source: roaraudio/roard/auth.c @ 6056:8d4468a24909

Last change on this file since 6056:8d4468a24909 was 6052:d48765b2475e, checked in by phi, 9 years ago

updated copyright headers

File size: 6.0 KB
Line 
1//auth.c:
2
3/*
4 *      Copyright (C) Philipp 'ph3-der-loewe' Schafft - 2010-2015
5 *
6 *  This file is part of roard a part of RoarAudio,
7 *  a cross-platform sound system for both, home and professional use.
8 *  See README for details.
9 *
10 *  This file is free software; you can redistribute it and/or modify
11 *  it under the terms of the GNU General Public License version 3
12 *  as published by the Free Software Foundation.
13 *
14 *  RoarAudio is distributed in the hope that it will be useful,
15 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
16 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17 *  GNU General Public License for more details.
18 *
19 *  You should have received a copy of the GNU General Public License
20 *  along with this software; see the file COPYING.  If not, write to
21 *  the Free Software Foundation, 51 Franklin Street, Fifth Floor,
22 *  Boston, MA 02110-1301, USA.
23 *
24 */
25
26#include "roard.h"
27
28#define _NONE ROAR_AUTH_T_AUTO
29
30// declared 'extern'
31struct auth_key g_auth_keyring[AUTH_KEYRING_LEN];
32
33int auth_init (void) {
34 int i;
35
36 memset(g_auth_keyring, 0, sizeof(g_auth_keyring));
37
38 for (i = 0; i < AUTH_KEYRING_LEN; i++) {
39  g_auth_keyring[i].type = _NONE;
40 }
41
42#if 0
43 // test password for API tests...
44 auth_addkey_password(ACCLEV_ALL, "test");
45#endif
46
47#if 0
48 // test trust for API tests...
49 auth_addkey_trust(ACCLEV_ALL, -1, 0, getuid()+1, -1, getgid()+1, -1);
50#endif
51
52 return 0;
53}
54
55int auth_free (void) {
56 return 0;
57}
58
59union auth_typeunion * auth_regkey_simple(int type, enum roard_client_acclev acclev) {
60 struct auth_key * key;
61 int i;
62
63 for (i = 0; i < AUTH_KEYRING_LEN; i++) {
64  if ( (key = &(g_auth_keyring[i]))->type == _NONE ) {
65   memset(key, 0, sizeof(struct auth_key));
66   key->type   = type;
67   key->acclev = acclev;
68   return &(key->at_data);
69  }
70 }
71
72 return NULL;
73}
74
75static int _ck_cookie(struct auth_key * key, struct roar_auth_message * authmes) {
76 if ( key->at_data.cookie.len == authmes->len ) {
77  if ( memcmp(key->at_data.cookie.cookie, authmes->data, authmes->len) ) {
78   return -1;
79  } else {
80   return 1;
81  }
82 }
83
84 return -1;
85}
86
87static int _ck_password(struct auth_key * key, struct roar_auth_message * authmes) {
88 size_t len = strlen(key->at_data.password.password);
89
90 // need to check here if we have a padding \0-byte.
91
92 if ( len == authmes->len ) {
93  if ( memcmp(key->at_data.password.password, authmes->data, len) ) {
94   return -1;
95  } else {
96   return 1;
97  }
98 }
99
100 return -1;
101}
102
103static int _ck_trust(struct auth_key * key, struct roar_auth_message * authmes, struct roar_client_server * cs) {
104 struct at_trust * t = &(key->at_data.trust);
105 size_t i;
106
107 (void)authmes;
108
109 // we ship pids at the moment as cs does not contain a verifyed one.
110
111 for (i = 0; i < t->uids_len; i++)
112  if ( t->uids[i] == ROAR_CLIENT(cs)->uid )
113   return 1;
114
115 for (i = 0; i < t->gids_len; i++)
116  if ( t->gids[i] == ROAR_CLIENT(cs)->gid )
117   return 1;
118
119 return -1;
120}
121
122int auth_client_ckeck(struct roar_client_server * cs, struct roar_auth_message * authmes, int * next) {
123 struct auth_key * key;
124 int i;
125 int ret;
126
127 if ( cs == NULL || authmes == NULL || next == NULL )
128  return -1;
129
130 *next = -1;
131
132 for (i = 0; i < AUTH_KEYRING_LEN; i++) {
133  if ( (key = &(g_auth_keyring[i]))->type == authmes->type ) {
134   ROAR_DBG("auth_client_ckeck(cs=%p, authmes=%p, next=%p{%i}): key=%p{.type=%i, ...}", cs, authmes, next, *next, key, key->type);
135   ret = -1;
136   switch (key->type) {
137    case ROAR_AUTH_T_NONE:
138      ret = 1;
139     break;
140    case ROAR_AUTH_T_PASSWORD:
141      ret = _ck_password(key, authmes);
142     break;
143    case ROAR_AUTH_T_COOKIE:
144      ret = _ck_cookie(key, authmes);
145     break;
146    case ROAR_AUTH_T_TRUST:
147      ret = _ck_trust(key, authmes, cs);
148     break;
149    case ROAR_AUTH_T_SYSUSER:
150    case ROAR_AUTH_T_RHOST:
151    default:
152      /* don't know what to do... */
153      return -1;
154     break;
155   }
156   switch (ret) {
157    case -1:
158      /* ignore this case and continue */
159     break;
160    case 0: // fatal auth error (server side auth cancel)
161      return 0;
162     break;
163    case 1:
164      cs->acclev = key->acclev;
165      return 1;
166     break;
167    default: /* error! */
168      return -1;
169     break;
170   }
171  }
172 }
173
174 // make a better guess:
175/*
176 if ( authmes->type == ROAR_AUTH_T_PASSWORD ) {
177  *next = -1;
178 } else {
179  *next = ROAR_AUTH_T_PASSWORD;
180 }
181*/
182
183 return -1;
184}
185
186int auth_addkey_anonymous(enum roard_client_acclev acclev) {
187 if ( auth_regkey_simple(ROAR_AUTH_T_NONE, acclev) == NULL )
188  return -1;
189 return 0;
190}
191
192int auth_addkey_password(enum roard_client_acclev acclev, const char * password) {
193 union auth_typeunion * pw;
194
195 if ( (pw = auth_regkey_simple(ROAR_AUTH_T_PASSWORD, acclev)) == NULL )
196  return -1;
197
198 pw->password.password = password;
199
200 return 0;
201}
202
203int auth_addkey_cookie(enum roard_client_acclev acclev, const void * cookie, const size_t len) {
204 union auth_typeunion * key;
205
206 if ( (key = auth_regkey_simple(ROAR_AUTH_T_COOKIE, acclev)) == NULL )
207  return -1;
208
209 key->cookie.cookie = (void*)cookie;
210 key->cookie.len    = len;
211
212 return 0;
213}
214
215int auth_addkey_trust(enum roard_client_acclev acclev, ...) {
216 union auth_typeunion * key;
217 size_t i;
218 va_list va;
219 pid_t pid = -1;
220 uid_t uid = -1;
221 gid_t gid = -1;
222 int err = 0;
223
224 if ( (key = auth_regkey_simple(ROAR_AUTH_T_TRUST, acclev)) == NULL )
225  return -1;
226
227 // zerosize all counters.
228 memset(key, 0, sizeof(union auth_typeunion));
229
230 va_start(va, acclev);
231
232 do { // eval block we can leave with continue.
233
234#define _block(var,type,array)  i = 0; \
235                                do { \
236                                 if ( i == AT_TRUST_MAX_ENTRYS ) { err = 1; continue; } \
237                                 var = va_arg(va, type); \
238                                 key->trust.array[i] = var; \
239                                 i++; \
240                                } while (var != -1); \
241                                if ( err ) continue; \
242                                key->trust.array ## _len = i;
243
244
245 _block(pid, pid_t, pids);
246 _block(uid, uid_t, uids);
247 _block(gid, gid_t, gids);
248
249#undef _block
250
251 } while(0);
252
253 va_end(va);
254
255 if ( !err )
256  return 0;
257
258 memset(key, 0, sizeof(union auth_typeunion));
259
260 return -1;
261}
262
263//ll
Note: See TracBrowser for help on using the repository browser.