X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=src%2Fmain%2Fradwho.c;h=fec34c98b9371cb36dd251dd17cedec2d40b300e;hb=bca85674a83f94b9cfae0ebdc129bbaf645c8f7d;hp=08bbf265d262b1a3c019d04af6b923a1f637ce97;hpb=b47152b240acd21e87bcfdf2fd0563b39779ca80;p=freeradius.git diff --git a/src/main/radwho.c b/src/main/radwho.c index 08bbf26..fec34c9 100644 --- a/src/main/radwho.c +++ b/src/main/radwho.c @@ -1,3 +1,4 @@ +/*@-skipposixheaders@*/ /* * radwho.c Show who is logged in on the terminal servers. * Can also be installed as fingerd on the UNIX @@ -17,29 +18,26 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA * - * Copyright 2000 The FreeRADIUS server project + * Copyright 2000,2006 The FreeRADIUS server project * Copyright 2000 Alan DeKok */ -static const char rcsid[] = -"$Id$"; +#include +RCSID("$Id$") -#include "autoconf.h" -#include "libradius.h" +#include +#include +#include -#include -#include +#ifdef HAVE_PWD_H #include +#endif + #include -#include -#include -#include "sysutmp.h" -#include "radutmp.h" -#include "radiusd.h" -#include "conffile.h" +#include /* * FIXME: put in header file. @@ -50,19 +48,15 @@ static const char rcsid[] = /* * Header above output and format. */ -static const char *hdr1 = -"Login Name What TTY When From Location"; -static const char *ufmt1 = "%-10.10s %-17.17s %-5.5s %-4.4s %-9.9s %-9.9s %-.16s%s"; -static const char *ufmt1r = "%s,%s,%s,%s,%s,%s,%s%s"; -static const char *rfmt1 = "%-10.10s %-17.17s %-5.5s %s%-3d %-9.9s %-9.9s %-.19s%s"; -static const char *rfmt1r = "%s,%s,%s,%s%d,%s,%s,%s%s"; - -static const char *hdr2 = -"Login Port What When From Location"; -static const char *ufmt2 = "%-10.10s %-6.6d %-7.7s %-13.13s %-10.10s %-.16s%s"; -static const char *ufmt2r = "%s,%d,%s,%s,%s,%s%s"; -static const char *rfmt2 = "%-10.10s %s%-5d %-6.6s %-13.13s %-10.10s %-.28s%s"; -static const char *rfmt2r = "%s,%s%d,%s,%s,%s,%s%s"; +static const char *hdr1 = +"Login Name What TTY When From Location"; +static const char *rfmt1 = "%-10.10s %-17.17s %-5.5s %s%-3u %-9.9s %-15.15s %-.19s%s"; +static const char *rfmt1r = "%s,%s,%s,%s%u,%s,%s,%s%s"; + +static const char *hdr2 = +"Login Port What When From Location"; +static const char *rfmt2 = "%-10.10s %s%-5u %-6.6s %-13.13s %-15.15s %-.28s%s"; +static const char *rfmt2r = "%s,%s%u,%s,%s,%s,%s%s"; static const char *eol = "\n"; static int showname = -1; @@ -70,25 +64,35 @@ static int showptype = 0; static int showcid = 0; int debug_flag = 0; const char *progname = "radwho"; -const char *radlog_dir = "stdout"; +const char *radlog_dir = NULL; +const char *radutmp_file = NULL; -int proxy_synchronous = TRUE; -const char *radius_dir = NULL; +char *radius_dir = NULL; const char *radacct_dir = NULL; const char *radlib_dir = NULL; -int auth_port = 0; -int acct_port; uint32_t myip = INADDR_ANY; -int proxy_retry_delay = RETRY_DELAY; -int proxy_retry_count = RETRY_COUNT; int log_stripped_names; -struct main_config_t mainconfig; /* - * A mapping of configuration file names to internal variables + * Global, for log.c to use. */ -static CONF_PARSER server_config[] = { - { NULL, -1, 0, NULL, NULL } +struct main_config_t mainconfig; +char *request_log_file = NULL; +char *debug_log_file = NULL; +int radius_xlat(char *out, UNUSED int outlen, UNUSED const char *fmt, + UNUSED REQUEST *request, UNUSED RADIUS_ESCAPE_STRING func) +{ + *out = 0; + return 0; +} + +struct radutmp_config_t { + char *radutmp_fn; +} radutmpconfig; + +static const CONF_PARSER module_config[] = { + { "filename", PW_TYPE_STRING_PTR, 0, &radutmpconfig.radutmp_fn, RADUTMP }, + { NULL, -1, 0, NULL, NULL } }; /* @@ -102,10 +106,10 @@ static FILE *safe_popen(const char *cmd, const char *mode) /* * Change all suspect characters into a space. */ - strncpy(buf, cmd, sizeof(buf)); + strlcpy(buf, cmd, sizeof(buf)); buf[sizeof(buf) - 1] = 0; for (p = buf; *p; p++) { - if (isalnum(*p)) + if (isalnum((int) *p)) continue; if (strchr("@%-_ \t+:,./", *p) == NULL) *p = ' '; @@ -116,7 +120,7 @@ static FILE *safe_popen(const char *cmd, const char *mode) /* * Print a file from FINGER_DIR. If the file is executable, - * execute it instead. Return 0 if succesfull. + * execute it instead. Return 0 if successful. */ static int ffile(const char *arg) { @@ -132,7 +136,7 @@ static int ffile(const char *arg) fp = safe_popen(fn, "r"); } else fp = fopen(fn, "r"); - if (fp == NULL) + if (fp == NULL) return -1; while(fgets(fn, 1024, fp)) { @@ -182,6 +186,7 @@ static void sys_finger(const char *l) */ static char *fullname(char *username) { +#ifdef HAVE_PWD_Hx struct passwd *pwd; char *s; @@ -189,6 +194,8 @@ static char *fullname(char *username) if ((s = strchr(pwd->pw_gecos, ',')) != NULL) *s = 0; return pwd->pw_gecos; } +#endif + return username; } @@ -223,109 +230,59 @@ static char *dotime(time_t t) char *s = ctime(&t); if (showname) { - strncpy(s + 4, s + 11, 5); + strlcpy(s + 4, s + 11, 6); s[9] = 0; } else { - strncpy(s + 4, s + 8, 8); + strlcpy(s + 4, s + 8, 9); s[12] = 0; } return s; } -#if 0 /*UNUSED*/ -/* - * See how long a tty has been idle. - */ -char *idletime(char *line) -{ - char tty[16]; - static char tmp[8]; - time_t t; - struct stat st; - int hr, min, days; - - if (line[0] == '/') - strcpy(tty, "/dev/"); - else - tty[0] = 0; - strncat(tty, line, 10); - tty[15] = 0; - - tmp[0] = 0; - if (stat(tty, &st) == 0) { - time(&t); - t -= st.st_mtime; - if (t >= 60) { - min = (t / 60); - hr = min / 24; - days = hr / 24; - min %= 60; - hr %= 24; - if (days > 0) - snprintf(tmp, sizeof(tmp), "%dd", days); - else - snprintf(tmp, sizeof(tmp), "%2d:%02d", hr, min); - } - } - return tmp; -} -#endif - -/* - * Shorten tty name. - */ -static const char *ttyshort(char *tty) -{ - static char tmp[16]; - - if (tty[0] == '/') tty += 5; - - if (strncmp(tty, "tty", 3) == 0) { - if (tty[3] >= '0' && tty[3] <= '9') - snprintf(tmp, sizeof(tmp), "v%.14s", tty + 3); - else - snprintf(tmp, sizeof(tmp), "%.15s", tty + 3); - return tmp; - } - if (strncmp(tty, "vc", 2) == 0) { - snprintf(tmp, sizeof(tmp), "v.14%s", tty + 2); - return tmp; - } - if (strncmp(tty, "cu", 2) == 0) { - return tmp + 2; - } - return "??"; -} - /* * Print address of NAS. */ static const char *hostname(char *buf, size_t buflen, uint32_t ipaddr) { + /* + * WTF is this code for? + */ if (ipaddr == 0 || ipaddr == (uint32_t)-1 || ipaddr == (uint32_t)-2) return ""; - return ip_hostname(buf, buflen, ipaddr); + + return inet_ntop(AF_INET, &ipaddr, buf, buflen); + } /* * Print usage message and exit. */ -static void usage(void) +static void NEVER_RETURNS usage(int status) { - fprintf(stderr, "Usage: radwho [-lhfnsipcr]\n"); - fprintf(stderr, " -l: show local (shell) users too\n"); - fprintf(stderr, " -h: hide shell users from radius\n"); - fprintf(stderr, " -f: give fingerd output\n"); - fprintf(stderr, " -n: no full name\n"); - fprintf(stderr, " -s: show full name\n"); - fprintf(stderr, " -i: show session ID\n"); - fprintf(stderr, " -p: show port type\n"); - fprintf(stderr, " -c: show caller ID, if available\n"); - fprintf(stderr, " -r: output as raw data\n"); - exit(1); + FILE *output = status?stderr:stdout; + + fprintf(output, "Usage: radwho [-d raddb] [-cfihnprRsSZ] [-N nas] [-P nas_port] [-u user] [-U user]\n"); + fprintf(output, " -c: show caller ID, if available\n"); + fprintf(output, " -d: set the raddb directory (default is %s)\n", + RADIUS_DIR); + fprintf(output, " -f: give fingerd output\n"); + fprintf(output, " -i: show session ID\n"); + fprintf(output, " -n: no full name\n"); + fprintf(output, " -N : Show entries matching the given NAS IP address\n"); + fprintf(output, " -p: show port type\n"); + fprintf(output, " -P : Show entries matching the given nas port\n"); + fprintf(output, " -r: Print output as raw comma-delimited data\n"); + fprintf(output, " -R: Print output as RADIUS attributes and values\n"); + fprintf(output, " Includes ALL information from the radutmp record.\n"); + fprintf(output, " -s: show full name\n"); + fprintf(output, " -S: hide shell users from radius\n"); + fprintf(output, " -u : Show entries matching the given user\n"); + fprintf(output, " -U : like -u, but case-sensitive\n"); + fprintf(output, " -Z: Include accounting stop information in radius output. Requires -R.\n"); + exit(status); } @@ -334,40 +291,54 @@ static void usage(void) */ int main(int argc, char **argv) { - CONF_SECTION *cs; + CONF_SECTION *maincs, *cs; FILE *fp; struct radutmp rt; - struct utmp ut; - int hdrdone = 0; char inbuf[128]; - char myname[128]; char othername[256]; - char session_id[16]; + char nasname[1024]; + char session_id[sizeof(rt.session_id)+1]; int fingerd = 0; - int showlocal = 0; int hideshell = 0; int showsid = 0; int rawoutput = 0; + int radiusoutput = 0; /* Radius attributes */ char *p, *q; const char *portind; - int c, portno; - - radius_dir = strdup(RADIUS_DIR); - - while((c = getopt(argc, argv, "flhnsipcr")) != EOF) switch(c) { + int c; + unsigned int portno; + char buffer[2048]; + const char *user = NULL; + int user_cmp = 0; + time_t now = 0; + uint32_t nas_port = ~0; + uint32_t nas_ip_address = INADDR_NONE; + int zap = 0; + + radius_dir = RADIUS_DIR; + + while((c = getopt(argc, argv, "d:flnN:sSipP:crRu:U:Z")) != EOF) switch(c) { + case 'd': + radius_dir = optarg; + break; case 'f': fingerd++; showname = 0; break; - case 'l': - showlocal = 1; - break; case 'h': + usage(0); + break; + case 'S': hideshell = 1; break; case 'n': showname = 0; break; + case 'N': + if (inet_pton(AF_INET, optarg, &nas_ip_address) < 0) { + usage(1); + } + break; case 's': showname = 1; break; @@ -377,6 +348,9 @@ int main(int argc, char **argv) case 'p': showptype = 1; break; + case 'P': + nas_port = atoi(optarg); + break; case 'c': showcid = 1; showname = 1; @@ -384,24 +358,73 @@ int main(int argc, char **argv) case 'r': rawoutput = 1; break; + case 'R': + radiusoutput = 1; + now = time(NULL); + break; + case 'u': + user = optarg; + user_cmp = 0; + break; + case 'U': + user = optarg; + user_cmp = 1; + break; + case 'Z': + zap = 1; + break; default: - usage(); + usage(1); break; } - /* Read radiusd.conf */ - if(read_radius_conf_file() < 0) { - fprintf(stderr, "%s: Errors reading radiusd.conf\n", argv[0]); - exit(1); + /* + * Be safe. + */ + if (zap && !radiusoutput) zap = 0; + + /* + * zap EVERYONE, but only on this nas + */ + if (zap && !user && (~nas_port == 0)) { + /* + * We need to know which NAS to zap users in. + */ + if (nas_ip_address == INADDR_NONE) usage(1); + + printf("Acct-Status-Type = Accounting-Off\n"); + printf("NAS-IP-Address = %s\n", + hostname(buffer, sizeof(buffer), nas_ip_address)); + printf("Acct-Delay-Time = 0\n"); + exit(0); /* don't bother printing anything else */ } - cs = cf_section_find(NULL); - if(!cs) { - fprintf(stderr, "%s: No configuration information in radiusd.conf!\n", - argv[0]); + /* + * Initialize mainconfig + */ + memset(&mainconfig, 0, sizeof(mainconfig)); + mainconfig.radlog_dest = RADLOG_STDOUT; + + /* Read radiusd.conf */ + snprintf(buffer, sizeof(buffer), "%.200s/radiusd.conf", radius_dir); + maincs = cf_file_read(buffer); + if (!maincs) { + fprintf(stderr, "%s: Error reading radiusd.conf.\n", argv[0]); exit(1); } - cf_section_parse(cs, NULL, server_config); + + /* Read the radutmp section of radiusd.conf */ + cs = cf_section_sub_find(cf_section_sub_find(maincs, "modules"), "radutmp"); + if(!cs) { + fprintf(stderr, "%s: No configuration information in radutmp section of radiusd.conf!\n", + argv[0]); + exit(1); + } + + cf_section_parse(cs, NULL, module_config); + + /* Assign the correct path for the radutmp file */ + radutmp_file = radutmpconfig.radutmp_fn; /* * See if we are "fingerd". @@ -433,108 +456,161 @@ int main(int argc, char **argv) if (*p) sys_finger(p); } - if (showlocal && (fp = fopen(UTMP_FILE, "r"))) { - if (rawoutput == 0) - { - fputs(showname ? hdr1 : hdr2, stdout); - fputs(eol, stdout); - } - hdrdone = 1; - - /* - * Show the logged in UNIX users. - */ - gethostname(myname, 128); - while(fread(&ut, sizeof(ut), 1, fp) == 1) { -#ifdef USER_PROCESS - if (ut.ut_user[0] && ut.ut_line[0] && - ut.ut_type == USER_PROCESS) { -#else - if (ut.ut_user[0] && ut.ut_line[0]) { -#endif -#ifdef UT_HOSTSIZE - if (showname) - printf((rawoutput == 0? ufmt1: ufmt1r), - ut.ut_name, - fullname(ut.ut_name), - "shell", - ttyshort(ut.ut_line), -#ifdef HAVE_UTMPX_H - dotime(ut.ut_xtime), -#else - dotime(ut.ut_time), -#endif - ut.ut_host, - myname, eol); - else - printf((rawoutput==0? ufmt2:ufmt2r), - ut.ut_name, - ttyshort(ut.ut_line), - "shell", -#ifdef HAVE_UTMPX_H - dotime(ut.ut_xtime), -#else - dotime(ut.ut_time), -#endif - ut.ut_host, - myname, eol); -#endif - } - } - fclose(fp); - } - /* * Show the users logged in on the terminal server(s). */ - if ((fp = fopen(RADUTMP, "r")) == NULL) + if ((fp = fopen(radutmp_file, "r")) == NULL) { + fprintf(stderr, "%s: Error reading %s: %s\n", + progname, radutmp_file, strerror(errno)); return 0; + } - if (!hdrdone) { + /* + * Don't print the headers if raw or RADIUS + */ + if (!rawoutput && !radiusoutput) { fputs(showname ? hdr1 : hdr2, stdout); fputs(eol, stdout); } - while(fread(&rt, sizeof(rt), 1, fp) == 1) { - if (rt.type == P_LOGIN) { + /* + * Read the file, printing out active entries. + */ + while (fread(&rt, sizeof(rt), 1, fp) == 1) { + if (rt.type != P_LOGIN) continue; /* hide logout sessions */ + + /* + * We don't show shell users if we are + * fingerd, as we have done that above. + */ + if (hideshell && !strchr("PCS", rt.proto)) + continue; + + /* + * Print out sessions only for the given user. + */ + if (user) { /* only for a particular user */ + if (((user_cmp == 0) && + (strncasecmp(rt.login, user, strlen(user)) != 0)) || + ((user_cmp == 1) && + (strncmp(rt.login, user, strlen(user)) != 0))) { + continue; + } + } + + /* + * Print out only for the given NAS port. + */ + if (~nas_port != 0) { + if (rt.nas_port != nas_port) continue; + } + + /* + * Print out only for the given NAS IP address + */ + if (nas_ip_address != INADDR_NONE) { + if (rt.nas_address != nas_ip_address) continue; + } + + memcpy(session_id, rt.session_id, sizeof(rt.session_id)); + session_id[sizeof(rt.session_id)] = 0; + + if (!rawoutput && rt.nas_port > (showname ? 999 : 99999)) { + portind = ">"; + portno = (showname ? 999 : 99999); + } else { + portind = "S"; + portno = rt.nas_port; + } + + /* + * Print output as RADIUS attributes + */ + if (radiusoutput) { + memcpy(nasname, rt.login, sizeof(rt.login)); + nasname[sizeof(rt.login)] = '\0'; + + fr_print_string(nasname, 0, buffer, + sizeof(buffer)); + printf("User-Name = \"%s\"\n", buffer); + + fr_print_string(session_id, 0, buffer, + sizeof(buffer)); + printf("Acct-Session-Id = \"%s\"\n", buffer); + + if (zap) printf("Acct-Status-Type = Stop\n"); + + printf("NAS-IP-Address = %s\n", + hostname(buffer, sizeof(buffer), + rt.nas_address)); + printf("NAS-Port = %u\n", rt.nas_port); + + switch (rt.proto) { + case 'S': + printf("Service-Type = Framed-User\n"); + printf("Framed-Protocol = SLIP\n"); + break; + case 'P': + printf("Service-Type = Framed-User\n"); + printf("Framed-Protocol = PPP\n"); + break; + default: + printf("Service-type = Login-User\n"); + break; + } + if (rt.framed_address != INADDR_NONE) { + printf("Framed-IP-Address = %s\n", + hostname(buffer, sizeof(buffer), + rt.framed_address)); + } + /* - * We don't show shell users if we are - * fingerd, as we have done that above. + * Some sanity checks on the time */ - if (hideshell && !strchr("PCS", rt.proto)) - continue; + if ((rt.time <= now) && + (now - rt.time) <= (86400 * 365)) { + printf("Acct-Session-Time = %ld\n", + now - rt.time); + } - snprintf(session_id, sizeof(session_id), "%.8s", rt.session_id); + if (rt.caller_id[0] != '\0') { + memcpy(nasname, rt.caller_id, + sizeof(rt.caller_id)); + nasname[sizeof(rt.caller_id)] = '\0'; - if (!rawoutput && rt.nas_port > (showname ? 999 : 99999)) { - portind = ">"; - portno = (showname ? 999 : 99999); - } else { - portind = "S"; - portno = rt.nas_port; + fr_print_string(nasname, 0, buffer, + sizeof(buffer)); + printf("Calling-Station-Id = \"%s\"\n", buffer); } - if (showname) - printf((rawoutput == 0? rfmt1: rfmt1r), - rt.login, - showcid ? rt.caller_id : - (showsid? session_id : fullname(rt.login)), - proto(rt.proto, rt.porttype), - portind, portno, - dotime(rt.time), - nas_name(rt.nas_address), - hostname(othername, sizeof(othername), rt.framed_address), eol); - else - printf((rawoutput == 0? rfmt2: rfmt2r), - rt.login, - portind, portno, - proto(rt.proto, rt.porttype), - dotime(rt.time), - nas_name(rt.nas_address), - hostname(othername, sizeof(othername), rt.framed_address), eol); + + printf("\n"); /* separate entries with a blank line */ + continue; + } + + /* + * Show the fill name, or not. + */ + if (showname) { + printf((rawoutput == 0? rfmt1: rfmt1r), + rt.login, + showcid ? rt.caller_id : + (showsid? session_id : fullname(rt.login)), + proto(rt.proto, rt.porttype), + portind, portno, + dotime(rt.time), + hostname(nasname, sizeof(nasname), rt.nas_address), + hostname(othername, sizeof(othername), rt.framed_address), eol); + } else { + printf((rawoutput == 0? rfmt2: rfmt2r), + rt.login, + portind, portno, + proto(rt.proto, rt.porttype), + dotime(rt.time), + hostname(nasname, sizeof(nasname), rt.nas_address), + hostname(othername, sizeof(othername), rt.framed_address), + eol); } } - fflush(stdout); - fflush(stderr); fclose(fp); return 0;