diff options
Diffstat (limited to 'www/publicfile/files/publicfile-0.52_basicauth.patch.in')
| -rw-r--r-- | www/publicfile/files/publicfile-0.52_basicauth.patch.in | 638 |
1 files changed, 638 insertions, 0 deletions
diff --git a/www/publicfile/files/publicfile-0.52_basicauth.patch.in b/www/publicfile/files/publicfile-0.52_basicauth.patch.in new file mode 100644 index 000000000000..170e658d848e --- /dev/null +++ b/www/publicfile/files/publicfile-0.52_basicauth.patch.in @@ -0,0 +1,638 @@ +diff -N -u -r publicfile-0.52.orig/Makefile publicfile-0.52/Makefile +--- publicfile-0.52.orig/Makefile Mon Nov 8 23:23:46 1999 ++++ publicfile-0.52/Makefile Wed Aug 29 20:27:09 2001 +@@ -234,21 +234,43 @@ + compile hier.c auto_home.h + ./compile hier.c + ++htrules: \ ++load htrules.o base64.o ++ ./load htrules cdb.a base64.o byte.a getln.a stralloc.a alloc.a \ ++ substdio.a str.a buffer.a unix.a ++ ++htrules.o: \ ++compile htrules.c strerr.h stralloc.h gen_alloc.h getln.h buffer.h \ ++stralloc.h buffer.h exit.h fmt.h byte.h cdb_make.h buffer.h uint32.h \ ++base64.h ++ ./compile htrules.c ++ ++base64.o: \ ++compile base64.c base64.h ++ ./compile base64.c ++ + httpd: \ + load httpd.o main.o pathdecode.o file.o filetype.o httpdate.o \ + percent.o prot.o timeoutread.o timeoutwrite.o libtai.a case.a getln.a \ + stralloc.a alloc.a substdio.a error.a open.a sig.a env.a str.a fs.a \ +-socket.lib ++socket.lib readclose.o openreadclose.o + ./load httpd main.o pathdecode.o file.o filetype.o \ + httpdate.o percent.o prot.o timeoutread.o timeoutwrite.o \ + libtai.a case.a getln.a stralloc.a alloc.a substdio.a \ +- error.a open.a sig.a env.a str.a fs.a `cat socket.lib` ++ error.a open.a sig.a env.a str.a fs.a cdb.a byte.a seek_set.o \ ++ readclose.o openreadclose.o `cat socket.lib` ++ ++cdb: ++ (cd __PORTSDIR__/databases/cdb/work/cdb-0.75 && \ ++ make && \ ++ cp -p cdb_make.h buffer.h cdb.h uint32.h cdb.a byte.a seek_set.o \ ++ cdb_make.o error.c buffer.a unix.a __WRKSRC__/) + + httpd.o: \ + compile httpd.c pathdecode.h stralloc.h gen_alloc.h file.h tai.h \ + uint64.h filetype.h stralloc.h percent.h stralloc.h stralloc.h sig.h \ + exit.h fmt.h case.h str.h tai.h httpdate.h stralloc.h tai.h \ +-timeoutread.h timeoutwrite.h substdio.h error.h getln.h ++timeoutread.h timeoutwrite.h substdio.h error.h getln.h byte.h + ./compile httpd.c + + httpdate.o: \ +@@ -358,6 +380,11 @@ + compile open_trunc.c open.h + ./compile open_trunc.c + ++openreadclose.o: \ ++compile openreadclose.c error.h open.h readclose.h stralloc.h \ ++gen_alloc.h openreadclose.h stralloc.h ++ ./compile openreadclose.c ++ + pathdecode.o: \ + compile pathdecode.c pathdecode.h stralloc.h gen_alloc.h + ./compile pathdecode.c +@@ -367,7 +394,7 @@ + ./compile percent.c + + prog: \ +-configure httpd ftpd rts utime ++cdb configure httpd ftpd rts utime htrules + + prot.o: \ + compile prot.c hasshsgr.h prot.h +diff -N -u -r publicfile-0.52.orig/README.basicauth publicfile-0.52/README.basicauth +--- publicfile-0.52.orig/README.basicauth Wed Dec 31 16:00:00 1969 ++++ publicfile-0.52/README.basicauth Wed Aug 29 22:16:02 2001 +@@ -0,0 +1,100 @@ ++Here is a patch for publicfile to allow for Basic Auth. ++ ++Building Instructions: ++ ++Save this patch as publicfile-0.52.basicauth.patch ++Download publicfile-0.52 ++Download cdb-0.75 ++ ++gunzip publicfile-0.52.tar ++gunzip cdb-0.75.tar ++tar -xf publicfile-0.52.tar ++cd publicfile-0.52 ++tar -xf ../cdb-0.75.tar ++patch -p1 < publicfile-0.52.basicauth.patch ++ ++Follow normal installation instructions for publicfile beginning with ++'make setup check' ++ ++Usage Instructions: ++ ++Once this patch has been applied, httpd will check for a file ++called '.access' in the current directory of any requested ++file. e.g, if /public/file/0/path/to/file.html is requested, httpd ++will first check for /public/file/0/path/to/.access. ++ ++.access should have the format: ++ realm_id:realm_txt ++ ++realm_id is used as documented below. realm_txt is typically ++presented by the user's browser. .access must be readable by httpd ++and only protects a specific directory. Sub-directories are not ++protected unless they also contain a .access file. ++ ++An additional program will be installed in /usr/local/publicfile (or ++whatever conf-home is) called htrules. Use this like tcprules: ++ ++cd /public/file ++htrules access.cdb access.tmp < access ++ ++This may safely be run at any time. ++ ++access should have the format: ++ ++ # this is a comment. blank lines are allowed too. ++ # the next line authorizes a user to a specific realm_id ++ realm_id:username:password ++ # the next line authorizes host class. ++ realm_id:LOCALHOST ++ ++access.cdb must be readable by httpd. ++ ++realm_id corresponds to the realm_id in the .access file(s). ++ ++Each realm_id line specifies either a username:password combination ++or a host class. Note that the same username may have different ++passwords in different realm_id's. ++ ++A host is mapped into a host class via the environment ++variable HTTPCLIENT. This environment variable should be ++set in tcpserver's rules.cdb. ++ ++Here is an example: ++ ++ === /public/file/0/private1/.access === ++ realm1:Dr. Suess ++ ++ === /public/file/0/private2/.access === ++ realm2:Sesame Street ++ ++ === /public/file/access === ++ # realm1 are Dr Suess users/clients ++ realm1:john:catinthehat ++ realm1:mary:greeneggswithham ++ realm1:LOCALHOST ++ realm1:DR SUESS ++ # realm1 are Sesame Street users/clients ++ realm2:tom:bigbird ++ realm2:abi:cookiemonster ++ realm2:mary:earnie ++ realm2:LOCALHOST ++ realm2:SESAME STREET ++ ++ === /etc/rules === ++ 127.0.0.1:allow,HTTPCLIENT="LOCALHOST" ++ 10.0.0.:allow,HTTPCLIENT="DR SUESS" ++ 10.1.0.:allow,HTTPCLIENT="SESAME STREET" ++ :allow ++ ++The changes to the Makefile aren't very clean, but everything compiles ++correctly. ++ ++Thanks to Eric M. Johnston's for base64.{c,h} from YAQSAP ++(Yet Another qmail SMTP AUTH Patch) - ++http://qmail.goof.com/qmail-auth-20010105.tar.gz ++ ++This patch available at ++http://www.soffian.org/downloads/publicfile-0.52_basicauth.patch ++ ++Jay Soffian <jay@soffian.org> 29 Aug 2001 ++ +diff -N -u -r publicfile-0.52.orig/base64.c publicfile-0.52/base64.c +--- publicfile-0.52.orig/base64.c Wed Dec 31 16:00:00 1969 ++++ publicfile-0.52/base64.c Wed Aug 22 22:17:39 2001 +@@ -0,0 +1,90 @@ ++#include "base64.h" ++#include "stralloc.h" ++#include "substdio.h" ++#include "str.h" ++ ++static char *b64alpha = ++ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; ++#define B64PAD '=' ++ ++/* returns 0 ok, 1 illegal, -1 problem */ ++ ++int b64decode(in,l,out) ++const unsigned char *in; ++int l; ++stralloc *out; /* not null terminated */ ++{ ++ int i, j; ++ unsigned char a[4]; ++ unsigned char b[3]; ++ char *s; ++ ++ if (l == 0) ++ { ++ if (!stralloc_copys(out,"")) return -1; ++ return 0; ++ } ++ ++ if (!stralloc_ready(out,l + 2)) return -1; /* XXX generous */ ++ s = out->s; ++ ++ for (i = 0;i < l;i += 4) { ++ for (j = 0;j < 4;j++) ++ if ((i + j) < l && in[i + j] != B64PAD) ++ { ++ a[j] = str_chr(b64alpha,in[i + j]); ++ if (a[j] > 63) return 1; ++ } ++ else a[j] = 0; ++ ++ b[0] = (a[0] << 2) | (a[1] >> 4); ++ b[1] = (a[1] << 4) | (a[2] >> 2); ++ b[2] = (a[2] << 6) | (a[3]); ++ ++ *s++ = b[0]; ++ ++ if (in[i + 1] == B64PAD) break; ++ *s++ = b[1]; ++ ++ if (in[i + 2] == B64PAD) break; ++ *s++ = b[2]; ++ } ++ out->len = s - out->s; ++ while (out->len && !out->s[out->len - 1]) --out->len; /* XXX avoid? */ ++ return 0; ++} ++ ++int b64encode(in,out) ++stralloc *in; ++stralloc *out; /* not null terminated */ ++{ ++ unsigned char a, b, c; ++ int i; ++ char *s; ++ ++ if (in->len == 0) ++ { ++ if (!stralloc_copys(out,"")) return -1; ++ return 0; ++ } ++ ++ if (!stralloc_ready(out,in->len / 3 * 4 + 4)) return -1; ++ s = out->s; ++ ++ for (i = 0;i < in->len;i += 3) { ++ a = in->s[i]; ++ b = i + 1 < in->len ? in->s[i + 1] : 0; ++ c = i + 2 < in->len ? in->s[i + 2] : 0; ++ ++ *s++ = b64alpha[a >> 2]; ++ *s++ = b64alpha[((a & 3 ) << 4) | (b >> 4)]; ++ ++ if (i + 1 >= in->len) *s++ = B64PAD; ++ else *s++ = b64alpha[((b & 15) << 2) | (c >> 6)]; ++ ++ if (i + 2 >= in->len) *s++ = B64PAD; ++ else *s++ = b64alpha[c & 63]; ++ } ++ out->len = s - out->s; ++ return 0; ++} +diff -N -u -r publicfile-0.52.orig/base64.h publicfile-0.52/base64.h +--- publicfile-0.52.orig/base64.h Wed Dec 31 16:00:00 1969 ++++ publicfile-0.52/base64.h Wed Aug 22 22:17:39 2001 +@@ -0,0 +1,7 @@ ++#ifndef BASE64_H ++#define BASE64_H ++ ++extern int b64decode(); ++extern int b64encode(); ++ ++#endif +diff -N -u -r publicfile-0.52.orig/hier.c publicfile-0.52/hier.c +--- publicfile-0.52.orig/hier.c Mon Nov 8 23:23:46 1999 ++++ publicfile-0.52/hier.c Wed Aug 22 22:17:39 2001 +@@ -7,6 +7,7 @@ + d(auto_home,"bin",-1,-1,02755); + + c(auto_home,"bin","configure",-1,-1,0755); ++ c(auto_home,"bin","htrules",-1,-1,0755); + c(auto_home,"bin","httpd",-1,-1,0755); + c(auto_home,"bin","ftpd",-1,-1,0755); + } +diff -N -u -r publicfile-0.52.orig/htrules.c publicfile-0.52/htrules.c +--- publicfile-0.52.orig/htrules.c Wed Dec 31 16:00:00 1969 ++++ publicfile-0.52/htrules.c Wed Aug 29 21:27:42 2001 +@@ -0,0 +1,117 @@ ++#include "strerr.h" ++#include "stralloc.h" ++#include "getln.h" ++#include "buffer.h" ++#include "exit.h" ++#include "fmt.h" ++#include "byte.h" ++#include "base64.h" ++#include "cdb_make.h" ++ ++#define FATAL "htrules: fatal: " ++ ++unsigned long linenum = 0; ++char *fntemp; ++char *fn; ++ ++stralloc line = {0}; ++int match = 1; ++ ++stralloc base64 = {0}; ++stralloc key = {0}; ++stralloc realm = {0}; ++stralloc userpass = {0}; ++ ++struct cdb_make c; ++ ++void nomem(void) ++{ ++ strerr_die2x(111,FATAL,"out of memory"); ++} ++void usage(void) ++{ ++ strerr_die1x(100,"htrules: usage: htrules access.cdb access.tmp"); ++} ++void die_bad(void) ++{ ++ if (!stralloc_0(&line)) nomem(); ++ strerr_die3x(100,FATAL,"unable to parse this line: ",line.s); ++} ++void die_write(void) ++{ ++ strerr_die4sys(111,FATAL,"unable to write to ",fntemp,": "); ++} ++ ++main(int argc,char **argv) ++{ ++ int colon; ++ char *x; ++ int len; ++ int fd; ++ int i; ++ char ch; ++ ++ fn = argv[1]; ++ if (!fn) usage(); ++ fntemp = argv[2]; ++ if (!fntemp) usage(); ++ ++ fd = open_trunc(fntemp); ++ if (fd == -1) ++ strerr_die4sys(111,FATAL,"unable to create ",fntemp,": "); ++ if (cdb_make_start(&c,fd) == -1) die_write(); ++ ++ while (match) { ++ if (getln(buffer_0,&line,&match,'\n') == -1) ++ strerr_die2sys(111,FATAL,"unable to read input: "); ++ ++ x = line.s; len = line.len; ++ ++ if (!len) break; ++ if (x[0] == '#') continue; ++ if (x[0] == '\n') continue; ++ ++ while (len) { ++ ch = x[len - 1]; ++ if (ch != '\n') if (ch != ' ') if (ch != '\t') break; ++ --len; ++ } ++ line.len = len; /* for die_bad() */ ++ if (!len) continue; ++ ++ colon = byte_chr(x,len,':'); ++ if (!colon || colon == len) die_bad(); ++ if (!stralloc_copyb(&realm,x,colon)) nomem(); ++ x += colon + 1; len -= colon + 1; ++ ++ colon = byte_chr(x,len,':'); ++ if (colon == len) { ++ if (!stralloc_copyb(&key,"C",1)) nomem(); ++ if (!stralloc_cat(&key,&realm)) nomem(); ++ if (!stralloc_catb(&key,":",1)) nomem(); ++ if (!stralloc_catb(&key,x,len)) nomem(); ++ if (cdb_make_add(&c,key.s,key.len,"",0) == -1) die_write(); ++ } else { ++ if (!stralloc_copyb(&userpass,x,len)) nomem(); ++ if (b64encode(&userpass,&base64) == -1) nomem(); ++ ++ if (!stralloc_copyb(&key,"U",1)) nomem(); ++ if (!stralloc_cat(&key,&base64)) nomem(); ++ if (cdb_make_add(&c,key.s,key.len,"",0) == -1) die_write(); ++ ++ if (!stralloc_copyb(&key,"R",1)) nomem(); ++ if (!stralloc_cat(&key,&realm)) nomem(); ++ if (!stralloc_catb(&key,":",1)) nomem(); ++ if (!stralloc_cat(&key,&base64)) nomem(); ++ if (cdb_make_add(&c,key.s,key.len,"",0) == -1) die_write(); ++ } ++ } ++ ++ if (cdb_make_finish(&c) == -1) die_write(); ++ if (fsync(fd) == -1) die_write(); ++ if (close(fd) == -1) die_write(); /* NFS stupidity */ ++ if (rename(fntemp,fn)) ++ strerr_die6sys(111,FATAL,"unable to move ",fntemp," to ",fn,": "); ++ ++ _exit(0); ++} +diff -N -u -r publicfile-0.52.orig/httpd.c publicfile-0.52/httpd.c +--- publicfile-0.52.orig/httpd.c Mon Nov 8 23:23:46 1999 ++++ publicfile-0.52/httpd.c Wed Aug 29 21:30:34 2001 +@@ -15,6 +15,10 @@ + #include "substdio.h" + #include "error.h" + #include "getln.h" ++#include "byte.h" ++#include "cdb.h" ++#include "openreadclose.h" ++#include "env.h" + + int safewrite(int fd,char *buf,int len) + { +@@ -51,6 +55,7 @@ + stralloc host = {0}; + stralloc path = {0}; + stralloc ims = {0}; ++stralloc basic_auth = {0}; + int flagbody = 1; + + char filebuf[1024]; +@@ -75,11 +80,16 @@ + out_puts("\r\n"); + } + +-void barf(char *code,char *message) ++void barf2(char *code,char *message,char *realm) + { + if (protocolnum > 0) { + tai_now(&now); + header(code,message); ++ if(realm) { ++ out_puts("WWW-Authenticate: Basic realm=\""); ++ out_puts(realm); ++ out_puts("\"\r\n"); ++ } + out_puts("Content-Length: "); + out_put(strnum,fmt_ulong(strnum,str_len(message) + 28)); + out_puts("\r\n"); +@@ -100,8 +110,81 @@ + _exit(0); + } + ++void barf(char *code,char *message) ++{ ++ barf2(code,message,(char *)0); ++} ++ + stralloc fn = {0}; ++stralloc accessfn = {0}; + stralloc contenttype = {0}; ++stralloc realm = {0}; ++stralloc realmtxt = {0}; ++stralloc key = {0}; ++ ++void checkauth(void) ++{ ++ int len; ++ int fd; ++ int colon; ++ static struct cdb c; ++ char *x; ++ ++ len = byte_rchr(fn.s,fn.len,'/'); ++ if (!stralloc_copyb(&accessfn,fn.s,len)) _exit(21); ++ if (!stralloc_cats(&accessfn,"/.access")) _exit(21); ++ if (!stralloc_0(&accessfn)) _exit(21); ++ ++ if (openreadclose(accessfn.s,&realm,256) == 0) return; ++ if (!realm.len) _exit(23); /* no realm */ ++ realm.len = byte_chr(realm.s,realm.len,'\n'); ++ while (realm.len) { ++ if (realm.s[realm.len - 1] != ' ') ++ if (realm.s[realm.len - 1] != '\t') ++ break; ++ --realm.len; ++ } ++ colon = byte_chr(realm.s,realm.len,':'); ++ if (!colon) _exit(23); /* no realm */ ++ if (colon == realm.len) { ++ if (!stralloc_copys(&realmtxt,"restricted access")) _exit(21); ++ } else { ++ if (!stralloc_copyb(&realmtxt,realm.s+colon+1,realm.len-(colon+1))) _exit(21); ++ realm.len = colon; ++ } ++ if (!stralloc_0(&realmtxt)) _exit(21); ++ ++ fd = open_read("/access.cdb"); ++ if (fd == -1) _exit(23); ++ cdb_init(&c,fd); ++ ++ x = env_get("HTTPCLIENT"); ++ if (x) { ++ if (!stralloc_copyb(&key,"C",1)) _exit(21); ++ if (!stralloc_cat(&key,&realm)) _exit(21); ++ if (!stralloc_catb(&key,":",1)) _exit(21); ++ if (!stralloc_cats(&key,x)) _exit(21); ++ if (cdb_find(&c,key.s,key.len) == 1) goto AUTH_OK; ++ } ++ ++ if (!basic_auth.len) barf2("401 ","Authorization Required", realmtxt.s); ++ ++ if (!stralloc_copyb(&key,"U",1)) _exit(21); ++ if (!stralloc_cat(&key,&basic_auth)) _exit(21); ++ if (cdb_find(&c,key.s,key.len) != 1) ++ barf2("401 ","Authorization Required",realmtxt.s); ++ ++ if (!stralloc_copyb(&key,"R",1)) _exit(21); ++ if (!stralloc_cat(&key,&realm)) _exit(21); ++ if (!stralloc_catb(&key,":",1)) _exit(21); ++ if (!stralloc_cat(&key,&basic_auth)) _exit(21); ++ if (cdb_find(&c,key.s,key.len) != 1) barf("403 ","Forbidden"); ++ ++ AUTH_OK: ++ alloc_free(key); ++ cdb_free(&c); ++ close(fd); ++} + + void get(void) + { +@@ -124,6 +207,8 @@ + if (!stralloc_cat(&fn,&path)) _exit(21); + pathdecode(&fn); + if (!stralloc_0(&fn)) _exit(21); ++ ++ checkauth(); + + fd = file_open(fn.s,&mtime,&length,1); + if (fd == -1) +@@ -227,6 +312,7 @@ + if (!stralloc_copys(&path,"")) _exit(21); + if (!stralloc_copys(&protocol,"")) _exit(21); + if (!stralloc_copys(&ims,"")) _exit(21); ++ if (!stralloc_copys(&basic_auth,"")) _exit(21); + protocolnum = 2; + + spaces = 0; +@@ -302,6 +388,8 @@ + if (!stralloc_append(&host,&field.s[i])) _exit(21); + if (case_startb(field.s,field.len,"if-modified-since:")) + if (!stralloc_copyb(&ims,field.s + 18,field.len - 18)) _exit(21); ++ if (case_startb(field.s,field.len,"authorization: basic ")) ++ if (!stralloc_copyb(&basic_auth,field.s + 21,field.len - 21)) _exit(21); + field.len = 0; + } + if (!line.len) break; +diff -N -u -r publicfile-0.52.orig/openreadclose.c publicfile-0.52/openreadclose.c +--- publicfile-0.52.orig/openreadclose.c Wed Dec 31 16:00:00 1969 ++++ publicfile-0.52/openreadclose.c Wed Aug 29 14:24:21 2001 +@@ -0,0 +1,18 @@ ++/* Public domain. */ ++ ++#include "error.h" ++#include "open.h" ++#include "readclose.h" ++#include "openreadclose.h" ++ ++int openreadclose(const char *fn,stralloc *sa,unsigned int bufsize) ++{ ++ int fd; ++ fd = open_read(fn); ++ if (fd == -1) { ++ if (errno == error_noent) return 0; ++ return -1; ++ } ++ if (readclose(fd,sa,bufsize) == -1) return -1; ++ return 1; ++} +diff -N -u -r publicfile-0.52.orig/openreadclose.h publicfile-0.52/openreadclose.h +--- publicfile-0.52.orig/openreadclose.h Wed Dec 31 16:00:00 1969 ++++ publicfile-0.52/openreadclose.h Wed Aug 29 14:24:21 2001 +@@ -0,0 +1,10 @@ ++/* Public domain. */ ++ ++#ifndef OPENREADCLOSE_H ++#define OPENREADCLOSE_H ++ ++#include "stralloc.h" ++ ++extern int openreadclose(const char *,stralloc *,unsigned int); ++ ++#endif +diff -N -u -r publicfile-0.52.orig/readclose.c publicfile-0.52/readclose.c +--- publicfile-0.52.orig/readclose.c Wed Dec 31 16:00:00 1969 ++++ publicfile-0.52/readclose.c Wed Aug 29 14:30:52 2001 +@@ -0,0 +1,23 @@ ++/* Public domain. */ ++ ++#include <unistd.h> ++#include "error.h" ++#include "readclose.h" ++ ++int readclose_append(int fd,stralloc *sa,unsigned int bufsize) ++{ ++ int r; ++ for (;;) { ++ if (!stralloc_readyplus(sa,bufsize)) { close(fd); return -1; } ++ r = read(fd,sa->s + sa->len,bufsize); ++ if (r == -1) if (errno == error_intr) continue; ++ if (r <= 0) { close(fd); return r; } ++ sa->len += r; ++ } ++} ++ ++int readclose(int fd,stralloc *sa,unsigned int bufsize) ++{ ++ if (!stralloc_copys(sa,"")) { close(fd); return -1; } ++ return readclose_append(fd,sa,bufsize); ++} +diff -N -u -r publicfile-0.52.orig/readclose.h publicfile-0.52/readclose.h +--- publicfile-0.52.orig/readclose.h Wed Dec 31 16:00:00 1969 ++++ publicfile-0.52/readclose.h Wed Aug 29 14:30:52 2001 +@@ -0,0 +1,11 @@ ++/* Public domain. */ ++ ++#ifndef READCLOSE_H ++#define READCLOSE_H ++ ++#include "stralloc.h" ++ ++extern int readclose_append(int,stralloc *,unsigned int); ++extern int readclose(int,stralloc *,unsigned int); ++ ++#endif |