auth plug-in: Implemented the authentication plug-in into the core eurephia framework

This enables using an external authentication plug-in if a user
account/certification link is configured to make user of it.

This change ensures that all configured authentiaction plug-ins are
loaded and is available when eurephia is initialised.

Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>

3 files changed, 75 insertions, 3 deletions

diff --git a/database/eurephiadb.c b/database/eurephiadb.c
index 322e394..701b8d1 100644
--- a/database/eurephiadb.c
+++ b/database/eurephiadb.c
@@ -1,6 +1,6 @@
 /* eurephiadb.c  --  Loads and initialises the database driver
  *
- *  GPLv2 only - Copyright (C) 2008 - 2012
+ *  GPLv2 only - Copyright (C) 2008 - 2013
  *               David Sommerseth <dazo@users.sourceforge.net>
  *
  *  This program is free software; you can redistribute it and/or
@@ -29,6 +29,7 @@
  */
 
 #include <stdio.h>
+#include <string.h>
 #include <dlfcn.h>
 
 #include "eurephia_nullsafe.h"
@@ -113,6 +114,11 @@ int eDBlink_init(eurephiaCTX *ctx, const char *dbdriver, const int minver)
                 eurephia_log(ctx, LOG_WARNING, 0,
                              "eurephia database driver API is newer than the running eurephia version.  Consider "
                              "to upgrade eurephia to take advantage of newer features in the driver.");
+
+        case 4:
+                eDBauth_GetAuthMethod          = eGetSym(ctx, ctx->eurephia_driver, "eDBauth_GetAuthMethod");
+                eDBget_plugins                 = eGetSym(ctx, ctx->eurephia_driver, "eDBget_plugins");
+
         case 3:
                 eDBregister_vpnclientaddr      = eGetSym(ctx, ctx->eurephia_driver, "eDBregister_vpnclientaddr");
 
@@ -176,3 +182,21 @@ int eDBlink_init(eurephiaCTX *ctx, const char *dbdriver, const int minver)
         }
         return 1;
 }
+
+
+/**
+ * Frees the memory allocated by the eDBauth_GetAuthMethod() function
+ *
+ * @param eurephiaCTX*         Pointer to the global eurephia context
+ * @param eDBauthMethodResult* Pointer to the result to be freed
+ *
+ */
+void eDBauth_FreeAuthMethodResult(eurephiaCTX *ctx, eDBauthMethodResult *res)
+{
+        if( res == NULL ) {
+                return;
+        }
+        free_nullsafe(ctx, res->username);
+        memset(res, 0, sizeof(eDBauthMethodResult));
+        free_nullsafe(ctx, res);
+}
diff --git a/database/eurephiadb.h b/database/eurephiadb.h
index e8c7e84..ea59ece 100644
--- a/database/eurephiadb.h
+++ b/database/eurephiadb.h
@@ -1,6 +1,6 @@
 /* eurephiadb.h  --  Database driver setup
  *
- *  GPLv2 only - Copyright (C) 2008 - 2012
+ *  GPLv2 only - Copyright (C) 2008 - 2013
  *               David Sommerseth <dazo@users.sourceforge.net>
  *
  *  This program is free software; you can redistribute it and/or
@@ -38,4 +38,5 @@
 int eDBlink_init(eurephiaCTX *, const char *, const int);
 int eDBlink_close(eurephiaCTX *);
 
+void eDBauth_FreeAuthMethodResult(eurephiaCTX *, eDBauthMethodResult *);
 #endif
diff --git a/database/eurephiadb_driver.h b/database/eurephiadb_driver.h
index 8384ad2..fef6499 100644
--- a/database/eurephiadb_driver.h
+++ b/database/eurephiadb_driver.h
@@ -1,6 +1,6 @@
 /* eurephiadb_driver.h  --  API provided by the database driver
  *
- *  GPLv2 only - Copyright (C) 2008 - 2012
+ *  GPLv2 only - Copyright (C) 2008 - 2013
  *               David Sommerseth <dazo@users.sourceforge.net>
  *
  *  This program is free software; you can redistribute it and/or
@@ -54,6 +54,27 @@
 #define USERINFO_blacklist  0x10 /**< flag for extracting information from blacklist log */
 
 /**
+ * Defines supported authentication methods or account restrictions
+ */
+typedef enum { eAM_UNDEF,            /**< Unknown/undefined/unsupported method */
+               eAM_BLACKLISTED,      /**< Account has been blacklisted, no auth allowed */
+               eAM_INACTIVE,         /**< Account is not active, no auth allowed */
+               eAM_INTERNDB,         /**< Use the eurephia database for password authentication */
+               eAM_PLUGIN            /**< Use an auth plug-in for password authentication */
+} eDBauthMethod;
+
+/**
+ *  Result structure from eDBauth_GetAuthMethod()
+ */
+typedef struct __eDBauthMethodResult {
+        eDBauthMethod method;        /**< Authentication method */
+        char *username;              /**< Username to use with external methods */
+        unsigned int authplugid;     /**< Authentication plug-in ID for external methods */
+        int uicid;                   /**< User account/certificate link ID */
+} eDBauthMethodResult;
+
+
+/**
  * Mandatory function. Retrieves driver version information
  *
  * @return Returns string (const char *) containing driver version information.
@@ -114,6 +135,21 @@ int EUREPHIA_DRIVERAPI_FUNC(eDBauth_TLS)(eurephiaCTX *ctx, const char *org, cons
 					 const char *digest, const unsigned int depth);
 
 /**
+ * Retrieves authentication method for a specific user name and certificate ID
+ *
+ * @version API version level 1
+ * @param ctx eurephiaCTX
+ * @param certid certificate ID to the user being authenticated
+ * @param username username to be authenticated
+ *
+ * @return Returns a pointer to a eDBauthMethodResult struct which defines how
+ *         to authenticate this user.  On system failure, NULL is returned.
+ */
+eDBauthMethodResult * EUREPHIA_DRIVERAPI_FUNC(eDBauth_GetAuthMethod)(eurephiaCTX *ctx,
+                                                                   const int certid,
+                                                                   const char *username);
+
+/**
  * Authenticates a client against the database, with users certificate ID, username and password.
  *
  * @version API version level 1
@@ -274,6 +310,17 @@ char * EUREPHIA_DRIVERAPI_FUNC(eDBget_firewall_profile) (eurephiaCTX *ctx, eurep
  */
 eurephiaVALUES * EUREPHIA_DRIVERAPI_FUNC(eDBget_blacklisted_ip)(eurephiaCTX *ctx);
 
+/**
+ * Retrieve a list of additional configured eurephia plug-ins of a certain plug-in type
+ *
+ * @version API version level 4
+ * @param   ctx      eurephiaCTX
+ * @param   plgtype  Plug-in category type (string value, null terminated)
+ *
+ * @return Returns an eurephiaVALUES chain with all plug-ins configured, otherwise NULL is returned
+ */
+eurephiaVALUES * EUREPHIA_DRIVERAPI_FUNC(eDBget_plugins)(eurephiaCTX *ctx, const char *plgtype);
+
 /* The following functions is also declared in eurephia_session_values.c - for local internal usage. */
 /**
  * Retrieve a unique session key based on a session seed.