*/
#include <security-server-plugin-api.h>
+#include <ckm/ckm-client-info.h>
#include <ckm/ckm-control.h>
#include <ckm/ckm-type.h>
class KEY_MANAGER_API Plugin : public PasswordPlugin {
public:
- Plugin();
- virtual int changeUserPassword(uid_t user, const std::string &oldPass, const std::string &newPass);
- virtual int login(uid_t user, const std::string &password);
- virtual int logout(uid_t user);
- virtual int resetUserPassword(uid_t user, const std::string &newPass);
- virtual int removeUserData(uid_t user);
- virtual ~Plugin(){}
+ Plugin() {}
+ virtual int changeUserPassword(const std::string &zone, uid_t user, const std::string &oldPass, const std::string &newPass);
+ virtual int login(const std::string &zone, uid_t user, const std::string &password);
+ virtual int logout(const std::string &zone, uid_t user);
+ virtual int resetUserPassword(const std::string &zone, uid_t user, const std::string &newPass);
+ virtual int removeUserData(const std::string &zone, uid_t user);
+ virtual ~Plugin() {}
private:
- CKM::ControlShPtr m_control;
+ CKM::ClientInfo getClientInfo(const std::string &zone, uid_t user);
};
-Plugin::Plugin() {
- m_control = CKM::Control::create();
+CKM::ClientInfo Plugin::getClientInfo(const std::string &zone, uid_t user)
+{
+ return CKM::ClientInfo(zone, user);
}
-int Plugin::changeUserPassword(uid_t user, const std::string &oldPass, const std::string &newPass) {
+int Plugin::changeUserPassword(
+ const std::string &zone,
+ uid_t user,
+ const std::string &oldPass,
+ const std::string &newPass)
+{
+ auto control = CKM::Control::create();
+ if (!control)
+ return SECURITY_SERVER_PLUGIN_FAIL;
+
CKM::Password oldPwd(oldPass.begin(), oldPass.end());
CKM::Password newPwd(newPass.begin(), newPass.end());
-
- if (!m_control)
- return SECURITY_SERVER_PLUGIN_FAIL;
+ CKM::ClientInfo clientInfo = getClientInfo(zone, user);
// CKM does not allow to change user password if database does
// not exists. We must create database before change password.
- if (CKM_API_SUCCESS != m_control->unlockUserKey(user, oldPwd))
+ if (CKM_API_SUCCESS != control->unlockUserKey(clientInfo, oldPwd))
return SECURITY_SERVER_PLUGIN_FAIL;
-
- if (CKM_API_SUCCESS != m_control->changeUserPassword(user, oldPwd, newPwd))
+ if (CKM_API_SUCCESS != control->changeUserPassword(clientInfo, oldPwd, newPwd))
return SECURITY_SERVER_PLUGIN_FAIL;
return SECURITY_SERVER_PLUGIN_SUCCESS;
}
-int Plugin::login(uid_t user, const std::string &password) {
- CKM::Password pwd(password.begin(), password.end());
-
- if (!m_control)
+int Plugin::login(
+ const std::string &zone,
+ uid_t user,
+ const std::string &password)
+{
+ auto control = CKM::Control::create();
+ if (!control)
return SECURITY_SERVER_PLUGIN_FAIL;
- if (CKM_API_SUCCESS != m_control->unlockUserKey(user, pwd))
+ CKM::Password pwd(password.begin(), password.end());
+
+ if (CKM_API_SUCCESS != control->unlockUserKey(getClientInfo(zone, user), pwd))
return SECURITY_SERVER_PLUGIN_FAIL;
return SECURITY_SERVER_PLUGIN_SUCCESS;
}
-int Plugin::logout(uid_t user) {
- if (!m_control)
+int Plugin::logout(const std::string &zone, uid_t user)
+{
+ auto control = CKM::Control::create();
+ if (!control)
return SECURITY_SERVER_PLUGIN_FAIL;
- if (CKM_API_SUCCESS != m_control->lockUserKey(user))
+ if (CKM_API_SUCCESS != control->lockUserKey(getClientInfo(zone, user)))
return SECURITY_SERVER_PLUGIN_FAIL;
return SECURITY_SERVER_PLUGIN_SUCCESS;
}
-int Plugin::resetUserPassword(uid_t user, const std::string &newPass) {
- CKM::Password pwd(newPass.begin(), newPass.end());
-
- if (!m_control)
+int Plugin::resetUserPassword(
+ const std::string &zone,
+ uid_t user,
+ const std::string &newPass)
+{
+ auto control = CKM::Control::create();
+ if (!control)
return SECURITY_SERVER_PLUGIN_FAIL;
- if (CKM_API_SUCCESS != m_control->resetUserPassword(user, pwd))
+ CKM::Password pwd(newPass.begin(), newPass.end());
+
+ if (CKM_API_SUCCESS != control->resetUserPassword(getClientInfo(zone, user), pwd))
return SECURITY_SERVER_PLUGIN_FAIL;
return SECURITY_SERVER_PLUGIN_SUCCESS;
}
-int Plugin::removeUserData(uid_t user) {
- if (!m_control)
+int Plugin::removeUserData(const std::string &zone, uid_t user)
+{
+ auto control = CKM::Control::create();
+ if (!control)
return SECURITY_SERVER_PLUGIN_FAIL;
- if (CKM_API_SUCCESS != m_control->removeUserData(user))
+ if (CKM_API_SUCCESS != control->removeUserData(getClientInfo(zone, user)))
return SECURITY_SERVER_PLUGIN_FAIL;
return SECURITY_SERVER_PLUGIN_SUCCESS;
void destroy(SecurityServer::PasswordPlugin *obj) {
delete obj;
}
-
-