source: roaraudio/libroar/auth.c @ 3225:084d4f6251fe

Last change on this file since 3225:084d4f6251fe was 3225:084d4f6251fe, checked in by phi, 14 years ago

function to convert auth type names and IDs

File size: 5.8 KB
Line 
1//auth.c:
2
3/*
4 *      Copyright (C) Philipp 'ph3-der-loewe' Schafft - 2008-2010
5 *
6 *  This file is part of libroar a part of RoarAudio,
7 *  a cross-platform sound system for both, home and professional use.
8 *  See README for details.
9 *
10 *  This file is free software; you can redistribute it and/or modify
11 *  it under the terms of the GNU General Public License version 3
12 *  as published by the Free Software Foundation.
13 *
14 *  libroar is distributed in the hope that it will be useful,
15 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
16 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17 *  GNU General Public License for more details.
18 *
19 *  You should have received a copy of the GNU General Public License
20 *  along with this software; see the file COPYING.  If not, write to
21 *  the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
22 *
23 *  NOTE for everyone want's to change something and send patches:
24 *  read README and HACKING! There a addition information on
25 *  the license of this document you need to read before you send
26 *  any patches.
27 *
28 *  NOTE for uses of non-GPL (LGPL,...) software using libesd, libartsc
29 *  or libpulse*:
30 *  The libs libroaresd, libroararts and libroarpulse link this lib
31 *  and are therefore GPL. Because of this it may be illigal to use
32 *  them with any software that uses libesd, libartsc or libpulse*.
33 */
34
35#include "libroar.h"
36
37/* How auth works:
38 * 0) set stage to zero
39 * 1) get server address and local node name (from uname())
40 * 2) look up authfile/authdb/authservice for the server+local address + stage.
41 *    if no data was found send NONE-Auth.
42 * 3) send data to server
43 * 4) read answer from server
44 * 5) if stage of server response is non-zero increment stage to server stage+1
45 *    and repeat from step 2)
46 * 6) check if we got an OK or an ERROR, return currect value
47 */
48
49/* The protocol:
50 * Auth request:
51 * Byte 0: auth type
52 * Byte 1: stage
53 * Byte 2: reserved (must be zero)
54 * Byte 3: reserved (must be zero)
55 * Byte 4-end: auth type depending data.
56 *
57 * If no data is to be send bytes 2 and 3 can be omitted.
58 * If no data is to be send and stage is zero bytes 1, 2 and 3 can be omitted.
59 *
60 * Auth response:
61 * The same as the auth request.
62 * if the message type is OK the server accepted our auth.
63 * if the message type is ERROR the server recjected us. we may try other auth methodes.
64 * if the server accepted our data and the stage is non-zero we need to continue with the next
65 * stage of the auth.
66 * if the server rejected us the auth type value of the response is a suggested next auth type
67 * we should try if possible. This may help the client to find a working auth type.
68 */
69
70/* The protocol by auth type:
71 *
72 * --- NONE:
73 * No data is send, the server accepts the connect or rejects it depending on some
74 * magic within the server. we do not care about this.
75 * The data block is not used.
76 *
77 * --- COOKIE:
78 * We send cookies for all stages the server ask us to provide a cookie.
79 * if a cookie is wrong the server rejects us or aks us for another.
80 * The cookie is send as binary data in the data block.
81 *
82 * --- TRUST:
83 * We ask the server to auth us based on ower UID/GID/PID.
84 * The server may reject this becasue we are not allowed or because it is not
85 * supported by the transport.
86 * If we get rejected we may try to continue with IDENT then RHOST before we use NONE.
87 * The data block is not used.
88 *
89 * --- PASSWORD:
90 * This is technikly the same as COOKIE just that the cookie is limited to
91 * printable ASCII chars and that the user should be asked to provide the password.
92 * This may be done via a GUI popup window.
93 *
94 * --- SYSUSER:
95 * We provide a Username + Password for a system user.
96 * The data block contains of two main parts:
97 * The first part is a one byte long subtype.
98 * The value must be 0x01 for username+password.
99 * futur versions may define other types.
100 * the secund part is the actual data block.
101 * for username+password it is splited into two fields, both terminated with \0.
102 * the first is the username the last one the password as clear text.
103 * Example: char data[] = "\001MyUser\0MyPassword\0";
104 *
105 * --- OPENPGP_SIGN:
106 *
107 * --- OPENPGP_ENCRYPT:
108 *
109 * --- OPENPGP_AUTH:
110 *
111 * --- KERBEROS:
112 * We use Kerberos to auth.
113 *
114 * --- RHOST:
115 * The server is asked to auth us based on our source address.
116 * The data block is not used.
117 *
118 * --- XAUTH:
119 * We send an X11 Cookie.
120 *
121 * --- IDENT:
122 * The server is asked to auth us based on our source address using the IDENT protocol.
123 * The data block is not used.
124 *
125 */
126
127int roar_auth   (struct roar_connection * con) {
128 struct roar_message mes;
129
130 memset(&mes, 0, sizeof(struct roar_message)); // make valgrind happy!
131
132 mes.cmd     = ROAR_CMD_AUTH;
133 mes.datalen = 0;
134
135 return roar_req(con, &mes, NULL);
136}
137
138// String functions:
139static struct {
140 int    type;
141 char * name;
142} _g_authts[] = {
143// grep ^'#define ROAR_AUTH_T_' auth.h | while read d t d; do n=$(cut -d_ -f4 <<<$t | tr A-Z a-z); printf ' {%-28s %-10s},\n' $t, \"$n\"; done
144 {ROAR_AUTH_T_NONE,            "none"    },
145 {ROAR_AUTH_T_COOKIE,          "cookie"  },
146 {ROAR_AUTH_T_TRUST,           "trust"   },
147 {ROAR_AUTH_T_PASSWORD,        "password"},
148 {ROAR_AUTH_T_SYSUSER,         "sysuser" },
149 {ROAR_AUTH_T_OPENPGP_SIGN,    "openpgp" },
150 {ROAR_AUTH_T_OPENPGP_ENCRYPT, "openpgp" },
151 {ROAR_AUTH_T_OPENPGP_AUTH,    "openpgp" },
152 {ROAR_AUTH_T_KERBEROS,        "kerberos"},
153 {ROAR_AUTH_T_RHOST,           "rhost"   },
154 {ROAR_AUTH_T_XAUTH,           "xauth"   },
155 {ROAR_AUTH_T_IDENT,           "ident"   },
156 {-1, NULL}
157};
158
159int    roar_str2autht(char * str) {
160 int i;
161
162 for (i = 0; _g_authts[i].name != NULL; i++)
163  if ( !strcasecmp(_g_authts[i].name, str) )
164   return _g_authts[i].type;
165
166 return -1;
167}
168
169char * roar_autht2str(int auth) {
170 int i;
171
172 for (i = 0; _g_authts[i].name != NULL; i++)
173  if ( _g_authts[i].type == auth )
174   return _g_authts[i].name;
175
176 return "(UNKNOWN)";
177}
178
179//ll
Note: See TracBrowser for help on using the repository browser.