diff options
Diffstat (limited to 'database/sqlite')
-rw-r--r-- | database/sqlite/administration/attempts.c | 32 | ||||
-rw-r--r-- | database/sqlite/administration/authentication.c | 93 | ||||
-rw-r--r-- | database/sqlite/administration/blacklist.c | 32 | ||||
-rw-r--r-- | database/sqlite/administration/certificates.c | 24 | ||||
-rw-r--r-- | database/sqlite/administration/configuration.c | 13 | ||||
-rw-r--r-- | database/sqlite/administration/firewalladmin.c | 37 | ||||
-rw-r--r-- | database/sqlite/administration/lastlog.c | 4 | ||||
-rw-r--r-- | database/sqlite/administration/useraccount.c | 99 | ||||
-rw-r--r-- | database/sqlite/administration/usercerts.c | 29 | ||||
-rw-r--r-- | database/sqlite/edb-sqlite.c | 226 |
10 files changed, 397 insertions, 192 deletions
diff --git a/database/sqlite/administration/attempts.c b/database/sqlite/administration/attempts.c index 0085f08..d296172 100644 --- a/database/sqlite/administration/attempts.c +++ b/database/sqlite/administration/attempts.c @@ -70,8 +70,10 @@ xmlDoc *attempts_list(eurephiaCTX *ctx, eDBfieldMap *fmap) { " registered, last_attempt, atpid" " FROM openvpn_attempts", NULL, fmap, "atpid"); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Error querying the attempts log"); + sqlite_log_error(ctx, res); + sqlite_free_results(res); return NULL; } @@ -141,13 +143,17 @@ xmlDoc *attempts_reset(eurephiaCTX *ctx, eDBfieldMap *fmap) { } res = sqlite_query_mapped(ctx, SQL_UPDATE, "UPDATE openvpn_attempts", update_vals, fmap, NULL); - if( res == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not reset the attempts count"); - ret = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Could not reset the attempts count"); - } else { + if( sqlite_query_status(res) == dbSUCCESS ) { ret = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Attempts count reset"); - sqlite_free_results(res); + } else { + xmlNode *err_n = NULL; + + eurephia_log(ctx, LOG_FATAL, 0, "Could not reset the attempts count"); + err_n = sqlite_log_error_xml(ctx, res); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Could not reset the attempts count"); + xmlFreeNode(err_n); } + sqlite_free_results(res); return ret; } @@ -172,13 +178,17 @@ xmlDoc *attempts_delete(eurephiaCTX *ctx, eDBfieldMap *fmap) { } res = sqlite_query_mapped(ctx, SQL_DELETE, "DELETE FROM openvpn_attempts", NULL, fmap, NULL); - if( res == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not remove attempts record"); - ret = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Could not delete the attempts record"); - } else { + if( sqlite_query_status(res) == dbSUCCESS ) { ret = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Attempts record removed"); - sqlite_free_results(res); + } else { + xmlNode *err_n = NULL; + + eurephia_log(ctx, LOG_FATAL, 0, "Could not remove attempts record"); + err_n = sqlite_log_error_xml(ctx, res); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Could not delete the attempts record"); + xmlFreeNode(err_n); } + sqlite_free_results(res); return ret; } diff --git a/database/sqlite/administration/authentication.c b/database/sqlite/administration/authentication.c index 5587b20..3a612d4 100644 --- a/database/sqlite/administration/authentication.c +++ b/database/sqlite/administration/authentication.c @@ -124,9 +124,15 @@ static xmlDoc *auth_user(eurephiaCTX *ctx, const char *req_access, const char *u " WHERE ou.username = '%q'", uname); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { + xmlNode *err_n = NULL; + eurephia_log(ctx, LOG_FATAL, 0, "Could not authenticate user against the database"); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Authentication failed"); + err_n = sqlite_log_error_xml(ctx, res); + res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Authentication failed"); + xmlFreeNode(err_n); + sqlite_free_results(res); + return res_d; } if( sqlite_get_numtuples(res) == 1 ) { @@ -185,9 +191,15 @@ static xmlDoc *auth_user(eurephiaCTX *ctx, const char *req_access, const char *u " WHERE uid = '%q' AND interface = '%c' AND access = '%q'", uid, interface, req_access); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { + xmlNode *err_n = NULL; + eurephia_log(ctx, LOG_FATAL, 0, "Could not check access level"); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL,"Failed to validate access level"); + err_n = sqlite_log_error_xml(ctx, res); + res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n,"Failed to validate access level"); + xmlFreeNode(err_n); + sqlite_free_results(res); + return res_d; } access = atoi_nullsafe(sqlite_get_value(res, 0, 0)); sqlite_free_results(res); @@ -230,6 +242,8 @@ static xmlDoc *auth_session(eurephiaCTX *ctx, const char *sesskey, const char *r dbresult *res = NULL; int valid = 0, access = 0, expire_time = 0; char interface; + xmlDoc *ret_d = NULL; + xmlNode *err_n = NULL; DEBUG(ctx, 21, "Function call: auth_session(ctx, '%s, '%s')", sesskey, req_access); assert( (ctx != NULL) && (sesskey != NULL) ); @@ -264,9 +278,13 @@ static xmlDoc *auth_session(eurephiaCTX *ctx, const char *sesskey, const char *r " AND interface = '%c'", expire_time, sesskey, req_access, interface); - if( (res == NULL) ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not validate session"); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Session authentication failed"); + err_n = sqlite_log_error_xml(ctx, res); + ret_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Session authentication failed"); + sqlite_free_results(res); + xmlFreeNode(err_n); + return ret_d; } valid = (atoi_nullsafe(sqlite_get_value(res, 0, 0)) == 0); @@ -279,8 +297,9 @@ static xmlDoc *auth_session(eurephiaCTX *ctx, const char *sesskey, const char *r "UPDATE eurephia_adminlog" " SET last_action = CURRENT_TIMESTAMP, status = 2" " WHERE sessionkey = '%q'", sesskey); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Could not register session activity"); + err_n = sqlite_log_error_xml(ctx, res); } sqlite_free_results(res); @@ -291,17 +310,19 @@ static xmlDoc *auth_session(eurephiaCTX *ctx, const char *sesskey, const char *r " SET logout = CURRENT_TIMESTAMP, status = %i" " WHERE sessionkey = '%q'", (access ? 4 : 5), sesskey); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Could not register old session as logged out"); + err_n = sqlite_log_error_xml(ctx, res); } sqlite_free_results(res); // Delete session variables res = sqlite_query(ctx, "DELETE FROM openvpn_sessions WHERE sessionkey = '%q'", sesskey); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Could not delete session variables (%s))", sesskey); + sqlite_log_error(ctx, res); } else if( !access ) { eurephia_log(ctx, LOG_WARNING, 0, "User account is lacking privileges"); } @@ -309,11 +330,14 @@ static xmlDoc *auth_session(eurephiaCTX *ctx, const char *sesskey, const char *r } if (valid && access) { - return eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Session authenticated"); + ret_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, err_n, "Session authenticated"); } else { - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Session authentication failed"); - + ret_d = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Session authentication failed"); + } + if( err_n != NULL ) { + xmlFreeNode(err_n); } + return ret_d; } @@ -328,6 +352,7 @@ static xmlDoc *auth_session(eurephiaCTX *ctx, const char *sesskey, const char *r * @return Returns an eurephia ResultMsg XML document with the result. On fatal errors, NULL is returned */ static xmlDoc *register_login(eurephiaCTX *ctx, const int uid, const char *sesskey) { + xmlDoc *ret_d = NULL; dbresult *res = NULL; char interface; @@ -354,13 +379,19 @@ static xmlDoc *register_login(eurephiaCTX *ctx, const int uid, const char *sessk " (uid, interface, status, login, last_action, sessionkey) " "VALUES ('%i','%c',1,CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, '%q')", uid, interface, sesskey); - if( !res ) { + if( sqlite_query_status(res) == dbSUCCESS ) { + ret_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Session is registered as logged in"); + } else { + xmlNode *err_n = NULL; + eurephia_log(ctx, LOG_FATAL, 0, "Failed to register the session in the database"); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, - "Failed to register the session in the database"); + err_n = sqlite_log_error_xml(ctx, res); + ret_d = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, + "Failed to register the session in the database"); + xmlFreeNode(err_n); } sqlite_free_results(res); - return eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Session is registered as logged in"); + return ret_d; } @@ -375,6 +406,8 @@ static xmlDoc *register_login(eurephiaCTX *ctx, const int uid, const char *sessk */ static xmlDoc *register_logout(eurephiaCTX *ctx, const char *sessionkey) { dbresult *res = NULL; + xmlDoc *ret_d = NULL; + xmlNode *err_n = NULL; DEBUG(ctx, 21, "Function call: register_logout(ctx, '%s')", sessionkey); assert((ctx != NULL) && (sessionkey != NULL)); @@ -391,26 +424,38 @@ static xmlDoc *register_logout(eurephiaCTX *ctx, const char *sessionkey) { " SET logout = CURRENT_TIMESTAMP, status = 3" " WHERE sessionkey = '%q'", sessionkey); - if( !res || (sqlite_get_affected_rows(res) == 0) ) { + if( (sqlite_query_status(res) != dbSUCCESS) || (sqlite_get_affected_rows(res) == 0) ) { eurephia_log(ctx, LOG_FATAL, 0, "Failed to register the session as logged out (updated %i rows)", sqlite_get_affected_rows(res)); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, - "Failed to register the session as logged out"); + if( sqlite_query_status(res) == dbERROR ) { + err_n = sqlite_log_error_xml(ctx, res); + } + ret_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + "Failed to register the session as logged out"); + xmlFreeNode(err_n); + goto exit; } sqlite_free_results(res); // Delete session variables res = sqlite_query(ctx, "DELETE FROM openvpn_sessions WHERE sessionkey = '%q'", sessionkey); - if( !res || (sqlite_get_affected_rows(res) == 0) ) { + if( (sqlite_query_status(res) == dbSUCCESS) && (sqlite_get_affected_rows(res) > 0) ) { + ret_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Session is logged out"); + } else { eurephia_log(ctx, LOG_ERROR, 0, "Could not delete session variables (%s))", sessionkey); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, - "Could not delete session variables (%s))", sessionkey); + if( sqlite_query_status(res) == dbERROR ) { + err_n = sqlite_log_error_xml(ctx, res); + } + ret_d = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, + "Could not delete session variables (%s)", sessionkey); + xmlFreeNode(err_n); } - sqlite_free_results(res); - return eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Session is logged out"); + exit: + sqlite_free_results(res); + return ret_d; } diff --git a/database/sqlite/administration/blacklist.c b/database/sqlite/administration/blacklist.c index 677a692..66a5f6f 100644 --- a/database/sqlite/administration/blacklist.c +++ b/database/sqlite/administration/blacklist.c @@ -71,8 +71,10 @@ xmlDoc *blacklist_list(eurephiaCTX *ctx, eDBfieldMap *fmap) { " registered, last_accessed, blid" " FROM openvpn_blacklist", NULL, fmap, "blid"); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Error querying the blacklist register"); + sqlite_log_error(ctx, res); + sqlite_free_results(res); return NULL; } @@ -137,13 +139,17 @@ xmlDoc *blacklist_add(eurephiaCTX *ctx, eDBfieldMap *fmap) { } res = sqlite_query_mapped(ctx, SQL_INSERT, "INSERT INTO openvpn_blacklist", fmap, NULL, NULL); - if( res == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not blacklist the requested data"); - ret = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Blacklisting failed"); - } else { + if( sqlite_query_status(res) == dbSUCCESS ) { ret = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Record registered in the blacklist"); - sqlite_free_results(res); + } else { + xmlNode *err_n = NULL; + + eurephia_log(ctx, LOG_FATAL, 0, "Could not blacklist the requested data"); + err_n = sqlite_log_error_xml(ctx, res); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Blacklisting failed"); + xmlFreeNode(err_n); } + sqlite_free_results(res); return ret; } @@ -168,13 +174,17 @@ xmlDoc *blacklist_delete(eurephiaCTX *ctx, eDBfieldMap *fmap) { } res = sqlite_query_mapped(ctx, SQL_DELETE, "DELETE FROM openvpn_blacklist", NULL, fmap, NULL); - if( res == NULL ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not remove blacklisting"); - ret = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Failed to remove the blacklisting"); - } else { + if( sqlite_query_status(res) == dbSUCCESS ) { ret = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Blacklisting removed"); - sqlite_free_results(res); + } else { + xmlNode *err_n = NULL; + + eurephia_log(ctx, LOG_FATAL, 0, "Could not remove blacklisting"); + err_n = sqlite_log_error_xml(ctx, res); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Failed to remove the blacklisting"); + xmlFreeNode(err_n); } + sqlite_free_results(res); return ret; } diff --git a/database/sqlite/administration/certificates.c b/database/sqlite/administration/certificates.c index 78be97e..8db12ff 100644 --- a/database/sqlite/administration/certificates.c +++ b/database/sqlite/administration/certificates.c @@ -89,10 +89,13 @@ static xmlDoc *certificate_list(eurephiaCTX *ctx, eDBfieldMap *srch_map, const c "SELECT depth, lower(digest), common_name, organisation, email, " " registered, certid" " FROM openvpn_certificates", NULL, srch_map, sortkeys); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Could not query the certificate table"); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + tmp_n = sqlite_log_error_xml(ctx, res); + certlist = eurephiaXML_ResultMsg(ctx, exmlERROR, tmp_n, "Could not query the database for certificate info"); + xmlFreeNode(tmp_n); + goto exit; } memset(&tmp, 0, 2050); @@ -118,8 +121,9 @@ static xmlDoc *certificate_list(eurephiaCTX *ctx, eDBfieldMap *srch_map, const c sqlite_xml_value(tmp_n, XML_NODE, "email", res, i, 4); } - sqlite_free_results(res); + exit: + sqlite_free_results(res); return certlist; } @@ -159,9 +163,11 @@ static xmlDoc *certificate_add(eurephiaCTX *ctx, eDBfieldMap *crtinf_map) { // Register the certificate res = sqlite_query_mapped(ctx, SQL_INSERT, "INSERT INTO openvpn_certificates", crtinf_map, NULL, NULL); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not register the certificate"); - res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Could not register the certificate"); + info_n = sqlite_log_error_xml(ctx, res); + res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, info_n, "Could not register the certificate"); + xmlFreeNode(info_n); } else { xmlChar *certid = malloc_nullsafe(ctx, 34); assert( certid != NULL ); @@ -216,9 +222,13 @@ static xmlDoc *certificate_delete(eurephiaCTX *ctx, eDBfieldMap *crtinf_map) { // Register the certificate res = sqlite_query_mapped(ctx, SQL_DELETE, "DELETE FROM openvpn_certificates", NULL, crtinf_map, NULL); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { + xmlNode *err_n = NULL; + eurephia_log(ctx, LOG_FATAL, 0, "Could not complete the delete certificate request"); - res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Could not delete the certificate(s)"); + err_n = sqlite_log_error_xml(ctx, res); + res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Could not delete the certificate(s)"); + xmlFreeNode(err_n); } else { res_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "%i %s deleted", sqlite_get_affected_rows(res), diff --git a/database/sqlite/administration/configuration.c b/database/sqlite/administration/configuration.c index f336238..735c25b 100644 --- a/database/sqlite/administration/configuration.c +++ b/database/sqlite/administration/configuration.c @@ -68,8 +68,10 @@ static int config_set(eurephiaCTX *ctx, const char *key, const char *val) { } res = sqlite_query(ctx, "SELECT count(*) FROM openvpn_config WHERE datakey = '%q'", key); - if( !res ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Could not query configuration table"); + sqlite_log_error(ctx, res); + sqlite_free_results(res); return 0; } found = atoi_nullsafe(sqlite_get_value(res, 0, 0)); @@ -84,8 +86,10 @@ static int config_set(eurephiaCTX *ctx, const char *key, const char *val) { val, key); } - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Could not register configuration entry (%s = '%s'", key, val); + sqlite_log_error(ctx, res); + sqlite_free_results(res); return 0; } sqlite_free_results(res); @@ -125,8 +129,9 @@ static int config_delete(eurephiaCTX *ctx, const char *key) { // Delete the config parameter from the database res = sqlite_query(ctx, "DELETE FROM openvpn_config WHERE datakey = '%q'", key); - if( !res ) { - eurephia_log(ctx, LOG_ERROR, 0, "Could delete config configuration entry (%s)", key); + if( sqlite_query_status(res) != dbSUCCESS ) { + eurephia_log(ctx, LOG_ERROR, 0, "Could not delete config configuration entry (%s)", key); + sqlite_log_error(ctx, res); return 0; } sqlite_free_results(res); diff --git a/database/sqlite/administration/firewalladmin.c b/database/sqlite/administration/firewalladmin.c index 8ad2717..fd34183 100644 --- a/database/sqlite/administration/firewalladmin.c +++ b/database/sqlite/administration/firewalladmin.c @@ -87,8 +87,10 @@ xmlDoc *fwadmin_search(eurephiaCTX *ctx, eDBfieldMap *fmap) { " LEFT JOIN openvpn_users USING (uid)" " LEFT JOIN openvpn_certificates c ON (uac.certid = c.certid)", NULL, fmap, "accessprofile, uid, c.certid"); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Error querying the database for firewall profiles"); + sqlite_log_error(ctx, res); + sqlite_free_results(res); return NULL; } @@ -162,10 +164,14 @@ xmlDoc *fwadmin_add(eurephiaCTX *ctx, eDBfieldMap *fmap) { } res = sqlite_query_mapped(ctx, SQL_INSERT, "INSERT INTO openvpn_accesses", fmap, NULL, NULL); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { + xmlNode *err_n = NULL; + eurephia_log(ctx, LOG_FATAL, 0, "Could not register the new firewall profile"); - ret = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + err_n = sqlite_log_error_xml(ctx, res); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Could not register the new firewall profile"); + xmlFreeNode(err_n); } else { ret = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Firewall profile registered with id %i", @@ -187,6 +193,7 @@ xmlDoc *fwadmin_add(eurephiaCTX *ctx, eDBfieldMap *fmap) { xmlDoc *fwadmin_delete(eurephiaCTX *ctx, eDBfieldMap *fmap) { dbresult *res = NULL; xmlDoc *ret = NULL; + xmlNode *err_n = NULL; long int fields; // Check if we have the needed fields, and only the needed fields @@ -200,9 +207,12 @@ xmlDoc *fwadmin_delete(eurephiaCTX *ctx, eDBfieldMap *fmap) { // Find the accessprofile ID based on the fieldmap res = sqlite_query_mapped(ctx, SQL_SELECT, "SELECT DISTINCT accessprofile FROM openvpn_accesses", NULL, fmap, NULL); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not delete the firewall profile (1)"); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Could not delete the firewall profile"); + err_n = sqlite_log_error_xml(ctx, res); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Could not delete the firewall profile"); + xmlFreeNode(err_n); + goto exit; } // Delete all references to this access profile in openvpn_usercerts @@ -215,12 +225,14 @@ xmlDoc *fwadmin_delete(eurephiaCTX *ctx, eDBfieldMap *fmap) { "DELETE FROM openvpn_usercerts " " WHERE accessprofile = %q", sqlite_get_value(res, i, 0)); - if( dres == NULL ) { + if( sqlite_query_status(dres) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not delete the firewall profile (2)"); - ret = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + err_n = sqlite_log_error_xml(ctx, res); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Could not delete the firewall profile"); - sqlite_free_results(res); - return ret; + sqlite_free_results(dres); + xmlFreeNode(err_n); + goto exit; } sqlite_free_results(dres); } @@ -228,12 +240,15 @@ xmlDoc *fwadmin_delete(eurephiaCTX *ctx, eDBfieldMap *fmap) { // Delete requested access profiles from openvpn_accesses res = sqlite_query_mapped(ctx, SQL_DELETE, "DELETE FROM openvpn_accesses", NULL, fmap, NULL); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not delete the firewall profile"); - ret = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Could not delete the firewall profile"); + err_n = sqlite_log_error_xml(ctx, res); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Could not delete the firewall profile"); + xmlFreeNode(err_n); } else { ret = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Firewall profile deleted"); } + exit: sqlite_free_results(res); return ret; } diff --git a/database/sqlite/administration/lastlog.c b/database/sqlite/administration/lastlog.c index f700cee..ff7b479 100644 --- a/database/sqlite/administration/lastlog.c +++ b/database/sqlite/administration/lastlog.c @@ -106,8 +106,10 @@ xmlDoc *eDBadminGetLastlog(eurephiaCTX *ctx, xmlDoc *srch_xml, const char *sortk NULL, fmap, eDBmkSortKeyString(fmap, sortkeys)); eDBfreeMapping(fmap); xmlFreeDoc(doc); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Querying the lastlog failed"); + sqlite_log_error(ctx, res); + sqlite_free_results(res); return NULL; } eurephiaXML_CreateDoc(ctx, 1, "lastlog", &doc, &lastl); diff --git a/database/sqlite/administration/useraccount.c b/database/sqlite/administration/useraccount.c index a936294..a989257 100644 --- a/database/sqlite/administration/useraccount.c +++ b/database/sqlite/administration/useraccount.c @@ -123,9 +123,12 @@ static xmlDoc *useracc_view(eurephiaCTX *ctx, unsigned int infoType, " ON (os.uid = users.uid)", NULL, uinfo_map, sortkeys); - if( uinf == NULL ) { + if( sqlite_query_status(uinf) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Error querying the database for a user"); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Failed to query the user database"); + info_n = sqlite_log_error_xml(ctx, uinf); + doc = eurephiaXML_ResultMsg(ctx, exmlERROR, info_n, "Failed to query the user database"); + xmlFreeNode(info_n); + goto exit; } eurephiaXML_CreateDoc(ctx, 1, "UserAccount", &doc, &root_n); @@ -188,7 +191,7 @@ static xmlDoc *useracc_view(eurephiaCTX *ctx, unsigned int infoType, info_n = xmlNewChild(user_n, NULL, (xmlChar *) "certificates", NULL); assert( info_n != NULL ); - if( (qres != NULL) && (sqlite_get_numtuples(qres) > 0) ) { + if( (sqlite_query_status(qres) == dbSUCCESS) && (sqlite_get_numtuples(qres) > 0) ) { int i; xmlNode *cert, *acpr; xmlChar *tmp = NULL; @@ -216,6 +219,8 @@ static xmlDoc *useracc_view(eurephiaCTX *ctx, unsigned int infoType, sqlite_xml_value(acpr, XML_ATTR, "accessprofile", qres, i, 7); sqlite_xml_value(acpr, XML_ATTR, "fwdestination", qres, i, 9); } + } else if( sqlite_query_status(qres) == dbERROR ) { + sqlite_log_error(ctx, qres); } sqlite_free_results(qres); } @@ -238,11 +243,15 @@ static xmlDoc *useracc_view(eurephiaCTX *ctx, unsigned int infoType, " LEFT JOIN openvpn_certificates cert ON(ll.certid=cert.certid)" " WHERE uid = '%i' ORDER BY login, logout", uid); - if( qres == NULL ) { + if( sqlite_query_status(qres) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Querying the lastlog failed"); xmlFreeDoc(doc); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + info_n = sqlite_log_error_xml(ctx, qres); + doc = eurephiaXML_ResultMsg(ctx, exmlERROR, info_n, "Failed to query the lastlog"); + sqlite_free_results(qres); + xmlFreeNode(info_n); + return doc; } lastl = xmlNewChild(user_n, NULL, (xmlChar *) "lastlog", NULL); @@ -303,12 +312,18 @@ static xmlDoc *useracc_view(eurephiaCTX *ctx, unsigned int infoType, " FROM openvpn_attempts " " WHERE username = '%q'", username); - if( (qres == NULL) || (sqlite_get_numtuples(qres) > 1) ) { + if( (sqlite_query_status(qres) != dbSUCCESS) || (sqlite_get_numtuples(qres) > 1) ) { eurephia_log(ctx, LOG_ERROR, 0, "Querying for login attempts failed"); - sqlite_free_results(qres); + info_n = NULL; + if( sqlite_query_status(qres) == dbERROR ) { + info_n = sqlite_log_error_xml(ctx, qres); + } xmlFreeDoc(doc); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + doc = eurephiaXML_ResultMsg(ctx, exmlERROR, info_n, "Failed to query the login attempts log"); + sqlite_free_results(qres); + xmlFreeNode(info_n); + return doc; } atmpt = xmlNewChild(user_n, NULL, (xmlChar *) "attempts", NULL); @@ -331,12 +346,18 @@ static xmlDoc *useracc_view(eurephiaCTX *ctx, unsigned int infoType, " FROM openvpn_blacklist " " WHERE username = '%q'", username); - if( (qres == NULL) || (sqlite_get_numtuples(qres) > 1) ) { - eurephia_log(ctx, LOG_ERROR, 0, "Querying blacklist log failed"); - sqlite_free_results(qres); + if( (sqlite_query_status(qres) != dbSUCCESS) || (sqlite_get_numtuples(qres) > 1) ) { xmlFreeDoc(doc); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + eurephia_log(ctx, LOG_ERROR, 0, "Querying blacklist log failed"); + info_n = NULL; + if( sqlite_query_status(qres) == dbERROR ) { + info_n = sqlite_log_error_xml(ctx, qres); + } + doc = eurephiaXML_ResultMsg(ctx, exmlERROR, info_n, "Failed to query the blacklist log"); + sqlite_free_results(qres); + xmlFreeNode(info_n); + return doc; } atmpt = xmlNewChild(user_n, NULL, (xmlChar *) "blacklist", NULL); @@ -351,6 +372,7 @@ static xmlDoc *useracc_view(eurephiaCTX *ctx, unsigned int infoType, } } + exit: sqlite_free_results(uinf); return doc; } @@ -380,10 +402,16 @@ static xmlDoc *useracc_add(eurephiaCTX *ctx, eDBfieldMap *usrinf_map) { // Register the user res = sqlite_query_mapped(ctx, SQL_INSERT, "INSERT INTO openvpn_users", usrinf_map, NULL, NULL); - if( (res == NULL) || (sqlite_get_affected_rows(res) == 0) ) { + if( (sqlite_query_status(res) != dbSUCCESS) || (sqlite_get_affected_rows(res) == 0) ) { + xmlNode *err_n = NULL; + eurephia_log(ctx, LOG_FATAL, 0, "Could not register the new user account"); - res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + if( sqlite_query_status(res) == dbERROR ) { + err_n = sqlite_log_error_xml(ctx, res); + } + res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Failed to register the user account"); + xmlFreeNode(err_n); } else { xmlChar *uid = malloc_nullsafe(ctx, 34); xmlNode *info_n = NULL; @@ -445,9 +473,13 @@ static xmlDoc *useracc_update(eurephiaCTX *ctx, const int uid, eDBfieldMap *valu // UPDATE the database uinf = sqlite_query_mapped(ctx, SQL_UPDATE, "UPDATE openvpn_users", value_map, srch_map, NULL); - if( uinf == NULL ) { + if( sqlite_query_status(uinf) != dbSUCCESS ) { + xmlNode *err_n = NULL; + eurephia_log(ctx, LOG_ERROR, 0, "Error querying the database for a user"); - eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Failed to update user (uid %i)", uid); + err_n = sqlite_log_error_xml(ctx, uinf); + res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Failed to update user (uid %i)", uid); + xmlFreeNode(err_n); } else if( sqlite_get_affected_rows(uinf) == 0 ) { res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Could not find any user account with uid %i", uid); @@ -488,10 +520,14 @@ static xmlDoc *useracc_delete(eurephiaCTX *ctx, const unsigned int uid) { // Delete the user res = sqlite_query(ctx, "DELETE FROM openvpn_users WHERE uid = '%i'", uid); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { + xmlNode *err_n = NULL; + eurephia_log(ctx, LOG_FATAL, 0, "Could not delete the user account (uid %i)", uid); - res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + err_n = sqlite_log_error_xml(ctx, res); + res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Failed to delete the user account (uid %i)", uid); + xmlFreeNode(err_n); } else if( sqlite_get_affected_rows(res) == 0 ) { res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Could not find any user account with uid %i", uid); @@ -606,10 +642,13 @@ xmlDoc *adminacclvl_Get(eurephiaCTX *ctx, eDBfieldMap *fmap) { " FROM eurephia_adminaccess eac" " LEFT JOIN openvpn_users USING(uid)", NULL, fmap, "uid, interface, access"); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Error querying the database for a access levels"); - return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + tmp_n = sqlite_log_error_xml(ctx, res); + doc = eurephiaXML_ResultMsg(ctx, exmlERROR, tmp_n, "Error querying the database for a access levels"); + xmlFreeNode(tmp_n); + goto exit; } eurephiaXML_CreateDoc(ctx, 1, "admin_access_list", &doc, &root_n); @@ -628,6 +667,7 @@ xmlDoc *adminacclvl_Get(eurephiaCTX *ctx, eDBfieldMap *fmap) { tmp_n = sqlite_xml_value(acl_n, XML_NODE, "access", res, i, 3); sqlite_xml_value(tmp_n, XML_ATTR, "interface", res, i, 2); } + exit: sqlite_free_results(res); return doc; } @@ -639,7 +679,7 @@ xmlDoc *adminacclvl_Get(eurephiaCTX *ctx, eDBfieldMap *fmap) { xmlDoc *eDBadminAccessLevel(eurephiaCTX *ctx, xmlDoc *qryxml) { dbresult *sqlres = NULL; xmlDoc *res_d = NULL; - xmlNode *qry_n = NULL, *fmap_n = NULL; + xmlNode *qry_n = NULL, *fmap_n = NULL, *err_n = NULL; eDBfieldMap *fmap_m = NULL; char *mode = NULL; @@ -675,17 +715,19 @@ xmlDoc *eDBadminAccessLevel(eurephiaCTX *ctx, xmlDoc *qryxml) { if( strcmp(mode, "grant") == 0 ) { sqlres = sqlite_query_mapped(ctx, SQL_INSERT, "INSERT INTO eurephia_adminaccess", fmap_m, NULL, NULL); - if( sqlres && (sqlite_get_affected_rows(sqlres) > 0) ) { + if( (sqlite_query_status(sqlres) == dbSUCCESS) && (sqlite_get_affected_rows(sqlres) > 0) ) { res_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Access level %s (%s) was granted to uid %s", eDBmappingGetValue(fmap_m, FIELD_ACCESSLVL), eDBmappingGetValue(fmap_m, FIELD_INTERFACE), eDBmappingGetValue(fmap_m, FIELD_UID)); + } else if( sqlite_query_status(sqlres) == dbERROR ) { + err_n = sqlite_log_error_xml(ctx, sqlres); } } else if( strcmp(mode, "revoke") == 0 ) { sqlres = sqlite_query_mapped(ctx, SQL_DELETE, "DELETE FROM eurephia_adminaccess", NULL, fmap_m, NULL); - if( sqlres && (sqlite_get_affected_rows(sqlres) > 0) ) { + if( (sqlite_query_status(sqlres) == dbSUCCESS) && (sqlite_get_affected_rows(sqlres) > 0) ) { const char *uid = eDBmappingGetValue(fmap_m, FIELD_UID); const char *acclvl = eDBmappingGetValue(fmap_m, FIELD_ACCESSLVL); @@ -699,18 +741,21 @@ xmlDoc *eDBadminAccessLevel(eurephiaCTX *ctx, xmlDoc *qryxml) { "%i access levels was removed from uid %s", sqlite_get_affected_rows(sqlres), uid); } - } + } else if( sqlite_query_status(sqlres) == dbERROR ) { + err_n = sqlite_log_error_xml(ctx, sqlres); + } } else if( strcmp(mode, "list") == 0 ) { res_d = adminacclvl_Get(ctx, fmap_m); } if( res_d == NULL ) { eurephia_log(ctx, LOG_ERROR, 0, "Failed to update admin access"); - res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Failed to complete %s operation", mode); + res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Failed to complete %s operation", mode); } - if( sqlres ) { - sqlite_free_results(sqlres); + if( err_n != NULL ) { + xmlFreeNode(err_n); } + sqlite_free_results(sqlres); eDBfreeMapping(fmap_m); return res_d; diff --git a/database/sqlite/administration/usercerts.c b/database/sqlite/administration/usercerts.c index 8c7e5fd..8e654ab 100644 --- a/database/sqlite/administration/usercerts.c +++ b/database/sqlite/administration/usercerts.c @@ -92,8 +92,10 @@ xmlDoc *usercerts_search(eurephiaCTX *ctx, eDBfieldMap *where_m, const char *sor NULL, // values (not used for SELECT) where_m, // fields and values for the WHERE clause dbsort); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_ERROR, 0, "Could not query the usercerts table"); + sqlite_log_error(ctx, res); + sqlite_free_results(res); return NULL; } @@ -154,7 +156,7 @@ xmlDoc *usercerts_add_del(eurephiaCTX *ctx, const char *mode, eDBfieldMap *usrcr if( strcmp(mode, "register") == 0 ) { dbres = sqlite_query_mapped(ctx, SQL_INSERT, "INSERT INTO openvpn_usercerts", usrcrt_m, NULL, NULL); - if( dbres ) { + if( sqlite_query_status(dbres) == dbSUCCESS ) { res = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Registered new user-cert link with id %i", dbres->last_insert_id); @@ -162,7 +164,7 @@ xmlDoc *usercerts_add_del(eurephiaCTX *ctx, const char *mode, eDBfieldMap *usrcr } else if( strcmp(mode, "remove") == 0 ) { dbres = sqlite_query_mapped(ctx, SQL_DELETE, "DELETE FROM openvpn_usercerts", NULL, usrcrt_m, NULL); - if( dbres ) { + if( sqlite_query_status(dbres) == dbSUCCESS ) { int num_rows = sqlite_get_affected_rows(dbres); if( num_rows > 0 ) { res = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, @@ -175,12 +177,15 @@ xmlDoc *usercerts_add_del(eurephiaCTX *ctx, const char *mode, eDBfieldMap *usrcr } } - if( dbres == NULL ) { + if( sqlite_query_status(dbres) != dbSUCCESS ) { + xmlNode *tmp_n = NULL; + eurephia_log(ctx, LOG_ERROR, 0, "Failed to %s user-cert link.", mode); - res = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Failed to %s user-cert link", mode); - } else { - sqlite_free_results(dbres); + tmp_n = sqlite_log_error_xml(ctx, dbres); + res = eurephiaXML_ResultMsg(ctx, exmlERROR, tmp_n, "Failed to %s user-cert link", mode); + xmlFreeNode(tmp_n); } + sqlite_free_results(dbres); return res; } @@ -220,7 +225,7 @@ xmlDoc *usercerts_update(eurephiaCTX *ctx, const char *uicid, eDBfieldMap *usrcr // Send update query to the database dbres = sqlite_query_mapped(ctx, SQL_UPDATE, "UPDATE openvpn_usercerts", usrcrt_m, where_m, NULL); - if( dbres ) { + if( sqlite_query_status(dbres) == dbSUCCESS ) { int num_rows = sqlite_get_affected_rows(dbres); if( num_rows > 0 ) { res = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, @@ -230,12 +235,16 @@ xmlDoc *usercerts_update(eurephiaCTX *ctx, const char *uicid, eDBfieldMap *usrcr res = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "No user-cert links where updated"); } - sqlite_free_results(dbres); } else { + xmlNode *err_n = NULL; + eurephia_log(ctx, LOG_ERROR, 0, "Failed to update user-cert link.(uicid: %s)", uicid); - res = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + err_n = sqlite_log_error_xml(ctx, dbres); + res = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, "Failed to update user-cert link for uicid %s", uicid); + xmlFreeNode(err_n); } + sqlite_free_results(dbres); eDBfreeMapping(where_m); xmlFreeDoc(where_d); diff --git a/database/sqlite/edb-sqlite.c b/database/sqlite/edb-sqlite.c index 1727eb3..d9d4af6 100644 --- a/database/sqlite/edb-sqlite.c +++ b/database/sqlite/edb-sqlite.c @@ -37,7 +37,7 @@ #include <unistd.h> #include <assert.h> -#define DRIVERVERSION "1.1" /**< Defines the software version of this driver */ +#define DRIVERVERSION "1.2" /**< Defines the software version of this driver */ #ifndef DRIVERAPIVERSION # define DRIVERAPIVERSION 2 /**< Sets the API version level of this driver */ #endif @@ -102,7 +102,6 @@ int eDB_DriverAPIVersion() { * local functions */ - /** * Internal driver function for simplifying update of openvpn_blacklist. It will simply just * update the 'last_accessed' field in the blacklist table. @@ -117,9 +116,10 @@ void update_attempts(eurephiaCTX *ctx, const char *blid) { res = sqlite_query(ctx, "UPDATE openvpn_blacklist " " SET last_accessed = CURRENT_TIMESTAMP WHERE blid = %q", blid); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update openvpn_blacklist.last_accessed for blid=%s", blid); + sqlite_log_error(ctx, res); } sqlite_free_results(res); } @@ -167,7 +167,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) // Load configuration parameters into memory eurephia_log(ctx, LOG_INFO, 1, "Reading config from database (openvpn_config)"); res = sqlite_query(ctx, "SELECT datakey, dataval FROM openvpn_config"); - if( res != NULL ) { + if( sqlite_query_status(res) == dbSUCCESS ) { int i = 0; eurephiaVALUES *cfg = NULL; @@ -180,9 +180,11 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) for( i = 0; i < sqlite_get_numtuples(res); i++ ) { eAdd_value(ctx, cfg, sqlite_get_value(res, i, 0), sqlite_get_value(res, i, 1)); } - sqlite_free_results(res); ctx->dbc->config = cfg; - } + } else { + sqlite_log_error(ctx, res); + } + sqlite_free_results(res); return 1; } @@ -238,10 +240,9 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char " AND email='%q' AND depth='%i' AND lower(cert.digest)=lower('%q')%c", org, cname, email, depth, digest, 0); - if( res != NULL ) { + if( sqlite_query_status(res) == dbSUCCESS ) { certid = atoi_nullsafe(sqlite_get_value(res, 0, 0)); blid = strdup_nullsafe(sqlite_get_value(res, 0, 1)); - sqlite_free_results(res); // Check if the certificate is blacklisted or not. blid != NULL when blacklisted if( blid != NULL ) { @@ -254,7 +255,9 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char free_nullsafe(ctx, blid); } else { eurephia_log(ctx, LOG_FATAL, 0, "Could not look up certificate information"); + sqlite_log_error(ctx, res); } + sqlite_free_results(res); DEBUG(ctx, 20, "Result function call: eDBauth_TLS(ctx, '%s', '%s', '%s', '%s', %i) - %i", org, cname, email, digest, depth, certid); @@ -289,9 +292,11 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const certid, username); memset(crpwd, 0, strlen_nullsafe(crpwd)); free_nullsafe(ctx, crpwd); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not lookup user in database (certid %i, username '%s'", certid, username); + sqlite_log_error(ctx, res); + sqlite_free_results(res); return 0; } @@ -347,12 +352,12 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const upd = sqlite_query(ctx, "UPDATE openvpn_users SET last_accessed = CURRENT_TIMESTAMP" " WHERE uid = %i", uid); - if( upd == NULL ) { + if( sqlite_query_status(upd) != dbSUCCESS) { eurephia_log(ctx, LOG_ERROR, 0, "Could not update last access status for uid %i", uid); - } else { - sqlite_free_results(upd); + sqlite_log_error(ctx, upd); } + sqlite_free_results(upd); } } else { eurephia_log(ctx, LOG_WARNING, 0, "Authentication failed for user '%s'. " @@ -384,8 +389,11 @@ int eDBget_uid(eurephiaCTX *ctx, const int certid, const char *username) " JOIN openvpn_users USING (uid) " " WHERE certid = '%i' AND username = '%q'", certid, username); - if( (res == NULL) || (sqlite_get_numtuples(res) != 1) ) { + if( (sqlite_query_status(res) != dbSUCCESS) || (sqlite_get_numtuples(res) != 1) ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not lookup userid for user '%s'", username); + if( sqlite_query_status(res) == dbERROR ) { + sqlite_log_error(ctx, res); + } ret = -1; } else { ret = atoi_nullsafe(sqlite_get_value(res, 0, 0)); @@ -414,10 +422,8 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) (strlen_nullsafe(eDBattempt_types[type].value_func) > 0 ? "(" : ""), val, (strlen_nullsafe(eDBattempt_types[type].value_func) > 0 ? ")" : "")); - if( blr != NULL ) { + if( sqlite_query_status(blr) == dbSUCCESS ) { blid = strdup_nullsafe(sqlite_get_value(blr, 0, 0)); - sqlite_free_results(blr); - blr = NULL; if( blid != NULL ) { eurephia_log(ctx, LOG_WARNING, 0, "Attempt from blacklisted %s: %s", @@ -429,7 +435,9 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) } else { eurephia_log(ctx, LOG_FATAL, 0, "Querying openvpn_blacklist for blacklisted %s failed", eDBattempt_types[type].descr); + sqlite_log_error(ctx, blr); } + sqlite_free_results(blr); if( blacklisted == 0 ) { // Check if this [type] has been attempted earlier - if it has reaced the maximum @@ -439,11 +447,10 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) defaultValue(eGet_value(ctx->dbc->config, eDBattempt_types[type].allow_cfg), eDBattempt_types[type].default_value), eDBattempt_types[type].colname_where, val); - if( atpr != NULL ) { + + if( sqlite_query_status(atpr) == dbSUCCESS ) { atpid = strdup_nullsafe(sqlite_get_value(atpr, 0, 0)); atpexceed = atoi_nullsafe(sqlite_get_value(atpr, 0, 1)); - sqlite_free_results(atpr); - atpr = NULL; // If [type] has reached attempt limit and it is not black listed, black list it if( (atpexceed > 0) && (blid == NULL) ) { @@ -453,20 +460,22 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) blr = sqlite_query(ctx, "INSERT INTO openvpn_blacklist (%s) VALUES ('%q')", eDBattempt_types[type].colname, val); - if( blr == NULL ) { + if( sqlite_query_status(blr) != dbSUCCESS ) { eurephia_log(ctx, LOG_CRITICAL, 0, "Could not blacklist %s (%s)", eDBattempt_types[type].descr, val); + sqlite_log_error(ctx, blr); } - sqlite_free_results(blr); blacklisted = 1; // [type] is blacklisted + sqlite_free_results(blr); } free_nullsafe(ctx, atpid); } else { eurephia_log(ctx, LOG_CRITICAL, 0, "Querying openvpn_attempts for blacklisted %s failed", eDBattempt_types[type].descr); + sqlite_log_error(ctx, blr); } - free_nullsafe(ctx, atpr); + sqlite_free_results(atpr); } free_nullsafe(ctx, blid); @@ -506,8 +515,10 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value value, (strlen_nullsafe(eDBattempt_types[type].value_func) > 0 ? ")" : "") ); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not look up atpid in openvpn_attempts"); + sqlite_log_error(ctx, res); + sqlite_free_results(res); return; } @@ -545,10 +556,11 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value break; } } - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_CRITICAL, 0, "Could not update openvpn_attempts for %s = %s", eDBattempt_types[type].colname, value); + sqlite_log_error(ctx, res); } sqlite_free_results(res); @@ -559,9 +571,10 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value eDBattempt_types[type].descr, value); res = sqlite_query(ctx, "INSERT INTO openvpn_blacklist (%s) VALUES ('%q')", eDBattempt_types[type].colname, value); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_CRITICAL, 0, "Could not blacklist %s: %s", eDBattempt_types[type].descr, value); + sqlite_log_error(ctx, res); } sqlite_free_results(res); } @@ -579,6 +592,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, const char *vpnipaddr, const char *vpnipmask) { dbresult *res = NULL; + int ret = 0; DEBUG(ctx, 20, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')", skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask); @@ -595,13 +609,17 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, " sessionstatus, sessionkey, login) " "VALUES (%i, %i, '%q','%q','%q','%q','%q', 1,'%q', CURRENT_TIMESTAMP)", uid, certid, proto, remipaddr, remport, vpnipaddr, vpnipmask, skey->sessionkey); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not insert new session into openvpn_lastlog"); - return 0; + sqlite_log_error(ctx, res); + ret = 0; + } else { + skey->sessionstatus = SESSION_REGISTERED; + ret = 1; } sqlite_free_results(res); - skey->sessionstatus = SESSION_REGISTERED; - return 1; + + return ret; } /** @@ -610,6 +628,7 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const char *macaddr) { dbresult *res = NULL; + int ret = 0; DEBUG(ctx, 20, "Function call: eDBregister_vpnmacaddr(ctx, '%s', '%s')", session->sessionkey, macaddr); @@ -622,9 +641,11 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha // Register MAC address into history table res = sqlite_query(ctx, "INSERT INTO openvpn_macaddr_history (sessionkey, macaddr) VALUES ('%q','%q')", session->sessionkey, macaddr); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Failed to log new MAC address for session"); - return 0; + sqlite_log_error(ctx, res); + ret = 0; + goto exit; } sqlite_free_results(res); @@ -632,20 +653,23 @@ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const cha res = sqlite_query(ctx, "UPDATE openvpn_lastlog SET sessionstatus = 2, macaddr = '%q' " " WHERE sessionkey = '%q' AND sessionstatus = 1", macaddr, session->sessionkey); - if( res == NULL ) { + if( sqlite_query_status(res) == dbSUCCESS ) { + // Save the MAC address in the session values register - needed for the destroy session + if( eDBset_session_value(ctx, session, "macaddr", macaddr) == 0 ) { + eurephia_log(ctx, LOG_FATAL, 0, "Could not save MAC address into session variables"); + ret = 0; + } else { + ret = 1; + } + } else { eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with new MAC address for session"); - return 0; - - } - sqlite_free_results(res); - - // Save the MAC address in the session values register - needed for the destroy session - if( eDBset_session_value(ctx, session, "macaddr", macaddr) == 0 ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not save MAC address into session variables"); - return 0; + sqlite_log_error(ctx, res); + ret = 0; } - return 1; + exit: + sqlite_free_results(res); + return ret; } @@ -656,6 +680,7 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, const char *bytes_sent, const char *bytes_received, const char *duration) { dbresult *res = NULL; + int ret = 0; DEBUG(ctx, 20, "Function call: eDBregister_logout(ctx, '%s', %s, %s)", skey->sessionkey, bytes_sent, bytes_received); @@ -667,14 +692,16 @@ int eDBregister_logout(eurephiaCTX *ctx, eurephiaSESSION *skey, " WHERE sessionkey = '%q' AND sessionstatus = 2", atoi_nullsafe(bytes_sent), atoi_nullsafe(bytes_received), atoi_nullsafe(duration), skey->sessionkey); - if( res == NULL ) { + if( sqlite_query_status(res) == dbSUCCESS ) { + skey->sessionstatus = SESSION_LOGGEDOUT; + ret = 1; + } else { eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with logout information (%s)", skey->sessionkey); - return 0; + ret = 0; } sqlite_free_results(res); - skey->sessionstatus = SESSION_LOGGEDOUT; - return 1; + return ret; } @@ -719,14 +746,16 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, sessionType type, const char *ses return NULL; } - if( res == NULL ) { + if( sqlite_query_status(res) == dbSUCCESS ) { + if( sqlite_get_numtuples(res) == 1 ) { + skey = strdup_nullsafe(sqlite_get_value(res, 0, 0)); + } else { + skey = NULL; + } + } else { eurephia_log(ctx, LOG_FATAL, 0,"Could not retrieve sessionkey from openvpn_sessionkeys (%s)", sessionseed); - return NULL; - } - if( sqlite_get_numtuples(res) == 1 ) { - skey = strdup_nullsafe(sqlite_get_value(res, 0, 0)); - } else { + sqlite_log_error(ctx, res); skey = NULL; } sqlite_free_results(res); @@ -751,12 +780,14 @@ char *eDBget_sessionkey_macaddr(eurephiaCTX *ctx, const char *macaddr) { " WHERE sessionstatus = 3 " " AND datakey = 'macaddr'" " AND dataval = '%q'", macaddr); - if( res == NULL ) { + if( sqlite_query_status(res) == dbSUCCESS ) { + skey = strdup_nullsafe(sqlite_get_value(res, 0, 0)); + } else { eurephia_log(ctx, LOG_FATAL, 0, "Could not remove session from database (MAC addr: %s)", macaddr); - return 0; + sqlite_log_error(ctx, res); + skey = NULL; } - skey = strdup_nullsafe(sqlite_get_value(res, 0, 0)); sqlite_free_results(res); return skey; @@ -797,12 +828,14 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { break; } - if( res == NULL ) { + if( sqlite_query_status(res) == dbSUCCESS ) { + uniq = atoi_nullsafe(sqlite_get_value(res, 0, 0)); + } else { eurephia_log(ctx, LOG_FATAL, 0, "eDBcheck_sessionkey_uniqness: Could not check uniqueness of sessionkey"); - return 0; + sqlite_log_error(ctx, res); + uniq = 0; } - uniq = atoi_nullsafe(sqlite_get_value(res, 0, 0)); sqlite_free_results(res); return uniq; @@ -814,6 +847,7 @@ int eDBcheck_sessionkey_uniqueness(eurephiaCTX *ctx, const char *seskey) { */ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seskey) { dbresult *res; + int ret = 0; DEBUG(ctx, 20, "eDBregister_sessionkey(ctx, '%s', '%s')", seed, seskey); if( (seed == NULL) || (seskey == NULL) ) { @@ -825,13 +859,16 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske res = sqlite_query(ctx, "INSERT INTO openvpn_sessionkeys (sessionseed, sessionkey) VALUES('%q','%q')", seed, seskey); - if( res == NULL ) { + if( sqlite_query_status(res) == dbSUCCESS ) { + ret = 1; + } else { eurephia_log(ctx, LOG_FATAL, 0, "eDBregister_sessionkey: Error registering sessionkey into openvpn_sessionkeys"); - return 0; + sqlite_log_error(ctx, res); + ret = 0; } sqlite_free_results(res); - return 1; + return ret; } /** @@ -845,6 +882,7 @@ int eDBregister_sessionkey(eurephiaCTX *ctx, const char *seed, const char *seske */ int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) { dbresult *res; + int ret = 0; DEBUG(ctx, 20, "eDBremove_sessionkey(ctx, '%s')", seskey); if( seskey == NULL ) { @@ -854,13 +892,15 @@ int eDBremove_sessionkey(eurephiaCTX *ctx, const char *seskey) { } res = sqlite_query(ctx, "DELETE FROM openvpn_sessionkeys WHERE sessionkey = '%q'", seskey); - if( res == NULL ) { + if( sqlite_query_status(res) == dbSUCCESS ) { + ret = 1; + } else { eurephia_log(ctx, LOG_FATAL, 0, "eDBremove_sessionkey: Error removing sessionkey from openvpn_sessionkeys"); - return 0; + ret = 0; } sqlite_free_results(res); - return 1; + return ret; } /** @@ -881,7 +921,7 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) { res = sqlite_query(ctx, "SELECT datakey, dataval FROM openvpn_sessions WHERE sessionkey = '%q'", sesskey); - if( (res != NULL) || (sqlite_get_numtuples(res) > 0) ) { + if( sqlite_query_status(res) == dbSUCCESS ) { for( i = 0; i < sqlite_get_numtuples(res); i++ ) { eAdd_value(ctx, sessvals, sqlite_get_value(res, i, 0), @@ -890,7 +930,7 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) { } else { eurephia_log(ctx, LOG_CRITICAL, 0, "Could not load session values for session '%s'", sesskey); - + sqlite_log_error(ctx,res); } sqlite_free_results(res); return sessvals; @@ -902,6 +942,7 @@ eurephiaVALUES *eDBload_sessiondata(eurephiaCTX *ctx, const char *sesskey) { int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, const char *key, const char *val) { dbresult *res = NULL; + int ret = 0; if( session == NULL ) { DEBUG(ctx, 20, @@ -917,11 +958,12 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, res = sqlite_query(ctx, "INSERT INTO openvpn_sessions (sessionkey, datakey, dataval) " "VALUES ('%q','%q','%q')", session->sessionkey, key, val); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not register new session variable into database: [%s] %s = %s", session->sessionkey, key, val); - return 0; + sqlite_log_error(ctx, res); + goto exit; } break; @@ -930,10 +972,11 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, "UPDATE openvpn_sessions SET dataval = '%q' " " WHERE sessionkey = '%q' AND datakey = '%q'", val, session->sessionkey, key); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not update session variable: [%s] %s = %s ", session->sessionkey, key, val); - return 0; + sqlite_log_error(ctx, res); + goto exit; } break; @@ -942,10 +985,11 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, "DELETE FROM openvpn_sessions " " WHERE sessionkey = '%q' AND datakey = '%q'", session->sessionkey, key); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not delete session variable: [%s] %s", session->sessionkey, key); - return 0; + sqlite_log_error(ctx, res); + goto exit; } break; @@ -953,8 +997,10 @@ int eDBstore_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, int mode, eurephia_log(ctx, LOG_FATAL, 0, "Unknown eDBstore_session_value mode '%i'", mode); return 0; } + exit: + ret = (sqlite_query_status(res) == dbSUCCESS ? 1 : 0); sqlite_free_results(res); - return 1; + return ret; } @@ -977,9 +1023,11 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { "UPDATE openvpn_lastlog " " SET sessionstatus = 4, session_deleted = CURRENT_TIMESTAMP " " WHERE sessionkey = '%q' AND sessionstatus = 3", session->sessionkey); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not update session status in lastlog (%s))", session->sessionkey); + sqlite_log_error(ctx, res); + sqlite_free_results(res); return 0; } sqlite_free_results(res); @@ -987,9 +1035,11 @@ int eDBdestroy_session(eurephiaCTX *ctx, eurephiaSESSION *session) { // Delete session variables res = sqlite_query(ctx, "DELETE FROM openvpn_sessions WHERE sessionkey = '%q'", session->sessionkey); - if( res == NULL ) { + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not delete session variables (%s))", session->sessionkey); + sqlite_log_error(ctx, res); + sqlite_free_results(res); return 0; } sqlite_free_results(res); @@ -1019,12 +1069,14 @@ char *eDBget_firewall_profile(eurephiaCTX *ctx, eurephiaSESSION *session) " JOIN openvpn_usercerts USING(certid, uid)" " JOIN openvpn_accesses USING(accessprofile)" " WHERE sessionkey = '%q'", session->sessionkey); - if( res == NULL ) { + if( sqlite_query_status(res) == dbSUCCESS ) { + ret = strdup_nullsafe(sqlite_get_value(res, 0, 0)); + } else { eurephia_log(ctx, LOG_FATAL, 0, "Could not retrieve firewall profile for session '%s'", session->sessionkey); - return NULL; + sqlite_log_error(ctx, res); + ret = NULL; } - ret = strdup_nullsafe(sqlite_get_value(res, 0, 0)); sqlite_free_results(res); return ret; } @@ -1042,16 +1094,18 @@ eurephiaVALUES *eDBget_blacklisted_ip(eurephiaCTX *ctx) { DEBUG(ctx, 20, "Function call: eDBget_blacklisted_ip(ctx)"); res = sqlite_query(ctx, "SELECT remoteip FROM openvpn_blacklist WHERE remoteip IS NOT NULL"); - if( res == NULL ) { + if( sqlite_query_status(res) == dbSUCCESS ) { + ret = eCreate_value_space(ctx, 21); + for( i = 0; i < sqlite_get_numtuples(res); i++ ) { + if( (ip = sqlite_get_value(res, i, 0)) != NULL ) { + eAdd_value(ctx, ret, NULL, ip); + } + } + } else { eurephia_log(ctx, LOG_FATAL, 0, "Could not retrieve blacklisted IP addresses from the database"); - return NULL; - } - ret = eCreate_value_space(ctx, 21); - for( i = 0; i < sqlite_get_numtuples(res); i++ ) { - if( (ip = sqlite_get_value(res, i, 0)) != NULL ) { - eAdd_value(ctx, ret, NULL, ip); - } + sqlite_log_error(ctx, res); + ret = NULL; } sqlite_free_results(res); |