aboutsummaryrefslogtreecommitdiffstats
path: root/cgit.c
diff options
context:
space:
mode:
authorGravatar Jason A. Donenfeld <Jason@zx2c4.com>2014-01-15 05:49:31 (JST)
committerGravatar Jason A. Donenfeld <Jason@zx2c4.com>2014-01-16 10:28:12 (JST)
commitd6e9200cc35411f3f27426b608bcfdef9348e6d3 (patch)
tree9cdd921b03465458d10b99ff4357f79a810501c0 /cgit.c
parent3741254a6989b2837cd8d20480f152f0096bcb9a (diff)
downloadcgit-d6e9200cc35411f3f27426b608bcfdef9348e6d3.zip
cgit-d6e9200cc35411f3f27426b608bcfdef9348e6d3.tar.gz
auth: add basic authentication filter framework
This leverages the new lua support. See filters/simple-authentication.lua for explaination of how this works. There is also additional documentation in cgitrc.5.txt. Though this is a cookie-based approach, cgit's caching mechanism is preserved for authenticated pages. Very plugable and extendable depending on user needs. The sample script uses an HMAC-SHA1 based cookie to store the currently logged in user, with an expiration date. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'cgit.c')
-rw-r--r--cgit.c96
1 files changed, 94 insertions, 2 deletions
diff --git a/cgit.c b/cgit.c
index f3fe56b..c52ef33 100644
--- a/cgit.c
+++ b/cgit.c
@@ -192,6 +192,8 @@ static void config_cb(const char *name, const char *value)
192 ctx.cfg.commit_filter = cgit_new_filter(value, COMMIT); 192 ctx.cfg.commit_filter = cgit_new_filter(value, COMMIT);
193 else if (!strcmp(name, "email-filter")) 193 else if (!strcmp(name, "email-filter"))
194 ctx.cfg.email_filter = cgit_new_filter(value, EMAIL); 194 ctx.cfg.email_filter = cgit_new_filter(value, EMAIL);
195 else if (!strcmp(name, "auth-filter"))
196 ctx.cfg.auth_filter = cgit_new_filter(value, AUTH);
195 else if (!strcmp(name, "embedded")) 197 else if (!strcmp(name, "embedded"))
196 ctx.cfg.embedded = atoi(value); 198 ctx.cfg.embedded = atoi(value);
197 else if (!strcmp(name, "max-atom-items")) 199 else if (!strcmp(name, "max-atom-items"))
@@ -378,6 +380,10 @@ static void prepare_context(struct cgit_context *ctx)
378 ctx->env.script_name = getenv("SCRIPT_NAME"); 380 ctx->env.script_name = getenv("SCRIPT_NAME");
379 ctx->env.server_name = getenv("SERVER_NAME"); 381 ctx->env.server_name = getenv("SERVER_NAME");
380 ctx->env.server_port = getenv("SERVER_PORT"); 382 ctx->env.server_port = getenv("SERVER_PORT");
383 ctx->env.http_cookie = getenv("HTTP_COOKIE");
384 ctx->env.http_referer = getenv("HTTP_REFERER");
385 ctx->env.content_length = getenv("CONTENT_LENGTH") ? strtoul(getenv("CONTENT_LENGTH"), NULL, 10) : 0;
386 ctx->env.authenticated = 0;
381 ctx->page.mimetype = "text/html"; 387 ctx->page.mimetype = "text/html";
382 ctx->page.charset = PAGE_ENCODING; 388 ctx->page.charset = PAGE_ENCODING;
383 ctx->page.filename = NULL; 389 ctx->page.filename = NULL;
@@ -593,11 +599,92 @@ static int prepare_repo_cmd(struct cgit_context *ctx)
593 return 0; 599 return 0;
594} 600}
595 601
602static inline void open_auth_filter(struct cgit_context *ctx, const char *function)
603{
604 cgit_open_filter(ctx->cfg.auth_filter, function,
605 ctx->env.http_cookie ? ctx->env.http_cookie : "",
606 ctx->env.request_method ? ctx->env.request_method : "",
607 ctx->env.query_string ? ctx->env.query_string : "",
608 ctx->env.http_referer ? ctx->env.http_referer : "",
609 ctx->env.path_info ? ctx->env.path_info : "",
610 ctx->env.http_host ? ctx->env.http_host : "",
611 ctx->env.https ? ctx->env.https : "",
612 ctx->qry.repo ? ctx->qry.repo : "",
613 ctx->qry.page ? ctx->qry.page : "",
614 ctx->qry.url ? ctx->qry.url : "");
615}
616
617#define MAX_AUTHENTICATION_POST_BYTES 4096
618static inline void authenticate_post(struct cgit_context *ctx)
619{
620 if (ctx->env.http_referer && strlen(ctx->env.http_referer) > 0) {
621 html("Status: 302 Redirect\n");
622 html("Cache-Control: no-cache, no-store\n");
623 htmlf("Location: %s\n", ctx->env.http_referer);
624 } else {
625 html("Status: 501 Missing Referer\n");
626 html("Cache-Control: no-cache, no-store\n\n");
627 exit(0);
628 }
629
630 open_auth_filter(ctx, "authenticate-post");
631 char buffer[MAX_AUTHENTICATION_POST_BYTES];
632 int len;
633 len = ctx->env.content_length;
634 if (len > MAX_AUTHENTICATION_POST_BYTES)
635 len = MAX_AUTHENTICATION_POST_BYTES;
636 if (read(STDIN_FILENO, buffer, len) < 0)
637 die_errno("Could not read POST from stdin");
638 if (write(STDOUT_FILENO, buffer, len) < 0)
639 die_errno("Could not write POST to stdout");
640 /* The filter may now spit out a Set-Cookie: ... */
641 cgit_close_filter(ctx->cfg.auth_filter);
642
643 html("\n");
644 exit(0);
645}
646
647static inline void authenticate_cookie(struct cgit_context *ctx)
648{
649 /* If we don't have an auth_filter, consider all cookies valid, and thus return early. */
650 if (!ctx->cfg.auth_filter) {
651 ctx->env.authenticated = 1;
652 return;
653 }
654
655 /* If we're having something POST'd to /login, we're authenticating POST,
656 * instead of the cookie, so call authenticate_post and bail out early.
657 * This pattern here should match /?p=login with POST. */
658 if (ctx->env.request_method && ctx->qry.page && !ctx->repo && \
659 !strcmp(ctx->env.request_method, "POST") && !strcmp(ctx->qry.page, "login")) {
660 authenticate_post(ctx);
661 return;
662 }
663
664 /* If we've made it this far, we're authenticating the cookie for real, so do that. */
665 open_auth_filter(ctx, "authenticate-cookie");
666 ctx->env.authenticated = cgit_close_filter(ctx->cfg.auth_filter);
667}
668
596static void process_request(void *cbdata) 669static void process_request(void *cbdata)
597{ 670{
598 struct cgit_context *ctx = cbdata; 671 struct cgit_context *ctx = cbdata;
599 struct cgit_cmd *cmd; 672 struct cgit_cmd *cmd;
600 673
674 /* If we're not yet authenticated, no matter what page we're on,
675 * display the authentication body from the auth_filter. This should
676 * never be cached. */
677 if (!ctx->env.authenticated) {
678 ctx->page.title = "Authentication Required";
679 cgit_print_http_headers(ctx);
680 cgit_print_docstart(ctx);
681 cgit_print_pageheader(ctx);
682 open_auth_filter(ctx, "body");
683 cgit_close_filter(ctx->cfg.auth_filter);
684 cgit_print_docend();
685 return;
686 }
687
601 cmd = cgit_get_cmd(ctx); 688 cmd = cgit_get_cmd(ctx);
602 if (!cmd) { 689 if (!cmd) {
603 ctx->page.title = "cgit error"; 690 ctx->page.title = "cgit error";
@@ -911,6 +998,7 @@ int main(int argc, const char **argv)
911 int err, ttl; 998 int err, ttl;
912 999
913 cgit_init_filters(); 1000 cgit_init_filters();
1001 atexit(cgit_cleanup_filters);
914 1002
915 prepare_context(&ctx); 1003 prepare_context(&ctx);
916 cgit_repolist.length = 0; 1004 cgit_repolist.length = 0;
@@ -948,18 +1036,22 @@ int main(int argc, const char **argv)
948 cgit_parse_url(ctx.qry.url); 1036 cgit_parse_url(ctx.qry.url);
949 } 1037 }
950 1038
1039 /* Before we go any further, we set ctx.env.authenticated by checking to see
1040 * if the supplied cookie is valid. All cookies are valid if there is no
1041 * auth_filter. If there is an auth_filter, the filter decides. */
1042 authenticate_cookie(&ctx);
1043
951 ttl = calc_ttl(); 1044 ttl = calc_ttl();
952 if (ttl < 0) 1045 if (ttl < 0)
953 ctx.page.expires += 10 * 365 * 24 * 60 * 60; /* 10 years */ 1046 ctx.page.expires += 10 * 365 * 24 * 60 * 60; /* 10 years */
954 else 1047 else
955 ctx.page.expires += ttl * 60; 1048 ctx.page.expires += ttl * 60;
956 if (ctx.env.request_method && !strcmp(ctx.env.request_method, "HEAD")) 1049 if (!ctx.env.authenticated || (ctx.env.request_method && !strcmp(ctx.env.request_method, "HEAD")))
957 ctx.cfg.nocache = 1; 1050 ctx.cfg.nocache = 1;
958 if (ctx.cfg.nocache) 1051 if (ctx.cfg.nocache)
959 ctx.cfg.cache_size = 0; 1052 ctx.cfg.cache_size = 0;
960 err = cache_process(ctx.cfg.cache_size, ctx.cfg.cache_root, 1053 err = cache_process(ctx.cfg.cache_size, ctx.cfg.cache_root,
961 ctx.qry.raw, ttl, process_request, &ctx); 1054 ctx.qry.raw, ttl, process_request, &ctx);
962 cgit_cleanup_filters();
963 if (err) 1055 if (err)
964 cgit_print_error("Error processing page: %s (%d)", 1056 cgit_print_error("Error processing page: %s (%d)",
965 strerror(err), err); 1057 strerror(err), err);