Annotation of embedaddon/mpd/src/contrib/libpdel/http/servlet/http_servlet_basicauth.c, revision 1.1.1.1
1.1 misho 1:
2: /*
3: * Copyright (c) 2001-2002 Packet Design, LLC.
4: * All rights reserved.
5: *
6: * Subject to the following obligations and disclaimer of warranty,
7: * use and redistribution of this software, in source or object code
8: * forms, with or without modifications are expressly permitted by
9: * Packet Design; provided, however, that:
10: *
11: * (i) Any and all reproductions of the source or object code
12: * must include the copyright notice above and the following
13: * disclaimer of warranties; and
14: * (ii) No rights are granted, in any manner or form, to use
15: * Packet Design trademarks, including the mark "PACKET DESIGN"
16: * on advertising, endorsements, or otherwise except as such
17: * appears in the above copyright notice or in the software.
18: *
19: * THIS SOFTWARE IS BEING PROVIDED BY PACKET DESIGN "AS IS", AND
20: * TO THE MAXIMUM EXTENT PERMITTED BY LAW, PACKET DESIGN MAKES NO
21: * REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING
22: * THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY AND ALL IMPLIED
23: * WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
24: * OR NON-INFRINGEMENT. PACKET DESIGN DOES NOT WARRANT, GUARANTEE,
25: * OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF, OR THE RESULTS
26: * OF THE USE OF THIS SOFTWARE IN TERMS OF ITS CORRECTNESS, ACCURACY,
27: * RELIABILITY OR OTHERWISE. IN NO EVENT SHALL PACKET DESIGN BE
28: * LIABLE FOR ANY DAMAGES RESULTING FROM OR ARISING OUT OF ANY USE
29: * OF THIS SOFTWARE, INCLUDING WITHOUT LIMITATION, ANY DIRECT,
30: * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, PUNITIVE, OR CONSEQUENTIAL
31: * DAMAGES, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, LOSS OF
32: * USE, DATA OR PROFITS, HOWEVER CAUSED AND UNDER ANY THEORY OF
33: * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
35: * THE USE OF THIS SOFTWARE, EVEN IF PACKET DESIGN IS ADVISED OF
36: * THE POSSIBILITY OF SUCH DAMAGE.
37: *
38: * Author: Archie Cobbs <archie@freebsd.org>
39: */
40:
41: #include <sys/types.h>
42: #include <sys/param.h>
43: #include <sys/stat.h>
44:
45: #include <netinet/in_systm.h>
46: #include <netinet/in.h>
47:
48: #include <stdlib.h>
49: #include <stdio.h>
50: #include <string.h>
51: #include <stdarg.h>
52: #include <syslog.h>
53: #include <errno.h>
54: #include <assert.h>
55:
56: #include <openssl/ssl.h>
57:
58: #include "structs/structs.h"
59: #include "structs/type/array.h"
60:
61: #include "http/http_defs.h"
62: #include "http/http_server.h"
63: #include "http/http_servlet.h"
64: #include "http/servlet/basicauth.h"
65: #include "util/typed_mem.h"
66:
67: #define MEM_TYPE "http_servlet_basicauth"
68:
69: static http_servlet_run_t http_servlet_basicauth_run;
70: static http_servlet_destroy_t http_servlet_basicauth_destroy;
71:
72: struct http_servlet_basicauth {
73: http_servlet_basicauth_t *auth;
74: void (*destroy)(void *);
75: void *arg;
76: };
77:
78: /*
79: * Create a new auth servlet.
80: */
81: struct http_servlet *
82: http_servlet_basicauth_create(http_servlet_basicauth_t *auth,
83: void *arg, void (*destroy)(void *))
84: {
85: struct http_servlet_basicauth *info;
86: struct http_servlet *servlet;
87:
88: /* Sanity check */
89: if (auth == NULL) {
90: errno = EINVAL;
91: return (NULL);
92: }
93:
94: /* Create servlet */
95: if ((servlet = MALLOC(MEM_TYPE, sizeof(*servlet))) == NULL)
96: return (NULL);
97: memset(servlet, 0, sizeof(*servlet));
98: servlet->run = http_servlet_basicauth_run;
99: servlet->destroy = http_servlet_basicauth_destroy;
100:
101: /* Add info */
102: if ((info = MALLOC(MEM_TYPE, sizeof(*info))) == NULL) {
103: FREE(MEM_TYPE, servlet);
104: return (NULL);
105: }
106: memset(info, 0, sizeof(*info));
107: info->auth = auth;
108: info->arg = arg;
109: info->destroy = destroy;
110: servlet->arg = info;
111:
112: /* Done */
113: return (servlet);
114: }
115:
116: /*
117: * Execute authorization servlet.
118: */
119: static int
120: http_servlet_basicauth_run(struct http_servlet *servlet,
121: struct http_request *req, struct http_response *resp)
122: {
123: struct http_servlet_basicauth *const info = servlet->arg;
124: const char *username;
125: const char *password;
126: const char *realm;
127:
128: /* Get username and password */
129: if ((username = http_request_get_username(req)) == NULL)
130: username = "";
131: if ((password = http_request_get_password(req)) == NULL)
132: password = "";
133:
134: /* Check authorization and return error if it fails */
135: if ((realm = (*info->auth)(info->arg,
136: req, username, password)) != NULL) {
137: http_response_send_basic_auth(resp, realm);
138: return (1);
139: }
140:
141: /* Continue */
142: return (0);
143: }
144:
145: /*
146: * Destroy an auth servlet.
147: */
148: static void
149: http_servlet_basicauth_destroy(struct http_servlet *servlet)
150: {
151: struct http_servlet_basicauth *const info = servlet->arg;
152:
153: if (info->destroy != NULL)
154: (*info->destroy)(info->arg);
155: FREE(MEM_TYPE, servlet->arg);
156: FREE(MEM_TYPE, servlet);
157: }
158:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>