httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Osmo Paananen <o...@rotta.tmt.tele.fi>
Subject [PATCH] report groups in REMOTE_GROUPS environment variable
Date Thu, 03 Aug 2000 10:09:48 GMT
Hi!

This is my first attempt to write patch for apache. I'm bit unsure about the 
memory allocation. I believe that you'll tell me if there is something wrong 
with this.

This patch makes apache to report all groups to which user belongs to. This 
information is available as environment variable REMOTE_GROUPS to cgi-scripts.

Group information will be gathered from mod_auth.c, mod_auth_dbm.c
and mod_auth_db.c.

this patch is for: src/modules/standard/mod_auth.c

--- mod_auth.c	Sat Feb  5 14:33:15 2000
+++ /home/odie/Devel/apache/patched_cvs_apache/src/modules/standard/mod_auth.c	Wed Aug  2
11:38:11 2000
@@ -236,6 +236,7 @@
     (auth_config_rec *) ap_get_module_config(r->per_dir_config, &auth_module);
     char *user = r->connection->user;
     int m = r->method_number;
+    int i = 0;
     int method_restricted = 0;
     register int x;
     const char *t, *w;
@@ -250,10 +251,12 @@
 	return (OK);
     reqs = (require_line *) reqs_arr->elts;
 
-    if (sec->auth_grpfile)
-	grpstatus = groups_for_user(r->pool, user, sec->auth_grpfile);
-    else
-	grpstatus = NULL;
+    if (sec->auth_grpfile) {
+      grpstatus = groups_for_user(r->pool, user, sec->auth_grpfile);
+
+      r->connection->groups = ap_table_list_keys_to_string(grpstatus);      
+    }  else
+      grpstatus = NULL;
 
     for (x = 0; x < reqs_arr->nelts; x++) {
 
@@ -279,8 +282,13 @@
 
 	    while (t[0]) {
 		w = ap_getword_conf(r->pool, &t);
-		if (ap_table_get(grpstatus, w))
-		    return OK;
+
+		if (ap_table_get(grpstatus, w) != NULL) {
+
+
+		  return OK;
+		}
+
 	    }
 	} else if (sec->auth_authoritative) {
 	    /* if we aren't authoritative, any require directive could be

this one is for: src/modules/standard/mod_auth_db.c

--- mod_auth_db.c	Thu Aug  3 10:54:55 2000
+++ mod_auth_db.c.new	Thu Aug  3 10:53:58 2000
@@ -289,6 +289,10 @@
     if (!reqs_arr)
 	return DECLINED;
 
+    if (sec->auth_dbmgrpfile) {
+      r->connection->groups = get_dbm_grp(r, user, sec->auth_dbmgrpfile);
+    }
+
     for (x = 0; x < reqs_arr->nelts; x++) {
 
 	if (!(reqs[x].method_mask & (1 << m)))

this one is for: src/modules/mod_auth_dbm.c

--- mod_auth_dbm.c	Thu Aug  3 10:57:02 2000
+++ mod_auth_dbm.c.new	Thu Aug  3 10:56:54 2000
@@ -268,6 +268,10 @@
     if (!reqs_arr)
 	return DECLINED;
 
+    if (sec->auth_dbmgrpfile) {
+      r->connection->groups = get_dbm_grp(r, user, sec->auth_dbmgrpfile);
+    }
+
     for (x = 0; x < reqs_arr->nelts; x++) {
 
 	if (!(reqs[x].method_mask & (1 << m)))

this one is for src/include/ap_alloc.h:

--- ap_alloc.h	Thu Aug  3 11:00:02 2000
+++ ap_alloc.h.new	Thu Aug  3 10:59:51 2000
@@ -224,6 +224,7 @@
 API_EXPORT(table *) ap_copy_table(pool *p, const table *);
 API_EXPORT(void) ap_clear_table(table *);
 API_EXPORT(const char *) ap_table_get(const table *, const char *);
+API_EXPORT(const char *) ap_table_list_keys_to_string(const table *t);
 API_EXPORT(void) ap_table_set(table *, const char *name, const char *val);
 API_EXPORT(void) ap_table_setn(table *, const char *name, const char *val);
 API_EXPORT(void) ap_table_merge(table *, const char *name, const char *more_val);

this one is for: src/include/httpd.h
this patch won't get in since \t is converted into space. I include this patch as attachment
so it 

--- httpd.h	Thu Aug  3 10:19:17 2000
+++ httpd.h.new	Thu Aug  3 10:19:13 2000
@@ -872,6 +872,10 @@
 				 * this gets set to the user name.  We assume
 				 * that there's only one user per connection(!)
 				 */
+    char *groups;               /* if authentication check was made,
+                                 * this gets set to the group names
+				 * the user belongs to
+				 */
     char *ap_auth_type;		/* Ditto. */
 
     unsigned aborted:1;		/* Are we still talking? */


this one for: src/main/alloc.c

--- alloc.c     Fri Jul 14 17:17:35 2000
+++ alloc.c.new Thu Aug  3 09:33:11 2000
@@ -1248,6 +1248,32 @@
     return NULL;
 }
 
+API_EXPORT(const char *) ap_table_list_keys_to_string(const table *t)
+{
+   table_entry *elts = (table_entry *) t->a.elts;
+    int i, len = 0;
+    char *ret; 
+
+    if (t == NULL)
+       return NULL;
+
+    for (i = 0; i < t->a.nelts; ++i)
+       len += strlen(elts[i].key) + 1;
+
+    ret = ap_pcalloc(t->a.pool, len + 1);
+    ret[0] = 0;
+
+    for (i = 0; i < t->a.nelts; ++i) {
+      if (ret[0] != 0) {
+       strcat(ret, " ");
+      }
+      strcat(ret, elts[i].key);
+    }
+    
+
+    return ret;
+}
+
 API_EXPORT(void) ap_table_set(table *t, const char *key, const char *val)
 {
     register int i, j, k;


this one for: src/main/util_script.c

--- util_script.c	Thu Aug  3 11:03:31 2000
+++ util_script.c.new	Thu Aug  3 11:03:23 2000
@@ -303,6 +303,9 @@
     if (c->user) {
 	ap_table_addn(e, "REMOTE_USER", c->user);
     }
+    if (c->groups) {
+        ap_table_addn(e, "REMOTE_GROUPS", c->groups);
+    }
     if (c->ap_auth_type) {
 	ap_table_addn(e, "AUTH_TYPE", c->ap_auth_type);
     }

this one for: src/main/http_protocol.c

--- http_protocol.c     Sun Feb 20 03:14:47 2000
+++ http_protocol.c.new Thu Aug  3 09:36:21 2000
@@ -1009,6 +1009,7 @@
     conn->keepalive    = 0;
 
     conn->user         = NULL;
+    conn->groups       = NULL;
     conn->ap_auth_type    = NULL;
 
     r->headers_in      = ap_make_table(r->pool, 50);










Mime
View raw message