summaryrefslogtreecommitdiffstats
path: root/database/sqlite/edb-sqlite.c
diff options
context:
space:
mode:
Diffstat (limited to 'database/sqlite/edb-sqlite.c')
-rw-r--r--database/sqlite/edb-sqlite.c370
1 files changed, 6 insertions, 364 deletions
diff --git a/database/sqlite/edb-sqlite.c b/database/sqlite/edb-sqlite.c
index 60be1df..4f4e486 100644
--- a/database/sqlite/edb-sqlite.c
+++ b/database/sqlite/edb-sqlite.c
@@ -22,9 +22,13 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include <dlfcn.h>
#include <assert.h>
+#define DRIVERVERSION "1.1"
+#ifndef DRIVERAPIVERSION
+# define DRIVERAPIVERSION 2
+#endif
+
#include <sqlite3.h>
#include <eurephiadb_driver.h>
@@ -34,16 +38,9 @@
#include <eurephiadb_session_common.h>
#include <eurephiadb_session_struct.h>
#include <passwd.h>
-#include "sqlite.h"
-#ifdef MEMWATCH
-#include <memwatch.h>
-#endif
+#include "sqlite.h"
-#define DRIVERVERSION "1.1"
-#ifndef DRIVERAPIVERSION
-# define DRIVERAPIVERSION 2
-#endif
// Mapping table - mapping attempt types from .... to sqlite table fields
typedef struct {
@@ -923,358 +920,3 @@ eurephiaVALUES *eDBget_blacklisted_ip(eurephiaCTX *ctx) {
return ret;
}
-
-#if DRIVERAPIVERSION > 1
-/*
- * API Version 2 functions
- *
- */
-
-// Authenticate admin user against user database
-int eDBadminAuth(eurephiaCTX *ctx, const char *req_access, const char *uname, const char *pwd) {
- dbresult *res = NULL;
- char *crpwd = NULL;
- char *activated = NULL, *deactivated = NULL, *blid = NULL;
- int uid = -1, pwok = 0, access = 0;
- char interface;
-
- assert(ctx != NULL);
-
- switch( ctx->context_type ) {
- case ECTX_ADMIN_CONSOLE:
- interface = 'C';
- break;
- case ECTX_ADMIN_WEB:
- interface = 'W';
- break;
- default:
- eurephia_log(ctx, LOG_ERROR, 0, "Wrong eurephia context type (0x%04x)", ctx->context_type);
- return 0;
- }
-
- if( (strlen_nullsafe(uname) < 4) || (strlen_nullsafe(pwd) < 4) ) {
- eurephia_log(ctx, LOG_WARNING, 0, "User name and/or password is either null or less than 4 bytes");
- return 0;
- }
-
- //
- // Authenticate user and password
- //
- crpwd = passwdhash(pwd);
- assert(crpwd != NULL);
- res = sqlite_query(ctx,
- "SELECT activated, deactivated, bl.blid, "
- " (password = '%q') AS pwok, uid "
- " FROM openvpn_users ou"
- " LEFT JOIN openvpn_blacklist bl USING (username)"
- " WHERE ou.username = '%q'",
- crpwd, uname);
- memset(crpwd, 0, strlen_nullsafe(crpwd));
- free_nullsafe(crpwd);
-
- if( res == NULL ) {
- eurephia_log(ctx, LOG_FATAL, 0, "Could not authenticate user against the database");
- return 0;
- }
-
- if( sqlite_get_numtuples(res) == 1 ) {
- activated = sqlite_get_value(res, 0, 0);
- deactivated = sqlite_get_value(res, 0, 1);
- blid = sqlite_get_value(res, 0, 2);
- pwok = atoi_nullsafe(sqlite_get_value(res, 0, 3));
- uid = atoi_nullsafe(sqlite_get_value(res, 0, 4));
- sqlite_free_results(res);
-
- if( blid != NULL ) {
- eurephia_log(ctx, LOG_WARNING, 0,
- "Your user account is BLACKLISTED. You have no access.");
- sqlite_free_results(res);
- return 0;
- }
-
- if( activated == NULL ) {
- eurephia_log(ctx, LOG_WARNING, 0, "Your user account is not yet activated.");
- sqlite_free_results(res);
- return 0;
- }
-
- if( deactivated != NULL ) {
- eurephia_log(ctx, LOG_WARNING, 0, "Your user account is deactivated.");
- sqlite_free_results(res);
- return 0;
- }
-
- if( pwok != 1 ) {
- eurephia_log(ctx, LOG_WARNING, 0, "Authentication failed,");
- sqlite_free_results(res);
- return 0;
- }
-
- // Check if access level is granted
- // (SQLite do not handle advanced joins so well, so we need to
- // do this check with an extra query)
- res = sqlite_query(ctx,
- "SELECT (count(*) = 1) AS access "
- " FROM eurephia_adminaccess"
- " WHERE uid = '%i' AND interface = '%c' AND access = '%q'",
- uid, interface, req_access);
- if( res == NULL ) {
- eurephia_log(ctx, LOG_FATAL, 0, "Could not check access level");
- return 0;
- }
- access = atoi_nullsafe(sqlite_get_value(res, 0, 0));
- sqlite_free_results(res);
-
- if( access == 0 ) {
- eurephia_log(ctx, LOG_WARNING, 0, "Your account is lacking privileges for this operation");
- return 0;
- }
- } else {
- eurephia_log(ctx, LOG_WARNING, 0, "Authentication failed. No unique records found.");
- sqlite_free_results(res);
- return 0;
- }
-
- // If we reach this place, authentication was successful. Return users uid
- return uid;
-}
-
-int eDBadminValidateSession(eurephiaCTX *ctx, const char *sesskey, const char *req_access) {
- dbresult *res = NULL;
- int valid = 0, access = 0, expire_time = 0;
- char interface;
-
- assert( (ctx != NULL) && (sesskey != NULL) );
-
- switch( ctx->context_type ) {
- case ECTX_ADMIN_CONSOLE:
- interface = 'C';
- break;
- case ECTX_ADMIN_WEB:
- interface = 'W';
- break;
- default:
- eurephia_log(ctx, LOG_ERROR, 0, "Wrong eurephia context type (0x%04x)", ctx->context_type);
- return 0;
- }
-
- // Check if the session is still valid (not expired) and that this session are allowed to access
- // the requested access level.
- expire_time = (60 * atoi_nullsafe(defaultValue(eGet_value(ctx->dbc->config, "eurephiadmin_autologout"),
- "10")
- )
- );
- res = sqlite_query(ctx,
- "SELECT (strftime('%%s',CURRENT_TIMESTAMP)-strftime('%%s',last_action)) > %i AS exp,"
- " (access IS NOT NULL) AS access"
- " FROM eurephia_adminlog"
- " LEFT JOIN eurephia_adminaccess USING(uid,interface)"
- " WHERE status IN (1,2)"
- " AND sessionkey = '%q'"
- " AND access = '%q'",
- expire_time, sesskey, req_access);
-
- if( (res == NULL) ) {
- eurephia_log(ctx, LOG_FATAL, 0, "Could not validate session");
- return 0;
- }
-
- valid = (atoi_nullsafe(sqlite_get_value(res, 0, 0)) == 0);
- access = (atoi_nullsafe(sqlite_get_value(res, 0, 1)) == 1);
- sqlite_free_results(res);
-
- // If still valid, update last_action
- if( valid && access ) {
- res = sqlite_query(ctx,
- "UPDATE eurephia_adminlog"
- " SET last_action = CURRENT_TIMESTAMP, status = 2"
- " WHERE sessionkey = '%q'", sesskey);
- if( res == NULL ) {
- eurephia_log(ctx, LOG_ERROR, 0, "Could not register session activity");
- }
- sqlite_free_results(res);
-
- } else {
- // If not valid, register session as auto-logged out
-
- res = sqlite_query(ctx,
- "UPDATE eurephia_adminlog"
- " SET logout = CURRENT_TIMESTAMP, status = %i"
- " WHERE sessionkey = '%q'",
- (access ? 4 : 5), sesskey);
- if( res == NULL ) {
- eurephia_log(ctx, LOG_ERROR, 0, "Could not register old session as logged out");
- }
- sqlite_free_results(res);
-
- // Delete session variables
- res = sqlite_query(ctx, "DELETE FROM openvpn_sessions WHERE sessionkey = '%q'",
- sesskey);
- if( res == NULL ) {
- eurephia_log(ctx, LOG_ERROR, 0,
- "Could not delete session variables (%s))", sesskey);
- return 0;
- }
- sqlite_free_results(res);
-
- if( !access ) {
- eurephia_log(ctx, LOG_WARNING, 0, "Your user account is lacking privileges");
- }
-
- }
- return (valid && access);
-}
-
-int eDBadminRegisterLogin(eurephiaCTX *ctx, eurephiaSESSION *session) {
- dbresult *res = NULL;
- char interface;
- int uid;
-
- assert((ctx != NULL) && (session != NULL));
-
- switch( ctx->context_type ) {
- case ECTX_ADMIN_CONSOLE:
- interface = 'C'; break;
- case ECTX_ADMIN_WEB:
- interface = 'W'; break;
- default:
- eurephia_log(ctx, LOG_ERROR, 0, "Wrong eurephia context type (0x%04x)", ctx->context_type);
- return 0;
- }
-
- // Register login into eurephia_adminlog ... uid, login, interface, sessionkey
- uid = atoi_nullsafe(eGet_value(session->sessvals, "uid"));
- res = sqlite_query(ctx,
- "INSERT INTO eurephia_adminlog "
- " (uid, interface, status, login, last_action, sessionkey) "
- "VALUES ('%i','%c',1,CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, '%q')",
- uid, interface, session->sessionkey);
- if( !res ) {
- eurephia_log(ctx, LOG_FATAL, 0, "Could not manage to register the session in the database");
- return 0;
- }
- sqlite_free_results(res);
- return 1;
-}
-
-int eDBadminLogout(eurephiaCTX *ctx, const char *sessionkey) {
- dbresult *res = NULL;
-
- assert((ctx != NULL) && (sessionkey != NULL));
-
- // Update session as logged out
- res = sqlite_query(ctx,
- "UPDATE eurephia_adminlog "
- " SET logout = CURRENT_TIMESTAMP, status = 3"
- " WHERE sessionkey = '%q'",
- sessionkey);
- if( !res ) {
- eurephia_log(ctx, LOG_FATAL, 0, "Could not manage to register the session as logged out");
- return 0;
- }
- sqlite_free_results(res);
-
- // Delete session variables
- res = sqlite_query(ctx, "DELETE FROM openvpn_sessions WHERE sessionkey = '%q'", sessionkey);
- if( res == NULL ) {
- eurephia_log(ctx, LOG_ERROR, 0,
- "Could not delete session variables (%s))", sessionkey);
- return 0;
- }
- sqlite_free_results(res);
-
- return 1;
-}
-
-int eDBadminConfigSet(eurephiaCTX *ctx, const char *key, const char *val) {
- dbresult *res = NULL;
- int found = 0;
-
- assert((ctx != NULL) && (ctx->dbc != NULL));
-
- res = sqlite_query(ctx, "SELECT count(*) FROM openvpn_config WHERE datakey = '%q'", key);
- if( !res ) {
- eurephia_log(ctx, LOG_ERROR, 0, "Could not query configuration table");
- return 0;
- }
- found = atoi_nullsafe(sqlite_get_value(res, 0, 0));
- sqlite_free_results(res);
-
- if( found == 0 ) {
- res = sqlite_query(ctx,
- "INSERT INTO openvpn_config (datakey, dataval) VALUES ('%q','%q')",
- key, val);
- } else {
- res = sqlite_query(ctx, "UPDATE openvpn_config SET dataval = '%q' WHERE datakey = '%q'",
- val, key);
- }
-
- if( res == NULL ) {
- eurephia_log(ctx, LOG_ERROR, 0, "Could not register configuration entry (%s = '%s'", key, val);
- return 0;
- }
- sqlite_free_results(res);
- eAdd_value(ctx, ctx->dbc->config, key, val);
- return 1;
-}
-
-int eDBadminConfigDelete(eurephiaCTX *ctx, const char *key) {
- dbresult *res = NULL;
-
- assert((ctx != NULL) && (ctx->dbc != NULL));
-
- res = sqlite_query(ctx, "DELETE FROM openvpn_config WHERE datakey = '%q'", key);
- if( !res ) {
- eurephia_log(ctx, LOG_ERROR, 0, "Could delete config configuration entry (%s)", key);
- return 0;
- }
- sqlite_free_results(res);
- return 1;
-}
-
-eurephiaUSERLIST *eDBgetUserList(eurephiaCTX *ctx, const int sortkey) {
- return NULL;
-}
-
-eurephiaUSERINFO *eDBgetUserInfo(eurephiaCTX *ctx, eurephiaUSERINFO *srchkey) {
- return NULL;
-}
-
-int eDBaddUser(eurephiaCTX *ctx, eurephiaUSERINFO *usrinf) {
- return 0;
-}
-
-int eDBupdateUser(eurephiaCTX *ctx, const int uid, eurephiaUSERINFO *usrinf) {
- return 0;
-}
-
-int eDBdeleteUser(eurephiaCTX *ctx, const int uid, eurephiaUSERINFO *usrinf) {
- return 0;
-}
-
-
-eurephiaCERTLIST *eDBgetCertificateList(eurephiaCTX *ctx, const int sortkey) {
- return NULL;
-}
-
-eurephiaCERTINFO *eDBgetCertificateInfo(eurephiaCTX *ctx, eurephiaCERTINFO *srchkey) {
- return NULL;
-}
-
-int eDBaddCertificate(eurephiaCTX *ctx, eurephiaCERTINFO *crtinf) {
- return 0;
-}
-
-int eDBdeleteCertificate(eurephiaCTX *ctx, const int uid, eurephiaCERTINFO *crtinf) {
- return 0;
-}
-
-eurephiaLOGLIST *eDBgetLastlog(eurephiaCTX *ctx, eurephiaUSERINFO *usersrch, eurephiaCERTINFO *certsrch) {
- return NULL;
-};
-
-eurephiaLOGLIST *eDBgetAttemptsLog(eurephiaCTX *ctx, eurephiaUSERINFO *usersrch, eurephiaCERTINFO *certsrch) {
- return NULL;
-};
-
-#endif
generated by cgit (git 2.34.1) at 2026-01-10 19:19:01 +0000