src/server/config/keyfile.c

Wed, 28 Oct 2015 17:59:34 +0100

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Wed, 28 Oct 2015 17:59:34 +0100
changeset 105
63d9051fe35c
parent 101
7fbcdbad0baa
child 115
51d9a15eac98
permissions
-rw-r--r--

using readdir_r instead of readdir

62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
1 /*
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
2 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
3 *
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
4 * Copyright 2013 Olaf Wintermann. All rights reserved.
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
5 *
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
6 * Redistribution and use in source and binary forms, with or without
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
7 * modification, are permitted provided that the following conditions are met:
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
8 *
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
9 * 1. Redistributions of source code must retain the above copyright
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
10 * notice, this list of conditions and the following disclaimer.
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
11 *
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
12 * 2. Redistributions in binary form must reproduce the above copyright
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
13 * notice, this list of conditions and the following disclaimer in the
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
14 * documentation and/or other materials provided with the distribution.
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
15 *
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
26 * POSSIBILITY OF SUCH DAMAGE.
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
27 */
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
28
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
29 #include <stdio.h>
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
30 #include <stdlib.h>
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
31
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
32 #include "keyfile.h"
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
33
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
34 KeyfileConfig *load_keyfile_config(char *file) {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
35 FILE *in = fopen(file, "r");
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
36 if(in == NULL) {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
37 return NULL;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
38 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
39
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
40 KeyfileConfig *conf = malloc(sizeof(KeyfileConfig));
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
41 conf->parser.parse = keyfile_parse;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
42 conf->file = file;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
43 conf->users = NULL;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
44
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
45 int r = cfg_parse_basic_file((ConfigParser*)conf, in);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
46 if(r != 0) {
97
09fbefc0e6a9 added ldap group support
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 91
diff changeset
47 fclose(in);
09fbefc0e6a9 added ldap group support
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 91
diff changeset
48 free(conf);
62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
49 // TODO: free
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
50 return NULL;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
51 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
52
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
53 fclose(in);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
54
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
55 return conf;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
56 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
57
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
58 void free_keyfile_config(KeyfileConfig *conf) {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
59 if(conf->users) {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
60 ucx_list_free(conf->users);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
61 }
91
fac51f87def0 ucx update
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 88
diff changeset
62 ucx_mempool_destroy(conf->parser.mp->pool);
62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
63 free(conf);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
64 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
65
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
66 int keyfile_parse(void *p, ConfigLine *begin, ConfigLine *end, sstr_t line) {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
67 KeyfileConfig *conf = p;
91
fac51f87def0 ucx update
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 88
diff changeset
68 UcxAllocator *mp = conf->parser.mp;
62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
69
101
7fbcdbad0baa added support for absolute URIs and improved keep alive
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 97
diff changeset
70 ssize_t tkn = 0;
62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
71 sstr_t *tk = sstrsplit(line, sstrn(";", 1), &tkn);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
72
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
73 if(tkn < 2) {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
74 return 1;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
75 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
76
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
77 KeyfileEntry *entry = OBJ_NEW(mp, KeyfileEntry);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
78 entry->groups = NULL;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
79 entry->numgroups = 0;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
80
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
81 // get user name
91
fac51f87def0 ucx update
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 88
diff changeset
82 entry->name = sstrdup_a(mp, tk[0]);
62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
83
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
84 // get hash
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
85 sstr_t hash = sstrtrim(tk[1]);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
86 if(hash.length < 4) {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
87 // to short
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
88 return 1;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
89 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
90 if(hash.ptr[0] != '{') {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
91 // missing hash type specification
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
92 return 1;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
93 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
94
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
95 // get hash type and data
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
96 sstr_t hash_type;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
97 sstr_t hash_data;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
98 for(int i=1;i<hash.length;i++) {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
99 if(hash.ptr[i] == '}') {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
100 hash_type = sstrsubsl(hash, 1, i-1);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
101 hash_data = sstrsubs(hash, i+1);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
102 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
103 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
104
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
105 if(!sstrcmp(hash_type, sstr("SSHA"))) {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
106 entry->hashtype = KEYFILE_SSHA;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
107 } else {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
108 // unkown hash type
91
fac51f87def0 ucx update
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 88
diff changeset
109 fprintf(stderr, "unknown hash type: %s\n", sstrdup_a(mp, hash_type).ptr);
62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
110 return 1;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
111 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
112
91
fac51f87def0 ucx update
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 88
diff changeset
113 entry->hashdata = sstrdup_a(mp, hash_data);
62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
114
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
115 // get groups
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
116 if(tkn == 3) {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
117 sstr_t groups_str = sstrtrim(tk[2]);
101
7fbcdbad0baa added support for absolute URIs and improved keep alive
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 97
diff changeset
118 ssize_t ngroups = 0;
62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
119 sstr_t *groups = sstrsplit(groups_str, sstrn(",", 1), &ngroups);
91
fac51f87def0 ucx update
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 88
diff changeset
120 entry->groups = mp->calloc(mp->pool, ngroups, sizeof(sstr_t));
62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
121 entry->numgroups = ngroups;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
122 for(int i=0;i<ngroups;i++) {
91
fac51f87def0 ucx update
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 88
diff changeset
123 entry->groups[i] = sstrdup_a(mp, sstrtrim(groups[i]));
62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
124 free(groups[i].ptr);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
125 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
126 free(groups);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
127 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
128
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
129 // add user
91
fac51f87def0 ucx update
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 88
diff changeset
130 conf->users = ucx_list_append_a(mp, conf->users, entry);
62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
131
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
132 // free tokens
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
133 for(int i=0;i<tkn;i++) {
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
134 free(tk[i].ptr);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
135 }
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
136 free(tk);
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
137
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
138 return 0;
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
139 }

mercurial