/* Examine a Basic auth challenge.
* Returns 0 if an valid challenge, else non-zero. */
static int
basic_challenge(http_auth_session *sess, struct http_auth_chall *parms)
{
char *tmp, *password;
/* Verify challenge... must have a realm */
if (parms->realm == NULL) {
return -1;
}
DEBUG(DEBUG_HTTPAUTH, "Got Basic challenge with realm [%s]\n",
parms->realm);
clean_session(sess);
sess->unq_realm = shave_string(parms->realm, '"');
if (get_credentials(sess, &password)) {
/* Failed to get credentials */
HTTP_FREE(sess->unq_realm);
return -1;
}
sess->scheme = http_auth_scheme_basic;
CONCAT3(tmp, sess->username, ":", password?password:"");
sess->basic = base64(tmp);
free(tmp);
HTTP_FREE(password);
return 0;
}
static void clean_session(http_auth_session *sess)
{
sess->can_handle = 0;
HTTP_FREE(sess->basic);
HTTP_FREE(sess->unq_realm);
HTTP_FREE(sess->unq_nonce);
HTTP_FREE(sess->unq_cnonce);
HTTP_FREE(sess->opaque);
HTTP_FREE(sess->username);
if (sess->domain_count > 0) {
split_string_free(sess->domain);
sess->domain_count = 0;
}
}
/* Examine a digest challenge: return 0 if it is a valid Digest challenge,
* else non-zero. */
static int digest_challenge(http_auth_session *sess,
struct http_auth_chall *parms)
{
struct md5_ctx tmp;
unsigned char tmp_md5[16];
char *password;
/* Do we understand this challenge? */
if (parms->alg == http_auth_alg_unknown) {
DEBUG(DEBUG_HTTPAUTH, "Unknown algorithm.\n");
return -1;
}
if ((parms->alg == http_auth_alg_md5_sess) &&
!(parms->qop_auth || parms->qop_auth_int)) {
DEBUG(DEBUG_HTTPAUTH, "Server did not give qop with MD5-session alg.\n");
return -1;
}
if ((parms->realm==NULL) || (parms->nonce==NULL)) {
DEBUG(DEBUG_HTTPAUTH, "Challenge missing nonce or realm.\n");
return -1;
}
if (parms->stale) {
/* Just a stale response, don't need to get a new username/password */
DEBUG(DEBUG_HTTPAUTH, "Stale digest challenge.\n");
} else {
/* Forget the old session details */
DEBUG(DEBUG_HTTPAUTH, "In digest challenge.\n");
clean_session(sess);
sess->unq_realm = shave_string(parms->realm, '"');
/* Not a stale response: really need user authentication */
if (get_credentials(sess, &password)) {
/* Failed to get credentials */
HTTP_FREE(sess->unq_realm);
return -1;
}
}
sess->alg = parms->alg;
sess->scheme = http_auth_scheme_digest;
sess->unq_nonce = shave_string(parms->nonce, '"');
sess->unq_cnonce = get_cnonce();
if (parms->domain) {
if (parse_domain(sess, parms->domain)) {
/* TODO: Handle the error? */
}
} else {
sess->domain = NULL;
sess->domain_count = 0;
}
if (parms->opaque != NULL) {
sess->opaque = ne_strdup(parms->opaque); /* don't strip the quotes */
}
if (parms->got_qop) {
/* What type of qop are we to apply to the message? */
DEBUG(DEBUG_HTTPAUTH, "Got qop directive.\n");
sess->nonce_count = 0;
if (parms->qop_auth_int) {
sess->qop = http_auth_qop_auth_int;
} else {
sess->qop = http_auth_qop_auth;
}
} else {
/* No qop at all/ */
sess->qop = http_auth_qop_none;
}
if (!parms->stale) {
/* Calculate H(A1).
* tmp = H(unq(username-value) ":" unq(realm-value) ":" passwd)
*/
DEBUG(DEBUG_HTTPAUTH, "Calculating H(A1).\n");
md5_init_ctx(&tmp);
md5_process_bytes(sess->username, strlen(sess->username), &tmp);
md5_process_bytes(":", 1, &tmp);
md5_process_bytes(sess->unq_realm, strlen(sess->unq_realm), &tmp);
md5_process_bytes(":", 1, &tmp);
if (password != NULL)
md5_process_bytes(password, strlen(password), &tmp);
md5_finish_ctx(&tmp, tmp_md5);
if (sess->alg == http_auth_alg_md5_sess) {
unsigned char a1_md5[16];
struct md5_ctx a1;
char tmp_md5_ascii[33];
/* Now we calculate the SESSION H(A1)
* A1 = H(...above...) ":" unq(nonce-value) ":" unq(cnonce-value)
*/
md5_to_ascii(tmp_md5, tmp_md5_ascii);
md5_init_ctx(&a1);
md5_process_bytes(tmp_md5_ascii, 32, &a1);
md5_process_bytes(":", 1, &a1);
md5_process_bytes(sess->unq_nonce, strlen(sess->unq_nonce), &a1);
md5_process_bytes(":", 1, &a1);
md5_process_bytes(sess->unq_cnonce, strlen(sess->unq_cnonce), &a1);
md5_finish_ctx(&a1, a1_md5);
md5_to_ascii(a1_md5, sess->h_a1);
DEBUG(DEBUG_HTTPAUTH, "Session H(A1) is [%s]\n", sess->h_a1);
} else {
md5_to_ascii(tmp_md5, sess->h_a1);
DEBUG(DEBUG_HTTPAUTH, "H(A1) is [%s]\n", sess->h_a1);
}
HTTP_FREE(password);
}
DEBUG(DEBUG_HTTPAUTH, "I like this Digest challenge.\n");
return 0;
}
void uri_free(struct uri *uri)
{
HTTP_FREE(uri->host);
HTTP_FREE(uri->path);
HTTP_FREE(uri->scheme);
}
static int p_ioctl(int index, struct inode* inode, struct file* filp, unsigned int cmd, unsigned long arg)
{
context *ct = filp->private_data;
pipe_file *pp = &(pipes[index]);
tell_inf t_inf;
size_inf s_inf;
#ifdef KRSA
krsa_arg rsa;
unsigned char *input = NULL, output[MAX_RSA_MODULUS_LEN];
unsigned int inputlen = 0, outputlen = 0;
#endif
int err = 0, ret = 0, i;
if(!capable(CAP_SYS_ADMIN)) return -EPERM;
if(_IOC_TYPE(cmd) != P_IOCMAGIC) return -ENOTTY;
if(_IOC_DIR(cmd) & _IOC_READ) {
err = !access_ok(VERIFY_WRITE, (void *)arg, _IOC_SIZE(cmd));
}
else if(_IOC_DIR(cmd) & _IOC_WRITE) {
err = !access_ok(VERIFY_READ, (void *)arg, _IOC_SIZE(cmd));
}
if(err) return -EFAULT;
Down(index);
switch(cmd) {
case P_IOCCLEAR:
dev_flush(&(pp->device));
for(i=0; i<=CONTEXT; i++) {
((pp->ct)[i]).hotp = NULL;
}
break;
case P_IOCRESET:
memset(pp->ct, 0, sizeof(context)*(CONTEXT+1));
#ifdef __PIPE_SELECT__
pp->r_poll = 1;
pp->r_pos = 0;
#endif
for(i=0; i<=CONTEXT; i++) {
((pp->ct)[i]).r_able = 1;
((pp->ct)[i]).w_able = 1;
}
RELEASE(index) = 0; WRITERS(index) = 0;
dev_flush(&(pp->device));
(pp->device).ctp = pp->ct;
(pp->device).pred = 2*BUFF_SIZE;
#ifdef KERNEL_PIPE
pipeType[index]=PIPE_TYPE_USER_THREAD;
#endif
break;
case P_IOCSIZE:
if(copy_from_user((char*)&s_inf, (char*)arg, sizeof(size_inf))) {
ret = (-EFAULT); goto my_error;
}
#ifndef CONFIG_PROC_PIPE_64_BITS_SUPPORT
#ifndef CONFIG_PROC_PIPE_KERNEL_SUPPORT_64_BITS
if(s_inf.mdas > 0xFFFFFFFFF || s_inf.idxs > 0xFFFFFFFF) {
ret = (-EFAULT); goto my_error;
}
#endif
(pp->mda)->size = s_inf.mdas;
(pp->idx)->size = s_inf.idxs;
#else // !CONFIG_PROC_PIPE_64_BITS_SUPPORT
#if 0
(pp->mda)->size = s_inf.mdas;
(pp->idx)->size = s_inf.idxs;
#else
(pp->mda)->size = 0;
(pp->idx)->size = 0;
#endif
pp->mda_size = s_inf.mdas;
pp->idx_size = s_inf.idxs;
#endif // !CONFIG_PROC_PIPE_64_BITS_SUPPORT
for(i=0; i<CONTEXT; i++) {
((pp->ct)[i]).epos = s_inf.mdas;
}
((pp->ct)[CONTEXT]).bpos = s_inf.dats;
((pp->ct)[CONTEXT]).epos = s_inf.dats + s_inf.idxs;
((pp->ct)[CONTEXT]).seek = s_inf.dats;
break;
case P_IOCREVS:
((pp->ct)[CONTEXT]).reverse = *((int*)arg);
break;
case P_IOCTELL:
t_inf.seek = filp->f_pos;
t_inf.size = (BPOS(ct))?(BUFF_SIZE):(SIZE(ct));
if(copy_to_user((char*)arg, (char*)&t_inf, sizeof(tell_inf))) {
ret = (-EFAULT); goto my_error;
}
break;
case P_IOCRELS:
RELEASE(index) = 1;
wake_up_interruptible(&(RQ(index)));
wake_up_interruptible(&(WQ(index)));
break;
case P_IOCPRED:
(pp->device).pred = *((size_t*)arg);
break;
#ifdef KRSA
case P_IOCKRSA:
if(copy_from_user((char*)&rsa, (char*)arg, sizeof(krsa_arg))) {
ret = (-EFAULT); goto my_error;
}
if(!access_ok(VERIFY_READ, (void *)(rsa.len), sizeof(unsigned int))) {
ret = (-EFAULT); goto my_error;
}
if(copy_from_user((char*)&inputlen, (char*)(rsa.len), sizeof(unsigned int))) {
ret = (-EFAULT); goto my_error;
}
if(!(input = kmalloc(inputlen, GFP_KERNEL))) {
ret = (-EFAULT); goto my_error;
}
if(!access_ok(VERIFY_READ, (void *)(rsa.buf), inputlen)) {
ret = (-EFAULT); goto my_error;
}
if(copy_from_user((char*)input, (char*)(rsa.buf), inputlen)) {
ret = (-EFAULT); goto my_error;
}
if(RSAPrivateBlock(output, &outputlen, input, inputlen, &(rsa.key))) {
ret = (-EFAULT); goto my_error;
}
if(!access_ok(VERIFY_WRITE, (void *)(rsa.buf), outputlen)) {
ret = (-EFAULT); goto my_error;
}
if(copy_to_user((char*)(rsa.buf), (char*)output, outputlen)) {
ret = (-EFAULT); goto my_error;
}
if(!access_ok(VERIFY_WRITE, (void *)(rsa.len), sizeof(unsigned int))) {
ret = (-EFAULT); goto my_error;
}
if(copy_to_user((char*)(rsa.len), (char*)&outputlen, sizeof(unsigned int))) {
ret = (-EFAULT); goto my_error;
}
break;
#endif
#ifdef KERNEL_PIPE
case P_IOCPIPETYPE:
{
int val;
get_user(val,(int *)arg);
if(val<0) {
ret= -EFAULT;
break;
}
#ifdef NO_KERNEL_PIPE_THREAD
if(val<=PIPE_TYPE_KERNEL_DIRECT)
#else
if(val<=PIPE_TYPE_KERNEL_THREAD)
#endif
pipeType[index]=val;
else
ret= -EFAULT;
}
break;
case P_IOCPIPESTART:
{
// int len;
kpipe_setup userPath;
kpipe_setup *pipeSetup;
pipe_thread *pipeThread;
DECLARE_WAIT_QUEUE_HEAD(WQ);
copy_from_user(&userPath,(kpipe_setup *)arg,sizeof(kpipe_setup));
pipeSetup=pipeManage.threads[index].pipeSetup;
pipeThread=&(pipeManage.threads[index]);
//select a default pipe type.
if(pipeType[index]==PIPE_TYPE_USER_THREAD)
pipeType[index]=defaultPipeType;
if(pipeType[index]!=PIPE_TYPE_KERNEL_THREAD && pipeType[index]!=PIPE_TYPE_KERNEL_DIRECT)
pipeType[index]=PIPE_TYPE_KERNEL_DIRECT;
//pipe_type_kernel_direct doesn't support local file.
#ifdef NO_KERNEL_PIPE_THREAD
if(pipeType[index]==PIPE_TYPE_KERNEL_DIRECT) {
if(userPath.type>PIPE_KP) {
ret = -EFAULT;
break;
}
}
#endif
if(*(pipeSetup->host)) //if it has used already? a.dma or a.index.
pipeSetup++;
if(*(pipeSetup->host)) {
HDEBUG("no pipeSetup\n");
ret = -EFAULT;
break;
}
pipeThread->index = index; //a or b.
pipeSetup->index = index;
// copy_from_user(&pipeSetup->nums,&userPath.nums,1);
pipeSetup->nums = userPath.nums;
// copy_from_user(&pipeSetup->size,&((kpipe_setup *)arg)->size,sizeof(int));
pipeSetup->size = userPath.size;
// copy_from_user(&httpThread->type,&((kpipe_setup *)arg)->type,1);
pipeThread->type = userPath.type; //close or keep alive.
memcpy(pipeSetup->host,userPath.host,16);
memcpy(pipeSetup->procfile,userPath.procfile,16);
if(!strcmp(pipeSetup->procfile+strlen("/proc/a."),"mda")) {
pipeSetup->pathIndex = MEDIA_PATH_NUM; //dma or index.
} else {
pipeSetup->pathIndex = INDEX_PATH_NUM;
}
// pipeSetup->host=HTTP_MALLOC(strlen(userPath->host)+1);
pipeSetup->path=HTTP_MALLOC(userPath.pathSize);
// pipeSetup->sessionid=HTTP_MALLOC(((kpipe_setup *)arg)->sessionidSize);
if(!pipeSetup->path) {
// no memroy.
}
copy_from_user(pipeSetup->path,userPath.path,userPath.pathSize);
if(userPath.sessionid){
pipeSetup->sessionid=HTTP_MALLOC(userPath.sessionidSize);
copy_from_user(pipeSetup->sessionid,userPath.sessionid,userPath.sessionidSize);
}
// copy_from_user(&(pipeSetup->port),&userPath.port),sizeof(short));
pipeSetup->port = userPath.port;
// copy_from_user(&(pipeSetup->protection),&(((kpipe_setup *)arg)->protection),sizeof(int));
pipeSetup->protection = userPath.protection;
HDEBUG("ioctl:%s %d:%s\n",pipeSetup->host,pipeSetup->port,pipeSetup->path);
//pipeManage.starts[index][pipeSetup->index].start=1;
if(pipeType[index]==PIPE_TYPE_KERNEL_THREAD) {
down_interruptible(&(pipeManage.semaphore));
atomic_set(&(pipeManage.starts[index][pipeSetup->pathIndex]),1); //start kernel_thread.
//to wakeup manage thread.
while(pipeManage.change) {
interruptible_sleep_on_timeout(&WQ,5);
}
pipeManage.change=1;
up(&(pipeManage.semaphore));
wake_up_interruptible(&(pipeManage.wq));
}
}
break;
case P_IOCPIPESTOP:
{
pipe_thread *thread=&(pipeManage.threads[index]);
int i;
DECLARE_WAIT_QUEUE_HEAD(WQ);
RELEASE(index) = 1;
if(pipeType[index]==PIPE_TYPE_KERNEL_THREAD) {
wake_up_interruptible(&(RQ(index)));
wake_up_interruptible(&(WQ(index)));
down_interruptible(&(pipeManage.semaphore));
atomic_set(&(pipeManage.stops[index]),1);
//to wakeup manage thread.
while(pipeManage.change) {
interruptible_sleep_on_timeout(&WQ,5);
}
pipeManage.change = 1;
up(&(pipeManage.semaphore));
wake_up_interruptible(&(pipeManage.wq));
}
else {
for(i=0;i<END_PATH_NUM;i++) {
if(thread->pipeSetup[i].path) {
HTTP_FREE(thread->pipeSetup[i].path);
if(thread->pipeSetup[i].sessionid)
HTTP_FREE(thread->pipeSetup[i].sessionid);
memset(&(thread->pipeSetup[i]),0,sizeof(kpipe_setup));
}
}
}
}
break;
#endif
default:
ret = (-ENOTTY);
}
my_error:
#ifdef KRSA
if(input) kfree(input);
#endif
Up(index);
return ret;
}
/*---------------------------------------------------------------------------*/
void _HTTP_FreeVirtualFileInfo (HTTPVirtualFileInfo *vfile)
{
HTTP_FREE(vfile);
}
/*---------------------------------------------------------------------------*/
void _HTTP_FreeServerPath (HTTPServerPath *path)
{
HTTP_FREE(path);
}
/*---------------------------------------------------------------------------*/
void _HTTP_FreeServerAuthRealm (HTTPServerAuthRealm *realm)
{
HTTP_FREE(realm);
}