httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@imdb.com (Rob Hartill)
Subject Re: Apache 1.1.1 and the satisfy auth. clause
Date Tue, 16 Jul 1996 17:58:34 GMT

Leigh Grundhoefer wrote:
>
>
> rob-
>
> I found a hack posted to comp.infosystems.www. I have enclosed
> it for your review. I would rather not hack this functionality
> into the server.

I'm forwarding this to the developers list. thanks.

> Thanks-
> leigh

-----
This just came up recently with a server I help admin, where we wanted
to allow free access to on-campus hosts, but password-restrict to
off-campus hosts.  I was really surprised to find that <B>Apache</B> didn't 
support that feature, and didn't appear to be on the feature-list for
v1.1.  Although in the end I think we've decided to go with 
the NCSA server instead, since it supports the feature natively, I figured
it shouldn't be that hard to implement in <B>Apache</B>.  I managed to hack
it into the source for 1.0.5.  The diffs aren't too big, so I'm
including them below my .sig (compile with -DENABLE_SATISFY, or else
take out the #ifdef's).  As always, use at your own risk. :)


*** mod_access.c.orig	Sat Feb 17 03:32:08 1996
--- mod_access.c	Tue Jun 25 18:54:06 1996
***************
*** 77,82 ****
--- 77,85 ----
      int order[METHODS];
      array_header *allows;
      array_header *denys;
+ #ifdef ENABLE_SATISFY
+     char *<B>satisfy</B>;
+ #endif /* ENABLE_SATISFY */
  } access_dir_conf;
  
  module access_module;
***************
*** 90,99 ****
--- 93,127 ----
      for (i = 0; i &lt; METHODS; ++i) conf-&gt;order[i] = DENY_THEN_ALLOW;
      conf-&gt;allows = make_array (p, 1, sizeof (allowdeny));
      conf-&gt;denys = make_array (p, 1, sizeof (allowdeny));
+ #ifdef ENABLE_SATISFY
+     conf-&gt;<B>satisfy</B> = NULL;
+ #endif /* ENABLE_SATISFY */
      
      return (void *)conf;
  }
  
+ #ifdef ENABLE_SATISFY
+ int satisfy_any (request_rec *r, int reset)
+ {
+     char *<B>satisfy</B>;
+     access_dir_conf *conf =
+       (access_dir_conf *)get_module_config(r-&gt;per_dir_config, &amp;access_module);
+ 
+     if (!(<B>satisfy</B> = conf-&gt;<B>satisfy</B>))
+ 	return 0;
+ 
+     if (!strcasecmp(<B>satisfy</B>, &quot;any&quot;)) {
+ 	if (reset) strcpy(<B>satisfy</B>, &quot;all&quot;);
+ 	return 1;
+     }
+     else if (!strcasecmp(<B>satisfy</B>, &quot;all&quot;))
+ 	return 0;
+ 
+     log_error(&quot;Invalid <B>satisfy</B> value.&quot;, r-&gt;server);
+     return 0;
+ }
+ #endif /* ENABLE_SATISFY */
+ 
  char *order (cmd_parms *cmd, void *dv, char *arg)
  {
      access_dir_conf *d = (access_dir_conf *)dv;
***************
*** 134,139 ****
--- 162,171 ----
      &quot;'from' followed by hostnames or IP-address wildcards&quot; },
  { &quot;deny&quot;, allow_cmd, NULL, OR_LIMIT, ITERATE2,
      &quot;'from' followed by hostnames or IP-address wildcards&quot; },
+ #ifdef ENABLE_SATISFY
+ { &quot;<B>Satisfy</B>&quot;, set_string_slot, (void*)XtOffsetOf(access_dir_conf,
<B>satisfy</B>), 
+     OR_AUTHCFG, TAKE1, NULL },
+ #endif /* ENABLE_SATISFY */
  {NULL}
  };
  
***************
*** 219,224 ****
--- 251,261 ----
      }
  
      if (ret == FORBIDDEN)
+ #ifdef ENABLE_SATISFY
+       if (satisfy_any(r, 1) &amp;&amp; real_auth_type(r)) 
+ 	ret = OK;
+       else
+ #endif /* ENABLE_SATISFY */
  	log_reason (&quot;Client denied by server configuration&quot;, r-&gt;filename,
r);
  
      return ret;
*** http_core.c.orig	Sat Feb 17 03:35:30 1996
--- http_core.c	Tue Jun 25 18:43:58 1996
***************
*** 186,194 ****
--- 186,209 ----
      core_dir_config *conf = 
        (core_dir_config *)get_module_config(r-&gt;per_dir_config, &amp;core_module);

  
+ #ifdef ENABLE_SATISFY
+     if (satisfy_any(r, 0))
+        return NULL;
+     else
+ #endif /* ENABLE_SATISFY */
      return conf-&gt;auth_type;
  }
  
+ #ifdef ENABLE_SATISFY
+ char *real_auth_type (request_rec *r)
+ {
+     core_dir_config *conf = 
+       (core_dir_config *)get_module_config(r-&gt;per_dir_config, &amp;core_module);

+ 
+     return conf-&gt;auth_type;
+ }
+ #endif /* ENABLE_SATISFY */
+ 
  char *auth_name (request_rec *r)
  {
      core_dir_config *conf = 


<clip>

leigh



Mime
View raw message