summaryrefslogtreecommitdiff
path: root/daemon
diff options
context:
space:
mode:
authorStef Walter <stef@memberwebs.com>2004-04-24 23:57:22 +0000
committerStef Walter <stef@memberwebs.com>2004-04-24 23:57:22 +0000
commitb9cab65e320fccc04cd06694e717db5e4abb5dcc (patch)
treeb64b5f1ca32b7b48b8ad96510ba88809497acce0 /daemon
parentcbbe71752d7f9c6204ab0f16600fe7f10490f203 (diff)
Put nice assertions all over the place.
Diffstat (limited to 'daemon')
-rw-r--r--daemon/basic.c2
-rw-r--r--daemon/digest.c26
-rw-r--r--daemon/httpauthd.c58
-rw-r--r--daemon/ldap.c74
-rw-r--r--daemon/misc.c25
-rw-r--r--daemon/ntlm.c39
-rw-r--r--daemon/simple.c31
7 files changed, 224 insertions, 31 deletions
diff --git a/daemon/basic.c b/daemon/basic.c
index da73682..ddce156 100644
--- a/daemon/basic.c
+++ b/daemon/basic.c
@@ -7,6 +7,8 @@ int basic_parse(const char* header, ha_buffer_t* buf, basic_header_t* rec)
{
char* t;
+ ASSERT(header && buf && rec);
+
memset(rec, 0, sizeof(*rec));
/* Trim the white space */
diff --git a/daemon/digest.c b/daemon/digest.c
index 51120a0..79b4ff3 100644
--- a/daemon/digest.c
+++ b/daemon/digest.c
@@ -22,6 +22,7 @@ void digest_makenonce(unsigned char* nonce, unsigned char* secret, unsigned char
internal_nonce_t in;
md5_ctx_t md5;
+ ASSERT(nonce && secret);
ASSERT(sizeof(internal_nonce_t) == DIGEST_NONCE_LEN);
if(old)
@@ -51,6 +52,7 @@ int digest_checknonce(unsigned char* nonce, unsigned char* secret, time_t* tm)
{
internal_nonce_t in;
+ ASSERT(nonce && secret);
ASSERT(sizeof(internal_nonce_t) == DIGEST_NONCE_LEN);
digest_makenonce((unsigned char*)&in, secret, nonce);
@@ -69,6 +71,9 @@ int digest_checknonce(unsigned char* nonce, unsigned char* secret, time_t* tm)
digest_record_t* digest_makerec(unsigned char* nonce, const char* user)
{
digest_record_t* rec = (digest_record_t*)malloc(sizeof(*rec));
+
+ ASSERT(nonce && user);
+
if(!rec)
{
ha_messagex(LOG_CRIT, "out of memory");
@@ -85,8 +90,7 @@ digest_record_t* digest_makerec(unsigned char* nonce, const char* user)
const char* digest_challenge(ha_buffer_t* buf, unsigned char* nonce,
const char* realm, const char* domains, int stale)
{
- ASSERT(realm);
- ASSERT(nonce);
+ ASSERT(buf && realm && nonce);
ha_bufmcat(buf, HA_PREFIX_DIGEST, " realm=\"", realm, "\", nonce=\"", NULL);
ha_bufjoin(buf);
@@ -128,15 +132,12 @@ const char* digest_challenge(ha_buffer_t* buf, unsigned char* nonce,
int digest_parse(char* header, ha_buffer_t* buf, digest_header_t* rec,
unsigned char* nonce)
{
- /*
- * This function destroys the contents of header by
- * terminating strings in it all over the place.
- */
-
char next;
char* key;
char* value;
+ ASSERT(header && buf && rec);
+
header = ha_bufcpy(buf, header);
if(!header)
@@ -258,6 +259,10 @@ int digest_check(const char* realm, const char* method, const char* uri,
const char* digest;
const char* t;
+ ASSERT(realm && method && uri && buf && dg && rec);
+
+ /* TODO: Many of these should somehow communicate BAD REQ back to the client */
+
/* Check for digest */
if(!dg->digest || !dg->digest[0])
{
@@ -448,6 +453,8 @@ const char* digest_respond(ha_buffer_t* buf, digest_header_t* dg,
const char* nextnonce = NULL;
const char* t;
+ ASSERT(buf && dg && rec);
+
if(next)
{
nextnonce = ha_bufenc64(buf, next, DIGEST_NONCE_LEN);
@@ -523,6 +530,9 @@ void digest_makeha1(unsigned char* digest, const char* user,
const char* realm, const char* password)
{
md5_ctx_t md5;
+
+ ASSERT(digest && user && realm && password);
+
md5_init(&md5);
md5_update(&md5, user, strlen(user));
md5_update(&md5, ":", 1);
@@ -530,4 +540,4 @@ void digest_makeha1(unsigned char* digest, const char* user,
md5_update(&md5, ":", 1);
md5_update(&md5, password, strlen(password));
md5_final(digest, &md5);
-} \ No newline at end of file
+}
diff --git a/daemon/httpauthd.c b/daemon/httpauthd.c
index 2b74586..f640b5d 100644
--- a/daemon/httpauthd.c
+++ b/daemon/httpauthd.c
@@ -373,9 +373,12 @@ int usage()
void* httpauth_thread(void* arg)
{
- int fd = (int)arg;
- int r = httpauth_processor(fd, fd);
- return (void*)r;
+ int fd, r;
+
+ ASSERT(arg);
+
+ fd = (int)arg;
+ return (void*)httpauth_processor(fd, fd);
}
/* -----------------------------------------------------------------------
@@ -390,6 +393,9 @@ int httpauth_read(int ifd, ha_request_t* req,
int i, r;
int more = 1;
+ ASSERT(req && buf);
+ ASSERT(ifd != -1);
+
/* Clean up the request header */
memset(req, 0, sizeof(*req));
req->type = -1;
@@ -536,6 +542,9 @@ int write_data(int ofd, const char* data)
{
int r;
+ ASSERT(data);
+ ASSERT(ofd != -1);
+
while(*data != 0)
{
r = write(ofd, data, strlen(data));
@@ -564,6 +573,9 @@ int httpauth_respond(int ofd, int code, const char* msg)
const char* t;
char num[16];
+ ASSERT(ofd != -1);
+ ASSERT(code > 99 && code < 1000);
+
sprintf(num, "%d", code);
if(write_data(ofd, num) == -1 ||
@@ -607,6 +619,9 @@ int httpauth_write(int ofd, ha_response_t* resp)
int i;
int wrote = 0;
+ ASSERT(ofd != -1);
+ ASSERT(resp);
+
if(httpauth_respond(ofd, resp->code, resp->detail) == -1)
return -1;
@@ -635,6 +650,9 @@ int httpauth_ready(int ofd, ha_buffer_t* buf)
const char* t;
httpauth_loaded_t* h;
+ ASSERT(ofd != -1);
+ ASSERT(buf);
+
/* We send a ready banner to our client */
for(h = g_handlers; h; h = h->next)
@@ -661,6 +679,9 @@ int httpauth_processor(int ifd, int ofd)
int result = -1;
int r;
+ ASSERT(ifd != -1);
+ ASSERT(ofd != -1);
+
/* Initialize the memory buffers */
ha_bufinit(&inb);
ha_bufinit(&outb);
@@ -742,11 +763,13 @@ int process_auth(ha_request_t* req, ha_response_t* resp,
{
httpauth_loaded_t* h;
+ ASSERT(req && resp && outb);
+
/* Clear out our response */
memset(resp, 0, sizeof(*resp));
/* Check our connection argument */
- if(!req->args[1] || !(req->args[1][0]))
+ if(!req->args[AUTH_ARG_CONN] || !(req->args[AUTH_ARG_CONN][0]))
{
ha_messagex(LOG_ERR, "Missing connection ID in request");
resp->detail = "Missing connection ID";
@@ -754,6 +777,25 @@ int process_auth(ha_request_t* req, ha_response_t* resp,
return 0;
}
+ /* Check our uri argument */
+ if(!req->args[AUTH_ARG_URI] || !(req->args[AUTH_ARG_URI][0]))
+ {
+ ha_messagex(LOG_ERR, "Missing URI in request");
+ resp->detail = "Missing URI";
+ resp->code = HA_SERVER_BADREQ;
+ return 0;
+ }
+
+ /* Check our connection arguments */
+ if(!req->args[AUTH_ARG_METHOD] || !(req->args[AUTH_ARG_METHOD][0]))
+ {
+ ha_messagex(LOG_ERR, "Missing method in request");
+ resp->detail = "Missing method";
+ resp->code = HA_SERVER_BADREQ;
+ return 0;
+ }
+
+
/* Find a handler for this type */
for(h = g_handlers; h; h = h->next)
{
@@ -781,7 +823,11 @@ ha_context_t* config_addhandler(ha_buffer_t* buf, const char* alias,
ha_handler_t* handler, const ha_context_t* defaults)
{
httpauth_loaded_t* loaded;
- int len = sizeof(httpauth_loaded_t) + handler->context_size;
+ int len;
+
+ ASSERT(buf && alias && handler && defaults);
+
+ len = sizeof(httpauth_loaded_t) + handler->context_size;
loaded = (httpauth_loaded_t*)ha_bufmalloc(buf, len);
if(!loaded)
@@ -848,6 +894,8 @@ int config_parse(const char* file, ha_buffer_t* buf)
int recog;
int r, i;
+ ASSERT(file && buf);
+
/* Open the configuration file */
fd = open(file, O_RDONLY);
if(fd == -1)
diff --git a/daemon/ldap.c b/daemon/ldap.c
index 59af797..3ed7199 100644
--- a/daemon/ldap.c
+++ b/daemon/ldap.c
@@ -123,6 +123,8 @@ static void free_hash_object(void* arg, void* val)
static int report_ldap(const char* msg, int code, ha_response_t* resp)
{
+ ASSERT(code != LDAP_SUCCESS);
+
if(!msg)
msg = "ldap error";
@@ -145,6 +147,8 @@ static digest_record_t* get_cached_digest(ldap_context_t* ctx, unsigned char* no
{
digest_record_t* rec;
+ ASSERT(ctx && nonce);
+
if(ctx->cache_max == 0)
return NULL;
@@ -166,6 +170,8 @@ static int have_cached_basic(ldap_context_t* ctx, unsigned char* key)
{
int ret = 0;
+ ASSERT(ctx && key);
+
ha_lock(NULL);
ret = (hash_get(ctx->cache, key) == BASIC_ESTABLISHED);
@@ -179,6 +185,8 @@ static int save_cached_digest(ldap_context_t* ctx, digest_record_t* rec)
{
int r;
+ ASSERT(ctx && rec);
+
if(ctx->cache_max == 0)
return HA_FALSE;
@@ -204,6 +212,8 @@ static int add_cached_basic(ldap_context_t* ctx, unsigned char* key)
{
int r;
+ ASSERT(ctx && key);
+
if(ctx->cache_max == 0)
return HA_FALSE;
@@ -230,6 +240,8 @@ static const char* substitute_params(ldap_context_t* ctx, ha_buffer_t* buf,
{
const char* t;
+ ASSERT(ctx && buf && user && str);
+
/* This starts a new block to join */
ha_bufcpy(buf, "");
@@ -274,6 +286,8 @@ static const char* make_password_md5(ha_buffer_t* buf, const char* clearpw)
md5_ctx_t md5;
unsigned char digest[MD5_LEN];
+ ASSERT(buf && clearpw);
+
md5_init(&md5);
md5_update(&md5, clearpw, strlen(clearpw));
md5_final(digest, &md5);
@@ -286,6 +300,8 @@ static const char* make_password_sha(ha_buffer_t* buf, const char* clearpw)
sha1_ctx_t sha;
unsigned char digest[SHA1_LEN];
+ ASSERT(buf && clearpw);
+
sha1_init(&sha);
sha1_update(&sha, clearpw, strlen(clearpw));
sha1_final(digest, &sha);
@@ -335,6 +351,8 @@ static int parse_ldap_password(const char** password)
static const char* find_cleartext_password(ha_buffer_t* buf, const char** pws)
{
+ ASSERT(buf);
+
for(; pws && *pws; pws++)
{
const char* pw = *pws;
@@ -348,6 +366,8 @@ static const char* find_cleartext_password(ha_buffer_t* buf, const char** pws)
static int parse_ldap_ha1(ha_buffer_t* buf, struct berval* bv, unsigned char* ha1)
{
+ ASSERT(buf && bv && ha1);
+
/* Raw binary */
if(bv->bv_len == MD5_LEN)
{
@@ -466,6 +486,8 @@ static int validate_ldap_ha1(ldap_context_t* ctx, LDAP* ld, LDAPMessage* entry,
int r, first = 1;
int res = HA_FALSE;
+ ASSERT(ctx && ld && entry && buf && user && clearpw);
+
if(!ctx->ha1_attr)
return HA_FALSE;
@@ -511,6 +533,8 @@ static LDAP* get_ldap_connection(ldap_context_t* ctx)
LDAP* ld;
int i, r;
+ ASSERT(ctx);
+
for(i = 0; i < ctx->ldap_max; i++)
{
/* An open connection in the pool */
@@ -556,6 +580,8 @@ static void save_ldap_connection(ldap_context_t* ctx, LDAP* ld)
{
int i, e;
+ ASSERT(ctx);
+
if(!ld)
return;
@@ -600,6 +626,8 @@ static int retrieve_user_entry(ldap_context_t* ctx, ha_buffer_t* buf, LDAP* ld,
const char* attrs[3];
int r;
+ ASSERT(ctx && buf && ld && user && dn && entry && result);
+
if(ctx->filter)
{
/* Filters can also have %u and %r */
@@ -661,6 +689,8 @@ static int complete_digest_ha1(ldap_context_t* ctx, digest_record_t* rec,
const char* dn;
int r;
+ ASSERT(ctx && rec && buf && user && code);
+
ld = get_ldap_connection(ctx);
if(!ld)
{
@@ -890,6 +920,8 @@ static int digest_ldap_challenge(ldap_context_t* ctx, ha_response_t* resp,
unsigned char nonce[DIGEST_NONCE_LEN];
const char* header;
+ ASSERT(ctx && resp && buf);
+
/* Generate an nonce */
digest_makenonce(nonce, g_ldap_secret, NULL);
@@ -919,6 +951,8 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header,
int stale = 0;
int r;
+ ASSERT(ctx && header && method && uri && resp && buf);
+
/* We use this below to send a default response */
resp->code = -1;
@@ -1014,8 +1048,6 @@ finally:
}
-
-
/* -------------------------------------------------------------------------------
* Handler Functions
*/
@@ -1024,6 +1056,8 @@ int ldap_config(ha_context_t* context, const char* name, const char* value)
{
ldap_context_t* ctx = (ldap_context_t*)(context->data);
+ ASSERT(name && value && value[0]);
+
if(strcmp(name, "ldapservers") == 0)
{
ctx->servers = value;
@@ -1139,6 +1173,8 @@ int ldap_inithand(ha_context_t* context)
{
ldap_context_t* ctx = (ldap_context_t*)(context->data);
+ ASSERT(ctx);
+
/* Make sure there are some types of authentication we can do */
if(!(context->types & (HA_TYPE_BASIC | HA_TYPE_DIGEST)))
{
@@ -1155,6 +1191,8 @@ int ldap_inithand(ha_context_t* context)
return HA_ERROR;
}
+ ASSERT(!ctx->cache);
+
/* The cache for digest records and basic */
if(!(ctx->cache = hash_create(MD5_LEN, free_hash_object, NULL)))
{
@@ -1162,6 +1200,9 @@ int ldap_inithand(ha_context_t* context)
return HA_ERROR;
}
+ ASSERT(!ctx->pool);
+ ASSERT(ctx->ldap_max > 0);
+
/*
* Our connection pool. It's the size of our maximum
* amount of pending connections as that's the max
@@ -1187,23 +1228,28 @@ void ldap_destroy(ha_context_t* context)
if(!context)
return;
+ /* Note: We don't need to be thread safe here anymore */
ldap_context_t* ctx = (ldap_context_t*)(context->data);
- /* Note: We don't need to be thread safe here anymore */
- hash_free(ctx->cache);
+ ASSERT(data);
- /* Close any connections we have open */
- for(i = 0; i < ctx->ldap_max; i++)
+ if(ctx->cache)
+ hash_free(ctx->cache);
+
+ if(ctx->pool)
{
- if(ctx->pool[i])
- ldap_unbind_s(ctx->pool[i]);
- }
+ /* Close any connections we have open */
+ for(i = 0; i < ctx->ldap_max; i++)
+ {
+ if(ctx->pool[i])
+ ldap_unbind_s(ctx->pool[i]);
+ }
- /* And free the connection pool */
- free(ctx->pool);
+ /* And free the connection pool */
+ free(ctx->pool);
+ }
}
-
int ldap_process(ha_context_t* context, ha_request_t* req,
ha_response_t* resp, ha_buffer_t* buf)
{
@@ -1212,6 +1258,10 @@ int ldap_process(ha_context_t* context, ha_request_t* req,
const char* header = NULL;
int ret;
+ ASSERT(req && resp && buf);
+ ASSERT(req->args[AUTH_ARG_METHOD]);
+ ASSERT(req->args[AUTH_ARG_URI]);
+
ha_lock(NULL);
/* Purge out stale connection stuff. */
diff --git a/daemon/misc.c b/daemon/misc.c
index b585d8b..c3f5ff4 100644
--- a/daemon/misc.c
+++ b/daemon/misc.c
@@ -25,6 +25,8 @@ void ha_messagex(int level, const char* msg, ...)
va_list ap;
va_start(ap, msg);
+ ASSERT(msg);
+
/* Either to syslog or stderr */
if(g_daemonized)
vsyslog(level, msg, ap);
@@ -43,6 +45,8 @@ void ha_message(int level, const char* msg, ...)
va_list ap;
va_start(ap, msg);
+ ASSERT(msg);
+
/* Either to syslog or stderr */
if(g_daemonized)
{
@@ -75,6 +79,8 @@ ha_header_t* ha_findheader(ha_request_t* req, const char* name)
{
int i;
+ ASSERT(req && name);
+
for(i = 0; i < MAX_HEADERS; i++)
{
if(req->headers[i].name)
@@ -91,6 +97,8 @@ const char* ha_getheader(ha_request_t* req, const char* name, const char* prefix
{
int i, l;
+ ASSERT(req && name);
+
for(i = 0; i < MAX_HEADERS; i++)
{
if(req->headers[i].name)
@@ -114,6 +122,9 @@ const char* ha_getheader(ha_request_t* req, const char* name, const char* prefix
void ha_addheader(ha_response_t* resp, const char* name, const char* data)
{
int i = 0;
+
+ ASSERT(resp && name && data);
+
for(i = 0; i < MAX_HEADERS; i++)
{
if(!(resp->headers[i].name))
@@ -159,6 +170,8 @@ void ha_unlock(pthread_mutex_t* mtx)
int ha_confbool(const char* name, const char* conf, int* value)
{
+ ASSERT(name && conf && value);
+
if(value == NULL ||
value[0] == 0 ||
strcasecmp(conf, "0") == 0 ||
@@ -188,6 +201,10 @@ int ha_confbool(const char* name, const char* conf, int* value)
int ha_confint(const char* name, const char* conf, int min, int max, int* value)
{
char* p;
+
+ ASSERT(name && conf && value);
+ ASSERT(min <= max);
+
errno = 0;
*value = strtol(conf, &p, 10);
@@ -208,6 +225,8 @@ int ha_confint(const char* name, const char* conf, int min, int max, int* value)
char* ha_uriformat(ha_buffer_t* buf, const ha_uri_t* uri)
{
+ ASSERT(buf && uri);
+
/* This creates a new block */
ha_bufcpy(buf, "");
@@ -269,6 +288,8 @@ int ha_uriparse(ha_buffer_t* buf, const char* suri, ha_uri_t* uri)
int port;
int v6_offset1 = 0;
+ ASSERT(buf && suri && uri);
+
/* Copy the memory */
str = ha_bufcpy(buf, suri);
@@ -502,6 +523,8 @@ int ha_uricmp(ha_uri_t* one, ha_uri_t* two)
{
int r;
+ ASSERT(one && two);
+
/* We don't compare user or password */
/* The scheme */
@@ -520,6 +543,8 @@ int ha_genrandom(unsigned char* data, size_t len)
{
int r, dd;
+ ASSERT(data && len > 0);
+
dd = open("/dev/urandom", O_RDONLY);
if(dd == -1)
{
diff --git a/daemon/ntlm.c b/daemon/ntlm.c
index bdf2116..d567fe2 100644
--- a/daemon/ntlm.c
+++ b/daemon/ntlm.c
@@ -74,6 +74,8 @@ static ntlm_connection_t* getpending(ntlm_context_t* ctx, const void* key)
{
ntlm_connection_t* ret;
+ ASSERT(ctx && key);
+
ha_lock(NULL);
ret = (ntlm_connection_t*)hash_rem(ctx->pending, key);
@@ -87,6 +89,9 @@ static int putpending(ntlm_context_t* ctx, const void* key, ntlm_connection_t* c
{
int r = 0;
+ ASSERT(ctx && key && conn);
+ ASSERT(conn->handle);
+
if(!hash_get(ctx->pending, key))
{
ha_lock(NULL);
@@ -107,6 +112,8 @@ static ntlm_connection_t* makeconnection(ntlm_context_t* ctx)
{
ntlm_connection_t* conn;
+ ASSERT(ctx);
+
conn = (ntlm_connection_t*)malloc(sizeof(ntlm_connection_t));
if(!conn)
{
@@ -130,10 +137,14 @@ static ntlm_connection_t* makeconnection(ntlm_context_t* ctx)
free(conn);
return NULL;
}
+
+ return conn;
}
static void freeconnection(ntlm_connection_t* conn)
{
+ ASSERT(conn);
+
if(conn->handle)
{
ntlmssp_disconnect(conn->handle);
@@ -146,7 +157,10 @@ static void freeconnection(ntlm_connection_t* conn)
static void free_hash_object(void* arg, void* val)
{
if(val)
+ {
+ ASSERT(val != NTLM_ESTABLISHED);
freeconnection((ntlm_connection_t*)val);
+ }
}
int ntlm_auth_basic(ntlm_context_t* ctx, char* key, const char* header,
@@ -158,6 +172,8 @@ int ntlm_auth_basic(ntlm_context_t* ctx, char* key, const char* header,
const char* domain = NULL;
int found = 0;
+ ASSERT(ctx && key && header && resp && buf);
+
/*
* We're doing basic authentication on the connection
* which invalidates any NTLM authentication we've started
@@ -201,7 +217,7 @@ int ntlm_auth_basic(ntlm_context_t* ctx, char* key, const char* header,
/* Make sure above did not fail */
if(!found && basic.user && basic.user[0] && basic.password &&
- basic.password[0] && domain && domain[0])
+ domain && domain[0])
{
/* We need to lock to go into smblib */
ha_lock(&g_smblib_mutex);
@@ -251,6 +267,8 @@ int ntlm_auth_ntlm(ntlm_context_t* ctx, void* key, const char* header,
int ret = HA_FALSE;
int r;
+ ASSERT(ctx && key && header && resp && buf);
+
/*
* Retrieve and remove the connection from the pending bag.
* We add it back again below if that's necessary.
@@ -493,6 +511,8 @@ int ntlm_config(ha_context_t* context, const char* name, const char* value)
{
ntlm_context_t* ctx = (ntlm_context_t*)(context->data);
+ ASSERT(name && value && value[0]);
+
if(strcmp(name, "ntlmserver") == 0)
{
ctx->server = value;
@@ -537,6 +557,8 @@ int ntlm_init(ha_context_t* context)
{
ntlm_context_t* ctx = (ntlm_context_t*)(context->data);
+ ASSERT(ctx);
+
/* Make sure there are some types of authentication we can do */
if(!(context->types & (HA_TYPE_BASIC | HA_TYPE_NTLM)))
{
@@ -553,6 +575,9 @@ int ntlm_init(ha_context_t* context)
return HA_ERROR;
}
+ ASSERT(!ctx->pending);
+ ASSERT(!ctx->established);
+
/* Initialize our tables */
if(!(ctx->pending = hash_create(NTLM_HASH_KEY_LEN, free_hash_object, NULL)) ||
!(ctx->established = hash_create(NTLM_HASH_KEY_LEN, NULL, NULL)))
@@ -583,11 +608,14 @@ void ntlm_destroy(ha_context_t* context)
/* Per context destroy */
if(context)
{
+ /* Note: We don't need to be thread safe here anymore */
ntlm_context_t* ctx = (ntlm_context_t*)(context->data);
- /* Note: We don't need to be thread safe here anymore */
- hash_free(ctx->pending);
- hash_free(ctx->established);
+ if(ctx->pending)
+ hash_free(ctx->pending);
+
+ if(ctx->established)
+ hash_free(ctx->established);
}
/* Global Destroy */
@@ -609,6 +637,9 @@ int ntlm_process(ha_context_t* context, ha_request_t* req,
time_t t = time(NULL);
int ret;
+ ASSERT(context && req && resp && buf);
+ ASSERT(req->args[AUTH_ARG_CONN]);
+
resp->code = -1;
/* Hash the unique key */
diff --git a/daemon/simple.c b/daemon/simple.c
index cd1b812..fdaa0e0 100644
--- a/daemon/simple.c
+++ b/daemon/simple.c
@@ -60,6 +60,8 @@ static digest_record_t* get_cached_digest(simple_context_t* ctx, unsigned char*
{
digest_record_t* rec;
+ ASSERT(ctx && nonce);
+
if(ctx->cache_max == 0)
return NULL;
@@ -81,6 +83,8 @@ static int have_cached_basic(simple_context_t* ctx, unsigned char* key)
{
int ret = 0;
+ ASSERT(ctx && key);
+
ha_lock(NULL);
ret = (hash_get(ctx->cache, key) == BASIC_ESTABLISHED);
@@ -94,6 +98,8 @@ static int save_cached_digest(simple_context_t* ctx, digest_record_t* rec)
{
int r;
+ ASSERT(ctx && rec);
+
if(ctx->cache_max == 0)
return HA_FALSE;
@@ -119,6 +125,8 @@ static int add_cached_basic(simple_context_t* ctx, unsigned char* key)
{
int r;
+ ASSERT(ctx && key);
+
if(ctx->cache_max == 0)
return HA_FALSE;
@@ -148,6 +156,8 @@ static int complete_digest_ha1(simple_context_t* ctx, digest_record_t* rec,
char* t;
char line[SIMPLE_MAXLINE];
+ ASSERT(ctx && rec && buf && user && user[0] && code);
+
f = fopen(ctx->filename, "r");
if(!f)
{
@@ -222,6 +232,9 @@ static int validate_user_password(simple_context_t* ctx, ha_buffer_t* buf,
char* t;
char* t2;
+ ASSERT(ctx && buf && code);
+ ASSERT(user && user[0] && clearpw);
+
f = fopen(ctx->filename, "r");
if(!f)
{
@@ -349,6 +362,8 @@ static int simple_digest_challenge(simple_context_t* ctx, ha_response_t* resp,
unsigned char nonce[DIGEST_NONCE_LEN];
const char* header;
+ ASSERT(ctx && resp && buf);
+
/* Generate an nonce */
digest_makenonce(nonce, g_simple_secret, NULL);
@@ -378,6 +393,8 @@ static int simple_digest_response(simple_context_t* ctx, const char* header,
int stale = 0;
int r;
+ ASSERT(ctx && header && method && uri && resp && buf);
+
/* We use this below to send a default response */
resp->code = -1;
@@ -481,6 +498,8 @@ int simple_config(ha_context_t* context, const char* name, const char* value)
{
simple_context_t* ctx = (simple_context_t*)(context->data);
+ ASSERT(name && name[0] && value && value[0]);
+
if(strcmp(name, "passwordfile") == 0)
{
ctx->filename = value;
@@ -521,6 +540,8 @@ int simple_init(ha_context_t* context)
simple_context_t* ctx = (simple_context_t*)(context->data);
int fd;
+ ASSERT(ctx);
+
/* Make sure there are some types of authentication we can do */
if(!(context->types & (HA_TYPE_BASIC | HA_TYPE_DIGEST)))
{
@@ -547,6 +568,8 @@ int simple_init(ha_context_t* context)
close(fd);
+ ASSERT(!ctx->cache);
+
/* The cache for digest records and basic */
if(!(ctx->cache = hash_create(MD5_LEN, free_hash_object, NULL)))
{
@@ -563,10 +586,11 @@ void simple_destroy(ha_context_t* context)
/* Per context destroy */
if(context)
{
+ /* Note: We don't need to be thread safe here anymore */
simple_context_t* ctx = (simple_context_t*)(context->data);
- /* Note: We don't need to be thread safe here anymore */
- hash_free(ctx->cache);
+ if(ctx->cache)
+ hash_free(ctx->cache);
}
}
@@ -579,6 +603,9 @@ int simple_process(ha_context_t* context, ha_request_t* req,
int found = 0;
basic_header_t basic;
+ ASSERT(context && req && resp && buf);
+ ASSERT(req->args[AUTH_ARG_METHOD]);
+ ASSERT(req->args[AUTH_ARG_URI]);
ha_lock(NULL);