diff options
author | David Sommerseth <dazo@users.sourceforge.net> | 2008-10-04 00:42:37 +0200 |
---|---|---|
committer | David Sommerseth <dazo@users.sourceforge.net> | 2008-10-04 00:42:37 +0200 |
commit | 298838fa11b9c4e88e132c4551b93b9a1750fac5 (patch) | |
tree | 976bff31b42bb6420d991447fee90dbed78c03c8 /database | |
parent | 5a06808210ba0d52c06c34dee124f1a9fd95d92e (diff) | |
parent | db82a5db49a17e26f87a2779b62707983abd44f3 (diff) | |
download | eurephia-298838fa11b9c4e88e132c4551b93b9a1750fac5.tar.gz eurephia-298838fa11b9c4e88e132c4551b93b9a1750fac5.tar.xz eurephia-298838fa11b9c4e88e132c4551b93b9a1750fac5.zip |
Merge branch 'master' into cmake
Diffstat (limited to 'database')
-rw-r--r-- | database/eurephiadb-driver_template.c | 160 | ||||
-rw-r--r-- | database/sqlite/eurephiadb-sqlite.c | 170 | ||||
-rw-r--r-- | database/sqlite/sqlite.c | 2 |
3 files changed, 171 insertions, 161 deletions
diff --git a/database/eurephiadb-driver_template.c b/database/eurephiadb-driver_template.c index 005afc7..fc67510 100644 --- a/database/eurephiadb-driver_template.c +++ b/database/eurephiadb-driver_template.c @@ -88,7 +88,7 @@ void update_attempts(eurephiaCTX *ctx, const char *blid) { " SET last_accessed = CURRENT_TIMESTAMP WHERE blid = %s", blid */ if( /* SQL COMMAND FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update openvpn_blacklist.last_accessed for blid=%s", blid); } /* FREE SQL RESULT */ @@ -124,7 +124,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) * You are free to use whatever parameter syntax you would like to use. */ - DEBUG(ctx, 10, "Function call: eDBconnect(ctx, %i, '...')", argc, dbame); + DEBUG(ctx, 20, "Function call: eDBconnect(ctx, %i, '...')", argc, dbame); // Connect to the database dbc = (eDBconn *) malloc(sizeof(eDBconn)+2); @@ -136,7 +136,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) /* WORK TO DO -- Open a database connection, and save the handle in dbc->handle */ if( /* IF CONNECTION FAILED */ ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not open database '%s'", dbc->dbname); + eurephia_log(ctx, LOG_PANIC, 0, "Could not open database '%s'", dbc->dbname); free_nullsafe(dbc->dbname); free_nullsafe(dbc); return 0; @@ -178,7 +178,7 @@ void eDBdisconnect(eurephiaCTX *ctx) { eDBconn *dbc = NULL; - DEBUG(ctx, 10, "Function call: eDBdisconnect(ctx)"); + DEBUG(ctx, 20, "Function call: eDBdisconnect(ctx)"); if( ctx->dbc == NULL ) { eurephia_log(ctx, LOG_WARNING, 0, "Database not open, cannot close database."); @@ -186,7 +186,7 @@ void eDBdisconnect(eurephiaCTX *ctx) } dbc = ctx->dbc; - eurephia_log(ctx, LOG_INFO, 2, "Closing database '%s'", dbc->dbname); + eurephia_log(ctx, LOG_INFO, 1, "Closing database '%s'", dbc->dbname); /* WORK TO DO: Close database connection using dbc->dbhandle */ @@ -209,7 +209,7 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char int certid = 0; char *blid = NULL; - DEBUG(ctx, 10, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)", + DEBUG(ctx, 20, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)", org, cname, email, digest, depth); // Check if certificate is valid, and not too many attempts has been tried with the given certificate @@ -230,18 +230,18 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char // Check if we found certificate to be blacklisted or not. blid == NULL when NOT blacklisted if( blid == NULL ) { if( certid > 0 ) { - eurephia_log(ctx, LOG_INFO, 0, + eurephia_log(ctx, LOG_INFO, 0, "Found certid %i for user: %s/%s/%s", certid, org, cname, email); } else { - eurephia_log(ctx, LOG_INFO, 1, + eurephia_log(ctx, LOG_INFO, 1, "Unknown certificate for: %s/%s/%s (depth %s, digest: %s)", org, cname, email, depth, digest); } // Certificate is okay, certid contains the certificate ID } else { // If the certificate or IP is blacklisted, update status and deny access. - eurephia_log(ctx, LOG_WARNING, 1, + eurephia_log(ctx, LOG_WARNING, 0, "Attempt with BLACKLISTED certificate (certid %i)", certid); update_attempts(ctx, blid); certid = -1; @@ -251,7 +251,7 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char eurephia_log(ctx, LOG_FATAL, 0, "Could not look up certificate information"); } - DEBUG(ctx, 10, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s) - %i", + DEBUG(ctx, 20, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s) - %i", org, cname, email, digest, depth, certid); return certid; @@ -264,7 +264,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const char *crpwd = NULL, *activated = NULL, *deactivated = NULL, *blid_uname = NULL, *blid_cert; int uicid = 0, uid = 0, pwdok = 0; - DEBUG(ctx, 10, "Function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx')", certid, username); + DEBUG(ctx, 20, "Function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx')", certid, username); // Generate SHA1 hash of password, used for password auth @@ -284,8 +284,8 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const */ free_nullsafe(crpwd); if( /* IF NO RESULT WAS RETURNED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, - "Could not lookup user in database (certid %i, username '%s'", certid, username); + eurephia_log(ctx, LOG_FATAL, 0, + "Could not look up user in database (certid %i, username '%s'", certid, username); return 0; } @@ -298,25 +298,29 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const pwdok = atoi_nullsafe(/* GET pwdok FIELD FROM SQL RESULT */); if( blid_uname != NULL ) { - eurephia_log(ctx, LOG_WARNING, 0, "User account is BLACKLISTED (uid: %i, %s)", + eurephia_log(ctx, LOG_WARNING, 0, + "User account is BLACKLISTED (uid: %i, %s)", uid, username); uicid = -1; } else if( blid_cert != NULL ) { - eurephia_log(ctx, LOG_WARNING, 0, + eurephia_log(ctx, LOG_WARNING, 0, "User account linked with a BLACKLISTED certificate " "(uid: %i, %s) - certid: %s", uid, username, certid); uicid = -1; } else if( activated == NULL ) { - eurephia_log(ctx, LOG_WARNING, 0, "User account is not activated (uid: %i, %s)", + eurephia_log(ctx, LOG_WARNING, 0, + "User account is not activated (uid: %i, %s)", uid, username); uicid = -1; } else if( deactivated != NULL ) { - eurephia_log(ctx, LOG_WARNING, 0, "User account is deactivated (uid: %i, %s)", + eurephia_log(ctx, LOG_WARNING, 0, + "User account is deactivated (uid: %i, %s)", uid, username); uicid = -1; } else if( pwdok != 1 ) { - eurephia_log(ctx, LOG_WARNING, 0,"Authentication failed for user '%s'. Wrong password.", + eurephia_log(ctx, LOG_WARNING, 0, + "Authentication failed for user '%s'. Wrong password.", username); uicid = -1; @@ -330,7 +334,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const } /* FREE SQL RESULT */ - DEBUG(ctx, 10, "Result function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx') - %i", + DEBUG(ctx, 20, "Result function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx') - %i", certid, username, uicid); return uicid; @@ -341,7 +345,7 @@ int eDBget_uid(eurephiaCTX *ctx, const int certid, const char *username) { int ret = 0; - DEBUG(ctx, 10, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username); + DEBUG(ctx, 20, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username); /* WORK TO DO -- DO SQL: "SELECT uid " @@ -351,7 +355,7 @@ int eDBget_uid(eurephiaCTX *ctx, const int certid, const char *username) certid, username */ if( /* IF NO RESULT FOUND */ || /* OR WE GOT MORE THAN 1 RECORD */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not lookup userid for user '%s'", username); + eurephia_log(ctx, LOG_FATAL, 0, "Could not lookup userid for user '%s'", username); ret = -1; } else { ret = atoi_nullsafe(/* GET uid FIELD FROM SQL RESULT */); @@ -368,7 +372,7 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) int atpexceed = -1, blacklisted = 0; char *atpid = NULL, *blid = NULL; - DEBUG(ctx, 10, "Function call: eDBblacklist_check(ctx, '%s', '%s')", + DEBUG(ctx, 20, "Function call: eDBblacklist_check(ctx, '%s', '%s')", eDBattempt_types[type].descr, val); /* WORK TO DO -- DO SQL: @@ -380,14 +384,14 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) /* FREE SQL RESULT */ if( blid != NULL ) { // If we found a blacklisted record - eurephia_log(ctx, LOG_WARNING, 1, "Attempt from blacklisted %s: %s", + eurephia_log(ctx, LOG_WARNING, 0, "Attempt from blacklisted %s: %s", eDBattempt_types[type].descr, val); blacklisted = 1; // [type] is blacklisted } // Update attempt information update_attempts(ctx, blid); } else { - eurephia_log(ctx, LOG_CRITICAL, 0, "Quering openvpn_blacklist for blacklisted %s", + eurephia_log(ctx, LOG_FATAL, 0, "Quering openvpn_blacklist for blacklisted %s failed", eDBattempt_types[type].descr); } @@ -408,15 +412,15 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) // If [type] has reached attempt limit and it is not black listed, black list it if( (atpexceed > 0) && (blid == NULL) ) { eurephia_log(ctx, LOG_WARNING, 0, - "%s got BLACKLISTED due to too many failed attempts: %s", + "%s got BLACKLISTED due to too many failed attempts: %s", eDBattempt_types[type].descr, val); /* WORK TO DO -- DO SQL "INSERT INTO openvpn_blacklist (%s) VALUES ('%q')", eDBattempt_types[type].colname, val */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, - "Could not blacklist %s (%s)", + eurephia_log(ctx, LOG_CRITICAL, 0, + "Could not blacklist %s (%s)", eDBattempt_types[type].descr, val); } /* FREE SQL RESULT */ @@ -424,14 +428,15 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) } free_nullsafe(atpid); } else { - eurephia_log(ctx, LOG_CRITICAL, 0, "Quering openvpn_attempts for blacklisted %s failed", + eurephia_log(ctx, LOG_CRITICAL, 0, + "Quering openvpn_attempts for blacklisted %s failed", eDBattempt_types[type].descr); } free_nullsafe(atpr); } free_nullsafe(blid); - DEBUG(ctx, 10, "Result - function call: eDBblacklist_check(ctx, '%s', '%s') - %i", + DEBUG(ctx, 20, "Result - function call: eDBblacklist_check(ctx, '%s', '%s') - %i", eDBattempt_types[type].descr, val, blacklisted); return blacklisted; @@ -443,7 +448,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value char *id = NULL, *atmpt_block = NULL, *blid = NULL; int attempts = 0; - DEBUG(ctx, 10, "Function call: eDBregister_attempt(ctx, %s, %s, '%s')", + DEBUG(ctx, 20, "Function call: eDBregister_attempt(ctx, %s, %s, '%s')", eDBattempt_types[type].colname, (mode == ATTEMPT_RESET ? "ATTEMPT_RESET" : "ATTEMPT_REGISTER"), value); @@ -461,7 +466,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value eDBattempt_types[type].colname, value */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not look up atpid in openvpn_attempts"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not look up atpid in openvpn_attempts"); return; } @@ -487,7 +492,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value Result check comes later ... */ - } else if( id != NULL ){ + } else if( id != NULL ) { // if a attempt record exists, update it according to mode switch( mode ) { case ATTEMPT_RESET: @@ -512,7 +517,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value } if( /* IF SQL QUERY FAILED */ ) { eurephia_log(ctx, LOG_CRITICAL, 0, - "Could not update openvpn_attempts for %s = %s", + "Could not update openvpn_attempts for %s = %s", eDBattempt_types[type].colname, value); } /* FREE SQL RESULT */ @@ -528,7 +533,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value eDBattempt_types[type].colname, value */ if( /* IF SQL FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not blacklist %s: %s", eDBattempt_types[type].descr, value); } @@ -545,11 +550,11 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, const char *proto, const char *remipaddr, const char *remport, const char *vpnipaddr, const char *vpnipmask) { - DEBUG(ctx, 10, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')", + DEBUG(ctx, 20, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')", skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask); if( skey->sessionstatus != SESSION_NEW ) { - eurephia_log(ctx, LOG_WARNING, 10, "Not a new session, will not register it again"); + eurephia_log(ctx, LOG_ERROR, 5, "Not a new session, will not register it again"); return 1; } @@ -562,7 +567,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, uid, certid, proto, remipaddr, remport, vpnipaddr, vpnipmask, skey->sessionkey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not insert new session into openvpn_lastlog"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not insert new session into openvpn_lastlog"); return 0; } /* FREE SQL RESULT */ @@ -574,11 +579,11 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const char *macaddr) { - DEBUG(ctx, 10, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')", + DEBUG(ctx, 20, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')", session->sessionkey, macaddr); if( macaddr == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "No MAC address was given to save"); + eurephia_log(ctx, LOG_FATAL, 0, "No MAC address was given to save"); return 0; } @@ -588,7 +593,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha session->sessionkey, macaddr */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Failed to log new MAC address for session"); + eurephia_log(ctx, LOG_FATAL, 0, "Failed to log new MAC address for session"); return 0; } /* FREE SQL RESULT */ @@ -599,14 +604,14 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha " WHERE sessionkey = '%q' AND sessionstatus = 1", macaddr, session->sessionkey); */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with new MAC address for session"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with new MAC address for session"); return 0; } /* FREE SQL RESULT */ // Save the MAC address in the session values register - needed for the destroy session if( eDBset_session_value(ctx, session, "macaddr", macaddr) == 0 ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not save MAC address into session variables"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not save MAC address into session variables"); return 0; } @@ -615,10 +620,10 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha // Register the user as logged out -int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, +int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, const char *bytes_sent, const char *bytes_received, const char *duration) { - DEBUG(ctx, 10, "Function call: eDBregister_logout(ctx, '%s', %s, %s)", + DEBUG(ctx, 20, "Function call: eDBregister_logout(ctx, '%s', %s, %s)", skey->sessionkey, bytes_sent, bytes_received); /* WORK TO DO -- DO SQL: @@ -630,7 +635,8 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, atoi_nullsafe(duration), skey->sessionke */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with logout information (%s)", + eurephia_log(ctx, LOG_FATAL, 0, + "Could not update lastlog with logout information (%s)", skey->sessionkey); return 0; } @@ -645,10 +651,10 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) { char *skey = NULL; - DEBUG(ctx, 10, "eDBget_sessionkey(ctx, '%s')", sessionseed); + DEBUG(ctx, 20, "eDBget_sessionkey(ctx, '%s')", sessionseed); if( sessionseed == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBget_sessionkey: No session seed given - cannot locate sessionkey"); return NULL; } @@ -662,7 +668,8 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) { sessionseed */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0,"Could not retrieve sessionkey from openvpn_sessionkeys (%s)", + eurephia_log(ctx, LOG_FATAL, 0, + "Could not retrieve sessionkey from openvpn_sessionkeys (%s)", sessionseed); return NULL; } @@ -689,7 +696,7 @@ char *eDBget_sessionkey_macaddr(eurephiaCTX *ctx, const char *macaddr) { macaddr */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not remove session from database (MAC addr: %s)", macaddr); return 0; } @@ -704,9 +711,9 @@ char *eDBget_sessionkey_macaddr(eurephiaCTX *ctx, const char *macaddr) { int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { int uniq = 0; - DEBUG(ctx, 10, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey); + DEBUG(ctx, 20, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey); if( seskey == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBcheck_sessionkey_uniqness: Invalid session key given"); return 0; } @@ -716,7 +723,7 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { seskey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "eDBcheck_sessionkey_uniqness: Could not check uniqueness of sessionkey"); return 0; } @@ -729,9 +736,9 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { // register a link between a short-term session seed and a long-term session key int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seskey) { - DEBUG(ctx, 10, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey); + DEBUG(ctx, 20, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey); if( (seed == NULL) || (seskey == NULL) ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBregister_sessionkey: Invalid session seed or session key given"); return 0; } @@ -741,7 +748,7 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske seed, seskey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "eDBregister_sessionkey: Error registering sessionkey into openvpn_sessionkeys"); return 0; } @@ -752,9 +759,9 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske // remove a session seed/session key link from openvpn_sessionkeys int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) { - DEBUG(ctx, 10, "eDBremove_sessionkey(ctx, '%s')", seskey); + DEBUG(ctx, 20, "eDBremove_sessionkey(ctx, '%s')", seskey); if( seskey == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBremove_sessionkey: Invalid session key given"); return 0; } @@ -764,7 +771,7 @@ int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) { seskey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "eDBremove_sessionkey: Error removing sessionkey from openvpn_sessionkeys"); return 0; } @@ -781,7 +788,7 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) { return NULL; } - DEBUG(ctx, 10, "Function call: eDBload_sessiondata(ctx, '%s')", sesskey); + DEBUG(ctx, 20, "Function call: eDBload_sessiondata(ctx, '%s')", sesskey); sessvals = eCreate_value_space(ctx, 10); @@ -791,13 +798,13 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) { */ if( /* IF WE GOT RECORDS IN THE QUERY */ ) { for( /* LOOP THROUGH ALL RECORDS */ ) { - eAdd_value(ctx, sessvals, + eAdd_value(ctx, sessvals, /* GET datakey FROM SQL RESULT */, /* GET dataval FROM SQL RESULT */); } /* FREE SQL RESULT */ } else { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not load session values for session '%s'", sesskey); } @@ -810,12 +817,12 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, { if( session == NULL ) { - DEBUG(ctx, 10, + DEBUG(ctx, 20, "Function call failed to eDBstore_session_value(ctx, ...): Non-existing session key"); return 0; } - DEBUG(ctx, 10, "Function call: eDBstore_session_value(ctx, '%s', %i, '%s', '%s')", + DEBUG(ctx, 20, "Function call: eDBstore_session_value(ctx, '%s', %i, '%s', '%s')", session->sessionkey, mode, key, val); switch( mode ) { @@ -826,7 +833,7 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, session->sessionkey, key, val */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not register new session variable into database: [%s] %s = %s", session->sessionkey, key, val); return 0; @@ -840,7 +847,8 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, val, session->sessionkey, key */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update session variable: [%s] %s = %s ", + eurephia_log(ctx, LOG_FATAL, 0, + "Could not update session variable: [%s] %s = %s ", session->sessionkey, key, val); return 0; } @@ -852,15 +860,17 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, session->sessionkey, key */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not delete session variable: [%s] %s", + eurephia_log(ctx, LOG_FATAL, 0, + "Could not delete session variable: [%s] %s", session->sessionkey, key); return 0; } break; default: - eurephia_log(ctx, LOG_FATAL, 0, "Unknown eDBstore_session_value mode '%i'", mode); - return 1; + eurephia_log(ctx, LOG_FATAL, 0, + "Unknown eDBstore_session_value mode '%i'", mode); + return 0; } /* FREE SQL RESULT */ return 1; @@ -870,10 +880,10 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, // Delete session information from openvpn_sessions and update openvpn_lastlog with status int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { - DEBUG(ctx, 10, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey); + DEBUG(ctx, 20, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey); if( (session == NULL) || (session->sessionkey == NULL) ) { - eurephia_log(ctx, LOG_ERROR, 1, "No active session given to be destroyed"); + eurephia_log(ctx, LOG_WARNING, 1, "No active session given to be destroyed"); return 1; } @@ -885,7 +895,7 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { session->sessionkey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not update session status in lastlog (%s))", session->sessionkey); return 0; } @@ -897,7 +907,7 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { session->sessionkey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not delete session variables (%s))", session->sessionkey); return 0; } @@ -915,7 +925,7 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session) { char *ret = NULL; - DEBUG(ctx, 10, "Function call: eDBget_firewall_profile(ctx, {session}'%s')", + DEBUG(ctx, 20, "Function call: eDBget_firewall_profile(ctx, {session}'%s')", session->sessionkey); /* WORK TO DO -- DO SQL: @@ -927,7 +937,8 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session) session->sessionkey */ if( /* IF SQL QUERY FAILED */ ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not retrieve firewall profile for session '%s'", + eurephia_log(ctx, LOG_FATAL, 0, + "Could not retrieve firewall profile for session '%s'", session->sessionkey); return NULL; } @@ -935,4 +946,3 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session) /* FREE SQL RESULT */ return ret; } - diff --git a/database/sqlite/eurephiadb-sqlite.c b/database/sqlite/eurephiadb-sqlite.c index 49e7e36..2a0b9be 100644 --- a/database/sqlite/eurephiadb-sqlite.c +++ b/database/sqlite/eurephiadb-sqlite.c @@ -87,7 +87,7 @@ void update_attempts(eurephiaCTX *ctx, const char *blid) { "UPDATE openvpn_blacklist " " SET last_accessed = CURRENT_TIMESTAMP WHERE blid = %q", blid); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update openvpn_blacklist.last_accessed for blid=%s", blid); } sqlite_free_results(res); @@ -105,14 +105,10 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) dbresult *res = NULL; int rc; -#ifdef MEMWATCH - mwStatistics(3); -#endif - - DEBUG(ctx, 10, "Function call: eDBconnect(ctx, %i, '%s')", argc, argv[0]); + DEBUG(ctx, 20, "Function call: eDBconnect(ctx, %i, '%s')", argc, argv[0]); if( (argc != 1) || (argv[0] == NULL) || (strlen(argv[0]) < 1) ) { - eurephia_log(ctx, LOG_PANIC, 0, "Wrong parameters to dblink-sqlite. Cannot open database."); + eurephia_log(ctx, LOG_PANIC, 0, "Wrong parameters to eurephiadb-sqlite. Cannot open database."); return 0; } @@ -125,7 +121,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) rc = sqlite3_open(argv[0], (void *) &dbc->dbhandle); if( rc ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not open database '%s'", dbc->dbname); + eurephia_log(ctx, LOG_PANIC, 0, "Could not open database '%s'", dbc->dbname); free_nullsafe(dbc->dbname); free_nullsafe(dbc); return 0; @@ -161,7 +157,7 @@ void eDBdisconnect(eurephiaCTX *ctx) { eDBconn *dbc = NULL; - DEBUG(ctx, 10, "Function call: eDBdisconnect(ctx)"); + DEBUG(ctx, 20, "Function call: eDBdisconnect(ctx)"); if( ctx->dbc == NULL ) { eurephia_log(ctx, LOG_WARNING, 0, "Database not open, cannot close database."); @@ -169,7 +165,7 @@ void eDBdisconnect(eurephiaCTX *ctx) } dbc = ctx->dbc; - eurephia_log(ctx, LOG_INFO, 2, "Closing database '%s'", dbc->dbname); + eurephia_log(ctx, LOG_INFO, 1, "Closing database '%s'", dbc->dbname); // Close database connection sqlite3_close((sqlite3 *) dbc->dbhandle); @@ -192,8 +188,8 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char int certid = 0; char *blid = NULL; - DEBUG(ctx, 10, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)", - org, cname, email, digest, depth); + DEBUG(ctx, 20, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)", + org, cname, email, digest, depth); // Check if certificate is valid, and not too many attempts has been tried with the given certificate res = sqlite_query(ctx, @@ -212,18 +208,18 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char // Check if we found certificate to be blacklisted or not. blid == NULL when NOT blacklisted if( blid == NULL ) { if( certid > 0 ) { - eurephia_log(ctx, LOG_INFO, 0, + eurephia_log(ctx, LOG_INFO, 0, "Found certid %i for user: %s/%s/%s", certid, org, cname, email); } else { - eurephia_log(ctx, LOG_INFO, 1, + eurephia_log(ctx, LOG_INFO, 1, "Unknown certificate for: %s/%s/%s (depth %s, digest: %s)", org, cname, email, depth, digest); } // Certificate is okay, certid contains the certificate ID } else { // If the certificate or IP is blacklisted, update status and deny access. - eurephia_log(ctx, LOG_WARNING, 1, + eurephia_log(ctx, LOG_WARNING, 0, "Attempt with BLACKLISTED certificate (certid %i)", certid); update_attempts(ctx, blid); certid = -1; @@ -233,7 +229,7 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char eurephia_log(ctx, LOG_FATAL, 0, "Could not look up certificate information"); } - DEBUG(ctx, 10, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s) - %i", + DEBUG(ctx, 20, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s) - %i", org, cname, email, digest, depth, certid); return certid; @@ -247,13 +243,13 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const char *crpwd = NULL, *activated = NULL, *deactivated = NULL, *blid_uname = NULL, *blid_cert; int uicid = 0, uid = 0, pwdok = 0; - DEBUG(ctx, 10, "Function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx')", certid, username); + DEBUG(ctx, 20, "Function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx')", certid, username); // Generate SHA1 hash of password, used for password auth crpwd = passwdhash(passwd); - res = sqlite_query(ctx, + res = sqlite_query(ctx, "SELECT uicid, ou.uid, activated, deactivated, bl1.blid, bl2.blid, " " (password = '%s') AS pwdok" " FROM openvpn_users ou" @@ -266,7 +262,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const crpwd, certid, username); free_nullsafe(crpwd); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not lookup user in database (certid %i, username '%s'", certid, username); return 0; } @@ -284,7 +280,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const uid, username); uicid = -1; } else if( blid_cert != NULL ) { - eurephia_log(ctx, LOG_WARNING, 0, + eurephia_log(ctx, LOG_WARNING, 0, "User account linked with a BLACKLISTED certificate " "(uid: %i, %s) - certid: %s", uid, username, certid); @@ -312,7 +308,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const } sqlite_free_results(res); - DEBUG(ctx, 10, "Result function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx') - %i", + DEBUG(ctx, 20, "Result function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx') - %i", certid, username, uicid); return uicid; @@ -324,16 +320,16 @@ int eDBget_uid(eurephiaCTX *ctx, const int certid, const char *username) dbresult *res = NULL; int ret = 0; - DEBUG(ctx, 10, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username); + DEBUG(ctx, 20, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username); - res = sqlite_query(ctx, + res = sqlite_query(ctx, "SELECT uid " " FROM openvpn_usercerts " " JOIN openvpn_users USING (uid) " " WHERE certid = '%i' AND username = '%q'", certid, username); if( (res == NULL) || (sqlite_get_numtuples(res) != 1) ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not lookup userid for user '%s'", username); + eurephia_log(ctx, LOG_FATAL, 0, "Could not lookup userid for user '%s'", username); ret = -1; } else { ret = atoi_nullsafe(sqlite_get_value(res, 0, 0)); @@ -351,10 +347,10 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) int atpexceed = -1, blacklisted = 0; char *atpid = NULL, *blid = NULL; - DEBUG(ctx, 10, "Function call: eDBblacklist_check(ctx, '%s', '%s')", + DEBUG(ctx, 20, "Function call: eDBblacklist_check(ctx, '%s', '%s')", eDBattempt_types[type].descr, val); - blr = sqlite_query(ctx, "SELECT blid FROM openvpn_blacklist WHERE %s = '%q'", + blr = sqlite_query(ctx, "SELECT blid FROM openvpn_blacklist WHERE %s = '%q'", eDBattempt_types[type].colname, val); if( blr != NULL ) { blid = strdup_nullsafe(sqlite_get_value(blr, 0, 0)); @@ -362,21 +358,21 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) blr = NULL; if( blid != NULL ) { - eurephia_log(ctx, LOG_WARNING, 1, "Attempt from blacklisted %s: %s", + eurephia_log(ctx, LOG_WARNING, 0, "Attempt from blacklisted %s: %s", eDBattempt_types[type].descr, val); blacklisted = 1; // [type] is blacklisted } // Update attempt information update_attempts(ctx, blid); } else { - eurephia_log(ctx, LOG_CRITICAL, 0, "Quering openvpn_blacklist for blacklisted %s", + eurephia_log(ctx, LOG_FATAL, 0, "Quering openvpn_blacklist for blacklisted %s failed", eDBattempt_types[type].descr); } if( blacklisted == 0 ) { // Check if this [type] has been attempted earlier - if it has reaced the maximum // attempt limit, blacklist it - atpr = sqlite_query(ctx, + atpr = sqlite_query(ctx, "SELECT atpid, attempts >= %q FROM openvpn_attempts WHERE %s = '%q'", eGet_value(ctx->dbc->config, eDBattempt_types[type].allow_cfg), eDBattempt_types[type].colname, val); @@ -389,14 +385,14 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) // If [type] has reached attempt limit and it is not black listed, black list it if( (atpexceed > 0) && (blid == NULL) ) { eurephia_log(ctx, LOG_WARNING, 0, - "%s got BLACKLISTED due to too many failed attempts: %s", + "%s got BLACKLISTED due to too many failed attempts: %s", eDBattempt_types[type].descr, val); blr = sqlite_query(ctx, - "INSERT INTO openvpn_blacklist (%s) VALUES ('%q')", + "INSERT INTO openvpn_blacklist (%s) VALUES ('%q')", eDBattempt_types[type].colname, val); if( blr == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, - "Could not blacklist %s (%s)", + eurephia_log(ctx, LOG_CRITICAL, 0, + "Could not blacklist %s (%s)", eDBattempt_types[type].descr, val); } sqlite_free_results(blr); @@ -411,7 +407,7 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) } free_nullsafe(blid); - DEBUG(ctx, 10, "Result - function call: eDBblacklist_check(ctx, '%s', '%s') - %i", + DEBUG(ctx, 20, "Result - function call: eDBblacklist_check(ctx, '%s', '%s') - %i", eDBattempt_types[type].descr, val, blacklisted); return blacklisted; @@ -423,7 +419,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value char *id = NULL, *atmpt_block = NULL, *blid = NULL; int attempts = 0; - DEBUG(ctx, 10, "Function call: eDBregister_attempt(ctx, %s, %s, '%s')", + DEBUG(ctx, 20, "Function call: eDBregister_attempt(ctx, %s, %s, '%s')", eDBattempt_types[type].colname, (mode == ATTEMPT_RESET ? "ATTEMPT_RESET" : "ATTEMPT_REGISTER"), value); @@ -440,7 +436,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value eDBattempt_types[type].colname, eDBattempt_types[type].colname, value); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not look up atpid in openvpn_attempts"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not look up atpid in openvpn_attempts"); return; } @@ -511,11 +507,11 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, { dbresult *res = NULL; - DEBUG(ctx, 10, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')", + DEBUG(ctx, 20, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')", skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask); if( skey->sessionstatus != SESSION_NEW ) { - eurephia_log(ctx, LOG_WARNING, 10, "Not a new session, will not register it again"); + eurephia_log(ctx, LOG_ERROR, 5, "Not a new session, will not register it again"); return 1; } @@ -527,7 +523,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, "VALUES (%i, %i, '%q','%q','%q','%q','%q', 1,'%q', CURRENT_TIMESTAMP)", uid, certid, proto, remipaddr, remport, vpnipaddr, vpnipmask, skey->sessionkey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not insert new session into openvpn_lastlog"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not insert new session into openvpn_lastlog"); return 0; } sqlite_free_results(res); @@ -540,11 +536,11 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha { dbresult *res = NULL; - DEBUG(ctx, 10, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')", + DEBUG(ctx, 20, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')", session->sessionkey, macaddr); if( macaddr == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "No MAC address was given to save"); + eurephia_log(ctx, LOG_FATAL, 0, "No MAC address was given to save"); return 0; } @@ -552,7 +548,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha res = sqlite_query(ctx, "INSERT INTO openvpn_macaddr_history (sessionkey, macaddr) VALUES ('%q','%q')", session->sessionkey, macaddr); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Failed to log new MAC address for session"); + eurephia_log(ctx, LOG_FATAL, 0, "Failed to log new MAC address for session"); return 0; } sqlite_free_results(res); @@ -562,7 +558,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha "UPDATE openvpn_lastlog SET sessionstatus = 2, macaddr = '%q' " " WHERE sessionkey = '%q' AND sessionstatus = 1", macaddr, session->sessionkey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with new MAC address for session"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with new MAC address for session"); return 0; } @@ -570,7 +566,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha // Save the MAC address in the session values register - needed for the destroy session if( eDBset_session_value(ctx, session, "macaddr", macaddr) == 0 ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not save MAC address into session variables"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not save MAC address into session variables"); return 0; } @@ -584,7 +580,7 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, { dbresult *res = NULL; - DEBUG(ctx, 10, "Function call: eDBregister_logout(ctx, '%s', %s, %s)", + DEBUG(ctx, 20, "Function call: eDBregister_logout(ctx, '%s', %s, %s)", skey->sessionkey, bytes_sent, bytes_received); res = sqlite_query(ctx, @@ -595,7 +591,7 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, atoi_nullsafe(bytes_sent), atoi_nullsafe(bytes_received), atoi_nullsafe(duration), skey->sessionkey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with logout information (%s)", + eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with logout information (%s)", skey->sessionkey); return 0; } @@ -611,10 +607,10 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) { dbresult *res = NULL; char *skey = NULL; - DEBUG(ctx, 10, "eDBget_sessionkey(ctx, '%s')", sessionseed); + DEBUG(ctx, 20, "eDBget_sessionkey(ctx, '%s')", sessionseed); if( sessionseed == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBget_sessionkey: No session seed given - cannot locate sessionkey"); return NULL; } @@ -626,7 +622,7 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) { " AND sessionseed = '%q'", sessionseed); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0,"Could not retrieve sessionkey from openvpn_sessionkeys (%s)", + eurephia_log(ctx, LOG_FATAL, 0,"Could not retrieve sessionkey from openvpn_sessionkeys (%s)", sessionseed); return NULL; } @@ -649,10 +645,10 @@ char *eDBget_sessionkey_macaddr(eurephiaCTX *ctx, const char *macaddr) { " FROM openvpn_sessions " " JOIN openvpn_lastlog USING (sessionkey)" " WHERE sessionstatus = 3 " - " AND datakey = 'macaddr' " + " AND datakey = 'macaddr'" " AND dataval = '%q'", macaddr); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not remove session from database (MAC addr: %s)", macaddr); return 0; } @@ -668,16 +664,18 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { dbresult *res; int uniq = 0; - DEBUG(ctx, 10, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey); + DEBUG(ctx, 20, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey); if( seskey == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBcheck_sessionkey_uniqness: Invalid session key given"); return 0; } - res = sqlite_query(ctx, "SELECT count(sessionkey) = 0 FROM openvpn_lastlog WHERE sessionkey = '%q'", seskey); + res = sqlite_query(ctx, + "SELECT count(sessionkey) = 0 " + "FROM openvpn_lastlog WHERE sessionkey = '%q'", seskey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "eDBcheck_sessionkey_uniqness: Could not check uniqueness of sessionkey"); return 0; } @@ -691,18 +689,18 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seskey) { dbresult *res; - DEBUG(ctx, 10, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey); + DEBUG(ctx, 20, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey); if( (seed == NULL) || (seskey == NULL) ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBregister_sessionkey: Invalid session seed or session key given"); return 0; } - res = sqlite_query(ctx, + res = sqlite_query(ctx, "INSERT INTO openvpn_sessionkeys (sessionseed, sessionkey) VALUES('%q','%q')", seed, seskey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "eDBregister_sessionkey: Error registering sessionkey into openvpn_sessionkeys"); return 0; } @@ -714,16 +712,16 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) { dbresult *res; - DEBUG(ctx, 10, "eDBremove_sessionkey(ctx, '%s')", seskey); + DEBUG(ctx, 20, "eDBremove_sessionkey(ctx, '%s')", seskey); if( seskey == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 1, + eurephia_log(ctx, LOG_FATAL, 1, "eDBremove_sessionkey: Invalid session key given"); return 0; } res = sqlite_query(ctx, "DELETE FROM openvpn_sessionkeys WHERE sessionkey = '%q'", seskey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "eDBremove_sessionkey: Error removing sessionkey from openvpn_sessionkeys"); return 0; } @@ -741,11 +739,11 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) { return NULL; } - DEBUG(ctx, 10, "Function call: eDBload_sessiondata(ctx, '%s')", sesskey); + DEBUG(ctx, 20, "Function call: eDBload_sessiondata(ctx, '%s')", sesskey); sessvals = eCreate_value_space(ctx, 10); - res = sqlite_query(ctx, "SELECT datakey, dataval FROM openvpn_sessions WHERE sessionkey = '%q'", + res = sqlite_query(ctx, "SELECT datakey, dataval FROM openvpn_sessions WHERE sessionkey = '%q'", sesskey); if( (res != NULL) || (sqlite_get_numtuples(res) > 0) ) { for( i = 0; i < sqlite_get_numtuples(res); i++ ) { @@ -754,7 +752,7 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) { sqlite_get_value(res, i, 1)); } } else { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not load session values for session '%s'", sesskey); } @@ -769,21 +767,21 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, dbresult *res = NULL; if( session == NULL ) { - DEBUG(ctx, 10, + DEBUG(ctx, 20, "Function call failed to eDBstore_session_value(ctx, ...): Non-existing session key"); return 0; } - DEBUG(ctx, 10, "Function call: eDBstore_session_value(ctx, '%s', %i, '%s', '%s')", + DEBUG(ctx, 20, "Function call: eDBstore_session_value(ctx, '%s', %i, '%s', '%s')", session->sessionkey, mode, key, val); switch( mode ) { case SESSVAL_NEW: - res = sqlite_query(ctx, + res = sqlite_query(ctx, "INSERT INTO openvpn_sessions (sessionkey, datakey, dataval) " "VALUES ('%q','%q','%q')", session->sessionkey, key, val); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not register new session variable into database: [%s] %s = %s", session->sessionkey, key, val); return 0; @@ -791,21 +789,24 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, break; case SESSVAL_UPDATE: - res = sqlite_query(ctx, + res = sqlite_query(ctx, "UPDATE openvpn_sessions SET dataval = '%q' " - " WHERE sessionkey = '%q' AND datakey = '%q'", val, session->sessionkey, key); + " WHERE sessionkey = '%q' AND datakey = '%q'", + val, session->sessionkey, key); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update session variable: [%s] %s = %s ", + eurephia_log(ctx, LOG_FATAL, 0, "Could not update session variable: [%s] %s = %s ", session->sessionkey, key, val); return 0; } break; case SESSVAL_DELETE: - res = sqlite_query(ctx, "DELETE FROM openvpn_sessions WHERE sessionkey = '%q' AND datakey = '%q'", - session->sessionkey, key); + res = sqlite_query(ctx, + "DELETE FROM openvpn_sessions " + " WHERE sessionkey = '%q' AND datakey = '%q'", + session->sessionkey, key); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not delete session variable: [%s] %s", + eurephia_log(ctx, LOG_FATAL, 0, "Could not delete session variable: [%s] %s", session->sessionkey, key); return 0; } @@ -813,7 +814,7 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, default: eurephia_log(ctx, LOG_FATAL, 0, "Unknown eDBstore_session_value mode '%i'", mode); - return 1; + return 0; } sqlite_free_results(res); return 1; @@ -824,20 +825,20 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { dbresult *res = NULL; - DEBUG(ctx, 10, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey); + DEBUG(ctx, 20, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey); if( (session == NULL) || (session->sessionkey == NULL) ) { - eurephia_log(ctx, LOG_ERROR, 1, "No active session given to be destroyed"); + eurephia_log(ctx, LOG_WARNING, 1, "No active session given to be destroyed"); return 1; } // Update session status - res = sqlite_query(ctx, + res = sqlite_query(ctx, "UPDATE openvpn_lastlog " " SET sessionstatus = 4, session_deleted = CURRENT_TIMESTAMP " " WHERE sessionkey = '%q' AND sessionstatus = 3", session->sessionkey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not update session status in lastlog (%s))", session->sessionkey); return 0; } @@ -846,7 +847,7 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { // Delete session variables res = sqlite_query(ctx, "DELETE FROM openvpn_sessions WHERE sessionkey = '%q'", session->sessionkey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, + eurephia_log(ctx, LOG_FATAL, 0, "Could not delete session variables (%s))", session->sessionkey); return 0; } @@ -865,17 +866,17 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session) char *ret = NULL; dbresult *res = NULL; - DEBUG(ctx, 10, "Function call: eDBget_firewall_profile(ctx, {session}'%s')", + DEBUG(ctx, 20, "Function call: eDBget_firewall_profile(ctx, {session}'%s')", session->sessionkey); - res = sqlite_query(ctx, + res = sqlite_query(ctx, "SELECT fw_profile " " FROM openvpn_lastlog " " JOIN openvpn_usercerts USING(certid, uid)" " JOIN openvpn_accesses USING(accessprofile)" " WHERE sessionkey = '%q'", session->sessionkey); if( res == NULL ) { - eurephia_log(ctx, LOG_CRITICAL, 0, "Could not retrieve firewall profile for session '%s'", + eurephia_log(ctx, LOG_FATAL, 0, "Could not retrieve firewall profile for session '%s'", session->sessionkey); return NULL; } @@ -883,4 +884,3 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session) sqlite_free_results(res); return ret; } - diff --git a/database/sqlite/sqlite.c b/database/sqlite/sqlite.c index 1a97793..85b41de 100644 --- a/database/sqlite/sqlite.c +++ b/database/sqlite/sqlite.c @@ -218,7 +218,7 @@ dbresult *sqlite_query(eurephiaCTX *ctx, char *fmt, ... ) { sql = sqlite3_vmprintf(fmt, ap); va_end(ap); - DEBUG(ctx, 11, "Doing SQL Query: %s", sql); + DEBUG(ctx, 25, "Doing SQL Query: %s", sql); rc = sqlite3_exec( (sqlite3 *) dbc->dbhandle, sql, _cb_parse_result, 0, &errMsg ); if( rc != SQLITE_OK ) { eurephia_log(ctx, LOG_ERROR, 0, "SQL Error: %s", errMsg); |