Merge branch 'develop'

assets/buildinfo.txt

@@ -1,8 +1,8 @@
-BuildVersion=latest v8.0.7 2024-10-09 12:43:22
+BuildVersion=latest v8.0.7 2024-10-09 14:12:13
 ReleaseVersion=v8.0.7
-BuildTime=2024-10-09 12:43:22
+BuildTime=2024-10-09 14:12:13
 BuildName=toughradius
-CommitID=7a0e1adf0260dd93bb0ad92d9d30c6ce13594984
-CommitDate=Fri, 24 May 2024 12:10:21 +0800
+CommitID=f33f34d9a034dd98d3c86db4da716be2b3db96e0
+CommitDate=Wed, 9 Oct 2024 14:11:52 +0800
 [email protected]
-CommitSubject=2024-05-24 12:10:02 : fix radius account update bug
+CommitSubject=Refactor panic messages in GetCurrUser and GetCurrUserlevel functions

common/zaplog/log/say.go

@@ -29,7 +29,7 @@ func Warn(args ...interface{}) {
 	zap.S().Warn(args...)
 }
 
-func Warn2(msg string, fields ...zap.Field) {
+func WarnDetail(msg string, fields ...zap.Field) {
 	defer zap.L().Sync()
 	zap.L().Warn(msg, fields...)
 }
@@ -40,7 +40,7 @@ func Error(args ...interface{}) {
 	zap.S().Error(args...)
 }
 
-func Error2(msg string, fields ...zap.Field) {
+func ErrorDetail(msg string, fields ...zap.Field) {
 	defer zap.L().Sync()
 	zap.L().Error(msg, fields...)
 }

config/config.go

@@ -47,12 +47,13 @@ type FreeradiusConfig struct {
 }
 
 type RadiusdConfig struct {
-	Enabled    bool   `yaml:"enabled" json:"enabled"`
-	Host       string `yaml:"host" json:"host"`
-	AuthPort   int    `yaml:"auth_port" json:"auth_port"`
-	AcctPort   int    `yaml:"acct_port" json:"acct_port"`
-	RadsecPort int    `yaml:"radsec_port" json:"radsec_port"`
-	Debug      bool   `yaml:"debug" json:"debug"`
+	Enabled      bool   `yaml:"enabled" json:"enabled"`
+	Host         string `yaml:"host" json:"host"`
+	AuthPort     int    `yaml:"auth_port" json:"auth_port"`
+	AcctPort     int    `yaml:"acct_port" json:"acct_port"`
+	RadsecPort   int    `yaml:"radsec_port" json:"radsec_port"`
+	RadsecWorker int    `yaml:"radsec_worker" json:"radsec_worker"`
+	Debug        bool   `yaml:"debug" json:"debug"`
 }
 
 // Tr069Config tr069 API 配置
@@ -211,6 +212,7 @@ var DefaultAppConfig = &AppConfig{
 		AuthPort:   1812,
 		AcctPort:   1813,
 		RadsecPort: 2083,
+		RadsecWorker: 100,
 		Debug:      true,
 	},
 	Logger: LogConfig{
@@ -269,6 +271,7 @@ func LoadConfig(cfile string) *AppConfig {
 	setEnvIntValue("TOUGHRADIUS_RADIUS_AUTHPORT", &cfg.Radiusd.AuthPort)
 	setEnvIntValue("TOUGHRADIUS_RADIUS_ACCTPORT", &cfg.Radiusd.AcctPort)
 	setEnvIntValue("TOUGHRADIUS_RADIUS_RADSEC_PORT", &cfg.Radiusd.RadsecPort)
+	setEnvIntValue("TOUGHRADIUS_RADIUS_RADSEC_WORKER", &cfg.Radiusd.RadsecWorker)
 	setEnvBoolValue("TOUGHRADIUS_RADIUS_DEBUG", &cfg.Radiusd.Debug)
 	setEnvBoolValue("TOUGHRADIUS_RADIUS_ENABLED", &cfg.Radiusd.Enabled)
 

freeradius/handlers.go

@@ -60,7 +60,7 @@ func (s *FreeradiusServer) FreeradiusAuthorize(c echo.Context) error {
 	var user models.RadiusUser
 	err := app.GDB().Where("username=?", username).First(&user).Error
 	if err != nil {
-		log.Error2("radius auth error",
+		log.ErrorDetail("radius auth error",
 			zap.String("namespace", "freeradius"),
 			zap.String("username", username),
 			zap.String("nasip", nasip),
@@ -72,7 +72,7 @@ func (s *FreeradiusServer) FreeradiusAuthorize(c echo.Context) error {
 
 	// Check user status
 	if user.Status == common.DISABLED {
-		log.Error2("radius auth error",
+		log.ErrorDetail("radius auth error",
 			zap.String("namespace", "freeradius"),
 			zap.String("username", username),
 			zap.String("nasip", nasip),
@@ -84,7 +84,7 @@ func (s *FreeradiusServer) FreeradiusAuthorize(c echo.Context) error {
 	var expireTime = time.Time(user.ExpireTime)
 	// Check user expiration
 	if expireTime.Before(time.Now()) {
-		log.Error2("radius auth error",
+		log.ErrorDetail("radius auth error",
 			zap.String("namespace", "freeradius"),
 			zap.String("username", username),
 			zap.String("nasip", nasip),
@@ -97,7 +97,7 @@ func (s *FreeradiusServer) FreeradiusAuthorize(c echo.Context) error {
 	// Current number online
 	count, err := getOnlineCount(username)
 	if err != nil {
-		log.Error2("radius auth error",
+		log.ErrorDetail("radius auth error",
 			zap.String("namespace", "freeradius"),
 			zap.String("username", username),
 			zap.String("nasip", nasip),
@@ -108,7 +108,7 @@ func (s *FreeradiusServer) FreeradiusAuthorize(c echo.Context) error {
 	}
 	var activeNum = user.ActiveNum
 	if count > 0 && activeNum > 0 && count >= int64(activeNum) {
-		log.Error2("radius auth error",
+		log.ErrorDetail("radius auth error",
 			zap.String("namespace", "freeradius"),
 			zap.String("username", username),
 			zap.String("nasip", nasip),
@@ -176,7 +176,7 @@ func (s *FreeradiusServer) FreeradiusAccounting(c echo.Context) error {
 	nasip := webform.GetVal("nasip")
 	err := updateRadiusOnline(webform)
 	if err != nil {
-		log.Error2("radius accounting error",
+		log.ErrorDetail("radius accounting error",
 			zap.String("namespace", "freeradius"),
 			zap.String("username", username),
 			zap.String("nasip", nasip),

toughradius/acct_ops.go

@@ -36,7 +36,7 @@ func (s *AcctService) DoAcctDisconnect(r *radius.Request, vpe *models.NetVpe, us
 	_ = rfc2866.AcctSessionID_Set(packet, []byte(sessionid))
 	response, err := radius.Exchange(context.Background(), packet, fmt.Sprintf("%s:%d", nasrip, vpe.CoaPort))
 	if err != nil {
-		log.Error2("radius disconnect error",
+		log.ErrorDetail("radius disconnect error",
 			zap.String("namespace", "radius"),
 			zap.String("username", username),
 			zap.Error(err),

toughradius/acct_start.go

@@ -11,15 +11,15 @@ func (s *AcctService) DoAcctStart(r *radius.Request, vr *VendorRequest, username
 	online := GetNetRadiusOnlineFromRequest(r, vr, vpe, nasrip)
 	err := s.AddRadiusOnline(online)
 	if err != nil {
-		log.Error2("add radius online error",
+		log.ErrorDetail("add radius online error",
 			zap.String("namespace", "radius"),
 			zap.String("username", username),
 			zap.Error(err),
 		)
 	}
 
 	if err = s.AddRadiusAccounting(online, true); err != nil {
-		log.Error2("add radius accounting error",
+		log.ErrorDetail("add radius accounting error",
 			zap.String("namespace", "radius"),
 			zap.String("username", username),
 			zap.Error(err),

toughradius/acct_stop.go

@@ -12,7 +12,7 @@ func (s *AcctService) DoAcctStop(r *radius.Request, vr *VendorRequest, username
 	if err := s.EndRadiusAccounting(online); err != nil {
 		err := s.AddRadiusAccounting(online, false)
 		if err != nil {
-			log.Error2("add radius accounting error",
+			log.ErrorDetail("add radius accounting error",
 				zap.String("namespace", "radius"),
 				zap.String("username", username),
 				zap.Error(err),
@@ -21,7 +21,7 @@ func (s *AcctService) DoAcctStop(r *radius.Request, vr *VendorRequest, username
 	}
 
 	if err := s.RemoveRadiusOnline(online.AcctSessionId); err != nil {
-		log.Error2("remove radius online error",
+		log.ErrorDetail("remove radius online error",
 			zap.String("namespace", "radius"),
 			zap.String("username", username),
 			zap.Error(err),

toughradius/acct_update.go

@@ -33,7 +33,7 @@ func (s *AcctService) DoAcctUpdate(r *radius.Request, vr *VendorRequest, usernam
 	if !exists {
 		err := s.AddRadiusOnline(online)
 		if err != nil {
-			log.Error2("add radius online error",
+			log.ErrorDetail("add radius online error",
 				zap.String("namespace", "radius"),
 				zap.String("username", username),
 				zap.Error(err),
@@ -44,7 +44,7 @@ func (s *AcctService) DoAcctUpdate(r *radius.Request, vr *VendorRequest, usernam
 	// 更新在线信息
 	err := s.UpdateRadiusOnlineData(online)
 	if err != nil {
-		log.Error2("update radius online error",
+		log.ErrorDetail("update radius online error",
 			zap.String("namespace", "radius"),
 			zap.String("username", username),
 			zap.Error(err),

toughradius/radius.go

@@ -65,6 +65,7 @@ type RadiusService struct {
 	EapStateCache map[string]EapState
 	TaskPool      *ants.Pool
 	arclock       sync.Mutex
+	eaplock       sync.Mutex
 }
 
 func NewRadiusService() *RadiusService {
@@ -81,7 +82,7 @@ func NewRadiusService() *RadiusService {
 		TaskPool:      pool,
 		RejectCache: &RejectCache{
 			Items: make(map[string]*RejectItem),
-			Lock:  sync.Mutex{},
+			Lock:  sync.RWMutex{},
 		}}
 	return s
 }
@@ -149,44 +150,30 @@ func (s *RadiusService) GetUserForAcct(username string) (user *models.RadiusUser
 	return user, nil
 }
 
-func (s *RadiusService) UpdateUserMac(username string, macaddr string) {
+func (s *RadiusService) UpdateUserField(username string, field string, value interface{}) {
 	err := app.GDB().
 		Model(&models.RadiusUser{}).
 		Where("username = ?", username).
-		Update("mac_addr", macaddr).Error
+		Update(field, value).Error
 	if err != nil {
-		log.Error2("update user mac error", zap.Error(err), zap.String("namespace", "radius"))
+		log.ErrorDetail(fmt.Sprintf("update user %s error", field), zap.Error(err), zap.String("namespace", "radius"))
 	}
 }
 
+func (s *RadiusService) UpdateUserMac(username string, macaddr string) {
+	s.UpdateUserField(username, "mac_addr", macaddr)
+}
+
 func (s *RadiusService) UpdateUserVlanid1(username string, vlanid1 int) {
-	err := app.GDB().
-		Model(&models.RadiusUser{}).
-		Where("username = ?", username).
-		Update("vlanid1", vlanid1).Error
-	if err != nil {
-		log.Error2("update user vlanid1 error", zap.Error(err), zap.String("namespace", "radius"))
-	}
+	s.UpdateUserField(username, "vlanid1", vlanid1)
 }
 
 func (s *RadiusService) UpdateUserVlanid2(username string, vlanid2 int) {
-	err := app.GDB().
-		Model(&models.RadiusUser{}).
-		Where("username = ?", username).
-		Update("vlanid2", vlanid2).Error
-	if err != nil {
-		log.Error2("update user vlanid2 error", zap.Error(err), zap.String("namespace", "radius"))
-	}
+	s.UpdateUserField(username, "vlanid2", vlanid2)
 }
 
 func (s *RadiusService) UpdateUserLastOnline(username string) {
-	err := app.GDB().
-		Model(&models.RadiusUser{}).
-		Where("username = ?", username).
-		Update("last_online", time.Now()).Error
-	if err != nil {
-		log.Error2("update user last online error", zap.Error(err), zap.String("namespace", "radius"))
-	}
+	s.UpdateUserField(username, "last_online", time.Now())
 }
 
 func (s *RadiusService) GetIntConfig(name string, defval int64) int64 {
@@ -421,6 +408,8 @@ func (s *RadiusService) CheckRequestSecret(r *radius.Packet, secret []byte) {
 
 // State add
 func (s *RadiusService) AddEapState(stateid, username string, challenge []byte, eapMethad string) {
+	s.eaplock.Lock()
+	defer s.eaplock.Unlock()
 	s.EapStateCache[stateid] = EapState{
 		Username:  username,
 		StateID:   stateid,
@@ -432,6 +421,8 @@ func (s *RadiusService) AddEapState(stateid, username string, challenge []byte,
 
 // State get
 func (s *RadiusService) GetEapState(stateid string) (state *EapState, err error) {
+	s.eaplock.Lock()
+	defer s.eaplock.Unlock()
 	val, ok := s.EapStateCache[stateid]
 	if ok {
 		return &val, nil
@@ -441,5 +432,7 @@ func (s *RadiusService) GetEapState(stateid string) (state *EapState, err error)
 
 // State delete
 func (s *RadiusService) DeleteEapState(stateid string) {
+	s.eaplock.Lock()
+	defer s.eaplock.Unlock()
 	delete(s.EapStateCache, stateid)
 }

toughradius/radius_acct.go

@@ -27,7 +27,7 @@ func (s *AcctService) ServeRADIUS(w radius.ResponseWriter, r *radius.Request) {
 		if ret := recover(); ret != nil {
 			err, ok := ret.(error)
 			if ok {
-				log.Error2("radius accounting error",
+				log.ErrorDetail("radius accounting error",
 					zap.Error(err),
 					zap.String("namespace", "radius"),
 					zap.String("metrics", app.MetricsRadiusAcctDrop),
@@ -73,7 +73,6 @@ func (s *AcctService) ServeRADIUS(w radius.ResponseWriter, r *radius.Request) {
 
 	vendorReq := s.ParseVendor(r, vpe.VendorCode)
 
-
 	s.SendResponse(w, r)
 
 	log.Info2("radius accounting",
@@ -116,7 +115,7 @@ func (s *AcctService) SendResponse(w radius.ResponseWriter, r *radius.Request) {
 	resp := r.Response(radius.CodeAccountingResponse)
 	err := w.Write(resp)
 	if err != nil {
-		log.Error2("radius accounting response error",
+		log.ErrorDetail("radius accounting response error",
 			zap.Error(err),
 			zap.String("namespace", "radius"),
 			zap.String("metrics", app.MetricsRadiusAcctDrop),

toughradius/radius_auth.go

@@ -27,15 +27,15 @@ func (s *AuthService) ServeRADIUS(w radius.ResponseWriter, r *radius.Request) {
 			switch ret.(type) {
 			case error:
 				err := ret.(error)
-				log.Error2("radius auth error",
+				log.ErrorDetail("radius auth error",
 					zap.Error(err),
 					zap.String("namespace", "radius"),
 					zap.String("metrics", app.MetricsRadiusAuthDrop),
 				)
 				s.SendReject(w, r, err)
 			case AuthError:
 				err := ret.(AuthError)
-				log.Error2("radius auth error",
+				log.ErrorDetail("radius auth error",
 					zap.String("namespace", "radius"),
 					zap.String("metrics", err.Type),
 					zap.Error(err.Err),
@@ -284,7 +284,7 @@ func (s *AuthService) SendAccept(w radius.ResponseWriter, r *radius.Request, res
 		if ret := recover(); ret != nil {
 			err2, ok := ret.(error)
 			if ok {
-				log.Error2("radius write accept error",
+				log.ErrorDetail("radius write accept error",
 					zap.String("namespace", "radius"),
 					zap.String("metrics", app.MetricsRadiusAuthDrop),
 					zap.Error(err2),
@@ -311,7 +311,7 @@ func (s *AuthService) SendReject(w radius.ResponseWriter, r *radius.Request, err
 		if ret := recover(); ret != nil {
 			err2, ok := ret.(error)
 			if ok {
-				log.Error2("radius write reject response error",
+				log.ErrorDetail("radius write reject response error",
 					zap.String("namespace", "radius"),
 					zap.String("metrics", app.MetricsRadiusAuthDrop),
 					zap.Error(err2),
@@ -348,7 +348,7 @@ func (s *AuthService) SendEapFailureReject(w radius.ResponseWriter, r *radius.Re
 		if ret := recover(); ret != nil {
 			err2, ok := ret.(error)
 			if ok {
-				log.Error2("radius write eap reject response error",
+				log.ErrorDetail("radius write eap reject response error",
 					zap.String("namespace", "radius"),
 					zap.String("metrics", app.MetricsRadiusAuthDrop),
 					zap.Error(err2),