archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/net/ias/providers/accounting/account.cpp

639 lines
17 KiB
Raw Normal View History

Add source files
4 years ago
  1. ///////////////////////////////////////////////////////////////////////////////
  2. //
  3. // Copyright (c) 1998, Microsoft Corp. All rights reserved.
  4. //
  5. // FILE
  6. //
  7. // account.cpp
  8. //
  9. // SYNOPSIS
  10. //
  11. // Defines the class Accountant.
  12. //
  13. // MODIFICATION HISTORY
  14. //
  15. // 08/05/1998 Original version.
  16. // 09/16/1998 Add Reason-Code pseudo-attribute.
  17. // 12/02/1998 Fix backward compatibility of IAS 1.0 format.
  18. // 01/19/1999 Log Access-Challenge's.
  19. // 01/25/1999 Date and time are separate fields.
  20. // 03/23/1999 Add support for text qualifiers.
  21. // 03/26/1999 Use the new LogFile::setEnabled method.
  22. // 05/18/1999 Store computerName as UTF-8.
  23. // 07/09/1999 Discard the request if logging fails.
  24. // 08/05/1999 Always log Class attribute.
  25. // 01/25/2000 Remove PROPERTY_ACCOUNTING_LOG_ENABLE.
  26. // 02/29/2000 Don't touch Class attribute when proxying.
  27. // 03/13/2000 Log reason code for Accounting-Requests.
  28. //
  29. ///////////////////////////////////////////////////////////////////////////////
  31. #include <ias.h>
  32. #include <iasutf8.h>
  33. #include <sdoias.h>
  35. #include <algorithm>
  37. #include <account.h>
  38. #include <classattr.h>
  39. #include <formbuf.h>
  41. #define STACK_ALLOC(type, num) (type*)_alloca(sizeof(type) * (num))
  43. //////////
  44. // Misc. enumerator constants.
  45. //////////
  46. const LONG INET_LOG_FORMAT_INTERNET_STD = 0;
  47. const LONG INET_LOG_FORMAT_NCSA = 3;
  48. const LONG INET_LOG_FORMAT_ODBC_RADIUS = 0xFFFF;
  49. const DWORD ACCOUNTING_INTERIM = 3;
  51. //////////
  52. // Returns TRUE if the request contains an interim accounting record.
  53. //////////
  54. extern "C"
  55. BOOL
  56. WINAPI
  57. IsInterimRecord(
  58. IAttributesRaw* pRaw
  59. )
  60. {
  61. PIASATTRIBUTE attr = IASPeekAttribute(
  62. pRaw,
  63. RADIUS_ATTRIBUTE_ACCT_STATUS_TYPE,
  64. IASTYPE_ENUM
  65. );
  67. return attr && attr->Value.Enumerator == ACCOUNTING_INTERIM;
  68. }
  70. //////////
  71. // Inserts a class attribute into the request.
  72. //////////
  73. extern "C"
  74. HRESULT
  75. WINAPI
  76. InsertClassAttribute(
  77. IAttributesRaw* pRaw
  78. )
  79. {
  80. //////////
  81. // Check if this was proxied.
  82. //////////
  83. PIASATTRIBUTE attr = IASPeekAttribute(
  84. pRaw,
  85. IAS_ATTRIBUTE_PROVIDER_TYPE,
  86. IASTYPE_ENUM
  87. );
  88. if (attr && attr->Value.Enumerator == IAS_PROVIDER_RADIUS_PROXY)
  89. {
  90. return S_OK;
  91. }
  94. //////////
  95. // Check if Generate Class Attribute is disabled
  96. //////////
  97. PIASATTRIBUTE generateClassAttr = IASPeekAttribute(
  98. pRaw,
  99. IAS_ATTRIBUTE_GENERATE_CLASS_ATTRIBUTE,
  100. IASTYPE_BOOLEAN
  101. );
  103. if (generateClassAttr && generateClassAttr->Value.Boolean == FALSE)
  104. {
  105. return S_OK;
  106. }
  108. //////////
  109. // Create a new class attribute
  110. // Do not remove any existing class attribute.
  111. //////////
  113. ATTRIBUTEPOSITION pos;
  114. pos.pAttribute = IASClass::createAttribute(NULL);
  116. if (pos.pAttribute == NULL) { return E_OUTOFMEMORY; }
  118. //////////
  119. // Insert into the request.
  120. //////////
  122. HRESULT hr = pRaw->AddAttributes(1, &pos);
  123. IASAttributeRelease(pos.pAttribute);
  125. return hr;
  126. }
  128. Accountant::Accountant() throw ()
  129. : logAuth(FALSE),
  130. logAcct(FALSE),
  131. logInterim(FALSE),
  132. computerNameLen(0)
  133. { }
  135. STDMETHODIMP Accountant::Initialize()
  136. {
  137. // Get the Unicode computer name.
  138. WCHAR uniName[MAX_COMPUTERNAME_LENGTH + 1];
  139. DWORD len = sizeof(uniName) / sizeof(WCHAR);
  140. if (!GetComputerNameW(uniName, &len))
  141. {
  142. // If it failed, we'll just use an empty string.
  143. len = 0;
  144. }
  146. // Convert the Unicode to UTF-8.
  147. computerNameLen = IASUnicodeToUtf8(uniName, len, computerName);
  149. IASClass::initialize();
  151. return schema.initialize();
  152. }
  154. STDMETHODIMP Accountant::Shutdown()
  155. {
  156. log.close();
  157. schema.shutdown();
  158. return S_OK;
  159. }
  161. STDMETHODIMP Accountant::PutProperty(LONG Id, VARIANT *pValue)
  162. {
  163. if (pValue == NULL) { return E_INVALIDARG; }
  165. switch (Id)
  166. {
  167. case PROPERTY_ACCOUNTING_LOG_ACCOUNTING:
  168. {
  169. if (V_VT(pValue) != VT_BOOL) { return DISP_E_TYPEMISMATCH; }
  170. logAcct = V_BOOL(pValue);
  171. log.setEnabled(logAcct | logInterim | logAuth);
  172. break;
  173. }
  175. case PROPERTY_ACCOUNTING_LOG_ACCOUNTING_INTERIM:
  176. {
  177. if (V_VT(pValue) != VT_BOOL) { return DISP_E_TYPEMISMATCH; }
  178. logInterim = V_BOOL(pValue);
  179. log.setEnabled(logAcct | logInterim | logAuth);
  180. break;
  181. }
  183. case PROPERTY_ACCOUNTING_LOG_AUTHENTICATION:
  184. {
  185. if (V_VT(pValue) != VT_BOOL) { return DISP_E_TYPEMISMATCH; }
  186. logAuth = V_BOOL(pValue);
  187. log.setEnabled(logAcct | logInterim | logAuth);
  188. break;
  189. }
  191. case PROPERTY_ACCOUNTING_LOG_OPEN_NEW_FREQUENCY:
  192. {
  193. if (V_VT(pValue) != VT_I4) { return DISP_E_TYPEMISMATCH; }
  194. switch (V_I4(pValue))
  195. {
  196. case IAS_LOGGING_UNLIMITED_SIZE:
  197. case IAS_LOGGING_WHEN_FILE_SIZE_REACHES:
  198. case IAS_LOGGING_DAILY:
  199. case IAS_LOGGING_WEEKLY:
  200. case IAS_LOGGING_MONTHLY:
  201. log.setPeriod(V_I4(pValue));
  202. break;
  204. default:
  205. return E_INVALIDARG;
  206. }
  207. break;
  208. }
  210. case PROPERTY_ACCOUNTING_LOG_OPEN_NEW_SIZE:
  211. {
  212. if (V_VT(pValue) != VT_I4) { return DISP_E_TYPEMISMATCH; }
  213. if (V_I4(pValue) <= 0) { return E_INVALIDARG; }
  214. log.setMaxSize(V_I4(pValue) * 0x100000ui64);
  215. break;
  216. }
  218. case PROPERTY_ACCOUNTING_LOG_FILE_DIRECTORY:
  219. {
  220. if (V_VT(pValue) != VT_BSTR) { return DISP_E_TYPEMISMATCH; }
  221. if (V_BSTR(pValue) == NULL || wcslen(V_BSTR(pValue)) > MAX_PATH - 12)
  222. { return E_INVALIDARG; }
  223. log.setDirectory(V_BSTR(pValue));
  224. break;
  225. }
  227. case PROPERTY_ACCOUNTING_LOG_IAS1_FORMAT:
  228. {
  229. if (V_VT(pValue) != VT_I4) { return DISP_E_TYPEMISMATCH; }
  230. switch (V_I4(pValue))
  231. {
  232. case INET_LOG_FORMAT_ODBC_RADIUS:
  233. format = formatODBCRecord;
  234. break;
  236. case INET_LOG_FORMAT_INTERNET_STD:
  237. format = formatW3CRecord;
  238. break;
  240. default:
  241. return E_INVALIDARG;
  242. }
  243. break;
  244. }
  246. default:
  247. {
  248. // We just ignore properties that we don't understand.
  249. return S_OK;
  250. }
  251. }
  253. return S_OK;
  254. }
  256. IASREQUESTSTATUS Accountant::onSyncRequest(IRequest* pRequest) throw ()
  257. {
  258. // Flag indicating final outcome of logging.
  259. BOOL success = TRUE;
  261. try
  262. {
  263. // Convert to an IASRequest object.
  264. IASRequest request(pRequest);
  266. // Get the local SYSTEMTIME.
  267. SYSTEMTIME st;
  268. GetLocalTime(&st);
  270. // Create a FormattedBuffer of the correct type.
  271. FormattedBuffer buffer(format == formatODBCRecord ? '\"' : '\0');
  273. //////////
  274. // This ungodly mess performs the actual processing logic of the
  275. // accounting handler. I love simple, clean algorithms.
  276. //////////
  277. switch (request.get_Request())
  278. {
  279. case IAS_REQUEST_ACCOUNTING:
  280. {
  281. if (IsInterimRecord(request) ? logInterim : logAcct)
  282. {
  283. appendRecord(request, PKT_ACCOUNTING_REQUEST, buffer, st);
  284. }
  285. if (request.get_Response() == IAS_RESPONSE_INVALID)
  286. {
  287. request.SetResponse(IAS_RESPONSE_ACCOUNTING, S_OK);
  288. }
  289. break;
  290. }
  292. case IAS_REQUEST_ACCESS_REQUEST:
  293. InsertClassAttribute(request);
  294. switch (request.get_Response())
  295. {
  296. case IAS_RESPONSE_ACCESS_ACCEPT:
  297. if (logAuth)
  298. {
  299. appendRecord(request, PKT_ACCESS_REQUEST, buffer, st);
  300. appendRecord(request, PKT_ACCESS_ACCEPT, buffer, st);
  301. }
  302. break;
  304. case IAS_RESPONSE_ACCESS_REJECT:
  305. if (logAuth)
  306. {
  307. appendRecord(request, PKT_ACCESS_REQUEST, buffer, st);
  308. appendRecord(request, PKT_ACCESS_REJECT, buffer, st);
  309. }
  310. break;
  312. case IAS_RESPONSE_ACCESS_CHALLENGE:
  313. if (logAuth)
  314. {
  315. appendRecord(request, PKT_ACCESS_REQUEST, buffer, st);
  316. appendRecord(request, PKT_ACCESS_CHALLENGE, buffer, st);
  317. }
  318. break;
  320. default:
  321. if (logAuth)
  322. {
  323. appendRecord(request, PKT_ACCESS_REQUEST, buffer, st);
  324. }
  325. }
  326. break;
  327. }
  329. // If the buffer isn't empty, then write the contents to the logfile.
  330. if (!buffer.empty())
  331. {
  332. success = log.write(&st, buffer.getBuffer(), buffer.getLength());
  333. }
  334. }
  335. catch (...)
  336. {
  337. // Something went wrong.
  338. success = FALSE;
  339. }
  341. // If we didn't succeed then discard the packet.
  342. if (!success)
  343. {
  344. pRequest->SetResponse(IAS_RESPONSE_DISCARD_PACKET, IAS_NO_RECORD);
  345. return IAS_REQUEST_STATUS_ABORT;
  346. }
  348. return IAS_REQUEST_STATUS_CONTINUE;
  349. }
  351. void Accountant::appendRecord(
  352. IASRequest& request,
  353. PacketType packetType,
  354. FormattedBuffer& buffer,
  355. const SYSTEMTIME& localTime
  356. ) const throw (_com_error)
  357. {
  358. //////////
  359. // Retrieve all the attributes from the request. Save room for three extra
  360. // attributes: Packet-Type, Reason-Code, and a null-terminator.
  361. //////////
  363. PATTRIBUTEPOSITION firstPos, curPos, lastPos;
  364. DWORD nattr = request.GetAttributeCount();
  365. firstPos = STACK_ALLOC(ATTRIBUTEPOSITION, nattr + 3);
  366. nattr = request.GetAttributes(nattr, firstPos, 0, NULL);
  367. lastPos = firstPos + nattr;
  369. //////////
  370. // Compute the attribute filter and reason code.
  371. //////////
  373. DWORD always, never, reason = 0;
  374. switch (packetType)
  375. {
  376. case PKT_ACCESS_REQUEST:
  377. always = IAS_RECVD_FROM_CLIENT | IAS_RECVD_FROM_PROTOCOL;
  378. never = IAS_INCLUDE_IN_RESPONSE;
  379. break;
  381. case PKT_ACCESS_ACCEPT:
  382. always = IAS_INCLUDE_IN_ACCEPT;
  383. never = IAS_RECVD_FROM_CLIENT |
  384. IAS_INCLUDE_IN_REJECT | IAS_INCLUDE_IN_CHALLENGE;
  385. break;
  387. case PKT_ACCESS_REJECT:
  388. always = IAS_INCLUDE_IN_REJECT;
  389. never = IAS_RECVD_FROM_CLIENT |
  390. IAS_INCLUDE_IN_ACCEPT | IAS_INCLUDE_IN_CHALLENGE;
  391. reason = request.get_Reason();
  392. break;
  394. case PKT_ACCESS_CHALLENGE:
  395. always = IAS_INCLUDE_IN_CHALLENGE;
  396. never = IAS_RECVD_FROM_CLIENT |
  397. IAS_INCLUDE_IN_ACCEPT | IAS_INCLUDE_IN_REJECT;
  398. break;
  400. case PKT_ACCOUNTING_REQUEST:
  401. always = IAS_RECVD_FROM_CLIENT | IAS_RECVD_FROM_PROTOCOL;
  402. never = IAS_INCLUDE_IN_RESPONSE;
  403. reason = request.get_Reason();
  404. break;
  405. }
  407. //////////
  408. // Filter the attributes based on flags.
  409. //////////
  411. for (curPos = firstPos; curPos != lastPos; )
  412. {
  413. // We can release here since the request still holds a reference.
  414. IASAttributeRelease(curPos->pAttribute);
  416. if (!(curPos->pAttribute->dwFlags & always) &&
  417. (curPos->pAttribute->dwFlags & never ) &&
  418. (curPos->pAttribute->dwId != RADIUS_ATTRIBUTE_CLASS))
  419. {
  420. --lastPos;
  422. std::swap(lastPos->pAttribute, curPos->pAttribute);
  423. }
  424. else
  425. {
  426. ++curPos;
  427. }
  428. }
  430. //////////
  431. // Add the Packet-Type pseudo-attribute.
  432. //////////
  434. IASATTRIBUTE packetTypeAttr;
  435. packetTypeAttr.dwId = IAS_ATTRIBUTE_PACKET_TYPE;
  436. packetTypeAttr.dwFlags = (DWORD)-1;
  437. packetTypeAttr.Value.itType = IASTYPE_ENUM;
  438. packetTypeAttr.Value.Enumerator = packetType;
  440. lastPos->pAttribute = &packetTypeAttr;
  441. ++lastPos;
  443. //////////
  444. // Add the Reason-Code pseudo-attribute.
  445. //////////
  447. IASATTRIBUTE reasonCodeAttr;
  448. reasonCodeAttr.dwId = IAS_ATTRIBUTE_REASON_CODE;
  449. reasonCodeAttr.dwFlags = (DWORD)-1;
  450. reasonCodeAttr.Value.itType = IASTYPE_INTEGER;
  451. reasonCodeAttr.Value.Integer = reason;
  453. lastPos->pAttribute = &reasonCodeAttr;
  454. ++lastPos;
  456. //////////
  457. // Invoke the currently configured formatter.
  458. //////////
  460. (this->*format)(request, buffer, localTime, firstPos, lastPos);
  462. //////////
  463. // We're done.
  464. //////////
  466. buffer.endRecord();
  467. }
  469. void Accountant::formatODBCRecord(
  470. IASRequest& request,
  471. FormattedBuffer& buffer,
  472. const SYSTEMTIME& localTime,
  473. PATTRIBUTEPOSITION firstPos,
  474. PATTRIBUTEPOSITION lastPos
  475. ) const throw (_com_error)
  476. {
  477. //////////
  478. // Column 1: Computer name.
  479. //////////
  481. buffer.append('\"');
  482. buffer.append((PBYTE)computerName, computerNameLen);
  483. buffer.append('\"');
  485. //////////
  486. // Column 2: Service name.
  487. //////////
  489. buffer.beginColumn();
  491. switch (request.get_Protocol())
  492. {
  493. case IAS_PROTOCOL_RADIUS:
  494. buffer.append((const BYTE*)"\"IAS\"", 5);
  495. break;
  497. case IAS_PROTOCOL_RAS:
  498. buffer.append((const BYTE*)"\"RAS\"", 5);
  499. break;
  500. }
  502. //////////
  503. // Column 3: Record time.
  504. //////////
  506. buffer.beginColumn();
  507. buffer.appendDate(localTime);
  508. buffer.beginColumn();
  509. buffer.appendTime(localTime);
  511. //////////
  512. // Allocate a blank record.
  513. //////////
  515. PATTRIBUTEPOSITION *firstField, *curField, *lastField;
  516. size_t nfield = schema.getNumFields() + 1;
  517. firstField = STACK_ALLOC(PATTRIBUTEPOSITION, nfield);
  518. memset(firstField, 0, sizeof(PATTRIBUTEPOSITION) * nfield);
  519. lastField = firstField + nfield;
  521. //////////
  522. // Sort the attributes to coalesce multi-valued attributes.
  523. //////////
  525. std::sort(firstPos, lastPos, IASOrderByID());
  527. //////////
  528. // Add a null terminator. This will make it easier to handle multi-valued
  529. // attributes.
  530. //////////
  532. lastPos->pAttribute = NULL;
  534. //////////
  535. // Fill in the fields.
  536. //////////
  538. PATTRIBUTEPOSITION curPos;
  539. DWORD lastSeen = (DWORD)-1;
  540. for (curPos = firstPos; curPos != lastPos; ++curPos)
  541. {
  542. // Only process if this is a new attribute type.
  543. if (curPos->pAttribute->dwId != lastSeen)
  544. {
  545. lastSeen = curPos->pAttribute->dwId;
  547. firstField[schema.getOrdinal(lastSeen)] = curPos;
  548. }
  549. }
  551. //////////
  552. // Pack the record into the buffer. We skip field 0, since that's where
  553. // we map all the attributes we don't want to log.
  554. //////////
  556. for (curField = firstField + 1; curField != lastField; ++curField)
  557. {
  558. buffer.beginColumn();
  560. if (*curField) { buffer.append(*curField); }
  561. }
  562. }
  564. void Accountant::formatW3CRecord(
  565. IASRequest& request,
  566. FormattedBuffer& buffer,
  567. const SYSTEMTIME& localTime,
  568. PATTRIBUTEPOSITION firstPos,
  569. PATTRIBUTEPOSITION lastPos
  570. ) const throw (_com_error)
  571. {
  572. //////////
  573. // Column 1: NAS-IP-Addresses
  574. //////////
  576. PIASATTRIBUTE attr = IASPeekAttribute(request,
  577. IAS_ATTRIBUTE_CLIENT_IP_ADDRESS,
  578. IASTYPE_INET_ADDR);
  579. if (attr) { buffer.append(attr->Value); }
  581. //////////
  582. // Column 2: User-Name
  583. //////////
  585. buffer.beginColumn();
  586. attr = IASPeekAttribute(request,
  587. RADIUS_ATTRIBUTE_USER_NAME,
  588. IASTYPE_OCTET_STRING);
  589. if (attr) { buffer.append(attr->Value); }
  591. //////////
  592. // Column 3: Record time.
  593. //////////
  595. buffer.beginColumn();
  596. buffer.appendDate(localTime);
  597. buffer.beginColumn();
  598. buffer.appendTime(localTime);
  600. //////////
  601. // Column 4: Service name.
  602. //////////
  604. buffer.beginColumn();
  606. switch (request.get_Protocol())
  607. {
  608. case IAS_PROTOCOL_RADIUS:
  609. buffer.append("IAS");
  610. break;
  612. case IAS_PROTOCOL_RAS:
  613. buffer.append("RAS");
  614. break;
  615. }
  617. //////////
  618. // Column 5: Computer name.
  619. //////////
  621. buffer.beginColumn();
  622. buffer.append((PBYTE)computerName, computerNameLen);
  624. //////////
  625. // Pack the attributes into the buffer.
  626. //////////
  628. PATTRIBUTEPOSITION curPos;
  629. for (curPos = firstPos; curPos != lastPos; ++curPos)
  630. {
  631. if (!schema.excludeFromLog(curPos->pAttribute->dwId))
  632. {
  633. buffer.beginColumn();
  634. buffer.append(curPos->pAttribute->dwId);
  635. buffer.beginColumn();
  636. buffer.append(*(curPos->pAttribute));
  637. }
  638. }
  639. }