diff options
Diffstat (limited to 'modules/aaa')
| -rw-r--r-- | modules/aaa/config.m4 | 5 | ||||
| -rw-r--r-- | modules/aaa/mod_authn_dbd.c | 38 | ||||
| -rw-r--r-- | modules/aaa/mod_authz_host.c | 5 |
3 files changed, 31 insertions, 17 deletions
diff --git a/modules/aaa/config.m4 b/modules/aaa/config.m4 index e2c057d2..3cdd0a26 100644 --- a/modules/aaa/config.m4 +++ b/modules/aaa/config.m4 @@ -34,7 +34,10 @@ APACHE_MODULE(authz_owner, 'require file-owner' authorization control, , , most) dnl LDAP authentication module. This module has both the authn and authz dnl modules in one, so as to share the LDAP server config directives. -APACHE_MODULE(authnz_ldap, LDAP based authentication, , , no) +APACHE_MODULE(authnz_ldap, LDAP based authentication, , , no, [ + MOD_AUTHNZ_LDAP_LDADD="`$apu_config --ldap-libs`" || MOD_AUTHNZ_LDAP_LDADD="" + AC_SUBST(MOD_AUTHNZ_LDAP_LDADD) +]) dnl - and just in case all of the above punt; a default handler to dnl keep the bad guys out. diff --git a/modules/aaa/mod_authn_dbd.c b/modules/aaa/mod_authn_dbd.c index 3bcde864..3341171e 100644 --- a/modules/aaa/mod_authn_dbd.c +++ b/modules/aaa/mod_authn_dbd.c @@ -98,24 +98,29 @@ static authn_status authn_dbd_password(request_rec *r, const char *user, ap_dbd_t *dbd = authn_dbd_acquire_fn(r); if (dbd == NULL) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Error looking up %s in database", user); + "Failed to acquire database connection to look up " + "user '%s'", user); return AUTH_GENERAL_ERROR; } if (conf->user == NULL) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No AuthDBDUserPWQuery has been specified."); + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "No AuthDBDUserPWQuery has been specified"); return AUTH_GENERAL_ERROR; } statement = apr_hash_get(dbd->prepared, conf->user, APR_HASH_KEY_STRING); if (statement == NULL) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "A prepared statement could not be found for AuthDBDUserPWQuery, key '%s'.", conf->user); + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "A prepared statement could not be found for " + "AuthDBDUserPWQuery with the key '%s'", conf->user); return AUTH_GENERAL_ERROR; } if (apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement, 0, user, NULL) != 0) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Error looking up %s in database", user); + "Query execution error looking up '%s' " + "in database", user); return AUTH_GENERAL_ERROR; } for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1); @@ -123,12 +128,11 @@ static authn_status authn_dbd_password(request_rec *r, const char *user, rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) { if (rv != 0) { ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, - "Error looking up %s in database", user); + "Error retrieving results while looking up '%s' " + "in database", user); return AUTH_GENERAL_ERROR; } if (dbd_password == NULL) { - dbd_password = apr_dbd_get_entry(dbd->driver, row, 0); - #if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 3) /* add the rest of the columns to the environment */ int i = 1; @@ -155,6 +159,7 @@ static authn_status authn_dbd_password(request_rec *r, const char *user, i++; } #endif + dbd_password = apr_dbd_get_entry(dbd->driver, row, 0); } /* we can't break out here or row won't get cleaned up */ } @@ -185,22 +190,27 @@ static authn_status authn_dbd_realm(request_rec *r, const char *user, ap_dbd_t *dbd = authn_dbd_acquire_fn(r); if (dbd == NULL) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Error looking up %s in database", user); + "Failed to acquire database connection to look up " + "user '%s:%s'", user, realm); return AUTH_GENERAL_ERROR; } if (conf->realm == NULL) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No AuthDBDUserRealmQuery has been specified."); + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "No AuthDBDUserRealmQuery has been specified"); return AUTH_GENERAL_ERROR; } statement = apr_hash_get(dbd->prepared, conf->realm, APR_HASH_KEY_STRING); if (statement == NULL) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "A prepared statement could not be found for AuthDBDUserRealmQuery, key '%s'.", conf->realm); + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "A prepared statement could not be found for " + "AuthDBDUserRealmQuery with the key '%s'", conf->realm); return AUTH_GENERAL_ERROR; } if (apr_dbd_pvselect(dbd->driver, r->pool, dbd->handle, &res, statement, 0, user, realm, NULL) != 0) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Error looking up %s:%s in database", user, realm); + "Query execution error looking up '%s:%s' " + "in database", user, realm); return AUTH_GENERAL_ERROR; } for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1); @@ -208,12 +218,11 @@ static authn_status authn_dbd_realm(request_rec *r, const char *user, rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) { if (rv != 0) { ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, - "Error looking up %s in database", user); + "Error retrieving results while looking up '%s:%s' " + "in database", user, realm); return AUTH_GENERAL_ERROR; } if (dbd_hash == NULL) { - dbd_hash = apr_dbd_get_entry(dbd->driver, row, 0); - #if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 3) /* add the rest of the columns to the environment */ int i = 1; @@ -240,6 +249,7 @@ static authn_status authn_dbd_realm(request_rec *r, const char *user, i++; } #endif + dbd_hash = apr_dbd_get_entry(dbd->driver, row, 0); } /* we can't break out here or row won't get cleaned up */ } diff --git a/modules/aaa/mod_authz_host.c b/modules/aaa/mod_authz_host.c index 5b9ec338..a502951c 100644 --- a/modules/aaa/mod_authz_host.c +++ b/modules/aaa/mod_authz_host.c @@ -297,8 +297,9 @@ static int check_dir_access(request_rec *r) if (ret == HTTP_FORBIDDEN && (ap_satisfies(r) != SATISFY_ANY || !ap_some_auth_required(r))) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "client denied by server configuration: %s", - r->filename); + "client denied by server configuration: %s%s", + r->filename ? "" : "uri ", + r->filename ? r->filename : r->uri); } return ret; |