Protocol:

- version added to initial Ready - Added SET command - Added 202 Accept response Some structure changes
author: Stef Walter <stef@memberwebs.com> 2004-05-07 17:52:22 +0000
committer: Stef Walter <stef@memberwebs.com> 2004-05-07 17:52:22 +0000
commit: 0bc8575dbfb281f5f5e9fb530247d29ba1f296fc (patch)
tree: 4e0eda73d880c01e9434b4f1ebb52f513119269b /daemon/ldap.c
parent: c9b851b3194bf4bff6059e9ff471d125afc39c0f (diff)
1 files changed, 22 insertions, 23 deletions
diff --git a/daemon/ldap.c b/daemon/ldap.c
index 9fda424..9fd513f 100644
--- a/daemon/ldap.c
+++ b/daemon/ldap.c
@@ -73,7 +73,7 @@ typedef struct ldap_context
   int ldap_max;             /* Number of open connections allowed */
   int ldap_timeout;         /* Maximum amount of time to dedicate to an ldap query */
 
-  ha_options_t* opts;       /* Options from httpauthd.c */
+  const ha_context_opts_t* opts;  /* Options from httpauthd.c */
 
   /* Context ----------------------------------------------------------- */
   hash_t* cache;            /* Some cached records or basic */
@@ -252,12 +252,12 @@ static const char* escape_ldap(ha_buffer_t* buf, const char* str)
       t += pos;
     }
 
-    while(*t && !strchr(LDAP_NO_ESCAPE, t))
+    while(*t && !strchr(LDAP_NO_ESCAPE, *t))
     {
       char hex[4];
       hex[0] = '\\';
       hex[1] = LDAP_HEX[*t >> 4 & 0xf];
-      hex[2] = LDAP_HEX[*t 0xf];
+      hex[2] = LDAP_HEX[*t & 0xf];
       hex[3] = '\0';
 
       ha_bufjoin(buf);
@@ -999,7 +999,7 @@ finally:
 
   if(found && ret >= 0)
   {
-    resp->code = HA_SERVER_ACCEPT;
+    resp->code = HA_SERVER_OK;
     resp->detail = basic.user;
 
     /* We put this connection into the successful connections */
@@ -1009,8 +1009,8 @@ finally:
   return ret;
 }
 
-static int digest_ldap_challenge(ldap_context_t* ctx, ha_response_t* resp,
-                                 ha_buffer_t* buf, int stale)
+static int digest_ldap_challenge(ldap_context_t* ctx, const ha_request_t* req,
+                                 ha_response_t* resp, ha_buffer_t* buf, int stale)
 {
   unsigned char nonce[DIGEST_NONCE_LEN];
   const char* nonce_str;
@@ -1037,7 +1037,7 @@ static int digest_ldap_challenge(ldap_context_t* ctx, ha_response_t* resp,
 
   /* Now generate a message to send */
   header = digest_challenge(buf, nonce_str, ctx->opts->realm,
-                            ctx->opts->digest_domains, stale);
+                            req->opts->digest_domains, stale);
 
   if(!header)
     return HA_CRITERROR;
@@ -1051,8 +1051,7 @@ static int digest_ldap_challenge(ldap_context_t* ctx, ha_response_t* resp,
 }
 
 static int digest_ldap_response(ldap_context_t* ctx, const char* header,
-                                const char* method, const char* uri,
-                               ha_response_t* resp, ha_buffer_t* buf)
+                const ha_request_t* req, ha_response_t* resp, ha_buffer_t* buf)
 {
   unsigned char nonce[DIGEST_NONCE_LEN];
   digest_header_t dg;
@@ -1063,7 +1062,7 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header,
   int stale = 0;
   int r;
 
-  ASSERT(ctx && header && method && uri && resp && buf);
+  ASSERT(ctx && header && req && resp && buf);
 
   /* We use this below to send a default response */
   resp->code = -1;
@@ -1142,7 +1141,8 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header,
     rec->nc++;
   }
 
-  ret = digest_check(&dg, rec, ctx->opts, buf, method, uri);
+  ret = digest_check(&dg, rec, ctx->opts, buf,
+                req->args[AUTH_ARG_METHOD], req->args[AUTH_ARG_URI]);
 
   if(ret == HA_BADREQ)
   {
@@ -1152,7 +1152,7 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header,
 
   else if(ret == HA_OK)
   {
-    resp->code = HA_SERVER_ACCEPT;
+    resp->code = HA_SERVER_OK;
     resp->detail = dg.username;
 
     /* Figure out if we need a new nonce */
@@ -1193,7 +1193,7 @@ finally:
 
   /* If nobody above responded then challenge the client again */
   if(resp->code == -1)
-    return digest_ldap_challenge(ctx, resp, buf, stale);
+    return digest_ldap_challenge(ctx, req, resp, buf, stale);
 
   return ret;
 }
@@ -1311,7 +1311,7 @@ int ldap_inithand(ha_context_t* context)
     ASSERT(ctx);
 
     /* Make sure there are some types of authentication we can do */
-    if(!(context->opts.types & (HA_TYPE_BASIC | HA_TYPE_DIGEST)))
+    if(!(context->opts->types & (HA_TYPE_BASIC | HA_TYPE_DIGEST)))
     {
       ha_messagex(LOG_ERR, "ldap: module configured, but does not implement any "
                            "configured authentication type.");
@@ -1358,7 +1358,7 @@ int ldap_inithand(ha_context_t* context)
     memset(ctx->pool, 0, sizeof(LDAP*) * ctx->ldap_max);
 
     /* Copy some settings over for easy access */
-    ctx->opts = &(context->opts);
+    ctx->opts = context->opts;
 
     ha_messagex(LOG_INFO, "ldap: initialized handler");
   }
@@ -1398,7 +1398,7 @@ void ldap_destroy(ha_context_t* context)
   ha_messagex(LOG_INFO, "ldap: uninitialized handler");
 }
 
-int ldap_process(ha_context_t* context, ha_request_t* req,
+int ldap_process(ha_context_t* context, const ha_request_t* req,
                  ha_response_t* resp, ha_buffer_t* buf)
 {
   ldap_context_t* ctx = (ldap_context_t*)context->data;
@@ -1425,21 +1425,20 @@ int ldap_process(ha_context_t* context, ha_request_t* req,
 
 
   /* Check the headers and see if we got a response thingy */
-  if(context->opts.types & HA_TYPE_DIGEST)
+  if(context->opts->types & HA_TYPE_DIGEST)
   {
     header = ha_getheader(req, "Authorization", HA_PREFIX_DIGEST);
     if(header)
     {
       ha_messagex(LOG_DEBUG, "ldap: processing digest auth header");
-      ret = digest_ldap_response(ctx, header, req->args[AUTH_ARG_METHOD],
-                                 req->args[AUTH_ARG_URI], resp, buf);
+      ret = digest_ldap_response(ctx, header, req, resp, buf);
       if(ret < 0)
         return ret;
     }
   }
 
   /* Or a basic authentication */
-  if(!header && context->opts.types & HA_TYPE_BASIC)
+  if(!header && context->opts->types & HA_TYPE_BASIC)
   {
     header = ha_getheader(req, "Authorization", HA_PREFIX_BASIC);
     if(header)
@@ -1457,7 +1456,7 @@ int ldap_process(ha_context_t* context, ha_request_t* req,
   {
     resp->code = HA_SERVER_DECLINE;
 
-    if(context->opts.types & HA_TYPE_BASIC)
+    if(context->opts->types & HA_TYPE_BASIC)
     {
       ha_bufmcat(buf, "BASIC realm=\"", ctx->opts->realm , "\"", NULL);
 
@@ -1468,9 +1467,9 @@ int ldap_process(ha_context_t* context, ha_request_t* req,
       ha_messagex(LOG_DEBUG, "ldap: sent basic auth request");
     }
 
-    if(context->opts.types & HA_TYPE_DIGEST)
+    if(context->opts->types & HA_TYPE_DIGEST)
     {
-      ret = digest_ldap_challenge(ctx, resp, buf, 0);
+      ret = digest_ldap_challenge(ctx, req, resp, buf, 0);
       if(ret < 0)
         return ret;
     }
author	Stef Walter <stef@memberwebs.com>	2004-05-07 17:52:22 +0000
committer	Stef Walter <stef@memberwebs.com>	2004-05-07 17:52:22 +0000
commit	0bc8575dbfb281f5f5e9fb530247d29ba1f296fc (patch)
tree	4e0eda73d880c01e9434b4f1ebb52f513119269b /daemon/ldap.c
parent	c9b851b3194bf4bff6059e9ff471d125afc39c0f (diff)