Menu
▾
▴
[Firebird-checkins] SF.net SVN: firebird:[51355] firebird/trunk
|
From: <ale...@us...> - 2010-07-23 12:04:26
|
Revision: 51355
http://firebird.svn.sourceforge.net/firebird/?rev=51355&view=rev
Author: alexpeshkoff
Date: 2010-07-23 12:04:18 +0000 (Fri, 23 Jul 2010)
Log Message:
-----------
Implemented self-registering plugins format (same plugin can be easily linked statically
or as dynamic library, depending upon platform requirements). Self-registering plugins
need not export any functions, instead they call fb_register_plugin() on startup.
Reworked all user management to use self-registering plugins.
Removed system table RDB$USERS. PLG$USERS is not created automatically by plugin, but
will be later (work in progress).
Modified Paths:
--------------
firebird/trunk/builds/posix/Makefile.in.client.gsec
firebird/trunk/builds/posix/Makefile.in.embed.util
firebird/trunk/builds/posix/Makefile.in.fbserver
firebird/trunk/builds/posix/Makefile.in.firebird
firebird/trunk/builds/posix/Makefile.in.smp_server
firebird/trunk/builds/posix/firebird.vers
firebird/trunk/builds/posix/make.defaults
firebird/trunk/builds/posix/make.rules
firebird/trunk/builds/posix/make.shared.variables
firebird/trunk/configure.in
firebird/trunk/src/auth/Auth.cpp
firebird/trunk/src/auth/Auth.h
firebird/trunk/src/auth/AuthInterface.h
firebird/trunk/src/auth/SecurityDatabase/LegacyClient.cpp
firebird/trunk/src/auth/SecurityDatabase/LegacyClient.h
firebird/trunk/src/common/classes/Interface.h
firebird/trunk/src/dbs/security.sql
firebird/trunk/src/include/FirebirdPluginApi.h
firebird/trunk/src/include/gen/ids.h
firebird/trunk/src/jrd/PluginManager.h
firebird/trunk/src/jrd/fields.h
firebird/trunk/src/jrd/gds.cpp
firebird/trunk/src/jrd/idx.h
firebird/trunk/src/jrd/ini.epp
firebird/trunk/src/jrd/jrd_pwd.h
firebird/trunk/src/jrd/names.h
firebird/trunk/src/jrd/os/posix/mod_loader.cpp
firebird/trunk/src/jrd/pwd.cpp
firebird/trunk/src/jrd/relations.h
firebird/trunk/src/plugins/udr_engine/UdrEngine.cpp
firebird/trunk/src/remote/interface.cpp
firebird/trunk/src/remote/server.cpp
Added Paths:
-----------
firebird/trunk/builds/posix/Makefile.in.user.management
firebird/trunk/src/auth/AuthDbg.cpp
firebird/trunk/src/auth/AuthDbg.h
firebird/trunk/src/auth/SecurityDatabase/LegacyManagement.epp
firebird/trunk/src/auth/SecurityDatabase/LegacyManagement.h
firebird/trunk/src/common/classes/ImplementHelper.h
firebird/trunk/src/misc/smallog.cpp
firebird/trunk/src/utilities/gsec/security.cpp
Removed Paths:
-------------
firebird/trunk/src/utilities/gsec/security.epp
Property Changed:
----------------
firebird/trunk/builds/posix/Makefile.in.client.gsec
firebird/trunk/builds/posix/Makefile.in.embed.util
firebird/trunk/builds/posix/Makefile.in.fbserver
firebird/trunk/builds/posix/Makefile.in.firebird
firebird/trunk/builds/posix/Makefile.in.smp_server
firebird/trunk/builds/posix/firebird.vers
firebird/trunk/builds/posix/make.defaults
firebird/trunk/builds/posix/make.rules
firebird/trunk/builds/posix/make.shared.variables
firebird/trunk/configure.in
firebird/trunk/src/auth/Auth.cpp
firebird/trunk/src/auth/Auth.h
firebird/trunk/src/auth/AuthInterface.h
firebird/trunk/src/auth/SecurityDatabase/LegacyClient.cpp
firebird/trunk/src/auth/SecurityDatabase/LegacyClient.h
firebird/trunk/src/common/classes/Interface.h
firebird/trunk/src/dbs/security.sql
firebird/trunk/src/include/FirebirdPluginApi.h
firebird/trunk/src/include/gen/ids.h
firebird/trunk/src/jrd/PluginManager.h
firebird/trunk/src/jrd/fields.h
firebird/trunk/src/jrd/gds.cpp
firebird/trunk/src/jrd/idx.h
firebird/trunk/src/jrd/ini.epp
firebird/trunk/src/jrd/jrd_pwd.h
firebird/trunk/src/jrd/names.h
firebird/trunk/src/jrd/os/posix/mod_loader.cpp
firebird/trunk/src/jrd/pwd.cpp
firebird/trunk/src/jrd/relations.h
firebird/trunk/src/plugins/udr_engine/UdrEngine.cpp
firebird/trunk/src/remote/interface.cpp
Modified: firebird/trunk/builds/posix/Makefile.in.client.gsec
===================================================================
--- firebird/trunk/builds/posix/Makefile.in.client.gsec 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/builds/posix/Makefile.in.client.gsec 2010-07-23 12:04:18 UTC (rev 51355)
@@ -29,8 +29,7 @@
@SET_MAKE@
-GSEC_Other_Sources = jrd/isc_file.cpp jrd/ThreadData.cpp jrd/enc.cpp \
- jrd/sha.cpp jrd/guid.cpp
+GSEC_Other_Sources = jrd/isc_file.cpp jrd/ThreadData.cpp
GSEC_Files = gsec.cpp call_service.cpp gsecMain.cpp security.cpp
GSEC_Sources = $(addprefix utilities/gsec/, $(GSEC_Files)) $(GSEC_Other_Sources)
GSEC_Objects = $(addprefix $(OBJ)/, $(addsuffix .o, $(basename $(GSEC_Sources))))
Property changes on: firebird/trunk/builds/posix/Makefile.in.client.gsec
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/builds/posix/Makefile.in.embed.util
===================================================================
--- firebird/trunk/builds/posix/Makefile.in.embed.util 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/builds/posix/Makefile.in.embed.util 2010-07-23 12:04:18 UTC (rev 51355)
@@ -70,7 +70,7 @@
DROP_Objects = $(addprefix $(OBJ)/, $(addsuffix .o, $(basename $(DROP_Sources)))) $(FBCOMMON_ClientObjects)
-GSEC_Other_Sources = jrd/enc.cpp jrd/sha.cpp jrd/guid.cpp \
+GSEC_Other_Sources = \
jrd/isc_file.cpp common/config/config.cpp common/config/config_file.cpp \
common/config/ConfigCache.cpp common/config/dir_list.cpp \
jrd/ThreadData.cpp $(OS_SPECIFIC_Sources)
Property changes on: firebird/trunk/builds/posix/Makefile.in.embed.util
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/builds/posix/Makefile.in.fbserver
===================================================================
--- firebird/trunk/builds/posix/Makefile.in.fbserver 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/builds/posix/Makefile.in.fbserver 2010-07-23 12:04:18 UTC (rev 51355)
@@ -39,10 +39,15 @@
@SET_MAKE@
+SERVER_Other_sources = jrd/pwd.cpp jrd/sha.cpp
+SERVER_Other Objects = $(addprefix $(OBJ)/, $(addsuffix .o, $(basename $(SERVER_Other_sources))))
+
SERVER_Files = $(OS_ServerFiles) server.cpp
-SERVER_Sources = $(addprefix remote/, $(SERVER_Files)) jrd/pwd.cpp
-SERVER_Objects = $(addprefix $(OBJ)/, $(addsuffix .o, $(basename $(SERVER_Sources)))) $(LIBFBSERVER_Objects) $(COMMON_Objects)
+SERVER_Sources = $(addprefix remote/, $(SERVER_Files))
+SERVER_Objects = $(addprefix $(OBJ)/, $(addsuffix .o, $(basename $(SERVER_Sources)))) \
+ $(LIBFBSERVER_Objects) $(COMMON_Objects) $(SERVER_Other Objects)
+
.PHONY: fbserver
Property changes on: firebird/trunk/builds/posix/Makefile.in.fbserver
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/builds/posix/Makefile.in.firebird
===================================================================
--- firebird/trunk/builds/posix/Makefile.in.firebird 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/builds/posix/Makefile.in.firebird 2010-07-23 12:04:18 UTC (rev 51355)
@@ -134,7 +134,7 @@
.PHONY: all firebird firebird_boot firebird_basic
.PHONY: firebird_embedded firebird_server classic_programs super_programs
.PHONY: firebird_super firebird_classic btyacc_binary
-.PHONY: fbtrace
+.PHONY: plugins2
# The main targets are firebird_embedded or firebird_server
@@ -145,8 +145,8 @@
firebird : firebird_@FIREBIRD_ARCH_TYPE@ $(PLATFORM_POSTBUILD_TARGET)
-firebird_classic firebird_embedded: firebird_basic classic_targets fbtrace
-firebird_super firebird_server: firebird_basic super_targets fbtrace
+firebird_classic firebird_embedded: firebird_basic classic_targets plugins2
+firebird_super firebird_server: firebird_basic super_targets plugins2
@@ -414,8 +414,9 @@
#---------------------------------------------------------------------------
-fbtrace:
+plugins2:
$(MAKE) $(CPU_OPTION) -f $(GEN_ROOT)/Makefile.fbtrace
+ $(MAKE) $(CPU_OPTION) -f $(GEN_ROOT)/Makefile.user.management
#---------------------------------------------------------------------------
Property changes on: firebird/trunk/builds/posix/Makefile.in.firebird
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/builds/posix/Makefile.in.smp_server
===================================================================
--- firebird/trunk/builds/posix/Makefile.in.smp_server 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/builds/posix/Makefile.in.smp_server 2010-07-23 12:04:18 UTC (rev 51355)
@@ -42,8 +42,8 @@
SERVER_JrdFiles = ThreadData.cpp divorce.cpp dsc.cpp enc.cpp isc_file.cpp isc.cpp \
sdl.cpp status.cpp
SERVER_Files = $(OS_ServerFiles) server.cpp
-SERVER_Other_sources = common/cvt.cpp common/classes/DbImplementation.cpp \
-jrd/pwd.cpp jrd/sha.cpp jrd/guid.cpp auth/Auth.cpp
+SERVER_Other_sources = common/cvt.cpp common/classes/DbImplementation.cpp auth/Auth.cpp \
+jrd/pwd.cpp jrd/sha.cpp jrd/guid.cpp
SERVER_Sources = $(addprefix remote/, $(SERVER_Files)) $(addprefix jrd/, $(SERVER_JrdFiles)) $(SERVER_Other_sources)
REMOTE_CommonSources = $(addprefix remote/, $(REMOTE_CommonFiles))
Property changes on: firebird/trunk/builds/posix/Makefile.in.smp_server
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: firebird/trunk/builds/posix/Makefile.in.user.management
===================================================================
--- firebird/trunk/builds/posix/Makefile.in.user.management (rev 0)
+++ firebird/trunk/builds/posix/Makefile.in.user.management 2010-07-23 12:04:18 UTC (rev 51355)
@@ -0,0 +1,81 @@
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+# You may obtain a copy of the Licence at
+# http://www.gnu.org/licences/lgpl.html
+#
+# As a special exception this file can also be included in modules
+# with other source code as long as that source code has been
+# released under an Open Source Initiative certificed licence.
+# More information about OSI certification can be found at:
+# http://www.opensource.org
+#
+# This module is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Lesser General Public Licence for more details.
+#
+# This module was created by members of the firebird development
+# team. All individual contributions remain the Copyright (C) of
+# those individuals and all rights are reserved. Contributors to
+# this file are either listed below or can be obtained from a CVS
+# history command.
+#
+# Created by: Mark O'Donohue <mar...@lu...>
+#
+# Contributor(s):
+#
+#
+#
+ROOT=..
+ObjModuleType=std
+
+include $(ROOT)/gen/make.defaults
+include $(ROOT)/gen/make.platform
+include $(ROOT)/gen/make.rules
+include $(ROOT)/gen/make.shared.variables
+
+@SET_MAKE@
+
+
+USER_MANAGEMENT_Files = LegacyManagement.epp
+
+USER_MANAGEMENT_Sources = $(addprefix auth/SecurityDatabase/, $(USER_MANAGEMENT_Files))
+
+USER_MANAGEMENT_Objects = $(addprefix $(OBJ)/, $(addsuffix .o, $(basename $(USER_MANAGEMENT_Sources))))
+
+
+MANAGEMENT_OTHER_Sources = jrd/enc.cpp jrd/sha.cpp jrd/guid.cpp common/classes/alloc.cpp \
+common/classes/locks.cpp common/classes/UserBlob.cpp common/classes/init.cpp common/classes/fb_string.cpp \
+common/fb_exception.cpp common/thd.cpp common/StatusArg.cpp
+
+
+MANAGEMENT_OTHER_Objects = $(addprefix $(OBJ)/, $(addsuffix .o, $(basename $(MANAGEMENT_OTHER_Sources))))
+
+
+MANAGEMENT_Objects = $(USER_MANAGEMENT_Objects) $(MANAGEMENT_OTHER_Objects)
+#$(FBCLASSES_ClientObjects) $(FBCOMMON_ClientObjects)
+# $(CONFIG_Objects) \
+# $(FBCLASSES_MsgObjects) \
+# $(FBCONFIG_Objects)
+
+
+AllObjects = $(MANAGEMENT_Objects)
+Dependencies = $(AllObjects:.o=.d)
+
+
+.PHONY: all user_management
+
+
+all : user_management
+
+user_management: $(MANAGEMENT)
+
+$(MANAGEMENT): $(MANAGEMENT_Objects)
+ $(LINK_PLUGIN) $(call LIB_LINK_SONAME,$(MANAGEMENT).0) -o $@ $^ $(LINK_PLUG_LIBS)
+
+
+include $(ROOT)/gen/make.shared.targets
+
+-include $(Dependencies)
Property changes on: firebird/trunk/builds/posix/Makefile.in.user.management
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: svn:eol-style
+ native
Modified: firebird/trunk/builds/posix/firebird.vers
===================================================================
--- firebird/trunk/builds/posix/firebird.vers 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/builds/posix/firebird.vers 2010-07-23 12:04:18 UTC (rev 51355)
@@ -333,6 +333,11 @@
fb_shutdown
fb_shutdown_callback
+# Plugins support
+
+fb_register_plugin
+fb_query_plugin
+
# Other misc functions
isc_ftof
Property changes on: firebird/trunk/builds/posix/firebird.vers
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/builds/posix/make.defaults
===================================================================
--- firebird/trunk/builds/posix/make.defaults 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/builds/posix/make.defaults 2010-07-23 12:04:18 UTC (rev 51355)
@@ -317,6 +317,9 @@
$(call LIB_LINK_SONAME,$(SharedLibrarySoName)) $(call LIB_LINK_RPATH,lib)
LINK_EMBED_LIBS = -L$(LIB) $(LIB_GUI) $(SO_LINK_LIBS) $(ICU_LIBS)
+LINK_PLUGIN = $(LIB_LINK) $(LINK_EMPTY_SYMBOLS) $(LIB_LINK_OPTIONS) $(call LIB_LINK_RPATH,lib)
+LINK_PLUG_LIBS = -L$(LIB) $(SO_LINK_LIBS)
+
# From utilities
CREATE_DB = $(BIN)/create_db$(EXEC_EXT)
GDS_DROP = $(BIN)/gds_drop$(EXEC_EXT)
@@ -339,6 +342,7 @@
INSTSVC = $(BIN)/instsvc$(EXEC_EXT)
ISC_GDB = $(FIREBIRD)/security2.fdb
ISC_GBAK = $(BIN)/security.gbak
+MANAGEMENT = $(PLUGINS)/$(LIB_PREFIX)user_management.$(SHRLIB_EXT)
# From qli
QLI = $(BIN)/qli$(EXEC_EXT)
Property changes on: firebird/trunk/builds/posix/make.defaults
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/builds/posix/make.rules
===================================================================
--- firebird/trunk/builds/posix/make.rules 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/builds/posix/make.rules 2010-07-23 12:04:18 UTC (rev 51355)
@@ -127,7 +127,7 @@
$(OBJ)/jrd/fun.epp $(OBJ)/jrd/dyn.epp $(OBJ)/jrd/dfw.epp $(OBJ)/jrd/dyn_util.epp \
$(OBJ)/jrd/pcmet.epp $(OBJ)/jrd/met.epp $(OBJ)/jrd/dpm.epp $(OBJ)/utilities/rebuild/rstore.epp \
$(OBJ)/utilities/rebuild/rmet.epp $(OBJ)/utilities/gstat/dba.epp $(OBJ)/utilities/stats.epp \
- $(OBJ)/utilities/gsec/security.epp $(OBJ)/alice/alice_meta.epp $(OBJ)/qli/meta.epp \
+ $(OBJ)/auth/SecurityDatabase/LegacyManagement.epp $(OBJ)/alice/alice_meta.epp $(OBJ)/qli/meta.epp \
$(OBJ)/qli/proc.epp $(OBJ)/qli/show.epp $(OBJ)/qli/help.epp $(OBJ)/misc/codes.epp \
$(OBJ)/gpre/gpre_meta.epp $(OBJ)/dsql/blob.epp $(OBJ)/dsql/array.epp \
$(OBJ)/dsql/PackageNodes.epp $(OBJ)/dsql/metd.epp $(OBJ)/dsql/DdlNodes.epp $(OBJ)/isql/show.epp \
Property changes on: firebird/trunk/builds/posix/make.rules
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/builds/posix/make.shared.variables
===================================================================
--- firebird/trunk/builds/posix/make.shared.variables 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/builds/posix/make.shared.variables 2010-07-23 12:04:18 UTC (rev 51355)
@@ -14,7 +14,7 @@
JRD_ClientFiles = alt.cpp db_alias.cpp dsc.cpp \
- enc.cpp gds.cpp isc.cpp isc_file.cpp isc_ipc.cpp \
+ gds.cpp isc.cpp isc_file.cpp isc_ipc.cpp \
perf.cpp sdl.cpp status.cpp \
ThreadData.cpp ThreadStart.cpp utl.cpp \
$(WHY_Sources)
@@ -41,7 +41,7 @@
sdw.cpp shut.cpp sort.cpp sqz.cpp \
svc.cpp SysFunction.cpp TempSpace.cpp tpc.cpp tra.cpp validation.cpp \
ValueImpl.cpp ValuesImpl.cpp vio.cpp \
- nodebug.cpp nbak.cpp sha.cpp $(Physical_IO_Module) TextType.cpp \
+ nodebug.cpp nbak.cpp $(Physical_IO_Module) TextType.cpp \
unicode_util.cpp RuntimeStatistics.cpp DebugInterface.cpp \
extds/ExtDS.cpp extds/InternalDS.cpp extds/IscDS.cpp \
trace/TraceConfigStorage.cpp trace/TraceLog.cpp \
@@ -114,7 +114,7 @@
INTERFACE_Sources = $(addprefix remote/, $(INTERFACE_Files)) \
- auth/Auth.cpp auth/SecurityDatabase/LegacyClient.cpp
+ auth/Auth.cpp auth/AuthDbg.cpp auth/SecurityDatabase/LegacyClient.cpp jrd/enc.cpp
INTERFACE_Objects = $(addprefix $(OBJ)/, $(addsuffix .o, $(basename $(INTERFACE_Sources))))
ifeq ($(PLATFORM),win32)
@@ -357,7 +357,7 @@
# MOD 29-July-2002
# Stub for services entrypoints missing in static library
-STUB_Sources = jrd/svc_stub.cpp utilities/gsec/security.epp
+STUB_Sources = jrd/svc_stub.cpp utilities/gsec/security.cpp
STUB_Objects = $(addprefix $(OBJ)/, $(addsuffix .o, $(basename $(STUB_Sources))))
Property changes on: firebird/trunk/builds/posix/make.shared.variables
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/configure.in
===================================================================
--- firebird/trunk/configure.in 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/configure.in 2010-07-23 12:04:18 UTC (rev 51355)
@@ -1371,6 +1371,7 @@
gen/Makefile.embed.qli:${MAKE_SRC_DIR}/Makefile.in.embed.qli
gen/Makefile.embed.gpre:${MAKE_SRC_DIR}/Makefile.in.embed.gpre
gen/Makefile.fbtrace:${MAKE_SRC_DIR}/Makefile.in.fbtrace
+gen/Makefile.user.management:${MAKE_SRC_DIR}/Makefile.in.user.management
gen/Makefile.install:builds/install/arch-specific/${INSTALL_PREFIX}/Makefile.in
Makefile:Makefile.in
)
Property changes on: firebird/trunk/configure.in
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/src/auth/Auth.cpp
===================================================================
--- firebird/trunk/src/auth/Auth.cpp 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/src/auth/Auth.cpp 2010-07-23 12:04:18 UTC (rev 51355)
@@ -28,137 +28,10 @@
#include "firebird.h"
#include "../auth/Auth.h"
#include "../jrd/ibase.h"
+#include "../common/classes/ImplementHelper.h"
-#ifdef AUTH_DEBUG
-
-namespace
-{
- void debugName(const char** data, unsigned short* dataSize)
- {
- // Construct a copy of the literal so we don't violate the constness.
- // The caller can do anything with the pointer unless we change getName() signature.
- static char name[] = "DEBUG_AUTH";
- *data = name;
- *dataSize = strlen(name);
- }
-}
-
namespace Auth {
-ServerInstance* DebugServer::instance()
-{
- return interfaceAlloc<DebugServerInstance>();
-}
-
-ClientInstance* DebugClient::instance()
-{
- return interfaceAlloc<DebugClientInstance>();
-}
-
-void DebugServer::getName(const char** data, unsigned short* dataSize)
-{
- debugName(data, dataSize);
-}
-
-void DebugClient::getName(const char** data, unsigned short* dataSize)
-{
- debugName(data, dataSize);
-}
-
-void DebugServer::release()
-{
- interfaceFree(this);
-}
-
-void DebugClient::release()
-{
- interfaceFree(this);
-}
-
-DebugServerInstance::DebugServerInstance()
- : str(*getDefaultMemoryPool())
-{ }
-
-Result DebugServerInstance::startAuthentication(bool isService, const char* dbName,
- const unsigned char* dpb, unsigned int dpbSize,
- WriterInterface* writerInterface)
-{
- str.erase();
- Firebird::ClumpletReader rdr(isService ?
- Firebird::ClumpletReader::spbList :
- Firebird::ClumpletReader::dpbList, dpb, dpbSize);
-
- if (rdr.find(isService ? isc_spb_trusted_auth : isc_dpb_trusted_auth))
- {
- str.assign(rdr.getBytes(), rdr.getClumpLength());
- }
-
- str += '_';
- return AUTH_MORE_DATA;
-}
-
-Result DebugServerInstance::contAuthentication(WriterInterface* writerInterface,
- const unsigned char* data, unsigned int size)
-{
- //fprintf(stderr, "DebugServerInstance::contAuthentication: %.*s\n", size, data);
- writerInterface->add(Firebird::string((const char*) data, size).c_str(), "DEBUG", "");
- return AUTH_SUCCESS;
-}
-
-void DebugServerInstance::getData(const unsigned char** data, unsigned short* dataSize)
-{
- *data = reinterpret_cast<const unsigned char*>(str.c_str());
- *dataSize = str.length();
- //fprintf(stderr, "DebugServerInstance::getData: %.*s\n", *dataSize, *data);
-}
-
-void DebugServerInstance::release()
-{
- interfaceFree(this);
-}
-
-DebugClientInstance::DebugClientInstance()
- : str(*getDefaultMemoryPool())
-{ }
-
-Result DebugClientInstance::startAuthentication(bool isService, const char*, DpbInterface* dpb)
-{
- str = "HAND";
- if (dpb)
- {
- dpb->add(isService ? isc_spb_trusted_auth : isc_dpb_trusted_auth,
- str.c_str(), str.length());
- return AUTH_SUCCESS;
- }
- return AUTH_MORE_DATA;
-}
-
-Result DebugClientInstance::contAuthentication(const unsigned char* data, unsigned int size)
-{
- //fprintf(stderr, "DebugClientInstance::contAuthentication: %.*s\n", size, data);
- str.assign(data, size);
- str += "SHAKE";
- return AUTH_CONTINUE;
-}
-
-void DebugClientInstance::getData(const unsigned char** data, unsigned short* dataSize)
-{
- *data = reinterpret_cast<const unsigned char*>(str.c_str());
- *dataSize = str.length();
- //fprintf(stderr, "DebugClientInstance::getData: %.*s\n", *dataSize, *data);
-}
-
-void DebugClientInstance::release()
-{
- interfaceFree(this);
-}
-
-} // namespace Auth
-
-#endif // AUTH_DEBUG
-
-namespace Auth {
-
WriterImplementation::WriterImplementation(Firebird::MemoryPool& pool, bool svcFlag)
: Firebird::PermanentStorage(pool), body(getPool()),
sequence(0), tag(svcFlag ? isc_spb_auth_block : isc_dpb_auth_block)
@@ -202,16 +75,13 @@
}
-bool legacy(Plugin* plugin)
+bool legacy(Firebird::Plugin* plugin)
{
const char* legacyTrusted = "WIN_SSPI";
- const short legLength = strlen(legacyTrusted);
- const char* nm;
- USHORT len;
+ const unsigned short legLength = strlen(legacyTrusted);
+ const char* nm = plugin->name();
- plugin->getName(&nm, &len);
-
- return len == legLength && memcmp(legacyTrusted, nm, legLength) == 0;
+ return strlen(nm) == legLength && memcmp(legacyTrusted, nm, legLength) == 0;
}
} // namespace Auth
Property changes on: firebird/trunk/src/auth/Auth.cpp
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/src/auth/Auth.h
===================================================================
--- firebird/trunk/src/auth/Auth.h 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/src/auth/Auth.h 2010-07-23 12:04:18 UTC (rev 51355)
@@ -38,7 +38,7 @@
namespace Auth {
-bool legacy(Plugin* plugin);
+bool legacy(Firebird::Plugin* plugin);
class WriterImplementation : public WriterInterface, public Firebird::PermanentStorage
{
@@ -69,7 +69,7 @@
Firebird::ClumpletWriter* body;
};
-//#define AUTH_DEBUG
+#define AUTH_DEBUG
#ifdef AUTH_DEBUG
@@ -80,7 +80,6 @@
{
public:
ServerInstance* instance();
- void getName(const char** data, unsigned short* dataSize);
void release();
};
@@ -88,7 +87,6 @@
{
public:
ClientInstance* instance();
- void getName(const char** data, unsigned short* dataSize);
void release();
};
Property changes on: firebird/trunk/src/auth/Auth.h
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: firebird/trunk/src/auth/AuthDbg.cpp
===================================================================
--- firebird/trunk/src/auth/AuthDbg.cpp (rev 0)
+++ firebird/trunk/src/auth/AuthDbg.cpp 2010-07-23 12:04:18 UTC (rev 51355)
@@ -0,0 +1,133 @@
+/*
+ * PROGRAM: Firebird authentication
+ * MODULE: Auth.cpp
+ * DESCRIPTION: Implementation of interfaces, passed to plugins
+ * Plugins loader
+ *
+ * The contents of this file are subject to the Initial
+ * Developer's Public License Version 1.0 (the "License");
+ * you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at
+ * http://www.ibphoenix.com/main.nfs?a=ibphoenix&page=ibp_idpl.
+ *
+ * Software distributed under the License is distributed AS IS,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied.
+ * See the License for the specific language governing rights
+ * and limitations under the License.
+ *
+ * The Original Code was created by Alex Peshkov
+ * for the Firebird Open Source RDBMS project.
+ *
+ * Copyright (c) 2010 Alex Peshkov <peshkoff at mail.ru>
+ * and all contributors signed below.
+ *
+ * All Rights Reserved.
+ * Contributor(s): ______________________________________.
+ */
+
+#include "firebird.h"
+#include "../auth/AuthDbg.h"
+#include "../jrd/ibase.h"
+#include "../common/classes/ImplementHelper.h"
+
+#ifdef AUTH_DEBUG
+
+namespace {
+ char name[] = "DEBUG_AUTH";
+ Firebird::PluginHelper<Auth::DebugServer, Firebird::Plugin::AuthServer, name> debugServer;
+ Firebird::PluginHelper<Auth::DebugClient, Firebird::Plugin::AuthClient, name> debugClient;
+}
+
+namespace Auth {
+
+ServerInstance* DebugServer::instance()
+{
+ return Firebird::interfaceAlloc<DebugServerInstance>();
+}
+
+ClientInstance* DebugClient::instance()
+{
+ return Firebird::interfaceAlloc<DebugClientInstance>();
+}
+
+DebugServerInstance::DebugServerInstance()
+ : str(*getDefaultMemoryPool())
+{ }
+
+Result DebugServerInstance::startAuthentication(bool isService, const char* dbName,
+ const unsigned char* dpb, unsigned int dpbSize,
+ WriterInterface* writerInterface)
+{
+ str.erase();
+ Firebird::ClumpletReader rdr(isService ?
+ Firebird::ClumpletReader::spbList :
+ Firebird::ClumpletReader::dpbList, dpb, dpbSize);
+
+ if (rdr.find(isService ? isc_spb_trusted_auth : isc_dpb_trusted_auth))
+ {
+ str.assign(rdr.getBytes(), rdr.getClumpLength());
+ }
+
+ str += '_';
+ return AUTH_MORE_DATA;
+}
+
+Result DebugServerInstance::contAuthentication(WriterInterface* writerInterface,
+ const unsigned char* data, unsigned int size)
+{
+ //fprintf(stderr, "DebugServerInstance::contAuthentication: %.*s\n", size, data);
+ writerInterface->add(Firebird::string((const char*) data, size).c_str(), "DEBUG", "");
+ return AUTH_SUCCESS;
+}
+
+void DebugServerInstance::getData(const unsigned char** data, unsigned short* dataSize)
+{
+ *data = reinterpret_cast<const unsigned char*>(str.c_str());
+ *dataSize = str.length();
+ //fprintf(stderr, "DebugServerInstance::getData: %.*s\n", *dataSize, *data);
+}
+
+void DebugServerInstance::release()
+{
+ Firebird::interfaceFree(this);
+}
+
+DebugClientInstance::DebugClientInstance()
+ : str(*getDefaultMemoryPool())
+{ }
+
+Result DebugClientInstance::startAuthentication(bool isService, const char*, DpbInterface* dpb)
+{
+ str = "HAND";
+ if (dpb)
+ {
+ dpb->add(isService ? isc_spb_trusted_auth : isc_dpb_trusted_auth,
+ str.c_str(), str.length());
+ return AUTH_SUCCESS;
+ }
+ return AUTH_MORE_DATA;
+}
+
+Result DebugClientInstance::contAuthentication(const unsigned char* data, unsigned int size)
+{
+ //fprintf(stderr, "DebugClientInstance::contAuthentication: %.*s\n", size, data);
+ str.assign(data, size);
+ str += "SHAKE";
+ return AUTH_CONTINUE;
+}
+
+void DebugClientInstance::getData(const unsigned char** data, unsigned short* dataSize)
+{
+ *data = reinterpret_cast<const unsigned char*>(str.c_str());
+ *dataSize = str.length();
+ //fprintf(stderr, "DebugClientInstance::getData: %.*s\n", *dataSize, *data);
+}
+
+void DebugClientInstance::release()
+{
+ Firebird::interfaceFree(this);
+}
+
+} // namespace Auth
+
+#endif // AUTH_DEBUG
Property changes on: firebird/trunk/src/auth/AuthDbg.cpp
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: svn:eol-style
+ native
Added: firebird/trunk/src/auth/AuthDbg.h
===================================================================
--- firebird/trunk/src/auth/AuthDbg.h (rev 0)
+++ firebird/trunk/src/auth/AuthDbg.h 2010-07-23 12:04:18 UTC (rev 51355)
@@ -0,0 +1,95 @@
+/*
+ * PROGRAM: Firebird authentication
+ * MODULE: Auth.h
+ * DESCRIPTION: Implementation of interfaces, passed to plugins
+ * Plugins loader
+ *
+ * The contents of this file are subject to the Initial
+ * Developer's Public License Version 1.0 (the "License");
+ * you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at
+ * http://www.ibphoenix.com/main.nfs?a=ibphoenix&page=ibp_idpl.
+ *
+ * Software distributed under the License is distributed AS IS,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied.
+ * See the License for the specific language governing rights
+ * and limitations under the License.
+ *
+ * The Original Code was created by Alex Peshkov
+ * for the Firebird Open Source RDBMS project.
+ *
+ * Copyright (c) 2010 Alex Peshkov <peshkoff at mail.ru>
+ * and all contributors signed below.
+ *
+ * All Rights Reserved.
+ * Contributor(s): ______________________________________.
+ *
+ *
+ */
+
+#ifndef FB_AUTHDBG_H
+#define FB_AUTHDBG_H
+
+//#define AUTH_DEBUG
+
+#ifdef AUTH_DEBUG
+
+#include "../auth/AuthInterface.h"
+#include "../common/classes/ClumpletWriter.h"
+#include "../common/classes/init.h"
+#include "../common/classes/array.h"
+#include "../common/classes/fb_string.h"
+
+namespace Auth {
+
+// The idea of debug plugin is to send some data from server to client,
+// modify them on client and return result (which becomes login name) to the server
+
+class DebugServer : public ServerPlugin
+{
+public:
+ ServerInstance* instance();
+};
+
+class DebugClient : public ClientPlugin
+{
+public:
+ ClientInstance* instance();
+};
+
+class DebugServerInstance : public ServerInstance
+{
+public:
+ DebugServerInstance();
+
+ Result startAuthentication(bool isService, const char* dbName,
+ const unsigned char* dpb, unsigned int dpbSize,
+ WriterInterface* writerInterface);
+ Result contAuthentication(WriterInterface* writerInterface,
+ const unsigned char* data, unsigned int size);
+ void getData(const unsigned char** data, unsigned short* dataSize);
+ void release();
+
+private:
+ Firebird::string str;
+};
+
+class DebugClientInstance : public ClientInstance
+{
+public:
+ DebugClientInstance();
+
+ Result startAuthentication(bool isService, const char* dbName, DpbInterface* dpb);
+ Result contAuthentication(const unsigned char* data, unsigned int size);
+ void getData(const unsigned char** data, unsigned short* dataSize);
+ void release();
+
+private:
+ Firebird::string str;
+};
+
+} // namespace Auth
+
+#endif // AUTH_DEBUG
+
+#endif // FB_AUTHDBG_H
Property changes on: firebird/trunk/src/auth/AuthDbg.h
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: svn:eol-style
+ native
Modified: firebird/trunk/src/auth/AuthInterface.h
===================================================================
--- firebird/trunk/src/auth/AuthInterface.h 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/src/auth/AuthInterface.h 2010-07-23 12:04:18 UTC (rev 51355)
@@ -31,14 +31,14 @@
#include "../common/classes/Interface.h"
+// This is temporal measure - see later
+struct internal_user_data;
+#include "../utilities/gsec/secur_proto.h"
+
namespace Auth {
enum Result {AUTH_SUCCESS, AUTH_CONTINUE, AUTH_FAILED, AUTH_MORE_DATA};
-class InterfaceBase : public Firebird::Interface
-{
-};
-
class WriterInterface
{
public:
@@ -54,15 +54,9 @@
virtual void drop() = 0;
};
-class Plugin : public InterfaceBase
+class ServerInstance : public Firebird::Interface
{
public:
- virtual void getName(const char** data, unsigned short* dataSize) = 0;
-};
-
-class ServerInstance : public InterfaceBase
-{
-public:
virtual Result startAuthentication(bool isService, const char* dbName,
const unsigned char* dpb, unsigned int dpbSize,
WriterInterface* writerInterface) = 0;
@@ -71,13 +65,13 @@
virtual void getData(const unsigned char** data, unsigned short* dataSize) = 0;
};
-class ServerPlugin : public Plugin
+class ServerPlugin : public Firebird::Plugin
{
public:
virtual ServerInstance* instance() = 0;
};
-class ClientInstance : public InterfaceBase
+class ClientInstance : public Firebird::Interface
{
public:
virtual Result startAuthentication(bool isService, const char* dbName, DpbInterface* dpb) = 0;
@@ -85,12 +79,22 @@
virtual void getData(const unsigned char** data, unsigned short* dataSize) = 0;
};
-class ClientPlugin : public Plugin
+class ClientPlugin : public Firebird::Plugin
{
public:
virtual ClientInstance* instance() = 0;
};
+class ManagementPlugin : public Firebird::Plugin
+{
+public:
+ // work in progress - we must avoid both internal_user_data and callback function
+ virtual int execLine(ISC_STATUS* isc_status, const char *realUser,
+ FB_API_HANDLE db, FB_API_HANDLE trans,
+ internal_user_data* io_user_data,
+ FPTR_SECURITY_CALLBACK display_func, void* callback_arg) = 0;
+};
+
} // namespace Auth
Property changes on: firebird/trunk/src/auth/AuthInterface.h
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/src/auth/SecurityDatabase/LegacyClient.cpp
===================================================================
--- firebird/trunk/src/auth/SecurityDatabase/LegacyClient.cpp 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/src/auth/SecurityDatabase/LegacyClient.cpp 2010-07-23 12:04:18 UTC (rev 51355)
@@ -28,7 +28,13 @@
#include "firebird.h"
#include "../jrd/ibase.h"
#include "../auth/SecurityDatabase/LegacyClient.h"
+#include "../common/classes/ImplementHelper.h"
+namespace {
+ char name[] = "LEGACY_AUTH";
+ Firebird::PluginHelper<Auth::SecurityDatabaseClient, Firebird::Plugin::AuthClient, name> client;
+}
+
namespace Auth {
ClientInstance* SecurityDatabaseClient::instance()
@@ -36,19 +42,6 @@
return Firebird::interfaceAlloc<SecurityDatabaseClientInstance>();
}
-void SecurityDatabaseClient::getName(const char** data, unsigned short* dataSize)
-{
- // Do not violate the constness.
- static char name[] = "LEGACY_AUTH";
- *data = name;
- *dataSize = strlen(name);
-}
-
-void SecurityDatabaseClient::release()
-{
- interfaceFree(this);
-}
-
Result SecurityDatabaseClientInstance::startAuthentication(bool, const char*, DpbInterface* dpb)
{
return dpb->find(isc_dpb_user_name) &&
Property changes on: firebird/trunk/src/auth/SecurityDatabase/LegacyClient.cpp
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/src/auth/SecurityDatabase/LegacyClient.h
===================================================================
--- firebird/trunk/src/auth/SecurityDatabase/LegacyClient.h 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/src/auth/SecurityDatabase/LegacyClient.h 2010-07-23 12:04:18 UTC (rev 51355)
@@ -38,8 +38,6 @@
{
public:
ClientInstance* instance();
- void getName(const char** data, unsigned short* dataSize);
- void release();
};
class SecurityDatabaseClientInstance : public ClientInstance
Property changes on: firebird/trunk/src/auth/SecurityDatabase/LegacyClient.h
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Copied: firebird/trunk/src/auth/SecurityDatabase/LegacyManagement.epp (from rev 51339, firebird/trunk/src/utilities/gsec/security.epp)
===================================================================
--- firebird/trunk/src/auth/SecurityDatabase/LegacyManagement.epp (rev 0)
+++ firebird/trunk/src/auth/SecurityDatabase/LegacyManagement.epp 2010-07-23 12:04:18 UTC (rev 51355)
@@ -0,0 +1,553 @@
+/*
+ *
+ * PROGRAM: Security data base manager
+ * MODULE: security.epp
+ * DESCRIPTION: Security routines
+ *
+ * The contents of this file are subject to the Interbase Public
+ * License Version 1.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy
+ * of the License at http://www.Inprise.com/IPL.html
+ *
+ * Software distributed under the License is distributed on an
+ * "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express
+ * or implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ *
+ * The Original Code was created by Inprise Corporation
+ * and its predecessors. Portions created by Inprise Corporation are
+ * Copyright (C) Inprise Corporation.
+ *
+ * All Rights Reserved.
+ * Contributor(s): ______________________________________.
+ */
+
+#include "firebird.h"
+#include "../common/classes/alloc.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include "../jrd/common.h"
+#include "../jrd/ibase.h"
+#include "../jrd/jrd_pwd.h"
+#include "../jrd/enc_proto.h"
+#include "../jrd/gds_proto.h"
+#include "../jrd/isc_proto.h"
+#include "../utilities/gsec/gsec.h"
+#include "../common/utils_proto.h"
+#include "../common/classes/init.h"
+#include "../common/classes/UserBlob.h"
+#include "../auth/SecurityDatabase/LegacyManagement.h"
+#include "../common/classes/ImplementHelper.h"
+
+DATABASE DB = STATIC FILENAME "security2.fdb";
+
+namespace {
+
+Firebird::GlobalPtr<Firebird::Mutex> execLineMutex; // protects various gpre generated structures
+
+// register plugin
+char name[] = "LEGACY_AUTH";
+Firebird::PluginHelper<Auth::SecurityDatabaseManagement, Firebird::Plugin::UserManagement, name> manage;
+
+bool grantRevokeAdmin(ISC_STATUS* isc_status, FB_API_HANDLE DB, FB_API_HANDLE trans,
+ const internal_user_data* io_user_data)
+{
+ if (!io_user_data->admin_entered)
+ {
+ return true;
+ }
+
+ Firebird::string sql;
+
+ sql.printf((io_user_data->admin ? "GRANT %s TO \"%s\"" : "REVOKE %s FROM \"%s\""),
+ "RDB$ADMIN", io_user_data->user_name);
+ isc_dsql_execute_immediate(isc_status, &DB, &trans, sql.length(), sql.c_str(), SQL_DIALECT_V6, NULL);
+
+ if (isc_status[1] && io_user_data->admin == 0)
+ {
+ isc_req_handle request = 0;
+
+ FOR (TRANSACTION_HANDLE trans REQUEST_HANDLE request) R IN RDB$USER_PRIVILEGES
+ WITH R.RDB$USER EQ io_user_data->user_name
+ AND R.RDB$RELATION_NAME EQ 'RDB$ADMIN'
+ AND R.RDB$PRIVILEGE EQ 'M'
+ sql.printf("REVOKE RDB$ADMIN FROM \"%s\" GRANTED BY \"%s\"",
+ io_user_data->user_name, R.RDB$GRANTOR);
+ END_FOR
+
+ if (request)
+ {
+ ISC_STATUS_ARRAY s;
+ if (isc_release_request(s, &request) != FB_SUCCESS)
+ {
+ return false;
+ }
+ }
+
+ isc_dsql_execute_immediate(isc_status, &DB, &trans, sql.length(), sql.c_str(), SQL_DIALECT_V6, NULL);
+ }
+
+ return isc_status[1] == 0;
+}
+
+/*
+bool storePasswd(ISC_STATUS* isc_status, FB_API_HANDLE DB, FB_API_HANDLE trans,
+ ISC_QUAD& blobId, const Firebird::string& passwd)
+{
+ UserBlob blob(isc_status);
+ const UCHAR blob_desc[] = {isc_bpb_version1, isc_bpb_type, 1, isc_blob_untyped};
+
+ if (!blob.create(DB, trans, blobId, sizeof(blob_desc), blob_desc))
+ {
+ return false;
+ }
+
+ if (!blob.putData(passwd.length(), passwd.c_str()))
+ {
+ return false;
+ }
+
+ return blob.close();
+}
+ */
+
+} // anonymous namespace
+
+namespace Auth {
+
+// work in progress - we must avoid both internal_user_data and callback function
+
+int SecurityDatabaseManagement::execLine(ISC_STATUS* isc_status,
+ const char *realUser,
+ FB_API_HANDLE DB,
+ FB_API_HANDLE trans,
+ internal_user_data* io_user_data,
+ FPTR_SECURITY_CALLBACK display_func,
+ void* callback_arg)
+{
+/*************************************
+ *
+ * S E C U R I T Y _ e x e c _ l i n e
+ *
+ **************************************
+ *
+ * Functional description
+ * Process a command line for the security data base manager.
+ * This is used to add and delete users from the user information
+ * database (security2.fdb). It also displays information
+ * about current users and allows modification of current
+ * users' parameters.
+ * Returns 0 on success, otherwise returns a Gsec message number
+ * and the status vector containing the error info.
+ * The syntax is:
+ *
+ * Adding a new user:
+ *
+ * gsec -add <name> [ <parameter> ... ] -- command line
+ * add <name> [ <parameter> ... ] -- interactive
+ *
+ * Deleting a current user:
+ *
+ * gsec -delete <name> -- command line
+ * delete <name> -- interactive
+ *
+ * Displaying all current users:
+ *
+ * gsec -display -- command line
+ * display -- interactive
+ *
+ * Displaying one user:
+ *
+ * gsec -display <name> -- command line
+ * display <name> -- interactive
+ *
+ * Modifying a user's parameters:
+ *
+ * gsec -modify <name> <parameter> [ <parameter> ... ] -- command line
+ * modify <name> <parameter> [ <parameter> ... ] -- interactive
+ *
+ * Get help:
+ *
+ * gsec -help -- command line
+ * ? -- interactive
+ * help -- interactive
+ *
+ * Quit interactive session:
+ *
+ * quit -- interactive
+ *
+ * where <parameter> can be one of:
+ *
+ * -uid <uid>
+ * -gid <gid>
+ * -fname <firstname>
+ * -mname <middlename>
+ * -lname <lastname>
+ *
+ **************************************/
+ Firebird::MutexLockGuard guard(execLineMutex);
+
+ SCHAR encrypted1[Auth::MAX_PASSWORD_LENGTH + 2];
+ Firebird::string encrypted2;
+ bool found;
+ int ret = 0;
+
+ // check for non-printable characters in user name
+ for (const TEXT* p = io_user_data->user_name; *p; p++)
+ {
+ if (! isprint(*p)) {
+ return GsecMsg75; // Add special error message for this case ?
+ }
+ }
+
+ isc_req_handle request = 0;
+ isc_req_handle request2 = 0;
+
+ switch (io_user_data->operation)
+ {
+ case MAP_DROP_OPER:
+ case MAP_SET_OPER:
+ if (realUser)
+ {
+ ret = GsecMsg104;
+ break;
+ }
+ {
+ Firebird::string sql;
+ sql.printf("ALTER ROLE RDB$ADMIN %s AUTO ADMIN MAPPING",
+ io_user_data->operation == MAP_SET_OPER ? "SET" : "DROP");
+ isc_dsql_execute_immediate(isc_status, &DB, &trans, sql.length(), sql.c_str(), 1, NULL);
+ if (isc_status[1] != 0)
+ {
+ ret = GsecMsg97;
+ }
+ }
+ break;
+ case ADD_OPER:
+ if (realUser)
+ {
+ ret = GsecMsg104;
+ break;
+ }
+ // this checks the "entered" flags for each parameter (except the name)
+ // and makes all non-entered parameters null valued
+
+ STORE (TRANSACTION_HANDLE trans REQUEST_HANDLE request) U IN PLG$USERS USING
+ strcpy(U.PLG$USER_NAME, io_user_data->user_name);
+ if (io_user_data->uid_entered)
+ {
+ U.PLG$UID = io_user_data->uid;
+ U.PLG$UID.NULL = ISC_FALSE;
+ }
+ else
+ U.PLG$UID.NULL = ISC_TRUE;
+ if (io_user_data->gid_entered)
+ {
+ U.PLG$GID = io_user_data->gid;
+ U.PLG$GID.NULL = ISC_FALSE;
+ }
+ else
+ U.PLG$GID.NULL = ISC_TRUE;
+ if (io_user_data->group_name_entered)
+ {
+ strcpy(U.PLG$GROUP_NAME, io_user_data->group_name);
+ U.PLG$GROUP_NAME.NULL = ISC_FALSE;
+ }
+ else
+ U.PLG$GROUP_NAME.NULL = ISC_TRUE;
+ if (io_user_data->password_entered)
+ {
+ ENC_crypt(encrypted1, sizeof encrypted1, io_user_data->password, Auth::PASSWORD_SALT);
+ Auth::SecurityDatabase::hash(encrypted2, io_user_data->user_name, &encrypted1[2]);
+ strcpy(U.PLG$PASSWD, encrypted2.c_str());
+ U.PLG$PASSWD.NULL = ISC_FALSE;
+ }
+ else
+ U.PLG$PASSWD.NULL = ISC_TRUE;
+ if (io_user_data->first_name_entered)
+ {
+ strcpy(U.PLG$FIRST_NAME, io_user_data->first_name);
+ U.PLG$FIRST_NAME.NULL = ISC_FALSE;
+ }
+ else
+ U.PLG$FIRST_NAME.NULL = ISC_TRUE;
+ if (io_user_data->middle_name_entered)
+ {
+ strcpy(U.PLG$MIDDLE_NAME, io_user_data->middle_name);
+ U.PLG$MIDDLE_NAME.NULL = ISC_FALSE;
+ }
+ else
+ U.PLG$MIDDLE_NAME.NULL = ISC_TRUE;
+ if (io_user_data->last_name_entered)
+ {
+ strcpy(U.PLG$LAST_NAME, io_user_data->last_name);
+ U.PLG$LAST_NAME.NULL = ISC_FALSE;
+ }
+ else
+ U.PLG$LAST_NAME.NULL = ISC_TRUE;
+ END_STORE
+ ON_ERROR
+ ret = GsecMsg19; // gsec - add record error
+ END_ERROR;
+ if (ret == 0 && !grantRevokeAdmin(isc_status, DB, trans, io_user_data))
+ {
+ ret = GsecMsg19; // gsec - add record error
+ }
+ break;
+
+ case MOD_OPER:
+ if (realUser && strcmp(realUser, io_user_data->user_name))
+ {
+ ret = GsecMsg104;
+ break;
+ }
+
+ // this updates an existing record, replacing all fields that are
+ // entered, and for those that were specified but not entered, it
+ // changes the current value to the null value
+
+ found = false;
+ FOR (TRANSACTION_HANDLE trans REQUEST_HANDLE request) U IN PLG$USERS
+ WITH U.PLG$USER_NAME EQ io_user_data->user_name
+ found = true;
+ MODIFY U USING
+ if (io_user_data->uid_entered)
+ {
+ U.PLG$UID = io_user_data->uid;
+ U.PLG$UID.NULL = ISC_FALSE;
+ }
+ else if (io_user_data->uid_specified)
+ U.PLG$UID.NULL = ISC_TRUE;
+ if (io_user_data->gid_entered)
+ {
+ U.PLG$GID = io_user_data->gid;
+ U.PLG$GID.NULL = ISC_FALSE;
+ }
+ else if (io_user_data->gid_specified)
+ U.PLG$GID.NULL = ISC_TRUE;
+ if (io_user_data->group_name_entered)
+ {
+ strcpy(U.PLG$GROUP_NAME, io_user_data->group_name);
+ U.PLG$GROUP_NAME.NULL = ISC_FALSE;
+ }
+ else if (io_user_data->group_name_specified)
+ U.PLG$GROUP_NAME.NULL = ISC_TRUE;
+ if (io_user_data->password_entered)
+ {
+ ENC_crypt(encrypted1, sizeof encrypted1, io_user_data->password, Auth::PASSWORD_SALT);
+ Auth::SecurityDatabase::hash(encrypted2, io_user_data->user_name, &encrypted1[2]);
+ strcpy(U.PLG$PASSWD, encrypted2.c_str());
+ U.PLG$PASSWD.NULL = ISC_FALSE;
+ }
+ else if (io_user_data->password_specified)
+ U.PLG$PASSWD.NULL = ISC_TRUE;
+ if (io_user_data->first_name_entered)
+ {
+ strcpy(U.PLG$FIRST_NAME, io_user_data->first_name);
+ U.PLG$FIRST_NAME.NULL = ISC_FALSE;
+ }
+ else if (io_user_data->first_name_specified)
+ U.PLG$FIRST_NAME.NULL = ISC_TRUE;
+ if (io_user_data->middle_name_entered)
+ {
+ strcpy(U.PLG$MIDDLE_NAME, io_user_data->middle_name);
+ U.PLG$MIDDLE_NAME.NULL = ISC_FALSE;
+ }
+ else if (io_user_data->middle_name_specified)
+ U.PLG$MIDDLE_NAME.NULL = ISC_TRUE;
+ if (io_user_data->last_name_entered)
+ {
+ strcpy(U.PLG$LAST_NAME, io_user_data->last_name);
+ U.PLG$LAST_NAME.NULL = ISC_FALSE;
+ }
+ else if (io_user_data->last_name_specified)
+ U.PLG$LAST_NAME.NULL = ISC_TRUE;
+ END_MODIFY
+ ON_ERROR
+ ret = GsecMsg20;
+ END_ERROR;
+ END_FOR
+ ON_ERROR
+ ret = GsecMsg21;
+ END_ERROR;
+ if (!ret && !found)
+ ret = GsecMsg22;
+ if (ret == 0 && !grantRevokeAdmin(isc_status, DB, trans, io_user_data))
+ {
+ ret = GsecMsg21;
+ }
+ break;
+
+ case DEL_OPER:
+ if (realUser)
+ {
+ ret = GsecMsg104;
+ break;
+ }
+
+ // looks up the specified user record and deletes it
+
+ found = false;
+ // Do not allow SYSDBA user to be deleted
+ if (!fb_utils::stricmp(io_user_data->user_name, SYSDBA_USER_NAME))
+ ret = GsecMsg23;
+ else
+ {
+ FOR (TRANSACTION_HANDLE trans REQUEST_HANDLE request) U IN PLG$USERS
+ WITH U.PLG$USER_NAME EQ io_user_data->user_name
+ found = true;
+ ERASE U
+ ON_ERROR
+ ret = GsecMsg23; // gsec - delete record error
+ END_ERROR;
+ END_FOR
+ ON_ERROR
+ ret = GsecMsg24; // gsec - find/delete record error
+ END_ERROR;
+ }
+
+ if (!ret && !found)
+ ret = GsecMsg22; // gsec - record not found for user:
+
+ io_user_data->admin = 0;
+ io_user_data->admin_entered = true;
+ if (ret == 0 && ! grantRevokeAdmin(isc_status, DB, trans, io_user_data))
+ {
+ ret = GsecMsg24;
+ }
+ break;
+
+ case DIS_OPER:
+ case OLD_DIS_OPER:
+ if (realUser)
+ {
+ if (io_user_data->user_name_entered && strcmp(realUser, io_user_data->user_name))
+ {
+ ret = GsecMsg104;
+ break;
+ }
+ if (!io_user_data->user_name_entered)
+ {
+ if (strlen(realUser) > sizeof(io_user_data->user_name) - 1)
+ {
+ ret = GsecMsg104;
+ break;
+ }
+ strcpy(io_user_data->user_name, realUser);
+ io_user_data->user_name_entered = true;
+ }
+ }
+
+ // gets either the desired record, or all records, and displays them
+
+ found = false;
+ if (!io_user_data->user_name_entered)
+ {
+ FOR (TRANSACTION_HANDLE trans REQUEST_HANDLE request) U IN PLG$USERS
+ io_user_data->uid = U.PLG$UID;
+ io_user_data->uid_entered = !U.PLG$UID.NULL;
+ io_user_data->gid = U.PLG$GID;
+ io_user_data->gid_entered = !U.PLG$GID.NULL;
+ strcpy(io_user_data->user_name, U.PLG$USER_NAME);
+ io_user_data->user_name_entered = !U.PLG$USER_NAME.NULL;
+ strcpy(io_user_data->group_name, U.PLG$GROUP_NAME);
+ io_user_data->group_name_entered = !U.PLG$GROUP_NAME.NULL;
+ io_user_data->password[0] = 0;
+ io_user_data->password_entered = false;
+ strcpy(io_user_data->first_name, U.PLG$FIRST_NAME);
+ io_user_data->first_name_entered = !U.PLG$FIRST_NAME.NULL;
+ strcpy(io_user_data->middle_name, U.PLG$MIDDLE_NAME);
+ io_user_data->middle_name_entered = !U.PLG$MIDDLE_NAME.NULL;
+ strcpy(io_user_data->last_name, U.PLG$LAST_NAME);
+ io_user_data->last_name_entered = !U.PLG$LAST_NAME.NULL;
+
+ io_user_data->admin = 0;
+ FOR (TRANSACTION_HANDLE trans REQUEST_HANDLE request2) P IN RDB$USER_PRIVILEGES
+ WITH P.RDB$USER EQ U.PLG$USER_NAME
+ AND P.RDB$RELATION_NAME EQ 'RDB$ADMIN'
+ AND P.RDB$PRIVILEGE EQ 'M'
+ io_user_data->admin = 1;
+ END_FOR
+
+ display_func(callback_arg, io_user_data, !found);
+
+ found = true;
+ END_FOR
+ ON_ERROR
+ ret = GsecMsg28; // gsec - find/display record error
+ END_ERROR;
+ }
+ else
+ {
+ FOR (TRANSACTION_HANDLE trans REQUEST_HANDLE request) U IN PLG$USERS
+ WITH U.PLG$USER_NAME EQ io_user_data->user_name
+ io_user_data->uid = U.PLG$UID;
+ io_user_data->uid_entered = !U.PLG$UID.NULL;
+ io_user_data->gid = U.PLG$GID;
+ io_user_data->gid_entered = !U.PLG$GID.NULL;
+ strcpy(io_user_data->user_name, U.PLG$USER_NAME);
+ io_user_data->user_name_entered = !U.PLG$USER_NAME.NULL;
+ strcpy(io_user_data->group_name, U.PLG$GROUP_NAME);
+ io_user_data->group_name_entered = !U.PLG$GROUP_NAME.NULL;
+ io_user_data->password[0] = 0;
+ io_user_data->password_entered = false;
+ strcpy(io_user_data->first_name, U.PLG$FIRST_NAME);
+ io_user_data->first_name_entered = !U.PLG$FIRST_NAME.NULL;
+ strcpy(io_user_data->middle_name, U.PLG$MIDDLE_NAME);
+ io_user_data->middle_name_entered = !U.PLG$MIDDLE_NAME.NULL;
+ strcpy(io_user_data->last_name, U.PLG$LAST_NAME);
+ io_user_data->last_name_entered = !U.PLG$LAST_NAME.NULL;
+
+ io_user_data->admin = 0;
+ FOR (TRANSACTION_HANDLE trans REQUEST_HANDLE request2) P IN RDB$USER_PRIVILEGES
+ WITH P.RDB$USER EQ U.PLG$USER_NAME
+ AND P.RDB$RELATION_NAME EQ 'RDB$ADMIN'
+ AND P.RDB$PRIVILEGE EQ 'M'
+ io_user_data->admin = 1;
+ END_FOR
+
+ display_func(callback_arg, io_user_data, !found);
+
+ found = true;
+ END_FOR
+ ON_ERROR
+ ret = GsecMsg28; // gsec - find/display record error
+ END_ERROR;
+ }
+ break;
+
+ default:
+ ret = GsecMsg16; // gsec - error in switch specifications
+ break;
+ }
+
+ if (request)
+ {
+ ISC_STATUS_ARRAY s;
+ if (isc_release_request(s, &request) != FB_SUCCESS)
+ {
+ if (! ret)
+ {
+ ret = GsecMsg94; // error releasing request in security database
+ }
+ }
+ }
+
+ if (request2)
+ {
+ ISC_STATUS_ARRAY s;
+ if (isc_release_request(s, &request2) != FB_SUCCESS)
+ {
+ if (! ret)
+ {
+ ret = GsecMsg94; // error releasing request in security database
+ }
+ }
+ }
+
+ return ret;
+}
+
+} // namespace Auth
Property changes on: firebird/trunk/src/auth/SecurityDatabase/LegacyManagement.epp
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: svn:eol-style
+ native
Added: firebird/trunk/src/auth/SecurityDatabase/LegacyManagement.h
===================================================================
--- firebird/trunk/src/auth/SecurityDatabase/LegacyManagement.h (rev 0)
+++ firebird/trunk/src/auth/SecurityDatabase/LegacyManagement.h 2010-07-23 12:04:18 UTC (rev 51355)
@@ -0,0 +1,47 @@
+/*
+ * PROGRAM: Firebird authentication
+ * MODULE: LegacyManagement.h
+ * DESCRIPTION: Performs legacy actions with security database
+ *
+ * The contents of this file are subject to the Initial
+ * Developer's Public License Version 1.0 (the "License");
+ * you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at
+ * http://www.ibphoenix.com/main.nfs?a=ibphoenix&page=ibp_idpl.
+ *
+ * Software distributed under the License is distributed AS IS,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied.
+ * See the License for the specific language governing rights
+ * and limitations under the License.
+ *
+ * The Original Code was created by Alex Peshkov
+ * for the Firebird Open Source RDBMS project.
+ *
+ * Copyright (c) 2010 Alex Peshkov <peshkoff at mail.ru>
+ * and all contributors signed below.
+ *
+ * All Rights Reserved.
+ * Contributor(s): ______________________________________.
+ */
+
+#ifndef AUTH_LEGACY_MANAGEMENT_H
+#define AUTH_LEGACY_MANAGEMENT_H
+
+#include "../auth/AuthInterface.h"
+
+
+namespace Auth {
+
+class SecurityDatabaseManagement : public ManagementPlugin
+{
+public:
+ // work in progress - we must avoid both internal_user_data and callback function
+ int execLine(ISC_STATUS* isc_status, const char *realUser,
+ FB_API_HANDLE db, FB_API_HANDLE trans,
+ internal_user_data* io_user_data,
+ FPTR_SECURITY_CALLBACK display_func, void* callback_arg);
+};
+
+} // namespace Auth
+
+#endif // AUTH_LEGACY_MANAGEMENT_H
Property changes on: firebird/trunk/src/auth/SecurityDatabase/LegacyManagement.h
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: svn:eol-style
+ native
Added: firebird/trunk/src/common/classes/ImplementHelper.h
===================================================================
--- firebird/trunk/src/common/classes/ImplementHelper.h (rev 0)
+++ firebird/trunk/src/common/classes/ImplementHelper.h 2010-07-23 12:04:18 UTC (rev 51355)
@@ -0,0 +1,107 @@
+/*
+ * PROGRAM: Firebird interface.
+ * MODULE: ImplementHelper.h
+ * DESCRIPTION: Tools to help write plugins.
+ *
+ * The contents of this file are subject to the Initial
+ * Developer's Public License Version 1.0 (the "License");
+ * you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at
+ * http://www.ibphoenix.com/main.nfs?a=ibphoenix&page=ibp_idpl.
+ *
+ * Software distributed under the License is distributed AS IS,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied.
+ * See the License for the specific language governing rights
+ * and limitations under the License.
+ *
+ * The Original Code was created by Alex Peshkov
+ * for the Firebird Open Source RDBMS project.
+ *
+ * Copyright (c) 2010 Alex Peshkov <peshkoff at mail.ru>
+ * and all contributors signed below.
+ *
+ * All Rights Reserved.
+ * Contributor(s): ______________________________________.
+ *
+ *
+ */
+
+#ifndef FB_COMMON_CLASSES_IMPLEMENT_HELPER
+#define FB_COMMON_CLASSES_IMPLEMENT_HELPER
+
+#include "../common/classes/Interface.h"
+
+//#include "../jrd/gds_proto.h"
+#include "../common/classes/alloc.h"
+
+namespace Firebird {
+
+// If you need interface on stack, use it in template AutoPtr<YourInterface, AutoInterface>
+// as second parameter
+class AutoInterface
+{
+public:
+ static void clear(Interface* ptr)
+ {
+ if (ptr)
+ {
+ ptr->release();
+ }
+ }
+};
+
+template <typename T>
+T* interfaceAlloc()
+{
+ /***
+ void* ptr = gds__alloc(sizeof(T));
+ return new(ptr) T;
+ ***/
+ return FB_NEW(*getDefaultMemoryPool()) T;
+}
+
+template <typename T>
+void interfaceFree(T* ptr)
+{
+ /***
+ delete((void*) 0) ptr;
+ gds__free(ptr);
+ ***/
+ delete ptr;
+}
+
+// Template to create statis instance of plugin
+template <typename C, unsigned int T, char NM[]>
+class PluginHelper : public C
+{
+public:
+ PluginHelper()
+ {
+ fb_register_plugin(this);
+ }
+ virtual const char* name() const
+ {
+ return NM;
+ }
+ virtual unsigned int type() const
+ {
+ return T;
+ }
+
+ virtual void link(Plugin* chain)
+ {
+ pp = chain;
+ }
+ virtual Plugin* next() const
+ {
+ return pp;
+ }
+
+private:
+ Plugin* pp;
+};
+
+} // namespace Firebird
+
+
+#endif // FB_COMMON_CLASSES_IMPLEMENT_HELPER
Property changes on: firebird/trunk/src/common/classes/ImplementHelper.h
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: svn:eol-style
+ native
Modified: firebird/trunk/src/common/classes/Interface.h
===================================================================
--- firebird/trunk/src/common/classes/Interface.h 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/src/common/classes/Interface.h 2010-07-23 12:04:18 UTC (rev 51355)
@@ -29,11 +29,9 @@
#ifndef FB_COMMON_CLASSES_INTERFACE
#define FB_COMMON_CLASSES_INTERFACE
-//#include "../jrd/gds_proto.h"
-#include "../common/classes/alloc.h"
-
namespace Firebird {
+// Regular interface, typically returned by plugin or other interface
class Interface
{
public:
@@ -45,39 +43,31 @@
~Interface() { }
};
-class AutoInterface
+// Plugin - single static instance of each plugin is created when plugin library is loaded
+class Plugin
{
public:
- static void clear(Interface* ptr)
- {
- if (ptr)
- {
- ptr->release();
- }
- }
+ virtual const char* name() const = 0;
+ virtual unsigned int type() const = 0;
+
+ virtual void link(Plugin* chain) = 0;
+ virtual Plugin* next() const = 0;
+
+// static const unsigned int YValve = 1;
+// static const unsigned int Engine = 2;
+// static const unsigned int Redirector = 3;
+ static const unsigned int AuthServer = 4;
+ static const unsigned int AuthClient = 5;
+ static const unsigned int UserManagement = 6;
};
-template <typename T>
-T* interfaceAlloc()
-{
- /***
- void* ptr = gds__alloc(sizeof(T));
- return new(ptr) T;
- ***/
- return FB_NEW(*getDefaultMemoryPool()) T;
-}
+} // namespace Firebird
-template <typename T>
-void interfaceFree(T* ptr)
+extern "C"
{
- /***
- delete((void*) 0) ptr;
- gds__free(ptr);
- ***/
- delete ptr;
+ // additional API functions
+ void ISC_EXPORT fb_register_plugin ( Firebird::Plugin* plugin );
+ Firebird::Plugin* ISC_EXPORT fb_query_plugin (unsigned int type, const char* name);
}
-} // namespace Auth
-
-
#endif // FB_COMMON_CLASSES_INTERFACE
Property changes on: firebird/trunk/src/common/classes/Interface.h
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: firebird/trunk/src/dbs/security.sql
===================================================================
--- firebird/trunk/src/dbs/security.sql 2010-07-22 09:36:15 UTC (rev 51354)
+++ firebird/trunk/src/dbs/security.sql 2010-07-23 12:04:18 UTC (rev 51355)
@@ -15,15 +15,36 @@
*
* All Rights Reserved.
* Contributor(s): ______________________________________.
- *
+ *
* 2004.09.14 Alex Peshkoff - security changes, preventing ordinary users
* from access to other users crypted passwords and enabling modification
* of there own password. Originally suggested by Ivan Prenosil
* (see http://www.volny.cz/iprenosil/interbase/ for details).
*/
+/* Domain definitions */
+CREATE DOMAIN PLG$PASSWD AS VARCHAR(64) CHARACTER SET BINARY;
+
+COMMIT;
+
+
+/* Table: RDB$USERS */
+CREATE TABLE PLG$USERS (
+ PLG$USER_NAME SEC$USER_N...
[truncated message content] |
