Lines 32-37
module AP_MODULE_DECLARE_DATA authn_dbd_module;
Link Here
|
32 |
typedef struct { |
32 |
typedef struct { |
33 |
const char *user; |
33 |
const char *user; |
34 |
const char *realm; |
34 |
const char *realm; |
|
|
35 |
const char *auth; |
35 |
} authn_dbd_conf; |
36 |
} authn_dbd_conf; |
36 |
typedef struct { |
37 |
typedef struct { |
37 |
const char *label; |
38 |
const char *label; |
Lines 46-51
static APR_OPTIONAL_FN_TYPE(ap_authn_cache_store) *authn_cache_store = NULL;
Link Here
|
46 |
if (authn_cache_store != NULL) \ |
47 |
if (authn_cache_store != NULL) \ |
47 |
authn_cache_store((r), "dbd", (user), (realm), (data)) |
48 |
authn_cache_store((r), "dbd", (user), (realm), (data)) |
48 |
|
49 |
|
|
|
50 |
|
49 |
static void *authn_dbd_cr_conf(apr_pool_t *pool, char *dummy) |
51 |
static void *authn_dbd_cr_conf(apr_pool_t *pool, char *dummy) |
50 |
{ |
52 |
{ |
51 |
authn_dbd_conf *ret = apr_pcalloc(pool, sizeof(authn_dbd_conf)); |
53 |
authn_dbd_conf *ret = apr_pcalloc(pool, sizeof(authn_dbd_conf)); |
Lines 58-63
static void *authn_dbd_merge_conf(apr_pool_t *pool, void *BASE, void *ADD)
Link Here
|
58 |
authn_dbd_conf *ret = apr_palloc(pool, sizeof(authn_dbd_conf)); |
60 |
authn_dbd_conf *ret = apr_palloc(pool, sizeof(authn_dbd_conf)); |
59 |
ret->user = (add->user == NULL) ? base->user : add->user; |
61 |
ret->user = (add->user == NULL) ? base->user : add->user; |
60 |
ret->realm = (add->realm == NULL) ? base->realm : add->realm; |
62 |
ret->realm = (add->realm == NULL) ? base->realm : add->realm; |
|
|
63 |
ret->auth = (add->auth == NULL) ? base->auth : add->auth; |
61 |
return ret; |
64 |
return ret; |
62 |
} |
65 |
} |
63 |
static const char *authn_dbd_prepare(cmd_parms *cmd, void *cfg, const char *query) |
66 |
static const char *authn_dbd_prepare(cmd_parms *cmd, void *cfg, const char *query) |
Lines 68-73
static const char *authn_dbd_prepare(cmd_parms *cmd, void *cfg, const char *quer
Link Here
|
68 |
if (err) |
71 |
if (err) |
69 |
return err; |
72 |
return err; |
70 |
|
73 |
|
|
|
74 |
|
71 |
if (authn_dbd_prepare_fn == NULL) { |
75 |
if (authn_dbd_prepare_fn == NULL) { |
72 |
authn_dbd_prepare_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_prepare); |
76 |
authn_dbd_prepare_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_prepare); |
73 |
if (authn_dbd_prepare_fn == NULL) { |
77 |
if (authn_dbd_prepare_fn == NULL) { |
Lines 90-95
static const command_rec authn_dbd_cmds[] =
Link Here
|
90 |
AP_INIT_TAKE1("AuthDBDUserRealmQuery", authn_dbd_prepare, |
94 |
AP_INIT_TAKE1("AuthDBDUserRealmQuery", authn_dbd_prepare, |
91 |
(void *)APR_OFFSETOF(authn_dbd_conf, realm), ACCESS_CONF, |
95 |
(void *)APR_OFFSETOF(authn_dbd_conf, realm), ACCESS_CONF, |
92 |
"Query used to fetch password for user+realm"), |
96 |
"Query used to fetch password for user+realm"), |
|
|
97 |
AP_INIT_TAKE1("AuthDBDFullAuthQuery", authn_dbd_prepare, |
98 |
(void *)APR_OFFSETOF(authn_dbd_conf, auth), ACCESS_CONF, |
99 |
"Query used to check auth for a user+password"), |
93 |
{NULL} |
100 |
{NULL} |
94 |
}; |
101 |
}; |
95 |
static authn_status authn_dbd_password(request_rec *r, const char *user, |
102 |
static authn_status authn_dbd_password(request_rec *r, const char *user, |
Lines 112-132
static authn_status authn_dbd_password(request_rec *r, const char *user,
Link Here
|
112 |
return AUTH_GENERAL_ERROR; |
119 |
return AUTH_GENERAL_ERROR; |
113 |
} |
120 |
} |
114 |
|
121 |
|
115 |
if (conf->user == NULL) { |
122 |
if (conf->user == NULL && conf->auth == NULL) { |
116 |
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01654) |
123 |
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01654) |
117 |
"No AuthDBDUserPWQuery has been specified"); |
124 |
"No AuthDBDUserPWQuery or AuthDBDFullAuthQuery has been specified"); |
118 |
return AUTH_GENERAL_ERROR; |
125 |
return AUTH_GENERAL_ERROR; |
119 |
} |
126 |
} |
120 |
|
127 |
|
121 |
statement = apr_hash_get(dbd->prepared, conf->user, APR_HASH_KEY_STRING); |
128 |
statement = apr_hash_get(dbd->prepared, |
|
|
129 |
conf->user != NULL ? conf->user : conf->auth, |
130 |
APR_HASH_KEY_STRING); |
122 |
if (statement == NULL) { |
131 |
if (statement == NULL) { |
123 |
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01655) |
132 |
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01655) |
124 |
"A prepared statement could not be found for " |
133 |
"A prepared statement could not be found for " |
125 |
"AuthDBDUserPWQuery with the key '%s'", conf->user); |
134 |
"AuthDBDUserPWQuery or AuthDBDFullAuthQuery with the key '%s'", |
|
|
135 |
conf->user); |
126 |
return AUTH_GENERAL_ERROR; |
136 |
return AUTH_GENERAL_ERROR; |
127 |
} |
137 |
} |
128 |
if ((ret = apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, |
138 |
if ((ret = apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, |
129 |
statement, 0, user, NULL) != 0)) { |
139 |
statement, 0, user, password, NULL) != 0)) { |
130 |
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01656) |
140 |
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01656) |
131 |
"Query execution error looking up '%s' " |
141 |
"Query execution error looking up '%s' " |
132 |
"in database [%s]", |
142 |
"in database [%s]", |
Lines 177-182
static authn_status authn_dbd_password(request_rec *r, const char *user,
Link Here
|
177 |
if (!dbd_password) { |
187 |
if (!dbd_password) { |
178 |
return AUTH_USER_NOT_FOUND; |
188 |
return AUTH_USER_NOT_FOUND; |
179 |
} |
189 |
} |
|
|
190 |
|
180 |
AUTHN_CACHE_STORE(r, user, NULL, dbd_password); |
191 |
AUTHN_CACHE_STORE(r, user, NULL, dbd_password); |
181 |
|
192 |
|
182 |
rv = ap_password_validate(r, user, password, dbd_password); |
193 |
rv = ap_password_validate(r, user, password, dbd_password); |
Lines 185-190
static authn_status authn_dbd_password(request_rec *r, const char *user,
Link Here
|
185 |
return AUTH_DENIED; |
196 |
return AUTH_DENIED; |
186 |
} |
197 |
} |
187 |
|
198 |
|
|
|
199 |
if (conf->user != NULL) { |
200 |
rv = apr_password_validate(password, dbd_password); |
201 |
if (rv != APR_SUCCESS) { |
202 |
return AUTH_DENIED; |
203 |
} |
204 |
} // else conf->auth and we get a db_password then we've passed |
205 |
|
188 |
return AUTH_GRANTED; |
206 |
return AUTH_GRANTED; |
189 |
} |
207 |
} |
190 |
static authn_status authn_dbd_realm(request_rec *r, const char *user, |
208 |
static authn_status authn_dbd_realm(request_rec *r, const char *user, |
Lines 272-277
static authn_status authn_dbd_realm(request_rec *r, const char *user,
Link Here
|
272 |
return AUTH_USER_NOT_FOUND; |
290 |
return AUTH_USER_NOT_FOUND; |
273 |
} |
291 |
} |
274 |
AUTHN_CACHE_STORE(r, user, realm, dbd_hash); |
292 |
AUTHN_CACHE_STORE(r, user, realm, dbd_hash); |
|
|
293 |
|
275 |
*rethash = apr_pstrdup(r->pool, dbd_hash); |
294 |
*rethash = apr_pstrdup(r->pool, dbd_hash); |
276 |
return AUTH_USER_FOUND; |
295 |
return AUTH_USER_FOUND; |
277 |
} |
296 |
} |