2 /* SEGV at comment below. */
3 typedef unsigned int size_t;
17 he_unknown_auth_scheme,
19 he_failed_digest_file_check,
20 he_failed_digest_file_save,
21 he_process_not_privileged,
27 typedef enum realm_type
33 __attribute__((__noclone__, __noinline__))
34 har has_www_auth(char *, size_t, realm_type, har);
36 __attribute__((__noclone__, __noinline__))
37 har has_auth_user(const char *, const char *, realm_type, char *, size_t);
39 __attribute__((__noclone__, __noinline__))
40 char *ha_get_string_value(void);
44 unsigned int track_id;
51 file_not_found_user_response = -3,
52 access_denied_user_response = -2,
53 no_user_response = -1,
59 struct realm_group *next;
64 struct realm_group *groups;
71 struct user_info *next;
73 static struct user_info *find_user(const char *user_name);
74 static int is_member_of_groups(const struct user_info *user_item,
75 const struct realm_group *groups);
76 int authent_author(request *req);
77 struct realm *realms = ((void *)0);
78 struct user_info *users = ((void *)0);
79 static struct user_info*
80 find_user(const char *user_name)
82 struct user_info *user_item;
84 while (user_item != ((void *)0)) {
85 /* SEGV due to NULL access here on user_name. See also comment below. */
86 if ((__builtin_strcmp(user_item->name, user_name) == 0))
88 user_item = user_item->next;
93 is_member_of_groups(const struct user_info *user_item,
94 const struct realm_group *groups)
96 const struct realm_group *group_item;
99 while (group_item != ((void *)0)) {
100 for (i = 0; i < user_item->no_groups; i++)
101 if (user_item->groups[i] == group_item->id)
103 group_item = group_item->next;
107 char *foo (void) __attribute__((__noclone__, __noinline__));
108 char* g_strdup (const char *str) __attribute__((__malloc__, __noclone__, __noinline__));
109 int g_strcmp0 (const char *str1, const char *str2);
111 is_basic(char **user)
114 char *authent = foo();
115 passwd_ptr = __builtin_strchr(authent, ':');
116 if (passwd_ptr != ((void *)0)) {
117 *user = g_strdup(authent);
123 is_digest(char **user)
127 authent = ha_get_string_value();
129 *user = g_strdup(authent);
134 __attribute__((__noclone__, __noinline__))
135 void g_free (void * mem);
136 static enum user_response
137 get_user_info_from_header(const realm_type type,
139 struct user_info **user_item)
141 int ret_val = no_user_response;
142 if ((type == ws_realm)) {
143 if (is_basic(user_name) == 0)
144 ret_val = access_denied_user_response;
145 if (is_digest(user_name) == 0)
146 ret_val = ok_user_response;
148 if (is_basic(user_name) < 0 &&
149 /* Load of *user_name here, but not after the is_digest call. */
150 is_digest(user_name) < 0)
152 else if ((*user_item = find_user(*user_name)) != ((void *)0))
153 ret_val = ok_user_response;
155 ret_val = access_denied_user_response;
156 if (ret_val != ok_user_response)
161 static enum user_response
162 authenticate_user(request *req,
164 struct user_info **user_item)
166 char *authent = ((void *)0);
167 har resp = ha_no_value;
168 enum user_response user_resp;
169 int ret_val = no_user_response;
170 if (req->authent && __builtin_strlen(req->authent)) {
171 authent = req->authent;
172 user_resp = get_user_info_from_header(req->internal_realm,
175 if (user_resp == ok_user_response) {
176 resp = has_auth_user(authent, 0, req->internal_realm, "", 1);
177 if (resp == ha_no_error)
178 ret_val = ok_user_response;
179 else if (resp != he_stale_nonce)
180 ret_val = access_denied_user_response;
181 } else if (user_resp == access_denied_user_response)
182 ret_val = access_denied_user_response;
184 if (resp != he_memory_too_small && resp != ha_no_error)
185 resp = has_www_auth("", 1, req->internal_realm, resp);
189 int __attribute__ ((__noinline__, __noclone__))
190 authent_author(request *req)
193 char *user_name = ((void *)0);
194 struct user_info *user_item = ((void *)0);
198 if (__builtin_strcmp("Wsd", realm->name) == 0) {
199 req->internal_realm = ws_realm;
200 is_digest(&user_name);
202 if (authenticate_user(req, &user_name, &user_item) < 0) {
203 if (user_name != ((void *)0))
204 req->user = user_name;
206 goto authent_author_return;
208 if (is_member_of_groups(user_item, realm->groups) < 0)
210 authent_author_return:
214 int good0, good1, good2;
216 __attribute__ ((__noinline__, __noclone__))
224 __attribute__ ((__noinline__, __noclone__))
225 char *ha_get_string_value(void)
232 __attribute__ ((__noinline__, __noclone__))
233 har has_auth_user(const char *a, const char *b, realm_type c, char *d, size_t e)
236 if (*a != 'z' || a[1] != 0 || b != 0 || c != axis_realm || *d != 0
242 __attribute__ ((__noinline__, __noclone__))
243 har has_www_auth(char *a, size_t b, realm_type c, har d)
251 char *strdupped_user = "me";
252 __attribute__((__malloc__, __noclone__, __noinline__))
253 char* g_strdup (const char *str)
259 return strdupped_user;
262 __attribute__((__noclone__, __noinline__))
263 void g_free (void * mem)
270 struct user_info me = { .name = "me", .no_groups = 1, .groups = {42}, .next = 0};
271 struct user_info you = { .name = "you", .next = &me};
272 struct realm_group xgroups = { .name = "*", .id = 42, .next = 0};
276 char *orig_user = "?";
277 struct realm r = { .name = "x", .space = "space?", .groups = &xgroups, .next = 0};
278 request req = { .user = orig_user, .realm = "!", .authent = "z",
279 .internal_realm = axis_realm};
282 if (authent_author (&req) != 0 || good0 != 1 || good1 != 1 || good2 != 1
283 || req.user != orig_user
284 || req.internal_realm != axis_realm)