diff options
Diffstat (limited to 'database/sqlite')
| -rw-r--r-- | database/sqlite/edb-sqlite.c | 51 | ||||
| -rw-r--r-- | database/sqlite/sql-schema-delta-2.sql | 48 | ||||
| -rw-r--r-- | database/sqlite/sql-schema.sql | 5 |
3 files changed, 82 insertions, 22 deletions
diff --git a/database/sqlite/edb-sqlite.c b/database/sqlite/edb-sqlite.c index bd0d905..85b27d9 100644 --- a/database/sqlite/edb-sqlite.c +++ b/database/sqlite/edb-sqlite.c @@ -37,9 +37,9 @@ #include <unistd.h> #include <assert.h> -#define DRIVERVERSION "1.3" /**< Defines the software version of this driver */ +#define DRIVERVERSION "1.4" /**< Defines the software version of this driver */ #ifndef DRIVERAPIVERSION -# define DRIVERAPIVERSION 3 /**< Sets the API version level of this driver */ +# define DRIVERAPIVERSION 4 /**< Sets the API version level of this driver */ #endif #include <sqlite3.h> @@ -599,19 +599,18 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value free_nullsafe(ctx, blid); } - /** - * @copydoc eDBregister_login() + * @copydoc eDBregister_login2() */ -int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, const int uid, - const char *proto, const char *remipaddr, const char *remport, - const char *vpnipaddr, const char *vpnipmask) +int eDBregister_login2(eurephiaCTX *ctx, eurephiaSESSION *skey, + const int certid, const int uid, const int accessprofile, + const char *proto, const char *remipaddr, const char *remport) { dbresult *res = NULL; int ret = 0; - DEBUG(ctx, 20, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')", - skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask); + DEBUG(ctx, 20, "Function call: eDBregister_login2(ctx, '%s', %i, %i, '%s','%s','%s')", + skey->sessionkey, certid, uid, proto, remipaddr, remport); if( skey->sessionstatus != SESSION_NEW ) { eurephia_log(ctx, LOG_ERROR, 5, "Not a new session, will not register it again"); @@ -619,16 +618,17 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, } res = sqlite_query(ctx, - "INSERT INTO openvpn_lastlog (uid, certid, " + "INSERT INTO openvpn_lastlog (uid, certid, accessprofile," " protocol, remotehost, remoteport," - " vpnipaddr, vpnipmask," " sessionstatus, sessionkey, login) " - "VALUES (%i, %i, '%q','%q','%q','%q','%q', 1,'%q', CURRENT_TIMESTAMP)", - uid, certid, proto, remipaddr, remport, vpnipaddr, vpnipmask, skey->sessionkey); + "VALUES (%i,%i,%i,'%q','%q','%q',1,'%q',CURRENT_TIMESTAMP)", + uid, certid, accessprofile, + proto, remipaddr, remport, + skey->sessionkey); if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not insert new session into openvpn_lastlog"); sqlite_log_error(ctx, res); - ret = 0; + ret = 1; } else { skey->sessionstatus = SESSION_REGISTERED; ret = 1; @@ -639,6 +639,22 @@ int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, } /** + * @copydoc eDBregister_login() + * Just a function wrapper to support both the old and the newer eDBregister_login2() functions. + */ +int eDBregister_login(eurephiaCTX *ctx, eurephiaSESSION *skey, const int certid, const int uid, + const char *proto, const char *remipaddr, const char *remport, + const char *vpnipaddr, const char *vpnipmask) +{ + DEBUG(ctx, 20, "Function call: eDBregister_login(ctx, '%s', %i, %i, '%s','%s','%s','%s','%s')", + skey->sessionkey, certid, uid, proto, remipaddr, remport, vpnipaddr, vpnipmask); + eurephia_log(ctx, LOG_WARNING, 1, + "Using deprecated eDBregister_login() call, please update the eurephia-auth.so plug-in. " + "VPN IP address/mask will not be saved."); + return eDBregister_login2(ctx, skey, certid, uid, -1, proto, remipaddr, remport); +} + +/** * @copydoc eDBregister_vpnmacaddr() */ int eDBregister_vpnmacaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const char *macaddr) @@ -721,11 +737,10 @@ int eDBregister_vpnclientaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const } sqlite_free_results(res); - // Update lastlog to reflect last used MAC address for the session + // Update lastlog with a "connection open" status res = sqlite_query(ctx, - "UPDATE openvpn_lastlog SET sessionstatus = 2, macaddr = '%q', vpnipaddr = '%q', vpnipv6addr = '%q' " + "UPDATE openvpn_lastlog SET sessionstatus = 2 " " WHERE sessionkey = '%q' AND sessionstatus = 1", - (macaddr ? macaddr : ""), (vpnip4addr ? vpnip4addr : ""), (vpnip6addr ? vpnip6addr : ""), session->sessionkey); if( sqlite_query_status(res) == dbSUCCESS ) { // TAP mode: Save the MAC address in the session values register - needed for the destroy session @@ -736,7 +751,7 @@ int eDBregister_vpnclientaddr(eurephiaCTX *ctx, eurephiaSESSION *session, const ret = 1; } } else { - eurephia_log(ctx, LOG_FATAL, 0, "Could not update lastlog with new VPN client addresses for session"); + eurephia_log(ctx, LOG_FATAL, 0, "Could not update the session status in the lastlog"); sqlite_log_error(ctx, res); ret = 0; } diff --git a/database/sqlite/sql-schema-delta-2.sql b/database/sqlite/sql-schema-delta-2.sql new file mode 100644 index 0000000..52ca9ab --- /dev/null +++ b/database/sqlite/sql-schema-delta-2.sql @@ -0,0 +1,48 @@ +-- +-- eurephia database schema for SQLite3 +-- +-- This SQL scripts updates the previous SQL schema to the +-- new schema needed by edb-sqlite v1.4 +-- +-- GPLv2 only - Copyright (C) 2012 +-- David Sommerseth <dazo@users.sourceforge.net> +-- +-- This program is free software; you can redistribute it and/or +-- modify it under the terms of the GNU General Public License +-- as published by the Free Software Foundation; version 2 +-- of the License. +-- +-- This program is distributed in the hope that it will be useful, +-- but WITHOUT ANY WARRANTY; without even the implied warranty of +-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +-- GNU General Public License for more details. +-- +-- You should have received a copy of the GNU General Public License +-- along with this program; if not, write to the Free Software +-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +-- + +ALTER TABLE openvpn_lastlog RENAME TO openvpn_lastlog_old; +DROP INDEX openvpn_lastlog_sessionkey; + +CREATE TABLE openvpn_lastlog ( + uid integer , + certid integer , + accessprofile integer , + protocol varchar(4) NOT NULL, + remotehost varchar(128) NOT NULL, + remoteport integer NOT NULL, + sessionstatus integer NOT NULL DEFAULT 0, + sessionkey varchar(128) , + login timestamp , + logout timestamp , + session_deleted timestamp , + session_duration timestamp, + bytes_sent integer , + bytes_received integer , + llid integer PRIMARY KEY AUTOINCREMENT +); + +INSERT INTO openvpn_lastlog SELECT uid, certid, NULL, protocol, remotehost, remoteport, sessionstatus, sessionkey, login, logout, session_deleted, session_duration, bytes_sent, bytes_received, llid FROM openvpn_lastlog_old; +UPDATE sqlite_sequence SET seq = (SELECT max(llid) FROM openvpn_lastlog) WHERE name = 'openvpn_lastlog'; +CREATE UNIQUE INDEX openvpn_lastlog_sessionkey ON openvpn_lastlog(sessionkey); diff --git a/database/sqlite/sql-schema.sql b/database/sqlite/sql-schema.sql index 6d2befb..4d05222 100644 --- a/database/sqlite/sql-schema.sql +++ b/database/sqlite/sql-schema.sql @@ -66,13 +66,10 @@ CREATE TABLE openvpn_accesses ( CREATE TABLE openvpn_lastlog ( uid integer , certid integer , + accessprofile integer , protocol varchar(4) NOT NULL, remotehost varchar(128) NOT NULL, remoteport integer NOT NULL, - macaddr varchar(20) , - vpnipaddr varchar(32) NOT NULL, - vpnipmask varchar(32) NOT NULL, - vpnipv6addr varchar(48) , sessionstatus integer NOT NULL DEFAULT 0, sessionkey varchar(128) , login timestamp , |