commit a068a093ed454b5cfd537a6916f6b32c18a541b6
from: Omar Polo <op@omarpolo.com>
date: Sun May 25 13:18:16 2025 UTC

wip

commit - 0f8eee61992c809b47f89d1c34c192cfe607aa2d
commit + a068a093ed454b5cfd537a6916f6b32c18a541b6
blob - a8a7c9466451b8e9def914e038d5915e00df8585
blob + fa8132a21696068f4db352dd35593a0f5141eaf6
--- gotwebd/auth.c
+++ gotwebd/auth.c
@@ -46,6 +46,9 @@ struct gotwebd_auth_client {
 static volatile int client_cnt;
 static int inflight;
 
+/* int */
+/* auth_is_allowed(const char *token, ) */
+
 static int
 auth_socket_listen(struct gotwebd *env, struct socket *sock,
     uid_t uid, gid_t gid)
blob - df49986c584e5a1f45a0def6d23843ddbdc8ef91
blob + ef857b1822420fd49de5f69449ded65e2f7e3e85
--- gotwebd/fcgi.c
+++ gotwebd/fcgi.c
@@ -264,6 +264,44 @@ process_request(struct request *c)
 	c->resp_fd = pipe[1];
 	c->resp_event = resp_event;
 	c->client_status = CLIENT_REQUEST;
+}
+
+static void
+parse_cookie_hdr(struct request *c, char *hdr, size_t len)
+{
+	size_t	 l;
+	char	*end;
+
+	while (len > 0) {
+		if (hdr[0] == ' ' || hdr[0] == '\t') {
+			hdr++;
+			len--;
+			continue;
+		}
+
+		/* looking at the start of name=val */
+
+		if ((end = memchr(hdr, ' ', len)) == NULL ||
+		    (end = memchr(hdr, '\t', len)) == NULL)
+			end = hdr + len;
+		l = end - hdr;
+
+		if (len > 8 && !strncmp(hdr, "gwdauth=", 8)) {
+			hdr += 8;
+			len -= 8;
+
+			if (l < MAX_AUTH_COOKIE - 1) {
+				memcpy(c->auth_cookie, hdr, l);
+				c->auth_cookie[l] = '\0';
+			}
+
+			return;
+		}
+
+		/* skip to the next one */
+		hdr += l;
+		len -= l;
+	}
 }
 
 void
@@ -350,6 +388,10 @@ fcgi_parse_params(uint8_t *buf, uint16_t n, struct req
 		    strncmp(buf, "HTTPS", 5) == 0)
 			c->https = 1;
 
+		if (name_len == 11 &&
+		    strncmp(buf, "HTTP_COOKIE", 11) == 0)
+			parse_cookie_hdr(c, val, val_len);
+
 		buf += name_len + val_len;
 		n -= name_len - val_len;
 	}
blob - 737a37ad20b63c7ae87bf64f804979d32603ba64
blob + 2f8293f012017b37b7f116ff8eed22b51e241760
--- gotwebd/gotwebd.h
+++ gotwebd/gotwebd.h
@@ -59,6 +59,7 @@
 #define MAX_QUERYSTRING		 2048
 #define MAX_DOCUMENT_URI	 255
 #define MAX_SERVER_NAME		 255
+#define MAX_AUTH_COOKIE		 255
 
 #define GOTWEB_GIT_DIR		 ".git"
 
@@ -273,6 +274,7 @@ struct request {
 	char				 querystring[MAX_QUERYSTRING];
 	char				 document_uri[MAX_DOCUMENT_URI];
 	char				 server_name[MAX_SERVER_NAME];
+	char				 auth_cookie[MAX_AUTH_COOKIE];
 	int				 https;
 
 	uint8_t				 request_started;