Proposed patch for auth.c
Alain cocconi
cocconi at net-outremer.nc
Fri Nov 18 03:06:01 CET 2005
Hello,
I've mad a small patch to the rad_authlog function in auth.c
The purpose of this patch is to make a pair with the auth log message in it
(Auth: login Ok ....). For this I use the Reply-Message attribute. What do
you think, is it safe to use this one ? Or should I define a new one ?
Thank you
Here is the new function :
/*
* Make sure user/pass are clean
* and then log them
*/
static int rad_authlog(const char *msg, REQUEST *request, int goodpass) {
char clean_password[1024];
char clean_username[1024];
char buf[1024];
char msg_log[1024];
VALUE_PAIR *username = NULL;
VALUE_PAIR *log_pair;
if (!mainconfig.log_auth) {
return 0;
}
/*
* Get the correct username based on the configured value
*/
if (log_stripped_names == 0) {
username = pairfind(request->packet->vps, PW_USER_NAME);
} else {
username = request->username;
}
/*
* Clean up the username
*/
if (username == NULL) {
strcpy(clean_username, "<no User-Name attribute>");
} else {
librad_safeprint((char *)username->strvalue,
username->length,
clean_username, sizeof(clean_username));
}
/*
* Clean up the password
*/
if (mainconfig.log_auth_badpass || mainconfig.log_auth_goodpass) {
if (!request->password) {
strcpy(clean_password, "<no User-Password
attribute>");
} else if (request->password->attribute == PW_CHAP_PASSWORD) {
strcpy(clean_password, "<CHAP-Password>");
} else {
librad_safeprint((char *)request->password->strvalue,
request->password->length,
clean_password,
sizeof(clean_password));
}
}
if (goodpass) {
sprintf(msg_log, "%s: [%s%s%s] (%s)",
msg,
clean_username,
mainconfig.log_auth_goodpass ? "/" : "",
mainconfig.log_auth_goodpass ?
clean_password : "",
auth_name(buf, sizeof(buf), request, 1));
} else {
sprintf(msg_log, "%s: [%s%s%s] (%s)",
msg,
clean_username,
mainconfig.log_auth_badpass ? "/" : "",
mainconfig.log_auth_badpass ?
clean_password : "",
auth_name(buf, sizeof(buf), request, 1));
}
radlog(L_AUTH, msg_log);
log_pair = paircreate(PW_REPLY_MESSAGE, PW_TYPE_STRING);
if (log_pair == NULL) {
radlog(L_ERR|L_CONS, "no memory");
exit(1);
}
sprintf((char *)log_pair->strvalue, "%s", msg_log);
log_pair->length = strlen((char *)log_pair->strvalue);
pairadd(&request->reply->vps, log_pair);
return 0;
}
More information about the Freeradius-Users
mailing list