|
Packit |
90a5c9 |
/* Licensed to the Apache Software Foundation (ASF) under one or more
|
|
Packit |
90a5c9 |
* contributor license agreements. See the NOTICE file distributed with
|
|
Packit |
90a5c9 |
* this work for additional information regarding copyright ownership.
|
|
Packit |
90a5c9 |
* The ASF licenses this file to You under the Apache License, Version 2.0
|
|
Packit |
90a5c9 |
* (the "License"); you may not use this file except in compliance with
|
|
Packit |
90a5c9 |
* the License. You may obtain a copy of the License at
|
|
Packit |
90a5c9 |
*
|
|
Packit |
90a5c9 |
* http://www.apache.org/licenses/LICENSE-2.0
|
|
Packit |
90a5c9 |
*
|
|
Packit |
90a5c9 |
* Unless required by applicable law or agreed to in writing, software
|
|
Packit |
90a5c9 |
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
Packit |
90a5c9 |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
Packit |
90a5c9 |
* See the License for the specific language governing permissions and
|
|
Packit |
90a5c9 |
* limitations under the License.
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/*
|
|
Packit |
90a5c9 |
* Security options etc.
|
|
Packit |
90a5c9 |
*
|
|
Packit |
90a5c9 |
* Module derived from code originally written by Rob McCool
|
|
Packit |
90a5c9 |
*
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#include "apr_strings.h"
|
|
Packit |
90a5c9 |
#include "apr_network_io.h"
|
|
Packit |
90a5c9 |
#define APR_WANT_STRFUNC
|
|
Packit |
90a5c9 |
#define APR_WANT_BYTEFUNC
|
|
Packit |
90a5c9 |
#include "apr_want.h"
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#include "ap_config.h"
|
|
Packit |
90a5c9 |
#include "httpd.h"
|
|
Packit |
90a5c9 |
#include "http_config.h"
|
|
Packit |
90a5c9 |
#include "http_core.h"
|
|
Packit |
90a5c9 |
#include "http_log.h"
|
|
Packit |
90a5c9 |
#include "http_request.h"
|
|
Packit |
90a5c9 |
#include "http_protocol.h"
|
|
Packit |
90a5c9 |
#include "ap_provider.h"
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#include "mod_auth.h"
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#if APR_HAVE_NETINET_IN_H
|
|
Packit |
90a5c9 |
#include <netinet/in.h>
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* TODO List
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
- Track down all of the references to r->ap_auth_type
|
|
Packit |
90a5c9 |
and change them to ap_auth_type()
|
|
Packit |
90a5c9 |
- Remove ap_auth_type and ap_auth_name from the
|
|
Packit |
90a5c9 |
request_rec
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
typedef struct {
|
|
Packit |
90a5c9 |
const char *ap_auth_type;
|
|
Packit |
90a5c9 |
int auth_type_set;
|
|
Packit |
90a5c9 |
const char *ap_auth_name;
|
|
Packit |
90a5c9 |
} authn_core_dir_conf;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
typedef struct provider_alias_rec {
|
|
Packit |
90a5c9 |
char *provider_name;
|
|
Packit |
90a5c9 |
char *provider_alias;
|
|
Packit |
90a5c9 |
ap_conf_vector_t *sec_auth;
|
|
Packit |
90a5c9 |
const authn_provider *provider;
|
|
Packit |
90a5c9 |
} provider_alias_rec;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
typedef struct authn_alias_srv_conf {
|
|
Packit |
90a5c9 |
apr_hash_t *alias_rec;
|
|
Packit |
90a5c9 |
} authn_alias_srv_conf;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
module AP_MODULE_DECLARE_DATA authn_core_module;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static void *create_authn_core_dir_config(apr_pool_t *p, char *dummy)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
authn_core_dir_conf *conf =
|
|
Packit |
90a5c9 |
(authn_core_dir_conf *)apr_pcalloc(p, sizeof(authn_core_dir_conf));
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return (void *)conf;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static void *merge_authn_core_dir_config(apr_pool_t *a, void *basev, void *newv)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
authn_core_dir_conf *base = (authn_core_dir_conf *)basev;
|
|
Packit |
90a5c9 |
authn_core_dir_conf *new = (authn_core_dir_conf *)newv;
|
|
Packit |
90a5c9 |
authn_core_dir_conf *conf =
|
|
Packit |
90a5c9 |
(authn_core_dir_conf *)apr_pcalloc(a, sizeof(authn_core_dir_conf));
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (new->auth_type_set) {
|
|
Packit |
90a5c9 |
conf->ap_auth_type = new->ap_auth_type;
|
|
Packit |
90a5c9 |
conf->auth_type_set = 1;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
else {
|
|
Packit |
90a5c9 |
conf->ap_auth_type = base->ap_auth_type;
|
|
Packit |
90a5c9 |
conf->auth_type_set = base->auth_type_set;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (new->ap_auth_name) {
|
|
Packit |
90a5c9 |
conf->ap_auth_name = new->ap_auth_name;
|
|
Packit |
90a5c9 |
} else {
|
|
Packit |
90a5c9 |
conf->ap_auth_name = base->ap_auth_name;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return (void*)conf;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static authn_status authn_alias_check_password(request_rec *r, const char *user,
|
|
Packit |
90a5c9 |
const char *password)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
/* Look up the provider alias in the alias list */
|
|
Packit |
90a5c9 |
/* Get the dir_config and call ap_Merge_per_dir_configs() */
|
|
Packit |
90a5c9 |
/* Call the real provider->check_password() function */
|
|
Packit |
90a5c9 |
/* return the result of the above function call */
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
const char *provider_name = apr_table_get(r->notes, AUTHN_PROVIDER_NAME_NOTE);
|
|
Packit |
90a5c9 |
authn_status ret = AUTH_USER_NOT_FOUND;
|
|
Packit |
90a5c9 |
authn_alias_srv_conf *authcfg =
|
|
Packit |
90a5c9 |
(authn_alias_srv_conf *)ap_get_module_config(r->server->module_config,
|
|
Packit |
90a5c9 |
&authn_core_module);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (provider_name) {
|
|
Packit |
90a5c9 |
provider_alias_rec *prvdraliasrec = apr_hash_get(authcfg->alias_rec,
|
|
Packit |
90a5c9 |
provider_name, APR_HASH_KEY_STRING);
|
|
Packit |
90a5c9 |
ap_conf_vector_t *orig_dir_config = r->per_dir_config;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* If we found the alias provider in the list, then merge the directory
|
|
Packit |
90a5c9 |
configurations and call the real provider */
|
|
Packit |
90a5c9 |
if (prvdraliasrec) {
|
|
Packit |
90a5c9 |
r->per_dir_config = ap_merge_per_dir_configs(r->pool, orig_dir_config,
|
|
Packit |
90a5c9 |
prvdraliasrec->sec_auth);
|
|
Packit |
90a5c9 |
ret = prvdraliasrec->provider->check_password(r,user,password);
|
|
Packit |
90a5c9 |
r->per_dir_config = orig_dir_config;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return ret;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static authn_status authn_alias_get_realm_hash(request_rec *r, const char *user,
|
|
Packit |
90a5c9 |
const char *realm, char **rethash)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
/* Look up the provider alias in the alias list */
|
|
Packit |
90a5c9 |
/* Get the dir_config and call ap_Merge_per_dir_configs() */
|
|
Packit |
90a5c9 |
/* Call the real provider->get_realm_hash() function */
|
|
Packit |
90a5c9 |
/* return the result of the above function call */
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
const char *provider_name = apr_table_get(r->notes, AUTHN_PROVIDER_NAME_NOTE);
|
|
Packit |
90a5c9 |
authn_status ret = AUTH_USER_NOT_FOUND;
|
|
Packit |
90a5c9 |
authn_alias_srv_conf *authcfg =
|
|
Packit |
90a5c9 |
(authn_alias_srv_conf *)ap_get_module_config(r->server->module_config,
|
|
Packit |
90a5c9 |
&authn_core_module);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (provider_name) {
|
|
Packit |
90a5c9 |
provider_alias_rec *prvdraliasrec = apr_hash_get(authcfg->alias_rec,
|
|
Packit |
90a5c9 |
provider_name, APR_HASH_KEY_STRING);
|
|
Packit |
90a5c9 |
ap_conf_vector_t *orig_dir_config = r->per_dir_config;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* If we found the alias provider in the list, then merge the directory
|
|
Packit |
90a5c9 |
configurations and call the real provider */
|
|
Packit |
90a5c9 |
if (prvdraliasrec) {
|
|
Packit |
90a5c9 |
r->per_dir_config = ap_merge_per_dir_configs(r->pool, orig_dir_config,
|
|
Packit |
90a5c9 |
prvdraliasrec->sec_auth);
|
|
Packit |
90a5c9 |
ret = prvdraliasrec->provider->get_realm_hash(r,user,realm,rethash);
|
|
Packit |
90a5c9 |
r->per_dir_config = orig_dir_config;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return ret;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static void *create_authn_alias_svr_config(apr_pool_t *p, server_rec *s)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
authn_alias_srv_conf *authcfg;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
authcfg = (authn_alias_srv_conf *) apr_pcalloc(p, sizeof(authn_alias_srv_conf));
|
|
Packit |
90a5c9 |
authcfg->alias_rec = apr_hash_make(p);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return (void *) authcfg;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* Only per-server directive we have is GLOBAL_ONLY */
|
|
Packit |
90a5c9 |
static void *merge_authn_alias_svr_config(apr_pool_t *p, void *basev, void *overridesv)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
return basev;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static const authn_provider authn_alias_provider =
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
&authn_alias_check_password,
|
|
Packit |
90a5c9 |
&authn_alias_get_realm_hash,
|
|
Packit |
90a5c9 |
};
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static const authn_provider authn_alias_provider_nodigest =
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
&authn_alias_check_password,
|
|
Packit |
90a5c9 |
NULL,
|
|
Packit |
90a5c9 |
};
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static const char *authaliassection(cmd_parms *cmd, void *mconfig, const char *arg)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
const char *endp = ap_strrchr_c(arg, '>');
|
|
Packit |
90a5c9 |
const char *args;
|
|
Packit |
90a5c9 |
char *provider_alias;
|
|
Packit |
90a5c9 |
char *provider_name;
|
|
Packit |
90a5c9 |
int old_overrides = cmd->override;
|
|
Packit |
90a5c9 |
const char *errmsg;
|
|
Packit |
90a5c9 |
const authn_provider *provider = NULL;
|
|
Packit |
90a5c9 |
ap_conf_vector_t *new_auth_config = ap_create_per_dir_config(cmd->pool);
|
|
Packit |
90a5c9 |
authn_alias_srv_conf *authcfg =
|
|
Packit |
90a5c9 |
(authn_alias_srv_conf *)ap_get_module_config(cmd->server->module_config,
|
|
Packit |
90a5c9 |
&authn_core_module);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
|
|
Packit |
90a5c9 |
if (err != NULL) {
|
|
Packit |
90a5c9 |
return err;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (endp == NULL) {
|
|
Packit |
90a5c9 |
return apr_pstrcat(cmd->pool, cmd->cmd->name,
|
|
Packit |
90a5c9 |
"> directive missing closing '>'", NULL);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
args = apr_pstrndup(cmd->temp_pool, arg, endp - arg);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (!args[0]) {
|
|
Packit |
90a5c9 |
return apr_pstrcat(cmd->pool, cmd->cmd->name,
|
|
Packit |
90a5c9 |
"> directive requires additional arguments", NULL);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* Pull the real provider name and the alias name from the block header */
|
|
Packit |
90a5c9 |
provider_name = ap_getword_conf(cmd->pool, &args);
|
|
Packit |
90a5c9 |
provider_alias = ap_getword_conf(cmd->pool, &args);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (!provider_name[0] || !provider_alias[0]) {
|
|
Packit |
90a5c9 |
return apr_pstrcat(cmd->pool, cmd->cmd->name,
|
|
Packit |
90a5c9 |
"> directive requires additional arguments", NULL);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (strcasecmp(provider_name, provider_alias) == 0) {
|
|
Packit |
90a5c9 |
return apr_pstrcat(cmd->pool,
|
|
Packit |
90a5c9 |
"The alias provider name must be different from the base provider name.", NULL);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* Look up the alias provider to make sure that it hasn't already been registered. */
|
|
Packit |
90a5c9 |
provider = ap_lookup_provider(AUTHN_PROVIDER_GROUP, provider_alias,
|
|
Packit |
90a5c9 |
AUTHN_PROVIDER_VERSION);
|
|
Packit |
90a5c9 |
if (provider) {
|
|
Packit |
90a5c9 |
return apr_pstrcat(cmd->pool, "The alias provider ", provider_alias,
|
|
Packit |
90a5c9 |
" has already be registered previously as either a base provider or an alias provider.",
|
|
Packit |
90a5c9 |
NULL);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* walk the subsection configuration to get the per_dir config that we will
|
|
Packit |
90a5c9 |
merge just before the real provider is called. */
|
|
Packit |
90a5c9 |
cmd->override = OR_AUTHCFG | ACCESS_CONF;
|
|
Packit |
90a5c9 |
errmsg = ap_walk_config(cmd->directive->first_child, cmd, new_auth_config);
|
|
Packit |
90a5c9 |
cmd->override = old_overrides;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (!errmsg) {
|
|
Packit |
90a5c9 |
provider_alias_rec *prvdraliasrec = apr_pcalloc(cmd->pool, sizeof(provider_alias_rec));
|
|
Packit |
90a5c9 |
provider = ap_lookup_provider(AUTHN_PROVIDER_GROUP, provider_name,
|
|
Packit |
90a5c9 |
AUTHN_PROVIDER_VERSION);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (!provider) {
|
|
Packit |
90a5c9 |
/* by the time they use it, the provider should be loaded and
|
|
Packit |
90a5c9 |
registered with us. */
|
|
Packit |
90a5c9 |
return apr_psprintf(cmd->pool,
|
|
Packit |
90a5c9 |
"Unknown Authn provider: %s",
|
|
Packit |
90a5c9 |
provider_name);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* Save off the new directory config along with the original provider name
|
|
Packit |
90a5c9 |
and function pointer data */
|
|
Packit |
90a5c9 |
prvdraliasrec->sec_auth = new_auth_config;
|
|
Packit |
90a5c9 |
prvdraliasrec->provider_name = provider_name;
|
|
Packit |
90a5c9 |
prvdraliasrec->provider_alias = provider_alias;
|
|
Packit |
90a5c9 |
prvdraliasrec->provider = provider;
|
|
Packit |
90a5c9 |
apr_hash_set(authcfg->alias_rec, provider_alias, APR_HASH_KEY_STRING, prvdraliasrec);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* Register the fake provider so that we get called first */
|
|
Packit |
90a5c9 |
ap_register_auth_provider(cmd->pool, AUTHN_PROVIDER_GROUP,
|
|
Packit |
90a5c9 |
provider_alias, AUTHN_PROVIDER_VERSION,
|
|
Packit |
90a5c9 |
provider->get_realm_hash ?
|
|
Packit |
90a5c9 |
&authn_alias_provider :
|
|
Packit |
90a5c9 |
&authn_alias_provider_nodigest,
|
|
Packit |
90a5c9 |
AP_AUTH_INTERNAL_PER_CONF);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return errmsg;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/*
|
|
Packit |
90a5c9 |
* Load an authorisation realm into our location configuration, applying the
|
|
Packit |
90a5c9 |
* usual rules that apply to realms.
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
static const char *set_authname(cmd_parms *cmd, void *mconfig,
|
|
Packit |
90a5c9 |
const char *word1)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
authn_core_dir_conf *aconfig = (authn_core_dir_conf *)mconfig;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
aconfig->ap_auth_name = ap_escape_quotes(cmd->pool, word1);
|
|
Packit |
90a5c9 |
return NULL;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static const char *set_authtype(cmd_parms *cmd, void *mconfig,
|
|
Packit |
90a5c9 |
const char *word1)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
authn_core_dir_conf *aconfig = (authn_core_dir_conf *)mconfig;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
aconfig->auth_type_set = 1;
|
|
Packit |
90a5c9 |
aconfig->ap_auth_type = strcasecmp(word1, "None") ? word1 : NULL;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return NULL;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static const char *authn_ap_auth_type(request_rec *r)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
authn_core_dir_conf *conf;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
conf = (authn_core_dir_conf *)ap_get_module_config(r->per_dir_config,
|
|
Packit |
90a5c9 |
&authn_core_module);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return conf->ap_auth_type;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static const char *authn_ap_auth_name(request_rec *r)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
authn_core_dir_conf *conf;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
conf = (authn_core_dir_conf *)ap_get_module_config(r->per_dir_config,
|
|
Packit |
90a5c9 |
&authn_core_module);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return apr_pstrdup(r->pool, conf->ap_auth_name);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static const command_rec authn_cmds[] =
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
AP_INIT_TAKE1("AuthType", set_authtype, NULL, OR_AUTHCFG,
|
|
Packit |
90a5c9 |
"an HTTP authorization type (e.g., \"Basic\")"),
|
|
Packit |
90a5c9 |
AP_INIT_TAKE1("AuthName", set_authname, NULL, OR_AUTHCFG,
|
|
Packit |
90a5c9 |
"the authentication realm (e.g. \"Members Only\")"),
|
|
Packit |
90a5c9 |
AP_INIT_RAW_ARGS("
|
|
Packit |
90a5c9 |
"container for grouping an authentication provider's "
|
|
Packit |
90a5c9 |
"directives under a provider alias"),
|
|
Packit |
90a5c9 |
{NULL}
|
|
Packit |
90a5c9 |
};
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static int authenticate_no_user(request_rec *r)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
/* if there isn't an AuthType, then assume that no authentication
|
|
Packit |
90a5c9 |
is required so return OK */
|
|
Packit |
90a5c9 |
if (!ap_auth_type(r)) {
|
|
Packit |
90a5c9 |
return OK;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* there's an AuthType configured, but no authentication module
|
|
Packit |
90a5c9 |
* loaded to support it
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
ap_log_rerror(APLOG_MARK, APLOG_ERR, APR_SUCCESS, r, APLOGNO(01796)
|
|
Packit |
90a5c9 |
"AuthType %s configured without corresponding module",
|
|
Packit |
90a5c9 |
ap_auth_type(r));
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return HTTP_INTERNAL_SERVER_ERROR;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static void register_hooks(apr_pool_t *p)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
APR_REGISTER_OPTIONAL_FN(authn_ap_auth_type);
|
|
Packit |
90a5c9 |
APR_REGISTER_OPTIONAL_FN(authn_ap_auth_name);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
ap_hook_check_authn(authenticate_no_user, NULL, NULL, APR_HOOK_LAST,
|
|
Packit |
90a5c9 |
AP_AUTH_INTERNAL_PER_CONF);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
AP_DECLARE_MODULE(authn_core) =
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
STANDARD20_MODULE_STUFF,
|
|
Packit |
90a5c9 |
create_authn_core_dir_config, /* dir config creater */
|
|
Packit |
90a5c9 |
merge_authn_core_dir_config, /* dir merger --- default is to override */
|
|
Packit |
90a5c9 |
create_authn_alias_svr_config, /* server config */
|
|
Packit |
90a5c9 |
merge_authn_alias_svr_config, /* merge server config */
|
|
Packit |
90a5c9 |
authn_cmds,
|
|
Packit |
90a5c9 |
register_hooks /* register hooks */
|
|
Packit |
90a5c9 |
};
|
|
Packit |
90a5c9 |
|