void
config_free( config_t *c ){
if( !c ) return;
ldap_config_free( c->ldap );
list_free( c->profiles, profile_config_list_free_cb );
la_free( c );
}
char* la_log_allocate_backtrace(int frames)
{
void* trace[32];
int num_addr, num_frame, idx, amount;
char **symbols, *bt, *ptr;
num_addr = backtrace(trace, LA_ELEMENTSOF(trace));
if (num_addr <= 0)
return NULL;
symbols = backtrace_symbols(trace, num_addr);
if (!symbols)
return NULL;
num_frame = LA_MIN(num_addr, frames);
amount = 4;
for (idx=0; idx<num_frame; idx++)
{
amount += 2;
amount += strlen(la_path_get_filename(symbols[idx]));
}
bt = (char*)la_calloc(amount * sizeof(char));
if(!bt)
return NULL;
strcpy(bt, " (");
ptr = bt + 2;
for (idx=0; idx<num_frame; idx++)
{
const char *sym;
strcpy(ptr, "<-");
ptr += 2;
sym = la_path_get_filename(symbols[idx]);
strcpy(ptr, sym);
ptr += strlen(sym);
}
strcpy(ptr, ")");
la_free(symbols);
return bt;
}
static MutexNode * mutex_destroy_rec(MutexNode * n,mutex * m){
if(n == NULL){
return NULL;
}
if(n->m->id == m->id){
mutex_count --;
MutexNode * ret = n->next;
la_free(n);
return ret;
}
n->next = mutex_destroy_rec(n->next,m);
return n;
}
/**
* ldap config
*/
void
ldap_config_free( ldap_config_t *c ){
check_and_free( c->uri );
check_and_free( c->binddn );
check_and_free( c->bindpw );
/* TLS */
check_and_free( c->ssl );
check_and_free( c->tls_cacertfile );
check_and_free( c->tls_cacertdir );
check_and_free( c->tls_certfile );
check_and_free( c->tls_certkey );
check_and_free( c->tls_ciphersuite );
check_and_free( c->tls_reqcert );
la_free( c );
}
void mutex_unlock(mutex * m){
uint64_t v = disableScheduler();
MutexNode * mn = mutexnode_getbyid(m->id);
if(mn->waitn > 0){
pidnode * pidn = mn->first;
wake(pidn->pid);
if(mn->waitn == 1){
mn->first = mn->last = NULL;
} else {
mn->first = pidn->next;
}
la_free(pidn);
mn->waitn --;
} else {
itryunlock(&(m->m));
}
enableScheduler(v);
}
/**
* profile
*/
void
profile_config_free ( profile_config_t *c ){
if( !c )
return;
check_and_free( c->basedn );
check_and_free( c->search_filter );
/* Group */
check_and_free( c->groupdn );
check_and_free( c->group_search_filter );
check_and_free( c->member_attribute );
check_and_free( c->default_pf_rules );
/* redirect gateway */
check_and_free( c->redirect_gateway_prefix );
check_and_free( c->redirect_gateway_flags );
#ifdef ENABLE_LDAPUSERCONF
check_and_free( c->default_profiledn );
#endif
la_free( c );
}
OPENVPN_EXPORT int
openvpn_plugin_func_v2 (openvpn_plugin_handle_t handle,
const int type,
const char *argv[],
const char *envp[],
void *per_client_context,
struct openvpn_plugin_string_list **return_list)
{
ldap_context_t *context = (ldap_context_t *) handle;
auth_context_t *auth_context = NULL;
action_t *action = NULL;
int res = OPENVPN_PLUGIN_FUNC_ERROR;
if (type == OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY){
/* get username/password/auth_control_file from envp string array */
const char *username = get_env ("username", envp);
const char *password = get_env ("password", envp);
const char *auth_control_file = get_env ( "auth_control_file", envp );
const char *pf_file = get_env ("pf_file", envp);
/* required parameters check */
if (!username){
LOGERROR("No username supplied to OpenVPN plugin");
return OPENVPN_PLUGIN_FUNC_ERROR;
}
auth_context = auth_context_new( );
if( !auth_context ){
LOGERROR( "Could not allocate auth_context before calling thread" );
return res;
}
if( username ) auth_context->username = strdup( username );
if( password ) auth_context->password = strdup( password );
if( pf_file ) auth_context->pf_file = strdup( pf_file );
if( auth_control_file ) auth_context->auth_control_file = strdup( auth_control_file );
/* If some argument were missing or could not be duplicate */
if( !(auth_context->username && auth_context->password && auth_context->auth_control_file ) ){
auth_context_free( auth_context );
return res;
}
action = action_new( );
action->type = LDAP_AUTH_ACTION_AUTH;
action->context = auth_context;
action->client_context = per_client_context;
action->context_free_func = (void *)auth_context_free;
action_push( context->action_list, action );
return OPENVPN_PLUGIN_FUNC_DEFERRED;
}
else if (type == OPENVPN_PLUGIN_ENABLE_PF){
/* unfortunately, at this stage we dont know anything about the client
* yet. Let assume it is enabled, we will define default somewhere
*/
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}else if( type == OPENVPN_PLUGIN_CLIENT_CONNECT_V2 ){
/* on client connect, we return conf options through return list
*/
const char *username = get_env ("username", envp);
client_context_t *cc = per_client_context;
char *ccd_options = NULL;
/* sanity check */
if (!username){
LOGERROR("No username supplied to OpenVPN plugin");
return OPENVPN_PLUGIN_FUNC_ERROR;
}
if (!cc || !cc->profile){
LOGERROR("No profile found for user");
return OPENVPN_PLUGIN_FUNC_ERROR;
}
#ifdef ENABLE_LDAPUSERCONF
ccd_options = ldap_account_get_options_to_string( cc->ldap_account );
#endif
if( cc->profile->redirect_gateway_prefix && strlen( cc->profile->redirect_gateway_prefix ) > 0 ){
/* do the username start with prefix? */
if( strncmp( cc->profile->redirect_gateway_prefix, username, strlen( cc->profile->redirect_gateway_prefix ) ) == 0 ){
char *tmp_ccd = ccd_options;
ccd_options = strdupf("push \"redirect-gateway %s\"\n%s",
cc->profile->redirect_gateway_flags ? cc->profile->redirect_gateway_flags : DFT_REDIRECT_GATEWAY_FLAGS,
tmp_ccd ? tmp_ccd : "");
if( tmp_ccd ) la_free( tmp_ccd );
}
}
if( ccd_options ){
*return_list = la_malloc( sizeof( struct openvpn_plugin_string_list ) );
if( *return_list != NULL){
(*return_list)->next = NULL;
(*return_list)->name = strdup( "config" );
(*return_list)->value = ccd_options;
}
}
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
#ifdef ENABLE_LDAPUSERCONF
else if( type == OPENVPN_PLUGIN_CLIENT_DISCONNECT ){
/* nothing done for now
* potentially, session could be logged
*/
return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
#endif
return res;
}
void deleteProcess(Process * p){
liballoc_free(p->stack_base,p->stack_npages);
la_free(p);
return ;
}
void check_and_free( void *d ){
if( d ) la_free( d );
}
void la_log_print(la_log_level_t lv, const char* file, int line, const char *func, const char *fmt, va_list ap)
{
char text[1024], location[128], timestamp[24];
char *msg, *newline;
char* bt = NULL;
la_vsnprintf(text, sizeof(text), fmt, ap);
if (((log.flag & LA_LOG_PRINT_META) || lv == LA_LOG_ERROR) && file && line > 0 && func)
la_snprintf(location, sizeof(location), "%s:%i %s() ", file, line, func);
else if (((log.flag & (LA_LOG_PRINT_META|LA_LOG_PRINT_FUNC)) || lv == LA_LOG_ERROR) && func)
la_snprintf(location, sizeof(location), "%s() ", func);
else
location[0] = 0;
if (log.flag & LA_LOG_PRINT_TIME)
{
la_time_t lt = time(NULL);
la_time_info_t* info = localtime(<);;
la_snprintf(timestamp, sizeof(timestamp), "%d/%02d/%02d %02d:%02d:%02d "
,info->tm_year + 1900
,info->tm_mon + 1
,info->tm_mday
,info->tm_hour
,info->tm_min
,info->tm_sec);
}
else
timestamp[0] = 0;
if (log.backtrace> 0)
bt = la_log_allocate_backtrace(log.backtrace);
for (msg = text; msg; msg = newline)
{
if ((newline = strchr(msg, '\n')))
{
*newline = 0;
newline++;
}
//ignore strings only made out of whitespace
if (msg[strspn(msg, "\t ")] == 0)
continue;
switch(log.target)
{
case LA_LOG_STDERR:
if (log.flag & LA_LOG_PRINT_LEVEL)
fprintf(stderr, "lst-audio : %s[%c] %s%s%s\n", timestamp, level_to_char[log.lv], location, msg, la_strempty(bt));
else
fprintf(stderr, "lst-audio : %s%s%s%s\n", timestamp, location, msg, la_strempty(bt));
break;
case LA_LOG_SYSLOG:
break;
case LA_LOG_FD:
break;
default:
break;
}
}
la_free(bt);
}
