httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cove...@apache.org
Subject svn commit: r672639 - in /httpd/httpd/trunk: CHANGES include/ap_mmn.h include/mod_auth.h modules/aaa/mod_auth_digest.c modules/aaa/mod_authn_core.c modules/aaa/mod_authn_dbm.c modules/aaa/mod_authn_file.c modules/aaa/mod_authnz_ldap.c
Date Sun, 29 Jun 2008 16:42:44 GMT
Author: covener
Date: Sun Jun 29 09:42:43 2008
New Revision: 672639

URL: http://svn.apache.org/viewvc?rev=672639&view=rev
Log:
mod_auth_digest: Detect during startup when AuthDigestProvider
is configured to use an incompatible provider via AuthnProviderAlias.
PR 45196 


Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/include/ap_mmn.h
    httpd/httpd/trunk/include/mod_auth.h
    httpd/httpd/trunk/modules/aaa/mod_auth_digest.c
    httpd/httpd/trunk/modules/aaa/mod_authn_core.c
    httpd/httpd/trunk/modules/aaa/mod_authn_dbm.c
    httpd/httpd/trunk/modules/aaa/mod_authn_file.c
    httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=672639&r1=672638&r2=672639&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Sun Jun 29 09:42:43 2008
@@ -2,6 +2,10 @@
 Changes with Apache 2.3.0
 [ When backported to 2.2.x, remove entry from this file ]
 
+  *) mod_auth_digest: Detect during startup when AuthDigestProvider
+     is configured to use an incompatible provider via AuthnProviderAlias.
+     PR 45196 [Eric Covener] 
+
   *) mod_rewrite: Preserve the query string with [proxy,noescape]. PR 45247
      [Tom Donovan]
 

Modified: httpd/httpd/trunk/include/ap_mmn.h
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/include/ap_mmn.h?rev=672639&r1=672638&r2=672639&view=diff
==============================================================================
--- httpd/httpd/trunk/include/ap_mmn.h (original)
+++ httpd/httpd/trunk/include/ap_mmn.h Sun Jun 29 09:42:43 2008
@@ -161,6 +161,7 @@
  * 20080528.0 (2.3.0-dev)  Switch order of ftp_directory_charset and
  *                         interpolate_env in proxy_dir_conf.
  *                         Rationale: see r661069.
+ * 20080528.1 (2.3.0-dev)  add get_realm_hash() to mod_auth.h
  */
 
 #define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */
@@ -168,7 +169,7 @@
 #ifndef MODULE_MAGIC_NUMBER_MAJOR
 #define MODULE_MAGIC_NUMBER_MAJOR 20080528
 #endif
-#define MODULE_MAGIC_NUMBER_MINOR 0                     /* 0...n */
+#define MODULE_MAGIC_NUMBER_MINOR 1                     /* 0...n */
 
 /**
  * Determine if the server's current MODULE_MAGIC_NUMBER is at least a

Modified: httpd/httpd/trunk/include/mod_auth.h
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/include/mod_auth.h?rev=672639&r1=672638&r2=672639&view=diff
==============================================================================
--- httpd/httpd/trunk/include/mod_auth.h (original)
+++ httpd/httpd/trunk/include/mod_auth.h Sun Jun 29 09:42:43 2008
@@ -93,6 +93,10 @@
      */
     authn_status (*get_realm_hash)(request_rec *r, const char *user,
                                    const char *realm, char **rethash);
+
+    /* OK if provider can satisfy get_realm_hash(), APR_ENOTIMPL otherwise. */
+    apr_status_t (*has_realm_hash)(cmd_parms *cmd, const char *provider_name);
+
 } authn_provider;
 
 /* A linked-list of authn providers. */

Modified: httpd/httpd/trunk/modules/aaa/mod_auth_digest.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_auth_digest.c?rev=672639&r1=672638&r2=672639&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_auth_digest.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_auth_digest.c Sun Jun 29 09:42:43 2008
@@ -463,7 +463,9 @@
                             newp->provider_name);
     }
 
-    if (!newp->provider->get_realm_hash) {
+    if (!newp->provider->get_realm_hash ||
+       (newp->provider->has_realm_hash && 
+        newp->provider->has_realm_hash(cmd, newp->provider_name) == APR_ENOTIMPL))
{ 
         /* if it doesn't provide the appropriate function, reject it */
         return apr_psprintf(cmd->pool,
                             "The '%s' Authn provider doesn't support "

Modified: httpd/httpd/trunk/modules/aaa/mod_authn_core.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_authn_core.c?rev=672639&r1=672638&r2=672639&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_authn_core.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_authn_core.c Sun Jun 29 09:42:43 2008
@@ -132,6 +132,27 @@
     return ret;
 }
 
+static apr_status_t authn_alias_has_realm_hash(cmd_parms *cmd, const char *provider_name)

+{
+    /* No merge, just a query to be passed on to the provider */
+    authn_alias_srv_conf *authcfg =
+        (authn_alias_srv_conf *)ap_get_module_config(cmd->server->module_config,
+                                                     &authn_core_module);
+    apr_status_t ret = APR_ENOTIMPL;
+
+    provider_alias_rec *prvdraliasrec = apr_hash_get(authcfg->alias_rec,
+                                                     provider_name, 
+                                                     APR_HASH_KEY_STRING);
+    if (prvdraliasrec->provider->has_realm_hash) { 
+        ret = prvdraliasrec->provider->has_realm_hash(cmd, provider_name);
+    }
+    else if (prvdraliasrec->provider->get_realm_hash) { 
+        /* provider didn't register has_realm_hash, but does have get_realm_hash */
+        ret = OK;
+    }
+
+    return ret;
+}
 static authn_status authn_alias_get_realm_hash(request_rec *r, const char *user,
                                                const char *realm, char **rethash)
 {
@@ -179,6 +200,7 @@
 {
     &authn_alias_check_password,
     &authn_alias_get_realm_hash,
+    &authn_alias_has_realm_hash,
 };
 
 static const char *authaliassection(cmd_parms *cmd, void *mconfig, const char *arg)

Modified: httpd/httpd/trunk/modules/aaa/mod_authn_dbm.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_authn_dbm.c?rev=672639&r1=672638&r2=672639&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_authn_dbm.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_authn_dbm.c Sun Jun 29 09:42:43 2008
@@ -147,6 +147,11 @@
     return AUTH_GRANTED;
 }
 
+static apr_status_t has_dbm_realm_hash(cmd_parms *cmd, const char *provider_name)
+{
+    return OK;
+}
+
 static authn_status get_dbm_realm_hash(request_rec *r, const char *user,
                                        const char *realm, char **rethash)
 {
@@ -184,7 +189,8 @@
 static const authn_provider authn_dbm_provider =
 {
     &check_dbm_pw,
-    &get_dbm_realm_hash
+    &get_dbm_realm_hash,
+    &has_dbm_realm_hash
 };
 
 static void register_hooks(apr_pool_t *p)

Modified: httpd/httpd/trunk/modules/aaa/mod_authn_file.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_authn_file.c?rev=672639&r1=672638&r2=672639&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_authn_file.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_authn_file.c Sun Jun 29 09:42:43 2008
@@ -108,6 +108,11 @@
     return AUTH_GRANTED;
 }
 
+static apr_status_t has_realm_hash(cmd_parms *cmd, const char *provider_name)
+{
+    return OK;
+}
+
 static authn_status get_realm_hash(request_rec *r, const char *user,
                                    const char *realm, char **rethash)
 {
@@ -159,6 +164,7 @@
 {
     &check_password,
     &get_realm_hash,
+    &has_realm_hash,
 };
 
 static void register_hooks(apr_pool_t *p)

Modified: httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c?rev=672639&r1=672638&r2=672639&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c Sun Jun 29 09:42:43 2008
@@ -1538,9 +1538,23 @@
     return OK;
 }
 
+static authn_status authn_ldap_get_realm_hash(request_rec *r, const char *user,
+                                              const char *realm, char **rethash)
+{
+    return AUTH_GENERAL_ERROR;
+
+}
+
+static apr_status_t authn_ldap_has_realm_hash(cmd_parms *cmd, const char *provider_name)
+{
+    return APR_ENOTIMPL;
+}
+
 static const authn_provider authn_ldap_provider =
 {
     &authn_ldap_check_password,
+    authn_ldap_get_realm_hash,
+    &authn_ldap_has_realm_hash
 };
 
 static const authz_provider authz_ldapuser_provider =



Mime
View raw message