summaryrefslogtreecommitdiffstats
path: root/database
Commit message (Collapse)AuthorAgeFilesLines
* Added improved filtering support to SQLite3 driverDavid Sommerseth2009-04-051-1/+17
| | | | Follow up of commit ff744b48fdc0665b620339d51424892def8d8071
* Added eDBfieldMapping field for filter typesDavid Sommerseth2009-04-053-114/+140
| | | | | | | | | | | | | | | | | | | This field will be used to determine what kind of filter logic to add when building SQL queries. The filter type is set in the fieldMapping field nodes as an attribute named 'filter'. Their values and the corresponding SQL conditions are: filter | SQL condition -----------------------+--------------- equals | = not-equals | != / NOT(...) less-than | < less-than-equals | <= greater-than | > greater-than-equals | >= -----------------------+--------------- The default value for each field is set in the eurephiadb_mapping.h
* When deleting fwprofiles, delete also records from openvpn_usercertsDavid Sommerseth2009-04-031-0/+30
|
* Completed eDBadminFirewallProfiles(...) with add and delete in db driverDavid Sommerseth2009-04-021-9/+60
|
* Added eDBmappingFieldsPresent(...) which returns used fields in a fieldMapDavid Sommerseth2009-04-022-0/+15
|
* Security enhancement: Added check in eDBadmin* functions that the context is ↵David Sommerseth2009-04-012-0/+102
| | | | correct
* Cleaned up some compiler warnings in edb-sqliteDavid Sommerseth2009-03-303-0/+20
|
* Restructured ./configure and improved the path setupDavid Sommerseth2009-03-301-1/+1
| | | | Also added install rules to XSLT files
* Added missing xmlReplaceChars(...) on common_name and organisationDavid Sommerseth2009-03-291-4/+20
|
* Changed eDBadminGetFirewallProfiles(...) to eDBadminFirewallProfiles(...)David Sommerseth2009-03-293-25/+63
| | | | | Will try a new approach to use the same entry point for all actions connected to the firewall profiles configuration.
* Fixed some possible issues with the XML implementation, regarding UTF-8David Sommerseth2009-03-291-5/+20
| | | | | | Do proper conversion from char * to xmlChar *. Need to figure out a better way how to return xmlChar * to char * when returning strings which may contain UTF-8.
* Added eDBadminGetFirewallProfiles(...) function in DB driverDavid Sommerseth2009-03-284-0/+141
|
* Added fieldMapping for the firewall access table (openvpn_accesses)David Sommerseth2009-03-283-0/+40
|
* Fixed a "hang" when wrong password was usedDavid Sommerseth2009-03-282-4/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to the current implementation of SHA512 salts, it could be experienced as if the application hung on wrong passwords. This is because the rounds count for the passwords are scrambled, with values based on the given password. When a wrong password is given, this will also result in getting a wrong salt length and hash rounds for the following hash calculation. Due to this, the extracted rounds value from the salt string could return some really high number of rounds on wrong passwords (possibly the max value if integer). And this is why the "hang" is experienced. To avoid this, a check is added to make sure the rounds is not unreasonably much higher than the configured max rounds values. If the descrambled rounds number from the salt exceeds max rounds * 1.5, the password (most probaly) is wrong. In this case we do a sleep() to slow down bruteforce attacks and return NULL. The drawback is if the maxrounds later on is changed to a value which hits this scenario: passwordsalt_rounds > maxrounds_cfg * 1.5 In this case these old passwords will be invalidated by that configuration change. This is considered to be a feature and not a bug. The reason for mulitiplying by 1.5, is to allow a little room for a degrading the max rounds setting. By adjusting the max rounds up again, these passwords will be valid again. Added also a sleep() when wrong username is attempted.
* BUGFIX: Fixed missing string replace in certificate functionsDavid Sommerseth2009-03-271-2/+18
| | | | | | | | When calling eDBadminGetCertificateInfo(...) or eDBadminDeleteCertificate(...) with a search XML document using common_name or organisation and these fields contained spaces, no certificates would be deleted. This is because space is replaced with underscore in the database.
* Made the licence explicit GPLv2 onlyDavid Sommerseth2009-03-2613-13/+14
|
* Cleaned up the code a little bitDavid Sommerseth2009-03-2611-30/+26
| | | | | Made sure we only include needed include files and checked that the copyright headers are equal and correct
* Corrected sorting of result in eDBadminGetAdminAccess(...)David Sommerseth2009-03-241-1/+1
|
* Implemented the eDBadminGetLastLog(...) function in the SQLite3 driverDavid Sommerseth2009-03-243-4/+102
|
* Added more fields to the global field mapping tableDavid Sommerseth2009-03-241-30/+37
| | | | | Had to also extend the FIELD_* assignments to allow two new fields to be mapped
* Extended the database driver with eDBadminGetAdminAccess(...)David Sommerseth2009-03-243-0/+64
| | | | | | This function will return an XML document with data extracted from the eurephia_adminaccess table. Search criterias are defined by the search XML doc given as input.
* Added support for editing the eurephia_adminaccess tableDavid Sommerseth2009-03-226-6/+98
| | | | Implemented eDBadminEditAdminAccess(...) function in db driver
* Rewrote database driver (SQLite) to use eurephia_pwd_crypt(...)David Sommerseth2009-03-223-23/+44
| | | | Follow up from commit 062a3c92343a5fa371f8637f8bca88aacca14cc4
* Added missing source in edb-sqlite driver after reorg with randstr.cDavid Sommerseth2009-03-211-0/+1
|
* Compile fix: Use sqlite_int64 instead of sqlite3_int64David Sommerseth2009-03-021-1/+1
| | | | | This makes it possible to compile it on some older versions of the SQLite3 library
* Introduced password caching on authenticated sessionsDavid Sommerseth2009-01-032-20/+44
| | | | | | | | | | | | | | | | | | | | | | This is to prepare eurephia-auth plugin to use other and more CPU intensive hashing algorithms for passwords. In addition, open sessions will now not be rejected/closed due to wrong password if the user changes the password with an open session running. The patch adds a new server_salt attribute in the eurephiaCTX structure. This is used as a temporary salt and is created of random data when OpenVPN is started. When a user is being authenticated (eurephia.c/eurephia_userauth) a authentication session (not the same as a 'normal' session) is opened and checked for a cached password. If it does not exist or match, normal password check will be done against the user database. If a cached password is found and matches, it is considered to be authenticated. The cached password uses the SHA512 algorithm, together with the eurephiaCTX->server_salt.
* Prepared passwdhash function to allow salting and be prepared for other ↵David Sommerseth2009-01-023-3/+4
| | | | hashing algorithms
* Make it possible to compile plug-in again without eurephiadm enabledDavid Sommerseth2009-01-023-7/+11
|
* sqlite3 - compile in common/eurephia_xml.c when admin mode is enabledv0.9.3_betaDavid Sommerseth2008-12-291-1/+1
|
* Added db driver function: eDBadminGetUserCertsList(...) - to get user ↵David Sommerseth2008-12-283-0/+74
| | | | account/certs links
* Simplified some certificate field names for internal useDavid Sommerseth2008-12-261-2/+2
|
* sqlite3: Make sqlite_query_mapped(...) work with empty WHERE clauseDavid Sommerseth2008-12-261-3/+10
|
* sqlite3 - admin: Added DEBUG statements on all function callsDavid Sommerseth2008-12-261-1/+18
|
* sqlite3 db driver: Added eDBadminUpdateUserCertLink(...) function to add and ↵David Sommerseth2008-12-253-1/+51
| | | | delete records in openvpn_usercerts
* BUGFIX: Fixed missing 'break' statements in switch for the ↵David Sommerseth2008-12-251-1/+4
| | | | eDBgetTableFieldMapping(...) function
* Added usercerts to the table name mapping tableDavid Sommerseth2008-12-251-0/+1
|
* Added check if fieldMapping node's table attribute is setDavid Sommerseth2008-12-251-0/+5
|
* Added field mapping for the openvpn_usercerts tableDavid Sommerseth2008-12-253-3/+28
|
* Fixed spelling mistake in XML attribute for certificatesDavid Sommerseth2008-12-221-1/+1
|
* sqlite3 - Return uid or certid of newly registered users or certificatesDavid Sommerseth2008-12-221-9/+12
|
* sqlite3 - Added saving last_insert_id on INSERT INTO queriesDavid Sommerseth2008-12-223-1/+9
|
* Moved all replace_char(...) calls into SQLite3 driver as xmlReplaceChars(...)David Sommerseth2008-12-211-5/+37
|
* sqlite3 - Added eDBadminGetCertificateInfo(...)David Sommerseth2008-12-202-3/+93
|
* sqlite3 - Added sortkeys as argument to sqlite_query_mapped(...)David Sommerseth2008-12-203-8/+14
| | | | | The last argument to the function can contain a list over field names which will be used in the ORDER BY clause when doing SELECT queries.
* Added eDBadminDeleteCertificate(...) function in SQLite3 driverDavid Sommerseth2008-12-202-3/+53
|
* Corrected wrong field name (org->organisation) in field mappingDavid Sommerseth2008-12-201-1/+1
|
* sqlite3: Corrected some compiler warningsDavid Sommerseth2008-12-201-2/+2
|
* sqlite3: Added eDBadminAddCertificate(...) functionDavid Sommerseth2008-12-201-2/+51
|
* Added field mapping for the certificates tableDavid Sommerseth2008-12-202-27/+39
|
* Changed from numeric session status code to text in eDBadminGetUserInfo(...) ↵David Sommerseth2008-12-193-1/+14
| | | | - lastlog
generated by cgit (git 2.34.1) at 2025-04-20 04:37:34 +0000