summaryrefslogtreecommitdiffstats
path: root/database/sqlite/administration.c
Commit message (Collapse)AuthorAgeFilesLines
* Moved the remainings of administration.c into administration/authentication.cDavid Sommerseth2009-09-271-364/+0
|
* Code clean up. Moved xmlReplaceChars() to eurephia_xml.cDavid Sommerseth2009-09-271-21/+0
|
* Fixed missing check in eDBadminValidateSession() against interface typeDavid Sommerseth2009-09-271-2/+3
|
* Unified eDBadminGetAdminAccess() and eDBadminEditAdminAccess() into ↵David Sommerseth2009-09-211-64/+0
| | | | eDBadminAccessLevel()
* Corrected some doxygen issues after rearranging the sqlite3 db driver codeDavid Sommerseth2009-09-131-1/+2
|
* Moved eDBGetLastlog() function into sqlite/administration/lastlog.cDavid Sommerseth2009-09-131-109/+0
|
* Moved eDBadminGetAdminAccess() into sqlite/administration/useraccount.cDavid Sommerseth2009-09-131-59/+0
|
* Moved certificate functions into sqlite/administration/certificates.cDavid Sommerseth2009-09-131-200/+0
|
* Moved user account functions into administration/useraccount.cDavid Sommerseth2009-09-131-496/+0
|
* Moved eDBadminBlacklist() function into administration/blacklist.cDavid Sommerseth2009-09-131-68/+0
|
* Moved eDBadminAttemptsLog() function into administration/attempts.cDavid Sommerseth2009-09-131-66/+0
|
* Moved eDBadminConfigSet() and eDBadminConfigDelete() into its own fileDavid Sommerseth2009-09-131-68/+0
|
* Removed no longer needed driver function (eDBadminGetCertificateList())David Sommerseth2009-09-111-12/+0
|
* More doxygen comments in the sqlite3 driverDavid Sommerseth2009-09-111-175/+141
|
* Added debug logging of free_nullsafe() calls as wellDavid Sommerseth2009-09-071-2/+2
|
* Removed header file which is no longer neededDavid Sommerseth2009-09-051-1/+0
|
* Moved usercerts related functions into its own fileDavid Sommerseth2009-08-291-130/+0
|
* sqlite3 driver: Implemented eDBadminBlacklist(...) function for blacklist ↵David Sommerseth2009-05-091-0/+63
| | | | management
* Corrected some minor detailsDavid Sommerseth2009-05-091-4/+3
|
* Completed the attempts command in eurephiadmDavid Sommerseth2009-05-071-4/+4
| | | | Added functionality for resetting and deleting attempt records
* Renamed fieldmapping for 'attempts' to 'attemptslog'David Sommerseth2009-05-061-3/+3
| | | | | | Also made the result XML from eDBadminAttemptsLog(...) more efficient by not adding the username/certificate/ipaddress group tags if the information is not present.
* sqlite3 driver: Implemented listing of openvpn_attempts tableDavid Sommerseth2009-04-091-4/+61
|
* Security enhancement: Added check in eDBadmin* functions that the context is ↵David Sommerseth2009-04-011-0/+96
| | | | correct
* Cleaned up some compiler warnings in edb-sqliteDavid Sommerseth2009-03-301-0/+6
|
* Added missing xmlReplaceChars(...) on common_name and organisationDavid Sommerseth2009-03-291-4/+20
|
* Fixed a "hang" when wrong password was usedDavid Sommerseth2009-03-281-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to the current implementation of SHA512 salts, it could be experienced as if the application hung on wrong passwords. This is because the rounds count for the passwords are scrambled, with values based on the given password. When a wrong password is given, this will also result in getting a wrong salt length and hash rounds for the following hash calculation. Due to this, the extracted rounds value from the salt string could return some really high number of rounds on wrong passwords (possibly the max value if integer). And this is why the "hang" is experienced. To avoid this, a check is added to make sure the rounds is not unreasonably much higher than the configured max rounds values. If the descrambled rounds number from the salt exceeds max rounds * 1.5, the password (most probaly) is wrong. In this case we do a sleep() to slow down bruteforce attacks and return NULL. The drawback is if the maxrounds later on is changed to a value which hits this scenario: passwordsalt_rounds > maxrounds_cfg * 1.5 In this case these old passwords will be invalidated by that configuration change. This is considered to be a feature and not a bug. The reason for mulitiplying by 1.5, is to allow a little room for a degrading the max rounds setting. By adjusting the max rounds up again, these passwords will be valid again. Added also a sleep() when wrong username is attempted.
* BUGFIX: Fixed missing string replace in certificate functionsDavid Sommerseth2009-03-271-2/+18
| | | | | | | | When calling eDBadminGetCertificateInfo(...) or eDBadminDeleteCertificate(...) with a search XML document using common_name or organisation and these fields contained spaces, no certificates would be deleted. This is because space is replaced with underscore in the database.
* Made the licence explicit GPLv2 onlyDavid Sommerseth2009-03-261-1/+1
|
* Cleaned up the code a little bitDavid Sommerseth2009-03-261-4/+2
| | | | | Made sure we only include needed include files and checked that the copyright headers are equal and correct
* Corrected sorting of result in eDBadminGetAdminAccess(...)David Sommerseth2009-03-241-1/+1
|
* Implemented the eDBadminGetLastLog(...) function in the SQLite3 driverDavid Sommerseth2009-03-241-3/+86
|
* Extended the database driver with eDBadminGetAdminAccess(...)David Sommerseth2009-03-241-0/+62
| | | | | | This function will return an XML document with data extracted from the eurephia_adminaccess table. Search criterias are defined by the search XML doc given as input.
* Added support for editing the eurephia_adminaccess tableDavid Sommerseth2009-03-221-0/+66
| | | | Implemented eDBadminEditAdminAccess(...) function in db driver
* Rewrote database driver (SQLite) to use eurephia_pwd_crypt(...)David Sommerseth2009-03-221-12/+22
| | | | Follow up from commit 062a3c92343a5fa371f8637f8bca88aacca14cc4
* Prepared passwdhash function to allow salting and be prepared for other ↵David Sommerseth2009-01-021-1/+1
| | | | hashing algorithms
* Added db driver function: eDBadminGetUserCertsList(...) - to get user ↵David Sommerseth2008-12-281-0/+71
| | | | account/certs links
* sqlite3 - admin: Added DEBUG statements on all function callsDavid Sommerseth2008-12-261-1/+18
|
* sqlite3 db driver: Added eDBadminUpdateUserCertLink(...) function to add and ↵David Sommerseth2008-12-251-0/+48
| | | | delete records in openvpn_usercerts
* Fixed spelling mistake in XML attribute for certificatesDavid Sommerseth2008-12-221-1/+1
|
* sqlite3 - Return uid or certid of newly registered users or certificatesDavid Sommerseth2008-12-221-9/+12
|
* Moved all replace_char(...) calls into SQLite3 driver as xmlReplaceChars(...)David Sommerseth2008-12-211-5/+37
|
* sqlite3 - Added eDBadminGetCertificateInfo(...)David Sommerseth2008-12-201-2/+92
|
* sqlite3 - Added sortkeys as argument to sqlite_query_mapped(...)David Sommerseth2008-12-201-5/+7
| | | | | The last argument to the function can contain a list over field names which will be used in the ORDER BY clause when doing SELECT queries.
* Added eDBadminDeleteCertificate(...) function in SQLite3 driverDavid Sommerseth2008-12-201-2/+52
|
* sqlite3: Corrected some compiler warningsDavid Sommerseth2008-12-201-2/+2
|
* sqlite3: Added eDBadminAddCertificate(...) functionDavid Sommerseth2008-12-201-2/+51
|
* Changed from numeric session status code to text in eDBadminGetUserInfo(...) ↵David Sommerseth2008-12-191-1/+2
| | | | - lastlog
* sqlite - admin: Added fetching blacklist info for user account.David Sommerseth2008-12-191-0/+24
|
* sqlite - admin: Added fetching login attempt for user. Fixed a memory leak ↵David Sommerseth2008-12-191-4/+30
| | | | and removed XML dump for debug
* Added extraction of lastlog info in eDBadminGetUserInfo(...)David Sommerseth2008-12-191-43/+104
|
generated by cgit (git 2.34.1) at 2025-09-25 21:14:19 +0000