diff options
| author | goodale <goodale@1faa4e14-9dd3-4be0-9f0e-ffe519881164> | 2000-09-15 12:45:27 +0000 |
|---|---|---|
| committer | goodale <goodale@1faa4e14-9dd3-4be0-9f0e-ffe519881164> | 2000-09-15 12:45:27 +0000 |
| commit | 9ca8518895939d3ae82c937bed7f2b545a9f9e39 (patch) | |
| tree | 6a4f12a4f4c472bffac1dbffb2b5a877bf2c0beb /src/Authorisation.c | |
| parent | 3c4f4b1e6a1de4d6e16a70af4d11fc11ddb11da9 (diff) | |
Made parallel aware.
Added stuff for parameter steering. See doc/Steering.txt.
Added stuff for HTTP Basic authentication. See doc/Auth.txt.
Tom
git-svn-id: http://svn.cactuscode.org/arrangements/CactusConnect/HTTPD/trunk@9 1faa4e14-9dd3-4be0-9f0e-ffe519881164
Diffstat (limited to 'src/Authorisation.c')
| -rw-r--r-- | src/Authorisation.c | 356 |
1 files changed, 356 insertions, 0 deletions
diff --git a/src/Authorisation.c b/src/Authorisation.c new file mode 100644 index 0000000..3be4c3b --- /dev/null +++ b/src/Authorisation.c @@ -0,0 +1,356 @@ + /*@@ + @file Authorisation.c + @date Fri Sep 15 12:34:59 2000 + @author Tom Goodale + @desc + Authorisation stuff for webserver + @enddesc + @version $Header + @@*/ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include "cctk.h" + +#include "util_Hash.h" +#include "util_String.h" + +#include "http_Request.h" +#include "http_Auth.h" + +#include "base64.h" + +static char *rcsid = "$Header$"; + +CCTK_FILEVERSION(DevThorns_httpd_Authorisation_c) + +/******************************************************************** + ********************* Local Data Types *********************** + ********************************************************************/ + +struct httpUserData +{ + char *password; + char *encryption_scheme; +}; + +/******************************************************************** + ********************* Local Routine Prototypes ********************* + ********************************************************************/ + +static int AddUser(uHash *database, + const char *name, + const char *password, + const char *encryption_scheme); + +static int VerifyPassword(const char *database, + const char *user, + const char *password); + +/******************************************************************** + ********************* Other Routine Prototypes ********************* + ********************************************************************/ + +/******************************************************************** + ********************* Local Data ***************************** + ********************************************************************/ + +static uHash *AuthDatabase = NULL; + +#define INITIAL_SIZE 32 +#define DECODED_SIZE 100 + +/******************************************************************** + ********************* External Routines ********************** + ********************************************************************/ + + /*@@ + @routine HTTP_AuthAddUser + @date Fri Sep 15 12:52:09 2000 + @author Tom Goodale + @desc + Adds a user to a http authentication database. + @enddesc + @calls + @calledby + @history + + @endhistory + +@@*/ +int HTTP_AuthAddUser(const char *database, + const char *name, + const char *password, + const char *encryption_scheme) +{ + int retcode; + uHash *this_database; + + /* Create the master database if necessary */ + if(!AuthDatabase) + { + AuthDatabase = Util_HashCreate(INITIAL_SIZE); + } + + if(AuthDatabase) + { + /* Does this database exist ? */ + this_database = (uHash *)Util_HashData(AuthDatabase, strlen(database), database, 0); + + if(!this_database) + { + this_database = Util_HashCreate(INITIAL_SIZE); + + if(this_database) + { + Util_HashStore(AuthDatabase, strlen(database), database, 0, (void *)this_database); + } + else + { + retcode = -2; + } + } + } + else + { + retcode = -1; + } + + /* Now add the user to the database */ + if(this_database) + { + retcode = AddUser(this_database, name, password, encryption_scheme); + } + + return retcode; +} + + + /*@@ + @routine HTTP_AuthenticateBasic + @date Fri Sep 15 13:12:43 2000 + @author Tom Goodale + @desc + Authenticates an HTTP request against + a particular database. + @enddesc + @calls + @calledby + @history + + @endhistory + + @returntype int + @returndesc + The authorisation status. + +1 means that there was no Authorization header. + 0 succesful authentication + -1 failed authentication + @endreturndesc + +@@*/ +int HTTP_AuthenticateBasic(httpRequest *request, + const char *database) +{ + int retval; + char message[1024]; + + const char *value; + char *auth_string; + char *token; + + int decoded_size; + unsigned char decoded[DECODED_SIZE+1]; + + unsigned char *password; + + int authorised; + + value = HTTP_HeaderValue(request, "Authorization"); + + auth_string = NULL; + + authorised = 0; + + /* Ok, there's an authentication string here. */ + if(value) + { + auth_string = Util_Strdup(value); + + token = strtok(auth_string, " "); + + if(token) + { + if(CCTK_Equals(token, "Basic")) + { + token = strtok(NULL, " ,\t"); + decoded_size = HTTP_b64_pton(token, decoded, DECODED_SIZE); + + /* Null terminate string */ + decoded[decoded_size] = 0; + + password = strchr(decoded, ':'); + + if(password) + { + *password = 0; + password++; + + authorised = VerifyPassword(database, decoded, password); + } + } + } + + if(auth_string) + { + free(auth_string); + } + + if(authorised) + { + retval = 0; + } + else + { + retval = -1; + } + } + else + { + /* There's no authentication string here */ + + retval = 1; + + } + + return retval; +} + +/******************************************************************** + ********************* Local Routines ************************* + ********************************************************************/ + + /*@@ + @routine AddUser + @date Fri Sep 15 12:52:37 2000 + @author Tom Goodale + @desc + Adds a user to a particular database. + @enddesc + @calls + @calledby + @history + + @endhistory + +@@*/ +static int AddUser(uHash *database, + const char *name, + const char *password, + const char *encryption_scheme) +{ + int retcode; + struct httpUserData *this_user; + + /* Does this user already exist ? */ + this_user = (struct httpUserData *)Util_HashData(database, strlen(name), name, 0); + + if(!this_user) + { + /* New user */ + + this_user = (struct httpUserData *)malloc(sizeof(struct httpUserData *)); + + if(this_user) + { + this_user->password = Util_Strdup(password); + this_user->encryption_scheme = Util_Strdup(encryption_scheme); + + retcode = Util_HashStore(database, strlen(name), name, 0, (void *)this_user); + } + else + { + retcode = -1; + } + } + else + { + /* Replace user's current data */ + free(this_user->password); + free(this_user->encryption_scheme); + + this_user->password = Util_Strdup(password); + this_user->encryption_scheme = Util_Strdup(encryption_scheme); + + retcode = 0; + } + + return retcode; +} + + /*@@ + @routine VerifyPassword + @date Fri Sep 15 13:28:50 2000 + @author Tom Goodale + @desc + Verifies a user and password against a database. + @enddesc + @calls + @calledby + @history + + @endhistory + +@@*/ +static int VerifyPassword(const char *database, + const char *user, + const char *password) +{ + int retcode; + uHash *this_database; + struct httpUserData *data; + + retcode = 0; + + if(AuthDatabase) + { + /* Does this database exist ? */ + this_database = (uHash *)Util_HashData(AuthDatabase, strlen(database), database, 0); + + if(this_database) + { + data = (struct httpUserData *) Util_HashData(this_database, strlen(user), user, 0); + + if(data) + { + /* Ok, now verify the password. */ + if(CCTK_Equals(data->encryption_scheme, "none")) + { + if(!strcmp(data->password, password)) + { + retcode = 1; + } + } + else if(CCTK_Equals(data->encryption_scheme, "crypt")) + { +#ifdef HAVE_CRYPT + if(!strcmp(data->password, crypt(password, data->password))) + { + retcode = 1; + } +#else + fprintf(stderr, "Sorry, crypt(3) not supported in this configuration.\n"); +#endif + } + else + { + fprintf(stderr, "Unknown encryption algorithm '%s'\n", data->encryption_scheme); + } + } + } + } + + return retcode; +} |