/* * Authenticate using WWW/Proxy-Authorize header field */ int w_auth_check(sip_msg_t *_m, char* _realm, char* _table, char *_flags) { str srealm; str stable; int iflags; if ((_m->REQ_METHOD == METHOD_ACK) || (_m->REQ_METHOD == METHOD_CANCEL)) { return AUTH_OK; } if(_m==NULL || _realm==NULL || _table==NULL || _flags==NULL) { LM_ERR("invalid parameters\n"); return AUTH_ERROR; } if (get_str_fparam(&srealm, _m, (fparam_t*)_realm) < 0) { LM_ERR("failed to get realm value\n"); return AUTH_ERROR; } if (get_str_fparam(&stable, _m, (fparam_t*)_table) < 0) { LM_ERR("failed to get realm value\n"); return AUTH_ERROR; } if(fixup_get_ivalue(_m, (gparam_p)_flags, &iflags)!=0) { LM_ERR("invalid flags parameter\n"); return -1; } return auth_check(_m, &srealm, &stable, iflags); }
ot_u8 vl_getheader_vaddr(vaddr* header, vlBLOCK block_id, ot_u8 data_id, ot_u8 mod, id_tmpl* user_id) { /// 1. Get the header from the supplied Block ID & Data ID switch (block_id) { case VL_GFB_BLOCKID: *header = sub_gfb_search(data_id); break; case VL_ISFS_BLOCKID: *header = sub_isfs_search(data_id); break; case VL_ISF_BLOCKID: *header = sub_isf_search(data_id); break; default: return 255; } /// 2. Bail if header is NULL if (*header == NULL_vaddr) { return 0x01; } /// 3. Authenticate, when it's not a su call if (user_id != NULL) { Twobytes filemod; filemod.ushort = vworm_read(*header + 4); if ( auth_check(filemod.ubyte[1], mod, user_id) == 0 ) { return 0x04; } } return 0; }
int cgiMain() { int act; int ret; act = check_from(); switch (act) { case -1: do_error("用户名或密码错误"); break; case 0: if (auth_check() < 0) { do_error("用户名或密码错误"); return 0; } show_basic_page(); break; case 1: handle_basic(); break; case 2: handle_security(); break; case 3: ret = what_action(); if (ret == 0) reboot(LINUX_REBOOT_CMD_RESTART); else if (ret == 1) show_cdev_page(); break; case 4: handle_cdev(); break; case 5: handle_breq(); break; case 6: handle_scene(); break; case 7: handle_slnk(); break; case 128: reboot(LINUX_REBOOT_CMD_RESTART); break; default: break; } return 0; }
ot_u8 vl_delete(vlBLOCK block_id, ot_u8 data_id, id_tmpl* user_id) { #if (OT_FEATURE(VLNEW) == ENABLED) vaddr header = NULL_vaddr; sub_vaddr search_fn; sub_check check_fn; /// 1. Get the header from the supplied Block ID & Data ID block_id--; switch (block_id) { case 0: check_fn = &sub_gfb_delete_check; search_fn = &sub_gfb_search; break; case 1: check_fn = &sub_isfs_delete_check; search_fn = &sub_isfs_search; break; case 2: check_fn = &sub_isf_delete_check; search_fn = &sub_isf_search; break; default: return 255; } if (check_fn(data_id) != 0) { header = search_fn(data_id); } /// 2. Bail if header is NULL if (header == NULL_vaddr) { return 0x01; } /// 3. Authenticate, when it's not a su call if (user_id != NULL) { Twobytes filemod; filemod.ushort = vworm_read(header + 4); if ( auth_check(filemod.ubyte[1], VL_ACCESS_RW, user_id) == 0 ) { return 0x04; } } sub_delete_file(header); return 0; #else return 255; //error, delete disabled #endif }
ot_u8 vl_new(vlFILE** fp_new, vlBLOCK block_id, ot_u8 data_id, ot_u8 mod, ot_uint max_length, id_tmpl* user_id) { #if (OT_FEATURE(VLNEW) == ENABLED) vaddr header; sub_vaddr search_fn; sub_new new_fn; /// 1. Authenticate, when it's not a su call if (user_id != NULL) { if ( auth_check(VL_ACCESS_USER, VL_ACCESS_W, user_id) == 0 ) { return 0x04; } } /// 2. Make sure the file is not already there block_id--; switch (block_id) { case 0: search_fn = &sub_gfb_search; new_fn = &sub_gfb_new; break; case 1: search_fn = &sub_isfs_search; new_fn = &sub_isfs_new; break; case 2: search_fn = &sub_isf_search; new_fn = &sub_isf_new; break; default: return 0xFF; } header = search_fn(data_id); if (header != NULL_vaddr) { return 0x02; } *fp_new = new_fn(data_id, mod, max_length); if (*fp_new == NULL) { return 0x06; } return 0; #else return 255; #endif }
static void dispatch_mm7_recv(List *rl) { MmsBoxHTTPClientInfo *h; while ((h = gwlist_consume(rl)) != NULL) { int ret = -1, has_auth = 0; MmscGrp *m = h->m; if (auth_check(m->incoming.user, m->incoming.pass, h->headers, &has_auth) != 0) { /* Ask it to authenticate... */ List *hh = http_create_empty_headers(); http_header_add(hh, "WWW-Authenticate", "Basic realm=\"" MM_NAME "\""); http_send_reply(h->client, HTTP_UNAUTHORIZED, hh, octstr_imm("Authentication failed")); http_destroy_headers(hh); if (!has_auth) mms_info_ex("auth",0, "MM7", m->id, "Auth failed, incoming connection, MMC group=[%s]", m->id ? octstr_get_cstr(m->id) : "(none)"); else mms_error_ex("auth",0, "MM7", m->id, "Auth failed, incoming connection, MMC group=[%s]", m->id ? octstr_get_cstr(m->id) : "(none)"); } else if (h->m->type == SOAP_MMSC) ret = mm7soap_receive(h); else if (h->m->type == EAIF_MMSC) ret = mm7eaif_receive(h); else ret = mm7http_receive(h); h->m->last_pdu = time(NULL); if (ret == 0) h->m->mo_pdus++; else h->m->mo_errors++; free_mmsbox_http_clientInfo(h, 1); } }
/* In this function we assume that the file has been checked for * maliciousness (".."s, etc) and has been decoded */ void procsendhead(struct connstruct *cn) { char buf[MAXREQUESTLENGTH]; struct stat stbuf; time_t t_time; struct tm *ptm; char date[32]; char last_modified[32]; char expires[32]; int file_exists; /* are we trying to access a file over the HTTP connection instead of a * HTTPS connection? Or is this directory disabled? */ if (htaccess_check(cn)) { send_error(cn, 403); return; } #ifdef CONFIG_HTTP_HAS_AUTHORIZATION if (auth_check(cn)) { /* see if there is a '.htpasswd' file */ #ifdef CONFIG_HTTP_VERBOSE printf("axhttpd: access to %s denied\n", cn->filereq); TTY_FLUSH(); #endif removeconnection(cn); return; } #endif file_exists = stat(cn->actualfile, &stbuf); #if defined(CONFIG_HTTP_HAS_CGI) if (file_exists != -1 && cn->is_cgi) { proccgi(cn); return; } #endif /* look for "index.html"? */ if (isdir(cn->actualfile)) { char tbuf[MAXREQUESTLENGTH]; snprintf(tbuf, MAXREQUESTLENGTH, "%s%s", cn->actualfile, index_file); if ((file_exists = stat(tbuf, &stbuf)) != -1) my_strncpy(cn->actualfile, tbuf, MAXREQUESTLENGTH); else { #if defined(CONFIG_HTTP_DIRECTORIES) /* If not, we do a directory listing of it */ procdirlisting(cn); #else send_error(cn, 404); #endif return; } } if (file_exists == -1) { send_error(cn, 404); return; } time(&t_time); ptm = gmtime(&t_time); strftime(date, sizeof(date), rfc1123_format, ptm); /* has the file been read before? */ if (cn->if_modified_since != -1) { ptm = gmtime(&stbuf.st_mtime); t_time = mktime(ptm); if (cn->if_modified_since >= t_time) { snprintf(buf, sizeof(buf), HTTP_VERSION" 304 Not Modified\nServer: " "%s\nDate: %s\n\n", server_version, date); special_write(cn, buf, strlen(buf)); cn->state = STATE_WANT_TO_READ_HEAD; return; } } if (cn->reqtype == TYPE_HEAD) { removeconnection(cn); return; } else { int flags = O_RDONLY; #if defined(CONFIG_PLATFORM_CYGWIN) flags |= O_BINARY; #endif cn->filedesc = open(cn->actualfile, flags); if (cn->filedesc < 0) { send_error(cn, 404); return; } ptm = gmtime(&stbuf.st_mtime); strftime(last_modified, sizeof(last_modified), rfc1123_format, ptm); t_time += CONFIG_HTTP_TIMEOUT; ptm = gmtime(&t_time); strftime(expires, sizeof(expires), rfc1123_format, ptm); snprintf(buf, sizeof(buf), HTTP_VERSION" 200 OK\nServer: %s\n" "Content-Type: %s\nContent-Length: %ld\n" "Date: %s\nLast-Modified: %s\nExpires: %s\n\n", server_version, getmimetype(cn->actualfile), (long) stbuf.st_size, date, last_modified, expires); special_write(cn, buf, strlen(buf)); #ifdef CONFIG_HTTP_VERBOSE printf("axhttpd: %s:/%s\n", cn->is_ssl ? "https" : "http", cn->filereq); TTY_FLUSH(); #endif cn->state = STATE_WANT_TO_READ_FILE; } }