本文整理汇总了C++中radlog函数的典型用法代码示例。如果您正苦于以下问题:C++ radlog函数的具体用法?C++ radlog怎么用?C++ radlog使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了radlog函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: rad_check_ts
int rad_check_ts(UNUSED uint32_t nasaddr, UNUSED unsigned int portnum,
UNUSED const char *user, UNUSED const char *session_id)
{
radlog(L_ERR, "Simultaneous-Use is not supported");
return 2;
}示例2: map_eapsim_basictypes
//.........这里部分代码省略.........
{
encodedmsg = malloc(3);
/* FIX: could be NULL */
encodedmsg[0]=subtype;
encodedmsg[1]=0;
encodedmsg[2]=0;
ep->type.length = 3;
ep->type.data = encodedmsg;
return 0;
}
/*
* figured out the length, so malloc some space for the results.
*
* Note that we do not bother going through an "EAP" stage, which
* is a bit strange compared to the unmap, which expects to see
* an EAP-SIM virtual attributes.
*
* EAP is 1-code, 1-identifier, 2-length, 1-type = 5 overhead.
*
* SIM code adds a subtype, and 2 bytes of reserved = 3.
*
*/
/* malloc space for it */
encoded_size += 3;
encodedmsg = malloc(encoded_size);
if (encodedmsg == NULL) {
radlog(L_ERR, "eapsim: out of memory allocating %d bytes", encoded_size+5);
return 0;
}
memset(encodedmsg, 0, encoded_size);
/*
* now walk the attributes again, sticking them in.
*
* we go three bytes into the encoded message, because there are two
* bytes of reserved, and we will fill the "subtype" in later.
*
*/
attr = encodedmsg+3;
for(vp = r->vps; vp != NULL; vp = vp->next)
{
int roundedlen;
if(vp->attribute < ATTRIBUTE_EAP_SIM_BASE ||
vp->attribute >= ATTRIBUTE_EAP_SIM_BASE+256)
{
continue;
}
/*
* the AT_MAC attribute is a bit different, when we get to this
* attribute, we pull the contents out, save it for later
* processing, set the size to 16 bytes (plus 2 bytes padding).
*
* At this point, we put in zeros, and remember where the
* sixteen bytes go.
*/
if(vp->attribute == ATTRIBUTE_EAP_SIM_BASE+PW_EAP_SIM_MAC) {示例3: mschapv2_initiate
/*
* Initiate the EAP-MSCHAPV2 session by sending a challenge to the peer.
*/
static int mschapv2_initiate(void *type_data, EAP_HANDLER *handler)
{
int i;
VALUE_PAIR *challenge;
mschapv2_opaque_t *data;
type_data = type_data; /* -Wunused */
challenge = pairmake("MS-CHAP-Challenge", "0x00", T_OP_EQ);
if (!challenge) {
radlog(L_ERR, "rlm_eap_mschapv2: out of memory");
return 0;
}
/*
* Get a random challenge.
*/
challenge->length = MSCHAPV2_CHALLENGE_LEN;
for (i = 0; i < MSCHAPV2_CHALLENGE_LEN; i++) {
challenge->vp_strvalue[i] = fr_rand();
}
DEBUG2("rlm_eap_mschapv2: Issuing Challenge");
/*
* Keep track of the challenge.
*/
data = malloc(sizeof(mschapv2_opaque_t));
rad_assert(data != NULL);
/*
* We're at the stage where we're challenging the user.
*/
data->code = PW_EAP_MSCHAPV2_CHALLENGE;
memcpy(data->challenge, challenge->vp_strvalue, MSCHAPV2_CHALLENGE_LEN);
data->mppe_keys = NULL;
data->reply = NULL;
handler->opaque = data;
handler->free_opaque = free_data;
/*
* Compose the EAP-MSCHAPV2 packet out of the data structure,
* and free it.
*/
eapmschapv2_compose(handler, challenge);
pairfree(&challenge);
#ifdef WITH_PROXY
/*
* The EAP session doesn't have enough information to
* proxy the "inside EAP" protocol. Disable EAP proxying.
*/
handler->request->options &= ~RAD_REQUEST_OPTION_PROXY_EAP;
#endif
/*
* We don't need to authorize the user at this point.
*
* We also don't need to keep the challenge, as it's
* stored in 'handler->eap_ds', which will be given back
* to us...
*/
handler->stage = AUTHENTICATE;
return 1;
}示例4: getUserNodeRef
static int getUserNodeRef(char* inUserName, char **outUserName,
tDirNodeReference* userNodeRef, tDirReference dsRef)
{
tDataBuffer *tDataBuff = NULL;
tDirNodeReference nodeRef = 0;
long status = eDSNoErr;
tContextData context = 0;
uint32_t nodeCount = 0;
uint32_t attrIndex = 0;
tDataList *nodeName = NULL;
tAttributeEntryPtr pAttrEntry = NULL;
tDataList *pRecName = NULL;
tDataList *pRecType = NULL;
tDataList *pAttrType = NULL;
uint32_t recCount = 0;
tRecordEntry *pRecEntry = NULL;
tAttributeListRef attrListRef = 0;
char *pUserLocation = NULL;
tAttributeValueListRef valueRef = 0;
tAttributeValueEntry *pValueEntry = NULL;
tDataList *pUserNode = NULL;
int result = RLM_MODULE_FAIL;
if (inUserName == NULL) {
radlog(L_ERR, "rlm_mschap: getUserNodeRef(): no username");
return RLM_MODULE_FAIL;
}
tDataBuff = dsDataBufferAllocate(dsRef, 4096);
if (tDataBuff == NULL) {
radlog(L_ERR, "rlm_mschap: getUserNodeRef(): dsDataBufferAllocate() status = %ld", status);
return RLM_MODULE_FAIL;
}
do {
/* find on search node */
status = dsFindDirNodes(dsRef, tDataBuff, NULL,
eDSAuthenticationSearchNodeName,
&nodeCount, &context);
if (status != eDSNoErr) {
radlog(L_ERR,"rlm_mschap: getUserNodeRef(): no node found? status = %ld", status);
result = RLM_MODULE_FAIL;
break;
}
if (nodeCount < 1) {
radlog(L_ERR,"rlm_mschap: getUserNodeRef(): nodeCount < 1, status = %ld", status);
result = RLM_MODULE_FAIL;
break;
}
status = dsGetDirNodeName(dsRef, tDataBuff, 1, &nodeName);
if (status != eDSNoErr) {
radlog(L_ERR,"rlm_mschap: getUserNodeRef(): dsGetDirNodeName() status = %ld", status);
result = RLM_MODULE_FAIL;
break;
}
status = dsOpenDirNode(dsRef, nodeName, &nodeRef);
dsDataListDeallocate(dsRef, nodeName);
free(nodeName);
nodeName = NULL;
if (status != eDSNoErr) {
radlog(L_ERR,"rlm_mschap: getUserNodeRef(): dsOpenDirNode() status = %ld", status);
result = RLM_MODULE_FAIL;
break;
}
pRecName = dsBuildListFromStrings(dsRef, inUserName, NULL);
pRecType = dsBuildListFromStrings(dsRef, kDSStdRecordTypeUsers,
NULL);
pAttrType = dsBuildListFromStrings(dsRef,
kDSNAttrMetaNodeLocation,
kDSNAttrRecordName, NULL);
recCount = 1;
status = dsGetRecordList(nodeRef, tDataBuff, pRecName,
eDSExact, pRecType, pAttrType, 0,
&recCount, &context);
if (status != eDSNoErr || recCount == 0) {
radlog(L_ERR,"rlm_mschap: getUserNodeRef(): dsGetRecordList() status = %ld, recCount=%u", status, recCount);
result = RLM_MODULE_FAIL;
break;
}
status = dsGetRecordEntry(nodeRef, tDataBuff, 1,
&attrListRef, &pRecEntry);
if (status != eDSNoErr) {
radlog(L_ERR,"rlm_mschap: getUserNodeRef(): dsGetRecordEntry() status = %ld", status);
result = RLM_MODULE_FAIL;
break;
}
for (attrIndex = 1; (attrIndex <= pRecEntry->fRecordAttributeCount) && (status == eDSNoErr); attrIndex++) {
status = dsGetAttributeEntry(nodeRef, tDataBuff, attrListRef, attrIndex, &valueRef, &pAttrEntry);
if (status == eDSNoErr && pAttrEntry != NULL) {
if (strcmp(pAttrEntry->fAttributeSignature.fBufferData, kDSNAttrMetaNodeLocation) == 0) {
status = dsGetAttributeValue(nodeRef, tDataBuff, 1, valueRef, &pValueEntry);
if (status == eDSNoErr && pValueEntry != NULL) {
pUserLocation = (char *) calloc(pValueEntry->fAttributeValueData.fBufferLength + 1, sizeof(char));
//.........这里部分代码省略.........
示例5: eap_pwd_authenticate
static int
eap_pwd_authenticate (void *arg, EAP_HANDLER *handler)
{
pwd_session_t *pwd_session;
pwd_hdr *hdr;
pwd_id_packet *id;
EAP_PACKET *response;
REQUEST *request, *fake;
VALUE_PAIR *pw, **outvps, *vp;
EAP_DS *eap_ds;
int len, ret = 0;
eap_pwd_t *inst = (eap_pwd_t *)arg;
uint16_t offset;
uint8_t exch, *buf, *ptr, msk[MSK_EMSK_LEN], emsk[MSK_EMSK_LEN];
uint8_t peer_confirm[SHA256_DIGEST_LENGTH];
BIGNUM *x = NULL, *y = NULL;
if ((handler == NULL) ||
((eap_ds = handler->eap_ds) == NULL) ||
(inst == NULL)) {
return 0;
}
pwd_session = (pwd_session_t *)handler->opaque;
request = handler->request;
response = handler->eap_ds->response;
hdr = (pwd_hdr *)response->type.data;
buf = hdr->data;
len = response->type.length - sizeof(pwd_hdr);
/*
* see if we're fragmenting, if so continue until we're done
*/
if (pwd_session->out_buf_pos) {
if (len) {
RDEBUG2("pwd got something more than an ACK for a fragment");
}
return send_pwd_request(pwd_session, eap_ds);
}
/*
* the first fragment will have a total length, make a
* buffer to hold all the fragments
*/
if (EAP_PWD_GET_LENGTH_BIT(hdr)) {
if (pwd_session->in_buf) {
RDEBUG2("pwd already alloced buffer for fragments");
return 0;
}
pwd_session->in_buf_len = ntohs(buf[0] * 256 | buf[1]);
if ((pwd_session->in_buf = malloc(pwd_session->in_buf_len)) == NULL) {
RDEBUG2("pwd cannot malloc %d buffer to hold fragments",
pwd_session->in_buf_len);
return 0;
}
memset(pwd_session->in_buf, 0, pwd_session->in_buf_len);
pwd_session->in_buf_pos = 0;
buf += sizeof(uint16_t);
len -= sizeof(uint16_t);
}
/*
* all fragments, including the 1st will have the M(ore) bit set,
* buffer those fragments!
*/
if (EAP_PWD_GET_MORE_BIT(hdr)) {
rad_assert(pwd_session->in_buf != NULL);
if ((pwd_session->in_buf_pos + len) > pwd_session->in_buf_len) {
RDEBUG2("pwd will not overflow a fragment buffer. Nope, not prudent.");
return 0;
}
memcpy(pwd_session->in_buf + pwd_session->in_buf_pos, buf, len);
pwd_session->in_buf_pos += len;
/*
* send back an ACK for this fragment
*/
exch = EAP_PWD_GET_EXCHANGE(hdr);
eap_ds->request->code = PW_EAP_REQUEST;
eap_ds->request->type.type = PW_EAP_PWD;
eap_ds->request->type.length = sizeof(pwd_hdr);
if ((eap_ds->request->type.data = malloc(sizeof(pwd_hdr))) == NULL) {
radlog(L_ERR, "rlm_eap_pwd: fragment ACK, out of memory");
return 0;
}
hdr = (pwd_hdr *)eap_ds->request->type.data;
EAP_PWD_SET_EXCHANGE(hdr, exch);
return 1;
}
if (pwd_session->in_buf) {
/*
* the last fragment...
*/
if ((pwd_session->in_buf_pos + len) > pwd_session->in_buf_len) {
RDEBUG2("pwd will not overflow a fragment buffer. Nope, not prudent.");
return 0;
}
memcpy(pwd_session->in_buf + pwd_session->in_buf_pos, buf, len);
//.........这里部分代码省略.........
示例6: attr_rewrite_instantiate
static int attr_rewrite_instantiate(CONF_SECTION *conf, void **instance)
{
rlm_attr_rewrite_t *data;
DICT_ATTR *dattr;
/*
* Set up a storage area for instance data
*/
data = rad_malloc(sizeof(*data));
if (!data) {
return -1;
}
memset(data, 0, sizeof(*data));
/*
* If the configuration parameters can't be parsed, then
* fail.
*/
if (cf_section_parse(conf, data, module_config) < 0) {
free(data);
return -1;
}
/*
* Discover the attribute number of the key.
*/
if (data->attribute == NULL) {
radlog(L_ERR, "rlm_attr_rewrite: 'attribute' must be set.");
return -1;
}
if (data->search == NULL || data->replace == NULL) {
radlog(L_ERR, "rlm_attr_rewrite: search/replace strings must be set.");
return -1;
}
data->search_len = strlen(data->search);
data->replace_len = strlen(data->replace);
if (data->replace_len == 0 && data->new_attr){
radlog(L_ERR, "rlm_attr_rewrite: replace string must not be zero length in order to create new attribute.");
return -1;
}
if (data->num_matches < 1 || data->num_matches > MAX_STRING_LEN) {
radlog(L_ERR, "rlm_attr_rewrite: Illegal range for match number.");
return -1;
}
if (data->searchin_str == NULL) {
radlog(L_ERR, "rlm_attr_rewrite: Illegal searchin directive given. Assuming packet.");
data->searchin = RLM_REGEX_INPACKET;
}
else{
if (strcmp(data->searchin_str, "packet") == 0)
data->searchin = RLM_REGEX_INPACKET;
else if (strcmp(data->searchin_str, "config") == 0)
data->searchin = RLM_REGEX_INCONFIG;
else if (strcmp(data->searchin_str, "control") == 0)
data->searchin = RLM_REGEX_INCONFIG;
else if (strcmp(data->searchin_str, "reply") == 0)
data->searchin = RLM_REGEX_INREPLY;
else if (strcmp(data->searchin_str, "proxy") == 0)
data->searchin = RLM_REGEX_INPROXY;
else if (strcmp(data->searchin_str, "proxy_reply") == 0)
data->searchin = RLM_REGEX_INPROXYREPLY;
else {
radlog(L_ERR, "rlm_attr_rewrite: Illegal searchin directive given. Assuming packet.");
data->searchin = RLM_REGEX_INPACKET;
}
}
dattr = dict_attrbyname(data->attribute);
if (dattr == NULL) {
radlog(L_ERR, "rlm_attr_rewrite: No such attribute %s",
data->attribute);
return -1;
}
data->attr_num = dattr->attr;
/* Add the module instance name */
data->name = cf_section_name2(conf); /* may be NULL */
*instance = data;
return 0;
}示例7: do_logging
/*
* if we have something to log, then we log it
* otherwise we return the retcode as soon as possible
*/
static int do_logging(char *str, int retcode)
{
if (str && (*str != '\0'))
radlog(L_INFO,"%s", str);
return retcode;
}示例8: do_linelog
static int do_linelog(void *instance, REQUEST *request)
{
int fd = -1;
char buffer[4096];
char *p;
char line[1024];
rlm_linelog_t *inst = (rlm_linelog_t*) instance;
const char *value = inst->line;
if (inst->reference) {
CONF_ITEM *ci;
CONF_PAIR *cp;
radius_xlat(line + 1, sizeof(line) - 2, inst->reference,
request, linelog_escape_func);
line[0] = '.'; /* force to be in current section */
/*
* Don't allow it to go back up
*/
if (line[1] == '.') goto do_log;
ci = cf_reference_item(NULL, inst->cs, line);
if (!ci) {
RDEBUG2("No such entry \"%s\"", line);
return RLM_MODULE_NOOP;
}
if (!cf_item_is_pair(ci)) {
RDEBUG2("Entry \"%s\" is not a variable assignment ", line);
goto do_log;
}
cp = cf_itemtopair(ci);
value = cf_pair_value(cp);
if (!value) {
RDEBUG2("Entry \"%s\" has no value", line);
goto do_log;
}
/*
* Value exists, but is empty. Don't log anything.
*/
if (!*value) return RLM_MODULE_OK;
}
do_log:
/*
* FIXME: Check length.
*/
if (strcmp(inst->filename, "syslog") != 0) {
radius_xlat(buffer, sizeof(buffer), inst->filename, request,
NULL);
/* check path and eventually create subdirs */
p = strrchr(buffer,'/');
if (p) {
*p = '\0';
if (rad_mkdir(buffer, 0700) < 0) {
radlog_request(L_ERR, 0, request, "rlm_linelog: Failed to create directory %s: %s", buffer, strerror(errno));
return RLM_MODULE_FAIL;
}
*p = '/';
}
fd = open(buffer, O_WRONLY | O_APPEND | O_CREAT, inst->permissions);
if (fd == -1) {
radlog(L_ERR, "rlm_linelog: Failed to open %s: %s",
buffer, strerror(errno));
return RLM_MODULE_FAIL;
}
}
/*
* FIXME: Check length.
*/
radius_xlat(line, sizeof(line) - 1, value, request,
linelog_escape_func);
if (fd >= 0) {
strcat(line, "\n");
write(fd, line, strlen(line));
close(fd);
#ifdef HAVE_SYSLOG_H
} else {
syslog(LOG_INFO, "%s", line);
#endif
}
return RLM_MODULE_OK;
}示例9: pairlist_read
/*
* Read the users, huntgroups or hints file.
* Return a PAIR_LIST.
*/
int pairlist_read(const char *file, PAIR_LIST **list, int complain)
{
FILE *fp;
int mode = FIND_MODE_NAME;
char entry[256];
char buffer[8192];
const char *ptr;
VALUE_PAIR *check_tmp;
VALUE_PAIR *reply_tmp;
PAIR_LIST *pl = NULL, *t;
PAIR_LIST **last = &pl;
int lineno = 0;
int old_lineno = 0;
FR_TOKEN parsecode;
char newfile[8192];
/*
* Open the file. The error message should be a little
* more useful...
*/
if ((fp = fopen(file, "r")) == NULL) {
if (!complain)
return -1;
radlog(L_CONS|L_ERR, "Couldn't open %s for reading: %s",
file, strerror(errno));
return -1;
}
parsecode = T_EOL;
/*
* Read the entire file into memory for speed.
*/
while(fgets(buffer, sizeof(buffer), fp) != NULL) {
lineno++;
if (!feof(fp) && (strchr(buffer, '\n') == NULL)) {
fclose(fp);
radlog(L_ERR, "%s[%d]: line too long", file, lineno);
pairlist_free(&pl);
return -1;
}
if (buffer[0] == '#' || buffer[0] == '\n') continue;
/*
* If the line contains nothing but whitespace,
* ignore it.
*/
ptr = buffer;
while (isspace((int) *ptr)) ptr++;
if (*ptr == '\0') continue;
parse_again:
if(mode == FIND_MODE_NAME) {
/*
* Find the entry starting with the users name
*/
if (isspace((int) buffer[0])) {
if (parsecode != T_EOL) {
radlog(L_ERR|L_CONS,
"%s[%d]: Unexpected trailing comma for entry %s",
file, lineno, entry);
fclose(fp);
return -1;
}
continue;
}
ptr = buffer;
getword(&ptr, entry, sizeof(entry));
/*
* Include another file if we see
* $INCLUDE filename
*/
if (strcasecmp(entry, "$include") == 0) {
while(isspace((int) *ptr))
ptr++;
/*
* If it's an absolute pathname,
* then use it verbatim.
*
* If not, then make the $include
* files *relative* to the current
* file.
*/
if (FR_DIR_IS_RELATIVE(ptr)) {
char *p;
strlcpy(newfile, file,
sizeof(newfile));
p = strrchr(newfile, FR_DIR_SEP);
if (!p) {
p = newfile + strlen(newfile);
*p = FR_DIR_SEP;
}
//.........这里部分代码省略.........
示例10: time
/*************************************************************************
*
* Function: redis_get_socket
*
* Purpose: Return a REDIS socket from the connection pool
*
*************************************************************************/
REDISSOCK *redis_get_socket(REDIS_INST *inst)
{
REDISSOCK *cur, *start;
int tried_to_connect = 0;
int unconnected = 0;
time_t now = time(NULL);
/*
* Start at the last place we left off.
*/
start = inst->last_used;
if (!start) start = inst->redispool;
cur = start;
while (cur) {
#ifdef HAVE_PTHREAD_H
/*
* If this socket is in use by another thread,
* skip it, and try another socket.
*
* If it isn't used, then grab it ourselves.
*/
if (pthread_mutex_trylock(&cur->mutex) != 0) {
goto next;
} /* else we now have the lock */
#endif
/*
* If the socket has outlived its lifetime, and
* is connected, close it, and mark it as open for
* reconnections.
*/
if (inst->lifetime && (cur->state == sockconnected) &&
((cur->connected + inst->lifetime) < now)) {
DEBUG2("Closing socket %d as its lifetime has been exceeded", cur->id);
redis_close_socket(inst, cur);
cur->state = sockunconnected;
goto reconnect;
}
/*
* If we have performed too many queries over this
* socket, then close it.
*/
if (inst->max_queries && (cur->state == sockconnected) &&
(cur->queries >= inst->max_queries)) {
DEBUG2("Closing socket %d as its max_queries has been exceeded", cur->id);
redis_close_socket(inst, cur);
cur->state = sockunconnected;
goto reconnect;
}
/*
* If we happen upon an unconnected socket, and
* this instance's grace period on
* (re)connecting has expired, then try to
* connect it. This should be really rare.
*/
if ((cur->state == sockunconnected) && (now > inst->connect_after)) {
reconnect:
radlog(L_INFO, "rlm_redis (%s): Trying to (re)connect unconnected handle %d..", inst->xlat_name, cur->id);
tried_to_connect++;
connect_single_socket(inst, cur);
}
/* if we still aren't connected, ignore this handle */
if (cur->state == sockunconnected) {
DEBUG("rlm_redis (%s): Ignoring unconnected handle %d..", inst->xlat_name, cur->id);
unconnected++;
#ifdef HAVE_PTHREAD_H
pthread_mutex_unlock(&cur->mutex);
#endif
goto next;
}
/* should be connected, grab it */
DEBUG("rlm_redis (%s): Reserving redis socket id: %d",
inst->xlat_name, cur->id);
if (unconnected != 0 || tried_to_connect != 0) {
DEBUG("rlm_redis (%s): got socket %d after skipping %d unconnected handles, tried to reconnect %d though",
inst->xlat_name, cur->id, unconnected, tried_to_connect);
}
/*
* The socket is returned in the locked
* state.
*
* We also remember where we left off,
* so that the next search can start from
* here.
*
//.........这里部分代码省略.........
示例11: paircompare
//.........这里部分代码省略.........
if (auth_item == NULL) {
/*
* Didn't find it. If we were *trying*
* to not find it, then we succeeded.
*/
if (check_item->operator == T_OP_CMP_FALSE) {
continue;
} else {
return -1;
}
}
/*
* Else we found it, but we were trying to not
* find it, so we failed.
*/
if (check_item->operator == T_OP_CMP_FALSE) {
return -1;
}
/*
* We've got to xlat the string before doing
* the comparison.
*/
if (check_item->flags.do_xlat) {
int rcode;
char buffer[sizeof(check_item->vp_strvalue)];
check_item->flags.do_xlat = 0;
rcode = radius_xlat(buffer, sizeof(buffer),
check_item->vp_strvalue,
req, NULL, NULL);
/*
* Parse the string into a new value.
*/
pairparsevalue(check_item, buffer);
}
/*
* OK it is present now compare them.
*/
compare = radius_callback_compare(req, auth_item, check_item,
check, reply);
switch (check_item->operator) {
case T_OP_EQ:
default:
radlog(L_INFO, "Invalid operator for item %s: "
"reverting to '=='", check_item->name);
case T_OP_CMP_TRUE:
case T_OP_CMP_FALSE:
case T_OP_CMP_EQ:
if (compare != 0) result = -1;
break;
case T_OP_NE:
if (compare == 0) result = -1;
break;
case T_OP_LT:
if (compare >= 0) result = -1;
break;
case T_OP_GT:
if (compare <= 0) result = -1;
break;
case T_OP_LE:
if (compare > 0) result = -1;
break;
case T_OP_GE:
if (compare < 0) result = -1;
break;
#ifdef HAVE_REGEX_H
case T_OP_REG_EQ:
case T_OP_REG_NE:
if (compare != 0) result = -1;
break;
#endif
} /* switch over the operator of the check item */
/*
* This attribute didn't match, but maybe there's
* another of the same attribute, which DOES match.
*/
if ((result != 0) && (other >= 0)) {
auth_item = auth_item->next;
result = 0;
goto try_again;
}
} /* for every entry in the check item list */
return result;
}示例12: redis_xlat
static int redis_xlat(void *instance, REQUEST *request,
char *fmt, char *out, size_t freespace,
UNUSED RADIUS_ESCAPE_STRING func)
{
REDIS_INST *inst = instance;
REDISSOCK *dissocket;
size_t ret = 0;
char *buffer_ptr;
char buffer[21];
char querystr[MAX_QUERY_LEN];
if (!radius_xlat(querystr, sizeof(querystr), fmt, request,
redis_escape_func)) {
radlog(L_ERR, "rlm_redis (%s): xlat failed.",
inst->xlat_name);
return 0;
}
if ((dissocket = redis_get_socket(inst)) == NULL) {
radlog(L_ERR, "rlm_redis (%s): redis_get_socket() failed",
inst->xlat_name);
return 0;
}
/* Query failed for some reason, release socket and return */
if (rlm_redis_query(dissocket, inst, querystr) < 0) {
rlm_redis_finish_query(dissocket);
redis_release_socket(inst,dissocket);
return 0;
}
switch (dissocket->reply->type) {
case REDIS_REPLY_INTEGER:
buffer_ptr = buffer;
snprintf(buffer_ptr, sizeof(buffer), "%lld",
dissocket->reply->integer);
ret = strlen(buffer_ptr);
break;
case REDIS_REPLY_STATUS:
case REDIS_REPLY_STRING:
buffer_ptr = dissocket->reply->str;
ret = dissocket->reply->len;
break;
default:
buffer_ptr = NULL;
break;
}
if ((ret >= freespace) || (buffer_ptr == NULL)) {
RDEBUG("rlm_redis (%s): Can't write result, insufficient space or unsupported result\n",
inst->xlat_name);
rlm_redis_finish_query(dissocket);
redis_release_socket(inst,dissocket);
return 0;
}
strlcpy(out,buffer_ptr,freespace);
rlm_redis_finish_query(dissocket);
redis_release_socket(inst,dissocket);
return ret;
}示例13: mod_instantiate
static int mod_instantiate(CONF_SECTION *conf, void *instance)
{
rlm_krb5_t *inst = instance;
krb5_error_code ret;
#ifndef HEIMDAL_KRB5
krb5_keytab keytab;
char keytab_name[200];
char *princ_name;
#endif
#ifdef HEIMDAL_KRB5
DEBUG("Using Heimdal Kerberos library");
#else
DEBUG("Using MIT Kerberos library");
#endif
if (!krb5_is_thread_safe()) {
/*
* rlm_krb5 was built as threadsafe
*/
#ifdef KRB5_IS_THREAD_SAFE
ERROR("Build time libkrb5 was threadsafe, but run time library claims not to be");
ERROR("Modify runtime linker path (LD_LIBRARY_PATH on most systems), to prefer threadsafe libkrb5");
return -1;
/*
* rlm_krb5 was not built as threadsafe
*/
#else
radlog(L_WARN, "libkrb5 is not threadsafe, recompile it with thread support enabled ("
# ifdef HEIMDAL_KRB5
"--enable-pthread-support"
# else
"--disable-thread-support=no"
# endif
")");
WARN("rlm_krb5 will run in single threaded mode, performance may be degraded");
} else {
WARN("Build time libkrb5 was not threadsafe, but run time library claims to be");
WARN("Reconfigure and recompile rlm_krb5 to enable thread support");
#endif
}
inst->xlat_name = cf_section_name2(conf);
if (!inst->xlat_name) inst->xlat_name = cf_section_name1(conf);
ret = krb5_init_context(&inst->context);
if (ret) {
ERROR("rlm_krb5 (%s): context initialisation failed: %s", inst->xlat_name,
rlm_krb5_error(NULL, ret));
return -1;
}
/*
* Split service principal into service and host components
* they're needed to build the server principal in MIT,
* and to set the validation service in Heimdal.
*/
if (inst->service_princ) {
size_t len;
/* Service principal appears to contain a host component */
inst->hostname = strchr(inst->service_princ, '/');
if (inst->hostname) {
len = (inst->hostname - inst->service_princ);
inst->hostname++;
} else {
len = strlen(inst->service_princ);
}
if (len) {
inst->service = talloc_array(inst, char, (len + 1));
strlcpy(inst->service, inst->service_princ, len + 1);
}
}示例14: proxy_send
//.........这里部分代码省略.........
if (((request->packet->code == PW_AUTHENTICATION_REQUEST) &&
(realm->ipaddr == htonl(INADDR_NONE))) ||
((request->packet->code == PW_ACCOUNTING_REQUEST) &&
(realm->acct_ipaddr == htonl(INADDR_NONE)))) {
return RLM_MODULE_NOOP;
}
/*
* Copy the request, then look up
* name and plain-text password in the copy.
*
* Note that the User-Name attribute is the *original*
* as sent over by the client. The Stripped-User-Name
* attribute is the one hacked through the 'hints' file.
*/
vps = paircopy(request->packet->vps);
namepair = pairfind(vps, PW_USER_NAME);
strippednamepair = pairfind(vps, PW_STRIPPED_USER_NAME);
/*
* If there's a Stripped-User-Name attribute in the
* request, then use THAT as the User-Name for the
* proxied request, instead of the original name.
*
* This is done by making a copy of the Stripped-User-Name
* attribute, turning it into a User-Name attribute,
* deleting the Stripped-User-Name and User-Name attributes
* from the vps list, and making the new User-Name
* the head of the vps list.
*/
if (strippednamepair) {
vp = paircreate(PW_USER_NAME, PW_TYPE_STRING);
if (!vp) {
radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
memcpy(vp->strvalue, strippednamepair->strvalue,
sizeof(vp->strvalue));
vp->length = strippednamepair->length;
pairdelete(&vps, PW_USER_NAME);
pairdelete(&vps, PW_STRIPPED_USER_NAME);
vp->next = vps;
namepair = vp;
vps = vp;
}
/*
* Now build a new RADIUS_PACKET and send it.
*
* FIXME: it could be that the id wraps around too fast if
* we have a lot of requests, it might be better to keep
* a seperate ID value per remote server.
*
* OTOH the remote radius server should be smart enough to
* compare _both_ ID and vector. Right ?
*/
if ((request->proxy = rad_alloc(TRUE)) == NULL) {
radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
/*
* Proxied requests get sent out the proxy FD ONLY.
*/
request->proxy->sockfd = proxyfd;
示例15: sql_fetch_row
/*************************************************************************
*
* Function: sql_fetch_row
*
* Purpose: database specific fetch_row. Returns a SQL_ROW struct
* with all the data for the query in 'sqlsocket->row'. Returns
* 0 on success, -1 on failure, SQL_DOWN if database is down.
*
*************************************************************************/
static int sql_fetch_row(SQLSOCK * sqlsocket, SQL_CONFIG *config)
{
int returnCode = -1;
rlm_sql_sqlite_sock *sqlite_sock = sqlsocket->conn;
const char *blob;
int blobLen;
int status;
int colindex = 0;
int colcount = 0;
int coltype = 0;
int colintvalue = 0;
int ret_blob_size = 0;
char **rowdata = NULL;
const unsigned char *textStr;
char intStr[256];
status = sqlite3_step(sqlite_sock->pStmt);
radlog(L_DBG, "rlm_sql_sqlite: sqlite3_step = %d\n", status);
if (status == SQLITE_DONE) {
sql_free_rowdata(sqlsocket, sqlite_sock->columnCount);
return 0;
}
else if (status == SQLITE_ROW) {
if (sqlite_sock->columnCount == 0) {
sqlite_sock->columnCount = sql_num_fields(sqlsocket, config);
}
colcount = sqlite_sock->columnCount;
if (colcount == 0)
return -1;
sql_free_rowdata(sqlsocket, colcount);
ret_blob_size = sizeof(char *) * (colcount+1);
rowdata = (char **)rad_malloc(ret_blob_size); /* Space for pointers */
if (rowdata != NULL) {
memset(rowdata, 0, ret_blob_size); /* NULL-pad the pointers */
sqlsocket->row = rowdata;
}
for (colindex = 0; colindex < colcount; colindex++)
{
coltype = sqlite3_column_type(sqlite_sock->pStmt, colindex);
switch (coltype)
{
case SQLITE_INTEGER:
colintvalue = sqlite3_column_int(sqlite_sock->pStmt, colindex);
snprintf(intStr, sizeof(intStr), "%d", colintvalue);
rowdata[colindex] = strdup(intStr);
break;
case SQLITE_TEXT:
textStr = sqlite3_column_text(sqlite_sock->pStmt, colindex);
if (textStr != NULL)
rowdata[colindex] = strdup((const char *)textStr);
break;
case SQLITE_BLOB:
blob = sqlite3_column_blob(sqlite_sock->pStmt, colindex);
if (blob != NULL) {
blobLen = sqlite3_column_bytes(sqlite_sock->pStmt, colindex);
rowdata[colindex] = (char *)rad_malloc(blobLen + 1);
if (rowdata[colindex] != NULL) {
memcpy(rowdata[colindex], blob, blobLen);
}
}
break;
default:
break;
}
}
returnCode = 0;
}
return returnCode;
}