#include "cgi.h"
Include dependency graph for cgi_access.c:
Go to the source code of this file.
Functions | |
void | CheckPass (CGINameValue *n, int *i, int value, char *pwd, char *field) |
int | GetSecurityFlags (char *argv0, char *host, char *database, char *pwd) |
Variables | |
int | CGILogLevel |
|
Definition at line 68 of file cgi_access.c. References GetField(), GetFieldValue, HasToken(), and stricmp(). Referenced by GetSecurityFlags(). 00069 { 00070 char * comp= GetFieldValue(n,field); 00071 00072 if (!*comp) return; /* default is to deny */ 00073 00074 if (!stricmp(comp,"(allow)")) 00075 *i |= value;/* grant all */ 00076 else if (!stricmp(comp,"(deny)")) 00077 return; 00078 00079 if (GetField(n,field)) 00080 if (HasToken(pwd,comp,0)) 00081 *i |= value; 00082 }
|
|
Gets global security for a site Definition at line 84 of file cgi_access.c. References CGI_ALLOW_ADMIN, CGI_ALLOW_ALL, CGI_ALLOW_APPEND, CGI_ALLOW_DELETE, CGI_ALLOW_NONE, CGI_ALLOW_READ, CGI_ALLOW_REPORT, CGI_ALLOW_UPDATE, CGI_ALLOW_WRITE, CheckAllowDeny(), CheckPass(), DeleteNVP(), ExpandLocalPath(), GetFieldValue, LogError(), MAXPATH, NULL, and ReadINIFileSection(). Referenced by CGImain(). 00085 { 00086 int i = CGI_ALLOW_NONE; /* default settings for a database */ 00087 CGINameValue *n; 00088 #ifdef CGI_ALLOW 00089 CGINameValue *m; 00090 #endif 00091 00092 int j = strcspn(database,"/.\\*?$|'\"<>~"); 00093 00094 if (database[j] != 0 || strlen(database) > 128 || strlen(pwd) > 128) 00095 { 00096 LogError("\nSecurity breach attempted\tHOST="); 00097 LogError(host); 00098 return CGI_ALLOW_NONE; 00099 } 00100 /* stop buffer overflow attacks */ 00101 00102 #ifdef CGI_ALLOW 00103 { 00104 char fn[MAXPATH]; 00105 ExpandLocalPath(argv0,fn,"cgi",".ini"); 00106 m = ReadINIFileSection(fn,"access",0); 00107 00108 /*m = LoadSettings(argv0,"cgi","access");*/ 00109 } 00110 #endif 00111 00112 n = NULL; 00113 if (database != NULL) 00114 if (database[0] != 0) 00115 { 00116 char fn[MAXPATH]; 00117 ExpandLocalPath(argv0,fn,database,".ini"); 00118 n = ReadINIFileSection(fn,"access",0); 00119 /*n = LoadSettings(argv0, database, "access");*/ 00120 } 00121 00122 if (n != NULL) 00123 { 00124 CheckPass(n,&i,CGI_ALLOW_READ,pwd,"PWDREAD"); 00125 CheckPass(n,&i,CGI_ALLOW_UPDATE,pwd,"PWDUPDATE"); 00126 CheckPass(n,&i,CGI_ALLOW_APPEND,pwd,"PWDAPPEND"); 00127 CheckPass(n,&i,CGI_ALLOW_DELETE,pwd,"PWDDELETE"); 00128 CheckPass(n,&i,CGI_ALLOW_WRITE,pwd,"PWDWRITE"); 00129 CheckPass(n,&i,CGI_ALLOW_ADMIN,pwd,"PWDADMIN"); 00130 CheckPass(n,&i,CGI_ALLOW_REPORT,pwd,"PWDREPORT"); 00131 CheckPass(n,&i,CGI_ALLOW_ALL,pwd,"PWD"); 00132 } 00133 00134 #ifdef CGI_ALLOW 00135 if (n != NULL) 00136 { 00137 if (CheckAllowDeny(host,GetFieldValue(n,"ALLOW"), 00138 GetFieldValue(n,"DENY")) ==0) i = CGI_ALLOW_NONE; 00139 00140 if (i && m != NULL) 00141 if (CheckAllowDeny(host,GetFieldValue(m,"ALLOW"), 00142 GetFieldValue(m,"DENY")) ==0) i = CGI_ALLOW_NONE; 00143 00144 if (i) CheckAllow(host,n,"ALLOWREAD","DENYREAD",CGI_ALLOW_READ,&i); 00145 if (i) CheckAllow(host,n,"ALLOWUPDATE","DENYUPDATE",CGI_ALLOW_UPDATE,&i); 00146 if (i) CheckAllow(host,n,"ALLOWAPPEND","DENYAPPEND",CGI_ALLOW_APPEND,&i); 00147 if (i) CheckAllow(host,n,"ALLOWWRITE","DENYWRITE",CGI_ALLOW_WRITE,&i); 00148 if (i) CheckAllow(host,n,"ALLOWDELETE","DENYDELETE",CGI_ALLOW_DELETE,&i); 00149 if (i) CheckAllow(host,n,"ALLOWREPORT","DENYREPORT",CGI_ALLOW_REPORT,&i); 00150 if (i) CheckAllow(host,n,"ALLOWADMIN","DENYADMIN",CGI_ALLOW_ADMIN,&i); 00151 } 00152 00153 /* if access is granted by the password, check domains */ 00154 if (m != NULL) 00155 { 00156 if (i) CheckAllow(host,m,"ALLOWREAD","DENYREAD",CGI_ALLOW_READ,&i); 00157 if (i) CheckAllow(host,m,"ALLOWUPDATE","DENYUPDATE",CGI_ALLOW_UPDATE,&i); 00158 if (i) CheckAllow(host,m,"ALLOWAPPEND","DENYAPPEND",CGI_ALLOW_APPEND,&i); 00159 if (i) CheckAllow(host,m,"ALLOWWRITE","DENYWRITE",CGI_ALLOW_WRITE,&i); 00160 if (i) CheckAllow(host,m,"ALLOWDELETE","DENYDELETE",CGI_ALLOW_DELETE,&i); 00161 if (i) CheckAllow(host,m,"ALLOWREPORT","DENYREPORT",CGI_ALLOW_REPORT,&i); 00162 if (i) CheckAllow(host,m,"ALLOWADMIN","DENYADMIN",CGI_ALLOW_ADMIN,&i); 00163 } 00164 00165 if (m != NULL) DeleteNVP(m); 00166 #endif 00167 00168 if (n != NULL) DeleteNVP(n); 00169 return i; 00170 }
|
|
Definition at line 50 of file cgi_log.c. Referenced by LogMessage(), LogStartup(), LogTrx(), and SetLoggingLevel(). |