diff options
author | David Sommerseth <dazo@users.sourceforge.net> | 2009-11-13 10:32:11 +0100 |
---|---|---|
committer | David Sommerseth <dazo@users.sourceforge.net> | 2009-11-13 10:32:11 +0100 |
commit | da9a117b1c4df791a99be94667df281b1ab1917f (patch) | |
tree | 399c9eaa3823f84bb65823c53ac2f88a0c2a7ebd /database | |
parent | de7a3d88c78cdf400fcee78f71946da8b12ec74f (diff) | |
download | eurephia-da9a117b1c4df791a99be94667df281b1ab1917f.tar.gz eurephia-da9a117b1c4df791a99be94667df281b1ab1917f.tar.xz eurephia-da9a117b1c4df791a99be94667df281b1ab1917f.zip |
Fixed wrong usage of lower(digest) in eDBregister_attempts()
This is a follow up of commit de7a3d88c78cdf400fcee78f71946da8b12ec74f.That
commit introduced an SQL error when eDBregister_attempts() was attempting
to update certificate digest attempt records. Overhauled and fixed the
complete eDBregister_attempts() function.
Diffstat (limited to 'database')
-rw-r--r-- | database/sqlite/edb-sqlite.c | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/database/sqlite/edb-sqlite.c b/database/sqlite/edb-sqlite.c index b9a311b..112153a 100644 --- a/database/sqlite/edb-sqlite.c +++ b/database/sqlite/edb-sqlite.c @@ -61,7 +61,8 @@ * to database field names, configuration options (with default values) and description */ typedef struct { - char *colname; /**< Column name when doing look up in blacklist and attempts tables */ + char *colname; /**< Field when doing look up in blacklist and attempts tables */ + char *colname_where; /**< Field when using column name in WHERE section of SQL queries */ char *allow_cfg; /**< Configure parameter for the attempt limits */ char *descr; /**< Description, used to give more readable output for users */ char *default_value; /**< Default value, if config option is not found */ @@ -74,9 +75,9 @@ typedef struct { */ static const eDBattempt_types_t eDBattempt_types[] = { {NULL, NULL, NULL, NULL}, - {"remoteip\0", "allow_ipaddr_attempts\0", "IP Address\0", "10\0", NULL}, - {"lower(digest)\0", "allow_cert_attempts\0", "Certificate\0", "5\0", "lower\0"}, - {"username\0", "allow_username_attempts\0", "Username\0", "5\0", NULL}, + {"remoteip\0", "remoteip\0", "allow_ipaddr_attempts\0", "IP Address\0", "10\0", NULL}, + {"digest\0", "lower(digest)\0", "allow_cert_attempts\0", "Certificate\0", "5\0", "lower\0"}, + {"username\0", "username\0", "allow_username_attempts\0", "Username\0", "5\0", NULL}, {NULL, NULL, NULL, NULL} }; @@ -407,7 +408,7 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) eDBattempt_types[type].descr, val); blr = sqlite_query(ctx, "SELECT blid FROM openvpn_blacklist WHERE %s = %s%s'%q'%s", - eDBattempt_types[type].colname, + eDBattempt_types[type].colname_where, defaultValue(eDBattempt_types[type].value_func, ""), (strlen_nullsafe(eDBattempt_types[type].value_func) > 0 ? "(" : ""), val, @@ -436,7 +437,7 @@ int eDBblacklist_check(eurephiaCTX *ctx, const int type, const char *val) "SELECT atpid, attempts >= %q FROM openvpn_attempts WHERE %s = '%q'", defaultValue(eGet_value(ctx->dbc->config, eDBattempt_types[type].allow_cfg), eDBattempt_types[type].default_value), - eDBattempt_types[type].colname, val); + eDBattempt_types[type].colname_where, val); if( atpr != NULL ) { atpid = strdup_nullsafe(sqlite_get_value(atpr, 0, 0)); atpexceed = atoi_nullsafe(sqlite_get_value(atpr, 0, 1)); @@ -494,11 +495,16 @@ void eDBregister_attempt(eurephiaCTX *ctx, int type, int mode, const char *value "SELECT atpid, attempts > %s, blid, attempts " " FROM openvpn_attempts " " LEFT JOIN openvpn_blacklist USING(%s)" - " WHERE %s = '%q'", + " WHERE %s = %s%s'%q'%s", defaultValue(eGet_value(ctx->dbc->config, eDBattempt_types[type].allow_cfg), eDBattempt_types[type].default_value), eDBattempt_types[type].colname, - eDBattempt_types[type].colname, value); + eDBattempt_types[type].colname_where, + defaultValue(eDBattempt_types[type].value_func, ""), + (strlen_nullsafe(eDBattempt_types[type].value_func) > 0 ? "(" : ""), + value, + (strlen_nullsafe(eDBattempt_types[type].value_func) > 0 ? ")" : "") + ); if( res == NULL ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not look up atpid in openvpn_attempts"); return; |