File: yubiserver.h

package info (click to toggle)
yubiserver 0.6-3.1
  • links: PTS
  • area: main
  • in suites: bullseye, buster, sid
  • size: 1,464 kB
  • sloc: sh: 4,254; ansic: 2,179; makefile: 55
file content (127 lines) | stat: -rw-r--r-- 5,123 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
#ifndef yubiserver_h__
#define yubiserver_h__

#include <ev.h>

#define VERSION_                "0.6"

#define BUFSIZE                 4096
#define ERROR                   42
#define WARNING                 43
#define LOG                     44
#define REQUEST                 45
#define METHOD_OTP              1
#define METHOD_OATH             2

#define OK                      0	/* The OTP is valid. */
#define BAD_OTP                 1	/* The OTP is invalid format. */
#define REPLAYED_OTP            2	/* The OTP has already been seen by the service. */
#define DELAYED_OTP             3
#define NO_SUCH_CLIENT          4	/* The request lacks a parameter. */
#define BAD_SIGNATURE           5	/* The HMAC signature verification failed. */
#define MISSING_PARAMETER       6	/* The request lacks a parameter. */
#define OPERATION_NOT_ALLOWED	7	/* The request id is not allowed to verify OTPs */
#define BACKEND_ERROR           8	/* Unexpected error in our server. Please contact us if you see this error. */
#define NOT_ENOUGH_ANSWERS      9	/* Server could not get requested number of syncs during before timeout */
#define REPLAYED_REQUEST        10	/* Server has seen the OTP/Nonce combination before */
#define NO_AUTH                 11	/* The OATH/HOTP is invalid. */

#define CRC_OK                  0xF0B8
#define CRC_BLOCK_SIZE          16
#define PRIVATE_ID_SIZE         12
#define PUBLIC_ID_SIZE          12
#define OPRIVATE_ID_SIZE        40
#define OTP_MSG_SIZE            32
#define OTP_TOKEN               44
#define AES_SIZE                32
#define HEX_SIZE                16
#define PUBLIC_NAME_SIZE        16
#define QUERY_SIZE              100
#define DATE_BUFSIZE            25

/* Yubiserver-admin Constants */
#define ENABLE_USER             0
#define DISABLE_USER            1
#define ADD_USER                2
#define DELETE_USER             3

/* EV Constants */
#define EV_DEFAULT_PAGE         1
#define EV_VAL_OTP              2
#define EV_VAL_OATH             3

#ifndef PATH_MAX
#define PATH_MAX                4096
#endif

#define BT_(x,y)                (x[y]='\0')

/* Change default path to /etc/yubiserver/yubiserver.sqlite */
//#define SQLITE3_DB_PATH		"yubiserver.sqlite"
//#define YUBISERVER_LOG_PATH	"yubiserver.log"

char *sqlite3_dbpath = SQLITE3_DB_PATH;
char *yubiserver_log = YUBISERVER_LOG_PATH;

struct Yubikey {
    int result;                             /* Final Result after validation */
    char publicname[PUBLIC_NAME_SIZE + 1];  /* Database Public Name */
    char creation_date[DATE_BUFSIZE];       /* Database account creation datetime */
    char private_id[PRIVATE_ID_SIZE + 1];   /* Database private ID */
    char oprivate_id[OPRIVATE_ID_SIZE + 1]; /* Database OATH private ID */
    char aeskey[AES_SIZE + 1];              /* Database AES Key */
    int active;                             /* Account is active */
    int counter;                            /* Database counter */
    int timestamp;                          /* Database timestamp */
    int session_counter;                    /* Internal session counter */
    int session_token_counter;              /* Internal session token counter */
};

struct Tokens {
    char *id;           /* Specifies the requestor so that the end-point can
                           retrieve correct shared secret for signing the
                           response.
                         */
    char *otp;          /* The OTP from the YubiKey. */
    char *h;            /* The optional HMAC-SHA1 signature for the request. */
    char *timestamp;    /* Timestamp=1 requests timestamp and session counter
                           information the response
                         */
    char *nonce;        /* A 16 to 40 character long string with random unique
                           data
                         */
    char *sl;           /* A value 0 to 100 indicating percentage of syncing
                           required by client, or strings "fast" or "secure"
                           to use server-configured values; if absent, let the
                           server decides
                         */
    int timeout;        /* Number of seconds to wait for sync responses; if
                           absent, let the server decides
                         */
};

struct OATH_Tokens {
    char *id;
    char *otp;      /* OATH HMAC OTP */
    char *tokenid;  /* 12 characters public token ID/Name */
    int counter;    /* Internal Yubikey OATH/HOTP counter */
};

struct Config {
    char *sqlite3file;  /* SQLite3 Database File */
    char *yubilogfile;  /* Yubiserver Log File */
    int port;           /* Yubiserver Port */
};

struct ev_client {
    int fd;         /* Client's connection File Descriptor */
    int mode;       /* Authentication Mode */
    int protocol;   /* HTTP Protocol version */
    char *buffer;   /* Client socket buffer */
    long ret;       /* Length of read data from client socket */
    ev_io ev_read;  /* EV Read I/O Struct */
    ev_io ev_write; /* EV Write I/O Struct */
    struct sockaddr_in client_addr;
};

#endif /* yubiserver_h */