ret_t
cherokee_validator_htdigest_check (cherokee_validator_htdigest_t *htdigest,
cherokee_connection_t *conn)
{
ret_t ret;
cherokee_buffer_t *fpass;
cherokee_buffer_t file = CHEROKEE_BUF_INIT;
/* Ensure that we have all what we need
*/
if ((conn->validator == NULL) ||
cherokee_buffer_is_empty (&conn->validator->user))
return ret_error;
/* Get the full path to the file
*/
ret = cherokee_validator_file_get_full_path (VFILE(htdigest), conn, &fpass,
&CONN_THREAD(conn)->tmp_buf1);
if (ret != ret_ok) {
ret = ret_error;
goto out;
}
/* Read the whole file
*/
ret = cherokee_buffer_read_file (&file, fpass->buf);
if (ret != ret_ok) {
ret = ret_error;
goto out;
}
/* Authenticate
*/
if (conn->req_auth_type & http_auth_basic) {
ret = validate_basic (htdigest, conn, &file);
} else if (conn->req_auth_type & http_auth_digest) {
ret = validate_digest (htdigest, conn, &file);
} else {
SHOULDNT_HAPPEN;
}
out:
cherokee_buffer_mrproper (&file);
return ret;
}
ret_t
cherokee_validator_plain_check (cherokee_validator_plain_t *plain,
cherokee_connection_t *conn)
{
int re;
ret_t ret;
const char *p;
const char *end;
cherokee_buffer_t *fpass;
cherokee_buffer_t file = CHEROKEE_BUF_INIT;
cherokee_buffer_t buser = CHEROKEE_BUF_INIT;
cherokee_buffer_t bpass = CHEROKEE_BUF_INIT;
/* Sanity check */
if (unlikely ((conn->validator == NULL) ||
cherokee_buffer_is_empty(&conn->validator->user))) {
return ret_error;
}
/* Get the full path to the file */
ret = cherokee_validator_file_get_full_path (VFILE(plain), conn, &fpass,
&CONN_THREAD(conn)->tmp_buf1);
if (ret != ret_ok) {
ret = ret_error;
goto out;
}
/* Read its contents */
ret = cherokee_buffer_read_file (&file, fpass->buf);
if (ret != ret_ok) {
ret = ret_error;
goto out;
}
if (! cherokee_buffer_is_ending(&file, '\n'))
cherokee_buffer_add_str (&file, "\n");
p = file.buf;
end = file.buf + file.len;
while (p < end) {
char *eol;
char *colon;
/* Look for the EOL
*/
eol = strchr (p, '\n');
if (eol == NULL) {
ret = ret_ok;
goto out;
}
*eol = '\0';
/* Skip comments
*/
if (p[0] == '#')
goto next;
colon = strchr (p, ':');
if (colon == NULL) {
goto next;
}
/* Is it the right user?
*/
cherokee_buffer_clean (&buser);
cherokee_buffer_add (&buser, p, colon - p);
re = cherokee_buffer_cmp_buf (&buser, &conn->validator->user);
if (re != 0)
goto next;
/* Check the password
*/
cherokee_buffer_clean (&bpass);
cherokee_buffer_add (&bpass, colon+1, eol - (colon+1));
switch (conn->req_auth_type) {
case http_auth_basic:
/* Empty password
*/
if (cherokee_buffer_is_empty (&bpass) &&
cherokee_buffer_is_empty (&conn->validator->passwd)) {
ret = ret_ok;
goto out;
}
/* Check the passwd
*/
re = cherokee_buffer_cmp_buf (&bpass, &conn->validator->passwd);
if (re != 0)
ret = ret_deny;
goto out;
case http_auth_digest:
ret = cherokee_validator_digest_check (VALIDATOR(plain), &bpass, conn);
goto out;
default:
SHOULDNT_HAPPEN;
}
/* A user entry has been tested and failed
*/
ret = ret_deny;
goto out;
next:
p = eol + 1;
/* Reached the end without success
*/
if (p >= end) {
ret = ret_deny;
goto out;
}
}
out:
cherokee_buffer_mrproper (&file);
cherokee_buffer_mrproper (&buser);
cherokee_buffer_mrproper (&bpass);
return ret;
}
