From 4247c4670f5bc5ad61e458734a590d57be5a9f34 Mon Sep 17 00:00:00 2001 From: Adam Dickmeiss Date: Mon, 22 Jun 1998 11:36:47 +0000 Subject: [PATCH] Added authentication check facility to zebra. --- include/passwddb.h | 11 +++++ index/zebraapi.c | 29 +++++++++++- index/zebraapi.h | 8 +++- index/zserver.c | 29 +++++++++++- index/zserver.h | 7 ++- util/Makefile | 13 +++--- util/passtest.c | 14 ++++++ util/passwddb.c | 127 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 8 files changed, 229 insertions(+), 9 deletions(-) create mode 100644 include/passwddb.h create mode 100644 util/passtest.c create mode 100644 util/passwddb.c diff --git a/include/passwddb.h b/include/passwddb.h new file mode 100644 index 0000000..ebbc919 --- /dev/null +++ b/include/passwddb.h @@ -0,0 +1,11 @@ + +typedef struct passwd_db *Passwd_db; + +Passwd_db passwd_db_open (void); +int passwd_db_auth (Passwd_db db, const char *user, const char *pass); +int passwd_db_file (Passwd_db db, const char *fname); +void passwd_db_close (Passwd_db db); +void passwd_db_show (Passwd_db db); + + + diff --git a/index/zebraapi.c b/index/zebraapi.c index 7caf21a..94a31f9 100644 --- a/index/zebraapi.c +++ b/index/zebraapi.c @@ -4,7 +4,10 @@ * Sebastian Hammer, Adam Dickmeiss * * $Log: zebraapi.c,v $ - * Revision 1.5 1998-06-13 00:14:08 adam + * Revision 1.6 1998-06-22 11:36:47 adam + * Added authentication check facility to zebra. + * + * Revision 1.5 1998/06/13 00:14:08 adam * Minor changes. * * Revision 1.4 1998/06/12 12:22:12 adam @@ -155,6 +158,21 @@ ZebraHandle zebra_open (const char *configName) zh->errString = 0; zebraRankInstall (zh, rank1_class); + + if (!res_get (zh->res, "passwd")) + zh->passwd_db = NULL; + else + { + zh->passwd_db = passwd_db_open (); + if (!zh->passwd_db) + logf (LOG_WARN|LOG_ERRNO, "passwd_db_open failed"); + else + passwd_db_file (zh->passwd_db, res_get (zh->res, "passwd")); + } + zh->bfs = bfs_create (res_get (zh->res, "register")); + bf_lockDir (zh->bfs, res_get (zh->res, "lockDir")); + data1_set_tabpath (zh->dh, res_get(zh->res, "profilePath")); + return zh; } @@ -179,6 +197,8 @@ void zebra_close (ZebraHandle zh) data1_destroy (zh->dh); zebra_server_lock_destroy (zh); + if (zh->passwd_db) + passwd_db_close (zh->passwd_db); res_close (zh->res); xfree (zh); } @@ -291,6 +311,13 @@ int zebra_hits (ZebraHandle zh) return zh->hits; } +int zebra_auth (ZebraHandle zh, const char *user, const char *pass) +{ + if (!zh->passwd_db || !passwd_db_auth (zh->passwd_db, user, pass)) + return 0; + return 1; +} + void zebra_setDB (ZebraHandle zh, int num_bases, char **basenames) { diff --git a/index/zebraapi.h b/index/zebraapi.h index 83df424..f05541a 100644 --- a/index/zebraapi.h +++ b/index/zebraapi.h @@ -4,7 +4,10 @@ * Sebastian Hammer, Adam Dickmeiss * * $Log: zebraapi.h,v $ - * Revision 1.2 1998-06-13 00:14:09 adam + * Revision 1.3 1998-06-22 11:36:48 adam + * Added authentication check facility to zebra. + * + * Revision 1.2 1998/06/13 00:14:09 adam * Minor changes. * * Revision 1.1 1998/06/12 12:22:13 adam @@ -72,3 +75,6 @@ YAZ_EXPORT char *zebra_errAdd (ZebraHandle zh); /* number of hits (after search) */ YAZ_EXPORT int zebra_hits (ZebraHandle zh); +/* do authentication */ +YAZ_EXPORT int zebra_auth (ZebraHandle zh, const char *user, const char *pass); + diff --git a/index/zserver.c b/index/zserver.c index bc7bf18..4718912 100644 --- a/index/zserver.c +++ b/index/zserver.c @@ -4,7 +4,10 @@ * Sebastian Hammer, Adam Dickmeiss * * $Log: zserver.c,v $ - * Revision 1.59 1998-06-12 12:22:13 adam + * Revision 1.60 1998-06-22 11:36:49 adam + * Added authentication check facility to zebra. + * + * Revision 1.59 1998/06/12 12:22:13 adam * Work on Zebra API. * * Revision 1.58 1998/05/27 16:57:46 adam @@ -238,6 +241,8 @@ bend_initresult *bend_init (bend_initrequest *q) bend_initresult *r = odr_malloc (q->stream, sizeof(*r)); ZebraHandle zh; struct statserv_options_block *sob; + char *user = NULL; + char *passwd = NULL; r->errcode = 0; r->errstring = 0; @@ -252,6 +257,28 @@ bend_initresult *bend_init (bend_initrequest *q) r->errcode = 1; return r; } + if (q->auth) + { + if (q->auth->which == Z_IdAuthentication_open) + { + char *openpass = xstrdup (q->auth->u.open); + char *cp = strchr (openpass, '/'); + if (cp) + { + *cp = '\0'; + user = nmem_strdup (odr_getmem (q->stream), openpass); + passwd = nmem_strdup (odr_getmem (q->stream), cp+1); + } + xfree (openpass); + } + } + if (zebra_auth (zh, user, passwd)) + { + r->errcode = 222; + r->errstring = user; + zebra_close (zh); + return r; + } r->handle = zh; return r; } diff --git a/index/zserver.h b/index/zserver.h index 92b8ddf..b59eecc 100644 --- a/index/zserver.h +++ b/index/zserver.h @@ -4,7 +4,10 @@ * Sebastian Hammer, Adam Dickmeiss * * $Log: zserver.h,v $ - * Revision 1.33 1998-06-12 12:22:14 adam + * Revision 1.34 1998-06-22 11:36:50 adam + * Added authentication check facility to zebra. + * + * Revision 1.33 1998/06/12 12:22:14 adam * Work on Zebra API. * * Revision 1.32 1998/05/27 16:57:47 adam @@ -134,6 +137,7 @@ #include #include +#include #include "index.h" #include "zebraapi.h" #include "zinfo.h" @@ -178,6 +182,7 @@ struct zebra_info { #endif ZebraMaps zebra_maps; ZebraRankClass rank_classes; + Passwd_db passwd_db; }; diff --git a/util/Makefile b/util/Makefile index fcdc9cd..a674897 100644 --- a/util/Makefile +++ b/util/Makefile @@ -1,28 +1,31 @@ # Copyright (C) 1994-1996, Index Data I/S # All rights reserved. # Sebastian Hammer, Adam Dickmeiss -# $Id: Makefile,v 1.27 1997-10-27 14:33:06 adam Exp $ +# $Id: Makefile,v 1.28 1998-06-22 11:36:51 adam Exp $ SHELL=/bin/sh RANLIB=ranlib -YAZLIB=-lyaz +YAZLIB=../../yaz/lib/libyaz.a YAZINC=-I../../yaz/include INCLUDE=-I../include $(YAZINC) TPROG=opt-test -DEFS=$(INCLUDE) +DEFS=$(INCLUDE) -DUSE_CRYPT=0 CPP=$(CC) -E LIB=../lib/zebrautl.a -PO = res.o charmap.o zebramap.o +PO = res.o charmap.o zebramap.o passwddb.o all: $(LIB) -alll: res-test all +alll: res-test all passtest res-test: res-test.o $(LIB) $(CC) -o res-test res-test.o $(LIB) $(YAZLIB) +passtest: passtest.o $(LIB) + $(CC) -o passtest passtest.o $(LIB) $(YAZLIB) -lcrypt + $(LIB): $(PO) rm -f $(LIB) ar qc $(LIB) $(PO) diff --git a/util/passtest.c b/util/passtest.c new file mode 100644 index 0000000..160a9b1 --- /dev/null +++ b/util/passtest.c @@ -0,0 +1,14 @@ + +#include + +int main (int argc, char **argv) +{ + Passwd_db db; + + db = passwd_db_open(); + + passwd_db_file (db, "/etc/passwd"); + passwd_db_show (db); + passwd_db_auth (db, "adam", "xtx9Y="); + passwd_db_close (db); +} diff --git a/util/passwddb.c b/util/passwddb.c new file mode 100644 index 0000000..ed4822b --- /dev/null +++ b/util/passwddb.c @@ -0,0 +1,127 @@ + +#include +#include +#include + +#if USE_CRYPT +#include +#endif + +#include +#include + +#include + +struct passwd_entry { + char *name; + char *des; + struct passwd_entry *next; +}; + +struct passwd_db { + struct passwd_entry *entries; +}; + +Passwd_db passwd_db_open (void) +{ + struct passwd_db *p = xmalloc (sizeof(*p)); + p->entries = 0; + return p; +} + +static int get_entry (const char **p, char *dst, int max) +{ + int i = 0; + while ((*p)[i] != ':' && (*p)[i]) + i++; + if (i >= max) + i = max-1; + if (i) + memcpy (dst, *p, i); + dst[i] = '\0'; + *p += i; + if (*p) + (*p)++; + return i; +} + +int passwd_db_file (Passwd_db db, const char *fname) +{ + FILE *f; + char buf[1024]; + f = fopen (fname, "r"); + if (!f) + return -1; + while (fgets (buf, sizeof(buf)-1, f)) + { + struct passwd_entry *pe; + char name[128]; + char des[128]; + char *p; + const char *cp = buf; + if ((p = strchr (buf, '\n'))) + *p = '\0'; + get_entry (&cp, name, 128); + get_entry (&cp, des, 128); + + pe = xmalloc (sizeof(*pe)); + pe->name = xstrdup (name); + pe->des = xstrdup (des); + pe->next = db->entries; + db->entries = pe; + } + fclose (f); + return 0; +} + +void passwd_db_close (Passwd_db db) +{ + struct passwd_entry *pe = db->entries; + while (pe) + { + struct passwd_entry *pe_next = pe->next; + + xfree (pe->name); + xfree (pe->des); + xfree (pe); + pe = pe_next; + } + xfree (db); +} + +void passwd_db_show (Passwd_db db) +{ + struct passwd_entry *pe; + for (pe = db->entries; pe; pe = pe->next) + logf (LOG_LOG,"%s:%s", pe->name, pe->des); +} + +int passwd_db_auth (Passwd_db db, const char *user, const char *pass) +{ + struct passwd_entry *pe; +#if USE_CRYPT + char salt[3]; + const char *des_try; +#endif + for (pe = db->entries; pe; pe = pe->next) + if (user && !strcmp (user, pe->name)) + break; + if (!pe) + return -1; +#if USE_CRYPT + if (strlen (pe->des) < 3) + return -3; + if (!pass) + return -2; + memcpy (salt, pe->des, 2); + salt[2] = '\0'; + des_try = crypt (pass, salt); + if (strcmp (des_try, pe->des)) + return -2; +#else + if (strcmp (pe->des, pass)) + return -2; +#endif + return 0; +} + -- 1.7.10.4