*/
/*
- * Copyright (c) 2004 Masarykova universita
+ * Copyright (c) 2004-2005 Masarykova universita
* (Masaryk University, Brno, Czech Republic)
* All rights reserved.
*
#include <http_request.h>
#ifdef STANDARD20_MODULE_STUFF
-#include <ap_compat.h>
#include <apr_strings.h>
#include <apr_base64.h>
+
+#define ap_null_cleanup NULL
+#define ap_register_cleanup apr_pool_cleanup_register
+
+#define ap_pstrdup apr_pstrdup
+#define ap_pstrcat apr_pstrcat
+#define ap_pcalloc apr_pcalloc
+#define ap_psprintf apr_psprintf
+
+#define ap_base64decode_len apr_base64_decode_len
+#define ap_base64decode apr_base64_decode
+#define ap_base64encode_len apr_base64_encode_len
+#define ap_base64encode apr_base64_encode
+
+#define ap_table_setn apr_table_setn
+#define ap_table_add apr_table_add
+#else
+#define ap_pstrchr_c strchr
+#endif /* STANDARD20_MODULE_STUFF */
+
+#ifdef _WIN32
+#define vsnprintf _vsnprintf
+#define snprintf _snprintf
+#endif
+
+#ifndef KRB5_LIB_FUNCTION
+# if defined(_WIN32)
+# define KRB5_LIB_FUNCTION _stdcall
+# else
+# define KRB5_LIB_FUNCTION
#endif
#ifdef KRB5
#include <netdb.h> /* gethostbyname() */
#endif /* KRB4 */
-#ifdef WIN32
-#define vsnprintf _vsnprintf
-#define snprintf _snprintf
-#else
-/* XXX remove dependency on unistd.h ??? */
+#ifndef _WIN32
+/* should be HAVE_UNISTD_H instead */
#include <unistd.h>
#endif
int use_krb4, int use_krb5pwd, char *negotiate_ret_value);
static const char*
-krb5_save_realms(cmd_parms *cmd, kerb_auth_config *sec, const char *arg);
+krb5_save_realms(cmd_parms *cmd, void *sec, const char *arg);
#ifdef STANDARD20_MODULE_STUFF
#define command(name, func, var, type, usage) \
AP_INIT_ ## type (name, (void*) func, \
- (void*)APR_XtOffsetOf(kerb_auth_config, var), \
+ (void*)APR_OFFSETOF(kerb_auth_config, var), \
OR_AUTHCFG | RSRC_CONF, usage)
#else
#define command(name, func, var, type, usage) \
{ NULL }
};
-#ifdef WIN32
+#ifdef _WIN32
int
mkstemp(char *template)
{
#include "mit-internals.h"
/* This is our replacement krb5_rc_store function */
-static krb5_error_code
+static krb5_error_code KRB5_LIB_FUNCTION
mod_auth_kerb_rc_store(krb5_context context, krb5_rcache rcache,
krb5_donot_replay_internal *donot_replay)
{
}
static const char*
-krb5_save_realms(cmd_parms *cmd, kerb_auth_config *sec, const char *arg)
+krb5_save_realms(cmd_parms *cmd, void *vsec, const char *arg)
{
+ kerb_auth_config *sec = (kerb_auth_config *) vsec;
sec->krb_auth_realms= ap_pstrdup(cmd->pool, arg);
return NULL;
}
-void log_rerror(const char *file, int line, int level, int status,
- const request_rec *r, const char *fmt, ...)
+static void
+log_rerror(const char *file, int line, int level, int status,
+ const request_rec *r, const char *fmt, ...)
{
char errstr[1024];
va_list ap;
sent_name = ap_getword (r->pool, &sent_pw, ':');
/* do not allow user to override realm setting of server */
- if (strchr(sent_name, '@')) {
+ if (ap_strchr_c(sent_name, '@')) {
log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"specifying realm in user name is prohibited");
return HTTP_UNAUTHORIZED;
}
-int authenticate_user_krb5pwd(request_rec *r,
- kerb_auth_config *conf,
- const char *auth_line)
+static int
+authenticate_user_krb5pwd(request_rec *r,
+ kerb_auth_config *conf,
+ const char *auth_line)
{
const char *sent_pw = NULL;
const char *sent_name = NULL;
int ret;
gss_name_t client_name = GSS_C_NO_NAME;
gss_cred_id_t delegated_cred = GSS_C_NO_CREDENTIAL;
- OM_uint32
- (*accept_sec_token)(OM_uint32 *, gss_ctx_id_t *, const gss_cred_id_t,
+ OM_uint32 (KRB5_LIB_FUNCTION *accept_sec_token)
+ (OM_uint32 *, gss_ctx_id_t *, const gss_cred_id_t,
const gss_buffer_t, const gss_channel_bindings_t,
gss_name_t *, gss_OID *, gss_buffer_t, OM_uint32 *,
OM_uint32 *, gss_cred_id_t *);
"GSS-API token of length %d bytes will be sent back",
output_token.length);
gss_release_buffer(&minor_status2, &output_token);
+ set_kerb_auth_headers(r, conf, 0, 0, *negotiate_ret_value);
}
if (GSS_ERROR(major_status)) {
if (conf->krb_save_credentials && delegated_cred != GSS_C_NO_CREDENTIAL)
store_gss_creds(r, conf, (char *)output_token.value, delegated_cred);
- if (*negotiate_ret_value)
- set_kerb_auth_headers(r, conf, 0, 0, *negotiate_ret_value);
-
gss_release_buffer(&minor_status, &output_token);
ret = OK;
#endif
}
-int kerb_authenticate_user(request_rec *r)
+static int
+kerb_authenticate_user(request_rec *r)
{
kerb_auth_config *conf =
(kerb_auth_config *) ap_get_module_config(r->per_dir_config,
return OK;
}
-void kerb_register_hooks(apr_pool_t *p)
+static void
+kerb_register_hooks(apr_pool_t *p)
{
ap_hook_post_config(kerb_init_handler, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_check_user_id(kerb_authenticate_user, NULL, NULL, APR_HOOK_MIDDLE);