httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexei Kosut <ako...@hyperreal.com>
Subject cvs commit: apache/src mod_digest.c util_md5.c util_md5.h Configuration.tmpl Makefile.tmpl http_core.c http_core.h http_protocol.c http_protocol.h
Date Thu, 21 Mar 1996 03:50:20 GMT
akosut      96/03/20 19:50:19

  Modified:    src       Configuration.tmpl Makefile.tmpl http_core.c
                        http_core.h  http_protocol.c http_protocol.h
  Added:       src       mod_digest.c util_md5.c util_md5.h
  Log:
  Added some more MD5 support to Apache:
  
  * A new module, mod_digest, which supports digest authentication, as per
    draft-ietf-http-digest-aa-02. Could use some work in terms of being a bit
    more secure in terms of nonce-generating and so forth, and it needs a
    support/ utility to generate htdigest file entries. Use it the same way
    as in NCSA httpd 1.5; AuthType Digest, and use AuthDigestFile to point
    at the file.
  
  * A new server or per-directory directive, ContentDigest. Set it to On,
    and Apache will generate a Content-MD5 header with each file sent. This
    may or may not be useful, and there has been some discussion on http-wg
    about removing this from the spec (it is currently vaugely defined in
    the 1.1 draft), but it doesn't hurt anything.
  
  Reviewed by: Everyone. At least, no one objected during the two weeks given.
  
  Revision  Changes    Path
  1.8       +1 -0      apache/src/Configuration.tmpl
  
  Index: Configuration.tmpl
  ===================================================================
  RCS file: /export/home/cvs/apache/src/Configuration.tmpl,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -C3 -r1.7 -r1.8
  *** Configuration.tmpl	1996/03/17 18:33:51	1.7
  --- Configuration.tmpl	1996/03/21 03:50:12	1.8
  ***************
  *** 158,163 ****
  --- 158,164 ----
    Module cern_meta_module   mod_cern_meta.o
    Module env_module         mod_env.o
    Module anon_auth_module   mod_auth_anon.o
  + Module digest_module      mod_digest.o
    
    # Optional authentication modules, which should only be
    # uncommented out if you have the neccessary system support.
  
  
  
  1.7       +4 -1      apache/src/Makefile.tmpl
  
  Index: Makefile.tmpl
  ===================================================================
  RCS file: /export/home/cvs/apache/src/Makefile.tmpl,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -C3 -r1.6 -r1.7
  *** Makefile.tmpl	1996/03/01 02:46:42	1.6
  --- Makefile.tmpl	1996/03/21 03:50:13	1.7
  ***************
  *** 5,11 ****
    
    OBJS= alloc.o http_main.o http_core.o http_config.o http_request.o \
      http_log.o http_protocol.o rfc1413.o util.o util_script.o modules.o buff.o\
  !   md5c.o $(MODULES)
    
    .c.o:
    	$(CC) -c $(CFLAGS) $(AUX_CFLAGS) $<
  --- 5,11 ----
    
    OBJS= alloc.o http_main.o http_core.o http_config.o http_request.o \
      http_log.o http_protocol.o rfc1413.o util.o util_script.o modules.o buff.o\
  !   md5c.o util_md5.o $(MODULES)
    
    .c.o:
    	$(CC) -c $(CFLAGS) $(AUX_CFLAGS) $<
  ***************
  *** 66,73 ****
  --- 66,76 ----
    mod_cgi.o mod_dir.o mod_imap.o mod_include.o mod_negotiation.o: http_request.h
    mod_proxy.o: md5.h
    mod_asis.o mod_cgi.o mod_dir.o mod_imap.o mod_include.o: util_script.h
  + mod_digest.o: util_md5.h
    
    #Utils
    md5c.o: md5.h
    util.o: http_conf_globals.h
    util_script.o: http_core.h http_main.h http_protocol.h util_script.h
  + util_md5.o: md5.h
  + 
  
  
  
  1.6       +17 -1     apache/src/http_core.c
  
  Index: http_core.c
  ===================================================================
  RCS file: /export/home/cvs/apache/src/http_core.c,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -C3 -r1.5 -r1.6
  *** http_core.c	1996/03/17 18:23:09	1.5
  --- http_core.c	1996/03/21 03:50:14	1.6
  ***************
  *** 62,67 ****
  --- 62,68 ----
    #include "http_main.h"		/* For the default_handler below... */
    #include "http_log.h"
    #include "rfc1413.h"
  + #include "util_md5.h"
    
    /* Server core module... This module provides support for really basic
     * server operations, including options and commands which control the
  ***************
  *** 87,92 ****
  --- 88,95 ----
        conf->opts = dir ? OPT_UNSET : OPT_ALL;
        conf->override = dir ? OR_UNSET : OR_ALL;
    
  +     conf->content_md5 = 2;
  + 
        conf->hostname_lookups = 2;/* binary, but will use 2 as an "unset = on" */
        conf->do_rfc1413 = DEFAULT_RFC1413 | 2;  /* set bit 1 to indicate default */
        return (void *)conf;
  ***************
  *** 118,123 ****
  --- 121,127 ----
        if (new->hostname_lookups != 2)
    	conf->hostname_lookups = new->hostname_lookups;
        if ((new->do_rfc1413 & 2) == 0) conf->do_rfc1413 = new->do_rfc1413;
  +     if ((new->content_md5 & 2) == 0) conf->content_md5 = new->content_md5;
    
        return (void*)conf;
    }
  ***************
  *** 623,628 ****
  --- 627,637 ----
        return NULL;
    }
    
  + char *set_content_md5 (cmd_parms *cmd, core_dir_config *d, int arg) {
  +     d->content_md5 = arg;
  +     return NULL;
  + }
  + 
    char *set_daemons_to_start (cmd_parms *cmd, void *dummy, char *arg) {
        daemons_to_start = atoi (arg);
        return NULL;
  ***************
  *** 749,754 ****
  --- 758,764 ----
    { "KeepAliveTimeout", set_keep_alive_timeout, NULL, RSRC_CONF, TAKE1, "Keep-Alive timeout
duration (sec)"},
    { "KeepAlive", set_keep_alive, NULL, RSRC_CONF, TAKE1, "Maximum Keep-Alive requests per
connection (0 to disable)" },
    { "IdentityCheck", set_idcheck, NULL, RSRC_CONF|ACCESS_CONF, FLAG, NULL },
  + { "ContentDigest", set_content_md5, NULL, RSRC_CONF|ACCESS_CONF|OR_AUTHCFG, FLAG, "whether
or not to send a Content-MD5 header with each request" },
    { "CacheNegotiatedDocs", },
    { "StartServers", set_daemons_to_start, NULL, RSRC_CONF, TAKE1, NULL },
    { "MinSpareServers", set_min_free_servers, NULL, RSRC_CONF, TAKE1, NULL },
  ***************
  *** 794,799 ****
  --- 804,811 ----
    
    int default_handler (request_rec *r)
    {
  +     core_dir_config *d =
  +       (core_dir_config *)get_module_config(r->per_dir_config, &core_module);
        int errstatus;
        FILE *f;
        
  ***************
  *** 818,824 ****
            log_reason("file permissions deny server access", r->filename, r);
            return FORBIDDEN;
        }
  !       
        soft_timeout ("send", r);
        
        send_http_header (r);
  --- 830,840 ----
            log_reason("file permissions deny server access", r->filename, r);
            return FORBIDDEN;
        }
  ! 
  !     if (d->content_md5 & 1) {
  !       table_set (r->headers_out, "Content-MD5", md5digest(r->pool, f));
  !     }
  ! 
        soft_timeout ("send", r);
        
        send_http_header (r);
  
  
  
  1.5       +2 -0      apache/src/http_core.h
  
  Index: http_core.h
  ===================================================================
  RCS file: /export/home/cvs/apache/src/http_core.h,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -C3 -r1.4 -r1.5
  *** http_core.h	1996/03/01 02:46:44	1.4
  --- http_core.h	1996/03/21 03:50:15	1.5
  ***************
  *** 140,145 ****
  --- 140,147 ----
        char *auth_type;
        char *auth_name;
        array_header *requires;
  + 
  +     int content_md5;
        
        /* Custom response config. These can contain text or a URL to redirect to.
         */
  
  
  
  1.8       +20 -1     apache/src/http_protocol.c
  
  Index: http_protocol.c
  ===================================================================
  RCS file: /export/home/cvs/apache/src/http_protocol.c,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -C3 -r1.7 -r1.8
  *** http_protocol.c	1996/03/01 19:37:18	1.7
  --- http_protocol.c	1996/03/21 03:50:15	1.8
  ***************
  *** 384,398 ****
    {
    } 
    
  ! /* Support for the Basic authentication protocol.  
     */
    
    void note_basic_auth_failure(request_rec *r)
    {
        table_set (r->err_headers_out, "WWW-Authenticate",
    	       pstrcat(r->pool, "Basic realm=\"", auth_name(r), "\"", NULL));
    }
    
    
    int get_basic_auth_pw (request_rec *r, char **pw)
    {
  --- 384,417 ----
    {
    } 
    
  ! /* Support for the Basic authentication protocol, and a bit for Digest.
     */
    
  + void note_auth_failure(request_rec *r)
  + {
  +     if (!strcasecmp(auth_type(r), "Basic"))
  +       return note_basic_auth_failure(r);
  +     else if(!strcasecmp(auth_type(r), "Digest"))
  +       return note_digest_auth_failure(r);
  + }
  + 
    void note_basic_auth_failure(request_rec *r)
    {
  +     if (strcasecmp(auth_type(r), "Basic"))
  +       return note_auth_failure(r);
        table_set (r->err_headers_out, "WWW-Authenticate",
    	       pstrcat(r->pool, "Basic realm=\"", auth_name(r), "\"", NULL));
    }
    
  + void note_digest_auth_failure(request_rec *r)
  + {
  +     char nonce[10];
  + 
  +     sprintf(nonce, "%lu", time(NULL));
  +     table_set (r->err_headers_out, "WWW-Authenticate",
  +                pstrcat(r->pool, "Digest realm=\"", auth_name(r),
  +                        "\", nonce=\"", nonce, "\"", NULL));
  + }
    
    int get_basic_auth_pw (request_rec *r, char **pw)
    {
  
  
  
  1.5       +7 -1      apache/src/http_protocol.h
  
  Index: http_protocol.h
  ===================================================================
  RCS file: /export/home/cvs/apache/src/http_protocol.h,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -C3 -r1.4 -r1.5
  *** http_protocol.h	1996/03/01 02:34:33	1.4
  --- http_protocol.h	1996/03/21 03:50:15	1.5
  ***************
  *** 147,156 ****
     *
     * note_basic_auth_failure arranges for the right stuff to be scribbled on
     * the HTTP return so that the client knows how to authenticate itself the
  !  * next time.
     */
    
    void note_basic_auth_failure(request_rec *r);
    int get_basic_auth_pw (request_rec *r, char **pw);
    
    /*
  --- 147,162 ----
     *
     * note_basic_auth_failure arranges for the right stuff to be scribbled on
     * the HTTP return so that the client knows how to authenticate itself the
  !  * next time. As does note_digest_auth_failure for Digest auth.
  !  *
  !  * note_auth_failure does the same thing, but will call the correct one
  !  * based on the authentication type in use.
  !  *
     */
    
  + void note_auth_failure(request_rec *r);
    void note_basic_auth_failure(request_rec *r);
  + void note_digest_auth_failure(request_rec *r);
    int get_basic_auth_pw (request_rec *r, char **pw);
    
    /*
  
  
  

Mime
View raw message