Attachment #31861 for bug #56794

View | Details | Raw Unified | Return to bug 56794
Collapse All | Expand All




typedef struct {
    const char *user;
    const char *realm;
    const char *auth;
} authn_dbd_conf;
typedef struct {
    const char *label;

    if (authn_cache_store != NULL) \
        authn_cache_store((r), "dbd", (user), (realm), (data))


static void *authn_dbd_cr_conf(apr_pool_t *pool, char *dummy)
{
    authn_dbd_conf *ret = apr_pcalloc(pool, sizeof(authn_dbd_conf));

    authn_dbd_conf *ret = apr_palloc(pool, sizeof(authn_dbd_conf));
    ret->user = (add->user == NULL) ? base->user : add->user;
    ret->realm = (add->realm == NULL) ? base->realm : add->realm;
    ret->auth = (add->auth == NULL) ? base->auth : add->auth;
    return ret;
}
static const char *authn_dbd_prepare(cmd_parms *cmd, void *cfg, const char *query)

    if (err)
        return err;


    if (authn_dbd_prepare_fn == NULL) {
        authn_dbd_prepare_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_prepare);
        if (authn_dbd_prepare_fn == NULL) {

    AP_INIT_TAKE1("AuthDBDUserRealmQuery", authn_dbd_prepare,
                  (void *)APR_OFFSETOF(authn_dbd_conf, realm), ACCESS_CONF,
                  "Query used to fetch password for user+realm"),
    AP_INIT_TAKE1("AuthDBDFullAuthQuery", authn_dbd_prepare,
                  (void *)APR_OFFSETOF(authn_dbd_conf, auth), ACCESS_CONF,
                  "Query used to check auth for a user+password"),
    {NULL}
};
static authn_status authn_dbd_password(request_rec *r, const char *user,

        return AUTH_GENERAL_ERROR;
    }

    if (conf->user == NULL && conf->auth == NULL) {
        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01654)
                      "No AuthDBDUserPWQuery or AuthDBDFullAuthQuery has been specified");
        return AUTH_GENERAL_ERROR;
    }

    statement = apr_hash_get(dbd->prepared,
        conf->user != NULL ? conf->user : conf->auth,
        APR_HASH_KEY_STRING);
    if (statement == NULL) {
        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01655)
                      "A prepared statement could not be found for "
                      "AuthDBDUserPWQuery or AuthDBDFullAuthQuery with the key '%s'",
                      conf->user);
        return AUTH_GENERAL_ERROR;
    }
    if ((ret = apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res,
                                statement, 0, user, password, NULL) != 0)) {
        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01656)
                      "Query execution error looking up '%s' "
                      "in database [%s]",

    if (!dbd_password) {
        return AUTH_USER_NOT_FOUND;
    }

    AUTHN_CACHE_STORE(r, user, NULL, dbd_password);

    rv = ap_password_validate(r, user, password, dbd_password);

        return AUTH_DENIED;
    }

    if (conf->user != NULL) {
        rv = apr_password_validate(password, dbd_password);
        if (rv != APR_SUCCESS) {
            return AUTH_DENIED;
        }
    } // else conf->auth and we get a db_password then we've passed

    return AUTH_GRANTED;
}
static authn_status authn_dbd_realm(request_rec *r, const char *user,

        return AUTH_USER_NOT_FOUND;
    }
    AUTHN_CACHE_STORE(r, user, realm, dbd_hash);

    *rethash = apr_pstrdup(r->pool, dbd_hash);
    return AUTH_USER_FOUND;
}

Return to bug 56794

Lines 32-37 module AP_MODULE_DECLARE_DATA authn_dbd_module; Link Here

(-)a/mod_authn_dbd.c (-5 / +24 lines)
32	typedef struct {	32	typedef struct {
33	const char *user;	33	const char *user;
34	const char *realm;	34	const char *realm;
		35	const char *auth;
35	} authn_dbd_conf;	36	} authn_dbd_conf;
36	typedef struct {	37	typedef struct {
37	const char *label;	38	const char *label;
Lines 46-51 static APR_OPTIONAL_FN_TYPE(ap_authn_cache_store) *authn_cache_store = NULL; Link Here
46	if (authn_cache_store != NULL) \	47	if (authn_cache_store != NULL) \
47	authn_cache_store((r), "dbd", (user), (realm), (data))	48	authn_cache_store((r), "dbd", (user), (realm), (data))
48		49
		50
49	static void authn_dbd_cr_conf(apr_pool_t pool, char *dummy)	51	static void authn_dbd_cr_conf(apr_pool_t pool, char *dummy)
50	{	52	{
51	authn_dbd_conf *ret = apr_pcalloc(pool, sizeof(authn_dbd_conf));	53	authn_dbd_conf *ret = apr_pcalloc(pool, sizeof(authn_dbd_conf));
Lines 58-63 static void authn_dbd_merge_conf(apr_pool_t pool, void BASE, void ADD) Link Here
58	authn_dbd_conf *ret = apr_palloc(pool, sizeof(authn_dbd_conf));	60	authn_dbd_conf *ret = apr_palloc(pool, sizeof(authn_dbd_conf));
59	ret->user = (add->user == NULL) ? base->user : add->user;	61	ret->user = (add->user == NULL) ? base->user : add->user;
60	ret->realm = (add->realm == NULL) ? base->realm : add->realm;	62	ret->realm = (add->realm == NULL) ? base->realm : add->realm;
		63	ret->auth = (add->auth == NULL) ? base->auth : add->auth;
61	return ret;	64	return ret;
62	}	65	}
63	static const char authn_dbd_prepare(cmd_parms cmd, void cfg, const char query)	66	static const char authn_dbd_prepare(cmd_parms cmd, void cfg, const char query)
Lines 68-73 static const char authn_dbd_prepare(cmd_parms cmd, void cfg, const char quer Link Here
68	if (err)	71	if (err)
69	return err;	72	return err;
70		73
		74
71	if (authn_dbd_prepare_fn == NULL) {	75	if (authn_dbd_prepare_fn == NULL) {
72	authn_dbd_prepare_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_prepare);	76	authn_dbd_prepare_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_prepare);
73	if (authn_dbd_prepare_fn == NULL) {	77	if (authn_dbd_prepare_fn == NULL) {
Lines 90-95 static const command_rec authn_dbd_cmds[] = Link Here
90	AP_INIT_TAKE1("AuthDBDUserRealmQuery", authn_dbd_prepare,	94	AP_INIT_TAKE1("AuthDBDUserRealmQuery", authn_dbd_prepare,
91	(void *)APR_OFFSETOF(authn_dbd_conf, realm), ACCESS_CONF,	95	(void *)APR_OFFSETOF(authn_dbd_conf, realm), ACCESS_CONF,
92	"Query used to fetch password for user+realm"),	96	"Query used to fetch password for user+realm"),
		97	AP_INIT_TAKE1("AuthDBDFullAuthQuery", authn_dbd_prepare,
		98	(void *)APR_OFFSETOF(authn_dbd_conf, auth), ACCESS_CONF,
		99	"Query used to check auth for a user+password"),
93	{NULL}	100	{NULL}
94	};	101	};
95	static authn_status authn_dbd_password(request_rec r, const char user,	102	static authn_status authn_dbd_password(request_rec r, const char user,
Lines 112-132 static authn_status authn_dbd_password(request_rec r, const char user, Link Here
112	return AUTH_GENERAL_ERROR;	119	return AUTH_GENERAL_ERROR;
113	}	120	}
114		121
115	if (conf->user == NULL) {	122	if (conf->user == NULL && conf->auth == NULL) {
116	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01654)	123	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01654)
117	"No AuthDBDUserPWQuery has been specified");	124	"No AuthDBDUserPWQuery or AuthDBDFullAuthQuery has been specified");
118	return AUTH_GENERAL_ERROR;	125	return AUTH_GENERAL_ERROR;
119	}	126	}
120		127
121	statement = apr_hash_get(dbd->prepared, conf->user, APR_HASH_KEY_STRING);	128	statement = apr_hash_get(dbd->prepared,
		129	conf->user != NULL ? conf->user : conf->auth,
		130	APR_HASH_KEY_STRING);
122	if (statement == NULL) {	131	if (statement == NULL) {
123	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01655)	132	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01655)
124	"A prepared statement could not be found for "	133	"A prepared statement could not be found for "
125	"AuthDBDUserPWQuery with the key '%s'", conf->user);	134	"AuthDBDUserPWQuery or AuthDBDFullAuthQuery with the key '%s'",
		135	conf->user);
126	return AUTH_GENERAL_ERROR;	136	return AUTH_GENERAL_ERROR;
127	}	137	}
128	if ((ret = apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res,	138	if ((ret = apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res,
129	statement, 0, user, NULL) != 0)) {	139	statement, 0, user, password, NULL) != 0)) {
130	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01656)	140	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01656)
131	"Query execution error looking up '%s' "	141	"Query execution error looking up '%s' "
132	"in database [%s]",	142	"in database [%s]",
Lines 177-182 static authn_status authn_dbd_password(request_rec r, const char user, Link Here
177	if (!dbd_password) {	187	if (!dbd_password) {
178	return AUTH_USER_NOT_FOUND;	188	return AUTH_USER_NOT_FOUND;
179	}	189	}
		190
180	AUTHN_CACHE_STORE(r, user, NULL, dbd_password);	191	AUTHN_CACHE_STORE(r, user, NULL, dbd_password);
181		192
182	rv = ap_password_validate(r, user, password, dbd_password);	193	rv = ap_password_validate(r, user, password, dbd_password);
Lines 185-190 static authn_status authn_dbd_password(request_rec r, const char user, Link Here
185	return AUTH_DENIED;	196	return AUTH_DENIED;
186	}	197	}
187		198
		199	if (conf->user != NULL) {
		200	rv = apr_password_validate(password, dbd_password);
		201	if (rv != APR_SUCCESS) {
		202	return AUTH_DENIED;
		203	}
		204	} // else conf->auth and we get a db_password then we've passed
		205
188	return AUTH_GRANTED;	206	return AUTH_GRANTED;
189	}	207	}
190	static authn_status authn_dbd_realm(request_rec r, const char user,	208	static authn_status authn_dbd_realm(request_rec r, const char user,
Lines 272-277 static authn_status authn_dbd_realm(request_rec r, const char user, Link Here
272	return AUTH_USER_NOT_FOUND;	290	return AUTH_USER_NOT_FOUND;
273	}	291	}
274	AUTHN_CACHE_STORE(r, user, realm, dbd_hash);	292	AUTHN_CACHE_STORE(r, user, realm, dbd_hash);
		293
275	*rethash = apr_pstrdup(r->pool, dbd_hash);	294	*rethash = apr_pstrdup(r->pool, dbd_hash);
276	return AUTH_USER_FOUND;	295	return AUTH_USER_FOUND;
277	}	296	}