static void auth_basic_free(liServer *srv, gpointer param) {
AuthBasicData *bdata = param;
AuthFile *afd = bdata->data;
UNUSED(srv);
g_string_free(bdata->realm, TRUE);
auth_file_free(afd);
g_slice_free(AuthBasicData, bdata);
}
static AuthFile* auth_file_new(liWorker *wrk, const GString *path, gboolean has_realm, gint ttl) {
AuthFile* f = g_slice_new0(AuthFile);
f->path = g_string_new_len(GSTR_LEN(path));
f->has_realm = has_realm;
f->ttl = ttl;
f->next_check = ev_now(wrk->loop) + ttl;
f->lock = g_mutex_new();
if (NULL == (f->data = auth_file_load(wrk->srv, f))) {
auth_file_free(f);
return NULL;
}
return f;
}
static liAction* auth_generic_create(liServer *srv, liWorker *wrk, liPlugin* p, liValue *val, const char *actname, AuthBasicBackend basic_action, gboolean has_realm) {
AuthFile *afd;
liValue *method = NULL, *realm = NULL, *file = NULL;
gint ttl = 10;
GHashTableIter it;
gpointer pkey, pvalue;
if (!val || val->type != LI_VALUE_HASH) {
ERROR(srv, "%s expects a hashtable with at least 3 elements: method, realm and file", actname);
return NULL;
}
g_hash_table_iter_init(&it, val->data.hash);
while (g_hash_table_iter_next(&it, &pkey, &pvalue)) {
GString *key = pkey;
liValue *value = pvalue;
if (g_string_equal(key, &aon_method)) {
if (value->type != LI_VALUE_STRING) {
ERROR(srv, "auth option '%s' expects string as parameter", aon_method.str);
return NULL;
}
method = value;
} else if (g_string_equal(key, &aon_realm)) {
if (value->type != LI_VALUE_STRING) {
ERROR(srv, "auth option '%s' expects string as parameter", aon_realm.str);
return NULL;
}
realm = value;
} else if (g_string_equal(key, &aon_file)) {
if (value->type != LI_VALUE_STRING) {
ERROR(srv, "auth option '%s' expects string as parameter", aon_file.str);
return NULL;
}
file = value;
} else if (g_string_equal(key, &aon_ttl)) {
if (value->type != LI_VALUE_NUMBER || value->data.number < 0) {
ERROR(srv, "auth option '%s' expects non-negative number as parameter", aon_ttl.str);
return NULL;
}
ttl = value->data.number;
}
}
if (NULL == method || NULL == realm || NULL == file) {
ERROR(srv, "%s expects a hashtable with 3 elements: method, realm and file", actname);
return NULL;
}
if (!g_str_equal(method->data.string->str, "basic") && !g_str_equal(method->data.string->str, "digest")) {
ERROR(srv, "%s: unknown method: %s", actname, method->data.string->str);
return NULL;
}
if (g_str_equal(method->data.string->str, "digest")) {
ERROR(srv, "%s: digest authentication not implemented yet", actname);
return NULL;
}
/* load users from file */
afd = auth_file_new(wrk, file->data.string, has_realm, ttl);
if (!afd)
return FALSE;
if (g_str_equal(method->data.string->str, "basic")) {
AuthBasicData *bdata;
bdata = g_slice_new(AuthBasicData);
bdata->p = p;
bdata->realm = li_value_extract_string(realm);
bdata->backend = basic_action;
bdata->data = afd;
return li_action_new_function(auth_basic, NULL, auth_basic_free, bdata);
} else {
auth_file_free(afd);
return NULL; /* li_action_new_function(NULL, NULL, auth_backend_plain_free, ad); */
}
}
static liAction* auth_generic_create(liServer *srv, liWorker *wrk, liPlugin* p, liValue *val, const char *actname, AuthBasicBackend basic_action, gboolean has_realm) {
AuthFile *afd;
GString *method = NULL, *file = NULL;
liValue *realm = NULL;
gboolean have_ttl_parameter = FALSE;
gint ttl = 10;
val = li_value_get_single_argument(val);
if (NULL == (val = li_value_to_key_value_list(val))) {
ERROR(srv, "%s expects a hashtable/key-value list with at least 3 elements: method, realm and file", actname);
return NULL;
}
LI_VALUE_FOREACH(entry, val)
liValue *entryKey = li_value_list_at(entry, 0);
liValue *entryValue = li_value_list_at(entry, 1);
GString *entryKeyStr;
if (LI_VALUE_NONE == li_value_type(entryKey)) {
ERROR(srv, "%s doesn't take default keys", actname);
return NULL;
}
entryKeyStr = entryKey->data.string; /* keys are either NONE or STRING */
if (g_string_equal(entryKeyStr, &aon_method)) {
if (LI_VALUE_STRING != li_value_type(entryValue)) {
ERROR(srv, "auth option '%s' expects string as parameter", entryKeyStr->str);
return NULL;
}
if (NULL != method) {
ERROR(srv, "duplicate auth option '%s'", entryKeyStr->str);
return NULL;
}
method = entryValue->data.string;
} else if (g_string_equal(entryKeyStr, &aon_realm)) {
if (LI_VALUE_STRING != li_value_type(entryValue)) {
ERROR(srv, "auth option '%s' expects string as parameter", entryKeyStr->str);
return NULL;
}
if (NULL != realm) {
ERROR(srv, "duplicate auth option '%s'", entryKeyStr->str);
return NULL;
}
realm = entryValue;
} else if (g_string_equal(entryKeyStr, &aon_file)) {
if (LI_VALUE_STRING != li_value_type(entryValue)) {
ERROR(srv, "auth option '%s' expects string as parameter", entryKeyStr->str);
return NULL;
}
if (NULL != file) {
ERROR(srv, "duplicate auth option '%s'", entryKeyStr->str);
return NULL;
}
file = entryValue->data.string;
} else if (g_string_equal(entryKeyStr, &aon_ttl)) {
if (LI_VALUE_NUMBER != li_value_type(entryValue) || entryValue->data.number < 0) {
ERROR(srv, "auth option '%s' expects non-negative number as parameter", entryKeyStr->str);
return NULL;
}
if (have_ttl_parameter) {
ERROR(srv, "duplicate auth option '%s'", entryKeyStr->str);
return NULL;
}
have_ttl_parameter = TRUE;
ttl = entryValue->data.number;
} else {
ERROR(srv, "unknown auth option '%s'", entryKeyStr->str);
return NULL;
}
LI_VALUE_END_FOREACH()
if (NULL == method || NULL == realm || NULL == file) {
ERROR(srv, "%s expects a hashtable/key-value list with 3 elements: method, realm and file", actname);
return NULL;
}
if (!g_str_equal(method->str, "basic") && !g_str_equal(method->str, "digest")) {
ERROR(srv, "%s: unknown method: %s", actname, method->str);
return NULL;
}
if (g_str_equal(method->str, "digest")) {
ERROR(srv, "%s: digest authentication not implemented yet", actname);
return NULL;
}
/* load users from file */
afd = auth_file_new(wrk, file, has_realm, ttl);
if (!afd)
return FALSE;
if (g_str_equal(method->str, "basic")) {
AuthBasicData *bdata;
bdata = g_slice_new(AuthBasicData);
bdata->p = p;
bdata->realm = li_value_extract_string(realm);
bdata->backend = basic_action;
bdata->data = afd;
return li_action_new_function(auth_basic, NULL, auth_basic_free, bdata);
} else {
auth_file_free(afd);
return NULL; /* li_action_new_function(NULL, NULL, auth_backend_plain_free, ad); */
}
}
