httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bnicho...@apache.org
Subject svn commit: r366526 - in /httpd/httpd/branches/authz-dev/modules/aaa: config.m4 mod_authn_core.c
Date Fri, 06 Jan 2006 16:45:08 GMT
Author: bnicholes
Date: Fri Jan  6 08:45:07 2006
New Revision: 366526

URL: http://svn.apache.org/viewcvs?rev=366526&view=rev
Log:
Merge mod_authn_alias into mod_authn_core

Modified:
    httpd/httpd/branches/authz-dev/modules/aaa/config.m4
    httpd/httpd/branches/authz-dev/modules/aaa/mod_authn_core.c

Modified: httpd/httpd/branches/authz-dev/modules/aaa/config.m4
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/modules/aaa/config.m4?rev=366526&r1=366525&r2=366526&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/modules/aaa/config.m4 (original)
+++ httpd/httpd/branches/authz-dev/modules/aaa/config.m4 Fri Jan  6 08:45:07 2006
@@ -18,9 +18,6 @@
 dnl keep the bad guys out.
 APACHE_MODULE(authn_default, authentication backstopper, , , yes)
 
-dnl Provider alias module.
-APACHE_MODULE(authn_alias, auth provider alias, , , no)
-
 dnl General Authentication modules; module which implements the 
 dnl non-authn module specific directives.
 dnl

Modified: httpd/httpd/branches/authz-dev/modules/aaa/mod_authn_core.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/modules/aaa/mod_authn_core.c?rev=366526&r1=366525&r2=366526&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/modules/aaa/mod_authn_core.c (original)
+++ httpd/httpd/branches/authz-dev/modules/aaa/mod_authn_core.c Fri Jan  6 08:45:07 2006
@@ -27,6 +27,7 @@
 #define APR_WANT_BYTEFUNC
 #include "apr_want.h"
 
+#define CORE_PRIVATE
 #include "ap_config.h"
 #include "httpd.h"
 #include "http_core.h"
@@ -34,6 +35,7 @@
 #include "http_log.h"
 #include "http_request.h"
 #include "http_protocol.h"
+#include "ap_provider.h"
 
 #include "mod_auth.h"
 
@@ -55,6 +57,18 @@
     char *ap_auth_name;
 } authn_core_dir_conf;
 
+typedef struct provider_alias_rec {
+    char *provider_name;
+    char *provider_alias;
+    ap_conf_vector_t *sec_auth;
+    const authn_provider *provider;
+} provider_alias_rec;
+
+typedef struct authn_alias_srv_conf {
+    apr_hash_t *alias_rec;
+} authn_alias_srv_conf;
+
+
 module AP_MODULE_DECLARE_DATA authn_core_module;
 
 static void *create_authn_core_dir_config(apr_pool_t *p, char *dummy)
@@ -88,6 +102,153 @@
     return (void*)conf;
 }
 
+static authn_status authn_alias_check_password(request_rec *r, const char *user,
+                                              const char *password)
+{
+    /* Look up the provider alias in the alias list */
+    /* Get the the dir_config and call ap_Merge_per_dir_configs() */
+    /* Call the real provider->check_password() function */
+    /* return the result of the above function call */
+
+    const char *provider_name = apr_table_get(r->notes, AUTHN_PROVIDER_NAME_NOTE);
+    authn_status ret = AUTH_USER_NOT_FOUND;
+    authn_alias_srv_conf *authcfg =
+        (authn_alias_srv_conf *)ap_get_module_config(r->server->module_config,
+                                                     &authn_alias_module);
+
+    if (provider_name) {
+        provider_alias_rec *prvdraliasrec = apr_hash_get(authcfg->alias_rec,
+                                                         provider_name, APR_HASH_KEY_STRING);
+        ap_conf_vector_t *orig_dir_config = r->per_dir_config;
+
+        /* If we found the alias provider in the list, then merge the directory
+           configurations and call the real provider */
+        if (prvdraliasrec) {
+            r->per_dir_config = ap_merge_per_dir_configs(r->pool, orig_dir_config,
+                                                         prvdraliasrec->sec_auth);
+            ret = prvdraliasrec->provider->check_password(r,user,password);
+            r->per_dir_config = orig_dir_config;
+        }
+    }
+
+    return ret;
+}
+
+static authn_status authn_alias_get_realm_hash(request_rec *r, const char *user,
+                                               const char *realm, char **rethash)
+{
+    /* Look up the provider alias in the alias list */
+    /* Get the the dir_config and call ap_Merge_per_dir_configs() */
+    /* Call the real provider->get_realm_hash() function */
+    /* return the result of the above function call */
+
+    const char *provider_name = apr_table_get(r->notes, AUTHN_PROVIDER_NAME_NOTE);
+    authn_status ret = AUTH_USER_NOT_FOUND;
+    authn_alias_srv_conf *authcfg =
+        (authn_alias_srv_conf *)ap_get_module_config(r->server->module_config,
+                                                     &authn_alias_module);
+
+    if (provider_name) {
+        provider_alias_rec *prvdraliasrec = apr_hash_get(authcfg->alias_rec,
+                                                         provider_name, APR_HASH_KEY_STRING);
+        ap_conf_vector_t *orig_dir_config = r->per_dir_config;
+
+        /* If we found the alias provider in the list, then merge the directory
+           configurations and call the real provider */
+        if (prvdraliasrec) {
+            r->per_dir_config = ap_merge_per_dir_configs(r->pool, orig_dir_config,
+                                                         prvdraliasrec->sec_auth);
+            ret = prvdraliasrec->provider->get_realm_hash(r,user,realm,rethash);
+            r->per_dir_config = orig_dir_config;
+        }
+    }
+
+    return ret;
+}
+
+static void *create_authn_alias_svr_config(apr_pool_t *p, server_rec *s)
+{
+
+    authn_alias_srv_conf *authcfg;
+
+    authcfg = (authn_alias_srv_conf *) apr_pcalloc(p, sizeof(authn_alias_srv_conf));
+    authcfg->alias_rec = apr_hash_make(p);
+
+    return (void *) authcfg;
+}
+
+static const authn_provider authn_alias_provider =
+{
+    &authn_alias_check_password,
+    &authn_alias_get_realm_hash,
+};
+
+static const char *authaliassection(cmd_parms *cmd, void *mconfig, const char *arg)
+{
+    int old_overrides = cmd->override;
+    const char *endp = ap_strrchr_c(arg, '>');
+    const char *args;
+    char *provider_alias;
+    char *provider_name;
+    const char *errmsg;
+    ap_conf_vector_t *new_auth_config = ap_create_per_dir_config(cmd->pool);
+    authn_alias_srv_conf *authcfg =
+        (authn_alias_srv_conf *)ap_get_module_config(cmd->server->module_config,
+                                                     &authn_alias_module);
+
+    const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+    if (err != NULL) {
+        return err;
+    }
+
+    if (endp == NULL) {
+        return apr_pstrcat(cmd->pool, cmd->cmd->name,
+                           "> directive missing closing '>'", NULL);
+    }
+
+    args = apr_pstrndup(cmd->pool, arg, endp - arg);
+
+    if (!args[0]) {
+        return apr_pstrcat(cmd->pool, cmd->cmd->name,
+                           "> directive requires additional arguments", NULL);
+    }
+
+    /* Pull the real provider name and the alias name from the block header */
+    provider_name = ap_getword_conf(cmd->pool, &args);
+    provider_alias = ap_getword_conf(cmd->pool, &args);
+
+    if (!provider_name[0] || !provider_alias[0]) {
+        return apr_pstrcat(cmd->pool, cmd->cmd->name,
+                           "> directive requires additional arguments", NULL);
+    }
+
+    /* walk the subsection configuration to get the per_dir config that we will
+       merge just before the real provider is called. */
+    cmd->override = OR_ALL|ACCESS_CONF;
+    errmsg = ap_walk_config(cmd->directive->first_child, cmd, new_auth_config);
+
+    if (!errmsg) {
+        provider_alias_rec *prvdraliasrec = apr_pcalloc(cmd->pool, sizeof(provider_alias_rec));
+        const authn_provider *provider = ap_lookup_provider(AUTHN_PROVIDER_GROUP, provider_name,"0");
+
+        /* Save off the new directory config along with the original provider name
+           and function pointer data */
+        prvdraliasrec->sec_auth = new_auth_config;
+        prvdraliasrec->provider_name = provider_name;
+        prvdraliasrec->provider_alias = provider_alias;
+        prvdraliasrec->provider = provider;
+        apr_hash_set(authcfg->alias_rec, provider_alias, APR_HASH_KEY_STRING, prvdraliasrec);
+
+        /* Register the fake provider so that we get called first */
+        ap_register_provider(cmd->pool, AUTHN_PROVIDER_GROUP, provider_alias, "0",
+                             &authn_alias_provider);
+    }
+
+    cmd->override = old_overrides;
+
+    return errmsg;
+}
+
 /*
  * Load an authorisation realm into our location configuration, applying the
  * usual rules that apply to realms.
@@ -129,6 +290,9 @@
                   "An HTTP authorization type (e.g., \"Basic\")"),
     AP_INIT_TAKE1("AuthName", set_authname, NULL, OR_AUTHCFG,
                   "The authentication realm (e.g. \"Members Only\")"),
+    AP_INIT_RAW_ARGS("<AuthnProviderAlias", authaliassection, NULL, RSRC_CONF,
+                     "Container for authentication directives grouped under "
+                     "a provider alias"),
     {NULL}
 };
 
@@ -141,9 +305,9 @@
 module AP_MODULE_DECLARE_DATA authn_core_module =
 {
     STANDARD20_MODULE_STUFF,
-    create_authn_core_dir_config,        /* dir config creater */
-    merge_authn_core_dir_config,         /* dir merger --- default is to override */
-    NULL,                           /* server config */
+    create_authn_core_dir_config,   /* dir config creater */
+    merge_authn_core_dir_config,    /* dir merger --- default is to override */
+    create_authn_alias_svr_config,  /* server config */
     NULL,                           /* merge server config */
     authn_cmds,
     register_hooks                  /* register hooks */



Mime
View raw message