2 Unix SMB/CIFS implementation.
4 provide hooks into C calls from esp scripts
6 Copyright (C) Andrew Tridgell 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 #include "web_server/esp/esp.h"
26 #include "param/loadparm.h"
27 #include "lib/ldb/include/ldb.h"
30 /* try to authenticate the user/password pair against system auth mechanisms
34 fills in the session structure properly in case of success
35 NOTE: Currently only PAM Auth is supported
38 static int esp_unixAuth(struct EspRequest *ep, int argc, struct MprVar **argv)
40 TALLOC_CTX *tmp_ctx = talloc_new(ep);
46 if (argc != 2 || argv[0]->type != MPR_TYPE_STRING ||
47 argv[1]->type != MPR_TYPE_STRING) {
48 espError(ep, "unixAuth invalid arguments");
53 username = mprToString(argv[0]);
54 password = mprToString(argv[1]);
56 if (username == NULL || password == NULL) {
57 espError(ep, "unixAuth invalid arguments");
62 /* TODO: find out how to pass the real client name/address here */
63 if (NT_STATUS_IS_OK(unix_passcheck(tmp_ctx, "client", username, password))) {
65 pwd = getpwnam(username);
67 espSetReturn(ep, mprCreateIntegerVar(-1));
72 mprSetPropertyValue(&ep->variables[ESP_SESSION_OBJ],
73 "AUTHENTICATED", mprCreateStringVar("1", 0));
74 mprSetPropertyValue(&ep->variables[ESP_SESSION_OBJ],
75 "USERNAME", mprCreateStringVar(username, 0));
77 if (pwd->pw_uid == 0) { /* we are root */
79 mprSetPropertyValue(&ep->variables[ESP_SESSION_OBJ],
80 "PRIVILEGE", mprCreateStringVar("ADMIN", 0));
82 mprSetPropertyValue(&ep->variables[ESP_SESSION_OBJ],
83 "PRIVILEGE", mprCreateStringVar("USER", 0));
86 espSetReturn(ep, mprCreateIntegerVar(0));
88 if (mprGetProperty(&ep->variables[ESP_SESSION_OBJ], "AUTHENTICATED", 0) != 0) {
89 mprDeleteProperty(&ep->variables[ESP_SESSION_OBJ], "AUTHENTICATED");
91 espSetReturn(ep, mprCreateIntegerVar(-1));
100 setup the C functions that be called from ejs
102 void http_setup_ejs_functions(void)
104 espDefineCFunction(NULL, "unixAuth", esp_unixAuth, NULL);