src/server/daemon/keyfile_auth.c

changeset 415
d938228c382e
parent 261
f2c772336ecd
child 467
4d038bc6f86e
equal deleted inserted replaced
414:99a34860c105 415:d938228c382e
39 #endif 39 #endif
40 40
41 #include "../util/atomic.h" 41 #include "../util/atomic.h"
42 #include "../util/util.h" 42 #include "../util/util.h"
43 43
44 #include <cx/hash_map.h>
45
44 #include "keyfile_auth.h" 46 #include "keyfile_auth.h"
45 47
46 Keyfile* keyfile_new(UcxAllocator *a) { 48 Keyfile* keyfile_new(CxAllocator *a) {
47 Keyfile *keyfile = alcalloc(a, 1, sizeof(Keyfile)); 49 Keyfile *keyfile = cxCalloc(a, 1, sizeof(Keyfile));
48 if(!keyfile) { 50 if(!keyfile) {
49 return NULL; 51 return NULL;
50 } 52 }
51 keyfile->authdb.get_user = keyfile_get_user; 53 keyfile->authdb.get_user = keyfile_get_user;
52 keyfile->authdb.use_cache = 0; 54 keyfile->authdb.use_cache = 0;
53 keyfile->users = ucx_map_new_a(a, 16); 55 keyfile->users = cxHashMapCreate(a, 16);
54 return keyfile; 56 return keyfile;
55 } 57 }
56 58
57 int keyfile_add_user( 59 int keyfile_add_user(
58 Keyfile *keyfile, 60 Keyfile *keyfile,
59 sstr_t name, 61 cxmutstr name,
60 enum KeyfileHashType hash_type, 62 enum KeyfileHashType hash_type,
61 sstr_t hash, 63 cxmutstr hash,
62 sstr_t *groups, 64 cxmutstr *groups,
63 size_t ngroups) 65 size_t ngroups)
64 { 66 {
65 UcxAllocator *a = keyfile->users->allocator; 67 CxAllocator *a = keyfile->users->allocator;
66 68
67 if(hash.length < 12) { 69 if(hash.length < 12) {
68 // hash too short 70 // hash too short
69 // TODO: log 71 // TODO: log
70 return -1; 72 return -1;
71 } 73 }
72 74
73 KeyfileUser *user = almalloc(a, sizeof(KeyfileUser)); 75 KeyfileUser *user = cxMalloc(a, sizeof(KeyfileUser));
74 user->user.name = sstrdup_a(a, name).ptr; 76 user->user.name = cx_strdup_a(a, cx_strcast(name)).ptr;
75 user->user.uid = -1; 77 user->user.uid = -1;
76 user->user.gid = -1; 78 user->user.gid = -1;
77 user->user.verify_password = keyfile_user_verify_password; 79 user->user.verify_password = keyfile_user_verify_password;
78 user->user.check_group = keyfile_user_check_group; 80 user->user.check_group = keyfile_user_check_group;
79 user->user.free = keyfile_user_free; 81 user->user.free = keyfile_user_free;
80 82
81 user->hash_type = hash_type; 83 user->hash_type = hash_type;
82 user->hash = almalloc(a, hash.length + 1); 84 user->hash = cxMalloc(a, hash.length + 1);
83 85
84 if(!user->user.name || !user->hash) { 86 if(!user->user.name || !user->hash) {
85 return -1; 87 return -1;
86 } 88 }
87 89
88 user->hashlen = util_base64decode(hash.ptr, hash.length, user->hash); 90 user->hashlen = util_base64decode(hash.ptr, hash.length, user->hash);
89 91
90 if(ngroups > 0) { 92 if(ngroups > 0) {
91 user->groups = alcalloc(a, ngroups, sizeof(sstr_t)); 93 user->groups = cxCalloc(a, ngroups, sizeof(cxmutstr));
92 if(!user->groups) { 94 if(!user->groups) {
93 return -1; 95 return -1;
94 } 96 }
95 for(int i=0;i<ngroups;i++) { 97 for(int i=0;i<ngroups;i++) {
96 user->groups[i] = sstrdup_a(a, groups[i]); 98 user->groups[i] = cx_strdup_a(a, cx_strcast(groups[i]));
97 } 99 }
98 100
99 } else { 101 } else {
100 user->groups = NULL; 102 user->groups = NULL;
101 } 103 }
102 104
103 // add to keyfile 105 // add to keyfile
104 return ucx_map_sstr_put(keyfile->users, name, user); 106 return cxMapPut(keyfile->users, cx_hash_key(name.ptr, name.length), user);
105 } 107 }
106 108
107 // authdb functions 109 // authdb functions
108 110
109 User* keyfile_get_user(AuthDB *db, char *user) { 111 User* keyfile_get_user(AuthDB *db, const char *user) {
110 Keyfile *keyfile = (Keyfile*)db; 112 Keyfile *keyfile = (Keyfile*)db;
111 return ucx_map_cstr_get(keyfile->users, user); 113 return cxMapGet(keyfile->users, cx_hash_key_str(user));
112 } 114 }
113 115
114 int keyfile_user_verify_password(User *user, char *password) { 116 int keyfile_user_verify_password(User *user, const char *password) {
115 KeyfileUser *usr = (KeyfileUser*)user; 117 KeyfileUser *usr = (KeyfileUser*)user;
116 return ssha_verify(usr, password); 118 return ssha_verify(usr, password);
117 } 119 }
118 120
119 int keyfile_user_check_group(User *user, char *group) { 121 int keyfile_user_check_group(User *user, const char *group) {
120 KeyfileUser *usr = (KeyfileUser*)user; 122 KeyfileUser *usr = (KeyfileUser*)user;
121 sstr_t grp = sstr(group); 123 cxstring grp = cx_str(group);
122 for(int i=0;i<usr->numgroups;i++) { 124 for(int i=0;i<usr->numgroups;i++) {
123 if(!sstrcmp(usr->groups[i], grp)) { 125 if(!cx_strcmp(cx_strcast(usr->groups[i]), grp)) {
124 return 1; 126 return 1;
125 } 127 }
126 } 128 }
127 return 0; 129 return 0;
128 } 130 }
130 void keyfile_user_free(User *user) { 132 void keyfile_user_free(User *user) {
131 // don't free, it will be freed by keyfile_unref 133 // don't free, it will be freed by keyfile_unref
132 } 134 }
133 135
134 136
135 int ssha_verify(KeyfileUser *user, char *password) { 137 int ssha_verify(KeyfileUser *user, const char *password) {
136 /* 138 /*
137 * SSHA: SHA(pw + salt) + salt 139 * SSHA: SHA(pw + salt) + salt
138 * user->hash is already base64 decoded 140 * user->hash is already base64 decoded
139 */ 141 */
140 142

mercurial