📄 wap_push_ppg_pushuser.c
字号:
if (u->user_deny_ip) { if (octstr_compare(u->user_deny_ip, octstr_imm("*.*.*.*")) == 0) { warning(0, "no ips allowed for %s", octstr_get_cstr(copy)); goto denied; } } if (u->user_allow_ip) if (octstr_compare(u->user_allow_ip, octstr_imm("*.*.*.*")) == 0) goto allowed; if (u->user_deny_ip) { if (wap_push_ppg_pushuser_search_ip_from_wildcarded_list(u->user_deny_ip, ip, octstr_imm(";"), octstr_imm("."))) { goto denied; } } if (u->user_allow_ip) { if (wap_push_ppg_pushuser_search_ip_from_wildcarded_list(u->user_allow_ip, ip, octstr_imm(";"), octstr_imm("."))) { goto allowed; } } octstr_destroy(copy); warning(0, "ip not found from either ip list, deny it"); return 0;allowed: octstr_destroy(copy); return 1;denied: ip_copy = octstr_duplicate(ip); warning(0, "%s denied by user %s", octstr_get_cstr(ip_copy), octstr_get_cstr(copy)); octstr_destroy(copy); octstr_destroy(ip_copy); return 0;no_user: return 0;}/* * HTTP basic authentication server response is defined in rfc 2617, chapter 2. * Return 1, when we found username and password from headers, 0, when there were * no password and -1 when there were no username (or no Authorization header at * all, or an unparsable one). Username and password value 'NULL' means no user- * name or password supplied. */static int response(List *push_headers, Octstr **username, Octstr **password){ Octstr *header_value, *basic; size_t basic_len; List *auth_list; *username = NULL; *password = NULL; if ((header_value = http_header_find_first(push_headers, "Authorization")) == NULL) goto no_response3; octstr_strip_blanks(header_value); basic = octstr_imm("Basic"); basic_len = octstr_len(basic); if (octstr_ncompare(header_value, basic, basic_len) != 0) goto no_response1; octstr_delete(header_value, 0, basic_len); octstr_strip_blanks(header_value); octstr_base64_to_binary(header_value); auth_list = octstr_split(header_value, octstr_imm(":")); if (list_len(auth_list) != 2) goto no_response2; *username = octstr_duplicate(list_get(auth_list, 0)); *password = octstr_duplicate(list_get(auth_list, 1)); if (username == NULL) { goto no_response2; } if (password == NULL) { goto no_response4; } debug("wap.push.ppg.pushuser", 0, "we have an username and a password in" " authorization header"); list_destroy(auth_list, octstr_destroy_item); octstr_destroy(header_value); return HEADER_AUTHENTICATION;no_response1: octstr_destroy(header_value); return NO_USERNAME;no_response2: list_destroy(auth_list, octstr_destroy_item); octstr_destroy(header_value); return NO_USERNAME;no_response3: return NO_USERNAME;no_response4: list_destroy(auth_list, octstr_destroy_item); octstr_destroy(header_value); return NO_PASSWORD;}/* * HTTP basic authentication server challenge is defined in rfc 2617, chapter 2. * Only WWW-Authenticate header is required here by specs. This function does not * release memory used by push headers, the caller must do this. */static void challenge(HTTPClient *c, List *push_headers){ Octstr *challenge, *realm; int http_status; List *reply_headers; realm = octstr_format("%s", "Basic realm="); octstr_append(realm, get_official_name()); octstr_format_append(realm, "%s", "\"wappush\""); reply_headers = http_create_empty_headers(); http_header_add(reply_headers, "WWW-Authenticate", octstr_get_cstr(realm)); http_status = HTTP_UNAUTHORIZED; challenge = octstr_imm("You must show your credentials.\n"); http_send_reply(c, http_status, reply_headers, challenge); octstr_destroy(realm); http_destroy_headers(reply_headers);}/* * This function does not release memory used by push headers, the caller must do this. */static void reply(HTTPClient *c, List *push_headers){ int http_status; Octstr *denied; List *reply_headers; reply_headers = http_create_empty_headers(); http_status = HTTP_FORBIDDEN; denied = octstr_imm("You are not allowed to use this service. Do not retry.\n"); http_send_reply(c, http_status, push_headers, denied); http_destroy_headers(reply_headers);}/* * Note that the phone number necessarily follows the international format (a requi- * rement by our pap compiler). So we add country prefix to listed prefixes, if one * is configured. */static int prefix_allowed(WAPPushUser *u, Octstr *number){ List *allowed, *denied; long i; Octstr *listed_prefix; allowed = NULL; denied = NULL; if (u == NULL) goto no_user; if ( u->allowed_prefix == NULL && u->denied_prefix == NULL && u->allowed_prefix_regex == NULL && u->denied_prefix_regex == NULL) goto no_configuration; if (u->denied_prefix != NULL) { denied = octstr_split(u->denied_prefix, octstr_imm(";")); for (i = 0; i < list_len(denied); ++i) { listed_prefix = list_get(denied, i); if (u->country_prefix != NULL) octstr_insert(listed_prefix, u->country_prefix, 0); if (compare_octstr_sequence(number, listed_prefix, 0) == 0) { goto denied; } } } /* note: country-prefix _must_be included in the pattern */ if (u->denied_prefix_regex != NULL) if (gw_regex_matches(u->denied_prefix_regex, number) == MATCH) goto denied; if (u->allowed_prefix_regex == NULL && u->allowed_prefix == NULL) goto no_allowed_config; if (u->allowed_prefix != NULL) { allowed = octstr_split(u->allowed_prefix, octstr_imm(";")); for (i = 0; i < list_len(allowed); ++i) { listed_prefix = list_get(allowed, i); if (u->country_prefix != NULL) octstr_insert(listed_prefix, u->country_prefix, 0); if (compare_octstr_sequence(number, listed_prefix, 0) == 0) { goto allowed; } } } /* note: country-prefix _must_ be included in the pattern */ if (u->allowed_prefix_regex != NULL) if (gw_regex_matches(u->allowed_prefix_regex, number) == MATCH) goto allowed;/* * Here we have an intentional fall-through. It will removed when memory cleaning * functions are implemented. */denied: list_destroy(allowed, octstr_destroy_item); list_destroy(denied, octstr_destroy_item); return 0;allowed: list_destroy(allowed, octstr_destroy_item); list_destroy(denied, octstr_destroy_item); return 1;no_configuration: return 1;no_user: return 0;no_allowed_config: list_destroy(denied, octstr_destroy_item); return 1;}static int whitelisted(WAPPushUser *u, Octstr *number){ int result = 1; if (u->white_list != NULL) result = numhash_find_number(u->white_list, number); if ((result == 0) && (u->white_list_regex != NULL)) result = (gw_regex_matches(u->white_list_regex, number) == MATCH) ? 1 : 0; return result;}static int blacklisted(WAPPushUser *u, Octstr *number){ int result = 0; if (u->black_list != NULL) result = numhash_find_number(u->black_list, number); if ((result == 0) && (u->black_list_regex != NULL)) result = (gw_regex_matches(u->black_list_regex, number) == MATCH) ? 1 : 0; return result;}/* * 'NULL' means here 'no value found'. * Return 1 when we found username, 0 when we did not. */static int parse_cgivars_for_username(List *cgivars, Octstr **username){ *username = NULL; *username = octstr_duplicate(http_cgi_variable(cgivars, "username")); if (*username == NULL) { return 0; } return 1;}static int parse_cgivars_for_password(List *cgivars, Octstr **password){ *password = NULL; *password = octstr_duplicate(http_cgi_variable(cgivars, "password")); if (*password == NULL) { return 0; } return 1;}/* * Compare an octet string os2 with a sequence of an octet string os1. The sequence * starts with a position start. */static int compare_octstr_sequence(Octstr *os1, Octstr *os2, long start){ int ret; unsigned char *prefix; long end; if (octstr_len(os2) == 0) return 1; if (octstr_len(os1) == 0) return -1; prefix = NULL; if (start != 0) { prefix = gw_malloc(start); octstr_get_many_chars(prefix, os1, 0, start); octstr_delete(os1, 0, start); } end = start + octstr_len(os2); ret = octstr_ncompare(os1, os2, end - start); if (start != 0) { octstr_insert_data(os1, 0, prefix, start); gw_free(prefix); } return ret;}static Octstr *forced_smsc(WAPPushUser *u){ return u->smsc_id;}static Octstr *default_smsc(WAPPushUser *u){ return u->default_smsc_id;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -