validate an HTTP basic authorisation request

library “libkcgi”

#include <sys/types.h>
#include <stdarg.h>
#include <stdint.h>
#include <kcgi.h>
khttpbasic_validate(struct kreq *req, const char *user, const char *password);

The khttpbasic_validate() function validates the given user and password with the HTTP basic-authorised request req as returned by khttp_parse(3) or khttp_fcgi_parse(3).

khttpbasic_validate() will return zero if validation failed, less than zero if the request was not properly set up for HTTP basic validation (no HTTP method, not a basic request, not already authenticated by the web server), or greater than zero if the validation succeeded.

In the following fragment, assume r a pointer to a struct kreq successfully initialised by khttp_parse(3). If validation is not provided, it returns an HTTP 401. The expected principle is “james”, password “bond”. Otherwise, it returns an HTTP 200.
if (khttpbasic_validate(r, "james", "bond") <= 0) { 
  khttp_head(r, kresps[KRESP_STATUS], 
    "%s", khttps[KHTTP_401]); 
  khttp_head(r, kresps[KRESP_WWW_AUTHENTICATE], 
    "basic realm=\"%s\"", "some realm"); 
} else 
  khttp_head(r, kresps[KRESP_STATUS], 
    "%s", khttps[KHTTP_200]);

kcgi(3), khttp_fcgi_parse(3), khttp_parse(3), khttpdigest_validate(3)

The khttpbasic_validate() function was written by Kristaps Dzonsons <>.
September 28, 2018 OpenBSD 6.4