-#if defined(DB_MYSQL) && defined(DB)
-
/*
-Writen by Devrim SERAL(devrim@tef.gazi.edu.tr)
-*/
+ * Writen by Devrim SERAL(devrim@tef.gazi.edu.tr)
+ */
+
#include "tac_plus.h"
+
+#if defined(DB_MYSQL) && defined(DB)
+
#include <stdio.h>
-#include "mysql.h"
+#include <stdlib.h>
+#include <mysql.h>
+
+#include "db_mysql.h"
+#include "report.h"
+#include "pwlib.h"
+#include "main.h"
+#include "utils.h"
+
+
#define SQLCMDL 1024
#define AUTHSQL "SELECT %s FROM %s WHERE %s=\"%s\""
-#define ACCTSQL "INSERT INTO %s (usern,s_name,c_name,elapsed_time,bytes_in,bytes_out,fin_t) VALUES (\"%s\",\"%s\",\"%s\",%s,%s,%s,NOW())"
+#define ACCTSQL "INSERT INTO %s (usern,s_name,c_name,elapsed_time,bytes_in,bytes_out,fin_t) VALUES (\"%s\",\"%s\",\"%s\",%s,%s,%s,NOW())"
-MYSQL mysqldb;
-MYSQL_RES *res;
-MYSQL_ROW row;
-MYSQL_FIELD *table_field;
-
-int mysql_db_verify(user, users_passwd, db_user, db_password,
- db_hostname,db_name, db_table, dbfield_name, dbfield_passwd)
+static MYSQL mysqldb;
+static MYSQL_RES *res;
+static MYSQL_ROW row;
-char *user, *users_passwd; /* Username and gived password */
-char *db_user; /* db's parameters */
-char *db_password;
-char *db_hostname;
-char *db_name;
-char *db_table;
-char *dbfield_name;
-char *dbfield_passwd;
+int mysql_db_verify TAC_ARGS((const char *user, const char *users_passwd, const char *db_user, const char *db_password, const char *db_hostname, const char *db_name, const char *db_table, const char *dbfield_name, const char *dbfield_passwd));
+int mysql_db_verify(user, users_passwd, db_user, db_password,
+ db_hostname, db_name, db_table, dbfield_name, dbfield_passwd)
+const char *user; /* username ... */
+const char *users_passwd; /* ... and given password */
+const char *db_user; /* db's parameters */
+const char *db_password;
+const char *db_hostname;
+const char *db_name;
+const char *db_table;
+const char *dbfield_name;
+const char *dbfield_passwd;
{
+ char *real_passwd;
+ char *mysqlcmd;
+ int sql_len;
-char *real_passwd;
-char *mysqlcmd;
-int sql_len;
-
- if (debug & DEBUG_AUTHEN_FLAG)
+ if (debug & DEBUG_AUTHEN_FLAG)
report(LOG_DEBUG, "MySQL: verify %s", user);
-
-/* Connect database server */
-
- if ( !( mysql_connect(&mysqldb,db_hostname,db_user,db_password) ) )
- {
- if (debug & DEBUG_AUTHEN_FLAG)
- report(LOG_DEBUG, "MySQL: cannot connect as %s", db_user);
- return(0);
- }
-/*Select tacacs db */
+ /* Connect database server */
- if ( mysql_select_db(&mysqldb,db_name) )
- {
- if (debug & DEBUG_AUTHEN_FLAG)
- report(LOG_DEBUG, "MySQL: cannot find database named %s",db_name);
- return(0);
- }
-
-/* Check select string length */
+ if ( !( mysql_connect(&mysqldb,db_hostname,db_user,db_password) ) ) {
+ if (debug & DEBUG_AUTHEN_FLAG)
+ report(LOG_DEBUG, "MySQL: cannot connect as %s", db_user);
+ return(0);
+ }
-sql_len=strlen(dbfield_passwd)+strlen(dbfield_name)+strlen(db_table)+strlen(user)+strlen(AUTHSQL);
+ /* Select tacacs db */
- if ( sql_len> SQLCMDL )
- {
- if (debug & DEBUG_AUTHEN_FLAG)
- report(LOG_DEBUG, "MySQL: Sql cmd exceed alowed limits");
- return(0);
- }
+ if ( mysql_select_db(&mysqldb,db_name) ) {
+ if (debug & DEBUG_AUTHEN_FLAG)
+ report(LOG_DEBUG, "MySQL: cannot find database named %s",db_name);
+ return(0);
+ }
-/* Prepare select string */
+ /* Check select string length */
-mysqlcmd=(char *) malloc(sql_len);
+ sql_len = strlen(dbfield_passwd)+strlen(dbfield_name)+strlen(db_table)+strlen(user)+strlen(AUTHSQL);
-if(mysqlcmd==NULL) {
+ if ( sql_len> SQLCMDL ) {
if (debug & DEBUG_AUTHEN_FLAG)
- report(LOG_ERR, "mysql_db_verify: mysqlcmd malloc error");
+ report(LOG_DEBUG, "MySQL: Sql cmd exceed alowed limits");
return(0);
-}
+ }
+
+ /* Prepare select string */
+
+ mysqlcmd = (char *) tac_malloc(sql_len);
-sprintf(mysqlcmd,AUTHSQL,dbfield_passwd,db_table,dbfield_name,user);
+ sprintf(mysqlcmd,AUTHSQL,dbfield_passwd,db_table,dbfield_name,user);
-/* Query database */
+ /* Query database */
- if (mysql_query(&mysqldb,mysqlcmd))
- {
+ if (mysql_query(&mysqldb,mysqlcmd)) {
if (debug & DEBUG_AUTHEN_FLAG)
report(LOG_DEBUG, "MySQL: cannot query database ");
free(mysqlcmd);
return(0);
- }
+ }
free(mysqlcmd);
-
- if (!(res = mysql_store_result(&mysqldb)))
- {
+
+ if (!(res = mysql_store_result(&mysqldb))) {
if (debug & DEBUG_AUTHEN_FLAG)
report(LOG_DEBUG, "MySQL: cannot store result");
return(0);
- }
-
- if(!(row = mysql_fetch_row(res)))
- {
+ }
+
+ if (!(row = mysql_fetch_row(res))) {
if (debug & DEBUG_AUTHEN_FLAG)
report(LOG_DEBUG, "MySQL: cannot fetch row");
return(0);
- }
-
- if (strlen(row[0]) <=0 )
- {
+ }
+
+ if (strlen(row[0]) <=0 ) {
if (debug & DEBUG_AUTHEN_FLAG)
report(LOG_DEBUG, "MySQL: DB passwd entry is NULL");
return(0);
- }
- /* Allocate memory for real_passwd */
- real_passwd=(char *) malloc(strlen(row[0])+1);
- strcpy(real_passwd,row[0]);
-
- if (!mysql_eof(res))
- {
+ }
+
+ /* Allocate memory for real_passwd */
+ real_passwd=(char *) tac_malloc(strlen(row[0])+1);
+ strcpy(real_passwd,row[0]);
+
+ if (!mysql_eof(res)) {
if (debug & DEBUG_AUTHEN_FLAG)
- report(LOG_DEBUG, "MySQL: Result not end!!");
+ report(LOG_DEBUG, "MySQL: Result not end!!");
return(0);
- }
+ }
mysql_free_result(res);
mysql_close(&mysqldb);
-
-if (debug & DEBUG_AUTHEN_FLAG)
- report(LOG_DEBUG, "MySQL: verify password '%s' to DES encrypted string '%s'", users_passwd, real_passwd);
+
+ if (debug & DEBUG_AUTHEN_FLAG)
+ report(LOG_DEBUG, "MySQL: verify password '%s' to DES encrypted string '%s'", users_passwd, real_passwd);
/* Try to verify the password */
if (!des_verify(users_passwd, real_passwd)) {
free(real_passwd);
return (0);
}
+
free(real_passwd);
return (1); /* Return 1 if verified, 0 otherwise. */
}
-int
-mysql_db_acct(db_user,db_password,db_hostname,db_name,db_table,s_name,c_name,a_username,elapsed_time,bytes_in,bytes_out)
-char *db_user; /* db's parameters */
-char *db_password;
-char *db_hostname;
-char *db_name;
-char *db_table;
-char *s_name, *c_name,*a_username,*elapsed_time,*bytes_in,*bytes_out;
+int mysql_db_acct TAC_ARGS((const char *db_user, const char *db_password, const char *db_hostname, const char *db_name, const char *db_table, const char *s_name, const char *c_name, const char *a_username, const char *elapsed_time, const char *bytes_in, const char *bytes_out));
+int
+mysql_db_acct(db_user,db_password,db_hostname,db_name,db_table,s_name,c_name,a_username,elapsed_time,bytes_in,bytes_out)
+const char *db_user; /* db's parameters */
+const char *db_password;
+const char *db_hostname;
+const char *db_name;
+const char *db_table;
+const char *s_name;
+const char *c_name;
+const char *a_username;
+const char *elapsed_time;
+const char *bytes_in;
+const char *bytes_out;
{
+ char *mysqlcmd;
+ int sql_len;
-char *mysqlcmd;
-int sql_len;
-
-/* Connect database server */
+ /* Connect database server */
- if (!(mysql_connect(&mysqldb,db_hostname,db_user,db_password)))
- {
+ if (!(mysql_connect(&mysqldb,db_hostname,db_user,db_password))) {
if (debug & DEBUG_ACCT_FLAG)
- report(LOG_DEBUG, "MySQL: cannot connect as %s", db_user);
- return(0);
- }
+ report(LOG_DEBUG, "MySQL: cannot connect as %s", db_user);
+ return(0);
+ }
-/*Select tacacs db */
+ /*Select tacacs db */
- if (mysql_select_db(&mysqldb,db_name))
- {
+ if (mysql_select_db(&mysqldb,db_name)) {
if (debug & DEBUG_ACCT_FLAG)
- report(LOG_DEBUG, "MySQL: cannot find database named %s",db_name);
- return(0);
- }
+ report(LOG_DEBUG, "MySQL: cannot find database named %s",db_name);
+ return(0);
+ }
-/* Check buffer overflow for select string */
-sql_len=strlen(db_table)+strlen(a_username)+strlen(s_name)+strlen(c_name)+strlen(elapsed_time)+strlen(bytes_in)+strlen(bytes_out)+strlen(ACCTSQL);
+ /* Check buffer overflow for select string */
+ sql_len = strlen(db_table)+strlen(a_username)+strlen(s_name)+strlen(c_name)+strlen(elapsed_time)+strlen(bytes_in)+strlen(bytes_out)+strlen(ACCTSQL);
-if ( sql_len >SQLCMDL)
- {
+ if ( sql_len >SQLCMDL) {
if (debug & DEBUG_ACCT_FLAG)
report(LOG_DEBUG, "MySQL: Sql cmd exceed alowed limits");
- return(0);
- }
-
+ return(0);
+ }
-/* Prepare select string */
-mysqlcmd=(char *) malloc(sql_len);
-if(mysqlcmd==NULL) {
- if (debug & DEBUG_ACCT_FLAG)
- report(LOG_ERR, "mysql_db_acct: mysqlcmd malloc error");
- return(0);
-}
+ /* Prepare select string */
+ mysqlcmd=(char *) tac_malloc(sql_len);
-sprintf(mysqlcmd,ACCTSQL,db_table,a_username,s_name,c_name,elapsed_time,bytes_in,bytes_out);
+ sprintf(mysqlcmd,ACCTSQL,db_table,a_username,s_name,c_name,elapsed_time,bytes_in,bytes_out);
-/* Query database */
+ /* Query database */
- if (mysql_query(&mysqldb,mysqlcmd))
- {
+ if (mysql_query(&mysqldb,mysqlcmd)) {
if (debug & DEBUG_ACCT_FLAG)
- report(LOG_DEBUG, "MySQL: cannot query database");
+ report(LOG_DEBUG, "MySQL: cannot query database");
free(mysqlcmd);
return(0);
- }
+ }
- free(mysqlcmd);
+ free(mysqlcmd);
-/* Check if accounting is sucess */
- if ( mysql_affected_rows( &mysqldb ) < 0 )
- {
+ /* Check if accounting is sucess */
+ if ( mysql_affected_rows( &mysqldb ) < 0 ) {
if (debug & DEBUG_ACCT_FLAG)
- report(LOG_DEBUG, "MySQL: Insert isn't sucess");
+ report(LOG_DEBUG, "MySQL: Insert isn't sucess");
return(0);
- }
- return (1); /* Return 1 if verified, 0 otherwise. */
+ }
+
+ return (1); /* Return 1 if verified, 0 otherwise. */
}
-#endif
+
+#else /* defined(DB_MYSQL) && defined(DB) */
+
+TAC_SOURCEFILE_EMPTY
+
+#endif /* defined(DB_MYSQL) && defined(DB) */