diff options
Diffstat (limited to 'apache2x')
-rw-r--r-- | apache2x/mod_httpauth.c | 59 |
1 files changed, 57 insertions, 2 deletions
diff --git a/apache2x/mod_httpauth.c b/apache2x/mod_httpauth.c index 9d3854b..34b5efc 100644 --- a/apache2x/mod_httpauth.c +++ b/apache2x/mod_httpauth.c @@ -809,8 +809,63 @@ retry: static int httpauth_access(request_rec *r) { - /* TODO: We need to support require directives */ - return OK; + httpauth_context_t* ctx; + const char* authtype; + char *user = r->user; + int m = r->method_number; + int method_restricted = 0; + register int x; + const char *t, *w; + const apr_array_header_t *reqs_arr = ap_requires(r); + require_line *reqs; + + /* Make sure it's for us */ + if(!(authtype = ap_auth_type(r)) || strcasecmp(HTTPAUTH_AUTHTYPE, authtype) != 0) + return DECLINED; + + ctx = (httpauth_context_t*)ap_get_module_config(r->per_dir_config, + &httpauth_module); + + if (!reqs_arr) + return OK; + reqs = (require_line *)reqs_arr->elts; + + for (x = 0; x < reqs_arr->nelts; x++) + { + if (!(reqs[x].method_mask & (AP_METHOD_BIT << m))) + continue; + + method_restricted = 1; + + t = reqs[x].requirement; + w = ap_getword_white(r->pool, &t); + if(!strcmp(w, "valid-user")) + return OK; + else if(!strcmp(w, "user")) + { + while (t[0]) + { + w = ap_getword_conf(r->pool, &t); + if (!strcmp(user, w)) { + return OK; + } + } + } + else + { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "access to %s failed, reason: unknown require " + "directive:\"%s\"", r->uri, reqs[x].requirement); + } + } + + if (!method_restricted) + return OK; + + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "access to %s failed, reason: user %s not allowed access", + r->uri, user); + return HTTP_UNAUTHORIZED; } static void register_hooks(apr_pool_t *p) |