/********************************************************************
* wilkinson
* 3.13VMS
* 1995/09/25 14:22
* gopher_root1:[gopher.g2.vms2_13.gopherd]AUTH.c,v
*
* Paul Lindner, University of Minnesota DCS.
*
* Copyright 1991, 92, 93, 94 by the Regents of the University of Minnesota
* see the file "Copyright" in the distribution for conditions of use.
*********************************************************************
* MODULE: AUTH.c
* Routines to verify authentication
*********************************************************************
* Revision History:
* AUTH.c,v
* Revision 3.13VMS  1995/09/25  14:23  wilkinson
* Consolodate VMS/Unix source code for server as well as client
*
* Revision 3.13  1995/02/06  21:25:13  lindner
* Better stdio include
*
* Revision 3.12  1995/02/02  17:13:52  lindner
* Fix memory leaks
*
* Revision 3.11  1994/12/31  07:45:22  lindner
* Remove Item is protected note
*
* Revision 3.10  1994/12/15  17:32:21  lindner
* Fix for A/UX and undefined FILE*, AIX uses compat fgetpwent routines now
*
* Revision 3.9  1994/12/12  18:19:07  lindner
* Fix aix hack
*
* Revision 3.8  1994/12/12  17:41:08  lindner
* Hack around AIX
*
* Revision 3.7  1994/12/12  16:58:47  lindner
* Use fgetpwent() instead of setpwfile()
*
* Revision 3.6  1994/12/10  06:12:13  lindner
* Add support for a custom passwd file just for the gopher server
*
* Revision 3.5  1994/10/13  05:17:46  lindner
* Compiler complaint fixes
*
* Revision 3.4  1994/07/22  22:27:20  lindner
* NO_AUTHENTICATION mods
*
* Revision 3.3  1994/07/21  15:45:34  lindner
* Fix for systems without unistd.h
*
* Revision 3.2  1994/07/03  21:18:11  lindner
* Add initgroup() call
*
* Revision 3.1  1994/06/29  05:34:19  lindner
* New authentication routines
*
*
*********************************************************************/

#ifndef NO_AUTHENTICATION

#include "AUTH.h"
#include "compatible.h"

#include "Malloc.h"

#include "fileio.h"             /* For running scripts */
#include "String.h"             /* strchr and friends */

#include "Debug.h"
#include <stdio.h>

#ifndef VMS_SERVER
#  include <pwd.h>
#endif

AUTH*
AUTHnew()
{
    AUTH* temp;

    temp = (AUTH*) malloc(sizeof(AUTH));
    temp->type = AUTH_UNINITED;
    temp->name = STRnew();
    temp->scriptname = STRnew();
    temp->authfcn    = NULL;
    temp->authfcnask = NULL;

    return(temp);
}


void
AUTHdestroy(auth)
 AUTH *auth;
{
    STRdestroy(auth->name);
    STRdestroy(auth->scriptname);
    free(auth);
}

void
AUTHinit(auth)
 AUTH *auth;
{
    STRinit(auth->name);
    STRinit(auth->scriptname);
    auth->authfcn    = NULL;
    auth->authfcnask = NULL;
    auth->type       = AUTH_UNINITED;
}

AUTH*
AUTHcpy(dest, orig)
 AUTH *dest, *orig;
{
    STRcpy(dest->name, orig->name);
    STRcpy(dest->scriptname, orig->scriptname);

    dest->authfcn    = orig->authfcn;
    dest->authfcnask = orig->authfcnask;
    dest->type       = orig->type;

    return(dest);
}

/*
* A very generic ASK block
*/

char**
AUTHgenericAsk(directory, defuser, defpw)
 char *directory;
 char *defuser;
 char *defpw;
{
    static char **Askstorage = NULL;

    Debug("Trying to do the generic ask block for %s\n", directory);

    if (Askstorage == NULL) {
         Askstorage = (char**)malloc(sizeof(char*)*5);

         Askstorage[0] = (char*) malloc(sizeof(char) * 80);
         Askstorage[1] = (char*) malloc(sizeof(char) * 80);
         Askstorage[2] = (char*) malloc(sizeof(char) * 80);
         Askstorage[3] = NULL;
    }

    if (defuser == NULL)
         defuser = "";

    if (defpw == NULL)
         defpw = "";

/*     if (directory == NULL)
         strcpy(Askstorage[0], "Note: This item is protected");
    else
         sprintf(Askstorage[0], "Note: The item %s is protected", directory);
*/

    sprintf(Askstorage[1], "Ask: Your User Name:\t%s", defuser);
    sprintf(Askstorage[2], "AskP: Your Password:\t%s", defpw);

    return(Askstorage);
}

/*
* Check to see if 'password' is the users password.
*/

static AUTHresult
AUTHunix_checkuser(pw, password)
#ifndef VMS_SERVER
 struct passwd *pw;
#else
   void *pw;
#endif
 char *password;
{
#ifndef VMS_SERVER
    char salt[3];
    char *encodedpw;

    strncpy(salt, pw->pw_passwd, 2);

    encodedpw = (char*) crypt(password, salt);

    if (strcmp(encodedpw, pw->pw_passwd) == 0) {
         if (getuid() == 0) {
              initgroups(pw->pw_name, pw->pw_gid);
              setuid(pw->pw_uid);
              setgid(pw->pw_gid);
         }
         return(AUTHRES_OK);
    }
    return(AUTHRES_BADPW);
#else
    return(AUTHRES_SYSERR);
#endif /*vms*/
}

/*
* Use a password file in the etc/passwd in the gopher-data directory
* to authenticate users.
*/

AUTHresult
AUTHunixfile(auth, username, password, hostname, hostip)
 AUTH *auth;
 char *username, *password, *hostname, *hostip;
{
#if !defined(VMS_SERVER)
    FILE *ourpasswd;
    struct passwd *pw;

    Debug("Trying to authenticate %s\n", username);

    /*** This may or may not work.. (doesn't on sunos 4.1.3) ***/
    ourpasswd = fopen("etc/passwd", "r");

    if (ourpasswd == NULL) {
         Debugmsg("Couldn't open etc/passwd\n");
         return(AUTHRES_SYSERR);
    }

    if (fgetpwent(ourpasswd) == NULL) {
         Debugmsg("fgetpwent failed...");
         return(AUTHRES_SYSERR);
    }

    fseek(ourpasswd, 0L,SEEK_SET);

    /** Mimic getpwnam, sigh why isn't setpwfile() everywhere....**/

    while ((pw = fgetpwent(ourpasswd)) != NULL) {
         if (strcmp(pw->pw_name, username) == 0)
              return(AUTHunix_checkuser(pw, password));
    }
    return(AUTHRES_NOUSER);
#else
    return(AUTHRES_SYSERR);
#endif /*vms*/
}


/*
* Do the unix style /etc/passwd authentication...
*/

AUTHresult
AUTHunix(auth, username, password, hostname, hostip)
 AUTH *auth;
 char *username, *password, *hostname, *hostip;
{
#ifndef VMS_SERVER
    struct passwd *pw;

    pw = getpwnam(username);

    if (pw == NULL)
         return(AUTHRES_NOUSER);

    return(AUTHunix_checkuser(pw, password));
#else
    return(AUTHRES_SYSERR);
#endif /*VMS*/
}


AUTHresult
AUTHvalidate(auth, username, password, hostname, hostip)
 AUTH *auth;
 char *username, *password, *hostname, *hostip;
{
    int    result;
    char   *envstr;


    switch (AUTHgetType(auth)) {
    case AUTH_SCRIPT:
         /*
          * Need to set environment variables here...
          * note envstr must be malloced.
          */
         envstr = (char*) malloc(sizeof(char) * (16+strlen(username)));
         sprintf(envstr, "GOPHER_USER=%s", username);
         putenv(envstr);

         envstr = (char*) malloc(sizeof(char) * (16+strlen(password)));
         sprintf(envstr, "GOPHER_PW=%s", password);
         putenv(envstr);

         envstr = (char*) malloc(sizeof(char) * (16+strlen(hostname)));
         sprintf(envstr, "GOPHER_HOST=%s", hostname);
         putenv(envstr);

         envstr = (char*) malloc(sizeof(char) * (16+strlen(hostip)));
         sprintf(envstr, "GOPHER_IP=%s", hostip);
         putenv(envstr);


         result = FIOsystem(AUTHgetScriptName(auth));

         switch (result) {
         case 0:
              return(AUTHRES_OK);
         case 1:
              return(AUTHRES_BADPW);
         case 2:
              return(AUTHRES_EXPIRED);
         case 3:
              return(AUTHRES_NOUSER);

         default:
              return(AUTHRES_BADPW);
         }
         break;

    case AUTH_INTERNAL:
         return(auth->authfcn(auth, username, password, hostname, hostip));

    case AUTH_UNINITED:
         return(AUTHRES_BADPW);

    }
    return(AUTHRES_OK);

}

/*************************************************************************
* AUTH array routines (AUTHA)
*/

AUTHarray*
AUTHAnew(size)
 int size;
{
    AUTHarray *aa;
    AUTH      *auth;

    aa = DAnew((size),AUTHnew,AUTHinit,AUTHdestroy,AUTHcpy);

    auth = AUTHnew();
    if (auth == NULL)
         return(NULL);

    /** Always supply some defaults... **/

    AUTHsetType(auth, AUTH_INTERNAL);
    AUTHsetName(auth, "unix");
    AUTHsetFcn(auth, AUTHunix);
    AUTHsetAskFcn(auth, AUTHgenericAsk);
    AUTHApush(aa, auth);


    AUTHsetType(auth, AUTH_INTERNAL);
    AUTHsetName(auth, "unixfile");
    AUTHsetFcn(auth, AUTHunixfile);
    AUTHsetAskFcn(auth, AUTHgenericAsk);
    AUTHApush(aa, auth);


    AUTHdestroy(auth);

    return(aa);
}


/*
* Process a gopherd.conf style line and add it to the array
* really only for scripts.
*/

boolean
AUTHAprocessLine(autharr, inputline)
 AUTHarray *autharr;
 char      *inputline;
{
    AUTH *auth;
    char *cp;

    auth = AUTHnew();

    if (auth == NULL)
         return(FALSE);

    cp = strchr(inputline, ' ');
    *cp = '\0';
    cp++;

    AUTHsetType(auth, AUTH_SCRIPT);
    AUTHsetScriptName(auth, cp);
    AUTHsetName(auth,inputline);
    AUTHsetAskFcn(auth, AUTHgenericAsk);

    AUTHApush(autharr, auth);

    AUTHdestroy(auth);

    return(TRUE);
}

/*
* Find the authentication method, and pass the information to the
* routine that handles it.
*/

AUTHresult
AUTHAvalidate(autha, type, username, password, hostname, hostip)
 AUTHarray *autha;
 char *type;
 char *username, *password, *hostname, *hostip;
{
    int i;
    AUTH *auth;

    if (type == NULL)
         return(AUTHRES_BADPW);

    for (i=0; i < AUTHAgetTop(autha); i++) {
         auth = AUTHAgetEntry(autha, i);
         if (strcasecmp(type, AUTHgetName(auth)) == 0) {
              return(AUTHvalidate(auth,username,password,hostname,hostip));
         }
    }

    /** Shouldn't get to here.. **/
    return(AUTHRES_BADPW);
}


/*
* Find an AUTH item in the autha array
*/

AUTH*
AUTHAlocate(autha, type)
 AUTHarray *autha;
 char *type;
{
    int i;
    AUTH *auth;

    if (type == NULL)
         return(NULL);

    for (i=0; i < AUTHAgetTop(autha); i++) {
         auth = AUTHAgetEntry(autha, i);
         if (strcasecmp(type, AUTHgetName(auth)) == 0) {
              return(auth);
         }
    }

    /** Shouldn't get to here.. **/
    return(NULL);
}




/*********************************************************************
* AUTHITEMS array
*/

#include "Regex.h"


AUTHITEMS *
AUTHITEMSnew(size)
 int size;
{
    AUTHITEMS *ai;

    ai = (AUTHITEMS*) malloc(sizeof(AUTHITEMS));

    if (ai != NULL) {
         ai->regexps   = STAnew(size);
         ai->authtypes = STAnew(size);
    }
    return(ai);
}

void
AUTHITEMSdestroy(ai)
 AUTHITEMS *ai;
{
    if (ai == NULL)
         return;

    STAdestroy(ai->regexps);
    STAdestroy(ai->authtypes);
}

void
AUTHITEMSpush(ai, regexp, authtype)
 AUTHITEMS *ai;
 char *regexp;
 char *authtype;
{
    String *str;

    if (ai == NULL)
         return;

    str = STRnew();
    if (str == NULL)
         return;

    STRset(str, regexp);
    STApush(ai->regexps, str);

    STRset(str, authtype);
    STApush(ai->authtypes, str);

    STRdestroy(str);
}

/*
* Find a match for the item in the regular expressions
*
* returns NULL if no match found..
*/

char *
AUTHITEMSfindType(ai, fname)
 AUTHITEMS *ai;
 char      *fname;
{
    int  i;
    char *rexp;

    if (ai == NULL)
         return(NULL);

    for (i=0; i < STAgetTop(ai->regexps); i++) {
         rexp = STAgetText(ai->regexps, i);

         if (re_comp(rexp))
              return(NULL);

         if (re_exec(fname) == 1) {
              /* We have a match */
              return(STAgetText(ai->authtypes, i));
         }
    }
    return(NULL);              /* No match found.. */
}


/*
* Find the auth item required..
*/

AUTH*
AUTHITEMSfindAUTH(ai, aa, fname)
 AUTHITEMS *ai;
 AUTHarray *aa;
 char      *fname;
{
    int  i;
    char *rexp;

    if (ai == NULL)
         return(NULL);

    for (i=0; i < STAgetTop(ai->regexps); i++) {
         rexp = STAgetText(ai->regexps, i);
         Debug("Trying %s\n", rexp);

         if (re_comp(rexp))
              return(NULL);

         if (re_exec(fname) == 1) {
              /* We have a match */
              return(AUTHAlocate(aa, STAgetText(ai->authtypes, i)));

         }
    }
    return(NULL);              /* No match found.. */
}



/*
* Process a gopherd.conf style line and put it into the arrays.
*/

boolean
AUTHITEMSprocessLine(ai, inputline)
 AUTHITEMS *ai;
 char      *inputline;
{
    char *cp;

    cp = strchr(inputline, ' ');

    if (cp == NULL)
         return(FALSE);

    *cp = '\0';

    AUTHITEMSpush(ai, cp+1, inputline);

    return(TRUE);
}

#endif

You are viewing proxied material from bitreich.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.