1 # ===================================================================== 2 # logIn.awk: RPC I/O function for rpclib/logIn. 3 # 4 # Copyright (c) 2007,2008,2009,2010 Carlo Strozzi 5 # 6 # This program is free software; you can redistribute it and/or modify 7 # it under the terms of the GNU General Public License as published by 8 # the Free Software Foundation; version 2 dated June, 1991. 9 # 10 # This program is distributed in the hope that it will be useful, 11 # but WITHOUT ANY WARRANTY; without even the implied warranty of 12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 # GNU General Public License for more details. 14 # 15 # You should have received a copy of the GNU General Public License 16 # along with this program; if not, write to the Free Software 17 # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 18 # 19 # ===================================================================== 20 21 # ===================================================================== 22 # void _userproc(int mode) 23 # ===================================================================== 24 25 function _userproc(mode, value,len) { 26 27 if (mode == _O_REQUEST) { # request. 28 29 # target group 30 value = _request("1",1) 31 32 # group must not be null and it may not contain the 33 # unescaped ``.'' character. 34 35 if (value != _NULL && value !~ /\./) { 36 _rcset("cgi.group",unixify(value)) 37 _rcset("cgi.group.literal",value) 38 } 39 40 # Now on to checking actual credentials. 41 42 # user-id will always be considered lower-case and using 43 # an e-mail should not be allowed, to prevent breaking 44 # privacy when a user-id is virtually cancelled. 45 46 value = tolower(_strip(_request("2"))) 47 len = length(value) 48 if (value ~ /^[a-z][-_a-z0-9.]*$/ && \ 49 len > 4 && len < 17) _rcset("CSA_AUTH_USER",value) 50 51 # password (case-sensitive). 52 value = _strip(_request("3")) 53 len = length(value) 54 if (value ~ /^[-+_a-zA-Z0-9@.!:]+$/ && \ 55 len >= 5 && len < 51) _rcset("CSA_AUTH_PW",value) 56 57 # The following test is necessary since the address could, 58 # at least in theory, have been set to any string by the 59 # remote user, due to how it is handled to cope with stunnel(8) 60 # and the lack of transproxy support in kernel 2.4.x. 61 62 if (_isipaddr(ENVIRON["REMOTE_ADDR"]) == _TRUE) 63 value = ENVIRON["REMOTE_ADDR"] 64 else value = "0.0.0.0" 65 66 _rcset("REMOTE_ADDR",value) 67 } 68 } 69 70 # EOF