mirror of
https://github.com/Yubico/yubikey-val.git
synced 2025-02-01 10:52:18 +01:00
Merge branch 'feature/oracle_support'
Conflicts: Makefile
This commit is contained in:
commit
e47d407fd9
6
Makefile
6
Makefile
@ -5,7 +5,8 @@ CODE = COPYING Makefile NEWS ykval-checksum-clients.php \
|
||||
ykval-export.php ykval-import.php ykval-log.php ykval-ping.php \
|
||||
ykval-queue.php ykval-revoke.php ykval-synclib.php \
|
||||
ykval-sync.php ykval-verify.php ykval-export-clients.php \
|
||||
ykval-import-clients.php ykval-resync.php
|
||||
ykval-import-clients.php ykval-db-oci.php ykval-db-pdo.php \
|
||||
ykval-db.oracle.sql ykval-resync.php
|
||||
MUNIN = ykval-munin-ksmlatency.php ykval-munin-vallatency.php \
|
||||
ykval-munin-queuelength.php ykval-munin-responses.pl \
|
||||
ykval-munin-yubikeystats.php
|
||||
@ -34,6 +35,8 @@ install:
|
||||
install -D --mode 644 ykval-sync.php $(DESTDIR)$(phpprefix)/ykval-sync.php
|
||||
install -D --mode 644 ykval-resync.php $(DESTDIR)$(phpprefix)/ykval-resync.php
|
||||
install -D --mode 644 ykval-db.php $(DESTDIR)$(phpprefix)/ykval-db.php
|
||||
install -D --mode 644 ykval-db-pdo.php $(DESTDIR)$(phpprefix)/ykval-db-pdo.php
|
||||
install -D --mode 644 ykval-db-oci.php $(DESTDIR)$(phpprefix)/ykval-db-oci.php
|
||||
install -D --mode 644 ykval-log.php $(DESTDIR)$(phpprefix)/ykval-log.php
|
||||
install -D ykval-queue.php $(DESTDIR)$(sbinprefix)/ykval-queue
|
||||
install -D ykval-export.php $(DESTDIR)$(sbinprefix)/ykval-export
|
||||
@ -48,6 +51,7 @@ install:
|
||||
install -D ykval-munin-yubikeystats.php $(DESTDIR)$(muninprefix)/ykval_yubikeystats
|
||||
install -D --backup --mode 640 --group $(wwwgroup) ykval-config.php $(DESTDIR)$(etcprefix)/ykval-config.php-template
|
||||
install -D --mode 644 ykval-db.sql $(DESTDIR)$(docprefix)/ykval-db.sql
|
||||
install -D --mode 644 ykval-db.oracle.sql $(DESTDIR)$(docprefix)/ykval-db.oracle.sql
|
||||
install -D --mode 644 $(DOCS) $(DESTDIR)$(docprefix)/
|
||||
|
||||
wwwprefix = /var/www/wsapi
|
||||
|
@ -26,11 +26,7 @@ require_once 'ykval-db.php';
|
||||
$logname="ykval-checksum-clients";
|
||||
$myLog = new Log($logname);
|
||||
|
||||
$db=new Db($baseParams['__YKVAL_DB_DSN__'],
|
||||
$baseParams['__YKVAL_DB_USER__'],
|
||||
$baseParams['__YKVAL_DB_PW__'],
|
||||
$baseParams['__YKVAL_DB_OPTIONS__'],
|
||||
$logname . ':db');
|
||||
$db = Db::GetDatabaseHandle($baseParams, $logname);
|
||||
|
||||
if (!$db->connect()) {
|
||||
$myLog->log(LOG_WARNING, "Could not connect to database");
|
||||
@ -41,16 +37,18 @@ $everything = "";
|
||||
$result=$db->customQuery("SELECT id, active, secret ".
|
||||
"FROM clients ".
|
||||
"ORDER BY id");
|
||||
while($row = $result->fetch(PDO::FETCH_ASSOC)) {
|
||||
if ($row['active'] == "") {
|
||||
while($row = $db->fetchArray($result)) {
|
||||
$active = $row['active'];
|
||||
if ($active == "") {
|
||||
# For some reason PostgreSQL returns empty strings for false values?!
|
||||
$row['active'] = "0";
|
||||
$active = "0";
|
||||
}
|
||||
$everything = $everything .
|
||||
$row['id'] . "\t" . $row['active'] . "\t" . $row['secret'] .
|
||||
"\n";
|
||||
$row['id'] . "\t" . $active . "\t" .
|
||||
$row['secret'] . "\n";
|
||||
}
|
||||
|
||||
$db->closeCursor($result);
|
||||
$hash = sha1 ($everything);
|
||||
|
||||
if ($verbose) {
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
# For the validation interface.
|
||||
$baseParams = array ();
|
||||
$baseParams['__YKVAL_DB_DSN__'] = "mysql:dbname=ykval;host=127.0.0.1";
|
||||
$baseParams['__YKVAL_DB_DSN__'] = "mysql:dbname=ykval;host=127.0.0.1"; # "oci:oracledb" for Oracle DB (with OCI library)
|
||||
$baseParams['__YKVAL_DB_USER__'] = 'ykval_verifier';
|
||||
$baseParams['__YKVAL_DB_PW__'] = 'lab';
|
||||
$baseParams['__YKVAL_DB_OPTIONS__'] = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);
|
||||
|
216
ykval-db-oci.php
Normal file
216
ykval-db-oci.php
Normal file
@ -0,0 +1,216 @@
|
||||
<?php
|
||||
|
||||
|
||||
/**
|
||||
* Class for managing oracle database connection
|
||||
*/
|
||||
|
||||
require_once('ykval-log.php');
|
||||
require_once('ykval-db.php');
|
||||
|
||||
class DbImpl extends Db
|
||||
{
|
||||
/**
|
||||
* Constructor
|
||||
*
|
||||
* @param string $host Database host
|
||||
* @param string $user Database user
|
||||
* @param string $pwd Database password
|
||||
* @param string $name Database table name
|
||||
* @return void
|
||||
*
|
||||
*/
|
||||
public function __construct($db_dsn, $db_username, $db_password, $db_options, $name='ykval-db')
|
||||
{
|
||||
$this->db_dsn=$db_dsn;
|
||||
$this->db_username=$db_username;
|
||||
$this->db_password=$db_password;
|
||||
$this->db_options=$db_options;
|
||||
|
||||
if(substr($db_dsn, 0, 4) == 'oci:') {
|
||||
# "oci:" prefix needs to be removed before passing db_dsn to OCI
|
||||
$this->db_dsn = substr($this->db_dsn, 4);
|
||||
}
|
||||
|
||||
$this->myLog=new Log($name);
|
||||
}
|
||||
|
||||
/**
|
||||
* function to connect to database defined in config.php
|
||||
*
|
||||
* @return boolean True on success, otherwise false.
|
||||
*
|
||||
*/
|
||||
public function connect(){
|
||||
$this->dbh = oci_connect($this->db_username, $this->db_password, $this->db_dsn);
|
||||
if (!$this->dbh) {
|
||||
$error = oci_error();
|
||||
$this->myLog->log(LOG_CRIT, "Database connection error: " . $error["message"]);
|
||||
$this->dbh=Null;
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
protected function query($query, $returnresult=false) {
|
||||
if(!$this->isConnected()) {
|
||||
$this->connect();
|
||||
}
|
||||
if($this->isConnected()) {
|
||||
$this->myLog->log(LOG_DEBUG, 'DB query is: ' . $query);
|
||||
# OCI mode
|
||||
$result = oci_parse($this->dbh, $query);
|
||||
if(!oci_execute($result)) {
|
||||
$this->myLog->log(LOG_INFO, 'Database query error: ' . preg_replace('/\n/',' ',print_r(oci_error($result), true)));
|
||||
$this->dbh = Null;
|
||||
return false;
|
||||
}
|
||||
$this->result = $result;
|
||||
if ($returnresult) return $this->result;
|
||||
else return true;
|
||||
} else {
|
||||
$this->myLog->log(LOG_CRIT, 'No database connection');
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* function to get a row from the query result
|
||||
* Once all rows have been fetch, function closeCursor needs to be called
|
||||
*
|
||||
* @param object $result Query result object or null to use the current one
|
||||
* @return array a query row
|
||||
*
|
||||
*/
|
||||
public function fetchArray($result=null){
|
||||
if(!$result) $result = $this->result;
|
||||
if(!$result) return null;
|
||||
|
||||
$res = oci_fetch_array($result, OCI_ASSOC);
|
||||
return array_change_key_case($res, CASE_LOWER);
|
||||
}
|
||||
|
||||
/**
|
||||
* function to close the cursor after having fetched rows
|
||||
*
|
||||
* @param object $result Query result object or null to use the current one
|
||||
*
|
||||
*/
|
||||
public function closeCursor($result=null){
|
||||
}
|
||||
|
||||
/**
|
||||
* main function used to get rows by multiple key=>value pairs from Db table.
|
||||
*
|
||||
* @param string $table Database table to update row in
|
||||
* @param array $where Array with column=>values to select rows by
|
||||
* @param int $nr Number of rows to collect. NULL=>inifinity. Default=NULL.
|
||||
* @param int $rev rev=1 indicates order should be reversed. Default=NULL.
|
||||
* @param string distinct Select rows with distinct columns, Default=NULL
|
||||
* @return mixed Array with values from Db row or 2d-array with multiple rows
|
||||
*
|
||||
*/
|
||||
public function findByMultiple($table, $where, $nr=null, $rev=null, $distinct=null)
|
||||
{
|
||||
$value=""; /* quiet the PHP Notice */
|
||||
$match=null; /* quiet the PHP Notice */
|
||||
$query="SELECT";
|
||||
|
||||
if($nr!=null){
|
||||
# LIMIT doesn't exist in Oracle, so we encapsulate the query to be
|
||||
# able to filter a given number of rows afterwars (after ordering)
|
||||
$query.= " * FROM (SELECT";
|
||||
}
|
||||
|
||||
if ($distinct!=null) {
|
||||
$query.= " DISTINCT " . $distinct;
|
||||
} else {
|
||||
$query.= " *";
|
||||
}
|
||||
$query.= " FROM " . $table;
|
||||
if ($where!=null){
|
||||
foreach ($where as $key=>$value) {
|
||||
if ($key!=null) {
|
||||
if ($value!=null) $match.= " ". $key . " = '" . $value . "' and";
|
||||
else $match.= " ". $key . " is NULL and";
|
||||
}
|
||||
}
|
||||
if ($match!=null) $query .= " WHERE" . $match;
|
||||
$query=rtrim($query, "and");
|
||||
$query=rtrim($query);
|
||||
}
|
||||
if ($rev==1) $query.= " ORDER BY id DESC";
|
||||
if ($nr!=null) {
|
||||
$query .= ") WHERE rownum < " . ($nr+1);
|
||||
}
|
||||
|
||||
$result = $this->query($query, true);
|
||||
if (!$result) return false;
|
||||
|
||||
if ($nr==1) {
|
||||
$row = $this->fetchArray($result);
|
||||
$this->closeCursor($result);
|
||||
return $row;
|
||||
}
|
||||
else {
|
||||
$collection=array();
|
||||
while($row = $this->fetchArray($result)){
|
||||
$collection[]=$row;
|
||||
}
|
||||
$this->closeCursor($result);
|
||||
return $collection;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* main function used to delete rows by multiple key=>value pairs from Db table.
|
||||
*
|
||||
* @param string $table Database table to delete row in
|
||||
* @param array $where Array with column=>values to select rows by
|
||||
* @param int $nr Number of rows to collect. NULL=>inifinity. Default=NULL.
|
||||
* @param int $rev rev=1 indicates order should be reversed. Default=NULL.
|
||||
* @param string distinct Select rows with distinct columns, Default=NULL
|
||||
* @return boolean True on success, otherwise false.
|
||||
*
|
||||
*/
|
||||
public function deleteByMultiple($table, $where, $nr=null, $rev=null)
|
||||
{
|
||||
$query="DELETE";
|
||||
$query.= " FROM " . $table;
|
||||
$query .= " WHERE id IN (SELECT id FROM " . $table;
|
||||
if ($where!=null){
|
||||
$query.= " WHERE";
|
||||
foreach ($where as $key=>$value) {
|
||||
$query.= " ". $key . " = '" . $value . "' and";
|
||||
}
|
||||
$query=rtrim($query, "and");
|
||||
$query=rtrim($query);
|
||||
}
|
||||
if ($rev==1) $query.= " ORDER BY id DESC";
|
||||
|
||||
$query .= ")";
|
||||
if ($nr!=null) $query.= " and rownum < " . ($nr+1);
|
||||
|
||||
return $this->query($query, false);
|
||||
}
|
||||
|
||||
/**
|
||||
* Function to get the number of rows
|
||||
*
|
||||
* @param object $result Query result object or null to use the current one
|
||||
* @return int number of rows affected by last statement or 0 if database connection is not functional.
|
||||
*
|
||||
*/
|
||||
public function rowCount($result=null)
|
||||
{
|
||||
if(!$result) $result = $this->result;
|
||||
if($result) {
|
||||
return oci_num_rows($result);
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
?>
|
211
ykval-db-pdo.php
Normal file
211
ykval-db-pdo.php
Normal file
@ -0,0 +1,211 @@
|
||||
<?php
|
||||
|
||||
|
||||
/**
|
||||
* Class for managing database connection
|
||||
*/
|
||||
|
||||
require_once('ykval-log.php');
|
||||
require_once('ykval-db.php');
|
||||
|
||||
class DbImpl extends Db
|
||||
{
|
||||
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
*
|
||||
* @param string $host Database host
|
||||
* @param string $user Database user
|
||||
* @param string $pwd Database password
|
||||
* @param string $name Database table name
|
||||
* @return void
|
||||
*
|
||||
*/
|
||||
public function __construct($db_dsn, $db_username, $db_password, $db_options, $name='ykval-db')
|
||||
{
|
||||
$this->db_dsn=$db_dsn;
|
||||
$this->db_username=$db_username;
|
||||
$this->db_password=$db_password;
|
||||
$this->db_options=$db_options;
|
||||
|
||||
$this->myLog=new Log($name);
|
||||
}
|
||||
|
||||
/**
|
||||
* function to connect to database defined in config.php
|
||||
*
|
||||
* @return boolean True on success, otherwise false.
|
||||
*
|
||||
*/
|
||||
public function connect(){
|
||||
|
||||
try {
|
||||
$this->dbh = new PDO($this->db_dsn, $this->db_username, $this->db_password, $this->db_options);
|
||||
} catch (PDOException $e) {
|
||||
$this->myLog->log(LOG_CRIT, "Database connection error: " . $e->getMessage());
|
||||
$this->dbh=Null;
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
protected function query($query, $returnresult=false) {
|
||||
if(!$this->isConnected()) {
|
||||
$this->connect();
|
||||
}
|
||||
if($this->isConnected()) {
|
||||
$this->myLog->log(LOG_DEBUG, 'DB query is: ' . $query);
|
||||
|
||||
try {
|
||||
$this->result = $this->dbh->query($query);
|
||||
} catch (PDOException $e) {
|
||||
$this->myLog->log(LOG_INFO, 'Database query error: ' . preg_replace('/\n/',' ',print_r($this->dbh->errorInfo(), true)));
|
||||
$this->dbh = Null;
|
||||
return false;
|
||||
}
|
||||
if ($returnresult) return $this->result;
|
||||
else return true;
|
||||
} else {
|
||||
$this->myLog->log(LOG_CRIT, 'No database connection');
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* function to get a row from the query result
|
||||
* Once all rows have been fetch, function closeCursor needs to be called
|
||||
*
|
||||
* @param object $result Query result object or null to use the current one
|
||||
* @return array a query row
|
||||
*
|
||||
*/
|
||||
public function fetchArray($result=null){
|
||||
if(!$result) $result = $this->result;
|
||||
if(!$result) return null;
|
||||
|
||||
return $result->fetch(PDO::FETCH_ASSOC);
|
||||
}
|
||||
|
||||
/**
|
||||
* function to close the cursor after having fetched rows
|
||||
*
|
||||
* @param object $result Query result object or null to use the current one
|
||||
*
|
||||
*/
|
||||
public function closeCursor($result=null){
|
||||
if(!$result) $result = $this->result;
|
||||
$result->closeCursor();
|
||||
}
|
||||
|
||||
public function truncateTable($name)
|
||||
{
|
||||
$this->query("TRUNCATE TABLE " . $name);
|
||||
}
|
||||
|
||||
/**
|
||||
* main function used to get rows by multiple key=>value pairs from Db table.
|
||||
*
|
||||
* @param string $table Database table to update row in
|
||||
* @param array $where Array with column=>values to select rows by
|
||||
* @param int $nr Number of rows to collect. NULL=>inifinity. Default=NULL.
|
||||
* @param int $rev rev=1 indicates order should be reversed. Default=NULL.
|
||||
* @param string distinct Select rows with distinct columns, Default=NULL
|
||||
* @return mixed Array with values from Db row or 2d-array with multiple rows
|
||||
*
|
||||
*/
|
||||
public function findByMultiple($table, $where, $nr=null, $rev=null, $distinct=null)
|
||||
{
|
||||
$value=""; /* quiet the PHP Notice */
|
||||
$match=null; /* quiet the PHP Notice */
|
||||
$query="SELECT";
|
||||
if ($distinct!=null) {
|
||||
$query.= " DISTINCT " . $distinct;
|
||||
} else {
|
||||
$query.= " *";
|
||||
}
|
||||
$query.= " FROM " . $table;
|
||||
if ($where!=null){
|
||||
foreach ($where as $key=>$value) {
|
||||
if ($key!=null) {
|
||||
if ($value!=null) $match.= " ". $key . " = '" . $value . "' and";
|
||||
else $match.= " ". $key . " is NULL and";
|
||||
}
|
||||
}
|
||||
if ($match!=null) $query .= " WHERE" . $match;
|
||||
$query=rtrim($query, "and");
|
||||
$query=rtrim($query);
|
||||
}
|
||||
if ($rev==1) $query.= " ORDER BY id DESC";
|
||||
if ($nr!=null) $query.= " LIMIT " . $nr;
|
||||
|
||||
$result = $this->query($query, true);
|
||||
if (!$result) return false;
|
||||
|
||||
if ($nr==1) {
|
||||
$row = $this->fetchArray($result);
|
||||
$this->closeCursor($result);
|
||||
return $row;
|
||||
}
|
||||
else {
|
||||
$collection=array();
|
||||
while($row = $this->fetchArray($result)){
|
||||
$collection[]=$row;
|
||||
}
|
||||
$this->closeCursor($result);
|
||||
return $collection;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* main function used to delete rows by multiple key=>value pairs from Db table.
|
||||
*
|
||||
* @param string $table Database table to delete row in
|
||||
* @param array $where Array with column=>values to select rows by
|
||||
* @param int $nr Number of rows to collect. NULL=>inifinity. Default=NULL.
|
||||
* @param int $rev rev=1 indicates order should be reversed. Default=NULL.
|
||||
* @param string distinct Select rows with distinct columns, Default=NULL
|
||||
* @return boolean True on success, otherwise false.
|
||||
*
|
||||
*/
|
||||
public function deleteByMultiple($table, $where, $nr=null, $rev=null)
|
||||
{
|
||||
$query="DELETE";
|
||||
$query.= " FROM " . $table;
|
||||
if ($where!=null){
|
||||
$query.= " WHERE";
|
||||
foreach ($where as $key=>$value) {
|
||||
$query.= " ". $key . " = '" . $value . "' and";
|
||||
}
|
||||
$query=rtrim($query, "and");
|
||||
$query=rtrim($query);
|
||||
}
|
||||
if ($rev==1) $query.= " ORDER BY id DESC";
|
||||
if ($nr!=null) $query.= " LIMIT " . $nr;
|
||||
return $this->query($query, false);
|
||||
}
|
||||
|
||||
/**
|
||||
* Function to get the number of rows
|
||||
*
|
||||
* @param object $result Query result object or null to use the current one
|
||||
* @return int number of rows affected by last statement or 0 if database connection is not functional.
|
||||
*
|
||||
*/
|
||||
public function rowCount($result=null)
|
||||
{
|
||||
if(!$result) $result = $this->result;
|
||||
if($result) {
|
||||
$count=$result->rowCount();
|
||||
$result->closeCursor();
|
||||
return $count;
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
?>
|
36
ykval-db.oracle.sql
Normal file
36
ykval-db.oracle.sql
Normal file
@ -0,0 +1,36 @@
|
||||
-- I created a new sql file because oracle does not allow boolean type
|
||||
-- so I used the type NUMBER(1) which is pretty similar
|
||||
|
||||
CREATE TABLE clients (
|
||||
id INT NOT NULL,
|
||||
active NUMBER(1) DEFAULT 1,
|
||||
created INT NOT NULL,
|
||||
secret VARCHAR(60) DEFAULT '',
|
||||
email VARCHAR(255),
|
||||
notes VARCHAR(100) DEFAULT '',
|
||||
otp VARCHAR(100) DEFAULT '',
|
||||
PRIMARY KEY (id)
|
||||
);
|
||||
|
||||
CREATE TABLE yubikeys (
|
||||
active NUMBER(1) DEFAULT 1,
|
||||
created INT NOT NULL,
|
||||
modified INT NOT NULL,
|
||||
yk_publicname VARCHAR(16) NOT NULL,
|
||||
yk_counter INT NOT NULL,
|
||||
yk_use INT NOT NULL,
|
||||
yk_low INT NOT NULL,
|
||||
yk_high INT NOT NULL,
|
||||
nonce VARCHAR(40) DEFAULT '',
|
||||
notes VARCHAR(100) DEFAULT '',
|
||||
PRIMARY KEY (yk_publicname)
|
||||
);
|
||||
|
||||
CREATE TABLE queue (
|
||||
queued INT DEFAULT NULL,
|
||||
modified INT DEFAULT NULL,
|
||||
server_nonce VARCHAR(32) NOT NULL,
|
||||
otp VARCHAR(100) NOT NULL,
|
||||
server VARCHAR(100) NOT NULL,
|
||||
info VARCHAR(256) NOT NULL
|
||||
);
|
172
ykval-db.php
172
ykval-db.php
@ -7,28 +7,24 @@
|
||||
|
||||
require_once('ykval-log.php');
|
||||
|
||||
class Db
|
||||
abstract class Db
|
||||
{
|
||||
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
* static function to determine database type and instantiate the correct subclass
|
||||
*
|
||||
* @param string $host Database host
|
||||
* @param string $user Database user
|
||||
* @param string $pwd Database password
|
||||
* @param string $name Database table name
|
||||
* @return void
|
||||
*
|
||||
*/
|
||||
public function __construct($db_dsn, $db_username, $db_password, $db_options, $name='ykval-db')
|
||||
* */
|
||||
public static function GetDatabaseHandle($baseParams, $logname)
|
||||
{
|
||||
$this->db_dsn=$db_dsn;
|
||||
$this->db_username=$db_username;
|
||||
$this->db_password=$db_password;
|
||||
$this->db_options=$db_options;
|
||||
|
||||
$this->myLog=new Log($name);
|
||||
if(substr($baseParams['__YKVAL_DB_DSN__'], 0, 3) == 'oci') {
|
||||
require_once 'ykval-db-oci.php';
|
||||
} else {
|
||||
require_once 'ykval-db-pdo.php';
|
||||
}
|
||||
return new DbImpl($baseParams['__YKVAL_DB_DSN__'],
|
||||
$baseParams['__YKVAL_DB_USER__'],
|
||||
$baseParams['__YKVAL_DB_PW__'],
|
||||
$baseParams['__YKVAL_DB_OPTIONS__'],
|
||||
$logname . ':db');
|
||||
}
|
||||
|
||||
function addField($name, $value)
|
||||
@ -85,45 +81,6 @@ class Db
|
||||
if ($this->dbh!=NULL) return True;
|
||||
else return False;
|
||||
}
|
||||
/**
|
||||
* function to connect to database defined in config.php
|
||||
*
|
||||
* @return boolean True on success, otherwise false.
|
||||
*
|
||||
*/
|
||||
public function connect(){
|
||||
|
||||
try {
|
||||
$this->dbh = new PDO($this->db_dsn, $this->db_username, $this->db_password, $this->db_options);
|
||||
} catch (PDOException $e) {
|
||||
$this->myLog->log(LOG_CRIT, "Database connection error: " . $e->getMessage());
|
||||
$this->dbh=Null;
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
private function query($query, $returnresult=false) {
|
||||
if(!$this->isConnected()) {
|
||||
$this->connect();
|
||||
}
|
||||
if($this->isConnected()) {
|
||||
$this->myLog->log(LOG_DEBUG, 'DB query is: ' . $query);
|
||||
|
||||
try {
|
||||
$this->result = $this->dbh->query($query);
|
||||
} catch (PDOException $e) {
|
||||
$this->myLog->log(LOG_INFO, 'Database query error: ' . preg_replace('/\n/',' ',print_r($this->dbh->errorInfo(), true)));
|
||||
$this->dbh = Null;
|
||||
return false;
|
||||
}
|
||||
if ($returnresult) return $this->result;
|
||||
else return true;
|
||||
} else {
|
||||
$this->myLog->log(LOG_CRIT, 'No database connection');
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public function truncateTable($name)
|
||||
{
|
||||
@ -273,90 +230,6 @@ or false on failure.
|
||||
return $this->findByMultiple($table, array($key=>$value), $nr, $rev);
|
||||
}
|
||||
|
||||
/**
|
||||
* main function used to get rows by multiple key=>value pairs from Db table.
|
||||
*
|
||||
* @param string $table Database table to update row in
|
||||
* @param array $where Array with column=>values to select rows by
|
||||
* @param int $nr Number of rows to collect. NULL=>inifinity. Default=NULL.
|
||||
* @param int $rev rev=1 indicates order should be reversed. Default=NULL.
|
||||
* @param string distinct Select rows with distinct columns, Default=NULL
|
||||
* @return mixed Array with values from Db row or 2d-array with multiple rows
|
||||
*
|
||||
*/
|
||||
public function findByMultiple($table, $where, $nr=null, $rev=null, $distinct=null)
|
||||
{
|
||||
$value=""; /* quiet the PHP Notice */
|
||||
$match=null; /* quiet the PHP Notice */
|
||||
$query="SELECT";
|
||||
if ($distinct!=null) {
|
||||
$query.= " DISTINCT " . $distinct;
|
||||
} else {
|
||||
$query.= " *";
|
||||
}
|
||||
$query.= " FROM " . $table;
|
||||
if ($where!=null){
|
||||
foreach ($where as $key=>$value) {
|
||||
if ($key!=null) {
|
||||
if ($value!=null) $match.= " ". $key . " = '" . $value . "' and";
|
||||
else $match.= " ". $key . " is NULL and";
|
||||
}
|
||||
}
|
||||
if ($match!=null) $query .= " WHERE" . $match;
|
||||
$query=rtrim($query, "and");
|
||||
$query=rtrim($query);
|
||||
}
|
||||
if ($rev==1) $query.= " ORDER BY id DESC";
|
||||
if ($nr!=null) $query.= " LIMIT " . $nr;
|
||||
|
||||
$result = $this->query($query, true);
|
||||
if (!$result) return false;
|
||||
|
||||
if ($nr==1) {
|
||||
$row = $result->fetch(PDO::FETCH_ASSOC);
|
||||
$result->closeCursor();
|
||||
return $row;
|
||||
}
|
||||
else {
|
||||
$collection=array();
|
||||
while($row = $result->fetch(PDO::FETCH_ASSOC)){
|
||||
$collection[]=$row;
|
||||
}
|
||||
$result->closeCursor();
|
||||
return $collection;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* main function used to delete rows by multiple key=>value pairs from Db table.
|
||||
*
|
||||
* @param string $table Database table to delete row in
|
||||
* @param array $where Array with column=>values to select rows by
|
||||
* @param int $nr Number of rows to collect. NULL=>inifinity. Default=NULL.
|
||||
* @param int $rev rev=1 indicates order should be reversed. Default=NULL.
|
||||
* @param string distinct Select rows with distinct columns, Default=NULL
|
||||
* @return boolean True on success, otherwise false.
|
||||
*
|
||||
*/
|
||||
public function deleteByMultiple($table, $where, $nr=null, $rev=null)
|
||||
{
|
||||
$query="DELETE";
|
||||
$query.= " FROM " . $table;
|
||||
if ($where!=null){
|
||||
$query.= " WHERE";
|
||||
foreach ($where as $key=>$value) {
|
||||
$query.= " ". $key . " = '" . $value . "' and";
|
||||
}
|
||||
$query=rtrim($query, "and");
|
||||
$query=rtrim($query);
|
||||
}
|
||||
if ($rev==1) $query.= " ORDER BY id DESC";
|
||||
if ($nr!=null) $query.= " LIMIT " . $nr;
|
||||
return $this->query($query, false);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Function to do a custom query on database connection
|
||||
*
|
||||
@ -369,23 +242,6 @@ or false on failure.
|
||||
return $this->query($query, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Function to do a custom query on database connection
|
||||
*
|
||||
* @return int number of rows affected by last statement or 0 if database connection is not functional.
|
||||
*
|
||||
*/
|
||||
public function rowCount()
|
||||
{
|
||||
if($this->result) {
|
||||
$count=$this->result->rowCount();
|
||||
$this->result->closeCursor();
|
||||
return $count;
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* helper function used to get rows from Db table in reversed order.
|
||||
* defaults to obtaining 1 row.
|
||||
|
@ -10,11 +10,7 @@ require_once 'ykval-db.php';
|
||||
$logname="ykval-export";
|
||||
$myLog = new Log($logname);
|
||||
|
||||
$db=new Db($baseParams['__YKVAL_DB_DSN__'],
|
||||
$baseParams['__YKVAL_DB_USER__'],
|
||||
$baseParams['__YKVAL_DB_PW__'],
|
||||
$baseParams['__YKVAL_DB_OPTIONS__'],
|
||||
$logname . ':db');
|
||||
$db = Db::GetDatabaseHandle($baseParams, $logname);
|
||||
|
||||
if (!$db->connect()) {
|
||||
$myLog->log(LOG_WARNING, "Could not connect to database");
|
||||
@ -22,7 +18,7 @@ if (!$db->connect()) {
|
||||
}
|
||||
|
||||
$result = $db->customQuery("select id, active, created, secret, email, notes, otp from clients order by id");
|
||||
while($row = $result->fetch(PDO::FETCH_ASSOC)){
|
||||
while($row = $db->fetchArray($result)) {
|
||||
echo $row['id'] .
|
||||
"\t" . (int)$row['active'] .
|
||||
"\t" . $row['created'] .
|
||||
@ -31,7 +27,10 @@ while($row = $result->fetch(PDO::FETCH_ASSOC)){
|
||||
"\t" . $row['notes'] .
|
||||
"\t" . $row['otp'] .
|
||||
"\n";
|
||||
}
|
||||
}
|
||||
|
||||
$db->closeCursor($result);
|
||||
$db->disconnect();
|
||||
|
||||
$result=null;
|
||||
$db=null;
|
||||
|
@ -10,11 +10,7 @@ require_once 'ykval-db.php';
|
||||
$logname="ykval-export";
|
||||
$myLog = new Log($logname);
|
||||
|
||||
$db=new Db($baseParams['__YKVAL_DB_DSN__'],
|
||||
$baseParams['__YKVAL_DB_USER__'],
|
||||
$baseParams['__YKVAL_DB_PW__'],
|
||||
$baseParams['__YKVAL_DB_OPTIONS__'],
|
||||
$logname . ':db');
|
||||
$db = Db::GetDatabaseHandle($baseParams, $logname);
|
||||
|
||||
if (!$db->connect()) {
|
||||
$myLog->log(LOG_WARNING, "Could not connect to database");
|
||||
@ -22,7 +18,7 @@ if (!$db->connect()) {
|
||||
}
|
||||
|
||||
$result=$db->customQuery("SELECT active, created, modified, yk_publicname, yk_counter, yk_use, yk_low, yk_high, nonce, notes FROM yubikeys ORDER BY yk_publicname");
|
||||
while($row = $result->fetch(PDO::FETCH_ASSOC)){
|
||||
while($row = $db->fetchArray($result)){
|
||||
echo (int)$row['active'] .
|
||||
"\t" . $row['created'] .
|
||||
"\t" . $row['modified'] .
|
||||
@ -36,8 +32,10 @@ while($row = $result->fetch(PDO::FETCH_ASSOC)){
|
||||
"\n";
|
||||
}
|
||||
|
||||
$db->closeCursor($result);
|
||||
$db->disconnect();
|
||||
$result=null;
|
||||
$db=null;
|
||||
|
||||
|
||||
?>
|
||||
?>
|
||||
|
@ -10,11 +10,7 @@ require_once 'ykval-db.php';
|
||||
$logname="ykval-import";
|
||||
$myLog = new Log($logname);
|
||||
|
||||
$db=new Db($baseParams['__YKVAL_DB_DSN__'],
|
||||
$baseParams['__YKVAL_DB_USER__'],
|
||||
$baseParams['__YKVAL_DB_PW__'],
|
||||
$baseParams['__YKVAL_DB_OPTIONS__'],
|
||||
$logname . ':db');
|
||||
$db = Db::GetDatabaseHandle($baseParams, $logname);
|
||||
|
||||
if (!$db->connect()) {
|
||||
$myLog->log(LOG_WARNING, "Could not connect to database");
|
||||
@ -35,7 +31,7 @@ while ($res=fgetcsv(STDIN, 0, "\t")) {
|
||||
|
||||
$query="SELECT * FROM clients WHERE id='" . $params['id'] . "'";
|
||||
$result=$db->customQuery($query);
|
||||
if(!$result->fetch(PDO::FETCH_ASSOC)) {
|
||||
if($db->rowCount($result) == 0) {
|
||||
// We didn't have the id in database so we need to do insert instead
|
||||
$query="INSERT INTO clients " .
|
||||
"(id,active,created,secret,email,notes,otp) VALUES " .
|
||||
@ -53,6 +49,7 @@ while ($res=fgetcsv(STDIN, 0, "\t")) {
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
$db->closeCursor($result);
|
||||
}
|
||||
|
||||
|
||||
|
@ -10,11 +10,7 @@ require_once 'ykval-db.php';
|
||||
$logname="ykval-import";
|
||||
$myLog = new Log($logname);
|
||||
|
||||
$db=new Db($baseParams['__YKVAL_DB_DSN__'],
|
||||
$baseParams['__YKVAL_DB_USER__'],
|
||||
$baseParams['__YKVAL_DB_PW__'],
|
||||
$baseParams['__YKVAL_DB_OPTIONS__'],
|
||||
$logname . ':db');
|
||||
$db = Db::GetDatabaseHandle($baseParams, $logname);
|
||||
|
||||
if (!$db->connect()) {
|
||||
$myLog->log(LOG_WARNING, "Could not connect to database");
|
||||
@ -38,7 +34,7 @@ while ($res=fgetcsv(STDIN, 0, "\t")) {
|
||||
|
||||
$query="SELECT * FROM yubikeys WHERE yk_publicname='" . $params['yk_publicname'] . "'";
|
||||
$result=$db->customQuery($query);
|
||||
if($result->fetch(PDO::FETCH_ASSOC)) {
|
||||
if($db->rowCount($result)) {
|
||||
$query="UPDATE yubikeys SET " .
|
||||
"active='" . $params["active"] . "' " .
|
||||
",created='" . $params["created"] . "' " .
|
||||
@ -80,6 +76,7 @@ while ($res=fgetcsv(STDIN, 0, "\t")) {
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
$db->closeCursor($result);
|
||||
}
|
||||
|
||||
|
||||
|
@ -27,11 +27,7 @@ if ($do != "enable" && $do != "disable") {
|
||||
}
|
||||
|
||||
# Connect to db
|
||||
$db = new Db($baseParams['__YKVAL_DB_DSN__'],
|
||||
$baseParams['__YKVAL_DB_USER__'],
|
||||
$baseParams['__YKVAL_DB_PW__'],
|
||||
$baseParams['__YKVAL_DB_OPTIONS__'],
|
||||
'ykval-revoke:db');
|
||||
$db = Db::GetDatabaseHandle($baseParams, 'ykval-revoke');
|
||||
if (!$db->connect()) {
|
||||
logdie($myLog, "ERROR Database connect error");
|
||||
}
|
||||
|
@ -15,12 +15,7 @@ class SyncLib
|
||||
$this->myLog = new Log($logname);
|
||||
global $baseParams;
|
||||
$this->syncServers = $baseParams['__YKVAL_SYNC_POOL__'];
|
||||
|
||||
$this->db=new Db($baseParams['__YKVAL_DB_DSN__'],
|
||||
$baseParams['__YKVAL_DB_USER__'],
|
||||
$baseParams['__YKVAL_DB_PW__'],
|
||||
$baseParams['__YKVAL_DB_OPTIONS__'],
|
||||
$logname . ':db');
|
||||
$this->db = Db::GetDatabaseHandle($baseParams, $logname);
|
||||
$this->isConnected=$this->db->connect();
|
||||
$this->server_nonce=md5(uniqid(rand()));
|
||||
|
||||
@ -56,9 +51,9 @@ class SyncLib
|
||||
|
||||
function getClientData($client)
|
||||
{
|
||||
$res=$this->db->customQuery("SELECT id, secret FROM clients WHERE active AND id='" . $client . "'");
|
||||
$r = $res->fetch(PDO::FETCH_ASSOC);
|
||||
$res->closeCursor();
|
||||
$res = $this->db->customQuery("SELECT id, secret FROM clients WHERE active='1' AND id='" . $client . "'");
|
||||
$r = $this->db->fetchArray($res);
|
||||
$this->db->closeCursor($res);
|
||||
if ($r) return $r;
|
||||
else return false;
|
||||
}
|
||||
@ -143,7 +138,7 @@ class SyncLib
|
||||
function getLocalParams($yk_publicname)
|
||||
{
|
||||
$this->log(LOG_INFO, "searching for yk_publicname " . $yk_publicname . " in local db");
|
||||
$res = $this->db->findBy('yubikeys', 'yk_publicname', $yk_publicname,1);
|
||||
$res = $this->db->findBy('yubikeys', 'yk_publicname', $yk_publicname, 1);
|
||||
|
||||
if (!$res) {
|
||||
$this->log(LOG_NOTICE, 'Discovered new identity ' . $yk_publicname);
|
||||
@ -160,14 +155,14 @@ class SyncLib
|
||||
$res=$this->db->findBy('yubikeys', 'yk_publicname', $yk_publicname,1);
|
||||
}
|
||||
if ($res) {
|
||||
$localParams=array('modified'=>$res['modified'],
|
||||
'nonce'=>$res['nonce'],
|
||||
'active'=>$res['active'],
|
||||
'yk_publicname'=>$yk_publicname,
|
||||
'yk_counter'=>$res['yk_counter'],
|
||||
'yk_use'=>$res['yk_use'],
|
||||
'yk_high'=>$res['yk_high'],
|
||||
'yk_low'=>$res['yk_low']);
|
||||
$localParams=array('modified' => $res['modified'],
|
||||
'nonce' => $res['nonce'],
|
||||
'active' => $res['active'],
|
||||
'yk_publicname' => $yk_publicname,
|
||||
'yk_counter' => $res['yk_counter'],
|
||||
'yk_use' => $res['yk_use'],
|
||||
'yk_high' => $res['yk_high'],
|
||||
'yk_low' => $res['yk_low']);
|
||||
|
||||
$this->log(LOG_INFO, "yubikey found in db ", $localParams);
|
||||
return $localParams;
|
||||
@ -289,21 +284,20 @@ class SyncLib
|
||||
$this->log(LOG_INFO, 'starting resync');
|
||||
/* Loop over all unique servers in queue */
|
||||
$queued_limit=time()-$older_than;
|
||||
$res=$this->db->customQuery("select distinct server from queue WHERE queued < " . $queued_limit . " or queued is null");
|
||||
$server_res=$this->db->customQuery("select distinct server from queue WHERE queued < " . $queued_limit . " or queued is null");
|
||||
|
||||
foreach ($res as $my_server) {
|
||||
while ($my_server=$this->db->fetchArray($server_res)) {
|
||||
$this->log(LOG_INFO, "Processing queue for server " . $my_server['server']);
|
||||
$res=$this->db->customQuery("select * from queue WHERE (queued < " . $queued_limit . " or queued is null) and server='" . $my_server['server'] . "'");
|
||||
$ch = curl_init();
|
||||
|
||||
while ($entry=$res->fetch(PDO::FETCH_ASSOC)) {
|
||||
while ($entry=$this->db->fetchArray($res)) {
|
||||
$this->log(LOG_INFO, "server=" . $entry['server'] . ", server_nonce=" . $entry['server_nonce'] . ", info=" . $entry['info']);
|
||||
$url=$entry['server'] .
|
||||
"?otp=" . $entry['otp'] .
|
||||
"&modified=" . $entry['modified'] .
|
||||
"&" . $this->otpPartFromInfoString($entry['info']);
|
||||
|
||||
|
||||
/* Send out sync request */
|
||||
$this->log(LOG_DEBUG, 'url is ' . $url);
|
||||
curl_setopt($ch, CURLOPT_URL, $url);
|
||||
@ -315,7 +309,7 @@ class SyncLib
|
||||
$response = curl_exec($ch);
|
||||
|
||||
if ($response==False) {
|
||||
$this->log(LOG_NOTICE, 'Timeout. Stopping queue resync for server ' . $my_server['server']);
|
||||
$this->log(LOG_NOTICE, 'Timeout. Stopping queue resync for server ' . $entry['server']);
|
||||
break;
|
||||
}
|
||||
|
||||
@ -371,8 +365,8 @@ class SyncLib
|
||||
|
||||
/* Deletion */
|
||||
$this->log(LOG_INFO, 'deleting queue entry with modified=' . $entry['modified'] .
|
||||
' server_nonce=' . $entry['server_nonce'] .
|
||||
' server=' . $entry['server']);
|
||||
' server_nonce=' . $entry['server_nonce'] .
|
||||
' server=' . $entry['server']);
|
||||
$this->db->deleteByMultiple('queue',
|
||||
array("modified"=>$entry['modified'],
|
||||
"server_nonce"=>$entry['server_nonce'],
|
||||
@ -388,9 +382,10 @@ class SyncLib
|
||||
}
|
||||
|
||||
} /* End of loop over each queue entry for a server */
|
||||
curl_close($ch);
|
||||
$res->closeCursor();
|
||||
curl_close($ch);
|
||||
$this->db->closeCursor($res);
|
||||
} /* End of loop over each distinct server in queue */
|
||||
$this->db->closeCursor($server_res);
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -402,7 +397,7 @@ class SyncLib
|
||||
|
||||
$urls=array();
|
||||
$res=$this->db->findByMultiple('queue', array("modified"=>$this->otpParams['modified'], "server_nonce"=>$this->server_nonce));
|
||||
foreach ($res as $row) {
|
||||
foreach($res as $row) {
|
||||
$urls[]=$row['server'] .
|
||||
"?otp=" . $row['otp'] .
|
||||
"&modified=" . $row['modified'] .
|
||||
|
@ -11,7 +11,7 @@ $myLog = new Log('ykval-verify');
|
||||
$myLog->addField('ip', $_SERVER['REMOTE_ADDR']);
|
||||
$myLog->log(LOG_INFO, "Request: " . $_SERVER['QUERY_STRING'] .
|
||||
" (at " . date("c") . " " . microtime() . ") " .
|
||||
(isset($_SERVER["HTTPS"]) == TRUE ? ($_SERVER["HTTPS"] == "on" ? "HTTPS" : "HTTP") : "HTTP"));
|
||||
(isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on" ? "HTTPS" : "HTTP"));
|
||||
|
||||
/* Detect protocol version */
|
||||
if (preg_match("/\/wsapi\/([0-9]+)\.([0-9]+)\//", $_SERVER['REQUEST_URI'], $out)) {
|
||||
|
Loading…
x
Reference in New Issue
Block a user