View | Details | Raw Unified | Return to bug 45584
Collapse All | Expand All

(-)./modules/aaa/mod_authnz_ldap.c.debian-orig (-21 / +32 lines)
Lines 318-323 Link Here
318
    return APR_SUCCESS;
318
    return APR_SUCCESS;
319
}
319
}
320
320
321
/* add environment variables */
322
static int /* remote_user_attribute_set */
323
authnz_ldap_set_environment(request_rec *r, authn_ldap_config_t *sec,
324
                            const char **vals)
325
{
326
    int remote_user_attribute_set = 0;
327
328
    if (sec->attributes && vals) {
329
        apr_table_t *e = r->subprocess_env;
330
        int i = 0;
331
        while (sec->attributes[i]) {
332
            char *str = apr_pstrcat(r->pool, AUTHN_PREFIX, sec->attributes[i], NULL);
333
            int j = sizeof(AUTHN_PREFIX)-1; /* string length of "AUTHENTICATE_", excluding the trailing NIL */
334
            while (str[j]) {
335
                str[j] = apr_toupper(str[j]);
336
                j++;
337
            }
338
            apr_table_setn(e, str, vals[i]);
339
340
            /* handle remote_user_attribute, if set */
341
            if (sec->remote_user_attribute && 
342
                !strcmp(sec->remote_user_attribute, sec->attributes[i])) {
343
                r->user = (char *)apr_pstrdup(r->pool, vals[i]);
344
                remote_user_attribute_set = 1;
345
            }
346
            i++;
347
        }
348
    }
349
    return remote_user_attribute_set;
350
}
321
351
322
/*
352
/*
323
 * Authentication Phase
353
 * Authentication Phase
Lines 438-464 Link Here
438
    }
468
    }
439
469
440
    /* add environment variables */
470
    /* add environment variables */
441
    if (sec->attributes && vals) {
471
    remote_user_attribute_set |= authnz_ldap_set_environment(r, sec, vals);
442
        apr_table_t *e = r->subprocess_env;
443
        int i = 0;
444
        while (sec->attributes[i]) {
445
            char *str = apr_pstrcat(r->pool, AUTHN_PREFIX, sec->attributes[i], NULL);
446
            int j = sizeof(AUTHN_PREFIX)-1; /* string length of "AUTHENTICATE_", excluding the trailing NIL */
447
            while (str[j]) {
448
                str[j] = apr_toupper(str[j]);
449
                j++;
450
            }
451
            apr_table_setn(e, str, vals[i]);
452
453
            /* handle remote_user_attribute, if set */
454
            if (sec->remote_user_attribute && 
455
                !strcmp(sec->remote_user_attribute, sec->attributes[i])) {
456
                r->user = (char *)apr_pstrdup(r->pool, vals[i]);
457
                remote_user_attribute_set = 1;
458
            }
459
            i++;
460
        }
461
    }
462
472
463
    /* sanity check */
473
    /* sanity check */
464
    if (sec->remote_user_attribute && !remote_user_attribute_set) {
474
    if (sec->remote_user_attribute && !remote_user_attribute_set) {
Lines 596-601 Link Here
596
            return sec->auth_authoritative? HTTP_UNAUTHORIZED : DECLINED;
606
            return sec->auth_authoritative? HTTP_UNAUTHORIZED : DECLINED;
597
        }
607
        }
598
608
609
        authnz_ldap_set_environment(r, sec, vals);
599
        req = (authn_ldap_request_t *)apr_pcalloc(r->pool,
610
        req = (authn_ldap_request_t *)apr_pcalloc(r->pool,
600
            sizeof(authn_ldap_request_t));
611
            sizeof(authn_ldap_request_t));
601
        ap_set_module_config(r->request_config, &authnz_ldap_module, req);
612
        ap_set_module_config(r->request_config, &authnz_ldap_module, req);

Return to bug 45584