static void
authBasicParse(authScheme * scheme, int n_configured, char *param_str)
{
if (scheme->scheme_data == NULL) {
assert(basicConfig == NULL);
/* this is the first param to be found */
scheme->scheme_data = xmalloc(sizeof(auth_basic_config));
memset(scheme->scheme_data, 0, sizeof(auth_basic_config));
basicConfig = scheme->scheme_data;
basicConfig->basicAuthRealm = xstrdup("Squid proxy-caching web server");
basicConfig->authenticateChildren = 5;
basicConfig->credentialsTTL = 2 * 60 * 60; /* two hours */
}
basicConfig = scheme->scheme_data;
if (strcasecmp(param_str, "program") == 0) {
if (basicConfig->authenticate)
wordlistDestroy(&basicConfig->authenticate);
parse_wordlist(&basicConfig->authenticate);
} else if (strcasecmp(param_str, "children") == 0) {
parse_int(&basicConfig->authenticateChildren);
} else if (strcasecmp(param_str, "concurrency") == 0) {
parse_int(&basicConfig->authenticateConcurrency);
} else if (strcasecmp(param_str, "realm") == 0) {
parse_eol(&basicConfig->basicAuthRealm);
} else if (strcasecmp(param_str, "credentialsttl") == 0) {
parse_time_t(&basicConfig->credentialsTTL);
} else if (strcasecmp(param_str, "casesensitive") == 0) {
parse_onoff(&basicConfig->casesensitive);
} else if (strcasecmp(param_str, "blankpassword") == 0) {
parse_onoff(&basicConfig->blankpassword);
} else {
debug(29, 0) ("unrecognised basic auth scheme parameter '%s'\n", param_str);
}
}
static void
authDigestParse(authScheme * scheme, int n_configured, char *param_str)
{
if (scheme->scheme_data == NULL) {
assert(digestConfig == NULL);
/* this is the first param to be found */
scheme->scheme_data = xmalloc(sizeof(auth_digest_config));
memset(scheme->scheme_data, 0, sizeof(auth_digest_config));
digestConfig = scheme->scheme_data;
digestConfig->authenticateChildren = 5;
digestConfig->digestAuthRealm = xstrdup("Squid proxy-caching web server");
/* 5 minutes */
digestConfig->nonceGCInterval = 5 * 60;
/* 30 minutes */
digestConfig->noncemaxduration = 30 * 60;
/* 50 requests */
digestConfig->noncemaxuses = 50;
/* Not strict nonce count behaviour */
digestConfig->NonceStrictness = 0;
/* Verify nonce count */
digestConfig->CheckNonceCount = 1;
digestConfig->PostWorkaround = 0;
}
digestConfig = scheme->scheme_data;
if (strcasecmp(param_str, "program") == 0) {
if (digestConfig->authenticate)
wordlistDestroy(&digestConfig->authenticate);
parse_wordlist(&digestConfig->authenticate);
requirePathnameExists("authparam digest program", digestConfig->authenticate->key);
} else if (strcasecmp(param_str, "children") == 0) {
parse_int(&digestConfig->authenticateChildren);
} else if (strcasecmp(param_str, "realm") == 0) {
parse_eol(&digestConfig->digestAuthRealm);
} else if (strcasecmp(param_str, "nonce_garbage_interval") == 0) {
parse_time_t(&digestConfig->nonceGCInterval);
} else if (strcasecmp(param_str, "nonce_max_duration") == 0) {
parse_time_t(&digestConfig->noncemaxduration);
} else if (strcasecmp(param_str, "nonce_max_count") == 0) {
parse_int(&digestConfig->noncemaxuses);
} else if (strcasecmp(param_str, "nonce_strictness") == 0) {
parse_onoff(&digestConfig->NonceStrictness);
} else if (strcasecmp(param_str, "check_nonce_count") == 0) {
parse_onoff(&digestConfig->CheckNonceCount);
} else if (strcasecmp(param_str, "post_workaround") == 0) {
parse_onoff(&digestConfig->PostWorkaround);
} else {
debug(28, 0) ("unrecognised digest auth scheme parameter '%s'\n", param_str);
}
}
void s3d_fnt_load_info(s3d_fnt_info *info, const char *path) {
{
info->line_height = -1;
info->chars = 0;
}
int ichar = -1;
static char path_buf[PATH_MAX];
s3d_strarrjoin(path_buf, { path, "/info" });
char *lines = s3d_read_file(path_buf, 1, 0);
s3d_streachline(lines, line, line_no, {
char *lptr = line;
#define abort_parse(message, more...) \
abort_because( \
"%s:%d: " message ": %s", \
path_buf, line_no, ##more, line \
)
#define parse_tag(name) s3d_strconsume(&lptr, name " ")
#define parse_attr_tok(name) { \
s3d_strskip(&lptr, " "); \
\
if(!s3d_strconsume(&lptr, name "=")) { \
abort_parse("Expected '" name "=' token"); \
} \
}
#define parse_tok(tok) \
s3d_strskip(&lptr, " "); \
\
if(!s3d_strconsume(&lptr, tok)) { \
abort_parse("Expected '" tok "' token"); \
}
#define parse_long(dst, name) { \
errno = 0; \
\
dst = strtol(lptr, &lptr, 10); \
\
if(errno) { \
abort_parse("Bad " name " value"); \
} \
}
#define parse_eol() \
if(!s3d_strempty(lptr)) { \
abort_parse("Trailing characters"); \
}
if(parse_tag("common")) {
parse_attr_tok("lineHeight");
parse_long(info->line_height, "line height");
parse_attr_tok("base");
parse_long(info->base, "base");
parse_attr_tok("scaleW");
parse_long(info->scale_w, "scale width");
parse_attr_tok("scaleH");
parse_long(info->scale_h, "scale height");
parse_tok("pages=1");
parse_tok("packed=0");
parse_tok("alphaChnl=1");
parse_tok("redChnl=4");
parse_tok("greenChnl=4");
parse_tok("blueChnl=4");
parse_eol();
}
else
if(parse_tag("chars")) {
parse_attr_tok("count");
parse_long(info->num_chars, "char count");
parse_eol();
if(info->num_chars > 0) {
s3d_mallocptr(info->chars, info->num_chars);
}
ichar = 0;
}
else
if(parse_tag("char")) {
if(ichar == -1) {
abort_parse("char tag before chars tag");
}
if(ichar >= info->num_chars) {
abort_parse(
"Too many char tags (more than %d)", info->num_chars
);
}
s3d_fnt_char_info *cptr = &info->chars[ichar];
parse_attr_tok("id");
parse_long(cptr->id, "ID");
parse_attr_tok("x");
parse_long(cptr->x, "X");
parse_attr_tok("y");
parse_long(cptr->y, "Y");
parse_attr_tok("width");
parse_long(cptr->w, "width");
parse_attr_tok("height");
parse_long(cptr->h, "height");
parse_attr_tok("xoffset");
parse_long(cptr->xoff, "X offset");
parse_attr_tok("yoffset");
parse_long(cptr->yoff, "Y offset");
parse_attr_tok("xadvance");
parse_long(cptr->xadv, "X advance");
parse_tok("page=0");
parse_tok("chnl=15");
parse_eol();
++ichar;
}
else {
abort_parse("Invalid tag");
}
})
#undef parse_tag
#undef parse_attr_tok
#undef parse_tok
#undef parse_long
#undef parse_eol
#undef abort_parse
if(info->line_height == -1) {
/*
* Extracts given chains from a policy file.
*/
static int
openpam_parse_chain(pam_handle_t *pamh,
const char *service,
pam_facility_t facility,
const char *filename,
openpam_style_t style)
{
pam_chain_t *this, **next;
pam_facility_t fclt;
pam_control_t ctlf;
char *line0, *line, *str, *name;
char *option, **optv;
int len, lineno, ret;
FILE *f;
if ((f = fopen(filename, "r")) == NULL) {
openpam_log(errno == ENOENT ? PAM_LOG_DEBUG : PAM_LOG_NOTICE,
"%s: %m", filename);
return (PAM_SUCCESS);
}
if (openpam_check_desc_owner_perms(filename, fileno(f)) != 0) {
fclose(f);
return (PAM_SYSTEM_ERR);
}
this = NULL;
name = NULL;
lineno = 0;
while ((line0 = line = openpam_readline(f, &lineno, NULL)) != NULL) {
/* get service name if necessary */
if (style == pam_conf_style) {
if ((len = parse_service_name(&line, &str)) == 0) {
openpam_log(PAM_LOG_NOTICE,
"%s(%d): invalid service name (ignored)",
filename, lineno);
FREE(line0);
continue;
}
if (strlcmp(service, str, len) != 0) {
FREE(line0);
continue;
}
}
/* get facility name */
if ((fclt = parse_facility_name(&line)) == (pam_facility_t)-1) {
openpam_log(PAM_LOG_ERROR,
"%s(%d): missing or invalid facility",
filename, lineno);
goto fail;
}
if (facility != fclt && facility != PAM_FACILITY_ANY) {
FREE(line0);
continue;
}
/* check for "include" */
if (parse_include(&line)) {
if ((len = parse_service_name(&line, &str)) == 0) {
openpam_log(PAM_LOG_ERROR,
"%s(%d): missing or invalid filename",
filename, lineno);
goto fail;
}
if ((name = strndup(str, len)) == NULL)
goto syserr;
if (parse_eol(&line) != 0) {
openpam_log(PAM_LOG_ERROR,
"%s(%d): garbage at end of line",
filename, lineno);
goto fail;
}
ret = openpam_load_chain(pamh, name, fclt);
FREE(name);
if (ret != PAM_SUCCESS)
goto fail;
FREE(line0);
continue;
}
/* get control flag */
if ((ctlf = parse_control_flag(&line)) == (pam_control_t)-1) {
openpam_log(PAM_LOG_ERROR,
"%s(%d): missing or invalid control flag",
filename, lineno);
goto fail;
}
/* get module name */
if ((len = parse_filename(&line, &str)) == 0) {
openpam_log(PAM_LOG_ERROR,
"%s(%d): missing or invalid module name",
filename, lineno);
goto fail;
}
if ((name = strndup(str, len)) == NULL)
goto syserr;
/* allocate new entry */
if ((this = calloc(1, sizeof *this)) == NULL)
goto syserr;
this->flag = ctlf;
/* get module options */
if ((this->optv = malloc(sizeof *optv)) == NULL)
goto syserr;
this->optc = 0;
while ((option = parse_option(&line)) != NULL) {
optv = realloc(this->optv,
(this->optc + 2) * sizeof *optv);
if (optv == NULL)
goto syserr;
this->optv = optv;
this->optv[this->optc++] = option;
}
this->optv[this->optc] = NULL;
if (*line != '\0') {
openpam_log(PAM_LOG_ERROR,
"%s(%d): syntax error in module options",
filename, lineno);
goto fail;
}
/* load module */
this->module = openpam_load_module(name);
FREE(name);
if (this->module == NULL)
goto fail;
/* hook it up */
for (next = &pamh->chains[fclt]; *next != NULL;
next = &(*next)->next)
/* nothing */ ;
*next = this;
this = NULL;
/* next please... */
FREE(line0);
}
if (!feof(f))
goto syserr;
fclose(f);
return (PAM_SUCCESS);
syserr:
openpam_log(PAM_LOG_ERROR, "%s: %m", filename);
fail:
if (this && this->optc) {
while (this->optc--)
FREE(this->optv[this->optc]);
FREE(this->optv);
}
FREE(this);
FREE(line0);
FREE(name);
fclose(f);
return (PAM_SYSTEM_ERR);
}
