int *ipc_init_(const char *uniq_dgrp, const char *id_str, int len1, int len2) { int i; char *uniq=strdupf(uniq_dgrp,len1); char *id=strdupf(id_str,len2); i=ipc_init(uniq,id); free(uniq); free(id); return ( (int*) i); }
palo_err string_get_word_or_whitespace_a(char **to, const char *from, size_t *index) { size_t idx, last_idx; assert(to != NULL); assert(from != NULL); assert(index != NULL); if (IS_WHITESPACE(from[*index])) { *to = strdupf("%c", from[*index]); if (*to == NULL) { return PALO_ERR_NO_MEM; } ++(*index); return PALO_SUCCESS; } /* skip data */ for (idx = *index; !IS_WHITESPACE(from[idx]) && from[idx] != L'\0'; idx++); last_idx = idx; *to = (char*)malloc((last_idx - *index + 1) * sizeof(char)); if (*to == NULL) { return PALO_ERR_NO_MEM; } memcpy(*to, from + *index, (last_idx - *index)*sizeof(char)); (*to)[last_idx-*index] = '\0'; *index = idx; return PALO_SUCCESS; }
/* note: also called from the root context */ static int set_interface_var(const char *iface, const char *var, const char *name, uint32_t val) { int retval = -1; FILE * fp = 0; char * spath = strdupf(var, iface); /* No path traversal */ if (!iface[0] || !strcmp(iface, ".") || !strcmp(iface, "..") || strchr(iface, '/')) goto cleanup; if (access(spath, F_OK) != 0) goto cleanup; fp = fopen(spath, "w"); if (!fp) { if (name) flog(LOG_ERR, "failed to set %s (%u) for %s: %s", name, val, iface, strerror(errno)); goto cleanup; } if (0 > fprintf(fp, "%u", val)) { goto cleanup; } retval = 0; cleanup: if (fp) fclose(fp); free(spath); return retval; }
static munge_err_t _m_msg_client_millisleep (m_msg_t m, unsigned long msecs) { /* Sleeps for 'msecs' milliseconds. * Returns EMUNGE_SUCCESS on success, * or EMUNGE_SNAFU on error (with additional info if 'm' is not NULL). */ struct timespec ts; int rv; ts.tv_sec = msecs / 1000; ts.tv_nsec = (msecs % 1000) * 1000 * 1000; while (1) { rv = nanosleep (&ts, &ts); if (rv == 0) { break; } else if (errno == EINTR) { continue; } else if (m != NULL) { m_msg_set_err (m, EMUNGE_SNAFU, strdupf ("Failed nanosleep: %s", strerror (errno))); } return (EMUNGE_SNAFU); } return (EMUNGE_SUCCESS); }
void ipc_subject_subscribe_(const char *fsub, int flen) { char *sub=strdupf(fsub,flen); TipcSrvSubjectSetSubscribe(sub,TRUE); free(sub); return; }
void ipc_command_parse_str_(const char *fstr, int flen) { char *str=strdupf(fstr,flen); TutCommandParseStr(str); free(str); return; }
int *tcl_evalfile_(int *finterp, char *fname, int flen){ Tcl_Interp *interp=(Tcl_Interp *) *finterp; char *name=strdupf(fname,flen); Tcl_EvalFile(interp,name); free(name); }
int main ( int argc, char * * argv ) { char * psz; psz = strdupf("%s - %s - %s, %d\n", "hoge", "fuga", "foo", 256); fprintf(stderr, psz); return (0); }
static void _job_exec (m_msg_t m) { /* Receives and responds to the message request [m]. */ munge_err_t e; const char *p; assert (m != NULL); e = m_msg_recv (m, MUNGE_MSG_UNDEF, MUNGE_MAXIMUM_REQ_LEN); if (e == EMUNGE_SUCCESS) { switch (m->type) { case MUNGE_MSG_ENC_REQ: enc_process_msg (m); break; case MUNGE_MSG_DEC_REQ: dec_process_msg (m); break; default: m_msg_set_err (m, EMUNGE_SNAFU, strdupf ("Invalid message type %d", m->type)); break; } } /* For certain MUNGE "cred" errors, the credential has been successfully * decoded but is deemed invalid for other reasons. In these cases, * the origin IP address is added to the logged error message to aid * in troubleshooting. */ if (m->error_num != EMUNGE_SUCCESS) { p = (m->error_str != NULL) ? m->error_str : munge_strerror (m->error_num); switch (m->error_num) { case EMUNGE_CRED_EXPIRED: case EMUNGE_CRED_REWOUND: case EMUNGE_CRED_REPLAYED: if (m->addr_len == 4) { char ip_addr_buf [INET_ADDRSTRLEN]; if (inet_ntop (AF_INET, &m->addr, ip_addr_buf, sizeof (ip_addr_buf)) != NULL) { log_msg (LOG_INFO, "%s from %s", p, ip_addr_buf); break; } } /* fall-through */ default: log_msg (LOG_INFO, "%s", p); break; } } m_msg_destroy (m); return; }
int *ipc_set_server_names_(const char *namesf, int len) { int i; char *server=strdupf(namesf,len); i=ipc_set_server_names(server); free(server); return( (int*) i); }
int *ipc_set_disconnect_mode_(const char *namef, int len) { int i; char *mode=strdupf(namef,len); i=ipc_set_disconnect_mode(mode); free(mode); return( (int*) i); }
int *ipc_set_application_(const char *namef, int len) { int i; char *app=strdupf(namef,len); i=ipc_set_application(app); free(app); return( (int*) i); }
int *ipc_status_append_str_(T_IPC_MSG msg, const char *namef, int len) { int i; char *str=strdupf(namef,len); i=TipcMsgAppendStr(msg,str); free(str); return( (int*) i); }
int *ipc_set_status_poll_group_(const char *namef, int len) { int i; char *grp=strdupf(namef,len); i=ipc_set_status_poll_group(grp); free(grp); return( (int*) i); }
static munge_err_t _decode_rsp (m_msg_t m, munge_ctx_t ctx, void **buf, int *len, uid_t *uid, gid_t *gid) { /* Extracts a Decode Response message received from the local munge daemon. * The outputs from this message are as follows: * cipher, mac, zip, realm, ttl, addr, time0, time1, cred_uid, cred_gid, * auth_uid, auth_gid, data_len, data, error_num, error_len, error_str. * Note that error_num and error_str are set by _munge_ctx_set_err() * called from munge_decode() (ie, the parent of this stack frame). */ assert (m != NULL); /* Perform sanity checks. */ if (m->type != MUNGE_MSG_DEC_RSP) { m_msg_set_err (m, EMUNGE_SNAFU, strdupf ("Client received invalid message type %d", m->type)); return (EMUNGE_SNAFU); } /* Return the result. */ if (ctx) { ctx->cipher = m->cipher; ctx->mac = m->mac; ctx->zip = m->zip; if ((ctx->realm_str = m->realm_str) != NULL) { m->realm_is_copy = 1; } ctx->ttl = m->ttl; ctx->addr.s_addr = m->addr.s_addr;; ctx->time0 = m->time0; ctx->time1 = m->time1; ctx->auth_uid = m->auth_uid; ctx->auth_gid = m->auth_gid; } if (buf && len && (m->data_len > 0)) { assert (* ((unsigned char *) m->data + m->data_len) == '\0'); *buf = m->data; m->data_is_copy = 1; } if (len) { *len = m->data_len; } if (uid) { *uid = m->cred_uid; } if (gid) { *gid = m->cred_gid; } return (m->error_num); }
static munge_err_t _m_msg_client_disconnect (m_msg_t m) { munge_err_t e; assert (m != NULL); assert (m->sd >= 0); if (close (m->sd) < 0) { m_msg_set_err (m, EMUNGE_SOCKET, strdupf ("Failed to close socket: %s", strerror (errno))); e = EMUNGE_SOCKET; } else { e = EMUNGE_SUCCESS; } m->sd = -1; return (e); }
/** * Create a list of expandable variables from envp and possibly argv */ am_list_t * create_expandable_variable_list (MYSQL *mysql, const char *envp[], const char *argv[]){ time_t t; char *escaped_username = NULL; char *escaped_password = NULL; const char *username, *password; am_list_t *l = am_list_new (); if (l == NULL) return l; t = time (NULL); username = get_env ("username", envp); password = get_env ("password", envp); if (username != NULL){ escaped_username = (char *) am_malloc (sizeof(char) * (strlen (username) * 2 + 1)); mysql_real_escape_string (mysql, escaped_username, username, strlen (username)); } if (password != NULL){ escaped_password = (char *) am_malloc (sizeof(char) * (strlen (password) * 2 + 1)); mysql_real_escape_string (mysql, escaped_password, password, strlen (password)); } am_list_append (l, kvp_new_with_kv (EV_DUP ("time_now"), strdupf ("%d", t))); am_list_append (l, kvp_new_with_kv (EV_DUP ("username"), NULL_OR_DUP (username))); am_list_append (l, kvp_new_with_kv (EV_DUP ("password"), NULL_OR_DUP (password))); am_list_append (l, kvp_new_with_kv (EV_DUP ("escaped_username"), NULL_OR_DUP (escaped_username))); am_list_append (l, kvp_new_with_kv (EV_DUP ("escaped_password"), NULL_OR_DUP (escaped_password))); am_list_append (l, kvp_new_with_kv (EV_DUP ("trusted_port"), NULL_OR_DUP (get_env ("trusted_port", envp)))); am_list_append (l, kvp_new_with_kv (EV_DUP ("trusted_ip"), NULL_OR_DUP (get_env ("trusted_ip", envp)))); am_list_append (l, kvp_new_with_kv (EV_DUP ("time_unix"), NULL_OR_DUP (get_env ("time_unix", envp)))); am_list_append (l, kvp_new_with_kv (EV_DUP ("ifconfig_pool_remote_ip"), NULL_OR_DUP (get_env ("ifconfig_pool_remote_ip", envp)))); am_list_append (l, kvp_new_with_kv (EV_DUP ("ifconfig_pool_local_ip"), NULL_OR_DUP (get_env ("ifconfig_pool_local_ip", envp)))); am_list_append (l, kvp_new_with_kv (EV_DUP ("ifconfig_local"), NULL_OR_DUP (get_env ("ifconfig_local", envp)))); am_list_append (l, kvp_new_with_kv (EV_DUP ("time_duration"), NULL_OR_DUP (get_env ("time_duration", envp)))); am_list_append (l, kvp_new_with_kv (EV_DUP ("bytes_sent"), NULL_OR_DUP (get_env ("bytes_sent", envp)))); am_list_append (l, kvp_new_with_kv (EV_DUP ("bytes_received"), NULL_OR_DUP (get_env ("bytes_received", envp)))); am_free (escaped_username); am_free (escaped_password); return l; }
static void sock_lock (conf_t conf) { /* Ensures exclusive access to the unix domain socket. */ struct stat st; mode_t mask; int rv; assert (conf != NULL); assert (conf->lockfile_name == NULL); assert (conf->lockfile_fd == -1); assert (conf->socket_name != NULL); if (!(conf->lockfile_name = strdupf ("%s.lock", conf->socket_name))) { log_errno (EMUNGE_NO_MEMORY, LOG_ERR, "Failed to create lockfile string"); } if (conf->got_force) { if ((unlink (conf->lockfile_name) < 0) && (errno != ENOENT)) { log_errno (EMUNGE_SNAFU, LOG_ERR, "Failed to remove \"%s\"", conf->lockfile_name); } } else if (lstat (conf->lockfile_name, &st) < 0) { if (errno != ENOENT) { log_errno (EMUNGE_SNAFU, LOG_ERR, "Failed to stat \"%s\"", conf->lockfile_name); } } else if (!S_ISREG(st.st_mode)) { log_err (EMUNGE_SNAFU, LOG_ERR, "Lockfile is suspicious: \"%s\" should be a regular file", conf->lockfile_name); } else if (st.st_uid != geteuid()) { log_err (EMUNGE_SNAFU, LOG_ERR, "Lockfile is suspicious: \"%s\" should be owned by UID %u", conf->lockfile_name, (unsigned) geteuid()); } else if ((st.st_mode & 07777) != S_IWUSR) { log_err (EMUNGE_SNAFU, LOG_ERR, "Lockfile is suspicious: \"%s\" should be writable only by user", conf->lockfile_name); } mask = umask (0); conf->lockfile_fd = creat (conf->lockfile_name, S_IWUSR); umask (mask); if (conf->lockfile_fd < 0) { log_errno (EMUNGE_SNAFU, LOG_ERR, "Failed to create \"%s\"", conf->lockfile_name); } if ((rv = set_file_lock (conf->lockfile_fd)) < 0) { if (!conf->got_force) log_errno (EMUNGE_SNAFU, LOG_ERR, "Failed to lock \"%s\"", conf->lockfile_name); else log_msg (LOG_WARNING, "Failed to lock \"%s\"", conf->lockfile_name); } else if (rv > 0) { pid_t pid = is_file_locked (conf->lockfile_fd); if (pid < 0) { log_errno (EMUNGE_SNAFU, LOG_ERR, "Failed to test lock \"%s\"", conf->lockfile_name); } else if (pid > 0) { log_err (EMUNGE_SNAFU, LOG_ERR, "Found pid %d bound to socket \"%s\"", pid, conf->socket_name); } else { log_err (EMUNGE_SNAFU, LOG_ERR, "Found inconsistent state for lock \"%s\"", conf->lockfile_name); } } if (unlink (conf->socket_name) == 0) { log_msg (LOG_INFO, "Removed existing socket \"%s\"", conf->socket_name); } else if (errno != ENOENT) { log_errno (EMUNGE_SNAFU, LOG_ERR, "Failed to remove \"%s\"", conf->socket_name); } return; }
/* * Opens a JUNOScript session for the give host_name, username, passphrase */ js_session_t * js_session_open (js_session_opts_t *jsop, int flags) { js_session_t *jsp; int max_argc = JSIO_SSH_OPTIONS_MAX * 2, argc = 0; char *argv[max_argc]; char *port_str = NULL; char *timeout_str = NULL; char *conn_timeout_str = NULL; int i; js_session_opts_t jso; if (jsop == NULL) { /* "Make life easier" */ bzero(&jso, sizeof(jso)); jsop = &jso; } js_initialize(); if (jsop->jso_stype == ST_DEFAULT) jsop->jso_stype = js_default_stype; if (flags & JSF_JUNOS_NETCONF) jsop->jso_stype = ST_JUNOS_NETCONF; if (jsop->jso_server == NULL || *jsop->jso_server == '\0') { jsop->jso_server = js_default_server; if (jsop->jso_server == NULL || *jsop->jso_server == '\0') return NULL; } if (jsop->jso_username == NULL || *jsop->jso_username == '\0') jsop->jso_username = js_default_user; /* * Check whether the junoscript session already exists for the given * hostname, if so then return that. */ jsp = js_session_find(jsop->jso_server, jsop->jso_stype); if (jsp) return jsp; argv[argc++] = ALLOCADUP(PATH_SSH); argv[argc++] = ALLOCADUP("-aqTx"); argv[argc++] = ALLOCADUP("-oTCPKeepAlive=yes"); if (jsop->jso_timeout) { timeout_str = strdupf("-oServerAliveInterval=%u", jsop->jso_timeout); argv[argc++] = timeout_str; } if (jsop->jso_connect_timeout) { conn_timeout_str = strdupf("-oConnectTimeout=%u", jsop->jso_connect_timeout); argv[argc++] = conn_timeout_str; } for (i = 0; i < jsio_ssh_options_count; i++) argv[argc++] = jsio_ssh_options[i]; if (jsop->jso_port) { port_str = strdupf("-p%u", jsop->jso_port); argv[argc++] = port_str; } /* * If username is passed use that username */ if (jsop->jso_username) { argv[argc++] = ALLOCADUP("-l"); argv[argc++] = ALLOCADUP(jsop->jso_username); } else { /* * When username is not passed, ssh takes it from * getlogin(). Not always login name will be the name of * the user executing the script. So, instead of relying * on that get the username from auth info and pass it to * ssh. */ const char *logname = getlogin(); if (logname) { argv[argc++] = ALLOCADUP("-l"); argv[argc++] = ALLOCADUP(logname); } } argv[argc++] = ALLOCADUP(jsop->jso_server); if (jsop->jso_stype == ST_NETCONF) { argv[argc++] = ALLOCADUP("-s"); argv[argc++] = ALLOCADUP("netconf"); } else if (jsop->jso_stype == ST_JUNOS_NETCONF) { argv[argc++] = ALLOCADUP("xml-mode"); argv[argc++] = ALLOCADUP("netconf"); argv[argc++] = ALLOCADUP("need-trailer"); } else if (jsop->jso_stype == ST_SHELL) { /* shell requires no options */ } else { argv[argc++] = ALLOCADUP("xml-mode"); argv[argc++] = ALLOCADUP("need-trailer"); } argv[argc] = NULL; /* Terminate the argument list */ INSIST(argc < max_argc); jsp = js_session_create(jsop->jso_server, argv, flags, jsop->jso_stype); if (jsp == NULL) return NULL; if (jsop->jso_passphrase) jsp->js_passphrase = strdup(jsop->jso_passphrase); if (jsop->jso_stype == ST_JUNOSCRIPT) { if (js_session_init(jsp)) { js_session_terminate(jsp); return NULL; } } else if (jsop->jso_stype == ST_SHELL) { if (js_shell_session_init(jsp)) { js_session_terminate(jsp); return NULL; } } else { if (js_session_init_netconf(jsp)) { js_session_terminate(jsp); return NULL; } } if (port_str) free(port_str); if (timeout_str) free(timeout_str); if (conn_timeout_str) free(conn_timeout_str); /* * Add the session details to patricia tree */ if (!js_session_add(jsp)) { js_session_terminate(jsp); return NULL; } return jsp; }
static munge_err_t _m_msg_client_connect (m_msg_t m, char *path) { struct stat st; struct sockaddr_un addr; int sd; int n; int i; unsigned long delay_msecs; assert (m != NULL); assert (m->sd < 0); if ((path == NULL) || (*path == '\0')) { m_msg_set_err (m, EMUNGE_SOCKET, strdup ("MUNGE socket name is undefined")); return (EMUNGE_SOCKET); } if (stat (path, &st) < 0) { m_msg_set_err (m, EMUNGE_SOCKET, strdupf ("Failed to access \"%s\": %s", path, strerror (errno))); return (EMUNGE_SOCKET); } if (!S_ISSOCK (st.st_mode)) { m_msg_set_err (m, EMUNGE_SOCKET, strdupf ("Invalid file type for socket \"%s\"", path)); return (EMUNGE_SOCKET); } if ((sd = socket (PF_UNIX, SOCK_STREAM, 0)) < 0) { m_msg_set_err (m, EMUNGE_SOCKET, strdupf ("Failed to create socket: %s", strerror (errno))); return (EMUNGE_SOCKET); } if (fd_set_nonblocking (sd) < 0) { close (sd); m_msg_set_err (m, EMUNGE_SOCKET, strdupf ("Failed to set nonblocking socket: %s", strerror (errno))); return (EMUNGE_SOCKET); } memset (&addr, 0, sizeof (addr)); addr.sun_family = AF_UNIX; addr.sun_path[ sizeof (addr.sun_path) - 1 ] = '\0'; strncpy (addr.sun_path, path, sizeof (addr.sun_path)); if (addr.sun_path[ sizeof (addr.sun_path) - 1 ] != '\0') { close (sd); m_msg_set_err (m, EMUNGE_OVERFLOW, strdup ("Exceeded maximum length of socket pathname")); return (EMUNGE_OVERFLOW); } i = 1; while (1) { /* * If a call to connect() for a Unix domain stream socket finds that * the listening socket's queue is full, ECONNREFUSED is returned * immediately. (cf, Stevens UNPv1, s14.4, p378) * If ECONNREFUSED, try again up to MUNGE_SOCKET_CONNECT_ATTEMPTS. */ n = connect (sd, (struct sockaddr *) &addr, sizeof (addr)); if (n == 0) { break; } if (errno == EINTR) { continue; } if (errno != ECONNREFUSED) { break; } if (i >= MUNGE_SOCKET_CONNECT_ATTEMPTS) { break; } delay_msecs = i * MUNGE_SOCKET_CONNECT_RETRY_MSECS; if (_m_msg_client_millisleep (m, delay_msecs) != EMUNGE_SUCCESS) { break; } i++; } if (n < 0) { close (sd); m_msg_set_err (m, EMUNGE_SOCKET, strdupf ("Failed to connect to \"%s\": %s", path, strerror (errno))); return (EMUNGE_SOCKET); } m->sd = sd; return (EMUNGE_SUCCESS); }
int auth_send (m_msg_t m) { char *pipe_name = NULL; char *file_dir = NULL; char *file_name = NULL; int file_fd = -1; int pipe_fd = -1; char *estr; if (_recv_auth_req (m->sd, &pipe_name, &file_dir) < 0) { estr = strdup ("Failed to receive auth request"); goto err; } assert (pipe_name != NULL); if (_name_auth_file (pipe_name, file_dir, &file_name) < 0) { estr = strdup ("Failed to name auth file"); goto err; } assert (file_name != NULL); unlink (file_name); /* in case it already exists */ if ((file_fd= open (file_name, O_RDONLY | O_CREAT | O_EXCL, S_IRUSR)) <0) { estr = strdupf ("Failed to open auth file \"%s\": %s", file_name, strerror (errno)); goto err; } if (unlink (file_name) < 0) { estr = strdupf ("Failed to remove auth file \"%s\": %s", file_name, strerror (errno)); goto err; } if ((pipe_fd = open (pipe_name, O_WRONLY)) < 0) { estr = strdupf ("Failed to open auth pipe \"%s\": %s", pipe_name, strerror (errno)); goto err; } if (ioctl (pipe_fd, I_SENDFD, file_fd) < 0) { estr = strdupf ("Failed to send client identity: %s", strerror (errno)); goto err; } if (close (pipe_fd) < 0) { estr = strdupf ("Failed to close auth pipe \"%s\": %s", pipe_name, strerror (errno)); goto err; } if (close (file_fd) < 0) { estr = strdupf ("Failed to close auth file \"%s\": %s", file_name, strerror (errno)); goto err; } free (pipe_name); free (file_dir); free (file_name); return (0); err: if (pipe_fd >= 0) { (void) close (pipe_fd); } if (pipe_name != NULL) { free (pipe_name); } if (file_fd >= 0) { (void) close (file_fd); } if (file_name != NULL) { (void) unlink (file_name); free (file_name); } if (file_dir != NULL) { free (file_dir); } return (m_msg_set_err (m, EMUNGE_SNAFU, estr)); }
OPENVPN_EXPORT int openvpn_plugin_func_v2 (openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[], void *per_client_context, struct openvpn_plugin_string_list **return_list) { ldap_context_t *context = (ldap_context_t *) handle; auth_context_t *auth_context = NULL; action_t *action = NULL; int res = OPENVPN_PLUGIN_FUNC_ERROR; if (type == OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY){ /* get username/password/auth_control_file from envp string array */ const char *username = get_env ("username", envp); const char *password = get_env ("password", envp); const char *auth_control_file = get_env ( "auth_control_file", envp ); const char *pf_file = get_env ("pf_file", envp); /* required parameters check */ if (!username){ LOGERROR("No username supplied to OpenVPN plugin"); return OPENVPN_PLUGIN_FUNC_ERROR; } auth_context = auth_context_new( ); if( !auth_context ){ LOGERROR( "Could not allocate auth_context before calling thread" ); return res; } if( username ) auth_context->username = strdup( username ); if( password ) auth_context->password = strdup( password ); if( pf_file ) auth_context->pf_file = strdup( pf_file ); if( auth_control_file ) auth_context->auth_control_file = strdup( auth_control_file ); /* If some argument were missing or could not be duplicate */ if( !(auth_context->username && auth_context->password && auth_context->auth_control_file ) ){ auth_context_free( auth_context ); return res; } action = action_new( ); action->type = LDAP_AUTH_ACTION_AUTH; action->context = auth_context; action->client_context = per_client_context; action->context_free_func = (void *)auth_context_free; action_push( context->action_list, action ); return OPENVPN_PLUGIN_FUNC_DEFERRED; } else if (type == OPENVPN_PLUGIN_ENABLE_PF){ /* unfortunately, at this stage we dont know anything about the client * yet. Let assume it is enabled, we will define default somewhere */ return OPENVPN_PLUGIN_FUNC_SUCCESS; }else if( type == OPENVPN_PLUGIN_CLIENT_CONNECT_V2 ){ /* on client connect, we return conf options through return list */ const char *username = get_env ("username", envp); client_context_t *cc = per_client_context; char *ccd_options = NULL; /* sanity check */ if (!username){ LOGERROR("No username supplied to OpenVPN plugin"); return OPENVPN_PLUGIN_FUNC_ERROR; } if (!cc || !cc->profile){ LOGERROR("No profile found for user"); return OPENVPN_PLUGIN_FUNC_ERROR; } #ifdef ENABLE_LDAPUSERCONF ccd_options = ldap_account_get_options_to_string( cc->ldap_account ); #endif if( cc->profile->redirect_gateway_prefix && strlen( cc->profile->redirect_gateway_prefix ) > 0 ){ /* do the username start with prefix? */ if( strncmp( cc->profile->redirect_gateway_prefix, username, strlen( cc->profile->redirect_gateway_prefix ) ) == 0 ){ char *tmp_ccd = ccd_options; ccd_options = strdupf("push \"redirect-gateway %s\"\n%s", cc->profile->redirect_gateway_flags ? cc->profile->redirect_gateway_flags : DFT_REDIRECT_GATEWAY_FLAGS, tmp_ccd ? tmp_ccd : ""); if( tmp_ccd ) la_free( tmp_ccd ); } } if( ccd_options ){ *return_list = la_malloc( sizeof( struct openvpn_plugin_string_list ) ); if( *return_list != NULL){ (*return_list)->next = NULL; (*return_list)->name = strdup( "config" ); (*return_list)->value = ccd_options; } } return OPENVPN_PLUGIN_FUNC_SUCCESS; } #ifdef ENABLE_LDAPUSERCONF else if( type == OPENVPN_PLUGIN_CLIENT_DISCONNECT ){ /* nothing done for now * potentially, session could be logged */ return OPENVPN_PLUGIN_FUNC_SUCCESS; } #endif return res; }
static int pktgen_parse_args(int argc, char **argv) { int opt, ret, port; char **argvopt; int option_index; char *prgname = argv[0], *p; static struct option lgopts[] = { {NULL, 0, 0, 0} }; argvopt = argv; pktgen.hostname = (char *)strdupf(pktgen.hostname, "localhost"); pktgen.socket_port = 0x5606; pktgen.argc = argc; for (opt = 0; opt < argc; opt++) pktgen.argv[opt] = strdup(argv[opt]); while ((opt = getopt_long(argc, argvopt, "p:m:f:l:s:g:hPNGT", lgopts, &option_index)) != EOF) switch (opt) { case 'p': /* Port mask not used anymore */ break; case 'f': /* Command file or Lua script. */ pktgen.cmd_filename = strdup(optarg); break; case 'l': /* Log file */ pktgen_log_set_file(optarg); break; case 'm': /* Matrix for port mapping. */ if (wr_parse_matrix(pktgen.l2p, optarg) == -1) { pktgen_log_error("invalid matrix string (%s)", optarg); pktgen_usage(prgname); return -1; } break; case 's': /* Read a PCAP packet capture file (stream) */ port = strtol(optarg, NULL, 10); p = strchr(optarg, ':'); if ( (p == NULL) || (pktgen.info[port].pcap = wr_pcap_open(++p, port)) == NULL) { pktgen_log_error("Invalid PCAP filename (%s) must include port number as P:filename", optarg); pktgen_usage(prgname); return -1; } break; case 'P': /* Enable promiscuous mode on the ports */ pktgen.flags |= PROMISCUOUS_ON_FLAG; break; case 'N': /* Enable NUMA support. */ pktgen.flags |= NUMA_SUPPORT_FLAG; break; case 'G': pktgen.flags |= (ENABLE_GUI_FLAG | IS_SERVER_FLAG); break; case 'g': /* Define the port number and IP address used for the socket connection. */ pktgen.flags |= (ENABLE_GUI_FLAG | IS_SERVER_FLAG); p = strchr(optarg, ':'); if (p == NULL) /* No : symbol means pktgen is a server application. */ pktgen.hostname = (char *)strdupf(pktgen.hostname, optarg); else { char c = *p; *p = '\0'; if (p != optarg) pktgen.hostname = (char *)strdupf(pktgen.hostname, optarg); pktgen.socket_port = strtol(++p, NULL, 0); pktgen_log_info(">>> Socket GUI support %s%c0x%x", pktgen.hostname, c, pktgen.socket_port); } break; case 'T': pktgen.flags |= ENABLE_THEME_FLAG; break; case 'h': /* print out the help message */ pktgen_usage(prgname); return -1; case 0: /* Long options */ default: pktgen_usage(prgname); return -1; } /* Setup the program name */ if (optind >= 0) argv[optind - 1] = prgname; ret = optind - 1; optind = 0; /* reset getopt lib */ return ret; }