Unify RADIUS code for logging

2025-02-23 18:45:40 +08:00 · 2017-06-25 18:40:26 +03:00 · 2017-06-25 18:40:26 +03:00 · b4043e944c
commit b4043e944c
parent 2983575952
5 changed files with 79 additions and 30 deletions
--- a/src/authradius.c
+++ b/src/authradius.c
@ -160,15 +160,11 @@



-#ifdef NOIPV6
-struct  sockaddr_in radiuslist[MAXRADIUS];
-#else
-struct  sockaddr_in6 radiuslist[MAXRADIUS];
-#endif
+struct radserver radiuslist[MAXRADIUS];

 static int ntry = 0;
 int nradservers = 0;
-char * radiussecret = NULL;
+char radiussecret[64]="";

 pthread_mutex_t rad_mutex;

@ -299,7 +295,7 @@ typedef struct radius_packet_t {
          
 #define RETURN(xxx) { res = xxx; goto CLEANRET; }

-int radauth(struct clientparam * param){
+int radsend(struct clientparam * param, int auth){

 	int loop;
 	int id;
@ -483,8 +479,10 @@ int radauth(struct clientparam * param){
 	memcpy(vector, packet.vector, AUTH_VECTOR_LEN);
 	
 	for (loop = 0; loop < nradservers && loop < MAXRADIUS; loop++) {
+		SOCKET remsock;

-		saremote = radiuslist[loop];
+
+		saremote = auth?radiuslist[loop].authaddr : radiuslist[loop].logaddr;
 #ifdef NOIPV6
 		if(*SAFAMILY(&saremote)!= AF_INET) {
 			continue;
@ -494,20 +492,23 @@ int radauth(struct clientparam * param){
 			continue;
 		}
 #endif
-		if(!*SAPORT(&saremote))*SAPORT(&saremote) = htons(1812);
 		packet.id++;
-		if(sockfd >= 0) so._closesocket(sockfd);
-		if ((sockfd = so._socket(SASOCK(&saremote), SOCK_DGRAM, 0)) < 0) {
-		    return 4;
+		if(auth) {
+			if(sockfd >= 0) so._closesocket(sockfd);
+			if ((sockfd = so._socket(SASOCK(&saremote), SOCK_DGRAM, 0)) < 0) {
+			    return 4;
+			}
+			remsock = sockfd;
 		}
-		len = so._sendto(sockfd, (char *)&packet, total_length, 0,
+		else remsock = radiuslist[loop].logsock;
+		len = so._sendto(remsock, (char *)&packet, total_length, 0,
 		      (struct sockaddr *)&saremote, sizeof(saremote));
 		if(len != ntohs(packet.length)){
 			continue;
 		}

 	        memset(fds, 0, sizeof(fds));
-	        fds[0].fd = sockfd;
+	        fds[0].fd = remsock;
 	        fds[0].events = POLLIN;
 		if(so._poll(fds, 1, conf.timeouts[SINGLEBYTE_L]*1000) <= 0) {
 			continue;
@ -515,7 +516,7 @@ int radauth(struct clientparam * param){

 		salen = sizeof(saremote);
 				
-		data_len = so._recvfrom(sockfd, (char *)&rpacket, sizeof(packet)-16,
+		data_len = so._recvfrom(remsock, (char *)&rpacket, sizeof(packet)-16,
 			0, (struct sockaddr *)&saremote, &salen);


@ -608,4 +609,9 @@ CLEANRET:
 	return res;
 }

+int radauth(struct clientparam * param){
+	return radsend(param, 1);
+}
+
+
 #endif
--- a/src/common.c
+++ b/src/common.c
@ -15,6 +15,9 @@ char * copyright = COPYRIGHT;

 int randomizer = 1;

+int havelog = 0;
+
+
 #ifndef _WIN32
 pthread_attr_t pa;

--- a/src/conf.c
+++ b/src/conf.c
@ -292,14 +292,25 @@ static int h_external(int argc, unsigned char ** argv){
 	return 0;
 }

+
 static int h_log(int argc, unsigned char ** argv){ 
 	unsigned char tmpbuf[8192];
+
+
+	havelog = 1;
 	conf.logfunc = logstdout;
+	if(argc > 1 && conf.logtarget && *argv[1]!= '&' && *argv[1]!= '@' && !strcmp((char *)conf.logtarget, (char *)argv[1])) {
+		return 0;
+	}
 	if(conf.logtarget){
 		myfree(conf.logtarget);
 		conf.logtarget = NULL;
 	}
 	if(argc > 1) {
+		if(!strcmp((char *) argv[1], "/dev/null")) {
+			conf.logfunc = lognone;
+			return 0;
+		}
 		conf.logtarget = (unsigned char *)mystrdup((char *)argv[1]);
 		if(*argv[1]=='@'){
 #ifndef _WIN32
@ -1259,13 +1270,34 @@ static int h_delimchar(int argc, unsigned char **argv){
 	return 0;
 }

+
 static int h_radius(int argc, unsigned char **argv){
-	char * rs = radiussecret;
-	radiussecret = mystrdup(argv[1]);
+	int oldrad;
+#ifdef NOIPV6
+	struct  sockaddr_in bindaddr;
+#else
+	struct  sockaddr_in6 bindaddr;
+#endif
+	unsigned short port;
+
+	oldrad = nradservers;
 	nradservers = 0;
+	for(; oldrad; oldrad--){
+		if(radiuslist[oldrad].logsock >= 0)closesocket(radiuslist[oldrad].logsock);
+		radiuslist[oldrad].logsock = -1;
+	}
 	memset(radiuslist, 0, sizeof(radiuslist));
+	if(strlen(argv[1]) > 63) argv[1][63] = 0;
+	strcpy(radiussecret, argv[1]);
 	for( ; nradservers < MAXRADIUS && nradservers < argc -2; nradservers++){
-		if( !getip46(46, argv[nradservers + 2], (struct sockaddr *)&radiuslist[nradservers])) return 1;
+		if( !getip46(46, argv[nradservers + 2], (struct sockaddr *)&radiuslist[nradservers].authaddr)) return 1;
+		if(!*SAPORT(&radiuslist[nradservers].authaddr))*SAPORT(&radiuslist[nradservers].authaddr) = htons(1812);
+		port = ntohs(*SAPORT(&radiuslist[nradservers].authaddr));
+		radiuslist[nradservers].logaddr = radiuslist[nradservers].authaddr;
+ 	        *SAPORT(&radiuslist[nradservers].logaddr) = htons(port);
+		bindaddr = conf.intsa;
+		if ((radiuslist[nradservers].logsock = so._socket(SASOCK(&radiuslist[nradservers].logaddr), SOCK_DGRAM, 0)) < 0) return 2;
+		if (so._bind(radiuslist[nradservers].logsock, (struct sockaddr *)&bindaddr, SASIZE(&bindaddr))) return 3;
 	}
 	return 0;
 }
@ -1638,12 +1670,14 @@ void freeconf(struct extparam *confp){
 pthread_mutex_unlock(&pwl_mutex);


+/*
 logtarget = confp->logtarget;
 confp->logtarget = NULL;
- logformat = confp->logformat;
- confp->logformat = NULL;
 logname = confp->logname;
 confp->logname = NULL;
+*/
+ logformat = confp->logformat;
+ confp->logformat = NULL;
 confp->rotate = 0;
 confp->logtype = NONE;

@ -1693,12 +1727,14 @@ void freeconf(struct extparam *confp){
 for(; fm; fm = (struct filemon *)itfree(fm, fm->next)){
 	if(fm->path) myfree(fm->path);
 }
+/*
 if(logtarget) {
 	myfree(logtarget);
 }
 if(logname) {
 	myfree(logname);
 }
+*/
 if(logformat) {
 	myfree(logformat);
 }
@ -1706,7 +1742,7 @@ void freeconf(struct extparam *confp){
 	for(i = 0; i < archiverc; i++) myfree(archiver[i]);
 	myfree(archiver);
 }
-
+ havelog = 0;
 }

 int reload (void){
--- a/src/proxy.h
+++ b/src/proxy.h
@ -245,7 +245,7 @@ int parseusername(char *username, struct clientparam *param, int extpasswd);
 int parseconnusername(char *username, struct clientparam *param, int extpasswd, unsigned short port);
 int ACLmatches(struct ace* acentry, struct clientparam * param);
 int checkACL(struct clientparam * param);
-
+extern int havelog;
 unsigned long udpresolve(int af, unsigned char * name, unsigned char * value, unsigned *retttl, struct clientparam* param, int makeauth);

 struct ace * copyacl (struct ace *ac);
@ -332,14 +332,18 @@ extern struct commands commandhandlers[];
 #define mapsocket(a,b) sockmap(a,b)
 #endif

-#ifdef NOIPV6
-extern struct  sockaddr_in radiuslist[MAXRADIUS];
-#else
-extern struct  sockaddr_in6 radiuslist[MAXRADIUS];
-#endif

+extern struct radserver {
+#ifdef NOIPV6
+	struct  sockaddr_in authaddr, logaddr;
+#else
+	struct  sockaddr_in6 authaddr, logaddr;
+#endif
+	SOCKET logsock;
+} radiuslist[MAXRADIUS];
+
+extern char radiussecret[64];
 extern int nradservers;
-extern char * radiussecret;
 extern struct socketoptions {
 	int opt;
 	char * optname;
--- a/src/proxymain.c
+++ b/src/proxymain.c
@ -830,7 +830,7 @@ void srvinit(struct srvparam * srv, struct clientparam *param){
 memset(srv, 0, sizeof(struct srvparam));
 srv->version = conf.version + 1;
 srv->paused = conf.paused;
- srv->logfunc = conf.logfunc;
+ srv->logfunc = havelog?conf.logfunc:lognone;
 srv->noforce = conf.noforce;
 if(srv->logformat)myfree(srv->logformat);
 srv->logformat = conf.logformat? (unsigned char *)mystrdup((char *)conf.logformat) : NULL;
@ -839,7 +839,7 @@ void srvinit(struct srvparam * srv, struct clientparam *param){
 srv->maxchild = conf.maxchild;
 srv->stacksize = conf.stacksize;
 srv->time_start = time(NULL);
- if(conf.logtarget){
+ if(havelog && conf.logtarget){
 	 if(srv->logtarget) myfree(srv->logtarget);
 	 srv->logtarget = (unsigned char *)mystrdup((char *)conf.logtarget);
 }