📄 http_auth.c
字号:
/*
* $Id: http_auth.c,v 1.0 2003/02/21 00:11:04 csm Exp $
* $Copyright: (c) 2002, 2003 Broadcom Corp.
* All Rights Reserved.$
*/
/***********************************************************************
* iMpacct Technology Corporation. Copyright 2001 - 2100. *
* ALL RIGHTS RESERVED *
*----------------------------------------------------------------------*
* Project : HTTP
* Creator : Carl Wang / iMpacct 4/17/2002
* File : http_auth.c
* Description: To do basic authorization
*
* History:
*
************************************************************************/
#include <sys/sys_config.h>
#include <http/http_cfg.h>
#include <http/http_lib.h>
#include <http/http_file.h>
extern char szEncodedUsernamePassword [16];
//extern time_t timeLogin;
//extern ULONG ulLoginIP;
#define HTTP_MAX_LOGIN_USERS 5
#define HTTP_LOGIN_IDLE_TIME (3*60*ONE_SECOND)
typedef struct {
UI32_T ip;
UI32_T ticks;
} HTTP_LOGIN_INFO;
static HTTP_LOGIN_INFO http_login_user[HTTP_MAX_LOGIN_USERS];
void send_response(HTTPD_CONN_T *hc, int status, char* title, char* extrahead, char* form, char* arg);
// static char* err401title = "Unauthorized";
// static char* err401form = "Authorization required for the URL '%.80s'.\n";
static void send_authenticate(HTTPD_CONN_T *hc, char* realm);
int b64_decode (const char* str, unsigned char* space, int size);
int auth_check (HTTPD_CONN_T *hc, char *dirname);
static void send_authenticate (HTTPD_CONN_T *hc, char* realm)
{
static char* header;
static int maxheader = 0;
static char headstr[] = "WWW-Authenticate: Basic realm=\"";
httpd_realloc_str(&header, &maxheader, sizeof(headstr) + strlen("Web Manager") + 1);
sprintf(header, "%s%s\"\r\n", headstr, "Web Manager");
httpd_send_response(hc, 401, err401title, header, err401form, hc->encodedurl);
/* If the request was a POST then there might still be data to be read,
** so we need to do a lingering close.
*/
if (hc->method == METHOD_POST)
hc->should_linger = 1;
}
static void http_update_login_user(HTTPD_CONN_T *hc)
{
int i;
HTTP_LOGIN_INFO *user, *empty;
empty=0;
user=(HTTP_LOGIN_INFO *)&http_login_user[0];
for (i=0; i<HTTP_MAX_LOGIN_USERS; i++, user++)
{
if (user->ip==hc->client_addr.s_addr)
{
user->ticks=cyg_current_time();
return;
}
if (user->ip==0)
{
if (empty==0) empty=user;
}
else if ((cyg_current_time()-user->ticks)>HTTP_LOGIN_IDLE_TIME)
{
user->ip=0;
if (empty==0) empty=user;
}
}
if (empty)
{
empty->ip=hc->client_addr.s_addr;
empty->ticks=cyg_current_time();
}
}
static int http_check_login_user(HTTPD_CONN_T *hc)
{
int i;
HTTP_LOGIN_INFO *user, *empty;
empty=0;
user=(HTTP_LOGIN_INFO *)&http_login_user[0];
for (i=0; i<HTTP_MAX_LOGIN_USERS; i++, user++)
{
if (user->ip==hc->client_addr.s_addr)
{
if ((cyg_current_time()-user->ticks)>HTTP_LOGIN_IDLE_TIME)
{
user->ip=0;
}
else
{
user->ticks=cyg_current_time();
return(1);
}
}
}
return(0);
}
#define MULTIPART_FORM "multipart/form-data"
#define MULTIPART_FORM_SIZE sizeof(MULTIPART_FORM)
int auth_check (HTTPD_CONN_T *hc, char* dirname)
{
char contenttype[MULTIPART_FORM_SIZE+1];
/* Does this request contain authorization info? */
if (hc->authorization [0] != '\0' &&
/* Basic authorization info? */
strncmp (hc->authorization, "Basic ", 6) == 0 &&
strcmp (&hc->authorization[6], szEncodedUsernamePassword) == 0)
{
http_update_login_user(hc);
return 0;
}
memcpy (contenttype, hc->contenttype, strlen(MULTIPART_FORM));
contenttype[MULTIPART_FORM_SIZE]=0x00;
WebLib_strlwr (contenttype);
// To fix multi-part issue of IE5.0 SP2
// No authorization information in multi-part frame of IE5.0 SP2
if (memcmp(contenttype, MULTIPART_FORM, strlen(MULTIPART_FORM))==0 &&
http_check_login_user(hc))
return(0);
send_authenticate (hc, dirname);
return -1;
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -