Annotation of libwww/Library/src/HTAABrow.c, revision 2.39
2.15 frystyk 1: /* HTAABrow.c
2.32 frystyk 2: ** BROWSER SIDE ACCESS AUTHORIZATION MODULE
2.15 frystyk 3: **
2.19 frystyk 4: ** (c) COPYRIGHT MIT 1995.
2.15 frystyk 5: ** Please first read the full copyright statement in the file COPYRIGH.
2.39 ! frystyk 6: ** @(#) $Id: HTAABrow.c,v 2.39 1996/07/19 07:41:19 frystyk Exp $
2.1 luotonen 7: **
2.32 frystyk 8: ** Contains code for parsing challenges and creating credentials for
2.36 frystyk 9: ** basic authentication schemes. See also the HTAAUtil module
2.32 frystyk 10: ** for how to handle other authentication schemes. You don't have to use
11: ** this code at all.
2.1 luotonen 12: **
13: ** AUTHORS:
14: ** AL Ari Luotonen luotonen@dxcern.cern.ch
2.32 frystyk 15: ** HFN Henrik Frystyk
2.1 luotonen 16: **
17: ** HISTORY:
2.5 luotonen 18: ** Oct 17 AL Made corrections suggested by marca:
19: ** Added if (!realm->username) return NULL;
20: ** Changed some ""s to NULLs.
2.33 frystyk 21: ** Now doing HT_CALLOC() to init uuencode source;
2.5 luotonen 22: ** otherwise HTUU_encode() reads uninitialized memory
23: ** every now and then (not a real bug but not pretty).
24: ** Corrected the formula for uuencode destination size.
2.32 frystyk 25: ** Feb 96 HFN Rewritten to make it scheme independent and based on
26: ** callback functions and an info structure
2.1 luotonen 27: */
28:
2.17 frystyk 29: /* Library include files */
2.27 frystyk 30: #include "WWWLib.h"
31: #include "HTAAUtil.h"
32: #include "HTAABrow.h" /* Implemented here */
2.1 luotonen 33:
2.36 frystyk 34: #define BASIC_AUTH "basic"
35:
2.32 frystyk 36: typedef struct _HTBasic { /* Basic challenge and credentials */
37: char * uid;
38: char * pw;
2.38 frystyk 39: BOOL retry; /* Should we ask the user again? */
2.32 frystyk 40: } HTBasic;
41:
2.36 frystyk 42: /* ------------------------------------------------------------------------- */
43:
44: PRIVATE HTBasic * HTBasic_new()
45: {
46: HTBasic * me = NULL;
47: if ((me = (HTBasic *) HT_CALLOC(1, sizeof(HTBasic))) == NULL)
48: HT_OUTOFMEM("HTBasic_new");
2.38 frystyk 49: me->retry = YES; /* Ask the first time through */
2.36 frystyk 50: return me;
51: }
2.7 luotonen 52:
2.36 frystyk 53: /* HTBasic_delete
54: ** --------------
55: ** Deletes a "basic" information object
56: */
57: PUBLIC int HTBasic_delete (void * context)
58: {
59: HTBasic * basic = (HTBasic *) context;
60: if (basic) {
61: HT_FREE(basic->uid);
62: HT_FREE(basic->pw);
63: HT_FREE(basic);
64: return YES;
65: }
66: return NO;
67: }
2.1 luotonen 68:
2.32 frystyk 69: /*
70: ** Create a protection template for the files
71: ** in the same directory as the given file
72: ** Returns a template matching docname, and other files in that directory.
73: **
74: ** E.g. /foo/bar/x.html => /foo/bar/ *
75: ** ^
76: ** Space only to prevent it from
77: ** being a comment marker here,
78: ** there really isn't any space.
2.1 luotonen 79: */
2.33 frystyk 80: PRIVATE char * make_template (const char * docname)
2.1 luotonen 81: {
2.39 ! frystyk 82: char * tmplate = NULL;
2.32 frystyk 83: if (docname) {
2.39 ! frystyk 84: char * host = HTParse(docname, "", PARSE_ACCESS|PARSE_HOST|PARSE_PUNCTUATION);
! 85: char * path = HTParse(docname, "", PARSE_PATH|PARSE_PUNCTUATION);
! 86: char * slash = strrchr(path, '/');
! 87: if (slash) {
! 88: if (*(slash+1)) {
! 89: strcpy(slash, "*");
! 90: StrAllocCat(host, path);
! 91: } else
! 92: StrAllocCat(host, "*");
! 93: }
! 94: HT_FREE(path);
! 95: tmplate = host;
! 96: } else
! 97: StrAllocCopy(tmplate, "*");
2.32 frystyk 98: if (AUTH_TRACE)
99: HTTrace("Template.... Made template `%s' for file `%s'\n",
2.39 ! frystyk 100: tmplate, docname ? docname : "<null>");
2.32 frystyk 101: return tmplate;
2.1 luotonen 102: }
103:
2.32 frystyk 104: /*
105: ** Make basic authentication scheme credentials and register this
106: ** information in the request object as credentials. They will then
107: ** be included in the request header. An example is
108: **
109: ** "Basic AkRDIhEF8sdEgs72F73bfaS=="
110: **
2.36 frystyk 111: ** Returns HT_OK or HT_ERROR
2.32 frystyk 112: */
2.36 frystyk 113: PRIVATE BOOL basic_credentials (HTRequest * request, HTBasic * basic)
2.32 frystyk 114: {
115: if (request && basic) {
116: char * cleartext = NULL;
117: char * cipher = NULL;
118: int cl_len = strlen(basic->uid ? basic->uid : "") +
2.38 frystyk 119: strlen(basic->pw ? basic->pw : "") + 2;
2.37 frystyk 120: int ci_len = 4 * (((cl_len+2)/3) + 1);
121: if ((cleartext = (char *) HT_CALLOC(1, cl_len)) == NULL)
2.32 frystyk 122: HT_OUTOFMEM("basic_credentials");
123: *cleartext = '\0';
124: if (basic->uid) strcpy(cleartext, basic->uid);
125: strcat(cleartext, ":");
126: if (basic->pw) strcat(cleartext, basic->pw);
2.37 frystyk 127: if ((cipher = (char *) HT_CALLOC(1, ci_len + 3)) == NULL)
2.32 frystyk 128: HT_OUTOFMEM("basic_credentials");
2.37 frystyk 129: HTUU_encode((unsigned char *) cleartext, strlen(cleartext), cipher);
2.1 luotonen 130:
2.32 frystyk 131: /* Create the credentials and assign them to the request object */
132: {
2.37 frystyk 133: int cr_len = strlen("basic") + ci_len + 3;
2.32 frystyk 134: char * cookie = (char *) HT_MALLOC(cr_len+1);
135: if (!cookie) HT_OUTOFMEM("basic_credentials");
136: strcpy(cookie, "Basic ");
137: strcat(cookie, cipher);
2.37 frystyk 138: if (AUTH_TRACE) HTTrace("Basic Cookie `%s\'\n", cookie);
2.36 frystyk 139: HTRequest_addCredentials(request, "Authorization", cookie);
2.32 frystyk 140: HT_FREE(cookie);
2.1 luotonen 141: }
2.32 frystyk 142: HT_FREE(cleartext);
143: HT_FREE(cipher);
2.36 frystyk 144: return HT_OK;
2.32 frystyk 145: }
2.36 frystyk 146: return HT_ERROR;
2.1 luotonen 147: }
148:
2.32 frystyk 149: /*
150: ** Prompt the user for username and password.
151: ** Returns YES if user name was typed in, else NO
2.1 luotonen 152: */
2.36 frystyk 153: PRIVATE int prompt_user (HTRequest * request, const char * realm,
154: HTBasic * basic)
2.1 luotonen 155: {
2.32 frystyk 156: HTAlertCallback * cbf = HTAlert_find(HT_A_USER_PW);
157: if (request && cbf) {
158: HTAlertPar * reply = HTAlert_newReply();
2.36 frystyk 159: BOOL res = (*cbf)(request, HT_A_USER_PW,HT_MSG_NULL,
160: basic->uid, (char *) realm, reply);
2.32 frystyk 161: if (res) {
2.36 frystyk 162: HT_FREE(basic->uid);
163: HT_FREE(basic->pw);
164: basic->uid = HTAlert_replyMessage(reply);
165: basic->pw = HTAlert_replySecret(reply);
2.32 frystyk 166: }
167: HTAlert_deleteReply(reply);
2.36 frystyk 168: return res ? HT_OK : HT_ERROR;
2.1 luotonen 169: }
2.36 frystyk 170: return HT_OK;
2.1 luotonen 171: }
172:
2.32 frystyk 173: /* HTBasic_generate
174: ** ----------------
175: ** This function generates "basic" credentials for the challenge found in
176: ** the authentication information base for this request. The result is
177: ** stored as an association list in the request object.
178: ** This is a callback function for the AA handler.
179: */
2.36 frystyk 180: PUBLIC int HTBasic_generate (HTRequest * request, void * context, int status)
2.32 frystyk 181: {
2.36 frystyk 182: HTBasic * basic = (HTBasic *) context;
183: if (request) {
184: const char * realm = HTRequest_realm(request);
185:
186: /* If we don't have a basic context then add a new one to the tree */
187: if (!basic) {
2.39 ! frystyk 188: char *url = HTAnchor_address((HTAnchor*)HTRequest_anchor(request));
2.36 frystyk 189: basic = HTBasic_new();
2.38 frystyk 190: HTAA_updateNode(BASIC_AUTH, realm, url, basic);
2.39 ! frystyk 191: HT_FREE(url);
2.36 frystyk 192: }
193:
2.32 frystyk 194: /*
2.36 frystyk 195: ** If we have a set of credentials (or the user provides a new set)
196: ** then store it in the request object as the credentials
2.32 frystyk 197: */
2.39 ! frystyk 198: if ((basic->retry && prompt_user(request, realm, basic) == HT_OK) ||
! 199: (!basic->retry && basic->uid)) {
2.38 frystyk 200: basic->retry = NO;
2.36 frystyk 201: return basic_credentials(request, basic);
2.38 frystyk 202: } else
2.37 frystyk 203: return HT_ERROR;
2.1 luotonen 204: }
2.36 frystyk 205: return HT_OK;
2.1 luotonen 206: }
207:
2.32 frystyk 208: /* HTBasic_parse
209: ** -------------
210: ** This function parses the contents of a "basic" challenge
211: ** and stores the challenge in our authentication information datebase.
212: ** We also store the realm in the request object which will help finding
213: ** the right set of credentials to generate.
214: ** The function is a callback function for the AA handler.
215: */
2.36 frystyk 216: PUBLIC int HTBasic_parse (HTRequest * request, void * context, int status)
2.32 frystyk 217: {
2.36 frystyk 218: HTAssocList * challenge = HTRequest_challenge(request);
2.38 frystyk 219: HTBasic * basic = NULL;
2.36 frystyk 220: if (request && challenge) {
221: char * p = HTAssocList_findObject(challenge, BASIC_AUTH);
222: char * realm = HTNextField(&p);
223: char * rm = HTNextField(&p);
2.38 frystyk 224:
2.32 frystyk 225: /*
2.36 frystyk 226: ** If valid challenge then make a template for the resource and
227: ** store this information in our authentication URL Tree
2.32 frystyk 228: */
2.36 frystyk 229: if (realm && !strcasecomp(realm, "realm") && rm) {
2.39 ! frystyk 230: char *url=HTAnchor_address((HTAnchor *) HTRequest_anchor(request));
2.36 frystyk 231: char * tmplate = make_template(url);
232: if (AUTH_TRACE) HTTrace("Basic Parse. Realm `%s\' found\n", rm);
2.38 frystyk 233: basic = (HTBasic *) HTAA_updateNode(BASIC_AUTH, rm, tmplate, NULL);
2.36 frystyk 234: HTRequest_setRealm(request, rm);
2.39 ! frystyk 235: HT_FREE(url);
2.36 frystyk 236: HT_FREE(tmplate);
2.1 luotonen 237: }
2.38 frystyk 238:
239: /*
240: ** For some reason the authentication failed so we have to ask the user
241: ** if we should try again. It may be because the user typed the wrong
242: ** user name and password
243: */
244: if (basic) {
245: HTAlertCallback * prompt = HTAlert_find(HT_A_CONFIRM);
246: if (prompt) {
247: if ((*prompt)(request,HT_A_CONFIRM,HT_MSG_RETRY_AUTHENTICATION,
248: NULL, NULL, NULL) != YES)
249: return HT_ERROR;
250: basic->retry = YES;
251: }
252: }
2.36 frystyk 253: return HT_OK;
2.1 luotonen 254: }
2.36 frystyk 255: if (AUTH_TRACE) HTTrace("Auth........ No challenges found\n");
2.38 frystyk 256: return HT_ERROR;
2.7 luotonen 257: }
Webmaster