Fix authentication, finish /put API.

author Chip Black <bytex64@bytex64.net>

Wed, 22 Dec 2010 05:43:41 +0000 (23:43 -0600)

committer Chip Black <bytex64@bytex64.net>

Wed, 22 Dec 2010 05:43:41 +0000 (23:43 -0600)
author Chip Black <bytex64@bytex64.net>
Wed, 22 Dec 2010 05:43:41 +0000 (23:43 -0600)
committer Chip Black <bytex64@bytex64.net>
Wed, 22 Dec 2010 05:43:41 +0000 (23:43 -0600)
diff --git a/auth.c b/auth.c

index 6ce78b2..0a3a8f5 100644 (file)
--- a/auth.c
+++ b/auth.c
@@ -21,10 +21,10 @@ int auth_set_password(const char *username, const char *password) {
         return 1;
  }
  
         return 1;
  }
  
-int auth_check_password(const char *username, const char *password) {
+int auth_get_password(const char *username, char *password) {
         char filename[512];
         char filename[512];
-       char epw[33];
-       int fd, len;
+       int fd;
+       int len = 0;
  
         sprintf(filename, "%s/%s/password", DATA_PATH, username);
         fd = open(filename, O_RDONLY);
  
         sprintf(filename, "%s/%s/password", DATA_PATH, username);
         fd = open(filename, O_RDONLY);
@@ -33,6 +33,17 @@ int auth_check_password(const char *username, const char *password) {
         len = read(fd, password, 32);
         close(fd);
  
         len = read(fd, password, 32);
         close(fd);
  
+       password[len] = 0;
+
+       return 1;
+}
+
+int auth_check_password(const char *username, const char *password) {
+       char epw[33];
+
+       if (auth_get_password(username, epw) == 0)
+               return 0;
+
         if (strncmp(password, epw, 32) == 0)
                 return 1;
         else
         if (strncmp(password, epw, 32) == 0)
                 return 1;
         else
diff --git a/auth.h b/auth.h

index 4d551f6..da024c9 100644 (file)
--- a/auth.h
+++ b/auth.h
@@ -2,6 +2,7 @@
  #define _AUTH_H
  
  int auth_set_password(const char *, const char *);
  #define _AUTH_H
  
  int auth_set_password(const char *, const char *);
+int auth_get_password(const char *, char *);
  int auth_check_password(const char *, const char *);
  
  #endif //_AUTH_H
  int auth_check_password(const char *, const char *);
  
  #endif //_AUTH_H
diff --git a/http_blerg.c b/http_blerg.c

index 6a6de82..3cbc207 100644 (file)
--- a/http_blerg.c
+++ b/http_blerg.c
@@ -16,17 +16,27 @@ struct create_state {
         char password[33];
  };
  
         char password[33];
  };
  
+struct put_state {
+       struct MHD_PostProcessor *pp;
+       char *data;
+       int data_size;
+};
+
+struct MHD_Response *response_401;
  struct MHD_Response *response_404;
  struct MHD_Response *response_404;
-struct MHD_Response *response_501;
+struct MHD_Response *response_405;
  struct MHD_Response *response_JSON_Success;
  struct MHD_Response *response_JSON_Failure;
  
  void init_responses() {
  struct MHD_Response *response_JSON_Success;
  struct MHD_Response *response_JSON_Failure;
  
  void init_responses() {
+#define CONTENT_401 "<html><head><title>401 Unauthorized</title></head><body><h1>401 Unauthorized</h1>DENIED</body></html>"
+       response_401 = MHD_create_response_from_data(strlen (CONTENT_401), CONTENT_401, MHD_NO, MHD_NO);  
+
  #define CONTENT_404 "<html><head><title>404 Not Found</title></head><body><h1>404 Not Found</h1>I couldn't find that.</body></html>"
         response_404 = MHD_create_response_from_data(strlen(CONTENT_404), CONTENT_404, MHD_NO, MHD_NO);
  
  #define CONTENT_404 "<html><head><title>404 Not Found</title></head><body><h1>404 Not Found</h1>I couldn't find that.</body></html>"
         response_404 = MHD_create_response_from_data(strlen(CONTENT_404), CONTENT_404, MHD_NO, MHD_NO);
  
-#define CONTENT_501 "<html><head><title>501 Not Implemented</title></head><body><h1>501 Not Implemented</h1>I'm sorry, Dave. I'm afraid I can't do that.</body></html>"
-       response_501 = MHD_create_response_from_data(strlen(CONTENT_501), CONTENT_501, MHD_NO, MHD_NO);
+#define CONTENT_405 "<html><head><title>405 Method Not Allowed</title></head><body><h1>405 Method Not Allowed</h1>I'm sorry, Dave. I'm afraid I can't do that.</body></html>"
+       response_405 = MHD_create_response_from_data(strlen(CONTENT_405), CONTENT_405, MHD_NO, MHD_NO);
  
  #define JSON_SUCCESS "{status: \"success\"}"
         response_JSON_Success = MHD_create_response_from_data(strlen(JSON_SUCCESS), JSON_SUCCESS, MHD_NO, MHD_NO);
  
  #define JSON_SUCCESS "{status: \"success\"}"
         response_JSON_Success = MHD_create_response_from_data(strlen(JSON_SUCCESS), JSON_SUCCESS, MHD_NO, MHD_NO);
@@ -35,12 +45,18 @@ void init_responses() {
         response_JSON_Failure = MHD_create_response_from_data(strlen(JSON_FAILURE), JSON_FAILURE, MHD_NO, MHD_NO);
  }
  
         response_JSON_Failure = MHD_create_response_from_data(strlen(JSON_FAILURE), JSON_FAILURE, MHD_NO, MHD_NO);
  }
  
+#define REALM "Blerg"
+#define OPAQUE "d29fb6db8f21a6e99903651a9f87470e"
+int respond_401(struct MHD_Connection *connection, int signal_stale) {
+       return MHD_queue_auth_fail_response(connection, REALM, OPAQUE, response_401, signal_stale);    
+}
+
  int respond_404(struct MHD_Connection *connection) {
         return MHD_queue_response(connection, MHD_HTTP_NOT_FOUND, response_404);
  }
  
  int respond_404(struct MHD_Connection *connection) {
         return MHD_queue_response(connection, MHD_HTTP_NOT_FOUND, response_404);
  }
  
-int respond_501(struct MHD_Connection *connection) {
-       return MHD_queue_response(connection, MHD_HTTP_NOT_IMPLEMENTED, response_501);
+int respond_405(struct MHD_Connection *connection) {
+       return MHD_queue_response(connection, MHD_HTTP_METHOD_NOT_ALLOWED, response_405);
  }
  
  int respond_JSON_Success(struct MHD_Connection *connection) {
  }
  
  int respond_JSON_Success(struct MHD_Connection *connection) {
@@ -79,15 +95,30 @@ int parse_url_info(const char *url, char *author, uint64_t *record) {
  int POST_create_iterator(void *cls, enum MHD_ValueKind kind, const char *key, const char *filename, const char *content_type, const char *transfer_encoding, const char *data, uint64_t off, size_t size) {
         struct create_state *cs = cls;
  
  int POST_create_iterator(void *cls, enum MHD_ValueKind kind, const char *key, const char *filename, const char *content_type, const char *transfer_encoding, const char *data, uint64_t off, size_t size) {
         struct create_state *cs = cls;
  
-       if (strncmp(key, "username", 8) == 0) {
+       if (strncmp(key, "username", 9) == 0) {
                 if (size > 32) size = 32;
                 memcpy(cs->username, data, size);
                 cs->username[size] = 0;
                 if (size > 32) size = 32;
                 memcpy(cs->username, data, size);
                 cs->username[size] = 0;
-       } else if (strncmp(key, "password", 8) == 0) {
+       } else if (strncmp(key, "password", 9) == 0) {
                 if (size > 32) size = 32;
                 memcpy(cs->password, data, size);
                 cs->password[size] = 0;
         }
                 if (size > 32) size = 32;
                 memcpy(cs->password, data, size);
                 cs->password[size] = 0;
         }
+
+       return MHD_YES;
+}
+
+int POST_put_iterator(void *cls, enum MHD_ValueKind kind, const char *key, const char *filename, const char *content_type, const char *transfer_encoding, const char *data, uint64_t off, size_t size) {
+       struct put_state *ps = cls;
+
+       if (strncmp(key, "data", 5) == 0) {
+               ps->data_size = size;
+               ps->data = malloc(size);
+               memcpy(ps->data, data, size);
+               return MHD_NO;
+       }
+
+       return MHD_YES;
  }
  
  static int
  }
  
  static int
@@ -144,57 +175,69 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
                         }
                 }
         } else if (strncmp(url, "/put", 4) == 0) {
                         }
                 }
         } else if (strncmp(url, "/put", 4) == 0) {
+               struct put_state *ps = (struct put_state *) *ptr;
                 char *username;
                 char *username;
-               const char *password = "testpass";
-               const char *realm = "Blerg Post";
-
-#define OPAQUE "d29fb6db8f21a6e99903651a9f87470e"
-#define DENIED "DENIED, MOTHERFUCKER"
-#define PAGE "DERP DERP AUTHENTICATED DERP"
+               char password[33];
  
                 if (*ptr == NULL) {
  
                 if (*ptr == NULL) {
+                       if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
+                               return respond_405(connection);
+
+                       if (url[4] == '/')
+                               return respond_404(connection);
+
                         *ptr = (void *) 1;
  
                         username = MHD_digest_auth_get_username(connection);
                         *ptr = (void *) 1;
  
                         username = MHD_digest_auth_get_username(connection);
-                       if (username == NULL) {
-                               response = MHD_create_response_from_data(strlen (DENIED), DENIED, MHD_NO, MHD_NO);  
-                               ret = MHD_queue_auth_fail_response(connection, realm, OPAQUE, response, MHD_NO);    
-                               MHD_destroy_response(response);  
-                               return ret;
-                       }
+                       if (username == NULL)
+                               return respond_401(connection, MHD_NO);
+                       auth_get_password(username, password);
  
  
-                       printf("username: %s\n", username);
-
-                       ret = MHD_digest_auth_check(connection, realm, username, password, 300);
+                       ret = MHD_digest_auth_check(connection, REALM, username, password, 300);
                         free(username);
  
                         free(username);
  
-                       if (ret == MHD_INVALID_NONCE || ret == MHD_NO) {
-                               response = MHD_create_response_from_data(strlen (DENIED), DENIED, MHD_NO, MHD_NO);  
-                               ret = MHD_queue_auth_fail_response(connection, realm, OPAQUE, response,
-                                                                  (ret == MHD_INVALID_NONCE) ? MHD_YES : MHD_NO);       
-                               MHD_destroy_response(response);  
-                               return ret;
-                       }
+                       if (ret == MHD_INVALID_NONCE || ret == MHD_NO)
+                               return respond_401(connection, (ret == MHD_INVALID_NONCE) ? MHD_YES : MHD_NO);
+
+                       struct put_state *ps = malloc(sizeof(struct put_state));
+                       ps->data = NULL;
+                       ps->pp = MHD_create_post_processor(connection, 4096, &POST_put_iterator, ps);
+                       *ptr = ps;
+                       return MHD_YES;
                 }
  
                 }
  
-               *ptr = NULL;
+               if (*upload_data_size) {
+                       MHD_post_process(ps->pp, upload_data, *upload_data_size);
+                       *upload_data_size = 0;
+                       return MHD_YES;
+               }
  
  
-               if (url[4] != '/')
-                       return respond_404(connection);
-               ret = parse_url_info(url + 5, author, &record);
-               if ((ret & URL_INFO_AUTHOR) == 0)
-                       return respond_404(connection);
+               if (ps->data == NULL || ps->data_size == 0)
+                       return respond_JSON_Failure(connection);
  
  
-               response = MHD_create_response_from_data(strlen(PAGE), PAGE, MHD_NO, MHD_NO);
-               ret = MHD_queue_response(connection, MHD_HTTP_OK, response);  
-               MHD_destroy_response(response);
-               return ret;
+               username = MHD_digest_auth_get_username(connection);
+               struct blerg *b = blerg_open(username);
+               if (b == NULL)
+                       return respond_JSON_Failure(connection);
+               if (blerg_store(b, ps->data, ps->data_size) == -1) {
+                       blerg_close(b);
+                       return respond_JSON_Failure(connection);
+               }
+               blerg_close(b);
+
+               MHD_destroy_post_processor(ps->pp);
+               free(username);
+               free(ps->data);
+               free(ps);
+               *ptr = NULL;
+
+               return respond_JSON_Success(connection);
         } else if (strncmp(url, "/create", 8) == 0) {
                 struct create_state *cs = (struct create_state *) *ptr;
  
                 if (cs == NULL) {
                         if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
         } else if (strncmp(url, "/create", 8) == 0) {
                 struct create_state *cs = (struct create_state *) *ptr;
  
                 if (cs == NULL) {
                         if (strcmp(method, MHD_HTTP_METHOD_POST) != 0)
-                               return respond_501(connection);
+                               return respond_405(connection);
  
                         struct create_state *cs = malloc(sizeof(struct create_state));
                         cs->username[0] = cs->password[0] = 0;
  
                         struct create_state *cs = malloc(sizeof(struct create_state));
                         cs->username[0] = cs->password[0] = 0;
@@ -207,21 +250,23 @@ ahc_derp (void *cls, struct MHD_Connection *connection, const char *url, const c
                         MHD_post_process(cs->pp, upload_data, *upload_data_size);
                         *upload_data_size = 0;
                         return MHD_YES;
                         MHD_post_process(cs->pp, upload_data, *upload_data_size);
                         *upload_data_size = 0;
                         return MHD_YES;
-               } else {
-                       if (cs->username[0] == 0 || cs->password[0] == 0)
-                               return respond_JSON_Failure(connection);
+               }
  
  
-                       if (blerg_exists(cs->username))
-                               return respond_JSON_Failure(connection);
+               if (cs->username[0] == 0 || cs->password[0] == 0)
+                       return respond_JSON_Failure(connection);
  
  
-                       struct blerg *b = blerg_open(cs->username);
-                       blerg_close(b);
-                       auth_set_password(cs->username, cs->password);
+               if (blerg_exists(cs->username))
+                       return respond_JSON_Failure(connection);
  
  
-                       MHD_destroy_post_processor(cs->pp);
-                       free(cs);
-                       return respond_JSON_Success(connection);
-               }
+               struct blerg *b = blerg_open(cs->username);
+               blerg_close(b);
+               auth_set_password(cs->username, cs->password);
+
+               MHD_destroy_post_processor(cs->pp);
+               free(cs);
+               *ptr = NULL;
+
+               return respond_JSON_Success(connection);
         } else {
                 return respond_404(connection);
         }
         } else {
                 return respond_404(connection);
         }
author	Chip Black <bytex64@bytex64.net>
	Wed, 22 Dec 2010 05:43:41 +0000 (23:43 -0600)
committer	Chip Black <bytex64@bytex64.net>
	Wed, 22 Dec 2010 05:43:41 +0000 (23:43 -0600)
auth.c		patch \| blob \| history
auth.h		patch \| blob \| history
http_blerg.c		patch \| blob \| history