Back to index

im-sdk  12.3.91
IMAuth.cpp
Go to the documentation of this file.
00001 /*
00002 Copyright 1990-2001 Sun Microsystems, Inc. All Rights Reserved.
00003 
00004 Permission is hereby granted, free of charge, to any person obtaining a
00005 copy of this software and associated documentation files (the
00006 "Software"), to deal in the Software without restriction, including
00007 without limitation the rights to use, copy, modify, merge, publish,
00008 distribute, sublicense, and/or sell copies of the Software, and to
00009 permit persons to whom the Software is furnished to do so, subject to
00010 the following conditions: The above copyright notice and this
00011 permission notice shall be included in all copies or substantial
00012 portions of the Software.
00013 
00014 
00015 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
00016 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
00017 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
00018 IN NO EVENT SHALL THE OPEN GROUP OR SUN MICROSYSTEMS, INC. BE LIABLE
00019 FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
00020 CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH
00021 THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE EVEN IF
00022 ADVISED IN ADVANCE OF THE POSSIBILITY OF SUCH DAMAGES.
00023 
00024 
00025 Except as contained in this notice, the names of The Open Group and/or
00026 Sun Microsystems, Inc. shall not be used in advertising or otherwise to
00027 promote the sale, use or other dealings in this Software without prior
00028 written authorization from The Open Group and/or Sun Microsystems,
00029 Inc., as applicable.
00030 
00031 
00032 X Window System is a trademark of The Open Group
00033 
00034 OSF/1, OSF/Motif and Motif are registered trademarks, and OSF, the OSF
00035 logo, LBX, X Window System, and Xinerama are trademarks of the Open
00036 Group. All other trademarks and registered trademarks mentioned herein
00037 are the property of their respective owners. No right, title or
00038 interest in or to any trademark, service mark, logo or trade name of
00039 Sun Microsystems, Inc. or its licensors is granted.
00040 
00041 */
00042 
00043 #ifdef HAVE_CONFIG_H
00044 #include <config.h>
00045 #endif
00046 
00047 #include <stdlib.h>
00048 #include <string.h>
00049 #include <ctype.h>
00050 #include <alloca.h>
00051 #include <sys/types.h>
00052 #include <sys/socket.h>
00053 #include <netinet/in.h>
00054 #include <arpa/inet.h>
00055 #include <netdb.h>
00056 
00057 #ifdef HAVE_GETHOSTNAME
00058 #include <unistd.h>
00059 #endif
00060 
00061 #include "IMAuth.hh"
00062 #include "IMLog.hh"
00063 
00064 #include "iwrap.h"
00065 
00066 const int init_auth_entry_slot_num = 10;
00067 const int addr_elements_maxnum = (32 / 8);
00068 const int addr6_elements_maxnum = (128 / 16);
00069 const char* domainname_symbol_name = "DOMAINNAME";
00070 const char* hostname_symbol_name = "HOSTNAME";
00071 
00072 int
00073 compare_hostname(
00074     const char *h1,
00075     const char *h2
00076 )
00077 {
00078     while (*h1 && *h2) {
00079        if (tolower(*h1) != tolower(*h2)) return 0;
00080        h1++;
00081        h2++;
00082     }
00083     if ((*h1 == '\0') && (*h2 == '\0'))
00084        return 1;
00085 
00086     return 0;
00087 }
00088 
00089 int
00090 IMAuth::adjust_pae_slot_size(
00091     int num
00092 )
00093 {
00094     alloced_ae_num = num;
00095     pae = (auth_entry*) realloc(pae, sizeof(auth_entry) * alloced_ae_num);
00096     if (!pae) return 0;
00097     return 1;
00098 }
00099 
00100 IMAuth::pattern_type
00101 IMAuth::check_pattern_type(
00102     const char *pat
00103 )
00104 {
00105     const char *p;
00106     int i, bs;
00107 
00108     i = 1;
00109     bs = 0;
00110     for (p = pat; *p; p++) {
00111        if (isdigit(*p)) continue;
00112        if (bs == 1) {
00113            i = 0;
00114            break;
00115        }
00116        if (*p == '.') i++;
00117        else if (*p == '/')  bs = 1;
00118        else {
00119            i = 0;
00120            break;
00121        }
00122     }
00123     if (i == 4) return ADDR;
00124 
00125     {
00126        int f0 = 0;
00127        i = 1;
00128        for (p = pat; *p; p++) {
00129            if (bs == 1) {
00130               if (isdigit(*p)) continue;
00131            } else {
00132               if (isalnum(*p))  continue;
00133               if (*p == ':') {
00134                   if ((p > pat)
00135                      && p[-1] == ':') {
00136                      if (f0) break;
00137                      f0 = 1;
00138                   }
00139                   i++;
00140               } else if (*p == '/')  {
00141                   bs = 1;
00142               }
00143            }
00144            i = 0;
00145            break;
00146        }
00147        if ((i == 16)
00148            || (f0 && (i >= 2) && (i <= 16)))
00149            return ADDR6;
00150     }
00151 
00152   return HOSTNAME;
00153 }
00154 
00155 int
00156 IMAuth::
00157 addr_element_to_number(
00158     const char **addr
00159 )
00160 {
00161     int i, n;
00162     const char *q;
00163     char *qn;
00164     char an[4];
00165 
00166     i = 0;
00167     q = *addr;
00168     while (*q) {
00169        if ((*q == '.') || (*q == '/'))    {
00170            q++;
00171            break;
00172        }
00173        if (i >= 3) {
00174            *addr = q;
00175            return -1;
00176        }
00177        an[i++] = *q;
00178        q++;
00179     }
00180     if (i > 0) {
00181        an[i] = '\0';
00182        n = strtol(an, &qn, 10);
00183        if (*qn != '\0') return -1;
00184     } else {
00185        return -1;
00186     }
00187 
00188     *addr = q;
00189     return n;
00190 }
00191 
00192 int
00193 IMAuth::
00194 store_addr_pattern(
00195     const char *pattern, 
00196     int *addr_pattern
00197 )
00198 {
00199     int i, n;
00200     int bl;
00201     const char *p;
00202     char *pn;
00203 
00204     p = pattern;
00205     for (i = 0; i < addr_elements_maxnum; i++) {
00206        n = addr_element_to_number(&p);
00207        if (n < 0) return -1;
00208        addr_pattern[i] = n;
00209     }
00210     if ((p > pattern)
00211        && (p[-1] == '/')) {
00212        bl = strtol(p, &pn, 10);
00213        if (*pn != '\0') return -1;
00214        return bl;
00215     }
00216 
00217     return i * 8;
00218 }
00219 
00220 int
00221 IMAuth::
00222 addr6_element_to_number(
00223     const char **addr
00224 )
00225 {
00226     int i, n;
00227     const char *q;
00228     char *qn;
00229     char an[5];
00230 
00231     i = 0;
00232     q = *addr;
00233     if (*q == ':') {
00234        q++;
00235        if (*q == ':') {
00236            *addr = q;
00237            return -2;
00238        }
00239     }
00240     while (*q) {
00241        if (*q == ':') break;
00242        if (*q == '/') break;
00243        if (i >= 4) {
00244            *addr = q;
00245            return -1;
00246        }
00247        an[i++] = *q;
00248        q++;
00249     }
00250     if (i > 0) {
00251        an[i] = '\0';
00252        n = strtol(an, &qn, 16);
00253        if (*qn != '\0') return -1;
00254     } else {
00255        return -1;
00256     }
00257 
00258     *addr = q;
00259     return n;
00260 }
00261 
00262 int
00263 IMAuth::
00264 store_addr6_pattern(
00265     const char *pattern,
00266     int *addr_pattern
00267 )
00268 {
00269     int i, n;
00270     int bl;
00271     int zidx = -1;
00272     const char *p;
00273     char *pn;
00274 
00275     p = pattern;
00276     for (i = 0; *p; i++) {
00277        if (*p == '/') break;
00278        if (i >= addr6_elements_maxnum) return -1;
00279        n = addr6_element_to_number(&p);
00280        if (n == -1) return -1;
00281        if (n == -2) {
00282            if (zidx >= 0) return -1;
00283            zidx = i;
00284            if ((p[1] == '\0') || (p[1] == '/')) {
00285               p++;
00286               break;
00287            }
00288            i--;
00289        } else {
00290            addr_pattern[i] = n;
00291        }
00292     }
00293 
00294     if (zidx >= 0) {
00295        // zero compression
00296        n = addr6_elements_maxnum - i;
00297        if (n <= 0) return -1;
00298        /*
00299          |<-----------i------------>|
00300          |------------|*************|
00301          |------------|00000000|*************|
00302           |<--zidx---->|<--n--->|             |
00303           |<======addr6_elements_maxnum======>|
00304         */
00305        memmove(&addr_pattern[zidx + n], &addr_pattern[zidx], (i - zidx) * sizeof(int));
00306        memset(&addr_pattern[zidx], 0, n * sizeof(int));
00307        i = addr6_elements_maxnum;
00308     }
00309     if (i < addr6_elements_maxnum) return -1;
00310 
00311     if ((p > pattern) && (*p == '/')) {
00312        // prefix
00313        bl = strtol(p + 1, &pn, 10);
00314        if (*pn != '\0') return -1;
00315        if (bl > i * 16) return -1;
00316     } else {
00317        bl = addr6_elements_maxnum * 16;
00318     }
00319 
00320     return bl;
00321 }
00322 
00323 int
00324 IMAuth::
00325 set_entry(
00326     const char *pattern,
00327     access_type at
00328 )
00329 {
00330     auth_entry *pc;
00331 
00332     if (ae_num >= alloced_ae_num) {
00333        if (!adjust_pae_slot_size(alloced_ae_num * 2))
00334            return 0;
00335     }
00336     
00337     pc = &pae[ae_num];
00338     pc->at = at;
00339     pc->pt = check_pattern_type(pattern);
00340 
00341     switch(pc->pt) {
00342       case HOSTNAME:
00343        pc->addr_pattern = NULL;
00344        pc->host_pattern = normalize_hostname_pattern(pattern);
00345        if (!pc->host_pattern) return 0;
00346        pc->bitlen = 0;
00347        break;
00348       case ADDR:
00349        pc->addr_pattern = (int*) malloc(sizeof(int) * addr_elements_maxnum);
00350        pc->host_pattern = NULL;
00351        pc->bitlen = store_addr_pattern(pattern, pc->addr_pattern);
00352        break;
00353       case ADDR6:
00354        pc->addr_pattern = (int*) malloc(sizeof(int) * addr6_elements_maxnum);
00355        pc->host_pattern = NULL;
00356        pc->bitlen = store_addr6_pattern(pattern, pc->addr_pattern);
00357        break;
00358     }
00359     if (pc->bitlen < 0) return 0;
00360 
00361     ae_num++;
00362 
00363     return 1;
00364 }
00365 
00366 int
00367 IMAuth::
00368 set_default_entry(access_type at)
00369 {
00370     def_at = at;
00371     return 1;
00372 }
00373 
00374 void
00375 IMAuth::
00376 set_command_name(const char *cmdname)
00377 {
00378     if (command_name) free(command_name);
00379     command_name = strdup(cmdname);
00380 }
00381 
00382 
00383 int
00384 IMAuth::
00385 clear_all_entries()
00386 {
00387     int i;
00388     for (i = 0; i < ae_num; i++) {
00389        if (pae[i].host_pattern) free(pae[i].host_pattern);
00390        if (pae[i].addr_pattern) free(pae[i].addr_pattern);
00391     }
00392     ae_num = 0;
00393     if (!adjust_pae_slot_size(init_auth_entry_slot_num))
00394        return 0;
00395 
00396     return 1;
00397 }
00398 
00399 int
00400 IMAuth::
00401 match_hostname_entry(
00402     const char *pat,
00403     const char *hostname
00404 )
00405 {
00406     const char *p, *q;
00407 
00408     p = pat;
00409     q = hostname;
00410     while (*p && *q) {
00411        if (*p == '*') {
00412            p++;
00413            /* psudo longest match principle. */
00414            if (strchr(p, '*')) {
00415               do {
00416                   if (*q == *p) break;
00417               }while (*q++);
00418            } else {
00419               do {
00420                   if (compare_hostname(q, p)) return 1;
00421               }while (*q++);
00422            }
00423        } else {
00424            if (tolower(*p) != tolower(*q)) return 0;
00425            p++;
00426            q++;
00427        }
00428     }
00429     if (domainname && (*q == '.') && (!*p)) {
00430        return compare_hostname(domainname, &q[1]);
00431     }
00432 
00433     if (!*p && !*q) return 1;
00434     return 0;
00435 }
00436 
00437 char*
00438 IMAuth::normalize_hostname_pattern(
00439     const char *pat
00440 )
00441 {
00442     int size;
00443     const char *p, *q;
00444     char *varname, *val;
00445     char *pn, *nstr;
00446 
00447   size = 1;
00448   /* Replace $(VARNAME) */
00449   for (p = pat; *p;) {
00450       if (q = strchr(p, '$')) {
00451          size += (q - p);
00452          q++;
00453          if (*q == '$') {
00454              size++;
00455              p = q + 1;
00456          } else if (*q == '(') {
00457              q++;
00458              p = q;
00459              q = strchr(p, ')');
00460              if (!q) return NULL;
00461              varname = (char*) alloca((q - p + 1) * sizeof(char));
00462              if (!varname) return NULL;
00463              memcpy(varname, p, (q - p));
00464              varname[q - p] = '\0';
00465              val = sm.get_symbol_value(varname);
00466              if (!val) return NULL;
00467              size += strlen(val);
00468              p = q + 1;
00469          } else {
00470              return NULL;
00471          }
00472       } else {
00473          size += strlen(p) + 1;
00474          break;
00475       }
00476   }
00477 
00478   nstr = (char*) malloc(size * sizeof(char));
00479   /* Replace $(VARNAME) */
00480   for (p = pat, pn = nstr; *p;) {
00481       if (q = strchr(p, '$')) {
00482          memcpy(pn, p, (q - p));
00483          pn += q - p;
00484          q++;
00485          if (*q == '$') {
00486              *pn++ = '$';
00487              p = q + 1;
00488          } else if (*q == '(') {
00489              q++;
00490              p = q;
00491              q = strchr(p, ')');
00492              if (!q) return NULL;
00493              varname = (char*) alloca((q - p + 1) * sizeof(char));
00494              if (!varname) return NULL;
00495              memcpy(varname, p, (q - p));
00496              varname[q - p] = '\0';
00497              strcpy(pn, sm.get_symbol_value(varname));
00498              pn += strlen(pn);
00499              p = q + 1;
00500          } else {
00501              abort();
00502          }
00503       } else {
00504          strcpy(pn, p);
00505          break;
00506       }
00507   }
00508 
00509   return nstr;
00510 }
00511 
00512 int
00513 IMAuth::
00514 match_addr46_entry(
00515     const int *pat,
00516     int patbitlen,
00517     const int *addr,
00518     int addrbitlen
00519 )
00520 {
00521   int i, mask, bl;
00522 
00523   if (patbitlen > addrbitlen) return 0;
00524   bl = patbitlen;
00525   i = 0;
00526   while (bl > 0) {
00527       if (bl < 8) {
00528          mask = (1 << bl) - 1;
00529          if ((pat[i] & mask) != (addr[i] & mask)) return 0;
00530          bl = 0;
00531       } else {
00532          if (pat[i] != addr[i]) return 0;
00533          bl -= 8;
00534       }
00535   }
00536   return 1;
00537 }
00538 
00539 int
00540 IMAuth::match_entry(
00541     auth_entry *p
00542 )
00543 {
00544     if (p->pt == HOSTNAME) {
00545        if (!from_hostname) return 0;
00546        return match_hostname_entry(p->host_pattern, from_hostname);
00547     } else if ((p->pt == ADDR) || (p->pt == ADDR6)) {
00548        if (!from_address) return 0;
00549        return match_addr46_entry(p->addr_pattern,
00550                               p->bitlen,
00551                               from_address,
00552                               from_address_bitlen);
00553     }
00554 
00555     return 0;
00556 }
00557 
00558 int
00559 IMAuth::set_hostinfo()
00560 {
00561 #ifdef HAVE_GETHOSTNAME
00562     char hostname[8192];
00563     char *p;
00564     int len;
00565 
00566     if (gethostname(hostname, sizeof(hostname)) < 0) goto error;
00567     sm.set_symbol_value(hostname_symbol_name, hostname);
00568     if (!(p = strchr(hostname, '.'))) {
00569        /* If gethostname() dose not return FQDN,
00570           we cannot help using resolver. */
00571        struct hostent *phe;
00572        char **aliases;
00573        phe = gethostbyname(hostname);
00574        if (!phe) return 0;
00575        p = strchr(phe->h_name, '.');
00576        for (aliases = phe->h_aliases;(!p && *aliases);aliases++)
00577            p = strchr(*aliases, '.');
00578     }
00579     if (p) {
00580        p++;
00581        len = strlen(p);
00582        domainname = (char *) malloc(len + 1);
00583        strcpy(domainname, p);
00584        sm.set_symbol_value(domainname_symbol_name, domainname);
00585     } else {
00586        domainname = NULL;
00587        sm.set_symbol_value(domainname_symbol_name, "");
00588     }
00589     return 1;
00590 
00591  error:
00592 #endif
00593     sm.set_symbol_value(domainname_symbol_name, "");
00594     sm.set_symbol_value(hostname_symbol_name, "");
00595     return 0;
00596 }
00597 
00598 int
00599 IMAuth::set_fd_from(
00600     int fd
00601 )
00602 {
00603     struct sockaddr_storage ss;
00604     struct sockaddr *pname = (struct sockaddr*) &ss;
00605     socklen_t size;
00606 
00607     size = sizeof(ss);
00608 
00609     auth_type = IMAuth::UNDEFINED;
00610 
00611     if (getpeername(fd, pname, &size) < 0) return 0;
00612 
00613     if (pname->sa_family == AF_INET) {
00614        int i;
00615        char *addr;
00616        char *hname;
00617        struct sockaddr_in *pad;
00618        struct hostent *phe_rev, *phe;
00619 
00620        auth_type = IMAuth::TCP;
00621        pad = ((struct sockaddr_in*) pname);
00622        addr = inet_ntoa(pad->sin_addr);
00623        if (!addr) return 0;
00624        if (from_address) free(from_address);
00625        from_address = (int*) malloc(sizeof(int) * addr_elements_maxnum);
00626        memset(from_address, 0, sizeof(int) * addr_elements_maxnum);
00627        from_address_bitlen = store_addr_pattern(addr, from_address);
00628        if (from_address_bitlen < 0) return 0;
00629 
00630        size = sizeof(struct in_addr);
00631        phe_rev = gethostbyaddr((char*)(&pad->sin_addr), size, AF_INET);
00632        if (!phe_rev) return 1;
00633 
00634        hname = (char*) alloca(strlen(phe_rev->h_name) + 1);
00635        if (!hname) return 0;
00636        strcpy(hname, phe_rev->h_name);
00637 
00638        phe = gethostbyname(hname);
00639        if (!phe) return 1;
00640 
00641        if (!compare_hostname(hname, phe->h_name)) return 0;
00642        for (i = 0;phe->h_addr_list[i];i++)
00643            if (memcmp(phe->h_addr_list[i], &(pad->sin_addr), size) == 0) {
00644               if (from_hostname) free(from_hostname);
00645               from_hostname = strdup(hname);
00646               if (!from_hostname) return 0;
00647               return 1;
00648            }
00649     }
00650 #ifdef AF_INET6
00651     else if (pname->sa_family == AF_INET6) {
00652        int i;
00653        char nihost[NI_MAXHOST], nihost2[NI_MAXHOST];
00654        char niserv[NI_MAXSERV];
00655        int from_address2[addr6_elements_maxnum];
00656        int from_address2_bitlen;
00657 
00658        auth_type = IMAuth::TCP;
00659 
00660        if (getnameinfo(pname, size,
00661                      nihost, sizeof(nihost),
00662                      niserv, sizeof(niserv),
00663                      NI_NUMERICHOST) != 0)
00664            return 0;
00665        if (from_address) free(from_address);
00666        from_address = (int*) malloc(sizeof(int) * addr6_elements_maxnum);
00667        memset(from_address, 0, sizeof(int) * addr6_elements_maxnum);
00668        from_address_bitlen = store_addr6_pattern(nihost, from_address);
00669        if (from_address_bitlen < 0) return 0;
00670 
00671        if (getnameinfo(pname, size,
00672                      nihost, sizeof(nihost),
00673                      NULL, 0, 0) != 0)
00674            return 0;
00675 
00676        struct addrinfo hints, *pst, *pst2;
00677        memset(&hints, 0, sizeof(hints));
00678        hints.ai_family = PF_UNSPEC;
00679        hints.ai_socktype = SOCK_STREAM;
00680        if (getaddrinfo(nihost, niserv, &hints, &pst) != 0)
00681            return 0;
00682        pst2 = pst;
00683 
00684        for (i = 0; pst; pst = pst->ai_next) {
00685            if (getnameinfo(pst->ai_addr, pst->ai_addrlen, nihost2,
00686                          sizeof(nihost2), NULL, 0, NI_NUMERICHOST) != 0)
00687               continue;
00688            from_address2_bitlen = store_addr6_pattern(nihost2, from_address2);
00689            if (from_address2_bitlen < 0) continue;
00690            if ((from_address2_bitlen == from_address_bitlen)
00691               && match_addr46_entry(from_address, from_address_bitlen,
00692                                   from_address2, from_address2_bitlen)) {
00693               if (from_hostname) free(from_hostname);
00694               freeaddrinfo(pst2);
00695               from_hostname = strdup(nihost);
00696               if (!from_hostname) return 0;
00697               return 1;
00698            }
00699            free(from_address2);
00700        }
00701        freeaddrinfo(pst2);
00702     }
00703 #endif
00704 #if defined(HAVE_UNIX_SOCKET)
00705     else if (pname->sa_family == AF_UNIX) {
00706         auth_type = IMAuth::UNIX;
00707        if (from_hostname) free(from_hostname);
00708        from_hostname = strdup("localhost");
00709        return 1;
00710     }
00711 #endif
00712     else {
00713        return 0;
00714     }
00715 
00716     return 0;
00717 }
00718 
00719 IMAuth::access_type
00720 IMAuth::get_access_type(
00721     int fd
00722 )
00723 {
00724     int i;
00725     if (!set_fd_from(fd)) return UNKNOWN;
00726     for (i = 0;i < ae_num;i++) {
00727        if (match_entry(&pae[i]))
00728            return pae[i].at;
00729     }
00730 
00731     return def_at;
00732 }
00733 
00734 int
00735 IMAuth::fd_ok(
00736     int fd
00737 )
00738 {
00739     access_type at;
00740 
00741     at = get_access_type(fd);
00742     if (at != IMAuth::DENY) {
00743        if (auth_type == IMAuth::UNIX) {
00744            LOG_INFO("Allow the connection by PF_UNIX.");
00745            return 1;
00746        }
00747 
00748        if (permit_access(command_name, fd)) {
00749            if (at != IMAuth::UNKNOWN) {
00750               LOG_INFO("Allow the connection from %s.", from_hostname);
00751            } else {
00752               LOG_WARNING("Allow the connection from unknown source.");
00753            }
00754            return 1;
00755        }
00756     }
00757     if (at != IMAuth::UNKNOWN) {
00758        LOG_WARNING("Denied the access from %s.", from_hostname);
00759     } else {
00760        LOG_WARNING("Denied the access from unknown source.");
00761     }
00762     return 0;
00763 }
00764 
00765 
00766 int
00767 IMAuth::auth_fd(
00768     int fd,
00769     const char *user,
00770     const char *password
00771 )
00772 {
00773     int flag;
00774 
00775     access_type at = get_access_type(fd);
00776 
00777     switch (at) {
00778       case PERMIT:
00779        if (auth_type == IMAuth::UNIX) {
00780           flag = check_password(fd, user, password);
00781           /* TODO */
00782           if (flag == -1) { 
00783               /* this system doesn't support unix domain credential. */
00784               flag = 1;
00785           }
00786        } else {
00787            flag = 1;
00788        }
00789        break;
00790       case DENY:
00791        flag = 0;
00792        break;
00793       case CHECKUSER:
00794        flag = check_password(fd, user, password);
00795        break;
00796       case PASSWORD:
00797        if (!password || !user) {
00798           flag = 0;
00799        } else {
00800           flag = check_password(fd, user, password);
00801        }
00802        break;
00803       default:
00804        flag = 0;
00805        break;
00806     }
00807 
00808     if (flag) {
00809        if (at != IMAuth::UNKNOWN) {
00810            LOG_INFO("The access from %s@%s was granted.", user, from_hostname);
00811        } else {
00812            LOG_INFO("The access from %s(unknown source) was granted", user);
00813        }
00814     } else {
00815        if (at != IMAuth::UNKNOWN) {
00816            LOG_WARNING("Denied the access from %s@%s.", user, from_hostname);
00817        } else {
00818            LOG_WARNING("Denied the access from %s(unknown source)", user);
00819        }
00820     }
00821 
00822     return flag;
00823 }
00824 
00825 IMAuth::IMAuth()
00826 {
00827     ae_num = 0;
00828     auth_type = IMAuth::UNDEFINED;
00829     from_hostname = NULL;
00830     from_address = NULL;
00831     command_name = domainname = NULL;
00832     alloced_ae_num = init_auth_entry_slot_num;
00833     pae = (auth_entry*) malloc(sizeof(auth_entry) * alloced_ae_num);
00834     if (!pae) alloced_ae_num = 0;
00835     def_at = DENY;
00836     set_hostinfo();
00837 }
00838 
00839 IMAuth::~IMAuth()
00840 {
00841     clear_all_entries();
00842     free(pae);
00843     if (from_address) free(from_address);
00844     if (from_hostname) free(from_hostname);
00845     if (command_name) free(command_name);
00846     if (domainname) free(domainname);
00847 }
00848 
00849 /* Local Variables: */
00850 /* c-file-style: "iiim-project" */
00851 /* End: */