/*
* Authenticate using WWW/Proxy-Authorize header field
*/
int w_auth_check(sip_msg_t *_m, char* _realm, char* _table, char *_flags)
{
str srealm;
str stable;
int iflags;
if ((_m->REQ_METHOD == METHOD_ACK) || (_m->REQ_METHOD == METHOD_CANCEL)) {
return AUTH_OK;
}
if(_m==NULL || _realm==NULL || _table==NULL || _flags==NULL) {
LM_ERR("invalid parameters\n");
return AUTH_ERROR;
}
if (get_str_fparam(&srealm, _m, (fparam_t*)_realm) < 0) {
LM_ERR("failed to get realm value\n");
return AUTH_ERROR;
}
if (get_str_fparam(&stable, _m, (fparam_t*)_table) < 0) {
LM_ERR("failed to get realm value\n");
return AUTH_ERROR;
}
if(fixup_get_ivalue(_m, (gparam_p)_flags, &iflags)!=0)
{
LM_ERR("invalid flags parameter\n");
return -1;
}
return auth_check(_m, &srealm, &stable, iflags);
}
ot_u8 vl_getheader_vaddr(vaddr* header, vlBLOCK block_id, ot_u8 data_id, ot_u8 mod, id_tmpl* user_id) {
/// 1. Get the header from the supplied Block ID & Data ID
switch (block_id) {
case VL_GFB_BLOCKID: *header = sub_gfb_search(data_id); break;
case VL_ISFS_BLOCKID: *header = sub_isfs_search(data_id); break;
case VL_ISF_BLOCKID: *header = sub_isf_search(data_id); break;
default: return 255;
}
/// 2. Bail if header is NULL
if (*header == NULL_vaddr) {
return 0x01;
}
/// 3. Authenticate, when it's not a su call
if (user_id != NULL) {
Twobytes filemod;
filemod.ushort = vworm_read(*header + 4);
if ( auth_check(filemod.ubyte[1], mod, user_id) == 0 ) {
return 0x04;
}
}
return 0;
}
int
cgiMain()
{
int act;
int ret;
act = check_from();
switch (act)
{
case -1:
do_error("用户名或密码错误");
break;
case 0:
if (auth_check() < 0)
{
do_error("用户名或密码错误");
return 0;
}
show_basic_page();
break;
case 1:
handle_basic();
break;
case 2:
handle_security();
break;
case 3:
ret = what_action();
if (ret == 0)
reboot(LINUX_REBOOT_CMD_RESTART);
else if (ret == 1)
show_cdev_page();
break;
case 4:
handle_cdev();
break;
case 5:
handle_breq();
break;
case 6:
handle_scene();
break;
case 7:
handle_slnk();
break;
case 128:
reboot(LINUX_REBOOT_CMD_RESTART);
break;
default:
break;
}
return 0;
}
ot_u8 vl_delete(vlBLOCK block_id, ot_u8 data_id, id_tmpl* user_id) {
#if (OT_FEATURE(VLNEW) == ENABLED)
vaddr header = NULL_vaddr;
sub_vaddr search_fn;
sub_check check_fn;
/// 1. Get the header from the supplied Block ID & Data ID
block_id--;
switch (block_id) {
case 0: check_fn = &sub_gfb_delete_check;
search_fn = &sub_gfb_search;
break;
case 1: check_fn = &sub_isfs_delete_check;
search_fn = &sub_isfs_search;
break;
case 2: check_fn = &sub_isf_delete_check;
search_fn = &sub_isf_search;
break;
default: return 255;
}
if (check_fn(data_id) != 0) {
header = search_fn(data_id);
}
/// 2. Bail if header is NULL
if (header == NULL_vaddr) {
return 0x01;
}
/// 3. Authenticate, when it's not a su call
if (user_id != NULL) {
Twobytes filemod;
filemod.ushort = vworm_read(header + 4);
if ( auth_check(filemod.ubyte[1], VL_ACCESS_RW, user_id) == 0 ) {
return 0x04;
}
}
sub_delete_file(header);
return 0;
#else
return 255; //error, delete disabled
#endif
}
ot_u8 vl_new(vlFILE** fp_new, vlBLOCK block_id, ot_u8 data_id, ot_u8 mod, ot_uint max_length, id_tmpl* user_id) {
#if (OT_FEATURE(VLNEW) == ENABLED)
vaddr header;
sub_vaddr search_fn;
sub_new new_fn;
/// 1. Authenticate, when it's not a su call
if (user_id != NULL) {
if ( auth_check(VL_ACCESS_USER, VL_ACCESS_W, user_id) == 0 ) {
return 0x04;
}
}
/// 2. Make sure the file is not already there
block_id--;
switch (block_id) {
case 0: search_fn = &sub_gfb_search;
new_fn = &sub_gfb_new;
break;
case 1: search_fn = &sub_isfs_search;
new_fn = &sub_isfs_new;
break;
case 2: search_fn = &sub_isf_search;
new_fn = &sub_isf_new;
break;
default: return 0xFF;
}
header = search_fn(data_id);
if (header != NULL_vaddr) {
return 0x02;
}
*fp_new = new_fn(data_id, mod, max_length);
if (*fp_new == NULL) {
return 0x06;
}
return 0;
#else
return 255;
#endif
}
static void dispatch_mm7_recv(List *rl)
{
MmsBoxHTTPClientInfo *h;
while ((h = gwlist_consume(rl)) != NULL) {
int ret = -1, has_auth = 0;
MmscGrp *m = h->m;
if (auth_check(m->incoming.user,
m->incoming.pass,
h->headers, &has_auth) != 0) { /* Ask it to authenticate... */
List *hh = http_create_empty_headers();
http_header_add(hh, "WWW-Authenticate",
"Basic realm=\"" MM_NAME "\"");
http_send_reply(h->client, HTTP_UNAUTHORIZED, hh,
octstr_imm("Authentication failed"));
http_destroy_headers(hh);
if (!has_auth)
mms_info_ex("auth",0, "MM7", m->id, "Auth failed, incoming connection, MMC group=[%s]",
m->id ? octstr_get_cstr(m->id) : "(none)");
else
mms_error_ex("auth",0, "MM7", m->id, "Auth failed, incoming connection, MMC group=[%s]",
m->id ? octstr_get_cstr(m->id) : "(none)");
} else if (h->m->type == SOAP_MMSC)
ret = mm7soap_receive(h);
else if (h->m->type == EAIF_MMSC)
ret = mm7eaif_receive(h);
else
ret = mm7http_receive(h);
h->m->last_pdu = time(NULL);
if (ret == 0)
h->m->mo_pdus++;
else
h->m->mo_errors++;
free_mmsbox_http_clientInfo(h, 1);
}
}
/* In this function we assume that the file has been checked for
* maliciousness (".."s, etc) and has been decoded
*/
void procsendhead(struct connstruct *cn)
{
char buf[MAXREQUESTLENGTH];
struct stat stbuf;
time_t t_time;
struct tm *ptm;
char date[32];
char last_modified[32];
char expires[32];
int file_exists;
/* are we trying to access a file over the HTTP connection instead of a
* HTTPS connection? Or is this directory disabled? */
if (htaccess_check(cn)) {
send_error(cn, 403);
return;
}
#ifdef CONFIG_HTTP_HAS_AUTHORIZATION
if (auth_check(cn)) { /* see if there is a '.htpasswd' file */
#ifdef CONFIG_HTTP_VERBOSE
printf("axhttpd: access to %s denied\n", cn->filereq); TTY_FLUSH();
#endif
removeconnection(cn);
return;
}
#endif
file_exists = stat(cn->actualfile, &stbuf);
#if defined(CONFIG_HTTP_HAS_CGI)
if (file_exists != -1 && cn->is_cgi) {
proccgi(cn);
return;
}
#endif
/* look for "index.html"? */
if (isdir(cn->actualfile)) {
char tbuf[MAXREQUESTLENGTH];
snprintf(tbuf, MAXREQUESTLENGTH, "%s%s", cn->actualfile, index_file);
if ((file_exists = stat(tbuf, &stbuf)) != -1)
my_strncpy(cn->actualfile, tbuf, MAXREQUESTLENGTH);
else {
#if defined(CONFIG_HTTP_DIRECTORIES)
/* If not, we do a directory listing of it */
procdirlisting(cn);
#else
send_error(cn, 404);
#endif
return;
}
}
if (file_exists == -1) {
send_error(cn, 404);
return;
}
time(&t_time);
ptm = gmtime(&t_time);
strftime(date, sizeof(date), rfc1123_format, ptm);
/* has the file been read before? */
if (cn->if_modified_since != -1)
{
ptm = gmtime(&stbuf.st_mtime);
t_time = mktime(ptm);
if (cn->if_modified_since >= t_time) {
snprintf(buf, sizeof(buf), HTTP_VERSION" 304 Not Modified\nServer: "
"%s\nDate: %s\n\n", server_version, date);
special_write(cn, buf, strlen(buf));
cn->state = STATE_WANT_TO_READ_HEAD;
return;
}
}
if (cn->reqtype == TYPE_HEAD) {
removeconnection(cn);
return;
} else {
int flags = O_RDONLY;
#if defined(CONFIG_PLATFORM_CYGWIN)
flags |= O_BINARY;
#endif
cn->filedesc = open(cn->actualfile, flags);
if (cn->filedesc < 0) {
send_error(cn, 404);
return;
}
ptm = gmtime(&stbuf.st_mtime);
strftime(last_modified, sizeof(last_modified), rfc1123_format, ptm);
t_time += CONFIG_HTTP_TIMEOUT;
ptm = gmtime(&t_time);
strftime(expires, sizeof(expires), rfc1123_format, ptm);
snprintf(buf, sizeof(buf), HTTP_VERSION" 200 OK\nServer: %s\n"
"Content-Type: %s\nContent-Length: %ld\n"
"Date: %s\nLast-Modified: %s\nExpires: %s\n\n", server_version,
getmimetype(cn->actualfile), (long) stbuf.st_size,
date, last_modified, expires);
special_write(cn, buf, strlen(buf));
#ifdef CONFIG_HTTP_VERBOSE
printf("axhttpd: %s:/%s\n", cn->is_ssl ? "https" : "http", cn->filereq);
TTY_FLUSH();
#endif
cn->state = STATE_WANT_TO_READ_FILE;
}
}
