You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2023/01/09 13:16:50 UTC
svn commit: r1906494 - in /httpd/httpd/branches/2.4.x: ./ CHANGES STATUS docs/manual/expr.xml docs/manual/mod/mod_authn_core.xml modules/aaa/mod_authn_core.c
Author: covener
Date: Mon Jan 9 13:16:50 2023
New Revision: 1906494
URL: http://svn.apache.org/viewvc?rev=1906494&view=rev
Log:
Merge r1663123, r1670431 from trunk:
mod_authn_core: Add expression support to AuthName and AuthType.
Add missing APLOGNOs by running
docs/log-message-tags/update-log-msg-tags.
bump version in XML to 2.4.55
Submitted By: minfrin
Reviewed By: minfrin, jim, covener
Modified:
httpd/httpd/branches/2.4.x/ (props changed)
httpd/httpd/branches/2.4.x/CHANGES
httpd/httpd/branches/2.4.x/STATUS
httpd/httpd/branches/2.4.x/docs/manual/expr.xml
httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml
httpd/httpd/branches/2.4.x/modules/aaa/mod_authn_core.c
Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1663123,1670431
Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1906494&r1=1906493&r2=1906494&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Mon Jan 9 13:16:50 2023
@@ -7,6 +7,9 @@ Changes with Apache 2.4.55
*) mod_ssl: When dumping the configuration, the existence of
certificate/key files is no longer tested. [Joe Orton]
+ *) mod_authn_core: Add expression support to AuthName and AuthType.
+ [Graham Leggett]
+
*) mod_ssl: when a proxy connection had handled a request using SSL, an
error was logged when "SSLProxyEngine" was only configured in the
location/proxy section and not the overall server. The connection
Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1906494&r1=1906493&r2=1906494&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Mon Jan 9 13:16:50 2023
@@ -157,15 +157,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
+1: jim, ylavic, icing
covener: minor MMN needed for mod_proxy.h?
- *) mod_authn_core: Add expression support to AuthName and AuthType.
- Trunk version of patch:
- https://svn.apache.org/r1663123
- https://svn.apache.org/r1670431
- Backport version for 2.4.x of patch:
- https://svn.apache.org/repos/asf/httpd/httpd/patches/2.4.x/httpd-2.4-authn-expr.patch
- +1: minfrin, jim, covener
- rpluem says: The version in the compatibility notes is wrong.
-
*) mod_proxy_hcheck: hcmethod now allow for HTTP/1.1 requests
using GET11, HEAD11 and/or OPTIONS11.
trunk revision:
Modified: httpd/httpd/branches/2.4.x/docs/manual/expr.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/expr.xml?rev=1906494&r1=1906493&r2=1906494&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/expr.xml (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/expr.xml Mon Jan 9 13:16:50 2023
@@ -48,6 +48,8 @@
<seealso><directive module="mod_auth_form">AuthFormLoginRequiredLocation</directive></seealso>
<seealso><directive module="mod_auth_form">AuthFormLoginSuccessLocation</directive></seealso>
<seealso><directive module="mod_auth_form">AuthFormLogoutLocation</directive></seealso>
+<seealso><directive module="mod_authn_core">AuthName</directive></seealso>
+<seealso><directive module="mod_authn_core">AuthType</directive></seealso>
<seealso><directive module="mod_rewrite">RewriteCond</directive></seealso>
<seealso><directive module="mod_setenvif">SetEnvIfExpr</directive></seealso>
<seealso><directive module="mod_headers">Header</directive></seealso>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml?rev=1906494&r1=1906493&r2=1906494&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml Mon Jan 9 13:16:50 2023
@@ -141,6 +141,16 @@ authentication</description>
<p>The string provided for the <code>AuthName</code> is what will
appear in the password dialog provided by most browsers.</p>
+
+ <p>From 2.4.13, <a href="../expr.html">expression syntax</a> can be
+ used inside the directive to produce the name dynamically.</p>
+
+ <p>For example:</p>
+
+ <highlight language="config">
+ AuthName "%{HTTP_HOST}"
+ </highlight>
+
</usage>
<seealso><a
href="../howto/auth.html">Authentication, Authorization, and
@@ -195,6 +205,9 @@ authentication</description>
</Directory>
</highlight>
+ <p>From 2.4.13, <a href="../expr.html">expression syntax</a> can be
+ used inside the directive to specify the type dynamically.</p>
+
<note>When disabling authentication, note that clients which have
already authenticated against another portion of the server's document
tree will typically continue to send authentication HTTP headers
Modified: httpd/httpd/branches/2.4.x/modules/aaa/mod_authn_core.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/aaa/mod_authn_core.c?rev=1906494&r1=1906493&r2=1906494&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/aaa/mod_authn_core.c (original)
+++ httpd/httpd/branches/2.4.x/modules/aaa/mod_authn_core.c Mon Jan 9 13:16:50 2023
@@ -34,6 +34,7 @@
#include "http_log.h"
#include "http_request.h"
#include "http_protocol.h"
+#include "ap_expr.h"
#include "ap_provider.h"
#include "mod_auth.h"
@@ -52,9 +53,9 @@
*/
typedef struct {
- const char *ap_auth_type;
+ ap_expr_info_t *ap_auth_type;
int auth_type_set;
- const char *ap_auth_name;
+ ap_expr_info_t *ap_auth_name;
} authn_core_dir_conf;
typedef struct provider_alias_rec {
@@ -298,8 +299,16 @@ static const char *set_authname(cmd_parm
const char *word1)
{
authn_core_dir_conf *aconfig = (authn_core_dir_conf *)mconfig;
+ const char *expr_err = NULL;
+
+ aconfig->ap_auth_name = ap_expr_parse_cmd(cmd, word1, AP_EXPR_FLAG_STRING_RESULT,
+ &expr_err, NULL);
+ if (expr_err) {
+ return apr_pstrcat(cmd->temp_pool,
+ "Cannot parse expression '", word1, "' in AuthName: ",
+ expr_err, NULL);
+ }
- aconfig->ap_auth_name = ap_escape_quotes(cmd->pool, word1);
return NULL;
}
@@ -307,9 +316,17 @@ static const char *set_authtype(cmd_parm
const char *word1)
{
authn_core_dir_conf *aconfig = (authn_core_dir_conf *)mconfig;
+ const char *expr_err = NULL;
+
+ aconfig->ap_auth_type = ap_expr_parse_cmd(cmd, word1, AP_EXPR_FLAG_STRING_RESULT,
+ &expr_err, NULL);
+ if (expr_err) {
+ return apr_pstrcat(cmd->temp_pool,
+ "Cannot parse expression '", word1, "' in AuthType: ",
+ expr_err, NULL);
+ }
aconfig->auth_type_set = 1;
- aconfig->ap_auth_type = strcasecmp(word1, "None") ? word1 : NULL;
return NULL;
}
@@ -318,20 +335,44 @@ static const char *authn_ap_auth_type(re
{
authn_core_dir_conf *conf;
- conf = (authn_core_dir_conf *)ap_get_module_config(r->per_dir_config,
- &authn_core_module);
+ conf = (authn_core_dir_conf *) ap_get_module_config(r->per_dir_config,
+ &authn_core_module);
+
+ if (conf->ap_auth_type) {
+ const char *err = NULL, *type;
+ type = ap_expr_str_exec(r, conf->ap_auth_type, &err);
+ if (err) {
+ ap_log_rerror(
+ APLOG_MARK, APLOG_ERR, APR_SUCCESS, r, APLOGNO(02834) "AuthType expression could not be evaluated: %s", err);
+ return NULL;
+ }
+
+ return strcasecmp(type, "None") ? type : NULL;
+ }
- return conf->ap_auth_type;
+ return NULL;
}
static const char *authn_ap_auth_name(request_rec *r)
{
authn_core_dir_conf *conf;
+ const char *err = NULL, *name;
- conf = (authn_core_dir_conf *)ap_get_module_config(r->per_dir_config,
- &authn_core_module);
+ conf = (authn_core_dir_conf *) ap_get_module_config(r->per_dir_config,
+ &authn_core_module);
+
+ if (conf->ap_auth_name) {
+ name = ap_expr_str_exec(r, conf->ap_auth_name, &err);
+ if (err) {
+ ap_log_rerror(
+ APLOG_MARK, APLOG_ERR, APR_SUCCESS, r, APLOGNO(02835) "AuthName expression could not be evaluated: %s", err);
+ return NULL;
+ }
- return apr_pstrdup(r->pool, conf->ap_auth_name);
+ return ap_escape_quotes(r->pool, name);
+ }
+
+ return NULL;
}
static const command_rec authn_cmds[] =
Re: svn commit: r1906494 - in /httpd/httpd/branches/2.4.x: ./ CHANGES STATUS docs/manual/expr.xml docs/manual/mod/mod_authn_core.xml modules/aaa/mod_authn_core.c
Posted by Eric Covener <co...@gmail.com>.
On Mon, Jan 9, 2023 at 10:11 AM Ruediger Pluem <rp...@apache.org> wrote:
>
>
>
> On 1/9/23 2:16 PM, covener@apache.org wrote:
> > Author: covener
> > Date: Mon Jan 9 13:16:50 2023
> > New Revision: 1906494
> >
> > URL: http://svn.apache.org/viewvc?rev=1906494&view=rev
> > Log:
> > Merge r1663123, r1670431 from trunk:
> >
> > mod_authn_core: Add expression support to AuthName and AuthType.
> >
> >
> > Add missing APLOGNOs by running
> > docs/log-message-tags/update-log-msg-tags.
> >
> > bump version in XML to 2.4.55
> >
> > Submitted By: minfrin
> > Reviewed By: minfrin, jim, covener
> >
> >
> > Modified:
> > httpd/httpd/branches/2.4.x/ (props changed)
> > httpd/httpd/branches/2.4.x/CHANGES
> > httpd/httpd/branches/2.4.x/STATUS
> > httpd/httpd/branches/2.4.x/docs/manual/expr.xml
> > httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml
> > httpd/httpd/branches/2.4.x/modules/aaa/mod_authn_core.c
> >
> > Propchange: httpd/httpd/branches/2.4.x/
> > ------------------------------------------------------------------------------
> > Merged /httpd/httpd/trunk:r1663123,1670431
>
> > Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml
> > URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml?rev=1906494&r1=1906493&r2=1906494&view=diff
> > ==============================================================================
> > --- httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml (original)
> > +++ httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml Mon Jan 9 13:16:50 2023
> > @@ -141,6 +141,16 @@ authentication</description>
> >
> > <p>The string provided for the <code>AuthName</code> is what will
> > appear in the password dialog provided by most browsers.</p>
> > +
> > + <p>From 2.4.13, <a href="../expr.html">expression syntax</a> can be
>
> I guess this should be 2.4.55.
>
> > + used inside the directive to produce the name dynamically.</p>
> > +
> > + <p>For example:</p>
> > +
> > + <highlight language="config">
> > + AuthName "%{HTTP_HOST}"
> > + </highlight>
> > +
> > </usage>
> > <seealso><a
> > href="../howto/auth.html">Authentication, Authorization, and
> > @@ -195,6 +205,9 @@ authentication</description>
> > </Directory>
> > </highlight>
> >
> > + <p>From 2.4.13, <a href="../expr.html">expression syntax</a> can be
>
> I guess this should be 2.4.55.
>
> > + used inside the directive to specify the type dynamically.</p>> +
> > <note>When disabling authentication, note that clients which have
> > already authenticated against another portion of the server's document
> > tree will typically continue to send authentication HTTP headers
> >
>
Thanks, I was sure I had edited those by hand, not sure how it got lost.
Re: svn commit: r1906494 - in /httpd/httpd/branches/2.4.x: ./ CHANGES STATUS docs/manual/expr.xml docs/manual/mod/mod_authn_core.xml modules/aaa/mod_authn_core.c
Posted by Ruediger Pluem <rp...@apache.org>.
On 1/9/23 2:16 PM, covener@apache.org wrote:
> Author: covener
> Date: Mon Jan 9 13:16:50 2023
> New Revision: 1906494
>
> URL: http://svn.apache.org/viewvc?rev=1906494&view=rev
> Log:
> Merge r1663123, r1670431 from trunk:
>
> mod_authn_core: Add expression support to AuthName and AuthType.
>
>
> Add missing APLOGNOs by running
> docs/log-message-tags/update-log-msg-tags.
>
> bump version in XML to 2.4.55
>
> Submitted By: minfrin
> Reviewed By: minfrin, jim, covener
>
>
> Modified:
> httpd/httpd/branches/2.4.x/ (props changed)
> httpd/httpd/branches/2.4.x/CHANGES
> httpd/httpd/branches/2.4.x/STATUS
> httpd/httpd/branches/2.4.x/docs/manual/expr.xml
> httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml
> httpd/httpd/branches/2.4.x/modules/aaa/mod_authn_core.c
>
> Propchange: httpd/httpd/branches/2.4.x/
> ------------------------------------------------------------------------------
> Merged /httpd/httpd/trunk:r1663123,1670431
> Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml
> URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml?rev=1906494&r1=1906493&r2=1906494&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml (original)
> +++ httpd/httpd/branches/2.4.x/docs/manual/mod/mod_authn_core.xml Mon Jan 9 13:16:50 2023
> @@ -141,6 +141,16 @@ authentication</description>
>
> <p>The string provided for the <code>AuthName</code> is what will
> appear in the password dialog provided by most browsers.</p>
> +
> + <p>From 2.4.13, <a href="../expr.html">expression syntax</a> can be
I guess this should be 2.4.55.
> + used inside the directive to produce the name dynamically.</p>
> +
> + <p>For example:</p>
> +
> + <highlight language="config">
> + AuthName "%{HTTP_HOST}"
> + </highlight>
> +
> </usage>
> <seealso><a
> href="../howto/auth.html">Authentication, Authorization, and
> @@ -195,6 +205,9 @@ authentication</description>
> </Directory>
> </highlight>
>
> + <p>From 2.4.13, <a href="../expr.html">expression syntax</a> can be
I guess this should be 2.4.55.
> + used inside the directive to specify the type dynamically.</p>> +
> <note>When disabling authentication, note that clients which have
> already authenticated against another portion of the server's document
> tree will typically continue to send authentication HTTP headers
>
Regards
RĂ¼diger