PRIVATE GroupDef *parse_group_decl ARGS1(FILE *, fp) { char *group_name = NULL; GroupDef *group_def = NULL; LexItem lex_item; do { lex_item = lex(fp); } while (lex_item == LEX_REC_SEP); /* Ignore empty lines */ if (lex_item != LEX_ALPH_STR) { if (lex_item != LEX_EOF) syntax_error(fp, "Expecting group name", lex_item); return NULL; } StrAllocCopy(group_name, HTlex_buffer); if (LEX_FIELD_SEP != (lex_item = lex(fp))) { syntax_error(fp, "Expecting field separator", lex_item); FREE(group_name); return NULL; } if (!(group_def = HTAA_parseGroupDef(fp))) { FREE(group_name); return NULL; } group_def->group_name = group_name; return group_def; }
void HTAA_parseProtFile( HTAAProt *prot, FILE *fp ) { if ( prot && fp ) { LexItem lex_item; char *fieldname = 0; do { lex_item = lex( fp ); if ( lex_item != LEX_EOF ) { for ( ; lex_item == LEX_REC_SEP; ) { lex_item = lex( fp ); } if ( lex_item == LEX_EOF ) goto B7; else { if ( lex_item == LEX_ALPH_STR ) { HTSACopy( &fieldname, HTlex_buffer ); lex_item = lex( fp ); if ( lex_item != LEX_FIELD_SEP ) unlex( lex_item ); if ( strncasecomp( fieldname, "Auth", 4 ) == 0 ) { lex_item = lex( fp ); do { if ( lex_item == LEX_ALPH_STR ) { HTAAScheme scheme = HTAAScheme_enum( HTlex_buffer ); if ( scheme ) { if ( prot->valid_schemes == 0 ) { prot->valid_schemes = HTList_new( ); } HTList_addObject( &prot->valid_schemes, &scheme ); if ( WWW_TraceFlag ) { fprintf( TraceFP( ), "%s %s `%s'\n", "HTAA_parseProtFile: valid", "authentication scheme:", HTAAScheme_name( scheme ) ); } } else if ( WWW_TraceFlag ) { fprintf( TraceFP( ), "%s %s `%s'\n", "HTAA_parseProtFile: unknown", "authentication scheme:", HTlex_buffer ); } lex( fp ); while ( lex_item = lex( fp ), lex_item == LEX_ITEM_SEP ) { lex( fp ); } } } while ( lex_item != LEX_REC_SEP ); } else { if ( strncasecomp( fieldname, "mask", 4 ) == 0 ) { prot->mask_group = HTAA_parseGroupDef( fp ); lex_item = LEX_REC_SEP; if ( WWW_TraceFlag ) { if ( prot->mask_group ) { fwrite( "HTAA_parseProtFile: Mask group:\n", 1, 32, TraceFP( ) ); HTAA_printGroupDef( &prot->mask_group ); } else { fwrite( "HTAA_parseProtFile: Mask group syntax error\n", 1, 44, TraceFP( ) ); } } } else { lex_item = lex( fp ); if ( lex_item == LEX_ALPH_STR ) { if ( prot->values == 0 ) { prot->values = HTAssocList_new( ); } HTAssocList_add( &prot->values, fieldname, HTlex_buffer ); lex_item = lex( fp ); if ( WWW_TraceFlag ) { fprintf( TraceFP( ), "%s `%s' bound to value `%s'\n", "HTAA_parseProtFile: Name", fieldname, HTlex_buffer ); } } } } } if ( lex_item != LEX_EOF && lex_item != LEX_REC_SEP ) { if ( WWW_TraceFlag ) { fprintf( TraceFP( ), "%s %s %d (that line ignored)\n", "HTAA_parseProtFile: Syntax error", "in protection setup file at line", HTlex_line ); } do { lex_item = lex( fp ); } while ( lex_item != LEX_EOF && lex_item != LEX_REC_SEP ); } } } B7:; if ( fieldname == 0 ) break; free( fieldname ); break; } while ( lex_item != LEX_REC_SEP ); } return; }
/* PUBLIC HTAA_getAclEntry() ** CONSULT THE ACCESS CONTROL LIST AND ** GIVE A LIST OF GROUPS (AND USERS) ** AUTHORIZED TO ACCESS A GIVEN FILE ** ON ENTRY: ** acl_file is an open ACL file. ** pathname is the absolute pathname of ** the file to be accessed. ** method is the method for which access is wanted. ** ** ALC FILE FORMAT: ** ** template : method, method, ... : group@addr, user, group, ... ** ** The last item is in fact in exactly the same format as ** group definition in group file, i.e. everything that ** follows the 'groupname:' part, ** e.g. ** user, group, user@address, group@address, ** (user,group,...)@(address, address, ...) ** ** ON EXIT: ** returns NULL, if there is no entry for the file in the ACL, ** or ACL doesn't exist. ** If there is, a GroupDef object containing the ** group and user names allowed to access the file ** is returned (this is automatically freed ** next time this function is called). ** IMPORTANT: ** Returns the first entry with matching template and ** method. This function should be called multiple times ** to process all the valid entries (until it returns NULL). ** This is because there can be multiple entries like: ** ** *.html : get,put : ari,timbl,robert ** *.html : get : jim,james,jonathan,jojo ** ** NOTE: ** The returned group definition may well contain references ** to groups defined in group file. Therefore these references ** must be resolved according to that rule file by function ** HTAA_resolveGroupReferences() (group file is read in by ** HTAA_readGroupFile()) and after that access authorization ** can be checked with function HTAA_userAndInetGroup(). */ PUBLIC GroupDef *HTAA_getAclEntry ARGS3(FILE *, acl_file, WWW_CONST char *, pathname, HTAAMethod, method) { static GroupDef * group_def = NULL; WWW_CONST char * filename; int len; char *buf; if (!acl_file) return NULL; /* ACL doesn't exist */ if (group_def) { GroupDef_delete(group_def); /* From previous call */ group_def = NULL; } if (!(filename = strrchr(pathname, '/'))) filename = pathname; else filename++; /* Skip slash */ len = strlen(filename); if (!(buf = (char*)malloc((strlen(filename)+2)*sizeof(char)))) outofmem(__FILE__, "HTAA_getAuthorizedGroups"); while (EOF != HTAAFile_readField(acl_file, buf, len+1)) { if (HTAA_templateMatch(buf, filename)) { HTList *methods = HTList_new(); HTAAFile_readList(acl_file, methods, MAX_METHODNAME_LEN); #ifndef DISABLE_TRACE if (www2Trace) { fprintf(stderr, "Filename '%s' matched template '%s', allowed methods:", filename, buf); } #endif if (HTAAMethod_inList(method, methods)) { /* right method? */ #ifndef DISABLE_TRACE if (www2Trace) fprintf(stderr, " METHOD OK\n"); #endif HTList_delete(methods); free(buf); group_def = HTAA_parseGroupDef(acl_file); return group_def; } #ifndef DISABLE_TRACE else if (www2Trace) fprintf(stderr, " METHOD NOT FOUND\n"); #endif HTList_delete(methods); } /* if template match */ else { HTAAFile_nextRec(acl_file); #ifndef DISABLE_TRACE if (www2Trace) { fprintf(stderr, "Filename '%s' didn't match template '%s'\n", filename, buf); } #endif } HTAAFile_nextRec(acl_file); } /* while not eof */ free(buf); return NULL; /* No entry for requested file */ /* (or an empty entry). */ }