is probably a bad thing...
(request->packet->code == PW_AUTHENTICATION_REQUEST)) {
tmp = paircreate(PW_AUTHTYPE, PW_TYPE_INTEGER);
if (tmp == NULL) {
- log(L_ERR|L_CONS, "no memory");
+ radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
r = module_authorize(request, &request->config_items, &user_reply);
if (r != RLM_MODULE_OK) {
if (r != RLM_MODULE_FAIL && r != RLM_MODULE_HANDLED) {
- log(L_AUTH, "Invalid user: [%s%s%s] (%s)",
+ radlog(L_AUTH, "Invalid user: [%s%s%s] (%s)",
auth_username(namepair),
log_auth_pass ? "/" : "",
log_auth_pass ? password : "",
auth_item->length,
clean_buffer, sizeof(clean_buffer));
}
- log(L_AUTH,
+ radlog(L_AUTH,
"Login incorrect: [%s%s%s] (%s)%s",
auth_username(namepair),
log_auth_pass?"/":"",
}
request->reply = build_reply(PW_AUTHENTICATION_REJECT,
request, NULL, user_msg);
- log(L_ERR, "Multiple logins: [%s] (%s) max. %d%s",
+ radlog(L_ERR, "Multiple logins: [%s] (%s) max. %d%s",
namepair->strvalue,
auth_name(buf, sizeof(buf), request, 1),
check_item->lvalue,
"You are calling outside your allowed timespan\r\n";
request->reply = build_reply(PW_AUTHENTICATION_REJECT,
request, NULL, user_msg);
- log(L_ERR, "Outside allowed timespan: [%s]"
+ radlog(L_ERR, "Outside allowed timespan: [%s]"
" (%s) time allowed: %s",
auth_username(namepair),
auth_name(buf, sizeof(buf), request, 1),
if ((reply_item = paircreate(
PW_SESSION_TIMEOUT,
PW_TYPE_INTEGER)) == NULL) {
- log(L_ERR|L_CONS, "no memory");
+ radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
reply_item->lvalue = r;
request->reply = build_reply(PW_AUTHENTICATION_REJECT,
request, NULL, user_msg);
if (log_auth) {
- log(L_AUTH,
+ radlog(L_AUTH,
"Login incorrect: [%s] (%s) "
"(external check failed)",
auth_username(namepair),
user_reply, user_msg);
if (log_auth) {
- log(L_AUTH,
+ radlog(L_AUTH,
"Login OK: [%s%s%s] (%s)",
auth_username(namepair),
log_auth_pass ? "/" : "",
*(int *)variables[i].data = 0;
} else {
*(int *)variables[i].data = 0;
- log(L_ERR, "Bad value \"%s\" for boolean variable %s", value, variables[i].name);
+ radlog(L_ERR, "Bad value \"%s\" for boolean variable %s", value, variables[i].name);
return -1;
}
DEBUG2("Config: %s.%s = %s",
}
ipaddr = ip_getaddr(value);
if (ipaddr == 0) {
- log(L_ERR, "Can't find IP address for host %s", value);
+ radlog(L_ERR, "Can't find IP address for host %s", value);
return -1;
}
DEBUG2("Config: %s.%s = %s IP address [%s]",
break;
default:
- log(L_ERR, "type %d not supported yet", variables[i].type);
+ radlog(L_ERR, "type %d not supported yet", variables[i].type);
return -1;
break;
} /* switch over variable type */
* with 'internal' names;
*/
if ((name1 != NULL) && (name1[0] == '_')) {
- log(L_ERR, "%s[%d]: Illegal configuration section name",
+ radlog(L_ERR, "%s[%d]: Illegal configuration section name",
cf, *lineno);
return NULL;
}
*/
if (t1 == T_RCBRACE) {
if (name1 == NULL || buf2[0]) {
- log(L_ERR, "%s[%d]: Unexpected end of section",
+ radlog(L_ERR, "%s[%d]: Unexpected end of section",
cf, *lineno);
cf_section_free(cs);
return NULL;
t2 = T_OP_EQ;
} else if (buf1[0] == 0 || buf2[0] == 0 || buf3[0] == 0 ||
(t2 < T_EQSTART || t2 > T_EQEND)) {
- log(L_ERR, "%s[%d]: Line is not in 'attribute = value' format",
+ radlog(L_ERR, "%s[%d]: Line is not in 'attribute = value' format",
cf, *lineno);
cf_section_free(cs);
return NULL;
* with 'internal' names;
*/
if (buf1[0] == '_') {
- log(L_ERR, "%s[%d]: Illegal configuration pair name \"%s\"",
+ radlog(L_ERR, "%s[%d]: Illegal configuration pair name \"%s\"",
cf, *lineno, buf1);
cf_section_free(cs);
return NULL;
cpn = cf_pair_find(outercs, buf2);
}
if (!cpn) {
- log(L_ERR, "%s[%d]: Unknown variable \"%s\"",
+ radlog(L_ERR, "%s[%d]: Unknown variable \"%s\"",
cf, *lineno, buf2);
cf_section_free(cs);
return NULL;
* See if EOF was unexpected ..
*/
if (name1 != NULL) {
- log(L_ERR, "%s[%d]: unexpected end of file", cf, *lineno);
+ radlog(L_ERR, "%s[%d]: unexpected end of file", cf, *lineno);
cf_section_free(cs);
return NULL;
}
CONF_SECTION *cs;
if ((fp = fopen(conffile, "r")) == NULL) {
- log(L_ERR, "cannot open %s: %s",
+ radlog(L_ERR, "cannot open %s: %s",
conffile, strerror(errno));
return NULL;
}
; cs ;
cs = cf_subsection_find_next(config, cs, "realm")) {
if (!cs->name2) {
- log(L_CONS|L_ERR, "%s[%d]: Missing realm name", filename, cs->item.lineno);
+ radlog(L_CONS|L_ERR, "%s[%d]: Missing realm name", filename, cs->item.lineno);
return -1;
}
/*
* We've found a realm, allocate space for it
*/
if ((c = malloc(sizeof(REALM))) == NULL) {
- log(L_CONS|L_ERR, "Out of memory");
+ radlog(L_CONS|L_ERR, "Out of memory");
return -1;
}
memset(c, 0, sizeof(REALM));
* An authhost must exist in the configuration
*/
if ((authhost = cf_section_value_find(cs, "authhost")) == NULL) {
- log(L_CONS|L_ERR,
+ radlog(L_CONS|L_ERR,
"%s[%d]: No authhost entry in realm",
filename, cs->item.lineno);
return -1;
* Double check length, just to be sure!
*/
if (strlen(authhost) >= sizeof(c->server)) {
- log(L_ERR, "%s[%d]: Server name of length %d is greater that allowed: %d",
+ radlog(L_ERR, "%s[%d]: Server name of length %d is greater that allowed: %d",
filename, cs->item.lineno,
strlen(authhost), sizeof(c->server) - 1);
return -1;
}
if (strlen(cs->name2) >= sizeof(c->realm)) {
- log(L_ERR, "%s[%d]: Realm name of length %d is greater than allowed %d",
+ radlog(L_ERR, "%s[%d]: Realm name of length %d is greater than allowed %d",
filename, cs->item.lineno,
strlen(cs->name2), sizeof(c->server) - 1);
return -1;
s = cf_section_value_find(cs, "secret");
if (s == NULL) {
- log(L_ERR, "%s[%d]: No shared secret supplied for realm",
+ radlog(L_ERR, "%s[%d]: No shared secret supplied for realm",
filename, cs->item.lineno);
return -1;
}
if (strlen(s) >= sizeof(c->secret)) {
- log(L_ERR, "%s[%d]: Secret of length %d is greater than the allowed maximum of %d.",
+ radlog(L_ERR, "%s[%d]: Secret of length %d is greater than the allowed maximum of %d.",
filename, cs->item.lineno,
strlen(s), sizeof(c->secret) - 1);
return -1;
; cs ;
cs = cf_subsection_find_next(config, cs, "client")) {
if (!cs->name2) {
- log(L_CONS|L_ERR, "%s[%d]: Missing client name", filename, cs->item.lineno);
+ radlog(L_CONS|L_ERR, "%s[%d]: Missing client name", filename, cs->item.lineno);
return -1;
}
/*
shortnm = cf_section_value_find(cs, "shortname");
if (strlen(secret) >= sizeof(c->secret)) {
- log(L_ERR, "%s[%d]: Secret of length %d is greater than the allowed maximum of %d.",
+ radlog(L_ERR, "%s[%d]: Secret of length %d is greater than the allowed maximum of %d.",
filename, cs->item.lineno,
strlen(secret), sizeof(c->secret) - 1);
return -1;
}
if (strlen(shortnm) > sizeof(c->shortname)) {
- log(L_ERR, "%s[%d]: NAS short name of length %d is greater than the allowed maximum of %d.",
+ radlog(L_ERR, "%s[%d]: NAS short name of length %d is greater than the allowed maximum of %d.",
filename, cs->item.lineno,
strlen(shortnm), sizeof(c->shortname) - 1);
return -1;
* The size is fine.. Let's create the buffer
*/
if ((c = malloc(sizeof(RADCLIENT))) == NULL) {
- log(L_CONS|L_ERR, "Out of memory");
+ radlog(L_CONS|L_ERR, "Out of memory");
return -1;
}
*/
if (exec_wait) {
if (pipe(pd) != 0) {
- log(L_ERR|L_CONS, "Couldn't open pipe: %m");
+ radlog(L_ERR|L_CONS, "Couldn't open pipe: %m");
pd[0] = pd[1] = 0;
}
if ((oldsig = signal(SIGCHLD, SIG_DFL)) == SIG_ERR) {
- log(L_ERR|L_CONS, "Can't reset SIGCHLD: %m");
+ radlog(L_ERR|L_CONS, "Can't reset SIGCHLD: %m");
oldsig = NULL;
}
}
/*
* XXX FIXME: This is debugging info.
*/
- log(L_INFO, "Exec-Program: %s", buf);
+ radlog(L_INFO, "Exec-Program: %s", buf);
/*
* Build vector list and execute.
} while(p != NULL);
argv[++argc] = p;
if (argc == 0) {
- log(L_ERR, "Exec-Program: empty command line.");
+ radlog(L_ERR, "Exec-Program: empty command line.");
exit(1);
}
if (exec_wait) {
if (close(pd[0]) != 0)
- log(L_ERR|L_CONS, "Can't close pipe: %m");
+ radlog(L_ERR|L_CONS, "Can't close pipe: %m");
if (dup2(pd[1], 1) != 1)
- log(L_ERR|L_CONS, "Can't dup stdout: %m");
+ radlog(L_ERR|L_CONS, "Can't dup stdout: %m");
}
/*
execve(argv[0], argv, envp);
- log(L_ERR, "Exec-Program: %s: %m", argv[0]);
+ radlog(L_ERR, "Exec-Program: %s: %m", argv[0]);
exit(1);
}
* Parent
*/
if (pid < 0) {
- log(L_ERR|L_CONS, "Couldn't fork: %m");
+ radlog(L_ERR|L_CONS, "Couldn't fork: %m");
return -1;
}
if (!exec_wait)
done = 0;
if (pd[0] || pd[1]) {
if (close(pd[1]) != 0)
- log(L_ERR|L_CONS, "Can't close pipe: %m");
+ radlog(L_ERR|L_CONS, "Can't close pipe: %m");
/*
* (hs) Read until we doesn't get any more
vp = NULL;
if (n != 0) {
- log(L_DBG, "Exec-Program-Wait: plaintext: %s", answer);
+ radlog(L_DBG, "Exec-Program-Wait: plaintext: %s", answer);
if (user_msg) {
strncpy(message, answer, sizeof(message));
message[sizeof(message) - 1] = 0;
if (answer[strlen(answer) - 1] == ',')
answer[strlen(answer) - 1] = '\0';
- log(L_DBG,"Exec-Program-Wait: value-pairs: %s", answer);
+ radlog(L_DBG,"Exec-Program-Wait: value-pairs: %s", answer);
if (userparse(answer, &vp) != 0)
- log(L_ERR,
+ radlog(L_ERR,
"Exec-Program-Wait: %s: unparsable reply", cmd);
else {
pairmove(reply, &vp);
* all signals that will arise.
*/
if (oldsig && (signal(SIGCHLD, oldsig) == SIG_ERR))
- log(L_ERR|L_CONS,
+ radlog(L_ERR|L_CONS,
"Can't set SIGCHLD to the cleanup handler: %m");
sig_cleanup(SIGCHLD);
if (WIFEXITED(status)) {
status = WEXITSTATUS(status);
- log(L_INFO, "Exec-Program: returned: %d", status);
+ radlog(L_INFO, "Exec-Program: returned: %d", status);
return status;
}
- log(L_ERR|L_CONS, "Exec-Program: Abnormal child exit (killed or coredump)");
+ radlog(L_ERR|L_CONS, "Exec-Program: Abnormal child exit (killed or coredump)");
return 1;
}
*
*/
if ((vp = paircreate(PW_AUTHTYPE, PW_TYPE_INTEGER)) == NULL) {
- log(L_CONS|L_ERR, "no memory");
+ radlog(L_CONS|L_ERR, "no memory");
exit(1);
}
vp->lvalue = n;
*/
if ((fp = fopen(file, "r")) == NULL) {
if (!complain) return -1;
- log(L_CONS|L_ERR, "Couldn't open %s for reading: %s",
+ radlog(L_CONS|L_ERR, "Couldn't open %s for reading: %s",
file, strerror(errno));
return -1;
}
while(fgets(buffer, sizeof(buffer), fp) != NULL) {
lineno++;
if (strchr(buffer, '\n') == NULL) {
- log(L_ERR, "%s[%d]: line too long", file, lineno);
+ radlog(L_ERR, "%s[%d]: line too long", file, lineno);
pairlist_free(&pl);
return -1;
}
*/
if (isspace(buffer[0])) {
if (parsecode != T_EOL) {
- log(L_ERR|L_CONS,
+ radlog(L_ERR|L_CONS,
"%s[%d]: Unexpected trailing comma for entry %s",
file, lineno, entry);
fclose(fp);
t = NULL;
if (pairlist_read(s, &t, 0) != 0) {
pairlist_free(&pl);
- log(L_ERR|L_CONS,
+ radlog(L_ERR|L_CONS,
"%s[%d]: Could not open included file %s: %s",
file, lineno, s, strerror(errno));
fclose(fp);
parsecode = userparse(ptr, &check_tmp);
if (parsecode < 0) {
pairlist_free(&pl);
- log(L_ERR|L_CONS,
+ radlog(L_ERR|L_CONS,
"%s[%d]: Parse error (check) for entry %s: %s",
file, lineno, entry, librad_errstr);
fclose(fp);
return -1;
} else if (parsecode == T_COMMA) {
- log(L_ERR|L_CONS,
+ radlog(L_ERR|L_CONS,
"%s[%d]: Unexpected trailing comma in check item list for entry %s",
file, lineno, entry);
fclose(fp);
else {
if(*buffer == ' ' || *buffer == '\t') {
if (parsecode != T_COMMA) {
- log(L_ERR|L_CONS,
+ radlog(L_ERR|L_CONS,
"%s[%d]: Syntax error: Previous line is missing a trailing comma for entry %s",
file, lineno, entry);
fclose(fp);
parsecode = userparse(buffer, &reply_tmp);
if (parsecode < 0) {
pairlist_free(&pl);
- log(L_ERR|L_CONS,
+ radlog(L_ERR|L_CONS,
"%s[%d]: Parse error (reply) for entry %s: %s",
file, lineno, entry, librad_errstr);
fclose(fp);
clients = NULL;
if ((fp = fopen(file, "r")) == NULL) {
- log(L_CONS|L_ERR, "cannot open %s", file);
+ radlog(L_CONS|L_ERR, "cannot open %s", file);
return -1;
}
while(fgets(buffer, 256, fp) != NULL) {
lineno++;
if (strchr(buffer, '\n') == NULL) {
- log(L_ERR, "%s[%d]: line too long", file, lineno);
+ radlog(L_ERR, "%s[%d]: line too long", file, lineno);
return -1;
}
if (buffer[0] == '#' || buffer[0] == '\n')
if (!getword(&p, hostnm, sizeof(hostnm)) ||
!getword(&p, secret, sizeof(secret))) {
- log(L_ERR, "%s[%d]: unexpected end of line",
+ radlog(L_ERR, "%s[%d]: unexpected end of line",
file, lineno);
return -1;
}
* Double-check lengths to be sure they're sane
*/
if (strlen(hostnm) >= sizeof(c->longname)) {
- log(L_ERR, "%s[%d]: host name of length %d is greater than the allowed maximum of %d.",
+ radlog(L_ERR, "%s[%d]: host name of length %d is greater than the allowed maximum of %d.",
file, lineno,
strlen(hostnm), sizeof(c->longname) - 1);
return -1;
}
if (strlen(secret) >= sizeof(c->secret)) {
- log(L_ERR, "%s[%d]: secret of length %d is greater than the allowed maximum of %d.",
+ radlog(L_ERR, "%s[%d]: secret of length %d is greater than the allowed maximum of %d.",
file, lineno,
strlen(secret), sizeof(c->secret) - 1);
return -1;
}
if (strlen(shortnm) > sizeof(c->shortname)) {
- log(L_ERR, "%s[%d]: short name of length %d is greater than the allowed maximum of %d.",
+ radlog(L_ERR, "%s[%d]: short name of length %d is greater than the allowed maximum of %d.",
file, lineno,
strlen(shortnm), sizeof(c->shortname) - 1);
return -1;
* It should be OK now, let's create the buffer.
*/
if ((c = malloc(sizeof(RADCLIENT))) == NULL) {
- log(L_CONS|L_ERR, "%s[%d]: out of memory",
+ radlog(L_CONS|L_ERR, "%s[%d]: out of memory",
file, lineno);
return -1;
}
c->ipaddr = ip_getaddr(hostnm);
if (c->ipaddr == 0) {
- log(L_CONS|L_ERR, "%s[%d]: Failed to look up hostname %s",
+ radlog(L_CONS|L_ERR, "%s[%d]: Failed to look up hostname %s",
file, lineno, hostnm);
return -1;
}
#if 1 /* For now - realms file is not obligatory */
return 0;
#else
- log(L_CONS|L_ERR, "cannot open %s", file);
+ radlog(L_CONS|L_ERR, "cannot open %s", file);
return -1;
#endif
}
while(fgets(buffer, 256, fp) != NULL) {
lineno++;
if (strchr(buffer, '\n') == NULL) {
- log(L_ERR, "%s[%d]: line too long", file, lineno);
+ radlog(L_ERR, "%s[%d]: line too long", file, lineno);
return -1;
}
if (buffer[0] == '#' || buffer[0] == '\n')
p = buffer;
if (!getword(&p, realm, sizeof(realm)) ||
!getword(&p, hostnm, sizeof(hostnm))) {
- log(L_ERR, "%s[%d]: syntax error", file, lineno);
+ radlog(L_ERR, "%s[%d]: syntax error", file, lineno);
continue;
}
if ((c = malloc(sizeof(REALM))) == NULL) {
- log(L_CONS|L_ERR, "%s[%d]: out of memory",
+ radlog(L_CONS|L_ERR, "%s[%d]: out of memory",
file, lineno);
return -1;
}
}
if (c->ipaddr == 0) {
- log(L_CONS|L_ERR, "%s[%d]: Failed to look up hostname %s",
+ radlog(L_CONS|L_ERR, "%s[%d]: Failed to look up hostname %s",
file, lineno, hostnm);
return -1;
}
*/
client = client_find(c->ipaddr);
if (client == NULL) {
- log(L_CONS|L_ERR, "%s[%d]: Cannot find 'clients' file entry of remote server %s for realm \"%s\"",
+ radlog(L_CONS|L_ERR, "%s[%d]: Cannot find 'clients' file entry of remote server %s for realm \"%s\"",
file, lineno, hostnm, realm);
return -1;
}
* Double-check lengths to be sure they're sane
*/
if (strlen(hostnm) >= sizeof(c->server)) {
- log(L_ERR, "%s[%d]: server name of length %d is greater than the allowed maximum of %d.",
+ radlog(L_ERR, "%s[%d]: server name of length %d is greater than the allowed maximum of %d.",
file, lineno,
strlen(hostnm), sizeof(c->server) - 1);
return -1;
}
if (strlen(realm) > sizeof(c->realm)) {
- log(L_ERR, "%s[%d]: realm of length %d is greater than the allowed maximum of %d.",
+ radlog(L_ERR, "%s[%d]: realm of length %d is greater than the allowed maximum of %d.",
file, lineno,
strlen(realm), sizeof(c->realm) - 1);
return -1;
/* Initialize the dictionary */
if (dict_init(radius_dir, RADIUS_DICTIONARY) != 0) {
- log(L_ERR|L_CONS, "Errors reading dictionary: %s",
+ radlog(L_ERR|L_CONS, "Errors reading dictionary: %s",
librad_errstr);
return -1;
}
sprintf(buffer, "%.200s/%.50s", radius_dir, RADIUS_CLIENTS);
if (read_clients_file(buffer) < 0) {
- log(L_ERR|L_CONS, "Errors reading clients");
+ radlog(L_ERR|L_CONS, "Errors reading clients");
return -1;
}
sprintf(buffer, "%.200s/%.50s", radius_dir, RADIUS_REALMS);
if (read_realms_file(buffer) < 0) {
- log(L_ERR|L_CONS, "Errors reading realms");
+ radlog(L_ERR|L_CONS, "Errors reading realms");
return -1;
}
if (read_radius_conf_file() < 0) {
- log(L_ERR|L_CONS, "Errors reading radiusd.conf");
+ radlog(L_ERR|L_CONS, "Errors reading radiusd.conf");
return -1;
}
sprintf(buffer, "%.200s/%.50s", radius_dir, RADIUS_NASLIST);
if (read_naslist_file(buffer) < 0) {
- log(L_ERR|L_CONS, "Errors reading naslist");
+ radlog(L_ERR|L_CONS, "Errors reading naslist");
return -1;
}
if (setup_modules() < 0) {
- log(L_ERR|L_CONS, "Errors setting up modules");
+ radlog(L_ERR|L_CONS, "Errors setting up modules");
return -1;
}
return r;
}
-int log(int lvl, const char *msg, ...)
+int radlog(int lvl, const char *msg, ...)
{
va_list ap;
int r;
if (request->username->attribute != PW_STRIPPED_USER_NAME) {
vp = paircreate(PW_STRIPPED_USER_NAME, PW_TYPE_STRING);
if (!vp) {
- log(L_ERR|L_CONS, "no memory");
+ radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
DEBUG2(" authorize: Creating Stripped-User-Name of %s", newname);
void *ptr = malloc(size);
if (ptr == NULL) {
- log(L_ERR|L_CONS, "no memory");
+ radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
naslist = NULL;
if ((fp = fopen(file, "r")) == NULL) {
- log(L_CONS|L_ERR, "cannot open %s", file);
+ radlog(L_CONS|L_ERR, "cannot open %s", file);
return -1;
}
while(fgets(buffer, 256, fp) != NULL) {
lineno++;
if (strchr(buffer, '\n') == NULL) {
- log(L_ERR, "%s[%d]: line too long", file, lineno);
+ radlog(L_ERR, "%s[%d]: line too long", file, lineno);
return -1;
}
if (buffer[0] == '#' || buffer[0] == '\n')
p = buffer;
if (!getword(&p, hostnm, sizeof(hostnm)) ||
!getword(&p, shortnm, sizeof(shortnm))) {
- log(L_ERR, "%s[%d]: unexpected end of line", file, lineno);
+ radlog(L_ERR, "%s[%d]: unexpected end of line", file, lineno);
continue;
}
(void)getword(&p, nastype, sizeof(nastype));
* Double-check lengths to be sure they're sane
*/
if (strlen(hostnm) >= sizeof(c->longname)) {
- log(L_ERR, "%s[%d]: host name of length %d is greater than the allowed maximum of %d.",
+ radlog(L_ERR, "%s[%d]: host name of length %d is greater than the allowed maximum of %d.",
file, lineno,
strlen(hostnm), sizeof(c->longname) - 1);
return -1;
}
if (strlen(shortnm) > sizeof(c->shortname)) {
- log(L_ERR, "%s[%d]: short name of length %d is greater than the allowed maximum of %d.",
+ radlog(L_ERR, "%s[%d]: short name of length %d is greater than the allowed maximum of %d.",
file, lineno,
strlen(shortnm), sizeof(c->shortname) - 1);
return -1;
}
if (strlen(nastype) >= sizeof(c->nastype)) {
- log(L_ERR, "%s[%d]: NAS type of length %d is greater than the allowed maximum of %d.",
+ radlog(L_ERR, "%s[%d]: NAS type of length %d is greater than the allowed maximum of %d.",
file, lineno,
strlen(nastype), sizeof(c->nastype) - 1);
return -1;
* It should be OK now, let's create the buffer.
*/
if ((c = malloc(sizeof(NAS))) == NULL) {
- log(L_CONS|L_ERR, "%s[%d]: out of memory",
+ radlog(L_CONS|L_ERR, "%s[%d]: out of memory",
file, lineno);
return -1;
}
realmpair=replicatepair;
replicating=1;
} else {
- log(L_PROXY, "Proxy reply to packet with no Realm");
+ radlog(L_PROXY, "Proxy reply to packet with no Realm");
return -1;
}
proxy_pair = paircreate(PW_PROXY_STATE, PW_TYPE_STRING);
if (proxy_pair == NULL) {
- log(L_ERR|L_CONS, "no memory");
+ radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
sprintf((char *)proxy_pair->strvalue, "%d", request->packet->id);
if (strippednamepair) {
vp = paircreate(PW_USER_NAME, PW_TYPE_STRING);
if (!vp) {
- log(L_ERR|L_CONS, "no memory");
+ radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
memcpy(vp->strvalue, strippednamepair->strvalue,
* compare _both_ ID and vector. Right ?
*/
if ((request->proxy = rad_alloc(TRUE)) == NULL) {
- log(L_ERR|L_CONS, "no memory");
+ radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
pairfind(vps, PW_CHAP_CHALLENGE) == NULL) {
vp = paircreate(PW_CHAP_CHALLENGE, PW_TYPE_STRING);
if (!vp) {
- log(L_ERR|L_CONS, "no memory");
+ radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
vp->length = AUTH_VECTOR_LEN;
CONF_SECTION *cs;
if (!reload) {
- log(L_INFO, "Starting - reading configuration files ...");
+ radlog(L_INFO, "Starting - reading configuration files ...");
} else if (pid == radius_pid) {
- log(L_INFO, "Reloading configuration files.");
+ radlog(L_INFO, "Reloading configuration files.");
}
/* Read users file etc. */
if (res != 0) {
if (pid == radius_pid) {
- log(L_ERR|L_CONS,
+ radlog(L_ERR|L_CONS,
"Errors reading config file - EXITING");
}
exit(1);
*/
if (allow_core_dumps) {
if (setrlimit(RLIMIT_CORE, &core_limits) < 0) {
- log(L_ERR|L_CONS, "Cannot update core dump limit: %s",
+ radlog(L_ERR|L_CONS, "Cannot update core dump limit: %s",
strerror(errno));
exit(1);
* dumps are enabled, log that information.
*/
} else if ((core_limits.rlim_cur != 0) && !debug_flag)
- log(L_INFO, "Core dumps are enabled.");
+ radlog(L_INFO, "Core dumps are enabled.");
} else if (!debug_flag) {
/*
limits.rlim_max = core_limits.rlim_max;
if (setrlimit(RLIMIT_CORE, &limits) < 0) {
- log(L_ERR|L_CONS, "Cannot disable core dumps: %s",
+ radlog(L_ERR|L_CONS, "Cannot disable core dumps: %s",
strerror(errno));
exit(1);
}
* Get the current maximum for core files.
*/
if (getrlimit(RLIMIT_CORE, &core_limits) < 0) {
- log(L_ERR|L_CONS, "Failed to get current core limit:"
+ radlog(L_ERR|L_CONS, "Failed to get current core limit:"
" %s", strerror(errno));
exit(1);
}
if (debug_flag == 0 && dont_fork == 0) {
pid = fork();
if(pid < 0) {
- log(L_ERR|L_CONS, "Couldn't fork");
+ radlog(L_ERR|L_CONS, "Couldn't fork");
exit(1);
}
fprintf(fp, "%d\n", radius_pid);
fclose(fp);
} else {
- log(L_ERR|L_CONS, "Failed writing process id to file %s: %s\n",
+ radlog(L_ERR|L_CONS, "Failed writing process id to file %s: %s\n",
pid_file, strerror(errno));
}
}
}
if (proxy_requests) {
- log(L_INFO, "Listening on IP address %s, ports %d/udp and %d/udp, with proxy on %d/udp.",
+ radlog(L_INFO, "Listening on IP address %s, ports %d/udp and %d/udp, with proxy on %d/udp.",
buffer, auth_port, acct_port, proxy_port);
} else {
- log(L_INFO, "Listening on IP address %s, ports %d/udp and %d/udp.",
+ radlog(L_INFO, "Listening on IP address %s, ports %d/udp and %d/udp.",
buffer, auth_port, acct_port);
}
* We used to do it for historical reasons, but that
* is no excuse...
*/
- log(L_INFO, "Ready to process requests.");
+ radlog(L_INFO, "Ready to process requests.");
/*
* Receive user requests
rad_clean_list(now);
continue;
}
- log(L_ERR, "Unexpected error in select(): %s",
+ radlog(L_ERR, "Unexpected error in select(): %s",
strerror(errno));
sig_fatal(101);
}
*/
packet = rad_recv(fd);
if (packet == NULL) {
- log(L_ERR, "%s", librad_errstr);
+ radlog(L_ERR, "%s", librad_errstr);
continue;
}
* Check if we know this client.
*/
if ((cl = client_find(packet->src_ipaddr)) == NULL) {
- log(L_ERR, "Ignoring request from unknown client %s:%d",
+ radlog(L_ERR, "Ignoring request from unknown client %s:%d",
buffer, packet->src_port);
rad_free(packet);
continue;
* packets here will make our life easier.
*/
if (packet->code > PW_ACCESS_CHALLENGE) {
- log(L_ERR, "Ignoring request from client %s:%d with unknown code %d", buffer, packet->src_port, packet->code);
+ radlog(L_ERR, "Ignoring request from client %s:%d with unknown code %d", buffer, packet->src_port, packet->code);
rad_free(packet);
continue;
}
if ((request = malloc(sizeof(REQUEST))) == NULL) {
- log(L_ERR|L_CONS, "no memory");
+ radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
memset(request, 0, sizeof(REQUEST));
* and ignore them, if so.
*/
if (request->packet->sockfd != authfd) {
- log(L_ERR, "Request packet code %d sent to authentication port from "
+ radlog(L_ERR, "Request packet code %d sent to authentication port from "
"client %s:%d - ID %d : IGNORED",
request->packet->code,
client_name(request->packet->src_ipaddr),
* and ignore them, if so.
*/
if (request->packet->sockfd != acctfd) {
- log(L_ERR, "Request packet code %d sent to accounting port from "
+ radlog(L_ERR, "Request packet code %d sent to accounting port from "
"client %s:%d - ID %d : IGNORED",
request->packet->code,
client_name(request->packet->src_ipaddr),
* dropped.
*/
if (request->packet->sockfd != proxyfd) {
- log(L_ERR, "Reply packet code %d sent to request port from "
+ radlog(L_ERR, "Reply packet code %d sent to request port from "
"client %s:%d - ID %d : IGNORED",
request->packet->code,
client_name(request->packet->src_ipaddr),
/*
* We don't support this anymore.
*/
- log(L_ERR, "Deprecated password change request from client %s:%d "
+ radlog(L_ERR, "Deprecated password change request from client %s:%d "
"- ID %d : IGNORED",
client_name(request->packet->src_ipaddr),
request->packet->src_port,
break;
default:
- log(L_ERR, "Unknown packet type %d from client %s:%d "
+ radlog(L_ERR, "Unknown packet type %d from client %s:%d "
"- ID %d : IGNORED",
request->packet->code,
client_name(request->packet->src_ipaddr),
* spread the load a little bit.
*/
if (rad_decode(packet, original, secret) != 0) {
- log(L_ERR, "%s", librad_errstr);
+ radlog(L_ERR, "%s", librad_errstr);
rad_reject(request);
goto finished_request;
}
* - kill it
*/
child_pid = curreq->child_pid;
- log(L_ERR, "Killing unresponsive child %d",
+ radlog(L_ERR, "Killing unresponsive child %d",
child_pid);
child_kill(child_pid, SIGTERM);
} /* else no proxy reply, quietly fail */
* re-send it. Otherwise, just complain.
*/
if (curreq->reply) {
- log(L_INFO,
+ radlog(L_INFO,
"Sending duplicate authentication reply"
" to client %s:%d - ID: %d",
client_name(request->packet->src_ipaddr),
request->packet->id);
}
} else {
- log(L_ERR,
+ radlog(L_ERR,
"Dropping duplicate authentication packet"
" from client %s:%d - ID: %d",
client_name(request->packet->src_ipaddr),
* with the same ID, while we were processing
* the old one! What should we do?
*/
- log(L_ERR,
+ radlog(L_ERR,
"Dropping conflicting authentication packet"
" from client %s:%d - ID: %d",
client_name(request->packet->src_ipaddr),
* makes us go over our configured bounds.
*/
if (request_count > max_requests) {
- log(L_ERR, "Dropping request (%d is too many): "
+ radlog(L_ERR, "Dropping request (%d is too many): "
"from client %s:%d - ID: %d", request_count,
client_name(request->packet->src_ipaddr),
request->packet->src_port,
*/
rcode = pthread_create(&child_pid, NULL, rad_spawn_thread, data);
if (rcode != 0) {
- log(L_ERR, "Thread create failed for request from nas %s - ID: %d : %s",
+ radlog(L_ERR, "Thread create failed for request from nas %s - ID: %d : %s",
nas_name2(request->packet),
request->packet->id,
strerror(errno));
*/
child_pid = fork();
if (child_pid < 0) {
- log(L_ERR, "Fork failed for request from nas %s - ID: %d",
+ radlog(L_ERR, "Fork failed for request from nas %s - ID: %d",
nas_name2(request->packet),
request->packet->id);
return -1;
* process group, to prevent further attacks.
*/
if (debug_flag && (WIFSIGNALED(status))) {
- log(L_ERR|L_CONS, "MASTER: Child PID %d failed to catch signal %d: killing all active servers.\n",
+ radlog(L_ERR|L_CONS, "MASTER: Child PID %d failed to catch signal %d: killing all active servers.\n",
pid, WTERMSIG(status));
kill(0, SIGTERM);
exit(1);
switch(sig) {
case 100:
- log(L_ERR, "%saccounting process died - exit.", me);
+ radlog(L_ERR, "%saccounting process died - exit.", me);
break;
case 101:
- log(L_ERR, "%sfailed in select() - exit.", me);
+ radlog(L_ERR, "%sfailed in select() - exit.", me);
break;
case SIGTERM:
- log(L_INFO, "%sexit.", me);
+ radlog(L_INFO, "%sexit.", me);
break;
default:
- log(L_ERR, "%sexit on signal (%d)", me, sig);
+ radlog(L_ERR, "%sexit on signal (%d)", me, sig);
break;
}
* If we haven't found the old request, complain.
*/
if (oldreq == NULL) {
- log(L_PROXY, "Unrecognized proxy reply from server %s - ID %d",
+ radlog(L_PROXY, "Unrecognized proxy reply from server %s - ID %d",
client_name(request->packet->src_ipaddr),
request->packet->id);
request_free(request);
if (!delaypair) {
delaypair = paircreate(PW_ACCT_DELAY_TIME, PW_TYPE_INTEGER);
if (!delaypair) {
- log(L_ERR|L_CONS, "no memory");
+ radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
pairadd(&p->proxy->vps, delaypair);
* Match. Zap it.
*/
if (lseek(fd, -(off_t)sizeof(u), SEEK_CUR) < 0) {
- log(L_ERR, "Accounting: radutmp_zap: "
+ radlog(L_ERR, "Accounting: radutmp_zap: "
"negative lseek!\n");
lseek(fd, (off_t)0, SEEK_SET);
}
* Which type is this.
*/
if ((vp = pairfind(request->packet->vps, PW_ACCT_STATUS_TYPE)) == NULL) {
- log(L_ERR, "Accounting: no Accounting-Status-Type record.");
+ radlog(L_ERR, "Accounting: no Accounting-Status-Type record.");
return -1;
}
status = vp->lvalue;
check2 = 1;
if (check1 == 0 || check2 == 0) {
#if 0 /* Cisco sometimes sends START records without username. */
- log(L_ERR, "Accounting: no username in record");
+ radlog(L_ERR, "Accounting: no username in record");
return -1;
#else
break;
#endif
}
- log(L_INFO, "Accounting: converting reboot records.");
+ radlog(L_INFO, "Accounting: converting reboot records.");
if (status == PW_STATUS_STOP)
status = PW_STATUS_ACCOUNTING_OFF;
if (status == PW_STATUS_START)
* See if this was a portmaster reboot.
*/
if (status == PW_STATUS_ACCOUNTING_ON && nas_address) {
- log(L_INFO, "NAS %s restarted (Accounting-On packet seen)",
+ radlog(L_INFO, "NAS %s restarted (Accounting-On packet seen)",
nas_name(nas_address));
radutmp_zap(nas_address, -1, NULL, ut.time);
return 0;
}
if (status == PW_STATUS_ACCOUNTING_OFF && nas_address) {
- log(L_INFO, "NAS %s rebooted (Accounting-Off packet seen)",
+ radlog(L_INFO, "NAS %s rebooted (Accounting-Off packet seen)",
nas_name(nas_address));
radutmp_zap(nas_address, -1, NULL, ut.time);
return 0;
if (status != PW_STATUS_START &&
status != PW_STATUS_STOP &&
status != PW_STATUS_ALIVE) {
- log(L_ERR, "NAS %s port %d unknown packet type %d)",
+ radlog(L_ERR, "NAS %s port %d unknown packet type %d)",
nas_name(nas_address), ut.nas_port, status);
return 0;
}
* send _only_ logout records).
*/
if (u.type == P_LOGIN)
- log(L_ERR,
+ radlog(L_ERR,
"Accounting: logout: entry for NAS %s port %d has wrong ID",
nas_name(nas_address), u.nas_port);
r = -1;
sizeof(u.session_id)) == 0 &&
u.time >= ut.time) {
if (u.type == P_LOGIN) {
- log(L_INFO,
+ radlog(L_INFO,
"Accounting: login: entry for NAS %s port %d duplicate",
nas_name(nas_address), u.nas_port);
r = -1;
break;
}
- log(L_ERR,
+ radlog(L_ERR,
"Accounting: login: entry for NAS %s port %d wrong order",
nas_name(nas_address), u.nas_port);
r = -1;
}
if (lseek(fd, -(off_t)sizeof(u), SEEK_CUR) < 0) {
- log(L_ERR, "Accounting: negative lseek!\n");
+ radlog(L_ERR, "Accounting: negative lseek!\n");
lseek(fd, (off_t)0, SEEK_SET);
off = 0;
} else
u.delay = ut.delay;
write(fd, &u, sizeof(u));
} else if (r == 0) {
- log(L_ERR,
+ radlog(L_ERR,
"Accounting: logout: login entry for NAS %s port %d not found",
nas_name(nas_address), ut.nas_port);
r = -1;
}
close(fd);
} else {
- log(L_ERR, "Accounting: %s: %s", RADUTMP, strerror(errno));
+ radlog(L_ERR, "Accounting: %s: %s", RADUTMP, strerror(errno));
ret = -1;
}
* Find NAS type.
*/
if ((nas = nas_find(ut->nas_address)) == NULL) {
- log(L_ERR, "Accounting: unknown NAS");
+ radlog(L_ERR, "Accounting: unknown NAS");
return -1;
}
*/
handler = signal(SIGCHLD, SIG_DFL);
if ((pid = fork()) < 0) {
- log(L_ERR, "Accounting: fork: %s", strerror(errno));
+ radlog(L_ERR, "Accounting: fork: %s", strerror(errno));
signal(SIGCHLD, handler);
return -1;
}
kill(pid, SIGTERM);
sleep(1);
kill(pid, SIGKILL);
- log(L_ERR, "Check-TS: timeout waiting for checkrad");
+ radlog(L_ERR, "Check-TS: timeout waiting for checkrad");
return 2;
}
if (e < 0) {
- log(L_ERR, "Check-TS: unknown error in waitpid()");
+ radlog(L_ERR, "Check-TS: unknown error in waitpid()");
return 2;
}
return WEXITSTATUS(st);
execl(CHECKRAD, "checkrad",nas->nastype, address, port,
ut->login, session_id, NULL);
#endif
- log(L_ERR, "Check-TS: exec %s: %s", CHECKRAD, strerror(errno));
+ radlog(L_ERR, "Check-TS: exec %s: %s", CHECKRAD, strerror(errno));
/*
* Exit - 2 means "some error occured".
* machine RADIUS runs on.
*
* Version: $Id$
- *
- * Patch: 22-Apr-1999 promera@cistron.nl
- * Added support for raw, comma seperated output
*/
static const char rcsid[] =
* fun the function which is handling the request.
*/
typedef struct THREAD_HANDLE {
- struct THREAD_HANDLE *prev;
- struct THREAD_HANDLE *next;
+ struct THREAD_HANDLE *prev;
+ struct THREAD_HANDLE *next;
pthread_t pthread_id;
int thread_num;
sem_t semaphore;
*/
handle = (THREAD_HANDLE *) malloc(sizeof(THREAD_HANDLE));
if (handle == NULL) {
- log(L_ERR|L_CONS, "no memory");
+ radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
memset(handle, 0, sizeof(THREAD_HANDLE));
*/
rcode = sem_init(&handle->semaphore, 0, SEMAPHORE_LOCKED);
if (rcode != 0) {
- log(L_ERR|L_CONS, "Failed to allocate semaphore: %s",
+ radlog(L_ERR|L_CONS, "Failed to allocate semaphore: %s",
strerror(errno));
exit(1);
}
rcode = pthread_create(&handle->pthread_id, &attr,
request_handler_thread, handle);
if (rcode != 0) {
- log(L_ERR|L_CONS, "Thread create failed: %s", strerror(errno));
+ radlog(L_ERR|L_CONS, "Thread create failed: %s", strerror(errno));
exit(1);
}
pthread_attr_destroy(&attr);
if (found == NULL) {
found = spawn_thread();
if (found == NULL) {
- log(L_INFO, "The maximum number of threads (%d) are active, cannot spawn new thread to handle request", thread_pool.max_threads);
+ radlog(L_INFO, "The maximum number of threads (%d) are active, cannot spawn new thread to handle request", thread_pool.max_threads);
return -1;
}
}
{
case T_OP_EQ:
default:
- log(L_ERR, "Invalid operator for item %s: "
+ radlog(L_ERR, "Invalid operator for item %s: "
"reverting to '=='", check_item->name);
/*FALLTHRU*/
case T_OP_CMP_EQ: