int
bufPutcTimes(Buffer b, int c, int times)
{
int i;
for (i = 0; i < times; i++)
bufPutc(b, c);
return c;
}
PUBLIC bool websVerifyPamPassword(Webs *wp)
{
WebsBuf abilities;
pam_handle_t *pamh;
UserInfo info;
struct pam_conv conv = { pamChat, &info };
struct group *gp;
int res, i;
assure(wp);
assure(wp->username && wp->username);
assure(wp->password);
assure(!wp->encoded);
info.name = (char*) wp->username;
info.password = (char*) wp->password;
pamh = NULL;
if ((res = pam_start("login", info.name, &conv, &pamh)) != PAM_SUCCESS) {
return 0;
}
if ((res = pam_authenticate(pamh, PAM_DISALLOW_NULL_AUTHTOK)) != PAM_SUCCESS) {
pam_end(pamh, PAM_SUCCESS);
trace(5, "httpPamVerifyUser failed to verify %s", wp->username);
return 0;
}
pam_end(pamh, PAM_SUCCESS);
trace(5, "httpPamVerifyUser verified %s", wp->username);
if (!wp->user) {
wp->user = websLookupUser(wp->username);
}
if (!wp->user) {
Gid groups[32];
int ngroups;
/*
Create a temporary user with a abilities set to the groups
*/
ngroups = sizeof(groups) / sizeof(Gid);
if ((i = getgrouplist(wp->username, 99999, groups, &ngroups)) >= 0) {
bufCreate(&abilities, 128, -1);
for (i = 0; i < ngroups; i++) {
if ((gp = getgrgid(groups[i])) != 0) {
bufPutStr(&abilities, gp->gr_name);
bufPutc(&abilities, ' ');
}
}
bufAddNull(&abilities);
trace(5, "Create temp user \"%s\" with abilities: %s", wp->username, abilities.servp);
if ((wp->user = websAddUser(wp->username, 0, abilities.servp)) == 0) {
return 0;
}
computeUserAbilities(wp->user);
}
}
return 1;
}
local String
arRdItemArch(Archive ar)
{
String name = arRdItemArch0(ar);
ULong idx = 0L;
Buffer buf;
String ptr;
if (name[0] != '\0')
return name;
if (name[1] == '/') {
/* Do we ever get more than one of these? */
arReadNameTable(ar);
/* Just go round again... */
return arRdItemArch(ar);
}
/* Indirect name: character offset into the name table. */
(void)sscanf(&name[1], "%8lu ", &idx);
/* Debugging */
arDEBUG(dbOut, ">>> Reading offset #%lu (out of %lu)\n",
idx, (ULong)strLength(ar->names));
/* Start a new character buffer */
buf = bufNew();
/* Jump to the correct place in the buffer */
ptr = ar->names + idx;
/* Scan characters up until a / or newline */
while ((*ptr != '\n') && (*ptr != '/') && *ptr)
bufPutc(buf, *ptr++);
/* Convert the buffer into a text string */
name = bufLiberate(buf);
/* Debugging */
arDEBUG(dbOut, ">>> [%s]\n", name);
/* Return the name from the directory table */
return name;
}
/* Evalute all lines in the edit box "id" b/ween "fromLine" and "toLine" */
local void
wglEvalLines(int editBox, int fromLine, int toLine)
{
int i;
LPSTR lineStr;
Buffer evalBuf = bufNew();
for (i = fromLine; i < toLine; i++) {
lineStr = pfcGetLine(editBox, i);
if (lineStr[0] == NULL) continue; /* Skip blank lines */
bufPuts(evalBuf, lineStr);
bufPutc(evalBuf, '\n');
}
bufPutc(evalBuf, EOF);
bufStart(evalBuf);
osSetStdinBuffer(evalBuf);
compGLoopEval(osStdin, osStdout, finfo);
wglShowOutput(editBox);
bufFree(evalBuf);
}
int main(int argc, char *argv[])
{
WebsBuf buf;
char *password, *authFile, *username, *encodedPassword, *realm, *cp, *roles;
int i, errflg, create, nextArg;
username = 0;
create = errflg = 0;
password = 0;
for (i = 1; i < argc && !errflg; i++) {
if (argv[i][0] != '-') {
break;
}
for (cp = &argv[i][1]; *cp && !errflg; cp++) {
if (*cp == 'c') {
create++;
} else if (*cp == 'p') {
if (++i == argc) {
errflg++;
} else {
password = argv[i];
break;
}
} else {
errflg++;
}
}
}
nextArg = i;
if ((nextArg + 3) > argc) {
errflg++;
}
if (errflg) {
printUsage();
exit(2);
}
authFile = argv[nextArg++];
realm = argv[nextArg++];
username = argv[nextArg++];
bufCreate(&buf, 0, 0);
for (i = nextArg; i < argc; ) {
bufPutStr(&buf, argv[i]);
if (++i < argc) {
bufPutc(&buf, ',');
}
}
roles = sclone(buf.servp);
websOpenAuth(1);
if (!create) {
if (websLoad(authFile) < 0) {
exit(2);
}
if (access(authFile, W_OK) < 0) {
error("Can't write to %s", authFile);
exit(4);
}
} else if (access(authFile, R_OK) < 0) {
error("Can't create %s, already exists", authFile);
exit(5);
}
if (!password && (password = getPassword()) == 0) {
exit(1);
}
encodedPassword = websMD5(sfmt("%s:%s:%s", username, realm, password));
websRemoveUser(username);
if (websAddUser(username, encodedPassword, roles) < 0) {
exit(7);
}
if (writeAuthFile(authFile) < 0) {
exit(6);
}
websCloseAuth();
return 0;
}
static int ccPutc (int c) { return bufPutc(ccBuf, c); }
