diff options
| -rw-r--r-- | database/sqlite/administration.c | 8 | ||||
| -rw-r--r-- | database/sqlite/attempts.c | 48 | ||||
| -rw-r--r-- | eurephiadm/commands/attempts.c | 104 |
3 files changed, 142 insertions, 18 deletions
diff --git a/database/sqlite/administration.c b/database/sqlite/administration.c index e75dccd..f831c69 100644 --- a/database/sqlite/administration.c +++ b/database/sqlite/administration.c @@ -1565,7 +1565,7 @@ xmlDoc *eDBadminGetLastlog(eurephiaCTX *ctx, xmlDoc *srch, const char *sortkeys) // The search XML document format is: // <eurephia format="1"> -// <attemptslog mode="{search|add|delete}"> +// <attemptslog mode="{search|reset|delete}"> // <fieldMapping table="attempts"> // <{field name}>{field value}</{field field}> // </fieldMapping> @@ -1575,7 +1575,7 @@ xmlDoc *eDBadminGetLastlog(eurephiaCTX *ctx, xmlDoc *srch, const char *sortkeys) // It can be several search field tags to limit the search even more. // xmlDoc *attempts_list(eurephiaCTX *ctx, eDBfieldMap *fmap); -xmlDoc *attempts_add(eurephiaCTX *ctx, eDBfieldMap *fmap); +xmlDoc *attempts_reset(eurephiaCTX *ctx, eDBfieldMap *fmap); xmlDoc *attempts_delete(eurephiaCTX *ctx, eDBfieldMap *fmap); xmlDoc *eDBadminAttemptsLog(eurephiaCTX *ctx, xmlDoc *qryxml) { @@ -1612,8 +1612,8 @@ xmlDoc *eDBadminAttemptsLog(eurephiaCTX *ctx, xmlDoc *qryxml) { if( strcmp(mode, "list") == 0 ) { resxml = attempts_list(ctx, fmap); - } else if( strcmp(mode, "add") == 0 ) { - resxml = attempts_add(ctx, fmap); + } else if( strcmp(mode, "reset") == 0 ) { + resxml = attempts_reset(ctx, fmap); } else if( strcmp(mode, "delete") == 0 ) { resxml = attempts_delete(ctx, fmap); } else { diff --git a/database/sqlite/attempts.c b/database/sqlite/attempts.c index 4afd981..a524175 100644 --- a/database/sqlite/attempts.c +++ b/database/sqlite/attempts.c @@ -62,7 +62,7 @@ xmlDoc *attempts_list(eurephiaCTX *ctx, eDBfieldMap *fmap) { NULL, fmap, "atpid"); if( res == NULL ) { eurephia_log(ctx, LOG_ERROR, 0, "Error querying the attempts log"); - return 0; + return NULL; } eurephiaXML_CreateDoc(ctx, 1, "attemptslog", &doc, &root_n); @@ -106,12 +106,52 @@ xmlDoc *attempts_list(eurephiaCTX *ctx, eDBfieldMap *fmap) { } -xmlDoc *attempts_add(eurephiaCTX *ctx, eDBfieldMap *fmap) { - return NULL; +xmlDoc *attempts_reset(eurephiaCTX *ctx, eDBfieldMap *fmap) { + dbresult *res = NULL; + xmlDoc *ret = NULL; + int fields = 0; + eDBfieldMap update_vals[] = { + {TABLE_ATTEMPTS, NULL, FIELD_ATTEMPTS, ft_INT, flt_NOTSET, "attempts", "0", NULL}, + {0, NULL, 0, ft_UNDEF, flt_NOTSET, NULL, NULL, NULL} + }; + + fields = eDBmappingFieldsPresent(fmap); + if( (fields & (FIELD_UNAME | FIELD_CERTDIGEST | FIELD_REMOTEIP | FIELD_RECID)) == 0 ) { + return eurephiaXML_ResultMsg(ctx, exmlERROR, + "Missing username, IP address, certificate digest or atpid"); + } + + res = sqlite_query_mapped(ctx, SQL_UPDATE, "UPDATE openvpn_attempts", update_vals, fmap, NULL); + if( res == NULL ) { + eurephia_log(ctx, LOG_FATAL, 0, "Could not reset the attempts count"); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, "Could not reset the attempts count"); + } else { + ret = eurephiaXML_ResultMsg(ctx, exmlRESULT, "Attempts count reset"); + sqlite_free_results(res); + } + return ret; } xmlDoc *attempts_delete(eurephiaCTX *ctx, eDBfieldMap *fmap) { - return NULL; + dbresult *res = NULL; + xmlDoc *ret = NULL; + int fields; + + fields = eDBmappingFieldsPresent(fmap); + if( (fields & (FIELD_UNAME | FIELD_CERTDIGEST | FIELD_REMOTEIP | FIELD_RECID)) == 0 ) { + return eurephiaXML_ResultMsg(ctx, exmlERROR, + "Missing username, IP address, certificate digest or atpid"); + } + + res = sqlite_query_mapped(ctx, SQL_DELETE, "DELETE FROM openvpn_attempts", NULL, fmap, NULL); + if( res == NULL ) { + eurephia_log(ctx, LOG_FATAL, 0, "Could not remove attempts record"); + ret = eurephiaXML_ResultMsg(ctx, exmlERROR, "Could not delete the attempts record"); + } else { + ret = eurephiaXML_ResultMsg(ctx, exmlRESULT, "Attempts record removed"); + sqlite_free_results(res); + } + return ret; } diff --git a/eurephiadm/commands/attempts.c b/eurephiadm/commands/attempts.c index f20b9b4..05b08ee 100644 --- a/eurephiadm/commands/attempts.c +++ b/eurephiadm/commands/attempts.c @@ -53,14 +53,19 @@ void display_attempts_help(int page) " -v | --verbose Show more details\n" "\n" "Filters:\n" - " -n | --username <username> User name\n" - " -d | --digest <SHA1 digest> Certificate SHA1 digest\n\n" - " -i | --ipaddr <ip address> IP address\n"); + " -u | --username <username> User name\n" + " -d | --digest <SHA1 digest> Certificate SHA1 digest\n" + " -i | --ipaddr <ip address> IP address\n\n"); break; case 'D': printf("The attempts delete mode will remove a record from the attempts log.\n" "\n" + "One of the following parameters must be given (only one):\n" + " -u | --username <username> User name\n" + " -d | --digest <SHA1 digest> Certificate SHA1 digest\n" + " -i | --ipaddr <ip address> IP address\n" + " -a | --attemptid <ID> Attempts record ID\n" "\n" ); break; @@ -68,10 +73,11 @@ void display_attempts_help(int page) case 'R': printf("The attempts reset mode will reset the attempt registration.\n" "\n" - "One of the following parameters must be given (only one):" - " -u | --username <username> User name\n" - " -d | --digest <SHA1 digest> Certificate SHA1 digest\n\n" + "One of the following parameters must be given (only one):\n" + " -n | --username <username> User name\n" + " -d | --digest <SHA1 digest> Certificate SHA1 digest\n" " -i | --ipaddr <ip address> IP address\n" + " -a | --attemptid <ID> Attempts record ID\n" "\n" ); break; @@ -79,7 +85,7 @@ void display_attempts_help(int page) default: printf("Available modes for the attempts command are:\n\n" " -D | --delete Delete a registered login attempt\n" - " -R | --add Reset a registered login attempt\n" + " -R | --reset Reset a registered login attempt\n" " -l | --list List all registered login attempts\n" " -h | --help <mode> Show help\n\n"); break; @@ -170,6 +176,86 @@ int list_attempts(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int modify_attempts(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int argc, char **argv) { + xmlDoc *result_xml = NULL, *upd_xml = NULL; + xmlNode *fmap_n = NULL, *res_n = NULL, *upd_n = NULL; + int i = 0, rc = 1, mode = 0; + + e_options modeargs[] = { + {"--help", "-h", 0}, + {"--username", "-u", 1}, + {"--digest", "-d", 1}, + {"--ipaddr", "-i", 1}, + {"--attemptid", "-a", 1}, + {NULL, NULL, 0} + }; + + eurephiaXML_CreateDoc(ctx, 1, "attemptslog", &upd_xml, &upd_n); + if( (strcmp(argv[0], "--reset") == 0) || (strcmp(argv[0], "-R") == 0) ) { + xmlNewProp(upd_n, (xmlChar *) "mode", (xmlChar *) "reset"); + mode = 'R'; + } else if( (strcmp(argv[0], "--delete") == 0) || (strcmp(argv[0], "-D") == 0) ) { + xmlNewProp(upd_n, (xmlChar *) "mode", (xmlChar *) "delete"); + mode = 'D'; + } else { + fprintf(stderr, "%s: Invalid mode\n", MODULE); + xmlFreeDoc(upd_xml); + return 1; + } + + fmap_n = xmlNewChild(upd_n, NULL, (xmlChar *) "fieldMapping", NULL); + xmlNewProp(fmap_n, (xmlChar *) "table", (xmlChar *) "attemptslog"); + + for( i = 1; i < argc; i++ ) { + switch( eurephia_getopt(&i, argc, argv, modeargs) ) { + case 'u': + xmlNewChild(fmap_n, NULL, (xmlChar *) "username", (xmlChar *) optargs[0]); + break; + + case 'd': + xmlNewChild(fmap_n, NULL, (xmlChar *) "digest", (xmlChar *) optargs[0]); + break; + + case 'i': + xmlNewChild(fmap_n, NULL, (xmlChar *) "ip", (xmlChar *) optargs[0]); + break; + + case 'a': + xmlNewChild(fmap_n, NULL, (xmlChar *) "id", (xmlChar *) optargs[0]); + break; + + case 'h': + display_attempts_help(mode); + return 0; + + default: + return 1; + } + } + + result_xml = eDBadminAttemptsLog(ctx, upd_xml); + xmlFreeDoc(upd_xml); + if( result_xml == NULL ) { + fprintf(stderr, "%s: Error during modifying attempts register\n", MODULE); + return 1; + } + + res_n = eurephiaXML_getRoot(ctx, result_xml, NULL, 1); + if( res_n == NULL ) { + fprintf(stderr, "%s: Error during modifying attempts register. No results returned.\n", MODULE); + return 1; + + } + + if( xmlStrcmp(res_n->name, (xmlChar *) "Error") == 0 ) { + fprintf(stderr, "%s: %s\n", MODULE, xmlExtractContent(res_n)); + rc = 1; + } else { + fprintf(stdout, "%s: %s\n", MODULE, xmlExtractContent(res_n)); + rc = 0; + } + xmlFreeDoc(result_xml); + + return rc; } @@ -195,12 +281,10 @@ int cmd_Attempts(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, i mode_fnc = list_attempts; break; - /* - case 'A': + case 'R': case 'D': mode_fnc = modify_attempts; break; - */ case 'h': mode_fnc = help_Attempts2; |