From e593016a80ceee52b6e3244512ff4307f8c208fa Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Wed, 10 May 2006 17:31:32 +0000 Subject: Add NTLM support. --- apache2x/mod_httpauth.c | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) (limited to 'apache2x/mod_httpauth.c') diff --git a/apache2x/mod_httpauth.c b/apache2x/mod_httpauth.c index b225e5b..ff4494e 100644 --- a/apache2x/mod_httpauth.c +++ b/apache2x/mod_httpauth.c @@ -45,6 +45,8 @@ #include #include +#include + #include "sock_any.h" #include "stringx.h" @@ -67,9 +69,11 @@ httpauth_context_t; #define AUTH_PREFIX_BASIC "Basic" #define AUTH_PREFIX_DIGEST "Digest" +#define AUTH_PREFIX_NTLM "NTLM" #define AUTH_TYPE_BASIC 1 << 1 #define AUTH_TYPE_DIGEST 1 << 2 +#define AUTH_TYPE_NTLM 1 << 3 #define AUTH_TYPE_ANY 0x0000FFFF #define HTTPAUTH_AUTHTYPE "HTTPAUTH" @@ -118,6 +122,8 @@ static const char* set_types(cmd_parms* cmd, void* config, const char* val) type = AUTH_TYPE_BASIC; else if(strcasecmp(val, AUTH_PREFIX_DIGEST) == 0) type = AUTH_TYPE_DIGEST; + else if(strcasecmp(val, AUTH_PREFIX_NTLM) == 0) + type = AUTH_TYPE_NTLM; else if(strcasecmp(val, "any")) type = AUTH_TYPE_ANY; else @@ -145,7 +151,7 @@ static const command_rec httpauth_cmds[] = AP_INIT_TAKE1( "HttpAuthHandler", set_handler, NULL, OR_AUTHCFG, "The handler that httpauthd should use to authenticate" ), AP_INIT_ITERATE( "HttpAuthTypes", set_types, NULL, OR_AUTHCFG, - "The types of authentiction allowed (Basic, Digest, ...)" ), + "The types of authentiction allowed (Basic, Digest, NTLM ...)" ), AP_INIT_RAW_ARGS( "HttpAuthDigestDomain", set_domain, NULL, OR_AUTHCFG, "The domain for which digest authentication is relevant" ), { NULL } @@ -484,7 +490,6 @@ int write_data(httpauth_context_t* ctx, server_rec* s, const char* data) int connect_socket(httpauth_context_t* ctx, request_rec* r) { struct sockaddr_any sany; - apr_status_t st; int ret = -1; disconnect_socket(ctx, r->server); @@ -611,13 +616,22 @@ finally: int write_request(httpauth_context_t* ctx, request_rec* r) { + char pidid[40]; + char connid[40]; int i, c = 0; const char* t; const apr_array_header_t* hdrs_arr; const apr_table_entry_t* elts; + /* A unique per connection id */ + snprintf(connid, sizeof(connid), "0x%X", (unsigned int)r->connection); + connid[sizeof(connid) - 1] = 0; + snprintf(pidid, sizeof(pidid), "%d", (unsigned int)getpid()); + pidid[sizeof(pidid) - 1] = 0; + t = apr_pstrcat(r->pool, pidid, ":", connid, NULL); + /* Send the request header to httpauthd */ - t = apr_pstrcat(r->pool, "AUTH XXX ", r->method, + t = apr_pstrcat(r->pool, "AUTH ", t, " ", r->method, " ", r->unparsed_uri, "\n", NULL); if(write_data(ctx, r->server, t) == -1) @@ -650,6 +664,10 @@ int write_request(httpauth_context_t* ctx, request_rec* r) !(ctx->types & AUTH_TYPE_DIGEST)) continue; + else if(strncasecmp(t, AUTH_PREFIX_NTLM, strlen(AUTH_PREFIX_NTLM)) == 0 && + !(ctx->types & AUTH_TYPE_NTLM)) + continue; + /* Only allow unknown if we don't have it */ else if(!(ctx->types & AUTH_TYPE_ANY)) continue; @@ -774,7 +792,7 @@ static int httpauth_access(request_rec *r) static void register_hooks(apr_pool_t *p) { - static const char* cfg_post[] = { "http_core.c", NULL }; + /* static const char* cfg_post[] = { "http_core.c", NULL }; */ ap_hook_check_user_id(httpauth_authenticate, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_auth_checker(httpauth_access, NULL, NULL, APR_HOOK_MIDDLE); @@ -783,7 +801,7 @@ static void register_hooks(apr_pool_t *p) module AP_MODULE_DECLARE_DATA httpauth_module = { STANDARD20_MODULE_STUFF, - httpauth_dir_config, /* dir config creater */ + httpauth_dir_config, /* dir config creater */ NULL, /* dir merger --- default is to override */ NULL, /* server config */ NULL, /* merge server config */ -- cgit v1.2.3