diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-06-07 19:29:58 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-06-08 16:52:50 +0300 |
commit | 929e046215d1323e5e4c5fed91c9c4a8b37e07c9 (patch) | |
tree | ca6c667958fd53a0c5636b55d24e2e37357c10b9 /src | |
parent | 72e6f27fce0193be5d1f2c15ca3123f9e33f2029 (diff) | |
download | libmicrohttpd-929e046215d1323e5e4c5fed91c9c4a8b37e07c9.tar.gz libmicrohttpd-929e046215d1323e5e4c5fed91c9c4a8b37e07c9.zip |
MHD_basic_auth_get_username_password3(): added new public API function
Diffstat (limited to 'src')
-rw-r--r-- | src/include/microhttpd.h | 49 | ||||
-rw-r--r-- | src/microhttpd/basicauth.c | 92 |
2 files changed, 140 insertions, 1 deletions
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h index 877201e2..ada9af5d 100644 --- a/src/include/microhttpd.h +++ b/src/include/microhttpd.h | |||
@@ -96,7 +96,7 @@ extern "C" | |||
96 | * they are parsed as decimal numbers. | 96 | * they are parsed as decimal numbers. |
97 | * Example: 0x01093001 = 1.9.30-1. | 97 | * Example: 0x01093001 = 1.9.30-1. |
98 | */ | 98 | */ |
99 | #define MHD_VERSION 0x00097516 | 99 | #define MHD_VERSION 0x00097517 |
100 | 100 | ||
101 | /* If generic headers don't work on your platform, include headers | 101 | /* If generic headers don't work on your platform, include headers |
102 | which define 'va_list', 'size_t', 'ssize_t', 'intptr_t', 'off_t', | 102 | which define 'va_list', 'size_t', 'ssize_t', 'intptr_t', 'off_t', |
@@ -4634,12 +4634,59 @@ MHD_queue_auth_fail_response (struct MHD_Connection *connection, | |||
4634 | 4634 | ||
4635 | 4635 | ||
4636 | /** | 4636 | /** |
4637 | * Information decoded from Basic Authentication client's header. | ||
4638 | * | ||
4639 | * The username and the password are technically allowed to have binary zeros, | ||
4640 | * username_len and password_len could be used to detect such situations. | ||
4641 | * | ||
4642 | * The buffers pointed by username and password members are freed | ||
4643 | * when #MHD_free() is called for pointer to this structure. | ||
4644 | * | ||
4645 | * Application may modify buffers as needed until #MHD_free() is called for | ||
4646 | * pointer to this structure | ||
4647 | */ | ||
4648 | struct MHD_BasicAuthInfo | ||
4649 | { | ||
4650 | /** | ||
4651 | * The username, cannot be NULL | ||
4652 | */ | ||
4653 | char *username; | ||
4654 | /** | ||
4655 | * The length of the @a username, not including zero-termination | ||
4656 | */ | ||
4657 | size_t username_len; | ||
4658 | /** | ||
4659 | * The password, may be NULL if password is not encoded by the client | ||
4660 | */ | ||
4661 | char *password; | ||
4662 | /** | ||
4663 | * The length of the @a password, not including zero-termination | ||
4664 | */ | ||
4665 | size_t password_len; | ||
4666 | }; | ||
4667 | |||
4668 | /** | ||
4669 | * Get the username and password from the Basic Authorisation header | ||
4670 | * sent by the client | ||
4671 | * | ||
4672 | * @param connection the MHD connection structure | ||
4673 | * @return NULL not valid Basic Authentication header is present in | ||
4674 | * current request, or pointer to structure with username and | ||
4675 | * password, which must be freed by #MHD_free(). | ||
4676 | * @note Available since #MHD_VERSION 0x00097517 | ||
4677 | * @ingroup authentication | ||
4678 | */ | ||
4679 | _MHD_EXTERN struct MHD_BasicAuthInfo * | ||
4680 | MHD_basic_auth_get_username_password3 (struct MHD_Connection *connection); | ||
4681 | |||
4682 | /** | ||
4637 | * Get the username and password from the basic authorization header sent by the client | 4683 | * Get the username and password from the basic authorization header sent by the client |
4638 | * | 4684 | * |
4639 | * @param connection The MHD connection structure | 4685 | * @param connection The MHD connection structure |
4640 | * @param[out] password a pointer for the password, free using #MHD_free(). | 4686 | * @param[out] password a pointer for the password, free using #MHD_free(). |
4641 | * @return NULL if no username could be found, a pointer | 4687 | * @return NULL if no username could be found, a pointer |
4642 | * to the username if found, free using #MHD_free(). | 4688 | * to the username if found, free using #MHD_free(). |
4689 | * @deprecated use #MHD_basic_auth_get_username_password3() | ||
4643 | * @ingroup authentication | 4690 | * @ingroup authentication |
4644 | */ | 4691 | */ |
4645 | _MHD_EXTERN char * | 4692 | _MHD_EXTERN char * |
diff --git a/src/microhttpd/basicauth.c b/src/microhttpd/basicauth.c index 0115c7d3..fb7bed0f 100644 --- a/src/microhttpd/basicauth.c +++ b/src/microhttpd/basicauth.c | |||
@@ -56,12 +56,104 @@ get_rq_bauth_params (struct MHD_Connection *connection) | |||
56 | 56 | ||
57 | 57 | ||
58 | /** | 58 | /** |
59 | * Get the username and password from the Basic Authorisation header | ||
60 | * sent by the client | ||
61 | * | ||
62 | * @param connection the MHD connection structure | ||
63 | * @return NULL not valid Basic Authentication header is present in | ||
64 | * current request, or pointer to structure with username and | ||
65 | * password, which must be freed by #MHD_free(). | ||
66 | * @note Available since #MHD_VERSION 0x00097517 | ||
67 | * @ingroup authentication | ||
68 | */ | ||
69 | _MHD_EXTERN struct MHD_BasicAuthInfo * | ||
70 | MHD_basic_auth_get_username_password3 (struct MHD_Connection *connection) | ||
71 | { | ||
72 | const struct MHD_RqBAuth *params; | ||
73 | char *decoded; | ||
74 | size_t decoded_len; | ||
75 | struct MHD_BasicAuthInfo *ret; | ||
76 | size_t username_len; | ||
77 | char *colon; | ||
78 | size_t password_pos; | ||
79 | size_t password_len; | ||
80 | |||
81 | params = get_rq_bauth_params (connection); | ||
82 | |||
83 | if (NULL == params) | ||
84 | return NULL; | ||
85 | |||
86 | if ((NULL == params->token68.str) || (0 == params->token68.len)) | ||
87 | return NULL; | ||
88 | |||
89 | decoded = BASE64Decode (params->token68.str, params->token68.len, | ||
90 | &decoded_len); | ||
91 | if ((NULL == decoded) || (0 == decoded_len)) | ||
92 | { | ||
93 | #ifdef HAVE_MESSAGES | ||
94 | MHD_DLOG (connection->daemon, | ||
95 | _ ("Error decoding Basic Authorization authentication.\n")); | ||
96 | #endif /* HAVE_MESSAGES */ | ||
97 | if (NULL != decoded) | ||
98 | free (decoded); | ||
99 | return NULL; | ||
100 | } | ||
101 | colon = memchr (decoded, ':', decoded_len); | ||
102 | if (NULL != colon) | ||
103 | { | ||
104 | username_len = (size_t) (colon - decoded); | ||
105 | password_pos = username_len + 1; | ||
106 | password_len = decoded_len - password_pos; | ||
107 | } | ||
108 | else | ||
109 | username_len = decoded_len; | ||
110 | |||
111 | ret = (struct MHD_BasicAuthInfo *) malloc (sizeof(struct MHD_BasicAuthInfo) | ||
112 | + decoded_len + 1); | ||
113 | if (NULL == ret) | ||
114 | { | ||
115 | free (decoded); | ||
116 | #ifdef HAVE_MESSAGES | ||
117 | MHD_DLOG (connection->daemon, | ||
118 | _ ("Failed to allocate memory to process " \ | ||
119 | "Basic Authorization authentication.\n")); | ||
120 | #endif /* HAVE_MESSAGES */ | ||
121 | return NULL; | ||
122 | } | ||
123 | |||
124 | ret->username = (char *) (ret + 1); | ||
125 | memcpy (ret->username, decoded, decoded_len); | ||
126 | free (decoded); | ||
127 | ret->username[username_len] = 0; /* Zero-terminate the string */ | ||
128 | ret->username_len = username_len; | ||
129 | if (NULL != colon) | ||
130 | { | ||
131 | mhd_assert (decoded_len >= password_pos); | ||
132 | mhd_assert (decoded_len > password_pos || 0 == password_len); | ||
133 | mhd_assert (decoded_len > password_len); | ||
134 | mhd_assert (decoded_len > username_len); | ||
135 | ret->password = ret->username + password_pos; | ||
136 | ret->password[password_len] = 0; /* Zero-terminate the string */ | ||
137 | ret->password_len = password_len; | ||
138 | } | ||
139 | else | ||
140 | { | ||
141 | ret->password = NULL; | ||
142 | ret->password_len = 0; | ||
143 | } | ||
144 | |||
145 | return ret; | ||
146 | } | ||
147 | |||
148 | |||
149 | /** | ||
59 | * Get the username and password from the basic authorization header sent by the client | 150 | * Get the username and password from the basic authorization header sent by the client |
60 | * | 151 | * |
61 | * @param connection The MHD connection structure | 152 | * @param connection The MHD connection structure |
62 | * @param[out] password a pointer for the password, free using #MHD_free(). | 153 | * @param[out] password a pointer for the password, free using #MHD_free(). |
63 | * @return NULL if no username could be found, a pointer | 154 | * @return NULL if no username could be found, a pointer |
64 | * to the username if found, free using #MHD_free(). | 155 | * to the username if found, free using #MHD_free(). |
156 | * @deprecated use #MHD_basic_auth_get_username_password3() | ||
65 | * @ingroup authentication | 157 | * @ingroup authentication |
66 | */ | 158 | */ |
67 | _MHD_EXTERN char * | 159 | _MHD_EXTERN char * |