2006-05-14 21:06:28 +00:00
|
|
|
/*
|
|
|
|
* URI-based user authentication using the HTTP basic method.
|
|
|
|
*
|
2007-07-25 05:26:38 +00:00
|
|
|
* Copyright 2006-2007 Willy Tarreau <w@1wt.eu>
|
2006-05-14 21:06:28 +00:00
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version
|
|
|
|
* 2 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
2006-06-26 00:48:02 +00:00
|
|
|
|
2006-06-29 15:53:05 +00:00
|
|
|
#include <common/base64.h>
|
2006-06-29 16:54:54 +00:00
|
|
|
#include <common/config.h>
|
2006-06-29 15:53:05 +00:00
|
|
|
#include <common/uri_auth.h>
|
2006-05-14 21:06:28 +00:00
|
|
|
|
2019-10-09 08:19:16 +00:00
|
|
|
#include <types/stats.h>
|
2010-01-29 18:29:32 +00:00
|
|
|
#include <proto/log.h>
|
2006-05-14 21:06:28 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Initializes a basic uri_auth structure header and returns a pointer to it.
|
|
|
|
* Uses the pointer provided if not NULL and not initialized.
|
|
|
|
*/
|
|
|
|
struct uri_auth *stats_check_init_uri_auth(struct uri_auth **root)
|
|
|
|
{
|
|
|
|
struct uri_auth *u;
|
|
|
|
|
|
|
|
if (!root || !*root) {
|
2016-04-03 11:48:42 +00:00
|
|
|
if ((u = calloc(1, sizeof (*u))) == NULL)
|
2006-05-14 21:06:28 +00:00
|
|
|
goto out_u;
|
2010-01-29 18:29:32 +00:00
|
|
|
|
2011-01-06 16:51:27 +00:00
|
|
|
LIST_INIT(&u->http_req_rules);
|
2010-10-11 22:14:36 +00:00
|
|
|
LIST_INIT(&u->admin_rules);
|
2006-05-14 21:06:28 +00:00
|
|
|
} else
|
|
|
|
u = *root;
|
|
|
|
|
|
|
|
if (!u->uri_prefix) {
|
|
|
|
u->uri_len = strlen(STATS_DEFAULT_URI);
|
|
|
|
if ((u->uri_prefix = strdup(STATS_DEFAULT_URI)) == NULL)
|
|
|
|
goto out_uri;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (root && !*root)
|
|
|
|
*root = u;
|
|
|
|
|
|
|
|
return u;
|
|
|
|
|
|
|
|
out_uri:
|
|
|
|
if (!root || !*root)
|
|
|
|
free(u);
|
|
|
|
out_u:
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Returns a default uri_auth with <uri> set as the uri_prefix.
|
|
|
|
* Uses the pointer provided if not NULL and not initialized.
|
|
|
|
*/
|
|
|
|
struct uri_auth *stats_set_uri(struct uri_auth **root, char *uri)
|
|
|
|
{
|
|
|
|
struct uri_auth *u;
|
|
|
|
char *uri_copy;
|
|
|
|
int uri_len;
|
|
|
|
|
|
|
|
uri_len = strlen(uri);
|
|
|
|
if ((uri_copy = strdup(uri)) == NULL)
|
|
|
|
goto out_uri;
|
|
|
|
|
|
|
|
if ((u = stats_check_init_uri_auth(root)) == NULL)
|
|
|
|
goto out_u;
|
|
|
|
|
2008-08-03 10:19:50 +00:00
|
|
|
free(u->uri_prefix);
|
2006-05-14 21:06:28 +00:00
|
|
|
u->uri_prefix = uri_copy;
|
2008-08-03 10:19:50 +00:00
|
|
|
u->uri_len = uri_len;
|
2006-05-14 21:06:28 +00:00
|
|
|
return u;
|
|
|
|
|
|
|
|
out_u:
|
|
|
|
free(uri_copy);
|
|
|
|
out_uri:
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Returns a default uri_auth with <realm> set as the realm.
|
|
|
|
* Uses the pointer provided if not NULL and not initialized.
|
|
|
|
*/
|
|
|
|
struct uri_auth *stats_set_realm(struct uri_auth **root, char *realm)
|
|
|
|
{
|
|
|
|
struct uri_auth *u;
|
|
|
|
char *realm_copy;
|
|
|
|
|
|
|
|
if ((realm_copy = strdup(realm)) == NULL)
|
|
|
|
goto out_realm;
|
|
|
|
|
|
|
|
if ((u = stats_check_init_uri_auth(root)) == NULL)
|
|
|
|
goto out_u;
|
|
|
|
|
2008-08-03 10:19:50 +00:00
|
|
|
free(u->auth_realm);
|
2006-05-14 21:06:28 +00:00
|
|
|
u->auth_realm = realm_copy;
|
|
|
|
return u;
|
|
|
|
|
|
|
|
out_u:
|
|
|
|
free(realm_copy);
|
|
|
|
out_realm:
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2009-08-16 08:29:18 +00:00
|
|
|
/*
|
2019-10-09 08:19:16 +00:00
|
|
|
* Returns a default uri_auth with STAT_SHNODE flag enabled and
|
2009-10-02 20:51:14 +00:00
|
|
|
* <node> set as the name if it is not empty.
|
2009-08-16 08:29:18 +00:00
|
|
|
* Uses the pointer provided if not NULL and not initialized.
|
|
|
|
*/
|
2009-10-02 20:51:14 +00:00
|
|
|
struct uri_auth *stats_set_node(struct uri_auth **root, char *name)
|
2009-08-16 08:29:18 +00:00
|
|
|
{
|
|
|
|
struct uri_auth *u;
|
2009-10-02 20:51:14 +00:00
|
|
|
char *node_copy = NULL;
|
2009-08-16 08:29:18 +00:00
|
|
|
|
2009-10-02 20:51:14 +00:00
|
|
|
if (name && *name) {
|
|
|
|
node_copy = strdup(name);
|
|
|
|
if (node_copy == NULL)
|
|
|
|
goto out_realm;
|
|
|
|
}
|
2009-08-16 08:29:18 +00:00
|
|
|
|
|
|
|
if ((u = stats_check_init_uri_auth(root)) == NULL)
|
|
|
|
goto out_u;
|
2009-10-02 20:51:14 +00:00
|
|
|
|
2019-10-09 08:19:16 +00:00
|
|
|
if (!stats_set_flag(root, STAT_SHNODE))
|
2009-10-02 20:51:14 +00:00
|
|
|
goto out_u;
|
|
|
|
|
|
|
|
if (node_copy) {
|
|
|
|
free(u->node);
|
|
|
|
u->node = node_copy;
|
|
|
|
}
|
|
|
|
|
|
|
|
return u;
|
|
|
|
|
|
|
|
out_u:
|
|
|
|
free(node_copy);
|
|
|
|
out_realm:
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2019-10-09 08:19:16 +00:00
|
|
|
* Returns a default uri_auth with STAT_SHDESC flag enabled and
|
2009-10-02 20:51:14 +00:00
|
|
|
* <description> set as the desc if it is not empty.
|
|
|
|
* Uses the pointer provided if not NULL and not initialized.
|
|
|
|
*/
|
|
|
|
struct uri_auth *stats_set_desc(struct uri_auth **root, char *desc)
|
|
|
|
{
|
|
|
|
struct uri_auth *u;
|
|
|
|
char *desc_copy = NULL;
|
|
|
|
|
|
|
|
if (desc && *desc) {
|
|
|
|
desc_copy = strdup(desc);
|
|
|
|
if (desc_copy == NULL)
|
|
|
|
goto out_realm;
|
|
|
|
}
|
2009-08-16 08:29:18 +00:00
|
|
|
|
2009-10-02 20:51:14 +00:00
|
|
|
if ((u = stats_check_init_uri_auth(root)) == NULL)
|
|
|
|
goto out_u;
|
|
|
|
|
2019-10-09 08:19:16 +00:00
|
|
|
if (!stats_set_flag(root, STAT_SHDESC))
|
2009-10-02 20:51:14 +00:00
|
|
|
goto out_u;
|
|
|
|
|
|
|
|
if (desc_copy) {
|
|
|
|
free(u->desc);
|
|
|
|
u->desc = desc_copy;
|
|
|
|
}
|
|
|
|
|
2009-08-16 08:29:18 +00:00
|
|
|
return u;
|
|
|
|
|
|
|
|
out_u:
|
2009-10-02 20:51:14 +00:00
|
|
|
free(desc_copy);
|
2009-08-16 08:29:18 +00:00
|
|
|
out_realm:
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2007-07-25 05:26:38 +00:00
|
|
|
/*
|
|
|
|
* Returns a default uri_auth with the <refresh> refresh interval.
|
|
|
|
* Uses the pointer provided if not NULL and not initialized.
|
|
|
|
*/
|
|
|
|
struct uri_auth *stats_set_refresh(struct uri_auth **root, int interval)
|
|
|
|
{
|
|
|
|
struct uri_auth *u;
|
|
|
|
|
|
|
|
if ((u = stats_check_init_uri_auth(root)) != NULL)
|
|
|
|
u->refresh = interval;
|
|
|
|
return u;
|
|
|
|
}
|
|
|
|
|
2007-10-15 08:05:11 +00:00
|
|
|
/*
|
|
|
|
* Returns a default uri_auth with the <flag> set.
|
|
|
|
* Uses the pointer provided if not NULL and not initialized.
|
|
|
|
*/
|
|
|
|
struct uri_auth *stats_set_flag(struct uri_auth **root, int flag)
|
|
|
|
{
|
|
|
|
struct uri_auth *u;
|
|
|
|
|
|
|
|
if ((u = stats_check_init_uri_auth(root)) != NULL)
|
|
|
|
u->flags |= flag;
|
|
|
|
return u;
|
|
|
|
}
|
|
|
|
|
2006-05-14 21:06:28 +00:00
|
|
|
/*
|
|
|
|
* Returns a default uri_auth with a <user:passwd> entry added to the list of
|
|
|
|
* authorized users. If a matching entry is found, no update will be performed.
|
|
|
|
* Uses the pointer provided if not NULL and not initialized.
|
|
|
|
*/
|
2010-01-29 18:29:32 +00:00
|
|
|
struct uri_auth *stats_add_auth(struct uri_auth **root, char *user)
|
2006-05-14 21:06:28 +00:00
|
|
|
{
|
|
|
|
struct uri_auth *u;
|
2010-01-29 18:29:32 +00:00
|
|
|
struct auth_users *newuser;
|
|
|
|
char *pass;
|
2006-05-14 21:06:28 +00:00
|
|
|
|
2010-01-29 18:29:32 +00:00
|
|
|
pass = strchr(user, ':');
|
|
|
|
if (pass)
|
|
|
|
*pass++ = '\0';
|
|
|
|
else
|
|
|
|
pass = "";
|
2006-05-14 21:06:28 +00:00
|
|
|
|
2010-01-29 18:29:32 +00:00
|
|
|
if ((u = stats_check_init_uri_auth(root)) == NULL)
|
|
|
|
return NULL;
|
2006-05-14 21:06:28 +00:00
|
|
|
|
2010-01-29 18:29:32 +00:00
|
|
|
if (!u->userlist)
|
2016-04-03 11:48:42 +00:00
|
|
|
u->userlist = calloc(1, sizeof(struct userlist));
|
2006-05-14 21:06:28 +00:00
|
|
|
|
2010-01-29 18:29:32 +00:00
|
|
|
if (!u->userlist)
|
|
|
|
return NULL;
|
2006-05-14 21:06:28 +00:00
|
|
|
|
2010-01-29 18:29:32 +00:00
|
|
|
if (!u->userlist->name)
|
|
|
|
u->userlist->name = strdup(".internal-stats-userlist");
|
2006-05-14 21:06:28 +00:00
|
|
|
|
2010-01-29 18:29:32 +00:00
|
|
|
if (!u->userlist->name)
|
|
|
|
return NULL;
|
2006-05-14 21:06:28 +00:00
|
|
|
|
2010-01-29 18:29:32 +00:00
|
|
|
for (newuser = u->userlist->users; newuser; newuser = newuser->next)
|
|
|
|
if (!strcmp(newuser->user, user)) {
|
2017-11-24 15:50:31 +00:00
|
|
|
ha_warning("uri auth: ignoring duplicated user '%s'.\n",
|
|
|
|
user);
|
2010-01-29 18:29:32 +00:00
|
|
|
return u;
|
|
|
|
}
|
|
|
|
|
2016-04-03 11:48:43 +00:00
|
|
|
newuser = calloc(1, sizeof(*newuser));
|
2010-01-29 18:29:32 +00:00
|
|
|
if (!newuser)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
newuser->user = strdup(user);
|
2013-01-24 01:26:43 +00:00
|
|
|
if (!newuser->user) {
|
|
|
|
free(newuser);
|
|
|
|
return NULL;
|
|
|
|
}
|
2010-01-29 18:29:32 +00:00
|
|
|
|
2013-01-24 01:26:43 +00:00
|
|
|
newuser->pass = strdup(pass);
|
|
|
|
if (!newuser->pass) {
|
|
|
|
free(newuser->user);
|
|
|
|
free(newuser);
|
2010-01-29 18:29:32 +00:00
|
|
|
return NULL;
|
2013-01-24 01:26:43 +00:00
|
|
|
}
|
2010-01-29 18:29:32 +00:00
|
|
|
|
2013-01-24 01:26:43 +00:00
|
|
|
newuser->flags |= AU_O_INSECURE;
|
2010-01-29 18:29:32 +00:00
|
|
|
newuser->next = u->userlist->users;
|
|
|
|
u->userlist->users = newuser;
|
|
|
|
|
|
|
|
return u;
|
2006-05-14 21:06:28 +00:00
|
|
|
}
|
|
|
|
|
2006-05-21 12:46:15 +00:00
|
|
|
/*
|
|
|
|
* Returns a default uri_auth with a <scope> entry added to the list of
|
|
|
|
* allowed scopes. If a matching entry is found, no update will be performed.
|
|
|
|
* Uses the pointer provided if not NULL and not initialized.
|
|
|
|
*/
|
|
|
|
struct uri_auth *stats_add_scope(struct uri_auth **root, char *scope)
|
|
|
|
{
|
|
|
|
struct uri_auth *u;
|
|
|
|
char *new_name;
|
|
|
|
struct stat_scope *old_scope, **scope_list;
|
|
|
|
|
|
|
|
if ((u = stats_check_init_uri_auth(root)) == NULL)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
scope_list = &u->scope;
|
|
|
|
while ((old_scope = *scope_list)) {
|
|
|
|
if (!strcmp(old_scope->px_id, scope))
|
|
|
|
break;
|
|
|
|
scope_list = &old_scope->next;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!old_scope) {
|
|
|
|
if ((new_name = strdup(scope)) == NULL)
|
|
|
|
goto out_u;
|
|
|
|
|
2016-04-03 11:48:42 +00:00
|
|
|
if ((old_scope = calloc(1, sizeof(*old_scope))) == NULL)
|
2006-05-21 12:46:15 +00:00
|
|
|
goto out_name;
|
|
|
|
|
|
|
|
old_scope->px_id = new_name;
|
|
|
|
old_scope->px_len = strlen(new_name);
|
|
|
|
*scope_list = old_scope;
|
|
|
|
}
|
|
|
|
return u;
|
|
|
|
|
|
|
|
out_name:
|
|
|
|
free(new_name);
|
|
|
|
out_u:
|
|
|
|
free(u);
|
|
|
|
out:
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2007-07-25 05:26:38 +00:00
|
|
|
/*
|
|
|
|
* Local variables:
|
|
|
|
* c-indent-level: 8
|
|
|
|
* c-basic-offset: 8
|
|
|
|
* End:
|
|
|
|
*/
|