1
/* Licensed to the Apache Software Foundation (ASF) under one or more
2
* contributor license agreements. See the NOTICE file distributed with
3
* this work for additional information regarding copyright ownership.
4
* The ASF licenses this file to You under the Apache License, Version 2.0
5
* (the "License"); you may not use this file except in compliance with
6
* the License. You may obtain a copy of the License at
8
* http://www.apache.org/licenses/LICENSE-2.0
10
* Unless required by applicable law or agreed to in writing, software
11
* distributed under the License is distributed on an "AS IS" BASIS,
12
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
* See the License for the specific language governing permissions and
14
* limitations under the License.
17
#include "apr_strings.h"
18
#include "apr_file_info.h"
21
#include "ap_config.h"
23
#include "http_config.h"
24
#include "http_core.h"
26
#include "http_protocol.h"
27
#include "http_request.h"
29
#include "mod_auth.h" /* for AUTHZ_GROUP_NOTE */
33
} authz_owner_config_rec;
35
static void *create_authz_owner_dir_config(apr_pool_t *p, char *d)
37
authz_owner_config_rec *conf = apr_palloc(p, sizeof(*conf));
39
conf->authoritative = 1; /* keep the fortress secure by default */
43
static const command_rec authz_owner_cmds[] =
45
AP_INIT_FLAG("AuthzOwnerAuthoritative", ap_set_flag_slot,
46
(void *)APR_OFFSETOF(authz_owner_config_rec, authoritative),
48
"Set to 'Off' to allow access control to be passed along to "
49
"lower modules. (default is On.)"),
53
module AP_MODULE_DECLARE_DATA authz_owner_module;
55
static int check_file_owner(request_rec *r)
57
authz_owner_config_rec *conf = ap_get_module_config(r->per_dir_config,
59
int m = r->method_number;
62
const apr_array_header_t *reqs_arr = ap_requires(r);
64
int required_owner = 0;
65
apr_status_t status = 0;
72
reqs = (require_line *)reqs_arr->elts;
73
for (x = 0; x < reqs_arr->nelts; x++) {
75
/* if authoritative = On then break if a require already failed. */
76
if (reason && conf->authoritative) {
80
if (!(reqs[x].method_mask & (AP_METHOD_BIT << m))) {
84
t = reqs[x].requirement;
85
w = ap_getword_white(r->pool, &t);
87
if (!strcmp(w, "file-owner")) {
89
if ((required_owner & ~1) && conf->authoritative) {
93
required_owner |= 1; /* remember the requirement */
94
reason = "'Require file-owner' is not supported on this platform.";
96
#else /* APR_HAS_USER */
100
if ((required_owner & ~1) && conf->authoritative) {
104
required_owner |= 1; /* remember the requirement */
107
reason = "no filename available";
111
status = apr_stat(&finfo, r->filename, APR_FINFO_USER, r->pool);
112
if (status != APR_SUCCESS) {
113
reason = apr_pstrcat(r->pool, "could not stat file ",
118
if (!(finfo.valid & APR_FINFO_USER)) {
119
reason = "no file owner information available";
123
status = apr_uid_name_get(&owner, finfo.user, r->pool);
124
if (status != APR_SUCCESS || !owner) {
125
reason = "could not get name of file owner";
129
if (strcmp(owner, r->user)) {
130
reason = apr_psprintf(r->pool, "file owner %s does not match.",
135
/* this user is authorized */
137
#endif /* APR_HAS_USER */
140
/* file-group only figures out the file's group and lets
141
* other modules do the actual authorization (against a group file/db).
142
* Thus, these modules have to hook themselves after
143
* mod_authz_owner and of course recognize 'file-group', too.
145
if (!strcmp(w, "file-group")) {
147
if ((required_owner & ~6) && conf->authoritative) {
151
required_owner |= 2; /* remember the requirement */
152
reason = "'Require file-group' is not supported on this platform.";
154
#else /* APR_HAS_USER */
158
if ((required_owner & ~6) && conf->authoritative) {
162
required_owner |= 2; /* remember the requirement */
165
reason = "no filename available";
169
status = apr_stat(&finfo, r->filename, APR_FINFO_GROUP, r->pool);
170
if (status != APR_SUCCESS) {
171
reason = apr_pstrcat(r->pool, "could not stat file ",
176
if (!(finfo.valid & APR_FINFO_GROUP)) {
177
reason = "no file group information available";
181
status = apr_gid_name_get(&group, finfo.group, r->pool);
182
if (status != APR_SUCCESS || !group) {
183
reason = "could not get name of file group";
187
/* store group name in a note and let others decide... */
188
apr_table_setn(r->notes, AUTHZ_GROUP_NOTE, group);
191
#endif /* APR_HAS_USER */
195
if (!required_owner || !conf->authoritative) {
199
/* allow file-group passed to group db modules either if this is the
200
* only applicable requirement here or if a file-owner failed but we're
202
* This allows configurations like:
204
* AuthzOwnerAuthoritative Off
208
* with the semantical meaning of "either owner or group must match"
211
* [ 6 == 2 | 4; 7 == 1 | 2 | 4 ] should I use #defines instead?
213
if (required_owner == 6 || (required_owner == 7 && !conf->authoritative)) {
217
ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r,
218
"Authorization of user %s to access %s failed, reason: %s",
219
r->user, r->uri, reason ? reason : "unknown");
221
ap_note_auth_failure(r);
222
return HTTP_UNAUTHORIZED;
225
static void register_hooks(apr_pool_t *p)
227
ap_hook_auth_checker(check_file_owner, NULL, NULL, APR_HOOK_MIDDLE);
230
module AP_MODULE_DECLARE_DATA authz_owner_module =
232
STANDARD20_MODULE_STUFF,
233
create_authz_owner_dir_config, /* dir config creater */
234
NULL, /* dir merger --- default is to override */
235
NULL, /* server config */
236
NULL, /* merge server config */
237
authz_owner_cmds, /* command apr_table_t */
238
register_hooks /* register hooks */