1
/* Licensed to the Apache Software Foundation (ASF) under one or more
2
* contributor license agreements. See the NOTICE file distributed with
3
* this work for additional information regarding copyright ownership.
4
* The ASF licenses this file to You under the Apache License, Version 2.0
5
* (the "License"); you may not use this file except in compliance with
6
* the License. You may obtain a copy of the License at
8
* http://www.apache.org/licenses/LICENSE-2.0
10
* Unless required by applicable law or agreed to in writing, software
11
* distributed under the License is distributed on an "AS IS" BASIS,
12
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
* See the License for the specific language governing permissions and
14
* limitations under the License.
17
#include "apr_strings.h"
18
#include "apr_md5.h" /* for apr_password_validate */
20
#include "ap_config.h"
21
#include "ap_provider.h"
23
#include "http_config.h"
24
#include "http_core.h"
26
#include "http_protocol.h"
27
#include "http_request.h"
33
} authn_file_config_rec;
35
static void *create_authn_file_dir_config(apr_pool_t *p, char *d)
37
authn_file_config_rec *conf = apr_palloc(p, sizeof(*conf));
39
conf->pwfile = NULL; /* just to illustrate the default really */
43
static const char *set_authn_file_slot(cmd_parms *cmd, void *offset,
44
const char *f, const char *t)
46
if (t && strcmp(t, "standard")) {
47
return apr_pstrcat(cmd->pool, "Invalid auth file type: ", t, NULL);
50
return ap_set_file_slot(cmd, offset, f);
53
static const command_rec authn_file_cmds[] =
55
AP_INIT_TAKE12("AuthUserFile", set_authn_file_slot,
56
(void *)APR_OFFSETOF(authn_file_config_rec, pwfile),
57
OR_AUTHCFG, "text file containing user IDs and passwords"),
61
module AP_MODULE_DECLARE_DATA authn_file_module;
63
static authn_status check_password(request_rec *r, const char *user,
66
authn_file_config_rec *conf = ap_get_module_config(r->per_dir_config,
69
char l[MAX_STRING_LEN];
71
char *file_password = NULL;
73
status = ap_pcfg_openfile(&f, r->pool, conf->pwfile);
75
if (status != APR_SUCCESS) {
76
ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r,
77
"Could not open password file: %s", conf->pwfile);
78
return AUTH_GENERAL_ERROR;
81
while (!(ap_cfg_getline(l, MAX_STRING_LEN, f))) {
84
/* Skip # or blank lines. */
85
if ((l[0] == '#') || (!l[0])) {
90
w = ap_getword(r->pool, &rpw, ':');
92
if (!strcmp(user, w)) {
93
file_password = ap_getword(r->pool, &rpw, ':');
100
return AUTH_USER_NOT_FOUND;
103
status = apr_password_validate(password, file_password);
104
if (status != APR_SUCCESS) {
111
static authn_status get_realm_hash(request_rec *r, const char *user,
112
const char *realm, char **rethash)
114
authn_file_config_rec *conf = ap_get_module_config(r->per_dir_config,
117
char l[MAX_STRING_LEN];
119
char *file_hash = NULL;
121
status = ap_pcfg_openfile(&f, r->pool, conf->pwfile);
123
if (status != APR_SUCCESS) {
124
ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r,
125
"Could not open password file: %s", conf->pwfile);
126
return AUTH_GENERAL_ERROR;
129
while (!(ap_cfg_getline(l, MAX_STRING_LEN, f))) {
130
const char *rpw, *w, *x;
132
/* Skip # or blank lines. */
133
if ((l[0] == '#') || (!l[0])) {
138
w = ap_getword(r->pool, &rpw, ':');
139
x = ap_getword(r->pool, &rpw, ':');
141
if (x && w && !strcmp(user, w) && !strcmp(realm, x)) {
142
/* Remember that this is a md5 hash of user:realm:password. */
143
file_hash = ap_getword(r->pool, &rpw, ':');
150
return AUTH_USER_NOT_FOUND;
153
*rethash = file_hash;
155
return AUTH_USER_FOUND;
158
static const authn_provider authn_file_provider =
164
static void register_hooks(apr_pool_t *p)
166
ap_register_provider(p, AUTHN_PROVIDER_GROUP, "file", "0",
167
&authn_file_provider);
170
module AP_MODULE_DECLARE_DATA authn_file_module =
172
STANDARD20_MODULE_STUFF,
173
create_authn_file_dir_config, /* dir config creater */
174
NULL, /* dir merger --- default is to override */
175
NULL, /* server config */
176
NULL, /* merge server config */
177
authn_file_cmds, /* command apr_table_t */
178
register_hooks /* register hooks */