Added a new eDBregister_login2() to replace eDBregister_login() database function

This will save the access profile in the lastlog table.  However, it will not save
the VPN IP address and netmask any more.  This should be saved in the vpnaddr_history
table, using the eDBregister_vpnclientaddr() function.

eDBregister_login() is now just a wrapper around the eDBregister_login2(), ignoring
the access profile id and VPN addresses.  This exists purely as a compatibility layer
if the updated driver is used against an older eurephia-auth.so plug-in.

Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>

3 files changed, 82 insertions, 22 deletions

diff --git a/database/sqlite/edb-sqlite.c b/database/sqlite/edb-sqlite.c
index bd0d905..85b27d9 100644
--- a/database/sqlite/edb-sqlite.c
+++ b/database/sqlite/edb-sqlite.c
@@ -37,9 +37,9 @@
 #include <unistd.h>
 #include <assert.h>
 
-#define DRIVERVERSION "1.3"     /**< Defines the software version of this driver */
+#define DRIVERVERSION "1.4"     /**< Defines the software version of this driver */
 #ifndef DRIVERAPIVERSION
-# define DRIVERAPIVERSION 3     /**< Sets the API version level of this driver */
+# define DRIVERAPIVERSION 4     /**< Sets the API version level of this driver */
 #endif
 
 #include <sqlite3.h>
@@ -599,19 +599,18 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value
         free_nullsafe(ctx, blid);
 }
 
-
 /**
- * @copydoc eDBregister_login()
+ * @copydoc eDBregister_login2()
  */
-int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, const int uid, 
-                      const char *proto, const char *remipaddr, const char *remport, 
-                      const char *vpnipaddr, const char *vpnipmask) 
+int eDBregister_login2(eurephiaCTX *ctx, eurephiaSESSION *skey,
+                       const int certid, const int uid, const int accessprofile,
+                       const char *proto, const char *remipaddr, const char *remport)
 {
         dbresult *res = NULL;
         int ret = 0;
 
-        DEBUG(ctx, 20, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')",
-              skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask);
+        DEBUG(ctx, 20, "Function call: eDBregister_login2(ctx, '%s', %i, %i, '%s','%s','%s')",
+              skey->sessionkey, certid, uid, proto, remipaddr, remport);
         
         if( skey->sessionstatus != SESSION_NEW ) {
                 eurephia_log(ctx, LOG_ERROR, 5, "Not a new session, will not register it again");
@@ -619,16 +618,17 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid,
         }
 
         res = sqlite_query(ctx, 
-                           "INSERT INTO openvpn_lastlog (uid, certid, "
+                           "INSERT INTO openvpn_lastlog (uid, certid, accessprofile,"
                            "                             protocol, remotehost, remoteport,"
-                           "                             vpnipaddr, vpnipmask,"
                            "                             sessionstatus, sessionkey, login) "
-                           "VALUES (%i, %i, '%q','%q','%q','%q','%q', 1,'%q', CURRENT_TIMESTAMP)",
-                           uid, certid, proto, remipaddr, remport, vpnipaddr, vpnipmask, skey->sessionkey);
+                           "VALUES (%i,%i,%i,'%q','%q','%q',1,'%q',CURRENT_TIMESTAMP)",
+                           uid, certid, accessprofile,
+                           proto, remipaddr, remport,
+                           skey->sessionkey);
         if( sqlite_query_status(res) != dbSUCCESS ) {
                 eurephia_log(ctx, LOG_FATAL, 0, "Could not insert new session into openvpn_lastlog");
                 sqlite_log_error(ctx, res);
-                ret = 0;
+                ret = 1;
         } else {
                 skey->sessionstatus = SESSION_REGISTERED;
                 ret = 1;
@@ -639,6 +639,22 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid,
 }
 
 /**
+ * @copydoc eDBregister_login()
+ * Just a function wrapper to support both the old and the newer eDBregister_login2() functions.
+ */
+int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, const int uid,
+                      const char *proto, const char *remipaddr, const char *remport,
+                      const char *vpnipaddr, const char *vpnipmask)
+{
+        DEBUG(ctx, 20, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')",
+              skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask);
+        eurephia_log(ctx, LOG_WARNING, 1,
+                     "Using deprecated eDBregister_login() call, please update the eurephia-auth.so plug-in.  "
+                     "VPN IP address/mask will not be saved.");
+        return eDBregister_login2(ctx, skey, certid, uid, -1, proto, remipaddr, remport);
+}
+
+/**
  * @copydoc eDBregister_vpnmacaddr()
  */
 int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const char *macaddr)
@@ -721,11 +737,10 @@ int eDBregister_vpnclientaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const
         }
         sqlite_free_results(res);
 
-        // Update lastlog to reflect last used MAC address for the session
+        // Update lastlog with a "connection open" status
         res = sqlite_query(ctx,
-                           "UPDATE openvpn_lastlog SET sessionstatus = 2, macaddr = '%q', vpnipaddr = '%q', vpnipv6addr = '%q' "
+                           "UPDATE openvpn_lastlog SET sessionstatus = 2 "
                            " WHERE sessionkey = '%q' AND sessionstatus = 1",
-                           (macaddr ? macaddr : ""), (vpnip4addr ? vpnip4addr : ""), (vpnip6addr ? vpnip6addr : ""),
                            session->sessionkey);
         if( sqlite_query_status(res) == dbSUCCESS ) {
                 // TAP mode: Save the MAC address in the session values register - needed for the destroy session
@@ -736,7 +751,7 @@ int eDBregister_vpnclientaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const
                         ret = 1;
                 }
         } else {
-                eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with new VPN client addresses for session");
+                eurephia_log(ctx, LOG_FATAL, 0, "Could not update the session status in the lastlog");
                 sqlite_log_error(ctx, res);
                 ret = 0;
         }
diff --git a/database/sqlite/sql-schema-delta-2.sql b/database/sqlite/sql-schema-delta-2.sql
new file mode 100644
index 0000000..52ca9ab
--- /dev/null
+++ b/database/sqlite/sql-schema-delta-2.sql
@@ -0,0 +1,48 @@
+--
+-- eurephia database schema for SQLite3
+--
+-- This SQL scripts updates the previous SQL schema to the
+-- new schema needed by edb-sqlite v1.4
+--
+-- GPLv2 only - Copyright (C) 2012
+--              David Sommerseth <dazo@users.sourceforge.net>
+--
+--  This program is free software; you can redistribute it and/or
+--  modify it under the terms of the GNU General Public License
+--  as published by the Free Software Foundation; version 2
+--  of the License.
+--
+--  This program is distributed in the hope that it will be useful,
+--  but WITHOUT ANY WARRANTY; without even the implied warranty of
+--  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+--  GNU General Public License for more details.
+--
+--  You should have received a copy of the GNU General Public License
+--  along with this program; if not, write to the Free Software
+--  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+--
+
+ALTER TABLE openvpn_lastlog RENAME TO openvpn_lastlog_old;
+DROP INDEX  openvpn_lastlog_sessionkey;
+
+CREATE TABLE openvpn_lastlog (
+       uid              integer      ,
+       certid           integer      ,
+       accessprofile    integer      ,
+       protocol         varchar(4)   NOT NULL,
+       remotehost       varchar(128) NOT NULL,
+       remoteport       integer      NOT NULL,
+       sessionstatus    integer      NOT NULL DEFAULT 0,
+       sessionkey       varchar(128) ,
+       login            timestamp    ,
+       logout           timestamp    ,
+       session_deleted  timestamp    ,
+       session_duration timestamp,
+       bytes_sent       integer      ,
+       bytes_received   integer      ,
+       llid             integer      PRIMARY KEY AUTOINCREMENT
+);
+
+INSERT INTO openvpn_lastlog SELECT uid, certid, NULL, protocol, remotehost, remoteport, sessionstatus, sessionkey, login, logout, session_deleted, session_duration, bytes_sent, bytes_received, llid FROM openvpn_lastlog_old;
+UPDATE sqlite_sequence SET seq = (SELECT max(llid) FROM openvpn_lastlog) WHERE name = 'openvpn_lastlog';
+CREATE UNIQUE INDEX openvpn_lastlog_sessionkey ON openvpn_lastlog(sessionkey);
diff --git a/database/sqlite/sql-schema.sql b/database/sqlite/sql-schema.sql
index 6d2befb..4d05222 100644
--- a/database/sqlite/sql-schema.sql
+++ b/database/sqlite/sql-schema.sql
@@ -66,13 +66,10 @@ CREATE TABLE openvpn_accesses (
 CREATE TABLE openvpn_lastlog (
        uid              integer      ,
        certid           integer      ,
+       accessprofile    integer      ,
        protocol         varchar(4)   NOT NULL,
        remotehost       varchar(128) NOT NULL,
        remoteport       integer      NOT NULL,
-       macaddr          varchar(20)  ,
-       vpnipaddr        varchar(32)  NOT NULL,
-       vpnipmask        varchar(32)  NOT NULL,
-       vpnipv6addr      varchar(48)  ,
        sessionstatus    integer      NOT NULL DEFAULT 0,
        sessionkey       varchar(128) ,
        login            timestamp    ,