diff options
| -rw-r--r-- | database/eurephiadb.c | 19 | ||||
| -rw-r--r-- | database/eurephiadb_driver.h | 21 | ||||
| -rw-r--r-- | plugin/eurephia.c | 17 |
3 files changed, 44 insertions, 13 deletions
diff --git a/database/eurephiadb.c b/database/eurephiadb.c index d4618d3..e53d67f 100644 --- a/database/eurephiadb.c +++ b/database/eurephiadb.c @@ -1,6 +1,6 @@ /* eurephiadb.c -- Loads and initialises the database driver * - * GPLv2 only - Copyright (C) 2008 - 2010 + * GPLv2 only - Copyright (C) 2008 - 2012 * David Sommerseth <dazo@users.sourceforge.net> * * This program is free software; you can redistribute it and/or @@ -70,6 +70,7 @@ int eDBlink_close(eurephiaCTX *ctx) */ int eDBlink_init(eurephiaCTX *ctx, const char *dbdriver, const int minver) { + int apiver = -1; if( dbdriver == NULL ) { eurephia_log(ctx, LOG_FATAL, 0, "No eurephia database driver configured. " "eurephia authentication will not be available"); @@ -101,11 +102,20 @@ int eDBlink_init(eurephiaCTX *ctx, const char *dbdriver, const int minver) } // Configure functions contained in the driver, defined by API version - switch( (eDB_DriverAPIVersion() > minver ? minver : eDB_DriverAPIVersion()) ) { + apiver = (eDB_DriverAPIVersion() > minver ? minver : eDB_DriverAPIVersion()); + switch( apiver ) { + case -1: + eurephia_log(ctx, LOG_FATAL, 0, "Something unexpected happened - apiver==-1"); + ctx->fatal_error = 1; + break; + default: eurephia_log(ctx, LOG_WARNING, 0, "eurephia database driver API is newer than the running eurephia version. Consider " "to upgrade eurephia to take advantage of newer features in the driver."); + case 3: + eDBregister_vpnclientaddr = eGetSym(ctx, ctx->eurephia_driver, "eDBregister_vpnclientaddr"); + case 2: #ifdef ENABLE_EUREPHIADM eDBadminAuthenticate = eGetSym(ctx, ctx->eurephia_driver, "eDBadminAuthenticate"); @@ -135,7 +145,10 @@ int eDBlink_init(eurephiaCTX *ctx, const char *dbdriver, const int minver) eDBregister_attempt = eGetSym(ctx, ctx->eurephia_driver, "eDBregister_attempt"); eDBregister_login = eGetSym(ctx, ctx->eurephia_driver, "eDBregister_login"); - eDBregister_vpnmacaddr = eGetSym(ctx, ctx->eurephia_driver, "eDBregister_vpnmacaddr"); + + // If api version is 3, this function is replaced by eDBregister_vpnclientaddr() + eDBregister_vpnmacaddr = (apiver < 3 ? + eGetSym(ctx, ctx->eurephia_driver, "eDBregister_vpnmacaddr") : NULL); eDBregister_logout = eGetSym(ctx, ctx->eurephia_driver, "eDBregister_logout"); eDBget_firewall_profile = eGetSym(ctx, ctx->eurephia_driver, "eDBget_firewall_profile"); diff --git a/database/eurephiadb_driver.h b/database/eurephiadb_driver.h index c02d167..abdcd77 100644 --- a/database/eurephiadb_driver.h +++ b/database/eurephiadb_driver.h @@ -1,6 +1,6 @@ /* eurephiadb_driver.h -- API provided by the database driver * - * GPLv2 only - Copyright (C) 2008 - 2010 + * GPLv2 only - Copyright (C) 2008 - 2012 * David Sommerseth <dazo@users.sourceforge.net> * * This program is free software; you can redistribute it and/or @@ -213,6 +213,25 @@ int EUREPHIA_DRIVERAPI_FUNC(eDBregister_vpnmacaddr)(eurephiaCTX *ctx, eurephiaSE /** + * Registers the VPN clients address. This function is called when + * OpenVPN does the OPENVPN_PLUGIN_LEARN_ADDRESS call to the eurephia-auth plug-in. + * In TAP mode the clients VPN MAC and IP address are stored, in TUN mode the VPN IP + * address is stored. + * + * @version API version level 3 + * @param ctx eurephiaCTX + * @param session eurephiaSESSION of the user + * @param macaddr String (char *) containing the MAC address of the clients interface. + * @param vpnip4addr String (char *) containing the IPv4 address of the clients interface. + * @param vpnip6addr String (char *) containing the IPv6 address of the clients interface. + * + * @return Returns 1 on success, otherwise 0. + */ +int EUREPHIA_DRIVERAPI_FUNC(eDBregister_vpnclientaddr)(eurephiaCTX *ctx, eurephiaSESSION *session, + const char * macaddr, + const char * vpnip4addr, const char *vpnip6addr); + +/** * Registers when a user logged out. It will then add some information about the session to the * eurephia lastlog. * diff --git a/plugin/eurephia.c b/plugin/eurephia.c index eda014f..880ad71 100644 --- a/plugin/eurephia.c +++ b/plugin/eurephia.c @@ -1,6 +1,6 @@ /* eurephia.c -- Main functions for the eurephia authentication module * - * GPLv2 only - Copyright (C) 2008 - 2010 + * GPLv2 only - Copyright (C) 2008 - 2012 * David Sommerseth <dazo@users.sourceforge.net> * * This program is free software; you can redistribute it and/or @@ -142,10 +142,10 @@ eurephiaCTX *eurephiaInit(const char const **argv, const char const **envp) eurephia_log_init(ctx, "eurephia-auth", logfile, loglvl); } eurephia_log(ctx, LOG_INFO, 0, "Initialising eurephia v" EUREPHIAVERSION - " (David Sommerseth (C) 2008-2010 GPLv2)"); + " (David Sommerseth (C) 2008-2012 GPLv2)"); // Load the database driver - if( (error == 0) && eDBlink_init(ctx, dbi, 1) ) { + if( (error == 0) && eDBlink_init(ctx, dbi, 3) ) { // Connect to the database if( !eDBconnect(ctx, dbargc, dbargv) ) { eurephia_log(ctx, LOG_PANIC, 0, "Could not connect to the database"); @@ -699,12 +699,11 @@ int eurephia_learn_address(eurephiaCTX *ctx, const char *mode, const char *clien goto exit; } - if( ctx->tuntype == tuntype_TAP ) { - // Update openvpn_lastlog with the active MAC address, and save it as a session variable - ret = eDBregister_vpnmacaddr(ctx, session, clientaddr); - } else { - ret = 1; - } + // Update openvpn_lastlog with the active VPN client addresses, and save it as a + // session variable. clientaddr will contain the MAC address in TAP mode + ret = eDBregister_vpnclientaddr(ctx, session, + (ctx->tuntype == tuntype_TAP ? clientaddr : NULL), + vpnipaddr, NULL); if( (fw_enabled) && (fwdest != NULL) ) { fwprofile = eDBget_firewall_profile(ctx, session); |