-/* $Id: filter_auth_simple.cpp,v 1.8 2006-01-18 10:30:32 mike Exp $
+/* $Id: filter_auth_simple.cpp,v 1.11 2006-01-18 11:22:03 mike Exp $
Copyright (c) 2005, Index Data.
%LICENSE%
};
boost::mutex mutex;
std::map<std::string, PasswordAndDBs> userRegister;
+ std::map<std::string, std::list<std::string> > targetsByUser;
std::map<yp2::Session, std::string> userBySession;
};
}
}
+static void die(std::string s) { throw yp2::filter::FilterException(s); }
+
+
// Read XML config.. Put config info in m_p.
void yp2::filter::AuthSimple::configure(const xmlNode * ptr)
{
std::string userRegisterName;
bool got_userRegisterName = false;
+ std::string targetRegisterName;
+ bool got_targetRegisterName = false;
for (ptr = ptr->children; ptr != 0; ptr = ptr->next) {
if (ptr->type != XML_ELEMENT_NODE)
if (!strcmp((const char *) ptr->name, "userRegister")) {
userRegisterName = yp2::xml::get_text(ptr);
got_userRegisterName = true;
+ } else if (!strcmp((const char *) ptr->name, "targetRegister")) {
+ targetRegisterName = yp2::xml::get_text(ptr);
+ got_targetRegisterName = true;
} else {
- throw yp2::filter::FilterException("Bad element in auth_simple: <"
- + std::string((const char *)
- ptr->name) + ">");
+ die("Bad element in auth_simple: <"
+ + std::string((const char *) ptr->name) + ">");
}
}
- if (!got_userRegisterName)
- throw yp2::filter::FilterException("auth_simple: no user-register "
- "filename specified");
+ if (!got_userRegisterName && !got_targetRegisterName)
+ die("auth_simple: no user-register or target-register "
+ "filename specified");
+
+ if (got_userRegisterName)
+ config_userRegister(userRegisterName);
+ if (got_targetRegisterName)
+ config_targetRegister(targetRegisterName);
+}
+
- FILE *fp = fopen(userRegisterName.c_str(), "r");
+void yp2::filter::AuthSimple::config_userRegister(std::string filename)
+{
+ FILE *fp = fopen(filename.c_str(), "r");
if (fp == 0)
- throw yp2::filter::FilterException("can't open auth_simple "
- "user-register '" + userRegisterName
- + "': " + strerror(errno));
+ die("can't open auth_simple user-register '" + filename + "': " +
+ strerror(errno));
char buf[1000];
while (fgets(buf, sizeof buf, fp)) {
buf[strlen(buf)-1] = 0;
char *passwdp = strchr(buf, ':');
if (passwdp == 0)
- throw yp2::filter::FilterException("auth_simple user-register '" +
- userRegisterName + "': " +
- "no password on line: '"
- + buf + "'");
+ die("auth_simple user-register '" + filename + "': " +
+ "no password on line: '" + buf + "'");
*passwdp++ = 0;
char *databasesp = strchr(passwdp, ':');
if (databasesp == 0)
- throw yp2::filter::FilterException("auth_simple user-register '" +
- userRegisterName + "': " +
- "no databases on line: '" +
- buf + ":" + passwdp + "'");
+ die("auth_simple user-register '" + filename + "': " +
+ "no databases on line: '" + buf + ":" + passwdp + "'");
*databasesp++ = 0;
yf::AuthSimple::Rep::PasswordAndDBs tmp(passwdp);
boost::split(tmp.dbs, databasesp, boost::is_any_of(","));
}
+// I feel a little bad about the duplication of code between this and
+// config_userRegister(). But not bad enough to refactor.
+//
+void yp2::filter::AuthSimple::config_targetRegister(std::string filename)
+{
+ FILE *fp = fopen(filename.c_str(), "r");
+ if (fp == 0)
+ die("can't open auth_simple target-register '" + filename + "': " +
+ strerror(errno));
+
+ char buf[1000];
+ while (fgets(buf, sizeof buf, fp)) {
+ if (*buf == '\n' || *buf == '#')
+ continue;
+ buf[strlen(buf)-1] = 0;
+ char *targetsp = strchr(buf, ':');
+ if (targetsp == 0)
+ die("auth_simple target-register '" + filename + "': " +
+ "no targets on line: '" + buf + "'");
+ *targetsp++ = 0;
+ std::list<std::string> tmp;
+ boost::split(tmp, targetsp, boost::is_any_of(","));
+ m_p->targetsByUser[buf] = tmp;
+
+ if (0) { // debugging
+ printf("Added user '%s' with targets:\n", buf);
+ std::list<std::string>::const_iterator i;
+ for (i = tmp.begin(); i != tmp.end(); i++) {
+ printf("\t%s\n", (*i).c_str());
+ }
+ }
+ }
+}
+
+
void yf::AuthSimple::process(yp2::Package &package) const
{
Z_GDU *gdu = package.request().get();
std::string user = m_p->userBySession[package.session()];
yf::AuthSimple::Rep::PasswordAndDBs pdb = m_p->userRegister[user];
for (int i = 0; i < req->num_databaseNames; i++) {
- if (!contains(pdb.dbs, req->databaseNames[i])) {
+ if (!contains(pdb.dbs, req->databaseNames[i]) &&
+ !contains(pdb.dbs, "*")) {
// Make an Search rejection APDU
yp2::odr odr;
Z_APDU *apdu = odr.create_searchResponse(