/[Apache-SVN]/httpd/httpd/trunk/modules/aaa/mod_authn_dbd.c
ViewVC logotype

Contents of /httpd/httpd/trunk/modules/aaa/mod_authn_dbd.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 321247 - (show annotations)
Fri Oct 14 23:33:40 2005 UTC (4 years, 1 month ago) by niq
File MIME type: text/plain
File size: 7659 byte(s) 
Add mod_authn_dbd
1 /* Copyright 2000-2005 The Apache Software Foundation or its licensors, as
2 * applicable.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "ap_provider.h"
18 #include "httpd.h"
19 #include "http_config.h"
20 #include "http_log.h"
21 #include "apr_dbd.h"
22 #include "mod_dbd.h"
23 #include "apr_strings.h"
24 #include "mod_auth.h"
25 #include "apr_md5.h"
26
27 module AP_MODULE_DECLARE_DATA authn_dbd_module;
28
29 typedef struct {
30 const char *user;
31 const char *realm;
32 } authn_dbd_conf;
33 typedef struct {
34 const char *label;
35 const char *query;
36 } authn_dbd_rec;
37
38 /* optional function - look it up once in post_config */
39 static ap_dbd_t *(*authn_dbd_acquire_fn)(request_rec*) = NULL;
40 static void (*authn_dbd_prepare_fn)(server_rec*, const char*, const char*) = NULL;
41
42 static void *authn_dbd_cr_conf(apr_pool_t *pool, char *dummy)
43 {
44 authn_dbd_conf *ret = apr_pcalloc(pool, sizeof(authn_dbd_conf));
45 return ret;
46 }
47 static void *authn_dbd_merge_conf(apr_pool_t *pool, void *BASE, void *ADD)
48 {
49 authn_dbd_conf *add = ADD;
50 authn_dbd_conf *base = BASE;
51 authn_dbd_conf *ret = apr_palloc(pool, sizeof(authn_dbd_conf));
52 ret->user = (add->user == NULL) ? base->user : add->user;
53 ret->realm = (add->realm == NULL) ? base->realm : add->realm;
54 return ret;
55 }
56 static const char *authn_dbd_prepare(cmd_parms *cmd, void *cfg, const char *query)
57 {
58 static unsigned int label_num = 0;
59 char *label;
60
61 if (authn_dbd_prepare_fn == NULL) {
62 authn_dbd_prepare_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_prepare);
63 if (authn_dbd_prepare_fn == NULL) {
64 return "You must load mod_dbd to enable AuthDBD functions";
65 }
66 authn_dbd_acquire_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_acquire);
67 }
68 label = apr_psprintf(cmd->pool, "authn_dbd_%d", ++label_num);
69
70 authn_dbd_prepare_fn(cmd->server, query, label);
71
72 /* save the label here for our own use */
73 *(void**)cfg = label;
74 return NULL;
75 }
76 static const command_rec authn_dbd_cmds[] =
77 {
78 AP_INIT_TAKE1("AuthDBDUserPWQuery", authn_dbd_prepare,
79 (void *)APR_OFFSETOF(authn_dbd_conf, user), OR_AUTHCFG,
80 "Query used to fetch password for user"),
81 AP_INIT_TAKE1("AuthDBDUserRealmPWQuery", authn_dbd_prepare,
82 (void *)APR_OFFSETOF(authn_dbd_conf, realm), OR_AUTHCFG,
83 "Query used to fetch password for user+realm"),
84 {NULL}
85 };
86 static authn_status authn_dbd_password(request_rec *r, const char *user,
87 const char *password)
88 {
89 apr_status_t rv;
90 const char *dbd_password = NULL;
91 char *colon_pw;
92 apr_dbd_prepared_t *statement;
93 apr_dbd_results_t *res = NULL;
94 apr_dbd_row_t *row = NULL;
95
96 authn_dbd_conf *conf = ap_get_module_config(r->per_dir_config,
97 &authn_dbd_module);
98 ap_dbd_t *dbd = authn_dbd_acquire_fn(r);
99 if (dbd == NULL) {
100 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
101 "Error looking up %s in database", user);
102 return AUTH_GENERAL_ERROR;
103 }
104
105 if (conf->user == NULL) {
106 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No DBD Authn configured!");
107 return AUTH_GENERAL_ERROR;
108 }
109
110 statement = apr_hash_get(dbd->prepared, conf->user, APR_HASH_KEY_STRING);
111 if (statement == NULL) {
112 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No DBD Authn configured!");
113 return AUTH_GENERAL_ERROR;
114 }
115 if (apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement,
116 0, user, NULL) != 0) {
117 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
118 "Error looking up %s in database", user);
119 return AUTH_GENERAL_ERROR;
120 }
121 for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1);
122 rv != -1;
123 rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) {
124 if (rv != 0) {
125 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
126 "Error looking up %s in database", user);
127 return AUTH_GENERAL_ERROR;
128 }
129 if (dbd_password == NULL) {
130 dbd_password = apr_dbd_get_entry(dbd->driver, row, 0);
131 }
132 /* we can't break out here or row won't get cleaned up */
133 }
134
135 if (!dbd_password) {
136 return AUTH_USER_NOT_FOUND;
137 }
138
139 colon_pw = ap_strchr(dbd_password, ':');
140 if (colon_pw) {
141 *colon_pw = '\0';
142 }
143
144 rv = apr_password_validate(password, dbd_password);
145
146 if (rv != APR_SUCCESS) {
147 return AUTH_DENIED;
148 }
149
150 return AUTH_GRANTED;
151 }
152 static authn_status authn_dbd_realm(request_rec *r, const char *user,
153 const char *realm, char **rethash)
154 {
155 apr_status_t rv;
156 const char *dbd_hash = NULL;
157 char *colon_hash;
158 apr_dbd_prepared_t *statement;
159 apr_dbd_results_t *res = NULL;
160 apr_dbd_row_t *row = NULL;
161
162 authn_dbd_conf *conf = ap_get_module_config(r->per_dir_config,
163 &authn_dbd_module);
164 ap_dbd_t *dbd = authn_dbd_acquire_fn(r);
165 if (dbd == NULL) {
166 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
167 "Error looking up %s in database", user);
168 return AUTH_GENERAL_ERROR;
169 }
170 if (conf->realm == NULL) {
171 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No DBD Authn configured!");
172 return AUTH_GENERAL_ERROR;
173 }
174 statement = apr_hash_get(dbd->prepared, conf->realm, APR_HASH_KEY_STRING);
175 if (statement == NULL) {
176 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No DBD Authn configured!");
177 return AUTH_GENERAL_ERROR;
178 }
179 if (apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement,
180 0, user, realm, NULL) != 0) {
181 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
182 "Error looking up %s:%s in database", user, realm);
183 return AUTH_GENERAL_ERROR;
184 }
185 for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1);
186 rv != -1;
187 rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) {
188 if (rv != 0) {
189 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
190 "Error looking up %s in database", user);
191 return AUTH_GENERAL_ERROR;
192 }
193 if (dbd_hash == NULL) {
194 dbd_hash = apr_dbd_get_entry(dbd->driver, row, 0);
195 }
196 /* we can't break out here or row won't get cleaned up */
197 }
198
199 if (!dbd_hash) {
200 return AUTH_USER_NOT_FOUND;
201 }
202
203 colon_hash = ap_strchr(dbd_hash, ':');
204 if (colon_hash) {
205 *colon_hash = '\0';
206 }
207
208 *rethash = apr_pstrdup(r->pool, dbd_hash);
209
210 return AUTH_USER_FOUND;
211 }
212 static void authn_dbd_hooks(apr_pool_t *p)
213 {
214 static const authn_provider authn_dbd_provider = {
215 &authn_dbd_password,
216 &authn_dbd_realm
217 };
218
219 ap_register_provider(p, AUTHN_PROVIDER_GROUP, "dbd", "0", &authn_dbd_provider);
220 }
221 module AP_MODULE_DECLARE_DATA authn_dbd_module =
222 {
223 STANDARD20_MODULE_STUFF,
224 authn_dbd_cr_conf,
225 authn_dbd_merge_conf,
226 NULL,
227 NULL,
228 authn_dbd_cmds,
229 authn_dbd_hooks
230 };
apache@apache.org
 ViewVC Help
Powered by ViewVC 1.1.2