ret_t cherokee_validator_htdigest_check (cherokee_validator_htdigest_t *htdigest, cherokee_connection_t *conn) { ret_t ret; cherokee_buffer_t *fpass; cherokee_buffer_t file = CHEROKEE_BUF_INIT; /* Ensure that we have all what we need */ if ((conn->validator == NULL) || cherokee_buffer_is_empty (&conn->validator->user)) return ret_error; /* Get the full path to the file */ ret = cherokee_validator_file_get_full_path (VFILE(htdigest), conn, &fpass, &CONN_THREAD(conn)->tmp_buf1); if (ret != ret_ok) { ret = ret_error; goto out; } /* Read the whole file */ ret = cherokee_buffer_read_file (&file, fpass->buf); if (ret != ret_ok) { ret = ret_error; goto out; } /* Authenticate */ if (conn->req_auth_type & http_auth_basic) { ret = validate_basic (htdigest, conn, &file); } else if (conn->req_auth_type & http_auth_digest) { ret = validate_digest (htdigest, conn, &file); } else { SHOULDNT_HAPPEN; } out: cherokee_buffer_mrproper (&file); return ret; }
ret_t cherokee_validator_htdigest_new (cherokee_validator_htdigest_t **htdigest, cherokee_module_props_t *props) { CHEROKEE_NEW_STRUCT(n,validator_htdigest); /* Init */ cherokee_validator_file_init_base (VFILE(n), PROP_VFILE(props), PLUGIN_INFO_VALIDATOR_PTR(htdigest)); VALIDATOR(n)->support = http_auth_basic | http_auth_digest; MODULE(n)->free = (module_func_free_t) cherokee_validator_htdigest_free; VALIDATOR(n)->check = (validator_func_check_t) cherokee_validator_htdigest_check; VALIDATOR(n)->add_headers = (validator_func_add_headers_t) cherokee_validator_htdigest_add_headers; /* Return obj */ *htdigest = n; return ret_ok; }
ret_t cherokee_validator_htdigest_free (cherokee_validator_htdigest_t *htdigest) { return cherokee_validator_file_free_base (VFILE(htdigest)); }
ret_t cherokee_validator_plain_free (cherokee_validator_plain_t *plain) { return cherokee_validator_file_free_base (VFILE(plain)); }
ret_t cherokee_validator_plain_check (cherokee_validator_plain_t *plain, cherokee_connection_t *conn) { int re; ret_t ret; const char *p; const char *end; cherokee_buffer_t *fpass; cherokee_buffer_t file = CHEROKEE_BUF_INIT; cherokee_buffer_t buser = CHEROKEE_BUF_INIT; cherokee_buffer_t bpass = CHEROKEE_BUF_INIT; /* Sanity check */ if (unlikely ((conn->validator == NULL) || cherokee_buffer_is_empty(&conn->validator->user))) { return ret_error; } /* Get the full path to the file */ ret = cherokee_validator_file_get_full_path (VFILE(plain), conn, &fpass, &CONN_THREAD(conn)->tmp_buf1); if (ret != ret_ok) { ret = ret_error; goto out; } /* Read its contents */ ret = cherokee_buffer_read_file (&file, fpass->buf); if (ret != ret_ok) { ret = ret_error; goto out; } if (! cherokee_buffer_is_ending(&file, '\n')) cherokee_buffer_add_str (&file, "\n"); p = file.buf; end = file.buf + file.len; while (p < end) { char *eol; char *colon; /* Look for the EOL */ eol = strchr (p, '\n'); if (eol == NULL) { ret = ret_ok; goto out; } *eol = '\0'; /* Skip comments */ if (p[0] == '#') goto next; colon = strchr (p, ':'); if (colon == NULL) { goto next; } /* Is it the right user? */ cherokee_buffer_clean (&buser); cherokee_buffer_add (&buser, p, colon - p); re = cherokee_buffer_cmp_buf (&buser, &conn->validator->user); if (re != 0) goto next; /* Check the password */ cherokee_buffer_clean (&bpass); cherokee_buffer_add (&bpass, colon+1, eol - (colon+1)); switch (conn->req_auth_type) { case http_auth_basic: /* Empty password */ if (cherokee_buffer_is_empty (&bpass) && cherokee_buffer_is_empty (&conn->validator->passwd)) { ret = ret_ok; goto out; } /* Check the passwd */ re = cherokee_buffer_cmp_buf (&bpass, &conn->validator->passwd); if (re != 0) ret = ret_deny; goto out; case http_auth_digest: ret = cherokee_validator_digest_check (VALIDATOR(plain), &bpass, conn); goto out; default: SHOULDNT_HAPPEN; } /* A user entry has been tested and failed */ ret = ret_deny; goto out; next: p = eol + 1; /* Reached the end without success */ if (p >= end) { ret = ret_deny; goto out; } } out: cherokee_buffer_mrproper (&file); cherokee_buffer_mrproper (&buser); cherokee_buffer_mrproper (&bpass); return ret; }