SANEI 1.3.1.72-4c77c
|
Interface for authorization of resources. More...
Go to the source code of this file.
Functions | |
SANE_Status | sanei_authorize (const char *resource, const char *backend, SANE_Auth_Callback authorize) |
Check authorization for a resource. More... | |
Interface for authorization of resources.
This file implements an interface for user authorization. The authorization call is forwarded to the frontend which asks for a username and password. An MD5 digest is used if supported by the frontend.
SANE_Status sanei_authorize | ( | const char * | resource, |
const char * | backend, | ||
SANE_Auth_Callback | authorize | ||
) |
Check authorization for a resource.
This function looks for the file SANE_CONFIG_DIR/backend.users. If this file doesn't exist, sanei_authorize always returns SANE_STATUS_GOOD. The file backend.users contains a list of usernames, passwords, and resources:
username:password:resource username:password:resource
If the requested resource isn't listed in this file, sanei_authorize return SANE_SATUS_GOOD. In all other cases, sanei_authorize sends a challenge to the frontend of the form
resource$MD5$randomstring
where randomstring consists of the PID, the time, and some random characters. It accepts two forms of answers
std: username:password md5: username:$MD5$m5digest
where md5digest is md5(randomstring password).
If this username/password/resource triple is listed in backend.users sanei_authorize returns SANE_STATUS_GOOD, in all other cases it returns SANE_STATUS_ACCESS_DENIED.
resource | resource to authorize |
backend | backend name |
authorize | auth callback |