src/http_auth.h

   1 #ifndef _HTTP_AUTH_H_
   2 #define _HTTP_AUTH_H_
   3 #include "first.h"
   4
   5 #include "base_decls.h"
   6 #include "buffer.h"
   7 #include "array.h"
   8
   9 void http_auth_dumbdata_reset (void);
  10
  11 typedef enum http_auth_digest_type {
  12     HTTP_AUTH_DIGEST_NONE       = 0
  13    ,HTTP_AUTH_DIGEST_SESS       = 0x01
  14    ,HTTP_AUTH_DIGEST_MD5        = 0x02
  15    ,HTTP_AUTH_DIGEST_SHA256     = 0x04
  16    ,HTTP_AUTH_DIGEST_SHA512_256 = 0x08
  17 } http_auth_digest_type;
  18
  19 #define HTTP_AUTH_DIGEST_MD5_BINLEN        16 /* MD5_DIGEST_LENGTH */
  20 #define HTTP_AUTH_DIGEST_SHA256_BINLEN     32 /* SHA256_DIGEST_LENGTH */
  21 #define HTTP_AUTH_DIGEST_SHA512_256_BINLEN 32 /* SHA512_256_DIGEST_LENGTH */
  22
  23 unsigned int http_auth_digest_len (int algo);
  24
  25 struct http_auth_scheme_t;
  26 struct http_auth_require_t;
  27 struct http_auth_backend_t;
  28
  29 typedef struct http_auth_require_t {
  30     const struct http_auth_scheme_t *scheme;
  31     buffer *realm;
  32     int valid_user;
  33     int algorithm;
  34     array *user;
  35     array *group;
  36     array *host;
  37 } http_auth_require_t;
  38
  39 http_auth_require_t * http_auth_require_init (void);
  40 void http_auth_require_free (http_auth_require_t *require);
  41 int http_auth_match_rules (const http_auth_require_t *require, const char *user, const char *group, const char *host);
  42
  43 typedef struct http_auth_info_t {
  44     int dalgo;
  45     unsigned int dlen;
  46     const char *username;
  47     size_t ulen;
  48     const char *realm;
  49     size_t rlen;
  50     /*(must be >= largest binary digest length accepted above)*/
  51     unsigned char digest[32];
  52 } http_auth_info_t;
  53
  54 typedef struct http_auth_backend_t {
  55     const char *name;
  56     handler_t(*basic)(server *srv, connection *con, void *p_d, const http_auth_require_t *require, const buffer *username, const char *pw);
  57     handler_t(*digest)(server *srv, connection *con, void *p_d, http_auth_info_t *ai);
  58     void *p_d;
  59 } http_auth_backend_t;
  60
  61 typedef struct http_auth_scheme_t {
  62     const char *name;
  63     handler_t(*checkfn)(server *srv, connection *con, void *p_d, const struct http_auth_require_t *require, const struct http_auth_backend_t *backend);
  64     /*(backend is arg only because auth.backend is separate config directive)*/
  65     void *p_d;
  66 } http_auth_scheme_t;
  67
  68 const http_auth_scheme_t * http_auth_scheme_get (const buffer *name);
  69 void http_auth_scheme_set (const http_auth_scheme_t *scheme);
  70 const http_auth_backend_t * http_auth_backend_get (const buffer *name);
  71 void http_auth_backend_set (const http_auth_backend_t *backend);
  72
  73 __attribute_pure__
  74 int http_auth_const_time_memeq (const void *a, const void *b, size_t len);
  75
  76 __attribute_pure__
  77 int http_auth_const_time_memeq_pad (const void *a, size_t alen, const void *b, size_t blen);
  78
  79 void http_auth_setenv(connection *con, const char *username, size_t ulen, const char *auth_type, size_t alen);
  80
  81 int http_auth_digest_hex2bin (const char *hexstr, size_t len, unsigned char *bin, size_t binlen);
  82
  83 #endif