httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject svn commit: r609888 - in /httpd/mod_ftp/trunk: CHANGES-FTP STATUS-FTP include/mod_ftp.h modules/ftp/ftp_commands.c modules/ftp/ftp_util.c modules/ftp/mod_ftp.c
Date Tue, 08 Jan 2008 06:37:58 GMT
Author: wrowe
Date: Mon Jan  7 22:37:57 2008
New Revision: 609888

URL: http://svn.apache.org/viewvc?rev=609888&view=rev
Log:
Introduce virtual hosts, using FTPOptions VirtualHostByUser which will
take the virtual host name from the username@hostname if provided.

It will match the first vhost (as with http) when there is no hostname
provided or no host names or aliases match.  

The corresponding option FTPOptions StripHostname presents only 
'user' of 'user@hostname' to the authentication modules, otherwise
the full USER text is passed to the authentication modules.


Modified:
    httpd/mod_ftp/trunk/CHANGES-FTP
    httpd/mod_ftp/trunk/STATUS-FTP
    httpd/mod_ftp/trunk/include/mod_ftp.h
    httpd/mod_ftp/trunk/modules/ftp/ftp_commands.c
    httpd/mod_ftp/trunk/modules/ftp/ftp_util.c
    httpd/mod_ftp/trunk/modules/ftp/mod_ftp.c

Modified: httpd/mod_ftp/trunk/CHANGES-FTP
URL: http://svn.apache.org/viewvc/httpd/mod_ftp/trunk/CHANGES-FTP?rev=609888&r1=609887&r2=609888&view=diff
==============================================================================
--- httpd/mod_ftp/trunk/CHANGES-FTP (original)
+++ httpd/mod_ftp/trunk/CHANGES-FTP Mon Jan  7 22:37:57 2008
@@ -1,5 +1,16 @@
 Changes in 0.9.2:
 
+  *) Introduce virtual hosts, using FTPOptions VirtualHostByUser which will
+     take the virtual host name from the username@hostname if provided.
+     It will match the first vhost (as with http) when there is no hostname
+     provided or no host names or aliases match.  The corresponding option
+     FTPOptions StripHostname will present only 'user' of 'user@hostname'
+     to the authentication modules.  [William Rowe]
+
+  *) Ensure requests are processed with an r->status of HTTP_OK, as a number
+     of facilities will fail when presented with an error status.
+     [William Rowe]
+
   *) Move the ftp_connection from r->request_config, where it never belonged,
      into the c->conn_config where its scope matches the lifetime of the conn.
      [William Rowe]

Modified: httpd/mod_ftp/trunk/STATUS-FTP
URL: http://svn.apache.org/viewvc/httpd/mod_ftp/trunk/STATUS-FTP?rev=609888&r1=609887&r2=609888&view=diff
==============================================================================
--- httpd/mod_ftp/trunk/STATUS-FTP (original)
+++ httpd/mod_ftp/trunk/STATUS-FTP Mon Jan  7 22:37:57 2008
@@ -56,9 +56,6 @@
 
   * Implement AUTH GSSAPI/ADAT commands from RFC2228 Appendix I.
 
-  * Process named virtual hosts based on USER foo@hostname syntax
-    (stripping @hostname prior to user-auth processing).
-
   * Create a parent worker, servicing root port configurations of
     active/passive sockets, as a unix domain socket-based allocator.
     It needs to be expecially strict about comparing the requested

Modified: httpd/mod_ftp/trunk/include/mod_ftp.h
URL: http://svn.apache.org/viewvc/httpd/mod_ftp/trunk/include/mod_ftp.h?rev=609888&r1=609887&r2=609888&view=diff
==============================================================================
--- httpd/mod_ftp/trunk/include/mod_ftp.h (original)
+++ httpd/mod_ftp/trunk/include/mod_ftp.h Mon Jan  7 22:37:57 2008
@@ -174,8 +174,10 @@
 #define FTP_OPT_CREATEHOMEDIRS  (1 << 5) /* Create home dirs on the fly */
 #define FTP_OPT_SHOWUNAUTH      (1 << 6) /* Show unauthorized files in LIST */
 #define FTP_OPT_LISTISNLST      (1 << 7) /* Maps LiST directly to NLST */
-#define FTP_OPT_ALLOWPROXYPORT  (1 << 8) /* Allow PORT connections other than client's
*/
-#define FTP_OPT_ALLOWPROXYPASV  (1 << 9) /* Allow PASV connections other than client's
*/
+#define FTP_OPT_ALLOWPROXYPORT  (1 << 8) /* Data connect to other than client */
+#define FTP_OPT_ALLOWPROXYPASV  (1 << 9) /* Data listens to other than client */
+#define FTP_OPT_VHOST_BY_USER  (1 << 10) /* Parse USER for @hostname vhost */
+#define FTP_OPT_STRIP_HOSTNAME (1 << 11) /* Strip @hostname from username */
 
 /* Supported FTP AUTH mechanisms. */
 #define FTP_AUTH_NONE         0
@@ -288,6 +290,7 @@
     /* User information */
     apr_pool_t *login_pool;   /* Child of c->pool reset on every USER cmd */
     int logged_in;
+    const char *host;
     const char *user;
     const char *authorization;
     int login_attempts;

Modified: httpd/mod_ftp/trunk/modules/ftp/ftp_commands.c
URL: http://svn.apache.org/viewvc/httpd/mod_ftp/trunk/modules/ftp/ftp_commands.c?rev=609888&r1=609887&r2=609888&view=diff
==============================================================================
--- httpd/mod_ftp/trunk/modules/ftp/ftp_commands.c (original)
+++ httpd/mod_ftp/trunk/modules/ftp/ftp_commands.c Mon Jan  7 22:37:57 2008
@@ -2699,6 +2699,10 @@
     conn_rec *c = r->connection;
     ftp_server_config *fsc = 
         ftp_get_module_config(r->server->module_config);
+    apr_time_t prev_timeout;
+    apr_status_t rv;
+    char *username;
+    char *hostname;
 
     /* Implicit logout */
     if (fc->logged_in) {
@@ -2707,12 +2711,55 @@
     fc->logged_in = 0;
     r->server = fc->orig_server = c->base_server;
     r->per_dir_config = r->server->lookup_defaults;
+    r->hostname = fc->host = NULL;
     apr_pool_clear(fc->login_pool);
 
-    fc->user = apr_pstrdup(fc->login_pool, arg);
+    fc->user = username = apr_pstrdup(fc->login_pool, arg);
+
+    /* Identify virtual host (user@{hostname}) for named vhost lookup,
+     * and split from user name if so configured.
+     */
+    if ((hostname = ap_strchr(username, '@')) != NULL)
+    {
+        /* Toggle to the Host:-based vhost's timeout mode to process
+         * this login request
+         */
+        if (fsc->options & FTP_OPT_VHOST_BY_USER)
+        {
+            r->hostname = hostname + 1;
+
+            ap_update_vhost_from_headers(r);
+
+            fc->host = r->hostname;
+            fc->orig_server = r->server;
+        }
+    }
+
+    /* we may have switched to another server */
+    fsc = ftp_get_module_config(r->server->module_config);
+    r->per_dir_config = r->server->lookup_defaults;
+
+    /* Now that we switched virtual hosts, it's time to determine if the
+     * username fc->user's "@{hostname}" should be discarded
+     */  
+    if ((hostname != NULL) && (fsc->options & FTP_OPT_STRIP_HOSTNAME))
+         *hostname = '\0';
+
+    /* We have nominally 'logged out', and also potentially changed
+     * virtual host contexts; reset to the proper timeout_login
+     */
+    rv = apr_socket_timeout_get(fc->cntlsock, &prev_timeout);
+    if (rv != APR_SUCCESS || prev_timeout != fsc->timeout_login) {
+        rv = apr_socket_timeout_set(fc->cntlsock, 
+                                    fsc->timeout_login * APR_USEC_PER_SEC);
+        if (rv != APR_SUCCESS)
+            ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, r->server,
+                         "Couldn't set SO_TIMEOUT socket option");
+    }
 
     if ((fsc->options & FTP_OPT_REQUIRESSL) && !fc->is_secure)
     {
+        r->hostname = fc->host = NULL;
         fc->user = ftp_unknown_username;
         r->server = fc->orig_server = c->base_server;
         r->per_dir_config = r->server->lookup_defaults;
@@ -2722,8 +2769,12 @@
         return FTP_REPLY_NOT_LOGGED_IN;
     }
 
+    /* TODO: these should really be configurable */
     if ((strcmp(fc->user, "anonymous") == 0) || 
-        strcmp(fc->user, "guest") == 0) {
+        (strncmp(fc->user, "anonymous@", 10) == 0) || 
+        (strcmp(fc->user, "guest") == 0) ||
+        (strncmp(fc->user, "guest@", 6) == 0))
+    {
         fc->response_notes = apr_pstrdup(r->pool,
                                          "Guest login ok, type your email "
                                          "address as the password");

Modified: httpd/mod_ftp/trunk/modules/ftp/ftp_util.c
URL: http://svn.apache.org/viewvc/httpd/mod_ftp/trunk/modules/ftp/ftp_util.c?rev=609888&r1=609887&r2=609888&view=diff
==============================================================================
--- httpd/mod_ftp/trunk/modules/ftp/ftp_util.c (original)
+++ httpd/mod_ftp/trunk/modules/ftp/ftp_util.c Mon Jan  7 22:37:57 2008
@@ -417,8 +417,10 @@
 void ftp_set_authorization(request_rec *r)
 {
     ftp_connection *fc = ftp_get_module_config(r->connection->conn_config);
+    r->hostname = apr_pstrdup(r->pool, fc->host);
     r->user = apr_pstrdup(r->pool, fc->user);
-    apr_table_setn(r->headers_in, "Authorization", fc->authorization);
+    apr_table_setn(r->headers_in, "Host", r->hostname);
+    apr_table_setn(r->headers_in, "Authorization", r->user);
 }
 
 /* ftp_set_uri: Setup r->uri based on a file argument and user's 

Modified: httpd/mod_ftp/trunk/modules/ftp/mod_ftp.c
URL: http://svn.apache.org/viewvc/httpd/mod_ftp/trunk/modules/ftp/mod_ftp.c?rev=609888&r1=609887&r2=609888&view=diff
==============================================================================
--- httpd/mod_ftp/trunk/modules/ftp/mod_ftp.c (original)
+++ httpd/mod_ftp/trunk/modules/ftp/mod_ftp.c Mon Jan  7 22:37:57 2008
@@ -536,6 +536,12 @@
         else if (!strcasecmp(op, "AllowProxyPASV")) {
             opt_mask = FTP_OPT_ALLOWPROXYPASV;
         }
+        else if (!strcasecmp(op, "VirtualHostByUser")) {
+            opt_mask = FTP_OPT_VHOST_BY_USER;
+        }
+        else if (!strcasecmp(op, "StripHostname")) {
+            opt_mask = FTP_OPT_STRIP_HOSTNAME;
+        }
         else {
             return apr_pstrcat(cmd->pool, "Illegal FTPOption ", op, NULL);
         }



Mime
View raw message