default: logger.Printf("Invalid event type: %s\n", event.Type) - //m.TeeLogger.one.Notice(fmt.Sprintf("%s: Invalid event type: %s", ip, event.Type)) + Teelog.Print(fmt.Sprintf("%s: Invalid event type: %s", ip, event.Type)) } } diff --git a/eventmon/systeelogger/api.go b/eventmon/systeelogger/api.go index 5757eb6..a3c7453 100644 --- a/eventmon/systeelogger/api.go +++ b/eventmon/systeelogger/api.go @@ -1,9 +1,8 @@ package systeelogger import ( - "log/syslog" - //"github.com/Symantec/Dominator/lib/log" "fmt" + "log/syslog" ) const ( @@ -11,7 +10,7 @@ const ( log_name = "keymaster" ) -type Logger struct{ +type Logger struct { One *syslog.Writer } @@ -23,18 +22,18 @@ func New() *Logger { return &Logger{sysLog} } -func (l *Logger) Fatal(v ...interface{}) {} -func (l *Logger) Fatalf(format string, v ...interface{}) {} -func (l *Logger) Fatalln(v ...interface{}) {} -func (l *Logger) Panic(v ...interface{}) {} -func (l *Logger) Panicf(format string, v ...interface{}) {} -func (l *Logger) Panicln(v ...interface{}) {} -func (l *Logger) Print(v ...interface{}) { +func (l *Logger) Fatal(v ...interface{}) {} +func (l *Logger) Fatalf(format string, v ...interface{}) {} +func (l *Logger) Fatalln(v ...interface{}) {} +func (l *Logger) Panic(v ...interface{}) {} +func (l *Logger) Panicf(format string, v ...interface{}) {} +func (l *Logger) Panicln(v ...interface{}) {} +func (l *Logger) Print(v ...interface{}) { msg := fmt.Sprintln(v...) l.One.Notice(msg) } -func (l *Logger) Printf(format string, v ...interface{}) {} -func (l *Logger) Println(v ...interface{}) {} -func (l *Logger) Close() { +func (l *Logger) Printf(format string, v ...interface{}) {} +func (l *Logger) Println(v ...interface{}) {} +func (l *Logger) Close() { l.One.Close() }