auth.c

Go to the documentation of this file.
00001 /*
00002  * Copyright (C) 2001-2003 by egnite Software GmbH. All rights reserved.
00003  *
00004  * Redistribution and use in source and binary forms, with or without
00005  * modification, are permitted provided that the following conditions
00006  * are met:
00007  *
00008  * 1. Redistributions of source code must retain the above copyright
00009  *    notice, this list of conditions and the following disclaimer.
00010  * 2. Redistributions in binary form must reproduce the above copyright
00011  *    notice, this list of conditions and the following disclaimer in the
00012  *    documentation and/or other materials provided with the distribution.
00013  * 3. Neither the name of the copyright holders nor the names of
00014  *    contributors may be used to endorse or promote products derived
00015  *    from this software without specific prior written permission.
00016  *
00017  * THIS SOFTWARE IS PROVIDED BY EGNITE SOFTWARE GMBH AND CONTRIBUTORS
00018  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
00019  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
00020  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL EGNITE
00021  * SOFTWARE GMBH OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
00022  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
00023  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
00024  * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
00025  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
00026  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
00027  * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
00028  * SUCH DAMAGE.
00029  *
00030  * For additional information see http://www.ethernut.de/
00031  */
00032 
00033 /*
00034  * $Log: auth.c,v $
00035  * Revision 1.3  2006/10/08 16:43:53  haraldkipp
00036  * Authentication info depended on static memory kept by the caller. Now a
00037  * local copy is held and NutClearAuth (which should have been named
00038  * NutHttpAuthClear, btw.) works correctly.
00039  *
00040  * Revision 1.2  2006/08/25 13:42:16  olereinhardt
00041  * added NutClearAuth(void); Thanks to Peter Sondermanns
00042  *
00043  * Revision 1.1.1.1  2003/05/09 14:41:56  haraldkipp
00044  * Initial using 3.2.1
00045  *
00046  * Revision 1.7  2003/02/04 18:17:31  harald
00047  * Version 3 released
00048  *
00049  * Revision 1.6  2002/06/26 17:29:49  harald
00050  * First pre-release with 2.4 stack
00051  *
00052  */
00053 
00054 #include <string.h>
00055 #include <sys/heap.h>
00056 
00057 #include "dencode.h"
00058 #include <pro/httpd.h>
00059 
00064 
00065 AUTHINFO *authList = 0;
00066 
00070 static AUTHINFO *NutHttpAuthLookup(CONST char *dirname, CONST char *login)
00071 {
00072     AUTHINFO *auth;
00073 
00074     for (auth = authList; auth; auth = auth->auth_next) {
00075         if (dirname && strcmp(dirname, auth->auth_dirname))
00076             continue;
00077         if (login && strcmp(login, auth->auth_login))
00078             continue;
00079         break;
00080     }
00081     return auth;
00082 }
00083 
00099 int NutRegisterAuth(CONST char *dirname, CONST char *login)
00100 {
00101     AUTHINFO *auth;
00102 
00103     /* Allocate a new list element. */
00104     if ((auth = NutHeapAlloc(sizeof(AUTHINFO))) != NULL) {
00105         auth->auth_next = authList;
00106         /* Allocate the path component. */
00107         if ((auth->auth_dirname = NutHeapAlloc(strlen(dirname) + 1)) != NULL) {
00108             strcpy(auth->auth_dirname, dirname);
00109             /* Allocate the login component. */
00110             if ((auth->auth_login = NutHeapAlloc(strlen(login) + 1)) != NULL) {
00111                 strcpy(auth->auth_login, login);
00112                 /* Success. Add element to the list and return. */
00113                 authList = auth;
00114                 return 0;
00115             }
00116             /* Allocation failed. */
00117             NutHeapFree(auth->auth_dirname);
00118         }
00119         NutHeapFree(auth);
00120     }
00121     return -1;
00122 }
00123 
00124 
00131 void NutClearAuth(void)
00132 {
00133     AUTHINFO *auth;
00134 
00135     while (authList) {
00136         auth = authList;
00137         authList = auth->auth_next;
00138         NutHeapFree(auth->auth_dirname);
00139         NutHeapFree(auth->auth_login);
00140         NutHeapFree(auth);
00141     }
00142 }
00143 
00155 int NutHttpAuthValidate(REQUEST * req)
00156 {
00157     char *realm;
00158     char *cp = 0;
00159     int rc = -1;
00160 
00161     /*
00162      * Get directory by chopping off filename.
00163      */
00164     realm = req->req_url;
00165     if ((cp = strrchr(realm, '/')) != 0)
00166         *cp = 0;
00167     else
00168         realm = ".";
00169 
00170     /*
00171      * Check if authorization required.
00172      */
00173     if (NutHttpAuthLookup(realm, 0)) {
00174         /*
00175          * Check authorization.
00176          */
00177         if (req->req_auth) {
00178             /*
00179              * Acceptint basic authorization only.
00180              */
00181             if (strncmp(req->req_auth, "Basic ", 6) == 0) {
00182                 NutDecodeBase64(req->req_auth + 6);
00183                 if (NutHttpAuthLookup(realm, req->req_auth + 6))
00184                     rc = 0;
00185             }
00186         }
00187     } else
00188         rc = 0;
00189 
00190     if (cp)
00191         *cp = '/';
00192 
00193     return rc;
00194 }
00195 

© 2000-2007 by egnite Software GmbH - visit http://www.ethernut.de/