[373] | 1 | /**********************************************************************
|
---|
| 2 | *
|
---|
| 3 | * userdb.cpp -- functions to handle a user database
|
---|
| 4 | * Copyright (C) 1999 DigiLib Systems Limited, New Zealand
|
---|
| 5 | *
|
---|
[533] | 6 | * A component of the Greenstone digital library software
|
---|
| 7 | * from the New Zealand Digital Library Project at the
|
---|
| 8 | * University of Waikato, New Zealand.
|
---|
[373] | 9 | *
|
---|
[533] | 10 | * This program is free software; you can redistribute it and/or modify
|
---|
| 11 | * it under the terms of the GNU General Public License as published by
|
---|
| 12 | * the Free Software Foundation; either version 2 of the License, or
|
---|
| 13 | * (at your option) any later version.
|
---|
| 14 | *
|
---|
| 15 | * This program is distributed in the hope that it will be useful,
|
---|
| 16 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 17 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
| 18 | * GNU General Public License for more details.
|
---|
| 19 | *
|
---|
| 20 | * You should have received a copy of the GNU General Public License
|
---|
| 21 | * along with this program; if not, write to the Free Software
|
---|
| 22 | * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
---|
| 23 | *
|
---|
[373] | 24 | *********************************************************************/
|
---|
| 25 |
|
---|
[997] | 26 | #include "gsdlconf.h"
|
---|
[373] | 27 | #include "userdb.h"
|
---|
| 28 | #include "gsdltimes.h"
|
---|
| 29 | #include "fileutil.h"
|
---|
[516] | 30 | #include <stdlib.h>
|
---|
[373] | 31 |
|
---|
| 32 | // include crypt
|
---|
[1000] | 33 | #if defined(__WIN32__)
|
---|
| 34 | #include "crypt.h"
|
---|
| 35 | #else
|
---|
[997] | 36 | #if defined(HAVE_CRYPT_H)
|
---|
| 37 | #include <crypt.h>
|
---|
| 38 | #else
|
---|
[533] | 39 | #include <unistd.h>
|
---|
[997] | 40 | #endif
|
---|
[1000] | 41 | #endif
|
---|
[373] | 42 |
|
---|
[13844] | 43 | //==========================================//
|
---|
| 44 | // userinfo_t functions (Start) //
|
---|
| 45 | //==========================================//
|
---|
| 46 | userinfo_t::userinfo_t()
|
---|
| 47 | {
|
---|
| 48 | clear();
|
---|
| 49 | }
|
---|
[373] | 50 |
|
---|
[13844] | 51 | userinfo_t::~userinfo_t(){};
|
---|
| 52 |
|
---|
| 53 | void userinfo_t::clear () {
|
---|
| 54 | username.clear();
|
---|
| 55 | password.clear();
|
---|
| 56 | enabled = false;
|
---|
| 57 | groups.clear();
|
---|
| 58 | comment.clear();
|
---|
| 59 | }
|
---|
| 60 |
|
---|
| 61 | userinfo_t &userinfo_t::operator=(const userinfo_t &x) {
|
---|
| 62 | username = x.username;
|
---|
| 63 | password = x.password;
|
---|
| 64 | enabled = x.enabled;
|
---|
| 65 | groups = x.groups;
|
---|
| 66 | comment = x.comment;
|
---|
| 67 |
|
---|
| 68 | return *this;
|
---|
| 69 | }
|
---|
| 70 | //==========================================//
|
---|
| 71 | // userinfo_t functions (END) //
|
---|
| 72 | //==========================================//
|
---|
| 73 |
|
---|
| 74 | //==========================================//
|
---|
| 75 | // userdbclass functions (Start) //
|
---|
| 76 | //==========================================//
|
---|
| 77 | userdbclass::userdbclass(const text_t &userdbfilename)
|
---|
| 78 | {
|
---|
[14269] | 79 | storeduserdbfilename = userdbfilename;
|
---|
| 80 | activated = (!userdb.opendatabase(storeduserdbfilename, GDBM_READER, 1000, true)) ? false : true;
|
---|
| 81 | if (activated == false)
|
---|
| 82 | {
|
---|
| 83 | activated = (!userdb.opendatabase(storeduserdbfilename, GDBM_WRCREAT, 1000, true)) ? false : true;
|
---|
| 84 | if (activated == true)
|
---|
| 85 | {
|
---|
| 86 | userdb.closedatabase();
|
---|
| 87 | activated = (!userdb.opendatabase(storeduserdbfilename, GDBM_READER, 1000, true)) ? false : true;
|
---|
| 88 | }
|
---|
| 89 | }
|
---|
| 90 |
|
---|
[13844] | 91 | external_db = false;
|
---|
| 92 | }
|
---|
| 93 |
|
---|
| 94 | userdbclass::userdbclass(const gdbmclass &external_userdb)
|
---|
| 95 | {
|
---|
| 96 | userdb = external_userdb;
|
---|
| 97 | activated = true;
|
---|
| 98 | external_db = true;
|
---|
| 99 | }
|
---|
| 100 |
|
---|
| 101 | userdbclass::~userdbclass()
|
---|
| 102 | {
|
---|
| 103 | if (external_db == false) { userdb.closedatabase();}
|
---|
| 104 | }
|
---|
| 105 |
|
---|
[373] | 106 | // few useful functions
|
---|
[13844] | 107 | text_t userdbclass::crypt_text (const text_t &text)
|
---|
| 108 | {
|
---|
[373] | 109 | static const char *salt = "Tp";
|
---|
| 110 | text_t crypt_password;
|
---|
[13844] | 111 |
|
---|
[7381] | 112 | if (text.empty()) return g_EmptyText;
|
---|
[13844] | 113 |
|
---|
[373] | 114 | // encrypt the password
|
---|
| 115 | char *text_cstr = text.getcstr();
|
---|
[7381] | 116 | if (text_cstr == NULL) return g_EmptyText;
|
---|
[373] | 117 | crypt_password = crypt(text_cstr, salt);
|
---|
[7381] | 118 | delete []text_cstr;
|
---|
[373] | 119 |
|
---|
| 120 | return crypt_password;
|
---|
| 121 | }
|
---|
| 122 |
|
---|
| 123 | // username_ok tests to make sure a username is ok. a username
|
---|
| 124 | // must be at least 2 characters long, but no longer than 30
|
---|
| 125 | // characters long. it can contain the characters a-z A-Z 0-9
|
---|
| 126 | // . and _
|
---|
[13844] | 127 | bool userdbclass::username_ok (const text_t &username)
|
---|
| 128 | {
|
---|
[373] | 129 | if (username.size() < 2 || username.size() > 30) return false;
|
---|
| 130 |
|
---|
| 131 | text_t::const_iterator here = username.begin();
|
---|
| 132 | text_t::const_iterator end = username.end();
|
---|
[13844] | 133 | while (here != end)
|
---|
| 134 | {
|
---|
| 135 | if ((*here >= 'a' && *here <= 'z') ||
|
---|
| 136 | (*here >= 'A' && *here <= 'Z') ||
|
---|
| 137 | (*here >= '0' && *here <= '9') ||
|
---|
| 138 | *here == '.' ||
|
---|
| 139 | *here == '_')
|
---|
| 140 | {
|
---|
| 141 | // ok
|
---|
| 142 | } else return false;
|
---|
| 143 | ++here;
|
---|
| 144 | }
|
---|
| 145 |
|
---|
[373] | 146 | return true;
|
---|
| 147 | }
|
---|
| 148 |
|
---|
| 149 | // password_ok tests to make sure a password is ok. a password
|
---|
| 150 | // must be at least 3 characters long but no longer than 8 characters
|
---|
| 151 | // long. it can contain any character in the range 0x20-0x7e
|
---|
[13844] | 152 | bool userdbclass::password_ok (const text_t &password)
|
---|
| 153 | {
|
---|
[14999] | 154 | // DB: 20/02/08. Why mustn't the password exceed 8 chars,
|
---|
| 155 | // windows 3.1 complicance? Even then this doesn't make sense to me
|
---|
| 156 | // as storing this in GDBM wouldn't trigger a 8-char limit
|
---|
[373] | 157 |
|
---|
[14999] | 158 | // Have increased this to 128. Not because I think someone will type
|
---|
| 159 | // in something that long, but some encryptions schemes (e.g. wireless
|
---|
| 160 | // networks) work with such lengths and someone one day might like
|
---|
| 161 | // to use such a generated password in Greenstone.
|
---|
| 162 | //
|
---|
| 163 |
|
---|
| 164 | if (password.size() < 3 || password.size() > 128) return false;
|
---|
| 165 |
|
---|
[373] | 166 | text_t::const_iterator here = password.begin();
|
---|
| 167 | text_t::const_iterator end = password.end();
|
---|
| 168 | while (here != end) {
|
---|
[13844] | 169 | if (*here >= 0x20 && *here <= 0x7e)
|
---|
| 170 | {
|
---|
| 171 | // ok
|
---|
| 172 | } else return false;
|
---|
[9620] | 173 | ++here;
|
---|
[373] | 174 | }
|
---|
| 175 |
|
---|
| 176 | return true;
|
---|
| 177 | }
|
---|
| 178 |
|
---|
[13844] | 179 | // removes spaces from user groups
|
---|
| 180 | text_t userdbclass::format_user_groups(const text_t user_groups)
|
---|
| 181 | {
|
---|
| 182 | text_t new_groups = g_EmptyText;
|
---|
| 183 | text_t::const_iterator here = user_groups.begin();
|
---|
| 184 | text_t::const_iterator end = user_groups.end();
|
---|
| 185 | while (here != end) {
|
---|
| 186 | if (*here != ' '&& *here != '\t' && *here != '\n')
|
---|
| 187 | {
|
---|
| 188 | new_groups.push_back(*here);
|
---|
| 189 | }
|
---|
| 190 | ++here;
|
---|
| 191 | }
|
---|
| 192 | return new_groups;
|
---|
[373] | 193 | }
|
---|
| 194 |
|
---|
| 195 | // functions dealing with user databases
|
---|
| 196 | // returns true on success (in which case userinfo will contain
|
---|
| 197 | // the information for this user)
|
---|
[13844] | 198 | // @return 0 success
|
---|
| 199 | // @return -1 database is not currently connected
|
---|
| 200 | // @return -2 not defined username
|
---|
| 201 | int userdbclass::get_user_info (const text_t &username, userinfo_t &userinfo)
|
---|
| 202 | {
|
---|
| 203 | // Let's make sure the connection has been established.
|
---|
| 204 | if (activated == true)
|
---|
| 205 | {
|
---|
[373] | 206 | userinfo.clear();
|
---|
[13844] | 207 | infodbclass info;
|
---|
| 208 | // See if we can get the user's infomration
|
---|
| 209 | if (userdb.getinfo (username, info))
|
---|
| 210 | {
|
---|
| 211 | userinfo.username = info["username"];
|
---|
| 212 | userinfo.password = info["password"];
|
---|
| 213 | userinfo.enabled = (info["enabled"] == "true");
|
---|
| 214 | userinfo.groups = info["groups"];
|
---|
| 215 | userinfo.comment = info["comment"];
|
---|
| 216 | return ERRNO_SUCCEED;
|
---|
| 217 | }
|
---|
| 218 | // If we failed to retrieve the users information, we should check if the username is admin or not.
|
---|
| 219 | // If it is the admin user, let's create a new account for the admin user.
|
---|
| 220 | else if (username == "admin")
|
---|
| 221 | {
|
---|
| 222 | userinfo.clear();
|
---|
| 223 | userinfo.username = "admin";
|
---|
| 224 | userinfo.password = crypt_text("admin");
|
---|
| 225 | userinfo.enabled = true;
|
---|
[15087] | 226 | userinfo.groups = "administrator,all-collections-editor";
|
---|
[13844] | 227 | userinfo.comment = "change the password for this account as soon as possible";
|
---|
| 228 | // Return the set result.
|
---|
| 229 | return set_user_info (username, userinfo);
|
---|
| 230 | }
|
---|
| 231 | // The username is not found, return false
|
---|
| 232 | return ERRNO_USERNOTFOUND;
|
---|
[373] | 233 | }
|
---|
[13844] | 234 | // Failed to connect to the database, return false.
|
---|
| 235 | return ERRNO_CONNECTIONFAILED;
|
---|
[373] | 236 | }
|
---|
| 237 |
|
---|
| 238 | // returns true on success
|
---|
[13844] | 239 | int userdbclass::set_user_info (const text_t &username, const userinfo_t &userinfo)
|
---|
| 240 | {
|
---|
| 241 | // Let's make sure the connection has been established.
|
---|
| 242 | if (activated == true)
|
---|
| 243 | {
|
---|
| 244 | infodbclass info;
|
---|
| 245 | info["username"] = userinfo.username;
|
---|
| 246 | info["password"] = userinfo.password;
|
---|
| 247 | info["enabled"] = userinfo.enabled ? "true" : "false";
|
---|
| 248 | info["groups"] = userinfo.groups;
|
---|
| 249 | info["comment"] = userinfo.comment;
|
---|
[14269] | 250 | userdb.closedatabase();
|
---|
| 251 | userdb.opendatabase(storeduserdbfilename, GDBM_WRCREAT, 1000, true);
|
---|
| 252 | int result = (userdb.setinfo (username, info)) ? ERRNO_SUCCEED : ERRNO_GDBMACTIONFILED;
|
---|
| 253 | userdb.closedatabase();
|
---|
| 254 | userdb.opendatabase(storeduserdbfilename, GDBM_READER, 1000, true);
|
---|
| 255 | return result;
|
---|
[13844] | 256 | }
|
---|
| 257 | return ERRNO_CONNECTIONFAILED;
|
---|
[373] | 258 | }
|
---|
| 259 |
|
---|
[13844] | 260 | // returns true if the user's password is correct.
|
---|
| 261 | int userdbclass::check_passwd (const text_t &username, const text_t &password)
|
---|
| 262 | {
|
---|
| 263 | userinfo_t thisuser;
|
---|
| 264 | int returned = get_user_info(username, thisuser);
|
---|
| 265 | if(returned != ERRNO_SUCCEED) return returned;
|
---|
| 266 | // couple of basic checks
|
---|
| 267 | if (thisuser.username.empty() || thisuser.password.empty() ||
|
---|
| 268 | password.empty()) return ERRNO_MISSINGPASSWORD;
|
---|
[373] | 269 |
|
---|
[13844] | 270 | text_t crypt_password = crypt_text(password);
|
---|
| 271 | return (thisuser.password == crypt_password) ? ERRNO_SUCCEED : ERRNO_PASSWORDMISMATCH;
|
---|
| 272 | }
|
---|
[373] | 273 |
|
---|
[13844] | 274 | int userdbclass::add_user (const userinfo_t &userinfo)
|
---|
| 275 | {
|
---|
| 276 | // Let's make sure the connection has been established.
|
---|
| 277 | if (activated == true)
|
---|
| 278 | {
|
---|
| 279 | infodbclass info;
|
---|
| 280 | if (userdb.getinfo (userinfo.username, info))
|
---|
| 281 | {
|
---|
| 282 | // There is an existing username already
|
---|
| 283 | return ERRNO_EXISTINGUSERNAME;
|
---|
| 284 | }
|
---|
| 285 | else
|
---|
| 286 | {
|
---|
| 287 | return set_user_info(userinfo.username, userinfo);
|
---|
| 288 | }
|
---|
| 289 | }
|
---|
| 290 | return ERRNO_CONNECTIONFAILED;
|
---|
[373] | 291 | }
|
---|
| 292 |
|
---|
[13844] | 293 | int userdbclass::edit_user (const userinfo_t &userinfo)
|
---|
| 294 | {
|
---|
| 295 | // Let's make sure the connection has been established.
|
---|
| 296 | if (activated == true)
|
---|
| 297 | {
|
---|
| 298 | infodbclass info;
|
---|
| 299 | if (userdb.getinfo (userinfo.username, info))
|
---|
| 300 | {
|
---|
| 301 | return set_user_info(userinfo.username, userinfo);
|
---|
| 302 | }
|
---|
| 303 | else
|
---|
| 304 | {
|
---|
| 305 | // The user does not exist in the database.
|
---|
| 306 | return ERRNO_USERNOTFOUND;
|
---|
| 307 | }
|
---|
| 308 | }
|
---|
| 309 | return ERRNO_CONNECTIONFAILED;
|
---|
[373] | 310 | }
|
---|
| 311 |
|
---|
[13844] | 312 | int userdbclass::delete_user (const text_t &username)
|
---|
| 313 | {
|
---|
| 314 | // Let's make sure the connection has been established.
|
---|
| 315 | if (activated == true)
|
---|
| 316 | {
|
---|
[14269] | 317 | userdb.closedatabase();
|
---|
| 318 | userdb.opendatabase(storeduserdbfilename, GDBM_WRCREAT, 1000, true);
|
---|
[13844] | 319 | userdb.deletekey (username);
|
---|
[14269] | 320 | userdb.closedatabase();
|
---|
| 321 | userdb.opendatabase(storeduserdbfilename, GDBM_READER, 1000, true);
|
---|
[13844] | 322 | return ERRNO_SUCCEED;
|
---|
| 323 | }
|
---|
| 324 | return ERRNO_CONNECTIONFAILED;
|
---|
| 325 | }
|
---|
[373] | 326 |
|
---|
[13844] | 327 | // gets all the users' information in the database. returns true
|
---|
| 328 | // on success
|
---|
| 329 | int userdbclass::get_all_users(userinfo_tarray &userinfo_array)
|
---|
| 330 | {
|
---|
| 331 | // Let's make sure the connection has been established.
|
---|
| 332 | if (activated == true)
|
---|
| 333 | {
|
---|
| 334 | userinfo_array.erase(userinfo_array.begin(), userinfo_array.end());
|
---|
| 335 | text_t user = userdb.getfirstkey();
|
---|
| 336 | while (!user.empty()) {
|
---|
| 337 | userinfo_t one_userinfo;
|
---|
| 338 | int returned = get_user_info(user, one_userinfo);
|
---|
| 339 | if (returned != ERRNO_SUCCEED) return returned;
|
---|
| 340 | userinfo_array.push_back(one_userinfo);
|
---|
| 341 | user = userdb.getnextkey(user);
|
---|
| 342 | }
|
---|
| 343 | return ERRNO_SUCCEED;
|
---|
| 344 | }
|
---|
| 345 | return ERRNO_CONNECTIONFAILED;
|
---|
[373] | 346 | }
|
---|
| 347 |
|
---|
| 348 | // gets a list of all the users in the database. returns true
|
---|
| 349 | // on success
|
---|
[13844] | 350 | int userdbclass::get_user_list (text_tarray &userlist)
|
---|
| 351 | {
|
---|
| 352 | // Let's make sure the connection has been established.
|
---|
| 353 | if (activated == true)
|
---|
| 354 | {
|
---|
| 355 | userlist.erase (userlist.begin(), userlist.end());
|
---|
| 356 |
|
---|
| 357 | text_t user = userdb.getfirstkey ();
|
---|
| 358 | while (!user.empty()) {
|
---|
| 359 | userlist.push_back(user);
|
---|
| 360 | user = userdb.getnextkey (user);
|
---|
| 361 | }
|
---|
| 362 | return ERRNO_SUCCEED;
|
---|
| 363 | }
|
---|
| 364 | return ERRNO_CONNECTIONFAILED;
|
---|
[373] | 365 | }
|
---|
[13844] | 366 | //==========================================//
|
---|
| 367 | // userdbclass functions (End) //
|
---|
| 368 | //==========================================//
|
---|
[373] | 369 |
|
---|
[13844] | 370 | //==========================================//
|
---|
| 371 | // keydbclass functions (Start) //
|
---|
| 372 | //==========================================//
|
---|
| 373 | keydbclass::keydbclass(const text_t &keydbfilename)
|
---|
| 374 | {
|
---|
[14269] | 375 | storedkeydbfilename = keydbfilename;
|
---|
[15207] | 376 | activated = keydb.opendatabase(storedkeydbfilename, GDBM_READER, 1000, true);
|
---|
[14269] | 377 | if (activated == false)
|
---|
| 378 | {
|
---|
[15207] | 379 | activated = keydb.opendatabase(storedkeydbfilename, GDBM_WRCREAT, 1000, true);
|
---|
[14269] | 380 | if (activated == true)
|
---|
| 381 | {
|
---|
| 382 | keydb.closedatabase();
|
---|
[15207] | 383 | activated = keydb.opendatabase(storedkeydbfilename, GDBM_READER, 1000, true);
|
---|
[14269] | 384 | }
|
---|
| 385 | }
|
---|
[13844] | 386 | external_db = false;
|
---|
| 387 | }
|
---|
[373] | 388 |
|
---|
[13844] | 389 | keydbclass::keydbclass(const gdbmclass &external_keydb)
|
---|
| 390 | {
|
---|
| 391 | keydb = external_keydb;
|
---|
| 392 | activated = true;
|
---|
| 393 | external_db = true;
|
---|
[373] | 394 | }
|
---|
| 395 |
|
---|
[13844] | 396 | keydbclass::~keydbclass()
|
---|
| 397 | {
|
---|
| 398 | if (external_db == false) { keydb.closedatabase();}
|
---|
[2750] | 399 | }
|
---|
[373] | 400 | // generates a random key for the user, stores it in the database and
|
---|
| 401 | // returns it so that it can be used in page generation
|
---|
| 402 | // returns "" on failure
|
---|
[13844] | 403 | text_t keydbclass::generate_key (const text_t &username)
|
---|
| 404 | {
|
---|
| 405 | // Let's make sure the connection has been established.
|
---|
| 406 | if (activated == true)
|
---|
| 407 | {
|
---|
| 408 | static const char *numconvert = "0123456789abcdefghijklmnopqrstuvwxyz"
|
---|
| 409 | "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
|
---|
| 410 |
|
---|
| 411 | // loop looking for a suitable new key
|
---|
| 412 | text_t userkey;
|
---|
| 413 | text_t crypt_userkey;
|
---|
| 414 | do {
|
---|
| 415 | // convert to base 62 :-)
|
---|
| 416 | int userkey_int = rand ();
|
---|
| 417 | while (userkey_int > 0)
|
---|
| 418 | {
|
---|
| 419 | userkey.push_back (numconvert[userkey_int%62]);
|
---|
| 420 | userkey_int /= 62;
|
---|
| 421 | }
|
---|
| 422 |
|
---|
| 423 | // make sure this key is not in the database
|
---|
| 424 | crypt_userkey = userdbclass::crypt_text(userkey);
|
---|
| 425 | if (keydb.exists (crypt_userkey)) userkey.clear();
|
---|
| 426 | } while (userkey.empty());
|
---|
| 427 |
|
---|
| 428 | // enter the key into the database
|
---|
| 429 | infodbclass keydata;
|
---|
| 430 | keydata["user"] = username;
|
---|
| 431 | keydata["time"] = time2text(time(NULL));
|
---|
| 432 |
|
---|
[14269] | 433 | keydb.closedatabase();
|
---|
| 434 | keydb.opendatabase(storedkeydbfilename, GDBM_WRCREAT, 1000, true);
|
---|
[13844] | 435 | if (!keydb.setinfo (crypt_userkey, keydata))
|
---|
| 436 | {
|
---|
| 437 | userkey.clear(); // failed
|
---|
| 438 | }
|
---|
[14269] | 439 | keydb.closedatabase();
|
---|
| 440 | keydb.opendatabase(storedkeydbfilename, GDBM_READER, 1000, true);
|
---|
[13844] | 441 |
|
---|
| 442 | return userkey;
|
---|
[373] | 443 | }
|
---|
[13844] | 444 | return "";
|
---|
[373] | 445 | }
|
---|
| 446 |
|
---|
| 447 | // checks to see if there is a key for this particular user in the
|
---|
| 448 | // database that hasn't decayed. a short decay is used when group
|
---|
| 449 | // is set to administrator
|
---|
[13844] | 450 | bool keydbclass::check_key (const userinfo_t &thisuser, const text_t &key, const text_t &group, int keydecay)
|
---|
| 451 | {
|
---|
| 452 | // Let's make sure the connection has been established.
|
---|
| 453 | if (activated == true)
|
---|
| 454 | {
|
---|
| 455 | if (thisuser.username.empty() || key.empty()) return false;
|
---|
| 456 |
|
---|
| 457 | // the keydecay is set to 5 minute for things requiring the
|
---|
| 458 | // administrator
|
---|
| 459 | // if (group == "administrator") keydecay = 300;
|
---|
| 460 |
|
---|
| 461 | // success if there is a key in the key database that is owned by this
|
---|
| 462 | // user whose creation time is less that keydecay
|
---|
| 463 | text_t crypt_key = userdbclass::crypt_text(key);
|
---|
| 464 | infodbclass info;
|
---|
| 465 | if (keydb.getinfo (crypt_key, info)) {
|
---|
| 466 | if (info["user"] == thisuser.username) {
|
---|
| 467 | time_t keycreation = text2time (info["time"]);
|
---|
| 468 | if (keycreation != (time_t)-1 && difftime (text2time(time2text(time(NULL))),
|
---|
| 469 | keycreation) <= keydecay) {
|
---|
| 470 | // succeeded, update the key's time
|
---|
| 471 | info["time"] = time2text(time(NULL));
|
---|
[14269] | 472 | keydb.closedatabase();
|
---|
| 473 | keydb.opendatabase(storedkeydbfilename, GDBM_WRCREAT, 1000, true);
|
---|
[13844] | 474 | keydb.setinfo (crypt_key, info);
|
---|
[14269] | 475 | keydb.closedatabase();
|
---|
| 476 | keydb.opendatabase(storedkeydbfilename, GDBM_READER, 1000, true);
|
---|
[13844] | 477 | return true;
|
---|
| 478 | }
|
---|
| 479 | }
|
---|
[373] | 480 | }
|
---|
| 481 | }
|
---|
[13844] | 482 | return false;
|
---|
[373] | 483 | }
|
---|
| 484 |
|
---|
| 485 | // remove_old_keys will remove all keys created more than keydecay ago.
|
---|
| 486 | // use sparingly, it can be quite an expensive function
|
---|
[13844] | 487 | void keydbclass::remove_old_keys (int keydecay)
|
---|
| 488 | {
|
---|
| 489 | // Let's make sure the connection has been established.
|
---|
| 490 | if (activated == true)
|
---|
| 491 | {
|
---|
| 492 | // get a list of keys created more than keydecay seconds agon
|
---|
| 493 | text_tarray oldkeys;
|
---|
| 494 | text_t key = keydb.getfirstkey ();
|
---|
| 495 | infodbclass info;
|
---|
| 496 | time_t timenow = text2time(time2text(time(NULL)));
|
---|
| 497 | time_t keycreation = (time_t)-1;
|
---|
| 498 | while (!key.empty()) {
|
---|
| 499 | if (keydb.getinfo (key, info)) {
|
---|
| 500 | keycreation = text2time (info["time"]);
|
---|
| 501 | if (keycreation != (time_t)-1 && difftime (timenow, keycreation) > keydecay) {
|
---|
| 502 | // found an old key
|
---|
| 503 | oldkeys.push_back(key);
|
---|
| 504 | }
|
---|
| 505 | }
|
---|
| 506 |
|
---|
| 507 | key = keydb.getnextkey (key);
|
---|
[373] | 508 | }
|
---|
[13844] | 509 |
|
---|
[15207] | 510 | // delete the old keys
|
---|
| 511 | if (oldkeys.size() > 0) {
|
---|
| 512 | keydb.closedatabase();
|
---|
| 513 | keydb.opendatabase(storedkeydbfilename, GDBM_WRCREAT, 1000, true);
|
---|
| 514 | text_tarray::iterator keys_here = oldkeys.begin();
|
---|
| 515 | text_tarray::iterator keys_end = oldkeys.end();
|
---|
| 516 | while (keys_here != keys_end) {
|
---|
| 517 | keydb.deletekey(*keys_here);
|
---|
| 518 | ++keys_here;
|
---|
| 519 | }
|
---|
| 520 | keydb.closedatabase();
|
---|
| 521 | keydb.opendatabase(storedkeydbfilename, GDBM_READER, 1000, true);
|
---|
[13844] | 522 | }
|
---|
[373] | 523 | }
|
---|
| 524 | }
|
---|
[13844] | 525 | //==========================================//
|
---|
| 526 | // keydbclass functions (End) //
|
---|
| 527 | //==========================================//
|
---|