int DBUtil::Execute(const char* sql, ...)
{
SQL_INST* sqlinst = (SQL_INST*)dbHandle_;
if(sqlinst == 0) {
radlog(L_CONS|L_ERROR, "[DBUtil::Execute] invalid instance");
return -1;
}
char sqlbuf[4096];
va_list args;
va_start(args, sql);
vsNprintf(sqlbuf, sizeof(sqlbuf), sql, args);
va_end(args);
SQLSOCK* sqlsock = sql_get_socket(sqlinst);
if(sqlsock == NULL) {
return -1;
}
if(rlm_sql_query(sqlsock, sqlinst, sqlbuf) != 0) {
sql_release_socket(sqlinst, sqlsock);
return -1;
}
int result = rlm_sql_affected_rows(sqlsock, sqlinst);
rlm_sql_finish_query(sqlsock, sqlinst);
sql_release_socket(sqlinst, sqlsock);
return result;
}
static int nvp_vquery(unsigned int line, rlm_sqlhpwippool_t *data,
rlm_sql_handle_t *sqlsock, char const *fmt, va_list ap)
{
char query[MAX_QUERY_LEN];
vsnprintf(query, MAX_QUERY_LEN, fmt, ap);
if (rlm_sql_query(&sqlsock, data->sqlinst, query)) {
nvp_log(__LINE__, data, L_ERR, "nvp_vquery(): query from line %u: %s",
line, (char const *)(data->db->sql_error)(sqlsock, data->sqlinst->config));
return 0;
}
return 1;
}
/*
* Execute postauth_query after authentication
*/
static int rlm_sql_postauth(void *instance, REQUEST *request) {
SQLSOCK *sqlsocket = NULL;
SQL_INST *inst = instance;
char querystr[MAX_QUERY_LEN];
char sqlusername[MAX_STRING_LEN];
DEBUG("rlm_sql (%s): Processing sql_postauth", inst->config->xlat_name);
if(sql_set_user(inst, request, sqlusername, NULL) < 0)
return RLM_MODULE_FAIL;
/* If postauth_query is not defined, we stop here */
if (inst->config->postauth_query[0] == '\0')
return RLM_MODULE_NOOP;
/* Expand variables in the query */
memset(querystr, 0, MAX_QUERY_LEN);
radius_xlat(querystr, sizeof(querystr), inst->config->postauth_query,
request, sql_escape_func);
query_log(request, inst, querystr);
DEBUG2("rlm_sql (%s) in sql_postauth: query is %s",
inst->config->xlat_name, querystr);
/* Initialize the sql socket */
sqlsocket = sql_get_socket(inst);
if (sqlsocket == NULL)
return RLM_MODULE_FAIL;
/* Process the query */
if (rlm_sql_query(sqlsocket, inst, querystr)) {
radlog(L_ERR, "rlm_sql (%s) in sql_postauth: Database query error - %s",
inst->config->xlat_name,
(char *)(inst->module->sql_error)(sqlsocket, inst->config));
sql_release_socket(inst, sqlsocket);
return RLM_MODULE_FAIL;
}
(inst->module->sql_finish_query)(sqlsocket, inst->config);
sql_release_socket(inst, sqlsocket);
return RLM_MODULE_OK;
}
/*
* SQL xlat function
*
* For selects the first value of the first column will be returned,
* for inserts, updates and deletes the number of rows afftected will be
* returned instead.
*/
static ssize_t sql_xlat(void *instance, REQUEST *request, char const *query, char *out, size_t freespace)
{
rlm_sql_handle_t *handle = NULL;
rlm_sql_row_t row;
rlm_sql_t *inst = instance;
ssize_t ret = 0;
size_t len = 0;
/*
* Add SQL-User-Name attribute just in case it is needed
* We could search the string fmt for SQL-User-Name to see if this is
* needed or not
*/
sql_set_user(inst, request, NULL);
handle = sql_get_socket(inst);
if (!handle) {
return 0;
}
rlm_sql_query_log(inst, request, NULL, query);
/*
* If the query starts with any of the following prefixes,
* then return the number of rows affected
*/
if ((strncasecmp(query, "insert", 6) == 0) ||
(strncasecmp(query, "update", 6) == 0) ||
(strncasecmp(query, "delete", 6) == 0)) {
int numaffected;
char buffer[21]; /* 64bit max is 20 decimal chars + null byte */
if (rlm_sql_query(&handle, inst, query)) {
char const *error = (inst->module->sql_error)(handle, inst->config);
REDEBUG("SQL query failed: %s", error);
ret = -1;
goto finish;
}
numaffected = (inst->module->sql_affected_rows)(handle, inst->config);
if (numaffected < 1) {
RDEBUG("SQL query affected no rows");
goto finish;
}
/*
* Don't chop the returned number if freespace is
* too small. This hack is necessary because
* some implementations of snprintf return the
* size of the written data, and others return
* the size of the data they *would* have written
* if the output buffer was large enough.
*/
snprintf(buffer, sizeof(buffer), "%d", numaffected);
len = strlen(buffer);
if (len >= freespace){
RDEBUG("rlm_sql (%s): Can't write result, insufficient string space", inst->config->xlat_name);
(inst->module->sql_finish_query)(handle, inst->config);
ret = -1;
goto finish;
}
memcpy(out, buffer, len + 1); /* we did bounds checking above */
ret = len;
(inst->module->sql_finish_query)(handle, inst->config);
goto finish;
} /* else it's a SELECT statement */
if (rlm_sql_select_query(&handle, inst, query)){
char const *error = (inst->module->sql_error)(handle, inst->config);
REDEBUG("SQL query failed: %s", error);
ret = -1;
goto finish;
}
ret = rlm_sql_fetch_row(&handle, inst);
if (ret) {
REDEBUG("SQL query failed");
(inst->module->sql_finish_select_query)(handle, inst->config);
ret = -1;
goto finish;
}
row = handle->row;
if (!row) {
RDEBUG("SQL query returned no results");
(inst->module->sql_finish_select_query)(handle, inst->config);
ret = -1;
goto finish;
}
if (!row[0]){
RDEBUG("NULL value in first column of result");
(inst->module->sql_finish_select_query)(handle, inst->config);
ret = -1;
goto finish;
}
len = strlen(row[0]);
if (len >= freespace){
RDEBUG("Insufficient string space");
(inst->module->sql_finish_select_query)(handle, inst->config);
ret = -1;
goto finish;
}
strlcpy(out, row[0], freespace);
ret = len;
(inst->module->sql_finish_select_query)(handle, inst->config);
finish:
sql_release_socket(inst, handle);
return ret;
}
/*
* Generic function for failing between a bunch of queries.
*
* Uses the same principle as rlm_linelog, expanding the 'reference' config
* item using xlat to figure out what query it should execute.
*
* If the reference matches multiple config items, and a query fails or
* doesn't update any rows, the next matching config item is used.
*
*/
static int acct_redundant(rlm_sql_t *inst, REQUEST *request, sql_acct_section_t *section)
{
rlm_rcode_t rcode = RLM_MODULE_OK;
rlm_sql_handle_t *handle = NULL;
int sql_ret;
int numaffected = 0;
CONF_ITEM *item;
CONF_PAIR *pair;
char const *attr = NULL;
char const *value;
char path[MAX_STRING_LEN];
char *p = path;
char *expanded = NULL;
rad_assert(section);
if (section->reference[0] != '.') {
*p++ = '.';
}
if (radius_xlat(p, sizeof(path) - (p - path), request, section->reference, NULL, NULL) < 0) {
rcode = RLM_MODULE_FAIL;
goto finish;
}
item = cf_reference_item(NULL, section->cs, path);
if (!item) {
rcode = RLM_MODULE_FAIL;
goto finish;
}
if (cf_item_is_section(item)){
REDEBUG("Sections are not supported as references");
rcode = RLM_MODULE_FAIL;
goto finish;
}
pair = cf_itemtopair(item);
attr = cf_pair_attr(pair);
RDEBUG2("Using query template '%s'", attr);
handle = sql_get_socket(inst);
if (!handle) {
rcode = RLM_MODULE_FAIL;
goto finish;
}
sql_set_user(inst, request, NULL);
while (true) {
value = cf_pair_value(pair);
if (!value) {
RDEBUG("Ignoring null query");
rcode = RLM_MODULE_NOOP;
goto finish;
}
if (radius_axlat(&expanded, request, value, sql_escape_func, inst) < 0) {
rcode = RLM_MODULE_FAIL;
goto finish;
}
if (!*expanded) {
RDEBUG("Ignoring null query");
rcode = RLM_MODULE_NOOP;
talloc_free(expanded);
goto finish;
}
rlm_sql_query_log(inst, request, section, expanded);
/*
* If rlm_sql_query cannot use the socket it'll try and
* reconnect. Reconnecting will automatically release
* the current socket, and try to select a new one.
*
* If we get RLM_SQL_RECONNECT it means all connections in the pool
* were exhausted, and we couldn't create a new connection,
* so we do not need to call sql_release_socket.
*/
sql_ret = rlm_sql_query(&handle, inst, expanded);
TALLOC_FREE(expanded);
if (sql_ret == RLM_SQL_RECONNECT) {
rcode = RLM_MODULE_FAIL;
goto finish;
}
rad_assert(handle);
/*
* Assume all other errors are incidental, and just meant our
* operation failed and its not a client or SQL syntax error.
*
* @fixme We should actually be able to distinguish between key
* constraint violations (which we expect) and other errors.
*/
if (sql_ret == RLM_SQL_OK) {
numaffected = (inst->module->sql_affected_rows)(handle, inst->config);
if (numaffected > 0) {
break; /* A query succeeded, were done! */
}
RDEBUG("No records updated");
}
(inst->module->sql_finish_query)(handle, inst->config);
/*
* We assume all entries with the same name form a redundant
* set of queries.
*/
pair = cf_pair_find_next(section->cs, pair, attr);
if (!pair) {
RDEBUG("No additional queries configured");
rcode = RLM_MODULE_NOOP;
goto finish;
}
RDEBUG("Trying next query...");
}
(inst->module->sql_finish_query)(handle, inst->config);
finish:
talloc_free(expanded);
sql_release_socket(inst, handle);
return rcode;
}
/*
* SQL xlat function
*
* For selects the first value of the first column will be returned,
* for inserts, updates and deletes the number of rows afftected will be
* returned instead.
*/
static size_t sql_xlat(void *instance, REQUEST *request,
const char *fmt, char *out, size_t freespace)
{
rlm_sql_handle_t *handle;
rlm_sql_row_t row;
rlm_sql_t *inst = instance;
char querystr[MAX_QUERY_LEN];
size_t ret = 0;
RDEBUG("sql_xlat");
/*
* Add SQL-User-Name attribute just in case it is needed
* We could search the string fmt for SQL-User-Name to see if this is
* needed or not
*/
sql_set_user(inst, request, NULL);
/*
* Do an xlat on the provided string (nice recursive operation).
*/
if (!radius_xlat(querystr, sizeof(querystr), fmt, request, sql_escape_func, inst)) {
radlog(L_ERR, "rlm_sql (%s): xlat failed.",
inst->config->xlat_name);
return 0;
}
handle = sql_get_socket(inst);
if (handle == NULL)
return 0;
rlm_sql_query_log(inst, request, NULL, querystr);
/*
* If the query starts with any of the following prefixes,
* then return the number of rows affected
*/
if ((strncasecmp(querystr, "insert", 6) == 0) ||
(strncasecmp(querystr, "update", 6) == 0) ||
(strncasecmp(querystr, "delete", 6) == 0)) {
int numaffected;
char buffer[21]; /* 64bit max is 20 decimal chars + null byte */
if (rlm_sql_query(&handle,inst,querystr)) {
sql_release_socket(inst,handle);
return 0;
}
numaffected = (inst->module->sql_affected_rows)(handle,
inst->config);
if (numaffected < 1) {
RDEBUG("rlm_sql (%s): SQL query affected no rows",
inst->config->xlat_name);
}
/*
* Don't chop the returned number if freespace is
* too small. This hack is necessary because
* some implementations of snprintf return the
* size of the written data, and others return
* the size of the data they *would* have written
* if the output buffer was large enough.
*/
snprintf(buffer, sizeof(buffer), "%d", numaffected);
ret = strlen(buffer);
if (ret >= freespace){
RDEBUG("rlm_sql (%s): Can't write result, insufficient string space",
inst->config->xlat_name);
(inst->module->sql_finish_query)(handle,
inst->config);
sql_release_socket(inst,handle);
return 0;
}
memcpy(out, buffer, ret + 1); /* we did bounds checking above */
(inst->module->sql_finish_query)(handle, inst->config);
sql_release_socket(inst,handle);
return ret;
} /* else it's a SELECT statement */
if (rlm_sql_select_query(&handle,inst,querystr)){
sql_release_socket(inst,handle);
return 0;
}
ret = rlm_sql_fetch_row(&handle, inst);
if (ret) {
RDEBUG("SQL query did not succeed");
(inst->module->sql_finish_select_query)(handle, inst->config);
sql_release_socket(inst,handle);
return 0;
}
row = handle->row;
if (row == NULL) {
RDEBUG("SQL query did not return any results");
(inst->module->sql_finish_select_query)(handle, inst->config);
sql_release_socket(inst,handle);
return 0;
}
if (row[0] == NULL){
RDEBUG("Null value in first column");
(inst->module->sql_finish_select_query)(handle, inst->config);
sql_release_socket(inst,handle);
return 0;
}
ret = strlen(row[0]);
if (ret >= freespace){
RDEBUG("Insufficient string space");
(inst->module->sql_finish_select_query)(handle, inst->config);
sql_release_socket(inst,handle);
return 0;
}
strlcpy(out,row[0],freespace);
RDEBUG("sql_xlat finished");
(inst->module->sql_finish_select_query)(handle, inst->config);
sql_release_socket(inst,handle);
return ret;
}
/*
* Generic function for failing between a bunch of queries.
*
* Uses the same principle as rlm_linelog, expanding the 'reference' config
* item using xlat to figure out what query it should execute.
*
* If the reference matches multiple config items, and a query fails or
* doesn't update any rows, the next matching config item is used.
*
*/
static int acct_redundant(rlm_sql_t *inst, REQUEST *request,
sql_acct_section_t *section)
{
int ret = RLM_MODULE_OK;
rlm_sql_handle_t *handle = NULL;
int sql_ret;
int numaffected = 0;
CONF_ITEM *item;
CONF_PAIR *pair;
const char *attr = NULL;
const char *value;
char path[MAX_STRING_LEN];
char querystr[MAX_QUERY_LEN];
char *p = path;
rad_assert(section);
if (section->reference[0] != '.')
*p++ = '.';
if (!radius_xlat(p, (sizeof(path) - (p - path)) - 1,
section->reference, request, NULL, NULL))
return RLM_MODULE_FAIL;
item = cf_reference_item(NULL, section->cs, path);
if (!item)
return RLM_MODULE_FAIL;
if (cf_item_is_section(item)){
radlog(L_ERR, "Sections are not supported as references");
return RLM_MODULE_FAIL;
}
pair = cf_itemtopair(item);
attr = cf_pair_attr(pair);
RDEBUG2("Using query template '%s'", attr);
handle = sql_get_socket(inst);
if (handle == NULL)
return RLM_MODULE_FAIL;
sql_set_user(inst, request, NULL);
while (TRUE) {
value = cf_pair_value(pair);
if (!value) {
RDEBUG("Ignoring null query");
ret = RLM_MODULE_NOOP;
goto release;
}
radius_xlat(querystr, sizeof(querystr), value, request,
sql_escape_func, inst);
if (!*querystr) {
RDEBUG("Ignoring null query");
ret = RLM_MODULE_NOOP;
goto release;
}
rlm_sql_query_log(inst, request, section, querystr);
/*
* If rlm_sql_query cannot use the socket it'll try and
* reconnect. Reconnecting will automatically release
* the current socket, and try to select a new one.
*
* If we get SQL_DOWN it means all connections in the pool
* were exhausted, and we couldn't create a new connection,
* so we do not need to call sql_release_socket.
*/
sql_ret = rlm_sql_query(&handle, inst, querystr);
if (sql_ret == SQL_DOWN)
return RLM_MODULE_FAIL;
rad_assert(handle);
/*
* Assume all other errors are incidental, and just meant our
* operation failed and its not a client or SQL syntax error.
*/
if (sql_ret == 0) {
numaffected = (inst->module->sql_affected_rows)
(handle, inst->config);
if (numaffected > 0)
break;
RDEBUG("No records updated");
}
(inst->module->sql_finish_query)(handle, inst->config);
/*
* We assume all entries with the same name form a redundant
* set of queries.
*/
pair = cf_pair_find_next(section->cs, pair, attr);
if (!pair) {
RDEBUG("No additional queries configured");
ret = RLM_MODULE_NOOP;
goto release;
}
RDEBUG("Trying next query...");
}
(inst->module->sql_finish_query)(handle, inst->config);
release:
sql_release_socket(inst, handle);
return ret;
}
/*
* Accounting: save the account data to our sql table
*/
static int rlm_sql_accounting(void *instance, REQUEST * request) {
SQLSOCK *sqlsocket = NULL;
VALUE_PAIR *pair;
SQL_INST *inst = instance;
int ret = RLM_MODULE_OK;
int numaffected = 0;
int acctstatustype = 0;
char querystr[MAX_QUERY_LEN];
char logstr[MAX_QUERY_LEN];
char sqlusername[MAX_STRING_LEN];
#ifdef CISCO_ACCOUNTING_HACK
int acctsessiontime = 0;
#endif
memset(querystr, 0, MAX_QUERY_LEN);
/*
* Find the Acct Status Type
*/
if ((pair = pairfind(request->packet->vps, PW_ACCT_STATUS_TYPE)) != NULL) {
acctstatustype = pair->lvalue;
} else {
radius_xlat(logstr, sizeof(logstr), "packet has no accounting status type. [user '%{User-Name}', nas '%{NAS-IP-Address}']", request, NULL);
radlog(L_ERR, "rlm_sql (%s) in sql_accounting: %s",
inst->config->xlat_name, logstr);
return RLM_MODULE_INVALID;
}
switch (acctstatustype) {
/*
* The Terminal server informed us that it was rebooted
* STOP all records from this NAS
*/
case PW_STATUS_ACCOUNTING_ON:
case PW_STATUS_ACCOUNTING_OFF:
radlog(L_INFO, "rlm_sql (%s): received Acct On/Off packet", inst->config->xlat_name);
radius_xlat(querystr, sizeof(querystr), inst->config->accounting_onoff_query, request, sql_escape_func);
query_log(request, inst, querystr);
sqlsocket = sql_get_socket(inst);
if (sqlsocket == NULL)
return(RLM_MODULE_FAIL);
if (*querystr) { /* non-empty query */
if (rlm_sql_query(sqlsocket, inst, querystr)) {
radlog(L_ERR, "rlm_sql (%s): Couldn't update SQL accounting for Acct On/Off packet - %s",
inst->config->xlat_name,
(char *)(inst->module->sql_error)(sqlsocket, inst->config));
ret = RLM_MODULE_FAIL;
}
(inst->module->sql_finish_query)(sqlsocket, inst->config);
}
break;
/*
* Got an update accounting packet
*/
case PW_STATUS_ALIVE:
/*
* Set, escape, and check the user attr here
*/
sql_set_user(inst, request, sqlusername, NULL);
radius_xlat(querystr, sizeof(querystr), inst->config->accounting_update_query, request, sql_escape_func);
query_log(request, inst, querystr);
sqlsocket = sql_get_socket(inst);
if (sqlsocket == NULL)
return(RLM_MODULE_FAIL);
if (*querystr) { /* non-empty query */
if (rlm_sql_query(sqlsocket, inst, querystr)) {
radlog(L_ERR, "rlm_sql (%s): Couldn't update SQL accounting ALIVE record - %s",
inst->config->xlat_name,
(char *)(inst->module->sql_error)(sqlsocket, inst->config));
ret = RLM_MODULE_FAIL;
}
else {
numaffected = (inst->module->sql_affected_rows)(sqlsocket, inst->config);
if (numaffected < 1) {
/*
* If our update above didn't match anything
* we assume it's because we haven't seen a
* matching Start record. So we have to
* insert this update rather than do an update
*/
radius_xlat(querystr, sizeof(querystr), inst->config->accounting_update_query_alt, request, sql_escape_func);
query_log(request, inst, querystr);
if (*querystr) { /* non-empty query */
if (rlm_sql_query(sqlsocket, inst, querystr)) {
radlog(L_ERR, "rlm_sql (%s): Couldn't insert SQL accounting ALIVE record - %s",
inst->config->xlat_name,
(char *)(inst->module->sql_error)(sqlsocket, inst->config));
ret = RLM_MODULE_FAIL;
}
(inst->module->sql_finish_query)(sqlsocket, inst->config);
}
}
}
(inst->module->sql_finish_query)(sqlsocket, inst->config);
}
break;
/*
* Got accounting start packet
*/
case PW_STATUS_START:
/*
* Set, escape, and check the user attr here
*/
sql_set_user(inst, request, sqlusername, NULL);
radius_xlat(querystr, sizeof(querystr), inst->config->accounting_start_query, request, sql_escape_func);
query_log(request, inst, querystr);
sqlsocket = sql_get_socket(inst);
if (sqlsocket == NULL)
return(RLM_MODULE_FAIL);
if (*querystr) { /* non-empty query */
if (rlm_sql_query(sqlsocket, inst, querystr)) {
radlog(L_ERR, "rlm_sql (%s): Couldn't insert SQL accounting START record - %s",
inst->config->xlat_name,
(char *)(inst->module->sql_error)(sqlsocket, inst->config));
/*
* We failed the insert above. It's probably because
* the stop record came before the start. We try
* our alternate query now (typically an UPDATE)
*/
radius_xlat(querystr, sizeof(querystr), inst->config->accounting_start_query_alt, request, sql_escape_func);
query_log(request, inst, querystr);
if (*querystr) { /* non-empty query */
if (rlm_sql_query(sqlsocket, inst, querystr)) {
radlog(L_ERR, "rlm_sql (%s): Couldn't update SQL accounting START record - %s",
inst->config->xlat_name,
(char *)(inst->module->sql_error)(sqlsocket, inst->config));
ret = RLM_MODULE_FAIL;
}
(inst->module->sql_finish_query)(sqlsocket, inst->config);
}
}
(inst->module->sql_finish_query)(sqlsocket, inst->config);
}
break;
/*
* Got accounting stop packet
*/
case PW_STATUS_STOP:
/*
* Set, escape, and check the user attr here
*/
sql_set_user(inst, request, sqlusername, NULL);
radius_xlat(querystr, sizeof(querystr), inst->config->accounting_stop_query, request, sql_escape_func);
query_log(request, inst, querystr);
sqlsocket = sql_get_socket(inst);
if (sqlsocket == NULL)
return(RLM_MODULE_FAIL);
if (*querystr) { /* non-empty query */
if (rlm_sql_query(sqlsocket, inst, querystr)) {
radlog(L_ERR, "rlm_sql (%s): Couldn't update SQL accounting STOP record - %s",
inst->config->xlat_name,
(char *)(inst->module->sql_error)(sqlsocket, inst->config));
ret = RLM_MODULE_FAIL;
}
else {
numaffected = (inst->module->sql_affected_rows)(sqlsocket, inst->config);
if (numaffected < 1) {
/*
* If our update above didn't match anything
* we assume it's because we haven't seen a
* matching Start record. So we have to
* insert this stop rather than do an update
*/
#ifdef CISCO_ACCOUNTING_HACK
/*
* If stop but zero session length AND no previous
* session found, drop it as in invalid packet
* This is to fix CISCO's aaa from filling our
* table with bogus crap
*/
if ((pair = pairfind(request->packet->vps, PW_ACCT_SESSION_TIME)) != NULL)
acctsessiontime = pair->lvalue;
if (acctsessiontime <= 0) {
radius_xlat(logstr, sizeof(logstr), "stop packet with zero session length. [user '%{User-Name}', nas '%{NAS-IP-Address}']", request, NULL);
radlog(L_ERR, "rlm_sql (%s) in sql_accounting: %s", inst->config->xlat_name, logstr);
sql_release_socket(inst, sqlsocket);
ret = RLM_MODULE_NOOP;
}
#endif
radius_xlat(querystr, sizeof(querystr), inst->config->accounting_stop_query_alt, request, sql_escape_func);
query_log(request, inst, querystr);
if (*querystr) { /* non-empty query */
if (rlm_sql_query(sqlsocket, inst, querystr)) {
radlog(L_ERR, "rlm_sql (%s): Couldn't insert SQL accounting STOP record - %s",
inst->config->xlat_name,
(char *)(inst->module->sql_error)(sqlsocket, inst->config));
ret = RLM_MODULE_FAIL;
}
(inst->module->sql_finish_query)(sqlsocket, inst->config);
}
}
}
(inst->module->sql_finish_query)(sqlsocket, inst->config);
}
break;
/*
* Anything else is ignored.
*/
default:
radlog(L_INFO, "rlm_sql (%s): Unsupported Acct-Status-Type = %d", inst->config->xlat_name, acctstatustype);
return RLM_MODULE_NOOP;
break;
}
sql_release_socket(inst, sqlsocket);
return ret;
}
/*
* Generic function for failing between a bunch of queries.
*
* Uses the same principle as rlm_linelog, expanding the 'reference' config
* item using xlat to figure out what query it should execute.
*
* If the reference matches multiple config items, and a query fails or
* doesn't update any rows, the next matching config item is used.
*
*/
static int acct_redundant(rlm_sql_t *inst, REQUEST *request, sql_acct_section_t *section)
{
rlm_rcode_t rcode = RLM_MODULE_OK;
rlm_sql_handle_t *handle = NULL;
int sql_ret;
int numaffected = 0;
CONF_ITEM *item;
CONF_PAIR *pair;
char const *attr = NULL;
char const *value;
char path[MAX_STRING_LEN];
char *p = path;
char *expanded = NULL;
rad_assert(section);
if (section->reference[0] != '.') {
*p++ = '.';
}
if (radius_xlat(p, sizeof(path) - (p - path), request, section->reference, NULL, NULL) < 0) {
rcode = RLM_MODULE_FAIL;
goto finish;
}
/*
* If we can't find a matching config item we do
* nothing so return RLM_MODULE_NOOP.
*/
item = cf_reference_item(NULL, section->cs, path);
if (!item) {
RWDEBUG("No such configuration item %s", path);
rcode = RLM_MODULE_NOOP;
goto finish;
}
if (cf_item_is_section(item)){
RWDEBUG("Sections are not supported as references");
rcode = RLM_MODULE_NOOP;
goto finish;
}
pair = cf_item_to_pair(item);
attr = cf_pair_attr(pair);
RDEBUG2("Using query template '%s'", attr);
handle = fr_connection_get(inst->pool);
if (!handle) {
rcode = RLM_MODULE_FAIL;
goto finish;
}
sql_set_user(inst, request, NULL);
while (true) {
value = cf_pair_value(pair);
if (!value) {
RDEBUG("Ignoring null query");
rcode = RLM_MODULE_NOOP;
goto finish;
}
if (radius_axlat(&expanded, request, value, inst->sql_escape_func, handle) < 0) {
rcode = RLM_MODULE_FAIL;
goto finish;
}
if (!*expanded) {
RDEBUG("Ignoring null query");
rcode = RLM_MODULE_NOOP;
talloc_free(expanded);
goto finish;
}
rlm_sql_query_log(inst, request, section, expanded);
sql_ret = rlm_sql_query(inst, request, &handle, expanded);
TALLOC_FREE(expanded);
RDEBUG("SQL query returned: %s", fr_int2str(sql_rcode_table, sql_ret, "<INVALID>"));
switch (sql_ret) {
/*
* Query was a success! Now we just need to check if it did anything.
*/
case RLM_SQL_OK:
break;
/*
* A general, unrecoverable server fault.
*/
case RLM_SQL_ERROR:
/*
* If we get RLM_SQL_RECONNECT it means all connections in the pool
* were exhausted, and we couldn't create a new connection,
* so we do not need to call fr_connection_release.
*/
case RLM_SQL_RECONNECT:
rcode = RLM_MODULE_FAIL;
goto finish;
/*
* Query was invalid, this is a terminal error, but we still need
* to do cleanup, as the connection handle is still valid.
*/
case RLM_SQL_QUERY_INVALID:
rcode = RLM_MODULE_INVALID;
goto finish;
/*
* Driver found an error (like a unique key constraint violation)
* that hinted it might be a good idea to try an alternative query.
*/
case RLM_SQL_ALT_QUERY:
goto next;
}
rad_assert(handle);
/*
* We need to have updated something for the query to have been
* counted as successful.
*/
numaffected = (inst->module->sql_affected_rows)(handle, inst->config);
(inst->module->sql_finish_query)(handle, inst->config);
RDEBUG("%i record(s) updated", numaffected);
if (numaffected > 0) break; /* A query succeeded, were done! */
next:
/*
* We assume all entries with the same name form a redundant
* set of queries.
*/
pair = cf_pair_find_next(section->cs, pair, attr);
if (!pair) {
RDEBUG("No additional queries configured");
rcode = RLM_MODULE_NOOP;
goto finish;
}
RDEBUG("Trying next query...");
}
finish:
talloc_free(expanded);
fr_connection_release(inst->pool, handle);
sql_unset_user(inst, request);
return rcode;
}
/** Execute an arbitrary SQL query
*
* For selects the first value of the first column will be returned,
* for inserts, updates and deletes the number of rows affected will be
* returned instead.
*/
static ssize_t sql_xlat(char **out, UNUSED size_t outlen,
void const *mod_inst, UNUSED void const *xlat_inst,
REQUEST *request, char const *fmt)
{
rlm_sql_handle_t *handle = NULL;
rlm_sql_row_t row;
rlm_sql_t const *inst = mod_inst;
sql_rcode_t rcode;
ssize_t ret = 0;
/*
* Add SQL-User-Name attribute just in case it is needed
* We could search the string fmt for SQL-User-Name to see if this is
* needed or not
*/
sql_set_user(inst, request, NULL);
handle = fr_connection_get(inst->pool); /* connection pool should produce error */
if (!handle) return 0;
rlm_sql_query_log(inst, request, NULL, fmt);
/*
* If the query starts with any of the following prefixes,
* then return the number of rows affected
*/
if ((strncasecmp(fmt, "insert", 6) == 0) ||
(strncasecmp(fmt, "update", 6) == 0) ||
(strncasecmp(fmt, "delete", 6) == 0)) {
int numaffected;
rcode = rlm_sql_query(inst, request, &handle, fmt);
if (rcode != RLM_SQL_OK) {
query_error:
RERROR("SQL query failed: %s", fr_int2str(sql_rcode_table, rcode, "<INVALID>"));
ret = -1;
goto finish;
}
numaffected = (inst->module->sql_affected_rows)(handle, inst->config);
if (numaffected < 1) {
RDEBUG("SQL query affected no rows");
goto finish;
}
MEM(*out = talloc_asprintf(request, "%d", numaffected));
ret = talloc_array_length(*out) - 1;
(inst->module->sql_finish_query)(handle, inst->config);
goto finish;
} /* else it's a SELECT statement */
rcode = rlm_sql_select_query(inst, request, &handle, fmt);
if (rcode != RLM_SQL_OK) goto query_error;
rcode = rlm_sql_fetch_row(&row, inst, request, &handle);
if (rcode) {
(inst->module->sql_finish_select_query)(handle, inst->config);
goto query_error;
}
if (!row) {
RDEBUG("SQL query returned no results");
(inst->module->sql_finish_select_query)(handle, inst->config);
ret = -1;
goto finish;
}
if (!row[0]){
RDEBUG("NULL value in first column of result");
(inst->module->sql_finish_select_query)(handle, inst->config);
ret = -1;
goto finish;
}
*out = talloc_bstrndup(request, row[0], strlen(row[0]));
ret = talloc_array_length(*out) - 1;
(inst->module->sql_finish_select_query)(handle, inst->config);
finish:
fr_connection_release(inst->pool, handle);
return ret;
}
