Added authentication check facility to zebra.

diff --git a/include/passwddb.h b/include/passwddb.h
new file mode 100644 (file)
index 0000000..ebbc919
--- /dev/null
+++ b/include/passwddb.h
@@ -0,0 +1,11 @@
+
+typedef struct passwd_db *Passwd_db;
+
+Passwd_db passwd_db_open (void);
+int passwd_db_auth (Passwd_db db, const char *user, const char *pass);
+int passwd_db_file (Passwd_db db, const char *fname);
+void passwd_db_close (Passwd_db db);
+void passwd_db_show (Passwd_db db);
+
+
+

diff --git a/index/zebraapi.c b/index/zebraapi.c
index 7caf21a..94a31f9 100644 (file)
--- a/index/zebraapi.c
+++ b/index/zebraapi.c
@@ -4,7 +4,10 @@
  * Sebastian Hammer, Adam Dickmeiss
  *
  * $Log: zebraapi.c,v $
- * Revision 1.5  1998-06-13 00:14:08  adam
+ * Revision 1.6  1998-06-22 11:36:47  adam
+ * Added authentication check facility to zebra.
+ *
+ * Revision 1.5  1998/06/13 00:14:08  adam
  * Minor changes.
  *
  * Revision 1.4  1998/06/12 12:22:12  adam
@@ -155,6 +158,21 @@ ZebraHandle zebra_open (const char *configName)
     zh->errString = 0;
     
     zebraRankInstall (zh, rank1_class);
+
+    if (!res_get (zh->res, "passwd"))
+       zh->passwd_db = NULL;
+    else
+    {
+       zh->passwd_db = passwd_db_open ();
+       if (!zh->passwd_db)
+           logf (LOG_WARN|LOG_ERRNO, "passwd_db_open failed");
+       else
+           passwd_db_file (zh->passwd_db, res_get (zh->res, "passwd"));
+    }
+    zh->bfs = bfs_create (res_get (zh->res, "register"));
+    bf_lockDir (zh->bfs, res_get (zh->res, "lockDir"));
+    data1_set_tabpath (zh->dh, res_get(zh->res, "profilePath"));
+
     return zh;
 }
 
@@ -179,6 +197,8 @@ void zebra_close (ZebraHandle zh)
     data1_destroy (zh->dh);
     zebra_server_lock_destroy (zh);
 
+    if (zh->passwd_db)
+       passwd_db_close (zh->passwd_db);
     res_close (zh->res);
     xfree (zh);
 }
@@ -291,6 +311,13 @@ int zebra_hits (ZebraHandle zh)
     return zh->hits;
 }
 
+int zebra_auth (ZebraHandle zh, const char *user, const char *pass)
+{
+    if (!zh->passwd_db || !passwd_db_auth (zh->passwd_db, user, pass))
+       return 0;
+    return 1;
+}
+
 void zebra_setDB (ZebraHandle zh, int num_bases, char **basenames)
 {
 

diff --git a/index/zebraapi.h b/index/zebraapi.h
index 83df424..f05541a 100644 (file)
--- a/index/zebraapi.h
+++ b/index/zebraapi.h
@@ -4,7 +4,10 @@
  * Sebastian Hammer, Adam Dickmeiss
  *
  * $Log: zebraapi.h,v $
- * Revision 1.2  1998-06-13 00:14:09  adam
+ * Revision 1.3  1998-06-22 11:36:48  adam
+ * Added authentication check facility to zebra.
+ *
+ * Revision 1.2  1998/06/13 00:14:09  adam
  * Minor changes.
  *
  * Revision 1.1  1998/06/12 12:22:13  adam
@@ -72,3 +75,6 @@ YAZ_EXPORT char *zebra_errAdd (ZebraHandle zh);
 /* number of hits (after search) */
 YAZ_EXPORT int zebra_hits (ZebraHandle zh);
 
+/* do authentication */
+YAZ_EXPORT int zebra_auth (ZebraHandle zh, const char *user, const char *pass);
+

diff --git a/index/zserver.c b/index/zserver.c
index bc7bf18..4718912 100644 (file)
--- a/index/zserver.c
+++ b/index/zserver.c
@@ -4,7 +4,10 @@
  * Sebastian Hammer, Adam Dickmeiss
  *
  * $Log: zserver.c,v $
- * Revision 1.59  1998-06-12 12:22:13  adam
+ * Revision 1.60  1998-06-22 11:36:49  adam
+ * Added authentication check facility to zebra.
+ *
+ * Revision 1.59  1998/06/12 12:22:13  adam
  * Work on Zebra API.
  *
  * Revision 1.58  1998/05/27 16:57:46  adam
@@ -238,6 +241,8 @@ bend_initresult *bend_init (bend_initrequest *q)
     bend_initresult *r = odr_malloc (q->stream, sizeof(*r));
     ZebraHandle zh;
     struct statserv_options_block *sob;
+    char *user = NULL;
+    char *passwd = NULL;
 
     r->errcode = 0;
     r->errstring = 0;
@@ -252,6 +257,28 @@ bend_initresult *bend_init (bend_initrequest *q)
        r->errcode = 1;
        return r;
     }
+    if (q->auth)
+    {
+       if (q->auth->which == Z_IdAuthentication_open)
+       {
+           char *openpass = xstrdup (q->auth->u.open);
+           char *cp = strchr (openpass, '/');
+           if (cp)
+           {
+               *cp = '\0';
+               user = nmem_strdup (odr_getmem (q->stream), openpass);
+               passwd = nmem_strdup (odr_getmem (q->stream), cp+1);
+           }
+           xfree (openpass);
+       }
+    }
+    if (zebra_auth (zh, user, passwd))
+    {
+       r->errcode = 222;
+       r->errstring = user;
+       zebra_close (zh);
+       return r;
+    }
     r->handle = zh;
     return r;
 }

diff --git a/index/zserver.h b/index/zserver.h
index 92b8ddf..b59eecc 100644 (file)
--- a/index/zserver.h
+++ b/index/zserver.h
@@ -4,7 +4,10 @@
  * Sebastian Hammer, Adam Dickmeiss
  *
  * $Log: zserver.h,v $
- * Revision 1.33  1998-06-12 12:22:14  adam
+ * Revision 1.34  1998-06-22 11:36:50  adam
+ * Added authentication check facility to zebra.
+ *
+ * Revision 1.33  1998/06/12 12:22:14  adam
  * Work on Zebra API.
  *
  * Revision 1.32  1998/05/27 16:57:47  adam
@@ -134,6 +137,7 @@
 #include <rset.h>
 
 #include <sortidx.h>
+#include <passwddb.h>
 #include "index.h"
 #include "zebraapi.h"
 #include "zinfo.h"
@@ -178,6 +182,7 @@ struct zebra_info {
 #endif
     ZebraMaps zebra_maps;
     ZebraRankClass rank_classes;
+    Passwd_db passwd_db;
 };
 
 

diff --git a/util/Makefile b/util/Makefile
index fcdc9cd..a674897 100644 (file)
--- a/util/Makefile
+++ b/util/Makefile
@@ -1,28 +1,31 @@
 # Copyright (C) 1994-1996, Index Data I/S 
 # All rights reserved.
 # Sebastian Hammer, Adam Dickmeiss
-# $Id: Makefile,v 1.27 1997-10-27 14:33:06 adam Exp $
+# $Id: Makefile,v 1.28 1998-06-22 11:36:51 adam Exp $
 
 SHELL=/bin/sh
 RANLIB=ranlib
 
-YAZLIB=-lyaz
+YAZLIB=../../yaz/lib/libyaz.a
 YAZINC=-I../../yaz/include
 
 INCLUDE=-I../include $(YAZINC)
 TPROG=opt-test
-DEFS=$(INCLUDE)
+DEFS=$(INCLUDE) -DUSE_CRYPT=0
 CPP=$(CC) -E
 LIB=../lib/zebrautl.a
-PO = res.o charmap.o zebramap.o
+PO = res.o charmap.o zebramap.o passwddb.o
 
 all: $(LIB)
 
-alll: res-test all
+alll: res-test all passtest
 
 res-test: res-test.o $(LIB) 
        $(CC) -o res-test res-test.o $(LIB) $(YAZLIB)
 
+passtest: passtest.o $(LIB) 
+       $(CC) -o passtest passtest.o $(LIB) $(YAZLIB) -lcrypt
+
 $(LIB): $(PO)
        rm -f $(LIB)
        ar qc $(LIB) $(PO)

diff --git a/util/passtest.c b/util/passtest.c
new file mode 100644 (file)
index 0000000..160a9b1
--- /dev/null
+++ b/util/passtest.c
@@ -0,0 +1,14 @@
+
+#include <passwddb.h>
+
+int main (int argc, char **argv)
+{
+       Passwd_db db;
+
+       db = passwd_db_open();
+
+       passwd_db_file (db, "/etc/passwd");
+       passwd_db_show (db);
+       passwd_db_auth (db, "adam", "xtx9Y=");
+       passwd_db_close (db);
+}

diff --git a/util/passwddb.c b/util/passwddb.c
new file mode 100644 (file)
index 0000000..ed4822b
--- /dev/null
+++ b/util/passwddb.c
@@ -0,0 +1,127 @@
+
+#include <unistd.h>
+#include <string.h>
+#include <stdio.h>
+
+#if USE_CRYPT
+#include <crypt.h>
+#endif
+
+#include <log.h>
+#include <xmalloc.h>
+
+#include <passwddb.h>
+
+struct passwd_entry {
+       char *name;
+       char *des;
+       struct passwd_entry *next;
+};
+
+struct passwd_db {
+       struct passwd_entry *entries;
+};
+
+Passwd_db passwd_db_open (void)
+{
+       struct passwd_db *p = xmalloc (sizeof(*p));
+       p->entries = 0;
+       return p;
+}
+
+static int get_entry (const char **p, char *dst, int max)
+{      
+       int i = 0;
+       while ((*p)[i] != ':' && (*p)[i])
+               i++;
+       if (i >= max)
+               i = max-1;
+       if (i)
+               memcpy (dst, *p, i);
+       dst[i] = '\0';
+       *p += i;
+       if (*p)
+               (*p)++;
+       return i;
+}
+
+int passwd_db_file (Passwd_db db, const char *fname)
+{
+       FILE *f;
+       char buf[1024];
+       f = fopen (fname, "r");
+       if (!f)
+               return -1;
+       while (fgets (buf, sizeof(buf)-1, f))
+       {
+               struct passwd_entry *pe;
+               char name[128];
+               char des[128];
+               char *p;
+               const char *cp = buf;
+               if ((p = strchr (buf, '\n')))
+                       *p = '\0';
+               get_entry (&cp, name, 128);
+               get_entry (&cp, des, 128);
+
+               pe = xmalloc (sizeof(*pe));
+               pe->name = xstrdup (name);
+               pe->des = xstrdup (des);
+               pe->next = db->entries;
+               db->entries = pe;
+       }
+       fclose (f);
+       return 0;
+}
+
+void passwd_db_close (Passwd_db db)
+{
+       struct passwd_entry *pe = db->entries;
+       while (pe)
+       {
+               struct passwd_entry *pe_next = pe->next;
+       
+               xfree (pe->name);
+               xfree (pe->des);
+               xfree (pe);
+               pe = pe_next;
+       }
+       xfree (db);
+}
+
+void passwd_db_show (Passwd_db db)
+{
+       struct passwd_entry *pe;
+       for (pe = db->entries; pe; pe = pe->next)
+               logf (LOG_LOG,"%s:%s", pe->name, pe->des);
+}
+
+int passwd_db_auth (Passwd_db db, const char *user, const char *pass)
+{
+       struct passwd_entry *pe;
+#if USE_CRYPT
+       char salt[3];
+       const char *des_try;
+#endif
+       for (pe = db->entries; pe; pe = pe->next)
+               if (user && !strcmp (user, pe->name))
+                       break;
+       if (!pe)
+               return -1;
+#if USE_CRYPT
+       if (strlen (pe->des) < 3)
+               return -3;
+       if (!pass)
+           return -2;
+       memcpy (salt, pe->des, 2);
+       salt[2] = '\0'; 
+       des_try = crypt (pass, salt);
+       if (strcmp (des_try, pe->des))
+               return -2;
+#else
+       if (strcmp (pe->des, pass))
+               return -2;
+#endif
+       return 0;       
+}
+