mod_auth_mysql-3.0.0.tar.gz

/* ==================================================================== * Copyright (c) 1995 The Apache Group. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the Apache Group * for use in the Apache HTTP server project (http://www.apache.org/)." * * 4. The names "Apache Server" and "Apache Group" must not be used to * endorse or promote products derived from this software without * prior written permission. * * 5. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the Apache Group * for use in the Apache HTTP server project (http://www.apache.org/)." * * THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR * IT'S CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Group and was originally based * on public domain software written at the National Center for * Supercomputing Applications, University of Illinois, Urbana-Champaign. * For more information on the Apache Group and the Apache HTTP server * project, please see <http://www.apache.org/>. * */ /* * Module definition information - the part between the -START and -END * lines below is used by Configure. This could be stored in a separate * instead. * * MODULE-DEFINITION-START * Name: mysql_auth_module * ConfigStart MYSQL_LIB="-L/usr/local/lib/mysql -lmysqlclient -lm -lz" if [ "X$MYSQL_LIB" != "X" ]; then LIBS="$LIBS $MYSQL_LIB" echo " + using $MYSQL_LIB for MySQL support" fi * ConfigEnd * MODULE-DEFINITION-END */ #define STRING(x) STR(x) /* Used to build strings from compile options */ #define STR(x) #x #include "ap_mmn.h" /* For MODULE_MAGIC_NUMBER */ /* Use the MODULE_MAGIC_NUMBER to check if at least Apache 2.0 */ #if AP_MODULE_MAGIC_AT_LEAST(20010223,0) #define APACHE2 #endif /* Compile time options for code generation */ #ifdef AES #define _AES 1 #else #define _AES 0 #endif /* set any defaults not specified at compile time */ #ifdef HOST /* Host to use */ #define _HOST STRING(HOST) #else #define _HOST 0 /* Will default to localhost */ #endif /* Apache 1.x defines the port as a string, but Apache 2.x uses an integer */ #ifdef PORT /* The port to use */ #ifdef APACHE2 #define _PORT PORT #else #define _PORT STRING(PORT) #endif #else #ifdef APACHE2 #define _PORT MYSQL_PORT /* Use the one from MySQL */ #else #define _PORT STRING(MYSQL_PORT) #endif #endif #ifdef SOCKET /* UNIX socket */ #define _SOCKET STRING(SOCKET) #else #define _SOCKET MYSQL_UNIX_ADDR #endif #ifdef USER /* Authorized user */ #define _USER STRING(USER) #else #define _USER 0 /* User must be specified in config */ #endif #ifdef PASSWORD /* Default password */ #define _PASSWORD STRING(PASSWORD) #else #define _PASSWORD 0 /* Password must be specified in config */ #endif #ifdef DB /* Default database */ #define _DB STRING(DB) #else #define _DB "test" /* Test database */ #endif #ifdef PWTABLE /* Password table */ #define _PWTABLE STRING(PWTABLE) #else #define _PWTABLE "user_info" /* Default is user_info */ #endif #ifdef NAMEFIELD /* Name column in password table */ #define _NAMEFIELD STRING(NAMEFIELD) #else #define _NAMEFIELD "user_name" /* Default is "user_name" */ #endif #ifdef PASSWORDFIELD /* Password column in password table */ #define _PASSWORDFIELD STRING(PASSWORDFIELD) #else #define _PASSWORDFIELD "user_password" /* Default is user_password */ #endif #ifdef GROUPUSERNAMEFIELD #define _GROUPUSERNAMEFIELD STRING(GROUPUSERNAMEFIELD) #else #define _GROUPUSERNAMEFIELD NULL #endif #ifdef ENCRYPTION /* Encryption type */ #define _ENCRYPTION STRING(ENCRYPTION) #else #define _ENCRYPTION 0 /* Will default to "crypt" in code */ #endif #ifdef SALTFIELD /* If a salt column is not defined */ #define _SALTFIELD STRING(SALTFIELD) #else #define _SALTFIELD "<>" /* Default is no salt */ #endif #ifdef KEEPALIVE /* Keep the connection alive */ #define _KEEPALIVE KEEPALIVE #else #define _KEEPALIVE 0 /* Do not keep it alive */ #endif #ifdef AUTHORITATIVE /* If we are the last word */ #define _AUTHORITATIVE AUTHORITATIVE #else #define _AUTHORITATIVE 1 /* Yes, we are */ #endif #ifdef NOPASSWORD /* If password not needed */ #define _NOPASSWORD NOPASSWORD #else #define _NOPASSWORD 0 /* It is required */ #endif #ifdef ENABLE /* If we are to be enabled */ #define _ENABLE ENABLE #else #define _ENABLE 1 /* Assume we are */ #endif #ifdef CHARACTERSET #define _CHARACTERSET STRING(CHARACTERSET) #else #define _CHARACTERSET NULL /* Default is no character set */ #endif #include "httpd.h" #include "http_config.h" #include "http_core.h" #include "http_log.h" #include "http_protocol.h" #ifdef APACHE2 #define PCALLOC apr_pcalloc #define SNPRINTF apr_snprintf #define PSTRDUP apr_pstrdup #define PSTRNDUP apr_pstrndup #define STRCAT ap_pstrcat #define POOL apr_pool_t #include "http_request.h" /* for ap_hook_(check_user_id | auth_checker)*/ #include "ap_compat.h" #include "apr_strings.h" #include "apr_sha1.h" #include "apr_base64.h" #include "apr_lib.h" #define ISSPACE apr_isspace #ifdef CRYPT #include "crypt.h" #else #include "unistd.h" #endif #define LOG_ERROR(lvl, stat, rqst, msg) \ ap_log_rerror (APLOG_MARK, lvl, stat, rqst, msg) #define LOG_ERROR_1(lvl, stat, rqst, msg, parm) \ ap_log_rerror (APLOG_MARK, lvl, stat, rqst, msg, parm) #define LOG_ERROR_2(lvl, stat, rqst, msg, parm1, parm2) \ ap_log_rerror (APLOG_MARK, lvl, stat, rqst, msg, parm1, parm2) #define LOG_ERROR_3(lvl, stat, rqst, msg, parm1, parm2, parm3) \ ap_log_rerror (APLOG_MARK, lvl, stat, rqst, msg, parm1, parm2, parm3) #define APACHE_FUNC static apr_status_t #define APACHE_FUNC_RETURN(rc) return rc #define NOT_AUTHORIZED HTTP_UNAUTHORIZED #define TABLE_GET apr_table_get #else #define PCALLOC ap_pcalloc #define SNPRINTF ap_snprintf #define PSTRDUP ap_pstrdup #define PSTRNDUP ap_pstrndup #define STRCAT ap_pstrcat #define POOL pool #include <stdlib.h> #include "ap_sha1.h" #include "ap_ctype.h" #define LOG_ERROR(lvl, stat, rqst, msg) \ ap_log_error(APLOG_MARK, lvl, rqst->server, msg) #define LOG_ERROR_1(lvl, stat, rqst, msg, parm) \ ap_log_error(APLOG_MARK, lvl, rqst->server, msg, parm) #define LOG_ERROR_2(lvl, stat, rqst, msg, parm1, parm2) \ ap_log_error(APLOG_MARK, lvl,