htaautil.c

www工具包

/*
**	COMMON PARTS OF ACCESS AUTHORIZATION MODULE
**	FOR BOTH SERVER AND BROWSER
**
**	(c) COPYRIGHT MIT 1995.
**	Please first read the full copyright statement in the file COPYRIGH.
**	@(#) $Id: HTAAUtil.c,v 2.35 1999/02/22 22:10:10 frystyk Exp $
**
**	The authentication information is stored in a list of authentication
**	data bases, each uniquely identified by a hostname and a port number.
**	Each data base contains a set of templates which can be used to predict
**	what information to use in a hierarchical tree. All authentication
**	dependent information is stored as opaque data in a anode. Normally
**	a server application would only keep one auth base but if it wants
**	different protection setup as a function of different interfaces then
**	it can have one auth base representing each interface. For example a
**	server with interfaces "www.foo.com" and "internal.foo.com" can have
**	different protection setups for each interface.
**
** AUTHORS:
**	AL	Ari Luotonen	luotonen@dxcern.cern.ch
**	MD 	Mark Donszelmann    duns@vxdeop.cern.ch
**	HFN	Henrik Frystyk
**      JK      Jose Kahan 	jose@w3.org
**      
** HISTORY:
**	 8 Nov 93  MD	(VMS only) Added case insensitive comparison
**			in HTAA_templateCaseMatch
**      26 Jan 98  JK   Augmented the HTAA module interface with a function
**                      for processing the auth-info headers (update)
*/

/* Library include files */
#include "wwwsys.h"
#include "WWWUtil.h"
#include "WWWCore.h"
#include "HTAAUtil.h"					 /* Implemented here */

#define AA_TREE			"w3c-AA"	      /* Name of the AA tree */
#define AA_PROXY_TREE		"w3c-proxy-AA"  /* Name of the proxy AA tree */
#define DEFAULT_PORT            80                    /* Concentrate on HTTP */

struct _HTAAModule {
    char *		scheme;
    HTNetBefore *	before;
    HTNetAfter *	after;
    HTNetAfter *	update;
    HTUTree_gc *	gc;
};

typedef struct _HTAAElement {
    char *		scheme;
    void * 		context;
} HTAAElement;

PRIVATE HTList * HTSchemes;	/* List of registered authentication schemes */

/* ------------------------------------------------------------------------- */
/*			 AUTHENTICATION MODULE MANAGEMENT		     */
/* ------------------------------------------------------------------------- */

PRIVATE BOOL delete_module (HTAAModule * module)
{
    if (module) {
	HT_FREE(module->scheme);
	HT_FREE(module);
	return YES;
    }
    return NO;
}

PRIVATE HTAAModule * find_module (const char * scheme)
{
    if (!HTSchemes) HTSchemes = HTList_new();
    if (scheme) {
	HTList * cur = HTSchemes;
	HTAAModule * pres = NULL;
	while ((pres = (HTAAModule *) HTList_nextObject(cur)))
	    if (!strcasecomp(pres->scheme, scheme)) return pres;
    } else
	HTTRACE(AUTH_TRACE, "Auth Engine. Bad argument\n");
    return NULL;
}

PUBLIC HTAAModule * HTAA_newModule (const char *	scheme,
				    HTNetBefore *	before,
				    HTNetAfter *	after,
				    HTNetAfter *	update,
				    HTUTree_gc *	gc)
{
    if (scheme) {
	HTAAModule * pres = find_module(scheme);

	/* If found then update entry - else create a new one */
	if (!pres) {
	    if (!(pres = (HTAAModule *) HT_CALLOC(1, sizeof(HTAAModule))))
		HT_OUTOFMEM("HTAA_newModule");
	    StrAllocCopy(pres->scheme, scheme);
	    pres->before = before;
	    pres->after = after;
	    pres->update = update;
	    pres->gc = gc;

	    /* Add the new AA Module to the list */
	    HTList_addObject(HTSchemes, (void *) pres);
	    HTTRACE(AUTH_TRACE, "Auth Engine. Created module %p\n" _ pres);
	} else {
	    HTTRACE(AUTH_TRACE, "Auth Engine. Found module %p\n" _ pres);
	}
	return pres;
    } else {
	HTTRACE(AUTH_TRACE, "Auth Engine. Bad argument\n");
	return NULL;
    }
}

PUBLIC HTAAModule * HTAA_findModule (const char * scheme)
{
    if (scheme) {
	HTAAModule * pres = find_module(scheme);
	HTTRACE(AUTH_TRACE, "Auth Engine. did %sfind %s\n" _ pres ? "" : "NOT " _ scheme);
	return pres;
    } else {
	HTTRACE(AUTH_TRACE, "Auth Engine. Bad augument\n");
    }
    return NULL;
}

PUBLIC BOOL HTAA_deleteModule (const char * scheme)
{
    if (scheme) {
	HTAAModule * pres = find_module(scheme);
	if (pres) {
	    HTList_removeObject(HTSchemes, pres);
	    HTTRACE(AUTH_TRACE, "Auth Engine. deleted %p\n" _ pres);
	    delete_module(pres);
	    return YES;
	}
    }
    return NO;
}

PUBLIC BOOL HTAA_deleteAllModules (void)
{
    if (HTSchemes) {
	HTList * cur = HTSchemes;
	HTAAModule * pres;
	while ((pres = (HTAAModule *) HTList_nextObject(cur)))
	    delete_module(pres);
	HTList_delete(HTSchemes);
	HTSchemes = NULL;
	return YES;
    }
    return NO;
}

/* ------------------------------------------------------------------------- */
/*			    HANDLE THE AA URL TREE			     */
/* ------------------------------------------------------------------------- */

/*
**	A AA element is a particular AA procotol associated with a
**	particular point in the URL tree. The scheme is the name of the
**	AA protocol known to be able to handle this context. This protocol
**	must have been registered as a AA module.
*/
PRIVATE HTAAElement * HTAA_newElement (const char * scheme, void * context)
{
    if (scheme) {
	HTAAElement * me;
	if ((me = (HTAAElement *) HT_CALLOC(1, sizeof(HTAAElement))) == NULL)
	    HT_OUTOFMEM("HTAAElement_new");
	StrAllocCopy(me->scheme, scheme);
	me->context = context;
	HTTRACE(AUTH_TRACE, "Auth Engine. Created element %p\n" _ me);
	return me;
    }
    return NULL;
}

/*
**	If the new context differs from the existing one then use the
**	new one, otherwise only override the old context if new
**	one differs from NULL
*/
PRIVATE BOOL HTAA_updateElement (HTAAElement * element,
				 const char * scheme, void * context)
{
    if (element && scheme) {
	/*
	** If the old context differs from the new one then 
	** call the gc provided by the caller
	*/
	if (context && context != element->context) {
	    HTAAModule * module = HTAA_findModule(element->scheme);
	    if (module && module->gc && element->context)
		(*module->gc)(element->context);
	    /*
	    **  Insert the new scheme
	    */
	    StrAllocCopy(element->scheme, scheme);
	    element->context = context;
	}
	return YES;
    }
    return NO;
}

PRIVATE int HTAA_deleteElement (void * context)
{
    HTAAElement * me = (HTAAElement *) context;
    if (me) {
	HTAAModule * module = HTAA_findModule(me->scheme);

	/* If module then call the gc of the Authentication Module */
	if (module && module->gc && me->context)
	    (*module->gc)(me->context);

	HTTRACE(AUTH_TRACE, "Auth Engine. Deleted element %p\n" _ me);
	HT_FREE(me->scheme);
	HT_FREE(me);
	return YES;
    }
    return NO;
}

/*
**	Find AA Element
**	---------------
**	Seaches the set of authentication information bases for a match
**	In order to find an anode we do the following:
**
**		1) Find the right auth base
**		2) See if there is a realm match
**		3) See if there is a template match for URL
**
**	Return the node found else NULL which means that we don't have any
**	authentication information to hook on to this request or response
*/
PRIVATE HTAAElement * HTAA_findElement (BOOL proxy_access,
					const char * realm, const char * url)
{
    HTUTree * tree;
    if (!url) {
	HTTRACE(AUTH_TRACE, "Auth Engine. Bad argument\n");
	return NULL;
    }
    HTTRACE(AUTH_TRACE, "Auth Engine. Looking up `%s'\n" _ url);

    /* Find an existing URL Tree for this URL (if any) */
    {
	char * host = HTParse(url, "", PARSE_HOST);
	char * colon = strchr(host, ':');
	int port = DEFAULT_PORT;
	if (colon ) {