~ubuntu-branches/ubuntu/jaunty/edbrowse/jaunty-security

Viewing changes to src/auth.c

Committer: Bazaar Package Importer
Author(s): Kapil Hari Paranjape
Date: 2008-04-09 18:55:23 UTC
mfrom: (1.1.4 upstream) (3.1.1 lenny)
Revision ID: james.westby@ubuntu.com-20080409185523-dqokcloumyn1ibn4

Tags: 3.3.4-1

* New upstream version (3.3.4).
- Convert between iso8859-1 and utf-8 on the fly.
- Support reading of pdf using pdftohtml.
- French translation of html documentation.
- Old html documentation renamed to usersguide.
- Additional documentation on philosophy.
* debian/control:
- Changed homepage to sourcefource site.
- Moved homepage from description to its own field.
- Added "poppler-utils | xpdf-utils" to Recommends.
- Added "www-browser", "mail-reader" and "editor" to Provides.
- Removed "XS-" from Vcs-Svn tag.
- Standards-Version: 3.7.3
* debian/docs: Added new documentation files
  from "doc/" subdirectory.
* debian/watch: Updated to use sourceforge site.
* debian/edbrowse.doc-base:
  - Changed name of upstream provided html documentation from
    "ebdoc.html" to "usersguide.html".
  - Changed section from "net" to "Network/Web Browsing".
* debian/install: Compiled binary is now in "src/".

files added:
doc

doc/man-edbrowse-debian.1

doc/philosophy.html

doc/philosophy_fr.html

doc/sample.ebrc

doc/sample_fr.ebrc

doc/setup.ebrc

doc/ssl-certs

doc/usersguide.html

doc/usersguide_fr.html

src/auth.c

src/buffers.c

src/cookies.c

src/dbapi.h

src/dbinfx.c

src/dbinfx.ec

src/dbodbc.c

src/dbops.c

src/dbstubs.c

src/eb.h

src/eb.p

src/fetchmail.c

src/format.c

src/html.c

src/http.c

src/jsdom.c

src/jsloc.c

src/jsrt

src/main.c

src/makefile

src/makefile.bsd

src/messages.c

src/messages.h

src/sendmail.c

src/stringfile.c

src/tcp.c

src/tcp.h

src/url.c

files removed:
auth.c

buffers.c

cookies.c

dbapi.h

dbinfx.c

dbinfx.ec

dbodbc.c

dbops.c

dbstubs.c

eb.h

eb.p

edbdoc.html

edbdoc_fr.html

fetchmail.c

format.c

html.c

http.c

jsdom.c

jsloc.c

jsrt

main.c

makefile.bsd

man-edbrowse-debian.1

messages.c

messages.h

sample.ebrc

sample_fr.ebrc

sendmail.c

ssl-certs

stringfile.c

tcp.c

tcp.h

url.c

files modified:
CHANGES

COPYING

README

debian/changelog

debian/control

debian/docs

debian/edbrowse.doc-base

debian/examples

debian/install

debian/rules

debian/watch

makefile

todo

Show diffs side-by-side

added added

removed removed

src/auth.c

/* auth.c

* user password authorization for web access

* This file is part of the Links project, released under GPL.

* Modified by Karl Dahlke for integration with edbrowse.

#include "eb.h"

#define REALM_BASIC 1

#define REALM_MD5 2

static const char *const realmDesc[] = {

"", "Basic ", "Digest "

};

struct httpAuth {

struct httpAuth *next;

struct httpAuth *prev;

char user[MAXUSERPASS];

char password[MAXUSERPASS];

/* These strings are allocated. */

char *host;

char *directory;

char *user_password_encoded;

int port;

bool proxy;

uchar realm;

};

static struct listHead authlist = { &authlist, &authlist };

/* This string is included in the outgoing http header.

* It could include both a proxy and a host authorization.

* Not that I understand any of the proxy stuff. */

char *

getAuthString(const char *url)

{

const char *host = getHostURL(url);

int port = getPortURL(url);

const char *dir, *dirend;

struct httpAuth *a;

char *r = NULL;

int l, d1len, d2len;

if(isProxyURL(url)) {

foreach(a, authlist) {

if(a->proxy && stringEqualCI(a->host, host) && a->port == port) {

r = initString(&l);

stringAndString(&r, &l, "Proxy-Authorization: ");

stringAndString(&r, &l, realmDesc[a->realm]);

stringAndString(&r, &l, a->user_password_encoded);

stringAndString(&r, &l, eol);

}

/* Skip past the proxy directive */

url = getDataURL(url);

host = getHostURL(url);

port = getPortURL(url);

}

/* proxy */

getDirURL(url, &dir, &dirend);

d2len = dirend - dir;

foreach(a, authlist) {

if(!a->proxy && stringEqualCI(a->host, host) && a->port == port) {

d1len = strlen(a->directory);

if(d1len > d2len)

continue;

if(memcmp(a->directory, dir, d1len))

continue;

if(!r)

r = initString(&l);

stringAndString(&r, &l, "Authorization: ");

stringAndString(&r, &l, realmDesc[a->realm]);

stringAndString(&r, &l, a->user_password_encoded);

stringAndString(&r, &l, eol);

}

return r;

} /* getAuthString */

bool

addWebAuthorization(const char *url,

int realm, const char *user, const char *password, bool proxy)

{

struct httpAuth *a;

const char *host;

const char *dir = 0, *dirend;

int port, dl;

bool urlProx = isProxyURL(url);

bool updated = true;

char *p;

if(proxy) {

if(!urlProx) {

100

setError(MSG_ProxyAuth);

101

return false;

102

}

103

} else if(urlProx)

104

url = getDataURL(url);

105

106

host = getHostURL(url);

107

port = getPortURL(url);

108

if(!proxy) {

109

getDirURL(url, &dir, &dirend);

110

dl = dirend - dir;

111

}

112

113

/* See if we've done this one before. */

114

foreach(a, authlist) {

115

if(a->proxy == proxy &&

116

a->port == port &&

117

a->realm == realm &&

118

stringEqualCI(a->host, host) &&

119

(proxy ||

120

dl == strlen(a->directory) && !memcmp(a->directory, dir, dl))) {

121

nzFree(a->user_password_encoded);

122

break;

123

}

124

}

125

126

if(a == (struct httpAuth *)&authlist) {

127

updated = false;

128

a = allocZeroMem(sizeof (struct httpAuth));

129

addToListFront(&authlist, a);

130

}

131

132

a->proxy = proxy;

133

a->realm = realm;

134

a->port = port;

135

if(!a->host)

136

a->host = cloneString(host);

137

strcpy(a->user, user);

138

strcpy(a->password, password);

139

if(dir && !a->directory)

140

a->directory = pullString1(dir, dirend);

141

142

/* Now compute the user password encoded */

143

p = allocMem(strlen(user) + strlen(password) + 2);

144

strcpy(p, user);

145

strcat(p, ":");

146

strcat(p, password);

147

a->user_password_encoded = base64Encode(p, strlen(p), false);

148

free(p);

149

debugPrint(3, "%s authorization for %s%s",

150

updated ? "updated" : "new", a->host, a->directory);

151

} /* addWebAuthorization */

Older »