diff options
author | Stef Walter <stef@memberwebs.com> | 2006-07-27 21:38:22 +0000 |
---|---|---|
committer | Stef Walter <stef@memberwebs.com> | 2006-07-27 21:38:22 +0000 |
commit | 79ad23f1b2ddbf68bb751d15d66e5fca175a96bc (patch) | |
tree | 6f3a25719a34bede83c9e35ea904c342aaef3519 /apache1x | |
parent | 0b7db8805d91eac81a4b526d3400a9d50bd5c7e1 (diff) |
Initial implementation of 'require' directives.
Diffstat (limited to 'apache1x')
-rw-r--r-- | apache1x/mod_httpauth.c | 62 |
1 files changed, 60 insertions, 2 deletions
diff --git a/apache1x/mod_httpauth.c b/apache1x/mod_httpauth.c index 4cb3e3f..a801fdf 100644 --- a/apache1x/mod_httpauth.c +++ b/apache1x/mod_httpauth.c @@ -800,8 +800,66 @@ retry: static int httpauth_access(request_rec *r) { - /* TODO: We need to support require directives */ - return OK; + httpauth_context_t* ctx; + const char *user = r->connection->user; + int m = r->method_number; + int method_restricted = 0; + register int x; + const char *t, *w; + const array_header *reqs_arr; + require_line *reqs; + + ctx = (httpauth_context_t*)ap_get_module_config(r->per_dir_config, + &httpauth_module); + + /* Make sure it's for us */ + if(!(authtype = ap_auth_type(r)) || strcasecmp(HTTPAUTH_AUTHTYPE, authtype) != 0) + return DECLINED; + + reqs_arr = ap_requires(r); + + /* If there is no "requires" directive, then any user will do. */ + if (!reqs_arr) + return OK; + reqs = (require_line*)reqs_arr->elts; + + for (x = 0; x < reqs_arr->nelts; x++) + { + if (!(reqs[x].method_mask & (1 << m))) + continue; + + method_restricted = 1; + + t = reqs[x].requirement; + w = ap_getword_white(r->pool, &t); + if(!strcasecmp(w, "valid-user")) + return OK; + else if (!strcasecmp(w, "user")) + { + while (t[0]) + { + w = ap_getword_conf(r->pool, &t); + if(!strcmp(user, w)) + return OK; + } + } + else + { + ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, + "Digest: access to %s failed, reason: unknown require " + "directive \"%s\"", r->uri, reqs[x].requirement); + return DECLINED; + } + } + + if (!method_restricted) + return OK; + + ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r, + "Digest: access to %s failed, reason: user %s not allowed access", + r->uri, user); + + return AUTH_REQUIRED; } /* Dispatch list for API hooks */ |