You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by st...@locus.apache.org on 2000/04/05 19:27:58 UTC
cvs commit: apache-2.0/src/modules/standard config.m4 mod_auth_db.c
stoddard 00/04/05 10:27:58
Modified: src CHANGES
src/modules/standard config.m4 mod_auth_db.c
Log:
Patch to port mod_auth_db to the 2.0 api and also to support
Berlekey DB 3.0. It works for me with both Berkeley DB 3.0.55 and
2.7.7. It should work with version 1 as well but I haven't tested it.
Submitted by: Brian Martin <bm...@penguincomputing.com>
Reviewed by: Bill Stoddard
Revision Changes Path
1.57 +5 -0 apache-2.0/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/apache-2.0/src/CHANGES,v
retrieving revision 1.56
retrieving revision 1.57
diff -u -r1.56 -r1.57
--- CHANGES 2000/04/05 15:45:31 1.56
+++ CHANGES 2000/04/05 17:27:57 1.57
@@ -1,4 +1,9 @@
Changes with Apache 2.0a3-dev
+ *) Patch to port mod_auth_db to the 2.0 api and also to support
+ Berlekey DB 3.0. It works for me with both Berkeley DB 3.0.55 and
+ 2.7.7. It should work with version 1 as well but I haven't tested it.
+ [Brian Martin <bm...@penguincomputing.com>]
+
*) Get APR DSO code working under Windows. Includes cross platform
fixes to mod_so.c.
[Tim.Costello@BTFinancialgroup.com]
1.13 +6 -1 apache-2.0/src/modules/standard/config.m4
Index: config.m4
===================================================================
RCS file: /home/cvs/apache-2.0/src/modules/standard/config.m4,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- config.m4 2000/02/17 22:32:30 1.12
+++ config.m4 2000/04/05 17:27:57 1.13
@@ -34,7 +34,12 @@
APACHE_CHECK_STANDARD_MODULE(auth, , yes)
APACHE_CHECK_STANDARD_MODULE(auth_anon, , no)
APACHE_CHECK_STANDARD_MODULE(auth_dbm, , no)
-APACHE_CHECK_STANDARD_MODULE(auth_db, , no)
+
+APACHE_CHECK_STANDARD_MODULE(auth_db, , no, [
+ AC_CHECK_HEADERS(db.h)
+ AC_CHECK_LIB(db,main)
+])
+
APACHE_CHECK_STANDARD_MODULE(auth_digest, , no)
APACHE_CHECK_STANDARD_MODULE(cern_meta, , no)
APACHE_CHECK_STANDARD_MODULE(expires, , no)
1.10 +98 -30 apache-2.0/src/modules/standard/mod_auth_db.c
Index: mod_auth_db.c
===================================================================
RCS file: /home/cvs/apache-2.0/src/modules/standard/mod_auth_db.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- mod_auth_db.c 2000/03/31 09:05:15 1.9
+++ mod_auth_db.c 2000/04/05 17:27:57 1.10
@@ -65,6 +65,8 @@
*
* Adapted for Berkeley DB by Andrew Cohen
*
+ * apache 2 port by Brian Martin
+ *
* mod_auth_db was based on mod_auth_dbm.
*
* Warning, this is not a drop in replacement for mod_auth_dbm,
@@ -101,8 +103,12 @@
#include <db.h>
#endif
-#if defined(DB_VERSION_MAJOR) && (DB_VERSION_MAJOR == 2)
-#define DB2
+#if defined(DB_VERSION_MAJOR) && (DB_VERSION_MAJOR == 3)
+#define DB_VER 3
+#elif defined(DB_VERSION_MAJOR) && (DB_VERSION_MAJOR == 2)
+#define DB_VER 2
+#else
+#define DB_VER 1
#endif
typedef struct {
@@ -158,6 +164,7 @@
DB *f;
DBT d, q;
char *pw = NULL;
+ int retval;
memset(&d, 0, sizeof(d));
memset(&q, 0, sizeof(q));
@@ -165,17 +172,71 @@
q.data = user;
q.size = strlen(q.data);
-#ifdef DB2
- if (db_open(auth_dbpwfile, DB_HASH, DB_RDONLY, 0664, NULL, NULL, &f) != 0) {
+#if DB_VER == 3
+ db_create(&f, NULL, 0);
+ if ((retval = f->open(f, auth_dbpwfile, NULL, DB_HASH, DB_RDONLY, 0664)) != 0) {
+ char * reason;
+ switch(retval) {
+ case DB_OLD_VERSION:
+ reason = "Old database version. Upgrade to version 3";
+ break;
+
+ case EEXIST:
+ reason = "DB_CREATE and DB_EXCL were specified and the file exists";
+ break;
+
+ case EINVAL:
+ reason = "An invalid flag value or parameter was specified";
+ break;
+
+ case ENOENT:
+ reason = "A non-existent re_source file was specified";
+ break;
+
+ default:
+ reason = "And I don't know why";
+ break;
+ }
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, errno, r,
+ "could not open db auth file %s: %s",
+ auth_dbpwfile, reason);
+ return NULL;
+ }
+#elif DB_VER == 2
+ if ((retval = db_open(auth_dbpwfile, DB_HASH, DB_RDONLY, 0664, NULL, NULL, &f)) != 0) {
+ char * reason;
+ switch(retval) {
+
+ case EEXIST:
+ reason = "DB_CREATE and DB_EXCL were specified and the file exists.";
+ break;
+
+ case EINVAL:
+ reason = "An invalid flag value or parameter was specified";
+ break;
+
+ case ENOENT:
+ reason = "A non-existent re_source file was specified";
+ break;
+
+ default:
+ reason = "And I don't know why";
+ break;
+ }
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, errno, r,
+ "could not open db auth file %s: %s",
+ auth_dbpwfile, reason);
+ return NULL;
+ }
#else
if (!(f = dbopen(auth_dbpwfile, O_RDONLY, 0664, DB_HASH, NULL))) {
-#endif
ap_log_rerror(APLOG_MARK, APLOG_ERR, errno, r,
- "could not open db auth file: %s", auth_dbpwfile);
+ "could not open db auth file: %s", auth_dbpwfile);
return NULL;
}
+#endif
-#ifdef DB2
+#if DB_VER == 3 || DB_VER == 2
if (!((f->get) (f, NULL, &q, &d, 0))) {
#else
if (!((f->get) (f, &q, &d, 0))) {
@@ -185,7 +246,7 @@
pw[d.size] = '\0'; /* Terminate the string */
}
-#ifdef DB2
+#if DB_VER == 3 || DB_VER == 2
(f->close) (f, 0);
#else
(f->close) (f);
@@ -226,17 +287,20 @@
{
db_auth_config_rec *sec =
(db_auth_config_rec *) ap_get_module_config(r->per_dir_config,
- &auth_db_module);
+ &auth_db_module);
const char *sent_pw;
char *real_pw, *colon_pw;
- char *invalid_pw;
+ ap_status_t invalid_pw;
int res;
if ((res = ap_get_basic_auth_pw(r, &sent_pw)))
return res;
- if (!sec->auth_dbpwfile)
+ if (!sec->auth_dbpwfile) {
+ ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
+ "DB file %s not found", sec->auth_dbpwfile);
return DECLINED;
+ }
if (!(real_pw = get_db_pw(r, r->user, sec->auth_dbpwfile))) {
if (!(sec->auth_dbauthoritative))
@@ -251,11 +315,20 @@
if (colon_pw) {
*colon_pw = '\0';
}
+
invalid_pw = ap_validate_password(sent_pw, real_pw);
- if (invalid_pw != NULL) {
+
+ if (invalid_pw != APR_SUCCESS) {
+#ifdef HAVE_APR_STRERROR
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"DB user %s: authentication failure for \"%s\": %s",
- r->user, r->uri, invalid_pw);
+ r->user, r->uri, apr_strerror(invalid_pw));
+#else
+ ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
+ "DB user %s: authentication failure for \"%s\": %d",
+ r->user, r->uri, "error number",
+ invalid_pw);
+#endif
ap_note_basic_auth_failure(r);
return AUTH_REQUIRED;
}
@@ -268,7 +341,7 @@
{
db_auth_config_rec *sec =
(db_auth_config_rec *) ap_get_module_config(r->per_dir_config,
- &auth_db_module);
+ &auth_db_module);
char *user = r->user;
int m = r->method_number;
@@ -300,8 +373,8 @@
if (!(sec->auth_dbauthoritative))
return DECLINED;
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
- "user %s not in DB group file %s: %s",
- user, sec->auth_dbgrpfile, r->filename);
+ "user %s not in DB group file %s: %s",
+ user, sec->auth_dbgrpfile, r->filename);
ap_note_basic_auth_failure(r);
return AUTH_REQUIRED;
}
@@ -316,7 +389,7 @@
}
}
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
- "user %s not in right group: %s", user, r->filename);
+ "user %s not in right group: %s", user, r->filename);
ap_note_basic_auth_failure(r);
return AUTH_REQUIRED;
}
@@ -325,26 +398,21 @@
return DECLINED;
}
+static void register_hooks(void)
+{
+ ap_hook_check_user_id(db_authenticate_basic_user,NULL,NULL,HOOK_MIDDLE);
+ ap_hook_auth_checker(db_check_auth,NULL,NULL,HOOK_MIDDLE);
+}
module auth_db_module =
{
- STANDARD_MODULE_STUFF,
- NULL, /* initializer */
+ STANDARD20_MODULE_STUFF,
create_db_auth_dir_config, /* dir config creater */
NULL, /* dir merger --- default is to override */
NULL, /* server config */
NULL, /* merge server config */
db_auth_cmds, /* command ap_table_t */
NULL, /* handlers */
- NULL, /* filename translation */
- db_authenticate_basic_user, /* check_user_id */
- db_check_auth, /* check auth */
- NULL, /* check access */
- NULL, /* type_checker */
- NULL, /* fixups */
- NULL, /* logger */
- NULL, /* header parser */
- NULL, /* child_init */
- NULL, /* child_exit */
- NULL /* post read-request */
+ register_hooks /* register hooks */
};
+