/* Handle a group check triggered by a 'Require external-group foo bar baz'
 * directive. */
static authz_status externalgroup_check_authorization(request_rec *r,
	const char *require_args, const void *parsed_require_args)
{
    authnz_external_dir_config_rec *dir= (authnz_external_dir_config_rec *)
	ap_get_module_config(r->per_dir_config, &authnz_external_module);

    authnz_external_svr_config_rec *svr= (authnz_external_svr_config_rec *)
	ap_get_module_config(r->server->module_config, &authnz_external_module);

    char *user= r->user;
    char *extname= dir->group_name;
    const char *extpath, *extmethod;
    const char *t, *w;
    int code;

    /* If no authenticated user, pass */
    if ( !user ) return AUTHZ_DENIED_NO_USER;

    /* If no external authenticator has been configured, pass */
    if ( !extname ) return AUTHZ_DENIED;

    /* Get the path and method associated with that external */
    if (!(extpath= apr_table_get(svr->group_path, extname)) ||
	!(extmethod= apr_table_get(svr->group_method,extname)))
    {
	errno= 0;
	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
	    "invalid GroupExternal keyword (%s)", extname);
	return AUTHZ_DENIED;
    }

    if (dir->groupsatonce)
    {
	/* Pass rest of require line to authenticator */
	code= exec_external(extpath, extmethod, r, ENV_GROUP, require_args);
	if (code == 0) return AUTHZ_GRANTED;
    }
    else
    {
	/* Call authenticator once for each group name on line */
	t= require_args;
	while ((w= ap_getword_conf(r->pool, &t)) && w[0])
	{
	    code= exec_external(extpath, extmethod, r, ENV_GROUP, w);
	    if (code == 0) return AUTHZ_GRANTED;
	}
    }

    ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
	"Authorization of user %s to access %s failed. "
	"User not in Required group.",
    	r->user, r->uri);

    return AUTHZ_DENIED;
}
static authn_status authn_external_check_password(request_rec *r,
	const char *user, const char *password)
{
    const char *extname, *extpath, *extmethod;
    int i;
    authnz_external_dir_config_rec *dir= (authnz_external_dir_config_rec *)
	    ap_get_module_config(r->per_dir_config, &authnz_external_module);

    authnz_external_svr_config_rec *svr= (authnz_external_svr_config_rec *)
	    ap_get_module_config(r->server->module_config,
		&authnz_external_module);
    int code= 1;

    /* Check if we are supposed to handle this authentication */
    if (dir->auth_name->nelts == 0)
    {
	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
	    "No AuthExternal name has been set");
	return AUTH_GENERAL_ERROR;
    }

    for (i= 0; i < dir->auth_name->nelts; i++)
    {
	extname= ((const char **)dir->auth_name->elts)[i];

	/* Get the path associated with that external */
	if (!(extpath= apr_table_get(svr->auth_path, extname)))
	{
	    ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
		"Invalid AuthExternal keyword (%s)", extname);
	    return AUTH_GENERAL_ERROR;
	}

	/* Do the authentication, by the requested method */
	extmethod= apr_table_get(svr->auth_method, extname);
	if ( extmethod && !strcasecmp(extmethod, "function") )
	    code= exec_hardcode(r, extpath, password);
	else
	    code= exec_external(extpath, extmethod, r, ENV_PASS, password);

	/* If return code was zero, authentication succeeded */
	if (code == 0)
	{
	    if (dir->providecache) mock_turtle_cache(r, password);
	    return AUTH_GRANTED;
	}

	/* Log a failed authentication */
	errno= 0;
	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
	    "AuthExtern %s [%s]: Failed (%d) for user %s",
	    extname, extpath, code, r->user);
    }
    /* If no authenticators succeed, refuse authentication */
    return AUTH_DENIED;
}
/* Handle a group check triggered by a 'Require external-file-group'
 * directive. */
static authz_status externalfilegroup_check_authorization(request_rec *r,
	const char *require_args, const void *parsed_require_args)
{
    authnz_external_dir_config_rec *dir= (authnz_external_dir_config_rec *)
	ap_get_module_config(r->per_dir_config, &authnz_external_module);

    authnz_external_svr_config_rec *svr= (authnz_external_svr_config_rec *)
	ap_get_module_config(r->server->module_config, &authnz_external_module);

    char *user= r->user;
    char *extname= dir->group_name;
    const char *extpath, *extmethod;
    const char *filegroup= NULL;
    const char *t, *w;
    int code;

    /* If no authenticated user, pass */
    if ( !user ) return AUTHZ_DENIED_NO_USER;

    /* If no external authenticator has been configured, pass */
    if ( !extname ) return AUTHZ_DENIED;

    /* Get the path and method associated with that external */
    if (!(extpath= apr_table_get(svr->group_path, extname)) ||
	!(extmethod= apr_table_get(svr->group_method,extname)))
    {
	errno= 0;
	ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
	    "invalid GroupExternal keyword (%s)", extname);
	return AUTHZ_DENIED;
    }

    /* Get group name for requested file from mod_authz_owner */
    filegroup= authz_owner_get_file_group(r);

    if (!filegroup)
	/* No errog log entry, because mod_authz_owner already made one */
	return AUTHZ_DENIED;

    /* Pass the group to the external authenticator */
    code= exec_external(extpath, extmethod, r, ENV_GROUP, filegroup);
    if (code == 0) return AUTHZ_GRANTED;

    ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
	"Authorization of user %s to access %s failed. "
	"User not in Required file group (%s).",
    	r->user, r->uri, filegroup);

    return AUTHZ_DENIED;
}
Esempio n. 4
0
main()
{
	int i, j, na;
	char *cwd, *pwd, *owd, *username, *systemname, *homedir,*nd, *comm, *temp, **arglist, **t;
	arglist = (char**)malloc(MAX_COMMAND_ARGUMENTS*sizeof(char*));
	systemname = (char*)malloc(HOST_NAME_MAX*sizeof(char));
	comm = (char*)malloc(MAX_COMMAND_SIZE*sizeof(char));
	homedir = getenv ( "HOME" ); //get home directory address in variable
	username = getenv ( "USER" ); //get username directory address in variable
	cwd = getenv ( "PWD" );
	owd = getenv ( "OLDPWD" );
	gethostname(systemname, HOST_NAME_MAX);
	do{
		t = arglist;
		arglist = (char**)malloc(MAX_COMMAND_ARGUMENTS*sizeof(char*));
		free(t);
		pwd = cwd;
		for(i = 0; *(cwd+i) != '\0'; i++)
			if(*(cwd+i) == '/')
				pwd = (cwd + i+1);

		printf("[%s@%s: %s]> ",username,systemname,pwd);

		gets(comm);


		for(i = 0, j = 0, arglist[0] = comm; (i < MAX_COMMAND_ARGUMENTS - 1) && (comm[j+1] != '\0'); j++)
			if(comm[j] == ' ' && comm[j+1] != ' ')
			{
				comm[j] = '\0';
				arglist[++i] = comm+j+1;
			}
		na = i;
		if(na == MAX_COMMAND_ARGUMENTS)
		 	printf("\nReached max arguments\n\n");

		if(!strcmp(arglist[0],"echo"))
		{
			for(i = 1; i <= na; i++)
				printf("%s ",arglist[i]);
			printf("\n");
		}

		else if(strcmp(arglist[0],"cd") == 0)
		{
			i = 3;
			if(arglist[1] == NULL)
			{
				if(homedir == NULL)
					continue;
				else
				{
					i = chdir(homedir);
					nd = (char*)malloc(strlen(homedir)*sizeof(char));
					strcpy(nd, homedir);
				}
			}
			else
			{
				if(arglist[1][0] != '~')
				{
					i = chdir(arglist[1]);
					nd = (char*)malloc(strlen(arglist[1])*sizeof(char));
					strcpy(nd, arglist[1]);
				}
				else
				{
					nd = (char*)malloc((strlen(arglist[1])+strlen(homedir))*sizeof(char));
					strcpy(nd,homedir);
					i = chdir(strcat(nd, arglist[1]+1));
				}
			}
			if(i == 0)
			{
				temp = owd;
				owd = cwd;
				cwd = nd;
				if((temp != getenv("OLDPWD")) && (temp != getenv("PWD")))
					free(temp);
			}
		}

		else if(strcmp(arglist[0],"quit"))
		{
			if(exec_external(arglist[0],arglist))
				printf("myshell: %s: command unable to execute\n", arglist[0]);
		}

	}while(strcmp(arglist[0],"quit"));
}