diff options
41 files changed, 1792 insertions, 621 deletions
@@ -5,8 +5,9 @@ - Fixed Base64 decoding problems - Added mkha1 tool - Lots of bug fixes and testing - - Get httpauthd to reconnect properly. + - Get httpauthd to reconnect properly - Tested and completed NTLM support + - Bundled java client code 0.4.2 - Separated base handler functionality, reorganized files, code diff --git a/Makefile.am b/Makefile.am index 860d0b7..a4b422b 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,6 +1,6 @@ -EXTRA_DIST = apache1x apache2x common config.sub acsite.m4 -SUBDIRS = daemon doc tools +EXTRA_DIST = apache1x apache2x common config.sub acsite.m4 COPYING-DAEMON +SUBDIRS = daemon doc tools java dist-hook: rm -rf `find $(distdir)/ -name .svn` diff --git a/common/buffer.c b/common/buffer.c index 1ca4c6b..92d0519 100644 --- a/common/buffer.c +++ b/common/buffer.c @@ -29,11 +29,6 @@ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> - * */ #include "compat.h" @@ -79,13 +74,13 @@ internal_t; #ifdef BUF_DEBUG void buffer_dump(ha_buffer_t* buf) { - internal_t* itl; - int i = 0; + internal_t* itl; + int i = 0; - fprintf(stderr, "Buffer DUMP ---------------------------\n"); + fprintf(stderr, "Buffer DUMP ---------------------------\n"); for(itl = buf->_ft; itl; itl = itl->next, i++) - fprintf(stderr, "itl %d: 0x%08X bytes\n", i, itl->end - (char*)itl); - fprintf(stderr, "---------------------------------------\n"); + fprintf(stderr, "itl %d: 0x%08X bytes\n", i, itl->end - (char*)itl); + fprintf(stderr, "---------------------------------------\n"); } #endif /* BUF_DEBUG */ @@ -100,7 +95,7 @@ void buffer_bump(ha_buffer_t* buf, int count) return; ASSERT(BUF_DELTA < BUF_INITIAL); - ASSERT(buf->_dt->next == NULL); + ASSERT(buf->_dt->next == NULL); /* Handle this common case first for efficiency */ if(buf->_rp + (count + BUF_DELTA) < buf->_dt->end) @@ -111,7 +106,7 @@ void buffer_bump(ha_buffer_t* buf, int count) return; #ifdef BUF_DEBUG - buffer_dump (buf); + buffer_dump (buf); #endif /* Okay now we know we have to extend */ @@ -185,43 +180,43 @@ void ha_bufinit(ha_buffer_t* buf) FILL_BETWEEN(INTERNAL_DATA(buf->_ft), buf->_ft->end, 0xCD); #endif - buf->_dt = buf->_ft; - ha_bufreset(buf); - } + buf->_dt = buf->_ft; + ha_bufreset(buf); + } } void ha_bufreset(ha_buffer_t* buf) { - internal_t* itl; - internal_t* next; + internal_t* itl; + internal_t* next; ASSERT(buf); ASSERT(buf->_ft); - if(ha_buferr(buf)) - return; + if(ha_buferr(buf)) + return; - /* We keep the last buffer, and free the rest */ - itl = buf->_ft; - buf->_ft = buf->_dt; + /* We keep the last buffer, and free the rest */ + itl = buf->_ft; + buf->_ft = buf->_dt; buf->_rp = buf->_pp = (char*)INTERNAL_DATA(buf->_ft); #ifdef BUF_DEBUG - fprintf(stderr, "RESET BUFFER: %d\n", buf->_ft->end - (char*)buf->_ft); + fprintf(stderr, "RESET BUFFER: %d\n", buf->_ft->end - (char*)buf->_ft); #endif - for( ; itl != buf->_ft; itl = next) - { - ASSERT(itl != NULL); - next = itl->next; + for( ; itl != buf->_ft; itl = next) + { + ASSERT(itl != NULL); + next = itl->next; #ifdef _DEBUG - FILL_BETWEEN(INTERNAL_DATA(itl), itl->end, 0xDD); + FILL_BETWEEN(INTERNAL_DATA(itl), itl->end, 0xDD); #endif #ifdef BUF_DEBUG - fprintf(stderr, "FREEING: %d\n", itl->end - (char*)itl); + fprintf(stderr, "FREEING: %d\n", itl->end - (char*)itl); #endif free(itl); - } + } #ifdef _DEBUG FILL_BETWEEN(INTERNAL_DATA(buf->_ft), buf->_ft->end, 0xCD); diff --git a/common/buffer.h b/common/buffer.h index efa3d27..ad48634 100644 --- a/common/buffer.h +++ b/common/buffer.h @@ -29,11 +29,6 @@ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> - * */ #ifndef _BUFFER_H_ diff --git a/common/compat.c b/common/compat.c index 8f89000..16fc14f 100644 --- a/common/compat.c +++ b/common/compat.c @@ -29,11 +29,6 @@ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> - * */ #include "compat.h" @@ -43,12 +38,10 @@ void* reallocf(void* ptr, size_t size) { - void* ret = realloc(ptr, size); - - if(!ret && size) - free(ptr); - - return ret; + void* ret = realloc(ptr, size); + if(!ret && size) + free(ptr); + return ret; } #endif diff --git a/common/compat.h b/common/compat.h index 354e2eb..02b2a5b 100644 --- a/common/compat.h +++ b/common/compat.h @@ -29,11 +29,6 @@ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> - * */ #ifndef _COMPAT_H_ diff --git a/common/sha1.c b/common/sha1.c index 444e5bb..83e993f 100644 --- a/common/sha1.c +++ b/common/sha1.c @@ -139,7 +139,7 @@ void sha1_final(uchar digest[20], sha1_ctx_t* context) for (i = 0; i < 8; i++) { finalcount[i] = (uchar)((context->count[(i >= 4 ? 0 : 1)] - >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */ + >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */ } sha1_update(context, (uchar *)"\200", 1); while ((context->count[0] & 504) != 448) { diff --git a/common/sha1.h b/common/sha1.h index a9d1573..3cb9a91 100644 --- a/common/sha1.h +++ b/common/sha1.h @@ -24,9 +24,9 @@ extern "C" { typedef struct sha1_ctx { - unsigned long state[5]; - unsigned long count[2]; - unsigned char buffer[64]; + unsigned long state[5]; + unsigned long count[2]; + unsigned char buffer[64]; } sha1_ctx_t; diff --git a/configure.in b/configure.in index 5cbd584..d4f51ca 100644 --- a/configure.in +++ b/configure.in @@ -201,5 +201,6 @@ AC_CONFIG_FILES([Makefile doc/Makefile tools/Makefile apache1x/Makefile - apache2x/Makefile]) + apache2x/Makefile + java/Makefile]) AC_OUTPUT diff --git a/daemon/basic.c b/daemon/basic.c index ad70c2b..d46ea50 100644 --- a/daemon/basic.c +++ b/daemon/basic.c @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #include "usuals.h" diff --git a/daemon/basic.h b/daemon/basic.h index 511d2ef..ad61894 100644 --- a/daemon/basic.h +++ b/daemon/basic.h @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #ifndef __BASIC_H__ diff --git a/daemon/bd.c b/daemon/bd.c index cb4f2cf..f694017 100644 --- a/daemon/bd.c +++ b/daemon/bd.c @@ -1,42 +1,25 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ -/* Ideas and Guidance from Apache 2.0's mod_auth_digest - */ +/* Ideas and Guidance from Apache 2.0's mod_auth_digest */ #include "usuals.h" #include "httpauthd.h" diff --git a/daemon/bd.h b/daemon/bd.h index 20a74b9..11d6f98 100644 --- a/daemon/bd.h +++ b/daemon/bd.h @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #ifndef BD_H diff --git a/daemon/defaults.h b/daemon/defaults.h index a354635..e3d001f 100644 --- a/daemon/defaults.h +++ b/daemon/defaults.h @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #ifndef __DEFAULTS_H__ diff --git a/daemon/digest.c b/daemon/digest.c index 377c878..52afaa8 100644 --- a/daemon/digest.c +++ b/daemon/digest.c @@ -1,43 +1,25 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ -/* Ideas and Guidance from Apache 2.0's mod_auth_digest - */ +/* Ideas and Guidance from Apache 2.0's mod_auth_digest */ #include "usuals.h" #include "md5.h" diff --git a/daemon/digest.h b/daemon/digest.h index 912dd32..9fb0e6c 100644 --- a/daemon/digest.h +++ b/daemon/digest.h @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #ifndef __DIGEST_H__ diff --git a/daemon/dummy.c b/daemon/dummy.c index da3d084..7145e2c 100755 --- a/daemon/dummy.c +++ b/daemon/dummy.c @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #include "usuals.h" diff --git a/daemon/httpauthd.c b/daemon/httpauthd.c index d4d70ea..bff12cb 100644 --- a/daemon/httpauthd.c +++ b/daemon/httpauthd.c @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #include <sys/types.h> diff --git a/daemon/httpauthd.h b/daemon/httpauthd.h index a4e9f19..fe8d262 100644 --- a/daemon/httpauthd.h +++ b/daemon/httpauthd.h @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #ifndef __HTTPAUTHD_H__ diff --git a/daemon/ldap.c b/daemon/ldap.c index 2c8f915..b28593b 100644 --- a/daemon/ldap.c +++ b/daemon/ldap.c @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #include "usuals.h" diff --git a/daemon/misc.c b/daemon/misc.c index bcd77d2..bb88d06 100644 --- a/daemon/misc.c +++ b/daemon/misc.c @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #include "usuals.h" diff --git a/daemon/mysql.c b/daemon/mysql.c index 091a607..aa0ed73 100644 --- a/daemon/mysql.c +++ b/daemon/mysql.c @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #include "usuals.h" diff --git a/daemon/ntlm.c b/daemon/ntlm.c index 8ea2a83..8c9e0af 100644 --- a/daemon/ntlm.c +++ b/daemon/ntlm.c @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #include "usuals.h" diff --git a/daemon/ntlmssp.c b/daemon/ntlmssp.c index 4f4e3e4..5143895 100644 --- a/daemon/ntlmssp.c +++ b/daemon/ntlmssp.c @@ -1,6 +1,22 @@ /* - * $Id: ntlmssp.c,v 1.1 2004/04/21 17:37:06 nate Exp $ + * HttpAuth * + * Copyright (C) 2004 Nate Nielsen + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #include <sys/socket.h> diff --git a/daemon/ntlmssp.h b/daemon/ntlmssp.h index 2d7f52a..ae47d69 100644 --- a/daemon/ntlmssp.h +++ b/daemon/ntlmssp.h @@ -1,3 +1,23 @@ +/* + * HttpAuth + * + * Copyright (C) 2004 Nate Nielsen + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. + */ #ifndef __NTLMSSP_H__ #define __NTLMSSP_H__ diff --git a/daemon/pgsql.c b/daemon/pgsql.c index 13ecd85..d762435 100644 --- a/daemon/pgsql.c +++ b/daemon/pgsql.c @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #include "usuals.h" diff --git a/daemon/simple.c b/daemon/simple.c index 20c1ac1..0bd1fff 100644 --- a/daemon/simple.c +++ b/daemon/simple.c @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ /* On some linux this is required to get crypt to show itself */ diff --git a/daemon/usuals.h b/daemon/usuals.h index 6b15700..eb6cee6 100644 --- a/daemon/usuals.h +++ b/daemon/usuals.h @@ -1,39 +1,22 @@ /* - * Copyright (c) 2004, Nate Nielsen - * All rights reserved. + * HttpAuth * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Copyright (C) 2004 Nate Nielsen * - * * Redistributions of source code must retain the above - * copyright notice, this list of conditions and the - * following disclaimer. - * * Redistributions in binary form must reproduce the - * above copyright notice, this list of conditions and - * the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * * The names of contributors to this software may not be - * used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED - * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * - * CONTRIBUTORS - * Nate Nielsen <nielsen@memberwebs.com> + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the + * Free Software Foundation, Inc., + * 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. */ #ifndef __USUALS_H__ diff --git a/doc/Makefile.am b/doc/Makefile.am index 56ca28e..85f98bc 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -1,4 +1,9 @@ -man_MANS = httpauthd.8 httpauthd.conf.5 +man_MANS = httpauthd.8 httpauthd.conf.5 mkha1.8 -EXTRA_DIST = protocol.txt httpauthd.conf.sample ${man_MANS} +EXTRA_DIST = protocol.txt \ + httpauthd.conf.sample \ + ldap-example.conf \ + mysql-example.conf \ + ntlm-example.conf \ + ${man_MANS} diff --git a/doc/httpauthd.conf.sample b/doc/httpauthd.conf.sample index f5e1e87..16549b1 100644 --- a/doc/httpauthd.conf.sample +++ b/doc/httpauthd.conf.sample @@ -1,31 +1,26 @@ - # Sample HTTPAUTH configuration file # Listen on a TCP port Socket: 0.0.0.0 -# Only perform Digest authentication -AuthTypes: Digest - # ---------------------------------------------------- # This is the beginning of an Simple method section -[Simple] +[Simple:LocalUsers] -# Give the method a name -Alias: LocalUsers +# Displayed to the user +Realm: Local Users # The file PasswordFile: /usr/data/localusers.pw - # ---------------------------------------------------- # This is the beginning of an LDAP method section -[LDAP] +[LDAP:AllUsers] -# Give the method a name -Alias: AllUsers +# Displayed to the user +Realm: Users LDAPServers: ldap.test.com LDAPDoBind: True diff --git a/java/Makefile.am b/java/Makefile.am new file mode 100644 index 0000000..b9fe053 --- /dev/null +++ b/java/Makefile.am @@ -0,0 +1,6 @@ + +EXTRA_DIST = lib src build.xml + +dist-hook: + rm -rf `find $(distdir)/ -name .svn` + diff --git a/java/build.xml b/java/build.xml new file mode 100644 index 0000000..13a3f48 --- /dev/null +++ b/java/build.xml @@ -0,0 +1,42 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project name="httpauth-client" default="build" basedir="."> + + <target name="init"> + <property name="version" value="0.5"/> + </target> + + <target name="build" depends="init"> + <mkdir dir="build"/> + <javac srcdir="src" destdir="build" includes="**/*.java" + classpath="lib/javax.servlet.jar;lib/org.mortbay.jetty.jar" compiler="extJavac"/> + </target> + + <target name="clean" depends="init"> + <delete dir="build"/> + </target> + + <target name="makedist" depends="init,build"> + <mkdir dir="build"/> + <manifest file="build/manifest"> + <!-- <attribute name="Main-Class" value="com.memberwebs.XXXX"/> --> + <attribute name="Class-Path" value="lib/javax.servlet.jar lib/org.mortbay.jetty.jar"/> + <attribute name="Implementation-Title" value="httpauth-client"/> + <attribute name="Implementation-Version" value="${version}"/> + <attribute name="Implementation-Vendor" value="nielsen@memberwebs.com"/> + </manifest> + <jar basedir="." destfile="build/httpauth-client-src.jar" excludes="CVS .* build/* .svn"/> + <jar basedir="build" destfile="build/httpauth-client.jar" manifest="build/manifest" includes="**/*.class"/> + </target> + + <target name="javadoc"> + <mkdir dir="build"/> + <javadoc access="public" author="true" + classpath="build:lib/javax.servlet.jar:lib/org.mortbay.jetty.jar" + destdir="build/doc" nodeprecated="true" + nodeprecatedlist="true" noindex="false" nonavbar="false" + notree="false" + packagenames="com.memberwebs.httpauth,com.memberwebs.httpauth.jetty,com.memberwebs.httpauth.servlet" + sourcepath="src" splitindex="false" use="true" version="true"/> + </target> + +</project> diff --git a/java/src/com/memberwebs/httpauth/BaseHttpAuthenticator.java b/java/src/com/memberwebs/httpauth/BaseHttpAuthenticator.java new file mode 100644 index 0000000..8dd15f1 --- /dev/null +++ b/java/src/com/memberwebs/httpauth/BaseHttpAuthenticator.java @@ -0,0 +1,233 @@ +/* + * Copyright (c) 2004, Nate Nielsen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Nate Nielsen <nielsen@memberwebs.com> + * + */ + +package com.memberwebs.httpauth; + +import java.io.IOException; +import java.net.SocketException; +import java.util.Enumeration; + +/** + * Base class for HttpAuth authenticators. This class in not generally used + * outside of the HttpAuth code. + * + * @author Nate Nielsen + */ +public abstract class BaseHttpAuthenticator +{ + protected HttpAuthConnectionSource m_source; + + protected BaseHttpAuthenticator(HttpAuthConnectionSource source) + { + m_source = source; + } + + protected abstract void addResponseHeader(Object response, String name, String value); + protected abstract void setResponseResult(Object response, int code) + throws IOException; + protected abstract Enumeration getHeaderValues(Object request, String name); + protected abstract Enumeration getHeaderNames(Object request); + + protected String authenticateRequest(Object request, Object response, + String connid, String method, + String uri, String[] authtypes) + throws HttpAuthException + { + // Prepare and send the request line + String args = connid + " " + method + " " + uri; + HttpAuthConnection conn = null; + HttpAuthConnection.Response rsp = null; + + try + { + // Retry loop + for(;;) + { + conn = m_source.getOpenConnection(); + + try + { + conn.sendLine("AUTH " + args); + sendHeaders(conn, request, authtypes); + + // If above was successful get out of this retry loop + break; + } + catch(SocketException e) + { + // Always close connections that have errors on them + conn.close(); + + // Stupid hack but java doesn't let us do any better just now + if(!e.getMessage().startsWith("Broken pipe")) + throw new HttpAuthException("error communicating with httpauthd", e); + } + + // The following code only gets executed when our sockets + // have been disconnected. We loop up and try again. We're + // pretty safe in doing this because the act of opening a + // HttpAuthConnection sends some data through it, so only + // stale connections should end up here. + m_source.doneWithConnection(conn); + } + + rsp = conn.readResponse(200); + copyHeaders(conn, response, authtypes); + + if(rsp.ccode != 200) + { + setResponseResult(response, rsp.ccode); + return null; + } + else + { + return rsp.details; + } + } + catch(IOException e) + { + try + { + // Always close connections that have errors on them + conn.close(); + } + catch(IOException ex) + { } + + throw new HttpAuthException("error communicating with httpauthd", e); + } + finally + { + if(conn != null) + m_source.doneWithConnection(conn); + } + } + + protected void copyHeaders(HttpAuthConnection conn, Object response, + String[] authtypes) + throws IOException + { + for(;;) + { + String line = conn.readLine(); + if(line != null) + { + line.trim(); + if(line.length() == 0) + line = null; + } + + if(line == null) + break; + + int pos = line.indexOf(":"); + + // Skip invalid lines + if(pos == -1) + continue; + + String name = line.substring(0, pos).trim(); + String value = line.substring(pos + 1).trim(); + + // Drop junk that's not allowed + if(authtypes != null && authtypes.length > 0) + { + if(name.equalsIgnoreCase("WWW-Authenticate")) + { + boolean ok = false; + + for(int i = 0; i < authtypes.length; i++) + { + if(value.startsWith(authtypes[i])) + { + ok = true; + break; + } + } + + if(!ok) + continue; + } + } + + addResponseHeader(response, name, value); + } + } + + /** + * @param req + */ + protected void sendHeaders(HttpAuthConnection conn, Object request, + String[] authtypes) + throws IOException + { + Enumeration e = getHeaderNames(request); + + while(e.hasMoreElements()) + { + String name = (String)e.nextElement(); + if(!name.equalsIgnoreCase("Authorization")) + continue; + + Enumeration e2 = getHeaderValues(request, name); + while(e2.hasMoreElements()) + { + String value = (String)e2.nextElement(); + + if(authtypes == null || authtypes.length == 0) + { + conn.sendLine(name + ": " + value); + } + else + { + for(int i = 0; i < authtypes.length; i++) + { + if(value.startsWith(authtypes[i])) + { + conn.sendLine(name + ": " + value); + break; + } + } + } + } + } + + // Headers always end in a blank line + conn.sendLine(""); + } +} diff --git a/java/src/com/memberwebs/httpauth/HttpAuthConnection.java b/java/src/com/memberwebs/httpauth/HttpAuthConnection.java new file mode 100644 index 0000000..7604d31 --- /dev/null +++ b/java/src/com/memberwebs/httpauth/HttpAuthConnection.java @@ -0,0 +1,347 @@ +/* + * Copyright (c) 2004, Nate Nielsen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Nate Nielsen <nielsen@memberwebs.com> + * + */ + +package com.memberwebs.httpauth; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStreamReader; +import java.io.OutputStreamWriter; +import java.io.Writer; +import java.net.InetSocketAddress; +import java.net.Socket; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; + +/** + * A connection to the HttpAuth daemon. + * + * @author Nate Nielsen + */ +public class HttpAuthConnection + implements HttpAuthConnectionSource +{ + /** + * The option to set the authenticaton handler. + */ + public static final String OPT_HANDLER = "Handler"; + + /** + * The option to set the digest domains. + */ + public static final String OPT_DOMAIN = "Domain"; + + private Writer m_output; + private BufferedReader m_input; + private Socket m_socket; + private boolean m_checkedout; + + /** + * Connects to the HttpAuth daemon at the given address and port. The + * appropriate handler is set. + * + * @param hostname The address where the HttpAuth daemon is running. + * @param port The TCP port for the HttpAuth daemon. + * @param handler The HttpAuth handler to use. + */ + public void open(String hostname, int port, String handler) + throws IOException, HttpAuthException + { + HashMap options = new HashMap(); + options.put(OPT_HANDLER, handler); + open(hostname, port, options); + } + + /** + * Connects to the HttpAuth daemon at the given address and port. Various + * options (including the handler) can be set. + * + * @param hostname The address where the HttpAuth daemon is running. + * @param port The TCP port for the HttpAuth daemon. + * @param options The HttpAuth options to use. This must include {@link #OPT_HANDLER}. + */ + public void open(String hostname, int port, Map options) + throws IOException, HttpAuthException + { + synchronized(this) + { + close(); + + m_socket = new Socket(); + m_socket.connect(new InetSocketAddress(hostname, port), 60000); + + m_input = new BufferedReader(new InputStreamReader(m_socket.getInputStream())); + m_output = new OutputStreamWriter(m_socket.getOutputStream()); + + // Okay now read the version number + Response ver = readResponse(100); + if(!ver.details.trim().equals("HTTPAUTH/1.0")) + throw new HttpAuthException("httpauthd speaking wrong version of protocol: " + ver.details); + + // Set any options as necessary + Iterator it = options.keySet().iterator(); + while(it.hasNext()) + { + String name = (String)it.next(); + String value = (String)options.get(name); + + // Set the options request + sendLine("SET " + name + " " + value); + + // This throws an exception if we don't get the right response + readResponse(202); + } + } + } + + /** + * Closes the connection to the HttpAuth daemon. + */ + public void close() + throws IOException + { + synchronized(this) + { + if(m_socket != null && m_output != null) + { + try + { + sendLine("QUIT"); + } + catch(IOException e) + { + } + } + + if(m_output != null) + { + m_output.close(); + m_output = null; + } + + if(m_input != null) + { + m_input.close(); + m_input = null; + } + + if(m_socket != null) + { + m_socket.close(); + m_socket = null; + } + } + } + + /** + * Checks whether we're connected to the HttpAuth daemon. + */ + public boolean isConnected() + { + return m_socket != null && m_socket.isConnected() + && m_input != null && m_output != null; + } + + /** + * Sends a command string to the HttpAuth daemon. + * + * @param string The command to send. + */ + public void sendLine(String string) + throws IOException + { + synchronized(this) + { + m_output.write(string + "\n"); + m_output.flush(); + } + } + + /** + * Reads a response line from the HttpAuth daemon. + * + * @return The response line. + */ + public String readLine() + throws IOException + { + synchronized(this) + { + return m_input.readLine(); + } + } + + /* --------------------------------------------------------------------------- + * HttpAuthConnectionSource + * + * This is a simple implementation which allows a single connection + * to be used in leu of a connection pool. + */ + + /** + * Treats this single connection as a pool. Checks out the current + * connection. Use {@link HttpAuthConnectionPool} instead. + * @return The connection. + */ + public HttpAuthConnection getOpenConnection() + throws HttpAuthException + { + synchronized(this) + { + if(isConnected() && !m_checkedout) + return null; + + m_checkedout = true; + return this; + } + } + + /** + * Treats this single connection as a pool. Checks in the current + * connection. Use {@link HttpAuthConnectionPool} instead. + * @param conn The connection. + */ + public void doneWithConnection(HttpAuthConnection conn) + throws HttpAuthException + { + synchronized(this) + { + m_checkedout = false; + } + } + + // ----------------------------------------------------------------------------- + // Helper functions + + protected Response readResponse(int expected) + throws HttpAuthException, IOException + { + Response resp = new Response(); + String line = readLine(); + + if(line == null) + throw new IOException("unexpected end of data from httpauthd"); + + String word = parseWord(line); + line = line.substring(word.length()); + word = word.trim(); + + try + { + int code = Integer.parseInt(word, 10); + if(code < 100 || code > 599) + throw new NumberFormatException(); + + resp.code = code; + } + catch(NumberFormatException e) + { + throw new HttpAuthException("httpauth protocol error. invalid code received: " + word); + } + + if(expected != 0 && resp.code != expected) + throw new HttpAuthException("httpauth protocol error. expected code '" + expected + "' and got: " + resp.code); + + if(resp.code == 200) + { + word = parseWord(line); + line = line.substring(word.length()).trim(); + word = word.trim(); + + try + { + int code = Integer.parseInt(word, 10); + if(code < 100 || code > 599) + throw new NumberFormatException(); + + resp.ccode = code; + } + catch(NumberFormatException e) + { + throw new HttpAuthException("httpauth protocol error. invalid code received: " + word); + } + } + + if(line.length() > 0) + resp.details = line; + + return resp; + } + + protected String parseWord(String line) + { + int start = -1; + int end; + char ch; + + while(true) + { + if(++start >= line.length()) + return ""; + + ch = line.charAt(start); + if(ch != ' ' && ch != '\t') + break; + } + + end = start - 1; + + while(true) + { + if(++end >= line.length()) + break; + + ch = line.charAt(end); + if(ch == ' ' || ch == '\t') + break; + } + + if(end == -1) + return ""; + + return line.substring(0, end); + } + + class Response + { + int code; + int ccode; + String details; + }; +} diff --git a/java/src/com/memberwebs/httpauth/HttpAuthConnectionPool.java b/java/src/com/memberwebs/httpauth/HttpAuthConnectionPool.java new file mode 100644 index 0000000..089402b --- /dev/null +++ b/java/src/com/memberwebs/httpauth/HttpAuthConnectionPool.java @@ -0,0 +1,172 @@ +/* + * Copyright (c) 2004, Nate Nielsen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Nate Nielsen <nielsen@memberwebs.com> + * + */ + +package com.memberwebs.httpauth; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; +import java.util.Stack; + +/** + * A pool of connections to the HttpAuth daemon. + * + * @author Nate Nielsen + */ +public class HttpAuthConnectionPool + implements HttpAuthConnectionSource +{ + private Stack m_connections; + private short m_checkedout; + private short m_max; + + private String m_hostname; + private int m_port; + private Map m_options; + + /** + * Creates a new pool of connections to the HttpAuth daemon at the given + * address. The connections will be setup to use the given handler. + * + * @param hostname The address at which the HttpAuth daemon is running. + * @param port The TCP port at which the HttpAuth daemon is listening on. + * @param handler The HttpAuth handler to use. + */ + public HttpAuthConnectionPool(String hostname, int port, String handler) + { + m_hostname = hostname; + m_port = port; + m_checkedout = 0; + m_max = 16; + m_connections = new Stack(); + m_options = new HashMap(); + m_options.put(HttpAuthConnection.OPT_HANDLER, handler); + } + + /** + * Creates a new pool of connections to the HttpAuth daemon at the given + * address. The connections will be setup with the various options. + * + * @param hostname The address at which the HttpAuth daemon is running. + * @param port The TCP port at which the HttpAuth daemon is listening on. + * @param options The HttpAuth options to use. This must include {@link #HttpAuthConnection.OPT_HANDLER}. + */ + public HttpAuthConnectionPool(String hostname, int port, Map options) + { + m_hostname = hostname; + m_port = port; + m_checkedout = 0; + m_max = 16; + m_connections = new Stack(); + m_options = options; + } + + /** + * Set the maximum number of connections available in this pool. + * @param max The maximum number of connections. + */ + public void setMax(short max) + { + m_max = max; + } + + /* --------------------------------------------------------------------------- + * HttpAuthConnectionSource + */ + + /** + * Retrieves a connection from the pool. + * @return The connection. + */ + public HttpAuthConnection getOpenConnection() + throws HttpAuthException + { + synchronized(this) + { + HttpAuthConnection conn = null; + + while(!m_connections.empty()) + { + conn = (HttpAuthConnection)m_connections.pop(); + if(conn != null && conn.isConnected()) + { + m_checkedout++; + return conn; + } + } + + if(m_checkedout >= m_max) + throw new HttpAuthException("too many connections to httpauthd: " + m_checkedout); + + try + { + // Otherwise we make a new connection + conn = new HttpAuthConnection(); + conn.open(m_hostname, m_port, m_options); + m_checkedout++; + return conn; + } + catch(IOException e) + { + throw new HttpAuthException("couldn't connect to httpauthd: " + e.getMessage()); + } + } + } + + /** + * Puts a connection back in the pool. + * @param conn The connection. + */ + public void doneWithConnection(HttpAuthConnection conn) + throws HttpAuthException + { + synchronized(this) + { + if(m_checkedout > 0) + m_checkedout--; + + if(conn.isConnected()) + { + // TODO: I don't know of any way to drain the remaining + // junk out of a socket here without blocking. :( + + m_connections.push(conn); + } + } + } +} diff --git a/java/src/com/memberwebs/httpauth/HttpAuthConnectionSource.java b/java/src/com/memberwebs/httpauth/HttpAuthConnectionSource.java new file mode 100644 index 0000000..eab8eb5 --- /dev/null +++ b/java/src/com/memberwebs/httpauth/HttpAuthConnectionSource.java @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2004, Nate Nielsen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Nate Nielsen <nielsen@memberwebs.com> + * + */ + +package com.memberwebs.httpauth; + +/** + * An interface for a pool of HttpAuth connections. + * + * @author Nate Nielsen + */ +public interface HttpAuthConnectionSource +{ + /** + * Retrieves a connection from the pool. + * @return The connection. + */ + public HttpAuthConnection getOpenConnection() + throws HttpAuthException; + + /** + * Puts a connection back in the pool. + * @param conn The connection. + */ + public void doneWithConnection(HttpAuthConnection conn) + throws HttpAuthException; +} diff --git a/java/src/com/memberwebs/httpauth/HttpAuthException.java b/java/src/com/memberwebs/httpauth/HttpAuthException.java new file mode 100644 index 0000000..c342302 --- /dev/null +++ b/java/src/com/memberwebs/httpauth/HttpAuthException.java @@ -0,0 +1,139 @@ +/* + * Copyright (c) 2004, Nate Nielsen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Nate Nielsen <nielsen@memberwebs.com> + * + */ + +package com.memberwebs.httpauth; + + +/** + * A general utility exception which can wrap another exception or + * hold it's own message + * + * @author Nate Nielsen + */ +public class HttpAuthException + extends Exception +{ + // The internal exception + private Exception m_exception; + + /** + * Creates a new HttpAuthException with a message + * + * @param message The message to include. + */ + public HttpAuthException(String message) + { + this(message, null); + } + + /** + * Creates a new HttpAuthException with an exception + * held internally. + * + * @param e The internal exception. + */ + public HttpAuthException(Exception e) + { + this(null, e); + } + + /** + * Creates a new HttpAuthException with a message and an + * exception exception held internally. + * + * @param message The message to include. + * @param e The internal exception. + */ + public HttpAuthException(String message, Exception e) + { + super(message); + if(e != null) + m_exception = e; + } + + /** + * Returns the error message of this exception if present, or + * the internal exception. + * + * @return The message. + */ + public String getMessage() + { + String message = super.getMessage(); + + if(message == null && m_exception != null) + message = m_exception.getMessage(); + + return message; + } + + /** + * Returns the internal exception, or this if not present. + * + * @return The exception. + */ + public Exception getException() + { + if(m_exception == null) + return this; + else + return m_exception; + } + + /** + * Converts this object to a string. + * + * @return The string value. + */ + public String toString () + { + if(m_exception != null) + return m_exception.toString(); + else + return super.toString(); + } + + public StackTraceElement[] getStackTrace() + { + return getStackTrace(); + } + + // A dumb id to suppress compiler warnings + private static final long serialVersionUID = 9117749574169057520L; + +} diff --git a/java/src/com/memberwebs/httpauth/HttpAuthFilter.java b/java/src/com/memberwebs/httpauth/HttpAuthFilter.java new file mode 100644 index 0000000..1c7367d --- /dev/null +++ b/java/src/com/memberwebs/httpauth/HttpAuthFilter.java @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2004, Nate Nielsen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Nate Nielsen <nielsen@memberwebs.com> + * + */ + +package com.memberwebs.httpauth; + +/** + * Implement this interface if you want to limit the type of + * authentication available for each request. This could allow + * more insecure authentication over SSL for example. + * + * @author Nate Nielsen + */ +public interface HttpAuthFilter +{ + /** + * Return the types of authentication allowed. + * @param address The address for the request. + * @param secure Whether the request came over a secure channel or not. + * @return The types of authentication allowed. + */ + String[] getAuthTypes(String address, boolean secure); +} diff --git a/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java b/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java new file mode 100644 index 0000000..bcca142 --- /dev/null +++ b/java/src/com/memberwebs/httpauth/jetty/JettyHttpAuthenticator.java @@ -0,0 +1,195 @@ +/* + * Copyright (c) 2004, Nate Nielsen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Nate Nielsen <nielsen@memberwebs.com> + * + */ + +package com.memberwebs.httpauth.jetty; + +import java.io.IOException; +import java.util.Enumeration; + +import org.mortbay.http.HttpRequest; +import org.mortbay.http.HttpResponse; +import org.mortbay.http.UserPrincipal; +import org.mortbay.http.UserRealm; +import org.mortbay.http.SecurityConstraint.Authenticator; + +import com.memberwebs.httpauth.BaseHttpAuthenticator; +import com.memberwebs.httpauth.HttpAuthConnectionSource; +import com.memberwebs.httpauth.HttpAuthException; +import com.memberwebs.httpauth.HttpAuthFilter; + +/** + * An authenticator for the Jetty web server. An instance of this object + * is used by a Jetty HttpContext to perform authentication. + * + * @author Nate Nielsen + */ +public class JettyHttpAuthenticator + extends BaseHttpAuthenticator + implements Authenticator +{ + protected HttpAuthFilter m_filter; + + /** + * Creates a new JettyHttpAuthenticator. + * + * @param source A source of HttpAuth connections + * (such as {@link #HttpAuthConnectionPool}) + * @param filter An optional filter which determines + * which types of authentication may be performed. + */ + public JettyHttpAuthenticator(HttpAuthConnectionSource source, + HttpAuthFilter filter) + { + super(source); + m_filter = filter; + } + + /** + * Called by Jetty's HttpContext to perform authentication. + * @param realm + * @param pathInContext + * @param request + * @param response + * @return Used by Jetty to identify the user. + */ + public UserPrincipal authenticated(UserRealm realm, String pathInContext, + HttpRequest request, HttpResponse response) + throws IOException + { + // We ignore the realm + + String[] authtypes = null; + + if(m_filter != null) + authtypes = m_filter.getAuthTypes(request.getRemoteAddr(), request.isConfidential()); + + String user = null; + + try + { + user = authenticateRequest(request, response, "XXX", request.getMethod(), + request.getURI().toString(), authtypes); + } + catch(HttpAuthException e) + { + throw new IOException(e.getMessage()); + } + + if(user == null) + return null; + + HttpAuthPrincipal principal = new HttpAuthPrincipal(user); + + request.setAuthType("HTTPAUTH"); + request.setAuthUser(user); + request.setUserPrincipal(principal); + + return principal; + } + + /** + * Called by Jetty's HttpContext to get authentication method. + * @return Used by Jetty to identify the method. + */ + public String getAuthMethod() + { + return "HTTPAUTH"; + } + + /* ------------------------------------------------------------------------- + * OVERRIDES + */ + + protected void addResponseHeader(Object response, String name, String value) + { + HttpResponse resp = (HttpResponse)response; + resp.addField(name, value); + } + + protected void setResponseResult(Object response, int code) + throws IOException + { + HttpResponse resp = (HttpResponse)response; + + if(code >= 300) + resp.sendError(code); + else + resp.setStatus(code); + } + + protected Enumeration getHeaderValues(Object request, String name) + { + HttpRequest req = (HttpRequest)request; + return req.getFieldValues(name); + } + + protected Enumeration getHeaderNames(Object request) + { + HttpRequest req = (HttpRequest)request; + return req.getFieldNames(); + } + + protected class HttpAuthPrincipal + implements UserPrincipal + { + private String m_name; + + public HttpAuthPrincipal(String name) + { + m_name = name; + } + + public boolean isAuthenticated() + { + return true; + } + + public boolean isUserInRole(String role) + { + return false; + } + + public String getName() + { + return m_name; + } + } + + // A dumb ID to suppress compiler warnings + private static final long serialVersionUID = -1266258707017895782L; +} diff --git a/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java b/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java new file mode 100644 index 0000000..4e2d025 --- /dev/null +++ b/java/src/com/memberwebs/httpauth/servlet/ServletHttpAuthenticator.java @@ -0,0 +1,156 @@ +/* + * Copyright (c) 2004, Nate Nielsen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Nate Nielsen <nielsen@memberwebs.com> + * + */ + +package com.memberwebs.httpauth.servlet; + +import java.io.IOException; +import java.util.Enumeration; + +import javax.servlet.ServletException; +import javax.servlet.UnavailableException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import com.memberwebs.httpauth.BaseHttpAuthenticator; +import com.memberwebs.httpauth.HttpAuthConnectionSource; +import com.memberwebs.httpauth.HttpAuthException; + +/** + * A class which can be used by servlets to authenticate the user for + * a given request. + * + * Note that the user will not be set on the request and will not be + * available via req.getRemoteUser(). + * + * @author Nate Nielsen + */ + +public class ServletHttpAuthenticator + extends BaseHttpAuthenticator +{ + /** + * Creates a new ServletHttpAuthenticator. + * + * @param source A source of HttpAuth connections + * (such as {@link #HttpAuthConnectionPool}) + */ + public ServletHttpAuthenticator(HttpAuthConnectionSource source) + { + super(source); + } + + /** + * Authenticate a request. If the authentication fails, headers and + * a response will be sent. + * + * @param req The HTTP request. + * @param resp The HTTP response used when authentication fails. + * @return The authenticated user name, or null if unsuccessful. + */ + public String authenticate(HttpServletRequest req, HttpServletResponse resp) + throws ServletException + { + return authenticate(req, resp, null); + } + + /** + * Authenticate a request. If the authentication fails, headers and + * a response will be sent. The caller can limit the types of + * authentication allowed. + * + * @param req The HTTP request. + * @param resp The HTTP response used when authentication fails. + * @param authtypes The types of authentication allowed. + * @return The authenticated user name, or null if unsuccessful. + */ + public String authenticate(HttpServletRequest req, HttpServletResponse resp, + String[] authtypes) + throws ServletException + { + String method = req.getMethod(); + String uri = req.getRequestURI(); + + String qs = req.getQueryString(); + if(qs != null) + uri += qs; + + // NOTE: We can't set the remote user on the request. That's just + // the way the interfaces are designed + + try + { + return authenticateRequest(req, resp, "XXX", method, uri, authtypes); + } + catch(HttpAuthException e) + { + throw new UnavailableException(e.getMessage(), 30); + } + } + + /* ------------------------------------------------------------------------- + * OVERRIDES + */ + + protected void addResponseHeader(Object response, String name, String value) + { + HttpServletResponse resp = (HttpServletResponse)response; + resp.addHeader(name, value); + } + + protected void setResponseResult(Object response, int code) + throws IOException + { + HttpServletResponse resp = (HttpServletResponse)response; + if(code >= 200 && code < 300) + resp.setStatus(code); + else + resp.sendError(code); + } + + protected Enumeration getHeaderValues(Object request, String name) + { + HttpServletRequest req = (HttpServletRequest)request; + return req.getHeaders(name); + } + + protected Enumeration getHeaderNames(Object request) + { + HttpServletRequest req = (HttpServletRequest)request; + return req.getHeaderNames(); + } +} diff --git a/tools/mkha1.c b/tools/mkha1.c index 4c09d51..2ed4495 100644 --- a/tools/mkha1.c +++ b/tools/mkha1.c @@ -1,3 +1,40 @@ +/* + * Copyright (c) 2004, Nate Nielsen + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Nate Nielsen <nielsen@memberwebs.com> + * + */ #include <sys/types.h> #include <stdlib.h> @@ -86,7 +123,7 @@ int main(int argc, char* argv[]) static void usage() { fprintf(stderr, "usage: mkha1 [-u user] [-r realm] [-p password]\n"); - fprintf(stderr, " mkha1 -d [-s]\n"); + fprintf(stderr, " mkha1 -b [-s]\n"); exit(2); } |