Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
apache2-mod_auth_kerb
mod_auth_kerb-api_changes_apache24.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File mod_auth_kerb-api_changes_apache24.patch of Package apache2-mod_auth_kerb
diff -rNU 25 ../mod_auth_kerb-5.4-o/src/mod_auth_kerb.c ./src/mod_auth_kerb.c --- ../mod_auth_kerb-5.4-o/src/mod_auth_kerb.c 2014-03-28 13:56:21.000000000 +0100 +++ ./src/mod_auth_kerb.c 2014-03-28 16:28:32.000000000 +0100 @@ -22,70 +22,81 @@ * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * 3. Neither the name of the University nor the names of its contributors may * be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ #ident "$Id: mod_auth_kerb.c,v 1.150 2008/12/04 10:14:03 baalberith Exp $" + #include "config.h" + #include <stdlib.h> #include <stdio.h> #include <stdarg.h> #define MODAUTHKERB_VERSION "5.4" #define MECH_NEGOTIATE "Negotiate" #define SERVICE_NAME "HTTP" #include <httpd.h> +#include <http_log.h> +#ifdef APLOG_USE_MODULE +/* this is an apache 2.4 compilation. API changes need to be accounted for. */ +#define APACHE24 +APLOG_USE_MODULE(auth_kerb); +#undef APLOG_MARK +#define APLOG_MARK __FILE__, __LINE__ +#endif #include <http_config.h> #include <http_core.h> -#include <http_log.h> #include <http_protocol.h> #include <http_request.h> #include "mod_auth.h" +#include "config.h" + #ifdef STANDARD20_MODULE_STUFF #include <apr_strings.h> #include <apr_base64.h> #else #define apr_pstrdup ap_pstrdup #define apr_psprintf ap_psprintf #define apr_pstrcat ap_pstrcat #define apr_pcalloc ap_pcalloc #define apr_table_setn ap_table_setn #define apr_table_add ap_table_add #define apr_base64_decode_len ap_base64decode_len #define apr_base64_decode ap_base64decode #define apr_base64_encode_len ap_base64encode_len #define apr_base64_encode ap_base64encode #define apr_pool_cleanup_null ap_null_cleanup #define apr_pool_cleanup_register ap_register_cleanup #endif /* STANDARD20_MODULE_STUFF */ #ifdef _WIN32 #define vsnprintf _vsnprintf #define snprintf _snprintf #endif #ifdef KRB5 #include <krb5.h> @@ -349,55 +360,55 @@ #ifdef KRB4 ((kerb_auth_config *)rec)->krb_method_k4pass = 1; #endif return rec; } static const char* krb5_save_realms(cmd_parms *cmd, void *vsec, const char *arg) { kerb_auth_config *sec = (kerb_auth_config *) vsec; sec->krb_auth_realms= apr_pstrdup(cmd->pool, arg); return NULL; } static void log_rerror(const char *file, int line, int level, int status, const request_rec *r, const char *fmt, ...) { char errstr[1024]; va_list ap; va_start(ap, fmt); vsnprintf(errstr, sizeof(errstr), fmt, ap); va_end(ap); - -#ifdef STANDARD20_MODULE_STUFF - ap_log_rerror(file, line, level | APLOG_NOERRNO, status, r, "%s", errstr); + +#ifdef APACHE24 + ap_log_rerror(file, line, APLOG_MODULE_INDEX, level | APLOG_NOERRNO, status, r, "%s", errstr); #else - ap_log_rerror(file, line, level | APLOG_NOERRNO, r, "%s", errstr); + ap_log_rerror(file, line, level | APLOG_NOERRNO, status, r, "%s", errstr); #endif } #ifdef KRB4 /*************************************************************************** Username/Password Validation for Krb4 ***************************************************************************/ static int verify_krb4_user(request_rec *r, const char *name, const char *instance, const char *realm, const char *password, const char *linstance, const char *srvtab, int krb_verify_kdc) { int ret; char *phost; unsigned long addr; struct hostent *hp; const char *hostname; KTEXT_ST ticket; AUTH_DAT authdata; char lrealm[REALM_SZ]; ret = krb_get_pw_in_tkt(name, instance, realm, "krbtgt", realm, DEFAULT_TKT_LIFE, password); if (ret) { log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "Cannot get krb4 ticket: krb_get_pw_in_tkt() failed: %s", @@ -1569,51 +1580,55 @@ else { log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "kerb_authenticate_a_name_to_local_name %s -> %s", (MK_USER)?MK_USER:"(NULL)", (MK_USER_LNAME)?MK_USER_LNAME:"(NULL)"); MK_USER = apr_pstrdup(r->pool, MK_USER_LNAME); ret = OK; } end: if (client) krb5_free_principal(kcontext, client); if (kcontext) krb5_free_context(kcontext); return ret; } #endif /* KRB5 */ static krb5_conn_data * already_succeeded(request_rec *r, char *auth_line) { krb5_conn_data *conn_data; char keyname[1024]; snprintf(keyname, sizeof(keyname) - 1, +#ifdef APACHE24 + "mod_auth_kerb::connection::%s::%ld", r->useragent_ip, +#else "mod_auth_kerb::connection::%s::%ld", r->connection->remote_ip, +#endif r->connection->id); if (apr_pool_userdata_get((void**)&conn_data, keyname, r->connection->pool) != 0) return NULL; if(conn_data) { if(strcmp(conn_data->authline, auth_line) == 0) { log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "matched previous auth request"); return conn_data; } } return NULL; } static void set_kerb_auth_headers(request_rec *r, const kerb_auth_config *conf, int use_krb4, int use_krb5pwd, char *negotiate_ret_value) { const char *auth_name = NULL; int set_basic = 0; char *negoauth_param; const char *header_name = (r->proxyreq == PROXYREQ_PROXY) ? "Proxy-Authenticate" : "WWW-Authenticate"; /* get the user realm specified in .htaccess */ @@ -1723,51 +1738,55 @@ if (ret == HTTP_UNAUTHORIZED && use_krb4 && conf->krb_method_k4pass && strcasecmp(auth_type, "Basic") == 0) ret = authenticate_user_krb4pwd(r, conf, auth_line); #endif if (ret == HTTP_UNAUTHORIZED) set_kerb_auth_headers(r, conf, use_krb4, use_krb5, negotiate_ret_value); } else { ret = prevauth->last_return; MK_USER = prevauth->user; MK_AUTH_TYPE = prevauth->mech; } /* * save who was auth'd, if it's not already stashed. */ if(!prevauth) { prevauth = (krb5_conn_data *) apr_pcalloc(r->connection->pool, sizeof(krb5_conn_data)); prevauth->user = apr_pstrdup(r->connection->pool, MK_USER); prevauth->authline = apr_pstrdup(r->connection->pool, auth_line); prevauth->mech = apr_pstrdup(r->connection->pool, auth_type); prevauth->last_return = ret; snprintf(keyname, sizeof(keyname) - 1, "mod_auth_kerb::connection::%s::%ld", +#ifdef APACHE24 + r->useragent_ip, r->connection->id); +#else r->connection->remote_ip, r->connection->id); +#endif apr_pool_userdata_set(prevauth, keyname, NULL, r->connection->pool); } if (ret == OK && conf->krb5_do_auth_to_local) ret = do_krb5_an_to_ln(r); /* XXX log_debug: if ret==OK, log(user XY authenticated) */ last_return = ret; return ret; } int have_rcache_type(const char *type) { krb5_error_code ret; krb5_context context; krb5_rcache id = NULL; int found; ret = krb5_init_context(&context); if (ret) return 0; ret = krb5_rc_resolve_full(context, &id, "none:");
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
