You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by Randy Terbush <ra...@hyperreal.com> on 1997/01/20 07:30:41 UTC
cvs commit: apache/src mod_auth_msql.c
randy 97/01/19 22:30:41
Modified: src mod_auth_msql.c
Log:
MAX_STRING_LENGTH -> MAX_STRING_LEN
Revision Changes Path
1.19 +21 -21 apache/src/mod_auth_msql.c
Index: mod_auth_msql.c
===================================================================
RCS file: /export/home/cvs/apache/src/mod_auth_msql.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -C3 -r1.18 -r1.19
*** mod_auth_msql.c 1997/01/20 04:28:11 1.18
--- mod_auth_msql.c 1997/01/20 06:30:39 1.19
***************
*** 280,286 ****
* management tool. Added EncryptedPassword on/off functionality.
* msqlClose() statements added upon error. Support for persistent
* connections with the mSQL database (riscy). Escaping of ' and \.
! * Replaced some MAX_STRING_LENGTH claims.
* 1.0 removed some error check as they where already done elsehwere
* NumFields -> NumRows (Thanks Vitek). More stack memory.
* 1.1 no logging of empty password strings.
--- 280,286 ----
* management tool. Added EncryptedPassword on/off functionality.
* msqlClose() statements added upon error. Support for persistent
* connections with the mSQL database (riscy). Escaping of ' and \.
! * Replaced some MAX_STRING_LEN claims.
* 1.0 removed some error check as they where already done elsehwere
* NumFields -> NumRows (Thanks Vitek). More stack memory.
* 1.1 no logging of empty password strings.
***************
*** 560,566 ****
/* does this fit ? */
if (j >= (MAX_FIELD_LEN-1)) {
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH,
"Could not escape '%s', longer than %d",in,MAX_FIELD_LEN);
return NULL;
};
--- 560,566 ----
/* does this fit ? */
if (j >= (MAX_FIELD_LEN-1)) {
! ap_snprintf(msql_errstr, MAX_STRING_LEN,
"Could not escape '%s', longer than %d",in,MAX_FIELD_LEN);
return NULL;
};
***************
*** 602,608 ****
/* (re) open if nessecary
*/
if (sock==-1) if ((sock=msqlConnect(host)) == -1) {
! ap_snprintf (msql_errstr, MAX_STRING_LENGTH,
"mSQL: Could not connect to Msql DB %s (%s)",
(sec->auth_msql_host ? sec->auth_msql_host : "\'unset, assuming localhost!\'"),
msqlErrMsg);
--- 602,608 ----
/* (re) open if nessecary
*/
if (sock==-1) if ((sock=msqlConnect(host)) == -1) {
! ap_snprintf (msql_errstr, MAX_STRING_LEN,
"mSQL: Could not connect to Msql DB %s (%s)",
(sec->auth_msql_host ? sec->auth_msql_host : "\'unset, assuming localhost!\'"),
msqlErrMsg);
***************
*** 613,619 ****
* and is quite cheap anyway
*/
if (msqlSelectDB(sock,sec->auth_msql_database) == -1 ) {
! ap_snprintf (msql_errstr, MAX_STRING_LENGTH,
"mSQL: Could not select Msql Table \'%s\' on host \'%s\'(%s)",
(sec->auth_msql_database ? sec->auth_msql_database : "\'unset!\'"),
(sec->auth_msql_host ? sec->auth_msql_host : "\'unset, assuming localhost!\'"),
--- 613,619 ----
* and is quite cheap anyway
*/
if (msqlSelectDB(sock,sec->auth_msql_database) == -1 ) {
! ap_snprintf (msql_errstr, MAX_STRING_LEN,
"mSQL: Could not select Msql Table \'%s\' on host \'%s\'(%s)",
(sec->auth_msql_database ? sec->auth_msql_database : "\'unset!\'"),
(sec->auth_msql_host ? sec->auth_msql_host : "\'unset, assuming localhost!\'"),
***************
*** 624,630 ****
}
if (msqlQuery(sock,query) == -1 ) {
! ap_snprintf (msql_errstr, MAX_STRING_LENGTH,
"mSQL: Could not Query database '%s' on host '%s' (%s) with query [%s]",
(sec->auth_msql_database ? sec->auth_msql_database : "\'unset!\'"),
(sec->auth_msql_host ? sec->auth_msql_host : "\'unset, assuming localhost!\'"),
--- 624,630 ----
}
if (msqlQuery(sock,query) == -1 ) {
! ap_snprintf (msql_errstr, MAX_STRING_LEN,
"mSQL: Could not Query database '%s' on host '%s' (%s) with query [%s]",
(sec->auth_msql_database ? sec->auth_msql_database : "\'unset!\'"),
(sec->auth_msql_host ? sec->auth_msql_host : "\'unset, assuming localhost!\'"),
***************
*** 636,642 ****
}
if (!(results=msqlStoreResult())) {
! ap_snprintf (msql_errstr, MAX_STRING_LENGTH,
"mSQL: Could not get the results from mSQL database \'%s\' on \'%s\' (%s) with query [%s]",
(sec->auth_msql_database ? sec->auth_msql_database : "\'unset!\'"),
(sec->auth_msql_host ? sec->auth_msql_host : "\'unset, assuming localhost!\'"),
--- 636,642 ----
}
if (!(results=msqlStoreResult())) {
! ap_snprintf (msql_errstr, MAX_STRING_LEN,
"mSQL: Could not get the results from mSQL database \'%s\' on \'%s\' (%s) with query [%s]",
(sec->auth_msql_database ? sec->auth_msql_database : "\'unset!\'"),
(sec->auth_msql_host ? sec->auth_msql_host : "\'unset, assuming localhost!\'"),
***************
*** 653,659 ****
/* complain if there are to many
* matches.
*/
! ap_snprintf (msql_errstr, MAX_STRING_LENGTH,
"mSQL: More than %d matches (%d) whith query [%s]",
once,hit,( query ? query : "\'unset!\'") );
} else
--- 653,659 ----
/* complain if there are to many
* matches.
*/
! ap_snprintf (msql_errstr, MAX_STRING_LEN,
"mSQL: More than %d matches (%d) whith query [%s]",
once,hit,( query ? query : "\'unset!\'") );
} else
***************
*** 663,669 ****
if ( (currow=msqlFetchRow(results)) != NULL) {
/* copy the first matching field value */
if (!(result=palloc(r->pool,strlen(currow[0])+1))) {
! ap_snprintf (msql_errstr, MAX_STRING_LENGTH,
"mSQL: Could not get memory for mSQL %s (%s) with [%s]",
(sec->auth_msql_database ? sec->auth_msql_database : "\'unset!\'"),
msqlErrMsg,
--- 663,669 ----
if ( (currow=msqlFetchRow(results)) != NULL) {
/* copy the first matching field value */
if (!(result=palloc(r->pool,strlen(currow[0])+1))) {
! ap_snprintf (msql_errstr, MAX_STRING_LEN,
"mSQL: Could not get memory for mSQL %s (%s) with [%s]",
(sec->auth_msql_database ? sec->auth_msql_database : "\'unset!\'"),
msqlErrMsg,
***************
*** 701,707 ****
(!sec->auth_msql_pwd_field) ||
(!sec->auth_msql_uname_field)
) {
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH,
"mSQL: Missing parameters for password lookup: %s%s%s",
(sec->auth_msql_pwd_table ? "" : "Password table "),
(sec->auth_msql_pwd_field ? "" : "Password field name "),
--- 701,707 ----
(!sec->auth_msql_pwd_field) ||
(!sec->auth_msql_uname_field)
) {
! ap_snprintf(msql_errstr, MAX_STRING_LEN,
"mSQL: Missing parameters for password lookup: %s%s%s",
(sec->auth_msql_pwd_table ? "" : "Password table "),
(sec->auth_msql_pwd_field ? "" : "Password field name "),
***************
*** 711,717 ****
};
if (!(msql_escape(esc_user, user, msql_errstr))) {
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH,
"mSQL: Could not cope/escape the '%s' user_id value; ",user);
return NULL;
};
--- 711,717 ----
};
if (!(msql_escape(esc_user, user, msql_errstr))) {
! ap_snprintf(msql_errstr, MAX_STRING_LEN,
"mSQL: Could not cope/escape the '%s' user_id value; ",user);
return NULL;
};
***************
*** 738,744 ****
(!sec->auth_msql_grp_field) ||
(!sec->auth_msql_uname_field)
) {
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH,
"mSQL: Missing parameters for group lookup: %s%s%s",
(sec->auth_msql_grp_table ? "" : "Group table "),
(sec->auth_msql_grp_field ? "" : "GroupID field name "),
--- 738,744 ----
(!sec->auth_msql_grp_field) ||
(!sec->auth_msql_uname_field)
) {
! ap_snprintf(msql_errstr, MAX_STRING_LEN,
"mSQL: Missing parameters for group lookup: %s%s%s",
(sec->auth_msql_grp_table ? "" : "Group table "),
(sec->auth_msql_grp_field ? "" : "GroupID field name "),
***************
*** 748,760 ****
};
if (!(msql_escape(esc_user, user,msql_errstr))) {
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH,
"mSQL: Could not cope/escape the '%s' user_id value",user);
return NULL;
};
if (!(msql_escape(esc_group, group,msql_errstr))) {
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH,
"mSQL: Could not cope/escape the '%s' group_id value",group);
return NULL;
--- 748,760 ----
};
if (!(msql_escape(esc_user, user,msql_errstr))) {
! ap_snprintf(msql_errstr, MAX_STRING_LEN,
"mSQL: Could not cope/escape the '%s' user_id value",user);
return NULL;
};
if (!(msql_escape(esc_group, group,msql_errstr))) {
! ap_snprintf(msql_errstr, MAX_STRING_LEN,
"mSQL: Could not cope/escape the '%s' group_id value",group);
return NULL;
***************
*** 806,812 ****
if (sec->auth_msql_authoritative) {
/* insist that the user is in the database
*/
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH,
"mSQL: Password for user %s not found", c->user);
note_basic_auth_failure (r);
res = AUTH_REQUIRED;
--- 806,812 ----
if (sec->auth_msql_authoritative) {
/* insist that the user is in the database
*/
! ap_snprintf(msql_errstr, MAX_STRING_LEN,
"mSQL: Password for user %s not found", c->user);
note_basic_auth_failure (r);
res = AUTH_REQUIRED;
***************
*** 826,832 ****
if ((sec->auth_msql_nopasswd) && (!strlen(real_pw))) {
/*
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH,
"mSQL: user %s: Empty/'any' password accepted",c->user);
log_reason (msql_errstr, r->uri, r);
*/
--- 826,832 ----
if ((sec->auth_msql_nopasswd) && (!strlen(real_pw))) {
/*
! ap_snprintf(msql_errstr, MAX_STRING_LEN,
"mSQL: user %s: Empty/'any' password accepted",c->user);
log_reason (msql_errstr, r->uri, r);
*/
***************
*** 837,843 ****
* an arms length.
*/
if ((!strlen(real_pw)) || (!strlen(sent_pw))) {
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH,
"mSQL: user %s: Empty Password(s) Rejected",c->user);
log_reason (msql_errstr, r->uri, r);
note_basic_auth_failure (r);
--- 837,843 ----
* an arms length.
*/
if ((!strlen(real_pw)) || (!strlen(sent_pw))) {
! ap_snprintf(msql_errstr, MAX_STRING_LEN,
"mSQL: user %s: Empty Password(s) Rejected",c->user);
log_reason (msql_errstr, r->uri, r);
note_basic_auth_failure (r);
***************
*** 856,862 ****
};
if (strcmp(real_pw,sent_pw)) {
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH,
"mSQL user %s: password mismatch",c->user);
log_reason (msql_errstr, r->uri, r);
note_basic_auth_failure (r);
--- 856,862 ----
};
if (strcmp(real_pw,sent_pw)) {
! ap_snprintf(msql_errstr, MAX_STRING_LEN,
"mSQL user %s: password mismatch",c->user);
log_reason (msql_errstr, r->uri, r);
note_basic_auth_failure (r);
***************
*** 891,897 ****
if (!reqs_arr) {
if (sec->auth_msql_authoritative) {
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH, "user %s denied, no access rules specified (MSQL-Authoritative) ",user);
log_reason (msql_errstr, r->uri, r);
note_basic_auth_failure(r);
return AUTH_REQUIRED;
--- 891,897 ----
if (!reqs_arr) {
if (sec->auth_msql_authoritative) {
! ap_snprintf(msql_errstr, MAX_STRING_LEN, "user %s denied, no access rules specified (MSQL-Authoritative) ",user);
log_reason (msql_errstr, r->uri, r);
note_basic_auth_failure(r);
return AUTH_REQUIRED;
***************
*** 916,922 ****
};
}
if ((sec->auth_msql_authoritative) && ( user_result != OK)) {
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH, "User %s not found (MSQL-Auhtorative)",user);
log_reason (msql_errstr, r->uri, r);
note_basic_auth_failure(r);
return AUTH_REQUIRED;
--- 916,922 ----
};
}
if ((sec->auth_msql_authoritative) && ( user_result != OK)) {
! ap_snprintf(msql_errstr, MAX_STRING_LEN, "User %s not found (MSQL-Auhtorative)",user);
log_reason (msql_errstr, r->uri, r);
note_basic_auth_failure(r);
return AUTH_REQUIRED;
***************
*** 944,950 ****
};
if ( (sec->auth_msql_authoritative) && (group_result != OK) ) {
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH, "user %s not in right groups (MSQL-Authoritative) ",user);
log_reason (msql_errstr, r->uri, r);
note_basic_auth_failure(r);
return AUTH_REQUIRED;
--- 944,950 ----
};
if ( (sec->auth_msql_authoritative) && (group_result != OK) ) {
! ap_snprintf(msql_errstr, MAX_STRING_LEN, "user %s not in right groups (MSQL-Authoritative) ",user);
log_reason (msql_errstr, r->uri, r);
note_basic_auth_failure(r);
return AUTH_REQUIRED;
***************
*** 961,967 ****
* This really is not needed.
*/
if (((group_result == AUTH_REQUIRED) || (user_result == AUTH_REQUIRED)) && (sec->auth_msql_authoritative) ) {
! ap_snprintf(msql_errstr, MAX_STRING_LENGTH, "mSQL-Authoritative: Access denied on %s %s rule(s) ",
(group_result == AUTH_REQUIRED) ? "USER" : "",
(user_result == AUTH_REQUIRED) ? "GROUP" : ""
);
--- 961,967 ----
* This really is not needed.
*/
if (((group_result == AUTH_REQUIRED) || (user_result == AUTH_REQUIRED)) && (sec->auth_msql_authoritative) ) {
! ap_snprintf(msql_errstr, MAX_STRING_LEN, "mSQL-Authoritative: Access denied on %s %s rule(s) ",
(group_result == AUTH_REQUIRED) ? "USER" : "",
(user_result == AUTH_REQUIRED) ? "GROUP" : ""
);