wsphttp.c

SyncML手册及其编程

   response->authChallenge = (WspWWWAuthenticate_t *) xppMalloc(sizeof(WspWWWAuthenticate_t));
   if (response->authChallenge == NULL)
      return SML_ERR_A_XPT_MEMORY;

   xppMemset(response->authChallenge, 0, sizeof(WspWWWAuthenticate_t));
   rc = parseAuthChallenge(response->authChallenge, tempValue);

   return rc;
} /* End initializeAuthChallenge() */

unsigned int parseAuthChallenge(WspWWWAuthenticate_t *auth, const char *source)
{
   unsigned int rc         = SML_ERR_OK;
   const char  *sPtr       = source;
   const char  *ePtr       = NULL;
   int          authLen    = 0;

   XPTDEBUG(("    parseAuthChallenge(%lx, %s)\n", (unsigned long) auth, source));

   if ((auth == NULL) || (source == NULL))
      return SML_ERR_A_XPT_INVALID_PARM;

   ePtr = sPtr + xppStrlen(source);

   auth->authType = getMetaInfoValue(source, "Basic");
   XPTDEBUG(("    parseAuthChallenge() auth->authType = %lx\n", (unsigned long) auth->authType));
   if ((auth->authType != NULL) && (!xppStrcmp(auth->authType, ""))) {
      xppFree(auth->authType);
      auth->authType = (char *) xppMalloc (xppStrlen("Basic") + 1);
      if (auth->authType != NULL)
         xppStrcpy(auth->authType, "Basic");
   } else {
      auth->authType = getMetaInfoValue(source, "Digest");
      if ((auth->authType != NULL) && (!xppStrcmp(auth->authType, ""))) {
         xppFree(auth->authType);
         auth->authType = (char *) xppMalloc (xppStrlen("Basic") + 1);
         if (auth->authType != NULL)
            xppStrcpy(auth->authType, "Digest");
      }
   }

   if (auth->authType == NULL)
      return SML_ERR_A_XPT_COMMUNICATION;      /* Unsupported auth type */

   authLen = xppStrlen(auth->authType);
   /* Bump buffer pointer past auth type in source */
   while ((sPtr < ePtr) && (xppStrncmp(sPtr, auth->authType, authLen) !=0)) {
      sPtr++;
   }

   if (!xppStrncmp(sPtr, auth->authType, authLen)) {
      sPtr += authLen;
      while ((sPtr < ePtr) && (!xppStrncmp(sPtr, " ", 1)))
         sPtr++;
      if (sPtr >= ePtr)
         sPtr = source;
   } else
      sPtr = source;

   auth->realm = getHeaderParmValue("realm", sPtr);

   if (!xppStrcmp(auth->authType, "Digest")) {
      auth->domain = getHeaderParmValue("domain", sPtr);
      auth->nonce  = getHeaderParmValue("nonce", sPtr);
      auth->opaque = getHeaderParmValue("opaque", sPtr);
      auth->stale  = getHeaderParmValue("stale", sPtr);
      auth->algorithm = getHeaderParmValue("algorithm", sPtr);
      auth->qop    = getHeaderParmValue("qop", sPtr);
   } /* End Digest Authentication parms */

   XPTDEBUG(("    parseAuthChallenge() returns %u\n", rc));

   return rc;
} /* End parseAuthChallenge() */


unsigned int validateResponse(WspHttpParms_t *parms)
{

   XPTDEBUG(("    validateResponse(%lx)\n", (unsigned long) parms));
   /* Accept
    * Verify that server response complies, else reject response               */

   /* Accept-Charset
    * Verify that server response complies, else reject response               */

   /* Accept-Encoding
    * Verify any server encoding complies, else reject response
    * It's up to client to decode - binding is just conduit                    */

   /* Accept-Language
    * Verify any server encoding complies, else reject response
    * It's up to client to decode - binding is just conduit                    */


   return SML_ERR_OK;
} /* End validateResponse() */

void releaseRequestParms(WspHttpRequestParms_t *request)
{

   XPTDEBUG(("    releaseRequestParms(%lx)\n", (unsigned long) request));

   if (request == NULL)
      return;

   xppFree(request->accept);
   xppFree(request->acceptCharset);
   xppFree(request->from);
   xppFree(request->acceptEncoding);
   xppFree(request->acceptLanguage);
   xppFree(request->host);
   xppFree(request->referer);
   xppFree(request->composedHeader);

   releaseAuthorizationParms(request->authorization);

   xppFree(request);

} /* End releaseRequestParms() */

void releaseAuthorizationParms(WspAuthorization_t *parms)
{
   XPTDEBUG(("    releaseAuthorizationParms(%lx)\n", (unsigned long) parms));

   if (parms == NULL)
      return;

   xppFree(parms->authType);
   xppFree(parms->userid);
   xppFree(parms->password);
   xppFree(parms->realm);
   xppFree(parms->cnonce);
   xppFree(parms->opaque);

   xppFree(parms);

} /* End releaseAuthorizationParms() */

void releaseResponseParms(WspHttpResponseParms_t *response)
{

   XPTDEBUG(("    releaseResponseParms(%lx)\n", (unsigned long) response));

   if (response == NULL)
      return;

   xppFree(response->cacheControl);
   xppFree(response->location);
   xppFree(response->retryAfter);

   releaseChallengeParms(response->authChallenge);
   releaseAuthenticationParms(response->authVerification);

   xppFree(response);

} /* End releaseResponseParms() */

void releaseChallengeParms(WspWWWAuthenticate_t *parms)
{

   XPTDEBUG(("    releaseChallengeParms(%lx)\n", (unsigned long) parms));

   if (parms == NULL)
      return;

   xppFree(parms->authType);
   xppFree(parms->realm);
   xppFree(parms->domain);
   xppFree(parms->nonce);
   xppFree(parms->opaque);
   xppFree(parms->stale);
   xppFree(parms->algorithm);
   xppFree(parms->qop);

   xppFree(parms);

} /* End releaseChallengeParms() */

void releaseAuthenticationParms(WspAuthentication_t *parms)
{

   XPTDEBUG(("    releaseAuthenticationParms(%lx)\n", (unsigned long) parms));

   if (parms == NULL)
      return;

   xppFree(parms->nextNonce);
   xppFree(parms->qop);
   xppFree(parms->rspAuth);
   xppFree(parms->cnonce);
   xppFree(parms->nc);

   xppFree(parms);

} /* End releaseAuthenticationParms() */


/*
 * Returns a pointer to the address in the buffer where the next token
 * could begin, i.e. points to immediately after the end of the tag
 * that was just added to the buffer
 */
void addTag(char *buffer, const char *tagName, const char *tagValue)
{

   if ((buffer == NULL) || (tagName == NULL) || (tagValue == NULL))
      return;

   xppStrcat(buffer, tagName);
   xppStrcat(buffer, ": ");
   xppStrcat(buffer, tagValue);
   xppStrcat(buffer, NL);

   return;
} /* End addTag() */

int calcStaticHeaderSize(WspHttpRequestParms_t *request)
{
   int length = 0;

   XPTDEBUG(("    calcStaticHeaderSize(%lx)\n", (unsigned long) request));

   length += getTagLen("Cache-Control", D_CACHE_CONTROL);
   length += getTagLen("Accept", request->accept);
   length += getTagLen("Accept-Charset", request->acceptCharset);
   length += getTagLen("From", request->from);
   length += getTagLen("User-Agent", D_USER_AGENT);
   length += getTagLen("Accept-Encoding", request->acceptEncoding);
   length += getTagLen("Accept-Language", request->acceptLanguage);
   length += getTagLen("host", request->host);

   length += xppStrlen(NL);
   length += 1;            /* For null terminator */

   return length;
} /* End calcStaticHeaderSize() */

int getTagLen(const char *tagName, const char *tagValue)
{
   int length = 0;

   if ((tagName == NULL) || (tagValue == NULL))
      return 0;

   length = length + xppStrlen(tagName) + xppStrlen(": ") + xppStrlen(tagValue) + xppStrlen(NL);

   return length;
} /* end getTagLen() */


/**
 * 1.  Parse settings parms on selectProtocol to:
 *       - establish client-specific parms
 *       - initialize default values for non-specified parms
 * 2.  Compose request header for invoke requests, given content-type,
 *     content-length
 *       - who handles referer?  We should, but how does this class know
 *         it's needed?
 * 3.  Parse response header
 * 3.5 Provide caller methods for verifying response, i.e.
 *       - caller sees 401, wants to set auth info and reget request headers
 *       - caller wants to verify response authinfo?
 *       - tell caller of auth failures (same as challenge?)
 *       - tell caller of other reject conditions
 * 4.  Accept changes to request auth info?  If we don't prime with
 *     the auth info and get challenged, the caller will need to compose
 *     a response to the challenge.
 **/


void auth(WspHttpParms_t *parmPtr)
{
   if (parmPtr->request->authorization != NULL)  {
      /* Binding MUST support, Specified by client, or not included            */
      /* Verify domain/realm before sending                                    */
      if (parmPtr->request->authorization->authType != NULL) {
         xppStrcat(parmPtr->request->composedHeader, "Authorization: ");
         xppStrcat(parmPtr->request->composedHeader, parmPtr->request->authorization->authType);
         xppStrcat(parmPtr->request->composedHeader, " ");
         if (!xppStrcmp(parmPtr->request->authorization->authType, "BASIC")) {
         /* base64-encode userid:password */
            xppStrcat(parmPtr->request->composedHeader, parmPtr->request->authorization->userid);
            xppStrcat(parmPtr->request->composedHeader, ":");
            xppStrcat(parmPtr->request->composedHeader, parmPtr->request->authorization->password);
            xppStrcat(parmPtr->request->composedHeader, NL);
         } else if (!xppStrcmp(parmPtr->request->authorization->authType, "DIGEST")) {
            xppStrcat(parmPtr->request->composedHeader, " username=");
            xppStrcat(parmPtr->request->composedHeader, parmPtr->request->authorization->userid);
            xppStrcat(parmPtr->request->composedHeader, " realm=");
            xppStrcat(parmPtr->request->composedHeader, parmPtr->request->authorization->realm);
            xppStrcat(parmPtr->request->composedHeader, "nonce = \"" "\" ");
            xppStrcat(parmPtr->request->composedHeader, "uri=\"transaction->uri\" ");
            xppStrcat(parmPtr->request->composedHeader, "response=\"request-digest\" ");
            xppStrcat(parmPtr->request->composedHeader, "algorithm = \"<MD5|MD5-sess|token>\" ");
            xppStrcat(parmPtr->request->composedHeader, "cnonce=\"");
            xppStrcat(parmPtr->request->composedHeader, parmPtr->request->authorization->cnonce);
            xppStrcat(parmPtr->request->composedHeader, "\" ");
            xppStrcat(parmPtr->request->composedHeader, "opaque = \"");
            xppStrcat(parmPtr->request->composedHeader, parmPtr->request->authorization->opaque);
            xppStrcat(parmPtr->request->composedHeader, "\" ");
            xppStrcat(parmPtr->request->composedHeader, "qop=\"<auth|auth-int|token>\" ");
            xppStrcat(parmPtr->request->composedHeader, "nc=<nonceCountValue> ");
            xppStrcat(parmPtr->request->composedHeader, NL);
         } /* End digest auth  */
      } /* End valid auth type */
   } /* End authorization */

} /* End auth() */