iPXE
httpbasic.c
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2015 Michael Brown <mbrown@fensystems.co.uk>.
3  *
4  * This program is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU General Public License as
6  * published by the Free Software Foundation; either version 2 of the
7  * License, or any later version.
8  *
9  * This program is distributed in the hope that it will be useful, but
10  * WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12  * General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17  * 02110-1301, USA.
18  *
19  * You can also choose to distribute this program under the terms of
20  * the Unmodified Binary Distribution Licence (as given in the file
21  * COPYING.UBDL), provided that you have satisfied its requirements.
22  */
23 
24 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
25 
26 /**
27  * @file
28  *
29  * Hyper Text Transfer Protocol (HTTP) Basic authentication
30  *
31  */
32 
33 #include <stdio.h>
34 #include <errno.h>
35 #include <ipxe/uri.h>
36 #include <ipxe/base64.h>
37 #include <ipxe/http.h>
38 
39 /* Disambiguate the various error causes */
40 #define EACCES_USERNAME __einfo_error ( EINFO_EACCES_USERNAME )
41 #define EINFO_EACCES_USERNAME \
42  __einfo_uniqify ( EINFO_EACCES, 0x01, \
43  "No username available for Basic authentication" )
44 
45 /**
46  * Parse HTTP "WWW-Authenticate" header for Basic authentication
47  *
48  * @v http HTTP transaction
49  * @v line Remaining header line
50  * @ret rc Return status code
51  */
52 static int http_parse_basic_auth ( struct http_transaction *http,
53  char *line __unused ) {
54 
55  /* Allow HTTP request to be retried if the request had not
56  * already tried authentication.
57  */
58  if ( ! http->request.auth.auth )
60 
61  return 0;
62 }
63 
64 /**
65  * Perform HTTP Basic authentication
66  *
67  * @v http HTTP transaction
68  * @ret rc Return status code
69  */
70 static int http_basic_authenticate ( struct http_transaction *http ) {
71  struct http_request_auth_basic *req = &http->request.auth.basic;
72 
73  /* Record username and password */
74  if ( ! http->uri->user ) {
75  DBGC ( http, "HTTP %p has no username for Basic "
76  "authentication\n", http );
77  return -EACCES_USERNAME;
78  }
79  req->username = http->uri->user;
80  req->password = ( http->uri->password ? http->uri->password : "" );
81 
82  return 0;
83 }
84 
85 /**
86  * Construct HTTP "Authorization" header for Basic authentication
87  *
88  * @v http HTTP transaction
89  * @v buf Buffer
90  * @v len Length of buffer
91  * @ret len Length of header value, or negative error
92  */
93 static int http_format_basic_auth ( struct http_transaction *http,
94  char *buf, size_t len ) {
95  struct http_request_auth_basic *req = &http->request.auth.basic;
96  size_t user_pw_len = ( strlen ( req->username ) + 1 /* ":" */ +
97  strlen ( req->password ) );
98  char user_pw[ user_pw_len + 1 /* NUL */ ];
99 
100  /* Sanity checks */
101  assert ( req->username != NULL );
102  assert ( req->password != NULL );
103 
104  /* Construct "user:password" string */
105  snprintf ( user_pw, sizeof ( user_pw ), "%s:%s",
106  req->username, req->password );
107 
108  /* Construct response */
109  return base64_encode ( user_pw, user_pw_len, buf, len );
110 }
111 
112 /** HTTP Basic authentication scheme */
113 struct http_authentication http_basic_auth __http_authentication = {
114  .name = "Basic",
115  .parse = http_parse_basic_auth,
116  .authenticate = http_basic_authenticate,
117  .format = http_format_basic_auth,
118 };
119 
120 /* Drag in HTTP authentication support */
121 REQUIRING_SYMBOL ( http_basic_auth );
122 REQUIRE_OBJECT ( httpauth );
unsigned int flags
Flags.
Definition: http.h:350
Error codes.
#define DBGC(...)
Definition: compiler.h:505
struct uri * uri
Request URI.
Definition: http.h:432
An HTTP authentication scheme.
Definition: http.h:516
FILE_LICENCE(GPL2_OR_LATER_OR_UBDL)
Uniform Resource Identifiers.
REQUIRING_SYMBOL(http_basic_auth)
#define EACCES_USERNAME
Definition: httpbasic.c:40
struct http_request request
Request.
Definition: http.h:434
struct http_response response
Response.
Definition: http.h:436
An HTTP transaction.
Definition: http.h:415
Hyper Text Transport Protocol.
const char * username
Username.
Definition: http.h:155
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
struct http_request_auth auth
Authentication descriptor.
Definition: http.h:222
static int http_basic_authenticate(struct http_transaction *http)
Perform HTTP Basic authentication.
Definition: httpbasic.c:70
struct http_authentication http_basic_auth __http_authentication
HTTP Basic authentication scheme.
Definition: httpbasic.c:113
struct http_authentication * auth
Authentication scheme (if any)
Definition: http.h:189
static int http_format_basic_auth(struct http_transaction *http, char *buf, size_t len)
Construct HTTP "Authorization" header for Basic authentication.
Definition: httpbasic.c:93
size_t strlen(const char *src)
Get length of string.
Definition: string.c:243
Base64 encoding.
#define __unused
Declare a variable or data structure as unused.
Definition: compiler.h:573
uint32_t len
Length.
Definition: ena.h:14
const char * password
Password.
Definition: http.h:157
const char * name
Name (e.g.
Definition: http.h:518
const char * password
Password.
Definition: uri.h:74
const char * user
User name.
Definition: uri.h:72
int snprintf(char *buf, size_t size, const char *fmt,...)
Write a formatted string to a buffer.
Definition: vsprintf.c:382
Transaction may be retried on failure.
Definition: http.h:360
HTTP request Basic authentication descriptor.
Definition: http.h:153
REQUIRE_OBJECT(httpauth)
#define NULL
NULL pointer (VOID *)
Definition: Base.h:321
static int http_parse_basic_auth(struct http_transaction *http, char *line __unused)
Parse HTTP "WWW-Authenticate" header for Basic authentication.
Definition: httpbasic.c:52
size_t base64_encode(const void *raw, size_t raw_len, char *data, size_t len)
Base64-encode data.
Definition: base64.c:51
struct http_request_auth_basic basic
Basic authentication descriptor.
Definition: http.h:193