Improve error messages related to EAP DB
Add SQLite error message and DB name to the DB related errors. Add enough tracing so that users can know exactly where users are failing to be found. Signed-off-by: Ben Greear <greearb@candelatech.com>
This commit is contained in:
parent
c469d6228d
commit
fc48d33b0d
4 changed files with 36 additions and 10 deletions
|
@ -55,10 +55,11 @@ static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity,
|
||||||
{
|
{
|
||||||
const struct hostapd_eap_user *eap_user;
|
const struct hostapd_eap_user *eap_user;
|
||||||
int i;
|
int i;
|
||||||
|
int rv = -1;
|
||||||
|
|
||||||
eap_user = hostapd_get_eap_user(ctx, identity, identity_len, phase2);
|
eap_user = hostapd_get_eap_user(ctx, identity, identity_len, phase2);
|
||||||
if (eap_user == NULL)
|
if (eap_user == NULL)
|
||||||
return -1;
|
goto out;
|
||||||
|
|
||||||
if (user == NULL)
|
if (user == NULL)
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -72,7 +73,7 @@ static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity,
|
||||||
if (eap_user->password) {
|
if (eap_user->password) {
|
||||||
user->password = os_malloc(eap_user->password_len);
|
user->password = os_malloc(eap_user->password_len);
|
||||||
if (user->password == NULL)
|
if (user->password == NULL)
|
||||||
return -1;
|
goto out;
|
||||||
os_memcpy(user->password, eap_user->password,
|
os_memcpy(user->password, eap_user->password,
|
||||||
eap_user->password_len);
|
eap_user->password_len);
|
||||||
user->password_len = eap_user->password_len;
|
user->password_len = eap_user->password_len;
|
||||||
|
@ -83,8 +84,13 @@ static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity,
|
||||||
user->ttls_auth = eap_user->ttls_auth;
|
user->ttls_auth = eap_user->ttls_auth;
|
||||||
user->remediation = eap_user->remediation;
|
user->remediation = eap_user->remediation;
|
||||||
user->accept_attr = eap_user->accept_attr;
|
user->accept_attr = eap_user->accept_attr;
|
||||||
|
rv = 0;
|
||||||
|
|
||||||
return 0;
|
out:
|
||||||
|
if (rv)
|
||||||
|
wpa_printf(MSG_DEBUG, "%s: Failed to find user", __func__);
|
||||||
|
|
||||||
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -138,8 +138,12 @@ eap_user_sqlite_get(struct hostapd_data *hapd, const u8 *identity,
|
||||||
char id_str[256], cmd[300];
|
char id_str[256], cmd[300];
|
||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
if (identity_len >= sizeof(id_str))
|
if (identity_len >= sizeof(id_str)) {
|
||||||
|
wpa_printf(MSG_DEBUG, "%s: identity len too big: %d >= %d",
|
||||||
|
__func__, (int) identity_len,
|
||||||
|
(int) (sizeof(id_str)));
|
||||||
return NULL;
|
return NULL;
|
||||||
|
}
|
||||||
os_memcpy(id_str, identity, identity_len);
|
os_memcpy(id_str, identity, identity_len);
|
||||||
id_str[identity_len] = '\0';
|
id_str[identity_len] = '\0';
|
||||||
for (i = 0; i < identity_len; i++) {
|
for (i = 0; i < identity_len; i++) {
|
||||||
|
@ -182,7 +186,9 @@ eap_user_sqlite_get(struct hostapd_data *hapd, const u8 *identity,
|
||||||
wpa_printf(MSG_DEBUG, "DB: %s", cmd);
|
wpa_printf(MSG_DEBUG, "DB: %s", cmd);
|
||||||
if (sqlite3_exec(db, cmd, get_user_cb, &hapd->tmp_eap_user, NULL) !=
|
if (sqlite3_exec(db, cmd, get_user_cb, &hapd->tmp_eap_user, NULL) !=
|
||||||
SQLITE_OK) {
|
SQLITE_OK) {
|
||||||
wpa_printf(MSG_DEBUG, "DB: Failed to complete SQL operation");
|
wpa_printf(MSG_DEBUG,
|
||||||
|
"DB: Failed to complete SQL operation: %s db: %s",
|
||||||
|
sqlite3_errmsg(db), hapd->conf->eap_user_sqlite);
|
||||||
} else if (hapd->tmp_eap_user.next)
|
} else if (hapd->tmp_eap_user.next)
|
||||||
user = &hapd->tmp_eap_user;
|
user = &hapd->tmp_eap_user;
|
||||||
|
|
||||||
|
@ -192,8 +198,10 @@ eap_user_sqlite_get(struct hostapd_data *hapd, const u8 *identity,
|
||||||
wpa_printf(MSG_DEBUG, "DB: %s", cmd);
|
wpa_printf(MSG_DEBUG, "DB: %s", cmd);
|
||||||
if (sqlite3_exec(db, cmd, get_wildcard_cb, &hapd->tmp_eap_user,
|
if (sqlite3_exec(db, cmd, get_wildcard_cb, &hapd->tmp_eap_user,
|
||||||
NULL) != SQLITE_OK) {
|
NULL) != SQLITE_OK) {
|
||||||
wpa_printf(MSG_DEBUG, "DB: Failed to complete SQL "
|
wpa_printf(MSG_DEBUG,
|
||||||
"operation");
|
"DB: Failed to complete SQL operation: %s db: %s",
|
||||||
|
sqlite3_errmsg(db),
|
||||||
|
hapd->conf->eap_user_sqlite);
|
||||||
} else if (hapd->tmp_eap_user.next) {
|
} else if (hapd->tmp_eap_user.next) {
|
||||||
user = &hapd->tmp_eap_user;
|
user = &hapd->tmp_eap_user;
|
||||||
os_free(user->identity);
|
os_free(user->identity);
|
||||||
|
|
|
@ -1926,10 +1926,11 @@ static int ieee802_1x_get_eap_user(void *ctx, const u8 *identity,
|
||||||
struct hostapd_data *hapd = ctx;
|
struct hostapd_data *hapd = ctx;
|
||||||
const struct hostapd_eap_user *eap_user;
|
const struct hostapd_eap_user *eap_user;
|
||||||
int i;
|
int i;
|
||||||
|
int rv = -1;
|
||||||
|
|
||||||
eap_user = hostapd_get_eap_user(hapd, identity, identity_len, phase2);
|
eap_user = hostapd_get_eap_user(hapd, identity, identity_len, phase2);
|
||||||
if (eap_user == NULL)
|
if (eap_user == NULL)
|
||||||
return -1;
|
goto out;
|
||||||
|
|
||||||
os_memset(user, 0, sizeof(*user));
|
os_memset(user, 0, sizeof(*user));
|
||||||
user->phase2 = phase2;
|
user->phase2 = phase2;
|
||||||
|
@ -1941,7 +1942,7 @@ static int ieee802_1x_get_eap_user(void *ctx, const u8 *identity,
|
||||||
if (eap_user->password) {
|
if (eap_user->password) {
|
||||||
user->password = os_malloc(eap_user->password_len);
|
user->password = os_malloc(eap_user->password_len);
|
||||||
if (user->password == NULL)
|
if (user->password == NULL)
|
||||||
return -1;
|
goto out;
|
||||||
os_memcpy(user->password, eap_user->password,
|
os_memcpy(user->password, eap_user->password,
|
||||||
eap_user->password_len);
|
eap_user->password_len);
|
||||||
user->password_len = eap_user->password_len;
|
user->password_len = eap_user->password_len;
|
||||||
|
@ -1951,8 +1952,13 @@ static int ieee802_1x_get_eap_user(void *ctx, const u8 *identity,
|
||||||
user->macacl = eap_user->macacl;
|
user->macacl = eap_user->macacl;
|
||||||
user->ttls_auth = eap_user->ttls_auth;
|
user->ttls_auth = eap_user->ttls_auth;
|
||||||
user->remediation = eap_user->remediation;
|
user->remediation = eap_user->remediation;
|
||||||
|
rv = 0;
|
||||||
|
|
||||||
return 0;
|
out:
|
||||||
|
if (rv)
|
||||||
|
wpa_printf(MSG_DEBUG, "%s: Failed to find user", __func__);
|
||||||
|
|
||||||
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -2035,6 +2035,12 @@ static int radius_server_get_eap_user(void *ctx, const u8 *identity,
|
||||||
sess->remediation = user->remediation;
|
sess->remediation = user->remediation;
|
||||||
sess->macacl = user->macacl;
|
sess->macacl = user->macacl;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (ret) {
|
||||||
|
RADIUS_DEBUG("%s: User-Name not found from user database",
|
||||||
|
__func__);
|
||||||
|
}
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue