string cConfigItem_hosts::getValueStr(bool configFile) {
if((!param_adresses || !param_adresses->size()) &&
(!param_nets || !param_nets->size())) {
return("");
}
ostringstream outStr;
int counter = 0;
if(param_adresses) {
for(vector<u_int32_t>::iterator iter = param_adresses->begin(); iter != param_adresses->end(); iter++) {
if(counter) {
if(configFile) {
outStr << endl << config_name << " = ";
} else {
outStr << ';';
}
}
outStr << inet_ntostring(*iter);
++counter;
}
}
if(param_nets) {
for(vector<d_u_int32_t>::iterator iter = param_nets->begin(); iter != param_nets->end(); iter ++) {
if(counter) {
if(configFile) {
outStr << endl << config_name << " = ";
} else {
outStr << ';';
}
}
outStr << inet_ntostring((*iter)[0]) << '/' << (*iter)[1];
++counter;
}
}
return(outStr.str());
}
string cConfigItem_integer::getValueStr(bool configFile) {
int64_t val = 0;
if(param_int) {
val = *param_int;
}
if(param_uint) {
val = *param_uint;
}
if(param_int64) {
val = *param_int64;
}
if(param_uint64) {
val = *param_uint64;
}
string str = getStringFromMapValues(val);
if(!str.empty()) {
return(str);
}
if(multiple) {
val /= multiple;
}
if(yesValue && val == yesValue) {
return("yes");
}
if(ip) {
return(inet_ntostring(htonl(val)));
}
ostringstream outStr;
outStr << val;
return(outStr.str());
}
//-----------------------------------------------------------------------------
void USER_IMPL::Connect(bool fakeConnect)
{
/*
* Connect user to Internet. This function is differ from Authorize() !!!
*/
STG_LOCKER lock(&mutex);
if (!fakeConnect)
{
std::string scriptOnConnect = settings->GetScriptsDir() + "/OnConnect";
if (access(scriptOnConnect.c_str(), X_OK) == 0)
{
std::string dirs = dirsToString(enabledDirs);
std::string scriptOnConnectParams;
strprintf(&scriptOnConnectParams,
"%s \"%s\" \"%s\" \"%f\" \"%d\" \"%s\"",
scriptOnConnect.c_str(),
login.c_str(),
inet_ntostring(currIP).c_str(),
cash.ConstData(),
id,
dirs.c_str());
std::vector<std::string>::const_iterator it(settings->GetScriptParams().begin());
while (it != settings->GetScriptParams().end())
{
scriptOnConnectParams += " \"" + GetParamValue(it->c_str()) + "\"";
++it;
}
ScriptExec(scriptOnConnectParams.c_str());
}
else
{
WriteServLog("Script %s cannot be executed. File not found.", scriptOnConnect.c_str());
}
connected = true;
}
if (!settings->GetDisableSessionLog() && store->WriteUserConnect(login, currIP))
{
WriteServLog("Cannot write connect for user %s.", login.c_str());
WriteServLog("%s", store->GetStrError().c_str());
}
if (!fakeConnect)
lastIPForDisconnect = currIP;
}
const STG_PAIRS * STG_CLIENT::PostAuth(const std::string & login, const std::string & svc)
{
/*RAD_PACKET packet;
userPassword = "";
if (Request(&packet, login, svc, RAD_POST_AUTH_PACKET))
return -1;
if (packet.packetType != RAD_ACCEPT_PACKET)
return -1;
if (svc == "Framed-User")
framedIP = packet.ip;
else
framedIP = 0;*/
PAIRS pairs;
pairs.push_back(std::make_pair("Framed-IP-Address", inet_ntostring(framedIP)));
return ToSTGPairs(pairs);
}
//-----------------------------------------------------------------------------
void USER_IMPL::Disconnect(bool fakeDisconnect, const std::string & reason)
{
/*
* Disconnect user from Internet. This function is differ from UnAuthorize() !!!
*/
STG_LOCKER lock(&mutex);
if (!lastIPForDisconnect)
{
printfd(__FILE__, "lastIPForDisconnect\n");
return;
}
if (!fakeDisconnect)
{
lastDisconnectReason = reason;
std::string scriptOnDisonnect = settings->GetScriptsDir() + "/OnDisconnect";
if (access(scriptOnDisonnect.c_str(), X_OK) == 0)
{
std::string dirs = dirsToString(enabledDirs);
std::string scriptOnDisonnectParams;
strprintf(&scriptOnDisonnectParams,
"%s \"%s\" \"%s\" \"%f\" \"%d\" \"%s\"",
scriptOnDisonnect.c_str(),
login.c_str(),
inet_ntostring(lastIPForDisconnect).c_str(),
cash.ConstData(),
id,
dirs.c_str());
std::vector<std::string>::const_iterator it(settings->GetScriptParams().begin());
while (it != settings->GetScriptParams().end())
{
scriptOnDisonnectParams += " \"" + GetParamValue(it->c_str()) + "\"";
++it;
}
ScriptExec(scriptOnDisonnectParams.c_str());
}
else
{
WriteServLog("Script OnDisconnect cannot be executed. File not found.");
}
connected = false;
}
std::string reasonMessage(reason);
if (!lastDisconnectReason.empty())
reasonMessage += ": " + lastDisconnectReason;
if (!settings->GetDisableSessionLog() && store->WriteUserDisconnect(login, up, down, sessionUpload, sessionDownload,
cash, freeMb, reasonMessage))
{
WriteServLog("Cannot write disconnect for user %s.", login.c_str());
WriteServLog("%s", store->GetStrError().c_str());
}
if (!fakeDisconnect)
lastIPForDisconnect = 0;
sessionUpload.Reset();
sessionDownload.Reset();
sessionUploadModTime = stgTime;
sessionDownloadModTime = stgTime;
}
//-----------------------------------------------------------------------------
int USER_IMPL::Authorize(uint32_t ip, uint32_t dirs, const AUTH * auth)
{
STG_LOCKER lock(&mutex);
/*
* Authorize user. It only means that user will be authorized. Nothing more.
* User can be connected or disconnected while authorized.
* Example: user is authorized but disconnected due to 0 money or blocking
*/
/*
* TODO: in fact "authorization" means allowing access to a service. What we
* call "authorization" here, int STG, is "authentication". So this should be
* fixed in future.
*/
/*
* Prevent double authorization by identical authorizers
*/
if (authorizedBy.find(auth) != authorizedBy.end())
return 0;
if (!ip)
return -1;
dirsFromBits(enabledDirs, dirs);
if (!authorizedBy.empty())
{
if (currIP != ip)
{
// We are already authorized, but with different IP address
errorStr = "User " + login + " already authorized with IP address " + inet_ntostring(ip);
return -1;
}
USER * u = NULL;
if (!users->FindByIPIdx(ip, &u))
{
// Address presents in IP-index.
// If it's not our IP - report it.
if (u != this)
{
errorStr = "IP address " + inet_ntostring(ip) + " is already in use";
return -1;
}
}
}
else
{
if (users->IsIPInIndex(ip))
{
// Address is already present in IP-index.
errorStr = "IP address " + inet_ntostring(ip) + " is already in use";
return -1;
}
if (ips.ConstData().IsIPInIPS(ip))
{
currIP = ip;
lastIPForDisconnect = currIP;
}
else
{
printfd(__FILE__, " user %s: ips = %s\n", login.c_str(), ips.ConstData().GetIpStr().c_str());
errorStr = "IP address " + inet_ntostring(ip) + " does not belong to user " + login;
return -1;
}
}
if (authorizedBy.empty())
authorizedModificationTime = stgTime;
authorizedBy.insert(auth);
ScanMessage();
return 0;
}
