apache1/auth_cmds.c

   1 static const char *kerb_set_fail_slot(cmd_parms *cmd, char *struct_ptr,
   2                                         char *arg)
   3 {
   4         int offset = (int) (long) cmd->info;
   5         if (!strncasecmp(arg, "unauthorized", 12))
   6                 *(int *) (struct_ptr + offset) = HTTP_UNAUTHORIZED;
   7         else if (!strncasecmp(arg, "forbidden", 9))
   8                 *(int *) (struct_ptr + offset) = HTTP_FORBIDDEN;
   9         else if (!strncasecmp(arg, "declined", 8))
  10                 *(int *) (struct_ptr + offset) = DECLINED;
  11         else
  12                 return "KrbFailStatus must be Forbidden, Unauthorized, or Declined.";
  13         return NULL;
  14 }
  15
  16 static const char *kerb_set_type_slot(cmd_parms *cmd, char *struct_ptr,
  17                                         char *arg)
  18 {
  19         int offset = (int) (long) cmd->info;
  20         if
  21 #ifdef KRB5
  22            (!strncasecmp(arg, "v5", 2))
  23                 *(char **) (struct_ptr + offset) = ap_pstrdup(cmd->pool, "KerberosV5");
  24         else if
  25 #endif /* KRB5 */
  26 #ifdef KRB4
  27            (!strncasecmp(arg, "v4", 2))
  28                 *(char **) (struct_ptr + offset) = ap_pstrdup(cmd->pool, "KerberosV4");
  29 #endif /* KRB4 */
  30         else if
  31            (!strncasecmp(arg, "dualv5v4", 2))
  32                 *(char **) (struct_ptr + offset) = ap_pstrdup(cmd->pool, "KerberosDualV5V4");
  33         else if
  34            (!strncasecmp(arg, "dualv4v5", 2))
  35                 *(char **) (struct_ptr + offset) = ap_pstrdup(cmd->pool, "KerberosDualV4V5");
  36 #if defined(KRB4) && defined(KRB5)
  37 #endif /* KRB4 && KRB5 */
  38         else
  39                 return "AuthKerberos must be V5 or V4.";
  40         return NULL;
  41 }
  42
  43 command_rec kerb_auth_cmds[] = {
  44         {
  45                 "AuthKerberos",
  46                 kerb_set_type_slot,
  47                 (void*)XtOffsetOf(kerb_auth_config, krb_auth_type),
  48                 OR_AUTHCFG,
  49                 TAKE1,
  50                 "Permit Kerberos auth without AuthType requirement."
  51         },
  52
  53         {
  54                 "KrbFailStatus",
  55                 kerb_set_fail_slot,
  56                 (void*)XtOffsetOf(kerb_auth_config, krb_fail_status),
  57                 OR_AUTHCFG,
  58                 TAKE1,
  59                 "If auth fails, return status set here."
  60         },
  61
  62         {
  63                 "KrbAuthoritative",
  64                 ap_set_flag_slot,
  65                 (void*)XtOffsetOf(kerb_auth_config, krb_authoritative),
  66                 OR_AUTHCFG,
  67                 FLAG,
  68                 "Refuse to pass request down to lower modules."
  69         },
  70
  71         { NULL }
  72 };