Cleanup a lot of the logging in the sysadm server. Now the hostinfo log file will clearly list connection time/IP, auth attempts/IP, Dispatches/IP, disconnections/IP. The dispatcher and events systems also properly log activity within their individual log files.

src/server/AuthorizationManager.cpp

@@ -98,7 +98,7 @@ QString AuthorizationManager::LoginUP(QHostAddress host, QString user, QString p
   }
   
   qDebug() << "User Login Attempt:" << user << " Success:" << ok << " IP:" << host.toString();
-  LogManager::log(LogManager::HOST, QString("User Login Attempt:")+ user + " Success:" + (ok?"true":"false") + " IP:" + host.toString() );
+  LogManager::log(LogManager::HOST, QString("User Login Attempt: ")+user+"   Success: "+(ok?"true":"false")+"   IP: "+host.toString() );
   if(!ok){ 
     //invalid login
     //Bump the fail count for this host
@@ -114,18 +114,29 @@ QString AuthorizationManager::LoginUP(QHostAddress host, QString user, QString p
 
 QString AuthorizationManager::LoginService(QHostAddress host, QString service){
   bool localhost = ( (host== QHostAddress::LocalHost) || (host== QHostAddress::LocalHostIPv6) );
+	
   //Login a particular automated service
   qDebug() << "Service Login Attempt:" << service << " Success:" << localhost;
   if(!localhost){ return ""; } //invalid - services must be local for access
   //Check that the service is valid on the system
   bool isok = false;
-  if(service!="root" && service!="toor"){
+  if(service!="root" && service!="toor" && localhost){
     QStringList groups = getUserGroups(service);
     isok = (groups.contains(service) && !groups.contains("wheel") && !groups.contains("operator"));
   }
+  
   //Now generate a new token and send it back
-  if(!isok){ return ""; }
-  else{ return generateNewToken(false); }//services are never given operator privileges
+  if(!isok){ 
+    //invalid login
+    if(!localhost){
+      //Bump the fail count for this host
+      bool overlimit = BumpFailCount(host.toString());
+      if(overlimit){ emit BlockHost(host); }
+      return (overlimit ? "REFUSED" : "");	  
+    }else{
+      return "";
+    }
+  }else{ return generateNewToken(false); }//services are never given operator privileges
 }
 
 // =========================

src/server/Dispatcher.cpp

@@ -160,7 +160,7 @@ void Dispatcher::ProcFinished(QString ID){
 	  obj.insert("cmd_list", QJsonArray::fromStringList( list[l]->rawcmds ) );
 	  obj.insert("time_started", list[l]->t_started.toString(Qt::ISODate) );
 	  obj.insert("time_finished", list[l]->t_finished.toString(Qt::ISODate) );
-	  emit DispatchFinished(ID, list[l]->success);
+	  emit DispatchFinished(obj);
 	  delete list.takeAt(l);
 	  LogManager::log(LogManager::DISPATCH, obj);
 	  found = true;
@@ -187,7 +187,7 @@ for(int i=0; i<enum_length; i++){
 	    obj.insert("cmd_list", QJsonArray::fromStringList( list[j]->rawcmds ) );
 	    obj.insert("time_started", list[j]->t_started.toString(Qt::ISODate) );
 	    obj.insert("time_finished", list[j]->t_finished.toString(Qt::ISODate) );
-	    emit DispatchFinished(list[j]->ID, list[j]->success);
+	    emit DispatchFinished(obj);
 	    LogManager::log(LogManager::DISPATCH, obj);
 	    delete list.takeAt(j);
 	    j--;

src/server/Dispatcher.h

@@ -83,7 +83,7 @@ private slots:
 
 signals:
 	//Main signals
-	void DispatchFinished(QString ID, bool success);
+	void DispatchFinished(QJsonObject obj); //obj is the data associated with the process
 	void DispatchStarting(QString ID);
 
 	//Signals for private usage

src/server/EventWatcher.cpp

@@ -100,11 +100,7 @@ void EventWatcher::DispatchStarting(QString ID){
   emit NewEvent(DISPATCHER, obj);
 }
 
-void EventWatcher::DispatchFinished(QString ID, bool success){
-  QJsonObject obj;
-  obj.insert("process_id", ID);
-  obj.insert("state", "finished");
-  obj.insert("result", success ? "success" : "failure");
+void EventWatcher::DispatchFinished(QJsonObject obj){
   LogManager::log(LogManager::EV_DISPATCH, obj);
   emit NewEvent(DISPATCHER, obj);	
 }

src/server/EventWatcher.h

@@ -51,7 +51,7 @@ public slots:
 
 	//Slots for the global Dispatcher to connect to
 	void DispatchStarting(QString);
-	void DispatchFinished(QString, bool);
+	void DispatchFinished(QJsonObject);
 
 private slots:
 	//File watcher signals

src/server/WebBackend.cpp

@@ -166,9 +166,11 @@ RestOutputStruct::ExitCode WebSocket::EvaluateDispatcherRequest(bool allaccess,
 	continue; 
       }
       //queue up this process
+
       DISPATCHER->queueProcess(ids[i], cmds);
     }
     //Return the PENDING result
+    LogManager::log(LogManager::HOST, "Client Launched Processes["+SockPeerIP+"]: "+ids.join(",") );
     out->insert("started", QJsonArray::fromStringList(ids));
   //}else if(act=="read"){
     

src/server/WebServer.cpp

@@ -145,7 +145,7 @@ void WebServer::NewSocketConnection(){
     }
   }
   if(sock==0){ return; } //no new connection
-  qDebug() << "New Socket Connection";	
+  //qDebug() << "New Socket Connection";	
   connect(sock, SIGNAL(SocketClosed(QString)), this, SLOT(SocketClosed(QString)) );
   connect(EVENTS, SIGNAL(NewEvent(EventWatcher::EVENT_TYPE, QJsonValue)), sock, SLOT(EventUpdate(EventWatcher::EVENT_TYPE, QJsonValue)) );
   OpenSockets << sock;
@@ -161,6 +161,7 @@ void WebServer::BlackListConnection(QHostAddress addr){
   //Make sure this is not the localhost (never block that)
   if(addr!= QHostAddress(QHostAddress::LocalHost) && addr != QHostAddress(QHostAddress::LocalHostIPv6) ){
     //Block this remote host
+    LogManager::log(LogManager::HOST,"Blacklisting IP Temporarily: "+addr.toString());
     CONFIG->setValue("blacklist/"+addr.toString(), QDateTime::currentDateTime());
   }
 }

src/server/WebSocket.cpp

@@ -17,6 +17,8 @@ WebSocket::WebSocket(QWebSocket *sock, QString ID, AuthorizationManager *auth){
   SOCKET = sock;
   TSOCKET = 0;
   AUTHSYSTEM = auth;
+  SockPeerIP = SOCKET->peerAddress().toString();
+  LogManager::log(LogManager::HOST,"New Connection: "+SockPeerIP);
   idletimer = new QTimer(this);
     idletimer->setInterval(IDLETIMEOUTMINS*60000); //connection timout for idle sockets
     idletimer->setSingleShot(true);
@@ -32,6 +34,8 @@ WebSocket::WebSocket(QSslSocket *sock, QString ID, AuthorizationManager *auth){
   SockAuthToken.clear(); //nothing set initially
   TSOCKET = sock;
   SOCKET = 0;
+  SockPeerIP = TSOCKET->peerAddress().toString();
+  LogManager::log(LogManager::HOST,"New Connection: "+SockPeerIP);
   AUTHSYSTEM = auth;
   idletimer = new QTimer(this);
     idletimer->setInterval(IDLETIMEOUTMINS*60000); //connection timout for idle sockets
@@ -42,14 +46,14 @@ WebSocket::WebSocket(QSslSocket *sock, QString ID, AuthorizationManager *auth){
   connect(TSOCKET, SIGNAL(encrypted()), this, SLOT(nowEncrypted()) );
   connect(TSOCKET, SIGNAL(peerVerifyError(const QSslError &)), this, SLOT(peerError(const QSslError &)) );
   connect(TSOCKET, SIGNAL(sslErrors(const QList<QSslError> &)), this, SLOT(SslError(const QList<QSslError> &)) );
-  qDebug() << " - Starting Server Encryption Handshake";
+  //qDebug() << " - Starting Server Encryption Handshake";
    TSOCKET->startServerEncryption();
   //qDebug() << " - Socket Encrypted:" << TSOCKET->isEncrypted();
   idletimer->start();
 }
 
 WebSocket::~WebSocket(){
-  qDebug() << "SOCKET Destroyed";
+  //qDebug() << "SOCKET Destroyed";
   if(SOCKET!=0){
     SOCKET->close();
     delete SOCKET;
@@ -69,7 +73,7 @@ QString WebSocket::ID(){
 //             PRIVATE
 //=======================
 void WebSocket::sendReply(QString msg){
-  qDebug() << "Sending Socket Reply:" << msg;
+  //qDebug() << "Sending Socket Reply:" << msg;
  if(SOCKET!=0 && SOCKET->isValid()){ SOCKET->sendTextMessage(msg); } //Websocket connection
  else if(TSOCKET!=0 && TSOCKET->isValid()){ 
     //TCP Socket connection
@@ -202,7 +206,7 @@ void WebSocket::EvaluateRequest(const RestInputStruct &REQ){
 	    int sub = -1; //bad input
 	    if(out.in_struct.name=="subscribe"){ sub = 1; }
 	    else if(out.in_struct.name=="unsubscribe"){ sub = 0; }
-	    qDebug() << "Got Client Event Modification:" << sub << evlist;
+	    //qDebug() << "Got Client Event Modification:" << sub << evlist;
 	    if(sub>=0 && !evlist.isEmpty() ){
 	      for(int i=0; i<evlist.length(); i++){
 	        EventWatcher::EVENT_TYPE type = EventWatcher::typeFromString(evlist[i]);
@@ -283,25 +287,24 @@ QStringList WebSocket::JsonArrayToStringList(QJsonArray array){
 //       PRIVATE SLOTS
 // =====================
 void WebSocket::checkIdle(){
-  //This function is called automatically every few seconds that a client is connected
   if(SOCKET !=0){
-    qDebug() << " - Client Timeout: Closing connection...";
+    LogManager::log(LogManager::HOST,"Connection Idle: "+SockPeerIP);
     SOCKET->close(); //timeout - close the connection to make way for others
   }
   if(TSOCKET !=0){
-    qDebug() << " - Client Timeout: Closing connection...";
+    LogManager::log(LogManager::HOST,"Connection Idle: "+SockPeerIP);
     TSOCKET->close(); //timeout - close the connection to make way for others
   }
 }
 
 void WebSocket::SocketClosing(){
-  qDebug() << "Socket Closing..." ;
+  LogManager::log(LogManager::HOST,"Connection Closing: "+SockPeerIP);
   if(idletimer->isActive()){ 
     //This means the client deliberately closed the connection - not the idle timer
-    qDebug() << " - Client Closed Connection";
+    //qDebug() << " - Client Closed Connection";
     idletimer->stop(); 
   }else{
-    qDebug() << "idleTimer not running";
+    //qDebug() << "idleTimer not running";
   }
   //Stop any current requests
 
@@ -313,24 +316,24 @@ void WebSocket::SocketClosing(){
 }
 
 void WebSocket::EvaluateMessage(const QByteArray &msg){
-  qDebug() << "New Binary Message:";
+  //qDebug() << "New Binary Message:";
   if(idletimer->isActive()){ idletimer->stop(); }
   idletimer->start(); 
   EvaluateREST( QString(msg) );
-  qDebug() << " - Done with Binary Message";
+  //qDebug() << " - Done with Binary Message";
 }
 
 void WebSocket::EvaluateMessage(const QString &msg){ 
-  qDebug() << "New Text Message:";
+  //qDebug() << "New Text Message:";
   if(idletimer->isActive()){ idletimer->stop(); }
   idletimer->start(); 
   EvaluateREST(msg); 
-  qDebug() << " - Done with Text Message";
+  //qDebug() << " - Done with Text Message";
 }
 
 void WebSocket::EvaluateTcpMessage(){
   //Need to read the data from the Tcp socket and turn it into a string
-  qDebug() << "New TCP Message:";
+  //qDebug() << "New TCP Message:";
   if(idletimer->isActive()){ idletimer->stop(); }
   QString msg = QString(TSOCKET->readAll());
   for(int i=0; i<5 && !msg.endsWith("}"); i++){
@@ -339,21 +342,21 @@ void WebSocket::EvaluateTcpMessage(){
   }
   EvaluateREST(msg );
   idletimer->start(); 
-  qDebug() << " - Done with TCP Message";	
+  //qDebug() << " - Done with TCP Message";	
 }
 
 //SSL signal handling
 void WebSocket::nowEncrypted(){
   //the socket/connection is now encrypted
-  qDebug() << " - Socket now encrypted";
+  //qDebug() << " - Socket now encrypted";
 }
 
 void WebSocket::peerError(const QSslError&){ //peerVerifyError() signal
-  qDebug() << "Socket Peer Error:";
+  //qDebug() << "Socket Peer Error:";
 }
 
 void WebSocket::SslError(const QList<QSslError> &err){ //sslErrors() signal
-  qDebug() << "Socket SSL Errors:" << err.length();
+  LogManager::log(LogManager::HOST,"Connection SSL Errors ["+SockPeerIP+"]: "+err.length());
 }
 
 // ======================

src/server/WebSocket.h

@@ -24,7 +24,7 @@ private:
 	QTimer *idletimer;
 	QWebSocket *SOCKET;
 	QSslSocket *TSOCKET;
-	QString SockID, SockAuthToken;
+	QString SockID, SockAuthToken, SockPeerIP;
 	AuthorizationManager *AUTHSYSTEM;
 	QList<EventWatcher::EVENT_TYPE> ForwardEvents;
 

src/server/main.cpp

@@ -80,7 +80,7 @@ int main( int argc, char ** argv )
       qInstallMessageHandler(MessageOutput);
       
     //Connect the background classes
-    QObject::connect(DISPATCHER, SIGNAL(DispatchFinished(QString, bool)), EVENTS, SLOT(DispatchFinished(QString,bool)) );
+    QObject::connect(DISPATCHER, SIGNAL(DispatchFinished(QJsonObject)), EVENTS, SLOT(DispatchFinished(QJsonObject)) );
     QObject::connect(DISPATCHER, SIGNAL(DispatchStarting(QString)), EVENTS, SLOT(DispatchStarting(QString)) );
       
     //Create the daemon