From e593016a80ceee52b6e3244512ff4307f8c208fa Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Wed, 10 May 2006 17:31:32 +0000 Subject: Add NTLM support. --- apache2x/Makefile | 38 -------------------------------------- apache2x/Makefile.am | 31 +++++++++++++++++++++++++++++++ apache2x/mod_httpauth.c | 28 +++++++++++++++++++++++----- apache2x/modules.mk | 4 ---- 4 files changed, 54 insertions(+), 47 deletions(-) delete mode 100644 apache2x/Makefile create mode 100644 apache2x/Makefile.am delete mode 100644 apache2x/modules.mk (limited to 'apache2x') diff --git a/apache2x/Makefile b/apache2x/Makefile deleted file mode 100644 index 65dc435..0000000 --- a/apache2x/Makefile +++ /dev/null @@ -1,38 +0,0 @@ -## -## Makefile -- Build procedure for sample httpauth Apache module -## Autogenerated via ``apxs -n httpauth -g''. -## - -builddir=. -top_srcdir=/etc/httpd -top_builddir=/etc/httpd -include /usr/lib/httpd/build/special.mk - -# the used tools -APXS=apxs -APACHECTL=apachectl - -# additional defines, includes and libraries -#DEFS=-Dmy_define=my_value -INCLUDES=-I../ -I../common/ -#LIBS=-Lmy/lib/dir -lmylib - -all: local-shared-build - -install: install-modules - -clean: - -rm -f mod_httpauth.o mod_httpauth.lo mod_httpauth.slo mod_httpauth.la - -# install and activate shared object by reloading Apache to -# force a reload of the shared object file -reload: install restart - -# the general Apache start/restart/stop procedures -start: - $(APACHECTL) start -restart: - $(APACHECTL) restart -stop: - $(APACHECTL) stop - diff --git a/apache2x/Makefile.am b/apache2x/Makefile.am new file mode 100644 index 0000000..4b959cb --- /dev/null +++ b/apache2x/Makefile.am @@ -0,0 +1,31 @@ + +DEF= +INC=-I../ -I../common/ + +all: mod_httpauth.so + + +mod_httpauth.so: mod_httpauth.c ../common/sock_any.c + $(APXS) -c -Wc,-g -Wc,-O0 $(DEF) $(INC) $(LIB) mod_httpauth.c + $(SH_LINK) -rpath $(libexecdir) -module -avoid-version mod_httpauth.lo + +# install the DSO file into the Apache installation +# and activate it in the Apache configuration +install: all + $(APXS) -i -a -c -Wc,-g -Wc,-O0 $(DEF) $(INC) $(LIB) mod_httpauth.c + +# cleanup +clean: + -rm -f mod_httpauth.o mod_httpauth.so + +# reload the module by installing and restarting Apache +reload: install restart + +# the general Apache start/restart/stop procedures +start: + $(APACHECTL) start +restart: + $(APACHECTL) restart +stop: + $(APACHECTL) stop + diff --git a/apache2x/mod_httpauth.c b/apache2x/mod_httpauth.c index b225e5b..ff4494e 100644 --- a/apache2x/mod_httpauth.c +++ b/apache2x/mod_httpauth.c @@ -45,6 +45,8 @@ #include #include +#include + #include "sock_any.h" #include "stringx.h" @@ -67,9 +69,11 @@ httpauth_context_t; #define AUTH_PREFIX_BASIC "Basic" #define AUTH_PREFIX_DIGEST "Digest" +#define AUTH_PREFIX_NTLM "NTLM" #define AUTH_TYPE_BASIC 1 << 1 #define AUTH_TYPE_DIGEST 1 << 2 +#define AUTH_TYPE_NTLM 1 << 3 #define AUTH_TYPE_ANY 0x0000FFFF #define HTTPAUTH_AUTHTYPE "HTTPAUTH" @@ -118,6 +122,8 @@ static const char* set_types(cmd_parms* cmd, void* config, const char* val) type = AUTH_TYPE_BASIC; else if(strcasecmp(val, AUTH_PREFIX_DIGEST) == 0) type = AUTH_TYPE_DIGEST; + else if(strcasecmp(val, AUTH_PREFIX_NTLM) == 0) + type = AUTH_TYPE_NTLM; else if(strcasecmp(val, "any")) type = AUTH_TYPE_ANY; else @@ -145,7 +151,7 @@ static const command_rec httpauth_cmds[] = AP_INIT_TAKE1( "HttpAuthHandler", set_handler, NULL, OR_AUTHCFG, "The handler that httpauthd should use to authenticate" ), AP_INIT_ITERATE( "HttpAuthTypes", set_types, NULL, OR_AUTHCFG, - "The types of authentiction allowed (Basic, Digest, ...)" ), + "The types of authentiction allowed (Basic, Digest, NTLM ...)" ), AP_INIT_RAW_ARGS( "HttpAuthDigestDomain", set_domain, NULL, OR_AUTHCFG, "The domain for which digest authentication is relevant" ), { NULL } @@ -484,7 +490,6 @@ int write_data(httpauth_context_t* ctx, server_rec* s, const char* data) int connect_socket(httpauth_context_t* ctx, request_rec* r) { struct sockaddr_any sany; - apr_status_t st; int ret = -1; disconnect_socket(ctx, r->server); @@ -611,13 +616,22 @@ finally: int write_request(httpauth_context_t* ctx, request_rec* r) { + char pidid[40]; + char connid[40]; int i, c = 0; const char* t; const apr_array_header_t* hdrs_arr; const apr_table_entry_t* elts; + /* A unique per connection id */ + snprintf(connid, sizeof(connid), "0x%X", (unsigned int)r->connection); + connid[sizeof(connid) - 1] = 0; + snprintf(pidid, sizeof(pidid), "%d", (unsigned int)getpid()); + pidid[sizeof(pidid) - 1] = 0; + t = apr_pstrcat(r->pool, pidid, ":", connid, NULL); + /* Send the request header to httpauthd */ - t = apr_pstrcat(r->pool, "AUTH XXX ", r->method, + t = apr_pstrcat(r->pool, "AUTH ", t, " ", r->method, " ", r->unparsed_uri, "\n", NULL); if(write_data(ctx, r->server, t) == -1) @@ -650,6 +664,10 @@ int write_request(httpauth_context_t* ctx, request_rec* r) !(ctx->types & AUTH_TYPE_DIGEST)) continue; + else if(strncasecmp(t, AUTH_PREFIX_NTLM, strlen(AUTH_PREFIX_NTLM)) == 0 && + !(ctx->types & AUTH_TYPE_NTLM)) + continue; + /* Only allow unknown if we don't have it */ else if(!(ctx->types & AUTH_TYPE_ANY)) continue; @@ -774,7 +792,7 @@ static int httpauth_access(request_rec *r) static void register_hooks(apr_pool_t *p) { - static const char* cfg_post[] = { "http_core.c", NULL }; + /* static const char* cfg_post[] = { "http_core.c", NULL }; */ ap_hook_check_user_id(httpauth_authenticate, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_auth_checker(httpauth_access, NULL, NULL, APR_HOOK_MIDDLE); @@ -783,7 +801,7 @@ static void register_hooks(apr_pool_t *p) module AP_MODULE_DECLARE_DATA httpauth_module = { STANDARD20_MODULE_STUFF, - httpauth_dir_config, /* dir config creater */ + httpauth_dir_config, /* dir config creater */ NULL, /* dir merger --- default is to override */ NULL, /* server config */ NULL, /* merge server config */ diff --git a/apache2x/modules.mk b/apache2x/modules.mk deleted file mode 100644 index c3c9110..0000000 --- a/apache2x/modules.mk +++ /dev/null @@ -1,4 +0,0 @@ -mod_httpauth.la: mod_httpauth.slo - $(SH_LINK) -rpath $(libexecdir) -module -avoid-version mod_httpauth.lo -DISTCLEAN_TARGETS = modules.mk -shared = mod_httpauth.la -- cgit v1.2.3