1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
|
/* --- BEGIN COPYRIGHT BLOCK ---
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation;
* version 2.1 of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA
*
* Copyright (C) 2007 Red Hat, Inc.
* All rights reserved.
* --- END COPYRIGHT BLOCK ---
*/
#ifndef TUS_DB_H
#define TUS_DB_H
#ifdef HAVE_CONFIG_H
#ifndef AUTOTOOLS_CONFIG_H
#define AUTOTOOLS_CONFIG_H
/* Eliminate warnings when using Autotools */
#undef PACKAGE_BUGREPORT
#undef PACKAGE_NAME
#undef PACKAGE_STRING
#undef PACKAGE_TARNAME
#undef PACKAGE_VERSION
#include <config.h>
#endif /* AUTOTOOLS_CONFIG_H */
#endif /* HAVE_CONFIG_H */
#ifdef XP_WIN32
#define TPS_PUBLIC __declspec(dllexport)
#else /* !XP_WIN32 */
#define TPS_PUBLIC
#endif /* !XP_WIN32 */
#include "ldap.h"
#include "lber.h"
#include "pk11func.h"
#include "cryptohi.h"
#include "keyhi.h"
#include "base64.h"
#include "nssb64.h"
#include "prlock.h"
#define I_TOKEN_ID 0
#define TOKEN_ID "cn"
#define I_TOKEN_USER 1
#define TOKEN_USER "tokenUserID"
#define I_TOKEN_STATUS 2
#define TOKEN_STATUS "tokenStatus"
#define I_TOKEN_APPLET 3
#define TOKEN_APPLET "tokenAppletID"
#define I_TOKEN_KEY_INFO 4
#define TOKEN_KEY_INFO "keyInfo"
#define I_TOKEN_MODS 5
#define TOKEN_MODS "modified"
#define I_TOKEN_C_DATE 6
#define TOKEN_C_DATE "dateOfCreate"
#define I_TOKEN_M_DATE 7
#define TOKEN_M_DATE "dateOfModify"
#define I_TOKEN_RESETS 8
#define TOKEN_RESETS "numberOfResets"
#define I_TOKEN_ENROLLMENTS 9
#define TOKEN_ENROLLMENTS "numberOfEnrollments"
#define I_TOKEN_RENEWALS 10
#define TOKEN_RENEWALS "numberOfRenewals"
#define I_TOKEN_RECOVERIES 11
#define TOKEN_RECOVERIES "numberOfRecoveries"
#define I_TOKEN_POLICY 12
#define TOKEN_POLICY "tokenPolicy"
#define I_TOKEN_CUID 13
#define TOKEN_CUID "tokenID"
#define I_TOKEN_OP 14
#define TOKEN_OP "tokenOp"
#define I_TOKEN_MSG 15
#define TOKEN_MSG "tokenMsg"
#define I_TOKEN_RESULT 16
#define TOKEN_RESULT "tokenResult"
#define I_TOKEN_IP 17
#define TOKEN_IP "tokenIP"
#define I_TOKEN_CERT 18
#define TOKEN_CERT "userCertificate"
#define I_TOKEN_SUBJECT 19
#define TOKEN_SUBJECT "tokenSubject"
#define I_TOKEN_ISSUER 20
#define TOKEN_ISSUER "tokenIssuer"
#define I_TOKEN_ORIGIN 21
#define TOKEN_ORIGIN "tokenOrigin"
#define I_TOKEN_SERIAL 22
#define TOKEN_SERIAL "tokenSerial"
#define I_TOKEN_TYPE 23
#define TOKEN_TYPE "tokenType"
#define I_TOKEN_KEY_TYPE 24
#define TOKEN_KEY_TYPE "tokenKeyType"
#define I_TOKEN_REASON 13
#define TOKEN_REASON "tokenReason"
#define I_TOKEN_NOT_BEFORE 26
#define TOKEN_NOT_BEFORE "tokenNotBefore"
#define I_TOKEN_NOT_AFTER 27
#define TOKEN_NOT_AFTER "tokenNotAfter"
#define I_STATE_UNINITIALIZED 0
#define STATE_UNINITIALIZED "uninitialized"
#define I_STATE_ACTIVE 1
#define STATE_ACTIVE "active"
#define I_STATE_DISABLED 2
#define STATE_DISABLED "disabled"
#define I_STATE_LOST 3
#define STATE_LOST "lost"
#define C_TIME "createTimeStamp"
#define M_TIME "modifyTimeStamp"
#define USER_ID "uid"
#define USER_PASSWORD "userPassword"
#define USER_SN "sn"
#define USER_CN "cn"
#define USER_GIVENNAME "givenName"
#define USER_CERT "userCertificate"
#define PROFILE_ID "profileID"
#define GROUP_MEMBER "member"
#define SUBGROUP_ID "cn"
/* roles */
#define OPERATOR "Operators"
#define AGENT "Agents"
#define ADMINISTRATOR "Administrators"
#define MAX_RETRIES 2
#define ALL_PROFILES "All Profiles"
#define NO_PROFILES "NO_PROFILES"
#define NO_TOKEN_TYPE "no_token_type"
TPS_PUBLIC void set_tus_db_port(int number);
TPS_PUBLIC void set_tus_db_host(char *name);
TPS_PUBLIC void set_tus_db_baseDN(char *dn);
TPS_PUBLIC void set_tus_db_bindDN(char *dn);
TPS_PUBLIC void set_tus_db_bindPass(char *p);
TPS_PUBLIC int is_tus_db_initialized();
TPS_PUBLIC int get_tus_db_config(char *name);
TPS_PUBLIC int tus_db_init(char **errorMsg);
TPS_PUBLIC int allow_token_reenroll(char *cn);
TPS_PUBLIC int allow_token_renew(char *cn);
TPS_PUBLIC int force_token_format(char *cn);
TPS_PUBLIC int is_token_pin_resetable(char *cn);
TPS_PUBLIC int is_update_pin_resetable_policy(char *cn);
TPS_PUBLIC int is_token_present(char *cn);
TPS_PUBLIC int update_token_policy (char *cn, char *policy);
TPS_PUBLIC char *get_token_policy (char *cn);
TPS_PUBLIC char *get_token_userid(char *cn);
TPS_PUBLIC void tus_db_end();
TPS_PUBLIC void tus_db_cleanup();
TPS_PUBLIC void tus_print_as_hex(char *out, SECItem *data);
TPS_PUBLIC void tus_print_integer(char *out, SECItem *data);
TPS_PUBLIC int is_tus_db_entry_disabled(char *cn);
TPS_PUBLIC int add_default_tus_db_entry (const char *uid, const char *agentid, char *cn, const char *status, char *applet_version, char *key_info, const char *token_type );
TPS_PUBLIC int delete_tus_db_entry (char *userid, char *cn);
TPS_PUBLIC int delete_tus_general_db_entry (char *dn);
TPS_PUBLIC int find_tus_db_entry (char *cn, int max, LDAPMessage **result);
TPS_PUBLIC int find_tus_db_entries (const char *filter, int max, LDAPMessage **result);
TPS_PUBLIC int find_tus_db_entries_pcontrol_1 (const char *filter, int max, int time_limit, int size_limit, LDAPMessage **result);
TPS_PUBLIC int find_tus_token_entries (char *filter, int max, LDAPMessage **result, int order);
TPS_PUBLIC int find_tus_token_entries_no_vlv (char *filter, LDAPMessage **result, int order);
TPS_PUBLIC int tus_has_active_tokens(char *userid);
TPS_PUBLIC char *get_token_reason(LDAPMessage *e);
TPS_PUBLIC int update_tus_db_entry (const char *agentid,
char *cn, const char *uid, char *keyInfo,
const char *status,
char *applet_version, const char *reason, const char* token_type);
TPS_PUBLIC int update_tus_db_entry_with_mods (const char *agentid, const char *cn, LDAPMod **mods);
TPS_PUBLIC int check_and_modify_tus_db_entry (char *userid, char *cn, char *check, LDAPMod **mods);
TPS_PUBLIC int modify_tus_db_entry (char *userid, char *cn, LDAPMod **mods);
TPS_PUBLIC int add_activity (const char *ip, const char *id, const char *op, const char *result, const char *msg, const char *userid, const char *token_type);
TPS_PUBLIC int find_tus_certificate_entries_by_order_no_vlv (char *filter,
LDAPMessage **result, int order);
TPS_PUBLIC int find_tus_certificate_entries_by_order (char *filter, int max,
LDAPMessage **result, int order);
TPS_PUBLIC int add_certificate (char *tokenid, char *origin, char *tokenType, char *userid, CERTCertificate *certificate, char *ktype, const char *status);
TPS_PUBLIC int add_tus_db_entry (char *cn, LDAPMod **mods);
TPS_PUBLIC int add_new_tus_db_entry (const char *userid, char *cn, const char *uid, int flag, const char *status, char *applet_version, char *key_info, const char *token_type);
TPS_PUBLIC int find_tus_activity_entries (char *filter, int max, LDAPMessage **result);
TPS_PUBLIC int find_tus_activity_entries_pcontrol_1 (char *filter, int max, int time_limit, int size_limit, LDAPMessage **result);
TPS_PUBLIC int find_tus_activity_entries_no_vlv (char *filter, LDAPMessage **result, int order);
TPS_PUBLIC int get_number_of_entries (LDAPMessage *result);
TPS_PUBLIC int free_results (LDAPMessage *results);
TPS_PUBLIC LDAPMessage *get_first_entry (LDAPMessage *result);
TPS_PUBLIC LDAPMessage *get_next_entry (LDAPMessage *entry);
TPS_PUBLIC CERTCertificate **get_certificates(LDAPMessage *entry);
TPS_PUBLIC char **get_token_states();
TPS_PUBLIC char **get_token_attributes();
TPS_PUBLIC char **get_activity_attributes();
TPS_PUBLIC char **get_user_attributes();
TPS_PUBLIC char **get_view_user_attributes();
TPS_PUBLIC struct berval **get_attribute_values(LDAPMessage *entry, const char *attribute);
TPS_PUBLIC void free_values(struct berval **values, int ldapValues);
TPS_PUBLIC struct berval **get_token_users(LDAPMessage *entry);
TPS_PUBLIC char *get_token_id(LDAPMessage *entry);
TPS_PUBLIC char *get_cert_tokenType(LDAPMessage *entry);
TPS_PUBLIC char *get_token_status(LDAPMessage *entry);
TPS_PUBLIC char *get_cert_cn(LDAPMessage *entry);
TPS_PUBLIC char *get_cert_status(LDAPMessage *entry);
TPS_PUBLIC char *get_cert_type(LDAPMessage *entry);
TPS_PUBLIC char *get_cert_serial(LDAPMessage *entry);
TPS_PUBLIC char *get_cert_issuer(LDAPMessage *entry);
TPS_PUBLIC char *get_cert_attr_byname(LDAPMessage *entry, const char *name);
TPS_PUBLIC char *get_applet_id(LDAPMessage *entry);
TPS_PUBLIC char *get_key_info(LDAPMessage *entry);
TPS_PUBLIC char *get_creation_date(LDAPMessage *entry);
TPS_PUBLIC char *get_modification_date(LDAPMessage *entry);
TPS_PUBLIC char *get_policy_name();
TPS_PUBLIC char *get_reason_name();
int find_tus_certificate_entries (char *filter, int max, LDAPMessage **result);
TPS_PUBLIC char **get_certificate_attributes();
TPS_PUBLIC int get_number_of_modifications(LDAPMessage *entry);
TPS_PUBLIC int get_number_of_resets(LDAPMessage *entry);
TPS_PUBLIC int get_number_of_enrollments(LDAPMessage *entry);
TPS_PUBLIC int get_number_of_renewals(LDAPMessage *entry);
TPS_PUBLIC int get_number_of_recoveries(LDAPMessage *entry);
TPS_PUBLIC char *get_token_users_name();
TPS_PUBLIC char *get_token_id_name();
TPS_PUBLIC char *get_token_status_name();
TPS_PUBLIC char *get_applet_id_name();
TPS_PUBLIC char *get_key_info_name();
TPS_PUBLIC char *get_creation_date_name();
TPS_PUBLIC char *get_modification_date_name();
TPS_PUBLIC char *get_number_of_modifications_name();
TPS_PUBLIC char *get_number_of_resets_name();
TPS_PUBLIC char *get_number_of_enrollments_name();
TPS_PUBLIC char *get_number_of_renewals_name();
TPS_PUBLIC char *get_number_of_recoveries_name();
TPS_PUBLIC char *get_dn(LDAPMessage *entry);
TPS_PUBLIC LDAPMod **allocate_modifications(int size);
TPS_PUBLIC void free_modifications(LDAPMod **mods, int ldapValues);
TPS_PUBLIC char **allocate_values(int size, int extra);
TPS_PUBLIC char **create_modification_date_change();
TPS_PUBLIC int base64_decode(char *src, unsigned char *dst);
TPS_PUBLIC char *tus_authenticate(char *cert);
TPS_PUBLIC int tus_authorize(const char *group, const char *userid);
TPS_PUBLIC int update_cert_status(char *cn, const char *status);
TPS_PUBLIC int update_token_status_reason(char *userid, char *cuid,
const char *tokenStatus, const char *reason);
TPS_PUBLIC int update_token_status_reason_userid(const char *userid, char *cuid,
const char *tokenStatus, const char *reason, int modifyDateOfCreate);
TPS_PUBLIC int add_user_db_entry(const char *agentid, char *userid, char *userPassword, char *sn, char *givenName, char *cn, char * userCert);
TPS_PUBLIC int find_tus_user_entries_no_vlv(char *filter, LDAPMessage **result, int order);
TPS_PUBLIC int update_user_db_entry(const char *agentid, char *uid, char *lastName, char *givenName, char *userCN, char *userCert);
TPS_PUBLIC int add_profile_to_user(const char *agentid, char *userid, const char *profile);
TPS_PUBLIC int delete_profile_from_user(const char *agentid, char *userid, const char *profile);
TPS_PUBLIC int add_user_to_role_db_entry(const char *agentid, char *userid, const char *role);
TPS_PUBLIC int delete_user_from_role_db_entry(const char *agentid, char *userid, const char *role);
TPS_PUBLIC int find_tus_user_role_entries( const char*uid, LDAPMessage **result);
TPS_PUBLIC char *get_authorized_profiles(const char *userid, int is_admin);
TPS_PUBLIC int delete_user_db_entry(const char *agentid, char *uid);
TPS_PUBLIC int delete_all_profiles_from_user(const char *agentid, char *userid);
#endif /* TUS_DB_H */
|
