View | Details | Raw Unified | Return to bug 44578
Collapse All | Expand All

(-)modules/aaa/mod_authn_dbd.c (-20 / +38 lines)
Lines 29-41 Link Here
29
module AP_MODULE_DECLARE_DATA authn_dbd_module;
29
module AP_MODULE_DECLARE_DATA authn_dbd_module;
30
30
31
typedef struct {
31
typedef struct {
32
    const char *user;
32
    const char *label;
33
    const char *realm;
33
    const char *realm;
34
    int validate;
34
} authn_dbd_conf;
35
} authn_dbd_conf;
35
typedef struct {
36
    const char *label;
37
    const char *query;
38
} authn_dbd_rec;
39
36
40
/* optional function - look it up once in post_config */
37
/* optional function - look it up once in post_config */
41
static ap_dbd_t *(*authn_dbd_acquire_fn)(request_rec*) = NULL;
38
static ap_dbd_t *(*authn_dbd_acquire_fn)(request_rec*) = NULL;
Lines 51-64 Link Here
51
    authn_dbd_conf *add = ADD;
48
    authn_dbd_conf *add = ADD;
52
    authn_dbd_conf *base = BASE;
49
    authn_dbd_conf *base = BASE;
53
    authn_dbd_conf *ret = apr_palloc(pool, sizeof(authn_dbd_conf));
50
    authn_dbd_conf *ret = apr_palloc(pool, sizeof(authn_dbd_conf));
54
    ret->user = (add->user == NULL) ? base->user : add->user;
51
    ret->label = (add->label == NULL) ? base->label : add->label;
55
    ret->realm = (add->realm == NULL) ? base->realm : add->realm;
52
    ret->validate =    (add->label == NULL) ? base->validate : add->validate;
53
    ret->realm =       (add->realm == NULL) ? base->realm : add->realm;
56
    return ret;
54
    return ret;
57
}
55
}
58
static const char *authn_dbd_prepare(cmd_parms *cmd, void *cfg, const char *query)
56
static const char *authn_dbd_prepare(cmd_parms *cmd, void *cfg, const char *query, char *validate)
59
{
57
{
60
    static unsigned int label_num = 0;
58
    static unsigned int label_num = 0;
61
    char *label;
59
    authn_dbd_conf *conf = (authn_dbd_conf *)cfg;
62
60
63
    if (authn_dbd_prepare_fn == NULL) {
61
    if (authn_dbd_prepare_fn == NULL) {
64
        authn_dbd_prepare_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_prepare);
62
        authn_dbd_prepare_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_prepare);
Lines 67-83 Link Here
67
        }
65
        }
68
        authn_dbd_acquire_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_acquire);
66
        authn_dbd_acquire_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_acquire);
69
    }
67
    }
70
    label = apr_psprintf(cmd->pool, "authn_dbd_%d", ++label_num);
71
72
    authn_dbd_prepare_fn(cmd->server, query, label);
73
68
69
    if (validate && apr_strnatcasecmp(validate, "VALIDATE"))
70
        return apr_pstrcat(cmd->pool, "unrecognized AuthDBDUserPWQuery option: ", validate, NULL);
71
     conf->validate = (validate != NULL);
74
    /* save the label here for our own use */
72
    /* save the label here for our own use */
75
    return ap_set_string_slot(cmd, cfg, label);
73
    conf->label = apr_psprintf(cmd->pool, "authn_dbd_%d", ++label_num);
74
    authn_dbd_prepare_fn(cmd->server, query, conf->label);
75
    return NULL; 
76
}
76
}
77
static const command_rec authn_dbd_cmds[] =
77
static const command_rec authn_dbd_cmds[] =
78
{
78
{
79
    AP_INIT_TAKE1("AuthDBDUserPWQuery", authn_dbd_prepare,
79
    AP_INIT_TAKE12("AuthDBDUserPWQuery", authn_dbd_prepare,
80
                  (void *)APR_OFFSETOF(authn_dbd_conf, user), ACCESS_CONF,
80
                  NULL, ACCESS_CONF,
81
                  "Query used to fetch password for user"),
81
                  "Query used to fetch password for user"),
82
    AP_INIT_TAKE1("AuthDBDUserRealmQuery", authn_dbd_prepare,
82
    AP_INIT_TAKE1("AuthDBDUserRealmQuery", authn_dbd_prepare,
83
                  (void *)APR_OFFSETOF(authn_dbd_conf, realm), ACCESS_CONF,
83
                  (void *)APR_OFFSETOF(authn_dbd_conf, realm), ACCESS_CONF,
Lines 92-97 Link Here
92
    apr_dbd_prepared_t *statement;
92
    apr_dbd_prepared_t *statement;
93
    apr_dbd_results_t *res = NULL;
93
    apr_dbd_results_t *res = NULL;
94
    apr_dbd_row_t *row = NULL;
94
    apr_dbd_row_t *row = NULL;
95
    char const *args[2];
96
    int nargs;
95
97
96
    authn_dbd_conf *conf = ap_get_module_config(r->per_dir_config,
98
    authn_dbd_conf *conf = ap_get_module_config(r->per_dir_config,
97
                                                &authn_dbd_module);
99
                                                &authn_dbd_module);
Lines 102-119 Link Here
102
        return AUTH_GENERAL_ERROR;
104
        return AUTH_GENERAL_ERROR;
103
    }
105
    }
104
106
105
    if (conf->user == NULL) {
107
    if (conf->label == NULL) {
106
        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No AuthDBDUserPWQuery has been specified.");
108
        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No AuthDBDUserPWQuery has been specified.");
107
        return AUTH_GENERAL_ERROR;
109
        return AUTH_GENERAL_ERROR;
108
    }
110
    }
109
111
110
    statement = apr_hash_get(dbd->prepared, conf->user, APR_HASH_KEY_STRING);
112
    statement = apr_hash_get(dbd->prepared, conf->label, APR_HASH_KEY_STRING);
111
    if (statement == NULL) {
113
    if (statement == NULL) {
112
        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "A prepared statement could not be found for AuthDBDUserPWQuery, key '%s'.", conf->user);
114
        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "A prepared statement could not be found for AuthDBDUserPWQuery, key '%s'.", conf->label);
113
        return AUTH_GENERAL_ERROR;
115
        return AUTH_GENERAL_ERROR;
114
    }
116
    }
115
    if (apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement,
117
116
                              0, user, NULL) != 0) {
118
    if (conf->validate) {
119
        args[0] = password;
120
        args[1] = user;
121
        nargs = 2;
122
    } 
123
    else {
124
        args[0] = user;
125
        nargs = 1;
126
    } 
127
    if (apr_dbd_pselect(dbd->driver, r->pool, dbd->handle, &res, statement,
128
                              0, nargs, args) != 0) {
117
        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
129
        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
118
                      "Error looking up %s in database", user);
130
                      "Error looking up %s in database", user);
119
        return AUTH_GENERAL_ERROR;
131
        return AUTH_GENERAL_ERROR;
Lines 161-166 Link Here
161
    if (!dbd_password) {
173
    if (!dbd_password) {
162
        return AUTH_USER_NOT_FOUND;
174
        return AUTH_USER_NOT_FOUND;
163
    }
175
    }
176
    if (conf->validate) 
177
        /* any non-zero number or "T" or "TRUE" (case-insensitive) for OK */
178
        return (   *dbd_password == 't' || *dbd_password == 'T'
179
                ||  atoi(dbd_password)
180
                || !apr_strnatcasecmp(dbd_password, "TRUE") 
181
                ) ? AUTH_GRANTED : AUTH_DENIED;
164
182
165
    rv = apr_password_validate(password, dbd_password);
183
    rv = apr_password_validate(password, dbd_password);
166
184

Return to bug 44578