]> git.ipfire.org Git - thirdparty/sarg.git/blob - usertab.c
projects / thirdparty / sarg.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Rename configure.in as configure.ac
[thirdparty/sarg.git] / usertab.c
1 /*
2 * SARG Squid Analysis Report Generator http://sarg.sourceforge.net
3 * 1998, 2015
4 *
5 * SARG donations:
6 * please look at http://sarg.sourceforge.net/donations.php
7 * Support:
8 * http://sourceforge.net/projects/sarg/forums/forum/363374
9 * ---------------------------------------------------------------------
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
24 *
25 */
26
27 #include "include/conf.h"
28 #include "include/defs.h"
29
30 #ifdef HAVE_LDAP_H
31 #define LDAP_DEPRECATED 1
32
33 #include <ldap.h>
34 #include <ldap_cdefs.h>
35 #include <ldap_features.h>
36
37 #if defined(HAVE_ICONV_H)
38 #include <iconv.h>
39 #define USE_ICONV 1
40 #endif //HAVE_ICONV_H
41
42 #endif //HAVE_LDAP_H
43
44 enum UserTabEnum
45 {
46 //! Users matched against the ::UserTabFile file.
47 UTT_File,
48 //! Users matched agains a LDAP.
49 UTT_Ldap,
50 //! No user matching performed.
51 UTT_None
52 };
53
54 enum UserTabEnum which_usertab=UTT_None;
55
56 static char *userfile=NULL;
57
58 #ifdef HAVE_LDAP_H
59 static LDAP *ldap_handle=NULL;
60 #endif //HAVE_LDAP_H
61
62 #ifdef USE_ICONV
63 //! iconv conversion descriptor to convert the string returned by LDAP.
64 static iconv_t ldapiconv=(iconv_t)-1;
65 //! Buffer to store the converted string.
66 static char *ldapconvbuffer=NULL;
67 //! Size of the converted string buffer.
68 static int ldapconvbuffersize=0;
69 #endif
70
71 static void init_file_usertab(const char *UserTabFile)
72 {
73 FILE *fp_usr;
74 long int nreg;
75 char buf[MAXLEN];
76 int z1, z2;
77
78 if((fp_usr=fopen(UserTabFile,"r"))==NULL) {
79 debuga(__FILE__,__LINE__,_("Cannot open file \"%s\": %s\n"),UserTabFile,strerror(errno));
80 exit(EXIT_FAILURE);
81 }
82 if (fseek(fp_usr, 0, SEEK_END)==-1) {
83 debuga(__FILE__,__LINE__,_("Failed to move till the end of file \"%s\": %s\n"),UserTabFile,strerror(errno));
84 exit(EXIT_FAILURE);
85 }
86 nreg = ftell(fp_usr);
87 if (nreg<0) {
88 debuga(__FILE__,__LINE__,_("Cannot get the size of file \"%s\"\n"),UserTabFile);
89 exit(EXIT_FAILURE);
90 }
91 nreg += 100;
92 if (fseek(fp_usr, 0, SEEK_SET)==-1) {
93 debuga(__FILE__,__LINE__,_("Failed to rewind file \"%s\": %s\n"),UserTabFile,strerror(errno));
94 exit(EXIT_FAILURE);
95 }
96 if((userfile=(char *) malloc(nreg))==NULL){
97 debuga(__FILE__,__LINE__,_("ERROR: Cannot load. Memory fault\n"));
98 exit(EXIT_FAILURE);
99 }
100 userfile[0]='\t';
101 z2=1;
102 while(fgets(buf,sizeof(buf),fp_usr)!=NULL) {
103 if (buf[0]=='#') continue;
104 fixendofline(buf);
105 z1=0;
106 while(buf[z1] && (unsigned char)buf[z1]>' ') {
107 if (z2+3>=nreg) { //need at least 3 additional bytes for the minimum string "\n\t\0"
108 debuga(__FILE__,__LINE__,_("The list of users is too long in file \"%s\"\n"),UserTabFile);
109 exit(EXIT_FAILURE);
110 }
111 userfile[z2++]=buf[z1++];
112 }
113 while(buf[z1] && (unsigned char)buf[z1]<=' ') z1++;
114 userfile[z2++]='\n';
115 while(buf[z1] && (unsigned char)buf[z1]>=' ') {
116 if (z2+2>=nreg) { //need at least 2 additional bytes for "\t\0"
117 debuga(__FILE__,__LINE__,_("The list of users is too long in file \"%s\"\n"),UserTabFile);
118 exit(EXIT_FAILURE);
119 }
120 userfile[z2++]=buf[z1++];
121 }
122 while(userfile[z2-1]==' ') z2--;
123 userfile[z2++]='\t';
124 }
125 userfile[z2]='\0';
126 if (fclose(fp_usr)==EOF) {
127 debuga(__FILE__,__LINE__,_("Read error in \"%s\": %s\n"),UserTabFile,strerror(errno));
128 exit(EXIT_FAILURE);
129 }
130 }
131
132 static void get_usertab_name(const char *user,char *name,int namelen)
133 {
134 char warea[MAXLEN];
135 char *str;
136
137 sprintf(warea,"\t%s\n",user);
138 if((str=(char *) strstr(userfile,warea)) == (char *) NULL ) {
139 safe_strcpy(name,user,namelen);
140 } else {
141 str=strchr(str+1,'\n');
142 str++;
143 namelen--;
144 for(z1=0; *str != '\t' && z1<namelen ; z1++) {
145 name[z1]=*str++;
146 }
147 name[z1]='\0';
148 }
149 }
150
151 #ifdef HAVE_LDAP_H
152 static void init_ldap_usertab(void) {
153 char *ldapuri;
154 LDAPURLDesc url;
155 int rc;
156
157 ldap_handle = NULL;
158
159 /* Setting LDAP connection and initializing cache */
160 memset(&url,0,sizeof(url));
161 url.lud_scheme = "ldap";
162 url.lud_host = LDAPHost;
163 url.lud_port = LDAPPort;
164 url.lud_scope = LDAP_SCOPE_DEFAULT;
165 ldapuri = ldap_url_desc2str(&url);
166 if (ldapuri==NULL) {
167 debuga(__FILE__,__LINE__,_("Cannot prepare ldap URI for server %s on port %d\n"),LDAPHost,LDAPPort);
168 exit(EXIT_FAILURE);
169 }
170
171 rc = ldap_initialize(&ldap_handle, ldapuri);
172 if (rc != LDAP_SUCCESS) {
173 debuga(__FILE__,__LINE__,_("Unable to connect to LDAP server %s on port %d: %d (%s)\n"), LDAPHost, LDAPPort, rc, ldap_err2string(rc));
174 exit(EXIT_FAILURE);
175 }
176 ldap_memfree(ldapuri);
177
178 if (ldap_set_option(ldap_handle, LDAP_OPT_REFERRALS, LDAP_OPT_OFF) != LDAP_OPT_SUCCESS) {
179 debuga(__FILE__,__LINE__,_("Could not disable LDAP_OPT_REFERRALS\n"));
180 exit(EXIT_FAILURE);
181 }
182 int ldap_protocol_version = LDAPProtocolVersion;
183 if (ldap_set_option(ldap_handle, LDAP_OPT_PROTOCOL_VERSION, &ldap_protocol_version) != LDAP_SUCCESS) {
184 debuga(__FILE__,__LINE__,_("Could not set LDAP protocol version %d\n"), ldap_protocol_version);
185 exit(EXIT_FAILURE);
186 }
187
188 /* Bind to the LDAP server. */
189 rc = ldap_simple_bind_s( ldap_handle, LDAPBindDN, LDAPBindPW );
190 if ( rc != LDAP_SUCCESS ) {
191 debuga(__FILE__,__LINE__,_("Cannot bind to LDAP server: %s\n"), ldap_err2string(rc));
192 exit(EXIT_FAILURE);
193 }
194
195 #ifdef USE_ICONV
196 // prepare for the string conversion
197 if (LDAPNativeCharset[0]!='\0') {
198 ldapiconv = iconv_open( LDAPNativeCharset, "UTF-8" );
199 if (ldapiconv==(iconv_t)-1) {
200 debuga(__FILE__,__LINE__,_("iconv cannot convert from UTF-8 to %s: %s\n"),LDAPNativeCharset,strerror(errno));
201 exit(EXIT_FAILURE);
202 }
203 }
204 ldapconvbuffer=NULL;
205 ldapconvbuffersize=0;
206 #endif
207
208 /* Initializing cache */
209
210 init_cache();
211 }
212
213 const char * charset_convert( const char * str_in, const char * charset_to )
214 {
215 #ifdef USE_ICONV
216 size_t return_value;
217 const char * str_in_orig;
218 char * str_out;
219 size_t str_in_len;
220 size_t str_out_len;
221
222 str_in_len = strlen( str_in ) + 1;//process the terminating NUL too
223 str_out_len = ( 2 * str_in_len );
224 if (ldapconvbuffer==NULL || ldapconvbuffersize<str_out_len) {
225 ldapconvbuffersize=str_out_len;
226 str_out = realloc(ldapconvbuffer,ldapconvbuffersize);
227 if (!str_out) {
228 debuga(__FILE__,__LINE__,_("Not enough memory to convert a LDAP returned string: %lu bytes required\n"),(unsigned long int)str_out_len);
229 exit(EXIT_FAILURE);
230 }
231 ldapconvbuffer = str_out;
232 } else {
233 str_out = ldapconvbuffer;
234 str_out_len = ldapconvbuffersize;
235 }
236 str_in_orig = str_in;
237 return_value = iconv(ldapiconv, (ICONV_CONST char **)&str_in, &str_in_len, &str_out, &str_out_len );
238 if ( return_value == ( size_t ) -1 ) {
239 /* TRANSLATORS: The message is followed by the reason for the failure. */
240 debuga(__FILE__,__LINE__,_("iconv failed on string \"%s\":\n"),str_in_orig);
241 switch ( errno ) {
242 /* See "man 3 iconv" for an explanation. */
243 case EILSEQ:
244 debuga(__FILE__,__LINE__,_("Invalid multibyte sequence.\n"));
245 break;
246 case EINVAL:
247 debuga(__FILE__,__LINE__,_("Incomplete multibyte sequence.\n"));
248 break;
249 case E2BIG:
250 debuga(__FILE__,__LINE__,_("No more room.\n"));
251 break;
252 default:
253 debuga(__FILE__,__LINE__,_("Error: %s.\n"),strerror( errno ));
254 }
255 exit(EXIT_FAILURE);
256 }
257 return(ldapconvbuffer);
258 #else //USE_ICONV
259 return(str_in);
260 #endif //USE_ICONV
261 }
262
263 static void get_ldap_name(const char *userlogin,char *mappedname,int namelen)
264 {
265 /* Start searching username in cache */
266 // According to rfc2254 section 4, only *()\ and NUL must be escaped. This list is rather conservative !
267 const char strictchars[] = " ~!@^&(){}|<>?:;\"\'\\[]`,\r\n\0";
268 char filtersearch[256], *searched_in_cache;
269 char searchloginname[3*MAX_USER_LEN];
270 char *attr, **vals;
271 const char *attr_out;
272 const char *ptr;
273 LDAPMessage *result, *e;
274 BerElement *ber;
275 int i;
276 int slen;
277 int rc;
278 char *attrs[2];
279
280 searched_in_cache = search_in_cache(userlogin);
281 if (searched_in_cache!=NULL) {
282 safe_strcpy(mappedname, searched_in_cache,namelen);
283 return;
284 }
285
286 // escape characters according to rfc2254 section 4
287 for (slen=0 , ptr=userlogin ; slen<sizeof(searchloginname)-1 && *ptr ; ptr++) {
288 if (strchr(strictchars,*ptr)) {
289 if (slen+3>=sizeof(searchloginname)-1) break;
290 slen+=sprintf(searchloginname+slen,"\\%02X",*ptr);
291 } else {
292 searchloginname[slen++]=*ptr;
293 }
294 }
295 searchloginname[slen]='\0';
296
297 i=0;
298 ptr=LDAPFilterSearch;
299 while (i<sizeof(filtersearch)-1 && *ptr) {
300 if (ptr[0]=='%' && ptr[1]=='s') {
301 if (i+slen>=sizeof(filtersearch)) break;
302 memcpy(filtersearch+i,searchloginname,slen);
303 i+=slen;
304 ptr+=2;
305 } else {
306 filtersearch[i++]=*ptr++;
307 }
308 }
309 filtersearch[i]='\0';
310
311 /* Search record(s) in LDAP base */
312 attrs[0]=LDAPTargetAttr;
313 attrs[1]=NULL;
314 rc= ldap_search_ext_s(ldap_handle, LDAPBaseSearch, LDAP_SCOPE_SUBTREE, filtersearch, attrs, 0, NULL, NULL, NULL, -1, &result);
315 if (rc != LDAP_SUCCESS) {
316 debuga(__FILE__,__LINE__,_("LDAP search failed: %s\nlooking for \"%s\" at or below \"%s\"\n"), ldap_err2string(rc),filtersearch,LDAPBaseSearch);
317 safe_strcpy(mappedname,userlogin,namelen);
318 return;
319 }
320
321 if (!(e = ldap_first_entry(ldap_handle, result))) {
322 insert_to_cache(userlogin, userlogin);
323 safe_strcpy(mappedname, userlogin,namelen);
324 return;
325 }
326
327 for (attr = ldap_first_attribute(ldap_handle, e, &ber); attr != NULL; attr = ldap_next_attribute(ldap_handle, e, ber)) {
328 if (!strcasecmp(attr, LDAPTargetAttr)) {
329 if ((vals = (char **)ldap_get_values(ldap_handle, e, attr))!=NULL) {
330 attr_out = charset_convert( vals[0], LDAPNativeCharset );
331 insert_to_cache(userlogin, attr_out);
332 safe_strcpy(mappedname, attr_out, namelen);
333 ldap_memfree(vals);
334 }
335 ldap_memfree(attr);
336 break;
337 }
338 ldap_memfree(attr);
339 }
340 ldap_msgfree(result);
341 }
342 #endif //HAVE_LDAP_H
343
344 void init_usertab(const char *UserTabFile)
345 {
346 if (strcmp(UserTabFile, "ldap") == 0) {
347 if(debug) {
348 /* TRANSLATORS: The %s may be the string "ldap" or a file name.*/
349 debuga(__FILE__,__LINE__,_("Loading User table from \"%s\"\n"),UserTabFile);
350 }
351 #ifdef HAVE_LDAP_H
352 which_usertab=UTT_Ldap;
353 init_ldap_usertab();
354 #else
355 debuga(__FILE__,__LINE__,_("LDAP module not compiled in sarg\n"));
356 exit(EXIT_FAILURE);
357 #endif //HAVE_LDAP_H
358 } else if (UserTabFile[0] != '\0') {
359 if(debug)
360 debuga(__FILE__,__LINE__,_("Loading User table from \"%s\"\n"),UserTabFile);
361 which_usertab=UTT_File;
362 init_file_usertab(UserTabFile);
363 } else {
364 which_usertab=UTT_None;
365 }
366 }
367
368 void user_find(char *mappedname, int namelen, const char *userlogin)
369 {
370 if (which_usertab==UTT_File) {
371 get_usertab_name(userlogin,mappedname,namelen);
372 }
373 #ifdef HAVE_LDAP_H
374 else if (which_usertab==UTT_Ldap) {
375 get_ldap_name(userlogin,mappedname,namelen);
376 }
377 #endif //HAVE_LDAP_H
378 else {
379 safe_strcpy(mappedname,userlogin,namelen);
380 }
381 }
382
383 void close_usertab(void)
384 {
385 #ifdef HAVE_LDAP_H
386 if (ldap_handle) {
387 destroy_cache();
388 ldap_unbind(ldap_handle);
389 ldap_handle=NULL;
390 }
391 #endif //HAVE_LDAP_H
392 #ifdef USE_ICONV
393 if (ldapiconv!=(iconv_t)-1) {
394 iconv_close (ldapiconv);
395 ldapiconv=(iconv_t)-1;
396 }
397 if (ldapconvbuffer) {
398 free(ldapconvbuffer);
399 ldapconvbuffer=NULL;
400 }
401 #endif // USE_ICONV
402 if(userfile) {
403 free(userfile);
404 userfile=NULL;
405 }
406 }
407
Unnamed repository; edit this file 'description' to name the repository.