|
libonion
|
|
libonion
|
#include <string.h>#include <stdlib.h>#include <unistd.h>#include <security/pam_appl.h>#include <onion/handler.h>#include <onion/response.h>#include <onion/codecs.h>#include <onion/log.h>#include <onion/dict.h>#include <onion/low.h>Data Structures | |
| struct | onion_handler_auth_pam_data_t |
Macros | |
| #define | RESPONSE_UNAUTHORIZED "<h1>Unauthorized access</h1>" |
Typedefs | |
| typedef struct onion_handler_auth_pam_data_t | onion_handler_auth_pam_data |
Functions | |
| int | authorize (const char *pamname, const char *username, const char *password) |
| Do the real authorization. Checks if access allowed. | |
| int | onion_handler_auth_pam_handler (onion_handler_auth_pam_data *d, onion_request *request, onion_response *res) |
| void | onion_handler_auth_pam_delete (onion_handler_auth_pam_data *d) |
| onion_handler * | onion_handler_auth_pam (const char *realm, const char *pamname, onion_handler *inside_level) |
| Creates an path handler. If the path matches the regex, it reomves that from the regexp and goes to the inside_level. | |
| #define RESPONSE_UNAUTHORIZED "<h1>Unauthorized access</h1>" |
Referenced by onion_handler_auth_pam_handler().
| typedef struct onion_handler_auth_pam_data_t onion_handler_auth_pam_data |
| int authorize | ( | const char * | pamname, |
| const char * | username, | ||
| const char * | password | ||
| ) |
Do the real authorization. Checks if access allowed.
References ONION_DEBUG, ONION_ERROR, and ONION_WARNING.
Referenced by onion_handler_auth_pam_handler().
| onion_handler* onion_handler_auth_pam | ( | const char * | realm, |
| const char * | pamname, | ||
| onion_handler * | inside_level | ||
| ) |
Creates an path handler. If the path matches the regex, it reomves that from the regexp and goes to the inside_level.
Creates an auth handler that do not allow to pass unless user is authenticated using a pam name.
If on the inside level nobody answers, it just returns NULL, so ->next can answer.
References onion_handler_auth_pam_data_t::inside, onion_handler_auth_pam_delete(), onion_handler_auth_pam_handler(), onion_handler_t::onion_handler_new(), onion_low_malloc(), onion_low_strdup(), onion_handler_auth_pam_data_t::pamname, and onion_handler_auth_pam_data_t::realm.
| void onion_handler_auth_pam_delete | ( | onion_handler_auth_pam_data * | d | ) |
| int onion_handler_auth_pam_handler | ( | onion_handler_auth_pam_data * | d, |
| onion_request * | request, | ||
| onion_response * | res | ||
| ) |
Use session to know if already logged in, so do not mess with PAM so often.
References authorize(), HTTP_UNAUTHORIZED, onion_handler_auth_pam_data_t::inside, OCS_PROCESSED, OD_DUP_VALUE, OD_REPLACE, onion_base64_decode(), onion_dict_t::onion_dict_add(), onion_dict_t::onion_dict_lock_write(), onion_dict_t::onion_dict_unlock(), onion_handler_t::onion_handler_handle(), onion_low_free(), onion_request_t::onion_request_get_header(), onion_request_t::onion_request_get_session(), onion_request_t::onion_request_get_session_dict(), onion_response_t::onion_response_set_code(), onion_response_t::onion_response_set_header(), onion_response_t::onion_response_set_length(), onion_response_t::onion_response_write(), onion_handler_auth_pam_data_t::pamname, onion_handler_auth_pam_data_t::realm, and RESPONSE_UNAUTHORIZED.
Referenced by onion_handler_auth_pam().
1.8.1.2