Added authoritative support.

[mod_auth_kerb.cvs/.git] / apache1 / auth_cmds.c

diff --git a/apache1/auth_cmds.c b/apache1/auth_cmds.c
index 611dff6..3649cb2 100644 (file)
--- a/apache1/auth_cmds.c
+++ b/apache1/auth_cmds.c
@@ -1,3 +1,45 @@
+static const char *kerb_set_fail_slot(cmd_parms *cmd, char *struct_ptr,
+                                       char *arg)
+{
+       int offset = (int) (long) cmd->info;
+       if (!strncasecmp(arg, "unauthorized", 12))
+               *(int *) (struct_ptr + offset) = HTTP_UNAUTHORIZED;
+       else if (!strncasecmp(arg, "forbidden", 9))
+               *(int *) (struct_ptr + offset) = HTTP_FORBIDDEN;
+       else if (!strncasecmp(arg, "declined", 8))
+               *(int *) (struct_ptr + offset) = DECLINED;
+       else
+               return "KrbFailStatus must be Forbidden, Unauthorized, or Declined.";
+       return NULL;
+}
+
+static const char *kerb_set_type_slot(cmd_parms *cmd, char *struct_ptr,
+                                       char *arg)
+{
+       int offset = (int) (long) cmd->info;
+       if
+#ifdef KRB5
+          (!strncasecmp(arg, "v5", 2))
+               *(char **) (struct_ptr + offset) = ap_pstrdup(cmd->pool, "KerberosV5");
+       else if
+#endif /* KRB5 */
+#ifdef KRB4
+          (!strncasecmp(arg, "v4", 2))
+               *(char **) (struct_ptr + offset) = ap_pstrdup(cmd->pool, "KerberosV4");
+#endif /* KRB4 */
+       else if
+          (!strncasecmp(arg, "dualv5v4", 2))
+               *(char **) (struct_ptr + offset) = ap_pstrdup(cmd->pool, "KerberosDualV5V4");
+       else if
+          (!strncasecmp(arg, "dualv4v5", 2))
+               *(char **) (struct_ptr + offset) = ap_pstrdup(cmd->pool, "KerberosDualV4V5");
+#if defined(KRB4) && defined(KRB5)
+#endif /* KRB4 && KRB5 */
+       else
+               return "AuthKerberos must be V5 or V4.";
+       return NULL;
+}
+
 command_rec kerb_auth_cmds[] = {
        {
                "AuthKerberos",
@@ -10,7 +52,7 @@ command_rec kerb_auth_cmds[] = {
 
        {
                "KrbFailStatus",
-               kerb_set_fail_slot_string,
+               kerb_set_fail_slot,
                (void*)XtOffsetOf(kerb_auth_config, krb_fail_status),
                OR_AUTHCFG,
                TAKE1,
@@ -19,11 +61,11 @@ command_rec kerb_auth_cmds[] = {
 
        {
                "KrbAuthoritative",
-               kerb_set_fail_slot_flag,
-               (void*)XtOffsetOf(kerb_auth_config, krb_fail_status),
+               ap_set_flag_slot,
+               (void*)XtOffsetOf(kerb_auth_config, krb_authoritative),
                OR_AUTHCFG,
                FLAG,
-               "If auth fails, decline and pass on to lower modules."
+               "Refuse to pass request down to lower modules."
        },
 
        { NULL }