suzanne.soy/racket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bug

Browse Source 
svn: r4535
This commit is contained in:
Jay McCarthy 2006-10-09 20:09:29 +00:00
parent e98caf31c1
commit 37a25a74df
1 changed files with 31 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
collects/web-server/dispatchers/dispatch-passwords.ss
View File

@ -23,20 +23,23 @@
(define last-read-time (box #f)) (define last-read-time (box #f))
(define password-cache (box #f)) (define password-cache (box #f))
(define (update-password-cache!) (define (update-password-cache!)
(define cur-mtime (file-or-directory-modify-seconds password-file)) (when (and (file-exists? password-file) (memq 'read (file-or-directory-permissions password-file)))
(when (or (not (unbox last-read-time)) (let ([cur-mtime (file-or-directory-modify-seconds password-file)])
(cur-mtime . > . (unbox last-read-time)) (when (or (not (unbox last-read-time))
(not (unbox password-cache))) (cur-mtime . > . (unbox last-read-time))
(set-box! last-read-time cur-mtime) (not (unbox password-cache)))
; more here - a malformed password file will kill the connection (set-box! last-read-time cur-mtime)
(set-box! password-cache (read-passwords password-file)))) ; more here - a malformed password file will kill the connection
(set-box! password-cache (read-passwords password-file))))))
(define (read-password-cache) (define (read-password-cache)
(update-password-cache!) (update-password-cache!)
(unbox password-cache)) (unbox password-cache))
(lambda (conn req) (lambda (conn req)
(define-values (uri method path) (decompose-request req)) (define-values (uri method path) (decompose-request req))
(define denied? (read-password-cache))
(cond (cond
[(access-denied? method path (request-headers/raw req) (read-password-cache)) [(and denied?
(access-denied? method path (request-headers/raw req) denied?))
=> (lambda (realm) => (lambda (realm)
(adjust-connection-timeout! conn password-connection-timeout) (adjust-connection-timeout! conn password-connection-timeout)
(request-authentication conn method uri (request-authentication conn method uri
@ -80,27 +83,25 @@
(raise (make-exn:password-file (string->immutable-string (raise (make-exn:password-file (string->immutable-string
(format "could not load password file ~a" password-path)) (format "could not load password file ~a" password-path))
(current-continuation-marks))))]) (current-continuation-marks))))])
(if (and (file-exists? password-path) (memq 'read (file-or-directory-permissions password-path))) (let ([passwords
(let ([passwords (let ([raw (load password-path)])
(let ([raw (load password-path)]) (unless (password-list? raw)
(unless (password-list? raw) (raise "malformed passwords"))
(raise "malformed passwords")) (map (lambda (x) (make-pass-entry (car x) (regexp (cadr x)) (cddr x)))
(map (lambda (x) (make-pass-entry (car x) (regexp (cadr x)) (cddr x))) raw))])
raw))])
;; string symbol bytes -> (or/c #f string) ;; string symbol bytes -> (or/c #f string)
(lambda (request-path user-name password) (lambda (request-path user-name password)
(ormap (lambda (x) (ormap (lambda (x)
(and (regexp-match (pass-entry-pattern x) request-path) (and (regexp-match (pass-entry-pattern x) request-path)
(let ([name-pass (assq user-name (pass-entry-users x))]) (let ([name-pass (assq user-name (pass-entry-users x))])
(if (and name-pass (if (and name-pass
(string=? (string=?
(cadr name-pass) (cadr name-pass)
(bytes->string/utf-8 password))) (bytes->string/utf-8 password)))
#f #f
(pass-entry-domain x))))) (pass-entry-domain x)))))
passwords))) passwords)))))
(lambda (req user pass) #f))))
(define fake-user (gensym)) (define fake-user (gensym))