/*---------------------------------------------------------------------------*/
HTTPAuthenticationRealm * _HTTP_NewRealm (
const HTTP_CHAR* realmName,
const HTTP_CHAR* path,
HTTP_INT32 ttlSec,
HTTPAuthenticationScheme scheme
)
{
HTTPAuthenticationRealm * realm = (HTTPAuthenticationRealm *) rtp_malloc(sizeof(HTTPAuthenticationRealm));
if (realm)
{
tc_memset(realm, 0, sizeof(HTTPAuthenticationRealm));
if (realmName)
{
tc_strncpy(realm->realmName, realmName, HTTP_CFG_MAX_REALMNAME_LEN-1);
realm->realmName[HTTP_CFG_MAX_REALMNAME_LEN-1] = 0;
}
if (path)
{
tc_strncpy(realm->path, path, HTTP_CFG_MAX_PATH_LEN-1);
realm->path[HTTP_CFG_MAX_PATH_LEN-1] = 0;
}
else
{
realm->path[0] = 0;
}
realm->scheme = scheme;
}
return (realm);
}
/*---------------------------------------------------------------------------*/
void _HTTP_RealmUpdatePath (
HTTPAuthenticationRealm *realm,
const HTTP_CHAR* path
)
{
HTTP_INT32 n;
if (!realm->path[0])
{
tc_strncpy(realm->path, path, HTTP_CFG_MAX_PATH_LEN-1);
realm->path[HTTP_CFG_MAX_PATH_LEN-1] = 0;
return;
}
/* Find the longest prefix that both paths share and set that as the new path */
for (n=0; realm->path[n] == path[n]; n++)
{
if (!path[n] || !realm->path[n])
{
break;
}
}
realm->path[n] = 0;
}
/*---------------------------------------------------------------------------*/
void _HTTP_RealmSetPassword (
HTTPAuthenticationRealm *realm,
HTTP_CHAR* password
)
{
tc_strncpy(realm->password, password, HTTP_CFG_MAX_PASSWORD_LEN-1);
realm->password[HTTP_CFG_MAX_PASSWORD_LEN-1] = 0;
}
/*---------------------------------------------------------------------------*/
void _HTTP_RealmSetUser (
HTTPAuthenticationRealm *realm,
HTTP_CHAR* user
)
{
tc_strncpy(realm->userName, user, HTTP_CFG_MAX_USERNAME_LEN-1);
realm->userName[HTTP_CFG_MAX_USERNAME_LEN-1] = 0;
}
/*---------------------------------------------------------------------------*/
void _HTTP_RealmSetName (
HTTPAuthenticationRealm *realm,
HTTP_CHAR* name
)
{
tc_strncpy(realm->realmName, name, HTTP_CFG_MAX_REALMNAME_LEN-1);
realm->realmName[HTTP_CFG_MAX_REALMNAME_LEN-1] = 0;
}
/*---------------------------------------------------------------------------*/
HTTPAuthenticationHost * _HTTP_NewHost (
const HTTP_CHAR* hostName,
HTTP_UINT16 port
)
{
HTTPAuthenticationHost * host = (HTTPAuthenticationHost *) rtp_malloc(sizeof(HTTPAuthenticationHost));
if (host)
{
tc_memset(host, 0, sizeof(HTTPAuthenticationHost));
tc_strncpy(host->hostName, hostName, HTTP_CFG_MAX_HOSTNAME_LEN-1);
host->hostName[HTTP_CFG_MAX_HOSTNAME_LEN-1] = 0;
host->port = port;
DLLIST_INIT(&host->realmList);
}
return (host);
}
int wcRegisterMetaCallback(const char *pMetaName, HTMLMetaCallbackFn Callback)
{
#if (WEBC_CFG_META_TABLE_SIZE)
int i;
for (i=0; i<WEBC_CFG_META_TABLE_SIZE; i++)
{
if (gMetaCallbackTable[i].Callback == 0)
{
tc_strncpy(gMetaCallbackTable[i].pMetaName, pMetaName, WEBC_CFG_MAX_META_FUNCTION_NAMELEN-1);
gMetaCallbackTable[i].pMetaName[WEBC_CFG_MAX_META_FUNCTION_NAMELEN-1] = 0;
gMetaCallbackTable[i].Callback = Callback;
return (0);
}
}
#endif
return (-1);
}
/*---------------------------------------------------------------------------*/
HTTPAuthStatus _HTTP_AuthProcessChallenge (
HTTPAuthContext* ctx,
const HTTP_CHAR* host,
HTTP_UINT16 port,
const HTTP_CHAR* path,
HTTP_UINT32 authTimestamp,
const HTTP_CHAR* challenge,
HTTP_CHAR** realmName
)
{
HTTPAuthStatus status = HTTP_AUTH_STATUS_ERROR;
HTTPAuthenticationScheme scheme = HTTP_AUTHENTICATION_UNKNOWN;
HTTP_CHAR name[10], param[64];
/* The format of WWW-Authenticate is:
WWW-Authenticate: scheme (param)*\r\n
The schemes we recognize are "Basic" and "Digest
*/
HTTP_CLIENT_AUTH_API_ENTER(ctx);
// parse the scheme
while (IS_WHITESPACE(challenge[0]))
{
challenge++;
}
if (!tc_strncmp(challenge, "Basic", 5))
{
/* parse Basic authentication paramaters */
scheme = HTTP_AUTHENTICATION_BASIC;
challenge += 5;
}
else if (!tc_strncmp(challenge, "Digest", 6))
{
/* parse Basic authentication paramaters */
scheme = HTTP_AUTHENTICATION_DIGEST;
challenge += 6;
}
if (scheme != HTTP_AUTHENTICATION_UNKNOWN)
{
HTTP_INT32 paramLen = 0;
HTTP_CHAR* realmParam;
realmParam = tc_stristr(challenge, "realm");
/* first we must find and parse the realm parameter */
if (realmParam)
{
if (HTTP_ParseNameValuePair(realmParam, name, param, 10, 64) >= 0)
{
HTTPAuthenticationRealm *realm = _HTTP_GetAuthenticationRealm(ctx, host, port, param);
if (!realm)
{
realm = _HTTP_GetAuthenticationRealmByPath(ctx, host, port, path);
if (realm)
{
_HTTP_RealmSetName(realm, param);
}
}
if (realm)
{
status = HTTP_AUTH_STATUS_EXISTING_REJECTED;
_HTTP_RealmUpdatePath(realm, path);
if (scheme != realm->scheme)
{
realm->scheme = scheme;
realm->timestamp = ctx->currentTimestamp;
ctx->currentTimestamp++;
status = HTTP_AUTH_STATUS_RETRY_REQUEST;
}
else
{
if (HTTP_AUTH_TIMESTAMP_COMPARE(authTimestamp, realm->timestamp) < 0 &&
!realm->rejected)
{
/* if the request that has been rejected was sent before the authorization
was updated (and this authorization has not yet been rejected), then
try again */
status = HTTP_AUTH_STATUS_RETRY_REQUEST;
}
else
{
realm->rejected = 1;
}
}
}
else
{
status = HTTP_AUTH_STATUS_NONE_EXISTS;
realm = _HTTP_CreateAuthenticationRealm (
ctx,
host,
port,
path,
param,
300, /* set this one to live for 5 minutes (300 seconds) */
scheme
);
}
if (realmName)
{
*realmName = rtp_strdup(param);
}
if (realm && scheme != HTTP_AUTHENTICATION_BASIC)
{
/* now we know the realm; parse all remaining parameters
(if necessary according to the scheme being used */
if (scheme == HTTP_AUTHENTICATION_DIGEST)
{
realm->param.digest.qop = HTTP_QOP_NONE;
}
while (1)
{
paramLen = HTTP_ParseNameValuePair(challenge, name, param, 10, 64);
if (paramLen <= 0)
{
break;
}
/* process parameters according to scheme */
switch (scheme)
{
case HTTP_AUTHENTICATION_DIGEST:
if (!tc_stricmp(name, "domain"))
{
/* process domain URI */
/* tbd - add realms for each host specified here */
}
else if (!tc_stricmp(name, "nonce"))
{
/* set the server-assigned nonce */
if (realm->param.digest.serverNonce[0] == 0)
{
status = HTTP_AUTH_STATUS_RETRY_REQUEST;
}
tc_strncpy(realm->param.digest.serverNonce, param, HTTP_CFG_MAX_NONCE_LEN-1);
realm->param.digest.serverNonce[HTTP_CFG_MAX_NONCE_LEN-1] = 0;
}
else if (!tc_stricmp(name, "opaque"))
{
/* store the server's opaque value */
tc_strncpy(realm->param.digest.serverOpaque, param, HTTP_CFG_MAX_OPAQUE_LEN-1);
realm->param.digest.serverOpaque[HTTP_CFG_MAX_OPAQUE_LEN-1] = 0;
}
else if (!tc_stricmp(name, "stale"))
{
/* perform stale processing on this realm */
if (!tc_stricmp(param, "TRUE"))
{
status = HTTP_AUTH_STATUS_RETRY_REQUEST;
}
}
else if (!tc_stricmp(name, "algorithm"))
{
/* set the algorithm to use for this session */
/* tbd - we will only support MD5 algorithm for the initial release */
}
else if (!tc_stricmp(name, "qop"))
{
/* set quality of protection options */
int n;
realm->param.digest.qop = HTTP_QOP_UNRECOGNIZED;
for (n=0; n < HTTP_NUM_QOP_TYPES; n++)
{
if (!tc_stricmp(param, httpAuthQoPNames[n]))
{
realm->param.digest.qop = n;
}
}
}
break;
}
challenge += paramLen;
while (challenge[0] == ',' || challenge[0] == ' ')
{
challenge++;
}
}
}
}
}
}
ctx->currentTimestamp++;
HTTP_CLIENT_AUTH_API_EXIT(ctx);
return (status);
}
BBOOL Auth_RegisterUser (PFRTCHAR name, PFCHAR password)
{
byte i;
PUSERDATA user;
BBOOL rv = TRUE;
CLAIM_AUTH ();
for (i = 0; i < prtsmb_srv_ctx->max_users; i++)
{
if (prtsmb_srv_ctx->userList.users[i].inUse == FALSE)
{
user = &prtsmb_srv_ctx->userList.users[i];
break;
}
}
if (i == prtsmb_srv_ctx->max_users)
{
RTSMB_DEBUG_OUTPUT_STR ("Auth_RegisterUser exceeded max_users\n", RTSMB_DEBUG_TYPE_ASCII);
rv = FALSE;
}
if (rv)
{
rtsmb_char rtsmb_guest [CFG_RTSMB_MAX_USERNAME_SIZE + 1];
rtsmb_util_ascii_to_rtsmb (SMB_GUESTNAME, rtsmb_guest, CFG_RTSMB_USER_CODEPAGE);
if (!rtsmb_casecmp (name, rtsmb_guest, CFG_RTSMB_USER_CODEPAGE))
{
prtsmb_srv_ctx->guestAccount = i;
}
user->inUse = TRUE;
rtsmb_ncpy (user->name, name, CFG_RTSMB_MAX_USERNAME_SIZE);
if (password)
{
user->password = user->password_buf;
tc_memset (user->password, '\0', sizeof (user->password)); /* we want to pad it with nulls for encryption */
tc_strncpy (user->password, password, CFG_RTSMB_MAX_PASSWORD_SIZE);
}
else
{
user->password = (PFCHAR)0;
}
tc_memset (user->groups, FALSE, prtsmb_srv_ctx->max_groups);
}
RELEASE_AUTH ();
if (rv)
{
if (name)
{
RTSMB_DEBUG_OUTPUT_STR ("Auth_RegisterUser: Successfully registered user \" ", RTSMB_DEBUG_TYPE_ASCII);
RTSMB_DEBUG_OUTPUT_STR (name, RTSMB_DEBUG_TYPE_SYS_DEFINED);
if (password)
{
RTSMB_DEBUG_OUTPUT_STR (" \" with password ", RTSMB_DEBUG_TYPE_ASCII);
RTSMB_DEBUG_OUTPUT_STR (password, RTSMB_DEBUG_TYPE_ASCII);
}
RTSMB_DEBUG_OUTPUT_STR (".\n", RTSMB_DEBUG_TYPE_ASCII);
}
}
else
{
if (name)
{
RTSMB_DEBUG_OUTPUT_STR ("Auth_RegisterUser: Failed to register user \" ", RTSMB_DEBUG_TYPE_ASCII);
RTSMB_DEBUG_OUTPUT_STR (name, RTSMB_DEBUG_TYPE_SYS_DEFINED);
if (password)
{
RTSMB_DEBUG_OUTPUT_STR (" \" with password ", RTSMB_DEBUG_TYPE_ASCII);
RTSMB_DEBUG_OUTPUT_STR (password, RTSMB_DEBUG_TYPE_ASCII);
}
RTSMB_DEBUG_OUTPUT_STR (".\n", RTSMB_DEBUG_TYPE_ASCII);
}
}
#if (DISPLAY_USERS)
if (rv == RTP_TRUE)
{
smbs_display_users();
}
#endif
return rv;
}
int wcache_init(struct wcache_ctx *cc, const char *cachePrefix, long size,
long maxFiles, const struct wcache_system_spec *spec,
void *sysPtr)
{
void *fp;
char indexfile[WEBC_CACHE_MAX_PATH_LEN];
int index;
struct wcache_entry *entry;
int resetCache = 1;
char keyTemp[WEBC_CACHE_MAX_KEY_LEN+1];
tc_strcpy(indexfile, cachePrefix);
tc_strcat(indexfile, "index.dat");
if (spec->sys_open(sysPtr, indexfile, &fp, WEBC_CO_READ) >= 0)
{
if (spec->sys_read(sysPtr, fp, (WEBC_PFBYTE) cc, sizeof(struct wcache_ctx)) < sizeof(struct wcache_ctx))
{
spec->sys_close(sysPtr, fp);
spec->sys_remove(sysPtr, indexfile);
}
else
{
long entrySize = sizeof(struct wcache_entry) - sizeof(char *);
cc->index = 0;
cc->lru = 0;
for (index=0; index < cc->numFiles; index++)
{
entry = (struct wcache_entry *) WEBC_MALLOC(sizeof(struct wcache_entry));
if (!entry)
{
wcache_free(cc);
resetCache = 1;
break;
}
if (spec->sys_read(sysPtr, fp, (WEBC_PFBYTE) entry, entrySize) < entrySize)
{
wcache_free(cc);
resetCache = 1;
break;
}
entry->keyLen = EBSMIN(entry->keyLen, WEBC_CACHE_MAX_KEY_LEN - 1);
spec->sys_read(sysPtr, fp, (WEBC_PFBYTE) keyTemp, entry->keyLen*sizeof(char));
keyTemp[entry->keyLen] = '\0';
entry->key = webc_malloc_string_copy_8(keyTemp, __FILE__, __LINE__);
if (!entry->key)
{
WEBC_FREE(entry);
entry = 0;
wcache_free(cc);
resetCache = 1;
break;
}
entry->next = 0;
entry->prev = 0;
INSERT_FRONT_CACHE(cc,entry);
}
if (index == cc->numFiles)
{
resetCache = 0;
}
spec->sys_close(sysPtr, fp);
}
}
// just copy the system spec directly
cc->spec = *spec;
cc->sysPtr = sysPtr;
if (resetCache)
{
// no index exists; create one
tc_strncpy(cc->cachePrefix, cachePrefix, WEBC_CACHE_MAX_PREFIX_LEN-1);
cc->cachePrefix[WEBC_CACHE_MAX_PREFIX_LEN-1] = 0;
cc->bytesMax = size;
cc->bytesUsed = sizeof(wcache_ctx);
cc->numFiles = 0;
cc->maxFiles = maxFiles;
cc->initialized = 1;
cc->index = 0;
cc->lru = 0;
wcache_flush(cc);
}
return (0);
}
