Annotation of libwww/Library/src/HTAAUtil.html, revision 2.24
2.2 timbl 1: <HTML>
2.1 luotonen 2: <HEAD>
2.21 frystyk 3: <TITLE>Utilities for the Authorization</TITLE>
2.24 ! frystyk 4: <!-- Changed by: Henrik Frystyk Nielsen, 19-Nov-1995 -->
2.13 frystyk 5: </HEAD>
2.1 luotonen 6: <BODY>
2.13 frystyk 7:
8: <H1>Common Parts of Authorization Module to Both Server And
9: Browser</H1>
10:
11: <PRE>
12: /*
2.18 frystyk 13: ** (c) COPYRIGHT MIT 1995.
2.13 frystyk 14: ** Please first read the full copyright statement in the file COPYRIGH.
15: */
16: </PRE>
17:
18: This module is the interface to the common parts of Access
19: Authorization (AA) package for both server and browser. Important to
20: know about memory allocation:<P>
21:
22: Routines in this module use dynamic allocation, but free automatically
23: all the memory reserved by them. Therefore the caller never has to
24: (and never should) free() any object returned by these functions.<P>
25:
26: Therefore also all the strings returned by this package are only valid
27: until the next call to the same function is made. This approach is
28: selected, because of the nature of access authorization: no string
29: returned by the package needs to be valid longer than until the next
30: call. This also makes it easy to plug the AA package in: you don't
31: have to ponder whether to free() something here or is it done
32: somewhere else (because it is always done somewhere else).<P>
33:
34: The strings that the package needs to store are copied so the original
35: strings given as parameters to AA functions may be freed or modified
2.2 timbl 36: with no side effects.<P>
2.13 frystyk 37:
38: Also note: The AA package does not free() anything else than what it
39: has itself allocated. <P>
40:
41: This module is implemented by <A HREF="HTAAUtil.c">HTAAUtil.c</A>, and
42: it is a part of the <A
2.22 frystyk 43: HREF="http://www.w3.org/pub/WWW/Library/">
2.20 frystyk 44: W3C Reference Library</A>.
2.13 frystyk 45:
2.1 luotonen 46: <PRE>
47: #ifndef HTAAUTIL_H
48: #define HTAAUTIL_H
49: #include "HTList.h"
2.23 frystyk 50: #include "HTReq.h"
2.15 frystyk 51: </PRE>
2.1 luotonen 52:
2.15 frystyk 53: <H2>Default filenames</H2>
2.1 luotonen 54:
2.15 frystyk 55: <PRE>
56: #ifndef PASSWD_FILE
2.1 luotonen 57: #define PASSWD_FILE "/home2/luotonen/passwd"
58: #endif
59:
60: #ifndef GROUP_FILE
61: #define GROUP_FILE "/home2/luotonen/group"
62: #endif
63:
64: #define ACL_FILE_NAME ".www_acl"
65:
66: /*
67: ** Numeric constants
68: */
69: #define MAX_USERNAME_LEN 16 /* @@ Longest allowed username */
2.5 luotonen 70: #define MAX_PASSWORD_LEN 4*13 /* @@ Longest allowed password */
71: /* (encrypted, so really only 4*8)*/
2.1 luotonen 72: #define MAX_METHODNAME_LEN 12 /* @@ Longest allowed method name */
73: #define MAX_FIELDNAME_LEN 16 /* @@ Longest field name in */
74: /* protection setup file */
75: #define MAX_PATHNAME_LEN 80 /* @@ Longest passwd/group file */
76: /* patname to allow */
2.23 frystyk 77: </PRE>
78:
79: We need to define the following structures as they are used in the
80: HTRequest structure. The AA module is declared in <A
81: HREF="HTAAUtil.html">HTAAUtil</A> and <A HREF="HTAABrow.html">
82: HTAABrow</A>. The enumeration <CODE>HTAAScheme </CODE>represents the
83: possible authentication schemes used by the WWW Access Authorization.
84:
85: <PRE>
86: typedef enum {
87: HTAA_UNKNOWN,
88: HTAA_NONE,
89: HTAA_BASIC,
90: HTAA_PUBKEY,
91: HTAA_KERBEROS_V4,
92: HTAA_KERBEROS_V5,
93: HTAA_MAX_SCHEMES /* THIS MUST ALWAYS BE LAST! */
94: } HTAAScheme;
95:
2.1 luotonen 96:
97: /*
2.6 luotonen 98: ** Access Authorization failure reasons
99: */
100: typedef enum {
101: HTAA_OK, /* 200 OK */
102: HTAA_OK_GATEWAY, /* 200 OK, acting as a gateway */
2.7 luotonen 103: HTAA_OK_REDIRECT, /* 302 OK, redirected */
2.6 luotonen 104: HTAA_NO_AUTH, /* 401 Unauthorized, not authenticated */
105: HTAA_NOT_MEMBER, /* 401 Unauthorized, not authorized */
106: HTAA_IP_MASK, /* 403 Forbidden by IP mask */
2.9 luotonen 107: HTAA_IP_MASK_PROXY, /* 403 Forbidden by IP mask on proxy */
2.6 luotonen 108: HTAA_BY_RULE, /* 403 Forbidden by rule */
109: HTAA_NO_ACL, /* 403 Forbidden, ACL non-existent */
110: HTAA_NO_ENTRY, /* 403 Forbidden, no ACL entry */
111: HTAA_SETUP_ERROR, /* 403 Forbidden, server setup error */
112: HTAA_DOTDOT, /* 403 Forbidden, URL with /../ illegal */
113: HTAA_HTBIN, /* 403 Forbidden, /htbin not enabled */
2.7 luotonen 114: HTAA_INVALID_REDIRECT,
115: /* 403 Forbidden, bad redirection setup */
2.10 luotonen 116: HTAA_INVALID_USER, /* 403 Forbidden, bad user directory */
2.7 luotonen 117: HTAA_NOT_ALLOWED, /* 403 Forbidden, dangerous method must */
118: /* be explicitly allowed */
2.8 luotonen 119: HTAA_NOT_FOUND, /* 404 Not found, or read protected */
120: HTAA_MULTI_FAILED /* 404 No suitable presentation found */
2.6 luotonen 121: } HTAAFailReason;
2.2 timbl 122: </PRE>
2.1 luotonen 123:
124: <H2>Authentication Schemes</H2>
125: <PRE>
126: /* PUBLIC HTAAScheme_enum()
127: ** TRANSLATE SCHEME NAME TO A SCHEME ENUMERATION
128: ** ON ENTRY:
129: ** name is a string representing the scheme name.
130: **
131: ** ON EXIT:
132: ** returns the enumerated constant for that scheme.
133: */
2.24 ! frystyk 134: extern HTAAScheme HTAAScheme_enum (CONST char* name);
2.1 luotonen 135:
136:
137: /* PUBLIC HTAAScheme_name()
138: ** GET THE NAME OF A GIVEN SCHEME
139: ** ON ENTRY:
140: ** scheme is one of the scheme enum values:
141: ** HTAA_NONE, HTAA_BASIC, HTAA_PUBKEY, ...
142: **
143: ** ON EXIT:
144: ** returns the name of the scheme, i.e.
145: ** "none", "basic", "pubkey", ...
146: */
2.24 ! frystyk 147: extern char *HTAAScheme_name (HTAAScheme scheme);
2.19 frystyk 148:
149:
150: /* extern HTAA_templateMatch()
151: ** STRING COMPARISON FUNCTION FOR FILE NAMES
152: ** WITH ONE WILDCARD * IN THE TEMPLATE
153: ** NOTE:
154: ** This is essentially the same code as in HTRules.c, but it
155: ** cannot be used because it is embedded in between other code.
156: ** (In fact, HTRules.c should use this routine, but then this
157: ** routine would have to be more sophisticated... why is life
158: ** sometimes so hard...)
159: **
160: ** ON ENTRY:
161: ** tmplate is a template string to match the file name
162: ** agaist, may contain a single wildcard
163: ** character * which matches zero or more
164: ** arbitrary characters.
165: ** filename is the filename (or pathname) to be matched
166: ** agaist the template.
167: **
168: ** ON EXIT:
169: ** returns YES, if filename matches the template.
170: ** NO, otherwise.
171: */
2.24 ! frystyk 172: extern BOOL HTAA_templateMatch (CONST char * tmplate, CONST char * filename);
2.2 timbl 173:
2.1 luotonen 174:
2.7 luotonen 175: /* PUBLIC HTAA_templateCaseMatch()
2.4 duns 176: ** STRING COMPARISON FUNCTION FOR FILE NAMES
177: ** WITH ONE WILDCARD * IN THE TEMPLATE (Case Insensitive)
178: ** NOTE:
179: ** This is essentially the same code as in HTAA_templateMatch, but
180: ** it compares case insensitive (for VMS). Reason for this routine
181: ** is that HTAA_templateMatch gets called from several places, also
182: ** there where a case sensitive match is needed, so one cannot just
183: ** change the HTAA_templateMatch routine for VMS.
184: **
185: ** ON ENTRY:
186: ** template is a template string to match the file name
187: ** agaist, may contain a single wildcard
188: ** character * which matches zero or more
189: ** arbitrary characters.
190: ** filename is the filename (or pathname) to be matched
191: ** agaist the template.
192: **
193: ** ON EXIT:
194: ** returns YES, if filename matches the template.
195: ** NO, otherwise.
196: */
2.24 ! frystyk 197: extern BOOL HTAA_templateCaseMatch (CONST char * tmpl, CONST char * filename);
2.4 duns 198:
199:
2.1 luotonen 200: /* PUBLIC HTAA_makeProtectionTemplate()
201: ** CREATE A PROTECTION TEMPLATE FOR THE FILES
202: ** IN THE SAME DIRECTORY AS THE GIVEN FILE
203: ** (Used by server if there is no fancier way for
204: ** it to tell the client, and by browser if server
205: ** didn't send WWW-ProtectionTemplate: field)
206: ** ON ENTRY:
207: ** docname is the document pathname (from URL).
208: **
209: ** ON EXIT:
210: ** returns a template matching docname, and other files
211: ** files in that directory.
212: **
213: ** E.g. /foo/bar/x.html => /foo/bar/ *
214: ** ^
215: ** Space only to prevent it from
216: ** being a comment marker here,
217: ** there really isn't any space.
218: */
2.24 ! frystyk 219: extern char *HTAA_makeProtectionTemplate (CONST char * docname);
2.1 luotonen 220: </PRE>
221: <H2>MIME Argument List Parser</H2>
222: <PRE>
223:
224: /* PUBLIC HTAA_parseArgList()
225: ** PARSE AN ARGUMENT LIST GIVEN IN A HEADER FIELD
226: ** ON ENTRY:
227: ** str is a comma-separated list:
228: **
229: ** item, item, item
230: ** where
231: ** item ::= value
232: ** | name=value
233: ** | name="value"
234: **
235: ** Leading and trailing whitespace is ignored
236: ** everywhere except inside quotes, so the following
237: ** examples are equal:
238: **
239: ** name=value,foo=bar
240: ** name="value",foo="bar"
241: ** name = value , foo = bar
242: ** name = "value" , foo = "bar"
243: **
244: ** ON EXIT:
245: ** returns a list of name-value pairs (actually HTAssocList*).
246: ** For items with no name, just value, the name is
247: ** the number of order number of that item. E.g.
248: ** "1" for the first, etc.
249: */
2.24 ! frystyk 250: extern HTList *HTAA_parseArgList (char * str);
2.1 luotonen 251:
252: </PRE>
2.5 luotonen 253:
2.1 luotonen 254: <PRE>
255: #endif /* NOT HTAAUTIL_H */
2.2 timbl 256: </PRE>End of file HTAAUtil.h.</BODY>
257: </HTML>
Webmaster
![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to HTAAUtil.html CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Public] / libwww / Library / src