Unify RADIUS code for logging

src/authradius.c

@@ -160,15 +160,11 @@
 
 
 
-#ifdef NOIPV6
-struct  sockaddr_in radiuslist[MAXRADIUS];
-#else
-struct  sockaddr_in6 radiuslist[MAXRADIUS];
-#endif
+struct radserver radiuslist[MAXRADIUS];
 
 static int ntry = 0;
 int nradservers = 0;
-char * radiussecret = NULL;
+char radiussecret[64]="";
 
 pthread_mutex_t rad_mutex;
 
@@ -299,7 +295,7 @@ typedef struct radius_packet_t {
           
 #define RETURN(xxx) { res = xxx; goto CLEANRET; }
 
-int radauth(struct clientparam * param){
+int radsend(struct clientparam * param, int auth){
 
 	int loop;
 	int id;
@@ -483,8 +479,10 @@ int radauth(struct clientparam * param){
 	memcpy(vector, packet.vector, AUTH_VECTOR_LEN);
 	
 	for (loop = 0; loop < nradservers && loop < MAXRADIUS; loop++) {
+		SOCKET remsock;
+
 
-		saremote = radiuslist[loop];
+		saremote = auth?radiuslist[loop].authaddr : radiuslist[loop].logaddr;
 #ifdef NOIPV6
 		if(*SAFAMILY(&saremote)!= AF_INET) {
 			continue;
@@ -494,20 +492,23 @@ int radauth(struct clientparam * param){
 			continue;
 		}
 #endif
-		if(!*SAPORT(&saremote))*SAPORT(&saremote) = htons(1812);
 		packet.id++;
-		if(sockfd >= 0) so._closesocket(sockfd);
-		if ((sockfd = so._socket(SASOCK(&saremote), SOCK_DGRAM, 0)) < 0) {
-		    return 4;
+		if(auth) {
+			if(sockfd >= 0) so._closesocket(sockfd);
+			if ((sockfd = so._socket(SASOCK(&saremote), SOCK_DGRAM, 0)) < 0) {
+			    return 4;
+			}
+			remsock = sockfd;
 		}
-		len = so._sendto(sockfd, (char *)&packet, total_length, 0,
+		else remsock = radiuslist[loop].logsock;
+		len = so._sendto(remsock, (char *)&packet, total_length, 0,
 		      (struct sockaddr *)&saremote, sizeof(saremote));
 		if(len != ntohs(packet.length)){
 			continue;
 		}
 
 	        memset(fds, 0, sizeof(fds));
-	        fds[0].fd = sockfd;
+	        fds[0].fd = remsock;
 	        fds[0].events = POLLIN;
 		if(so._poll(fds, 1, conf.timeouts[SINGLEBYTE_L]*1000) <= 0) {
 			continue;
@@ -515,7 +516,7 @@ int radauth(struct clientparam * param){
 
 		salen = sizeof(saremote);
 				
-		data_len = so._recvfrom(sockfd, (char *)&rpacket, sizeof(packet)-16,
+		data_len = so._recvfrom(remsock, (char *)&rpacket, sizeof(packet)-16,
 			0, (struct sockaddr *)&saremote, &salen);
 
 
@@ -608,4 +609,9 @@ CLEANRET:
 	return res;
 }
 
+int radauth(struct clientparam * param){
+	return radsend(param, 1);
+}
+
+
 #endif

src/common.c

@@ -15,6 +15,9 @@ char * copyright = COPYRIGHT;
 
 int randomizer = 1;
 
+int havelog = 0;
+
+
 #ifndef _WIN32
  pthread_attr_t pa;
 

src/conf.c

@@ -292,14 +292,25 @@ static int h_external(int argc, unsigned char ** argv){
 	return 0;
 }
 
+
 static int h_log(int argc, unsigned char ** argv){ 
 	unsigned char tmpbuf[8192];
+
+
+	havelog = 1;
 	conf.logfunc = logstdout;
+	if(argc > 1 && conf.logtarget && *argv[1]!= '&' && *argv[1]!= '@' && !strcmp((char *)conf.logtarget, (char *)argv[1])) {
+		return 0;
+	}
 	if(conf.logtarget){
 		myfree(conf.logtarget);
 		conf.logtarget = NULL;
 	}
 	if(argc > 1) {
+		if(!strcmp((char *) argv[1], "/dev/null")) {
+			conf.logfunc = lognone;
+			return 0;
+		}
 		conf.logtarget = (unsigned char *)mystrdup((char *)argv[1]);
 		if(*argv[1]=='@'){
 #ifndef _WIN32
@@ -1259,13 +1270,34 @@ static int h_delimchar(int argc, unsigned char **argv){
 	return 0;
 }
 
+
 static int h_radius(int argc, unsigned char **argv){
-	char * rs = radiussecret;
-	radiussecret = mystrdup(argv[1]);
+	int oldrad;
+#ifdef NOIPV6
+	struct  sockaddr_in bindaddr;
+#else
+	struct  sockaddr_in6 bindaddr;
+#endif
+	unsigned short port;
+
+	oldrad = nradservers;
 	nradservers = 0;
+	for(; oldrad; oldrad--){
+		if(radiuslist[oldrad].logsock >= 0)closesocket(radiuslist[oldrad].logsock);
+		radiuslist[oldrad].logsock = -1;
+	}
 	memset(radiuslist, 0, sizeof(radiuslist));
+	if(strlen(argv[1]) > 63) argv[1][63] = 0;
+	strcpy(radiussecret, argv[1]);
 	for( ; nradservers < MAXRADIUS && nradservers < argc -2; nradservers++){
-		if( !getip46(46, argv[nradservers + 2], (struct sockaddr *)&radiuslist[nradservers])) return 1;
+		if( !getip46(46, argv[nradservers + 2], (struct sockaddr *)&radiuslist[nradservers].authaddr)) return 1;
+		if(!*SAPORT(&radiuslist[nradservers].authaddr))*SAPORT(&radiuslist[nradservers].authaddr) = htons(1812);
+		port = ntohs(*SAPORT(&radiuslist[nradservers].authaddr));
+		radiuslist[nradservers].logaddr = radiuslist[nradservers].authaddr;
+ 	        *SAPORT(&radiuslist[nradservers].logaddr) = htons(port);
+		bindaddr = conf.intsa;
+		if ((radiuslist[nradservers].logsock = so._socket(SASOCK(&radiuslist[nradservers].logaddr), SOCK_DGRAM, 0)) < 0) return 2;
+		if (so._bind(radiuslist[nradservers].logsock, (struct sockaddr *)&bindaddr, SASIZE(&bindaddr))) return 3;
 	}
 	return 0;
 }
@@ -1638,12 +1670,14 @@ void freeconf(struct extparam *confp){
  pthread_mutex_unlock(&pwl_mutex);
 
 
+/*
  logtarget = confp->logtarget;
  confp->logtarget = NULL;
- logformat = confp->logformat;
- confp->logformat = NULL;
  logname = confp->logname;
  confp->logname = NULL;
+*/
+ logformat = confp->logformat;
+ confp->logformat = NULL;
  confp->rotate = 0;
  confp->logtype = NONE;
 
@@ -1693,12 +1727,14 @@ void freeconf(struct extparam *confp){
  for(; fm; fm = (struct filemon *)itfree(fm, fm->next)){
 	if(fm->path) myfree(fm->path);
  }
+/*
  if(logtarget) {
 	myfree(logtarget);
  }
  if(logname) {
 	myfree(logname);
  }
+*/
  if(logformat) {
 	myfree(logformat);
  }
@@ -1706,7 +1742,7 @@ void freeconf(struct extparam *confp){
 	for(i = 0; i < archiverc; i++) myfree(archiver[i]);
 	myfree(archiver);
  }
-
+ havelog = 0;
 }
 
 int reload (void){

src/proxy.h

@@ -245,7 +245,7 @@ int parseusername(char *username, struct clientparam *param, int extpasswd);
 int parseconnusername(char *username, struct clientparam *param, int extpasswd, unsigned short port);
 int ACLmatches(struct ace* acentry, struct clientparam * param);
 int checkACL(struct clientparam * param);
-
+extern int havelog;
 unsigned long udpresolve(int af, unsigned char * name, unsigned char * value, unsigned *retttl, struct clientparam* param, int makeauth);
 
 struct ace * copyacl (struct ace *ac);
@@ -332,14 +332,18 @@ extern struct commands commandhandlers[];
 #define mapsocket(a,b) sockmap(a,b)
 #endif
 
+
+extern struct radserver {
 #ifdef NOIPV6
-extern struct  sockaddr_in radiuslist[MAXRADIUS];
+	struct  sockaddr_in authaddr, logaddr;
 #else
-extern struct  sockaddr_in6 radiuslist[MAXRADIUS];
+	struct  sockaddr_in6 authaddr, logaddr;
 #endif
+	SOCKET logsock;
+} radiuslist[MAXRADIUS];
 
+extern char radiussecret[64];
 extern int nradservers;
-extern char * radiussecret;
 extern struct socketoptions {
 	int opt;
 	char * optname;

src/proxymain.c

@@ -830,7 +830,7 @@ void srvinit(struct srvparam * srv, struct clientparam *param){
  memset(srv, 0, sizeof(struct srvparam));
  srv->version = conf.version + 1;
  srv->paused = conf.paused;
- srv->logfunc = conf.logfunc;
+ srv->logfunc = havelog?conf.logfunc:lognone;
  srv->noforce = conf.noforce;
  if(srv->logformat)myfree(srv->logformat);
  srv->logformat = conf.logformat? (unsigned char *)mystrdup((char *)conf.logformat) : NULL;
@@ -839,7 +839,7 @@ void srvinit(struct srvparam * srv, struct clientparam *param){
  srv->maxchild = conf.maxchild;
  srv->stacksize = conf.stacksize;
  srv->time_start = time(NULL);
- if(conf.logtarget){
+ if(havelog && conf.logtarget){
 	 if(srv->logtarget) myfree(srv->logtarget);
 	 srv->logtarget = (unsigned char *)mystrdup((char *)conf.logtarget);
  }