[spiceterm.git] / auth-pve.c

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>

#include "spiceterm.h"

static char *auth_path = "/";
static char *auth_perm = "Sys.Console";

void 
pve_auth_set_path(char *path) 
{
    auth_path = path;
}

void 
pve_auth_set_permissions(char *perm) 
{
    auth_perm = perm;
}

static char *
urlencode(char *buf, const char *value)
{
    static const char *hexchar = "0123456789abcdef";
    char *p = buf;
    int i;
    int l = strlen(value);
    for (i = 0; i < l; i++) {
        char c = value[i];
        if (('a' <= c && c <= 'z') ||
            ('A' <= c && c <= 'Z') ||
            ('0' <= c && c <= '9')) {
            *p++ = c;
        } else if (c == 32) {
            *p++ = '+';
        } else {
            *p++ = '%';
            *p++ = hexchar[c >> 4];
            *p++ = hexchar[c & 15];
        }
    }
    *p = 0;

    return p;
}

int 
pve_auth_verify(const char *clientip, const char *username, const char *passwd)
{
    struct sockaddr_in server;

    int sfd = socket(AF_INET, SOCK_STREAM, 0);
    if (sfd == -1) {
        perror("pve_auth_verify: socket failed");
        return -1;
    }

    struct hostent *he;
    if ((he = gethostbyname("localhost")) == NULL) {
        fprintf(stderr, "pve_auth_verify: error resolving hostname\n");
        goto err;
    }

    memcpy(&server.sin_addr, he->h_addr_list[0], he->h_length);
    server.sin_family = AF_INET;
    server.sin_port = htons(85);

    if (connect(sfd, (struct sockaddr *)&server, sizeof(server))) {
        perror("pve_auth_verify: error connecting to server");
        goto err;
    }

    char buf[8192];
    char form[8192];

    char *p = form;
    p = urlencode(p, "username");
    *p++ = '=';
    p = urlencode(p, username);

    *p++ = '&';
    p = urlencode(p, "password");
    *p++ = '=';
    p = urlencode(p, passwd);

    *p++ = '&';
    p = urlencode(p, "path");
    *p++ = '=';
    p = urlencode(p, auth_path);

    *p++ = '&';
    p = urlencode(p, "privs");
    *p++ = '=';
    p = urlencode(p, auth_perm);

    sprintf(buf, "POST /api2/json/access/ticket HTTP/1.1\n"
            "Host: localhost:85\n"
            "Connection: close\n"
            "PVEClientIP: %s\n"
            "Content-Type: application/x-www-form-urlencoded\n"
            "Content-Length: %zd\n\n%s\n", clientip, strlen(form), form);
    ssize_t len = strlen(buf);
    ssize_t sb = send(sfd, buf, len, 0);
    if (sb < 0) {
        perror("pve_auth_verify: send failed");
        goto err;
    }
    if (sb != len) {
        fprintf(stderr, "pve_auth_verify: partial send error\n");
        goto err;
    }

    len = recv(sfd, buf, sizeof(buf) - 1, 0);
    if (len < 0) {
        perror("pve_auth_verify: recv failed");
        goto err;
    }

    buf[len] = 0;

    //printf("DATA:%s\n", buf);

    shutdown(sfd, SHUT_RDWR);

    if (!strncmp(buf, "HTTP/1.1 200 OK", 15)) {
        return 0;
    }

    char *firstline = strtok(buf, "\n");
    
    fprintf(stderr, "auth failed: %s\n", firstline);

    return -1;

err:
    shutdown(sfd, SHUT_RDWR);
    return -1;
}
Commit	Line	Data
1631c5a9 DM	1	#include <stdlib.h>
	2	#include <stdio.h>
	3	#include <string.h>
	4	#include <sys/types.h>
	5	#include <sys/socket.h>
	6	#include <netdb.h>
	7
	8	#include "spiceterm.h"
	9
	10	static char *auth_path = "/";
	11	static char *auth_perm = "Sys.Console";
	12
68c2b067 DM	13	void
	14	pve_auth_set_path(char *path)
	15	{
	16	auth_path = path;
	17	}
	18
	19	void
	20	pve_auth_set_permissions(char *perm)
	21	{
	22	auth_perm = perm;
	23	}
	24
1631c5a9 DM	25	static char *
	26	urlencode(char buf, const char value)
	27	{
	28	static const char *hexchar = "0123456789abcdef";
	29	char *p = buf;
	30	int i;
	31	int l = strlen(value);
	32	for (i = 0; i < l; i++) {
	33	char c = value[i];
	34	if (('a' <= c && c <= 'z') \|\|
	35	('A' <= c && c <= 'Z') \|\|
	36	('0' <= c && c <= '9')) {
	37	*p++ = c;
	38	} else if (c == 32) {
	39	*p++ = '+';
	40	} else {
	41	*p++ = '%';
	42	*p++ = hexchar[c >> 4];
	43	*p++ = hexchar[c & 15];
	44	}
	45	}
	46	*p = 0;
	47
	48	return p;
	49	}
	50
	51	int
	52	pve_auth_verify(const char clientip, const char username, const char *passwd)
	53	{
	54	struct sockaddr_in server;
	55
	56	int sfd = socket(AF_INET, SOCK_STREAM, 0);
	57	if (sfd == -1) {
	58	perror("pve_auth_verify: socket failed");
	59	return -1;
	60	}
	61
	62	struct hostent *he;
	63	if ((he = gethostbyname("localhost")) == NULL) {
	64	fprintf(stderr, "pve_auth_verify: error resolving hostname\n");
	65	goto err;
	66	}
	67
	68	memcpy(&server.sin_addr, he->h_addr_list[0], he->h_length);
	69	server.sin_family = AF_INET;
	70	server.sin_port = htons(85);
	71
	72	if (connect(sfd, (struct sockaddr *)&server, sizeof(server))) {
	73	perror("pve_auth_verify: error connecting to server");
	74	goto err;
	75	}
	76
	77	char buf[8192];
	78	char form[8192];
	79
	80	char *p = form;
	81	p = urlencode(p, "username");
	82	*p++ = '=';
	83	p = urlencode(p, username);
	84
	85	*p++ = '&';
	86	p = urlencode(p, "password");
	87	*p++ = '=';
	88	p = urlencode(p, passwd);
89
90	*p++ = '&';
91	p = urlencode(p, "path");
92	*p++ = '=';
93	p = urlencode(p, auth_path);
94
95	*p++ = '&';
96	p = urlencode(p, "privs");
97	*p++ = '=';
98	p = urlencode(p, auth_perm);
99
100	sprintf(buf, "POST /api2/json/access/ticket HTTP/1.1\n"
101	"Host: localhost:85\n"
102	"Connection: close\n"
103	"PVEClientIP: %s\n"
104	"Content-Type: application/x-www-form-urlencoded\n"
105	"Content-Length: %zd\n\n%s\n", clientip, strlen(form), form);
106	ssize_t len = strlen(buf);
107	ssize_t sb = send(sfd, buf, len, 0);
108	if (sb < 0) {
109	perror("pve_auth_verify: send failed");
110	goto err;
111	}
112	if (sb != len) {
113	fprintf(stderr, "pve_auth_verify: partial send error\n");
114	goto err;
115	}
116
117	len = recv(sfd, buf, sizeof(buf) - 1, 0);
118	if (len < 0) {
119	perror("pve_auth_verify: recv failed");
120	goto err;
121	}
122
123	buf[len] = 0;
124
125	//printf("DATA:%s\n", buf);
126
127	shutdown(sfd, SHUT_RDWR);
128
129	if (!strncmp(buf, "HTTP/1.1 200 OK", 15)) {
130	return 0;
131	}
132
133	char *firstline = strtok(buf, "\n");
134
135	fprintf(stderr, "auth failed: %s\n", firstline);
136
137	return -1;
138
139	err:
140	shutdown(sfd, SHUT_RDWR);
141	return -1;
142	}