rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2024-11-29 00:24:13 +01:00
Code Issues Projects Releases Wiki Activity
6788e5effa
yubikey-val/ykval-db.sql
Olov Danielson 6788e5effa 1. Nonce introduced in protocol. This required changes in the chain from client->verify->sync. 
2. ykval-verify is modified a bit. It now acts more as a flow controller and relies on ykval-synclib 
to do details on DB-calls and counterlogic. The "system" decision making is still located in ykval-verify.
2009-12-15 10:17:51 +00:00

64 lines
1.7 KiB
SQL
Raw Blame History

-- DROP DATABASE ykval;
CREATE DATABASE ykval;
USE ykval;
CREATE TABLE clients (
id INT NOT NULL AUTO_INCREMENT,
active BOOLEAN DEFAULT TRUE,
created DATETIME NOT NULL,
secret VARCHAR(60) NOT NULL DEFAULT '',
email VARCHAR(255),
notes VARCHAR(100) DEFAULT '',
otp VARCHAR(100) DEFAULT '',
PRIMARY KEY (id)
);
CREATE TABLE yubikeys (
id INT NOT NULL UNIQUE AUTO_INCREMENT,
active BOOLEAN DEFAULT TRUE,
created DATETIME NOT NULL,
accessed DATETIME,
publicName VARCHAR(16) UNIQUE NOT NULL COLLATE ascii_bin,
internalName VARCHAR(12) NOT NULL COLLATE ascii_bin,
counter INT,
low INT,
high INT,
sessionUse INT,
notes VARCHAR(100) DEFAULT '',
PRIMARY KEY (id)
);
CREATE TABLE queue (
id INT NOT NULL UNIQUE AUTO_INCREMENT,
queued_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
modified_time TIMESTAMP,
random_key INT,
otp VARCHAR(100) NOT NULL,
server VARCHAR(100) NOT NULL,
info VARCHAR(256) NOT NULL,
PRIMARY KEY (id)
);
-- DROP USER 'ykval_verifier'@'localhost';
CREATE USER 'ykval_verifier'@'localhost';
GRANT SELECT,INSERT,UPDATE(accessed, counter, low, high, sessionUse, nonce)
ON ykval.yubikeys to 'ykval_verifier'@'localhost';
GRANT SELECT(id, secret, active)
ON ykval.clients to 'ykval_verifier'@'localhost';
GRANT SELECT,INSERT,UPDATE,DELETE
ON ykval.queue to 'ykval_verifier'@'localhost';
-- DROP USER 'ykval_getapikey'@'localhost';
CREATE USER 'ykval_getapikey'@'localhost';
GRANT SELECT(id),INSERT
ON ykval.clients to 'ykval_getapikey'@'localhost';
-- DROP USER 'ykval_revoke'@'localhost';
CREATE USER 'ykval_revoke'@'localhost';
GRANT UPDATE(active)
ON ykval.yubikeys to 'ykval_revoke'@'localhost';
GRANT SELECT(publicName)
ON ykval.yubikeys to 'ykval_revoke'@'localhost';
FLUSH PRIVILEGES;
Reference in New Issue View Git Blame Copy Permalink