httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@hyperreal.com>
Subject cvs commit: apache/src mod_auth_msql.c
Date Mon, 01 Jul 1996 19:04:13 GMT
brian       96/07/01 12:04:11

  Modified:    src       mod_auth_msql.c
  Log:
  Reverse mod_auth_msql.c changes, back to version 1.0.
  
  Revision  Changes    Path
  1.10      +19 -25    apache/src/mod_auth_msql.c
  
  Index: mod_auth_msql.c
  ===================================================================
  RCS file: /export/home/cvs/apache/src/mod_auth_msql.c,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -C3 -r1.9 -r1.10
  *** mod_auth_msql.c	1996/06/30 22:36:57	1.9
  --- mod_auth_msql.c	1996/07/01 19:04:08	1.10
  ***************
  *** 284,295 ****
     *		Replaced some MAX_STRING_LENGTH claims. 
     *	   1.0  removed some error check as they where already done elsehwere
     *	        NumFields -> NumRows (Thanks Vitek). More stack memory.
  -  *	   1.1	no logging of empty password strings.
  -  * 	   1.2  Problem with the Backward vitek which cause it to check
  -  *		even if msql_auth was not configured; Also more carefull
  -  *		with the authorative stuff; caught by thomas@marvin.calvacom.fr.
  -  *	   1.3  Even more changes to get it right; that BACKWARD thing was a bad
  -  *		idea. 
     */
    
    
  --- 284,289 ----
  ***************
  *** 398,404 ****
  --- 392,400 ----
    #include "http_log.h"
    #include "http_protocol.h"
    #include <msql.h>
  + #ifdef HAVE_CRYPT_H
    #include <crypt.h>
  + #endif
    
    typedef struct  {
    
  ***************
  *** 782,791 ****
         * We do not check on dbase, group, userid or host name, as it is
         * perfectly possible to only do group control with mSQL and leave
         * user control to the next (dbm) guy in line.
  -      * We no longer check on the user field name; to avoid problems
  -      * with Backward VITEK.
         */
  !     if (!sec->auth_msql_pwd_table) return DECLINED;
    
        if(!(real_pw = get_msql_pw(r, c->user, sec,msql_errstr ))) {
    	if ( msql_errstr[0] ) {
  --- 778,788 ----
         * We do not check on dbase, group, userid or host name, as it is
         * perfectly possible to only do group control with mSQL and leave
         * user control to the next (dbm) guy in line.
         */
  !     if (
  !     	(!sec->auth_msql_pwd_table) &&
  !     	(!sec->auth_msql_pwd_field)
  ! 	 ) return DECLINED;
    
        if(!(real_pw = get_msql_pw(r, c->user, sec,msql_errstr ))) {
    	if ( msql_errstr[0] ) {
  ***************
  *** 812,821 ****
         */
    
        if ((sec->auth_msql_nopasswd) && (!strlen(real_pw))) {
  - /*
            sprintf(msql_errstr,"mSQL: user %s: Empty/'any' password accepted",c->user);
    	log_reason (msql_errstr, r->uri, r);
  -  */
    	return OK;
    	};
    
  --- 809,816 ----
  ***************
  *** 867,875 ****
        char *t, *w;
        msql_errstr[0]='\0';
    
  -     /* If we are not configured, ignore */
  -     if (!sec->auth_msql_pwd_table) return DECLINED;
  - 
        if (!reqs_arr) {
    	if (sec->auth_msql_authorative) {
    	        sprintf(msql_errstr,"user %s denied, no access rules specified (MSQL-Authorative)
",user);
  --- 862,867 ----
  ***************
  *** 937,959 ****
    	    };
            }
    
  !     /* Get serious if we are authorative, previous
  !      * returns are only if msql yielded a correct result. 
  !      * This really is not needed.
         */
  !     if (((group_result == AUTH_REQUIRED) || (user_result == AUTH_REQUIRED)) &&
(sec->auth_msql_authorative) ) {
  !         sprintf(msql_errstr,"mSQL-Authorative: Access denied on %s %s rule(s) ", 
  ! 		(group_result == AUTH_REQUIRED) ? "USER" : "", 
  ! 		(user_result == AUTH_REQUIRED) ? "GROUP" : ""
  ! 		);
    	log_reason (msql_errstr, r->uri, r);
    	return AUTH_REQUIRED;
    	};
    
  -     if ( (user_result == OK) || (group_result == OK))
  - 	return OK;
    
  !     return DECLINED;
    }
    
    
  --- 929,953 ----
    	    };
            }
    
  !     /* we do not have to check the valid-ness of the group result as
  !      * have not (yet) a 'valid-group' token
         */
  !     if ( (user_result != OK) && (sec->auth_msql_authorative) ) {
  !         sprintf(msql_errstr,"User %s denied, no access rules applied (MSQL-Authorative)
",user);
    	log_reason (msql_errstr, r->uri, r);
  +         note_basic_auth_failure(r);
    	return AUTH_REQUIRED;
    	};
    
    
  !     /* if the user is DECLINED, it is up to the group_result to tip
  !      * the balance. But if the group result is AUTH_REQUIRED it should
  !      * always override. A SERVER_ERROR should not get here. 
  !      */
  !     if ( (user_result == DECLINED) || (group_result == AUTH_REQUIRED))
  ! 	return group_result;
  ! 
  !     return user_result;
    }
    
    
  
  
  

Mime
View raw message