40 #include "auth.h" |
40 #include "auth.h" |
41 |
41 |
42 |
42 |
43 /* ------------------------------ _uudecode ------------------------------- */ |
43 /* ------------------------------ _uudecode ------------------------------- */ |
44 |
44 |
45 const unsigned char pr2six[256]={ |
45 const unsigned char pr2six[256] = { |
46 64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64, |
46 64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64, |
47 64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,62,64,64,64,63, |
47 64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,62,64,64,64,63, |
48 52,53,54,55,56,57,58,59,60,61,64,64,64,64,64,64,64,0,1,2,3,4,5,6,7,8,9, |
48 52,53,54,55,56,57,58,59,60,61,64,64,64,64,64,64,64,0,1,2,3,4,5,6,7,8,9, |
49 10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,64,64,64,64,64,64,26,27, |
49 10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,64,64,64,64,64,64,26,27, |
50 28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51, |
50 28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51, |
54 64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64, |
54 64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64, |
55 64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64, |
55 64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64, |
56 64,64,64,64,64,64,64,64,64,64,64,64,64 |
56 64,64,64,64,64,64,64,64,64,64,64,64,64 |
57 }; |
57 }; |
58 |
58 |
59 char *_uudecode(char *bufcoded) |
59 char *_uudecode(pool_handle_t *pool, char *bufcoded) { |
60 { |
|
61 register char *bufin = bufcoded; |
60 register char *bufin = bufcoded; |
62 register unsigned char *bufout; |
61 register unsigned char *bufout; |
63 register int nprbytes; |
62 register int nprbytes; |
64 unsigned char *bufplain; |
63 unsigned char *bufplain; |
65 int nbytesdecoded; |
64 int nbytesdecoded; |
94 bufplain[nbytesdecoded] = '\0'; |
93 bufplain[nbytesdecoded] = '\0'; |
95 |
94 |
96 return (char *)bufplain; |
95 return (char *)bufplain; |
97 } |
96 } |
98 |
97 |
|
98 int basicauth_getuser(Session *sn, Request *rq, char **user, char **pw) { |
|
99 char *auth = NULL; |
|
100 *user = NULL; |
|
101 *pw = NULL; |
|
102 char *u; |
|
103 char *p; |
|
104 |
|
105 if(request_header("authorization", &auth, sn, rq) == REQ_ABORTED) { |
|
106 return REQ_ABORTED; |
|
107 } |
|
108 |
|
109 if(!auth) { |
|
110 return REQ_NOACTION; |
|
111 } |
|
112 |
|
113 /* Skip leading whitespace */ |
|
114 while(*auth && (*auth == ' ')) |
|
115 ++auth; |
|
116 if(!(*auth)) { |
|
117 protocol_status(sn, rq, PROTOCOL_FORBIDDEN, NULL); |
|
118 return REQ_ABORTED; |
|
119 } |
|
120 |
|
121 /* Verify correct type */ |
|
122 if((strlen(auth) < 6) || strncasecmp(auth, "basic ", 6)) { |
|
123 return REQ_NOACTION; |
|
124 } |
|
125 |
|
126 /* Skip whitespace */ |
|
127 auth += 6; |
|
128 while(*auth && (*auth == ' ')) { |
|
129 ++auth; |
|
130 } |
|
131 |
|
132 if(!*auth) { |
|
133 return REQ_NOACTION; |
|
134 } |
|
135 |
|
136 /* Uuencoded user:password now */ |
|
137 if(!(u = _uudecode(sn->pool, auth))) { |
|
138 return REQ_NOACTION; |
|
139 } |
|
140 |
|
141 if(!(p = strchr(u, ':'))) { |
|
142 pool_free(sn->pool, u); |
|
143 return REQ_NOACTION; |
|
144 } |
|
145 *p++ = '\0'; |
|
146 |
|
147 *user = u; |
|
148 *pw = p; |
|
149 |
|
150 return REQ_PROCEED; |
|
151 } |
|
152 |
99 /* ------------------------------ auth_basic ------------------------------ */ |
153 /* ------------------------------ auth_basic ------------------------------ */ |
100 |
154 |
101 int auth_basic(pblock *param, Session *sn, Request *rq) |
155 int auth_basic(pblock *param, Session *sn, Request *rq) |
102 { |
156 { |
103 char *pwfile, *grpfile, *type, *auth, *user, *pw; |
157 char *pwfile, *grpfile, *type, *auth, *user, *pw; |
132 // XP_GetAdminStr(DBT_authError1)); |
180 // XP_GetAdminStr(DBT_authError1)); |
133 protocol_status(sn, rq, PROTOCOL_SERVER_ERROR, NULL); |
181 protocol_status(sn, rq, PROTOCOL_SERVER_ERROR, NULL); |
134 return REQ_ABORTED; |
182 return REQ_ABORTED; |
135 } |
183 } |
136 |
184 |
137 /* Skip leading whitespace */ |
185 ret = basicauth_getuser(sn, rq, &user, &pw); |
138 while(*auth && (*auth == ' ')) |
186 if(ret != REQ_PROCEED) { |
139 ++auth; |
187 return ret; |
140 if(!(*auth)) { |
188 } |
141 protocol_status(sn, rq, PROTOCOL_FORBIDDEN, NULL); |
|
142 return REQ_ABORTED; |
|
143 } |
|
144 |
|
145 /* Verify correct type */ |
|
146 if((strlen(auth) < 6) || strncasecmp(auth, "basic ", 6)) |
|
147 return REQ_NOACTION; |
|
148 |
|
149 /* Skip whitespace */ |
|
150 auth += 6; |
|
151 while(*auth && (*auth == ' ')) |
|
152 ++auth; |
|
153 |
|
154 if(!*auth) |
|
155 return REQ_NOACTION; |
|
156 |
|
157 /* Uuencoded user:password now */ |
|
158 if(!(user = _uudecode(auth))) |
|
159 return REQ_NOACTION; |
|
160 |
|
161 if(!(pw = strchr(user, ':'))) { |
|
162 free(user); |
|
163 return REQ_NOACTION; |
|
164 } |
|
165 *pw++ = '\0'; |
|
166 |
189 |
167 npb = pblock_create(4); |
190 npb = pblock_create(4); |
168 pblock_nvinsert("user", user, npb); |
191 pblock_nvinsert("user", user, npb); |
169 pblock_nvinsert("pw", pw, npb); |
192 pblock_nvinsert("pw", pw, npb); |
170 pblock_nvinsert("userdb", pwfile, npb); |
193 pblock_nvinsert("userdb", pwfile, npb); |
228 // XP_GetAdminStr(DBT_authError1)); |
237 // XP_GetAdminStr(DBT_authError1)); |
229 protocol_status(sn, rq, PROTOCOL_SERVER_ERROR, NULL); |
238 protocol_status(sn, rq, PROTOCOL_SERVER_ERROR, NULL); |
230 return REQ_ABORTED; |
239 return REQ_ABORTED; |
231 } |
240 } |
232 |
241 |
233 /* Skip leading whitespace */ |
242 int ret = basicauth_getuser(sn, rq, &user, &pw); |
234 while(*auth && (*auth == ' ')) |
243 if(ret != REQ_PROCEED) { |
235 ++auth; |
244 return ret; |
236 if(!(*auth)) { |
245 } |
237 protocol_status(sn, rq, PROTOCOL_FORBIDDEN, NULL); |
|
238 return REQ_ABORTED; |
|
239 } |
|
240 |
|
241 /* Verify correct type */ |
|
242 if((strlen(auth) < 6) || strncasecmp(auth, "basic ", 6)) |
|
243 return REQ_NOACTION; |
|
244 |
|
245 /* Skip whitespace */ |
|
246 auth += 6; |
|
247 while(*auth && (*auth == ' ')) |
|
248 ++auth; |
|
249 |
|
250 if(!*auth) |
|
251 return REQ_NOACTION; |
|
252 |
|
253 /* Uuencoded user:password now */ |
|
254 if(!(user = _uudecode(auth))) |
|
255 return REQ_NOACTION; |
|
256 |
|
257 if(!(pw = strchr(user, ':'))) { |
|
258 free(user); |
|
259 return REQ_NOACTION; |
|
260 } |
|
261 *pw++ = '\0'; |
|
262 |
246 |
263 // get auth db |
247 // get auth db |
264 ServerConfiguration *config = session_get_config(sn); |
248 ServerConfiguration *config = session_get_config(sn); |
265 sstr_t dbname = sstr(db); |
249 sstr_t dbname = sstr(db); |
266 AuthDB *authdb = ucx_map_sstr_get(config->authdbs, dbname); |
250 AuthDB *authdb = ucx_map_sstr_get(config->authdbs, dbname); |