static am_status_t set_custom_response(am_request_t *rq, const char *text, const char *cont_type) { request_rec *r = (request_rec *) (rq != NULL ? rq->ctx : NULL); if (r == NULL || !ISVALID(text)) return AM_EINVAL; if (rq->status == AM_INTERNAL_REDIRECT) { ap_internal_redirect(text, r); rq->status = AM_DONE; } else if (rq->status == AM_REDIRECT) { apr_table_add(r->headers_out, "Location", text); ap_custom_response(r, HTTP_MOVED_TEMPORARILY, text); } else { if (rq->status == AM_PDP_DONE) { request_rec *sr = ap_sub_req_method_uri(am_method_num_to_str(rq->method), rq->post_data_url, r, NULL); sr->headers_in = r->headers_in; sr->notes = r->notes; am_log_debug(rq->instance_id, "set_custom_response(): issuing sub-request %s to %s", sr->method, rq->post_data_url); ap_run_sub_req(sr); ap_destroy_sub_req(sr); rq->status = AM_DONE; } else { size_t tl = strlen(text); if (ISVALID(cont_type)) { ap_set_content_type(r, cont_type); } ap_set_content_length(r, tl); ap_rwrite(text, (int) tl, r); ap_custom_response(r, am_status_value(rq->status == AM_SUCCESS || rq->status == AM_DONE ? AM_SUCCESS : rq->status), text); ap_rflush(r); } } am_log_info(rq->instance_id, "set_custom_response(): status: %s", am_strerror(rq->status)); return AM_SUCCESS; }
static int webid_auth_checker(request_rec *r) { int is_initial_req, req_access, req_method, ret; const char *req_dest; request_rec *r_dest; apr_uri_t apr_uri; if (r->filename == NULL) { ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, "Module bug? Request filename is missing for URI %s", r->uri); return http_status_code(r, OK); } if (r->user == NULL || strlen(r->user) == 0) { return http_status_code(r, HTTP_FORBIDDEN); } // req_access: Read, Write, or Control is_initial_req = ap_is_initial_req(r); req_access = WEBID_ACCESS_INVALID; req_method = (AP_METHOD_BIT << r->method_number); if (is_initial_req && r->method_number == M_COPY) { // allow COPY of a readonly source URI // - target URI check happens by subrequest req_access = WEBID_ACCESS_READ; } else if (req_method == (req_method & WEBID_M_READ)) { // check the acl:Read method bitmask req_access = WEBID_ACCESS_READ; } else if (req_method == (req_method & WEBID_M_WRITE)) { // check the acl:Write method bitmask // - writes to ACL URIs are acl:Control (handled internally) req_access = WEBID_ACCESS_WRITE; } else { // unhandled methods require acl:Control req_access = WEBID_ACCESS_CONTROL; } ret = HTTP_FORBIDDEN; if (is_initial_req && (r->method_number == M_COPY || r->method_number == M_MOVE)) { req_dest = apr_table_get(r->headers_in, "Destination"); if (req_dest == NULL) { const char *nscp_host = apr_table_get(r->headers_in, "Host"); const char *nscp_path = apr_table_get(r->headers_in, "New-uri"); if (nscp_host != NULL && nscp_path != NULL) req_dest = apr_psprintf(r->pool, "http://%s%s", nscp_host, nscp_path); } if (req_dest != NULL) { if ((apr_uri_parse(r->pool, req_dest, &apr_uri) == APR_SUCCESS) && (apr_uri.scheme != NULL && strcmp(apr_uri.scheme, ap_http_scheme(r)) == 0) && (apr_uri.hostname != NULL && strcmp(apr_uri.hostname, ap_get_server_name(r)) == 0)) { req_dest = apr_uri_unparse(r->pool, &apr_uri, APR_URI_UNP_OMITSITEPART); r_dest = ap_sub_req_method_uri(r->method, req_dest, r, NULL); if ((ret = check_request_acl(r, req_access)) == OK) ret = check_request_acl(r_dest, WEBID_ACCESS_WRITE); } else { ret = HTTP_BAD_GATEWAY; } } } else { ret = check_request_acl(r, req_access); } return http_status_code(r, ret); }