src/modules/rlm_linelog/rlm_linelog.c

   1 /*
   2  * rlm_linelog.c
   3  *
   4  * Version:     $Id$
   5  *
   6  *   This program is free software; you can redistribute it and/or modify
   7  *   it under the terms of the GNU General Public License as published by
   8  *   the Free Software Foundation; either version 2 of the License, or
   9  *   (at your option) any later version.
  10  *
  11  *   This program is distributed in the hope that it will be useful,
  12  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *   GNU General Public License for more details.
  15  *
  16  *   You should have received a copy of the GNU General Public License
  17  *   along with this program; if not, write to the Free Software
  18  *   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
  19  *
  20  * Copyright 2004,2006  The FreeRADIUS server project
  21  * Copyright 2004  Alan DeKok <aland@freeradius.org>
  22  */
  23
  24 RCSID("$Id$")
  25
  26 #include <freeradius-devel/radiusd.h>
  27 #include <freeradius-devel/modules.h>
  28 #include <freeradius-devel/rad_assert.h>
  29 #include <freeradius-devel/exfile.h>
  30
  31 #ifdef HAVE_FCNTL_H
  32 #include <fcntl.h>
  33 #endif
  34
  35 #ifdef HAVE_UNISTD_H
  36 #include <unistd.h>
  37 #endif
  38
  39 #ifdef HAVE_GRP_H
  40 #include <grp.h>
  41 #endif
  42
  43 #ifdef HAVE_SYSLOG_H
  44 #include <syslog.h>
  45
  46 #ifndef LOG_INFO
  47 #define LOG_INFO (0)
  48 #endif
  49 #endif
  50
  51 /*
  52  *      Define a structure for our module configuration.
  53  */
  54 typedef struct rlm_linelog_t {
  55         CONF_SECTION    *cs;
  56         char const      *filename;
  57
  58         bool            escape;                 //!< do filename escaping, yes / no
  59
  60         xlat_escape_t escape_func;      //!< escape function
  61
  62         char const      *syslog_facility;       //!< Syslog facility string.
  63         char const      *syslog_severity;       //!< Syslog severity string.
  64         int             syslog_priority;        //!< Bitwise | of severity and facility.
  65
  66         uint32_t        permissions;
  67         char const      *group;
  68         char const      *line;
  69         char const      *reference;
  70         exfile_t        *ef;
  71 } rlm_linelog_t;
  72
  73 /*
  74  *      A mapping of configuration file names to internal variables.
  75  *
  76  *      Note that the string is dynamically allocated, so it MUST
  77  *      be freed.  When the configuration file parse re-reads the string,
  78  *      it free's the old one, and strdup's the new one, placing the pointer
  79  *      to the strdup'd string into 'config.string'.  This gets around
  80  *      buffer over-flows.
  81  */
  82 static const CONF_PARSER module_config[] = {
  83         { "filename", FR_CONF_OFFSET(PW_TYPE_FILE_OUTPUT | PW_TYPE_REQUIRED | PW_TYPE_XLAT, rlm_linelog_t, filename), NULL },
  84         { "escape_filenames", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, rlm_linelog_t, escape), "no" },
  85         { "syslog_facility", FR_CONF_OFFSET(PW_TYPE_STRING, rlm_linelog_t, syslog_facility), NULL },
  86         { "syslog_severity", FR_CONF_OFFSET(PW_TYPE_STRING, rlm_linelog_t, syslog_severity), "info" },
  87         { "permissions", FR_CONF_OFFSET(PW_TYPE_INTEGER, rlm_linelog_t, permissions), "0600" },
  88         { "group", FR_CONF_OFFSET(PW_TYPE_STRING, rlm_linelog_t, group), NULL },
  89         { "format", FR_CONF_OFFSET(PW_TYPE_STRING | PW_TYPE_XLAT, rlm_linelog_t, line), NULL },
  90         { "reference", FR_CONF_OFFSET(PW_TYPE_STRING | PW_TYPE_XLAT, rlm_linelog_t, reference), NULL },
  91         { NULL, -1, 0, NULL, NULL }             /* end the list */
  92 };
  93
  94
  95 /*
  96  *      Instantiate the module.
  97  */
  98 static int mod_instantiate(CONF_SECTION *conf, void *instance)
  99 {
 100         rlm_linelog_t *inst = instance;
 101         int num;
 102
 103         if (!inst->filename) {
 104                 cf_log_err_cs(conf, "No value provided for 'filename'");
 105                 return -1;
 106         }
 107
 108         /*
 109          *      Escape filenames only if asked.
 110          */
 111         if (inst->escape) {
 112                 inst->escape_func = rad_filename_escape;
 113         } else {
 114                 inst->escape_func = rad_filename_make_safe;
 115         }
 116
 117 #ifndef HAVE_SYSLOG_H
 118         if (strcmp(inst->filename, "syslog") == 0) {
 119                 cf_log_err_cs(conf, "Syslog output is not supported on this system");
 120                 return -1;
 121         }
 122 #else
 123
 124         if (inst->syslog_facility) {
 125                 num = fr_str2int(syslog_facility_table, inst->syslog_facility, -1);
 126                 if (num < 0) {
 127                         cf_log_err_cs(conf, "Invalid syslog facility \"%s\"", inst->syslog_facility);
 128                         return -1;
 129                 }
 130
 131                 inst->syslog_priority |= num;
 132         }
 133
 134         num = fr_str2int(syslog_severity_table, inst->syslog_severity, -1);
 135         if (num < 0) {
 136                 cf_log_err_cs(conf, "Invalid syslog severity \"%s\"", inst->syslog_severity);
 137                 return -1;
 138         }
 139         inst->syslog_priority |= num;
 140 #endif
 141
 142         if (!inst->line && !inst->reference) {
 143                 cf_log_err_cs(conf, "Must specify a log format, or reference");
 144                 return -1;
 145         }
 146
 147         inst->ef = exfile_init(inst, 64, 30, true);
 148         if (!inst->ef) {
 149                 cf_log_err_cs(conf, "Failed creating log file context");
 150                 return -1;
 151         }
 152
 153         inst->cs = conf;
 154         return 0;
 155 }
 156
 157
 158 /*
 159  *      Escape unprintable characters.
 160  */
 161 static size_t linelog_escape_func(UNUSED REQUEST *request,
 162                 char *out, size_t outlen, char const *in,
 163                 UNUSED void *arg)
 164 {
 165         int len = 0;
 166
 167         if (outlen == 0) return 0;
 168         if (outlen == 1) {
 169                 *out = '\0';
 170                 return 0;
 171         }
 172
 173         while (in[0]) {
 174                 if (in[0] >= ' ') {
 175                         if (in[0] == '\\') {
 176                                 if (outlen <= 2) break;
 177                                 outlen--;
 178                                 *out++ = '\\';
 179                                 len++;
 180                         }
 181
 182                         outlen--;
 183                         if (outlen == 1) break;
 184                         *out++ = *in++;
 185                         len++;
 186                         continue;
 187                 }
 188
 189                 switch (in[0]) {
 190                 case '\n':
 191                         if (outlen <= 2) break;
 192                         *out++ = '\\';
 193                         *out++ = 'n';
 194                         in++;
 195                         len += 2;
 196                         break;
 197
 198                 case '\r':
 199                         if (outlen <= 2) break;
 200                         *out++ = '\\';
 201                         *out++ = 'r';
 202                         in++;
 203                         len += 2;
 204                         break;
 205
 206                 default:
 207                         if (outlen <= 4) break;
 208                         snprintf(out, outlen,  "\\%03o", (uint8_t) *in);
 209                         in++;
 210                         out += 4;
 211                         outlen -= 4;
 212                         len += 4;
 213                         break;
 214                 }
 215         }
 216
 217         *out = '\0';
 218         return len;
 219 }
 220
 221 static rlm_rcode_t CC_HINT(nonnull) mod_do_linelog(void *instance, REQUEST *request)
 222 {
 223         int fd = -1;
 224         char *p;
 225         char line[4096];
 226         rlm_linelog_t *inst = (rlm_linelog_t*) instance;
 227         char const *value = inst->line;
 228
 229 #ifdef HAVE_GRP_H
 230         gid_t gid;
 231         char *endptr;
 232 #endif
 233
 234         line[0] = '\0';
 235
 236         if (inst->reference) {
 237                 CONF_ITEM *ci;
 238                 CONF_PAIR *cp;
 239
 240                 p = line + 1;
 241
 242                 if (radius_xlat(p, sizeof(line) - 2, request, inst->reference, linelog_escape_func, NULL) < 0) {
 243                         return RLM_MODULE_FAIL;
 244                 }
 245
 246                 line[0] = '.';  /* force to be in current section */
 247
 248                 /*
 249                  *      Don't allow it to go back up
 250                  */
 251                 if (line[1] == '.') goto do_log;
 252
 253                 ci = cf_reference_item(NULL, inst->cs, line);
 254                 if (!ci) {
 255                         RDEBUG2("No such entry \"%s\"", line);
 256                         return RLM_MODULE_NOOP;
 257                 }
 258
 259                 if (!cf_item_is_pair(ci)) {
 260                         RDEBUG2("Entry \"%s\" is not a variable assignment ", line);
 261                         goto do_log;
 262                 }
 263
 264                 cp = cf_item_to_pair(ci);
 265                 value = cf_pair_value(cp);
 266                 if (!value) {
 267                         RDEBUG2("Entry \"%s\" has no value", line);
 268                         goto do_log;
 269                 }
 270
 271                 /*
 272                  *      Value exists, but is empty.  Don't log anything.
 273                  */
 274                 if (!*value) return RLM_MODULE_OK;
 275         }
 276
 277  do_log:
 278         /*
 279          *      FIXME: Check length.
 280          */
 281         if (strcmp(inst->filename, "syslog") != 0) {
 282                 char path[2048];
 283
 284                 if (radius_xlat(path, sizeof(path), request, inst->filename, inst->escape_func, NULL) < 0) {
 285                         return RLM_MODULE_FAIL;
 286                 }
 287
 288                 /* check path and eventually create subdirs */
 289                 p = strrchr(path, '/');
 290                 if (p) {
 291                         *p = '\0';
 292                         if (rad_mkdir(path, 0700, -1, -1) < 0) {
 293                                 RERROR("rlm_linelog: Failed to create directory %s: %s", path, fr_syserror(errno));
 294                                 return RLM_MODULE_FAIL;
 295                         }
 296                         *p = '/';
 297                 }
 298
 299                 fd = exfile_open(inst->ef, path, inst->permissions, true);
 300                 if (fd < 0) {
 301                         ERROR("rlm_linelog: Failed to open %s: %s", path, fr_syserror(errno));
 302                         return RLM_MODULE_FAIL;
 303                 }
 304
 305                 if (inst->group != NULL) {
 306                         gid = strtol(inst->group, &endptr, 10);
 307                         if (*endptr != '\0') {
 308                                 if (rad_getgid(request, &gid, inst->group) < 0) {
 309                                         RDEBUG2("Unable to find system group \"%s\"", inst->group);
 310                                         goto skip_group;
 311                                 }
 312                         }
 313
 314                         if (chown(path, -1, gid) == -1) {
 315                                 RDEBUG2("Unable to change system group of \"%s\"", path);
 316                         }
 317                 }
 318         }
 319
 320  skip_group:
 321
 322         /*
 323          *      FIXME: Check length.
 324          */
 325         if (value && (radius_xlat(line, sizeof(line) - 1, request, value, linelog_escape_func, NULL) < 0)) {
 326                 if (fd >= 0) exfile_close(inst->ef, fd);
 327
 328                 return RLM_MODULE_FAIL;
 329         }
 330
 331         if (fd >= 0) {
 332                 strcat(line, "\n");
 333
 334                 if (write(fd, line, strlen(line)) < 0) {
 335                         ERROR("rlm_linelog: Failed writing: %s", fr_syserror(errno));
 336                         exfile_close(inst->ef, fd);
 337                         return RLM_MODULE_FAIL;
 338                 }
 339
 340                 exfile_close(inst->ef, fd);
 341
 342 #ifdef HAVE_SYSLOG_H
 343         } else {
 344                 syslog(inst->syslog_priority, "%s", line);
 345 #endif
 346         }
 347
 348         return RLM_MODULE_OK;
 349 }
 350
 351
 352 /*
 353  *      Externally visible module definition.
 354  */
 355 extern module_t rlm_linelog;
 356 module_t rlm_linelog = {
 357         .magic          = RLM_MODULE_INIT,
 358         .name           = "linelog",
 359         .type           = RLM_TYPE_HUP_SAFE,
 360         .inst_size      = sizeof(rlm_linelog_t),
 361         .config         = module_config,
 362         .instantiate    = mod_instantiate,
 363         .methods = {
 364                 [MOD_AUTHENTICATE]      = mod_do_linelog,
 365                 [MOD_AUTHORIZE]         = mod_do_linelog,
 366                 [MOD_PREACCT]           = mod_do_linelog,
 367                 [MOD_ACCOUNTING]        = mod_do_linelog,
 368                 [MOD_PRE_PROXY]         = mod_do_linelog,
 369                 [MOD_POST_PROXY]        = mod_do_linelog,
 370                 [MOD_POST_AUTH]         = mod_do_linelog,
 371 #ifdef WITH_COA
 372                 [MOD_RECV_COA]          = mod_do_linelog,
 373                 [MOD_SEND_COA]          = mod_do_linelog
 374 #endif
 375         },
 376 };