24 RCSID(
"$Id: 0ccc8ea28de11438798089e91da51dcd85587257 $")
26 #include <freeradius-devel/radiusd.h>
27 #include <freeradius-devel/modules.h>
28 #include <freeradius-devel/rad_assert.h>
29 #include <freeradius-devel/detail.h>
30 #include <freeradius-devel/exfile.h>
100 return fr_hash(&da,
sizeof(da));
169 WARN(
"rlm_detail (%s): Ignoring duplicate entry '%s'", inst->
name, attr);
175 ERROR(
"rlm_detail (%s): Failed inserting '%s' into suppression table",
180 DEBUG(
"rlm_detail (%s): '%s' suppressed, will not appear in detail output", inst->
name, attr);
205 memcpy(vp, stacked,
sizeof(*vp));
225 if (
radius_xlat(timestamp,
sizeof(timestamp), request, inst->
header, NULL, NULL) < 0) {
229 #define WRITE(fmt, ...) do {\
230 if (fprintf(out, fmt, ## __VA_ARGS__) < 0) {\
231 RERROR("Failed writing to detail file: %s", fr_syserror(errno));\
236 WRITE(
"%s\n", timestamp);
249 WRITE(
"\tPacket-Type = %u\n", packet->
code);
256 memset(&src_vp, 0,
sizeof(src_vp));
257 memset(&dst_vp, 0,
sizeof(dst_vp));
285 src_vp.vp_integer = packet->
src_port;
287 dst_vp.vp_integer = packet->
dst_port;
306 if (compat && !vp->
da->
vendor && (vp->
da->
attr == PW_USER_PASSWORD))
continue;
323 if (request->
proxy) {
324 char proxy_buffer[INET6_ADDRSTRLEN];
327 proxy_buffer,
sizeof(proxy_buffer));
328 WRITE(
"\tFreeradius-Proxied-To = %s\n", proxy_buffer);
332 WRITE(
"\tTimestamp = %ld\n", (
unsigned long) request->
timestamp.tv_sec);
367 #ifdef WITH_ACCOUNTING
368 #if defined(HAVE_FNMATCH_H) && defined(FNM_FILE_NAME)
377 buffer, FNM_FILE_NAME | FNM_PERIOD ) == 0)) {
378 RWDEBUG2(
"Suppressing infinite loop");
390 if (inst->
group != NULL) {
391 gid = strtol(inst->
group, &endptr, 10);
392 if (*endptr !=
'\0') {
394 RDEBUG2(
"Unable to find system group '%s'", inst->
group);
399 if (chown(buffer, -1, gid) == -1) {
400 RDEBUG2(
"Unable to change system group of '%s'", buffer);
408 if ((outfp = fdopen(outfd,
"a")) == NULL) {
411 if (outfp) fclose(outfp);
416 if (
detail_write(outfp, inst, request, packet, compat) < 0)
goto fail;
439 RDEBUG(
"Suppressing writes to detail file as the request was just read from a detail file");
444 return detail_do(instance, request, request->packet,
true);
452 return detail_do(instance, request, request->packet,
false);
460 return detail_do(instance, request, request->reply,
false);
469 return detail_do(instance, request, request->packet,
false);
477 return detail_do(instance, request, request->reply,
false);
487 if (request->proxy && request->proxy->vps) {
488 return detail_do(instance, request, request->proxy,
false);
500 if (request->proxy_reply && request->proxy_reply->vps) {
501 return detail_do(instance, request, request->proxy_reply,
false);
511 if (!request->proxy_reply) {
532 .config = module_config,
5 methods index for preproxy section.
char const * filename
File/path to write to.
static int detail_write(FILE *out, rlm_detail_t *inst, REQUEST *request, RADIUS_PACKET *packet, bool compat)
Write a single detail entry to file pointer.
int fr_hash_table_insert(fr_hash_table_t *ht, void const *data)
#define DIRLEN
Maximum path length.
Instance configuration for rlm_detail.
void * fr_hash_table_finddata(fr_hash_table_t *ht, void const *data)
static rlm_rcode_t mod_accounting(void *instance, REQUEST *request)
Write accounting data to Couchbase documents.
The module is OK, continue.
bool locking
Whether the file should be locked.
xlat_escape_t escape_func
escape function
static rlm_rcode_t mod_post_auth(void *instance, REQUEST *request) CC_HINT(nonnull)
Metadata exported by the module.
uint32_t fr_hash(void const *, size_t)
char const * fr_packet_codes[FR_MAX_PACKET_CODE]
7 methods index for postauth section.
fr_ipaddr_t src_ipaddr
Src IP address of packet.
static rlm_rcode_t mod_authorize(void *instance, REQUEST *request)
Handle authorization requests using Couchbase document data.
size_t rad_filename_escape(UNUSED REQUEST *request, char *out, size_t outlen, char const *in, UNUSED void *arg)
Escapes the raw string such that it should be safe to use as part of a file path. ...
VALUE_PAIR * vps
Result of decoding the packet into VALUE_PAIRs.
#define CONF_PARSER_TERMINATOR
char const * inet_ntop(int af, void const *src, char *dst, size_t cnt)
VALUE_PAIR * fr_cursor_init(vp_cursor_t *cursor, VALUE_PAIR *const *node)
Setup a cursor to iterate over attribute pairs.
exfile_t * ef
Log file handler.
static void detail_fr_pair_fprint(TALLOC_CTX *ctx, FILE *out, VALUE_PAIR const *stacked)
char const * group
Group to use for new files.
static int detail_cmp(void const *a, void const *b)
size_t(* xlat_escape_t)(REQUEST *request, char *out, size_t outlen, char const *in, void *arg)
#define RLM_TYPE_HUP_SAFE
Will be restarted on HUP.
uint16_t dst_port
DST Port of packet.
uint16_t src_port
Src port of packet.
fr_ipaddr_t dst_ipaddr
Dst IP address of packet.
void fr_pair_fprint(FILE *, VALUE_PAIR const *vp)
Print one attribute and value to FP.
Defines a CONF_PAIR to C data type mapping.
Abstraction to allow iterating over different configurations of VALUE_PAIRs.
static uint32_t detail_hash(void const *data)
char const * header
Header format.
RFC2866 - Accounting-Response.
RADIUS_PACKET * proxy
Outgoing request to proxy server.
int rad_getgid(TALLOC_CTX *ctx, gid_t *out, char const *name)
Resolve a group name to a GID.
char const * fr_syserror(int num)
Guaranteed to be thread-safe version of strerror.
char const * cf_pair_attr(CONF_PAIR const *pair)
int exfile_open(exfile_t *lf, char const *filename, mode_t permissions, bool append)
Open a new log file, or maybe an existing one.
#define PW_TYPE_XLAT
string will be dynamically expanded.
CONF_PAIR * cf_item_to_pair(CONF_ITEM const *item)
Cast a CONF_ITEM to a CONF_PAIR.
unsigned int attr
Attribute number.
union fr_ipaddr_t::@1 ipaddr
unsigned int code
Packet code (type).
struct detail_instance rlm_detail_t
Instance configuration for rlm_detail.
3 methods index for accounting section.
unsigned int vendor
Vendor that defines this attribute.
Stores an attribute, a value and various bits of other data.
static int mod_instantiate(CONF_SECTION *conf, void *instance)
static int mod_detach(void *instance)
void void cf_log_err_cs(CONF_SECTION const *cs, char const *fmt,...) CC_HINT(format(printf
size_t rad_filename_make_safe(UNUSED REQUEST *request, char *out, size_t outlen, char const *in, UNUSED void *arg)
Ensures that a filename cannot walk up the directory structure.
bool cf_item_is_pair(CONF_ITEM const *item)
int exfile_unlock(exfile_t *lf, int fd)
bool log_srcdst
Add IP src/dst attributes to entries.
FR_TOKEN op
Operator to use when moving or inserting valuepair into a list.
enum rlm_rcodes rlm_rcode_t
Return codes indicating the result of the module call.
ssize_t radius_xlat(char *out, size_t outlen, REQUEST *request, char const *fmt, xlat_escape_t escape, void *escape_ctx) CC_HINT(nonnull(1
char const * fr_strerror(void)
Get the last library error.
#define RWDEBUG2(fmt,...)
static const CONF_PARSER module_config[]
CONF_SECTION * cf_section_sub_find(CONF_SECTION const *, char const *name)
Find a sub-section in a section.
void fr_hash_table_free(fr_hash_table_t *ht)
char const * cf_section_name1(CONF_SECTION const *cs)
Module succeeded without doing anything.
uint64_t magic
Used to validate module struct.
Module failed, don't reply.
#define PW_TYPE_FILE_OUTPUT
File matching value must exist, and must be writeable.
struct timeval timestamp
When we started processing the request.
#define FR_CONF_OFFSET(_n, _t, _s, _f)
VALUE_PAIR * fr_cursor_next(vp_cursor_t *cursor)
Advanced the cursor to the next VALUE_PAIR.
uint32_t perm
Permissions to use for new files.
fr_hash_table_t * fr_hash_table_create(TALLOC_CTX *ctx, fr_hash_table_hash_t hashNode, fr_hash_table_cmp_t cmpNode, fr_hash_table_free_t freeNode)
int fr_hash_table_num_elements(fr_hash_table_t *ht)
bool escape
do filename escaping, yes / no
CONF_ITEM * cf_item_find_next(CONF_SECTION const *section, CONF_ITEM const *item)
Return the next item after a CONF_ITEM.
6 methods index for postproxy section.
2 methods index for preacct section.
#define PW_TYPE_REQUIRED
Error out if no matching CONF_PAIR is found, and no dflt value is set.
8 methods index for recvcoa section.
exfile_t * exfile_init(TALLOC_CTX *ctx, uint32_t entries, uint32_t idle, bool locking)
Initialize a way for multiple threads to log to one or more files.
fr_dict_attr_t const * da
Dictionary attribute defines the attribute.
9 methods index for sendcoa section.
fr_dict_attr_t const * fr_dict_attr_by_num(fr_dict_t *dict, unsigned int vendor, unsigned int attr)
Lookup a fr_dict_attr_t by its vendor and attribute numbers.
String of printable characters.
1 methods index for authorize section.
char const * name
Instance name.
static rlm_rcode_t CC_HINT(nonnull)
#define is_radius_code(_x)
char const * cf_section_name2(CONF_SECTION const *cs)
fr_dict_attr_t const * fr_dict_attr_by_name(fr_dict_t *dict, char const *attr)
Locate a fr_dict_attr_t by its name.
fr_hash_table_t * ht
Holds suppressed attributes.