← Back to branch summary

~ubuntu-branches/ubuntu/natty/freeradius/natty-updates

« back to all changes in this revision

Viewing changes to src/modules/rlm_sqlcounter/rlm_sqlcounter.c

  • Committer: Bazaar Package Importer
  • Author(s): Paul Hampson
  • Date: 2006-01-15 13:34:13 UTC
  • mto: (3.1.3 dapper) (4.1.3 sid) (1.1.14 upstream)
  • mto: This revision was merged to the branch mainline in revision 4.
  • Revision ID: james.westby@ubuntu.com-20060115133413-zo1dslttvdoalqym
Tags: upstream-1.1.0
ImportĀ upstreamĀ versionĀ 1.1.0

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/modules/rlm_sqlcounter/rlm_sqlcounter.c
1
1
/*
2
2
 * rlm_sqlcounter.c
3
3
 *
4
 
 * Version:  $Id: rlm_sqlcounter.c,v 1.11.2.3 2005/08/23 14:13:38 nbk Exp $
 
4
 * Version:  $Id: rlm_sqlcounter.c,v 1.11.2.3.2.4 2005/12/27 17:44:25 aland Exp $
5
5
 *
6
6
 *   This program is free software; you can redistribute it and/or modify
7
7
 *   it under the terms of the GNU General Public License as published by
56
56
 */
57
57
 
58
58
 
59
 
static const char rcsid[] = "$Id: rlm_sqlcounter.c,v 1.11.2.3 2005/08/23 14:13:38 nbk Exp $";
 
59
static const char rcsid[] = "$Id: rlm_sqlcounter.c,v 1.11.2.3.2.4 2005/12/27 17:44:25 aland Exp $";
60
60
 
61
61
/*
62
62
 *      Define a structure for our module configuration.
72
72
        char *sqlmod_inst;      /* instance of SQL module to use, usually just 'sql' */
73
73
        char *query;            /* SQL query to retrieve current session time */
74
74
        char *reset;            /* daily, weekly, monthly, never or user defined */
 
75
        char *allowed_chars;    /* safe characters list for SQL queries */
75
76
        time_t reset_time;
76
77
        time_t last_reset;
77
78
        int  key_attr;          /* attribute number for key field */
94
95
  { "sqlmod-inst", PW_TYPE_STRING_PTR, offsetof(rlm_sqlcounter_t,sqlmod_inst), NULL, NULL },
95
96
  { "query", PW_TYPE_STRING_PTR, offsetof(rlm_sqlcounter_t,query), NULL, NULL },
96
97
  { "reset", PW_TYPE_STRING_PTR, offsetof(rlm_sqlcounter_t,reset), NULL,  NULL },
 
98
  { "safe-characters", PW_TYPE_STRING_PTR, offsetof(rlm_sqlcounter_t,allowed_chars), NULL, "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"},
97
99
  { NULL, -1, 0, NULL, NULL }
98
100
};
99
101
 
100
 
/*
101
 
 *      Safe characters list for sql queries. Everything else is
102
 
 *      replaced with their mime-encoded equivalents.
103
 
 */
104
 
static const char allowed_chars[] = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /";
 
102
static char *allowed_chars = NULL;
105
103
 
106
104
/*
107
105
 *      Translate the SQL queries.
428
426
        DICT_ATTR *dattr;
429
427
        ATTR_FLAGS flags;
430
428
        time_t now;
 
429
        char buffer[MAX_STRING_LEN];
431
430
 
432
431
        /*
433
432
         *      Set up a storage area for instance data
448
447
        }
449
448
 
450
449
        /*
 
450
         *      No query, die.
 
451
         */
 
452
        if (data->query == NULL) {
 
453
                radlog(L_ERR, "rlm_sqlcounter: 'query' must be set.");
 
454
                return -1;
 
455
        }
 
456
 
 
457
        /*
 
458
         *      Safe characters list for sql queries. Everything else is
 
459
         *      replaced rwith their mime-encoded equivalents.
 
460
         */
 
461
        allowed_chars = data->allowed_chars;
 
462
 
 
463
        /*
451
464
         *      Discover the attribute number of the key.
452
465
         */
453
466
        if (data->key_name == NULL) {
454
467
                radlog(L_ERR, "rlm_sqlcounter: 'key' must be set.");
455
468
                return -1;
456
469
        }
 
470
        sql_escape_func(buffer, sizeof(buffer), data->key_name);
 
471
        if (strcmp(buffer, data->key_name) != 0) {
 
472
                radlog(L_ERR, "rlm_sqlcounter: The value for option 'key' is too long or contains unsafe characters.");
 
473
                return -1;
 
474
        }
457
475
        dattr = dict_attrbyname(data->key_name);
458
476
        if (dattr == NULL) {
459
477
                radlog(L_ERR, "rlm_sqlcounter: No such attribute %s",
462
480
        }
463
481
        data->key_attr = dattr->attr;
464
482
 
 
483
        /*
 
484
         *      Check the "sqlmod-inst" option.
 
485
         */
 
486
        if (data->sqlmod_inst == NULL) {
 
487
                radlog(L_ERR, "rlm_sqlcounter: 'sqlmod-inst' must be set.");
 
488
                return -1;
 
489
        }
 
490
        sql_escape_func(buffer, sizeof(buffer), data->sqlmod_inst);
 
491
        if (strcmp(buffer, data->sqlmod_inst) != 0) {
 
492
                radlog(L_ERR, "rlm_sqlcounter: The value for option 'sqlmod-inst' is too long or contains unsafe characters.");
 
493
                return -1;
 
494
        }
465
495
 
466
496
        /*
467
497
         *  Create a new attribute for the counter.
692
722
        free(data->check_name);
693
723
        free(data->sqlmod_inst);
694
724
        free(data->counter_name);
 
725
        free(data->allowed_chars);
 
726
        allowed_chars = NULL;
695
727
 
696
728
        free(instance);
697
729
        return 0;