summaryrefslogtreecommitdiffstats
path: root/database
diff options
context:
space:
mode:
authorDavid Sommerseth <dazo@users.sourceforge.net>2008-10-04 00:42:37 +0200
committerDavid Sommerseth <dazo@users.sourceforge.net>2008-10-04 00:42:37 +0200
commit298838fa11b9c4e88e132c4551b93b9a1750fac5 (patch)
tree976bff31b42bb6420d991447fee90dbed78c03c8 /database
parent5a06808210ba0d52c06c34dee124f1a9fd95d92e (diff)
parentdb82a5db49a17e26f87a2779b62707983abd44f3 (diff)
downloadeurephia-298838fa11b9c4e88e132c4551b93b9a1750fac5.tar.gz
eurephia-298838fa11b9c4e88e132c4551b93b9a1750fac5.tar.xz
eurephia-298838fa11b9c4e88e132c4551b93b9a1750fac5.zip
Merge branch 'master' into cmake
Diffstat (limited to 'database')
-rw-r--r--database/eurephiadb-driver_template.c160
-rw-r--r--database/sqlite/eurephiadb-sqlite.c170
-rw-r--r--database/sqlite/sqlite.c2
3 files changed, 171 insertions, 161 deletions
diff --git a/database/eurephiadb-driver_template.c b/database/eurephiadb-driver_template.c
index 005afc7..fc67510 100644
--- a/database/eurephiadb-driver_template.c
+++ b/database/eurephiadb-driver_template.c
@@ -88,7 +88,7 @@ void update_attempts(eurephiaCTX *ctx, const char *blid) {
" SET last_accessed = CURRENT_TIMESTAMP WHERE blid = %s", blid
*/
if( /* SQL COMMAND FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_CRITICAL, 0,
"Could not update openvpn_blacklist.last_accessed for blid=%s", blid);
}
/* FREE SQL RESULT */
@@ -124,7 +124,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv)
* You are free to use whatever parameter syntax you would like to use.
*/
- DEBUG(ctx, 10, "Function call: eDBconnect(ctx, %i, '...')", argc, dbame);
+ DEBUG(ctx, 20, "Function call: eDBconnect(ctx, %i, '...')", argc, dbame);
// Connect to the database
dbc = (eDBconn *) malloc(sizeof(eDBconn)+2);
@@ -136,7 +136,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv)
/* WORK TO DO -- Open a database connection, and save the handle in dbc->handle */
if( /* IF CONNECTION FAILED */ ) {
- eurephia_log(ctx, LOG_FATAL, 0, "Could not open database '%s'", dbc->dbname);
+ eurephia_log(ctx, LOG_PANIC, 0, "Could not open database '%s'", dbc->dbname);
free_nullsafe(dbc->dbname);
free_nullsafe(dbc);
return 0;
@@ -178,7 +178,7 @@ void eDBdisconnect(eurephiaCTX *ctx)
{
eDBconn *dbc = NULL;
- DEBUG(ctx, 10, "Function call: eDBdisconnect(ctx)");
+ DEBUG(ctx, 20, "Function call: eDBdisconnect(ctx)");
if( ctx->dbc == NULL ) {
eurephia_log(ctx, LOG_WARNING, 0, "Database not open, cannot close database.");
@@ -186,7 +186,7 @@ void eDBdisconnect(eurephiaCTX *ctx)
}
dbc = ctx->dbc;
- eurephia_log(ctx, LOG_INFO, 2, "Closing database '%s'", dbc->dbname);
+ eurephia_log(ctx, LOG_INFO, 1, "Closing database '%s'", dbc->dbname);
/* WORK TO DO: Close database connection using dbc->dbhandle */
@@ -209,7 +209,7 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char
int certid = 0;
char *blid = NULL;
- DEBUG(ctx, 10, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)",
+ DEBUG(ctx, 20, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)",
org, cname, email, digest, depth);
// Check if certificate is valid, and not too many attempts has been tried with the given certificate
@@ -230,18 +230,18 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char
// Check if we found certificate to be blacklisted or not. blid == NULL when NOT blacklisted
if( blid == NULL ) {
if( certid > 0 ) {
- eurephia_log(ctx, LOG_INFO, 0,
+ eurephia_log(ctx, LOG_INFO, 0,
"Found certid %i for user: %s/%s/%s",
certid, org, cname, email);
} else {
- eurephia_log(ctx, LOG_INFO, 1,
+ eurephia_log(ctx, LOG_INFO, 1,
"Unknown certificate for: %s/%s/%s (depth %s, digest: %s)",
org, cname, email, depth, digest);
}
// Certificate is okay, certid contains the certificate ID
} else {
// If the certificate or IP is blacklisted, update status and deny access.
- eurephia_log(ctx, LOG_WARNING, 1,
+ eurephia_log(ctx, LOG_WARNING, 0,
"Attempt with BLACKLISTED certificate (certid %i)", certid);
update_attempts(ctx, blid);
certid = -1;
@@ -251,7 +251,7 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char
eurephia_log(ctx, LOG_FATAL, 0, "Could not look up certificate information");
}
- DEBUG(ctx, 10, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s) - %i",
+ DEBUG(ctx, 20, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s) - %i",
org, cname, email, digest, depth, certid);
return certid;
@@ -264,7 +264,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const
char *crpwd = NULL, *activated = NULL, *deactivated = NULL, *blid_uname = NULL, *blid_cert;
int uicid = 0, uid = 0, pwdok = 0;
- DEBUG(ctx, 10, "Function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx')", certid, username);
+ DEBUG(ctx, 20, "Function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx')", certid, username);
// Generate SHA1 hash of password, used for password auth
@@ -284,8 +284,8 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const
*/
free_nullsafe(crpwd);
if( /* IF NO RESULT WAS RETURNED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
- "Could not lookup user in database (certid %i, username '%s'", certid, username);
+ eurephia_log(ctx, LOG_FATAL, 0,
+ "Could not look up user in database (certid %i, username '%s'", certid, username);
return 0;
}
@@ -298,25 +298,29 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const
pwdok = atoi_nullsafe(/* GET pwdok FIELD FROM SQL RESULT */);
if( blid_uname != NULL ) {
- eurephia_log(ctx, LOG_WARNING, 0, "User account is BLACKLISTED (uid: %i, %s)",
+ eurephia_log(ctx, LOG_WARNING, 0,
+ "User account is BLACKLISTED (uid: %i, %s)",
uid, username);
uicid = -1;
} else if( blid_cert != NULL ) {
- eurephia_log(ctx, LOG_WARNING, 0,
+ eurephia_log(ctx, LOG_WARNING, 0,
"User account linked with a BLACKLISTED certificate "
"(uid: %i, %s) - certid: %s",
uid, username, certid);
uicid = -1;
} else if( activated == NULL ) {
- eurephia_log(ctx, LOG_WARNING, 0, "User account is not activated (uid: %i, %s)",
+ eurephia_log(ctx, LOG_WARNING, 0,
+ "User account is not activated (uid: %i, %s)",
uid, username);
uicid = -1;
} else if( deactivated != NULL ) {
- eurephia_log(ctx, LOG_WARNING, 0, "User account is deactivated (uid: %i, %s)",
+ eurephia_log(ctx, LOG_WARNING, 0,
+ "User account is deactivated (uid: %i, %s)",
uid, username);
uicid = -1;
} else if( pwdok != 1 ) {
- eurephia_log(ctx, LOG_WARNING, 0,"Authentication failed for user '%s'. Wrong password.",
+ eurephia_log(ctx, LOG_WARNING, 0,
+ "Authentication failed for user '%s'. Wrong password.",
username);
uicid = -1;
@@ -330,7 +334,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const
}
/* FREE SQL RESULT */
- DEBUG(ctx, 10, "Result function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx') - %i",
+ DEBUG(ctx, 20, "Result function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx') - %i",
certid, username, uicid);
return uicid;
@@ -341,7 +345,7 @@ int eDBget_uid(eurephiaCTX *ctx, const int certid, const char *username)
{
int ret = 0;
- DEBUG(ctx, 10, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username);
+ DEBUG(ctx, 20, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username);
/* WORK TO DO -- DO SQL:
"SELECT uid "
@@ -351,7 +355,7 @@ int eDBget_uid(eurephiaCTX *ctx, const int certid, const char *username)
certid, username
*/
if( /* IF NO RESULT FOUND */ || /* OR WE GOT MORE THAN 1 RECORD */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not lookup userid for user '%s'", username);
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not lookup userid for user '%s'", username);
ret = -1;
} else {
ret = atoi_nullsafe(/* GET uid FIELD FROM SQL RESULT */);
@@ -368,7 +372,7 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val)
int atpexceed = -1, blacklisted = 0;
char *atpid = NULL, *blid = NULL;
- DEBUG(ctx, 10, "Function call: eDBblacklist_check(ctx, '%s', '%s')",
+ DEBUG(ctx, 20, "Function call: eDBblacklist_check(ctx, '%s', '%s')",
eDBattempt_types[type].descr, val);
/* WORK TO DO -- DO SQL:
@@ -380,14 +384,14 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val)
/* FREE SQL RESULT */
if( blid != NULL ) { // If we found a blacklisted record
- eurephia_log(ctx, LOG_WARNING, 1, "Attempt from blacklisted %s: %s",
+ eurephia_log(ctx, LOG_WARNING, 0, "Attempt from blacklisted %s: %s",
eDBattempt_types[type].descr, val);
blacklisted = 1; // [type] is blacklisted
}
// Update attempt information
update_attempts(ctx, blid);
} else {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Quering openvpn_blacklist for blacklisted %s",
+ eurephia_log(ctx, LOG_FATAL, 0, "Quering openvpn_blacklist for blacklisted %s failed",
eDBattempt_types[type].descr);
}
@@ -408,15 +412,15 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val)
// If [type] has reached attempt limit and it is not black listed, black list it
if( (atpexceed > 0) && (blid == NULL) ) {
eurephia_log(ctx, LOG_WARNING, 0,
- "%s got BLACKLISTED due to too many failed attempts: %s",
+ "%s got BLACKLISTED due to too many failed attempts: %s",
eDBattempt_types[type].descr, val);
/* WORK TO DO -- DO SQL
"INSERT INTO openvpn_blacklist (%s) VALUES ('%q')",
eDBattempt_types[type].colname, val
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
- "Could not blacklist %s (%s)",
+ eurephia_log(ctx, LOG_CRITICAL, 0,
+ "Could not blacklist %s (%s)",
eDBattempt_types[type].descr, val);
}
/* FREE SQL RESULT */
@@ -424,14 +428,15 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val)
}
free_nullsafe(atpid);
} else {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Quering openvpn_attempts for blacklisted %s failed",
+ eurephia_log(ctx, LOG_CRITICAL, 0,
+ "Quering openvpn_attempts for blacklisted %s failed",
eDBattempt_types[type].descr);
}
free_nullsafe(atpr);
}
free_nullsafe(blid);
- DEBUG(ctx, 10, "Result - function call: eDBblacklist_check(ctx, '%s', '%s') - %i",
+ DEBUG(ctx, 20, "Result - function call: eDBblacklist_check(ctx, '%s', '%s') - %i",
eDBattempt_types[type].descr, val, blacklisted);
return blacklisted;
@@ -443,7 +448,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value
char *id = NULL, *atmpt_block = NULL, *blid = NULL;
int attempts = 0;
- DEBUG(ctx, 10, "Function call: eDBregister_attempt(ctx, %s, %s, '%s')",
+ DEBUG(ctx, 20, "Function call: eDBregister_attempt(ctx, %s, %s, '%s')",
eDBattempt_types[type].colname,
(mode == ATTEMPT_RESET ? "ATTEMPT_RESET" : "ATTEMPT_REGISTER"),
value);
@@ -461,7 +466,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value
eDBattempt_types[type].colname, value
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not look up atpid in openvpn_attempts");
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not look up atpid in openvpn_attempts");
return;
}
@@ -487,7 +492,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value
Result check comes later ...
*/
- } else if( id != NULL ){
+ } else if( id != NULL ) {
// if a attempt record exists, update it according to mode
switch( mode ) {
case ATTEMPT_RESET:
@@ -512,7 +517,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value
}
if( /* IF SQL QUERY FAILED */ ) {
eurephia_log(ctx, LOG_CRITICAL, 0,
- "Could not update openvpn_attempts for %s = %s",
+ "Could not update openvpn_attempts for %s = %s",
eDBattempt_types[type].colname, value);
}
/* FREE SQL RESULT */
@@ -528,7 +533,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value
eDBattempt_types[type].colname, value
*/
if( /* IF SQL FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_CRITICAL, 0,
"Could not blacklist %s: %s",
eDBattempt_types[type].descr, value);
}
@@ -545,11 +550,11 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid,
const char *proto, const char *remipaddr, const char *remport,
const char *vpnipaddr, const char *vpnipmask)
{
- DEBUG(ctx, 10, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')",
+ DEBUG(ctx, 20, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')",
skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask);
if( skey->sessionstatus != SESSION_NEW ) {
- eurephia_log(ctx, LOG_WARNING, 10, "Not a new session, will not register it again");
+ eurephia_log(ctx, LOG_ERROR, 5, "Not a new session, will not register it again");
return 1;
}
@@ -562,7 +567,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid,
uid, certid, proto, remipaddr, remport, vpnipaddr, vpnipmask, skey->sessionkey
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not insert new session into openvpn_lastlog");
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not insert new session into openvpn_lastlog");
return 0;
}
/* FREE SQL RESULT */
@@ -574,11 +579,11 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid,
int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const char *macaddr)
{
- DEBUG(ctx, 10, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')",
+ DEBUG(ctx, 20, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')",
session->sessionkey, macaddr);
if( macaddr == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "No MAC address was given to save");
+ eurephia_log(ctx, LOG_FATAL, 0, "No MAC address was given to save");
return 0;
}
@@ -588,7 +593,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha
session->sessionkey, macaddr
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Failed to log new MAC address for session");
+ eurephia_log(ctx, LOG_FATAL, 0, "Failed to log new MAC address for session");
return 0;
}
/* FREE SQL RESULT */
@@ -599,14 +604,14 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha
" WHERE sessionkey = '%q' AND sessionstatus = 1", macaddr, session->sessionkey);
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with new MAC address for session");
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with new MAC address for session");
return 0;
}
/* FREE SQL RESULT */
// Save the MAC address in the session values register - needed for the destroy session
if( eDBset_session_value(ctx, session, "macaddr", macaddr) == 0 ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not save MAC address into session variables");
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not save MAC address into session variables");
return 0;
}
@@ -615,10 +620,10 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha
// Register the user as logged out
-int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey,
+int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey,
const char *bytes_sent, const char *bytes_received, const char *duration)
{
- DEBUG(ctx, 10, "Function call: eDBregister_logout(ctx, '%s', %s, %s)",
+ DEBUG(ctx, 20, "Function call: eDBregister_logout(ctx, '%s', %s, %s)",
skey->sessionkey, bytes_sent, bytes_received);
/* WORK TO DO -- DO SQL:
@@ -630,7 +635,8 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey,
atoi_nullsafe(duration), skey->sessionke
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with logout information (%s)",
+ eurephia_log(ctx, LOG_FATAL, 0,
+ "Could not update lastlog with logout information (%s)",
skey->sessionkey);
return 0;
}
@@ -645,10 +651,10 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey,
char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) {
char *skey = NULL;
- DEBUG(ctx, 10, "eDBget_sessionkey(ctx, '%s')", sessionseed);
+ DEBUG(ctx, 20, "eDBget_sessionkey(ctx, '%s')", sessionseed);
if( sessionseed == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 1,
+ eurephia_log(ctx, LOG_FATAL, 1,
"eDBget_sessionkey: No session seed given - cannot locate sessionkey");
return NULL;
}
@@ -662,7 +668,8 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) {
sessionseed
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,"Could not retrieve sessionkey from openvpn_sessionkeys (%s)",
+ eurephia_log(ctx, LOG_FATAL, 0,
+ "Could not retrieve sessionkey from openvpn_sessionkeys (%s)",
sessionseed);
return NULL;
}
@@ -689,7 +696,7 @@ char *eDBget_sessionkey_macaddr(eurephiaCTX *ctx, const char *macaddr) {
macaddr
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"Could not remove session from database (MAC addr: %s)", macaddr);
return 0;
}
@@ -704,9 +711,9 @@ char *eDBget_sessionkey_macaddr(eurephiaCTX *ctx, const char *macaddr) {
int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) {
int uniq = 0;
- DEBUG(ctx, 10, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey);
+ DEBUG(ctx, 20, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey);
if( seskey == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 1,
+ eurephia_log(ctx, LOG_FATAL, 1,
"eDBcheck_sessionkey_uniqness: Invalid session key given");
return 0;
}
@@ -716,7 +723,7 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) {
seskey
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"eDBcheck_sessionkey_uniqness: Could not check uniqueness of sessionkey");
return 0;
}
@@ -729,9 +736,9 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) {
// register a link between a short-term session seed and a long-term session key
int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seskey) {
- DEBUG(ctx, 10, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey);
+ DEBUG(ctx, 20, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey);
if( (seed == NULL) || (seskey == NULL) ) {
- eurephia_log(ctx, LOG_CRITICAL, 1,
+ eurephia_log(ctx, LOG_FATAL, 1,
"eDBregister_sessionkey: Invalid session seed or session key given");
return 0;
}
@@ -741,7 +748,7 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske
seed, seskey
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"eDBregister_sessionkey: Error registering sessionkey into openvpn_sessionkeys");
return 0;
}
@@ -752,9 +759,9 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske
// remove a session seed/session key link from openvpn_sessionkeys
int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) {
- DEBUG(ctx, 10, "eDBremove_sessionkey(ctx, '%s')", seskey);
+ DEBUG(ctx, 20, "eDBremove_sessionkey(ctx, '%s')", seskey);
if( seskey == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 1,
+ eurephia_log(ctx, LOG_FATAL, 1,
"eDBremove_sessionkey: Invalid session key given");
return 0;
}
@@ -764,7 +771,7 @@ int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) {
seskey
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"eDBremove_sessionkey: Error removing sessionkey from openvpn_sessionkeys");
return 0;
}
@@ -781,7 +788,7 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) {
return NULL;
}
- DEBUG(ctx, 10, "Function call: eDBload_sessiondata(ctx, '%s')", sesskey);
+ DEBUG(ctx, 20, "Function call: eDBload_sessiondata(ctx, '%s')", sesskey);
sessvals = eCreate_value_space(ctx, 10);
@@ -791,13 +798,13 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) {
*/
if( /* IF WE GOT RECORDS IN THE QUERY */ ) {
for( /* LOOP THROUGH ALL RECORDS */ ) {
- eAdd_value(ctx, sessvals,
+ eAdd_value(ctx, sessvals,
/* GET datakey FROM SQL RESULT */,
/* GET dataval FROM SQL RESULT */);
}
/* FREE SQL RESULT */
} else {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_CRITICAL, 0,
"Could not load session values for session '%s'", sesskey);
}
@@ -810,12 +817,12 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode,
{
if( session == NULL ) {
- DEBUG(ctx, 10,
+ DEBUG(ctx, 20,
"Function call failed to eDBstore_session_value(ctx, ...): Non-existing session key");
return 0;
}
- DEBUG(ctx, 10, "Function call: eDBstore_session_value(ctx, '%s', %i, '%s', '%s')",
+ DEBUG(ctx, 20, "Function call: eDBstore_session_value(ctx, '%s', %i, '%s', '%s')",
session->sessionkey, mode, key, val);
switch( mode ) {
@@ -826,7 +833,7 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode,
session->sessionkey, key, val
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"Could not register new session variable into database: [%s] %s = %s",
session->sessionkey, key, val);
return 0;
@@ -840,7 +847,8 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode,
val, session->sessionkey, key
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update session variable: [%s] %s = %s ",
+ eurephia_log(ctx, LOG_FATAL, 0,
+ "Could not update session variable: [%s] %s = %s ",
session->sessionkey, key, val);
return 0;
}
@@ -852,15 +860,17 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode,
session->sessionkey, key
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not delete session variable: [%s] %s",
+ eurephia_log(ctx, LOG_FATAL, 0,
+ "Could not delete session variable: [%s] %s",
session->sessionkey, key);
return 0;
}
break;
default:
- eurephia_log(ctx, LOG_FATAL, 0, "Unknown eDBstore_session_value mode '%i'", mode);
- return 1;
+ eurephia_log(ctx, LOG_FATAL, 0,
+ "Unknown eDBstore_session_value mode '%i'", mode);
+ return 0;
}
/* FREE SQL RESULT */
return 1;
@@ -870,10 +880,10 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode,
// Delete session information from openvpn_sessions and update openvpn_lastlog with status
int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) {
- DEBUG(ctx, 10, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey);
+ DEBUG(ctx, 20, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey);
if( (session == NULL) || (session->sessionkey == NULL) ) {
- eurephia_log(ctx, LOG_ERROR, 1, "No active session given to be destroyed");
+ eurephia_log(ctx, LOG_WARNING, 1, "No active session given to be destroyed");
return 1;
}
@@ -885,7 +895,7 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) {
session->sessionkey
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"Could not update session status in lastlog (%s))", session->sessionkey);
return 0;
}
@@ -897,7 +907,7 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) {
session->sessionkey
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"Could not delete session variables (%s))", session->sessionkey);
return 0;
}
@@ -915,7 +925,7 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session)
{
char *ret = NULL;
- DEBUG(ctx, 10, "Function call: eDBget_firewall_profile(ctx, {session}'%s')",
+ DEBUG(ctx, 20, "Function call: eDBget_firewall_profile(ctx, {session}'%s')",
session->sessionkey);
/* WORK TO DO -- DO SQL:
@@ -927,7 +937,8 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session)
session->sessionkey
*/
if( /* IF SQL QUERY FAILED */ ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not retrieve firewall profile for session '%s'",
+ eurephia_log(ctx, LOG_FATAL, 0,
+ "Could not retrieve firewall profile for session '%s'",
session->sessionkey);
return NULL;
}
@@ -935,4 +946,3 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session)
/* FREE SQL RESULT */
return ret;
}
-
diff --git a/database/sqlite/eurephiadb-sqlite.c b/database/sqlite/eurephiadb-sqlite.c
index 49e7e36..2a0b9be 100644
--- a/database/sqlite/eurephiadb-sqlite.c
+++ b/database/sqlite/eurephiadb-sqlite.c
@@ -87,7 +87,7 @@ void update_attempts(eurephiaCTX *ctx, const char *blid) {
"UPDATE openvpn_blacklist "
" SET last_accessed = CURRENT_TIMESTAMP WHERE blid = %q", blid);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_CRITICAL, 0,
"Could not update openvpn_blacklist.last_accessed for blid=%s", blid);
}
sqlite_free_results(res);
@@ -105,14 +105,10 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv)
dbresult *res = NULL;
int rc;
-#ifdef MEMWATCH
- mwStatistics(3);
-#endif
-
- DEBUG(ctx, 10, "Function call: eDBconnect(ctx, %i, '%s')", argc, argv[0]);
+ DEBUG(ctx, 20, "Function call: eDBconnect(ctx, %i, '%s')", argc, argv[0]);
if( (argc != 1) || (argv[0] == NULL) || (strlen(argv[0]) < 1) ) {
- eurephia_log(ctx, LOG_PANIC, 0, "Wrong parameters to dblink-sqlite. Cannot open database.");
+ eurephia_log(ctx, LOG_PANIC, 0, "Wrong parameters to eurephiadb-sqlite. Cannot open database.");
return 0;
}
@@ -125,7 +121,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv)
rc = sqlite3_open(argv[0], (void *) &dbc->dbhandle);
if( rc ) {
- eurephia_log(ctx, LOG_FATAL, 0, "Could not open database '%s'", dbc->dbname);
+ eurephia_log(ctx, LOG_PANIC, 0, "Could not open database '%s'", dbc->dbname);
free_nullsafe(dbc->dbname);
free_nullsafe(dbc);
return 0;
@@ -161,7 +157,7 @@ void eDBdisconnect(eurephiaCTX *ctx)
{
eDBconn *dbc = NULL;
- DEBUG(ctx, 10, "Function call: eDBdisconnect(ctx)");
+ DEBUG(ctx, 20, "Function call: eDBdisconnect(ctx)");
if( ctx->dbc == NULL ) {
eurephia_log(ctx, LOG_WARNING, 0, "Database not open, cannot close database.");
@@ -169,7 +165,7 @@ void eDBdisconnect(eurephiaCTX *ctx)
}
dbc = ctx->dbc;
- eurephia_log(ctx, LOG_INFO, 2, "Closing database '%s'", dbc->dbname);
+ eurephia_log(ctx, LOG_INFO, 1, "Closing database '%s'", dbc->dbname);
// Close database connection
sqlite3_close((sqlite3 *) dbc->dbhandle);
@@ -192,8 +188,8 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char
int certid = 0;
char *blid = NULL;
- DEBUG(ctx, 10, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)",
- org, cname, email, digest, depth);
+ DEBUG(ctx, 20, "Function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s)",
+ org, cname, email, digest, depth);
// Check if certificate is valid, and not too many attempts has been tried with the given certificate
res = sqlite_query(ctx,
@@ -212,18 +208,18 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char
// Check if we found certificate to be blacklisted or not. blid == NULL when NOT blacklisted
if( blid == NULL ) {
if( certid > 0 ) {
- eurephia_log(ctx, LOG_INFO, 0,
+ eurephia_log(ctx, LOG_INFO, 0,
"Found certid %i for user: %s/%s/%s",
certid, org, cname, email);
} else {
- eurephia_log(ctx, LOG_INFO, 1,
+ eurephia_log(ctx, LOG_INFO, 1,
"Unknown certificate for: %s/%s/%s (depth %s, digest: %s)",
org, cname, email, depth, digest);
}
// Certificate is okay, certid contains the certificate ID
} else {
// If the certificate or IP is blacklisted, update status and deny access.
- eurephia_log(ctx, LOG_WARNING, 1,
+ eurephia_log(ctx, LOG_WARNING, 0,
"Attempt with BLACKLISTED certificate (certid %i)", certid);
update_attempts(ctx, blid);
certid = -1;
@@ -233,7 +229,7 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char
eurephia_log(ctx, LOG_FATAL, 0, "Could not look up certificate information");
}
- DEBUG(ctx, 10, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s) - %i",
+ DEBUG(ctx, 20, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %s) - %i",
org, cname, email, digest, depth, certid);
return certid;
@@ -247,13 +243,13 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const
char *crpwd = NULL, *activated = NULL, *deactivated = NULL, *blid_uname = NULL, *blid_cert;
int uicid = 0, uid = 0, pwdok = 0;
- DEBUG(ctx, 10, "Function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx')", certid, username);
+ DEBUG(ctx, 20, "Function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx')", certid, username);
// Generate SHA1 hash of password, used for password auth
crpwd = passwdhash(passwd);
- res = sqlite_query(ctx,
+ res = sqlite_query(ctx,
"SELECT uicid, ou.uid, activated, deactivated, bl1.blid, bl2.blid, "
" (password = '%s') AS pwdok"
" FROM openvpn_users ou"
@@ -266,7 +262,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const
crpwd, certid, username);
free_nullsafe(crpwd);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"Could not lookup user in database (certid %i, username '%s'", certid, username);
return 0;
}
@@ -284,7 +280,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const
uid, username);
uicid = -1;
} else if( blid_cert != NULL ) {
- eurephia_log(ctx, LOG_WARNING, 0,
+ eurephia_log(ctx, LOG_WARNING, 0,
"User account linked with a BLACKLISTED certificate "
"(uid: %i, %s) - certid: %s",
uid, username, certid);
@@ -312,7 +308,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const
}
sqlite_free_results(res);
- DEBUG(ctx, 10, "Result function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx') - %i",
+ DEBUG(ctx, 20, "Result function call: eDBauth_user(ctx, %i, '%s','xxxxxxxx') - %i",
certid, username, uicid);
return uicid;
@@ -324,16 +320,16 @@ int eDBget_uid(eurephiaCTX *ctx, const int certid, const char *username)
dbresult *res = NULL;
int ret = 0;
- DEBUG(ctx, 10, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username);
+ DEBUG(ctx, 20, "Function call: eDBget_uid(ctx, %i, '%s')", certid, username);
- res = sqlite_query(ctx,
+ res = sqlite_query(ctx,
"SELECT uid "
" FROM openvpn_usercerts "
" JOIN openvpn_users USING (uid) "
" WHERE certid = '%i' AND username = '%q'",
certid, username);
if( (res == NULL) || (sqlite_get_numtuples(res) != 1) ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not lookup userid for user '%s'", username);
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not lookup userid for user '%s'", username);
ret = -1;
} else {
ret = atoi_nullsafe(sqlite_get_value(res, 0, 0));
@@ -351,10 +347,10 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val)
int atpexceed = -1, blacklisted = 0;
char *atpid = NULL, *blid = NULL;
- DEBUG(ctx, 10, "Function call: eDBblacklist_check(ctx, '%s', '%s')",
+ DEBUG(ctx, 20, "Function call: eDBblacklist_check(ctx, '%s', '%s')",
eDBattempt_types[type].descr, val);
- blr = sqlite_query(ctx, "SELECT blid FROM openvpn_blacklist WHERE %s = '%q'",
+ blr = sqlite_query(ctx, "SELECT blid FROM openvpn_blacklist WHERE %s = '%q'",
eDBattempt_types[type].colname, val);
if( blr != NULL ) {
blid = strdup_nullsafe(sqlite_get_value(blr, 0, 0));
@@ -362,21 +358,21 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val)
blr = NULL;
if( blid != NULL ) {
- eurephia_log(ctx, LOG_WARNING, 1, "Attempt from blacklisted %s: %s",
+ eurephia_log(ctx, LOG_WARNING, 0, "Attempt from blacklisted %s: %s",
eDBattempt_types[type].descr, val);
blacklisted = 1; // [type] is blacklisted
}
// Update attempt information
update_attempts(ctx, blid);
} else {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Quering openvpn_blacklist for blacklisted %s",
+ eurephia_log(ctx, LOG_FATAL, 0, "Quering openvpn_blacklist for blacklisted %s failed",
eDBattempt_types[type].descr);
}
if( blacklisted == 0 ) {
// Check if this [type] has been attempted earlier - if it has reaced the maximum
// attempt limit, blacklist it
- atpr = sqlite_query(ctx,
+ atpr = sqlite_query(ctx,
"SELECT atpid, attempts >= %q FROM openvpn_attempts WHERE %s = '%q'",
eGet_value(ctx->dbc->config, eDBattempt_types[type].allow_cfg),
eDBattempt_types[type].colname, val);
@@ -389,14 +385,14 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val)
// If [type] has reached attempt limit and it is not black listed, black list it
if( (atpexceed > 0) && (blid == NULL) ) {
eurephia_log(ctx, LOG_WARNING, 0,
- "%s got BLACKLISTED due to too many failed attempts: %s",
+ "%s got BLACKLISTED due to too many failed attempts: %s",
eDBattempt_types[type].descr, val);
blr = sqlite_query(ctx,
- "INSERT INTO openvpn_blacklist (%s) VALUES ('%q')",
+ "INSERT INTO openvpn_blacklist (%s) VALUES ('%q')",
eDBattempt_types[type].colname, val);
if( blr == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
- "Could not blacklist %s (%s)",
+ eurephia_log(ctx, LOG_CRITICAL, 0,
+ "Could not blacklist %s (%s)",
eDBattempt_types[type].descr, val);
}
sqlite_free_results(blr);
@@ -411,7 +407,7 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val)
}
free_nullsafe(blid);
- DEBUG(ctx, 10, "Result - function call: eDBblacklist_check(ctx, '%s', '%s') - %i",
+ DEBUG(ctx, 20, "Result - function call: eDBblacklist_check(ctx, '%s', '%s') - %i",
eDBattempt_types[type].descr, val, blacklisted);
return blacklisted;
@@ -423,7 +419,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value
char *id = NULL, *atmpt_block = NULL, *blid = NULL;
int attempts = 0;
- DEBUG(ctx, 10, "Function call: eDBregister_attempt(ctx, %s, %s, '%s')",
+ DEBUG(ctx, 20, "Function call: eDBregister_attempt(ctx, %s, %s, '%s')",
eDBattempt_types[type].colname,
(mode == ATTEMPT_RESET ? "ATTEMPT_RESET" : "ATTEMPT_REGISTER"),
value);
@@ -440,7 +436,7 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value
eDBattempt_types[type].colname,
eDBattempt_types[type].colname, value);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not look up atpid in openvpn_attempts");
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not look up atpid in openvpn_attempts");
return;
}
@@ -511,11 +507,11 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid,
{
dbresult *res = NULL;
- DEBUG(ctx, 10, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')",
+ DEBUG(ctx, 20, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')",
skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask);
if( skey->sessionstatus != SESSION_NEW ) {
- eurephia_log(ctx, LOG_WARNING, 10, "Not a new session, will not register it again");
+ eurephia_log(ctx, LOG_ERROR, 5, "Not a new session, will not register it again");
return 1;
}
@@ -527,7 +523,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid,
"VALUES (%i, %i, '%q','%q','%q','%q','%q', 1,'%q', CURRENT_TIMESTAMP)",
uid, certid, proto, remipaddr, remport, vpnipaddr, vpnipmask, skey->sessionkey);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not insert new session into openvpn_lastlog");
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not insert new session into openvpn_lastlog");
return 0;
}
sqlite_free_results(res);
@@ -540,11 +536,11 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha
{
dbresult *res = NULL;
- DEBUG(ctx, 10, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')",
+ DEBUG(ctx, 20, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')",
session->sessionkey, macaddr);
if( macaddr == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "No MAC address was given to save");
+ eurephia_log(ctx, LOG_FATAL, 0, "No MAC address was given to save");
return 0;
}
@@ -552,7 +548,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha
res = sqlite_query(ctx, "INSERT INTO openvpn_macaddr_history (sessionkey, macaddr) VALUES ('%q','%q')",
session->sessionkey, macaddr);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Failed to log new MAC address for session");
+ eurephia_log(ctx, LOG_FATAL, 0, "Failed to log new MAC address for session");
return 0;
}
sqlite_free_results(res);
@@ -562,7 +558,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha
"UPDATE openvpn_lastlog SET sessionstatus = 2, macaddr = '%q' "
" WHERE sessionkey = '%q' AND sessionstatus = 1", macaddr, session->sessionkey);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with new MAC address for session");
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with new MAC address for session");
return 0;
}
@@ -570,7 +566,7 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha
// Save the MAC address in the session values register - needed for the destroy session
if( eDBset_session_value(ctx, session, "macaddr", macaddr) == 0 ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not save MAC address into session variables");
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not save MAC address into session variables");
return 0;
}
@@ -584,7 +580,7 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey,
{
dbresult *res = NULL;
- DEBUG(ctx, 10, "Function call: eDBregister_logout(ctx, '%s', %s, %s)",
+ DEBUG(ctx, 20, "Function call: eDBregister_logout(ctx, '%s', %s, %s)",
skey->sessionkey, bytes_sent, bytes_received);
res = sqlite_query(ctx,
@@ -595,7 +591,7 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey,
atoi_nullsafe(bytes_sent), atoi_nullsafe(bytes_received),
atoi_nullsafe(duration), skey->sessionkey);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update lastlog with logout information (%s)",
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with logout information (%s)",
skey->sessionkey);
return 0;
}
@@ -611,10 +607,10 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) {
dbresult *res = NULL;
char *skey = NULL;
- DEBUG(ctx, 10, "eDBget_sessionkey(ctx, '%s')", sessionseed);
+ DEBUG(ctx, 20, "eDBget_sessionkey(ctx, '%s')", sessionseed);
if( sessionseed == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 1,
+ eurephia_log(ctx, LOG_FATAL, 1,
"eDBget_sessionkey: No session seed given - cannot locate sessionkey");
return NULL;
}
@@ -626,7 +622,7 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) {
" AND sessionseed = '%q'",
sessionseed);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,"Could not retrieve sessionkey from openvpn_sessionkeys (%s)",
+ eurephia_log(ctx, LOG_FATAL, 0,"Could not retrieve sessionkey from openvpn_sessionkeys (%s)",
sessionseed);
return NULL;
}
@@ -649,10 +645,10 @@ char *eDBget_sessionkey_macaddr(eurephiaCTX *ctx, const char *macaddr) {
" FROM openvpn_sessions "
" JOIN openvpn_lastlog USING (sessionkey)"
" WHERE sessionstatus = 3 "
- " AND datakey = 'macaddr' "
+ " AND datakey = 'macaddr'"
" AND dataval = '%q'", macaddr);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"Could not remove session from database (MAC addr: %s)", macaddr);
return 0;
}
@@ -668,16 +664,18 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) {
dbresult *res;
int uniq = 0;
- DEBUG(ctx, 10, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey);
+ DEBUG(ctx, 20, "eDBcheck_sessionkey_uniqueness(ctx, '%s')", seskey);
if( seskey == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 1,
+ eurephia_log(ctx, LOG_FATAL, 1,
"eDBcheck_sessionkey_uniqness: Invalid session key given");
return 0;
}
- res = sqlite_query(ctx, "SELECT count(sessionkey) = 0 FROM openvpn_lastlog WHERE sessionkey = '%q'", seskey);
+ res = sqlite_query(ctx,
+ "SELECT count(sessionkey) = 0 "
+ "FROM openvpn_lastlog WHERE sessionkey = '%q'", seskey);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"eDBcheck_sessionkey_uniqness: Could not check uniqueness of sessionkey");
return 0;
}
@@ -691,18 +689,18 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) {
int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seskey) {
dbresult *res;
- DEBUG(ctx, 10, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey);
+ DEBUG(ctx, 20, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey);
if( (seed == NULL) || (seskey == NULL) ) {
- eurephia_log(ctx, LOG_CRITICAL, 1,
+ eurephia_log(ctx, LOG_FATAL, 1,
"eDBregister_sessionkey: Invalid session seed or session key given");
return 0;
}
- res = sqlite_query(ctx,
+ res = sqlite_query(ctx,
"INSERT INTO openvpn_sessionkeys (sessionseed, sessionkey) VALUES('%q','%q')",
seed, seskey);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"eDBregister_sessionkey: Error registering sessionkey into openvpn_sessionkeys");
return 0;
}
@@ -714,16 +712,16 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske
int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) {
dbresult *res;
- DEBUG(ctx, 10, "eDBremove_sessionkey(ctx, '%s')", seskey);
+ DEBUG(ctx, 20, "eDBremove_sessionkey(ctx, '%s')", seskey);
if( seskey == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 1,
+ eurephia_log(ctx, LOG_FATAL, 1,
"eDBremove_sessionkey: Invalid session key given");
return 0;
}
res = sqlite_query(ctx, "DELETE FROM openvpn_sessionkeys WHERE sessionkey = '%q'", seskey);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"eDBremove_sessionkey: Error removing sessionkey from openvpn_sessionkeys");
return 0;
}
@@ -741,11 +739,11 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) {
return NULL;
}
- DEBUG(ctx, 10, "Function call: eDBload_sessiondata(ctx, '%s')", sesskey);
+ DEBUG(ctx, 20, "Function call: eDBload_sessiondata(ctx, '%s')", sesskey);
sessvals = eCreate_value_space(ctx, 10);
- res = sqlite_query(ctx, "SELECT datakey, dataval FROM openvpn_sessions WHERE sessionkey = '%q'",
+ res = sqlite_query(ctx, "SELECT datakey, dataval FROM openvpn_sessions WHERE sessionkey = '%q'",
sesskey);
if( (res != NULL) || (sqlite_get_numtuples(res) > 0) ) {
for( i = 0; i < sqlite_get_numtuples(res); i++ ) {
@@ -754,7 +752,7 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) {
sqlite_get_value(res, i, 1));
}
} else {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_CRITICAL, 0,
"Could not load session values for session '%s'", sesskey);
}
@@ -769,21 +767,21 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode,
dbresult *res = NULL;
if( session == NULL ) {
- DEBUG(ctx, 10,
+ DEBUG(ctx, 20,
"Function call failed to eDBstore_session_value(ctx, ...): Non-existing session key");
return 0;
}
- DEBUG(ctx, 10, "Function call: eDBstore_session_value(ctx, '%s', %i, '%s', '%s')",
+ DEBUG(ctx, 20, "Function call: eDBstore_session_value(ctx, '%s', %i, '%s', '%s')",
session->sessionkey, mode, key, val);
switch( mode ) {
case SESSVAL_NEW:
- res = sqlite_query(ctx,
+ res = sqlite_query(ctx,
"INSERT INTO openvpn_sessions (sessionkey, datakey, dataval) "
"VALUES ('%q','%q','%q')", session->sessionkey, key, val);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"Could not register new session variable into database: [%s] %s = %s",
session->sessionkey, key, val);
return 0;
@@ -791,21 +789,24 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode,
break;
case SESSVAL_UPDATE:
- res = sqlite_query(ctx,
+ res = sqlite_query(ctx,
"UPDATE openvpn_sessions SET dataval = '%q' "
- " WHERE sessionkey = '%q' AND datakey = '%q'", val, session->sessionkey, key);
+ " WHERE sessionkey = '%q' AND datakey = '%q'",
+ val, session->sessionkey, key);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update session variable: [%s] %s = %s ",
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not update session variable: [%s] %s = %s ",
session->sessionkey, key, val);
return 0;
}
break;
case SESSVAL_DELETE:
- res = sqlite_query(ctx, "DELETE FROM openvpn_sessions WHERE sessionkey = '%q' AND datakey = '%q'",
- session->sessionkey, key);
+ res = sqlite_query(ctx,
+ "DELETE FROM openvpn_sessions "
+ " WHERE sessionkey = '%q' AND datakey = '%q'",
+ session->sessionkey, key);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not delete session variable: [%s] %s",
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not delete session variable: [%s] %s",
session->sessionkey, key);
return 0;
}
@@ -813,7 +814,7 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode,
default:
eurephia_log(ctx, LOG_FATAL, 0, "Unknown eDBstore_session_value mode '%i'", mode);
- return 1;
+ return 0;
}
sqlite_free_results(res);
return 1;
@@ -824,20 +825,20 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode,
int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) {
dbresult *res = NULL;
- DEBUG(ctx, 10, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey);
+ DEBUG(ctx, 20, "Function call: eDBdestroy_session(ctx, '%s')", session->sessionkey);
if( (session == NULL) || (session->sessionkey == NULL) ) {
- eurephia_log(ctx, LOG_ERROR, 1, "No active session given to be destroyed");
+ eurephia_log(ctx, LOG_WARNING, 1, "No active session given to be destroyed");
return 1;
}
// Update session status
- res = sqlite_query(ctx,
+ res = sqlite_query(ctx,
"UPDATE openvpn_lastlog "
" SET sessionstatus = 4, session_deleted = CURRENT_TIMESTAMP "
" WHERE sessionkey = '%q' AND sessionstatus = 3", session->sessionkey);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"Could not update session status in lastlog (%s))", session->sessionkey);
return 0;
}
@@ -846,7 +847,7 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) {
// Delete session variables
res = sqlite_query(ctx, "DELETE FROM openvpn_sessions WHERE sessionkey = '%q'", session->sessionkey);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0,
+ eurephia_log(ctx, LOG_FATAL, 0,
"Could not delete session variables (%s))", session->sessionkey);
return 0;
}
@@ -865,17 +866,17 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session)
char *ret = NULL;
dbresult *res = NULL;
- DEBUG(ctx, 10, "Function call: eDBget_firewall_profile(ctx, {session}'%s')",
+ DEBUG(ctx, 20, "Function call: eDBget_firewall_profile(ctx, {session}'%s')",
session->sessionkey);
- res = sqlite_query(ctx,
+ res = sqlite_query(ctx,
"SELECT fw_profile "
" FROM openvpn_lastlog "
" JOIN openvpn_usercerts USING(certid, uid)"
" JOIN openvpn_accesses USING(accessprofile)"
" WHERE sessionkey = '%q'", session->sessionkey);
if( res == NULL ) {
- eurephia_log(ctx, LOG_CRITICAL, 0, "Could not retrieve firewall profile for session '%s'",
+ eurephia_log(ctx, LOG_FATAL, 0, "Could not retrieve firewall profile for session '%s'",
session->sessionkey);
return NULL;
}
@@ -883,4 +884,3 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session)
sqlite_free_results(res);
return ret;
}
-
diff --git a/database/sqlite/sqlite.c b/database/sqlite/sqlite.c
index 1a97793..85b41de 100644
--- a/database/sqlite/sqlite.c
+++ b/database/sqlite/sqlite.c
@@ -218,7 +218,7 @@ dbresult *sqlite_query(eurephiaCTX *ctx, char *fmt, ... ) {
sql = sqlite3_vmprintf(fmt, ap);
va_end(ap);
- DEBUG(ctx, 11, "Doing SQL Query: %s", sql);
+ DEBUG(ctx, 25, "Doing SQL Query: %s", sql);
rc = sqlite3_exec( (sqlite3 *) dbc->dbhandle, sql, _cb_parse_result, 0, &errMsg );
if( rc != SQLITE_OK ) {
eurephia_log(ctx, LOG_ERROR, 0, "SQL Error: %s", errMsg);
generated by cgit (git 2.34.1) at 2024-06-07 03:04:30 +0000