src/http_auth.h

   1 #ifndef _HTTP_AUTH_H_
   2 #define _HTTP_AUTH_H_
   3 #include "first.h"
   4
   5 #include "server.h"
   6 #include "plugin.h"
   7
   8 #if defined(HAVE_LDAP_H) && defined(HAVE_LBER_H) && defined(HAVE_LIBLDAP) && defined(HAVE_LIBLBER)
   9 # define USE_LDAP
  10 # include <ldap.h>
  11 #endif
  12
  13 typedef enum {
  14         AUTH_BACKEND_UNSET,
  15         AUTH_BACKEND_PLAIN,
  16         AUTH_BACKEND_LDAP,
  17         AUTH_BACKEND_HTPASSWD,
  18         AUTH_BACKEND_HTDIGEST
  19 } auth_backend_t;
  20
  21 typedef struct {
  22         /* auth */
  23         array  *auth_require;
  24
  25         buffer *auth_plain_groupfile;
  26         buffer *auth_plain_userfile;
  27
  28         buffer *auth_htdigest_userfile;
  29         buffer *auth_htpasswd_userfile;
  30
  31         buffer *auth_backend_conf;
  32
  33         buffer *auth_ldap_hostname;
  34         buffer *auth_ldap_basedn;
  35         buffer *auth_ldap_binddn;
  36         buffer *auth_ldap_bindpw;
  37         buffer *auth_ldap_filter;
  38         buffer *auth_ldap_cafile;
  39         unsigned short auth_ldap_starttls;
  40         unsigned short auth_ldap_allow_empty_pw;
  41
  42         unsigned short auth_debug;
  43
  44         /* generated */
  45         auth_backend_t auth_backend;
  46
  47 #ifdef USE_LDAP
  48         LDAP *ldap;
  49
  50         buffer *ldap_filter_pre;
  51         buffer *ldap_filter_post;
  52 #endif
  53 } mod_auth_plugin_config;
  54
  55 typedef struct {
  56         PLUGIN_DATA;
  57         buffer *tmp_buf;
  58
  59         buffer *auth_user;
  60
  61 #ifdef USE_LDAP
  62         buffer *ldap_filter;
  63 #endif
  64
  65         mod_auth_plugin_config **config_storage;
  66
  67         mod_auth_plugin_config conf, *anon_conf; /* this is only used as long as no handler_ctx is setup */
  68 } mod_auth_plugin_data;
  69
  70 int http_auth_basic_check(server *srv, connection *con, mod_auth_plugin_data *p, array *req, const char *realm_str);
  71 int http_auth_digest_check(server *srv, connection *con, mod_auth_plugin_data *p, array *req, const char *realm_str);
  72 int http_auth_digest_generate_nonce(server *srv, mod_auth_plugin_data *p, buffer *fn, char (*hh)[33]);
  73 int http_auth_match_rules(server *srv, array *req, const char *username, const char *group, const char *host);
  74
  75 #endif