Re: [vchkpw] add AuthType to lastauth table
Quoting Matt Brookings :
-BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 11/09/2010 01:45 PM, Rick Romero wrote:
>> I'm interested in knowing not only what IP the user last auth'd, but
>> also how they connected. That gives me more info right from the tables
>> on how a particular is using the system, and how the system is utilized
>> overall.
>>
>> I attached a patch and honestly I haven't even tested yet - just thought
>> I'd throw it out there..
>>
>> - It utilizes a new field 'type' char(10), and puts the text AuthType in
>> there. I'm not sure if a table change is handled via README or
automated..
>> - It also adjusts the vget_lastauth to grab the 'latest' record for that
>> user from the lastauth table, no matter how they auth'd.
>> - The new info is only accessible by direct query.
>
> 5.4 is feature-frozen. It only accepts bugfixes. If you would like
> to work on the patch for 5.5, it would be appreciated.
How's this? I did change the fieldname from 'type' to 'authtype'.
I also modified all the backends as described above, except for ldap,
openldap and cdb. Those 3 will accept the 'authtype' parameter in the
function for completeness, but will not use it.
I've never done Oracle, but I tried to use the rank() function to get a
single 'latest' result for the vget_lastauth function. Not sure about that
one..
Rick
!DSPAM:4cd9bdf632711223351550!
diff -ru vpopmail-5.5.0-orig/backends/cdb/vcdb.c vpopmail-5.5.0/backends/cdb/vcdb.c
--- vpopmail-5.5.0-orig/backends/cdb/vcdb.c 2010-11-05 13:37:23.0 -0500
+++ vpopmail-5.5.0/backends/cdb/vcdb.c 2010-11-09 14:56:12.0 -0600
@@ -1074,7 +1074,7 @@
return(unlink(dir_control_file));
}
-int set_lastauth(char *user, char *domain, char *remoteip )
+int set_lastauth(char *user, char *domain, char *remoteip, char *authtype)
{
char *tmpbuf;
FILE *fs;
diff -ru vpopmail-5.5.0-orig/backends/ldap/vldap.c vpopmail-5.5.0/backends/ldap/vldap.c
--- vpopmail-5.5.0-orig/backends/ldap/vldap.c 2010-11-05 13:37:24.0 -0500
+++ vpopmail-5.5.0/backends/ldap/vldap.c 2010-11-09 14:36:14.0 -0600
@@ -1235,7 +1235,7 @@
}
-int set_lastauth(char *user, char *domain, char *remoteip ) {
+int set_lastauth(char *user, char *domain, char *remoteip, char *authtype ) {
return(vset_lastauth_time(user, domain, remoteip, time(NULL) ));
}
diff -ru vpopmail-5.5.0-orig/backends/mysql/vmysql.c vpopmail-5.5.0/backends/mysql/vmysql.c
--- vpopmail-5.5.0-orig/backends/mysql/vmysql.c 2010-11-05 13:37:23.0 -0500
+++ vpopmail-5.5.0/backends/mysql/vmysql.c 2010-11-09 14:51:10.0 -0600
@@ -1298,7 +1298,7 @@
//
#ifdef ENABLE_AUTH_LOGGING
-int set_lastauth(char *user, char *domain, char *remoteip )
+int set_lastauth(char *user, char *domain, char *remoteip, char *authtype )
{
int err;
@@ -1307,11 +1307,11 @@
qnprintf( SqlBufUpdate, SQL_BUF_SIZE,
"INSERT INTO lastauth "
"SET user = '%s', domain = '%s', "
-"remote_ip = '%s', timestamp = %lu "
+"remote_ip = '%s', timestamp = %lu, authtype = '%s' "
"ON DUPLICATE KEY UPDATE "
"user = '%s', domain = '%s', "
"remote_ip = '%s', timestamp = %lu",
-user, domain, remoteip, time(NULL),
+user, domain, remoteip, time(NULL), authtype,
user, domain, remoteip, time(NULL));
if (mysql_query(&mysql_update,SqlBufUpdate)) {
vcreate_lastauth_table();
@@ -1332,7 +1332,7 @@
if ( (err=vauth_open_read()) != 0 ) return(err);
qnprintf( SqlBufRead, SQL_BUF_SIZE,
-"SELECT timestamp FROM lastauth WHERE user='%s' AND domain='%s'",
+"SELECT timestamp FROM lastauth WHERE user='%s' AND domain='%s' order by timestamp LIMIT 1",
pw->pw_name, domain);
if (mysql_query(&mysql_read,SqlBufRead)) {
vcreate_lastauth_table();
@@ -1359,7 +1359,7 @@
if ( vauth_open_read() != 0 ) return(NULL);
qnprintf( SqlBufRead, SQL_BUF_SIZE,
-"SELECT remote_ip FROM lastauth WHERE user='%s' AND domain='%s'",
+"SELECT remote_ip FROM lastauth WHERE user='%s' AND domain='%s' order by timestamp LIMIT 1",
pw->pw_name, domain);
if (mysql_query(&mysql_read,SqlBufRead)) {
vcreate_lastauth_table();
diff -ru vpopmail-5.5.0-orig/backends/mysql/vmysql.h.in vpopmail-5.5.0/backends/mysql/vmysql.h.in
--- vpopmail-5.5.0-orig/backends/mysql/vmysql.h.in 2010-11-05 13:37:23.0 -0500
+++ vpopmail-5.5.0/backends/mysql/vmysql.h.in 2010-11-09 14:52:02.0 -0600
@@ -96,6 +96,7 @@
domain char(96) NOT NULL,\
remote_ip char(18) not null, \
timestamp bigint default 0 NOT NULL, \
+authtype char(10) NOT NULL ,\
primary key (user, domain)"
char *vauth_munch_domain(char *);
diff -ru vpopmail-5.5.0-orig/backends/openldap/vopenldap.c vpopmail-5.5.0/backends/openldap/vopenldap.c
--- vpopmail-5.5.0-orig/backends/openldap/vopenldap.c 2010-11-0
Re: [vchkpw] add AuthType to lastauth table
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/09/2010 01:45 PM, Rick Romero wrote: > I'm interested in knowing not only what IP the user last auth'd, but > also how they connected. That gives me more info right from the tables > on how a particular is using the system, and how the system is utilized > overall. > > I attached a patch and honestly I haven't even tested yet - just thought > I'd throw it out there.. > > - It utilizes a new field 'type' char(10), and puts the text AuthType in > there. I'm not sure if a table change is handled via README or automated.. > - It also adjusts the vget_lastauth to grab the 'latest' record for that > user from the lastauth table, no matter how they auth'd. > - The new info is only accessible by direct query. 5.4 is feature-frozen. It only accepts bugfixes. If you would like to work on the patch for 5.5, it would be appreciated. Thanks! - -- /* Matt BrookingsGnuPG Key FAE0672C Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkzZrqYACgkQIwet2/rgZyybEgCeMJw6eoqxDy6q9WZe8Ewp4mi9 Hp8An0GI3yRsaUUijI/LFVLTNOQx1zlt =ucT6 -END PGP SIGNATURE-
[vchkpw] add AuthType to lastauth table
I'm interested in knowing not only what IP the user last auth'd, but also
how they connected. That gives me more info right from the tables on how a
particular is using the system, and how the system is utilized overall.
I attached a patch and honestly I haven't even tested yet - just thought
I'd throw it out there..
- It utilizes a new field 'type' char(10), and puts the text AuthType in
there. I'm not sure if a table change is handled via README or automated..
- It also adjusts the vget_lastauth to grab the 'latest' record for that
user from the lastauth table, no matter how they auth'd.
- The new info is only accessible by direct query.
Rick
!DSPAM:4cd9a51632711680712101!
diff -u vpopmail-5.4.32-orig/authvchkpw.c vpopmail-5.4.32/authvchkpw.c
--- vpopmail-5.4.32-orig/authvchkpw.c 2010-11-08 09:02:52.0 -0600
+++ vpopmail-5.4.32/authvchkpw.c 2010-11-09 12:48:02.908186101 -0600
@@ -157,7 +157,7 @@
#endif
if (!(ptr = getenv("TCPERMOTEIP")))
ptr = "0.0.0.0";
- vset_lastauth(pw->pw_name, domain, ptr);
+ vset_lastauth(pw->pw_name, domain, ptr, ServiceType );
#ifdef MIN_LOGIN_INTERVAL
if(( vget_lastauth(vpw,TheDomain ) - last_time ) < MIN_LOGIN_INTERVAL ) {
vchkpw_exit(1);
diff -u vpopmail-5.4.32-orig/vauth.c vpopmail-5.4.32/vauth.c
--- vpopmail-5.4.32-orig/vauth.c 2010-11-08 09:02:52.0 -0600
+++ vpopmail-5.4.32/vauth.c 2010-11-09 13:21:04.353502283 -0600
@@ -1274,15 +1274,15 @@
//
#ifdef ENABLE_AUTH_LOGGING
-int vset_lastauth(char *user, char *domain, char *remoteip )
+int vset_lastauth(char *user, char *domain, char *remoteip , char *authtype )
{
int err;
if ( (err=vauth_open_update()) != 0 ) return(err);
-
+
qnprintf( SqlBufUpdate, SQL_BUF_SIZE,
"replace into lastauth set user='%s', domain='%s', \
-remote_ip='%s', timestamp=%lu", user, domain, remoteip, time(NULL));
+remote_ip='%s', timestamp=%lu, type='%s'", user, domain, remoteip, time(NULL),
authtype);
if (mysql_query(&mysql_update,SqlBufUpdate)) {
vcreate_lastauth_table();
if (mysql_query(&mysql_update,SqlBufUpdate)) {
@@ -1302,7 +1302,7 @@
if ( (err=vauth_open_read()) != 0 ) return(err);
qnprintf( SqlBufRead, SQL_BUF_SIZE,
-"select timestamp from lastauth where user='%s' and domain='%s'",
+"select timestamp from lastauth where user='%s' and domain='%s' order by
timestamp LIMIT 1",
pw->pw_name, domain);
if (mysql_query(&mysql_read,SqlBufRead)) {
vcreate_lastauth_table();
diff -u vpopmail-5.4.32-orig/vauth.h vpopmail-5.4.32/vauth.h
--- vpopmail-5.4.32-orig/vauth.h 2010-11-08 09:02:52.0 -0600
+++ vpopmail-5.4.32/vauth.h 2010-11-09 12:46:01.627550711 -0600
@@ -68,7 +68,7 @@
void vclose();
void vclose1();
-int vset_lastauth( char *user, char *domain, char *remoteip);
+int vset_lastauth( char *user, char *domain, char *remoteip, char *authtype);
time_t vget_lastauth( struct vqpasswd *pw, char *domain);
char *vget_lastauthip( struct vqpasswd *pw, char *domain);
diff -u vpopmail-5.4.32-orig/vchkpw.c vpopmail-5.4.32/vchkpw.c
--- vpopmail-5.4.32-orig/vchkpw.c 2010-11-08 09:02:52.0 -0600
+++ vpopmail-5.4.32/vchkpw.c2010-11-09 13:16:33.795496514 -0600
@@ -579,7 +579,7 @@
#ifdef MIN_LOGIN_INTERVAL
last_time = vget_lastauth(vpw, TheDomain );
#endif
- vset_lastauth(TheUser,TheDomain,IpAddr);
+ vset_lastauth(TheUser,TheDomain,IpAddr, AuthType);
#ifdef MIN_LOGIN_INTERVAL
if(( vget_lastauth(vpw,TheDomain ) - last_time ) < MIN_LOGIN_INTERVAL ) {
vchkpw_exit(1);
diff -u vpopmail-5.4.32-orig/vmysql.c vpopmail-5.4.32/vmysql.c
--- vpopmail-5.4.32-orig/vmysql.c 2010-11-08 09:02:52.0 -0600
+++ vpopmail-5.4.32/vmysql.c2010-11-09 13:21:04.353502283 -0600
@@ -1274,15 +1274,15 @@
//
#ifdef ENABLE_AUTH_LOGGING
-int vset_lastauth(char *user, char *domain, char *remoteip )
+int vset_lastauth(char *user, char *domain, char *remoteip , char *authtype )
{
int err;
if ( (err=vauth_open_update()) != 0 ) return(err);
-
+
qnprintf( SqlBufUpdate, SQL_BUF_SIZE,
"replace into lastauth set user='%s', domain='%s', \
-remote_ip='%s', timestamp=%lu", user, domain, remoteip, time(NULL));
+remote_ip='%s', timestamp=%lu, type='%s'", user, domain, remoteip, time(NULL),
authtype);
if (mysql_query(&mysql_update,SqlBufUpdate)) {
vcreate_lastauth_table();
if (mysql_query(&mysql_update,SqlBufUpdate)) {
@@ -1302,7 +1302,7 @@
if ( (err=vauth_open_read()) != 0 ) return(err);
qnprintf( SqlBufRead, SQL_BUF_SIZE,
-"select timestamp from lastauth where user='%s' and domain='%s'",
+"select timestamp from lastauth where user='%s' and domain='%s' order by
timestamp LIMIT 1",
pw->pw_name, domain);
if (mysql_query(&mysql_read,SqlBufRead)) {
vcreate_lastauth_table();
diff -u v
