PRIVATE GroupDef *parse_group_decl ARGS1(FILE *, fp)
{
char *group_name = NULL;
GroupDef *group_def = NULL;
LexItem lex_item;
do {
lex_item = lex(fp);
} while (lex_item == LEX_REC_SEP); /* Ignore empty lines */
if (lex_item != LEX_ALPH_STR) {
if (lex_item != LEX_EOF)
syntax_error(fp, "Expecting group name", lex_item);
return NULL;
}
StrAllocCopy(group_name, HTlex_buffer);
if (LEX_FIELD_SEP != (lex_item = lex(fp))) {
syntax_error(fp, "Expecting field separator", lex_item);
FREE(group_name);
return NULL;
}
if (!(group_def = HTAA_parseGroupDef(fp))) {
FREE(group_name);
return NULL;
}
group_def->group_name = group_name;
return group_def;
}
void HTAA_parseProtFile( HTAAProt *prot, FILE *fp )
{
if ( prot && fp )
{
LexItem lex_item;
char *fieldname = 0;
do
{
lex_item = lex( fp );
if ( lex_item != LEX_EOF )
{
for ( ; lex_item == LEX_REC_SEP; )
{
lex_item = lex( fp );
}
if ( lex_item == LEX_EOF )
goto B7;
else
{
if ( lex_item == LEX_ALPH_STR )
{
HTSACopy( &fieldname, HTlex_buffer );
lex_item = lex( fp );
if ( lex_item != LEX_FIELD_SEP )
unlex( lex_item );
if ( strncasecomp( fieldname, "Auth", 4 ) == 0 )
{
lex_item = lex( fp );
do
{
if ( lex_item == LEX_ALPH_STR )
{
HTAAScheme scheme = HTAAScheme_enum( HTlex_buffer );
if ( scheme )
{
if ( prot->valid_schemes == 0 )
{
prot->valid_schemes = HTList_new( );
}
HTList_addObject( &prot->valid_schemes, &scheme );
if ( WWW_TraceFlag )
{
fprintf( TraceFP( ), "%s %s `%s'\n", "HTAA_parseProtFile: valid", "authentication scheme:", HTAAScheme_name( scheme ) );
}
}
else
if ( WWW_TraceFlag )
{
fprintf( TraceFP( ), "%s %s `%s'\n", "HTAA_parseProtFile: unknown", "authentication scheme:", HTlex_buffer );
}
lex( fp );
while ( lex_item = lex( fp ), lex_item == LEX_ITEM_SEP )
{
lex( fp );
}
}
}
while ( lex_item != LEX_REC_SEP );
}
else
{
if ( strncasecomp( fieldname, "mask", 4 ) == 0 )
{
prot->mask_group = HTAA_parseGroupDef( fp );
lex_item = LEX_REC_SEP;
if ( WWW_TraceFlag )
{
if ( prot->mask_group )
{
fwrite( "HTAA_parseProtFile: Mask group:\n", 1, 32, TraceFP( ) );
HTAA_printGroupDef( &prot->mask_group );
}
else
{
fwrite( "HTAA_parseProtFile: Mask group syntax error\n", 1, 44, TraceFP( ) );
}
}
}
else
{
lex_item = lex( fp );
if ( lex_item == LEX_ALPH_STR )
{
if ( prot->values == 0 )
{
prot->values = HTAssocList_new( );
}
HTAssocList_add( &prot->values, fieldname, HTlex_buffer );
lex_item = lex( fp );
if ( WWW_TraceFlag )
{
fprintf( TraceFP( ), "%s `%s' bound to value `%s'\n", "HTAA_parseProtFile: Name", fieldname, HTlex_buffer );
}
}
}
}
}
if ( lex_item != LEX_EOF && lex_item != LEX_REC_SEP )
{
if ( WWW_TraceFlag )
{
fprintf( TraceFP( ), "%s %s %d (that line ignored)\n", "HTAA_parseProtFile: Syntax error", "in protection setup file at line", HTlex_line );
}
do
{
lex_item = lex( fp );
}
while ( lex_item != LEX_EOF && lex_item != LEX_REC_SEP );
}
}
}
B7:;
if ( fieldname == 0 )
break;
free( fieldname );
break;
}
while ( lex_item != LEX_REC_SEP );
}
return;
}
/* PUBLIC HTAA_getAclEntry()
** CONSULT THE ACCESS CONTROL LIST AND
** GIVE A LIST OF GROUPS (AND USERS)
** AUTHORIZED TO ACCESS A GIVEN FILE
** ON ENTRY:
** acl_file is an open ACL file.
** pathname is the absolute pathname of
** the file to be accessed.
** method is the method for which access is wanted.
**
** ALC FILE FORMAT:
**
** template : method, method, ... : group@addr, user, group, ...
**
** The last item is in fact in exactly the same format as
** group definition in group file, i.e. everything that
** follows the 'groupname:' part,
** e.g.
** user, group, user@address, group@address,
** (user,group,...)@(address, address, ...)
**
** ON EXIT:
** returns NULL, if there is no entry for the file in the ACL,
** or ACL doesn't exist.
** If there is, a GroupDef object containing the
** group and user names allowed to access the file
** is returned (this is automatically freed
** next time this function is called).
** IMPORTANT:
** Returns the first entry with matching template and
** method. This function should be called multiple times
** to process all the valid entries (until it returns NULL).
** This is because there can be multiple entries like:
**
** *.html : get,put : ari,timbl,robert
** *.html : get : jim,james,jonathan,jojo
**
** NOTE:
** The returned group definition may well contain references
** to groups defined in group file. Therefore these references
** must be resolved according to that rule file by function
** HTAA_resolveGroupReferences() (group file is read in by
** HTAA_readGroupFile()) and after that access authorization
** can be checked with function HTAA_userAndInetGroup().
*/
PUBLIC GroupDef *HTAA_getAclEntry ARGS3(FILE *, acl_file,
WWW_CONST char *, pathname,
HTAAMethod, method)
{
static GroupDef * group_def = NULL;
WWW_CONST char * filename;
int len;
char *buf;
if (!acl_file) return NULL; /* ACL doesn't exist */
if (group_def) {
GroupDef_delete(group_def); /* From previous call */
group_def = NULL;
}
if (!(filename = strrchr(pathname, '/')))
filename = pathname;
else filename++; /* Skip slash */
len = strlen(filename);
if (!(buf = (char*)malloc((strlen(filename)+2)*sizeof(char))))
outofmem(__FILE__, "HTAA_getAuthorizedGroups");
while (EOF != HTAAFile_readField(acl_file, buf, len+1)) {
if (HTAA_templateMatch(buf, filename)) {
HTList *methods = HTList_new();
HTAAFile_readList(acl_file, methods, MAX_METHODNAME_LEN);
#ifndef DISABLE_TRACE
if (www2Trace) {
fprintf(stderr,
"Filename '%s' matched template '%s', allowed methods:",
filename, buf);
}
#endif
if (HTAAMethod_inList(method, methods)) { /* right method? */
#ifndef DISABLE_TRACE
if (www2Trace) fprintf(stderr, " METHOD OK\n");
#endif
HTList_delete(methods);
free(buf);
group_def = HTAA_parseGroupDef(acl_file);
return group_def;
}
#ifndef DISABLE_TRACE
else if (www2Trace) fprintf(stderr, " METHOD NOT FOUND\n");
#endif
HTList_delete(methods);
} /* if template match */
else {
HTAAFile_nextRec(acl_file);
#ifndef DISABLE_TRACE
if (www2Trace) {
fprintf(stderr,
"Filename '%s' didn't match template '%s'\n",
filename, buf);
}
#endif
}
HTAAFile_nextRec(acl_file);
} /* while not eof */
free(buf);
return NULL; /* No entry for requested file */
/* (or an empty entry). */
}
