diff options
author | Lee Clagett <code@leeclagett.com> | 2016-12-08 20:28:28 -0500 |
---|---|---|
committer | Lee Clagett <code@leeclagett.com> | 2016-12-13 00:19:54 -0500 |
commit | bdc3d7496f0ba6ca8a8a5992a33ab617fec8058b (patch) | |
tree | e9122ee2e7fcf0898d4d1538d51a54c08fb3add7 /contrib/epee/include/net | |
parent | Merge pull request #1436 (diff) | |
download | monero-bdc3d7496f0ba6ca8a8a5992a33ab617fec8058b.tar.xz |
Adding HTTP Digest Auth (but not yet enabled)
Diffstat (limited to '')
-rw-r--r-- | contrib/epee/include/net/abstract_tcp_server2.inl | 7 | ||||
-rw-r--r-- | contrib/epee/include/net/http_auth.h | 81 | ||||
-rw-r--r-- | contrib/epee/include/net/http_protocol_handler.h | 15 | ||||
-rw-r--r-- | contrib/epee/include/net/http_server_impl_base.h | 6 |
4 files changed, 103 insertions, 6 deletions
diff --git a/contrib/epee/include/net/abstract_tcp_server2.inl b/contrib/epee/include/net/abstract_tcp_server2.inl index 3dca30006..834b5a7a6 100644 --- a/contrib/epee/include/net/abstract_tcp_server2.inl +++ b/contrib/epee/include/net/abstract_tcp_server2.inl @@ -683,7 +683,7 @@ PRAGMA_WARNING_DISABLE_VS(4355) m_sock_count(0), m_sock_number(0), m_threads_count(0), m_pfilter(NULL), m_thread_index(0), m_connection_type( connection_type ), - new_connection_(new connection<t_protocol_handler>(io_service_, m_config, m_sock_count, m_sock_number, m_pfilter, m_connection_type)) + new_connection_() { create_server_type_map(); m_thread_name_prefix = "NET"; @@ -697,7 +697,7 @@ PRAGMA_WARNING_DISABLE_VS(4355) m_sock_count(0), m_sock_number(0), m_threads_count(0), m_pfilter(NULL), m_thread_index(0), m_connection_type(connection_type), - new_connection_(new connection<t_protocol_handler>(io_service_, m_config, m_sock_count, m_sock_number, m_pfilter, connection_type)) + new_connection_() { create_server_type_map(); m_thread_name_prefix = "NET"; @@ -736,6 +736,7 @@ PRAGMA_WARNING_DISABLE_VS(4355) boost::asio::ip::tcp::endpoint binded_endpoint = acceptor_.local_endpoint(); m_port = binded_endpoint.port(); _fact_c("net/RPClog", "start accept"); + new_connection_.reset(new connection<t_protocol_handler>(io_service_, m_config, m_sock_count, m_sock_number, m_pfilter, m_connection_type)); acceptor_.async_accept(new_connection_->socket(), boost::bind(&boosted_tcp_server<t_protocol_handler>::handle_accept, this, boost::asio::placeholders::error)); @@ -1051,7 +1052,7 @@ POP_WARNINGS } else { - _erro("[sock " << new_connection_->socket().native_handle() << "] Failed to start connection, connections_count = " << m_sock_count); + _erro("[sock " << new_connection_l->socket().native_handle() << "] Failed to start connection, connections_count = " << m_sock_count); } new_connection_l->save_dbg_log(); diff --git a/contrib/epee/include/net/http_auth.h b/contrib/epee/include/net/http_auth.h new file mode 100644 index 000000000..1931b6115 --- /dev/null +++ b/contrib/epee/include/net/http_auth.h @@ -0,0 +1,81 @@ +// Copyright (c) 2014-2016, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +#pragma once + +#include <boost/optional/optional.hpp> +#include <cstdint> +#include "http_base.h" +#include <string> +#include <utility> + +namespace epee +{ +namespace net_utils +{ + namespace http + { + //! Implements RFC 2617 digest auth. Digests from RFC 7616 can be added. + class http_auth + { + public: + struct login + { + login() = delete; + std::string username; + std::string password; + }; + + struct session + { + session() = delete; + const login credentials; + std::string nonce; + std::uint32_t counter; + }; + + http_auth() : user() {} + http_auth(login credentials); + + //! \return Auth response, or `boost::none` iff `request` had valid auth. + boost::optional<http_response_info> get_response(const http_request_info& request) + { + if (user) + { + return process(request); + } + return boost::none; + } + + private: + boost::optional<http_response_info> process(const http_request_info& request); + + boost::optional<session> user; + }; + } +} +} diff --git a/contrib/epee/include/net/http_protocol_handler.h b/contrib/epee/include/net/http_protocol_handler.h index 40e3392db..3813f9d7c 100644 --- a/contrib/epee/include/net/http_protocol_handler.h +++ b/contrib/epee/include/net/http_protocol_handler.h @@ -30,9 +30,11 @@ #ifndef _HTTP_SERVER_H_ #define _HTTP_SERVER_H_ +#include <boost/optional/optional.hpp> #include <string> #include "net_utils_base.h" #include "to_nonconst_iterator.h" +#include "http_auth.h" #include "http_base.h" namespace epee @@ -50,6 +52,7 @@ namespace net_utils { std::string m_folder; std::string m_required_user_agent; + boost::optional<http_auth::login> m_user; critical_section m_lock; }; @@ -169,11 +172,20 @@ namespace net_utils http_custom_handler(i_service_endpoint* psnd_hndlr, config_type& config, t_connection_context& conn_context) : simple_http_connection_handler<t_connection_context>(psnd_hndlr, config), m_config(config), - m_conn_context(conn_context) + m_conn_context(conn_context), + m_auth(m_config.m_user ? http_auth{*m_config.m_user} : http_auth{}) {} inline bool handle_request(const http_request_info& query_info, http_response_info& response) { CHECK_AND_ASSERT_MES(m_config.m_phandler, false, "m_config.m_phandler is NULL!!!!"); + + const auto auth_response = m_auth.get_response(query_info); + if (auth_response) + { + response = std::move(*auth_response); + return true; + } + //fill with default values response.m_mime_tipe = "text/plain"; response.m_response_code = 200; @@ -202,6 +214,7 @@ namespace net_utils //simple_http_connection_handler::config_type m_stub_config; config_type& m_config; t_connection_context& m_conn_context; + http_auth m_auth; }; } } diff --git a/contrib/epee/include/net/http_server_impl_base.h b/contrib/epee/include/net/http_server_impl_base.h index 65fe5eed6..f6b2d6941 100644 --- a/contrib/epee/include/net/http_server_impl_base.h +++ b/contrib/epee/include/net/http_server_impl_base.h @@ -52,7 +52,8 @@ namespace epee : m_net_server(external_io_service) {} - bool init(const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0", const std::string &user_agent = "") + bool init(const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0", + std::string user_agent = "", boost::optional<net_utils::http::http_auth::login> user = boost::none) { //set self as callback handler @@ -62,7 +63,8 @@ namespace epee m_net_server.get_config_object().m_folder = ""; // workaround till we get auth/encryption - m_net_server.get_config_object().m_required_user_agent = user_agent; + m_net_server.get_config_object().m_required_user_agent = std::move(user_agent); + m_net_server.get_config_object().m_user = std::move(user); LOG_PRINT_L0("Binding on " << bind_ip << ":" << bind_port); bool res = m_net_server.init_server(bind_port, bind_ip); |