1 files changed, 0 insertions, 235 deletions
diff --git a/c/src/libnetworking/rtems_webserver/security.c b/c/src/libnetworking/rtems_webserver/security.c
deleted file mode 100644
index 9064b5d56f..0000000000
--- a/c/src/libnetworking/rtems_webserver/security.c
+++ /dev/null
@@ -1,235 +0,0 @@
-/*
- * security.c -- Security handler
- *
- * Copyright (c) GoAhead Software Inc., 1995-2000. All Rights Reserved.
- *
- * See the file "license.txt" for usage and redistribution license requirements
- *
- * $Id$
- */
-
-/******************************** Description *********************************/
-
-/*
- *	This module provides a basic security policy.
- */
-
-/********************************* Includes ***********************************/
-
-#include	"wsIntrn.h"
-#include	"um.h"
-#ifdef DIGEST_ACCESS_SUPPORT
-#include	"websda.h"
-#endif
-
-/********************************** Defines ***********************************/
-/*
- *	The following #defines change the behaviour of security in the absence 
- *	of User Management.
- *	Note that use of User management functions require prior calling of
- *	umInit() to behave correctly
- */
-
-#ifndef USER_MANAGEMENT_SUPPORT
-#define umGetAccessMethodForURL(url) AM_FULL
-#define umUserExists(userid) 0
-#define umUserCanAccessURL(userid, url) 1
-#define umGetUserPassword(userid) websGetPassword()
-#define umGetAccessLimitSecure(accessLimit) 0
-#define umGetAccessLimit(url) NULL
-#endif
-
-/******************************** Local Data **********************************/
-
-static char_t	websPassword[WEBS_MAX_PASS];	/* Access password (decoded) */
-#ifdef _DEBUG
-static int		debugSecurity = 1;
-#else
-static int		debugSecurity = 0;
-#endif
-
-/*********************************** Code *************************************/
-/*
- *	Determine if this request should be honored
- */
-
-int websSecurityHandler(webs_t wp, char_t *urlPrefix, char_t *webDir, int arg, 
-						char_t *url, char_t *path, char_t *query)
-{
-	char_t			*type, *userid, *password, *accessLimit;
-	int				flags, nRet;
-	accessMeth_t	am;
-
-	a_assert(websValid(wp));
-	a_assert(url && *url);
-	a_assert(path && *path);
-/*
- *	Get the critical request details
- */
-	type = websGetRequestType(wp);
-	password = websGetRequestPassword(wp);
-	userid = websGetRequestUserName(wp);
-	flags = websGetRequestFlags(wp);
-/*
- *	Get the access limit for the URL.  Exit if none found.
- */
-	accessLimit = umGetAccessLimit(path);
-	if (accessLimit == NULL) {
-		return 0;
-	}
-		 
-/*
- *	Check to see if URL must be encrypted
- */
-#ifdef WEBS_SSL_SUPPORT
-	nRet = umGetAccessLimitSecure(accessLimit);
-	if (nRet && ((flags & WEBS_SECURE) == 0)) {
-		websStats.access++;
-		websError(wp, 405, T("Access Denied\nSecure access is required."));
-		trace(3, T("SEC: Non-secure access attempted on <%s>\n"), path);
-      /* bugfix 5/24/02 -- we were leaking the memory pointed to by
-       * 'accessLimit'. Thanks to Simon Byholm.
-       */
-      bfree(B_L, accessLimit);
-		return 1;
-	}
-#endif
-
-/*
- *	Get the access limit for the URL
- */
-	am = umGetAccessMethodForURL(accessLimit);
-
-	nRet = 0;
-	if ((flags & WEBS_LOCAL_REQUEST) && (debugSecurity == 0)) {
-/*
- *		Local access is always allowed (defeat when debugging)
- */
-	} else if (am == AM_NONE) {
-/*
- *		URL is supposed to be hidden!  Make like it wasn't found.
- */
-		websStats.access++;
-		websError(wp, 400, T("Page Not Found"));
-		nRet = 1;
-	} else 	if (userid && *userid) {
-		if (!umUserExists(userid)) {
-			websStats.access++;
-			websError(wp, 401, T("Access Denied\nUnknown User"));
-			trace(3, T("SEC: Unknown user <%s> attempted to access <%s>\n"), 
-				userid, path);
-			nRet = 1;
-		} else if (!umUserCanAccessURL(userid, accessLimit)) {
-			websStats.access++;
-			websError(wp, 403, T("Access Denied\nProhibited User"));
-			nRet = 1;
-		} else if (password && * password) {
-			char_t * userpass = umGetUserPassword(userid);
-			if (userpass) {
-				if (gstrcmp(password, userpass) != 0) {
-					websStats.access++;
-					websError(wp, 401, T("Access Denied\nWrong Password"));
-					trace(3, T("SEC: Password fail for user <%s>")
-								T("attempt to access <%s>\n"), userid, path);
-					nRet = 1;
-				} else {
-/*
- *					User and password check out.
- */
-				}
-
-				bfree (B_L, userpass);
-			}
-#ifdef DIGEST_ACCESS_SUPPORT
-		} else if (flags & WEBS_AUTH_DIGEST) {
-
-			char_t *digestCalc;
-
-/*
- *			Check digest for equivalence
- */
-			wp->password = umGetUserPassword(userid);
-
-			a_assert(wp->digest);
-			a_assert(wp->nonce);
-			a_assert(wp->password);
-							 
-			digestCalc = websCalcDigest(wp);
-			a_assert(digestCalc);
-
-			if (gstrcmp(wp->digest, digestCalc) != 0) {
-				websStats.access++;
-				websError(wp, 405, T("Access Denied\nWrong Password"));
-				nRet = 1;
-			}
-
-			bfree (B_L, digestCalc);
-#endif
-		} else {
-/*
- *			No password has been specified
- */
-#ifdef DIGEST_ACCESS_SUPPORT
-			if (am == AM_DIGEST) {
-				wp->flags |= WEBS_AUTH_DIGEST;
-			}
-#endif
-			websStats.errors++;
-			websError(wp, 401, 
-				T("Access to this document requires a password"));
-			nRet = 1;
-		}
-	} else if (am != AM_FULL) {
-/*
- *		This will cause the browser to display a password / username
- *		dialog
- */
-#ifdef DIGEST_ACCESS_SUPPORT
-		if (am == AM_DIGEST) {
-			wp->flags |= WEBS_AUTH_DIGEST;
-		}
-#endif
-		websStats.errors++;
-		websError(wp, 401, T("Access to this document requires a User ID"));
-		nRet = 1;
-	}
-
-	bfree(B_L, accessLimit);
-
-	return nRet;
-}
-
-/******************************************************************************/
-/*
- *	Delete the default security handler
- */
-
-void websSecurityDelete()
-{
-	websUrlHandlerDelete(websSecurityHandler);
-}
-
-/******************************************************************************/
-/*
- *	Store the new password, expect a decoded password. Store in websPassword in 
- *	the decoded form.
- */
-
-void websSetPassword(char_t *password)
-{
-	a_assert(password);
-
-	gstrncpy(websPassword, password, TSZ(websPassword));
-}
-
-/******************************************************************************/
-/*
- *	Get password, return the decoded form
- */
-
-char_t *websGetPassword()
-{
-	return bstrdup(B_L, websPassword);
-}
-
-/******************************************************************************/