diff --git a/PAM/ssh/include/rublon/configuration.hpp b/PAM/ssh/include/rublon/configuration.hpp index a6aee8b..8a2ddb6 100644 --- a/PAM/ssh/include/rublon/configuration.hpp +++ b/PAM/ssh/include/rublon/configuration.hpp @@ -87,7 +87,7 @@ class ConfigurationReader { if(it == keyValues.end()) { return std::nullopt; } - + return string{it->second.data(), it->second.size(), memoryResource}; }; @@ -122,7 +122,7 @@ class ConfigurationReader { std::pmr::string val{&memoryResource}; val = it->second; - std::transform(val.begin(), val.end(), val.begin(), [](unsigned char c) { return static_cast< char >(std::tolower(c)); }); + std::transform(val.begin(), val.end(), val.begin(), [](auto c) { return std::tolower(c); }); if(val == "1" || val == "true" || val == "yes" || val == "on") return true; @@ -136,6 +136,7 @@ class ConfigurationReader { if(it == keyValues.end()) return std::nullopt; auto val = it->second; + std::transform(val.begin(), val.end(), val.begin(), [](auto c) { return std::tolower(c); }); if(val == "bypass") return FailMode::bypass; if(val == "deny") @@ -200,10 +201,9 @@ class ConfigurationReader { return true; }; - auto toLowerCaseOpt = [](auto str) { + auto toLowerCaseOpt = [](auto & str) { if(str) std::transform(str->cbegin(), str->cend(), str->begin(), [](auto c) { return std::tolower(c); }); - return str; }; /// NOTE: @@ -246,8 +246,8 @@ class ConfigurationReader { // reading proxy configuration config.proxyEnabled = getBool("proxyEnabled").value_or(false); - config.proxyType = toLowerCaseOpt(getStringOpt("proxyType")); - config.proxyHost = toLowerCaseOpt(getStringOpt("proxyHost")); + config.proxyType = getStringOpt("proxyType"); + config.proxyHost = getStringOpt("proxyHost"); // Apply fallback if no config is set if(config.proxyEnabled && (!config.proxyType || config.proxyType->empty()) && (!config.proxyHost || config.proxyHost->empty())) { @@ -289,15 +289,12 @@ class ConfigurationReader { } } - auto defaultProxyPort = [&]() -> int { - memory::MonotonicStackResource< 32 > memoryResource; + toLowerCaseOpt(config.proxyType); + toLowerCaseOpt(config.proxyHost); - if(config.proxyType) { - std::pmr::string val{*config.proxyType, &memoryResource}; - std::transform(val.begin(), val.end(), val.begin(), [](auto c) { return std::tolower(c); }); - if(val.find("socks") != std::pmr::string::npos) { - return 1080; - } + auto defaultProxyPort = [&]() -> int { + if(config.proxyType.value_or("").find("socks") != std::pmr::string::npos) { + return 1080; } return 8080; }; diff --git a/PAM/ssh/include/rublon/error_handler.hpp b/PAM/ssh/include/rublon/error_handler.hpp index 0894183..b621ea4 100644 --- a/PAM/ssh/include/rublon/error_handler.hpp +++ b/PAM/ssh/include/rublon/error_handler.hpp @@ -44,7 +44,7 @@ class ErrorHandler { } if(error.is< ConnectionError >()) { - if(config.failMode != FailMode::deny) { + if(config.failMode == FailMode::bypass) { pam.print("Incorrect response from the Rublon API, user bypassed"); return AuthenticationStatus::Action::Bypass; } else { diff --git a/PAM/ssh/include/rublon/utils.hpp b/PAM/ssh/include/rublon/utils.hpp index d846fe0..2c1926c 100755 --- a/PAM/ssh/include/rublon/utils.hpp +++ b/PAM/ssh/include/rublon/utils.hpp @@ -7,8 +7,9 @@ #include #include #include -#include +#include #include +#include #include #include @@ -84,12 +85,18 @@ namespace details { return logPath(); } - inline void doLog(LogLevel level, const char * line) noexcept { + inline void doLog(LogLevel level, std::string_view line) noexcept { auto fp = std::unique_ptr< FILE, int (*)(FILE *) >(fopen(initLog(), "a+"), fclose); if(fp) { + auto newl = line.back() == '\n' ? "" : "\n"; /// TODO add transaction ID - fprintf( - fp.get(), "%s %s[%s] %s\n", dateStr().c_str(), application == nullptr ? "" : application, LogLevelNames[( int ) level], line); + fprintf(fp.get(), + "%s %s[%s] %s%s", + dateStr().c_str(), + application == nullptr ? "" : application, + LogLevelNames[( int ) level], + line.data(), + newl); if(syncLogFile) sync(); } @@ -111,8 +118,8 @@ void log(LogLevel level, const char * fmt, Ti &&... ti) noexcept { return; constexpr auto maxEntryLength = 1000; std::array< char, maxEntryLength > line; - snprintf(line.data(), maxEntryLength, fmt, std::forward< Ti >(ti)...); - details::doLog(level, line.data()); + auto len = snprintf(line.data(), maxEntryLength, fmt, std::forward< Ti >(ti)...); + details::doLog(level, {line.data(), len}); } class PrintUser { @@ -157,8 +164,8 @@ namespace conv { constexpr auto max = std::numeric_limits< uint32_t >::digits10 + 1; if(userinput.empty() || userinput.size() >= max) return std::nullopt; // Avoid large or empty inputs - - char buffer[max]={0}; + + char buffer[max] = {0}; std::memcpy(buffer, userinput.data(), userinput.size()); buffer[userinput.size()] = '\0'; // Ensure null termination @@ -167,7 +174,7 @@ namespace conv { long result = std::strtol(buffer, &endptr, 10); - if(errno == ERANGE || endptr != buffer + userinput.size() || result < 0 || result > std::numeric_limits::max()) { + if(errno == ERANGE || endptr != buffer + userinput.size() || result < 0 || result > std::numeric_limits< uint32_t >::max()) { return std::nullopt; } diff --git a/PAM/ssh/include/rublon/websockets.hpp b/PAM/ssh/include/rublon/websockets.hpp index 47ffbf9..38328a3 100644 --- a/PAM/ssh/include/rublon/websockets.hpp +++ b/PAM/ssh/include/rublon/websockets.hpp @@ -64,7 +64,7 @@ class WebSocket { }; if(_config.get().logging) { - lws_set_log_level(LLL_ERR | LLL_WARN | LLL_NOTICE | LLL_INFO | LLL_DEBUG | LLL_HEADER, lws_log_emit); + lws_set_log_level(LLL_ERR | LLL_WARN | LLL_NOTICE | LLL_INFO | LLL_DEBUG, lws_log_emit); } else { lws_set_log_level(LLL_ERR | LLL_WARN, lws_log_emit); }