void ne_session_proxy(ne_session *sess, const char *hostname, unsigned int port) { free_proxies(sess); sess->proxies = ne_calloc(sizeof *sess->proxies); sess->any_proxy_http = 1; set_hostinfo(sess->proxies, PROXY_HTTP, hostname, port); }
void ne_session_destroy(ne_session *sess) { NE_DEBUG_WINSCP_CONTEXT(sess); struct hook *hk; NE_DEBUG(NE_DBG_HTTP, "sess: Destroying session.\n"); /* Run the destroy hooks. */ for (hk = sess->destroy_sess_hooks; hk != NULL; hk = hk->next) { ne_destroy_sess_fn fn = (ne_destroy_sess_fn)hk->fn; fn(hk->userdata); } /* Close the connection; note that the notifier callback could * still be invoked here. */ if (sess->connected) { ne_close_connection(sess); } destroy_hooks(sess->create_req_hooks); destroy_hooks(sess->pre_send_hooks); destroy_hooks(sess->post_headers_hooks); destroy_hooks(sess->post_send_hooks); destroy_hooks(sess->destroy_req_hooks); destroy_hooks(sess->destroy_sess_hooks); destroy_hooks(sess->close_conn_hooks); destroy_hooks(sess->private); ne_free(sess->scheme); free_hostinfo(&sess->server); free_proxies(sess); if (sess->user_agent) ne_free(sess->user_agent); if (sess->socks_user) ne_free(sess->socks_user); if (sess->socks_password) ne_free(sess->socks_password); #ifdef NE_HAVE_SSL if (sess->ssl_context) ne_ssl_context_destroy(sess->ssl_context); if (sess->server_cert) ne_ssl_cert_free(sess->server_cert); if (sess->client_cert) ne_ssl_clicert_free(sess->client_cert); #endif ne_free(sess); }
void ne_session_socks_proxy(ne_session *sess, enum ne_sock_sversion vers, const char *hostname, unsigned int port, const char *username, const char *password) { free_proxies(sess); sess->proxies = ne_calloc(sizeof *sess->proxies); set_hostinfo(sess->proxies, PROXY_SOCKS, hostname, port); sess->socks_ver = vers; if (username) sess->socks_user = ne_strdup(username); if (password) sess->socks_password = ne_strdup(password); }
void ne_set_addrlist2(ne_session *sess, unsigned int port, const ne_inet_addr **addrs, size_t n) { struct host_info *hi, **lasthi; size_t i; free_proxies(sess); lasthi = &sess->proxies; for (i = 0; i < n; i++) { *lasthi = hi = ne_calloc(sizeof *hi); hi->proxy = PROXY_NONE; hi->network = addrs[i]; hi->port = port; lasthi = &hi->next; } }
int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) { char *user, *pw; char *service; char **proxies; char netid[14]; int i, success; Flags f = NONE; /* initialize proxy array */ proxies = (char **)malloc(sizeof(char **)); proxies[0] = NULL; /* get username and password */ if (pam_get_user(pamh, (const char**) &user, NULL) != PAM_SUCCESS) return PAM_AUTH_ERR; if (pam_get_item(pamh, PAM_AUTHTOK, (const void**) &pw) != PAM_SUCCESS) return PAM_AUTH_ERR; /* * Abort if the password doesn't look like a ticket. This speeds things * up and reduces the likelihood that the user's password will end up * in an HTTPD log. */ if ((strncmp(CAS_BEGIN_PT, pw, strlen(CAS_BEGIN_PT)) != 0) && (strncmp(CAS_BEGIN_ST, pw, strlen(CAS_BEGIN_ST)) != 0)) return PAM_AUTH_ERR; /* prepare log */ openlog("PAM_cas", LOG_PID, LOG_AUTH); /* check arguments */ for (i = 0; i < argc; i++) { if (!strcmp(argv[i], "debug")) f |= DEBUG; else if (!strncmp(argv[i], "-s", 2)) { service = strdup(argv[i] + 2); } else if (!strncmp(argv[i], "-p", 2)) { proxies = add_proxy(proxies, argv[i] + 2); } else if (!strncmp(argv[i], "-e", 2)) { /* don't let the username pass through if it's excluded */ if (!strcmp(argv[i] + 2, user)) { syslog(LOG_NOTICE, "user '%s' is excluded from the CAS PAM", user); free_proxies(proxies); return PAM_AUTH_ERR; } } else syslog(LOG_ERR, "invalid option '%s'", argv[i]); } /* determine the CAS-authenticated username */ success = cas_validate(pw, service, netid, sizeof(netid), proxies); /* free the memory used by the proxy array */ free_proxies(proxies); /* Confirm the user and return appropriately. */ if ((success == CAS_SUCCESS) && (!strcmp(user, netid))) { closelog(); return PAM_SUCCESS; } else { syslog(LOG_NOTICE, "authentication failure code %d for user '%s'", success, user); closelog(); return PAM_AUTH_ERR; } }
void ne_session_system_proxy(ne_session *sess, unsigned int flags) { #ifdef HAVE_LIBPROXY pxProxyFactory *pxf = px_proxy_factory_new(); struct host_info *hi, **lasthi; char *url, **proxies; ne_uri uri; unsigned n; free_proxies(sess); /* Create URI for session to pass off to libproxy */ memset(&uri, 0, sizeof uri); ne_fill_server_uri(sess, &uri); uri.path = "/"; /* make valid URI structure. */ url = ne_uri_unparse(&uri); uri.path = NULL; /* Get list of pseudo-URIs from libproxy: */ proxies = px_proxy_factory_get_proxies(pxf, url); for (n = 0, lasthi = &sess->proxies; proxies[n]; n++) { enum proxy_type ptype; ne_uri_free(&uri); NE_DEBUG(NE_DBG_HTTP, "sess: libproxy #%u=%s\n", n, proxies[n]); if (ne_uri_parse(proxies[n], &uri)) continue; if (!uri.scheme) continue; if (ne_strcasecmp(uri.scheme, "http") == 0) ptype = PROXY_HTTP; else if (ne_strcasecmp(uri.scheme, "socks") == 0) ptype = PROXY_SOCKS; else if (ne_strcasecmp(uri.scheme, "direct") == 0) ptype = PROXY_NONE; else continue; /* Hostname/port required for http/socks schemes. */ if (ptype != PROXY_NONE && !(uri.host && uri.port)) continue; /* Do nothing if libproxy returned only a single "direct://" * entry -- a single "direct" (noop) proxy is equivalent to * having none. */ if (n == 0 && proxies[1] == NULL && ptype == PROXY_NONE) break; NE_DEBUG(NE_DBG_HTTP, "sess: Got proxy %s://%s:%d\n", uri.scheme, uri.host ? uri.host : "(none)", uri.port); hi = *lasthi = ne_calloc(sizeof *hi); if (ptype == PROXY_NONE) { /* A "direct" URI requires an attempt to connect directly to * the origin server, so dup the server details. */ set_hostinfo(hi, ptype, sess->server.hostname, sess->server.port); } else { /* SOCKS/HTTP proxy. */ set_hostinfo(hi, ptype, uri.host, uri.port); if (ptype == PROXY_HTTP) sess->any_proxy_http = 1; else if (ptype == PROXY_SOCKS) sess->socks_ver = NE_SOCK_SOCKSV5; } lasthi = &hi->next; } /* Free up the proxies array: */ for (n = 0; proxies[n]; n++) free(proxies[n]); free(proxies[n]); ne_free(url); ne_uri_free(&uri); px_proxy_factory_free(pxf); #endif }