[4469] | 1 | //auth.c: |
---|
| 2 | |
---|
| 3 | /* |
---|
| 4 | * Copyright (C) Philipp 'ph3-der-loewe' Schafft - 2010 |
---|
| 5 | * |
---|
| 6 | * This file is part of roard a part of RoarAudio, |
---|
| 7 | * a cross-platform sound system for both, home and professional use. |
---|
| 8 | * See README for details. |
---|
| 9 | * |
---|
| 10 | * This file is free software; you can redistribute it and/or modify |
---|
| 11 | * it under the terms of the GNU General Public License version 3 |
---|
| 12 | * as published by the Free Software Foundation. |
---|
| 13 | * |
---|
| 14 | * RoarAudio is distributed in the hope that it will be useful, |
---|
| 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
| 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
| 17 | * GNU General Public License for more details. |
---|
| 18 | * |
---|
| 19 | * You should have received a copy of the GNU General Public License |
---|
| 20 | * along with this software; see the file COPYING. If not, write to |
---|
| 21 | * the Free Software Foundation, 51 Franklin Street, Fifth Floor, |
---|
| 22 | * Boston, MA 02110-1301, USA. |
---|
| 23 | * |
---|
| 24 | */ |
---|
| 25 | |
---|
| 26 | #include "roard.h" |
---|
| 27 | |
---|
| 28 | #define _NONE ROAR_AUTH_T_AUTO |
---|
| 29 | |
---|
| 30 | int auth_init (void) { |
---|
| 31 | int i; |
---|
| 32 | |
---|
| 33 | memset(g_auth_keyring, 0, sizeof(g_auth_keyring)); |
---|
| 34 | |
---|
| 35 | for (i = 0; i < AUTH_KEYRING_LEN; i++) { |
---|
| 36 | g_auth_keyring[i].type = _NONE; |
---|
| 37 | } |
---|
| 38 | |
---|
[4476] | 39 | #if 0 |
---|
| 40 | // test password for API tests... |
---|
| 41 | auth_addkey_password(ACCLEV_ALL, "test"); |
---|
| 42 | #endif |
---|
| 43 | |
---|
[4478] | 44 | #if 0 |
---|
| 45 | // test trust for API tests... |
---|
| 46 | auth_addkey_trust(ACCLEV_ALL, -1, 0, getuid()+1, -1, getgid()+1, -1); |
---|
| 47 | #endif |
---|
| 48 | |
---|
[4469] | 49 | return 0; |
---|
| 50 | } |
---|
| 51 | |
---|
| 52 | int auth_free (void) { |
---|
| 53 | return 0; |
---|
| 54 | } |
---|
| 55 | |
---|
[4474] | 56 | union auth_typeunion * auth_regkey_simple(int type, enum roard_client_acclev acclev) { |
---|
| 57 | struct auth_key * key; |
---|
| 58 | int i; |
---|
| 59 | |
---|
| 60 | for (i = 0; i < AUTH_KEYRING_LEN; i++) { |
---|
| 61 | if ( (key = &(g_auth_keyring[i]))->type == _NONE ) { |
---|
| 62 | memset(key, 0, sizeof(struct auth_key)); |
---|
| 63 | key->type = type; |
---|
| 64 | key->acclev = acclev; |
---|
| 65 | return &(key->at_data); |
---|
| 66 | } |
---|
| 67 | } |
---|
| 68 | |
---|
| 69 | return NULL; |
---|
| 70 | } |
---|
| 71 | |
---|
[4478] | 72 | static int _ck_cookie(struct auth_key * key, struct roar_auth_message * authmes) { |
---|
| 73 | if ( key->at_data.cookie.len == authmes->len ) { |
---|
| 74 | if ( memcmp(key->at_data.cookie.cookie, authmes->data, authmes->len) ) { |
---|
| 75 | return -1; |
---|
| 76 | } else { |
---|
| 77 | return 1; |
---|
| 78 | } |
---|
| 79 | } |
---|
| 80 | |
---|
| 81 | return -1; |
---|
| 82 | } |
---|
| 83 | |
---|
[4474] | 84 | static int _ck_password(struct auth_key * key, struct roar_auth_message * authmes) { |
---|
| 85 | size_t len = strlen(key->at_data.password.password); |
---|
| 86 | |
---|
| 87 | // need to check here if we have a padding \0-byte. |
---|
| 88 | |
---|
| 89 | if ( len == authmes->len ) { |
---|
| 90 | if ( memcmp(key->at_data.password.password, authmes->data, len) ) { |
---|
| 91 | return -1; |
---|
| 92 | } else { |
---|
| 93 | return 1; |
---|
| 94 | } |
---|
| 95 | } |
---|
| 96 | |
---|
| 97 | return -1; |
---|
| 98 | } |
---|
| 99 | |
---|
[4478] | 100 | static int _ck_trust(struct auth_key * key, struct roar_auth_message * authmes, struct roar_client_server * cs) { |
---|
| 101 | struct at_trust * t = &(key->at_data.trust); |
---|
| 102 | size_t i; |
---|
| 103 | |
---|
| 104 | // we ship pids at the moment as cs does not contain a verifyed one. |
---|
| 105 | |
---|
| 106 | for (i = 0; i < t->uids_len; i++) |
---|
| 107 | if ( t->uids[i] == ROAR_CLIENT(cs)->uid ) |
---|
| 108 | return 1; |
---|
| 109 | |
---|
| 110 | for (i = 0; i < t->gids_len; i++) |
---|
| 111 | if ( t->gids[i] == ROAR_CLIENT(cs)->gid ) |
---|
| 112 | return 1; |
---|
| 113 | |
---|
| 114 | return -1; |
---|
| 115 | } |
---|
| 116 | |
---|
[4474] | 117 | int auth_client_ckeck(struct roar_client_server * cs, struct roar_auth_message * authmes) { |
---|
| 118 | struct auth_key * key; |
---|
| 119 | int i; |
---|
| 120 | int ret; |
---|
| 121 | |
---|
| 122 | if ( cs == NULL || authmes == NULL ) |
---|
| 123 | return -1; |
---|
| 124 | |
---|
| 125 | for (i = 0; i < AUTH_KEYRING_LEN; i++) { |
---|
| 126 | if ( (key = &(g_auth_keyring[i]))->type == authmes->type ) { |
---|
| 127 | ret = -1; |
---|
| 128 | switch (key->type) { |
---|
| 129 | case ROAR_AUTH_T_NONE: |
---|
| 130 | ret = 1; |
---|
| 131 | break; |
---|
| 132 | case ROAR_AUTH_T_PASSWORD: |
---|
| 133 | ret = _ck_password(key, authmes); |
---|
| 134 | break; |
---|
[4478] | 135 | case ROAR_AUTH_T_COOKIE: |
---|
| 136 | ret = _ck_cookie(key, authmes); |
---|
| 137 | break; |
---|
[4474] | 138 | case ROAR_AUTH_T_TRUST: |
---|
[4478] | 139 | ret = _ck_trust(key, authmes, cs); |
---|
| 140 | break; |
---|
[4474] | 141 | case ROAR_AUTH_T_SYSUSER: |
---|
| 142 | case ROAR_AUTH_T_RHOST: |
---|
| 143 | default: |
---|
| 144 | /* don't know what to do... */ |
---|
| 145 | return -1; |
---|
| 146 | break; |
---|
| 147 | } |
---|
| 148 | switch (ret) { |
---|
| 149 | case -1: |
---|
| 150 | /* ignore this case and continue */ |
---|
| 151 | break; |
---|
| 152 | case 0: |
---|
| 153 | return 0; |
---|
| 154 | break; |
---|
| 155 | case 1: |
---|
| 156 | cs->acclev = key->acclev; |
---|
| 157 | return 1; |
---|
| 158 | break; |
---|
| 159 | default: /* error! */ |
---|
| 160 | return -1; |
---|
| 161 | break; |
---|
| 162 | } |
---|
| 163 | } |
---|
| 164 | } |
---|
| 165 | |
---|
| 166 | return -1; |
---|
| 167 | } |
---|
| 168 | |
---|
[4476] | 169 | int auth_addkey_anonymous(enum roard_client_acclev acclev) { |
---|
| 170 | if ( auth_regkey_simple(ROAR_AUTH_T_NONE, acclev) == NULL ) |
---|
| 171 | return -1; |
---|
| 172 | return 0; |
---|
| 173 | } |
---|
| 174 | |
---|
| 175 | int auth_addkey_password(enum roard_client_acclev acclev, const char * password) { |
---|
| 176 | union auth_typeunion * pw; |
---|
| 177 | |
---|
| 178 | if ( (pw = auth_regkey_simple(ROAR_AUTH_T_PASSWORD, acclev)) == NULL ) |
---|
| 179 | return -1; |
---|
| 180 | |
---|
| 181 | pw->password.password = password; |
---|
| 182 | |
---|
| 183 | return 0; |
---|
| 184 | } |
---|
| 185 | |
---|
[4478] | 186 | int auth_addkey_cookie(enum roard_client_acclev acclev, const void * cookie, const size_t len) { |
---|
| 187 | union auth_typeunion * key; |
---|
| 188 | |
---|
| 189 | if ( (key = auth_regkey_simple(ROAR_AUTH_T_COOKIE, acclev)) == NULL ) |
---|
| 190 | return -1; |
---|
| 191 | |
---|
| 192 | key->cookie.cookie = (void*)cookie; |
---|
| 193 | key->cookie.len = len; |
---|
| 194 | |
---|
| 195 | return 0; |
---|
| 196 | } |
---|
| 197 | |
---|
| 198 | int auth_addkey_trust(enum roard_client_acclev acclev, ...) { |
---|
| 199 | union auth_typeunion * key; |
---|
| 200 | size_t i; |
---|
| 201 | va_list va; |
---|
| 202 | pid_t pid; |
---|
| 203 | uid_t uid; |
---|
| 204 | gid_t gid; |
---|
| 205 | int err = 0; |
---|
| 206 | |
---|
| 207 | if ( (key = auth_regkey_simple(ROAR_AUTH_T_TRUST, acclev)) == NULL ) |
---|
| 208 | return -1; |
---|
| 209 | |
---|
| 210 | // zerosize all counters. |
---|
| 211 | memset(key, 0, sizeof(union auth_typeunion)); |
---|
| 212 | |
---|
| 213 | va_start(va, acclev); |
---|
| 214 | |
---|
| 215 | do { // eval block we can leave with continue. |
---|
| 216 | |
---|
| 217 | #define _block(var,type,array) i = 0; \ |
---|
| 218 | do { \ |
---|
| 219 | if ( i == AT_TRUST_MAX_ENTRYS ) { err = 1; continue; } \ |
---|
| 220 | var = va_arg(va, type); \ |
---|
| 221 | key->trust.array[i] = var; \ |
---|
| 222 | i++; \ |
---|
| 223 | } while (var != -1); \ |
---|
| 224 | if ( err ) continue; \ |
---|
| 225 | key->trust.array ## _len = i; |
---|
| 226 | |
---|
| 227 | |
---|
| 228 | _block(pid, pid_t, pids); |
---|
| 229 | _block(uid, uid_t, uids); |
---|
| 230 | _block(gid, gid_t, gids); |
---|
| 231 | |
---|
| 232 | #undef _block |
---|
| 233 | |
---|
| 234 | } while(0); |
---|
| 235 | |
---|
| 236 | va_end(va); |
---|
| 237 | |
---|
| 238 | if ( !err ) |
---|
| 239 | return 0; |
---|
| 240 | |
---|
| 241 | memset(key, 0, sizeof(union auth_typeunion)); |
---|
| 242 | |
---|
| 243 | return -1; |
---|
| 244 | } |
---|
| 245 | |
---|
[4469] | 246 | //ll |
---|