diff options
author | David Sommerseth <dazo@users.sourceforge.net> | 2009-09-02 11:16:27 +0200 |
---|---|---|
committer | David Sommerseth <dazo@users.sourceforge.net> | 2009-09-02 11:16:27 +0200 |
commit | 24a616cde6bb533a2b94e807fc2257366b5d5be7 (patch) | |
tree | d506f3e134d0c6da39641df71e0a995791411ccb /database/sqlite/administration/usercerts.c | |
parent | b302dbcfc6c8d6d23024ab93da30f80b9fe6cb5e (diff) | |
download | eurephia-24a616cde6bb533a2b94e807fc2257366b5d5be7.tar.gz eurephia-24a616cde6bb533a2b94e807fc2257366b5d5be7.tar.xz eurephia-24a616cde6bb533a2b94e807fc2257366b5d5be7.zip |
Rearranged some files in the sqlite3 driver
Diffstat (limited to 'database/sqlite/administration/usercerts.c')
-rw-r--r-- | database/sqlite/administration/usercerts.c | 292 |
1 files changed, 292 insertions, 0 deletions
diff --git a/database/sqlite/administration/usercerts.c b/database/sqlite/administration/usercerts.c new file mode 100644 index 0000000..f2281a1 --- /dev/null +++ b/database/sqlite/administration/usercerts.c @@ -0,0 +1,292 @@ +/* usercerts.c -- Admin functions - user-certitificate table + * + * GPLv2 only - Copyright (C) 2008, 2009 + * David Sommerseth <dazo@users.sourceforge.net> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; version 2 + * of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + * + */ + +#include <string.h> +#include <unistd.h> +#include <assert.h> + +#include <libxml/tree.h> + +#ifndef DRIVERAPIVERSION +# define DRIVERAPIVERSION 2 +#endif + +#include <sqlite3.h> + +#include <eurephia_nullsafe.h> +#include <eurephia_context.h> +#include <eurephia_admin_struct.h> +#include <eurephia_log.h> +#include <eurephia_xml.h> +#include <eurephia_values.h> +#include <eurephiadb_session_struct.h> +#include <eurephiadb_mapping.h> + +#ifndef DRIVER_MODE +#define DRIVER_MODE +#endif + +#include "../sqlite.h" + +#define FMAP_USERCERTS +#include "../fieldmapping.h" + +void xmlReplaceChars(xmlChar *str, char s, char r); + +xmlDoc *usercerts_search(eurephiaCTX *ctx, eDBfieldMap *where_m, const char *sortkeys) { + xmlDoc *list_xml = NULL; + xmlNode *link_root_n = NULL, *link_n = NULL, *tmp_n = NULL; + dbresult *res = NULL; + xmlChar tmp[2050]; + char *dbsort = NULL; + int i; + + DEBUG(ctx, 21, "Function call: usercerts_search(ctx, eDBfieldMap, '%s')", sortkeys); + assert( ctx != NULL ); + + if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) { + eurephia_log(ctx, LOG_CRITICAL, 0, + "eurephia admin function call attempted with wrong context type"); + return NULL; + } + + if( sortkeys != NULL ) { + dbsort = eDBmkSortKeyString(tbl_sqlite_usercerts, sortkeys); + } + + res = sqlite_query_mapped(ctx, SQL_SELECT, + "SELECT uicid, ucs.uid AS uid, certid, ucs.registered AS registered," + " ucs.accessprofile AS accessprofile, access_descr," + " username, " + " common_name, organisation, email, digest, depth " + " FROM openvpn_usercerts ucs" + " LEFT JOIN openvpn_certificates USING(certid)" + " LEFT JOIN openvpn_accesses acc ON(ucs.accessprofile = acc.accessprofile)" + " LEFT JOIN openvpn_users u ON(u.uid = ucs.uid)", + NULL, // values (not used for SELECT) + where_m, // fields and values for the WHERE clause + dbsort); + if( res == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Could not query the usercerts table"); + return NULL; + } + + memset(&tmp, 0, 2050); + eurephiaXML_CreateDoc(ctx, 1, "usercerts", &list_xml, &link_root_n); + xmlStrPrintf(tmp, 64, (xmlChar *) "%i", sqlite_get_numtuples(res)); + xmlNewProp(link_root_n, (xmlChar *) "link_count", (xmlChar *) tmp); + + for( i = 0; i < sqlite_get_numtuples(res); i++ ) { + link_n = xmlNewChild(link_root_n, NULL, (xmlChar *) "usercert_link", NULL); + + sqlite_xml_value(link_n, XML_ATTR, "uicid", res, i, 0); + sqlite_xml_value(link_n, XML_ATTR, "registered", res, i, 3); + + tmp_n = sqlite_xml_value(link_n, XML_NODE, "username", res, i, 6); + sqlite_xml_value(tmp_n, XML_ATTR, "uid", res, i, 1); + + tmp_n = xmlNewChild(link_n, NULL, (xmlChar *) "certificate", NULL); + sqlite_xml_value(tmp_n, XML_ATTR, "certid", res, i, 2); + sqlite_xml_value(tmp_n, XML_ATTR, "depth", res, i, 11); + + xmlStrPrintf(tmp, 2048, (xmlChar *) "%.2048s", sqlite_get_value(res, i, 7)); + xmlReplaceChars(tmp, '_', ' '); + xmlNewChild(tmp_n, NULL, (xmlChar *) "common_name", tmp); + + xmlStrPrintf(tmp, 2048, (xmlChar *) "%.2048s", sqlite_get_value(res, i, 8)); + xmlReplaceChars(tmp, '_', ' '); + xmlNewChild(tmp_n, NULL, (xmlChar *) "organisation", tmp); + + sqlite_xml_value(tmp_n, XML_NODE, "email", res, i, 9); + sqlite_xml_value(tmp_n, XML_NODE, "digest", res, i, 10); + + tmp_n = sqlite_xml_value(link_n, XML_NODE, "access_profile", res, i, 5); + sqlite_xml_value(tmp_n, XML_ATTR, "accessprofile", res, i, 4); + } + sqlite_free_results(res); + + return list_xml; +} + + +xmlDoc *usercerts_add_del(eurephiaCTX *ctx, const char *mode, eDBfieldMap *usrcrt_m) { + xmlDoc *res = NULL; + dbresult *dbres = NULL; + + DEBUG(ctx, 21, "Function call: usercerts_add_del(ctx, xmlDoc)"); + assert( (ctx != NULL) && (usrcrt_m != NULL) ); + + if( strcmp(mode, "register") == 0 ) { + dbres = sqlite_query_mapped(ctx, SQL_INSERT, + "INSERT INTO openvpn_usercerts", usrcrt_m, NULL, NULL); + if( dbres ) { + res = eurephiaXML_ResultMsg(ctx, exmlRESULT, + "Registered new user-cert link with id %i", + dbres->last_insert_id); + } + } else if( strcmp(mode, "remove") == 0 ) { + dbres = sqlite_query_mapped(ctx, SQL_DELETE, + "DELETE FROM openvpn_usercerts", NULL, usrcrt_m, NULL); + if( dbres ) { + int num_rows = sqlite_get_affected_rows(dbres); + if( num_rows > 0 ) { + res = eurephiaXML_ResultMsg(ctx, exmlRESULT, + "Removed %i user-cert %s successfully", + num_rows, (num_rows == 1 ? "link" : "links")); + } else { + res = eurephiaXML_ResultMsg(ctx, exmlERROR, + "No user-cert links where removed"); + } + } + } + + if( dbres == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Failed to %s user-cert link.", mode); + res = eurephiaXML_ResultMsg(ctx, exmlERROR, "Failed to %s user-cert link", mode); + } else { + sqlite_free_results(dbres); + } + + return res; +} + + +xmlDoc *usercerts_update(eurephiaCTX *ctx, const char *uicid, eDBfieldMap *usrcrt_m) { + xmlNode *where_n = NULL; + eDBfieldMap *where_m = NULL; + dbresult *dbres = NULL; + xmlDoc *where_d = NULL, *res = NULL; + + DEBUG(ctx, 21, "Function call: usercerts_update(ctx, '%s', eDBfieldMap)", uicid); + assert( ctx != NULL && uicid != NULL && usrcrt_m != NULL ); + + // Create a eDBfieldMap which will contain the uicid value + eurephiaXML_CreateDoc(ctx, 1, "usercerts", &where_d, &where_n); + assert( (where_d != NULL) && (where_n != NULL) ); + + where_n = xmlNewChild(where_n, NULL, (xmlChar *) "fieldMapping", NULL); + xmlNewProp(where_n, (xmlChar *) "table", (xmlChar *) "usercerts"); + xmlNewChild(where_n, NULL, (xmlChar *) "uicid", (xmlChar *) uicid); + + // Convert xmlNode with fieldMapping into a eDBfieldMap + where_m = eDBxmlMapping(ctx, tbl_sqlite_usercerts, NULL, where_n); + assert( where_m != NULL ); + + // Send update query to the database + dbres = sqlite_query_mapped(ctx, SQL_UPDATE, "UPDATE openvpn_usercerts", + usrcrt_m, where_m, NULL); + if( dbres ) { + int num_rows = sqlite_get_affected_rows(dbres); + if( num_rows > 0 ) { + res = eurephiaXML_ResultMsg(ctx, exmlRESULT, + "Updated firewall access profile on %i user-cert %s.", + num_rows, (num_rows == 1 ? "link" : "links")); + } else { + res = eurephiaXML_ResultMsg(ctx, exmlERROR, + "No user-cert links where updated"); + } + sqlite_free_results(dbres); + } else { + eurephia_log(ctx, LOG_ERROR, 0, "Failed to update user-cert link.(uicid: %s)", uicid); + res = eurephiaXML_ResultMsg(ctx, exmlERROR, + "Failed to update user-cert link for uicid %s", uicid); + } + eDBfreeMapping(where_m); + xmlFreeDoc(where_d); + + return res; +} + + +// The XML document format: +// <eurephia format="1"> +// <usercerts mode="{search|register|remove|update}" [uicid="{uicid}"]> +// <fieldMapping table="usercerts"> +// <{field name}>{search value}</{field name}> +// </fieldMapping> +// [<sortfields>{field name}[, {field name},...]</sortfields>] <!-- Only for mode='search' --> +// </usercerts +// </eurehpia> +// +// It can be several field name tags to limit the search even more. +// If mode is 'update' the 'uicid' attribute must be present in the usercerts tag. +// +xmlDoc *eDBadminUserCertsLink(eurephiaCTX *ctx, xmlDoc *usrcrt_xml) { + xmlNode *usrcrt_n = NULL, *tmp_n = NULL; + xmlDoc *resxml = NULL; + eDBfieldMap *usrcrt_m = NULL; + const char *mode = NULL, *sortfields = NULL, *uicid = NULL; + + DEBUG(ctx, 20, "Function call: eDBadminUserCertsLink(ctx, xmlDoc)"); + assert( (ctx != NULL) && (usrcrt_xml != NULL) ); + + if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) { + eurephia_log(ctx, LOG_CRITICAL, 0, + "eurephia admin function call attempted with wrong context type"); + return 0; + } + + usrcrt_n = eurephiaXML_getRoot(ctx, usrcrt_xml, "usercerts", 1); + if( usrcrt_n == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Could not find a valid XML for the user-certs link request"); + return 0; + } + mode = xmlGetAttrValue(usrcrt_n->properties, "mode"); + if( mode == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Invalid user-cert link request (1)."); + return 0; + } + + tmp_n = xmlFindNode(usrcrt_n, "sortfields"); + if( tmp_n ) { + sortfields = xmlExtractContent(tmp_n); + } + + tmp_n = xmlFindNode(usrcrt_n, "fieldMapping"); + if( tmp_n == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Invalid user-cert link request (2)."); + return 0; + } + usrcrt_m = eDBxmlMapping(ctx, tbl_sqlite_usercerts, NULL, tmp_n); + assert(usrcrt_m != NULL); + + + if( strcmp(mode, "search") == 0 ) { + resxml = usercerts_search(ctx, usrcrt_m, sortfields); + } else if( strcmp(mode, "register") == 0 ) { + resxml = usercerts_add_del(ctx, mode, usrcrt_m); + } else if( strcmp(mode, "remove") == 0 ) { + resxml = usercerts_add_del(ctx, mode, usrcrt_m); + } else if( strcmp(mode, "update") == 0 ) { + uicid = xmlGetAttrValue(usrcrt_n->properties, "uicid"); + if( uicid == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Missing required attribute, uicid, for updates"); + resxml = eurephiaXML_ResultMsg(ctx, exmlERROR, + "Can not set firewall access profile without uicid"); + goto exit; + } + resxml = usercerts_update(ctx, uicid, usrcrt_m); + } + + exit: + eDBfreeMapping(usrcrt_m); + return resxml; +} |