diff options
-rw-r--r-- | src/squark-auth-snmp.c | 31 |
1 files changed, 19 insertions, 12 deletions
diff --git a/src/squark-auth-snmp.c b/src/squark-auth-snmp.c index 3681ea5..e6947c4 100644 --- a/src/squark-auth-snmp.c +++ b/src/squark-auth-snmp.c @@ -570,38 +570,45 @@ static void auth_completed(struct auth_context *auth) char tmp[256], *uf_a, *uf_b; void *token; struct authdb_entry entry; - blob_t b = BLOB_BUF(tmp), un; + blob_t b, uf; token = authdb_get(&adb, &auth->addr, &entry, 1); authdb_clear_entry(&entry); + b = BLOB_BUF(tmp); blob_push(&b, BLOB_STRLEN(auth->token)); - if (auth_ok(auth)) { - if (token != NULL) { - un = BLOB_BUF(entry.p.login_name); - blob_push_formatted_username(&un, username_format, auth); + blob_push(&b, BLOB_STR(" OK user=")); + uf_a = b.ptr; + blob_push_formatted_username(&b, username_format, auth); + uf_b = b.ptr; + blob_push(&b, BLOB_PTR_LEN("\n", 1)); + uf = BLOB_PTR_PTR(uf_a, uf_b); + + if (auth_ok(auth) && uf.len <= sizeof(entry.p.login_name)) { + if (token != NULL && + !authdb_check_login(token, &entry, uf, current_time, &adbc)) { + authdb_clear_entry(&entry); + memcpy(entry.p.login_name, uf.ptr, uf.len); memcpy(entry.p.mac_address, auth->mac, MAC_LEN); entry.p.switch_ip = auth->current_switch->addr; entry.p.switch_port = auth->local_port; authdb_commit_login(token, &entry, current_time, &adbc); } - blob_push(&b, BLOB_STR(" OK user=")); - uf_a = b.ptr; - blob_push_formatted_username(&b, username_format, auth); - uf_b = b.ptr; - blob_push(&b, BLOB_PTR_LEN("\n", 1)); if (do_syslog) { - blob_t tmp = BLOB_PTR_PTR(uf_a, uf_b); syslog(LOG_AUTHPRIV | LOG_INFO, "%s authenticated as %.*s", addr_print(&auth->addr), - tmp.len, tmp.ptr); + uf.len, uf.ptr); } } else { if (token != NULL) authdb_commit_logout(token); + + b = BLOB_BUF(tmp); + blob_push(&b, BLOB_STRLEN(auth->token)); blob_push(&b, BLOB_STR(" ERR\n")); + if (do_syslog) { syslog(LOG_AUTHPRIV | LOG_WARNING, "%s failed: %s", |