TakeV
/
ncsa-mosaic
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2024-01-04. You can view files and clone it, but cannot push or open issues or pull requests.
ncsa-mosaic/libwww2/HTPasswd.h

128 lines
4.6 KiB
C
Raw Permalink Blame History

/* PASSWORD FILE ROUTINES
*/
#ifndef HTPASSWD_H
#define HTPASSWD_H
#include "HTUtils.h"
#include "HTList.h"
#ifdef SHORT_NAMES
#define HTAAenPw HTAA_encryptPasswd
#define HTAApwMa HTAA_passwdMatch
#define HTAAFrPR HTAAFile_readPasswdRec
#define HTAAchPw HTAA_checkPasswd
#endif /* SHORT_NAMES */
/*
User Authentication
HTAA_checkPassword(username,password,passwdfile)opens the password file, and checks if
the username-password pair is correct. Return value is YES, if and only if they are
correct. Otherwise, and also if the open fails, returns NO.
If the given password file name is NULL or an empty string, the default password file
name is used (macro PASSWD_FILE).
*/
/* PUBLIC HTAA_checkPassword()
** VALIDATE A USERNAME-PASSWORD PAIR
** ON ENTRY:
** username is a null-terminated string containing
** the client's username.
** password is a null-terminated string containing
** the client's corresponding password.
** filename is a null-terminated absolute filename
** for password file.
** If NULL or empty, the value of
** PASSWD_FILE is used.
** ON EXIT:
** returns YES, if the username-password pair was correct.
** NO, otherwise; also, if open fails.
*/
PUBLIC BOOL HTAA_checkPassword PARAMS((WWW_CONST char * username,
WWW_CONST char * password,
WWW_CONST char * filename));
/*
Password File Maintenance Routines
*/
/* PUBLIC HTAA_encryptPasswd()
** ENCRYPT PASSWORD TO THE FORM THAT IT IS SAVED
** IN THE PASSWORD FILE.
** ON ENTRY:
** password is a string of arbitrary lenght.
**
** ON EXIT:
** returns password in one-way encrypted form.
**
** NOTE:
** Uses currently the C library function crypt(), which
** only accepts at most 8 characters long strings and produces
** always 13 characters long strings. This function is
** called repeatedly so that longer strings can be encrypted.
** This is of course not as safe as encrypting the entire
** string at once, but then again, we are not that paranoid
** about the security inside the machine.
**
*/
PUBLIC char *HTAA_encryptPasswd PARAMS((WWW_CONST char * password));
/* PUBLIC HTAA_passwdMatch()
** VERIFY THE CORRECTNESS OF A GIVEN PASSWORD
** AGAINST A ONE-WAY ENCRYPTED FORM OF PASSWORD.
** ON ENTRY:
** password is cleartext password.
** encrypted is one-way encrypted password, as returned
** by function HTAA_encryptPasswd().
** This is typically read from the password
** file.
**
** ON EXIT:
** returns YES, if password matches the encrypted one.
** NO, if not, or if either parameter is NULL.
*/
PUBLIC BOOL HTAA_passwdMatch PARAMS((WWW_CONST char * password,
WWW_CONST char * encrypted));
/* PUBLIC HTAAFile_readPasswdRec()
** READ A RECORD FROM THE PASSWORD FILE
** ON ENTRY:
** fp open password file
** out_username buffer to put the read username, must be at
** least MAX_USERNAME_LEN+1 characters long.
** out_passwd buffer to put the read password, must be at
** least MAX_PASSWORD_LEN+1 characters long.
** ON EXIT:
** returns EOF on end of file,
** otherwise the number of read fields
** (i.e. in a correct case returns 2).
** out_username contains the null-terminated read username.
** out_password contains the null-terminated read password.
**
** FORMAT OF PASSWORD FILE:
** username:password:maybe real name or other stuff
** (may include even colons)
**
** There may be whitespace (blanks or tabs) in the beginning and
** the end of each field. They are ignored.
*/
PUBLIC int HTAAFile_readPasswdRec PARAMS((FILE * fp,
char * out_username,
char * out_password));
/*
*/
#endif /* not HTPASSWD_H */
/*
End of file HTPasswd.h. */
Reference in New Issue View Git Blame Copy Permalink