int
main(int argc, char **argv)
{
char buffer[0x1000] = { 0 };
char user[0x100], pwd[0x100], cookie[0x100] = { 0 };
(void)(argc);
(void)(argv);
if (
!getenv("REQUEST_METHOD") ||
strcmp(getenv("REQUEST_METHOD"), "POST") ||
!fread(buffer, 1, sizeof(buffer) - 1, stdin)
)
login_page(NULL);
chomp(buffer);
if (parse_request(buffer, user, sizeof(user), pwd, sizeof(pwd)))
login_page("Missing username or password");
if (!match_user("db/members.csv", user, pwd))
login_page("Incorrect username or password");
if (set_cookie("db/loggedin.csv", user, cookie, sizeof(cookie)))
login_page("Internal error, please try again");
catalog_page(user, cookie);
return 0;
}
// A handler for the /authorize endpoint.
// Login page form sends user name and password to this endpoint.
static void authorize(struct mg_connection *conn,
const struct mg_request_info *request_info) {
char user[32], password[32], referer[256];
if(!strcmp(request_info->request_method, "POST")) {
char post_data[1024];
int post_data_len = mg_read(conn, post_data, sizeof(post_data));
mg_get_var(post_data, post_data_len, "user", user, sizeof(user));
mg_get_var(post_data, post_data_len, "password", password, sizeof(password));
mg_get_var(post_data, post_data_len, "referer", referer, sizeof(referer));
} else {
// Fetch user name and password.
get_qsvar(request_info, "user", user, sizeof(user));
get_qsvar(request_info, "password", password, sizeof(password));
get_qsvar(request_info, "ref", referer, sizeof(referer));
}
/* Referer url must begin with '/' */
if((referer[0] != '/') || (strcmp(referer, AUTHORIZE_URL) == 0))
strcpy(referer, "/");
if(ntop->checkUserPassword(user, password)) {
set_cookie(conn, user, referer);
} else {
// Authentication failure, redirect to login.
redirect_to_login(conn, request_info);
}
}
void http_client::set_cookie(const std::string& cookie_name, long cookie_value)
{
char buf[21] = { 0 };
#ifdef __WXMSW__
::ltoa(cookie_value, buf, 10);
#else
sprintf(buf, "%ld", cookie_value);
#endif
set_cookie(cookie_name, buf);
}
int
main(int argc, char **argv)
{
struct cookie c;
struct cookie_jar *cj;
if(argv[1]) {
printf("Raw Cookie: [%s]\n", argv[1]);
parse_cookie(&c, argv[1], strlen(argv[1]));
print_cookie(&c);
set_cookie(&cj, &c);
print_cookie_jar(cj);
}
}
void AdminLoginHandler::main(std::string url) {
std::string username = request().post("username");
std::string password = request().post("password");
Login *login = new Login();
std::string usercode = login->user_login(username, password, 2);
cppcms::json::value json_result;
if (usercode.size() > 0){
json_result["result"] = "login success";
set_cookie("usercode", usercode);
set_session(usercode, "admin");
}
else {
json_result["result"] = "login failed";
}
response_as_json(json_result);
delete login;
}
static am_status_t add_header_in_response(am_request_t *rq, const char *key, const char *value) {
am_status_t status = AM_ERROR;
request_rec *r = (request_rec *) (rq != NULL ? rq->ctx : NULL);
if (r == NULL || !ISVALID(key)) return AM_EINVAL;
if (!ISVALID(value)) {
/*value is empty, sdk is setting a cookie in response*/
status = set_cookie(rq, key);
} else {
/* Apache HTTPD keeps two separate server response header tables in the request
* record — one for normal response headers and one for error headers.
* The difference between them is the error headers are sent to
* the client even (not only) on an error response (REDIRECT is one of them)
*/
apr_table_add(r->err_headers_out, key, value);
status = AM_SUCCESS;
}
return status;
}
getdns_return_t parse_args(int argc, char **argv)
{
getdns_return_t r = GETDNS_RETURN_GOOD;
size_t i;
char *arg, *c, *endptr;
int t, print_api_info = 0;
getdns_list *upstream_list = NULL;
size_t upstream_count = 0;
for (i = 1; i < argc; i++) {
arg = argv[i];
if ((t = get_rrtype(arg)) >= 0) {
request_type = t;
continue;
} else if (arg[0] == '+') {
if (arg[1] == 's' && arg[2] == 'i' && arg[3] == 't' &&
(arg[4] == '=' || arg[4] == '\0')) {
if ((r = set_cookie(extensions, arg+4))) {
fprintf(stderr, "Could not set cookie:"
" %d", r);
break;
}
} else if ((r = getdns_dict_set_int(extensions, arg+1,
GETDNS_EXTENSION_TRUE))) {
fprintf(stderr, "Could not set extension "
"\"%s\": %d\n", argv[i], r);
break;
}
continue;
} else if (arg[0] == '@') {
getdns_dict *upstream = ipaddr_dict(context, arg + 1);
if (upstream) {
if (!upstream_list &&
!(upstream_list =
getdns_list_create_with_context(context))){
fprintf(stderr, "Could not create upstream list\n");
return GETDNS_RETURN_MEMORY_ERROR;
}
getdns_list_set_dict(upstream_list,
upstream_count++, upstream);
}
continue;
} else if (arg[0] != '-') {
name = arg;
continue;
}
for (c = arg+1; *c; c++) {
switch (*c) {
case 'a':
async = 1;
break;
case 'A':
calltype = ADDRESS;
break;
case 'b':
if (c[1] != 0 || ++i >= argc || !*argv[i]) {
fprintf(stderr, "max_udp_payload_size "
"expected after -b\n");
return GETDNS_RETURN_GENERIC_ERROR;
}
edns0_size = strtol(argv[i], &endptr, 10);
if (*endptr || edns0_size < 0) {
fprintf(stderr, "positive "
"numeric max_udp_payload_size "
"expected after -b\n");
return GETDNS_RETURN_GENERIC_ERROR;
}
getdns_context_set_edns_maximum_udp_payload_size(
context, (uint16_t) edns0_size);
goto next;
case 'D':
(void) getdns_context_set_edns_do_bit(context, 1);
break;
case 'd':
(void) getdns_context_set_edns_do_bit(context, 0);
break;
case 'F':
if (c[1] != 0 || ++i >= argc || !*argv[i]) {
fprintf(stderr, "file name expected "
"after -F\n");
return GETDNS_RETURN_GENERIC_ERROR;
}
query_file = argv[i];
interactive = 1;
break;
case 'G':
calltype = GENERAL;
break;
case 'H':
calltype = HOSTNAME;
break;
case 'h':
print_usage(stdout, argv[0]);
return CONTINUE;
case 'i':
print_api_info = 1;
break;
case 'I':
interactive = 1;
break;
case 'j':
json = 2;
break;
case 'J':
json = 1;
break;
case 'p':
json = 0;
case 'q':
quiet = 1;
break;
case 'r':
getdns_context_set_resolution_type(
context,
GETDNS_RESOLUTION_RECURSING);
break;
case 's':
getdns_context_set_resolution_type(
context, GETDNS_RESOLUTION_STUB);
break;
case 'S':
calltype = SERVICE;
break;
case 't':
if (c[1] != 0 || ++i >= argc || !*argv[i]) {
fprintf(stderr, "ttl expected "
"after -t\n");
return GETDNS_RETURN_GENERIC_ERROR;
}
timeout = strtol(argv[i], &endptr, 10);
if (*endptr || timeout < 0) {
fprintf(stderr, "positive "
"numeric ttl expected "
"after -t\n");
return GETDNS_RETURN_GENERIC_ERROR;
}
getdns_context_set_timeout(
context, timeout);
goto next;
case 'T':
getdns_context_set_dns_transport(context,
GETDNS_TRANSPORT_TCP_ONLY);
break;
case 'O':
getdns_context_set_dns_transport(context,
GETDNS_TRANSPORT_TCP_ONLY_KEEP_CONNECTIONS_OPEN);
break;
case 'L':
getdns_context_set_dns_transport(context,
GETDNS_TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN);
break;
case 'E':
getdns_context_set_dns_transport(context,
GETDNS_TRANSPORT_TLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN);
break;
case 'u':
getdns_context_set_dns_transport(context,
GETDNS_TRANSPORT_UDP_FIRST_AND_FALL_BACK_TO_TCP);
break;
case 'U':
getdns_context_set_dns_transport(context,
GETDNS_TRANSPORT_UDP_ONLY);
break;
case 'B':
batch_mode = 1;
break;
default:
fprintf(stderr, "Unknown option "
"\"%c\"\n", *c);
for (i = 0; i < argc; i++)
fprintf(stderr, "%d: \"%s\"\n", (int)i, argv[i]);
return GETDNS_RETURN_GENERIC_ERROR;
}
}
next: ;
}
if (r)
return r;
if (upstream_count &&
(r = getdns_context_set_upstream_recursive_servers(
context, upstream_list))) {
fprintf(stderr, "Error setting upstream recursive servers\n");
}
if (print_api_info) {
fprintf(stdout, "%s\n", getdns_pretty_print_dict(
getdns_context_get_api_information(context)));
return CONTINUE;
}
return r;
}
void http_got_header(struct connection *c, struct read_buffer *rb)
{
int cf;
int state = c->state != S_PROC ? S_GETH : S_PROC;
unsigned char *head;
unsigned char *cookie, *ch;
int a, h, version;
unsigned char *d;
struct cache_entry *e;
struct http_connection_info *info;
unsigned char *host = upcase(c->url[0]) != 'P' ? c->url : get_url_data(c->url);
set_timeout(c);
info = c->info;
if (rb->close == 2) {
unsigned char *h;
if (!c->tries && (h = get_host_name(host))) {
if (info->bl_flags & BL_NO_CHARSET) {
del_blacklist_entry(h, BL_NO_CHARSET);
} else {
add_blacklist_entry(h, BL_NO_CHARSET);
c->tries = -1;
}
mem_free(h);
}
setcstate(c, S_CANT_READ);
retry_connection(c);
return;
}
rb->close = 0;
again:
if ((a = get_header(rb)) == -1) {
setcstate(c, S_HTTP_ERROR);
abort_connection(c);
return;
}
if (!a) {
read_from_socket(c, c->sock1, rb, http_got_header);
setcstate(c, state);
return;
}
if (a != -2) {
head = mem_alloc(a + 1);
memcpy(head, rb->data, a);
head[a] = 0;
kill_buffer_data(rb, a);
} else {
head = stracpy("HTTP/0.9 200 OK\r\nContent-Type: text/html\r\n\r\n");
}
if (get_http_code(head, &h, &version) || h == 101) {
mem_free(head);
setcstate(c, S_HTTP_ERROR);
abort_connection(c);
return;
}
if (check_http_server_bugs(host, c->info, head) && is_connection_restartable(c)) {
mem_free(head);
setcstate(c, S_RESTART);
retry_connection(c);
return;
}
ch = head;
while ((cookie = parse_http_header(ch, "Set-Cookie", &ch))) {
unsigned char *host = upcase(c->url[0]) != 'P' ? c->url : get_url_data(c->url);
set_cookie(NULL, host, cookie);
mem_free(cookie);
}
if (h == 100) {
mem_free(head);
state = S_PROC;
goto again;
}
if (h < 200) {
mem_free(head);
setcstate(c, S_HTTP_ERROR);
abort_connection(c);
return;
}
if (h == 204) {
mem_free(head);
setcstate(c, S_HTTP_204);
http_end_request(c, 0);
return;
}
if (h == 304) {
mem_free(head);
setcstate(c, S_OK);
http_end_request(c, 1);
return;
}
if ((h == 500 || h == 502 || h == 503 || h == 504) && http_bugs.retry_internal_errors && is_connection_restartable(c)) {
/* !!! FIXME: wait some time ... */
mem_free(head);
setcstate(c, S_RESTART);
retry_connection(c);
return;
}
if (!c->cache && get_cache_entry(c->url, &c->cache)) {
mem_free(head);
setcstate(c, S_OUT_OF_MEM);
abort_connection(c);
return;
}
e = c->cache;
e->http_code = h;
if (e->head) mem_free(e->head);
e->head = head;
if ((d = parse_http_header(head, "Expires", NULL))) {
time_t t = parse_http_date(d);
if (t && e->expire_time != 1) e->expire_time = t;
mem_free(d);
}
if ((d = parse_http_header(head, "Pragma", NULL))) {
if (!casecmp(d, "no-cache", 8)) e->expire_time = 1;
mem_free(d);
}
if ((d = parse_http_header(head, "Cache-Control", NULL))) {
char *f = d;
while (1) {
while (*f && (*f == ' ' || *f == ',')) f++;
if (!*f) break;
if (!casecmp(f, "no-cache", 8) || !casecmp(f, "must-revalidate", 15)) {
e->expire_time = 1;
}
if (!casecmp(f, "max-age=", 8)) {
if (e->expire_time != 1) e->expire_time = time(NULL) + atoi(f + 8);
}
while (*f && *f != ',') f++;
}
mem_free(d);
}
#ifdef HAVE_SSL
if (c->ssl) {
int l = 0;
if (e->ssl_info) mem_free(e->ssl_info);
e->ssl_info = init_str();
add_num_to_str(&e->ssl_info, &l, SSL_get_cipher_bits(c->ssl, NULL));
add_to_str(&e->ssl_info, &l, "-bit ");
add_to_str(&e->ssl_info, &l, SSL_get_cipher_version(c->ssl));
add_to_str(&e->ssl_info, &l, " ");
add_to_str(&e->ssl_info, &l, (unsigned char *)SSL_get_cipher_name(c->ssl));
}
#endif
if (e->redirect) mem_free(e->redirect), e->redirect = NULL;
if (h == 301 || h == 302 || h == 303 || h == 307) {
if ((h == 302 || h == 307) && !e->expire_time) e->expire_time = 1;
if ((d = parse_http_header(e->head, "Location", NULL))) {
unsigned char *user, *ins;
unsigned char *newuser, *newpassword;
if (!parse_url(d, NULL, &user, NULL, NULL, NULL, &ins, NULL, NULL, NULL, NULL, NULL, NULL) && !user && ins && (newuser = get_user_name(host))) {
if (*newuser) {
int ins_off = ins - d;
newpassword = get_pass(host);
if (!newpassword) newpassword = stracpy("");
add_to_strn(&newuser, ":");
add_to_strn(&newuser, newpassword);
add_to_strn(&newuser, "@");
extend_str(&d, strlen(newuser));
ins = d + ins_off;
memmove(ins + strlen(newuser), ins, strlen(ins) + 1);
memcpy(ins, newuser, strlen(newuser));
mem_free(newpassword);
}
mem_free(newuser);
}
if (e->redirect) mem_free(e->redirect);
e->redirect = d;
e->redirect_get = h == 303;
}
}
if (!e->expire_time && strchr(c->url, POST_CHAR)) e->expire_time = 1;
info->close = 0;
info->length = -1;
info->version = version;
if ((d = parse_http_header(e->head, "Connection", NULL)) || (d = parse_http_header(e->head, "Proxy-Connection", NULL))) {
if (!strcasecmp(d, "close")) info->close = 1;
mem_free(d);
} else if (version < 11) info->close = 1;
cf = c->from;
c->from = 0;
if ((d = parse_http_header(e->head, "Content-Range", NULL))) {
if (strlen(d) > 6) {
d[5] = 0;
if (!(strcasecmp(d, "bytes")) && d[6] >= '0' && d[6] <= '9') {
#if defined(HAVE_STRTOLL)
long long f = strtoll(d + 6, NULL, 10);
#elif defined(HAVE_STRTOQ)
longlong f = strtoq(d + 6, NULL, 10);
#else
long f = strtol(d + 6, NULL, 10);
if (f == MAXLONG) f = -1;
#endif
if (f >= 0 && (off_t)f >= 0 && (off_t)f == f) c->from = f;
}
}
mem_free(d);
}
if (cf && !c->from && !c->unrestartable) c->unrestartable = 1;
if (c->from > cf || c->from < 0) {
setcstate(c, S_HTTP_ERROR);
abort_connection(c);
return;
}
if ((d = parse_http_header(e->head, "Content-Length", NULL))) {
unsigned char *ep;
#if defined(HAVE_STRTOLL)
long long l = strtoll(d, (char **)(void *)&ep, 10);
#elif defined(HAVE_STRTOQ)
longlong l = strtoq(d, (char **)(void *)&ep, 10);
#else
long l = strtol(d, (char **)(void *)&ep, 10);
if (l == MAXLONG) l = -1;
#endif
if (!*ep && l >= 0 && (off_t)l >= 0 && (off_t)l == l) {
if (!info->close || version >= 11) info->length = l;
if (c->from + l >= 0) c->est_length = c->from + l;
}
mem_free(d);
}
if ((d = parse_http_header(e->head, "Accept-Ranges", NULL))) {
if (!strcasecmp(d, "none") && !c->unrestartable) c->unrestartable = 1;
mem_free(d);
} else {
if (!c->unrestartable && !c->from) c->unrestartable = 1;
}
if (info->bl_flags & BL_NO_RANGE && !c->unrestartable) c->unrestartable = 1;
if ((d = parse_http_header(e->head, "Transfer-Encoding", NULL))) {
if (!strcasecmp(d, "chunked")) {
info->length = -2;
info->chunk_remaining = -1;
}
mem_free(d);
}
if (!info->close && info->length == -1) info->close = 1;
if ((d = parse_http_header(e->head, "Last-Modified", NULL))) {
if (e->last_modified && strcasecmp(e->last_modified, d)) {
delete_entry_content(e);
if (c->from) {
c->from = 0;
mem_free(d);
setcstate(c, S_MODIFIED);
retry_connection(c);
return;
}
}
if (!e->last_modified) e->last_modified = d;
else mem_free(d);
}
if (!e->last_modified && (d = parse_http_header(e->head, "Date", NULL)))
e->last_modified = d;
if (info->length == -1 || (version < 11 && info->close)) rb->close = 1;
read_http_data(c, rb);
}
void delete_cookie(const std::string& name)
{
set_cookie(name, std::string());
}
bool http_client::grab_url(const std::string& url, const std::string& method, const std::string& post_body)
{
error_field.clear();
returned_headers.clear();
http_return = 0;
returned_body.clear();
std::string to_use_method = strtoupper(method);
std::string scheme, user, pass, host, path;
short port;
if ( !parse_url(url, scheme, user, pass, host, port, path) )
{
error_field = "Couldn't parse the URL!";
return false;
}
// Build request
std::stringstream ret;
ret << to_use_method << ' ' << path << " HTTP/1.0\r\n"
<< "Host: " << host;
if (port != 80 && port != 443) ret << ':' << port;
ret << "\r\n";
bool content_length_said = false;
set_header("Connection", "Close");
for (stringmap::iterator ci = headers.begin(); ci != headers.end(); ++ci)
{
std::string head = strtolower(ci->first);
if ( head == "content-length" )
{
content_length_said = true;
}
ret << ci->first << ':' << ' ' << ci->second << "\r\n";
}
if ( !content_length_said && to_use_method != "GET" )
ret << "Content-Length: " << static_cast<unsigned int>(post_body.size()) << "\r\n";
std::stringstream cookie_ss;
for (stringmap::iterator ci = cookies.begin(); ci != cookies.end(); ++ci)
{
std::string var = ci->first ; trim(var);
std::string val = ci->second; trim(val);
if ( val.empty() || var.empty() )
continue;
if ( !cookie_ss.str().empty() )
cookie_ss << ';' << ' ';
cookie_ss << urlencode(var) << '=' << urlencode(val);
}
if ( !cookie_ss.str().empty() )
ret << "Cookie: " << cookie_ss.str() << "\r\n";
ret << "\r\n";
ret << post_body;
std::string request_build = ret.str();
std::stringstream ss;
{
dlib::connection * conn(0);
try
{
if (timeout > 0)
conn = dlib::connect(host, port, timeout);
else
conn = dlib::connect(host, port);
}
catch (const dlib::socket_error& e)
{
error_field = e.what();
return false;
}
// Implement a timeout
timeout_ptr t;
if ( timeout > 0 )
t.reset( new dlib::timeout(*conn, &dlib::connection::shutdown, timeout) );
// Write our request
conn->write(request_build.c_str(), static_cast<long>(request_build.size()));
t.reset();
// And read the response
char buf[512];
long bytes_read(0), bytes_total(0);
bool read_headers(true);
if ( timeout > 0 )
t.reset( new dlib::timeout(*conn, &dlib::connection::shutdown, timeout) );
while ( (bytes_read = conn->read(buf, 512)) > 0 )
{
ss.write(buf, bytes_read);
// Incremental read headers
if ( read_headers )
{
std::string body_with_headers = ss.str();
std::string::size_type ctr(0);
while ( true )
{
std::string::size_type pos = body_with_headers.find("\r\n", ctr);
if ( pos == std::string::npos )
{
// This is our last position of "\r\n"
ss.str("");
ss.write( body_with_headers.substr(ctr).c_str(), body_with_headers.size() - ctr );
break;
}
std::string header = body_with_headers.substr(ctr, pos-ctr);
if ( header.empty() )
{
// Ok, we're done reading the headers
read_headers = false;
// What follows now is the body
ss.str("");
ss.write( body_with_headers.substr(pos + 2).c_str(), body_with_headers.size() - pos - 2 );
break;
}
ctr = pos + 2;
if ( returned_headers.empty() )
{
if (
header[0] == 'H' &&
header[1] == 'T' &&
header[2] == 'T' &&
header[3] == 'P' &&
header[4] == '/' &&
(header[5] >= '0' && header[5] <= '9') &&
header[6] == '.' &&
(header[7] >= '0' && header[7] <= '9') &&
header[8] == ' '
)
{
http_return = (header[9 ] - '0') * 100 +
(header[10] - '0') * 10 +
(header[11] - '0');
continue;
}
}
std::string::size_type pos_dp = header.find_first_of(':');
std::string header_name, header_value;
if ( pos_dp == std::string::npos )
{
// **TODO** what should I do here??
header_name = header;
}
else
{
header_name = trim(header.substr(0, pos_dp));
header_value = trim(header.substr(pos_dp+1));
}
returned_headers[ header_name ].push_back(header_value);
if ( BR_CASECMP(header_name.c_str(), "Content-Length", 14) == 0 )
{
bytes_total = atol( header_value.c_str() );
}
else if ( BR_CASECMP(header_name.c_str(), "Set-Cookie", 10) == 0 )
{
std::string::size_type cur_pos(0), pos_pk, pos_is;
std::string work, var, val;
for ( cur_pos = 0; cur_pos < header_value.size(); cur_pos++ )
{
pos_pk = header_value.find(';', cur_pos);
work = trim( header_value.substr(cur_pos, pos_pk - cur_pos) );
pos_is = work.find('=');
if ( pos_is != std::string::npos )
{ // Hmmm? what in the else case?
var = trim( http_client::urldecode( work.substr(0, pos_is) ) );
val = trim( http_client::urldecode( work.substr(pos_is + 1) ) );
if ( var != "expires" && var != "domain" && var != "path" )
set_cookie( var, val );
}
cur_pos = pos_pk == std::string::npos ? pos_pk - 1 : pos_pk;
}
} // Set-Cookie?
} // while (true)
} // read_headers?
// Call the OnDownload function if it's set
if ( OnDownload && !read_headers )
{
if ( (*OnDownload)(static_cast<long>(ss.tellp()), bytes_total, user_info) == false )
{
t.reset();
break;
}
}
if ( bytes_total != 0 && static_cast<long>(ss.tellp()) == bytes_total )
{
t.reset();
break;
}
if ( timeout > 0 )
t.reset( new dlib::timeout(*conn, &dlib::connection::shutdown, timeout) );
} // while still data to read
t.reset();
delete conn;
switch ( bytes_read )
{
case dlib::TIMEOUT: error_field = "Timeout"; return false; break;
case dlib::WOULDBLOCK: error_field = "Would block"; return false; break;
case dlib::OTHER_ERROR: error_field = "Other error"; return false; break;
case dlib::SHUTDOWN: error_field = "Timeout"; return false; break;
case dlib::PORTINUSE: error_field = "Port in use"; return false; break;
}
}
returned_body = ss.str();
return true;
}
// Return 1 if request is authorized, 0 otherwise.
static int is_authorized(const struct mg_connection *conn,
const struct mg_request_info *request_info,
char *username, u_int username_len) {
char session_id[33], buf[128];
char key[64], user[32];
char password[32];
const char *auth_header_p;
string auth_type = "", auth_string = "";
bool user_login_disabled = !ntop->getPrefs()->is_users_login_enabled() ||
authorized_localhost_users_login_disabled(conn);
if(user_login_disabled) {
mg_get_cookie(conn, "user", username, username_len);
if(strncmp(username, NTOP_NOLOGIN_USER, username_len)) {
set_cookie(conn, (char *)NTOP_NOLOGIN_USER, NULL);
}
return 1;
}
// Always authorize accesses to login page and to authorize URI
if((!strcmp(request_info->uri, LOGIN_URL))
|| (!strcmp(request_info->uri, AUTHORIZE_URL))) {
return 1;
}
if((!strcmp(request_info->uri, Utils::getURL((char*)LOGIN_URL, buf, sizeof(buf))))
|| (!strcmp(request_info->uri, Utils::getURL((char*)AUTHORIZE_URL, buf, sizeof(buf))))) {
return 1;
}
/* Try to decode Authorization header if present */
auth_header_p = mg_get_header(conn, "Authorization");
string auth_header = auth_header_p ? auth_header_p : "";
istringstream iss(auth_header);
getline(iss, auth_type, ' ');
if(auth_type == "Basic") {
string decoded_auth, user_s = "", pword_s = "";
/* In case auth type is Basic, info are encoded in base64 */
getline(iss, auth_string, ' ');
decoded_auth = Utils::base64_decode(auth_string);
istringstream authss(decoded_auth);
getline(authss, user_s, ':');
getline(authss, pword_s, ':');
return ntop->checkUserPassword(user_s.c_str(), pword_s.c_str());
}
mg_get_cookie(conn, "user", username, username_len);
mg_get_cookie(conn, "session", session_id, sizeof(session_id));
if(!strcmp(username, NTOP_NOLOGIN_USER) && !user_login_disabled)
/* Trying to access web interface with nologin after ntopng restart
with different settings */
return 0;
if(session_id[0] == '\0') {
/* Last resort: see if we have a user and password matching */
mg_get_cookie(conn, "password", password, sizeof(password));
return(ntop->checkUserPassword(username, password));
}
// ntop->getTrace()->traceEvent(TRACE_WARNING, "[HTTP] Received session %s/%s", session_id, username);
snprintf(key, sizeof(key), CONST_RUNTIME_IS_AUTOLOGOUT_ENABLED);
ntop->getRedis()->get(key, buf, sizeof(buf));
// do_auto_logout() is the getter for the command-line specified
// preference that defaults to true (i.e., auto_logout is enabled by default)
// If do_auto_logout() is disabled, then the runtime auto logout preference
// is taken into accout.
// If do_auto_logout() is false, then the auto logout is disabled regardless
// of runtime preferences.
if(ntop->getPrefs()->do_auto_logout() && strncmp(buf, (char*)"1", 1) == 0) {
snprintf(key, sizeof(key), "sessions.%s", session_id);
if((ntop->getRedis()->get(key, user, sizeof(user)) < 0)
|| strcmp(user, username) /* Users don't match */) {
ntop->getTrace()->traceEvent(TRACE_INFO, "[HTTP] Session %s/%s is expired or empty user",
session_id, username);
return(0);
} else {
ntop->getRedis()->expire(key, HTTP_SESSION_DURATION); /* Extend session */
ntop->getTrace()->traceEvent(TRACE_INFO, "[HTTP] Session %s is OK: extended for %u sec",
session_id, HTTP_SESSION_DURATION);
return(1);
}
} else
return(1);
}
