summaryrefslogtreecommitdiff
path: root/apache2x/mod_httpauth.c
diff options
context:
space:
mode:
authorStef Walter <stef@memberwebs.com>2006-05-10 17:31:32 +0000
committerStef Walter <stef@memberwebs.com>2006-05-10 17:31:32 +0000
commite593016a80ceee52b6e3244512ff4307f8c208fa (patch)
tree1c3d31e8175979443f00694834bcc10ece665826 /apache2x/mod_httpauth.c
parent70488f63f5caf792ea9bf75004a3ea7a43ab90a4 (diff)
Add NTLM support.
Diffstat (limited to 'apache2x/mod_httpauth.c')
-rw-r--r--apache2x/mod_httpauth.c28
1 files changed, 23 insertions, 5 deletions
diff --git a/apache2x/mod_httpauth.c b/apache2x/mod_httpauth.c
index b225e5b..ff4494e 100644
--- a/apache2x/mod_httpauth.c
+++ b/apache2x/mod_httpauth.c
@@ -45,6 +45,8 @@
#include <apr_strings.h>
#include <apr_lib.h>
+#include <unistd.h>
+
#include "sock_any.h"
#include "stringx.h"
@@ -67,9 +69,11 @@ httpauth_context_t;
#define AUTH_PREFIX_BASIC "Basic"
#define AUTH_PREFIX_DIGEST "Digest"
+#define AUTH_PREFIX_NTLM "NTLM"
#define AUTH_TYPE_BASIC 1 << 1
#define AUTH_TYPE_DIGEST 1 << 2
+#define AUTH_TYPE_NTLM 1 << 3
#define AUTH_TYPE_ANY 0x0000FFFF
#define HTTPAUTH_AUTHTYPE "HTTPAUTH"
@@ -118,6 +122,8 @@ static const char* set_types(cmd_parms* cmd, void* config, const char* val)
type = AUTH_TYPE_BASIC;
else if(strcasecmp(val, AUTH_PREFIX_DIGEST) == 0)
type = AUTH_TYPE_DIGEST;
+ else if(strcasecmp(val, AUTH_PREFIX_NTLM) == 0)
+ type = AUTH_TYPE_NTLM;
else if(strcasecmp(val, "any"))
type = AUTH_TYPE_ANY;
else
@@ -145,7 +151,7 @@ static const command_rec httpauth_cmds[] =
AP_INIT_TAKE1( "HttpAuthHandler", set_handler, NULL, OR_AUTHCFG,
"The handler that httpauthd should use to authenticate" ),
AP_INIT_ITERATE( "HttpAuthTypes", set_types, NULL, OR_AUTHCFG,
- "The types of authentiction allowed (Basic, Digest, ...)" ),
+ "The types of authentiction allowed (Basic, Digest, NTLM ...)" ),
AP_INIT_RAW_ARGS( "HttpAuthDigestDomain", set_domain, NULL, OR_AUTHCFG,
"The domain for which digest authentication is relevant" ),
{ NULL }
@@ -484,7 +490,6 @@ int write_data(httpauth_context_t* ctx, server_rec* s, const char* data)
int connect_socket(httpauth_context_t* ctx, request_rec* r)
{
struct sockaddr_any sany;
- apr_status_t st;
int ret = -1;
disconnect_socket(ctx, r->server);
@@ -611,13 +616,22 @@ finally:
int write_request(httpauth_context_t* ctx, request_rec* r)
{
+ char pidid[40];
+ char connid[40];
int i, c = 0;
const char* t;
const apr_array_header_t* hdrs_arr;
const apr_table_entry_t* elts;
+ /* A unique per connection id */
+ snprintf(connid, sizeof(connid), "0x%X", (unsigned int)r->connection);
+ connid[sizeof(connid) - 1] = 0;
+ snprintf(pidid, sizeof(pidid), "%d", (unsigned int)getpid());
+ pidid[sizeof(pidid) - 1] = 0;
+ t = apr_pstrcat(r->pool, pidid, ":", connid, NULL);
+
/* Send the request header to httpauthd */
- t = apr_pstrcat(r->pool, "AUTH XXX ", r->method,
+ t = apr_pstrcat(r->pool, "AUTH ", t, " ", r->method,
" ", r->unparsed_uri, "\n", NULL);
if(write_data(ctx, r->server, t) == -1)
@@ -650,6 +664,10 @@ int write_request(httpauth_context_t* ctx, request_rec* r)
!(ctx->types & AUTH_TYPE_DIGEST))
continue;
+ else if(strncasecmp(t, AUTH_PREFIX_NTLM, strlen(AUTH_PREFIX_NTLM)) == 0 &&
+ !(ctx->types & AUTH_TYPE_NTLM))
+ continue;
+
/* Only allow unknown if we don't have it */
else if(!(ctx->types & AUTH_TYPE_ANY))
continue;
@@ -774,7 +792,7 @@ static int httpauth_access(request_rec *r)
static void register_hooks(apr_pool_t *p)
{
- static const char* cfg_post[] = { "http_core.c", NULL };
+ /* static const char* cfg_post[] = { "http_core.c", NULL }; */
ap_hook_check_user_id(httpauth_authenticate, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_auth_checker(httpauth_access, NULL, NULL, APR_HOOK_MIDDLE);
@@ -783,7 +801,7 @@ static void register_hooks(apr_pool_t *p)
module AP_MODULE_DECLARE_DATA httpauth_module =
{
STANDARD20_MODULE_STUFF,
- httpauth_dir_config, /* dir config creater */
+ httpauth_dir_config, /* dir config creater */
NULL, /* dir merger --- default is to override */
NULL, /* server config */
NULL, /* merge server config */