You are here

Home » API reference » Secure Site 6.2 » digest_md5.conf.php

function _securesite_schema in Secure Site 6.2

Same name and namespace in other branches
  1. 8 digest_md5/digest_md5.conf.php \_securesite_schema()
  2. 7.2 digest_md5/digest_md5.conf.php \_securesite_schema()

Set up password and nonce storage.

2 calls to _securesite_schema()
digest_md5.php in digest_md5/digest_md5.php
This script implements the DIGEST-MD5 mechanism for all protocols. Only the root user should have access to this script and the database used to store passwords and nonce values.
stored_passwords.php in digest_md5/stored_passwords.php
This script manages stored passwords. Only the root user should have access to this script and the database used to store passwords.

File

digest_md5/digest_md5.conf.php, line 52
Configuration for digest authentication. Only the root user should have access to this file.

Code

function _securesite_schema() {
  global $db_url, $db_type;
  $schema['securesite_passwords'] = array(
    'module' => 'securesite',
    'name' => 'securesite_passwords',
    'description' => 'Stores user passwords.',
    'fields' => array(
      'name' => array(
        'type' => 'varchar',
        'length' => 60,
        'not null' => TRUE,
        'default' => '',
        'description' => "User's {users}.name.",
      ),
      'realm' => array(
        'type' => 'text',
        'description' => "User's realm.",
      ),
      'pass' => array(
        'type' => 'varchar',
        'length' => 32,
        'not null' => TRUE,
        'default' => '',
        'description' => "User's password (plain text).",
      ),
    ),
    'primary key' => array(
      'name, realm',
    ),
    'indexes' => array(
      'name' => array(
        'name',
      ),
      'realm' => array(
        'realm',
      ),
    ),
  );
  $schema['securesite_nonce'] = array(
    'module' => 'securesite',
    'name' => 'securesite_nonce',
    'description' => 'Stores nonce values.',
    'fields' => array(
      'nonce' => array(
        'type' => 'text',
        'not null' => TRUE,
        'default' => '',
        'description' => 'Nonce value.',
      ),
      'qop' => array(
        'type' => 'text',
        'description' => 'Quality of protection.',
      ),
      'nc' => array(
        'type' => 'int',
        'not null' => TRUE,
        'default' => 0,
        'description' => 'Number of times nonce has been used.',
      ),
      'opaque' => array(
        'type' => 'text',
        'description' => 'Opaque value.',
      ),
      'hash' => array(
        'type' => 'text',
        'description' => 'Hashed entity body to see if message was tampered with.',
      ),
      'time' => array(
        'type' => 'int',
        'description' => 'Last use timestamp.',
      ),
      'realm' => array(
        'type' => 'text',
        'description' => "Nonce realm.",
      ),
    ),
    'primary key' => array(
      'nonce, realm',
    ),
    'indexes' => array(
      'nonce' => array(
        'nonce',
      ),
      'opaque' => array(
        'opaque',
      ),
      'realm' => array(
        'realm',
      ),
    ),
  );
  $ret = array();
  foreach ($schema as $name => $table) {
    $url = parse_url(is_array($db_url) ? $db_url['default'] : $db_url);
    $database = substr($url['path'], 1);
    switch ($db_type) {
      case 'mysql':
      case 'mysqli':
        $sql = "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = '%s' AND table_name = '%s'";
        break;
      case 'pgsql':
        $sql = "SELECT COUNT(*) FROM information_schema.tables WHERE table_catalog = '%s' AND table_schema = 'public' AND table_name = '%s'";
        break;
    }
    if (db_result(db_query($sql, $database, $name)) == 0) {
      db_create_table($ret, $name, $table);
    }
  }
  return $ret;
}