summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* eurephiadm: Don't try to remove session file if it doesn't existrelease/1.1David Sommerseth2015-01-281-4/+4
| | | | | Signed-off-by: David Sommerseth <dazo@eurephia.org> (cherry picked from commit 7d3f9f1a97d5aeb3fbdb152f4ef070539a637adc)
* plugin: Don't treat not found sessions in eurephinalearn_address() as a failureDavid Sommerseth2015-01-081-1/+5
| | | | | | | | This function is called also with IP adresses from networks behind clients, and eurephia doesn't really need to process them. Signed-off-by: David Sommerseth <dazo@eurephia.org> (cherry picked from commit 31193a9d4f764bd54e00fc9e277c98319f198acd)
* plugin: Improved logging of not found addresses in eurephia_learn_addressDavid Sommerseth2015-01-081-3/+1
| | | | | | | | | | If routing subnets over the VPN tunnel, OpenVPN will learn addresses inside these subnets. As these IP addresses are not directly connected to a eurephia session, these errors can be silenced in normal operation. So this logging was moved to DEBUG(). Signed-off-by: David Sommerseth <dazo@eurephia.org> (cherry picked from commit 0628a765e4ecdf44a966b9a3fd6717aca9b9d09f)
* Correct ugly boundary checks in database initDavid Sommerseth2014-12-052-2/+2
| | | | | | | | The check if dbargc exceeds MAX_ARGUMENTS was done _after_ it was checked if the array element is NULL. This was not the intention. Signed-off-by: David Sommerseth <dazo@eurephia.org> (cherry picked from commit 51f8c8e930221cc5feeac4f84be5550b4e5be9dd)
* eurephia_init/benchmark: We don't need the result from the password hashingDavid Sommerseth2013-06-281-2/+1
| | | | | | | | This hash is only used to measure the hashing speed. We don't need to save this hash at this point. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> (cherry picked from commit 2ed21f9c05ed25d814034ad3ebb4cb6009543481)
* eurephia_init: Return with the proper exit codeDavid Sommerseth2013-06-281-1/+1
| | | | | Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> (cherry picked from commit 9aacd42cf3a4e0877c1d6f770d10a61276ef8a99)
* Removed some stray left-over variables no longer in useDavid Sommerseth2013-06-283-11/+3
| | | | | | | | These variables where used before the XML based response in the admin API was implemented. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> (cherry picked from commit 8eb493cb8fac488cbafe8af06f6f062fc659f4a3)
* Fixed issue with missing -ldl on unstable Debian (sid) distroDavid Sommerseth2013-06-281-0/+1
| | | | | | | | | | | Debian now requires explicit -ldl when linking eurephiadm and the other executables in ./utils. Presuming this will be an issue on other Linux distributions, so made this generic for Linux builds. Thanks to Alberto Gonzalez Iniesta for helping solving this. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> (cherry picked from commit 9dd9da8fb505e4b97035daa99e4507c33090ff15)
* sqlite3: Improve error handling if memory alloc fails for SQL query stringDavid Sommerseth2012-10-191-2/+8
| | | | | Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> (cherry picked from commit 2613675111387fb0753d31be74b5e0a362389ef8)
* eurephia-auth: Fixed a double-free situation with dev-type is not obviousDavid Sommerseth2012-10-111-3/+2
| | | | | | | | | | | | | | If OpenVPN is configured with a unkown --dev name and --dev-type is used, eurephia would in some specific situations double-free a memory region keeping the dev-type information. GETENV_*() functions returns a pointer to a buffer which is supposed to be free'd, but pointers returned by eGet_value() should not be free'd. And in the error situation if dev-type is not forced or detected, the memory allocated by GETENV_DEVNAME() was not properly free'd. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net> (cherry picked from commit 00bd0ac4cc901004aeaf4548813bb465bce5243f)
* Prepare to release v1.1.0v1.1.0David Sommerseth2012-10-092-3/+3
| | | | Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* SQLite: Move default installation path from /etc/openvpn to /var/lib/eurephiaDavid Sommerseth2012-10-092-2/+2
| | | | | | | Using /var/lib is more appropriate for the kind of database file eurephia uses and will also avoid other security restrictions on hardened installations as well. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* eurephiadm/users: Display remote IP address when displaying the lastlog on a ↵David Sommerseth2012-10-081-5/+31
| | | | | | | | | | | | | user In commit 35b61c51435d9f9095ced8949c045d50ac3c7018 the lastlog layout was changed. However, when displaying the lastlog for a particular user (eurephiadm users -s -l) the first column which was set to be username was empty. This patch will put the users remote IP address in the first column instead, while preserving the 'eurephiadm lastlog' layout. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Updated copyright datesDavid Sommerseth2012-10-08111-113/+113
| | | | Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* eurephiadm: Removed several memleaks in error situations or when --help was usedDavid Sommerseth2012-10-087-25/+62
| | | | | | | Most of the eurephiadm commands leaked some memory if an error occured or the --help screen was requested. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* eurephiadm: Fixed some memory cleanup with libxml2 and libxsltDavid Sommerseth2012-10-082-1/+5
| | | | | | | | Valgrind complained about reachable buffers within the libxml2 and libxslt functions. Found some init and cleanup functions which needed to be called to solve this. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* sqlite/admin: Report all timestamp fields with localtime instead of UTC/GMTDavid Sommerseth2012-10-087-12/+15
| | | | | | | | Made all SELECT queries which is used for reports to use the new 'locdt' SQL function on timestamp fields. This converts the UTC/GMT timestamps stored in the database to the correct timezone of the running admin client. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* sqlite: Added SQL function to convert datetime timestamps from UTC/GMT to ↵David Sommerseth2012-10-083-5/+85
| | | | | | | | | | | | | | localtime All CURRENT_TIMESTAMP calls are returned in UTC/GMT, and this value is stored in the database. When using eurephiadm to look at these datetime fields the UTC/GMT value is used, and needs to be taken in consideration when looking at the reports. This patch is the first step to handle the local time zone better. This patch also fixes the 'debug' program in sqlite.c, making use of the eurephia_log_init() and eurephia_log_close() calls for log preparations. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Fix bug with TUN mode disconnects being logged wrongly.David Sommerseth2012-09-131-8/+0
| | | | | | | | | | This fixes a bug which appeared with newer OpenVPN versions, where the OPENVPN_PLUGIN_LEARN_ADDRESS would be called in the end - also in tun mode. And with the clean-up in session seed, in regards to the netmask not being part of the session seed, this little code made things worse. So lets get rid of it! Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* sqlite3: Implement eDBregister_vpnclientaddr()David Sommerseth2012-09-133-10/+119
| | | | | | | | | | | | | This commit implements the eDBregister_vpnclientaddr() needed by the newer eurephia-auth plug-in. This is needed to improve the tun support in eurephia. In addition, this also updates the SQL schema to include IPv4 and in the future IPv6 addresses in the lastlog and VPN address history (openvpn_vpnaddr_history). The old openvpn_macaddr_history table is deprecated. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Only lookup function symbols for the administration API if the context is ↵David Sommerseth2012-09-131-11/+14
| | | | | | | | | correct This skips looking up all the eDBadmin*() functions if the context is unprivileged or the database interface is initialised by the OpenVPN plug-in Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Added a new database driver function: eDBregister_vpnclientaddr()David Sommerseth2012-09-133-13/+44
| | | | | | | | | | | | This function replaces eDBregister_vpnmacaddr(). This new function will in addition to the MAC address (if OpenVPN is running in TAP mode) also register the client's IPv4 VPN address. It's also prepared for logging the client's IPv6 VPN address. This function supports both TUN and TAP mode, while the old function only handled TAP mode. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Remove VPN IP netmask from session seedDavid Sommerseth2012-09-131-4/+4
| | | | | | | | | | | This is sometimes NULL, which is noticed more often when OpenVPN is configured in tun mode. This makes it difficult to identify the proper session key, as the seed isn't consistent. It does not affect much in regarding to the seed itself, as the netmask is most likely going to be the same for all clients anyhow. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* eurephia-auth: eurephiaInit() may not always return a contextDavid Sommerseth2012-01-051-1/+4
| | | | | | Check if we have a context available before setting ctx->tuntype. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* eurephiadm/lastlog: Replace session deleted timestamp with session statusDavid Sommerseth2012-01-021-13/+7
| | | | | | | It's more useful to see the session status in 'eurephiadm lastlog' than when the session was closed by eurephia in the non-verbose overview. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Modified the whole edb-sqlite driver to use a better error handlingDavid Sommerseth2011-12-1910-192/+397
| | | | | | | | | | | This will change the driver to use the new error routines made available in the SQLite3 framework. Some of the code is also restructured a little bit to simplify the code with these changes. The functionality should be the same as for, but better error messages are now sent back to the caller on the functions supporting XML. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Implemented better error handling in the SQLite3 frameworkDavid Sommerseth2011-12-192-18/+133
| | | | | | | | | | | | | | | | The core sqlite_query() function will now always return a pointer to a dbresult structure. This structure now contains a query status and the error message from the sqlite3 backend if something went wrong. This means that error checking from now on should use the sqlite_query_status() macro and not to check if sqlite_query() returns NULL. Another fundamental change is that sqlite_free_results() must always be called on the dbresult structure now, to free the memory used by either data from the query or the error message. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* common: Fixed an error in the veurephia_log() macroDavid Sommerseth2011-07-261-1/+1
| | | | | | | The argument list didn't match what the internal _veurephia_log_func() function expected. This error was introduced in commit ebf4e80250b525e17 Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Moved generic parts of the config file parser to the common libraryDavid Sommerseth2011-07-254-91/+197
| | | | | | | Modified the eurephiadm client_config section to make use of the common version as well. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* common: Rework eurephia_log() to include also veurephia_log()David Sommerseth2011-07-252-11/+53
| | | | | | | veurephia_log() is to eurephia_log() what vprintf() is to printf(), taking va_list and const char *fmt arguments directly. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* edb-sqlite: Fixed a typos and copyright noticesDavid Sommerseth2011-07-251-3/+4
| | | | Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Fixed several memleaks in the eurephiadm related code pathsDavid Sommerseth2011-01-105-6/+17
| | | | Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Look for endian.h in include/sys as well.David Sommerseth2010-12-312-1/+15
| | | | | | On FreeBSD the endian.h file is located in sys/endian.h. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Only look for dlopen() and dlclose() in libdl on LinuxDavid Sommerseth2010-12-311-2/+9
| | | | | | | Other platforms, like FreeBDS, have these functions in the standard libc library. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Explicit set library path for libxml2 and libxslt librariesDavid Sommerseth2010-12-311-0/+2
| | | | | | | On some platforms, CMake did not give this needed information to the linker. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Make use of more cross-platform friendly libc functionsDavid Sommerseth2010-12-311-3/+5
| | | | | | | | The initial implementation of the SHA512 hashing functions was tightly connected to glibc. This patch changes those few functions which is glibc to more portable functions. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Add paths and libaries for SQLite3 which pkg-config returnsDavid Sommerseth2010-12-311-1/+3
| | | | | | | | If SQLite3 was not installed in system paths, it would not be possible to compile the edb-sqlite driver due to include and library paths not being set. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Do not link in libdl explicitlyDavid Sommerseth2010-12-313-3/+3
| | | | | | | | | The functions related to dynamic loading of shared objects are a part of the standard libc library on FreeBSD, while in Linux it is in libdl. However, the linker on Linux seems to add the libdl linking automatically when needed, so no need to explicitly link this library. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Call 'find' properly in ./configureDavid Sommerseth2010-12-311-6/+6
| | | | | | | Some platforms expects a path to be given, so adding a relative path to the 'find' expressions. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* efw-iptables: Use the iptables conntrack moduleMatthew Gyurgyik2010-12-242-4/+5
| | | | | | | Make use of the iptables conntrack module instead of the older state module for stateful firewalling. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Added ./configure information to eurephiadm buildinfoDavid Sommerseth2010-12-212-1/+7
| | | | | | | This is to help debugging even further, to be able to reproduce as similar builds as possible. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* eurephiadm users: Revoke all admin access privileges when deleting a user ↵David Sommerseth2010-12-143-7/+45
| | | | | | | | | | account Matthew Gyurgyik noticed that when deleting a user account, the users granted access levels was still present. This resulted in a rather odd looking list when showing granted access levels. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Implemented proper TUN support in eurephiaDavid Sommerseth2010-12-147-23/+107
| | | | | | | | | | Now eurephia will support both TUN and TAP configurations in OpenVPN. Thanks to Tavis Paquette and Matthew Gyurgyik for their willingness to test out this patch. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* eurephiadm adminaccess: Corrected wrong error messageDavid Sommerseth2010-12-141-1/+1
| | | | Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Added a new eurephiaVALUES function: eClear_key_value()David Sommerseth2010-12-132-2/+16
| | | | | | | | This function clears the contents of a eurephiaVALUES key/value record. It will not remove the record from the stack, but only free the key and value pointers and sets them to NULL. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Fixed memory leak in eurephiaInit()David Sommerseth2010-12-051-2/+4
| | | | | | | | This memory leak got introduced with commit 525d75316848f79208101e48a54e2 which moves the daemonisation of the firewall thread. Two environment variables was not freed after usage. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Fixed a memory leak in eurephia_learn_address(...)David Sommerseth2010-12-051-0/+2
| | | | | | | The char buffer returned by eDBget_firewall_profile() must be freed after usage. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Time to give some creditsDavid Sommerseth2010-12-051-1/+17
| | | | | | | Big thanks to Konstantin Shabanov, Alberto G. Iniesta, Dario Minnucci and Tavis Paquette. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* eurephiadm config: Inform if the requested config variable is not foundDavid Sommerseth2010-12-051-1/+5
| | | | | | | This warning is written to stderr, to avoid breaking scripts which might depend on eurephiadm config's behaviour. Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
* Quick fix for typo 'Unkown'Dario Minnucci2010-12-011-1/+1
| | | | Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
generated by cgit (git 2.34.1) at 2024-04-27 15:56:43 +0000