diff options
Diffstat (limited to 'pki/base/tps/src/modules/tokendb/mod_tokendb.cpp')
-rw-r--r-- | pki/base/tps/src/modules/tokendb/mod_tokendb.cpp | 85 |
1 files changed, 83 insertions, 2 deletions
diff --git a/pki/base/tps/src/modules/tokendb/mod_tokendb.cpp b/pki/base/tps/src/modules/tokendb/mod_tokendb.cpp index 39db8ab5d..28c56bd33 100644 --- a/pki/base/tps/src/modules/tokendb/mod_tokendb.cpp +++ b/pki/base/tps/src/modules/tokendb/mod_tokendb.cpp @@ -155,6 +155,32 @@ extern TOKENDB_PUBLIC char *nss_var_lookup( apr_pool_t *p, server_rec *s, } \ } +#define get_cfg_int(cname, vname) \ + if( ( s = PL_strstr( buf, cname ) ) != NULL ) { \ + s += PL_strlen( cname ); \ + v = s; \ + while( *s != '\x0D' && *s != '\x0A' && *s != '\0' && \ + ( PRUint32 ) ( s - buf ) < size ) { \ + s++; \ + } \ + n = s - v; \ + s = PL_strndup( v, n ); \ + if( s != NULL ) { \ + char *endptr = NULL; \ + errno = 0; \ + vname = strtol(s, &endptr, 10);\ + if ((errno == ERANGE && (vname == LONG_MAX || vname == LONG_MIN)) \ + || (endptr == s)) { \ + vname=0; \ + } \ + do_free(s); \ + } else { \ + do_free(buf); \ + do_free(s); \ + return 0; \ + } \ + } + /** * Provide reasonable defaults for some defines. */ @@ -224,6 +250,10 @@ static char *editConfigTemplate = NULL; static char *confirmConfigChangesTemplate = NULL; static char *addConfigTemplate = NULL; static char *confirmDeleteConfigTemplate = NULL; +static int maxSizeLimit = 0; +static int defaultSizeLimit = 0; +static int maxTimeLimit = 0; +static int defaultTimeLimit = 0; static char *profileList = NULL; static char *transitionList = NULL; @@ -2334,6 +2364,10 @@ int get_tus_config( char *name ) get_cfg_string("tokendb.addConfigTemplate=", addConfigTemplate); get_cfg_string("tokendb.confirmDeleteConfigTemplate=", confirmDeleteConfigTemplate); get_cfg_string("target.Profiles.list=", profileList); + get_cfg_int("general.search.sizelimit.max=", maxSizeLimit); + get_cfg_int("general.search.sizelimit.default=", defaultSizeLimit); + get_cfg_int("general.search.timelimit.max=", maxTimeLimit); + get_cfg_int("general.search.timelimit.min=", defaultTimeLimit); if( buf != NULL ) { PR_Free( buf ); @@ -3213,6 +3247,40 @@ void parse_and_apply_changes(char* userid, char* ptype, char* pname, char *opera do_strfree(fixed_pattern); } +static int get_time_limit(char *query) +{ + char *val = NULL; + int ret; + + val = get_field(query, "timeLimit=", SHORT_LEN); + if (val == NULL) { + return maxTimeLimit; + } + + ret = atoi(val); + if ((ret == 0) || (maxTimeLimit == NULL) || (ret > maxTimeLimit)) { + return maxTimeLimit; + } + return ret; +} + +static int get_size_limit(char *query) +{ + char *val = NULL; + int ret; + + val = get_field(query, "sizeLimit=", SHORT_LEN); + if (val == NULL) { + return maxSizeLimit; + } + + ret = atoi(val); + if ((ret == 0) || (maxSizeLimit == NULL) || (ret > maxSizeLimit)) { + return maxSizeLimit; + } + return ret; +} + /** * mod_tokendb_handler handles the protocol between the tokendb and the RA */ @@ -5779,6 +5847,9 @@ mod_tokendb_handler( request_rec *rq ) char *complete_filter = add_profile_filter(filter, auth_filter); do_free(auth_filter); + int time_limit = get_time_limit(query); + int size_limit = get_size_limit(query); + tokendbDebug( "looking for filter:" ); tokendbDebug( complete_filter ); tokendbDebug( filter ); @@ -5805,7 +5876,12 @@ mod_tokendb_handler( request_rec *rq ) status = find_tus_activity_entries_no_vlv( complete_filter, &result, 1 ); } else if (( PL_strstr( query, "op=view_activity_admin" )) || ( PL_strstr( query, "op=view_activity" ) )) { - status = find_tus_activity_entries( complete_filter, maxReturns, &result); + if (PL_strcmp(complete_filter, "(&(tokenID=*)(tokenUserID=*))") == 0) { + tokendbDebug("activity vlv search"); + status = find_tus_activity_entries(complete_filter, maxReturns, &result); + } else { + status = find_tus_activity_entries_pcontrol_1( complete_filter, maxReturns, time_limit, size_limit, &result); + } } else if(( PL_strstr( query, "op=view_certificate_all" ) ) || ( PL_strstr( query, "op=show_certificate") )) { @@ -5837,7 +5913,12 @@ mod_tokendb_handler( request_rec *rq ) (PL_strstr (query, "op=edit_user" ))) { status = find_tus_user_entries_no_vlv( filter, &result, 0); } else { - status = find_tus_db_entries( complete_filter, maxReturns, &result ); + if (PL_strcmp(complete_filter, "(&(cn=*)(tokenUserID=*))") == 0) { + tokendbDebug("token vlv search"); + status = find_tus_db_entries(complete_filter, maxReturns, &result); + } else { + status = find_tus_db_entries_pcontrol_1( complete_filter, maxReturns, time_limit, size_limit, &result ); + } } if( status != LDAP_SUCCESS ) { |