You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by living liquid | Christian Meisinger <c....@livingliquid.com> on 2008/06/03 09:34:21 UTC
[users@httpd] Request Filter
i try to write a filter which can block request.
i copied and modified mod_authn_dbd which has already some SQL stuff.
my problem is that i can't get any configuration settings.
WHATEVERRequestConfig->ipCheck should be a string to a SQL query.
WHATEVERIPCheckPrepare() is called.
however in WHATEVERRequest() ipCheck is NULL
??? any ideas
i tried to use <Directory> or <Location> no help.
mod_WHATEVER.c
---------------------------------------------------------------------
/* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* WHATEVER request filer
*/
#include "httpd.h"
#include "http_config.h"
#include "http_core.h"
#include "apr_buckets.h"
#include "apr_general.h"
#include "apr_lib.h"
#include "util_filter.h"
#include "http_request.h"
#include "http_log.h"
#include "apr_lib.h"
#include "apr_dbd.h"
#include "mod_dbd.h"
#include "mod_auth.h"
#include <ctype.h>
/* optional function - look it up once in post_config */
static ap_dbd_t * (*WHATEVER_acquire_fn)(request_rec*) = NULL;
static void (*WHATEVER_prepare_fn)(server_rec*, const char*, const char*) = NULL;
typedef struct
{
int enabled;
char * ipCheck;
} WHATEVERRequestConfig;
static void *WHATEVERRequestDirConfigCreate(apr_pool_t *p, char *dirspec)
{
WHATEVERRequestConfig *conf = (WHATEVERRequestConfig *) apr_pcalloc(p, sizeof(WHATEVERRequestConfig));
conf->enabled = 1;
conf->ipCheck = NULL;
return (void *) conf;
}
static const char *WHATEVERIPCheckPrepare(cmd_parms *cmd, void *conf, const char *query)
{
static unsigned int WHATEVER_num = 0;
if (WHATEVER_prepare_fn == NULL)
{
WHATEVER_prepare_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_prepare);
if (WHATEVER_prepare_fn == NULL)
{
return "You must load mod_dbd to enable AuthDBD functions";
}
WHATEVER_acquire_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_acquire);
}
const char* label = apr_psprintf(cmd->pool, "mod_WHATEVER_%d", ++WHATEVER_num);
WHATEVER_prepare_fn(cmd->server, query, label);
ap_set_string_slot(cmd, conf, label);
WHATEVERRequestConfig *tXRCfg = (WHATEVERRequestConfig *)conf;
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server, "WHATEVERIPCheckPrepare: %s = %s / %s", label, query,
tXRCfg->ipCheck);
/* save the label here for our own use */
return NULL;
}
static const command_rec WHATEVERRequestCmds[] =
{
AP_INIT_FLAG("WHATEVEREnabled", ap_set_flag_slot, (void *)APR_OFFSETOF(WHATEVERRequestConfig, enabled),
OR_AUTHCFG, "Enable WHATEVER filter"),
AP_INIT_TAKE1("WHATEVERIPCheck", WHATEVERIPCheckPrepare, (void *)APR_OFFSETOF(WHATEVERRequestConfig, ipCheck),
OR_AUTHCFG, "Query used to check for a blocked IP"),
{ NULL }
};
module AP_MODULE_DECLARE_DATA WHATEVER_module;
static apr_status_t WHATEVERRequest(request_rec *r)
{
WHATEVERRequestConfig *conf = ap_get_module_config(r->per_dir_config, &WHATEVER_module);
if ( !conf->enabled )
{
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "WHATEVERRequest is disabled %d", conf->enabled);
return DECLINED;
}
apr_dbd_prepared_t *statement;
apr_dbd_results_t *res = NULL;
apr_dbd_row_t *row = NULL;
apr_status_t rv;
// the connection struct is explained at the end of this file
conn_rec *c = r->connection;
apr_pool_t *p = NULL;
if (r != NULL)
{
p = r->pool;
}
else if (c != NULL)
{
p = c->pool;
}
ap_dbd_t *dbd = WHATEVER_acquire_fn(r);
if (dbd == NULL)
{
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "Error looking up %s in database", c->remote_ip);
return AUTH_GENERAL_ERROR;
}
if (conf->ipCheck == NULL)
{
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No WHATEVERIPCheck has been specified.");
return AUTH_GENERAL_ERROR;
}
statement = apr_hash_get(dbd->prepared, conf->ipCheck, APR_HASH_KEY_STRING);
if (statement == NULL)
{
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"A prepared statement could not be found for WHATEVERRequest, key '%s'.", conf->ipCheck);
return AUTH_GENERAL_ERROR;
}
// if (apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement, 0, c->remote_ip, NULL) != 0)
// {
// ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "Error looking up %s in database", c->remote_ip);
// return AUTH_GENERAL_ERROR;
// }
// for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1);
// rv != -1;
// rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1))
// {
// /* we can't break out here or row won't get cleaned up */
// ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "Entry: %s", apr_dbd_get_entry(dbd->driver, row, 0));
// return HTTP_FORBIDDEN;
// }
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "IP '%s' is OK", c->remote_ip);
return OK;
}
static void WHATEVERRequestRegisterHooks(apr_pool_t *p)
{
ap_hook_post_read_request(WHATEVERRequest, NULL, NULL, APR_HOOK_FIRST);
}
module AP_MODULE_DECLARE_DATA WHATEVER_module =
{
STANDARD20_MODULE_STUFF,
WHATEVERRequestDirConfigCreate,
NULL,
NULL,
NULL,
WHATEVERRequestCmds,
WHATEVERRequestRegisterHooks
};
------------------------------------------------------------------------------------------
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Request Filter
Posted by Joshua Slive <jo...@slive.ca>.
On Tue, Jun 3, 2008 at 3:34 AM, living liquid | Christian Meisinger
<c....@livingliquid.com> wrote:
> i try to write a filter which can block request.
> i copied and modified mod_authn_dbd which has already some SQL stuff.
> my problem is that i can't get any configuration settings.
I recommend you try the module developers mailing list, where this
question is more likely to find an answer:
http://httpd.apache.org/lists.html#modules-dev
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org