diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2013-05-28 16:08:38 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2013-05-28 16:08:38 +0200 |
| commit | fc4958f6e957acd72e3ec6f9a546811cdf70f4d3 (patch) | |
| tree | 8bf6d050baf35c1603f64e70bedc08c2d424924d /database/sqlite | |
| parent | bfe23dd4341de02e7981fbdbd87550cdc19d6830 (diff) | |
| parent | d4383e6b96e36120669cc6de2f2cec49aeee90f4 (diff) | |
| download | eurephia-fc4958f6e957acd72e3ec6f9a546811cdf70f4d3.tar.gz eurephia-fc4958f6e957acd72e3ec6f9a546811cdf70f4d3.tar.xz eurephia-fc4958f6e957acd72e3ec6f9a546811cdf70f4d3.zip | |
Merge auth-plugin work
This implements a authentication plug-in framework which can be
used to do username/password authentication against another backend
per user/certificate.
Conflicts:
database/eurephiadb.c
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Diffstat (limited to 'database/sqlite')
| -rw-r--r-- | database/sqlite/CMakeLists.txt | 7 | ||||
| -rw-r--r-- | database/sqlite/administration/plugins.c | 344 | ||||
| -rw-r--r-- | database/sqlite/edb-sqlite.c | 135 | ||||
| -rw-r--r-- | database/sqlite/fieldmapping.h | 12 | ||||
| -rw-r--r-- | database/sqlite/sql-schema-delta-3.sql | 38 | ||||
| -rw-r--r-- | database/sqlite/sql-schema.sql | 15 | ||||
| -rw-r--r-- | database/sqlite/sqlite.c | 1 |
7 files changed, 546 insertions, 6 deletions
diff --git a/database/sqlite/CMakeLists.txt b/database/sqlite/CMakeLists.txt index a0a2dc8..4002f02 100644 --- a/database/sqlite/CMakeLists.txt +++ b/database/sqlite/CMakeLists.txt @@ -1,6 +1,6 @@ # cmake rules for eurephia - SQLite3 database driver # -# GPLv2 only - Copyright (C) 2008 - 2012 +# GPLv2 only - Copyright (C) 2008 - 2013 # David Sommerseth <dazo@users.sourceforge.net> # # This program is free software; you can redistribute it and/or @@ -45,6 +45,8 @@ SET(edb_sqlite_SRC sqlite.c edb-sqlite.c ../../common/eurephiadb_session_common.c + ../../auth/eurephia_authplugin.c + ../../auth/eurephia_authplugin_driver.c ) IF(ADMIN_ENABLED) @@ -58,12 +60,13 @@ IF(ADMIN_ENABLED) administration/useraccount.c administration/certificates.c administration/lastlog.c + administration/plugins.c ) ENDIF(ADMIN_ENABLED) # Compiler settings ADD_DEFINITIONS(-D_GNU_SOURCE) -INCLUDE_DIRECTORIES(BEFORE ../../common/ ../../plugin/ ../../plugin/firewall ../) +INCLUDE_DIRECTORIES(BEFORE ../../common/ ../../auth/ ../../plugin/ ../../plugin/firewall ../) # # Build instructions diff --git a/database/sqlite/administration/plugins.c b/database/sqlite/administration/plugins.c new file mode 100644 index 0000000..4816437 --- /dev/null +++ b/database/sqlite/administration/plugins.c @@ -0,0 +1,344 @@ +/* plugins.c -- Functions for managing eurephia plug-ins + * + * GPLv2 only - Copyright (C) 2009 - 2012 + * David Sommerseth <dazo@users.sourceforge.net> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; version 2 + * of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + * + */ + +/** + * @file sqlite/administration/plugins.c + * @author David Sommerseth <dazo@users.sourceforge.net> + * @date 2009-03-28 + * + * @brief Functions for managing eurephia plug-ins + * + */ + +#include <string.h> +#include <unistd.h> +#include <assert.h> + +#include <libxml/tree.h> + +#include <sqlite3.h> + +#include <eurephia_nullsafe.h> +#include <eurephia_context.h> +#include <eurephia_log.h> +#include <eurephia_xml.h> +#include <eurephia_values.h> +#include <eurephiadb_session_struct.h> +#include <eurephiadb_mapping.h> +#include <passwd.h> + +#include "../sqlite.h" + +#define FMAP_PLUGINS +#include "../fieldmapping.h" + + +/** + * Internal function. Queries the database for a list of plug-ins + * + * @param ctx eurephiaCTX + * @param fmap eDBfieldMap containing the search criteria + * + * @return Returns a valid eurephia XML document on success, otherwise NULL + */ +static xmlDoc *plugins_search(eurephiaCTX *ctx, eDBfieldMap *fmap) +{ + dbresult *res = NULL; + xmlDoc *doc = NULL; + xmlNode *root_n = NULL, *rec_n = NULL; + int i = 0; + + // Query the database for accesses + res = sqlite_query_mapped(ctx, SQL_SELECT, + "SELECT plgname, plgtype, plgdsofile, plgconfig," + " plgenabled, plgid" + " FROM eurephia_plugins", + NULL, fmap, "plgname"); + if( sqlite_query_status(res) != dbSUCCESS ) { + eurephia_log(ctx, LOG_ERROR, 0, "Error querying the database for plugins"); + sqlite_log_error(ctx, res); + sqlite_free_results(res); + return NULL; + } + + eurephiaXML_CreateDoc(ctx, 1, "plugins", &doc, &root_n); + xmlNewProp(root_n, (xmlChar *) "mode", (xmlChar *) "list"); + + for( i = 0; i < sqlite_get_numtuples(res); i++ ) { + rec_n = xmlNewChild(root_n, NULL, (xmlChar *) "plugin", NULL); + sqlite_xml_value(rec_n, XML_ATTR, "plgid", res, i, 5); + sqlite_xml_value(rec_n, XML_ATTR, "enabled", res, i, 4); + sqlite_xml_value(rec_n, XML_NODE, "name", res, i, 0); + sqlite_xml_value(rec_n, XML_NODE, "type", res, i, 1); + sqlite_xml_value(rec_n, XML_NODE, "dsofile", res, i, 2); + sqlite_xml_value(rec_n, XML_NODE, "config", res, i, 3); + } + sqlite_free_results(res); + return doc; +} + + +/** + * Internal function. Registers a new plug-in + * + * @param ctx eurephiaCTX + * @param fmap eDBfieldMap containing information about the new plug-in + * + * @return Returns an eurephia ResultMsg XML document, with success message or an error message + */ +static xmlDoc *plugins_register(eurephiaCTX *ctx, eDBfieldMap *fmap) { + dbresult *res = NULL; + xmlDoc *ret = NULL; + + // Check if we have the needed fields, and only the needed fields + if( (eDBmappingFieldsPresent(fmap) & (FIELD_DESCR | FIELD_TYPE | FIELD_FILE)) == 0 ) { + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + "Registering a plug-in requires plug-in name, type and DSO file name"); + } + + if( eDBmappingGetValue(fmap, FIELD_ACTIVATED) == NULL ) { + eDBmappingSetValue(fmap, FIELD_ACTIVATED, "t"); + } + + res = sqlite_query_mapped(ctx, SQL_INSERT, "INSERT INTO eurephia_plugins", fmap, NULL, NULL); + if( sqlite_query_status(res) != dbSUCCESS ) { + xmlNode *err_n = NULL; + + eurephia_log(ctx, LOG_FATAL, 0, "Could not register the new plug-in"); + err_n = sqlite_log_error_xml(ctx, res); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, + "Could not register the the new plug-in"); + xmlFreeNode(err_n); + } else { + ret = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, + "Plug-in registered with id %i", + res->last_insert_id); + } + sqlite_free_results(res); + return ret; +} + + +/** + * Internal function. Deletes plug-in entry from the database + * + * @param ctx eurephiaCTX + * @param fmap eDBfieldMap containing information about the plug-in(s) to be deleted + * + * @return Returns an eurephia ResultMsg XML document, with success message or an error message + */ +static xmlDoc *plugins_unregister(eurephiaCTX *ctx, eDBfieldMap *fmap) +{ + dbresult *res = NULL; + xmlDoc *ret = NULL; + xmlNode *err_n = NULL; + long int fields; + + // Check if we have the needed fields, and only the needed fields + fields = eDBmappingFieldsPresent(fmap); + if( !(fields & FIELD_FILE) && !(fields & FIELD_RECID) ) { + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + "Deleting plug-ins only accepts " + "DSO filename or plug-in ID"); + } + + // Find the accessprofile ID based on the fieldmap + res = sqlite_query_mapped(ctx, SQL_SELECT, + "SELECT DISTINCT authplugin" + " FROM openvpn_usercerts" + " JOIN eurephia_plugins ON (plgid = authplugin)", + NULL, fmap, NULL); + if( sqlite_query_status(res) != dbSUCCESS ) { + eurephia_log(ctx, LOG_FATAL, 0, "Could not delete the plug-in (1)"); + err_n = sqlite_log_error_xml(ctx, res); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, + "Could not delete the plug-in"); + xmlFreeNode(err_n); + goto exit; + } + + // Remove the usage for this plug-in from all user accounts using it + if( sqlite_get_numtuples(res) > 0 ) { + dbresult *dres = NULL; + int i = 0; + + for( i = 0; i < sqlite_get_numtuples(res); i++ ) { + dres = sqlite_query(ctx, + "UPDATE openvpn_usercerts " + " SET authplugin = NULL" + " WHERE authplugin = %q", + sqlite_get_value(res, i, 0)); + if( sqlite_query_status(dres) != dbSUCCESS ) { + eurephia_log(ctx, LOG_FATAL, 0, + "Could not remove the plug-in references"); + err_n = sqlite_log_error_xml(ctx, res); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, + "Could not remove the plug-in references"); + sqlite_free_results(dres); + xmlFreeNode(err_n); + goto exit; + } + } + sqlite_free_results(dres); + } + + // Delete requested access profiles from eurephia_plugins + res = sqlite_query_mapped(ctx, SQL_DELETE, "DELETE FROM eurephia_plugins", + NULL, fmap, NULL); + if( sqlite_query_status(res) != dbSUCCESS ) { + eurephia_log(ctx, LOG_FATAL, 0, "Could not delete the plug-in registration"); + err_n = sqlite_log_error_xml(ctx, res); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, + "Could not delete the plug-in registration"); + xmlFreeNode(err_n); + } else { + ret = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Plug-in unregistered"); + } + exit: + sqlite_free_results(res); + return ret; +} + + +static xmlDoc * plugins_modify(eurephiaCTX *ctx, const char *plgid, const char *plgdso, + eDBfieldMap *vals_fmap) +{ + dbresult *dbres = NULL; + xmlDoc *ret = NULL, *where_d = NULL; + xmlNode *where_n = NULL; + eDBfieldMap *where_m = NULL; + long int fields; + + if( plgid == NULL && plgdso == NULL ) { + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + "This operation requires the plugin-id or plugin-dso" + " attributes to be present"); + } + + // Check if we have the needed fields, and only the needed fields + fields = eDBmappingFieldsPresent(vals_fmap); + if( !(fields & (FIELD_CONFIG|FIELD_ACTIVATED))) { + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + "This operation requires configuration string or the enabled flag"); + } + + // Create a field-map for the where clause + eurephiaXML_CreateDoc(ctx, 1, "plugins", &where_d, &where_n); + assert( (where_d != NULL) && (where_n != NULL) ); + + where_n = xmlNewChild(where_n, NULL, (xmlChar *) "fieldMapping", NULL); + xmlNewProp(where_n, (xmlChar *) "table", (xmlChar *) "plugins"); + if( plgid != NULL ) { + xmlNewChild(where_n, NULL, (xmlChar *) "plugin_id", (xmlChar *) plgid); + } + if( plgdso != NULL ) { + xmlNewChild(where_n, NULL, (xmlChar *) "dsofile", (xmlChar *) plgdso); + } + where_m = eDBxmlMapping(ctx, tbl_sqlite_plugins, NULL, where_n); + assert( where_m != NULL ); + + dbres = sqlite_query_mapped(ctx, SQL_UPDATE, "UPDATE eurephia_plugins", + vals_fmap, where_m, NULL); + if( sqlite_query_status(dbres) == dbSUCCESS ) { + int num_rows = sqlite_get_affected_rows(dbres); + if( num_rows > 0 ) { + ret = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, + "%i plug-in %s was updated", + num_rows, + (num_rows == 1 ? "record" : "records")); + } else { + ret = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, + "No plug-in records where modified"); + } + } else { + xmlNode *err_n = NULL; + + eurephia_log(ctx, LOG_ERROR, 0, "Failed to update user-cert link.(%s: %s)", + (plgid != NULL ? "plug-in ID" : "plug-in file"), + (plgid != NULL ? plgid : plgdso)); + err_n = sqlite_log_error_xml(ctx, dbres); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, err_n, + "Failed to update user-cert link.(%s: %s)", + (plgid != NULL ? "plug-in ID" : "plug-in file"), + (plgid != NULL ? plgid : plgdso)); + xmlFreeNode(err_n); + } + sqlite_free_results(dbres); + eDBfreeMapping(where_m); + xmlFreeDoc(where_d); + + return ret; +} + + +/** + * @copydoc eDBadminPlugins() + */ +xmlDoc *eDBadminPlugins(eurephiaCTX *ctx, xmlDoc *xmlqry) +{ + eDBfieldMap *fmap = NULL; + char *mode = NULL; + xmlDoc *resxml = NULL; + xmlNode *root_n = NULL, *fieldmap_n = NULL; + + DEBUG(ctx, 20, "Function call: eDBadminPlugins(ctx, {xmlDoc})"); + assert( (ctx != NULL) && (xmlqry != NULL) ); + + if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) { + eurephia_log(ctx, LOG_CRITICAL, 0, + "eurephia admin function call attempted with wrong context type"); + return NULL; + } + + root_n = eurephiaXML_getRoot(ctx, xmlqry, "plugins", 1); + if( root_n == NULL ) { + eurephia_log(ctx, LOG_CRITICAL, 0, "Invalid XML input."); + return NULL; + } + mode = xmlGetAttrValue(root_n->properties, "mode"); + if( mode == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Missing mode attribute"); + return NULL; + } + + fieldmap_n = xmlFindNode(root_n, "fieldMapping"); + if( fieldmap_n == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Missing fieldMapping"); + } + fmap = eDBxmlMapping(ctx, tbl_sqlite_plugins, NULL, fieldmap_n); + + if( strcmp(mode, "search") == 0 ) { + resxml = plugins_search(ctx, fmap); + } else if( strcmp(mode, "register") == 0 ) { + resxml = plugins_register(ctx, fmap); + } else if( strcmp(mode, "unregister") == 0 ) { + resxml = plugins_unregister(ctx, fmap); + } else if( strcmp(mode, "modify") == 0 ) { + char *plgid = xmlGetAttrValue(root_n->properties, "plugin-id"); + char *plgdso = xmlGetAttrValue(root_n->properties, "plugin-dso"); + resxml = plugins_modify(ctx, plgid, plgdso, fmap); + } else { + eurephia_log(ctx, LOG_ERROR, 0, "Plug-ins - Unknown mode: '%s'", mode); + resxml = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Unknown mode '%s'", mode); + } + eDBfreeMapping(fmap); + return resxml; +} diff --git a/database/sqlite/edb-sqlite.c b/database/sqlite/edb-sqlite.c index 25e6f8b..6e33267 100644 --- a/database/sqlite/edb-sqlite.c +++ b/database/sqlite/edb-sqlite.c @@ -1,7 +1,7 @@ /* edb-sqlite.c -- Main driver for eurephia authentication plugin for OpenVPN * This is the SQLite database driver * - * GPLv2 only - Copyright (C) 2008 - 2012 + * GPLv2 only - Copyright (C) 2008 - 2013 * David Sommerseth <dazo@users.sourceforge.net> * * This program is free software; you can redistribute it and/or @@ -274,6 +274,95 @@ int eDBauth_TLS(eurephiaCTX *ctx, const char *org, const char *cname, const char /** + * @copydoc eDBauth_GetAuthMethod() + */ +eDBauthMethodResult * eDBauth_GetAuthMethod(eurephiaCTX *ctx, + const int certid, const char *username) +{ + dbresult *dbr = NULL; + eDBauthMethodResult *ret = NULL; + + DEBUG(ctx, 20, "Function call: eDBauth_GetAuthMethod(ctx, %i, '%s')", certid, username); + + dbr = sqlite_query(ctx, + "SELECT uicid, authplugin, authusername, activated, deactivated, " + " bl1.blid, bl2.blid, plgenabled" + " FROM openvpn_usercerts uc" + " JOIN openvpn_users ou USING (uid)" + " LEFT JOIN eurephia_plugins ep ON (uc.authplugin == ep.plgid)" + " LEFT JOIN openvpn_blacklist bl1 ON(ou.username = bl1.username) " + " LEFT JOIN (SELECT blid, certid " + " FROM openvpn_certificates " + " JOIN openvpn_blacklist USING(digest)) bl2 " + " ON (uc.certid = bl2.certid)" + " WHERE ou.username = '%q' AND uc.certid = '%i'", + username, certid); + + if (dbr == NULL) { + eurephia_log(ctx, LOG_FATAL, 0, + "Failed to query eurephia database for authentication methods for" + "user '%s' with certid '%i'", username, certid); + return NULL; + } + + ret = malloc_nullsafe(ctx, sizeof(eDBauthMethodResult)+2); + if (ret == NULL) { + eurephia_log(ctx, LOG_FATAL, 0, + "Failed to allocate memory fir auth method results"); + return NULL; + } + + /* Some sane and restrictive default values */ + ret->method = eAM_UNDEF; + ret->username = NULL; + ret->authplugid = 0; + ret->uicid = 0; + + if (sqlite_get_numtuples(dbr) == 1) { + char *auplgid = sqlite_get_value(dbr, 0, 1); + char *auuname = sqlite_get_value(dbr, 0, 2); + char *auplgenab = sqlite_get_value(dbr, 0, 7); + + if( sqlite_get_value(dbr, 0, 5) != NULL ) { + eurephia_log(ctx, LOG_WARNING, 0, "User account is BLACKLISTED (%s)", + username); + ret->method = eAM_BLACKLISTED; + } else if( sqlite_get_value(dbr, 0, 6) != NULL ) { + eurephia_log(ctx, LOG_WARNING, 0, + "User account linked with a BLACKLISTED certificate " + "(%s) - certid: %s", + username, certid); + ret->method = eAM_BLACKLISTED; + } else if( sqlite_get_value(dbr, 0, 3) == NULL ) { + eurephia_log(ctx, LOG_WARNING, 0, "User account is not activated (%s)", + username); + ret->method = eAM_INACTIVE; + } else if( sqlite_get_value(dbr, 0, 4) != NULL ) { + eurephia_log(ctx, LOG_WARNING, 0, "User account is deactivated (%s)", + username); + ret->method = eAM_INACTIVE; + } else if ((auplgid != NULL) && (auplgenab != NULL) && (auplgenab[0] == 't')) { + /* If an authentication plug-in is defined and enabled. Use a + * different auth name if configured as well. + */ + ret->method = eAM_PLUGIN; + ret->username = strdup_nullsafe((auuname != NULL ? auuname : username)); + ret->authplugid = atoi_nullsafe(auplgid); + ret->uicid = atoi_nullsafe(sqlite_get_value(dbr, 0, 0)); + } else { + /* If no authentication plug-in is defined, use internal eurephia auth */ + ret->method = eAM_INTERNDB; + ret->username = strdup_nullsafe(username); + ret->authplugid = 0; + } + } + + sqlite_free_results(dbr); + return ret; +} + + +/** * @copydoc eDBauth_user() */ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const char *passwd) @@ -297,8 +386,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const " JOIN openvpn_blacklist USING(digest)) bl2 ON(uc.certid = bl2.certid)" " WHERE uc.certid = '%i' AND ou.username = '%q'", certid, username); - memset(crpwd, 0, strlen_nullsafe(crpwd)); - free_nullsafe(ctx, crpwd); + if( sqlite_query_status(res) != dbSUCCESS ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not lookup user in database (certid %i, username '%s'", certid, username); @@ -319,6 +407,7 @@ int eDBauth_user(eurephiaCTX *ctx, const int certid, const char *username, const eurephia_log(ctx, LOG_WARNING, 0,"Authentication failed for user '%s'. DB error.", username); pwdok = 0; + uicid = 0; } else { crpwd = eurephia_pwd_crypt(ctx, passwd, dbpwd); pwdok = ((crpwd != NULL) && (strcmp(crpwd, dbpwd) == 0) ? 1 : 0); @@ -1230,3 +1319,43 @@ eurephiaVALUES *eDBget_blacklisted_ip(eurephiaCTX *ctx) { return ret; } + +/** + * @copydoc eDBget_plugins() + */ +eurephiaVALUES *eDBget_plugins(eurephiaCTX *ctx, const char *plgtype) { + eurephiaVALUES *ret = NULL; + dbresult *res = NULL; + int i = 0; + char *plgdso = NULL; + + DEBUG(ctx, 20, "Function call eDBget_plugins(ctx, '%s')", plgtype); + + /* Format of the plug-in information: [<dso-filename>]<config string> */ + + res = sqlite_query(ctx, + "SELECT plgid, " + "CASE WHEN plgconfig IS NULL" + " THEN '[' || plgdsofile || ']'" + " ELSE '[' || plgdsofile || ']' || plgconfig END" + " FROM eurephia_plugins" + " WHERE plgenabled = 't' " + " AND plgtype = '%q'", plgtype); + + if( sqlite_query_status(res) == dbSUCCESS ) { + ret = eCreate_value_space(ctx, 21); + for( i = 0; i < sqlite_get_numtuples(res); i++ ) { + if( ( plgdso = sqlite_get_value(res, i, 1)) != NULL ) { + eAdd_value(ctx, ret, sqlite_get_value(res, i, 0), plgdso); + } + } + } else { + eurephia_log(ctx, LOG_FATAL, 0, + "Failed to retrieve additional eurephia plug-ins"); + sqlite_log_error(ctx, res); + ret = NULL; + } + sqlite_free_results(res); + + return ret; +} diff --git a/database/sqlite/fieldmapping.h b/database/sqlite/fieldmapping.h index 496f4ba..2f25b87 100644 --- a/database/sqlite/fieldmapping.h +++ b/database/sqlite/fieldmapping.h @@ -138,4 +138,16 @@ static eDBfieldMap tbl_sqlite_blacklist[] = { }; #endif +#ifdef FMAP_PLUGINS +static eDBfieldMap tbl_sqlite_plugins[] = { + {TABLE_PLUGINS, NULL, FIELD_DESCR, ft_STRING , flt_EQ, "plgname", NULL, NULL}, + {TABLE_PLUGINS, NULL, FIELD_TYPE, ft_STRING , flt_EQ, "plgtype", NULL, NULL}, + {TABLE_PLUGINS, NULL, FIELD_FILE, ft_STRING , flt_EQ, "plgdsofile", NULL, NULL}, + {TABLE_PLUGINS, NULL, FIELD_CONFIG, ft_STRING , flt_EQ, "plgconfig", NULL, NULL}, + {TABLE_PLUGINS, NULL, FIELD_ACTIVATED, ft_BOOL , flt_EQ, "plgenabled", NULL, NULL}, + {TABLE_PLUGINS, NULL, FIELD_RECID, ft_INT , flt_EQ, "plgid", NULL, NULL}, + {0, NULL, FIELD_NONE, ft_UNDEF, flt_NOTSET, NULL, NULL, NULL} +}; +#endif + #endif /* !FIELDMAPPING_H_ */ diff --git a/database/sqlite/sql-schema-delta-3.sql b/database/sqlite/sql-schema-delta-3.sql new file mode 100644 index 0000000..b21899d --- /dev/null +++ b/database/sqlite/sql-schema-delta-3.sql @@ -0,0 +1,38 @@ +-- +-- eurephia database schema for SQLite3 +-- +-- This SQL scripts updates the previous SQL schema to the +-- new schema needed by edb-sqlite v1.4 +-- +-- GPLv2 only - Copyright (C) 2013 +-- David Sommerseth <dazo@users.sourceforge.net> +-- +-- This program is free software; you can redistribute it and/or +-- modify it under the terms of the GNU General Public License +-- as published by the Free Software Foundation; version 2 +-- of the License. +-- +-- This program is distributed in the hope that it will be useful, +-- but WITHOUT ANY WARRANTY; without even the implied warranty of +-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +-- GNU General Public License for more details. +-- +-- You should have received a copy of the GNU General Public License +-- along with this program; if not, write to the Free Software +-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +-- + +-- eurephia_plugins - Defines loadable eurephia plug-ins +-- This table is parsed upon start-up of OpenVPN/eurephia +CREATE TABLE eurephia_plugins ( + plgname varchar(32) NOT NULL, -- short name of the plug-in module + plgtype varchar(16) NOT NULL, -- plug-in type (auth, firewall, etc) + plgdsofile text NOT NULL, -- full path to the plug-in DSO file + plgconfig text , -- Optional config data for the plug-in + plgenabled boolean NOT NULL, -- Enable/disable the plug-in + plgid integer PRIMARY KEY AUTOINCREMENT +); +CREATE INDEX eurephia_plugins_name_type ON eurephia_plugins (plgname, plgtype); + +ALTER TABLE openvpn_usercerts ADD COLUMN authplugin integer; +ALTER TABLE openvpn_usercerts ADD COLUMN authusername text; diff --git a/database/sqlite/sql-schema.sql b/database/sqlite/sql-schema.sql index 4d05222..746d84f 100644 --- a/database/sqlite/sql-schema.sql +++ b/database/sqlite/sql-schema.sql @@ -1,7 +1,7 @@ -- -- eurephia database schema for SQLite3 -- --- GPLv2 only - Copyright (C) 2008 - 2012 +-- GPLv2 only - Copyright (C) 2008 - 2013 -- David Sommerseth <dazo@users.sourceforge.net> -- -- This program is free software; you can redistribute it and/or @@ -19,6 +19,17 @@ -- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -- +-- eurephia_plugins - Defines loadable eurephia plug-ins +-- This table is parsed upon start-up of OpenVPN/eurephia +CREATE TABLE eurephia_plugins ( + plgname varchar(32) NOT NULL, -- short name of the plug-in module + plgtype varchar(16) NOT NULL, -- plug-in type (auth, firewall, etc) + plgdsofile text NOT NULL, -- full path to the plug-in DSO file + plgconfig text , -- Optional config data for the plug-in + plgenabled boolean NOT NULL, -- Enable/disable the plug-in + plgid integer PRIMARY KEY AUTOINCREMENT +); +CREATE INDEX eurephia_plugins_name_type ON eurephia_plugins (plgname, plgtype); -- openvpn_certificates - contains mainly X.509 information from SSL certificates CREATE TABLE openvpn_certificates ( @@ -49,6 +60,8 @@ CREATE TABLE openvpn_usercerts ( uid integer NOT NULL, -- Must be found in openvpn_users certid integer NOT NULL, -- Must be found in openvpn_certificates accessprofile integer , -- If not null, it must be found in openvpn_accesses + authplugin integer , -- optional, must match eurephia_plugins.plgid if used + authusername text , -- optional, alternative username through plug-ins registered timestamp DEFAULT CURRENT_TIMESTAMP, uicid integer PRIMARY KEY AUTOINCREMENT -- Unique ID ); diff --git a/database/sqlite/sqlite.c b/database/sqlite/sqlite.c index a17f4b0..2122885 100644 --- a/database/sqlite/sqlite.c +++ b/database/sqlite/sqlite.c @@ -495,6 +495,7 @@ static char *_build_value_string(eDBfieldMap *ptr) { val = sqlite3_mprintf("lower('%q')", ptr->value); break; + case ft_BOOL: case ft_PASSWD: case ft_STRING: default: |