Changeset fc257c3a0ca0ba485d58c775959836e7fdc50721

Show
Ignore:
Timestamp:
10/02/09 13:56:46 (5 years ago)
Author:
Theo Schlossnagle <jesus@omniti.com>
git-committer:
Theo Schlossnagle <jesus@omniti.com> 1254491806 +0000
git-parent:

[65a01d99436a074114d89ea53959bfd58ccb7374]

git-author:
Theo Schlossnagle <jesus@omniti.com> 1254491806 +0000
Message:

closes #196

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved
  • src/noit_check_rest.c

    rbe06bdd rfc257c3  
    586586void 
    587587noit_check_rest_init() { 
    588   assert(noit_http_rest_register
     588  assert(noit_http_rest_register_auth
    589589    "GET", "/checks/", "^show(/.*)(?<=/)(" UUID_REGEX ")$", 
    590     rest_show_check 
     590    rest_show_check, noit_http_rest_client_cert_auth 
    591591  ) == 0); 
    592   assert(noit_http_rest_register
     592  assert(noit_http_rest_register_auth
    593593    "PUT", "/checks/", "^set(/.*)(?<=/)(" UUID_REGEX ")$", 
    594     rest_set_check 
     594    rest_set_check, noit_http_rest_client_cert_auth 
    595595  ) == 0); 
    596   assert(noit_http_rest_register
     596  assert(noit_http_rest_register_auth
    597597    "DELETE", "/checks/", "^delete(/.*)(?<=/)(" UUID_REGEX ")$", 
    598     rest_delete_check 
     598    rest_delete_check, noit_http_rest_client_cert_auth 
    599599  ) == 0); 
    600600} 
  • src/noit_filters_rest.c

    r75ee62d rfc257c3  
    234234void 
    235235noit_filters_rest_init() { 
    236   assert(noit_http_rest_register
     236  assert(noit_http_rest_register_auth
    237237    "GET", "/filters/", "^show(/.*)(?<=/)([^/]+)$", 
    238     rest_show_filter 
     238    rest_show_filter, noit_http_rest_client_cert_auth 
    239239  ) == 0); 
    240   assert(noit_http_rest_register
     240  assert(noit_http_rest_register_auth
    241241    "PUT", "/filters/", "^set(/.*)(?<=/)([^/]+)$", 
    242     rest_set_filter 
     242    rest_set_filter, noit_http_rest_client_cert_auth 
    243243  ) == 0); 
    244   assert(noit_http_rest_register
     244  assert(noit_http_rest_register_auth
    245245    "DELETE", "/filters/", "^delete(/.*)(?<=/)([^/]+)$", 
    246     rest_delete_filter 
     246    rest_delete_filter, noit_http_rest_client_cert_auth 
    247247  ) == 0); 
    248248} 
  • src/noit_rest.c

    r8504a3b rfc257c3  
    5252  pcre_extra *extra; 
    5353  rest_request_handler handler; 
     54  rest_authorize_func_t auth; 
    5455  /* Chain to the next one */ 
    5556  struct rest_url_dispatcher *next; 
     
    6364noit_hash_table dispatch_points = NOIT_HASH_EMPTY; 
    6465 
     66static int 
     67noit_http_rest_permission_denied(noit_http_rest_closure_t *restc, 
     68                                 int npats, char **pats) { 
     69  noit_http_session_ctx *ctx = restc->http_ctx; 
     70  noit_http_response_standard(ctx, 403, "DENIED", "text/xml"); 
     71  noit_http_response_end(ctx); 
     72  return 0; 
     73} 
    6574static rest_request_handler 
    6675noit_http_get_handler(noit_http_rest_closure_t *restc) { 
     
    106115        } 
    107116      } 
     117      if(rule->auth && !rule->auth(restc, restc->nparams, restc->params)) 
     118        return noit_http_rest_permission_denied; 
    108119      return restc->fastpath; 
    109120    } 
    110121  } 
    111122  return NULL; 
     123} 
     124noit_boolean 
     125noit_http_rest_client_cert_auth(noit_http_rest_closure_t *restc, 
     126                                int npats, char **pats) { 
     127  if(!restc->remote_cn || !strlen(restc->remote_cn)) return noit_false; 
     128  return noit_true; 
    112129} 
    113130int 
    114131noit_http_rest_register(const char *method, const char *base, 
    115132                        const char *expr, rest_request_handler f) { 
     133  return noit_http_rest_register_auth(method, base, expr, f, NULL); 
     134} 
     135int 
     136noit_http_rest_register_auth(const char *method, const char *base, 
     137                             const char *expr, rest_request_handler f, 
     138                             rest_authorize_func_t auth) { 
    116139  void *vcont; 
    117140  struct rule_container *cont; 
     
    134157  rule->extra = pcre_study(rule->expression, 0, &error); 
    135158  rule->handler = f; 
     159  rule->auth = auth; 
    136160 
    137161  /* Make sure we have a container */ 
  • src/noit_rest.h

    r3c56016 rfc257c3  
    4848typedef int (*rest_request_handler)(noit_http_rest_closure_t *, 
    4949                                    int npats, char **pats); 
    50  
     50typedef noit_boolean (*rest_authorize_func_t)(noit_http_rest_closure_t *, 
     51                                              int npats, char **pats); 
    5152struct noit_http_rest_closure { 
    5253  noit_http_session_ctx *http_ctx; 
     
    6364API_EXPORT(void) noit_http_rest_init(); 
    6465 
     66API_EXPORT(noit_boolean) 
     67  noit_http_rest_client_cert_auth(noit_http_rest_closure_t *restc, 
     68                                  int npats, char **pats); 
     69 
    6570API_EXPORT(int) 
    6671  noit_http_rest_register(const char *method, const char *base, 
    6772                          const char *expression, rest_request_handler f); 
     73 
     74API_EXPORT(int) 
     75  noit_http_rest_register_auth(const char *method, const char *base, 
     76                               const char *expression, rest_request_handler f, 
     77                               rest_authorize_func_t auth); 
    6878 
    6979API_EXPORT(xmlDocPtr) 
  • src/stratcon_jlog_streamer.c

    r8ad126b rfc257c3  
    10001000  register_console_streamer_commands(); 
    10011001  stratcon_jlog_streamer_reload(toplevel); 
    1002   assert(noit_http_rest_register( 
    1003     "GET", "/noits/", "^show$", rest_show_noits 
     1002  assert(noit_http_rest_register_auth( 
     1003    "GET", "/noits/", "^show$", rest_show_noits, 
     1004             noit_http_rest_client_cert_auth 
    10041005  ) == 0); 
    10051006}