/[Apache-SVN]/httpd/httpd/trunk/modules/aaa/mod_authn_dbd.c
ViewVC logotype

Contents of /httpd/httpd/trunk/modules/aaa/mod_authn_dbd.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 658046 - (show annotations)
Mon May 19 23:53:05 2008 UTC (18 months, 1 week ago) by chrisd
File MIME type: text/plain
File size: 10572 byte(s) 
Convert common provider version strings ("0") to
AUTHN/Z_PROVIDER_VERSION macros defined in mod_auth.h.
1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "ap_provider.h"
18 #include "httpd.h"
19 #include "http_config.h"
20 #include "http_log.h"
21 #include "http_request.h"
22 #include "apr_lib.h"
23 #include "apr_dbd.h"
24 #include "mod_dbd.h"
25 #include "apr_strings.h"
26 #include "mod_auth.h"
27 #include "apr_md5.h"
28 #include "apu_version.h"
29
30 module AP_MODULE_DECLARE_DATA authn_dbd_module;
31
32 typedef struct {
33 const char *user;
34 const char *realm;
35 } authn_dbd_conf;
36 typedef struct {
37 const char *label;
38 const char *query;
39 } authn_dbd_rec;
40
41 /* optional function - look it up once in post_config */
42 static ap_dbd_t *(*authn_dbd_acquire_fn)(request_rec*) = NULL;
43 static void (*authn_dbd_prepare_fn)(server_rec*, const char*, const char*) = NULL;
44
45 static void *authn_dbd_cr_conf(apr_pool_t *pool, char *dummy)
46 {
47 authn_dbd_conf *ret = apr_pcalloc(pool, sizeof(authn_dbd_conf));
48 return ret;
49 }
50 static void *authn_dbd_merge_conf(apr_pool_t *pool, void *BASE, void *ADD)
51 {
52 authn_dbd_conf *add = ADD;
53 authn_dbd_conf *base = BASE;
54 authn_dbd_conf *ret = apr_palloc(pool, sizeof(authn_dbd_conf));
55 ret->user = (add->user == NULL) ? base->user : add->user;
56 ret->realm = (add->realm == NULL) ? base->realm : add->realm;
57 return ret;
58 }
59 static const char *authn_dbd_prepare(cmd_parms *cmd, void *cfg, const char *query)
60 {
61 static unsigned int label_num = 0;
62 char *label;
63
64 if (authn_dbd_prepare_fn == NULL) {
65 authn_dbd_prepare_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_prepare);
66 if (authn_dbd_prepare_fn == NULL) {
67 return "You must load mod_dbd to enable AuthDBD functions";
68 }
69 authn_dbd_acquire_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_acquire);
70 }
71 label = apr_psprintf(cmd->pool, "authn_dbd_%d", ++label_num);
72
73 authn_dbd_prepare_fn(cmd->server, query, label);
74
75 /* save the label here for our own use */
76 return ap_set_string_slot(cmd, cfg, label);
77 }
78 static const command_rec authn_dbd_cmds[] =
79 {
80 AP_INIT_TAKE1("AuthDBDUserPWQuery", authn_dbd_prepare,
81 (void *)APR_OFFSETOF(authn_dbd_conf, user), ACCESS_CONF,
82 "Query used to fetch password for user"),
83 AP_INIT_TAKE1("AuthDBDUserRealmQuery", authn_dbd_prepare,
84 (void *)APR_OFFSETOF(authn_dbd_conf, realm), ACCESS_CONF,
85 "Query used to fetch password for user+realm"),
86 {NULL}
87 };
88 static authn_status authn_dbd_password(request_rec *r, const char *user,
89 const char *password)
90 {
91 apr_status_t rv;
92 const char *dbd_password = NULL;
93 apr_dbd_prepared_t *statement;
94 apr_dbd_results_t *res = NULL;
95 apr_dbd_row_t *row = NULL;
96
97 authn_dbd_conf *conf = ap_get_module_config(r->per_dir_config,
98 &authn_dbd_module);
99 ap_dbd_t *dbd = authn_dbd_acquire_fn(r);
100 if (dbd == NULL) {
101 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
102 "Failed to acquire database connection to look up "
103 "user '%s'", user);
104 return AUTH_GENERAL_ERROR;
105 }
106
107 if (conf->user == NULL) {
108 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
109 "No AuthDBDUserPWQuery has been specified");
110 return AUTH_GENERAL_ERROR;
111 }
112
113 statement = apr_hash_get(dbd->prepared, conf->user, APR_HASH_KEY_STRING);
114 if (statement == NULL) {
115 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
116 "A prepared statement could not be found for "
117 "AuthDBDUserPWQuery with the key '%s'", conf->user);
118 return AUTH_GENERAL_ERROR;
119 }
120 if (apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement,
121 0, user, NULL) != 0) {
122 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
123 "Query execution error looking up '%s' "
124 "in database", user);
125 return AUTH_GENERAL_ERROR;
126 }
127 for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1);
128 rv != -1;
129 rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) {
130 if (rv != 0) {
131 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
132 "Error retrieving results while looking up '%s' "
133 "in database", user);
134 return AUTH_GENERAL_ERROR;
135 }
136 if (dbd_password == NULL) {
137 #if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 3)
138 /* add the rest of the columns to the environment */
139 int i = 1;
140 const char *name;
141 for (name = apr_dbd_get_name(dbd->driver, res, i);
142 name != NULL;
143 name = apr_dbd_get_name(dbd->driver, res, i)) {
144
145 char *str = apr_pstrcat(r->pool, AUTHN_PREFIX,
146 name,
147 NULL);
148 int j = sizeof(AUTHN_PREFIX)-1; /* string length of "AUTHENTICATE_", excluding the trailing NIL */
149 while (str[j]) {
150 if (!apr_isalnum(str[j])) {
151 str[j] = '_';
152 }
153 else {
154 str[j] = apr_toupper(str[j]);
155 }
156 j++;
157 }
158 apr_table_set(r->subprocess_env, str,
159 apr_dbd_get_entry(dbd->driver, row, i));
160 i++;
161 }
162 #endif
163 dbd_password = apr_dbd_get_entry(dbd->driver, row, 0);
164 }
165 /* we can't break out here or row won't get cleaned up */
166 }
167
168 if (!dbd_password) {
169 return AUTH_USER_NOT_FOUND;
170 }
171
172 rv = apr_password_validate(password, dbd_password);
173
174 if (rv != APR_SUCCESS) {
175 return AUTH_DENIED;
176 }
177
178 return AUTH_GRANTED;
179 }
180 static authn_status authn_dbd_realm(request_rec *r, const char *user,
181 const char *realm, char **rethash)
182 {
183 apr_status_t rv;
184 const char *dbd_hash = NULL;
185 apr_dbd_prepared_t *statement;
186 apr_dbd_results_t *res = NULL;
187 apr_dbd_row_t *row = NULL;
188
189 authn_dbd_conf *conf = ap_get_module_config(r->per_dir_config,
190 &authn_dbd_module);
191 ap_dbd_t *dbd = authn_dbd_acquire_fn(r);
192 if (dbd == NULL) {
193 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
194 "Failed to acquire database connection to look up "
195 "user '%s:%s'", user, realm);
196 return AUTH_GENERAL_ERROR;
197 }
198 if (conf->realm == NULL) {
199 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
200 "No AuthDBDUserRealmQuery has been specified");
201 return AUTH_GENERAL_ERROR;
202 }
203 statement = apr_hash_get(dbd->prepared, conf->realm, APR_HASH_KEY_STRING);
204 if (statement == NULL) {
205 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
206 "A prepared statement could not be found for "
207 "AuthDBDUserRealmQuery with the key '%s'", conf->realm);
208 return AUTH_GENERAL_ERROR;
209 }
210 if (apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement,
211 0, user, realm, NULL) != 0) {
212 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
213 "Query execution error looking up '%s:%s' "
214 "in database", user, realm);
215 return AUTH_GENERAL_ERROR;
216 }
217 for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1);
218 rv != -1;
219 rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) {
220 if (rv != 0) {
221 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
222 "Error retrieving results while looking up '%s:%s' "
223 "in database", user, realm);
224 return AUTH_GENERAL_ERROR;
225 }
226 if (dbd_hash == NULL) {
227 #if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 3)
228 /* add the rest of the columns to the environment */
229 int i = 1;
230 const char *name;
231 for (name = apr_dbd_get_name(dbd->driver, res, i);
232 name != NULL;
233 name = apr_dbd_get_name(dbd->driver, res, i)) {
234
235 char *str = apr_pstrcat(r->pool, AUTHN_PREFIX,
236 name,
237 NULL);
238 int j = sizeof(AUTHN_PREFIX)-1; /* string length of "AUTHENTICATE_", excluding the trailing NIL */
239 while (str[j]) {
240 if (!apr_isalnum(str[j])) {
241 str[j] = '_';
242 }
243 else {
244 str[j] = apr_toupper(str[j]);
245 }
246 j++;
247 }
248 apr_table_set(r->subprocess_env, str,
249 apr_dbd_get_entry(dbd->driver, row, i));
250 i++;
251 }
252 #endif
253 dbd_hash = apr_dbd_get_entry(dbd->driver, row, 0);
254 }
255 /* we can't break out here or row won't get cleaned up */
256 }
257
258 if (!dbd_hash) {
259 return AUTH_USER_NOT_FOUND;
260 }
261
262 *rethash = apr_pstrdup(r->pool, dbd_hash);
263 return AUTH_USER_FOUND;
264 }
265 static void authn_dbd_hooks(apr_pool_t *p)
266 {
267 static const authn_provider authn_dbd_provider = {
268 &authn_dbd_password,
269 &authn_dbd_realm
270 };
271
272 ap_register_auth_provider(p, AUTHN_PROVIDER_GROUP, "dbd",
273 AUTHN_PROVIDER_VERSION,
274 &authn_dbd_provider, AP_AUTH_INTERNAL_PER_CONF);
275 }
276 module AP_MODULE_DECLARE_DATA authn_dbd_module =
277 {
278 STANDARD20_MODULE_STUFF,
279 authn_dbd_cr_conf,
280 authn_dbd_merge_conf,
281 NULL,
282 NULL,
283 authn_dbd_cmds,
284 authn_dbd_hooks
285 };

Properties

Name Value
svn:eol-style native
apache@apache.org
 ViewVC Help
Powered by ViewVC 1.1.2