Fawkes API
Fawkes Development Version
|
00001 00002 /*************************************************************************** 00003 * user_verifier.cpp - Webview user verifier 00004 * 00005 * Created: Mon Jan 24 18:43:47 2011 00006 * Copyright 2006-2011 Tim Niemueller [www.niemueller.de] 00007 * 00008 ****************************************************************************/ 00009 00010 /* This program is free software; you can redistribute it and/or modify 00011 * it under the terms of the GNU General Public License as published by 00012 * the Free Software Foundation; either version 2 of the License, or 00013 * (at your option) any later version. 00014 * 00015 * This program is distributed in the hope that it will be useful, 00016 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00017 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00018 * GNU Library General Public License for more details. 00019 * 00020 * Read the full text in the LICENSE.GPL file in the doc directory. 00021 */ 00022 00023 #include "user_verifier.h" 00024 00025 #include <core/exception.h> 00026 #include <config/config.h> 00027 #include <logging/logger.h> 00028 00029 #include <string> 00030 #ifdef __USE_GNU 00031 # include <crypt.h> 00032 #else 00033 # include <unistd.h> 00034 #endif 00035 00036 #define HASH_REGEX "^(\\$([[:alnum:]]+)\\$([a-zA-Z0-9/.]+)\\$)[a-zA-Z0-9/.]+$" 00037 00038 using namespace fawkes; 00039 00040 /** @class WebviewUserVerifier "user_verifier.h" 00041 * Webview user verification. 00042 * Verifies users against entries in the configuration database. 00043 * @author Tim Niemueller 00044 */ 00045 00046 /** Constructor. 00047 * @param config configuration to read users from 00048 * @param logger logger for log output 00049 */ 00050 WebviewUserVerifier::WebviewUserVerifier(Configuration *config, Logger *logger) 00051 : config(config), logger(logger) 00052 { 00053 int regerr; 00054 if ((regerr = regcomp(&__hash_regex, HASH_REGEX, REG_EXTENDED)) != 0) { 00055 char errtmp[1024]; 00056 regerror(regerr, &__hash_regex, errtmp, sizeof(errtmp)); 00057 regfree(&__hash_regex); 00058 throw Exception("Failed to compile hash regex: %s", errtmp); 00059 } 00060 } 00061 00062 00063 /** Destructor. */ 00064 WebviewUserVerifier::~WebviewUserVerifier() 00065 { 00066 regfree(&__hash_regex); 00067 } 00068 00069 00070 bool 00071 WebviewUserVerifier::verify_user(const char *user, const char *password) throw() 00072 { 00073 try { 00074 std::string userpath = std::string("/webview/users/") + user; 00075 std::string confpass = config->get_string(userpath.c_str()); 00076 00077 regmatch_t m[4]; 00078 if (regexec(&__hash_regex, confpass.c_str(), 4, m, 0) == REG_NOMATCH) { 00079 // assume clear text 00080 //logger->log_warn("WebviewUserVerifier", "Access denied for user %s, " 00081 // "invalid clear text password", user); 00082 return (confpass == password); 00083 } 00084 00085 #ifdef __USE_GNU 00086 struct crypt_data cd; 00087 cd.initialized = 0; 00088 00089 char *crypted = crypt_r(password, confpass.c_str(), &cd); 00090 #else 00091 char *crypted = crypt(password, confpass.c_str()); 00092 #endif 00093 00094 if (confpass == crypted) { 00095 return true; 00096 } else { 00097 //logger->log_warn("WebviewUserVerifier", "Access denied for user %s, " 00098 // "invalid clear hashed password", user); 00099 return false; 00100 } 00101 00102 } catch (Exception &e) { 00103 //logger->log_warn("WebviewUserVerifier", "Access denied for unknown user %s", 00104 // user); 00105 return false; 00106 } 00107 00108 // should not actually happen, just in case... 00109 return false; 00110 }