Auditing facility

This patch add a macro to log auditing traces, this traces will be
shown when the audit is enabled in the general preferences (security):

- in the linux journal if available
- if Remmina has been started with the Remmina Desktop file
- if started from the terminal
- from the terminal if G_MESSAGES_DEBUG=all is set (always).

Signed-off-by: Antenore Gatta (tmow) <antenore@simbiosi.org>

13 files changed, 70 insertions, 6 deletions

diff --git a/src/include/remmina/plugin.h b/src/include/remmina/plugin.h
index a05114671..a6ff980f3 100644
--- a/src/include/remmina/plugin.h
+++ b/src/include/remmina/plugin.h
@@ -221,6 +221,7 @@ typedef struct _RemminaPluginService {
 	void (*_remmina_message)(const gchar *fmt, ...);
 	void (*_remmina_debug)(const gchar *func, const gchar *fmt, ...);
 	void (*_remmina_warning)(const gchar *func, const gchar *fmt, ...);
+	void (*_remmina_audit)(const gchar *func, const gchar *fmt, ...);
 	void (*_remmina_error)(const gchar *func, const gchar *fmt, ...);
 	void (*_remmina_critical)(const gchar *func, const gchar *fmt, ...);
 	void (*log_print)(const gchar *text);
diff --git a/src/remmina.c b/src/remmina.c
index 3d390de32..6db94cf32 100644
--- a/src/remmina.c
+++ b/src/remmina.c
@@ -32,6 +32,10 @@
  *
  */
 
+#define G_LOG_USE_STRUCTURED
+#ifndef G_LOG_DOMAIN
+#define G_LOG_DOMAIN    ((gchar*)"remmina")
+#endif  /* G_LOG_DOMAIN */
 #include <gdk/gdkx.h>
 #include <gio/gio.h>
 #include <glib/gi18n.h>
diff --git a/src/remmina_file.c b/src/remmina_file.c
index be8864833..0f7c393a8 100644
--- a/src/remmina_file.c
+++ b/src/remmina_file.c
@@ -175,6 +175,7 @@ void remmina_file_generate_filename(RemminaFile *remminafile)
 	else
 		remminafile->filename = NULL;
 	g_dir_close(dir);
+
 }
 
 void remmina_file_set_filename(RemminaFile *remminafile, const gchar *filename)
diff --git a/src/remmina_file_editor.c b/src/remmina_file_editor.c
index c616fd36d..096bf122f 100644
--- a/src/remmina_file_editor.c
+++ b/src/remmina_file_editor.c
@@ -35,9 +35,6 @@
  */
 
 #include <ctype.h>
-#include <gtk/gtk.h>
-#include <glib/gi18n.h>
-#include <stdlib.h>
 #include "config.h"
 #ifdef HAVE_LIBAVAHI_UI
 #include <avahi-ui/avahi-ui.h>
diff --git a/src/remmina_file_editor.h b/src/remmina_file_editor.h
index 8ebe327c8..a37fc3dfc 100644
--- a/src/remmina_file_editor.h
+++ b/src/remmina_file_editor.h
@@ -36,6 +36,12 @@
 
 #pragma once
 
+#include <stdarg.h>
+#include <glib/gi18n.h>
+#include <gtk/gtk.h>
+
+#include "remmina_file.h"
+
 G_BEGIN_DECLS
 
 #define REMMINA_TYPE_FILE_EDITOR               (remmina_file_editor_get_type())
diff --git a/src/remmina_log.c b/src/remmina_log.c
index 5c73e2e9a..f9b9ff397 100644
--- a/src/remmina_log.c
+++ b/src/remmina_log.c
@@ -37,6 +37,7 @@
 #include <gtk/gtk.h>
 #include <glib/gi18n.h>
 #include "remmina_public.h"
+#include "remmina_pref.h"
 #include "remmina_log.h"
 #include "remmina_stats.h"
 #include "remmina/remmina_trace_calls.h"
@@ -106,7 +107,7 @@ static void remmina_log_end(GtkWidget *widget, gpointer data)
 	log_window = NULL;
 }
 
-static void remmina_log_start_stop (GtkSwitch *logswitch, gpointer   user_data)
+static void remmina_log_start_stop (GtkSwitch *logswitch, gpointer user_data)
 {
 	TRACE_CALL(__func__);
 	logstart = !logstart;
@@ -308,6 +309,40 @@ void _remmina_warning(const gchar *fun, const gchar *fmt, ...)
 	IDLE_ADD(remmina_log_print_real, bufn);
 }
 
+void _remmina_audit(const gchar *fun, const gchar *fmt, ...)
+{
+	TRACE_CALL(__func__);
+	va_list args;
+	va_start(args, fmt);
+	gchar *text = g_strdup_vprintf(fmt, args);
+	va_end(args);
+
+	GTimeVal tv;
+	g_get_current_time(&tv);
+	gchar *isodate = g_time_val_to_iso8601(&tv);
+
+	g_autofree gchar *buf = g_strdup("");
+
+	if (isodate) {
+
+		buf = g_strconcat(
+				"[", isodate, "] - ",
+				g_get_host_name (),
+				" - ",
+				g_get_user_name (),
+				" - ",
+				text,
+				NULL);
+
+	}
+
+	g_free(text);
+	if (remmina_pref_get_boolean("audit"))
+		_remmina_message(buf);
+	else
+		_remmina_debug(fun, buf);
+}
+
 // !!! Calling this function will crash Remmina !!!
 // !!! purposefully and send a trap signal !!!
 void _remmina_error(const gchar *fun, const gchar *fmt, ...)
diff --git a/src/remmina_log.h b/src/remmina_log.h
index 90e7bbdf4..f12a98590 100644
--- a/src/remmina_log.h
+++ b/src/remmina_log.h
@@ -44,6 +44,7 @@ G_BEGIN_DECLS
 #define REMMINA_MESSAGE(fmt, ...)  _remmina_message(fmt, ## __VA_ARGS__)
 #define REMMINA_DEBUG(fmt, ...)    _remmina_debug(__func__, fmt, ## __VA_ARGS__)
 #define REMMINA_WARNING(fmt, ...)  _remmina_warning(__func__, fmt, ## __VA_ARGS__)
+#define REMMINA_AUDIT(fmt, ...)    _remmina_audit(__func__, fmt, ## __VA_ARGS__)
 #define REMMINA_ERROR(fmt, ...)    _remmina_error(__func__, fmt, ## __VA_ARGS__)
 #define REMMINA_CRITICAL(fmt, ...) _remmina_critical(__func__, fmt, ## __VA_ARGS__)
 
@@ -54,6 +55,7 @@ void _remmina_info(const gchar *fmt, ...);
 void _remmina_message(const gchar *fmt, ...);
 void _remmina_debug(const gchar *fun, const gchar *fmt, ...);
 void _remmina_warning(const gchar *fun, const gchar *fmt, ...);
+void _remmina_audit(const gchar *fun, const gchar *fmt, ...);
 void _remmina_error(const gchar *fun, const gchar *fmt, ...);
 void _remmina_critical(const gchar *fun, const gchar *fmt, ...);
 void remmina_log_printf(const gchar *fmt, ...);
diff --git a/src/remmina_plugin_manager.c b/src/remmina_plugin_manager.c
index e0e5f79f3..ea4cc057e 100644
--- a/src/remmina_plugin_manager.c
+++ b/src/remmina_plugin_manager.c
@@ -243,6 +243,7 @@ RemminaPluginService remmina_plugin_manager_service =
 	_remmina_message,
 	_remmina_debug,
 	_remmina_warning,
+	_remmina_audit,
 	_remmina_error,
 	_remmina_critical,
 	remmina_log_print,
diff --git a/src/remmina_pref.c b/src/remmina_pref.c
index efe637d75..330770125 100644
--- a/src/remmina_pref.c
+++ b/src/remmina_pref.c
@@ -310,6 +310,11 @@ void remmina_pref_init(void)
 	else
 		remmina_pref.lock_edit = FALSE;
 
+	if (g_key_file_has_key(gkeyfile, "remmina_pref", "audit", NULL))
+		remmina_pref.audit = g_key_file_get_boolean(gkeyfile, "remmina_pref", "audit", NULL);
+	else
+		remmina_pref.audit = FALSE;
+
 	if (g_key_file_has_key(gkeyfile, "remmina_pref", "trust_all", NULL))
 		remmina_pref.trust_all = g_key_file_get_boolean(gkeyfile, "remmina_pref", "trust_all", NULL);
 	else
@@ -795,6 +800,7 @@ gboolean remmina_pref_save(void)
 	g_key_file_set_boolean(gkeyfile, "remmina_pref", "lock_connect", FALSE);
 	g_key_file_set_boolean(gkeyfile, "remmina_pref", "lock_edit", FALSE);
 #endif
+	g_key_file_set_boolean(gkeyfile, "remmina_pref", "audit", remmina_pref.audit);
 	g_key_file_set_boolean(gkeyfile, "remmina_pref", "trust_all", remmina_pref.trust_all);
 	g_key_file_set_integer(gkeyfile, "remmina_pref", "floating_toolbar_placement", remmina_pref.floating_toolbar_placement);
 	g_key_file_set_integer(gkeyfile, "remmina_pref", "toolbar_placement", remmina_pref.toolbar_placement);
diff --git a/src/remmina_pref.h b/src/remmina_pref.h
index 6e5fc9ed7..d417f54c4 100644
--- a/src/remmina_pref.h
+++ b/src/remmina_pref.h
@@ -173,6 +173,7 @@ typedef struct _RemminaPref {
 	gint			unlock_timeout;
 	gboolean		lock_connect;
 	gboolean		lock_edit;
+	gboolean		audit;
 	gboolean		trust_all;
 	/* In RemminaPrefDialog terminal tab */
 	gchar *			vte_font;
diff --git a/src/remmina_pref_dialog.c b/src/remmina_pref_dialog.c
index 6d9053cff..3887ad662 100644
--- a/src/remmina_pref_dialog.c
+++ b/src/remmina_pref_dialog.c
@@ -241,6 +241,7 @@ void remmina_pref_on_dialog_destroy(GtkWidget *widget, gpointer user_data)
 #endif
 	remmina_pref.lock_connect = gtk_switch_get_active(GTK_SWITCH(remmina_pref_dialog->switch_security_lock_connect));
 	remmina_pref.lock_edit = gtk_switch_get_active(GTK_SWITCH(remmina_pref_dialog->switch_security_lock_edit));
+	remmina_pref.audit = gtk_switch_get_active(GTK_SWITCH(remmina_pref_dialog->switch_security_audit));
 	remmina_pref.trust_all = gtk_switch_get_active(GTK_SWITCH(remmina_pref_dialog->switch_security_trust_all));
 	remmina_pref.screenshot_path = gtk_file_chooser_get_filename(remmina_pref_dialog->filechooserbutton_options_screenshots_path);
 	remmina_pref.fullscreen_on_auto = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(remmina_pref_dialog->checkbutton_appearance_fullscreen_on_auto));
@@ -490,6 +491,13 @@ static void remmina_pref_dialog_init(void)
 	gtk_switch_set_active(GTK_SWITCH(remmina_pref_dialog->switch_security_lock_edit), FALSE);
 	gtk_widget_set_sensitive(GTK_WIDGET(remmina_pref_dialog->unlock_timeout), FALSE);
 #endif
+	gtk_switch_set_active(GTK_SWITCH(remmina_pref_dialog->switch_security_audit), remmina_pref.audit);
+	gtk_widget_set_sensitive(GTK_WIDGET(remmina_pref_dialog->switch_security_audit), TRUE);
+	if (remmina_pref.remmina_file_name != NULL)
+		gtk_entry_set_text(remmina_pref_dialog->entry_options_file_name, remmina_pref.remmina_file_name);
+	else
+		gtk_entry_set_text(remmina_pref_dialog->entry_options_file_name, "%G_%P_%N_%h.remmina");
+
 	gtk_switch_set_active(GTK_SWITCH(remmina_pref_dialog->switch_security_trust_all), remmina_pref.trust_all);
 
 	gtk_switch_set_active(GTK_SWITCH(remmina_pref_dialog->switch_options_deny_screenshot_clipboard), remmina_pref.deny_screenshot_clipboard);
@@ -713,10 +721,12 @@ GtkWidget *remmina_pref_dialog_new(gint default_tab, GtkWindow *parent)
 	remmina_pref_dialog->switch_options_deny_screenshot_clipboard = GTK_SWITCH(GET_OBJECT("switch_options_deny_screenshot_clipboard"));
 	remmina_pref_dialog->switch_options_remember_last_view_mode = GTK_SWITCH(GET_OBJECT("switch_options_remember_last_view_mode"));
 	remmina_pref_dialog->switch_security_use_primary_password = GTK_SWITCH(GET_OBJECT("switch_security_use_primary_password"));
+	remmina_pref_dialog->unlock_timeout = GTK_ENTRY(GET_OBJECT("unlock_timeout"));
 	remmina_pref_dialog->unlock_password = GTK_ENTRY(GET_OBJECT("unlock_password"));
 	remmina_pref_dialog->unlock_repassword = GTK_ENTRY(GET_OBJECT("unlock_repassword"));
 	remmina_pref_dialog->switch_security_lock_connect = GTK_SWITCH(GET_OBJECT("switch_security_lock_connect"));
 	remmina_pref_dialog->switch_security_lock_edit = GTK_SWITCH(GET_OBJECT("switch_security_lock_edit"));
+	remmina_pref_dialog->switch_security_audit = GTK_SWITCH(GET_OBJECT("switch_security_audit"));
 	remmina_pref_dialog->switch_security_trust_all = GTK_SWITCH(GET_OBJECT("switch_security_trust_all"));
 	remmina_pref_dialog->checkbutton_options_save_settings = GTK_CHECK_BUTTON(GET_OBJECT("checkbutton_options_save_settings"));
 	remmina_pref_dialog->checkbutton_appearance_fullscreen_on_auto = GTK_CHECK_BUTTON(GET_OBJECT("checkbutton_appearance_fullscreen_on_auto"));
@@ -742,7 +752,6 @@ GtkWidget *remmina_pref_dialog_new(gint default_tab, GtkWindow *parent)
 	remmina_pref_dialog->entry_grab_color = GTK_ENTRY(GET_OBJECT("entry_grab_color"));
 	remmina_pref_dialog->switch_appearance_grab_color = GTK_SWITCH(GET_OBJECT("switch_appearance_grab_color"));
 	remmina_pref_dialog->button_options_recent_items_clear = GTK_BUTTON(GET_OBJECT("button_options_recent_items_clear"));
-	remmina_pref_dialog->unlock_timeout = GTK_ENTRY(GET_OBJECT("unlock_timeout"));
 
 	remmina_pref_dialog->checkbutton_applet_new_connection_on_top = GTK_CHECK_BUTTON(GET_OBJECT("checkbutton_applet_new_connection_on_top"));
 	remmina_pref_dialog->checkbutton_applet_hide_totals = GTK_CHECK_BUTTON(GET_OBJECT("checkbutton_applet_hide_totals"));
diff --git a/src/remmina_pref_dialog.h b/src/remmina_pref_dialog.h
index 97163343e..74a086ef2 100644
--- a/src/remmina_pref_dialog.h
+++ b/src/remmina_pref_dialog.h
@@ -62,6 +62,7 @@ typedef struct _RemminaPrefDialog {
 	GtkEntry *		unlock_repassword;
 	GtkSwitch *		switch_security_lock_connect;
 	GtkSwitch *		switch_security_lock_edit;
+	GtkSwitch *		switch_security_audit;
 	GtkSwitch *		switch_security_trust_all;
 	GtkCheckButton *	checkbutton_options_save_settings;
 	GtkCheckButton *	checkbutton_appearance_fullscreen_on_auto;
diff --git a/src/remmina_ssh_plugin.c b/src/remmina_ssh_plugin.c
index 7a9aa9e7f..13928df96 100644
--- a/src/remmina_ssh_plugin.c
+++ b/src/remmina_ssh_plugin.c
@@ -338,7 +338,7 @@ remmina_plugin_ssh_main_thread(gpointer data)
 				continue;
 				break;
 			case REMMINA_SSH_AUTH_RECONNECT:
-				REMMINA_DEBUG("Reconnecting...");
+				REMMINA_DEBUG("Reconnecting…");
 				if (ssh->session) {
 					ssh_disconnect(ssh->session);
 					ssh_free(ssh->session);