summaryrefslogtreecommitdiffstats
path: root/debian/perl-framework/c-modules/authany/mod_authany.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-07 02:04:07 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-07 02:04:07 +0000
commit1221c736f9a90756d47ea6d28320b6b83602dd2a (patch)
treeb453ba7b1393205258c9b098a773b4330984672f /debian/perl-framework/c-modules/authany/mod_authany.c
parentAdding upstream version 2.4.38. (diff)
downloadapache2-1221c736f9a90756d47ea6d28320b6b83602dd2a.tar.xz
apache2-1221c736f9a90756d47ea6d28320b6b83602dd2a.zip
Adding debian version 2.4.38-3+deb10u8.debian/2.4.38-3+deb10u8
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/perl-framework/c-modules/authany/mod_authany.c')
-rw-r--r--debian/perl-framework/c-modules/authany/mod_authany.c172
1 files changed, 172 insertions, 0 deletions
diff --git a/debian/perl-framework/c-modules/authany/mod_authany.c b/debian/perl-framework/c-modules/authany/mod_authany.c
new file mode 100644
index 0000000..a5e146c
--- /dev/null
+++ b/debian/perl-framework/c-modules/authany/mod_authany.c
@@ -0,0 +1,172 @@
+#if CONFIG_FOR_HTTPD_TEST
+
+Alias /authany @DocumentRoot@
+<Location /authany>
+ require user any-user
+ AuthType Basic
+ AuthName authany
+ <IfDefine !APACHE1>
+ <IfVersion >= 2.3>
+ AuthBasicProvider any
+ </IfVersion>
+ </IfDefine>
+</Location>
+
+#endif
+
+#include "ap_mmn.h"
+
+/* do not accept empty "" strings */
+#define strtrue(s) (s && *s)
+
+#if AP_MODULE_MAGIC_AT_LEAST(20060110, 0)
+
+#include "ap_provider.h"
+#include "mod_auth.h"
+
+static authn_status authn_check_password(request_rec *r, const char *user,
+ const char *password)
+{
+ return strtrue(r->user) && strcmp(r->user, "guest") == 0
+ ? AUTH_GRANTED : AUTH_DENIED;
+}
+
+static const authn_provider authn_any_provider =
+{
+ &authn_check_password
+};
+
+static authz_status any_check_authorization(request_rec *r,
+ const char *requirement,
+ const void *dummy)
+{
+#if AP_MODULE_MAGIC_AT_LEAST(20100714,0)
+ if (!r->user)
+ return AUTHZ_DENIED_NO_USER;
+#endif
+
+ return strtrue(r->user) && strcmp(requirement, "any-user") == 0
+ ? AUTHZ_GRANTED : AUTHZ_DENIED;
+}
+
+static const authz_provider authz_any_provider =
+{
+ &any_check_authorization
+};
+
+static void extra_hooks(apr_pool_t *p)
+{
+ ap_register_provider(p, AUTHN_PROVIDER_GROUP,
+ "any", "0", &authn_any_provider);
+ ap_register_provider(p, AUTHZ_PROVIDER_GROUP,
+ "user", "0", &authz_any_provider);
+}
+
+#define APACHE_HTTPD_TEST_EXTRA_HOOKS extra_hooks
+
+#include "apache_httpd_test.h"
+
+#else /* < 2.3 */
+
+#ifdef APACHE2
+
+#include "apr_pools.h"
+
+static void extra_hooks(apr_pool_t *);
+
+#define APACHE_HTTPD_TEST_EXTRA_HOOKS extra_hooks
+
+#else
+
+#define APACHE_HTTPD_TEST_HOOK_ORDER APR_HOOK_FIRST
+#define APACHE_HTTPD_TEST_CHECK_USER_ID authany_handler
+#define APACHE_HTTPD_TEST_AUTH_CHECKER require_any_user
+
+#endif
+
+#include "apache_httpd_test.h"
+
+static int require_any_user(request_rec *r)
+{
+ const apr_array_header_t *requires = ap_requires(r);
+ require_line *rq;
+ int x;
+
+ if (!requires) {
+ return DECLINED;
+ }
+
+ rq = (require_line *) requires->elts;
+
+ for (x = 0; x < requires->nelts; x++) {
+ const char *line, *requirement;
+
+ line = rq[x].requirement;
+ requirement = ap_getword(r->pool, &line, ' ');
+
+ if ((strcmp(requirement, "user") == 0) &&
+ (strcmp(line, "any-user") == 0))
+ {
+ return OK;
+ }
+ }
+
+ return DECLINED;
+}
+
+static int authany_handler(request_rec *r)
+{
+ const char *sent_pw;
+ int rc = ap_get_basic_auth_pw(r, &sent_pw);
+ char *user;
+
+ if (rc != OK) {
+ return rc;
+ }
+
+ if (require_any_user(r) != OK) {
+ return DECLINED;
+ }
+
+#ifdef APACHE1
+ user = r->connection->user;
+#endif
+#ifdef APACHE2
+ user = r->user;
+#endif
+
+ if (!(strtrue(user) && strtrue(sent_pw))) {
+ ap_note_basic_auth_failure(r);
+#ifdef APACHE1
+ ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
+ "Both a username and password must be provided");
+#endif
+#ifdef APACHE2
+ ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
+ "Both a username and password must be provided");
+#endif
+ return HTTP_UNAUTHORIZED;
+ }
+
+ return OK;
+}
+
+#ifdef APACHE2
+static void extra_hooks(apr_pool_t *p)
+{
+ /* mod_authany and mod_ssl both specify APR_HOOK_FIRST as the
+ * ordering of their check-user-id hooks.
+ * mod_ssl's must run before mod_authany because it may need to
+ * generate the Basic auth information based on the certificate.
+ */
+ static const char * const modssl_runs_before[] = {"mod_ssl.c", NULL};
+
+ ap_hook_check_user_id(authany_handler, modssl_runs_before, NULL,
+ APR_HOOK_FIRST);
+ ap_hook_auth_checker(require_any_user, NULL, NULL, APR_HOOK_FIRST);
+}
+#endif
+
+#endif
+
+APACHE_HTTPD_TEST_MODULE(authany);