summaryrefslogtreecommitdiffstats
path: root/common
Commit message (Collapse)AuthorAgeFilesLines
...
* Renamed passwdhash(...) function to eurephia_quick_hash(...)David Sommerseth2009-03-212-36/+31
| | | | | | | | | | This to make it clearer that passwdhash(...) is not good for password hashing, but suitable when you need a quick hashing algorithm. The eurephia_quick_hash(...) are now used for password caching hashing, and is still suitable here since the salt used for the passwords are in memory only and never written to disk, as they are supposed to be temporary hashes.
* Added new password hashing function with proper SHA512 hashingDavid Sommerseth2009-03-212-0/+401
| | | | | | | | | | | | | | | | | | | | | This new function, eurephia_pwd_crypt(...) implements a modified SHA512 hashing algorithm based on the SHA512 crypt implementation proposed by Ulrich Drepper for glibc. The original implementation adds support for variable hashing rounds. The eurephia version implements dynamic hashing rounds, controlled by minimum and maximum rounds set in the configuration. If not set, it will minimum use 5000 rounds and maximum 7500 rounds. The amount of rounds is supposed to be random. In addition to this, the salt information is now encoded into a hex value. In this value the salt length and the hash rounds are defined. This hex value is then encoded (quasi crypt) based on a modulus of the sum of the characters in the password + the password length. So if you give the wrong password, you will also get the wrong salt length and the wrong number of hashing rounds used. The default salt length is also increased to 32 bytes (256 bit)
* Made the destination buffer for random data more type independent (void *)David Sommerseth2009-03-032-2/+2
|
* Added macro for defaultIntvalue() for pure integer valuesDavid Sommerseth2009-03-031-1/+1
|
* Moved eDBsessionGetRandString(...) to a more global and independent ↵David Sommerseth2009-01-104-30/+79
| | | | eurephia_randstring(...) function
* Introduced password caching on authenticated sessionsDavid Sommerseth2009-01-032-0/+6
| | | | | | | | | | | | | | | | | | | | | | This is to prepare eurephia-auth plugin to use other and more CPU intensive hashing algorithms for passwords. In addition, open sessions will now not be rejected/closed due to wrong password if the user changes the password with an open session running. The patch adds a new server_salt attribute in the eurephiaCTX structure. This is used as a temporary salt and is created of random data when OpenVPN is started. When a user is being authenticated (eurephia.c/eurephia_userauth) a authentication session (not the same as a 'normal' session) is opened and checked for a cached password. If it does not exist or match, normal password check will be done against the user database. If a cached password is found and matches, it is considered to be authenticated. The cached password uses the SHA512 algorithm, together with the eurephiaCTX->server_salt.
* Prepared passwdhash function to allow salting and be prepared for other ↵David Sommerseth2009-01-022-27/+37
| | | | hashing algorithms
* Moved the certfile parsing out from certificate.c into parse_certificate_files.cDavid Sommerseth2008-12-212-0/+3
| | | | | Changed certinfo.[ch] to add cert.digest as well, and using this modified struct to handle the parse result after parsing the certfile.
* Corrected wrong declaration of xmlExtractContent(...) and xmlGetNodeContent(...)David Sommerseth2008-12-202-8/+12
|
* Removed all other eurephia admin structs which can be replaced by XMLDavid Sommerseth2008-12-181-36/+0
|
* Removed everything which was connected to the eurephiaUSERINFO struct.David Sommerseth2008-12-183-313/+0
|
* Added common eurephiaXML functions for creating and reading eurephia XML ↵David Sommerseth2008-12-172-0/+59
| | | | documents
* Needed to change from #define macro to function to avoid compiler warningDavid Sommerseth2008-12-151-1/+3
| | | | | | When xmlExtractContent() was used together with the defaultValue() macro, a compiler warning appeared. Changed the xmlExtractContent() macro to a inline function, hopefully the overhead will be minimal with this change.
* Added simple functions for extracting char * from XML nodesDavid Sommerseth2008-12-152-0/+86
|
* Modified flags againDavid Sommerseth2008-12-121-5/+7
| | | | | | Added RSETLASTUSED (last_accessed is set to NULL) and RSETLOGINCNT (lastlog table has been modified). NEVERUSED flag will only be set if last_accessed is NULL and login count == 0.
* Added ACCFLAG_ERRATTEMPT for flagging if the attempt counter > 0David Sommerseth2008-12-111-0/+1
|
* Added logincount and setting user account flagsDavid Sommerseth2008-12-111-0/+1
|
* Added another flag to eurephiaUSERINFODavid Sommerseth2008-12-112-0/+8
| | | | | | | | The added account_flags are flags used to quickly identify the account status. Made also suret that all flags are not set when a new eurephiaUSERINFO struct is initialised
* Added functions for processing eurephiaACCESSINFO/eurephiaACCESSLISTDavid Sommerseth2008-12-113-0/+102
| | | | | | | | | | Implemented saving VPN access profile to the eurephiaCERTINFO struct and filling the eurephiaACCESSINFO with the proper information needed in the eDBadminGetUserInfo(...) function. The special thing about eurephiaACCESSINFO, is that it will not register duplicate records. And when the eurephiaCERTINFO is free'd, the eurephiaACCESSLIST will automatically be free'd as well.
* Added eurephiaCERTINFO and eurephiaCERTLIST structs functionsDavid Sommerseth2008-12-093-18/+101
| | | | | | New functions to simplify using these structs in the code. Extended eurephiaUSERINFO to also have a eurephiaCERTLIST pointer, which can be used to store all associated certificates to this user.
* Added setnull_flag in the eurephiaUSERINFO structDavid Sommerseth2008-12-081-0/+1
| | | | | | | This can make it possible to get a value getting set to NULL if this flag contains the FIELD_* value of the field being set to NULL. If more fields wants to be reset, these field values can be bitwise ORed together into the setnull_flag.
* Moved over from earlier commit to use unified db translationDavid Sommerseth2008-12-063-167/+1
| | | | | | | In other words, rewrote commit 6d4373e026b3f12c5685e45e35f9f060379ed0f3. Moved over all functions from that commit which could take advantage of the new API for unified table/field translation.
* Added free function eurephiaUSERLIST structs. Added possible valgrind issue.David Sommerseth2008-12-062-1/+13
|
* BUGFIX: Fixed free() which valgrind complained about.David Sommerseth2008-12-061-1/+1
| | | | | | Changed it from free_nullsafe() to free(), since we already check if session is null before we reach this free line. valgrind did not complain afterwards.
* BUGFIX: Made some functions more nullsafe and fixed wrong function ↵David Sommerseth2008-12-062-6/+10
| | | | declaration in .h
* Added admin function to give a list of usersDavid Sommerseth2008-12-061-1/+37
|
* Moved the typedef struct eFieldMap from *common.h to *struct.hDavid Sommerseth2008-12-062-8/+17
|
* Added eurephia_admin_common.[ch]David Sommerseth2008-12-062-0/+214
| | | | | | | Will contain common functions for the administration API. At the moment only a generic function which converts unified field names to proper database field names is implemented. This functions is made especially for sorting keys (ORDER BY <fields>)
* BUGFIX: Avoid core dump on eurephia_log(...) if eurephiaCTX is NULLDavid Sommerseth2008-11-301-1/+1
|
* BUGFIX: Fixed several errors in eurephia_values.cDavid Sommerseth2008-11-301-34/+47
| | | | | | - DEBUG logging now shows proper evgid value - evid is correctly incremented for each record - Rewrote eAdd_valuestruct(...) function to avoid empty pointer head.
* Splittet eAdd_value(...) up and put parts of it into eAdd_valuestruct(...) ↵David Sommerseth2008-11-302-10/+22
| | | | to add a eurephiaVALUES struct to an existing chain
* Completed the change of authentication model in database driverDavid Sommerseth2008-11-301-1/+4
| | | | | | Follow up of commit 103acd7c2e1467401f0795930be9140dc5ed47ff. Seems to work fine via both plugin mode and eurephiadm, regarding core dumping too.
* Fixed core dump issue with eDBstore_session_value(...) / ↵David Sommerseth2008-11-303-13/+13
| | | | (*eDBstore_session_value)(...)
* Changed the id's for ECTX_ADMIN_* values, to make them more bitwise wiserDavid Sommerseth2008-11-301-2/+2
|
* Merge branch 'master' into eurephiadmDavid Sommerseth2008-11-291-0/+1
|\
| * BUGFIX: Use hard coded default values when checking against openvpn_attempts ↵David Sommerseth2008-11-291-0/+1
| | | | | | | | if config parameters is not set
* | Added context_type into eurephiaCTX struct. Database queries limited due to ↵David Sommerseth2008-11-291-0/+6
| | | | | | | | context type.
* | Added drafts for structs needed for admin utilsDavid Sommerseth2008-11-281-0/+74
| |
* | Splitted plugin/eurephiadb_session.[ch] into two partsDavid Sommerseth2008-11-282-0/+172
|/ | | | | | | | | One part is a generic session handling part (common/eurephiadb_session_common.[ch]) and the other part is left in the old plugin/eurephiadb_session.[ch]. This splitting should make it easiser to reuse some of the session handling functions for the admin utils.
* Cleaned up eurephiadb_session dependenciesDavid Sommerseth2008-11-281-0/+34
| | | | | Moved eurephiadb_session_struct.h to the common directory and made sure that eurephiadb_session.h is only included where needed
* Made eurephia_context.h even more generic and independentDavid Sommerseth2008-11-281-1/+4
| | | | | | | | | eurephia_context.h do only need to know about the eurephiaFWINTF * struct when compiling the auth plug-in and firewall modules. To enable this, EUREPHIA_FWINTF needs to be defined as well as the eurephiafw_struct.h must be included before including eurephia_context.h in the source. When this is not done, *fwcfg will just be a void *.
* Renamed eurephia_struct.h to eurephia_context.hDavid Sommerseth2008-11-276-5/+49
| | | | | | | | | | | | | Since this include file now only consists of eurephiaCTX definition, it was moved to the common/ directory and renamed. Moved the SESSION_* definitions out of this file and into plugin/eurephiadb_session.h where they belong. Moved the Posix MQ definitions into plugin/firewall/eurephiafw_struct.h where they belong. eurephia_context.h is now containing only context related things.
* Code cleanup: Splitted all structures defined in eurephia_struct.h into ↵David Sommerseth2008-11-051-0/+32
| | | | separate include files
* Reorganised the source codeDavid Sommerseth2008-10-1514-0/+1184
Moved all OpenVPN plug-in related things into ./plugins, including firewall Moved all shared code into ./common and moved the generic part of the database files into ./database Updated all CMakeLists.txt files and created a new one for the root directory
generated by cgit (git 2.34.1) at 2025-09-27 00:05:47 +0000