![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to eap_simaka_sql_card.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / plugins / eap_simaka_sql|
Return to eap_simaka_sql_card.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / plugins / eap_simaka_sql |
1.1 misho 1: /*
2: * Copyright (C) 2010 Martin Willi
3: * Copyright (C) 2010 revosec AG
4: *
5: * Copyright (C) 2017 Andreas Steffen
6: * HSR Hochschule fuer Technik Rapperswil
7: *
8: * This program is free software; you can redistribute it and/or modify it
9: * under the terms of the GNU General Public License as published by the
10: * Free Software Foundation; either version 2 of the License, or (at your
11: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12: *
13: * This program is distributed in the hope that it will be useful, but
14: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16: * for more details.
17: */
18:
19: #include "eap_simaka_sql_card.h"
20:
21: #include <time.h>
22:
23: #include <daemon.h>
24:
25: typedef struct private_eap_simaka_sql_card_t private_eap_simaka_sql_card_t;
26:
27: /**
28: * Private data of an eap_simaka_sql_card_t object.
29: */
30: struct private_eap_simaka_sql_card_t {
31:
32: /**
33: * Public eap_simaka_sql_card_t interface.
34: */
35: eap_simaka_sql_card_t public;
36:
37: /**
38: * Triplet/quintuplet database
39: */
40: database_t *db;
41:
42: /**
43: * Remove used triplets/quintuplets from database
44: */
45: bool remove_used;
46: };
47:
48: METHOD(simaka_card_t, get_triplet, bool,
49: private_eap_simaka_sql_card_t *this, identification_t *id,
50: char rand[SIM_RAND_LEN], char sres[SIM_SRES_LEN], char kc[SIM_KC_LEN])
51: {
52: chunk_t sres_chunk, kc_chunk;
53: enumerator_t *query;
54: bool found = FALSE;
55: char buf[128];
56:
57: snprintf(buf, sizeof(buf), "%Y", id);
58: query = this->db->query(this->db,
59: "select sres, kc from triplets where rand = ? and id = ? "
60: "order by used limit 1",
61: DB_BLOB, chunk_create(rand, SIM_RAND_LEN), DB_TEXT, buf,
62: DB_BLOB, DB_BLOB);
63: if (query)
64: {
65: if (query->enumerate(query, &sres_chunk, &kc_chunk))
66: {
67: if (sres_chunk.len == SIM_SRES_LEN &&
68: kc_chunk.len == SIM_KC_LEN)
69: {
70: memcpy(sres, sres_chunk.ptr, SIM_SRES_LEN);
71: memcpy(kc, kc_chunk.ptr, SIM_KC_LEN);
72: found = TRUE;
73: }
74: }
75: query->destroy(query);
76: }
77: if (found)
78: {
79: if (this->remove_used)
80: {
81: this->db->execute(this->db, NULL,
82: "delete from triplets where id = ? and rand = ?",
83: DB_TEXT, buf, DB_BLOB, chunk_create(rand, SIM_RAND_LEN));
84: }
85: else
86: {
87: this->db->execute(this->db, NULL,
88: "update triplets set used = ? where id = ? and rand = ?",
89: DB_UINT, time(NULL), DB_TEXT, buf,
90: DB_BLOB, chunk_create(rand, SIM_RAND_LEN));
91: }
92: }
93: return found;
94: }
95:
96: METHOD(simaka_card_t, get_quintuplet, status_t,
97: private_eap_simaka_sql_card_t *this, identification_t *id,
98: char rand[AKA_RAND_LEN], char autn[AKA_AUTN_LEN], char ck[AKA_CK_LEN],
99: char ik[AKA_IK_LEN], char res[AKA_RES_MAX], int *res_len)
100: {
101: chunk_t ck_chunk, ik_chunk, res_chunk;
102: enumerator_t *query;
103: status_t found = FAILED;
104: char buf[128];
105:
106: snprintf(buf, sizeof(buf), "%Y", id);
107: query = this->db->query(this->db, "select ck, ik, res from quintuplets "
108: "where rand = ? and autn = ? and id = ? order by used limit 1",
109: DB_BLOB, chunk_create(rand, AKA_RAND_LEN),
110: DB_BLOB, chunk_create(autn, AKA_AUTN_LEN), DB_TEXT, buf,
111: DB_BLOB, DB_BLOB, DB_BLOB);
112: if (query)
113: {
114: if (query->enumerate(query, &ck_chunk, &ik_chunk, &res_chunk))
115: {
116: if (ck_chunk.len == AKA_CK_LEN &&
117: ik_chunk.len == AKA_IK_LEN &&
118: res_chunk.len <= AKA_RES_MAX)
119: {
120: memcpy(ck, ck_chunk.ptr, AKA_CK_LEN);
121: memcpy(ik, ik_chunk.ptr, AKA_IK_LEN);
122: memcpy(res, res_chunk.ptr, res_chunk.len);
123: *res_len = res_chunk.len;
124: found = SUCCESS;
125: }
126: }
127: query->destroy(query);
128: }
129: if (found == SUCCESS)
130: {
131: if (this->remove_used)
132: {
133: this->db->execute(this->db, NULL,
134: "delete from quintuplets where id = ? and rand = ?",
135: DB_TEXT, buf, DB_BLOB, chunk_create(rand, SIM_RAND_LEN));
136: }
137: else
138: {
139: this->db->execute(this->db, NULL,
140: "update quintuplets set used = ? where id = ? and rand = ?",
141: DB_UINT, time(NULL), DB_TEXT, buf,
142: DB_BLOB, chunk_create(rand, AKA_RAND_LEN));
143: }
144: }
145: return found;
146: }
147:
148: METHOD(eap_simaka_sql_card_t, destroy, void,
149: private_eap_simaka_sql_card_t *this)
150: {
151: free(this);
152: }
153:
154: /**
155: * See header
156: */
157: eap_simaka_sql_card_t *eap_simaka_sql_card_create(database_t *db,
158: bool remove_used)
159: {
160: private_eap_simaka_sql_card_t *this;
161:
162: INIT(this,
163: .public = {
164: .card = {
165: .get_triplet = _get_triplet,
166: .get_quintuplet = _get_quintuplet,
167: .resync = (void*)return_false,
168: .get_pseudonym = (void*)return_null,
169: .set_pseudonym = (void*)nop,
170: .get_reauth = (void*)return_null,
171: .set_reauth = (void*)nop,
172: },
173: .destroy = _destroy,
174: },
175: .db = db,
176: .remove_used = remove_used,
177: );
178:
179: return &this->public;
180: }