summaryrefslogtreecommitdiff
path: root/www/ap2-auth-mysql/patches
diff options
context:
space:
mode:
authorcube <cube@pkgsrc.org>2003-12-31 13:03:01 +0000
committercube <cube@pkgsrc.org>2003-12-31 13:03:01 +0000
commita97d1dd78d3b6bb4bc009c51bcf9626759247478 (patch)
tree69c0544722f94f7044e5408c9aa8e60555366713 /www/ap2-auth-mysql/patches
parent42a40e6edfda5d0afe2aef1760afa6a0f8d6e4e2 (diff)
downloadpkgsrc-a97d1dd78d3b6bb4bc009c51bcf9626759247478.tar.gz
Initial import of ap2-auth-mysql, version 1.11.12, into the NetBSD
Package Collection. It will allow administrators of the Apache 2 HTTP server to authenticate users against a MySQL database. It comes from the RedHat distribution.
Diffstat (limited to 'www/ap2-auth-mysql/patches')
-rw-r--r--www/ap2-auth-mysql/patches/patch-aa371
1 files changed, 371 insertions, 0 deletions
diff --git a/www/ap2-auth-mysql/patches/patch-aa b/www/ap2-auth-mysql/patches/patch-aa
new file mode 100644
index 00000000000..6b607583e17
--- /dev/null
+++ b/www/ap2-auth-mysql/patches/patch-aa
@@ -0,0 +1,371 @@
+$NetBSD: patch-aa,v 1.1.1.1 2003/12/31 13:03:03 cube Exp $
+
+--- mod_auth_mysql.c.orig 2003-11-24 16:36:19.000000000 +0100
++++ mod_auth_mysql.c
+@@ -189,7 +189,9 @@
+ #include "http_core.h"
+ #include "http_log.h"
+ #include "http_protocol.h"
++#include "apr_strings.h"
+ #include <mysql/mysql.h>
++#include <unistd.h>
+
+ /*
+ * structure to hold the configuration details for the request
+@@ -221,34 +223,26 @@ static MYSQL *mysql_handle = NULL;
+ * Callback to close mysql handle when necessary. Also called when a
+ * child httpd process is terminated.
+ */
+-static void
++static apr_status_t
+ mod_auth_mysql_cleanup (void *notused)
+ {
+ if (mysql_handle) mysql_close(mysql_handle);
+ mysql_handle = NULL; /* make sure we don't try to use it later */
++ return APR_SUCCESS;
+ }
+
+ /*
+ * empty function necessary because register_cleanup requires it as one
+ * of its parameters
+ */
+-static void
++static apr_status_t
+ mod_auth_mysql_cleanup_child (void *notused)
+ {
+ /* nothing */
++ return APR_SUCCESS;
+ }
+
+ /*
+- * handler to do cleanup on child exit
+- */
+-static void
+-child_exit(server_rec *s, pool *p)
+-{
+- mod_auth_mysql_cleanup(NULL);
+-}
+-
+-
+-/*
+ * open connection to DB server if necessary. Return TRUE if connection
+ * is good, FALSE if not able to connect. If false returned, reason
+ * for failure has been logged to error_log file already.
+@@ -280,16 +274,16 @@ open_db_handle(request_rec *r, mysql_aut
+
+ if (!m->mysqlKeepAlive) {
+ /* close when request done */
+- ap_register_cleanup(r->pool, (void *)NULL,
+- mod_auth_mysql_cleanup,
+- mod_auth_mysql_cleanup_child);
++ apr_pool_cleanup_register(r->pool, r->server,
++ mod_auth_mysql_cleanup,
++ mod_auth_mysql_cleanup_child);
+ } /* ELSE...
+ * Child process is notified when it is terminated so we
+ * do a graceful close to the server in that handler.
+ */
+
+ } else { /* failed to get MySQL connection */
+- ap_log_error (APLOG_MARK, APLOG_ERR, r->server,
++ ap_log_error (APLOG_MARK, APLOG_ERR, 0, r->server,
+ "MySQL error: %s", mysql_error(&mysql_conn));
+ return FALSE;
+ }
+@@ -299,9 +293,9 @@ open_db_handle(request_rec *r, mysql_aut
+
+
+ static void *
+-create_mysql_auth_dir_config (pool *p, char *d)
++create_mysql_auth_dir_config (apr_pool_t *p, char *d)
+ {
+- mysql_auth_config_rec *m = ap_pcalloc (p, sizeof(mysql_auth_config_rec));
++ mysql_auth_config_rec *m = apr_pcalloc (p, sizeof(mysql_auth_config_rec));
+ if (!m) return NULL; /* failure to get memory is a bad thing */
+
+ /* defaults values */
+@@ -316,45 +310,45 @@ create_mysql_auth_dir_config (pool *p, c
+
+ static
+ command_rec mysql_auth_cmds[] = {
+- { "AuthMySQLHost", ap_set_string_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqlhost),
+- OR_AUTHCFG, TAKE1, "mysql server host name" },
+- { "AuthMySQLUser", ap_set_string_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqluser),
+- OR_AUTHCFG, TAKE1, "mysql server user name" },
+- { "AuthMySQLPassword", ap_set_string_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqlpasswd),
+- OR_AUTHCFG, TAKE1, "mysql server user password" },
+- { "AuthMySQLDB", ap_set_string_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqlDB),
+- OR_AUTHCFG, TAKE1, "mysql database name" },
+- { "AuthMySQLUserTable", ap_set_string_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqlpwtable),
+- OR_AUTHCFG, TAKE1, "mysql user table name" },
+- { "AuthMySQLGroupTable", ap_set_string_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqlgrptable),
+- OR_AUTHCFG, TAKE1, "mysql group table name" },
+- { "AuthMySQLNameField", ap_set_string_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqlNameField),
+- OR_AUTHCFG, TAKE1, "mysql User ID field name within table" },
+- { "AuthMySQLGroupField", ap_set_string_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqlGroupField),
+- OR_AUTHCFG, TAKE1, "mysql Group field name within table" },
+- { "AuthMySQLPasswordField", ap_set_string_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqlPasswordField),
+- OR_AUTHCFG, TAKE1, "mysql Password field name within table" },
+- { "AuthMySQLCryptedPasswords", ap_set_flag_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqlCrypted),
+- OR_AUTHCFG, FLAG, "mysql passwords are stored encrypted if On" },
+- { "AuthMySQLKeepAlive", ap_set_flag_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqlKeepAlive),
+- OR_AUTHCFG, FLAG, "mysql connection kept open across requests if On" },
+- { "AuthMySQLAuthoritative", ap_set_flag_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqlAuthoritative),
+- OR_AUTHCFG, FLAG, "mysql lookup is authoritative if On" },
+- { "AuthMySQLNoPasswd", ap_set_flag_slot,
+- (void*)XtOffsetOf(mysql_auth_config_rec, mysqlNoPasswd),
+- OR_AUTHCFG, FLAG, "If On, only check if user exists; ignore password" },
++ AP_INIT_TAKE1("AuthMySQLHost", ap_set_string_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqlhost),
++ OR_AUTHCFG, "mysql server host name"),
++ AP_INIT_TAKE1("AuthMySQLUser", ap_set_string_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqluser),
++ OR_AUTHCFG, "mysql server user name"),
++ AP_INIT_TAKE1("AuthMySQLPassword", ap_set_string_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqlpasswd),
++ OR_AUTHCFG, "mysql server user password"),
++ AP_INIT_TAKE1("AuthMySQLDB", ap_set_string_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqlDB),
++ OR_AUTHCFG, "mysql database name"),
++ AP_INIT_TAKE1("AuthMySQLUserTable", ap_set_string_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqlpwtable),
++ OR_AUTHCFG, "mysql user table name"),
++ AP_INIT_TAKE1("AuthMySQLGroupTable", ap_set_string_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqlgrptable),
++ OR_AUTHCFG, "mysql group table name"),
++ AP_INIT_TAKE1("AuthMySQLNameField", ap_set_string_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqlNameField),
++ OR_AUTHCFG, "mysql User ID field name within table"),
++ AP_INIT_TAKE1("AuthMySQLGroupField", ap_set_string_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqlGroupField),
++ OR_AUTHCFG, "mysql Group field name within table"),
++ AP_INIT_TAKE1("AuthMySQLPasswordField", ap_set_string_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqlPasswordField),
++ OR_AUTHCFG, "mysql Password field name within table"),
++ AP_INIT_FLAG("AuthMySQLCryptedPasswords", ap_set_flag_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqlCrypted),
++ OR_AUTHCFG, "mysql passwords are stored encrypted if On"),
++ AP_INIT_FLAG("AuthMySQLKeepAlive", ap_set_flag_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqlKeepAlive),
++ OR_AUTHCFG, "mysql connection kept open across requests if On"),
++ AP_INIT_FLAG("AuthMySQLAuthoritative", ap_set_flag_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqlAuthoritative),
++ OR_AUTHCFG, "mysql lookup is authoritative if On"),
++ AP_INIT_FLAG("AuthMySQLNoPasswd", ap_set_flag_slot,
++ (void*)APR_XtOffsetOf(mysql_auth_config_rec, mysqlNoPasswd),
++ OR_AUTHCFG, "If On, only check if user exists; ignore password"),
+ { NULL }
+ };
+
+@@ -379,7 +373,7 @@ get_mysql_pw(request_rec *r, char *user,
+ }
+
+ if (mysql_select_db(mysql_handle,m->mysqlDB) != 0) {
+- ap_log_error (APLOG_MARK, APLOG_ERR, r->server,
++ ap_log_error (APLOG_MARK, APLOG_ERR, 0, r->server,
+ "MySQL error: %s", mysql_error(mysql_handle));
+ return NULL;
+ }
+@@ -394,13 +388,13 @@ get_mysql_pw(request_rec *r, char *user,
+ }
+
+ ulen = strlen(user);
+- sql_safe_user = ap_pcalloc(r->pool, ulen*2+1);
++ sql_safe_user = apr_pcalloc(r->pool, ulen*2+1);
+ mysql_escape_string(sql_safe_user,user,ulen);
+- ap_snprintf(query,sizeof(query)-1,"SELECT %s FROM %s WHERE %s='%s'",
+- m->mysqlPasswordField, m->mysqlpwtable,
+- m->mysqlNameField, sql_safe_user);
++ apr_snprintf(query,sizeof(query)-1,"SELECT %s FROM %s WHERE %s='%s'",
++ m->mysqlPasswordField, m->mysqlpwtable,
++ m->mysqlNameField, sql_safe_user);
+ if (mysql_query(mysql_handle, query) != 0) {
+- ap_log_error (APLOG_MARK, APLOG_ERR, r->server,
++ ap_log_error (APLOG_MARK, APLOG_ERR, 0, r->server,
+ "MySQL error %s: %s", mysql_error(mysql_handle),r->uri);
+ return NULL;
+ }
+@@ -409,10 +403,10 @@ get_mysql_pw(request_rec *r, char *user,
+ if (result && (mysql_num_rows(result) == 1)) {
+ MYSQL_ROW data = mysql_fetch_row(result);
+ if (data[0]) {
+- pw = ap_pstrdup(r->pool, data[0]);
++ pw = apr_pstrdup(r->pool, data[0]);
+ } else { /* no password in mysql table returns NULL */
+ /* this should never happen, but test for it anyhow */
+- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server,
++ ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
+ "MySQL user %s has no valid password: %s", user, r->uri);
+ mysql_free_result(result);
+ return NULL;
+@@ -443,19 +437,19 @@ get_mysql_groups(request_rec *r, char *u
+ }
+
+ if (mysql_select_db(mysql_handle,m->mysqlDB) != 0) {
+- ap_log_error (APLOG_MARK, APLOG_ERR, r->server,
++ ap_log_error (APLOG_MARK, APLOG_ERR, 0, r->server,
+ "MySQL error %s: %s", mysql_error(mysql_handle),r->uri);
+ return NULL;
+ }
+
+ ulen = strlen(user);
+- sql_safe_user = ap_pcalloc(r->pool, ulen*2+1);
++ sql_safe_user = apr_pcalloc(r->pool, ulen*2+1);
+ mysql_escape_string(sql_safe_user,user,ulen);
+- ap_snprintf(query,sizeof(query)-1,"SELECT %s FROM %s WHERE %s='%s'",
+- m->mysqlGroupField, m->mysqlgrptable,
+- m->mysqlNameField, sql_safe_user);
++ apr_snprintf(query,sizeof(query)-1,"SELECT %s FROM %s WHERE %s='%s'",
++ m->mysqlGroupField, m->mysqlgrptable,
++ m->mysqlNameField, sql_safe_user);
+ if (mysql_query(mysql_handle, query) != 0) {
+- ap_log_error (APLOG_MARK, APLOG_ERR, r->server,
++ ap_log_error (APLOG_MARK, APLOG_ERR, 0, r->server,
+ "MySQL error %s: %s", mysql_error(mysql_handle),r->uri);
+ return NULL;
+ }
+@@ -463,12 +457,12 @@ get_mysql_groups(request_rec *r, char *u
+ result = mysql_store_result(mysql_handle);
+ if (result && (mysql_num_rows(result) > 0)) {
+ int i = mysql_num_rows(result);
+- list = (char **)ap_pcalloc(r->pool, sizeof(char *) * (i+1));
++ list = (char **)apr_pcalloc(r->pool, sizeof(char *) * (i+1));
+ list[i] = NULL; /* last element in array is NULL */
+ while (i--) { /* populate the array elements */
+ MYSQL_ROW data = mysql_fetch_row(result);
+ if (data[0])
+- list[i] = ap_pstrdup(r->pool, data[0]);
++ list[i] = apr_pstrdup(r->pool, data[0]);
+ else
+ list[i] = ""; /* if no data, make it empty, not NULL */
+ }
+@@ -499,15 +493,15 @@ mysql_authenticate_basic_user (request_r
+ if(!sec->mysqlpwtable) /* not configured for mysql authorization */
+ return DECLINED;
+
+- if(!(real_pw = get_mysql_pw(r, c->user, sec))) {
++ if(!(real_pw = get_mysql_pw(r, r->user, sec))) {
+ /* user not found in database */
+ if (!sec->mysqlAuthoritative)
+ return DECLINED; /* let other schemes find user */
+
+- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server,
+- "MySQL user %s not found: %s", c->user, r->uri);
++ ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
++ "MySQL user %s not found: %s", r->user, r->uri);
+ ap_note_basic_auth_failure (r);
+- return AUTH_REQUIRED;
++ return HTTP_UNAUTHORIZED;
+ }
+
+ /* if we don't require password, just return ok since they exist */
+@@ -517,10 +511,10 @@ mysql_authenticate_basic_user (request_r
+
+ /* compare the password, possibly encrypted */
+ if(strcmp(real_pw, sec->mysqlCrypted ? crypt(sent_pw,real_pw) : sent_pw)) {
+- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server,
+- "user %s: password mismatch: %s", c->user, r->uri);
++ ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
++ "user %s: password mismatch: %s", r->user, r->uri);
+ ap_note_basic_auth_failure (r);
+- return AUTH_REQUIRED;
++ return HTTP_UNAUTHORIZED;
+ }
+ return OK;
+ }
+@@ -534,10 +528,10 @@ mysql_check_auth(request_rec *r)
+ mysql_auth_config_rec *sec =
+ (mysql_auth_config_rec *)ap_get_module_config(r->per_dir_config,
+ &mysql_auth_module);
+- char *user = r->connection->user;
++ char *user = r->user;
+ int method = r->method_number;
+
+- const array_header *reqs_arr = ap_requires(r);
++ const apr_array_header_t *reqs_arr = ap_requires(r);
+ require_line *reqs = reqs_arr ? (require_line *)reqs_arr->elts : NULL;
+
+ register int x;
+@@ -560,11 +554,11 @@ mysql_check_auth(request_rec *r)
+ if(!strcmp(want,"group")) {
+ /* check for list of groups from database only first time thru */
+ if (!groups && !(groups = get_mysql_groups(r, user, sec))) {
+- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server,
++ ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
+ "mysql user %s not in group table %s: %s",
+ user, sec->mysqlgrptable, r->uri);
+ ap_note_basic_auth_failure(r);
+- return AUTH_REQUIRED;
++ return HTTP_UNAUTHORIZED;
+ }
+
+ /* loop through list of groups specified in htaccess file */
+@@ -578,35 +572,39 @@ mysql_check_auth(request_rec *r)
+ ++i;
+ }
+ }
+- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server,
++ ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
+ "mysql user %s not in right group: %s",user,r->uri);
+ ap_note_basic_auth_failure(r);
+- return AUTH_REQUIRED;
++ return HTTP_UNAUTHORIZED;
+ }
+ }
+
+ return DECLINED;
+ }
+
++static void
++child_init(apr_pool_t *p, server_rec *s)
++{
++ apr_pool_cleanup_register(p, s,
++ mod_auth_mysql_cleanup,
++ mod_auth_mysql_cleanup_child);
++}
++
++static void
++register_hooks(apr_pool_t *p)
++{
++ ap_hook_child_init(child_init, NULL, NULL, APR_HOOK_MIDDLE);
++ ap_hook_check_user_id(mysql_authenticate_basic_user,
++ NULL, NULL, APR_HOOK_MIDDLE);
++ ap_hook_auth_checker(mysql_check_auth, NULL, NULL, APR_HOOK_MIDDLE);
++}
+
+-module mysql_auth_module = {
+- STANDARD_MODULE_STUFF,
+- NULL, /* initializer */
++module AP_MODULE_DECLARE_DATA mysql_auth_module = {
++ STANDARD20_MODULE_STUFF,
+ create_mysql_auth_dir_config, /* dir config creater */
+ NULL, /* dir merger --- default is to override */
+ NULL, /* server config */
+ NULL, /* merge server config */
+ mysql_auth_cmds, /* command table */
+- NULL, /* handlers */
+- NULL, /* filename translation */
+- mysql_authenticate_basic_user, /* check_user_id */
+- mysql_check_auth, /* check auth */
+- NULL, /* check access */
+- NULL, /* type_checker */
+- NULL, /* fixups */
+- NULL, /* logger */
+- NULL, /* header parser */
+- NULL, /* child_init */
+- child_exit, /* child_exit */
+- NULL /* post read-request */
++ register_hooks /* register hooks */
+ };