iPXE
httpauth.c
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2015 Michael Brown <mbrown@fensystems.co.uk>.
3  *
4  * This program is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU General Public License as
6  * published by the Free Software Foundation; either version 2 of the
7  * License, or any later version.
8  *
9  * This program is distributed in the hope that it will be useful, but
10  * WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12  * General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17  * 02110-1301, USA.
18  *
19  * You can also choose to distribute this program under the terms of
20  * the Unmodified Binary Distribution Licence (as given in the file
21  * COPYING.UBDL), provided that you have satisfied its requirements.
22  */
23 
24 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
25 FILE_SECBOOT ( PERMITTED );
26 
27 /**
28  * @file
29  *
30  * Hyper Text Transfer Protocol (HTTP) authentication
31  *
32  */
33 
34 #include <stdio.h>
35 #include <strings.h>
36 #include <errno.h>
37 #include <ipxe/http.h>
38 
39 /**
40  * Identify authentication scheme
41  *
42  * @v http HTTP transaction
43  * @v name Scheme name
44  * @ret auth Authentication scheme, or NULL
45  */
46 static struct http_authentication * http_authentication ( const char *name ) {
47  struct http_authentication *auth;
48 
49  /* Identify authentication scheme */
50  for_each_table_entry ( auth, HTTP_AUTHENTICATIONS ) {
51  if ( strcasecmp ( name, auth->name ) == 0 )
52  return auth;
53  }
54 
55  return NULL;
56 }
57 
58 /**
59  * Parse HTTP "WWW-Authenticate" header
60  *
61  * @v http HTTP transaction
62  * @v line Remaining header line
63  * @ret rc Return status code
64  */
65 static int http_parse_www_authenticate ( struct http_transaction *http,
66  char *line ) {
67  struct http_authentication *auth;
68  char *name;
69  int rc;
70 
71  /* Get scheme name */
72  name = http_token ( &line, NULL );
73  if ( ! name ) {
74  DBGC ( http, "HTTP %p malformed WWW-Authenticate \"%s\"\n",
75  http, line );
76  return -EPROTO;
77  }
78 
79  /* Identify scheme */
80  auth = http_authentication ( name );
81  if ( ! auth ) {
82  DBGC ( http, "HTTP %p unrecognised authentication scheme "
83  "\"%s\"\n", http, name );
84  /* Ignore; the server may offer other schemes */
85  return 0;
86  }
87 
88  /* Use first supported scheme */
89  if ( http->response.auth.auth )
90  return 0;
91  http->response.auth.auth = auth;
92 
93  /* Parse remaining header line */
94  if ( ( rc = auth->parse ( http, line ) ) != 0 ) {
95  DBGC ( http, "HTTP %p could not parse %s WWW-Authenticate "
96  "\"%s\": %s\n", http, name, line, strerror ( rc ) );
97  return rc;
98  }
99 
100  return 0;
101 }
102 
103 /** HTTP "WWW-Authenticate" header */
104 struct http_response_header
105 http_response_www_authenticate __http_response_header = {
106  .name = "WWW-Authenticate",
107  .parse = http_parse_www_authenticate,
108 };
109 
110 /**
111  * Construct HTTP "Authorization" header
112  *
113  * @v http HTTP transaction
114  * @v buf Buffer
115  * @v len Length of buffer
116  * @ret len Length of header value, or negative error
117  */
118 static int http_format_authorization ( struct http_transaction *http,
119  char *buf, size_t len ) {
120  struct http_authentication *auth = http->request.auth.auth;
121  size_t used;
122  int auth_len;
123  int rc;
124 
125  /* Do nothing unless we have an authentication scheme */
126  if ( ! auth )
127  return 0;
128 
129  /* Construct header */
130  used = snprintf ( buf, len, "%s ", auth->name );
131  auth_len = auth->format ( http, ( buf + used ),
132  ( ( used < len ) ? ( len - used ) : 0 ) );
133  if ( auth_len < 0 ) {
134  rc = auth_len;
135  return rc;
136  }
137  used += auth_len;
138 
139  return used;
140 }
141 
142 /** HTTP "Authorization" header */
143 struct http_request_header http_request_authorization __http_request_header = {
144  .name = "Authorization",
145  .format = http_format_authorization,
146 };
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
name
const char * name
Definition: ath9k_hw.c:1986
http_authentication::format
int(* format)(struct http_transaction *http, char *buf, size_t len)
Construct remaining "Authorization" header line.
Definition: http.h:542
errno.h
Error codes.
http_request_header::name
const char * name
Header name (e.g.
Definition: http.h:229
DBGC
#define DBGC(...)
Definition: compiler.h:505
strcasecmp
int strcasecmp(const char *first, const char *second)
Compare case-insensitive strings.
Definition: string.c:209
http_authentication
An HTTP authentication scheme.
Definition: http.h:519
http_request_header
An HTTP request header.
Definition: http.h:227
http_response::auth
struct http_response_auth auth
Authorization descriptor.
Definition: http.h:347
FILE_LICENCE
FILE_LICENCE(GPL2_OR_LATER_OR_UBDL)
http_transaction::request
struct http_request request
Request.
Definition: http.h:437
http_transaction::response
struct http_response response
Response.
Definition: http.h:439
http_transaction
An HTTP transaction.
Definition: http.h:416
http.h
Hyper Text Transport Protocol.
http_request::auth
struct http_request_auth auth
Authentication descriptor.
Definition: http.h:223
len
ring len
Length.
Definition: dwmac.h:231
EPROTO
#define EPROTO
Protocol error.
Definition: errno.h:625
__http_request_header
struct http_request_header http_request_authorization __http_request_header
HTTP "Authorization" header.
Definition: httpauth.c:143
strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition: strerror.c:79
http_request_auth::auth
struct http_authentication * auth
Authentication scheme (if any)
Definition: http.h:190
http_response_header::name
const char * name
Header name (e.g.
Definition: http.h:367
http_parse_www_authenticate
static int http_parse_www_authenticate(struct http_transaction *http, char *line)
Parse HTTP "WWW-Authenticate" header.
Definition: httpauth.c:65
for_each_table_entry
#define for_each_table_entry(pointer, table)
Iterate through all entries within a linker table.
Definition: tables.h:386
http_token
char * http_token(char **line, char **value)
Get HTTP response token.
Definition: httpcore.c:196
FILE_SECBOOT
FILE_SECBOOT(PERMITTED)
http_response_auth::auth
struct http_authentication * auth
Authentication scheme (if any)
Definition: http.h:298
http_authentication::name
const char * name
Name (e.g.
Definition: http.h:521
snprintf
int snprintf(char *buf, size_t size, const char *fmt,...)
Write a formatted string to a buffer.
Definition: vsprintf.c:383
__http_response_header
struct http_response_header http_response_www_authenticate __http_response_header
HTTP "WWW-Authenticate" header.
Definition: httpauth.c:105
http_authentication::parse
int(* parse)(struct http_transaction *http, char *line)
Parse remaining "WWW-Authenticate" header line.
Definition: http.h:528
HTTP_AUTHENTICATIONS
#define HTTP_AUTHENTICATIONS
HTTP authentication scheme table.
Definition: http.h:547
http_format_authorization
static int http_format_authorization(struct http_transaction *http, char *buf, size_t len)
Construct HTTP "Authorization" header.
Definition: httpauth.c:118
NULL
#define NULL
NULL pointer (VOID *)
Definition: Base.h:322
http_authentication
static struct http_authentication * http_authentication(const char *name)
Identify authentication scheme.
Definition: httpauth.c:46
http_response_header
An HTTP response header.
Definition: http.h:365
strings.h
String functions.
Generated by   doxygen 1.8.15