src/server/public/auth.h

Sun, 15 Sep 2024 09:47:36 +0200

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Sun, 15 Sep 2024 09:47:36 +0200
changeset 558
0e79e17c70e2
parent 467
4d038bc6f86e
permissions
-rw-r--r--

improve sessionhandler trace logging

59
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
1 /*
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
2 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
3 *
211
2160585200ac add propfind/proppatch parser and first iteration of the new webdav api
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 162
diff changeset
4 * Copyright 2018 Olaf Wintermann. All rights reserved.
59
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
5 *
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
6 * Redistribution and use in source and binary forms, with or without
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
7 * modification, are permitted provided that the following conditions are met:
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
8 *
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
9 * 1. Redistributions of source code must retain the above copyright
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
10 * notice, this list of conditions and the following disclaimer.
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
11 *
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
12 * 2. Redistributions in binary form must reproduce the above copyright
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
13 * notice, this list of conditions and the following disclaimer in the
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
14 * documentation and/or other materials provided with the distribution.
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
15 *
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
26 * POSSIBILITY OF SUCH DAMAGE.
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
27 */
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
28
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
29 #ifndef WS_AUTH_H
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
30 #define WS_AUTH_H
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
31
63
66442f81f823 supports file system ACLs on Solaris
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 62
diff changeset
32 #include <sys/types.h>
66442f81f823 supports file system ACLs on Solaris
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 62
diff changeset
33
467
4d038bc6f86e refactore ldap_auth to use resource pools
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
34 #include "nsapi.h"
4d038bc6f86e refactore ldap_auth to use resource pools
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
35
59
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
36 #ifdef __cplusplus
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
37 extern "C" {
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
38 #endif
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
39
162
b169992137a8 improves cgi error handling and allows requests with empty headers
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 161
diff changeset
40 #ifdef XP_WIN32
147
d050449c3b9e ported io.c and some headers to windows
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 66
diff changeset
41 typedef int uid_t;
d050449c3b9e ported io.c and some headers to windows
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 66
diff changeset
42 typedef int gid_t;
d050449c3b9e ported io.c and some headers to windows
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 66
diff changeset
43 #endif
d050449c3b9e ported io.c and some headers to windows
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 66
diff changeset
44
59
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
45 typedef struct auth_db AuthDB;
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
46 typedef struct user User;
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
47
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
48 /*
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
49 * get a user from the authentication database
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
50 *
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
51 * param1: authentication database
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
52 * param2: user
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
53 */
467
4d038bc6f86e refactore ldap_auth to use resource pools
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
54 typedef User*(*authdb_get_user_f)(AuthDB*, Session*, Request*, const char*);
59
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
55
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
56 struct auth_db {
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
57 char *name;
467
4d038bc6f86e refactore ldap_auth to use resource pools
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
58 /* User* get_user(AuthDB *db, Session *sn, Request *rq, char *username) */
59
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
59 authdb_get_user_f get_user;
66
74babc0082b7 added authentication cache
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 63
diff changeset
60 int use_cache;
59
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
61 };
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
62
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
63 /*
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
64 * verify the users password
62
c47e081b6c0f added keyfile based authentication
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 59
diff changeset
65 * returns 1 if the password is correct, otherwise 0
59
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
66 *
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
67 * param1: user
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
68 * param2: password
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
69 */
415
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 211
diff changeset
70 typedef int(*user_verify_passwd_f)(User*, const char*);
59
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
71
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
72 /*
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
73 * check if the user is a member of a given group
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
74 *
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
75 * param1: user
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
76 * param2: group
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
77 */
415
d938228c382e switch from ucx 2 to 3
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 211
diff changeset
78 typedef int(*user_check_group_f)(User*, const char*);
59
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
79
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
80 /*
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
81 * free the user object
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
82 */
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
83 typedef void(*user_free_f)(User*);
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
84
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
85 struct user {
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
86 char *name;
63
66442f81f823 supports file system ACLs on Solaris
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 62
diff changeset
87 uid_t uid;
66442f81f823 supports file system ACLs on Solaris
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 62
diff changeset
88 gid_t gid;
59
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
89 /* int verify_password(User *user, char *password) */
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
90 user_verify_passwd_f verify_password;
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
91 /* int check_group(User *user, char *group) */
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
92 user_check_group_f check_group;
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
93 /* void free(User*) */
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
94 user_free_f free;
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
95 };
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
96
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
97
467
4d038bc6f86e refactore ldap_auth to use resource pools
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
98 User* authdb_get_user(AuthDB *db, Session *sn, Request *rq, const char *user);
4d038bc6f86e refactore ldap_auth to use resource pools
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 415
diff changeset
99 User* authdb_get_and_verify(AuthDB *db, Session *sn, Request *rq, const char *user, const char *password, int *pw);
59
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
100
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
101 #ifdef __cplusplus
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
102 }
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
103 #endif
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
104
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
105 #endif /* WS_AUTH_H */
ab25c0a231d0 some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
106

mercurial