diff options
| -rw-r--r-- | common/eurephia_context.h | 6 | ||||
| -rw-r--r-- | database/sqlite/sqlite.c | 4 | ||||
| -rw-r--r-- | plugin/eurephia.c | 1 | ||||
| -rw-r--r-- | plugin/firewall/eurephiafw.c | 1 |
4 files changed, 12 insertions, 0 deletions
diff --git a/common/eurephia_context.h b/common/eurephia_context.h index 2cef639..d5e13b2 100644 --- a/common/eurephia_context.h +++ b/common/eurephia_context.h @@ -26,6 +26,11 @@ #include "eurephiadb_struct.h" +#define ECTX_NO_PRIVILEGES 0x1000 +#define ECTX_PLUGIN_AUTH 0x1001 +#define ECTX_ADMIN_CONSOLE 0x1002 +#define ECTX_ADMIN_WEB 0x1004 + // // main structure for the eurephia module context // - the same context structure is used for all OpenVPN sessions @@ -42,6 +47,7 @@ typedef struct { FILE *log; int loglevel; int fatal_error; + int context_type; } eurephiaCTX; #endif diff --git a/database/sqlite/sqlite.c b/database/sqlite/sqlite.c index 85b41de..dda59ba 100644 --- a/database/sqlite/sqlite.c +++ b/database/sqlite/sqlite.c @@ -205,6 +205,10 @@ dbresult *sqlite_query(eurephiaCTX *ctx, char *fmt, ... ) { return NULL; } + if( ctx->context_type == ECTX_NO_PRIVILEGES ) { + eurephia_log(ctx, LOG_ERROR, 0, "Database query attempted from wrong context"); + return NULL; + } // prepare a new (global) result set ... // do not delete the old ones, since we return this "global" diff --git a/plugin/eurephia.c b/plugin/eurephia.c index 728ddd0..67bb682 100644 --- a/plugin/eurephia.c +++ b/plugin/eurephia.c @@ -148,6 +148,7 @@ eurephiaCTX *eurephiaInit(const char **argv) // Prepare a context area for eurephia-auth ctx = (eurephiaCTX *) malloc(sizeof(eurephiaCTX)+2); memset(ctx, 0, sizeof(eurephiaCTX)+2); + ctx->context_type = ECTX_PLUGIN_AUTH; // Open a log file if( logfile != NULL ) { diff --git a/plugin/firewall/eurephiafw.c b/plugin/firewall/eurephiafw.c index ae383cc..a253631 100644 --- a/plugin/firewall/eurephiafw.c +++ b/plugin/firewall/eurephiafw.c @@ -113,6 +113,7 @@ void eFW_StartFirewall(eurephiaCTX *ctx) { // Create a fake eurephia context, just for logging shadowctx = (eurephiaCTX *) malloc(sizeof(eurephiaCTX)+2); memset(shadowctx, 0, sizeof(eurephiaCTX)+2); + shadowctx->context_type = ECTX_NO_PRIVILEGES; shadowctx->loglevel = ctx->loglevel; shadowctx->log = ctx->log; (*ctx->fwcfg).thrdata.ctx = shadowctx; |