FILE *fp = NULL;
int fd;
- if (ctx->global_passwd_file) {
+ if (ctx->options[OPT_AUTH_GPASSWD] != NULL) {
/* Use global passwords file */
- my_snprintf(name, sizeof(name), "%s", ctx->global_passwd_file);
+ my_snprintf(name, sizeof(name), "%s",
+ ctx->options[OPT_AUTH_GPASSWD]);
} else {
/* Try to find .htpasswd in requested directory */
for (p = path, e = p + strlen(p) - 1; e > p; e--)
DBG(("[%.*s] [%.*s] [%.*s]", user.len, user.ptr,
domain.len, domain.ptr, ha1.len, ha1.ptr));
- if (vcmp(user_vec, &user) && !memcmp(c->ctx->auth_realm,
+ if (vcmp(user_vec, &user) &&
+ !memcmp(c->ctx->options[OPT_AUTH_REALM],
domain.ptr, domain.len)) {
ok = check_password(c->method, &ha1, &digest);
break;
int
check_authorization(struct conn *c, const char *path)
{
- FILE *fp = NULL;
- int authorized = 1;
-
-#ifdef EMBEDDED
- struct llhead *lp;
- struct uri_auth *auth;
-
- /* Check, is this URL protected by shttpd_protect_url() */
- LL_FOREACH(&c->ctx->uri_auths, lp) {
- auth = LL_ENTRY(lp, struct uri_auth, link);
- if (!strncmp(c->uri, auth->uri, auth->uri_len)) {
- fp = fopen(auth->file_name, "r");
+ FILE *fp = NULL;
+ int len, n, authorized = 1;
+ const char *p, *s = c->ctx->options[OPT_PROTECT];
+ char protected_path[FILENAME_MAX];
+
+ FOR_EACH_WORD_IN_LIST(s, len) {
+
+ if ((p = memchr(s, '=', len)) == NULL || p >= s + len || p == s)
+ continue;
+
+ if (!memcmp(c->uri, s, p - s)) {
+
+ n = s + len - p + 1;
+ if (n > (int) sizeof(protected_path) - 1)
+ n = sizeof(protected_path) - 1;
+
+ my_strlcpy(protected_path, p + 1, n);
+
+ if ((fp = fopen(protected_path, "r")) == NULL)
+ elog(E_LOG, c, "check_auth: cannot open %s: %s",
+ protected_path, strerror(errno));
break;
}
}
-#endif /* EMBEDDED */
-
+
if (fp == NULL)
fp = open_auth_file(c->ctx, path);
FILE *fp;
int ret = 0;
- if ((fp = fopen(c->ctx->put_auth_file, "r")) != NULL) {
+ if ((fp = fopen(c->ctx->options[OPT_AUTH_PUT], "r")) != NULL) {
ret = authorize(c, fp);
(void) fclose(fp);
}
(void) my_snprintf(buf, sizeof(buf), "Unauthorized\r\n"
"WWW-Authenticate: Digest qop=\"auth\", realm=\"%s\", "
- "nonce=\"%lu\"", c->ctx->auth_realm, (unsigned long) current_time);
+ "nonce=\"%lu\"", c->ctx->options[OPT_AUTH_REALM],
+ (unsigned long) current_time);
send_server_error(c, 401, buf);
}