4 * Main SQL module file. Most ICRADIUS code is located in sql.c
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22 * Copyright 2012 Arran Cudbard-Bell <a.cudbardb@freeradius.org>
23 * Copyright 2000,2006 The FreeRADIUS server project
24 * Copyright 2000 Mike Machado <mike@innercite.com>
25 * Copyright 2000 Alan DeKok <aland@ox.org>
28 #include <freeradius-devel/ident.h>
33 #include <freeradius-devel/radiusd.h>
34 #include <freeradius-devel/modules.h>
35 #include <freeradius-devel/token.h>
36 #include <freeradius-devel/rad_assert.h>
42 static char *allowed_chars = NULL;
44 static const CONF_PARSER section_config[] = {
45 { "reference", PW_TYPE_STRING_PTR,
46 offsetof(rlm_sql_config_section_t, reference), NULL, ".query"},
48 {"logfile", PW_TYPE_STRING_PTR,
49 offsetof(rlm_sql_config_section_t, logfile), NULL, NULL},
50 {NULL, -1, 0, NULL, NULL}
53 static const CONF_PARSER module_config[] = {
54 {"driver",PW_TYPE_STRING_PTR,
55 offsetof(SQL_CONFIG,sql_driver), NULL, "mysql"},
56 {"server",PW_TYPE_STRING_PTR,
57 offsetof(SQL_CONFIG,sql_server), NULL, "localhost"},
58 {"port",PW_TYPE_STRING_PTR,
59 offsetof(SQL_CONFIG,sql_port), NULL, ""},
60 {"login", PW_TYPE_STRING_PTR,
61 offsetof(SQL_CONFIG,sql_login), NULL, ""},
62 {"password", PW_TYPE_STRING_PTR,
63 offsetof(SQL_CONFIG,sql_password), NULL, ""},
64 {"radius_db", PW_TYPE_STRING_PTR,
65 offsetof(SQL_CONFIG,sql_db), NULL, "radius"},
66 {"filename", PW_TYPE_FILENAME, /* for sqlite */
67 offsetof(SQL_CONFIG,sql_file), NULL, NULL},
68 {"read_groups", PW_TYPE_BOOLEAN,
69 offsetof(SQL_CONFIG,read_groups), NULL, "yes"},
70 {"readclients", PW_TYPE_BOOLEAN,
71 offsetof(SQL_CONFIG,do_clients), NULL, "no"},
72 {"deletestalesessions", PW_TYPE_BOOLEAN,
73 offsetof(SQL_CONFIG,deletestalesessions), NULL, "yes"},
74 {"sql_user_name", PW_TYPE_STRING_PTR,
75 offsetof(SQL_CONFIG,query_user), NULL, ""},
76 {"logfile", PW_TYPE_STRING_PTR,
77 offsetof(SQL_CONFIG,logfile), NULL, NULL},
78 {"default_user_profile", PW_TYPE_STRING_PTR,
79 offsetof(SQL_CONFIG,default_profile), NULL, ""},
80 {"nas_query", PW_TYPE_STRING_PTR,
81 offsetof(SQL_CONFIG,nas_query), NULL, "SELECT id,nasname,shortname,type,secret FROM nas"},
82 {"authorize_check_query", PW_TYPE_STRING_PTR,
83 offsetof(SQL_CONFIG,authorize_check_query), NULL, ""},
84 {"authorize_reply_query", PW_TYPE_STRING_PTR,
85 offsetof(SQL_CONFIG,authorize_reply_query), NULL, NULL},
86 {"authorize_group_check_query", PW_TYPE_STRING_PTR,
87 offsetof(SQL_CONFIG,authorize_group_check_query), NULL, ""},
88 {"authorize_group_reply_query", PW_TYPE_STRING_PTR,
89 offsetof(SQL_CONFIG,authorize_group_reply_query), NULL, ""},
90 {"group_membership_query", PW_TYPE_STRING_PTR,
91 offsetof(SQL_CONFIG,groupmemb_query), NULL, NULL},
92 #ifdef WITH_SESSION_MGMT
93 {"simul_count_query", PW_TYPE_STRING_PTR,
94 offsetof(SQL_CONFIG,simul_count_query), NULL, ""},
95 {"simul_verify_query", PW_TYPE_STRING_PTR,
96 offsetof(SQL_CONFIG,simul_verify_query), NULL, ""},
98 {"safe-characters", PW_TYPE_STRING_PTR,
99 offsetof(SQL_CONFIG,allowed_chars), NULL,
100 "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"},
103 * This only works for a few drivers.
105 {"query_timeout", PW_TYPE_INTEGER,
106 offsetof(SQL_CONFIG,query_timeout), NULL, NULL},
108 {NULL, -1, 0, NULL, NULL}
112 * Fall-Through checking function from rlm_files.c
114 static int fallthrough(VALUE_PAIR *vp)
117 tmp = pairfind(vp, PW_FALL_THROUGH, 0);
119 return tmp ? tmp->vp_integer : 0;
127 static int generate_sql_clients(SQL_INST *inst);
128 static size_t sql_escape_func(char *out, size_t outlen, const char *in);
133 * For selects the first value of the first column will be returned,
134 * for inserts, updates and deletes the number of rows afftected will be
137 static int sql_xlat(void *instance, REQUEST *request,
138 char *fmt, char *out, size_t freespace,
139 UNUSED RADIUS_ESCAPE_STRING func)
143 SQL_INST *inst = instance;
144 char querystr[MAX_QUERY_LEN];
145 char sqlusername[MAX_STRING_LEN];
151 * Add SQL-User-Name attribute just in case it is needed
152 * We could search the string fmt for SQL-User-Name to see if this is
155 sql_set_user(inst, request, sqlusername, NULL);
157 * Do an xlat on the provided string (nice recursive operation).
159 if (!radius_xlat(querystr, sizeof(querystr), fmt, request, sql_escape_func)) {
160 radlog(L_ERR, "rlm_sql (%s): xlat failed.",
161 inst->config->xlat_name);
165 sqlsocket = sql_get_socket(inst);
166 if (sqlsocket == NULL)
169 rlm_sql_query_log(inst, request, NULL, querystr);
172 * If the query starts with any of the following prefixes,
173 * then return the number of rows affected
175 if ((strncasecmp(querystr, "insert", 6) == 0) ||
176 (strncasecmp(querystr, "update", 6) == 0) ||
177 (strncasecmp(querystr, "delete", 6) == 0)) {
179 char buffer[21]; /* 64bit max is 20 decimal chars + null byte */
181 if (rlm_sql_query(&sqlsocket,inst,querystr)) {
182 sql_release_socket(inst,sqlsocket);
187 numaffected = (inst->module->sql_affected_rows)(sqlsocket,
189 if (numaffected < 1) {
190 RDEBUG("rlm_sql (%s): SQL query affected no rows",
191 inst->config->xlat_name);
195 * Don't chop the returned number if freespace is
196 * too small. This hack is necessary because
197 * some implementations of snprintf return the
198 * size of the written data, and others return
199 * the size of the data they *would* have written
200 * if the output buffer was large enough.
202 snprintf(buffer, sizeof(buffer), "%d", numaffected);
203 ret = strlen(buffer);
204 if (ret >= freespace){
205 RDEBUG("rlm_sql (%s): Can't write result, insufficient string space",
206 inst->config->xlat_name);
207 (inst->module->sql_finish_query)(sqlsocket,
209 sql_release_socket(inst,sqlsocket);
213 memcpy(out, buffer, ret + 1); /* we did bounds checking above */
215 (inst->module->sql_finish_query)(sqlsocket, inst->config);
216 sql_release_socket(inst,sqlsocket);
218 } /* else it's a SELECT statement */
220 if (rlm_sql_select_query(&sqlsocket,inst,querystr)){
221 sql_release_socket(inst,sqlsocket);
225 ret = rlm_sql_fetch_row(&sqlsocket, inst);
227 RDEBUG("SQL query did not succeed");
228 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
229 sql_release_socket(inst,sqlsocket);
233 row = sqlsocket->row;
235 RDEBUG("SQL query did not return any results");
236 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
237 sql_release_socket(inst,sqlsocket);
242 RDEBUG("Null value in first column");
243 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
244 sql_release_socket(inst,sqlsocket);
247 ret = strlen(row[0]);
248 if (ret >= freespace){
249 RDEBUG("Insufficient string space");
250 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
251 sql_release_socket(inst,sqlsocket);
255 strlcpy(out,row[0],freespace);
257 RDEBUG("sql_xlat finished");
259 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
260 sql_release_socket(inst,sqlsocket);
264 static int generate_sql_clients(SQL_INST *inst)
268 char querystr[MAX_QUERY_LEN];
270 char *prefix_ptr = NULL;
274 DEBUG("rlm_sql (%s): Processing generate_sql_clients",
275 inst->config->xlat_name);
277 /* NAS query isn't xlat'ed */
278 strlcpy(querystr, inst->config->nas_query, sizeof(querystr));
279 DEBUG("rlm_sql (%s) in generate_sql_clients: query is %s",
280 inst->config->xlat_name, querystr);
282 sqlsocket = sql_get_socket(inst);
283 if (sqlsocket == NULL)
285 if (rlm_sql_select_query(&sqlsocket,inst,querystr)){
289 while(rlm_sql_fetch_row(&sqlsocket, inst) == 0) {
291 row = sqlsocket->row;
295 * The return data for each row MUST be in the following order:
297 * 0. Row ID (currently unused)
298 * 1. Name (or IP address)
302 * 5. Virtual Server (optional)
305 radlog(L_ERR, "rlm_sql (%s): No row id found on pass %d",inst->config->xlat_name,i);
309 radlog(L_ERR, "rlm_sql (%s): No nasname found for row %s",inst->config->xlat_name,row[0]);
313 radlog(L_ERR, "rlm_sql (%s): No short name found for row %s",inst->config->xlat_name,row[0]);
317 radlog(L_ERR, "rlm_sql (%s): No secret found for row %s",inst->config->xlat_name,row[0]);
321 DEBUG("rlm_sql (%s): Read entry nasname=%s,shortname=%s,secret=%s",inst->config->xlat_name,
322 row[1],row[2],row[4]);
324 c = rad_malloc(sizeof(*c));
325 memset(c, 0, sizeof(*c));
327 #ifdef WITH_DYNAMIC_CLIENTS
335 prefix_ptr = strchr(row[1], '/');
337 c->prefix = atoi(prefix_ptr + 1);
338 if ((c->prefix < 0) || (c->prefix > 128)) {
339 radlog(L_ERR, "rlm_sql (%s): Invalid Prefix value '%s' for IP.",
340 inst->config->xlat_name, prefix_ptr + 1);
344 /* Replace '/' with '\0' */
349 * Always get the numeric representation of IP
351 if (ip_hton(row[1], AF_UNSPEC, &c->ipaddr) < 0) {
352 radlog(L_CONS|L_ERR, "rlm_sql (%s): Failed to look up hostname %s: %s",
353 inst->config->xlat_name,
354 row[1], fr_strerror());
359 ip_ntoh(&c->ipaddr, buffer, sizeof(buffer));
360 c->longname = strdup(buffer);
363 if (c->prefix < 0) switch (c->ipaddr.af) {
375 * Other values (secret, shortname, nastype, virtual_server)
377 c->secret = strdup(row[4]);
378 c->shortname = strdup(row[2]);
380 c->nastype = strdup(row[3]);
382 numf = (inst->module->sql_num_fields)(sqlsocket, inst->config);
383 if ((numf > 5) && (row[5] != NULL) && *row[5]) c->server = strdup(row[5]);
385 DEBUG("rlm_sql (%s): Adding client %s (%s, server=%s) to clients list",
386 inst->config->xlat_name,
387 c->longname,c->shortname, c->server ? c->server : "<none>");
388 if (!client_add(NULL, c)) {
389 sql_release_socket(inst, sqlsocket);
390 DEBUG("rlm_sql (%s): Failed to add client %s (%s) to clients list. Maybe there's a duplicate?",
391 inst->config->xlat_name,
392 c->longname,c->shortname);
397 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
398 sql_release_socket(inst, sqlsocket);
405 * Translate the SQL queries.
407 static size_t sql_escape_func(char *out, size_t outlen, const char *in)
413 * Non-printable characters get replaced with their
414 * mime-encoded equivalents.
417 strchr(allowed_chars, *in) == NULL) {
419 * Only 3 or less bytes available.
425 snprintf(out, outlen, "=%02X", (unsigned char) in[0]);
434 * Only one byte left.
454 * Set the SQL user name.
456 * We don't call the escape function here. The resulting string
457 * will be escaped later in the queries xlat so we don't need to
458 * escape it twice. (it will make things wrong if we have an
459 * escape candidate character in the username)
461 int sql_set_user(SQL_INST *inst, REQUEST *request, char *sqlusername, const char *username)
464 char tmpuser[MAX_STRING_LEN];
467 sqlusername[0]= '\0';
469 /* Remove any user attr we added previously */
470 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
472 if (username != NULL) {
473 strlcpy(tmpuser, username, sizeof(tmpuser));
474 } else if (strlen(inst->config->query_user)) {
475 radius_xlat(tmpuser, sizeof(tmpuser), inst->config->query_user, request, NULL);
480 strlcpy(sqlusername, tmpuser, MAX_STRING_LEN);
481 RDEBUG2("sql_set_user escaped user --> '%s'", sqlusername);
482 vp = radius_pairmake(request, &request->packet->vps,
483 "SQL-User-Name", NULL, 0);
485 radlog(L_ERR, "%s", fr_strerror());
489 strlcpy(vp->vp_strvalue, tmpuser, sizeof(vp->vp_strvalue));
490 vp->length = strlen(vp->vp_strvalue);
497 static void sql_grouplist_free (SQL_GROUPLIST **group_list)
503 *group_list = (*group_list)->next;
509 static int sql_get_grouplist (SQL_INST *inst, SQLSOCK *sqlsocket, REQUEST *request, SQL_GROUPLIST **group_list)
511 char querystr[MAX_QUERY_LEN];
514 SQL_GROUPLIST *group_list_tmp;
516 /* NOTE: sql_set_user should have been run before calling this function */
518 group_list_tmp = *group_list = NULL;
520 if (!inst->config->groupmemb_query ||
521 (inst->config->groupmemb_query[0] == 0))
524 if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, request, sql_escape_func)) {
525 radlog_request(L_ERR, 0, request, "xlat \"%s\" failed.",
526 inst->config->groupmemb_query);
530 if (rlm_sql_select_query(&sqlsocket, inst, querystr) < 0) {
533 while (rlm_sql_fetch_row(&sqlsocket, inst) == 0) {
534 row = sqlsocket->row;
538 RDEBUG("row[0] returned NULL");
539 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
540 sql_grouplist_free(group_list);
543 if (*group_list == NULL) {
544 *group_list = rad_malloc(sizeof(SQL_GROUPLIST));
545 group_list_tmp = *group_list;
547 rad_assert(group_list_tmp != NULL);
548 group_list_tmp->next = rad_malloc(sizeof(SQL_GROUPLIST));
549 group_list_tmp = group_list_tmp->next;
551 group_list_tmp->next = NULL;
552 strlcpy(group_list_tmp->groupname, row[0], MAX_STRING_LEN);
555 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
562 * sql groupcmp function. That way we can do group comparisons (in the users file for example)
563 * with the group memberships reciding in sql
564 * The group membership query should only return one element which is the username. The returned
565 * username will then be checked with the passed check string.
568 static int sql_groupcmp(void *instance, REQUEST *request, VALUE_PAIR *request_vp, VALUE_PAIR *check,
569 VALUE_PAIR *check_pairs, VALUE_PAIR **reply_pairs)
572 SQL_INST *inst = instance;
573 char sqlusername[MAX_STRING_LEN];
574 SQL_GROUPLIST *group_list, *group_list_tmp;
576 check_pairs = check_pairs;
577 reply_pairs = reply_pairs;
578 request_vp = request_vp;
580 RDEBUG("sql_groupcmp");
581 if (!check || !check->vp_strvalue || !check->length){
582 RDEBUG("sql_groupcmp: Illegal group name");
586 RDEBUG("sql_groupcmp: NULL request");
590 * Set, escape, and check the user attr here
592 if (sql_set_user(inst, request, sqlusername, NULL) < 0)
596 * Get a socket for this lookup
598 sqlsocket = sql_get_socket(inst);
599 if (sqlsocket == NULL) {
600 /* Remove the username we (maybe) added above */
601 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
606 * Get the list of groups this user is a member of
608 if (sql_get_grouplist(inst, sqlsocket, request, &group_list) < 0) {
609 radlog_request(L_ERR, 0, request,
610 "Error getting group membership");
611 /* Remove the username we (maybe) added above */
612 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
613 sql_release_socket(inst, sqlsocket);
617 for (group_list_tmp = group_list; group_list_tmp != NULL; group_list_tmp = group_list_tmp->next) {
618 if (strcmp(group_list_tmp->groupname, check->vp_strvalue) == 0){
619 RDEBUG("sql_groupcmp finished: User is a member of group %s",
621 /* Free the grouplist */
622 sql_grouplist_free(&group_list);
623 /* Remove the username we (maybe) added above */
624 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
625 sql_release_socket(inst, sqlsocket);
630 /* Free the grouplist */
631 sql_grouplist_free(&group_list);
632 /* Remove the username we (maybe) added above */
633 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
634 sql_release_socket(inst,sqlsocket);
636 RDEBUG("sql_groupcmp finished: User is NOT a member of group %s",
644 static int rlm_sql_process_groups(SQL_INST *inst, REQUEST *request, SQLSOCK *sqlsocket, int *dofallthrough)
646 VALUE_PAIR *check_tmp = NULL;
647 VALUE_PAIR *reply_tmp = NULL;
648 SQL_GROUPLIST *group_list, *group_list_tmp;
649 VALUE_PAIR *sql_group = NULL;
650 char querystr[MAX_QUERY_LEN];
655 * Get the list of groups this user is a member of
657 if (sql_get_grouplist(inst, sqlsocket, request, &group_list) < 0) {
658 radlog_request(L_ERR, 0, request, "Error retrieving group list");
662 for (group_list_tmp = group_list; group_list_tmp != NULL && *dofallthrough != 0; group_list_tmp = group_list_tmp->next) {
664 * Add the Sql-Group attribute to the request list so we know
665 * which group we're retrieving attributes for
667 sql_group = pairmake("Sql-Group", group_list_tmp->groupname, T_OP_EQ);
669 radlog_request(L_ERR, 0, request,
670 "Error creating Sql-Group attribute");
671 sql_grouplist_free(&group_list);
674 pairadd(&request->packet->vps, sql_group);
675 if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_group_check_query, request, sql_escape_func)) {
676 radlog_request(L_ERR, 0, request,
677 "Error generating query; rejecting user");
678 /* Remove the grouup we added above */
679 pairdelete(&request->packet->vps, PW_SQL_GROUP, 0);
680 sql_grouplist_free(&group_list);
683 rows = sql_getvpdata(inst, &sqlsocket, &check_tmp, querystr);
685 radlog_request(L_ERR, 0, request, "Error retrieving check pairs for group %s",
686 group_list_tmp->groupname);
687 /* Remove the grouup we added above */
688 pairdelete(&request->packet->vps, PW_SQL_GROUP, 0);
689 pairfree(&check_tmp);
690 sql_grouplist_free(&group_list);
692 } else if (rows > 0) {
694 * Only do this if *some* check pairs were returned
696 if (paircompare(request, request->packet->vps, check_tmp, &request->reply->vps) == 0) {
698 RDEBUG2("User found in group %s",
699 group_list_tmp->groupname);
701 * Now get the reply pairs since the paircompare matched
703 if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_group_reply_query, request, sql_escape_func)) {
704 radlog_request(L_ERR, 0, request, "Error generating query; rejecting user");
705 /* Remove the grouup we added above */
706 pairdelete(&request->packet->vps, PW_SQL_GROUP, 0);
707 pairfree(&check_tmp);
708 sql_grouplist_free(&group_list);
711 if (sql_getvpdata(inst, &sqlsocket, &reply_tmp, querystr) < 0) {
712 radlog_request(L_ERR, 0, request, "Error retrieving reply pairs for group %s",
713 group_list_tmp->groupname);
714 /* Remove the grouup we added above */
715 pairdelete(&request->packet->vps, PW_SQL_GROUP, 0);
716 pairfree(&check_tmp);
717 pairfree(&reply_tmp);
718 sql_grouplist_free(&group_list);
721 *dofallthrough = fallthrough(reply_tmp);
722 pairxlatmove(request, &request->reply->vps, &reply_tmp);
723 pairxlatmove(request, &request->config_items, &check_tmp);
727 * rows == 0. This is like having the username on a line
728 * in the user's file with no check vp's. As such, we treat
729 * it as found and add the reply attributes, so that we
730 * match expected behavior
733 RDEBUG2("User found in group %s",
734 group_list_tmp->groupname);
736 * Now get the reply pairs since the paircompare matched
738 if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_group_reply_query, request, sql_escape_func)) {
739 radlog_request(L_ERR, 0, request, "Error generating query; rejecting user");
740 /* Remove the grouup we added above */
741 pairdelete(&request->packet->vps, PW_SQL_GROUP, 0);
742 pairfree(&check_tmp);
743 sql_grouplist_free(&group_list);
746 if (sql_getvpdata(inst, &sqlsocket, &reply_tmp, querystr) < 0) {
747 radlog_request(L_ERR, 0, request, "Error retrieving reply pairs for group %s",
748 group_list_tmp->groupname);
749 /* Remove the grouup we added above */
750 pairdelete(&request->packet->vps, PW_SQL_GROUP, 0);
751 pairfree(&check_tmp);
752 pairfree(&reply_tmp);
753 sql_grouplist_free(&group_list);
756 *dofallthrough = fallthrough(reply_tmp);
757 pairxlatmove(request, &request->reply->vps, &reply_tmp);
758 pairxlatmove(request, &request->config_items, &check_tmp);
762 * Delete the Sql-Group we added above
763 * And clear out the pairlists
765 pairdelete(&request->packet->vps, PW_SQL_GROUP, 0);
766 pairfree(&check_tmp);
767 pairfree(&reply_tmp);
770 sql_grouplist_free(&group_list);
775 static int rlm_sql_detach(void *instance)
777 SQL_INST *inst = instance;
779 paircompare_unregister(PW_SQL_GROUP, sql_groupcmp);
784 if (inst->pool) sql_poolfree(inst);
786 if (inst->config->xlat_name) {
787 xlat_unregister(inst->config->xlat_name,(RAD_XLAT_FUNC)sql_xlat, instance);
788 free(inst->config->xlat_name);
792 * Free up dynamically allocated string pointers.
794 for (i = 0; module_config[i].name != NULL; i++) {
796 if (module_config[i].type != PW_TYPE_STRING_PTR) {
801 * Treat 'config' as an opaque array of bytes,
802 * and take the offset into it. There's a
803 * (char*) pointer at that offset, and we want
806 p = (char **) (((char *)inst->config) + module_config[i].offset);
807 if (!*p) { /* nothing allocated */
814 * Catch multiple instances of the module.
816 if (allowed_chars == inst->config->allowed_chars) {
817 allowed_chars = NULL;
826 * FIXME: Call the modules 'destroy' function?
828 lt_dlclose(inst->handle); /* ignore any errors */
836 static int parse_sub_section(CONF_SECTION *parent,
837 UNUSED SQL_INST *instance,
838 rlm_sql_config_section_t *config,
839 rlm_components_t comp)
843 const char *name = section_type_value[comp].section;
845 cs = cf_section_sub_find(parent, name);
847 radlog(L_INFO, "Couldn't find configuration for %s. Will return NOOP for calls from this section.", name);
852 if (cf_section_parse(cs, config, section_config) < 0) {
853 radlog(L_ERR, "Failed parsing configuration for section %s",
864 static int rlm_sql_instantiate(CONF_SECTION * conf, void **instance)
867 const char *xlat_name;
869 inst = rad_malloc(sizeof(SQL_INST));
870 memset(inst, 0, sizeof(SQL_INST));
873 * Export these methods, too. This avoids RTDL_GLOBAL.
875 inst->sql_set_user = sql_set_user;
876 inst->sql_get_socket = sql_get_socket;
877 inst->sql_release_socket = sql_release_socket;
878 inst->sql_escape_func = sql_escape_func;
879 inst->sql_query = rlm_sql_query;
880 inst->sql_select_query = rlm_sql_select_query;
881 inst->sql_fetch_row = rlm_sql_fetch_row;
883 inst->config = rad_malloc(sizeof(SQL_CONFIG));
884 memset(inst->config, 0, sizeof(SQL_CONFIG));
888 * If the configuration parameters can't be parsed, then fail.
890 if ((cf_section_parse(conf, inst->config, module_config) < 0) ||
891 (parse_sub_section(conf, inst,
892 &inst->config->accounting,
893 RLM_COMPONENT_ACCT) < 0) ||
894 (parse_sub_section(conf, inst,
895 &inst->config->postauth,
896 RLM_COMPONENT_POST_AUTH) < 0)) {
897 radlog(L_ERR, "Failed parsing configuration");
901 xlat_name = cf_section_name2(conf);
902 if (xlat_name == NULL) {
903 xlat_name = cf_section_name1(conf);
910 * Allocate room for <instance>-SQL-Group
912 group_name = rad_malloc((strlen(xlat_name) + 1 + 11) * sizeof(char));
913 sprintf(group_name,"%s-SQL-Group", xlat_name);
914 DEBUG("rlm_sql Creating new attribute %s",group_name);
916 memset(&flags, 0, sizeof(flags));
917 dict_addattr(group_name, 0, PW_TYPE_STRING, -1, flags);
918 dattr = dict_attrbyname(group_name);
920 radlog(L_ERR, "rlm_sql: Failed to create attribute %s",
928 if (inst->config->groupmemb_query &&
929 inst->config->groupmemb_query[0]) {
930 DEBUG("rlm_sql: Registering sql_groupcmp for %s",
932 paircompare_register(dattr->attr, PW_USER_NAME,
939 rad_assert(xlat_name);
942 * Register the SQL xlat function
944 inst->config->xlat_name = strdup(xlat_name);
945 xlat_register(xlat_name, (RAD_XLAT_FUNC)sql_xlat, inst);
948 * Sanity check for crazy people.
950 if (strncmp(inst->config->sql_driver, "rlm_sql_", 8) != 0) {
951 radlog(L_ERR, "\"%s\" is NOT an SQL driver!",
952 inst->config->sql_driver);
957 * Load the appropriate driver for our database
959 inst->handle = lt_dlopenext(inst->config->sql_driver);
960 if (inst->handle == NULL) {
961 radlog(L_ERR, "Could not link driver %s: %s",
962 inst->config->sql_driver,
964 radlog(L_ERR, "Make sure it (and all its dependent libraries!)"
965 "are in the search path of your system's ld.");
970 inst->module = (rlm_sql_module_t *) lt_dlsym(inst->handle,
971 inst->config->sql_driver);
973 radlog(L_ERR, "Could not link symbol %s: %s",
974 inst->config->sql_driver,
980 radlog(L_INFO, "rlm_sql (%s): Driver %s (module %s) loaded and linked",
981 inst->config->xlat_name, inst->config->sql_driver,
985 * Initialise the connection pool for this instance
987 radlog(L_INFO, "rlm_sql (%s): Attempting to connect to %s@%s:%s/%s",
988 inst->config->xlat_name, inst->config->sql_login,
989 inst->config->sql_server, inst->config->sql_port,
990 inst->config->sql_db);
992 if (sql_init_socketpool(inst) < 0)
995 if (inst->config->groupmemb_query &&
996 inst->config->groupmemb_query[0]) {
997 paircompare_register(PW_SQL_GROUP, PW_USER_NAME, sql_groupcmp, inst);
1000 if (inst->config->do_clients) {
1001 if (generate_sql_clients(inst) == -1){
1002 radlog(L_ERR, "Failed to load clients from SQL.");
1007 allowed_chars = inst->config->allowed_chars;
1011 return RLM_MODULE_OK;
1014 rlm_sql_detach(inst);
1020 static int rlm_sql_authorize(void *instance, REQUEST * request)
1022 VALUE_PAIR *check_tmp = NULL;
1023 VALUE_PAIR *reply_tmp = NULL;
1024 VALUE_PAIR *user_profile = NULL;
1026 int dofallthrough = 1;
1029 SQL_INST *inst = instance;
1030 char querystr[MAX_QUERY_LEN];
1031 char sqlusername[MAX_STRING_LEN];
1033 * the profile username is used as the sqlusername during
1034 * profile checking so that we don't overwrite the orignal
1035 * sqlusername string
1037 char profileusername[MAX_STRING_LEN];
1040 * Set, escape, and check the user attr here
1042 if (sql_set_user(inst, request, sqlusername, NULL) < 0)
1043 return RLM_MODULE_FAIL;
1049 sqlsocket = sql_get_socket(inst);
1050 if (sqlsocket == NULL) {
1051 /* Remove the username we (maybe) added above */
1052 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
1053 return RLM_MODULE_FAIL;
1058 * After this point, ALL 'return's MUST release the SQL socket!
1062 * Alright, start by getting the specific entry for the user
1064 if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_check_query, request, sql_escape_func)) {
1065 radlog_request(L_ERR, 0, request, "Error generating query; rejecting user");
1066 sql_release_socket(inst, sqlsocket);
1067 /* Remove the username we (maybe) added above */
1068 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
1069 return RLM_MODULE_FAIL;
1071 rows = sql_getvpdata(inst, &sqlsocket, &check_tmp, querystr);
1073 radlog_request(L_ERR, 0, request, "SQL query error; rejecting user");
1074 sql_release_socket(inst, sqlsocket);
1075 /* Remove the username we (maybe) added above */
1076 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
1077 pairfree(&check_tmp);
1078 return RLM_MODULE_FAIL;
1079 } else if (rows > 0) {
1081 * Only do this if *some* check pairs were returned
1083 if (paircompare(request, request->packet->vps, check_tmp, &request->reply->vps) == 0) {
1085 RDEBUG2("User found in radcheck table");
1087 if (inst->config->authorize_reply_query &&
1088 *inst->config->authorize_reply_query) {
1091 * Now get the reply pairs since the paircompare matched
1093 if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_reply_query, request, sql_escape_func)) {
1094 radlog_request(L_ERR, 0, request, "Error generating query; rejecting user");
1095 sql_release_socket(inst, sqlsocket);
1096 /* Remove the username we (maybe) added above */
1097 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
1098 pairfree(&check_tmp);
1099 return RLM_MODULE_FAIL;
1101 if (sql_getvpdata(inst, &sqlsocket, &reply_tmp, querystr) < 0) {
1102 radlog_request(L_ERR, 0, request, "SQL query error; rejecting user");
1103 sql_release_socket(inst, sqlsocket);
1104 /* Remove the username we (maybe) added above */
1105 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
1106 pairfree(&check_tmp);
1107 pairfree(&reply_tmp);
1109 return RLM_MODULE_FAIL;
1112 if (!inst->config->read_groups)
1113 dofallthrough = fallthrough(reply_tmp);
1114 pairxlatmove(request, &request->reply->vps, &reply_tmp);
1116 pairxlatmove(request, &request->config_items, &check_tmp);
1121 * Clear out the pairlists
1123 pairfree(&check_tmp);
1124 pairfree(&reply_tmp);
1127 * dofallthrough is set to 1 by default so that if the user information
1128 * is not found, we will still process groups. If the user information,
1129 * however, *is* found, Fall-Through must be set in order to process
1130 * the groups as well
1132 if (dofallthrough) {
1133 rows = rlm_sql_process_groups(inst, request, sqlsocket, &dofallthrough);
1135 radlog_request(L_ERR, 0, request, "Error processing groups; rejecting user");
1136 sql_release_socket(inst, sqlsocket);
1137 /* Remove the username we (maybe) added above */
1138 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
1139 return RLM_MODULE_FAIL;
1140 } else if (rows > 0) {
1146 * repeat the above process with the default profile or User-Profile
1148 if (dofallthrough) {
1149 int profile_found = 0;
1151 * Check for a default_profile or for a User-Profile.
1153 user_profile = pairfind(request->config_items, PW_USER_PROFILE, 0);
1154 if (inst->config->default_profile[0] != 0 || user_profile != NULL){
1155 char *profile = inst->config->default_profile;
1157 if (user_profile != NULL)
1158 profile = user_profile->vp_strvalue;
1159 if (profile && strlen(profile)){
1160 RDEBUG("Checking profile %s", profile);
1161 if (sql_set_user(inst, request, profileusername, profile) < 0) {
1162 radlog_request(L_ERR, 0, request, "Error setting profile; rejecting user");
1163 sql_release_socket(inst, sqlsocket);
1164 /* Remove the username we (maybe) added above */
1165 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
1166 return RLM_MODULE_FAIL;
1173 if (profile_found) {
1174 rows = rlm_sql_process_groups(inst, request, sqlsocket, &dofallthrough);
1176 radlog_request(L_ERR, 0, request, "Error processing profile groups; rejecting user");
1177 sql_release_socket(inst, sqlsocket);
1178 /* Remove the username we (maybe) added above */
1179 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
1180 return RLM_MODULE_FAIL;
1181 } else if (rows > 0) {
1187 /* Remove the username we (maybe) added above */
1188 pairdelete(&request->packet->vps, PW_SQL_USER_NAME, 0);
1189 sql_release_socket(inst, sqlsocket);
1192 RDEBUG("User %s not found", sqlusername);
1193 return RLM_MODULE_NOTFOUND;
1195 return RLM_MODULE_OK;
1200 * Generic function for failing between a bunch of queries.
1202 * Uses the same principle as rlm_linelog, expanding the 'reference' config
1203 * item using xlat to figure out what query it should execute.
1205 * If the reference matches multiple config items, and a query fails or
1206 * doesn't update any rows, the next matching config item is used.
1209 static int rlm_sql_redundant(SQL_INST *inst, REQUEST *request,
1210 rlm_sql_config_section_t *section)
1212 int ret = RLM_MODULE_OK;
1214 SQLSOCK *sqlsocket = NULL;
1216 int numaffected = 0;
1220 const char *attr = NULL;
1223 char path[MAX_STRING_LEN];
1224 char querystr[MAX_QUERY_LEN];
1225 char sqlusername[MAX_STRING_LEN];
1229 if (!section || !section->reference) {
1230 DEBUG("No configuration provided for this section");
1232 return RLM_MODULE_NOOP;
1235 sql_set_user(inst, request, sqlusername, NULL);
1237 if (section->reference[0] != '.')
1240 if (radius_xlat(p, (sizeof(path) - (p - path)) - 1,
1241 section->reference, request, NULL) < 0)
1242 return RLM_MODULE_FAIL;
1244 item = cf_reference_item(NULL, section->cs, path);
1246 return RLM_MODULE_FAIL;
1248 if (cf_item_is_section(item)){
1249 radlog(L_ERR, "Sections are not supported as references");
1251 return RLM_MODULE_FAIL;
1254 pair = cf_itemtopair(item);
1255 attr = cf_pair_attr(pair);
1257 RDEBUG2("Using query template '%s'", attr);
1259 sqlsocket = sql_get_socket(inst);
1260 if (sqlsocket == NULL)
1261 return RLM_MODULE_FAIL;
1264 value = cf_pair_value(pair);
1268 radius_xlat(querystr, sizeof(querystr), value, request,
1273 rlm_sql_query_log(inst, request, section, querystr);
1275 sql_ret = rlm_sql_query(&sqlsocket, inst, querystr);
1276 if (sql_ret == SQL_DOWN)
1277 return RLM_MODULE_FAIL;
1279 rad_assert(sqlsocket);
1282 * Assume all other errors are incidental, and just meant our
1283 * operation failed and its not a client or SQL syntax error.
1286 numaffected = (inst->module->sql_affected_rows)
1287 (sqlsocket, inst->config);
1288 if (numaffected > 0)
1291 RDEBUG("No records updated");
1294 (inst->module->sql_finish_query)(sqlsocket, inst->config);
1297 * We assume all entries with the same name form a redundant
1300 pair = cf_pair_find_next(section->cs, pair, attr);
1303 RDEBUG("No additional queries configured");
1305 ret = RLM_MODULE_NOOP;
1310 RDEBUG("Trying next query...");
1313 (inst->module->sql_finish_query)(sqlsocket, inst->config);
1317 sql_release_socket(inst, sqlsocket);
1323 radlog_request(L_DBG, 0, request, "Ignoring null query");
1325 sql_release_socket(inst, sqlsocket);
1327 return RLM_MODULE_NOOP;
1330 #ifdef WITH_ACCOUNTING
1333 * Accounting: Insert or update session data in our sql table
1335 static int rlm_sql_accounting(void *instance, REQUEST * request) {
1336 SQL_INST *inst = instance;
1338 return rlm_sql_redundant(inst, request, &inst->config->accounting);
1343 #ifdef WITH_SESSION_MGMT
1345 * See if a user is already logged in. Sets request->simul_count to the
1346 * current session count for this user.
1348 * Check twice. If on the first pass the user exceeds his
1349 * max. number of logins, do a second pass and validate all
1350 * logins by querying the terminal server (using eg. SNMP).
1353 static int rlm_sql_checksimul(void *instance, REQUEST * request) {
1355 SQL_INST *inst = instance;
1357 char querystr[MAX_QUERY_LEN];
1358 char sqlusername[MAX_STRING_LEN];
1361 char *call_num = NULL;
1364 uint32_t nas_addr = 0;
1367 /* If simul_count_query is not defined, we don't do any checking */
1368 if (!inst->config->simul_count_query ||
1369 (inst->config->simul_count_query[0] == 0)) {
1370 return RLM_MODULE_NOOP;
1373 if((request->username == NULL) || (request->username->length == 0)) {
1374 radlog_request(L_ERR, 0, request,
1375 "Zero Length username not permitted\n");
1376 return RLM_MODULE_INVALID;
1380 if(sql_set_user(inst, request, sqlusername, NULL) < 0)
1381 return RLM_MODULE_FAIL;
1383 radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, sql_escape_func);
1385 /* initialize the sql socket */
1386 sqlsocket = sql_get_socket(inst);
1387 if(sqlsocket == NULL)
1388 return RLM_MODULE_FAIL;
1390 if(rlm_sql_select_query(&sqlsocket, inst, querystr)) {
1391 sql_release_socket(inst, sqlsocket);
1392 return RLM_MODULE_FAIL;
1395 ret = rlm_sql_fetch_row(&sqlsocket, inst);
1397 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
1398 sql_release_socket(inst, sqlsocket);
1399 return RLM_MODULE_FAIL;
1402 row = sqlsocket->row;
1404 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
1405 sql_release_socket(inst, sqlsocket);
1406 return RLM_MODULE_FAIL;
1409 request->simul_count = atoi(row[0]);
1410 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
1412 if(request->simul_count < request->simul_max) {
1413 sql_release_socket(inst, sqlsocket);
1414 return RLM_MODULE_OK;
1418 * Looks like too many sessions, so let's start verifying
1419 * them, unless told to rely on count query only.
1421 if (!inst->config->simul_verify_query ||
1422 (inst->config->simul_verify_query[0] == '\0')) {
1423 sql_release_socket(inst, sqlsocket);
1424 return RLM_MODULE_OK;
1427 radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, sql_escape_func);
1428 if(rlm_sql_select_query(&sqlsocket, inst, querystr)) {
1429 sql_release_socket(inst, sqlsocket);
1430 return RLM_MODULE_FAIL;
1434 * Setup some stuff, like for MPP detection.
1436 request->simul_count = 0;
1438 if ((vp = pairfind(request->packet->vps, PW_FRAMED_IP_ADDRESS, 0)) != NULL)
1439 ipno = vp->vp_ipaddr;
1440 if ((vp = pairfind(request->packet->vps, PW_CALLING_STATION_ID, 0)) != NULL)
1441 call_num = vp->vp_strvalue;
1444 while (rlm_sql_fetch_row(&sqlsocket, inst) == 0) {
1445 row = sqlsocket->row;
1449 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
1450 sql_release_socket(inst, sqlsocket);
1451 RDEBUG("Cannot zap stale entry. No username present in entry.", inst->config->xlat_name);
1452 return RLM_MODULE_FAIL;
1455 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
1456 sql_release_socket(inst, sqlsocket);
1457 RDEBUG("Cannot zap stale entry. No session id in entry.", inst->config->xlat_name);
1458 return RLM_MODULE_FAIL;
1461 nas_addr = inet_addr(row[3]);
1463 nas_port = atoi(row[4]);
1465 check = rad_check_ts(nas_addr, nas_port, row[2], row[1]);
1469 * Stale record - zap it.
1471 if (inst->config->deletestalesessions == TRUE) {
1472 uint32_t framed_addr = 0;
1477 framed_addr = inet_addr(row[5]);
1479 if (strcmp(row[7], "PPP") == 0)
1481 else if (strcmp(row[7], "SLIP") == 0)
1485 sess_time = atoi(row[8]);
1486 session_zap(request, nas_addr, nas_port,
1487 row[2], row[1], framed_addr,
1491 else if (check == 1) {
1493 * User is still logged in.
1495 ++request->simul_count;
1498 * Does it look like a MPP attempt?
1500 if (row[5] && ipno && inet_addr(row[5]) == ipno)
1501 request->simul_mpp = 2;
1502 else if (row[6] && call_num &&
1503 !strncmp(row[6],call_num,16))
1504 request->simul_mpp = 2;
1508 * Failed to check the terminal server for
1509 * duplicate logins: return an error.
1511 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
1512 sql_release_socket(inst, sqlsocket);
1513 radlog_request(L_ERR, 0, request, "Failed to check the terminal server for user '%s'.", row[2]);
1514 return RLM_MODULE_FAIL;
1518 (inst->module->sql_finish_select_query)(sqlsocket, inst->config);
1519 sql_release_socket(inst, sqlsocket);
1522 * The Auth module apparently looks at request->simul_count,
1523 * not the return value of this module when deciding to deny
1524 * a call for too many sessions.
1526 return RLM_MODULE_OK;
1531 * Postauth: Write a record of the authentication attempt
1533 static int rlm_sql_postauth(void *instance, REQUEST * request) {
1534 SQL_INST *inst = instance;
1536 return rlm_sql_redundant(inst, request, &inst->config->postauth);
1540 * Execute postauth_query after authentication
1544 /* globally exported name */
1545 module_t rlm_sql = {
1548 RLM_TYPE_THREAD_SAFE, /* type: reserved */
1549 rlm_sql_instantiate, /* instantiation */
1550 rlm_sql_detach, /* detach */
1552 NULL, /* authentication */
1553 rlm_sql_authorize, /* authorization */
1554 NULL, /* preaccounting */
1555 #ifdef WITH_ACCOUNTING
1556 rlm_sql_accounting, /* accounting */
1560 #ifdef WITH_SESSION_MGMT
1561 rlm_sql_checksimul, /* checksimul */
1565 NULL, /* pre-proxy */
1566 NULL, /* post-proxy */
1567 rlm_sql_postauth /* post-auth */
projects / freeradius.git / blob