open-vault/builtin/audit/file/backend.go

package file

import (
	"fmt"
	"os"
	"path/filepath"
	"strconv"
	"sync"

	"github.com/hashicorp/vault/audit"
	"github.com/hashicorp/vault/logical"
)

func Factory(conf *audit.BackendConfig) (audit.Backend, error) {
	if conf.Salt == nil {
		return nil, fmt.Errorf("nil salt")
	}

	path, ok := conf.Config["file_path"]
	if !ok {
		path, ok = conf.Config["path"]
		if !ok {
			return nil, fmt.Errorf("file_path is required")
		}
	}

	format, ok := conf.Config["format"]
	if !ok {
		format = "json"
	}
	switch format {
	case "json", "jsonx":
	default:
		return nil, fmt.Errorf("unknown format type %s", format)
	}

	// Check if hashing of accessor is disabled
	hmacAccessor := true
	if hmacAccessorRaw, ok := conf.Config["hmac_accessor"]; ok {
		value, err := strconv.ParseBool(hmacAccessorRaw)
		if err != nil {
			return nil, err
		}
		hmacAccessor = value
	}

	// Check if raw logging is enabled
	logRaw := false
	if raw, ok := conf.Config["log_raw"]; ok {
		b, err := strconv.ParseBool(raw)
		if err != nil {
			return nil, err
		}
		logRaw = b
	}

	// Check if mode is provided
	mode := os.FileMode(0600)
	if modeRaw, ok := conf.Config["mode"]; ok {
		m, err := strconv.ParseUint(modeRaw, 8, 32)
		if err != nil {
			return nil, err
		}
		mode = os.FileMode(m)
	}

	b := &Backend{
		path: path,
		mode: mode,
		formatConfig: audit.FormatterConfig{
			Raw:          logRaw,
			Salt:         conf.Salt,
			HMACAccessor: hmacAccessor,
		},
	}

	switch format {
	case "json":
		b.formatter.AuditFormatWriter = &audit.JSONFormatWriter{
			Prefix: conf.Config["prefix"],
		}
	case "jsonx":
		b.formatter.AuditFormatWriter = &audit.JSONxFormatWriter{
			Prefix: conf.Config["prefix"],
		}
	}

	// Ensure that the file can be successfully opened for writing;
	// otherwise it will be too late to catch later without problems
	// (ref: https://github.com/hashicorp/vault/issues/550)
	if err := b.open(); err != nil {
		return nil, fmt.Errorf("sanity check failed; unable to open %s for writing: %v", path, err)
	}

	return b, nil
}

// Backend is the audit backend for the file-based audit store.
//
// NOTE: This audit backend is currently very simple: it appends to a file.
// It doesn't do anything more at the moment to assist with rotation
// or reset the write cursor, this should be done in the future.
type Backend struct {
	path string

	formatter    audit.AuditFormatter
	formatConfig audit.FormatterConfig

	fileLock sync.RWMutex
	f        *os.File
	mode     os.FileMode
}

func (b *Backend) GetHash(data string) string {
	return audit.HashString(b.formatConfig.Salt, data)
}

func (b *Backend) LogRequest(auth *logical.Auth, req *logical.Request, outerErr error) error {
	b.fileLock.Lock()
	defer b.fileLock.Unlock()

	if err := b.open(); err != nil {
		return err
	}

	return b.formatter.FormatRequest(b.f, b.formatConfig, auth, req, outerErr)
}

func (b *Backend) LogResponse(
	auth *logical.Auth,
	req *logical.Request,
	resp *logical.Response,
	err error) error {

	b.fileLock.Lock()
	defer b.fileLock.Unlock()

	if err := b.open(); err != nil {
		return err
	}

	return b.formatter.FormatResponse(b.f, b.formatConfig, auth, req, resp, err)
}

// The file lock must be held before calling this
func (b *Backend) open() error {
	if b.f != nil {
		return nil
	}
	if err := os.MkdirAll(filepath.Dir(b.path), b.mode); err != nil {
		return err
	}

	var err error
	b.f, err = os.OpenFile(b.path, os.O_APPEND|os.O_WRONLY|os.O_CREATE, b.mode)
	if err != nil {
		return err
	}

	// Change the file mode in case the log file already existed. We special
	// case /dev/null since we can't chmod it
	switch b.path {
	case "/dev/null":
	default:
		err = os.Chmod(b.path, b.mode)
		if err != nil {
			return err
		}
	}

	return nil
}

func (b *Backend) Reload() error {
	b.fileLock.Lock()
	defer b.fileLock.Unlock()

	if b.f == nil {
		return b.open()
	}

	err := b.f.Close()
	// Set to nil here so that even if we error out, on the next access open()
	// will be tried
	b.f = nil
	if err != nil {
		return err
	}

	return b.open()
}
builtin/audit: add file audit 2015-04-05 01:07:53 +00:00			`package file`

			`import (`
			`"fmt"`
			`"os"`
audit/file: Attempt to create directory path. Fixes #38 2015-04-27 19:40:32 +00:00			`"path/filepath"`
audit/file: add log_raw parameter and default to hashing 2015-04-27 21:28:02 +00:00			`"strconv"`
builtin/audit: add file audit 2015-04-05 01:07:53 +00:00			`"sync"`

			`"github.com/hashicorp/vault/audit"`
			`"github.com/hashicorp/vault/logical"`
			`)`

Expand HMAC support in Salt; require an identifier be passed in to specify type but allow generation with and without. Add a StaticSalt ID for testing functions. Fix bugs; unit tests pass. 2015-09-18 21:36:42 +00:00			`func Factory(conf *audit.BackendConfig) (audit.Backend, error) {`
Add HMAC capability to salt. Pass a salt into audit backends. Require it for audit.Hash. 2015-09-18 16:18:37 +00:00			`if conf.Salt == nil {`
Added hash_accessor option to audit backends 2016-03-12 00:28:06 +00:00			`return nil, fmt.Errorf("nil salt")`
Add HMAC capability to salt. Pass a salt into audit backends. Require it for audit.Hash. 2015-09-18 16:18:37 +00:00			`}`

Rename id to path and path to file_path, print audit backend paths 2016-03-14 21:15:07 +00:00			`path, ok := conf.Config["file_path"]`
builtin/audit: add file audit 2015-04-05 01:07:53 +00:00			`if !ok {`
Read from 'path' to retain backward compatibility 2016-03-16 00:05:51 +00:00			`path, ok = conf.Config["path"]`
			`if !ok {`
			`return nil, fmt.Errorf("file_path is required")`
			`}`
builtin/audit: add file audit 2015-04-05 01:07:53 +00:00			`}`

Transit and audit enhancements 2016-09-21 14:29:42 +00:00			`format, ok := conf.Config["format"]`
			`if !ok {`
			`format = "json"`
			`}`
			`switch format {`
			`case "json", "jsonx":`
			`default:`
			`return nil, fmt.Errorf("unknown format type %s", format)`
			`}`

Added hash_accessor option to audit backends 2016-03-12 00:28:06 +00:00			`// Check if hashing of accessor is disabled`
s/hash_accessor/hmac_accessor/g 2016-03-14 18:52:29 +00:00			`hmacAccessor := true`
			`if hmacAccessorRaw, ok := conf.Config["hmac_accessor"]; ok {`
			`value, err := strconv.ParseBool(hmacAccessorRaw)`
Added hash_accessor option to audit backends 2016-03-12 00:28:06 +00:00			`if err != nil {`
			`return nil, err`
			`}`
s/hash_accessor/hmac_accessor/g 2016-03-14 18:52:29 +00:00			`hmacAccessor = value`
Added hash_accessor option to audit backends 2016-03-12 00:28:06 +00:00			`}`

audit/file: add log_raw parameter and default to hashing 2015-04-27 21:28:02 +00:00			`// Check if raw logging is enabled`
			`logRaw := false`
Add HMAC capability to salt. Pass a salt into audit backends. Require it for audit.Hash. 2015-09-18 16:18:37 +00:00			`if raw, ok := conf.Config["log_raw"]; ok {`
audit/file: add log_raw parameter and default to hashing 2015-04-27 21:28:02 +00:00			`b, err := strconv.ParseBool(raw)`
			`if err != nil {`
			`return nil, err`
			`}`
			`logRaw = b`
			`}`
address latest feedback 2016-10-10 15:58:26 +00:00
changes for 'mode' 2016-10-08 23:52:49 +00:00			`// Check if mode is provided`
address latest feedback 2016-10-10 15:58:26 +00:00			`mode := os.FileMode(0600)`
changes for 'mode' 2016-10-08 23:52:49 +00:00			`if modeRaw, ok := conf.Config["mode"]; ok {`
			`m, err := strconv.ParseUint(modeRaw, 8, 32)`
initial commit for adding audit file permission changes 2016-10-07 19:09:32 +00:00			`if err != nil {`
			`return nil, err`
			`}`
changes for 'mode' 2016-10-08 23:52:49 +00:00			`mode = os.FileMode(m)`
initial commit for adding audit file permission changes 2016-10-07 19:09:32 +00:00			`}`
audit/file: add log_raw parameter and default to hashing 2015-04-27 21:28:02 +00:00
			`b := &Backend{`
Transit and audit enhancements 2016-09-21 14:29:42 +00:00			`path: path,`
address latest feedback 2016-10-10 15:58:26 +00:00			`mode: mode,`
Transit and audit enhancements 2016-09-21 14:29:42 +00:00			`formatConfig: audit.FormatterConfig{`
			`Raw: logRaw,`
			`Salt: conf.Salt,`
			`HMACAccessor: hmacAccessor,`
			`},`
			`}`

			`switch format {`
			`case "json":`
audit: support a configurable prefix string to write before each message (#2359) A static token at the beginning of a log line can help systems parse logs better. For example, rsyslog and syslog-ng will recognize the '@cee: ' prefix and will parse the rest of the line as a valid json message. This is useful in environments where there is a mix of structured and unstructured logs. 2017-02-11 00:56:28 +00:00			`b.formatter.AuditFormatWriter = &audit.JSONFormatWriter{`
			`Prefix: conf.Config["prefix"],`
			`}`
Transit and audit enhancements 2016-09-21 14:29:42 +00:00			`case "jsonx":`
audit: support a configurable prefix string to write before each message (#2359) A static token at the beginning of a log line can help systems parse logs better. For example, rsyslog and syslog-ng will recognize the '@cee: ' prefix and will parse the rest of the line as a valid json message. This is useful in environments where there is a mix of structured and unstructured logs. 2017-02-11 00:56:28 +00:00			`b.formatter.AuditFormatWriter = &audit.JSONxFormatWriter{`
			`Prefix: conf.Config["prefix"],`
			`}`
audit/file: add log_raw parameter and default to hashing 2015-04-27 21:28:02 +00:00			`}`
Ensure that the 'file' audit backend can successfully open its given path before returning success. Fixes #550. 2015-08-26 16:13:10 +00:00
			`// Ensure that the file can be successfully opened for writing;`
			`// otherwise it will be too late to catch later without problems`
			`// (ref: https://github.com/hashicorp/vault/issues/550)`
			`if err := b.open(); err != nil {`
Actually show the error occurring if a file audit log can't be opened 2016-08-15 20:26:36 +00:00			`return nil, fmt.Errorf("sanity check failed; unable to open %s for writing: %v", path, err)`
Ensure that the 'file' audit backend can successfully open its given path before returning success. Fixes #550. 2015-08-26 16:13:10 +00:00			`}`

audit/file: add log_raw parameter and default to hashing 2015-04-27 21:28:02 +00:00			`return b, nil`
builtin/audit: add file audit 2015-04-05 01:07:53 +00:00			`}`

			`// Backend is the audit backend for the file-based audit store.`
			`//`
			`// NOTE: This audit backend is currently very simple: it appends to a file.`
			`// It doesn't do anything more at the moment to assist with rotation`
			`// or reset the write cursor, this should be done in the future.`
			`type Backend struct {`
Transit and audit enhancements 2016-09-21 14:29:42 +00:00			`path string`

			`formatter audit.AuditFormatter`
			`formatConfig audit.FormatterConfig`
builtin/audit: add file audit 2015-04-05 01:07:53 +00:00
Adds HUP support for audit log files to close and reopen. (#1953) Adds HUP support for audit log files to close and reopen. This makes it much easier to deal with normal log rotation methods. As part of testing this I noticed that HUP and other items that come out of command/server.go are going to stderr, which is where our normal log lines go. This isn't so much problematic with our normal output but as we officially move to supporting other formats this can cause interleaving issues, so I moved those to stdout instead. 2016-09-30 19:04:50 +00:00			`fileLock sync.RWMutex`
			`f *os.File`
address latest feedback 2016-10-10 15:58:26 +00:00			`mode os.FileMode`
builtin/audit: add file audit 2015-04-05 01:07:53 +00:00			`}`

Reintroduce the ability to look up obfuscated values in the audit log with a new endpoint '/sys/audit-hash', which returns the given input string hashed with the given audit backend's hash function and salt (currently, always HMAC-SHA256 and a backend-specific salt). In the process of adding the HTTP handler, this also removes the custom HTTP handlers for the other audit endpoints, which were simply forwarding to the logical system backend. This means that the various audit functions will now redirect correctly from a standby to master. (Tests all pass.) Fixes #784 2015-11-19 01:26:03 +00:00			`func (b *Backend) GetHash(data string) string {`
Transit and audit enhancements 2016-09-21 14:29:42 +00:00			`return audit.HashString(b.formatConfig.Salt, data)`
Reintroduce the ability to look up obfuscated values in the audit log with a new endpoint '/sys/audit-hash', which returns the given input string hashed with the given audit backend's hash function and salt (currently, always HMAC-SHA256 and a backend-specific salt). In the process of adding the HTTP handler, this also removes the custom HTTP handlers for the other audit endpoints, which were simply forwarding to the logical system backend. This means that the various audit functions will now redirect correctly from a standby to master. (Tests all pass.) Fixes #784 2015-11-19 01:26:03 +00:00			`}`

Logging authentication errors and bad token usage 2015-06-19 01:30:18 +00:00			`func (b Backend) LogRequest(auth logical.Auth, req *logical.Request, outerErr error) error {`
Adds HUP support for audit log files to close and reopen. (#1953) Adds HUP support for audit log files to close and reopen. This makes it much easier to deal with normal log rotation methods. As part of testing this I noticed that HUP and other items that come out of command/server.go are going to stderr, which is where our normal log lines go. This isn't so much problematic with our normal output but as we officially move to supporting other formats this can cause interleaving issues, so I moved those to stdout instead. 2016-09-30 19:04:50 +00:00			`b.fileLock.Lock()`
			`defer b.fileLock.Unlock()`

builtin/audit: add file audit 2015-04-05 01:07:53 +00:00			`if err := b.open(); err != nil {`
			`return err`
			`}`

Transit and audit enhancements 2016-09-21 14:29:42 +00:00			`return b.formatter.FormatRequest(b.f, b.formatConfig, auth, req, outerErr)`
builtin/audit: add file audit 2015-04-05 01:07:53 +00:00			`}`

			`func (b *Backend) LogResponse(`
			`auth *logical.Auth,`
			`req *logical.Request,`
			`resp *logical.Response,`
			`err error) error {`
Adds HUP support for audit log files to close and reopen. (#1953) Adds HUP support for audit log files to close and reopen. This makes it much easier to deal with normal log rotation methods. As part of testing this I noticed that HUP and other items that come out of command/server.go are going to stderr, which is where our normal log lines go. This isn't so much problematic with our normal output but as we officially move to supporting other formats this can cause interleaving issues, so I moved those to stdout instead. 2016-09-30 19:04:50 +00:00
			`b.fileLock.Lock()`
			`defer b.fileLock.Unlock()`

builtin/audit: add file audit 2015-04-05 01:07:53 +00:00			`if err := b.open(); err != nil {`
			`return err`
			`}`

Transit and audit enhancements 2016-09-21 14:29:42 +00:00			`return b.formatter.FormatResponse(b.f, b.formatConfig, auth, req, resp, err)`
builtin/audit: add file audit 2015-04-05 01:07:53 +00:00			`}`

Adds HUP support for audit log files to close and reopen. (#1953) Adds HUP support for audit log files to close and reopen. This makes it much easier to deal with normal log rotation methods. As part of testing this I noticed that HUP and other items that come out of command/server.go are going to stderr, which is where our normal log lines go. This isn't so much problematic with our normal output but as we officially move to supporting other formats this can cause interleaving issues, so I moved those to stdout instead. 2016-09-30 19:04:50 +00:00			`// The file lock must be held before calling this`
builtin/audit: add file audit 2015-04-05 01:07:53 +00:00			`func (b *Backend) open() error {`
			`if b.f != nil {`
			`return nil`
			`}`
address latest feedback 2016-10-10 15:58:26 +00:00			`if err := os.MkdirAll(filepath.Dir(b.path), b.mode); err != nil {`
audit/file: Attempt to create directory path. Fixes #38 2015-04-27 19:40:32 +00:00			`return err`
			`}`
builtin/audit: add file audit 2015-04-05 01:07:53 +00:00
			`var err error`
address latest feedback 2016-10-10 15:58:26 +00:00			`b.f, err = os.OpenFile(b.path, os.O_APPEND\|os.O_WRONLY\|os.O_CREATE, b.mode)`
initial commit for adding audit file permission changes 2016-10-07 19:09:32 +00:00			`if err != nil {`
			`return err`
			`}`
address latest feedback 2016-10-10 15:58:26 +00:00
Add some repcluster handling to audit and add some tests (#2384) * Add some repcluster handling to audit and add some tests * Fix incorrect assumption about nil auth 2017-02-16 18:09:53 +00:00			`// Change the file mode in case the log file already existed. We special`
			`// case /dev/null since we can't chmod it`
			`switch b.path {`
			`case "/dev/null":`
			`default:`
			`err = os.Chmod(b.path, b.mode)`
			`if err != nil {`
			`return err`
			`}`
builtin/audit: add file audit 2015-04-05 01:07:53 +00:00			`}`

			`return nil`
			`}`
Adds HUP support for audit log files to close and reopen. (#1953) Adds HUP support for audit log files to close and reopen. This makes it much easier to deal with normal log rotation methods. As part of testing this I noticed that HUP and other items that come out of command/server.go are going to stderr, which is where our normal log lines go. This isn't so much problematic with our normal output but as we officially move to supporting other formats this can cause interleaving issues, so I moved those to stdout instead. 2016-09-30 19:04:50 +00:00
			`func (b *Backend) Reload() error {`
			`b.fileLock.Lock()`
			`defer b.fileLock.Unlock()`

			`if b.f == nil {`
			`return b.open()`
			`}`

			`err := b.f.Close()`
			`// Set to nil here so that even if we error out, on the next access open()`
			`// will be tried`
			`b.f = nil`
			`if err != nil {`
			`return err`
			`}`

			`return b.open()`
			`}`