diff options
Diffstat (limited to 'source4/web_server/calls.c')
-rw-r--r-- | source4/web_server/calls.c | 105 |
1 files changed, 0 insertions, 105 deletions
diff --git a/source4/web_server/calls.c b/source4/web_server/calls.c deleted file mode 100644 index 8e9ea86904..0000000000 --- a/source4/web_server/calls.c +++ /dev/null @@ -1,105 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - provide hooks into C calls from esp scripts - - Copyright (C) Andrew Tridgell 2005 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "pwd.h" -#include "web_server/esp/esp.h" -#include "param/loadparm.h" -#include "lib/ldb/include/ldb.h" - - -/* try to authenticate the user/password pair against system auth mechanisms - returns 0 on success - returns -1 on error - - fills in the session structure properly in case of success - NOTE: Currently only PAM Auth is supported -*/ - -static int esp_unixAuth(struct EspRequest *ep, int argc, struct MprVar **argv) -{ - TALLOC_CTX *tmp_ctx = talloc_new(ep); - const char *username; - const char *password; - struct passwd *pwd; - int ret; - - if (argc != 2 || argv[0]->type != MPR_TYPE_STRING || - argv[1]->type != MPR_TYPE_STRING) { - espError(ep, "unixAuth invalid arguments"); - ret = -1; - goto done; - } - - username = mprToString(argv[0]); - password = mprToString(argv[1]); - - if (username == NULL || password == NULL) { - espError(ep, "unixAuth invalid arguments"); - ret = -1; - goto done; - } - - /* TODO: find out how to pass the real client name/address here */ - if (NT_STATUS_IS_OK(unix_passcheck(tmp_ctx, "client", username, password))) { - - pwd = getpwnam(username); - if (!pwd) { - espSetReturn(ep, mprCreateIntegerVar(-1)); - ret = -1; - goto done; - } - - mprSetPropertyValue(&ep->variables[ESP_SESSION_OBJ], - "AUTHENTICATED", mprCreateStringVar("1", 0)); - mprSetPropertyValue(&ep->variables[ESP_SESSION_OBJ], - "USERNAME", mprCreateStringVar(username, 0)); - - if (pwd->pw_uid == 0) { /* we are root */ - - mprSetPropertyValue(&ep->variables[ESP_SESSION_OBJ], - "PRIVILEGE", mprCreateStringVar("ADMIN", 0)); - } else { - mprSetPropertyValue(&ep->variables[ESP_SESSION_OBJ], - "PRIVILEGE", mprCreateStringVar("USER", 0)); - } - - espSetReturn(ep, mprCreateIntegerVar(0)); - } else { - if (mprGetProperty(&ep->variables[ESP_SESSION_OBJ], "AUTHENTICATED", 0) != 0) { - mprDeleteProperty(&ep->variables[ESP_SESSION_OBJ], "AUTHENTICATED"); - } - espSetReturn(ep, mprCreateIntegerVar(-1)); - } - -done: - talloc_free(tmp_ctx); - return ret; -} - -/* - setup the C functions that be called from ejs -*/ -void http_setup_ejs_functions(void) -{ - espDefineCFunction(NULL, "unixAuth", esp_unixAuth, NULL); -} |