From fdae2ac11e36fdca0cab3cbac5a7788268b210bd Mon Sep 17 00:00:00 2001 From: jadestorm Date: Thu, 29 May 2003 14:55:16 +0000 Subject: [PATCH] Removed apache2 separate source tree. --- apache2/api_inc.h | 11 ---- apache2/auth_cmds.c | 157 -------------------------------------------------- apache2/auth_config.h | 22 ------- apache2/auth_user.c | 126 ---------------------------------------- apache2/dir_config.c | 9 --- apache2/hooks.c | 5 -- apache2/module.c | 10 ---- 7 files changed, 340 deletions(-) delete mode 100644 apache2/api_inc.h delete mode 100644 apache2/auth_cmds.c delete mode 100644 apache2/auth_config.h delete mode 100644 apache2/auth_user.c delete mode 100644 apache2/dir_config.c delete mode 100644 apache2/hooks.c delete mode 100644 apache2/module.c diff --git a/apache2/api_inc.h b/apache2/api_inc.h deleted file mode 100644 index 6680f4b..0000000 --- a/apache2/api_inc.h +++ /dev/null @@ -1,11 +0,0 @@ -#include "apr_strings.h" -#include "apr_lib.h" -#include "ap_config.h" -#include "httpd.h" -#include "http_config.h" -#include "http_core.h" -#include "http_log.h" -#include "http_protocol.h" -#include "http_request.h" - -module AP_MODULE_DECLARE_DATA kerb_auth_module; diff --git a/apache2/auth_cmds.c b/apache2/auth_cmds.c deleted file mode 100644 index 5b1d191..0000000 --- a/apache2/auth_cmds.c +++ /dev/null @@ -1,157 +0,0 @@ -static const char *kerb_set_fail_slot(cmd_parms *cmd, void *struct_ptr, - const char *arg) -{ - int offset = (int) (long) cmd->info; - if (!strncasecmp(arg, "unauthorized", 12)) - *(int *) ((char *)struct_ptr + offset) = HTTP_UNAUTHORIZED; - else if (!strncasecmp(arg, "forbidden", 9)) - *(int *) ((char *)struct_ptr + offset) = HTTP_FORBIDDEN; - else if (!strncasecmp(arg, "declined", 8)) - *(int *) ((char *)struct_ptr + offset) = DECLINED; - else - return apr_pstrcat(cmd->pool, "KrbAuthFailStatus must be Forbidden, Unauthorized, or Declined.", NULL); - return NULL; -} - -static const char *kerb_set_type_slot(cmd_parms *cmd, void *struct_ptr, - const char *arg) -{ - int offset = (int) (long) cmd->info; - if -#ifdef KRB5 - (!strncasecmp(arg, "v5", 2)) - *(char **) ((char *)struct_ptr + offset) = apr_pstrdup(cmd->pool, "KerberosV5"); - else if -#endif /* KRB5 */ -#ifdef KRB4 - (!strncasecmp(arg, "v4", 2)) - *(char **) ((char *)struct_ptr + offset) = apr_pstrdup(cmd->pool, "KerberosV4"); -#endif /* KRB4 */ -#if defined(KRB5) && defined(KRB4) - else if - (!strncasecmp(arg, "dualv5v4", 8)) - *(char **) ((char *)struct_ptr + offset) = apr_pstrdup(cmd->pool, "KerberosDualV5V4"); - else if - (!strncasecmp(arg, "dualv4v5", 8)) - *(char **) ((char *)struct_ptr + offset) = apr_pstrdup(cmd->pool, "KerberosDualV4V5"); -#endif /* KRB5 && KRB4 */ - else - return "AuthKerberos must be V5, V4, DualV4V5, or DualV5V4."; - return NULL; -} - -static const command_rec kerb_auth_cmds[] = { - AP_INIT_TAKE1( - "AuthKerberos", - kerb_set_type_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_auth_type), - OR_AUTHCFG, - "Permit Kerberos auth without AuthType requirement." - ), - -#ifdef KRB4 - AP_INIT_TAKE1( - "Krb4Srvtab", - ap_set_file_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_4_srvtab), - RSRC_CONF & ACCESS_CONF, - "Location of Kerberos V4 srvtab file." - ), -#endif /* KRB4 */ - -#ifdef KRB5 - AP_INIT_TAKE1( - "Krb5Keytab", - ap_set_file_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_5_keytab), - RSRC_CONF & ACCESS_CONF, - "Location of Kerberos V5 keytab file." - ), -#endif /* KRB5 */ - - AP_INIT_FLAG( - "KrbAuthoritative", - ap_set_flag_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_authoritative), - OR_AUTHCFG, - "Refuse to pass request down to lower modules." - ), - - AP_INIT_TAKE1( - "KrbDefaultRealm", - ap_set_string_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_default_realm), - OR_AUTHCFG, - "Default realm to authenticate users against." - ), - - AP_INIT_TAKE1( - "KrbFailStatus", - kerb_set_fail_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_fail_status), - OR_AUTHCFG, - "If auth fails, return status set here." - ), - - AP_INIT_TAKE1( - "KrbForceInstance", - ap_set_string_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_force_instance), - OR_AUTHCFG, - "Force authentication against an instance specified here." - ), - -#ifdef KRB5 - AP_INIT_FLAG( - "KrbForwardable", - ap_set_flag_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_forwardable), - OR_AUTHCFG, - "Credentials retrieved will be flagged as forwardable." - ), -#endif /* KRB5 */ - - AP_INIT_TAKE1( - "KrbLifetime", - ap_set_string_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_lifetime), - OR_AUTHCFG, - "Lifetime of tickets retrieved." - ), - -#ifdef KRB5 - AP_INIT_TAKE1( - "KrbRenewable", - ap_set_string_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_renewable), - OR_AUTHCFG, - "Credentials retrieved will be renewable for this length." - ), -#endif /* KRB5 */ - - AP_INIT_FLAG( - "KrbSaveCredentials", - ap_set_flag_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_save_credentials), - OR_AUTHCFG, - "Save and store credentials/tickets retrieved during auth." - ), - - AP_INIT_FLAG( - "KrbSaveTickets", - ap_set_flag_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_save_credentials), - OR_AUTHCFG, - "Alias for KrbSaveCredentials." - ), - - AP_INIT_TAKE1( - "KrbTmpdir", - ap_set_string_slot, - (void*)APR_XtOffsetOf(kerb_auth_config, krb_tmp_dir), - OR_AUTHCFG, - "Path to store ticket files and such in." - ), - - { NULL } -}; diff --git a/apache2/auth_config.h b/apache2/auth_config.h deleted file mode 100644 index 9e0da47..0000000 --- a/apache2/auth_config.h +++ /dev/null @@ -1,22 +0,0 @@ -typedef struct { - char *krb_auth_type; -#ifdef KRB4 - char *krb_4_srvtab; -#endif /* KRB4 */ -#ifdef KRB5 - char *krb_5_keytab; -#endif /* KRB5 */ - int krb_authoritative; - char *krb_default_realm; - int krb_fail_status; - char *krb_force_instance; -#ifdef KRB5 - int krb_forwardable; -#endif /* KRB5 */ - char *krb_lifetime; -#ifdef KRB5 - char *krb_renewable; -#endif /* KRB5 */ - int krb_save_credentials; - char *krb_tmp_dir; -} kerb_auth_config; diff --git a/apache2/auth_user.c b/apache2/auth_user.c deleted file mode 100644 index 955dc0d..0000000 --- a/apache2/auth_user.c +++ /dev/null @@ -1,126 +0,0 @@ -int kerb_authenticate_user(request_rec *r) { - const char *name; /* AuthName specified */ - const char *type; /* AuthType specified */ - int KerberosV5 = 0; /* Kerberos V5 check enabled */ - int KerberosV4 = 0; /* Kerberos V4 check enabled */ - int KerberosV4first = 0; /* Kerberos V4 check first */ - const char *sent_pw; /* Password sent by browser */ - const char *t; /* Return value holder */ - int res; /* Response holder */ - int retcode; /* Return code holder */ - - kerb_auth_config *conf = - (kerb_auth_config *)ap_get_module_config(r->per_dir_config, - &kerb_auth_module); - - const char *auth_line = apr_table_get(r->headers_in, - (PROXYREQ_PROXY == r->proxyreq) - ? "Proxy-Authorization" - : "Authorization"); - - type = ap_auth_type(r); - - if (type != NULL) { -#ifdef KRB5 - if ((strncasecmp(type, "KerberosV5", 10) == 0) || - (strncasecmp(conf->krb_auth_type, "KerberosV5", 10) == 0)) { - KerberosV5 = 1; - } -#endif /* KRB5 */ - -#ifdef KRB4 - if ((strncasecmp(type, "KerberosV4", 10) == 0) || - (strncasecmp(conf->krb_auth_type, "KerberosV4", 10) == 0)) { - KerberosV4 = 1; - } -#endif /* KRB4 */ - -#if defined(KRB5) && defined(KRB4) - if ((strncasecmp(type, "KerberosDualV5V4", 15) == 0) || - (strncasecmp(conf->krb_auth_type, "KerberosDualV5V4", 15) == 0)) { - KerberosV5 = 1; - KerberosV4 = 1; - } - - if ((strncasecmp(type, "KerberosDualV4V5", 15) == 0) || - (strncasecmp(conf->krb_auth_type, "KerberosDualV4V5", 15) == 0)) { - KerberosV5 = 1; - KerberosV4 = 1; - KerberosV4first = 1; - } -#endif /* KRB5 && KRB4 */ - } - - if (!KerberosV4 && !KerberosV5) { - if (conf->krb_authoritative) { - return HTTP_UNAUTHORIZED; - } - else { - return DECLINED; - } - } - - name = ap_auth_name(r); - if (!name) { - ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, - 0, r, "need AuthName: %s", r->uri); - return HTTP_INTERNAL_SERVER_ERROR; - } - - if (!auth_line) { - apr_table_set(r->err_headers_out, "WWW-Authenticate", - (char *)apr_pstrcat(r->pool, "Basic realm=\"", name, "\"", NULL)); - return HTTP_UNAUTHORIZED; - } - - type = ap_getword_white(r->pool, &auth_line); - t = ap_pbase64decode(r->pool, auth_line); - r->user = ap_getword_nulls(r->pool, &t, ':'); - r->ap_auth_type = "Kerberos"; - sent_pw = ap_getword_white(r->pool, &t); - - retcode = DECLINED; - -#ifdef KRB5 - if (KerberosV5 && !KerberosV4first && retcode != OK) { - r->ap_auth_type = "KerberosV5"; - if (kerb5_password_validate(r->user, sent_pw)) { - retcode = OK; - } - else { - retcode = conf->krb_fail_status; - } - } -#endif /* KRB5 */ - -#ifdef KRB4 - if (KerberosV4 && retcode != OK) { - r->ap_auth_type = "KerberosV4"; - if (kerb4_password_validate(r->user, sent_pw)) { - retcode = OK; - } - else { - retcode = conf->krb_fail_status; - } - } -#endif /* KRB4 */ - -#if defined(KRB5) && defined(KRB4) - if (KerberosV5 && KerberosV4first && retcode != OK) { - r->ap_auth_type = "KerberosV5"; - if (kerb5_password_validate(r->user, sent_pw)) { - retcode = OK; - } - else { - retcode = conf->krb_fail_status; - } - } -#endif /* KRB5 && KRB4 */ - - if (conf->krb_authoritative && retcode == DECLINED) { - return HTTP_UNAUTHORIZED; - } - else { - return retcode; - } -} diff --git a/apache2/dir_config.c b/apache2/dir_config.c deleted file mode 100644 index ea14a35..0000000 --- a/apache2/dir_config.c +++ /dev/null @@ -1,9 +0,0 @@ -static void *kerb_dir_config(apr_pool_t *p, char *d) -{ - static void *rec; - rec = (void *) ap_pcalloc(p, sizeof(kerb_auth_config)); - ((kerb_auth_config *)rec)->krb_fail_status = HTTP_UNAUTHORIZED; - ((kerb_auth_config *)rec)->krb_authoritative = 0; - ((kerb_auth_config *)rec)->krb_auth_type = apr_pstrdup(p, "None"); - return rec; -} diff --git a/apache2/hooks.c b/apache2/hooks.c deleted file mode 100644 index c234640..0000000 --- a/apache2/hooks.c +++ /dev/null @@ -1,5 +0,0 @@ -void kerb_register_hooks(apr_pool_t *p) -{ - ap_hook_check_user_id(kerb_authenticate_user, NULL, NULL, APR_HOOK_MIDDLE); - ap_hook_access_checker(kerb_check_user_access, NULL, NULL, APR_HOOK_MIDDLE); -} diff --git a/apache2/module.c b/apache2/module.c deleted file mode 100644 index 158049d..0000000 --- a/apache2/module.c +++ /dev/null @@ -1,10 +0,0 @@ -module AP_MODULE_DECLARE_DATA kerb_auth_module = -{ - STANDARD20_MODULE_STUFF, - kerb_dir_config, /* create per-dir conf structures */ - NULL, /* merge per-dir conf structures */ - NULL, /* create per-server conf structures */ - NULL, /* merge per-server conf structures */ - kerb_auth_cmds, /* table of configuration directives */ - kerb_register_hooks /* register hooks */ -}; -- 2.1.4