Functions used for authentication of administration sessions. More...
#include <string.h>#include <unistd.h>#include <assert.h>#include <libxml/tree.h>#include <sqlite3.h>#include <eurephia_nullsafe.h>#include <eurephia_context.h>#include <eurephia_log.h>#include <eurephia_xml.h>#include <eurephia_values.h>#include <eurephiadb_session_struct.h>#include <eurephiadb_mapping.h>#include <passwd.h>#include <eurephiadb_driver.h>#include "../sqlite.h"
Include dependency graph for authentication.c:Go to the source code of this file.
Defines | |
| #define | DRIVERAPIVERSION 2 |
Functions | |
| static xmlDoc * | auth_user (eurephiaCTX *ctx, const char *req_access, const char *uname, const char *pwd) |
| static xmlDoc * | auth_session (eurephiaCTX *ctx, const char *sesskey, const char *req_access) |
| static xmlDoc * | register_login (eurephiaCTX *ctx, const int uid, const char *sesskey) |
| static xmlDoc * | register_logout (eurephiaCTX *ctx, const char *sessionkey) |
| xmlDoc * | eDBadminAuthenticate (eurephiaCTX *ctx, xmlDoc *qryxml) |
Functions used for authentication of administration sessions.
Definition in file authentication.c.
| static xmlDoc* auth_session | ( | eurephiaCTX * | ctx, | |
| const char * | sesskey, | |||
| const char * | req_access | |||
| ) | [static] |
Validates a session key, to see if it still is valid (not auto-logged out or invalid session key) and to check if they have access to a different access level. The eurephia context type must be either ECTX_ADMIN_CONSOLE or ECTX_ADMIN_WEB.
| ctx | eurephiaCTX | |
| sesskey | String containing the session key to validate | |
| req_access | String containing the required administration access level |
< Messages intended when debugging. Only for log level > 10
< The context is used via the eurephiadm console utility
< The context is used via a web based utility
< Alias for LOG_ERROR, in case it is not defined
< API errors but not sever, program can continue to run
< Alias for LOG_FATAL
< Operation failed and cannot continue. Log level always < 2
< Alias for LOG_ERROR, in case it is not defined
< API errors but not sever, program can continue to run
< Alias for LOG_ERROR, in case it is not defined
< API errors but not sever, program can continue to run
< Alias for LOG_ERROR, in case it is not defined
< API errors but not sever, program can continue to run
< Input data or processing revealed unexpected data. Log level never > 2
Definition at line 229 of file authentication.c.
Here is the call graph for this function: Here is the caller graph for this function:| static xmlDoc* auth_user | ( | eurephiaCTX * | ctx, | |
| const char * | req_access, | |||
| const char * | uname, | |||
| const char * | pwd | |||
| ) | [static] |
Authenticate a user for the administration interface. This interface do not require any certificate validation and is intended for administration utilities for eurephia. The eurephia context type must be either ECTX_ADMIN_CONSOLE or ECTX_ADMIN_WEB.
| ctx | eurephiaCTX - context used for administration task | |
| req_access | String containing the requested administration access level | |
| uname | username of the user being authenticated | |
| pwd | password from the user |
< Messages intended when debugging. Only for log level > 10
< The context is used via the eurephiadm console utility
< The context is used via a web based utility
< Alias for LOG_ERROR, in case it is not defined
< API errors but not sever, program can continue to run
< Input data or processing revealed unexpected data. Log level never > 2
< Alias for LOG_FATAL
< Operation failed and cannot continue. Log level always < 2
< Input data or processing revealed unexpected data. Log level never > 2
< Input data or processing revealed unexpected data. Log level never > 2
< Input data or processing revealed unexpected data. Log level never > 2
< Input data or processing revealed unexpected data. Log level never > 2
< Input data or processing revealed unexpected data. Log level never > 2
< Alias for LOG_FATAL
< Operation failed and cannot continue. Log level always < 2
< Input data or processing revealed unexpected data. Log level never > 2
< Input data or processing revealed unexpected data. Log level never > 2
Definition at line 85 of file authentication.c.
Here is the call graph for this function: Here is the caller graph for this function:| xmlDoc* eDBadminAuthenticate | ( | eurephiaCTX * | ctx, | |
| xmlDoc * | qryxml | |||
| ) |
Authenticate users and sessions for the administration interface. The OpenVPN plug-in should never use this API.
| ctx | eurephiaCTX | |
| qryxml | eurephia XML document describing the operation to be done |
XML document describing authentication of a user account
<eurephia format="1"> <Authenticate mode="user"> <username>{username}</username> <password>{password}</password> <accesslevel>{accesslevel}</password> </Authenticate> </eurephia>
XML document for authenticating and validating a user session to a specific access level
<eurephia format="1"> <Authenticate mode="session"> <sessionkey>{session key}</sessionkey> <accesslevel>{accesslevel}</password> </Authenticate> </eurephia>
XML docuument to register the user as logged in
<eurephia format="1"> <Register mode="login" uid="{uid}">{session key}</Register> </eurephia>
XML docuument to register the user as logged out
<eurephia format="1"> <Register mode="logout">{session key}</Register> </eurephia>
< Messages intended when debugging. Only for log level > 10
< The context is used via the eurephiadm console utility
< The context is used via a web based utility
< Alias for LOG_CRITICAL
< Operation failed and might have been aborted. Log level always 0
< Alias for LOG_ERROR, in case it is not defined
< API errors but not sever, program can continue to run
< Alias for LOG_ERROR, in case it is not defined
< API errors but not sever, program can continue to run
< Alias for LOG_FATAL
< Operation failed and cannot continue. Log level always < 2
Definition at line 420 of file authentication.c.
Here is the call graph for this function:| static xmlDoc* register_login | ( | eurephiaCTX * | ctx, | |
| const int | uid, | |||
| const char * | sesskey | |||
| ) | [static] |
Registers the user as logged in after a successful authentication. The user must be registered as logged in to have a valid session.
| ctx | eurephiaCTX | |
| uid | Numeric value if the user ID the session belongs to | |
| sesskey | String containing the session key |
< Messages intended when debugging. Only for log level > 10
< The context is used via the eurephiadm console utility
< The context is used via a web based utility
< Alias for LOG_ERROR, in case it is not defined
< API errors but not sever, program can continue to run
< Alias for LOG_FATAL
< Operation failed and cannot continue. Log level always < 2
Definition at line 330 of file authentication.c.
Here is the call graph for this function: Here is the caller graph for this function:| static xmlDoc* register_logout | ( | eurephiaCTX * | ctx, | |
| const char * | sessionkey | |||
| ) | [static] |
Registers a session as logged out. This will require the user to do a new authentication on next access via the administration interface
| ctx | eurephiaCTX | |
| sessionkey | String containing the session key |
< Messages intended when debugging. Only for log level > 10
< The context is used via the eurephiadm console utility
< The context is used via a web based utility
< Alias for LOG_CRITICAL
< Operation failed and might have been aborted. Log level always 0
< Alias for LOG_FATAL
< Operation failed and cannot continue. Log level always < 2
< Alias for LOG_ERROR, in case it is not defined
< API errors but not sever, program can continue to run
Definition at line 376 of file authentication.c.
Here is the call graph for this function: Here is the caller graph for this function:
1.7.1
