-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.php
103 lines (90 loc) · 3.02 KB
/
auth.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
<?php
#
# Functions to authenticate users with the HTTP "Basic" password
# box. Original author Federico Sacerdoti <[email protected]>
#
#-------------------------------------------------------------------------------
# Returns an array of clusters that want to be private.
# Get list of private clusters. Put in $private[cluster name]="password"
function embarrassed ()
{
global $gmetad_root;
$private = array();
# The @ in front of a function name suppresses any warnings from it.
$fp=@fopen("./private_clusters","r");
if ($fp) {
while(!feof($fp)) {
$line=chop(fgets($fp,255));
if (!$line or !strcspn($line,"#")) { continue; }
$list=split("=",$line);
if (count($list)!=2) { continue; }
$name=trim($list[0]);
$pass=trim($list[1]);
$private[$name] = $pass;
}
fclose($fp);
}
return $private;
}
#-------------------------------------------------------------------------------
function authenticate()
{
global $clustername, $cluster;
$private_clusters = array_keys( embarrassed() );
if( in_array( $clustername, $private_clusters ) && ( $clustername == $cluster['NAME'] ) )
{
$auth_header = "WWW-authenticate: basic realm=\"Ganglia Private Cluster: " . $clustername . "\"";
}
else
{
$auth_header = "WWW-authenticate: basic realm=\"Ganglia Private Cluster\"";
}
header( $auth_header );
header("HTTP/1.0 401 Unauthorized");
#print "<HTML><HEAD><META HTTP-EQUIV=refresh CONTENT=1 URL=\"../?c=\"></HEAD>";
print "<H1>You are unauthorized to view the details of this Cluster</H1>";
print "In order to access this cluster page you will need a valid name and ".
"password.<BR>";
print "<H4><A HREF=\"./\">Back to Meta Cluster page</A></H4>";
exit;
}
#-------------------------------------------------------------------------------
function checkprivate()
{
global $clustername, $context;
# Allow the Meta context page.
if ($context=="meta") { return; }
$private=embarrassed();
if (isset($private[$clustername]) and $private[$clustername]) {
#echo "The password for $clustername is $private[$clustername]<br>";
if (empty($_SERVER['PHP_AUTH_PW'])) {
authenticate();
}
else {
# Check password (in md5 format). Username does not matter.
if (md5($_SERVER['PHP_AUTH_PW']) != $private[$clustername]) {
authenticate();
}
}
}
}
#-------------------------------------------------------------------------------
# To be called when in the control context. Assumes the password file
# "$gmetad_root/etc/private_clusters has an entry called "controlroom".
# The control room is always embarrassed.
function checkcontrol()
{
global $context;
if ($context != "control") { return; }
if (empty($_SERVER['PHP_AUTH_PW'])) {
authenticate();
}
else {
#echo "You entered password ". md5($PHP_AUTH_PW) ." ($PHP_AUTH_PW)<br>";
$private=embarrassed();
if (md5($_SERVER['PHP_AUTH_PW']) != $private["controlroom"]) {
authenticate();
}
}
}
?>