httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Hartill <hart...@hyperreal.com>
Subject new mod_auth_msql.c (fwd)
Date Mon, 04 Dec 1995 19:47:13 GMT
Forwarded message:
> From khera@kci.kciLink.com  Mon Dec  4 11:01:36 1995
> Message-Id: <199512041901.OAA09415@kci.kciLink.com>
> To: Apache Bugs <apache-bugs@mail.apache.org>
> Subject: new mod_auth_msql.c
> Date: Mon, 04 Dec 1995 14:01:26 -0500
> From: Vivek Khera <khera@kci.kciLink.com>
> 
> Here's my latest mod_auth_msql.c file.  It allows for additional
> configuration parameters.  Please update the version in the contrib
> directory to this one.  I have been using it for about two months now quite
> heavily, and consider it to be robust.
> 
> 								v.
> 
> 
> 
> #!/bin/sh
> # This is a shell archive (produced by GNU sharutils 4.1).
> # To extract the files from this archive, save it to some FILE, remove
> # everything before the `!/bin/sh' line above, then type `sh FILE'.
> #
> # Made on 1995-12-04 13:59 EST by <khera@kci.kciLink.com>.
> # Source directory was `/home/src/kciLink/apache_1.0.0/src'.
> #
> # Existing files will *not* be overwritten unless `-c' is specified.
> #
> # This shar contains:
> # length mode       name
> # ------ ---------- ------------------------------------------
> #   9269 -r--r--r-- mod_auth_msql.c
> #
> touch -am 1231235999 $$.touch >/dev/null 2>&1
> if test ! -f 1231235999 && test -f $$.touch; then
>   shar_touch=touch
> else
>   shar_touch=:
>   echo
>   echo 'WARNING: not restoring timestamps.  Consider getting and'
>   echo "installing GNU \`touch', distributed in GNU File Utilities..."
>   echo
> fi
> rm -f 1231235999 $$.touch
> #
> # ============= mod_auth_msql.c ==============
> if test -f 'mod_auth_msql.c' && test X"$1" != X"-c"; then
>   echo 'x - skipping mod_auth_msql.c (file already exists)'
> else
>   echo 'x - extracting mod_auth_msql.c (text)'
>   sed 's/^X//' << 'SHAR_EOF' > 'mod_auth_msql.c' &&
> X
> /*-
> X * Copyright (c) 1995 The Apache Group. All rights reserved.
> X * 
> X *
> X * Apache httpd license
> X * ====================
> X * 
> X *
> X * This is the license for the Apache Server. It covers all the
> X * files which come in this distribution, and should never be removed.
> X * 
> X * The "Apache Group" has based this server, called "Apache", on
> X * public domain code distributed under the name "NCSA httpd 1.3".
> X * 
> X * NCSA httpd 1.3 was placed in the public domain by the National Center 
> X * for Supercomputing Applications at the University of Illinois 
> X * at Urbana-Champaign.
> X * 
> X * As requested by NCSA we acknowledge,
> X * 
> X *  "Portions developed at the National Center for Supercomputing
> X *   Applications at the University of Illinois at Urbana-Champaign."
> X *
> X * Copyright on the sections of code added by the "Apache Group" belong
> X * to the "Apache Group" and/or the original authors. The "Apache Group" and
> X * authors hereby grant permission for their code, along with the
> X * public domain NCSA code, to be distributed under the "Apache" name.
> X * 
> X * Reuse of "Apache Group" code outside of the Apache distribution should
> X * be acknowledged with the following quoted text, to be included with any new
> X * work;
> X * 
> X * "Portions developed by the "Apache Group", taken with permission 
> X *  from the Apache Server   http://www.apache.org/apache/   "
> X *
> X *
> X * Permission is hereby granted to anyone to redistribute Apache under
> X * the "Apache" name. We do not grant permission for the resale of Apache, but
> X * we do grant permission for vendors to bundle Apache free with other software,
> X * or to charge a reasonable price for redistribution, provided it is made
> X * clear that Apache is free. Permission is also granted for vendors to 
> X * sell support for for Apache. We explicitly forbid the redistribution of 
> X * Apache under any other name.
> X * 
> X * THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS ``AS IS'' AND
> X * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
> X * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
> X * ARE DISCLAIMED.  IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE
> X * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
> X * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
> X * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
> X * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
> X * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
> X * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
> X * SUCH DAMAGE.
> X * 
> X */
> X
> X
> X
> /*
> X * http_auth_msql: authentication
> X * 
> X * Rob McCool & Brian Behlendorf.
> X * 
> X * Adapted to Shambhala by rst.
> X */
> X
> /*
> X * converted to use mSQL by Vivek Khera <khera@kciLink.com>
> X * only has user/passwords in mSQL database.  A suitable table would be:
> X *
> X * CREATE TABLE user_info (
> X *   user CHAR(30) PRIMARY KEY,
> X *   password CHAR(20) NOT NULL,
> X *     [ any other fields if needed ]
> X * )
> X *
> X * User must be a unique, non-empty field.  Length is however long you
> X * want it to be.  Password length of 20 follows new-style crypt() usage;
> X * the older crypt uses shorter encrypted passwords.  Any other fields in
> X * the named table will be ignored.  The actual field names are configurable
> X * using the parameters listed below.  The defaults are "user" and "password"
> X * respectively, for the user ID and the password.  If you like to store
> X * passwords in clear text, set AuthMSQLCryptedPasswords to Off.  I think this
> X * is a bad idea, but people have requested it.
> X *
> X * Usage in per-directory access conf file:
> X *
> X *  AuthName mSQL Testing
> X *  AuthType Basic
> X *  AuthGroupFile /dev/null
> X *  AuthMSQLHost localhost
> X *  AuthMSQLDB www_data
> X *  AuthMSQLUserTable user_info
> X *
> X *  <Limit GET POST>
> X *  require valid-user
> X *  </Limit>
> X *
> X * The following parameters are optional in the config file.  The defaults
> X * values are shown here.
> X *
> X *  AuthMSQLNameField user
> X *  AuthMSQLPasswordField password
> X *  AuthMSQLCryptedPasswords On
> X * 
> X * the Host of "localhost" means use the mSQL socket instead of a TCP
> X * connection to the database.  DB is the database name on the server,
> X * and UserTable is the actual table name within that database.
> X *
> X * Groups are not implemented in mSQL.  Use the original flat file or
> X * the Apache DBM version.
> X *
> X * $Id: mod_auth_msql.c,v 1.7 1995/12/02 18:47:30 khera Exp $
> X */
> X
> #include "httpd.h"
> #include "http_config.h"
> #include "http_core.h"
> #include "http_log.h"
> #include "http_protocol.h"
> #include <msql.h>
> X
> /*
> X * msqlhost is host name. localhost means use Unix Domain socket for mSQL.
> X * msqlDB is the database name on that host.
> X * msqlpwtable is the table name for passwords.  uses fields "user","password".
> X * The "user" field must be "not null" and unique.  "password" is encrypted.
> X * the user field must not have a ' (single quote) character in it.
> X */
> typedef struct  {
> X    char *msqlhost;
> X    char *msqlDB;
> X    char *msqlpwtable;
> X    char *msqlNameField;
> X    char *msqlPasswordField;
> X    int  msqlCrypted;
> } msql_auth_config_rec;
> X
> static
> void *create_msql_auth_dir_config (pool *p, char *d)
> {
> X  msql_auth_config_rec *m = pcalloc (p, sizeof(msql_auth_config_rec));
> X  if (!m) return NULL;		/* failure to get memory is a bad thing */
> X
> X  /* need these defaults for compatibility with prior versions */
> X  m->msqlNameField = "user";
> X  m->msqlPasswordField = "password";
> X  m->msqlCrypted = 1;
> X  return (void *)m;
> }
> X
> static
> char *set_crypted_password (cmd_parms *cmd, void *mrec, int arg) {
> X  ((msql_auth_config_rec *)mrec)->msqlCrypted = arg;
> X  return NULL;
> }
> X
> static
> command_rec msql_auth_cmds[] = {
> { "AuthMSQLHost", set_string_slot,
> X    (void*)XtOffsetOf(msql_auth_config_rec, msqlhost),
> X    OR_AUTHCFG, TAKE1, "mSQL server hostname" },
> { "AuthMSQLDB", set_string_slot,
> X    (void*)XtOffsetOf(msql_auth_config_rec, msqlDB),
> X    OR_AUTHCFG, TAKE1, "mSQL database name" },
> { "AuthMSQLUserTable", set_string_slot,
> X    (void*)XtOffsetOf(msql_auth_config_rec, msqlpwtable),
> X    OR_AUTHCFG, TAKE1, "mSQL table name" },
> { "AuthMSQLNameField", set_string_slot,
> X    (void*)XtOffsetOf(msql_auth_config_rec, msqlNameField),
> X    OR_AUTHCFG, TAKE1, "mSQL User ID field name within table" },
> { "AuthMSQLPasswordField", set_string_slot,
> X    (void*)XtOffsetOf(msql_auth_config_rec, msqlPasswordField),
> X    OR_AUTHCFG, TAKE1, "mSQL Password field name within table" },
> { "AuthMSQLCryptedPasswords", set_crypted_password,
> X    NULL, OR_AUTHCFG, FLAG, "mSQL passwords are stored encrypted if On" },
> { NULL }
> };
> X
> module msql_auth_module;
> X
> /*
> X * get password from database
> X */
> static
> char *get_msql_pw(request_rec *r, char *user, msql_auth_config_rec *m) {
> X    int msqlSock;
> X    m_result *result;
> X    m_row data;
> X    char *pw = NULL;
> X    char *host;
> X    char query[MAX_STRING_LEN];
> X
> X    if (!m->msqlhost || strcmp(m->msqlhost,"localhost") == 0) {
> X      host = NULL;
> X    } else {
> X      host = m->msqlhost;
> X    }
> X    
> X    if((msqlSock=msqlConnect(host)) < 0) {
> X        log_reason (msqlErrMsg, r->uri, r);
> X	return NULL;
> X    }
> X
> X    if (msqlSelectDB(msqlSock,m->msqlDB) < 0) {
> X        log_reason (msqlErrMsg, r->uri, r);
> X	return NULL;
> X    }
> X
> X    sprintf(query,"SELECT %s FROM %s WHERE %s = '%s'",
> X	    m->msqlPasswordField, m->msqlpwtable,
> X	    m->msqlNameField, user);
> X    if (msqlQuery(msqlSock, query) < 0) {
> X        log_reason (msqlErrMsg, r->uri, r);
> X	return NULL;
> X    }
> X
> X    result = msqlStoreResult();
> X    if (msqlNumRows(result) == 1) {
> X        data = msqlFetchRow(result);
> X	if (data[0]) {
> X	  pw = palloc (r->pool, strlen(data[0]) + 1);
> X	  strcpy(pw,data[0]);
> X	} else {		/* no password in mSQL table -- returns NULL */
> X	  log_reason ("mSQL user has no valid password", r->uri, r);
> X	  return NULL;
> X	}
> X    }
> X
> X    msqlFreeResult(result);
> X    msqlClose(msqlSock);
> X
> X    return pw; 
> }
> X
> static
> int msql_authenticate_basic_user (request_rec *r)
> {
> X    msql_auth_config_rec *sec =
> X      (msql_auth_config_rec *)get_module_config (r->per_dir_config,
> X						&msql_auth_module);
> X    conn_rec *c = r->connection;
> X    char *sent_pw, *real_pw;
> X    char errstr[MAX_STRING_LEN];
> X    int res;
> X    
> X    if ((res = get_basic_auth_pw (r, &sent_pw)))
> X        return res;
> X    
> X    if(!sec->msqlpwtable)
> X        return DECLINED;
> X	
> X    if(!(real_pw = get_msql_pw(r, c->user, sec))) {
> X        sprintf(errstr,"mSQL user `%s' not found", c->user);
> X	log_reason (errstr, r->uri, r);
> X	note_basic_auth_failure (r);
> X	return AUTH_REQUIRED;
> X    }    
> X
> X    if(strcmp(real_pw, sec->msqlCrypted ? crypt(sent_pw,real_pw) : sent_pw)) {
> X      sprintf(errstr,"user %s: password mismatch",c->user);
> X      log_reason (errstr, r->uri, r);
> X      note_basic_auth_failure (r);
> X      return AUTH_REQUIRED;
> X    }
> X    return OK;
> }
> X    
> X
> module msql_auth_module = {
> X   STANDARD_MODULE_STUFF,
> X   NULL,			/* initializer */
> X   create_msql_auth_dir_config,	/* dir config creater */
> X   NULL,			/* dir merger --- default is to override */
> X   NULL,			/* server config */
> X   NULL,			/* merge server config */
> X   msql_auth_cmds,		/* command table */
> X   NULL,			/* handlers */
> X   NULL,			/* filename translation */
> X   msql_authenticate_basic_user,	/* check_user_id */
> X   NULL,			/* check auth */
> X   NULL,			/* check access */
> X   NULL,			/* type_checker */
> X   NULL,			/* fixups */
> X   NULL				/* logger */
> };
> SHAR_EOF
>   $shar_touch -am 1202134795 'mod_auth_msql.c' &&
>   chmod 0444 'mod_auth_msql.c' ||
>   echo 'restore of mod_auth_msql.c failed'
>   shar_count="`wc -c < 'mod_auth_msql.c'`"
>   test 9269 -eq "$shar_count" ||
>     echo "mod_auth_msql.c: original size 9269, current size $shar_count"
> fi
> exit 0
> 


Mime
View raw message