httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@hyperreal.com>
Subject cvs commit: apache/src mod_auth_msql.c
Date Sun, 30 Jun 1996 22:36:59 GMT
brian       96/06/30 15:36:59

  Modified:    src       mod_auth_msql.c
  Log:
  Submitted by:	"Dirk.vanGulik" <Dirk.vanGulik@jrc.it>
  
  Updated module from Dirk - more backwards-Vitek-compatibility issues
  addressed.
  
  Revision  Changes    Path
  1.9       +25 -19    apache/src/mod_auth_msql.c
  
  Index: mod_auth_msql.c
  ===================================================================
  RCS file: /export/home/cvs/apache/src/mod_auth_msql.c,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -C3 -r1.8 -r1.9
  *** mod_auth_msql.c	1996/06/17 20:52:05	1.8
  --- mod_auth_msql.c	1996/06/30 22:36:57	1.9
  ***************
  *** 284,289 ****
  --- 284,295 ----
     *		Replaced some MAX_STRING_LENGTH claims. 
     *	   1.0  removed some error check as they where already done elsehwere
     *	        NumFields -> NumRows (Thanks Vitek). More stack memory.
  +  *	   1.1	no logging of empty password strings.
  +  * 	   1.2  Problem with the Backward vitek which cause it to check
  +  *		even if msql_auth was not configured; Also more carefull
  +  *		with the authorative stuff; caught by thomas@marvin.calvacom.fr.
  +  *	   1.3  Even more changes to get it right; that BACKWARD thing was a bad
  +  *		idea. 
     */
    
    
  ***************
  *** 392,400 ****
    #include "http_log.h"
    #include "http_protocol.h"
    #include <msql.h>
  - #ifdef HAVE_CRYPT_H
    #include <crypt.h>
  - #endif
    
    typedef struct  {
    
  --- 398,404 ----
  ***************
  *** 778,788 ****
         * We do not check on dbase, group, userid or host name, as it is
         * perfectly possible to only do group control with mSQL and leave
         * user control to the next (dbm) guy in line.
         */
  !     if (
  !     	(!sec->auth_msql_pwd_table) &&
  !     	(!sec->auth_msql_pwd_field)
  ! 	 ) return DECLINED;
    
        if(!(real_pw = get_msql_pw(r, c->user, sec,msql_errstr ))) {
    	if ( msql_errstr[0] ) {
  --- 782,791 ----
         * We do not check on dbase, group, userid or host name, as it is
         * perfectly possible to only do group control with mSQL and leave
         * user control to the next (dbm) guy in line.
  +      * We no longer check on the user field name; to avoid problems
  +      * with Backward VITEK.
         */
  !     if (!sec->auth_msql_pwd_table) return DECLINED;
    
        if(!(real_pw = get_msql_pw(r, c->user, sec,msql_errstr ))) {
    	if ( msql_errstr[0] ) {
  ***************
  *** 809,816 ****
  --- 812,821 ----
         */
    
        if ((sec->auth_msql_nopasswd) && (!strlen(real_pw))) {
  + /*
            sprintf(msql_errstr,"mSQL: user %s: Empty/'any' password accepted",c->user);
    	log_reason (msql_errstr, r->uri, r);
  +  */
    	return OK;
    	};
    
  ***************
  *** 862,867 ****
  --- 867,875 ----
        char *t, *w;
        msql_errstr[0]='\0';
    
  +     /* If we are not configured, ignore */
  +     if (!sec->auth_msql_pwd_table) return DECLINED;
  + 
        if (!reqs_arr) {
    	if (sec->auth_msql_authorative) {
    	        sprintf(msql_errstr,"user %s denied, no access rules specified (MSQL-Authorative)
",user);
  ***************
  *** 929,953 ****
    	    };
            }
    
  !     /* we do not have to check the valid-ness of the group result as
  !      * have not (yet) a 'valid-group' token
         */
  !     if ( (user_result != OK) && (sec->auth_msql_authorative) ) {
  !         sprintf(msql_errstr,"User %s denied, no access rules applied (MSQL-Authorative)
",user);
    	log_reason (msql_errstr, r->uri, r);
  -         note_basic_auth_failure(r);
    	return AUTH_REQUIRED;
    	};
    
    
  !     /* if the user is DECLINED, it is up to the group_result to tip
  !      * the balance. But if the group result is AUTH_REQUIRED it should
  !      * always override. A SERVER_ERROR should not get here. 
  !      */
  !     if ( (user_result == DECLINED) || (group_result == AUTH_REQUIRED))
  ! 	return group_result;
  ! 
  !     return user_result;
    }
    
    
  --- 937,959 ----
    	    };
            }
    
  !     /* Get serious if we are authorative, previous
  !      * returns are only if msql yielded a correct result. 
  !      * This really is not needed.
         */
  !     if (((group_result == AUTH_REQUIRED) || (user_result == AUTH_REQUIRED)) &&
(sec->auth_msql_authorative) ) {
  !         sprintf(msql_errstr,"mSQL-Authorative: Access denied on %s %s rule(s) ", 
  ! 		(group_result == AUTH_REQUIRED) ? "USER" : "", 
  ! 		(user_result == AUTH_REQUIRED) ? "GROUP" : ""
  ! 		);
    	log_reason (msql_errstr, r->uri, r);
    	return AUTH_REQUIRED;
    	};
    
  +     if ( (user_result == OK) || (group_result == OK))
  + 	return OK;
    
  !     return DECLINED;
    }
    
    
  
  
  

Mime
View raw message