/* ====================================================================
* Copyright (c) 1995 The Apache Group. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the Apache Group
* for use in the Apache HTTP server project (http://www.apache.org/)."
*
* 4. The names "Apache Server" and "Apache Group" must not be used to
* endorse or promote products derived from this software without
* prior written permission.
*
* 5. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the Apache Group
* for use in the Apache HTTP server project (http://www.apache.org/)."
*
* THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
* IT'S CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Group and was originally based
* on public domain software written at the National Center for
* Supercomputing Applications, University of Illinois, Urbana-Champaign.
* For more information on the Apache Group and the Apache HTTP server
* project, please see <http://www.apache.org/>.
*
*/
/*
* Module definition information - the part between the -START and -END
* lines below is used by Configure. This could be stored in a separate
* instead.
*
* MODULE-DEFINITION-START
* Name: mysql_auth_module
* ConfigStart
MYSQL_LIB="-L/usr/local/lib/mysql -lmysqlclient -lm -lz"
if [ "X$MYSQL_LIB" != "X" ]; then
LIBS="$LIBS $MYSQL_LIB"
echo " + using $MYSQL_LIB for MySQL support"
fi
* ConfigEnd
* MODULE-DEFINITION-END
*/
#define STRING(x) STR(x) /* Used to build strings from compile options */
#define STR(x) #x
#include "ap_mmn.h" /* For MODULE_MAGIC_NUMBER */
/* Use the MODULE_MAGIC_NUMBER to check if at least Apache 2.0 */
#if AP_MODULE_MAGIC_AT_LEAST(20010223,0)
#define APACHE2
#endif
/* Compile time options for code generation */
#ifdef AES
#define _AES 1
#else
#define _AES 0
#endif
/* set any defaults not specified at compile time */
#ifdef HOST /* Host to use */
#define _HOST STRING(HOST)
#else
#define _HOST 0 /* Will default to localhost */
#endif
/* Apache 1.x defines the port as a string, but Apache 2.x uses an integer */
#ifdef PORT /* The port to use */
#ifdef APACHE2
#define _PORT PORT
#else
#define _PORT STRING(PORT)
#endif
#else
#ifdef APACHE2
#define _PORT MYSQL_PORT /* Use the one from MySQL */
#else
#define _PORT STRING(MYSQL_PORT)
#endif
#endif
#ifdef SOCKET /* UNIX socket */
#define _SOCKET STRING(SOCKET)
#else
#define _SOCKET MYSQL_UNIX_ADDR
#endif
#ifdef USER /* Authorized user */
#define _USER STRING(USER)
#else
#define _USER 0 /* User must be specified in config */
#endif
#ifdef PASSWORD /* Default password */
#define _PASSWORD STRING(PASSWORD)
#else
#define _PASSWORD 0 /* Password must be specified in config */
#endif
#ifdef DB /* Default database */
#define _DB STRING(DB)
#else
#define _DB "test" /* Test database */
#endif
#ifdef PWTABLE /* Password table */
#define _PWTABLE STRING(PWTABLE)
#else
#define _PWTABLE "user_info" /* Default is user_info */
#endif
#ifdef NAMEFIELD /* Name column in password table */
#define _NAMEFIELD STRING(NAMEFIELD)
#else
#define _NAMEFIELD "user_name" /* Default is "user_name" */
#endif
#ifdef PASSWORDFIELD /* Password column in password table */
#define _PASSWORDFIELD STRING(PASSWORDFIELD)
#else
#define _PASSWORDFIELD "user_password" /* Default is user_password */
#endif
#ifdef GROUPUSERNAMEFIELD
#define _GROUPUSERNAMEFIELD STRING(GROUPUSERNAMEFIELD)
#else
#define _GROUPUSERNAMEFIELD NULL
#endif
#ifdef ENCRYPTION /* Encryption type */
#define _ENCRYPTION STRING(ENCRYPTION)
#else
#define _ENCRYPTION 0 /* Will default to "crypt" in code */
#endif
#ifdef SALTFIELD /* If a salt column is not defined */
#define _SALTFIELD STRING(SALTFIELD)
#else
#define _SALTFIELD "<>" /* Default is no salt */
#endif
#ifdef KEEPALIVE /* Keep the connection alive */
#define _KEEPALIVE KEEPALIVE
#else
#define _KEEPALIVE 0 /* Do not keep it alive */
#endif
#ifdef AUTHORITATIVE /* If we are the last word */
#define _AUTHORITATIVE AUTHORITATIVE
#else
#define _AUTHORITATIVE 1 /* Yes, we are */
#endif
#ifdef NOPASSWORD /* If password not needed */
#define _NOPASSWORD NOPASSWORD
#else
#define _NOPASSWORD 0 /* It is required */
#endif
#ifdef ENABLE /* If we are to be enabled */
#define _ENABLE ENABLE
#else
#define _ENABLE 1 /* Assume we are */
#endif
#ifdef CHARACTERSET
#define _CHARACTERSET STRING(CHARACTERSET)
#else
#define _CHARACTERSET NULL /* Default is no character set */
#endif
#include "httpd.h"
#include "http_config.h"
#include "http_core.h"
#include "http_log.h"
#include "http_protocol.h"
#ifdef APACHE2
#define PCALLOC apr_pcalloc
#define SNPRINTF apr_snprintf
#define PSTRDUP apr_pstrdup
#define PSTRNDUP apr_pstrndup
#define STRCAT ap_pstrcat
#define POOL apr_pool_t
#include "http_request.h" /* for ap_hook_(check_user_id | auth_checker)*/
#include "ap_compat.h"
#include "apr_strings.h"
#include "apr_sha1.h"
#include "apr_base64.h"
#include "apr_lib.h"
#define ISSPACE apr_isspace
#ifdef CRYPT
#include "crypt.h"
#else
#include "unistd.h"
#endif
#define LOG_ERROR(lvl, stat, rqst, msg) \
ap_log_rerror (APLOG_MARK, lvl, stat, rqst, msg)
#define LOG_ERROR_1(lvl, stat, rqst, msg, parm) \
ap_log_rerror (APLOG_MARK, lvl, stat, rqst, msg, parm)
#define LOG_ERROR_2(lvl, stat, rqst, msg, parm1, parm2) \
ap_log_rerror (APLOG_MARK, lvl, stat, rqst, msg, parm1, parm2)
#define LOG_ERROR_3(lvl, stat, rqst, msg, parm1, parm2, parm3) \
ap_log_rerror (APLOG_MARK, lvl, stat, rqst, msg, parm1, parm2, parm3)
#define APACHE_FUNC static apr_status_t
#define APACHE_FUNC_RETURN(rc) return rc
#define NOT_AUTHORIZED HTTP_UNAUTHORIZED
#define TABLE_GET apr_table_get
#else
#define PCALLOC ap_pcalloc
#define SNPRINTF ap_snprintf
#define PSTRDUP ap_pstrdup
#define PSTRNDUP ap_pstrndup
#define STRCAT ap_pstrcat
#define POOL pool
#include <stdlib.h>
#include "ap_sha1.h"
#include "ap_ctype.h"
#define LOG_ERROR(lvl, stat, rqst, msg) \
ap_log_error(APLOG_MARK, lvl, rqst->server, msg)
#define LOG_ERROR_1(lvl, stat, rqst, msg, parm) \
ap_log_error(APLOG_MARK, lvl, rqst->server, msg, parm)
#define LOG_ERROR_2(lvl, stat, rqst, msg, parm1, parm2) \
ap_log_error(APLOG_MARK, lvl,