httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Constable <ma...@renta.net>
Subject Patch for mod_authn_dbd plaintext auth
Date Sat, 09 Jun 2007 05:42:06 GMT
I need this, not sure if it's of value to anyone else?

--- httpd-2.2.4/modules/aaa/mod_authn_dbd.c.orig    2006-07-12 03:38:44.000000000 +0000
+++ httpd-2.2.4/modules/aaa/mod_authn_dbd.c 2007-06-09 05:35:33.000000000 +0000
@@ -29,6 +29,7 @@
 typedef struct {
     const char *user;
     const char *realm;
+    int plaintext;
 } authn_dbd_conf;
 typedef struct {
     const char *label;
@@ -51,6 +52,7 @@
     authn_dbd_conf *ret = apr_palloc(pool, sizeof(authn_dbd_conf));
     ret->user = (add->user == NULL) ? base->user : add->user;
     ret->realm = (add->realm == NULL) ? base->realm : add->realm;
+    ret->plaintext = (add->plaintext == NULL) ? base->plaintext : add->plaintext;
     return ret;
 }
 static const char *authn_dbd_prepare(cmd_parms *cmd, void *cfg, const char *query)
@@ -80,6 +82,9 @@
     AP_INIT_TAKE1("AuthDBDUserRealmQuery", authn_dbd_prepare,
                   (void *)APR_OFFSETOF(authn_dbd_conf, realm), ACCESS_CONF,
                   "Query used to fetch password for user+realm"),
+    AP_INIT_FLAG("AuthDBDPlaintext", ap_set_flag_slot,
+                  (void *)APR_OFFSETOF(authn_dbd_conf, plaintext), ACCESS_CONF,
+                  "Query used to fetch plaintext passwords"),
     {NULL}
 };
 static authn_status authn_dbd_password(request_rec *r, const char *user,
@@ -134,7 +139,11 @@
         return AUTH_USER_NOT_FOUND;
     }

-    rv = apr_password_validate(password, dbd_password);
+    if (conf->plaintext) {
+        rv = (strcmp(password, dbd_password) == 0) ? APR_SUCCESS : APR_EMISMATCH;
+    } else {
+        rv = apr_password_validate(password, dbd_password);
+    }

     if (rv != APR_SUCCESS) {
         return AUTH_DENIED;


--markc

Mime
View raw message