| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Added a function to extract the needed information from an
OpenSSL X509 object. Also extended parse_tlsid() to include
a pointer to the certificate digest, to have a common behaviour
between parse_tlsid() and parse_x509_cert().
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
|
| |
In OpenVPN v2.3 there's a new plug-in API with a more integrated log features.
This patch prepares the logging infrastructure for this API.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
|
|
|
|
|
|
| |
By setting this config option in the eurephia database, eurephia will
expect all user account/certificate links to be set up with an external
plug-in for username/password authentications.
Further, it is now ensured that system configuration issues or general
failures not related to the user authentication itself, is not counted
as a login attempt.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
|
|
|
| |
This enables a run-time loadable support for other authentication
modules. This can be used to make eurephia authenticate user's
passwords against other sources than the local eurephia database
itself.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
|
|
| |
eGetSym_optional()
Will be used by the authentication plug-in framework.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
| |
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
|
| |
The argument list didn't match what the internal _veurephia_log_func()
function expected. This error was introduced in commit ebf4e80250b525e17
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
|
| |
Modified the eurephiadm client_config section to make use of the common
version as well.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
|
| |
veurephia_log() is to eurephia_log() what vprintf() is to printf(),
taking va_list and const char *fmt arguments directly.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
| |
On FreeBSD the endian.h file is located in sys/endian.h.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
|
|
| |
The initial implementation of the SHA512 hashing functions was tightly
connected to glibc. This patch changes those few functions which is
glibc to more portable functions.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
|
|
|
|
| |
Now eurephia will support both TUN and TAP configurations in
OpenVPN.
Thanks to Tavis Paquette and Matthew Gyurgyik for their willingness
to test out this patch.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
|
|
| |
This function clears the contents of a eurephiaVALUES key/value record.
It will not remove the record from the stack, but only free the key and
value pointers and sets them to NULL.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will later be used to be able to support OpenVPN in tun mode
as well as the now only supported tap mode. It will first try to
detect the tunnel type based on the 'dev_type' environment variable
if available. If not, it will try to figure it out based on the
device name. If this fails, it is possible to force the eurephia
to a specific device type by setting the openvpn_devtype config
variable.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
| |
This could cause eurephia to use a faulty hashing rounds value.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
|
| |
Do a mlock() call on all buffers used by the password hashing algorithms,
to make sure these data segments never will be written to swap.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
| |
Removed old and obsolete expressions used to reference the eurephia database driver.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
|
|
| |
eAdd_valuestruct() did not use a nullsafe strdup().
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
|
|
|
| |
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|\ |
|
| | |
|
| |
| |
| |
| | |
Ref. commit: f2a4f0412bc1f7b9069ecbcce8f5599f46f757e0
|
| |
| |
| |
| |
| | |
Also changed malloc_nullsafe() and free_nullsafe() to report directly
which file:line which called the malloc/free function.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also simplified the initialisation of the logging module. By calling
the eurephia_log_init(eurephiaCTX *, char *dest, int loglevel) function,
a log context will be setup inside the eurephiaCTX.
To close the log file, eurephia_log_close(eurephiaCTX *) must be called.
The destination string to eurephia_log_init() can be:
- stdout:
Log everything to stdout
- stderr:
Log everything to stderr
- none:
Do no logging at all
- syslog:<facility>
Log via syslog. <facility> can be: user, local[0-7],
daemon or authpriv.
- Filename
All logging goes to the given filename. If the filename
string is not recognised by any of the reserved words above,
it will be handled as a filename.
|
| | |
|
| |
| |
| |
| | |
is NULL
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
|/ |
|
| |
|
|
|
|
|
|
|
|
| |
info
The eurephia result XML document is also changed, and all parsing of the result must
be rewritten. To simplify this parsing, a new function is introduced,
eurephiaXML_ParseResultMsg().
|
|
|
|
|
|
| |
This error caused eurephia_pwd_crypt() to fail, especially when salt length
was requested to be longer. The solution was to retrieve the salt length
before allocating memory for it.
|
|
|
|
| |
and vars
|
|
|
|
| |
eurephiaVALUES chain
|
| |
|
| |
|
| |
|