Fossil SCM

Add the "Hacks" and "Non-hacks" log filters. Accessible by admins only.

drh 2024-05-27 10:33 trunk

Commit d700ebff8e25e52eaac2866ad645f5c320341a662bf99673cab02876a7976f89

Parent 8839378fb000f16…

2 files changed +69 +9

M src/security_audit.c

+69

		--- src/security_audit.c
		+++ src/security_audit.c
		@@ -803,10 +803,11 @@
803	803	style_header("Server Error Log");
804	804	style_submenu_element("Test", "%R/test-warning");
805	805	style_submenu_element("Refresh", "%R/errorlog");
806	806	style_submenu_element("Log-Menu", "%R/setup-logmenu");
807	807	style_submenu_element("Panics", "%R/paniclog");
	808	+ style_submenu_element("Non-Hacks", "%R/hacklog?not");
808	809
809	810	if( g.zErrlog==0 \|\| fossil_strcmp(g.zErrlog,"-")==0 ){
810	811	no_error_log_available();
811	812	style_finish_page();
812	813	return;
		@@ -904,10 +905,78 @@
904	905	@ <pre>
905	906	while( fgets(z, sizeof(z), in) ){
906	907	if( prevWasTime
907	908	&& (strncmp(z,"panic: ", 7)==0 \|\| strstr(z," assertion fault ")!=0)
908	909	){
	910	+ @ %h(zTime)\
	911	+ bOutput = 1;
	912	+ }
	913	+ if( strncmp(z, "--------", 8)==0 ){
	914	+ size_t n = strlen(z);
	915	+ memcpy(zTime, z, n+1);
	916	+ prevWasTime = 1;
	917	+ bOutput = 0;
	918	+ }else{
	919	+ prevWasTime = 0;
	920	+ }
	921	+ if( bOutput ){
	922	+ @ %h(z)\
	923	+ }
	924	+ }
	925	+ fclose(in);
	926	+ @ </pre>
	927	+ style_finish_page();
	928	+}
	929	+
	930	+/*
	931	+** WEBPAGE: hacklog
	932	+**
	933	+** Scan the error log for "possible hack attempt" entries Show hack
	934	+** attempt messages only, omitting all others. Or if the "not" query
	935	+** parameter is present, show only messages that are not hack attempts.
	936	+*/
	937	+void hacklog_page(void){
	938	+ i64 szFile;
	939	+ char *zLog;
	940	+ FILE *in;
	941	+ int bOutput = 0;
	942	+ int prevWasTime = 0;
	943	+ int isNot = P("not")!=0;
	944	+ char z[10000];
	945	+ char zTime[10000];
	946	+
	947	+ login_check_credentials();
	948	+ if( !g.perm.Admin ){
	949	+ login_needed(0);
	950	+ return;
	951	+ }
	952	+ style_header("Server Hack Log");
	953	+ style_submenu_element("Log-Menu", "%R/setup-logmenu");
	954	+
	955	+ if( g.zErrlog==0 \|\| fossil_strcmp(g.zErrlog,"-")==0 ){
	956	+ no_error_log_available();
	957	+ style_finish_page();
	958	+ return;
	959	+ }
	960	+ in = fossil_fopen(g.zErrlog, "rb");
	961	+ if( in==0 ){
	962	+ @ <p class='generalError'>Unable to open that file for reading!</p>
	963	+ style_finish_page();
	964	+ return;
	965	+ }
	966	+ szFile = file_size(g.zErrlog, ExtFILE);
	967	+ zLog = file_canonical_name_dup(g.zErrlog);
	968	+ @ %s(isNot?"Non-hack":"Hack") messages contained within the %lld(szFile)-byte
	969	+ @ <a href="%R/errorlog?all">error log</a> found at
	970	+ @ "%h(zLog)".
	971	+ fossil_free(zLog);
	972	+ @ <hr>
	973	+ @ <pre>
	974	+ while( fgets(z, sizeof(z), in) ){
	975	+ if( prevWasTime
	976	+ && ((strncmp(z,"possible hack attempt - 418 ", 27)==0) ^ isNot)
	977	+ ){
909	978	@ %h(zTime)\
910	979	bOutput = 1;
911	980	}
912	981	if( strncmp(z, "--------", 8)==0 ){
913	982	size_t n = strlen(z);
914	983

	--- src/security_audit.c
	+++ src/security_audit.c
	@@ -803,10 +803,11 @@
803	style_header("Server Error Log");
804	style_submenu_element("Test", "%R/test-warning");
805	style_submenu_element("Refresh", "%R/errorlog");
806	style_submenu_element("Log-Menu", "%R/setup-logmenu");
807	style_submenu_element("Panics", "%R/paniclog");

808
809	if( g.zErrlog==0 \|\| fossil_strcmp(g.zErrlog,"-")==0 ){
810	no_error_log_available();
811	style_finish_page();
812	return;
	@@ -904,10 +905,78 @@
904	@ <pre>
905	while( fgets(z, sizeof(z), in) ){
906	if( prevWasTime
907	&& (strncmp(z,"panic: ", 7)==0 \|\| strstr(z," assertion fault ")!=0)
908	){




































































909	@ %h(zTime)\
910	bOutput = 1;
911	}
912	if( strncmp(z, "--------", 8)==0 ){
913	size_t n = strlen(z);
914

	--- src/security_audit.c
	+++ src/security_audit.c
	@@ -803,10 +803,11 @@
803	style_header("Server Error Log");
804	style_submenu_element("Test", "%R/test-warning");
805	style_submenu_element("Refresh", "%R/errorlog");
806	style_submenu_element("Log-Menu", "%R/setup-logmenu");
807	style_submenu_element("Panics", "%R/paniclog");
808	style_submenu_element("Non-Hacks", "%R/hacklog?not");
809
810	if( g.zErrlog==0 \|\| fossil_strcmp(g.zErrlog,"-")==0 ){
811	no_error_log_available();
812	style_finish_page();
813	return;
	@@ -904,10 +905,78 @@
905	@ <pre>
906	while( fgets(z, sizeof(z), in) ){
907	if( prevWasTime
908	&& (strncmp(z,"panic: ", 7)==0 \|\| strstr(z," assertion fault ")!=0)
909	){
910	@ %h(zTime)\
911	bOutput = 1;
912	}
913	if( strncmp(z, "--------", 8)==0 ){
914	size_t n = strlen(z);
915	memcpy(zTime, z, n+1);
916	prevWasTime = 1;
917	bOutput = 0;
918	}else{
919	prevWasTime = 0;
920	}
921	if( bOutput ){
922	@ %h(z)\
923	}
924	}
925	fclose(in);
926	@ </pre>
927	style_finish_page();
928	}
929
930	/*
931	** WEBPAGE: hacklog
932	**
933	** Scan the error log for "possible hack attempt" entries Show hack
934	** attempt messages only, omitting all others. Or if the "not" query
935	** parameter is present, show only messages that are not hack attempts.
936	*/
937	void hacklog_page(void){
938	i64 szFile;
939	char *zLog;
940	FILE *in;
941	int bOutput = 0;
942	int prevWasTime = 0;
943	int isNot = P("not")!=0;
944	char z[10000];
945	char zTime[10000];
946
947	login_check_credentials();
948	if( !g.perm.Admin ){
949	login_needed(0);
950	return;
951	}
952	style_header("Server Hack Log");
953	style_submenu_element("Log-Menu", "%R/setup-logmenu");
954
955	if( g.zErrlog==0 \|\| fossil_strcmp(g.zErrlog,"-")==0 ){
956	no_error_log_available();
957	style_finish_page();
958	return;
959	}
960	in = fossil_fopen(g.zErrlog, "rb");
961	if( in==0 ){
962	@ <p class='generalError'>Unable to open that file for reading!</p>
963	style_finish_page();
964	return;
965	}
966	szFile = file_size(g.zErrlog, ExtFILE);
967	zLog = file_canonical_name_dup(g.zErrlog);
968	@ %s(isNot?"Non-hack":"Hack") messages contained within the %lld(szFile)-byte
969	@ <a href="%R/errorlog?all">error log</a> found at
970	@ "%h(zLog)".
971	fossil_free(zLog);
972	@ <hr>
973	@ <pre>
974	while( fgets(z, sizeof(z), in) ){
975	if( prevWasTime
976	&& ((strncmp(z,"possible hack attempt - 418 ", 27)==0) ^ isNot)
977	){
978	@ %h(zTime)\
979	bOutput = 1;
980	}
981	if( strncmp(z, "--------", 8)==0 ){
982	size_t n = strlen(z);
983

M src/setup.c

		--- src/setup.c
		+++ src/setup.c
		@@ -235,10 +235,19 @@
235	235
236	236	setup_menu_entry("User Log", "user_log",
237	237	"The user log is a record of login attempts. The user log is stored\n"
238	238	"in the \"accesslog\" table of the respository.\n"
239	239	);
	240	+
	241	+ setup_menu_entry("Hack Log", "hacklog",
	242	+ "All 418 hack attempts"
	243	+ );
	244	+
	245	+ setup_menu_entry("Non-Hack Log", "hacklog?not",
	246	+ "All log messages that are not hack attempts"
	247	+ );
	248	+
240	249
241	250	@ </table>
242	251	style_finish_page();
243	252	}
244	253
245	254

	--- src/setup.c
	+++ src/setup.c
	@@ -235,10 +235,19 @@
235
236	setup_menu_entry("User Log", "user_log",
237	"The user log is a record of login attempts. The user log is stored\n"
238	"in the \"accesslog\" table of the respository.\n"
239	);









240
241	@ </table>
242	style_finish_page();
243	}
244
245

	--- src/setup.c
	+++ src/setup.c
	@@ -235,10 +235,19 @@
235
236	setup_menu_entry("User Log", "user_log",
237	"The user log is a record of login attempts. The user log is stored\n"
238	"in the \"accesslog\" table of the respository.\n"
239	);
240
241	setup_menu_entry("Hack Log", "hacklog",
242	"All 418 hack attempts"
243	);
244
245	setup_menu_entry("Non-Hack Log", "hacklog?not",
246	"All log messages that are not hack attempts"
247	);
248
249
250	@ </table>
251	style_finish_page();
252	}
253
254

Fossil SCM

Keyboard Shortcuts