You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by nd...@apache.org on 2003/01/06 07:52:48 UTC

cvs commit: httpd-2.0/modules/aaa mod_authz_groupfile.c

nd          2003/01/05 22:52:48

  Modified:    modules/aaa mod_authz_groupfile.c
  Log:
  cleanup.
  - remove superfluid #include
  - remove no longer neccessary bitmask handling
  - be more efficient if there are no groups for the user
  - call ap_note_auth_failure instead of ap_note_basic_auth_failure
  
  Revision  Changes    Path
  1.6       +10 -13    httpd-2.0/modules/aaa/mod_authz_groupfile.c
  
  Index: mod_authz_groupfile.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/aaa/mod_authz_groupfile.c,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- mod_authz_groupfile.c	8 Dec 2002 21:16:05 -0000	1.5
  +++ mod_authz_groupfile.c	6 Jan 2003 06:52:48 -0000	1.6
  @@ -86,7 +86,6 @@
    */
   
   #include "apr_strings.h"
  -#include "apr_md5.h"            /* for apr_password_validate */
   
   #include "ap_config.h"
   #include "httpd.h"
  @@ -186,7 +185,7 @@
                                                         &authz_groupfile_module);
       char *user = r->user;
       int m = r->method_number;
  -    int method_restricted = 0;
  +    int required_group = 0;
       register int x,has_entries;
       const char *t, *w;
       apr_table_t *grpstatus;
  @@ -220,31 +219,29 @@
           if (!(reqs[x].method_mask & (AP_METHOD_BIT << m))) {
               continue;
           }
  -        method_restricted |= 1;
   
           t = reqs[x].requirement;
           w = ap_getword_white(r->pool, &t);
   
           if (!strcmp(w, "group")) {
  -            method_restricted |= 2;
  -             if (has_entries) {
  +            required_group = 1;
  +
  +            if (!has_entries) {
  +                /* we will never match, so exit immediately */
  +                break;
  +            }
  +
               while (t[0]) {
                   w = ap_getword_conf(r->pool, &t);
                   if (apr_table_get(grpstatus, w)) {
                       return OK;
                   }
               }
  -         }
           }
       }
   
  -    /* No applicable requires for this method seen at all */
  -    if (method_restricted == 0) {
  -        return DECLINED; /* XXX change from legacy */
  -    }
  -
       /* No applicable "requires group" for this method seen */
  -    if ((method_restricted & 2) == 0) {
  +    if (!required_group) {
           return DECLINED;
       }
   
  @@ -256,7 +253,7 @@
                     "access to %s failed, reason: user %s not part of the "
                     "'require'ed group(s).", r->uri, user);
           
  -    ap_note_basic_auth_failure(r);
  +    ap_note_auth_failure(r);
       return HTTP_UNAUTHORIZED;
   }