[MINOR] generic auth support with groups and encrypted passwords
Add generic authentication & authorization support.
Groups are implemented as bitmaps so the count is limited to
sizeof(int)*8 == 32.
Encrypted passwords are supported with libcrypt and crypt(3), so it is
possible to use any method supported by your system. For example modern
Linux/glibc instalations support MD5/SHA-256/SHA-512 and of course classic,
DES-based encryption.
diff --git a/include/types/auth.h b/include/types/auth.h
new file mode 100644
index 0000000..d278de6
--- /dev/null
+++ b/include/types/auth.h
@@ -0,0 +1,73 @@
+/*
+ * User authentication & authorization.
+ *
+ * Copyright 2010 Krzysztof Piotr Oledzki <ole@ans.pl>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version
+ * 2 of the License, or (at your option) any later version.
+ *
+ */
+
+#ifndef _TYPES_AUTH_H
+#define _TYPES_AUTH_H
+
+#include <common/config.h>
+#include <common/mini-clist.h>
+
+#include <types/auth.h>
+
+#define MAX_AUTH_GROUPS (unsigned int)(sizeof(int)*8)
+
+#define AU_O_INSECURE 0x00000001 /* insecure, unencrypted password */
+
+enum {
+ PR_REQ_ACL_ACT_UNKNOWN = 0,
+ PR_REQ_ACL_ACT_ALLOW,
+ PR_REQ_ACL_ACT_DENY,
+ PR_REQ_ACL_ACT_HTTP_AUTH,
+
+ PR_REQ_ACL_ACT_MAX
+};
+
+
+struct req_acl_rule {
+ struct list list;
+ struct acl_cond *cond; /* acl condition to meet */
+ unsigned int action;
+ union {
+ struct {
+ char *realm;
+ } http_auth;
+ };
+};
+
+struct auth_users {
+ struct auth_users *next;
+ unsigned int flags;
+ char *user, *pass;
+ union {
+ char *groups;
+ unsigned int group_mask;
+ };
+};
+
+struct userlist {
+ struct userlist *next;
+ char *name;
+ struct auth_users *users;
+ int grpcnt;
+ char *groups[MAX_AUTH_GROUPS];
+ char **groupusers;
+};
+
+#endif /* _TYPES_AUTH_H */
+
+/*
+ * Local variables:
+ * c-indent-level: 8
+ * c-basic-offset: 8
+ * End:
+ */
+