/[Apache-SVN]/httpd/httpd/trunk/modules/aaa/mod_authn_dbd.c
ViewVC logotype

Contents of /httpd/httpd/trunk/modules/aaa/mod_authn_dbd.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 466865 - (show annotations)
Sun Oct 22 19:11:51 2006 UTC (3 years, 1 month ago) by minfrin
File MIME type: text/plain
File size: 9787 byte(s) 
mod_authn_dbd: Export any additional columns queried in the SQL select
into the environment with the name AUTHENTICATE_<COLUMN>. This brings
mod_authn_dbd behaviour in line with mod_authnz_ldap.
1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "ap_provider.h"
18 #include "httpd.h"
19 #include "http_config.h"
20 #include "http_log.h"
21 #include "apr_lib.h"
22 #include "apr_dbd.h"
23 #include "mod_dbd.h"
24 #include "apr_strings.h"
25 #include "mod_auth.h"
26 #include "apr_md5.h"
27 #include "apu_version.h"
28
29 module AP_MODULE_DECLARE_DATA authn_dbd_module;
30
31 typedef struct {
32 const char *user;
33 const char *realm;
34 } authn_dbd_conf;
35 typedef struct {
36 const char *label;
37 const char *query;
38 } authn_dbd_rec;
39
40 /* optional function - look it up once in post_config */
41 static ap_dbd_t *(*authn_dbd_acquire_fn)(request_rec*) = NULL;
42 static void (*authn_dbd_prepare_fn)(server_rec*, const char*, const char*) = NULL;
43
44 static void *authn_dbd_cr_conf(apr_pool_t *pool, char *dummy)
45 {
46 authn_dbd_conf *ret = apr_pcalloc(pool, sizeof(authn_dbd_conf));
47 return ret;
48 }
49 static void *authn_dbd_merge_conf(apr_pool_t *pool, void *BASE, void *ADD)
50 {
51 authn_dbd_conf *add = ADD;
52 authn_dbd_conf *base = BASE;
53 authn_dbd_conf *ret = apr_palloc(pool, sizeof(authn_dbd_conf));
54 ret->user = (add->user == NULL) ? base->user : add->user;
55 ret->realm = (add->realm == NULL) ? base->realm : add->realm;
56 return ret;
57 }
58 static const char *authn_dbd_prepare(cmd_parms *cmd, void *cfg, const char *query)
59 {
60 static unsigned int label_num = 0;
61 char *label;
62
63 if (authn_dbd_prepare_fn == NULL) {
64 authn_dbd_prepare_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_prepare);
65 if (authn_dbd_prepare_fn == NULL) {
66 return "You must load mod_dbd to enable AuthDBD functions";
67 }
68 authn_dbd_acquire_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_acquire);
69 }
70 label = apr_psprintf(cmd->pool, "authn_dbd_%d", ++label_num);
71
72 authn_dbd_prepare_fn(cmd->server, query, label);
73
74 /* save the label here for our own use */
75 return ap_set_string_slot(cmd, cfg, label);
76 }
77 static const command_rec authn_dbd_cmds[] =
78 {
79 AP_INIT_TAKE1("AuthDBDUserPWQuery", authn_dbd_prepare,
80 (void *)APR_OFFSETOF(authn_dbd_conf, user), ACCESS_CONF,
81 "Query used to fetch password for user"),
82 AP_INIT_TAKE1("AuthDBDUserRealmQuery", authn_dbd_prepare,
83 (void *)APR_OFFSETOF(authn_dbd_conf, realm), ACCESS_CONF,
84 "Query used to fetch password for user+realm"),
85 {NULL}
86 };
87 static authn_status authn_dbd_password(request_rec *r, const char *user,
88 const char *password)
89 {
90 apr_status_t rv;
91 const char *dbd_password = NULL;
92 apr_dbd_prepared_t *statement;
93 apr_dbd_results_t *res = NULL;
94 apr_dbd_row_t *row = NULL;
95
96 authn_dbd_conf *conf = ap_get_module_config(r->per_dir_config,
97 &authn_dbd_module);
98 ap_dbd_t *dbd = authn_dbd_acquire_fn(r);
99 if (dbd == NULL) {
100 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
101 "Error looking up %s in database", user);
102 return AUTH_GENERAL_ERROR;
103 }
104
105 if (conf->user == NULL) {
106 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No AuthDBDUserPWQuery has been specified.");
107 return AUTH_GENERAL_ERROR;
108 }
109
110 statement = apr_hash_get(dbd->prepared, conf->user, APR_HASH_KEY_STRING);
111 if (statement == NULL) {
112 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "A prepared statement could not be found for AuthDBDUserPWQuery, key '%s'.", conf->user);
113 return AUTH_GENERAL_ERROR;
114 }
115 if (apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement,
116 0, user, NULL) != 0) {
117 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
118 "Error looking up %s in database", user);
119 return AUTH_GENERAL_ERROR;
120 }
121 for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1);
122 rv != -1;
123 rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) {
124 if (rv != 0) {
125 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
126 "Error looking up %s in database", user);
127 return AUTH_GENERAL_ERROR;
128 }
129 if (dbd_password == NULL) {
130 dbd_password = apr_dbd_get_entry(dbd->driver, row, 0);
131
132 #if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 3)
133 /* add the rest of the columns to the environment */
134 int i = 1;
135 const char *name;
136 for (name = apr_dbd_get_name(dbd->driver, res, i);
137 name != NULL;
138 name = apr_dbd_get_name(dbd->driver, res, i)) {
139
140 char *str = apr_pstrcat(r->pool, AUTHN_PREFIX,
141 name,
142 NULL);
143 int j = 13;
144 while (str[j]) {
145 if (!apr_isalnum(str[j])) {
146 str[j] = '_';
147 }
148 else {
149 str[j] = apr_toupper(str[j]);
150 }
151 j++;
152 }
153 apr_table_setn(r->subprocess_env, str,
154 apr_dbd_get_entry(dbd->driver, row, i));
155 i++;
156 }
157 #endif
158 }
159 /* we can't break out here or row won't get cleaned up */
160 }
161
162 if (!dbd_password) {
163 return AUTH_USER_NOT_FOUND;
164 }
165
166 rv = apr_password_validate(password, dbd_password);
167
168 if (rv != APR_SUCCESS) {
169 return AUTH_DENIED;
170 }
171
172 return AUTH_GRANTED;
173 }
174 static authn_status authn_dbd_realm(request_rec *r, const char *user,
175 const char *realm, char **rethash)
176 {
177 apr_status_t rv;
178 const char *dbd_hash = NULL;
179 apr_dbd_prepared_t *statement;
180 apr_dbd_results_t *res = NULL;
181 apr_dbd_row_t *row = NULL;
182
183 authn_dbd_conf *conf = ap_get_module_config(r->per_dir_config,
184 &authn_dbd_module);
185 ap_dbd_t *dbd = authn_dbd_acquire_fn(r);
186 if (dbd == NULL) {
187 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
188 "Error looking up %s in database", user);
189 return AUTH_GENERAL_ERROR;
190 }
191 if (conf->realm == NULL) {
192 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No AuthDBDUserRealmQuery has been specified.");
193 return AUTH_GENERAL_ERROR;
194 }
195 statement = apr_hash_get(dbd->prepared, conf->realm, APR_HASH_KEY_STRING);
196 if (statement == NULL) {
197 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "A prepared statement could not be found for AuthDBDUserRealmQuery, key '%s'.", conf->realm);
198 return AUTH_GENERAL_ERROR;
199 }
200 if (apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement,
201 0, user, realm, NULL) != 0) {
202 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
203 "Error looking up %s:%s in database", user, realm);
204 return AUTH_GENERAL_ERROR;
205 }
206 for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1);
207 rv != -1;
208 rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) {
209 if (rv != 0) {
210 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
211 "Error looking up %s in database", user);
212 return AUTH_GENERAL_ERROR;
213 }
214 if (dbd_hash == NULL) {
215 dbd_hash = apr_dbd_get_entry(dbd->driver, row, 0);
216
217 #if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 3)
218 /* add the rest of the columns to the environment */
219 int i = 1;
220 const char *name;
221 for (name = apr_dbd_get_name(dbd->driver, res, i);
222 name != NULL;
223 name = apr_dbd_get_name(dbd->driver, res, i)) {
224
225 char *str = apr_pstrcat(r->pool, AUTHN_PREFIX,
226 name,
227 NULL);
228 int j = 13;
229 while (str[j]) {
230 if (!apr_isalnum(str[j])) {
231 str[j] = '_';
232 }
233 else {
234 str[j] = apr_toupper(str[j]);
235 }
236 j++;
237 }
238 apr_table_setn(r->subprocess_env, str,
239 apr_dbd_get_entry(dbd->driver, row, i));
240 i++;
241 }
242 #endif
243 }
244 /* we can't break out here or row won't get cleaned up */
245 }
246
247 if (!dbd_hash) {
248 return AUTH_USER_NOT_FOUND;
249 }
250
251 *rethash = apr_pstrdup(r->pool, dbd_hash);
252 return AUTH_USER_FOUND;
253 }
254 static void authn_dbd_hooks(apr_pool_t *p)
255 {
256 static const authn_provider authn_dbd_provider = {
257 &authn_dbd_password,
258 &authn_dbd_realm
259 };
260
261 ap_register_provider(p, AUTHN_PROVIDER_GROUP, "dbd", "0", &authn_dbd_provider);
262 }
263 module AP_MODULE_DECLARE_DATA authn_dbd_module =
264 {
265 STANDARD20_MODULE_STUFF,
266 authn_dbd_cr_conf,
267 authn_dbd_merge_conf,
268 NULL,
269 NULL,
270 authn_dbd_cmds,
271 authn_dbd_hooks
272 };

Properties

Name Value
svn:eol-style native
apache@apache.org
 ViewVC Help
Powered by ViewVC 1.1.2