xref: /lighttpd1.4/src/mod_auth_api.h (revision 71175df1) 
13538f8f2SGlenn Strauss /*
23538f8f2SGlenn Strauss  * mod_auth_api - HTTP auth backend registration, low-level shared funcs
33538f8f2SGlenn Strauss  *
43538f8f2SGlenn Strauss  * Fully-rewritten from original
53538f8f2SGlenn Strauss  * Copyright(c) 2016 Glenn Strauss gstrauss()gluelogic.com  All rights reserved
63538f8f2SGlenn Strauss  * License: BSD 3-clause (same as lighttpd)
73538f8f2SGlenn Strauss  */
83538f8f2SGlenn Strauss #ifndef INCLUDED_MOD_AUTH_API_H
93538f8f2SGlenn Strauss #define INCLUDED_MOD_AUTH_API_H
103538f8f2SGlenn Strauss #include "first.h"
113538f8f2SGlenn Strauss 
123538f8f2SGlenn Strauss #include "base_decls.h"
133538f8f2SGlenn Strauss #include "buffer.h"
143538f8f2SGlenn Strauss #include "array.h"
153538f8f2SGlenn Strauss 
163538f8f2SGlenn Strauss __attribute_cold__
173538f8f2SGlenn Strauss void http_auth_dumbdata_reset (void);
183538f8f2SGlenn Strauss 
193538f8f2SGlenn Strauss typedef enum http_auth_digest_type {
203538f8f2SGlenn Strauss     HTTP_AUTH_DIGEST_NONE       = 0
213538f8f2SGlenn Strauss    ,HTTP_AUTH_DIGEST_SESS       = 0x01
223538f8f2SGlenn Strauss    ,HTTP_AUTH_DIGEST_MD5        = 0x02
233538f8f2SGlenn Strauss    ,HTTP_AUTH_DIGEST_SHA256     = 0x04
243538f8f2SGlenn Strauss    ,HTTP_AUTH_DIGEST_SHA512_256 = 0x08
253538f8f2SGlenn Strauss } http_auth_digest_type;
263538f8f2SGlenn Strauss 
273538f8f2SGlenn Strauss #define HTTP_AUTH_DIGEST_MD5_BINLEN        16 /* MD5_DIGEST_LENGTH */
283538f8f2SGlenn Strauss #define HTTP_AUTH_DIGEST_SHA256_BINLEN     32 /* SHA256_DIGEST_LENGTH */
293538f8f2SGlenn Strauss #define HTTP_AUTH_DIGEST_SHA512_256_BINLEN 32 /* SHA512_256_DIGEST_LENGTH */
303538f8f2SGlenn Strauss 
313538f8f2SGlenn Strauss __attribute_const__
323538f8f2SGlenn Strauss unsigned int http_auth_digest_len (int algo);
333538f8f2SGlenn Strauss 
343538f8f2SGlenn Strauss struct http_auth_scheme_t;
353538f8f2SGlenn Strauss struct http_auth_require_t;
363538f8f2SGlenn Strauss struct http_auth_backend_t;
373538f8f2SGlenn Strauss 
383538f8f2SGlenn Strauss typedef struct http_auth_require_t {
393538f8f2SGlenn Strauss     const struct http_auth_scheme_t *scheme;
403538f8f2SGlenn Strauss     const buffer *realm;
413538f8f2SGlenn Strauss     const buffer *nonce_secret;
42*71175df1SGlenn Strauss     uint8_t valid_user;
43*71175df1SGlenn Strauss     uint8_t userhash;
443538f8f2SGlenn Strauss     int algorithm;
453538f8f2SGlenn Strauss     array user;
463538f8f2SGlenn Strauss     array group;
473538f8f2SGlenn Strauss     array host;
483538f8f2SGlenn Strauss } http_auth_require_t;
493538f8f2SGlenn Strauss 
503538f8f2SGlenn Strauss __attribute_cold__
513538f8f2SGlenn Strauss __attribute_malloc__
523538f8f2SGlenn Strauss http_auth_require_t * http_auth_require_init (void);
533538f8f2SGlenn Strauss 
543538f8f2SGlenn Strauss __attribute_cold__
553538f8f2SGlenn Strauss void http_auth_require_free (http_auth_require_t *require);
563538f8f2SGlenn Strauss 
573538f8f2SGlenn Strauss __attribute_pure__
583538f8f2SGlenn Strauss int http_auth_match_rules (const http_auth_require_t *require, const char *user, const char *group, const char *host);
593538f8f2SGlenn Strauss 
603538f8f2SGlenn Strauss typedef struct http_auth_info_t {
613538f8f2SGlenn Strauss     int dalgo;
623538f8f2SGlenn Strauss     unsigned int dlen;
633538f8f2SGlenn Strauss     const char *username;
643538f8f2SGlenn Strauss     size_t ulen;
653538f8f2SGlenn Strauss     const char *realm;
663538f8f2SGlenn Strauss     size_t rlen;
67*71175df1SGlenn Strauss     int userhash;
683538f8f2SGlenn Strauss     /*(must be >= largest binary digest length accepted above)*/
693538f8f2SGlenn Strauss     unsigned char digest[32];
70*71175df1SGlenn Strauss     char userbuf[256];
713538f8f2SGlenn Strauss } http_auth_info_t;
723538f8f2SGlenn Strauss 
733538f8f2SGlenn Strauss typedef struct http_auth_backend_t {
743538f8f2SGlenn Strauss     const char *name;
753538f8f2SGlenn Strauss     handler_t(*basic)(request_st *r, void *p_d, const http_auth_require_t *require, const buffer *username, const char *pw);
763538f8f2SGlenn Strauss     handler_t(*digest)(request_st *r, void *p_d, http_auth_info_t *ai);
773538f8f2SGlenn Strauss     void *p_d;
783538f8f2SGlenn Strauss } http_auth_backend_t;
793538f8f2SGlenn Strauss 
803538f8f2SGlenn Strauss typedef struct http_auth_scheme_t {
813538f8f2SGlenn Strauss     const char *name;
823538f8f2SGlenn Strauss     handler_t(*checkfn)(request_st *r, void *p_d, const struct http_auth_require_t *require, const struct http_auth_backend_t *backend);
833538f8f2SGlenn Strauss     /*(backend is arg only because auth.backend is separate config directive)*/
843538f8f2SGlenn Strauss     void *p_d;
853538f8f2SGlenn Strauss } http_auth_scheme_t;
863538f8f2SGlenn Strauss 
873538f8f2SGlenn Strauss __attribute_cold__
883538f8f2SGlenn Strauss __attribute_pure__
893538f8f2SGlenn Strauss const http_auth_scheme_t * http_auth_scheme_get (const buffer *name);
903538f8f2SGlenn Strauss 
913538f8f2SGlenn Strauss __attribute_cold__
923538f8f2SGlenn Strauss void http_auth_scheme_set (const http_auth_scheme_t *scheme);
933538f8f2SGlenn Strauss 
943538f8f2SGlenn Strauss __attribute_cold__
953538f8f2SGlenn Strauss __attribute_pure__
963538f8f2SGlenn Strauss const http_auth_backend_t * http_auth_backend_get (const buffer *name);
973538f8f2SGlenn Strauss 
983538f8f2SGlenn Strauss __attribute_cold__
993538f8f2SGlenn Strauss void http_auth_backend_set (const http_auth_backend_t *backend);
1003538f8f2SGlenn Strauss 
1013538f8f2SGlenn Strauss void http_auth_setenv(request_st *r, const char *username, size_t ulen, const char *auth_type, size_t alen);
1023538f8f2SGlenn Strauss 
1033538f8f2SGlenn Strauss #endif
104