static int dbm_check_auth(request_rec *r) { dbm_auth_config_rec *conf = ap_get_module_config(r->per_dir_config, &auth_dbm_module); char *user = r->user; int m = r->method_number; const apr_array_header_t *reqs_arr = ap_requires(r); require_line *reqs = reqs_arr ? (require_line *) reqs_arr->elts : NULL; register int x; const char *t; char *w; if (!conf->auth_dbmgrpfile) return DECLINED; if (!reqs_arr) return DECLINED; for (x = 0; x < reqs_arr->nelts; x++) { if (!(reqs[x].method_mask & (AP_METHOD_BIT << m))) continue; t = reqs[x].requirement; w = ap_getword_white(r->pool, &t); if (!strcmp(w, "group") && conf->auth_dbmgrpfile) { const char *orig_groups, *groups; char *v; if (!(groups = get_dbm_grp(r, user, conf->auth_dbmgrpfile, conf->auth_dbmtype))) { if (!(conf->auth_dbmauthoritative)) return DECLINED; ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "user %s not in DBM group file %s: %s", user, conf->auth_dbmgrpfile, r->filename); ap_note_basic_auth_failure(r); return HTTP_UNAUTHORIZED; } orig_groups = groups; while (t[0]) { w = ap_getword_white(r->pool, &t); groups = orig_groups; while (groups[0]) { v = ap_getword(r->pool, &groups, ','); if (!strcmp(v, w)) return OK; } } ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "user %s not in right group: %s", user, r->filename); ap_note_basic_auth_failure(r); return HTTP_UNAUTHORIZED; } } return DECLINED; }
static authz_status dbmfilegroup_check_authorization(request_rec *r, const char *require_args, const void *parsed_require_args) { authz_dbm_config_rec *conf = ap_get_module_config(r->per_dir_config, &authz_dbm_module); char *user = r->user; const char *realm = ap_auth_name(r); const char *filegroup = NULL; const char *orig_groups = NULL; apr_status_t status; const char *groups; char *v; if (!user) { return AUTHZ_DENIED_NO_USER; } if (!conf->grpfile) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01802) "No group file was specified in the configuration"); return AUTHZ_DENIED; } /* fetch group data from dbm file. */ status = get_dbm_grp(r, apr_pstrcat(r->pool, user, ":", realm, NULL), user, conf->grpfile, conf->dbmtype, &groups); if (status != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, APLOGNO(01803) "could not open dbm (type %s) group access " "file: %s", conf->dbmtype, conf->grpfile); return AUTHZ_DENIED; } if (groups == NULL) { /* no groups available, so exit immediately */ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01804) "Authorization of user %s to access %s failed, reason: " "user doesn't appear in DBM group file (%s).", r->user, r->uri, conf->grpfile); return AUTHZ_DENIED; } orig_groups = groups; filegroup = authz_owner_get_file_group(r); if (filegroup) { groups = orig_groups; while (groups[0]) { v = ap_getword(r->pool, &groups, ','); if (!strcmp(v, filegroup)) { return AUTHZ_GRANTED; } } } ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01805) "Authorization of user %s to access %s failed, reason: " "user is not part of the 'require'ed group(s).", r->user, r->uri); return AUTHZ_DENIED; }
static int dbm_check_auth(request_rec *r) { dbm_auth_config_rec *sec = (dbm_auth_config_rec *) ap_get_module_config(r->per_dir_config, &dbm_auth_module); char *user = r->connection->user; int m = r->method_number; array_header *reqs_arr = ap_requires(r); require_line *reqs = reqs_arr ? (require_line *) reqs_arr->elts : NULL; register int x; const char *t; char *w; if (!sec->auth_dbmgrpfile) return DECLINED; if (!reqs_arr) return DECLINED; for (x = 0; x < reqs_arr->nelts; x++) { if (!(reqs[x].method_mask & (1 << m))) continue; t = reqs[x].requirement; w = ap_getword(r->pool, &t, ' '); if (!strcmp(w, "group") && sec->auth_dbmgrpfile) { const char *orig_groups, *groups; char *v; if (!(groups = get_dbm_grp(r, user, sec->auth_dbmgrpfile))) { if (!(sec->auth_dbmauthoritative)) return DECLINED; ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server, "user %s not in DBM group file %s: %s", user, sec->auth_dbmgrpfile, r->filename); ap_note_basic_auth_failure(r); return AUTH_REQUIRED; } orig_groups = groups; while (t[0]) { w = ap_getword(r->pool, &t, ' '); groups = orig_groups; while (groups[0]) { v = ap_getword(r->pool, &groups, ','); if (!strcmp(v, w)) return OK; } } ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server, "user %s not in right group: %s", user, r->filename); ap_note_basic_auth_failure(r); return AUTH_REQUIRED; } } return DECLINED; }