Tons of fixes, debugging, changes, added apache module

3 files changed, 158 insertions, 19 deletions

diff --git a/doc/httpauth.conf.5 b/doc/httpauth.conf.5
new file mode 100644
index 0000000..fd26c7b
--- /dev/null
+++ b/doc/httpauth.conf.5
@@ -0,0 +1,82 @@
+.Dd April, 2004
+.Dt HTTPAUTH.CONF 5
+.Os httpauth 
+.Sh NAME
+.Nm httpauth.conf
+.Nd the configuration file for 
+.Em httpauthd
+.Sh DESCRIPTION
+The XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx
+.Nm
+scripting language is a regular expression language used for fine grained, 
+buffer based search and replace. It is not limited to lines. A full description
+of what 
+.Nm
+is capable of is outside the scope of this document. 
+.Pp
+.Ar script 
+is a text or compiled 
+.Nm
+script. For details see the language documentation that came along with the distribution.
+.Pp
+When used with the 
+.Fl f 
+argument 
+.Nm 
+replaces files in place. Otherwise it reads from 
+.Ar infile
+and writes to 
+.Ar outfile
+\&. If either infile or outfile are missing or are equal to a dash 
+.Sq Li - 
+, then rep processes 
+.Em stdin
+or 
+.Em stdout
+respectively.
+.Sh OPTIONS
+The options are as follows:
+.Bl -tag -width Fl
+.It Fl b
+Backup files where replacements have occurred. The backup files have an
+.Sq x_r
+extension appended to their filename.
+.It Fl i
+Prompt for confirmation before each replacement.
+.It Fl p
+Only output replaced text. Can be used as a rudimentary parser.
+.It Fl q
+Supress status messages. Only errors will be sent to stderr.
+.It Fl z
+Set the replacement buffer size to 
+.Ar buffsize .
+This speeds up execution as regular expressions only have to act on a small
+portion of the whole file at once. However the largest match will be limited to 
+roughly 
+.Ar buffsize 
+, so use this option with care. The script loops over each buffer until no more
+matches are found within it. Care is taken to overlap the buffers as much as 
+possible to ensure that any match smaller than 
+.Ar buffsize
+can be matched.
+.Sh NOTE
+The
+.Nm 
+command uses 
+.Xr getopt 3
+to parse it's arguments, which allows it to accept 
+the 
+.Sq Li --
+option which will stop processing of flag options at that point. This allows
+the processing of files with names that begin with a dash
+.Pq Sq - .
+.Sh BUGS
+When reading from 
+.Em stdin
+you must specify a buffer size.
+.Sh SEE ALSO
+.Xr repc 1 ,
+.Xr rlib 3 ,
+.Xr pcre 3
+.Sh AUTHOR
+.An Nate Nielsen Aq nielsen@memberwebs.com
\ No newline at end of file
diff --git a/doc/httpauth.conf.sample b/doc/httpauth.conf.sample
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/doc/httpauth.conf.sample
diff --git a/doc/protocol.txt b/doc/protocol.txt
index 05e32f2..b6bc0ba 100644
--- a/doc/protocol.txt
+++ b/doc/protocol.txt
@@ -1,22 +1,39 @@
 
-                    HTTP/AUTH PROTOCOL
+                       HTTPAUTH PROTOCOL
 
 The protocol used between the stateful authenticator and the web servers
 that wish to authenticate is described below. It's a simple text protocol,
-similar to HTTP. The web servers send commands and headers to the daemon,
+similar to HTTP. The web server sends commands and headers to the daemon,
 which replies with HTTP codes and headers.
 
 Multiple authentication requests can be processed on the same connection,
-although the connection is not stateful. A authentication request initially
-processed through one connection to the daemon can later be completed
-through another. The commands are described below.
+although the connection is not necessarily stateful. A authentication
+request initially processed through one connection to the daemon can
+later be completed through another. The commands are described below.
 
-AUTH method uri
+After connecting to the daemon, you'll need to retrieve the initial
+'ready' response before sending requests. See below. If the server
+responds with a 5xx message then something's gone wrong and no requests
+will be accepted on the connection.
+
+
+REQUESTS -------------------------------------------------------------------
+
+AUTH authmethod connid method uri
 
   The AUTH command asks the daemon to perform authentication
-  for a given set of headers.
+  for a given set of header from the client. None of the
+  arguments should contain spaces.
+
+  authmethod: is the authentication method. Methods are
+       defined by the daemon in it's config file.
+
+  connid: a unique string identifying the connection from
+       the client. This is only important when NTLM is
+       being used. If not, pass a random string.
+
+  method: The HTTP method employed. 'GET' or 'POST' etc...
 
-  method: is the authentication type. It might be 'NTLM'.
   uri: the URI being authenticated.
 
   The AUTH command is followed by HTTP headers, one per line
@@ -24,23 +41,63 @@ AUTH method uri
   authentication headers for the authentication protocol being
   used. Extraneous headers are ignored.
 
-  If multiple HTTP headers with the same name are received, then
-  the last one is used. Note that this is somewhat different than
-  the HTTP protocol.
+  Headers should be specified on one line, not 'wrapped' as is
+  permissible in HTTP.
 
 QUIT
 
   This closes the connection to the daemon.
 
 
-The response from the daemon consists of an HTTP code, followed by headers
-one per line. Note that only the headers to be added for authentication are
-returned. For example:
 
-  401
-  Header: value
-  Header2: value
+RESPONSES -------------------------------------------------------------------
+
+The response from the daemon consists of a code, followed by a detail
+message value or set of values. This is separated from the code by a
+space. The content of the detail message is described below.
+
+The codes are similar to HTTP:
+
+  100 Ready
+    (detail is the list of available authmethods)
+
+  200 Successful Request
+    (detail is described below)
+
+  4xx Request Error
+    (detail is an error message)
+
+  5xx Server Error
+    (detail is an error message)
+
+
+READY
+
+After opening a connection to the daemon, you should receive a response
+(outlined below) of 100 indicating ready. The 'detail' value is set
+to the list of authmethods that the daemon is configured to provide.
+These are separated by spaces:
+
+  100 Domain Simple Test LDAP
+
+
+SUCCESS
+
+Successful processing of a request returns a 200. The detail constists of,
+an HTTP code to send to the client and the user name (when authentication is
+successful). These are separated by spaces.
+
+In addition the daemon might send a set of headers that must be sent to
+the client. These are ended by a blank line.
+
+A response after client authentication failed might look like this:
+
+  200 401
+  WWW-Authenticate: realm="blah"
+
+... or a client authentication success response like this:
+
+  200 200 testo
+  Authorization-Info: Digest rspauth="2034980294820398" nonce="2049823094328" ...
 
-Success returns a 200, just like normal HTTP. Note that success can contain
-headers that must also be sent to the client.