| OLD | NEW |
|---|
| (Empty) |
| 1 /* | |
| 2 ** 2014-09-08 | |
| 3 ** | |
| 4 ** The author disclaims copyright to this source code. In place of | |
| 5 ** a legal notice, here is a blessing: | |
| 6 ** | |
| 7 ** May you do good and not evil. | |
| 8 ** May you find forgiveness for yourself and forgive others. | |
| 9 ** May you share freely, never taking more than you give. | |
| 10 ** | |
| 11 ************************************************************************* | |
| 12 ** | |
| 13 ** This file contains the bulk of the implementation of the | |
| 14 ** user-authentication extension feature. Some parts of the user- | |
| 15 ** authentication code are contained within the SQLite core (in the | |
| 16 ** src/ subdirectory of the main source code tree) but those parts | |
| 17 ** that could reasonable be separated out are moved into this file. | |
| 18 ** | |
| 19 ** To compile with the user-authentication feature, append this file to | |
| 20 ** end of an SQLite amalgamation, then add the SQLITE_USER_AUTHENTICATION | |
| 21 ** compile-time option. See the user-auth.txt file in the same source | |
| 22 ** directory as this file for additional information. | |
| 23 */ | |
| 24 #ifdef SQLITE_USER_AUTHENTICATION | |
| 25 #ifndef _SQLITEINT_H_ | |
| 26 # include "sqliteInt.h" | |
| 27 #endif | |
| 28 | |
| 29 /* | |
| 30 ** Prepare an SQL statement for use by the user authentication logic. | |
| 31 ** Return a pointer to the prepared statement on success. Return a | |
| 32 ** NULL pointer if there is an error of any kind. | |
| 33 */ | |
| 34 static sqlite3_stmt *sqlite3UserAuthPrepare( | |
| 35 sqlite3 *db, | |
| 36 const char *zFormat, | |
| 37 ... | |
| 38 ){ | |
| 39 sqlite3_stmt *pStmt; | |
| 40 char *zSql; | |
| 41 int rc; | |
| 42 va_list ap; | |
| 43 int savedFlags = db->flags; | |
| 44 | |
| 45 va_start(ap, zFormat); | |
| 46 zSql = sqlite3_vmprintf(zFormat, ap); | |
| 47 va_end(ap); | |
| 48 if( zSql==0 ) return 0; | |
| 49 db->flags |= SQLITE_WriteSchema; | |
| 50 rc = sqlite3_prepare_v2(db, zSql, -1, &pStmt, 0); | |
| 51 db->flags = savedFlags; | |
| 52 sqlite3_free(zSql); | |
| 53 if( rc ){ | |
| 54 sqlite3_finalize(pStmt); | |
| 55 pStmt = 0; | |
| 56 } | |
| 57 return pStmt; | |
| 58 } | |
| 59 | |
| 60 /* | |
| 61 ** Check to see if the sqlite_user table exists in database zDb. | |
| 62 */ | |
| 63 static int userTableExists(sqlite3 *db, const char *zDb){ | |
| 64 int rc; | |
| 65 sqlite3_mutex_enter(db->mutex); | |
| 66 sqlite3BtreeEnterAll(db); | |
| 67 if( db->init.busy==0 ){ | |
| 68 char *zErr = 0; | |
| 69 sqlite3Init(db, &zErr); | |
| 70 sqlite3DbFree(db, zErr); | |
| 71 } | |
| 72 rc = sqlite3FindTable(db, "sqlite_user", zDb)!=0; | |
| 73 sqlite3BtreeLeaveAll(db); | |
| 74 sqlite3_mutex_leave(db->mutex); | |
| 75 return rc; | |
| 76 } | |
| 77 | |
| 78 /* | |
| 79 ** Check to see if database zDb has a "sqlite_user" table and if it does | |
| 80 ** whether that table can authenticate zUser with nPw,zPw. Write one of | |
| 81 ** the UAUTH_* user authorization level codes into *peAuth and return a | |
| 82 ** result code. | |
| 83 */ | |
| 84 static int userAuthCheckLogin( | |
| 85 sqlite3 *db, /* The database connection to check */ | |
| 86 const char *zDb, /* Name of specific database to check */ | |
| 87 u8 *peAuth /* OUT: One of UAUTH_* constants */ | |
| 88 ){ | |
| 89 sqlite3_stmt *pStmt; | |
| 90 int rc; | |
| 91 | |
| 92 *peAuth = UAUTH_Unknown; | |
| 93 if( !userTableExists(db, "main") ){ | |
| 94 *peAuth = UAUTH_Admin; /* No sqlite_user table. Everybody is admin. */ | |
| 95 return SQLITE_OK; | |
| 96 } | |
| 97 if( db->auth.zAuthUser==0 ){ | |
| 98 *peAuth = UAUTH_Fail; | |
| 99 return SQLITE_OK; | |
| 100 } | |
| 101 pStmt = sqlite3UserAuthPrepare(db, | |
| 102 "SELECT pw=sqlite_crypt(?1,pw), isAdmin FROM \"%w\".sqlite_user" | |
| 103 " WHERE uname=?2", zDb); | |
| 104 if( pStmt==0 ) return SQLITE_NOMEM; | |
| 105 sqlite3_bind_blob(pStmt, 1, db->auth.zAuthPW, db->auth.nAuthPW,SQLITE_STATIC); | |
| 106 sqlite3_bind_text(pStmt, 2, db->auth.zAuthUser, -1, SQLITE_STATIC); | |
| 107 rc = sqlite3_step(pStmt); | |
| 108 if( rc==SQLITE_ROW && sqlite3_column_int(pStmt,0) ){ | |
| 109 *peAuth = sqlite3_column_int(pStmt, 1) + UAUTH_User; | |
| 110 }else{ | |
| 111 *peAuth = UAUTH_Fail; | |
| 112 } | |
| 113 return sqlite3_finalize(pStmt); | |
| 114 } | |
| 115 int sqlite3UserAuthCheckLogin( | |
| 116 sqlite3 *db, /* The database connection to check */ | |
| 117 const char *zDb, /* Name of specific database to check */ | |
| 118 u8 *peAuth /* OUT: One of UAUTH_* constants */ | |
| 119 ){ | |
| 120 int rc; | |
| 121 u8 savedAuthLevel; | |
| 122 assert( zDb!=0 ); | |
| 123 assert( peAuth!=0 ); | |
| 124 savedAuthLevel = db->auth.authLevel; | |
| 125 db->auth.authLevel = UAUTH_Admin; | |
| 126 rc = userAuthCheckLogin(db, zDb, peAuth); | |
| 127 db->auth.authLevel = savedAuthLevel; | |
| 128 return rc; | |
| 129 } | |
| 130 | |
| 131 /* | |
| 132 ** If the current authLevel is UAUTH_Unknown, the take actions to figure | |
| 133 ** out what authLevel should be | |
| 134 */ | |
| 135 void sqlite3UserAuthInit(sqlite3 *db){ | |
| 136 if( db->auth.authLevel==UAUTH_Unknown ){ | |
| 137 u8 authLevel = UAUTH_Fail; | |
| 138 sqlite3UserAuthCheckLogin(db, "main", &authLevel); | |
| 139 db->auth.authLevel = authLevel; | |
| 140 if( authLevel<UAUTH_Admin ) db->flags &= ~SQLITE_WriteSchema; | |
| 141 } | |
| 142 } | |
| 143 | |
| 144 /* | |
| 145 ** Implementation of the sqlite_crypt(X,Y) function. | |
| 146 ** | |
| 147 ** If Y is NULL then generate a new hash for password X and return that | |
| 148 ** hash. If Y is not null, then generate a hash for password X using the | |
| 149 ** same salt as the previous hash Y and return the new hash. | |
| 150 */ | |
| 151 void sqlite3CryptFunc( | |
| 152 sqlite3_context *context, | |
| 153 int NotUsed, | |
| 154 sqlite3_value **argv | |
| 155 ){ | |
| 156 const char *zIn; | |
| 157 int nIn, ii; | |
| 158 u8 *zOut; | |
| 159 char zSalt[8]; | |
| 160 zIn = sqlite3_value_blob(argv[0]); | |
| 161 nIn = sqlite3_value_bytes(argv[0]); | |
| 162 if( sqlite3_value_type(argv[1])==SQLITE_BLOB | |
| 163 && sqlite3_value_bytes(argv[1])==nIn+sizeof(zSalt) | |
| 164 ){ | |
| 165 memcpy(zSalt, sqlite3_value_blob(argv[1]), sizeof(zSalt)); | |
| 166 }else{ | |
| 167 sqlite3_randomness(sizeof(zSalt), zSalt); | |
| 168 } | |
| 169 zOut = sqlite3_malloc( nIn+sizeof(zSalt) ); | |
| 170 if( zOut==0 ){ | |
| 171 sqlite3_result_error_nomem(context); | |
| 172 }else{ | |
| 173 memcpy(zOut, zSalt, sizeof(zSalt)); | |
| 174 for(ii=0; ii<nIn; ii++){ | |
| 175 zOut[ii+sizeof(zSalt)] = zIn[ii]^zSalt[ii&0x7]; | |
| 176 } | |
| 177 sqlite3_result_blob(context, zOut, nIn+sizeof(zSalt), sqlite3_free); | |
| 178 } | |
| 179 } | |
| 180 | |
| 181 /* | |
| 182 ** If a database contains the SQLITE_USER table, then the | |
| 183 ** sqlite3_user_authenticate() interface must be invoked with an | |
| 184 ** appropriate username and password prior to enable read and write | |
| 185 ** access to the database. | |
| 186 ** | |
| 187 ** Return SQLITE_OK on success or SQLITE_ERROR if the username/password | |
| 188 ** combination is incorrect or unknown. | |
| 189 ** | |
| 190 ** If the SQLITE_USER table is not present in the database file, then | |
| 191 ** this interface is a harmless no-op returnning SQLITE_OK. | |
| 192 */ | |
| 193 int sqlite3_user_authenticate( | |
| 194 sqlite3 *db, /* The database connection */ | |
| 195 const char *zUsername, /* Username */ | |
| 196 const char *zPW, /* Password or credentials */ | |
| 197 int nPW /* Number of bytes in aPW[] */ | |
| 198 ){ | |
| 199 int rc; | |
| 200 u8 authLevel = UAUTH_Fail; | |
| 201 db->auth.authLevel = UAUTH_Unknown; | |
| 202 sqlite3_free(db->auth.zAuthUser); | |
| 203 sqlite3_free(db->auth.zAuthPW); | |
| 204 memset(&db->auth, 0, sizeof(db->auth)); | |
| 205 db->auth.zAuthUser = sqlite3_mprintf("%s", zUsername); | |
| 206 if( db->auth.zAuthUser==0 ) return SQLITE_NOMEM; | |
| 207 db->auth.zAuthPW = sqlite3_malloc( nPW+1 ); | |
| 208 if( db->auth.zAuthPW==0 ) return SQLITE_NOMEM; | |
| 209 memcpy(db->auth.zAuthPW,zPW,nPW); | |
| 210 db->auth.nAuthPW = nPW; | |
| 211 rc = sqlite3UserAuthCheckLogin(db, "main", &authLevel); | |
| 212 db->auth.authLevel = authLevel; | |
| 213 sqlite3ExpirePreparedStatements(db); | |
| 214 if( rc ){ | |
| 215 return rc; /* OOM error, I/O error, etc. */ | |
| 216 } | |
| 217 if( authLevel<UAUTH_User ){ | |
| 218 return SQLITE_AUTH; /* Incorrect username and/or password */ | |
| 219 } | |
| 220 return SQLITE_OK; /* Successful login */ | |
| 221 } | |
| 222 | |
| 223 /* | |
| 224 ** The sqlite3_user_add() interface can be used (by an admin user only) | |
| 225 ** to create a new user. When called on a no-authentication-required | |
| 226 ** database, this routine converts the database into an authentication- | |
| 227 ** required database, automatically makes the added user an | |
| 228 ** administrator, and logs in the current connection as that user. | |
| 229 ** The sqlite3_user_add() interface only works for the "main" database, not | |
| 230 ** for any ATTACH-ed databases. Any call to sqlite3_user_add() by a | |
| 231 ** non-admin user results in an error. | |
| 232 */ | |
| 233 int sqlite3_user_add( | |
| 234 sqlite3 *db, /* Database connection */ | |
| 235 const char *zUsername, /* Username to be added */ | |
| 236 const char *aPW, /* Password or credentials */ | |
| 237 int nPW, /* Number of bytes in aPW[] */ | |
| 238 int isAdmin /* True to give new user admin privilege */ | |
| 239 ){ | |
| 240 sqlite3_stmt *pStmt; | |
| 241 int rc; | |
| 242 sqlite3UserAuthInit(db); | |
| 243 if( db->auth.authLevel<UAUTH_Admin ) return SQLITE_AUTH; | |
| 244 if( !userTableExists(db, "main") ){ | |
| 245 if( !isAdmin ) return SQLITE_AUTH; | |
| 246 pStmt = sqlite3UserAuthPrepare(db, | |
| 247 "CREATE TABLE sqlite_user(\n" | |
| 248 " uname TEXT PRIMARY KEY,\n" | |
| 249 " isAdmin BOOLEAN,\n" | |
| 250 " pw BLOB\n" | |
| 251 ") WITHOUT ROWID;"); | |
| 252 if( pStmt==0 ) return SQLITE_NOMEM; | |
| 253 sqlite3_step(pStmt); | |
| 254 rc = sqlite3_finalize(pStmt); | |
| 255 if( rc ) return rc; | |
| 256 } | |
| 257 pStmt = sqlite3UserAuthPrepare(db, | |
| 258 "INSERT INTO sqlite_user(uname,isAdmin,pw)" | |
| 259 " VALUES(%Q,%d,sqlite_crypt(?1,NULL))", | |
| 260 zUsername, isAdmin!=0); | |
| 261 if( pStmt==0 ) return SQLITE_NOMEM; | |
| 262 sqlite3_bind_blob(pStmt, 1, aPW, nPW, SQLITE_STATIC); | |
| 263 sqlite3_step(pStmt); | |
| 264 rc = sqlite3_finalize(pStmt); | |
| 265 if( rc ) return rc; | |
| 266 if( db->auth.zAuthUser==0 ){ | |
| 267 assert( isAdmin!=0 ); | |
| 268 sqlite3_user_authenticate(db, zUsername, aPW, nPW); | |
| 269 } | |
| 270 return SQLITE_OK; | |
| 271 } | |
| 272 | |
| 273 /* | |
| 274 ** The sqlite3_user_change() interface can be used to change a users | |
| 275 ** login credentials or admin privilege. Any user can change their own | |
| 276 ** login credentials. Only an admin user can change another users login | |
| 277 ** credentials or admin privilege setting. No user may change their own | |
| 278 ** admin privilege setting. | |
| 279 */ | |
| 280 int sqlite3_user_change( | |
| 281 sqlite3 *db, /* Database connection */ | |
| 282 const char *zUsername, /* Username to change */ | |
| 283 const char *aPW, /* Modified password or credentials */ | |
| 284 int nPW, /* Number of bytes in aPW[] */ | |
| 285 int isAdmin /* Modified admin privilege for the user */ | |
| 286 ){ | |
| 287 sqlite3_stmt *pStmt; | |
| 288 int rc; | |
| 289 u8 authLevel; | |
| 290 | |
| 291 authLevel = db->auth.authLevel; | |
| 292 if( authLevel<UAUTH_User ){ | |
| 293 /* Must be logged in to make a change */ | |
| 294 return SQLITE_AUTH; | |
| 295 } | |
| 296 if( strcmp(db->auth.zAuthUser, zUsername)!=0 ){ | |
| 297 if( db->auth.authLevel<UAUTH_Admin ){ | |
| 298 /* Must be an administrator to change a different user */ | |
| 299 return SQLITE_AUTH; | |
| 300 } | |
| 301 }else if( isAdmin!=(authLevel==UAUTH_Admin) ){ | |
| 302 /* Cannot change the isAdmin setting for self */ | |
| 303 return SQLITE_AUTH; | |
| 304 } | |
| 305 db->auth.authLevel = UAUTH_Admin; | |
| 306 if( !userTableExists(db, "main") ){ | |
| 307 /* This routine is a no-op if the user to be modified does not exist */ | |
| 308 }else{ | |
| 309 pStmt = sqlite3UserAuthPrepare(db, | |
| 310 "UPDATE sqlite_user SET isAdmin=%d, pw=sqlite_crypt(?1,NULL)" | |
| 311 " WHERE uname=%Q", isAdmin, zUsername); | |
| 312 if( pStmt==0 ){ | |
| 313 rc = SQLITE_NOMEM; | |
| 314 }else{ | |
| 315 sqlite3_bind_blob(pStmt, 1, aPW, nPW, SQLITE_STATIC); | |
| 316 sqlite3_step(pStmt); | |
| 317 rc = sqlite3_finalize(pStmt); | |
| 318 } | |
| 319 } | |
| 320 db->auth.authLevel = authLevel; | |
| 321 return rc; | |
| 322 } | |
| 323 | |
| 324 /* | |
| 325 ** The sqlite3_user_delete() interface can be used (by an admin user only) | |
| 326 ** to delete a user. The currently logged-in user cannot be deleted, | |
| 327 ** which guarantees that there is always an admin user and hence that | |
| 328 ** the database cannot be converted into a no-authentication-required | |
| 329 ** database. | |
| 330 */ | |
| 331 int sqlite3_user_delete( | |
| 332 sqlite3 *db, /* Database connection */ | |
| 333 const char *zUsername /* Username to remove */ | |
| 334 ){ | |
| 335 sqlite3_stmt *pStmt; | |
| 336 if( db->auth.authLevel<UAUTH_Admin ){ | |
| 337 /* Must be an administrator to delete a user */ | |
| 338 return SQLITE_AUTH; | |
| 339 } | |
| 340 if( strcmp(db->auth.zAuthUser, zUsername)==0 ){ | |
| 341 /* Cannot delete self */ | |
| 342 return SQLITE_AUTH; | |
| 343 } | |
| 344 if( !userTableExists(db, "main") ){ | |
| 345 /* This routine is a no-op if the user to be deleted does not exist */ | |
| 346 return SQLITE_OK; | |
| 347 } | |
| 348 pStmt = sqlite3UserAuthPrepare(db, | |
| 349 "DELETE FROM sqlite_user WHERE uname=%Q", zUsername); | |
| 350 if( pStmt==0 ) return SQLITE_NOMEM; | |
| 351 sqlite3_step(pStmt); | |
| 352 return sqlite3_finalize(pStmt); | |
| 353 } | |
| 354 | |
| 355 #endif /* SQLITE_USER_AUTHENTICATION */ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2363173002:
[sqlite] Remove obsolete reference version 3.8.7.4. (Closed)
