You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by bn...@apache.org on 2005/12/02 05:16:02 UTC
svn commit: r351573 - in /httpd/httpd/branches/authz-dev:
modules/aaa/mod_auth.h modules/aaa/mod_authz_host.c
modules/aaa/mod_authz_user.c server/core.c
Author: bnicholes
Date: Thu Dec 1 20:15:56 2005
New Revision: 351573
URL: http://svn.apache.org/viewcvs?rev=351573&view=rev
Log:
work out a few more bugs and now it works. Still needs some clean up and the rest of the authz modules need to be converted
Modified:
httpd/httpd/branches/authz-dev/modules/aaa/mod_auth.h
httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_host.c
httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_user.c
httpd/httpd/branches/authz-dev/server/core.c
Modified: httpd/httpd/branches/authz-dev/modules/aaa/mod_auth.h
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/modules/aaa/mod_auth.h?rev=351573&r1=351572&r2=351573&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/modules/aaa/mod_auth.h (original)
+++ httpd/httpd/branches/authz-dev/modules/aaa/mod_auth.h Thu Dec 1 20:15:56 2005
@@ -51,6 +51,13 @@
AUTH_GENERAL_ERROR
} authn_status;
+typedef enum {
+ AUTHZ_DENIED,
+ AUTHZ_DECLINED,
+ AUTHZ_GRANTED,
+ AUTHZ_GENERAL_ERROR
+} authz_status;
+
typedef struct {
/* Given a username and password, expected to return AUTH_GRANTED
* if we can validate this user/password combination.
@@ -78,7 +85,7 @@
/* Given a request_rec, expected to return AUTH_GRANTED
* if we can authorize user access.
*/
- authn_status (*check_authorization)(request_rec *r, apr_int64_t method_mask, const char *require_line);
+ authz_status (*check_authorization)(request_rec *r, apr_int64_t method_mask, const char *require_line);
} authz_provider;
/* A linked-list of authn providers. */
Modified: httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_host.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_host.c?rev=351573&r1=351572&r2=351573&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_host.c (original)
+++ httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_host.c Thu Dec 1 20:15:56 2005
@@ -431,7 +431,7 @@
{
authz_host_dir_conf *conf = ap_get_module_config(r->per_dir_config,
&authz_host_module);
- authn_status auth_result;
+ authz_status auth_result;
authz_provider_list *current_provider;
current_provider = conf->providers;
@@ -448,7 +448,7 @@
if (!provider || !provider->check_authorization) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"No Authz provider configured");
- auth_result = AUTH_GENERAL_ERROR;
+ auth_result = AUTHZ_GENERAL_ERROR;
break;
}
apr_table_setn(r->notes, AUTHZ_PROVIDER_NAME_NOTE, AUTHZ_DEFAULT_PROVIDER);
@@ -464,7 +464,7 @@
apr_table_unset(r->notes, AUTHZ_PROVIDER_NAME_NOTE);
/* Something occured. Stop checking. */
- if (auth_result != AUTH_DENIED) {
+ if (auth_result != AUTHZ_DENIED) {
break;
}
@@ -476,7 +476,7 @@
current_provider = current_provider->next;
} while (current_provider);
- if (auth_result != AUTH_GRANTED) {
+ if (auth_result != AUTHZ_GRANTED) {
int return_code;
/* XXX need to deal with DECLINED vs DENIED. DECLINED may not even
@@ -485,13 +485,13 @@
according to the order and the Authz_xxx_Authoritative directives.
*/
switch (auth_result) {
- case AUTH_DENIED:
+ case AUTHZ_DENIED:
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"user %s: authorization failure for \"%s\": ",
r->user, r->uri);
return_code = HTTP_UNAUTHORIZED;
break;
- case AUTH_GENERAL_ERROR:
+ case AUTHZ_GENERAL_ERROR:
default:
/* We'll assume that the module has already said what its error
* was in the logs.
@@ -535,15 +535,16 @@
* provider.
*/
if (!current_provider) {
- provider = ap_lookup_provider(AUTHZ_PROVIDER_GROUP,
+/* provider = ap_lookup_provider(AUTHZ_PROVIDER_GROUP,
AUTHZ_DEFAULT_PROVIDER, "0");
if (!provider || !provider->check_authorization) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"No Authz providers configured. Assmuming no authorization required.");
+*/
req_authz = 0;
break;
- }
+/* }*/
}
else {
provider = current_provider->provider;
@@ -600,7 +601,7 @@
{
STANDARD20_MODULE_STUFF,
create_authz_host_dir_config, /* dir config creater */
- merge_authz_host_dir_config, /* dir merger --- default is to override */
+ NULL, /* dir merger --- default is to override */
NULL, /* server config */
NULL, /* merge server config */
authz_host_cmds,
Modified: httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_user.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_user.c?rev=351573&r1=351572&r2=351573&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_user.c (original)
+++ httpd/httpd/branches/authz-dev/modules/aaa/mod_authz_user.c Thu Dec 1 20:15:56 2005
@@ -117,14 +117,14 @@
}
#endif
-static authn_status user_check_authorization(request_rec *r, apr_int64_t method_mask, const char *require_line)
+static authz_status user_check_authorization(request_rec *r, apr_int64_t method_mask, const char *require_line)
{
char *user = r->user;
int m = r->method_number;
const char *t, *w;
if (!(method_mask & (AP_METHOD_BIT << m))) {
- return DECLINED;
+ return AUTHZ_DECLINED;
}
t = require_line;
@@ -136,7 +136,7 @@
while (t[0]) {
w = ap_getword_conf(r->pool, &t);
if (!strcmp(user, w)) {
- return OK;
+ return AUTHZ_GRANTED;
}
}
}
@@ -147,17 +147,17 @@
r->uri, user);
ap_note_auth_failure(r);
- return HTTP_UNAUTHORIZED;
+ return AUTHZ_GENERAL_ERROR;
}
-static authn_status validuser_check_authorization(request_rec *r, apr_int64_t method_mask, const char *require_line)
+static authz_status validuser_check_authorization(request_rec *r, apr_int64_t method_mask, const char *require_line)
{
int m = r->method_number;
if (!(method_mask & (AP_METHOD_BIT << m))) {
- return DECLINED;
+ return AUTHZ_DECLINED;
}
- return OK;
+ return AUTHZ_GRANTED;
}
static const authz_provider authz_user_provider =
Modified: httpd/httpd/branches/authz-dev/server/core.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/authz-dev/server/core.c?rev=351573&r1=351572&r2=351573&view=diff
==============================================================================
--- httpd/httpd/branches/authz-dev/server/core.c (original)
+++ httpd/httpd/branches/authz-dev/server/core.c Thu Dec 1 20:15:56 2005
@@ -268,6 +268,14 @@
conf->ap_default_type = new->ap_default_type;
}
+ if (new->ap_auth_type) {
+ conf->ap_auth_type = new->ap_auth_type;
+ }
+
+ if (new->ap_auth_name) {
+ conf->ap_auth_name = new->ap_auth_name;
+ }
+
if (conf->response_code_strings == NULL) {
conf->response_code_strings = new->response_code_strings;
}