ret_t cherokee_validator_file_init_base (cherokee_validator_file_t *validator, cherokee_validator_file_props_t *props, cherokee_plugin_info_validator_t *info) { return cherokee_validator_init_base (VALIDATOR(validator), VALIDATOR_PROPS(props), info); }
ret_t cherokee_validator_htdigest_new (cherokee_validator_htdigest_t **htdigest, cherokee_module_props_t *props) { CHEROKEE_NEW_STRUCT(n,validator_htdigest); /* Init */ cherokee_validator_file_init_base (VFILE(n), PROP_VFILE(props), PLUGIN_INFO_VALIDATOR_PTR(htdigest)); VALIDATOR(n)->support = http_auth_basic | http_auth_digest; MODULE(n)->free = (module_func_free_t) cherokee_validator_htdigest_free; VALIDATOR(n)->check = (validator_func_check_t) cherokee_validator_htdigest_check; VALIDATOR(n)->add_headers = (validator_func_add_headers_t) cherokee_validator_htdigest_add_headers; /* Return obj */ *htdigest = n; return ret_ok; }
static ret_t validate_digest (cherokee_validator_htdigest_t *htdigest, cherokee_connection_t *conn, cherokee_buffer_t *file) { int re; ret_t ret; char *user = NULL; char *realm = NULL; char *passwd = NULL; cherokee_buffer_t buf = CHEROKEE_BUF_INIT; /* Sanity check */ if (cherokee_buffer_is_empty (&conn->validator->response)) return ret_error; /* Extact the right entry information */ ret = extract_user_entry (file, conn->validator->user.buf, &user, &realm, &passwd); if (unlikely(ret != ret_ok)) return ret; /* Build the hash: * In this case passwd is the HA1 hash: md5(user:realm:passwd) */ ret = cherokee_validator_digest_response (VALIDATOR(htdigest), passwd, &buf, conn); if (unlikely(ret != ret_ok)) goto go_out; /* Compare and return */ re = cherokee_buffer_cmp_buf (&conn->validator->response, &buf); go_out: cherokee_buffer_mrproper (&buf); return (re == 0) ? ret_ok : ret_deny; }
TlvParser(VALIDATOR const &v = VALIDATOR(), SER const &s = SER(), DESER const &d = DESER()) : validator_(v), serializer_(s), deserializer_(d) {}
ret_t cherokee_validator_file_free_base (cherokee_validator_file_t *validator) { return cherokee_validator_free_base (VALIDATOR(validator)); }
ret_t cherokee_validator_plain_check (cherokee_validator_plain_t *plain, cherokee_connection_t *conn) { int re; ret_t ret; const char *p; const char *end; cherokee_buffer_t *fpass; cherokee_buffer_t file = CHEROKEE_BUF_INIT; cherokee_buffer_t buser = CHEROKEE_BUF_INIT; cherokee_buffer_t bpass = CHEROKEE_BUF_INIT; /* Sanity check */ if (unlikely ((conn->validator == NULL) || cherokee_buffer_is_empty(&conn->validator->user))) { return ret_error; } /* Get the full path to the file */ ret = cherokee_validator_file_get_full_path (VFILE(plain), conn, &fpass, &CONN_THREAD(conn)->tmp_buf1); if (ret != ret_ok) { ret = ret_error; goto out; } /* Read its contents */ ret = cherokee_buffer_read_file (&file, fpass->buf); if (ret != ret_ok) { ret = ret_error; goto out; } if (! cherokee_buffer_is_ending(&file, '\n')) cherokee_buffer_add_str (&file, "\n"); p = file.buf; end = file.buf + file.len; while (p < end) { char *eol; char *colon; /* Look for the EOL */ eol = strchr (p, '\n'); if (eol == NULL) { ret = ret_ok; goto out; } *eol = '\0'; /* Skip comments */ if (p[0] == '#') goto next; colon = strchr (p, ':'); if (colon == NULL) { goto next; } /* Is it the right user? */ cherokee_buffer_clean (&buser); cherokee_buffer_add (&buser, p, colon - p); re = cherokee_buffer_cmp_buf (&buser, &conn->validator->user); if (re != 0) goto next; /* Check the password */ cherokee_buffer_clean (&bpass); cherokee_buffer_add (&bpass, colon+1, eol - (colon+1)); switch (conn->req_auth_type) { case http_auth_basic: /* Empty password */ if (cherokee_buffer_is_empty (&bpass) && cherokee_buffer_is_empty (&conn->validator->passwd)) { ret = ret_ok; goto out; } /* Check the passwd */ re = cherokee_buffer_cmp_buf (&bpass, &conn->validator->passwd); if (re != 0) ret = ret_deny; goto out; case http_auth_digest: ret = cherokee_validator_digest_check (VALIDATOR(plain), &bpass, conn); goto out; default: SHOULDNT_HAPPEN; } /* A user entry has been tested and failed */ ret = ret_deny; goto out; next: p = eol + 1; /* Reached the end without success */ if (p >= end) { ret = ret_deny; goto out; } } out: cherokee_buffer_mrproper (&file); cherokee_buffer_mrproper (&buser); cherokee_buffer_mrproper (&bpass); return ret; }