QTSS_Error QTSSCallbacks::QTSS_Authorize(QTSS_RTSPRequestObject inAuthRequestObject, char** outAuthRealm, Bool16* outAuthUserAllowed) { RTSPRequestInterface* request = (RTSPRequestInterface *) inAuthRequestObject; if (request == NULL) return QTSS_BadArgument; // Because this is a role being executed from inside a callback, we need to // make sure that QTSS_RequestEvent will not work. Task* curTask = NULL; QTSS_ModuleState* theState = (QTSS_ModuleState*)OSThread::GetMainThreadData(); if (OSThread::GetCurrent() != NULL) theState = (QTSS_ModuleState*)OSThread::GetCurrent()->GetThreadData(); if (theState != NULL) curTask = theState->curTask; QTSS_RoleParams theParams; theParams.rtspRequestParams.inRTSPSession = NULL; theParams.rtspRequestParams.inRTSPRequest = request; theParams.rtspRequestParams.inClientSession = NULL; QTSS_Error theErr = QTSS_RequestFailed; UInt32 x = 0; UInt32 numModules = QTSServerInterface::GetNumModulesInRole(QTSSModule::kRTSPAuthRole); QTSSModule* theModulePtr = NULL; Bool16 allowedDefault = QTSServerInterface::GetServer()->GetPrefs()->GetAllowGuestDefault(); *outAuthUserAllowed = allowedDefault; Bool16 allowed = allowedDefault; //server pref? Bool16 hasUser = false; Bool16 handled = false; // Call all the modules that are registered for the RTSP Authorize Role for ( ; x < numModules; x++) { request->SetAllowed(true); request->SetHasUser(false); request->SetAuthHandled(false); debug_printf(" QTSSCallbacks::QTSS_Authorize calling module module = %lu numModules=%lu\n", x,numModules); theModulePtr = QTSServerInterface::GetModule(QTSSModule::kRTSPAuthRole, x); theErr = QTSS_NoErr; if (theModulePtr) { if (__QTSSCALLBACKS_DEBUG__) theModulePtr->GetValue(qtssModName)->PrintStr("QTSSModule::CallDispatch ENTER module=", "\n"); theErr = theModulePtr->CallDispatch(QTSS_RTSPAuthorize_Role, &theParams); debug_printf(" QTSSCallbacks::QTSS_Authorize calling module module = %lu numModules=%lu ModuleError=%ld\n", x,numModules, theErr); } else { debug_printf(" QTSSCallbacks::QTSS_Authorize calling module module = %lu is NULL! numModules=%lu\n", x,numModules); continue; } allowed = request->GetAllowed(); hasUser = request->GetHasUser(); handled = request->GetAuthHandled(); debug_printf("QTSSCallbacks::QTSS_Authorize allowedDefault =%d allowed= %d hasUser = %d handled=%d \n",allowedDefault, allowed,hasUser, handled); *outAuthUserAllowed = allowed; //notes: //if (allowed && !handled) break; //old module //if (!allowed && handled) /new module handled the request but not authorized keep trying //if (allowed && handled) //new module allowed but keep trying in case someone denies. if (!allowed && !handled) //old module break on !allowed { debug_printf("RTSPSession.cpp::Run(kAuthorizingRequest) skipping other modules fCurrentModule = %lu numModules=%lu\n", x,numModules); break; } } // outAuthRealm is set to the realm that is given by the module that has denied authentication StrPtrLen* realm = request->GetValue(qtssRTSPReqURLRealm); *outAuthRealm = realm->GetAsCString(); return theErr; }
QTSS_Error QTSSCallbacks::QTSS_Authenticate(const char* inAuthUserName, const char* inAuthResourceLocalPath, const char* inAuthMoviesDir, QTSS_ActionFlags inAuthRequestAction, QTSS_AuthScheme inAuthScheme, QTSS_RTSPRequestObject ioAuthRequestObject) { if((inAuthUserName == NULL) || (inAuthResourceLocalPath == NULL) || (inAuthMoviesDir == NULL) || (ioAuthRequestObject == NULL)) return QTSS_BadArgument; if(inAuthRequestAction == qtssActionFlagsNoFlags) return QTSS_BadArgument; if(inAuthScheme == qtssAuthNone) return QTSS_BadArgument; // First create a RTSPRequestInterface object // There is no session attached to it, so just pass in NULL for the RTSPSession RTSPRequestInterface *request = (RTSPRequestInterface *) ioAuthRequestObject; // Set all the attributes required by the authentication module, using the input values (void) request->SetValue(qtssRTSPReqUserName, 0, inAuthUserName , ::strlen(inAuthUserName), QTSSDictionary::kDontObeyReadOnly); (void) request->SetValue(qtssRTSPReqLocalPath, 0, inAuthResourceLocalPath , ::strlen(inAuthResourceLocalPath), QTSSDictionary::kDontObeyReadOnly); (void) request->SetValue(qtssRTSPReqRootDir, 0, inAuthMoviesDir , ::strlen(inAuthMoviesDir), QTSSDictionary::kNoFlags); (void) request->SetValue(qtssRTSPReqAction, 0, (const void *)&inAuthRequestAction , sizeof(QTSS_ActionFlags), QTSSDictionary::kNoFlags); (void) request->SetValue(qtssRTSPReqAuthScheme, 0, (const void *)&inAuthScheme , sizeof(QTSS_AuthScheme), QTSSDictionary::kDontObeyReadOnly); QTSSUserProfile *profile = request->GetUserProfile(); (void) profile->SetValue(qtssUserName, 0, inAuthUserName, ::strlen(inAuthUserName), QTSSDictionary::kDontObeyReadOnly); // Because this is a role being executed from inside a callback, we need to // make sure that QTSS_RequestEvent will not work. Task* curTask = NULL; QTSS_ModuleState* theState = (QTSS_ModuleState*)OSThread::GetMainThreadData(); if (OSThread::GetCurrent() != NULL) theState = (QTSS_ModuleState*)OSThread::GetCurrent()->GetThreadData(); if (theState != NULL) curTask = theState->curTask; // Setup the authentication param block QTSS_RoleParams theAuthenticationParams; theAuthenticationParams.rtspAthnParams.inRTSPRequest = request; QTSS_Error theErr = QTSS_RequestFailed; UInt32 x = 0; UInt32 numModules = QTSServerInterface::GetNumModulesInRole(QTSSModule::kRTSPAthnRole); QTSSModule* theModulePtr = NULL; Bool16 allowedDefault = QTSServerInterface::GetServer()->GetPrefs()->GetAllowGuestDefault(); Bool16 allowed = allowedDefault; //server pref? Bool16 hasUser = false; Bool16 handled = false; // Call all the modules that are registered for the RTSP Authorize Role for ( ; x < numModules; x++) { request->SetAllowed(allowedDefault); request->SetHasUser(false); request->SetAuthHandled(false); debug_printf(" QTSSCallbacks::QTSS_Authenticate calling module module = %lu numModules=%lu\n", x,numModules); theModulePtr = QTSServerInterface::GetModule(QTSSModule::kRTSPAthnRole, x); theErr = QTSS_NoErr; if (theModulePtr) { theErr = theModulePtr->CallDispatch(QTSS_RTSPAuthenticate_Role, &theAuthenticationParams); debug_printf(" QTSSCallbacks::QTSS_Authorize calling module module = %lu numModules=%lu ModuleError=%ld\n", x,numModules, theErr); } else { debug_printf(" QTSSCallbacks::QTSS_Authorize calling module module = %lu is NULL! numModules=%lu\n", x,numModules); continue; } allowed = request->GetAllowed(); hasUser = request->GetHasUser(); handled = request->GetAuthHandled(); debug_printf("QTSSCallbacks::QTSS_Authenticate allowedDefault =%d allowed= %d hasUser = %d handled=%d \n",allowedDefault, allowed,hasUser, handled); if (hasUser || handled ) //See RTSPSession.cpp::Run state=kAuthenticatingRequest { debug_printf(" QTSSCallbacks::QTSS_Authenticate skipping other modules fCurrentModule = %lu numModules=%lu\n", x,numModules); break; } } // Reset the curTask to what it was before this role started if (theState != NULL) theState->curTask = curTask; return theErr; }