extens.c

This program is a RADIUS RFC-compliant daemon, which is derived from original Livingston Enterprise

    for(i=0; i<1000; i++) {
	MD5Init(&ctx1);
	if(i & 1)
	    MD5Update(&ctx1, (unsigned const char *)pw, strlen(pw));
	else
	    MD5Update(&ctx1, (unsigned const char *)final, 16);

	if(i % 3)
	    MD5Update(&ctx1, (unsigned const char *)sp, sl);

	if(i % 7)
	    MD5Update(&ctx1, (unsigned const char *)pw, strlen(pw));

	if(i & 1)
	    MD5Update(&ctx1, (unsigned const char *)final, 16);
	else
	    MD5Update(&ctx1, (unsigned const char *)pw, strlen(pw));
	MD5Final(final,&ctx1);
    }
    p = passwd + strlen(passwd);

    l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p,l,4); p += 4;
    l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p,l,4); p += 4;
    l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p,l,4); p += 4;
    l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p,l,4); p += 4;
    l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p,l,4); p += 4;
    l =                    final[11]                ; to64(p,l,2); p += 2;
    *p = '\0';

    /* Don't leave anything around in vm they could use. */
    memset(final,0,sizeof final);

    return passwd;
}


/*
 * Check if the current time is an allowed time to log in according
 * to the parameter
 * Modified by Misa -- time interval function completely rewritten
 */

#define MAX_TIMES 	10	/* max number of time specifications
				 * in one shot using commas */
#define SEPARATOR	';'				
int 
allowed_time(const char *time_str)
{
    struct time_frame	times[MAX_TIMES];
    /* Structures for storing the priorities in the time intervals */
    int 	priority[MAX_TIMES], cur_priority;
    int		i, j, dtime;
    const char	*cp;
    time_t	curtime;
    struct tm 	*tm;
    int		error_tokens; /* Number of bogus tokens */
    long 	session_timeout; /* This is the number of seconds 
    				  * allowed in this session */
    int		beg_day, end_day;
#ifdef EXT_DEBUG
FILE* auxdebug;

auxdebug = fopen("nighthawk","a");
#endif

    if (time_str == NULL) {
	/* cry loud */
	debug("allowed_times: passed a null pointer !!!\n");
	/* After all, it is okay... */
	return 0;
    }
    
    debug("allowed_time: checking time against %s\n", time_str);
#ifdef EXT_DEBUG
Debug(auxdebug,"allowed_time: checking time against %s\n", time_str);
#endif
    /* Initialize the time structures */
    curtime = time(NULL);
    tm = localtime(&curtime);
    error_tokens = 0; /* We assume all tokens are correct */

    cp = time_str;
    beg_day = end_day = 0; 
    for (j = 0; *cp && j < MAX_TIMES; j++) {
	/*
	 * Start off with no days of the week
	 */
	times[j].t_days = 0;
	priority[j] = 1; /* One-day priority, the highest */
	
	/*
	 * Check each two letter sequence to see if it is
	 * one of the abbreviations for the days of the
	 * week or the other two values.
	 */
	for (i = 0; cp[i] && cp[i+1] && isalpha(cp[i]); i+=2) {
	    switch ((cp[i] << 8) | (cp[i+1])) {
		case ('S' << 8) | 'u':
		    times[j].t_days |= Su_DAY;
		    beg_day = Su_DAY;
		    break;
		case ('M' << 8) | 'o':
		    times[j].t_days |= Mo_DAY;
		    beg_day = Mo_DAY;
		    break;
		case ('T' << 8) | 'u':
		    times[j].t_days |= Tu_DAY;
		    beg_day = Tu_DAY;
		    break;
		case ('W' << 8) | 'e':
		    times[j].t_days |= We_DAY;
		    beg_day = We_DAY;
		    break;
		case ('T' << 8) | 'h':
		    times[j].t_days |= Th_DAY;
		    beg_day = Th_DAY;
		    break;
		case ('F' << 8) | 'r':
		    times[j].t_days |= Fr_DAY;
		    beg_day = Fr_DAY;
		    break;
		case ('S' << 8) | 'a':
		    times[j].t_days |= Sa_DAY;
		    beg_day = Sa_DAY;
		    break;
		case ('W' << 8) | 'k':
		    /* communists, watch out ! :-) */
		    times[j].t_days |= (Mo_DAY|Tu_DAY|We_DAY|Th_DAY|Fr_DAY);
		    beg_day = 0; /* Not a valid day to begin an interval */
		    priority[j] = 3; /* The third priority */
		    break;
		case ('A' << 8) | 'l':
		    times[j].t_days |= (Mo_DAY|Tu_DAY|We_DAY|Th_DAY|Fr_DAY|Sa_DAY|Su_DAY);
		    beg_day = 0; /* Not a valid day to begin an interval */
		    priority[j] = 4; /* The lowest priority */
		    break;
		default:
		    log_err("syntax error in string %s specifying times allowed to log in\n",
			    time_str);
		    return 0; /* syntax error, can't continue ... */
	    }
	}
	/*
	 * The default is 'Al' if no days were seen.
	 */
	if (i == 0) {
	    debug("allowed_time: time specification incompete - assuming Al; i=%d\n",i);
	    times[j].t_days = Mo_DAY|Tu_DAY|We_DAY|Th_DAY|Fr_DAY|Sa_DAY|Su_DAY;
	    beg_day = 0; /* Not a valid day to begin an interval */
	}

	/*
	 * Testing if we have a day interval
	 *
	*/	
	if (cp[i]=='-') {
		if (beg_day==0) /* Error, cunt have an interval */
		{
			debug("Error in the token %d: cannot have such a day interval; skipped\n",j+1);
			error_tokens++;
			for (;cp[i] && cp[i]!=SEPARATOR;i++);
			cp += cp[i] ? i+1 : i; /* We jump the bogus token */
			continue;
		}
		i++; 
		cp += i;
		i=0; 
		
		if (cp[0] && cp[1] && isalpha(cp[i])) {
			switch ((cp[0] << 8) | (cp[1])) {
				case ('S' << 8) | 'u':
					times[j].t_days |= Su_DAY;
					end_day = Su_DAY;
					break;
				case ('M' << 8) | 'o':
					times[j].t_days |= Mo_DAY;
					end_day = Mo_DAY;
					break;
				case ('T' << 8) | 'u':
					times[j].t_days |= Tu_DAY;
					end_day = Tu_DAY;
					break;
				case ('W' << 8) | 'e':
					times[j].t_days |= We_DAY;
					end_day = We_DAY;
					break;
				case ('T' << 8) | 'h':
					times[j].t_days |= Th_DAY;
					end_day = Th_DAY;
					break;
				case ('F' << 8) | 'r':
					times[j].t_days |= Fr_DAY;
					end_day = Fr_DAY;
					break;
				case ('S' << 8) | 'a':
					times[j].t_days |= Sa_DAY;
					end_day = Sa_DAY;
					break;
				case ('W' << 8) | 'k':
					/* communists, watch out ! :-) */
					end_day = 0; /* Not a valid day to begin an interval */
					break;
				case ('A' << 8) | 'l':
					end_day = 0; /* Not a valid day to begin an interval */
					break;
				default:
					log_err("syntax error in string %s specifying times allowed to log in\n",
						time_str);
					return 0; /* syntax error, can't continue ... */
			}
		}
		/*
		*  Nothing means error
		*/
		if (end_day==0) {
			debug("Error in the token %d: not a valid day\n",j);
			times[j].t_days = Mo_DAY|Tu_DAY|We_DAY|Th_DAY|Fr_DAY|Sa_DAY|Su_DAY;
			end_day = 0; /* Not a valid day to end an interval */
		}
			for (; beg_day != end_day;)
		{
			/* mark the day */
			times[j].t_days |= beg_day;
			/* go to the next day, with wrapping if needed */
			beg_day = (beg_day==Sa_DAY) ? Su_DAY : beg_day << 1;
		} 
		times[j].t_days |= beg_day;
		priority[j]=2; /* second priority */
		i+=2;
	}

	/*
	 * The start and end times are separated from each
	 * other by a '-'.  The times are four digit numbers
	 * representing the times of day.
	 */

	/*
	 * We jump the checked items, to be able to easily count up to 4 digits
	*/
	cp += i;
	i = 0; 

	for (dtime = 0; i<4 && cp[i] && isdigit(cp[i]); i++)
		dtime = dtime * 10 + cp[i] - '0';
	if (cp[i] && isdigit(cp[i]))
	{
		/* Ooops, problem, too many digits */
		debug("Error in the token %d: too many digits for the begin time; skipped\n",j+1);
		/* 
		 * I try to give up, jumping to the next
		 * token separator
		*/ 
		error_tokens++;
		for (;cp[i] && cp[i]!=SEPARATOR;i++);
		cp += cp[i] ? i+1 : i; /* We jump the bogus token */
		continue;
	}
	
	if (cp[i] != '-' || dtime > 2400 || dtime % 100 > 59)
	{
	    debug("Error in the token %d: begin time invalid; skipped\n",j+1);
	    error_tokens++;
	    /* See the coments above */
	    for (;cp[i] && cp[i]!=SEPARATOR;i++);
	    cp += cp[i] ? i+1 : i; /* We jump the bogus token */
	    continue;
	}
	times[j].t_start = dtime;
	cp += i+1;
	for (dtime = i = 0; i<4 && cp[i] && isdigit (cp[i]); i++)
	    dtime = dtime * 10 + cp[i] - '0';
	if (cp[i] && isdigit(cp[i]))
	{
		/* 
		 * Ooops, problem, too many digits 
		 * But this time we go over this error, since
		 * we have found a valid time stamp
		 */
		debug("Error in the token %d: too many digits for the end time\n",j+1);
		error_tokens = -error_tokens - 1;
	}
	if (dtime > 2400 || dtime % 100 > 59)
	{
	    /* 
	     * Yet another error in the string
	    */
	    debug("Error in the token %d: end time invalid; skipped\n",j+1);
	    error_tokens = error_tokens>=0 ? error_tokens+1 : -error_tokens;
	    for (; cp[i] && cp[i]!=SEPARATOR; i++);
	    cp += cp[i] ? i+1 : i; /* We jump the bogus token */
	    continue;
	}
	if (error_tokens<0) error_tokens = -error_tokens;
	times[j].t_end = dtime;
	for (; cp[i] && cp[i]!=SEPARATOR; i++);
	cp += cp[i] ? i+1 : i;
    }

    /* we now have j entries */
    for (session_timeout = 0, cur_priority = 100, i = 0; i < j; i++) {
	/* check the current time against each timeframe */
	int s_time, e_time;
	
	if ( times[i].t_start <= times[i].t_end ) /* No time wrapping */
	{
		if ( (times[i].t_days & (1<<(tm->tm_wday))) == 0 ) 
				/* No matching for this day */
			continue;
	}
	else /* We do have time wrapping */
	{
		if ( (times[i].t_days & (1<<(tm->tm_wday))) == 0 &&
			(times[i].t_days & (1<<((tm->tm_wday + 6)%7)) ) == 0 )
			/* Hey, don't you like LISP? */
		/* No match for today or yesterday */
			continue;
	}
	e_time = s_time = curtime - tm->tm_hour*3600 - tm->tm_min*60 - tm->tm_sec;
	s_time += (times[i].t_start/100)*3600 + (times[i].t_start%100)*60;
	e_time += (times[i].t_end/100)*3600 + (times[i].t_end%100)*60;
	/* check for time wrap ... */
	if (times[i].t_start > times[i].t_end) {
	    /* time is wrapping accross 0 */
	    if (curtime >= s_time)
		/* current time passed start_time,
		 * end_time will be tomorrow */
		e_time += 24*3600;
	    else if (curtime <= e_time)
		/* current time before end time, start_time was yesterday */
	       s_time -= 24*3600;
	}
	/* now check if it is allowed to log in now */
	if ( priority[i] > cur_priority)
		continue; /* We already have a higher priority option */  
	if (priority[i] == cur_priority && curtime > s_time && 
		session_timeout < e_time - curtime)
	{
		session_timeout = e_time - curtime;
		continue;
	}
	cur_priority = priority[i]; /* This is a higher priority option */
	session_timeout = (s_time < curtime && e_time-curtime>0) ? e_time-curtime : 0; 
    }
    if (error_tokens)
    	debug(" %d error(s) found in the time string\n",error_tokens);
    if (session_timeout <= 0) {
    	debug("allowed_time: access denied\n");
#ifdef EXT_DEBUG
Debug(auxdebug,"allowed_time: access denied\n");
fclose(auxdebug);
#endif
    	return -1;
    }
    debug("allowed_time: access allowed for %d seconds\n",session_timeout);
#ifdef EXT_DEBUg
Debug(auxdebug,"allowed_time: access allowed for %d seconds\n",session_timeout);
fclose(auxdebug);
#endif
    return 0;	
}


/*
 * Implement the traffic quota for an user
 */
int 
check_maxtraffic(char *user, const int size,const int kind)
{	
    char 	dbfile_name[PATH_MAX];
    GDBM_FILE 	dbf;
    datum 	key, content;
    user_entry	*ue;
    struct tm	*time_info;
    int		i,j;
    UINT4	counter;
    time_t 	crt_time = time(NULL);
    
    time_info = localtime(&crt_time);
    memset(dbfile_name, 0, PATH_MAX);
    snprintf(dbfile_name, sizeof(dbfile_name), "%s/%d/%s",
	    radacct_dir, 1900+time_info->tm_year,RADIUS_USER_STATS );
    dbf = gdbm_open(dbfile_name,0,GDBM_READER,0600,NULL );
    if (dbf == NULL) {
	return 0;
    }
		      
    /* sanity checks */
    if (user == NULL)
	return -1;
    
    /* Build the key */
    key.dptr = user;
    key.dsize = strlen(user);
						       
    content = gdbm_fetch(dbf,key);
    if (content.dptr == NULL) {
	/* not here, login is allowed */
	gdbm_close(dbf);
	if ( content.dptr!=NULL ) free( content.dptr );
	return 0;
    }
    ue = (user_entry *)content.dptr;

    switch ( kind )
      {
      case DAY_LIMIT:
        if (ue->day[time_info->tm_mon][time_info->tm_mday-1].input_octets+
	    ue->day[time_info->tm_mon][time_info->tm_mday-1].output_octets >= 
	    size*1024) 
	  {
	  gdbm_close(dbf);
	  if ( content.dptr!=NULL ) free( content.dptr );
	  return -2;
          }
	break;

      case MONTH_LIMIT:
        for ( i=0, counter=0; i<time_info->tm_mday; i++ ) 
	  {
	  counter += ue->day[time_info->tm_mon][i].input_octets;
	  counter += ue->day[time_info->tm_mon][i].output_octets;
	  }
	if ( counter >= size*1024 )
	  {
	  gdbm_close(dbf);
	  if ( content.dptr!=NULL ) free( content.dptr );
	  return -2;
	  }
        break;

      case YEAR_LIMIT:
        for ( i=0, counter=0; i<=time_info->tm_mon; i++ ) 
          for ( j=0; i<time_info->tm_mday; i++ ) 
	    {
	    counter += ue->day[i][j].input_octets;
	    counter += ue->day[i][j].output_octets;
	    }
	if ( counter >= size*1024 )
	  {
	  gdbm_close(dbf);
	  if ( content.dptr!=NULL ) free( content.dptr );
	  return -2;
	  }
        break;

      default:
        log_err("internal error: invalid kind of limit in a "
	        "check_maxtraffic() call\n");
        break;
      }
    gdbm_close(dbf);
    if ( content.dptr!=NULL ) free( content.dptr );
    return 0;
}