/*
|
/*
|
* security.c -- Security handler
|
* security.c -- Security handler
|
*
|
*
|
* Copyright (c) Go Ahead Software Inc., 1995-1999. All Rights Reserved.
|
* Copyright (c) Go Ahead Software Inc., 1995-1999. All Rights Reserved.
|
*
|
*
|
* See the file "license.txt" for usage and redistribution license requirements
|
* See the file "license.txt" for usage and redistribution license requirements
|
*/
|
*/
|
|
|
/******************************** Description *********************************/
|
/******************************** Description *********************************/
|
|
|
/*
|
/*
|
* This module provides a basic security policy. It supports a single global
|
* This module provides a basic security policy. It supports a single global
|
* password and ignores the username. Encoding/decoding of the password is
|
* password and ignores the username. Encoding/decoding of the password is
|
* -not- done.
|
* -not- done.
|
*/
|
*/
|
|
|
/********************************* Includes ***********************************/
|
/********************************* Includes ***********************************/
|
|
|
#include "wsIntrn.h"
|
#include "wsIntrn.h"
|
|
|
/******************************** Local Data **********************************/
|
/******************************** Local Data **********************************/
|
|
|
static char_t websPassword[WEBS_MAX_PASS]; /* Access password (decoded) */
|
static char_t websPassword[WEBS_MAX_PASS]; /* Access password (decoded) */
|
|
|
/*********************************** Code *************************************/
|
/*********************************** Code *************************************/
|
/*
|
/*
|
* Determine if this request should be honored
|
* Determine if this request should be honored
|
*/
|
*/
|
|
|
int websSecurityHandler(webs_t wp, char_t *urlPrefix, char_t *webDir, int arg,
|
int websSecurityHandler(webs_t wp, char_t *urlPrefix, char_t *webDir, int arg,
|
char_t *url, char_t *path, char_t *query)
|
char_t *url, char_t *path, char_t *query)
|
{
|
{
|
char_t *type, *password;
|
char_t *type, *password;
|
int flags;
|
int flags;
|
|
|
a_assert(websValid(wp));
|
a_assert(websValid(wp));
|
a_assert(url && *url);
|
a_assert(url && *url);
|
a_assert(path && *path);
|
a_assert(path && *path);
|
|
|
/*
|
/*
|
* Get the critical request details
|
* Get the critical request details
|
*/
|
*/
|
type = websGetRequestType(wp);
|
type = websGetRequestType(wp);
|
password = websGetRequestPassword(wp);
|
password = websGetRequestPassword(wp);
|
flags = websGetRequestFlags(wp);
|
flags = websGetRequestFlags(wp);
|
|
|
/*
|
/*
|
* Validate the users password if required (local access is always allowed)
|
* Validate the users password if required (local access is always allowed)
|
* We compare the decoded form of the password.
|
* We compare the decoded form of the password.
|
*/
|
*/
|
if (*websPassword && !(flags & WEBS_LOCAL_REQUEST)) {
|
if (*websPassword && !(flags & WEBS_LOCAL_REQUEST)) {
|
|
|
if (password && *password) {
|
if (password && *password) {
|
if (gstrcmp(password, websPassword) != 0) {
|
if (gstrcmp(password, websPassword) != 0) {
|
websStats.access++;
|
websStats.access++;
|
websError(wp, 200, T("Access Denied\nWrong Password"));
|
websError(wp, 200, T("Access Denied\nWrong Password"));
|
websSetPassword(T(""));
|
websSetPassword(T(""));
|
return 1;
|
return 1;
|
}
|
}
|
} else {
|
} else {
|
/*
|
/*
|
* This will cause the browser to display a password / username
|
* This will cause the browser to display a password / username
|
* dialog
|
* dialog
|
*/
|
*/
|
websStats.errors++;
|
websStats.errors++;
|
websError(wp, 401, T("<html><head>Access Denied</head><body>\r\n\
|
websError(wp, 401, T("<html><head>Access Denied</head><body>\r\n\
|
Access to this document requires a password.</body>\
|
Access to this document requires a password.</body>\
|
</html>\r\n"));
|
</html>\r\n"));
|
return 1;
|
return 1;
|
}
|
}
|
}
|
}
|
return 0;
|
return 0;
|
}
|
}
|
|
|
/******************************************************************************/
|
/******************************************************************************/
|
/*
|
/*
|
* Delete the default security handler
|
* Delete the default security handler
|
*/
|
*/
|
|
|
void websSecurityDelete()
|
void websSecurityDelete()
|
{
|
{
|
websUrlHandlerDelete(websSecurityHandler);
|
websUrlHandlerDelete(websSecurityHandler);
|
}
|
}
|
|
|
/******************************************************************************/
|
/******************************************************************************/
|
/*
|
/*
|
* Store the new password, expect a decoded password. Store in websPassword in
|
* Store the new password, expect a decoded password. Store in websPassword in
|
* the decoded form.
|
* the decoded form.
|
*/
|
*/
|
|
|
void websSetPassword(char_t *password)
|
void websSetPassword(char_t *password)
|
{
|
{
|
a_assert(password);
|
a_assert(password);
|
|
|
gstrncpy(websPassword, password, TSZ(websPassword));
|
gstrncpy(websPassword, password, TSZ(websPassword));
|
}
|
}
|
|
|
/******************************************************************************/
|
/******************************************************************************/
|
/*
|
/*
|
* Get password, return the decoded form
|
* Get password, return the decoded form
|
*/
|
*/
|
|
|
char_t *websGetPassword()
|
char_t *websGetPassword()
|
{
|
{
|
return websPassword;
|
return websPassword;
|
}
|
}
|
|
|
/******************************************************************************/
|
/******************************************************************************/
|
|
|
|
|