static authn_status get_dbm_realm_hash(request_rec *r, const char *user, const char *realm, char **rethash) { authn_dbm_config_rec *conf = ap_get_module_config(r->per_dir_config, &authn_dbm_module); apr_status_t rv; char *dbm_hash; char *colon_hash; rv = fetch_dbm_value(conf->dbmtype, conf->pwfile, apr_pstrcat(r->pool, user, ":", realm, NULL), &dbm_hash, r->pool); if (rv != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01755) "Could not open dbm (type %s) hash file: %s", conf->dbmtype, conf->pwfile); return AUTH_GENERAL_ERROR; } if (!dbm_hash) { return AUTH_USER_NOT_FOUND; } colon_hash = ap_strchr(dbm_hash, ':'); if (colon_hash) { *colon_hash = '\0'; } *rethash = dbm_hash; AUTHN_CACHE_STORE(r, user, realm, dbm_hash); return AUTH_USER_FOUND; }
static authn_status check_password(request_rec *r, const char *user, const char *password) { authn_file_config_rec *conf = ap_get_module_config(r->per_dir_config, &authn_file_module); ap_configfile_t *f; char l[MAX_STRING_LEN]; apr_status_t status; char *file_password = NULL; if (!conf->pwfile) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01619) "AuthUserFile not specified in the configuration"); return AUTH_GENERAL_ERROR; } status = ap_pcfg_openfile(&f, r->pool, conf->pwfile); if (status != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, APLOGNO(01620) "Could not open password file: %s", conf->pwfile); return AUTH_GENERAL_ERROR; } while (!(ap_cfg_getline(l, MAX_STRING_LEN, f))) { const char *rpw, *w; /* Skip # or blank lines. */ if ((l[0] == '#') || (!l[0])) { continue; } rpw = l; w = ap_getword(r->pool, &rpw, ':'); if (!strcmp(user, w)) { file_password = ap_getword(r->pool, &rpw, ':'); break; } } ap_cfg_closefile(f); if (!file_password) { return AUTH_USER_NOT_FOUND; } AUTHN_CACHE_STORE(r, user, NULL, file_password); status = apr_password_validate(password, file_password); if (status != APR_SUCCESS) { return AUTH_DENIED; } return AUTH_GRANTED; }
static authn_status get_realm_hash(request_rec *r, const char *user, const char *realm, char **rethash) { authn_file_config_rec *conf = ap_get_module_config(r->per_dir_config, &authn_file_module); ap_configfile_t *f; char l[MAX_STRING_LEN]; apr_status_t status; char *file_hash = NULL; if (!conf->pwfile) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01621) "AuthUserFile not specified in the configuration"); return AUTH_GENERAL_ERROR; } status = ap_pcfg_openfile(&f, r->pool, conf->pwfile); if (status != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, APLOGNO(01622) "Could not open password file: %s", conf->pwfile); return AUTH_GENERAL_ERROR; } while (!(ap_cfg_getline(l, MAX_STRING_LEN, f))) { const char *rpw, *w, *x; /* Skip # or blank lines. */ if ((l[0] == '#') || (!l[0])) { continue; } rpw = l; w = ap_getword(r->pool, &rpw, ':'); x = ap_getword(r->pool, &rpw, ':'); if (x && w && !strcmp(user, w) && !strcmp(realm, x)) { /* Remember that this is a md5 hash of user:realm:password. */ file_hash = ap_getword(r->pool, &rpw, ':'); break; } } ap_cfg_closefile(f); if (!file_hash) { return AUTH_USER_NOT_FOUND; } *rethash = file_hash; AUTHN_CACHE_STORE(r, user, realm, file_hash); return AUTH_USER_FOUND; }
static authn_status check_dbm_pw(request_rec *r, const char *user, const char *password) { authn_dbm_config_rec *conf = ap_get_module_config(r->per_dir_config, &authn_dbm_module); apr_status_t rv; char *dbm_password; char *colon_pw; rv = fetch_dbm_value(conf->dbmtype, conf->pwfile, user, &dbm_password, r->pool); if (rv != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01754) "could not open dbm (type %s) auth file: %s", conf->dbmtype, conf->pwfile); return AUTH_GENERAL_ERROR; } if (!dbm_password) { return AUTH_USER_NOT_FOUND; } colon_pw = ap_strchr(dbm_password, ':'); if (colon_pw) { *colon_pw = '\0'; } AUTHN_CACHE_STORE(r, user, NULL, dbm_password); rv = apr_password_validate(password, dbm_password); if (rv != APR_SUCCESS) { return AUTH_DENIED; } return AUTH_GRANTED; }
static authn_status authn_dbd_realm(request_rec *r, const char *user, const char *realm, char **rethash) { apr_status_t rv; const char *dbd_hash = NULL; apr_dbd_prepared_t *statement; apr_dbd_results_t *res = NULL; apr_dbd_row_t *row = NULL; int ret; authn_dbd_conf *conf = ap_get_module_config(r->per_dir_config, &authn_dbd_module); ap_dbd_t *dbd = authn_dbd_acquire_fn(r); if (dbd == NULL) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01658) "Failed to acquire database connection to look up " "user '%s:%s'", user, realm); return AUTH_GENERAL_ERROR; } if (conf->realm == NULL) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01659) "No AuthDBDUserRealmQuery has been specified"); return AUTH_GENERAL_ERROR; } statement = apr_hash_get(dbd->prepared, conf->realm, APR_HASH_KEY_STRING); if (statement == NULL) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01660) "A prepared statement could not be found for " "AuthDBDUserRealmQuery with the key '%s'", conf->realm); return AUTH_GENERAL_ERROR; } if ((ret = apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement, 0, user, realm, NULL) != 0)) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01661) "Query execution error looking up '%s:%s' " "in database [%s]", user, realm, apr_dbd_error(dbd->driver, dbd->handle, ret)); return AUTH_GENERAL_ERROR; } for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1); rv != -1; rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) { if (rv != 0) { ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01662) "Error retrieving results while looking up '%s:%s' " "in database", user, realm); return AUTH_GENERAL_ERROR; } if (dbd_hash == NULL) { #if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 3) /* add the rest of the columns to the environment */ int i = 1; const char *name; for (name = apr_dbd_get_name(dbd->driver, res, i); name != NULL; name = apr_dbd_get_name(dbd->driver, res, i)) { char *str = apr_pstrcat(r->pool, AUTHN_PREFIX, name, NULL); int j = sizeof(AUTHN_PREFIX)-1; /* string length of "AUTHENTICATE_", excluding the trailing NIL */ while (str[j]) { if (!apr_isalnum(str[j])) { str[j] = '_'; } else { str[j] = apr_toupper(str[j]); } j++; } apr_table_set(r->subprocess_env, str, apr_dbd_get_entry(dbd->driver, row, i)); i++; } #endif dbd_hash = apr_dbd_get_entry(dbd->driver, row, 0); } /* we can't break out here or row won't get cleaned up */ } if (!dbd_hash) { return AUTH_USER_NOT_FOUND; } AUTHN_CACHE_STORE(r, user, realm, dbd_hash); *rethash = apr_pstrdup(r->pool, dbd_hash); return AUTH_USER_FOUND; }