[PATCH 11/12] radius/db: Improve error messages related to EAP DB.

greearb at candelatech.com greearb
Thu Mar 26 14:39:57 PDT 2015 

From: Ben Greear <greearb at candelatech.com>

Add sqlite error message and DB name to the DB related
errors.  Add enough tracing so that users can know exactly
where users are failing to be found.

Signed-off-by: Ben Greear <greearb at candelatech.com>
---
 src/ap/authsrv.c           | 13 +++++++++----
 src/ap/eap_user_db.c       | 11 ++++++++---
 src/ap/ieee802_1x.c        | 13 +++++++++----
 src/radius/radius_server.c |  3 +++
 4 files changed, 29 insertions(+), 11 deletions(-)

diff --git a/src/ap/authsrv.c b/src/ap/authsrv.c
index bd1778e..fdc7089 100644
--- a/src/ap/authsrv.c
+++ b/src/ap/authsrv.c
@@ -55,10 +55,11 @@ static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity,
 {
 	const struct hostapd_eap_user *eap_user;
 	int i;
+	int rv = -1;
 
 	eap_user = hostapd_get_eap_user(ctx, identity, identity_len, phase2);
 	if (eap_user == NULL)
-		return -1;
+		goto out;
 
 	if (user == NULL)
 		return 0;
@@ -72,7 +73,7 @@ static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity,
 	if (eap_user->password) {
 		user->password = os_malloc(eap_user->password_len);
 		if (user->password == NULL)
-			return -1;
+			goto out;
 		os_memcpy(user->password, eap_user->password,
 			  eap_user->password_len);
 		user->password_len = eap_user->password_len;
@@ -83,8 +84,12 @@ static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity,
 	user->ttls_auth = eap_user->ttls_auth;
 	user->remediation = eap_user->remediation;
 	user->accept_attr = eap_user->accept_attr;
-
-	return 0;
+	rv = 0;
+out:
+	if (rv != 0) {
+		wpa_printf(MSG_DEBUG, "%s: Failed to find user.", __func__);
+	}
+	return rv;
 }
 
 
diff --git a/src/ap/eap_user_db.c b/src/ap/eap_user_db.c
index 559d77f..94491ac 100644
--- a/src/ap/eap_user_db.c
+++ b/src/ap/eap_user_db.c
@@ -138,8 +138,11 @@ eap_user_sqlite_get(struct hostapd_data *hapd, const u8 *identity,
 	char id_str[256], cmd[300];
 	size_t i;
 
-	if (identity_len >= sizeof(id_str))
+	if (identity_len >= sizeof(id_str)) {
+		wpa_printf(MSG_DEBUG, "%s:  id len too big: %d  %d",
+			   __func__, (int)(identity_len), (int)(sizeof(id_str)));
 		return NULL;
+	}
 	os_memcpy(id_str, identity, identity_len);
 	id_str[identity_len] = '\0';
 	for (i = 0; i < identity_len; i++) {
@@ -182,7 +185,8 @@ eap_user_sqlite_get(struct hostapd_data *hapd, const u8 *identity,
 	wpa_printf(MSG_DEBUG, "DB: %s", cmd);
 	if (sqlite3_exec(db, cmd, get_user_cb, &hapd->tmp_eap_user, NULL) !=
 	    SQLITE_OK) {
-		wpa_printf(MSG_DEBUG, "DB: Failed to complete SQL operation");
+		wpa_printf(MSG_DEBUG, "DB: Failed to complete SQL operation: %s  db: %s",
+			   sqlite3_errmsg(db), hapd->conf->eap_user_sqlite);
 	} else if (hapd->tmp_eap_user.next)
 		user = &hapd->tmp_eap_user;
 
@@ -193,7 +197,8 @@ eap_user_sqlite_get(struct hostapd_data *hapd, const u8 *identity,
 		if (sqlite3_exec(db, cmd, get_wildcard_cb, &hapd->tmp_eap_user,
 				 NULL) != SQLITE_OK) {
 			wpa_printf(MSG_DEBUG, "DB: Failed to complete SQL "
-				   "operation");
+				   "operation: %s  db: %s",
+				   sqlite3_errmsg(db), hapd->conf->eap_user_sqlite);
 		} else if (hapd->tmp_eap_user.next) {
 			user = &hapd->tmp_eap_user;
 			os_free(user->identity);
diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c
index 79dc0f9..3da1b90 100644
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -1926,10 +1926,11 @@ static int ieee802_1x_get_eap_user(void *ctx, const u8 *identity,
 	struct hostapd_data *hapd = ctx;
 	const struct hostapd_eap_user *eap_user;
 	int i;
+	int rv = -1;
 
 	eap_user = hostapd_get_eap_user(hapd, identity, identity_len, phase2);
 	if (eap_user == NULL)
-		return -1;
+		goto out;
 
 	os_memset(user, 0, sizeof(*user));
 	user->phase2 = phase2;
@@ -1941,7 +1942,7 @@ static int ieee802_1x_get_eap_user(void *ctx, const u8 *identity,
 	if (eap_user->password) {
 		user->password = os_malloc(eap_user->password_len);
 		if (user->password == NULL)
-			return -1;
+			goto out;
 		os_memcpy(user->password, eap_user->password,
 			  eap_user->password_len);
 		user->password_len = eap_user->password_len;
@@ -1951,8 +1952,12 @@ static int ieee802_1x_get_eap_user(void *ctx, const u8 *identity,
 	user->macacl = eap_user->macacl;
 	user->ttls_auth = eap_user->ttls_auth;
 	user->remediation = eap_user->remediation;
-
-	return 0;
+	rv = 0;
+out:
+	if (rv != 0) {
+		wpa_printf(MSG_DEBUG, "%s: Failed to find user.", __func__);
+	}
+	return rv;
 }
 
 
diff --git a/src/radius/radius_server.c b/src/radius/radius_server.c
index 85a485e..3bb296a 100644
--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
@@ -2035,6 +2035,9 @@ static int radius_server_get_eap_user(void *ctx, const u8 *identity,
 		sess->remediation = user->remediation;
 		sess->macacl = user->macacl;
 	}
+	if (ret != 0) {
+		RADIUS_DEBUG("%s: User-Name not found from user database", __func__);
+	}
 	return ret;
 }
 
-- 
1.9.3

More information about the Hostap mailing list