apatchy/doxygen/mod__authn__anon_8c_source.html

/* Licensed to the Apache Software Foundation (ASF) under one or more

 * contributor license agreements.  See the NOTICE file distributed with

 * this work for additional information regarding copyright ownership.

 * The ASF licenses this file to You under the Apache License, Version 2.0

 * (the "License"); you may not use this file except in compliance with

 * the License.  You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */


/*

 * Adapted to allow anonymous logins, just like with Anon-FTP, when

 * one gives the magic user name 'anonymous' and ones email address

 * as the password.

 *

 * Just add the following tokes to your <directory> setup:

 *

 * Anonymous                    magic-userid [magic-userid]...

 *

 * Anonymous_MustGiveEmail      [ on | off ] default = on

 * Anonymous_LogEmail           [ on | off ] default = on

 * Anonymous_VerifyEmail        [ on | off ] default = off

 * Anonymous_NoUserId           [ on | off ] default = off

 *

 * The magic user id is something like 'anonymous', it is NOT case sensitive.

 *

 * The MustGiveEmail flag can be used to force users to enter something

 * in the password field (like an email address). Default is on.

 *

 * Furthermore the 'NoUserID' flag can be set to allow completely empty

 * usernames in as well; this can be is convenient as a single return

 * in broken GUIs like W95 is often given by the user. The Default is off.

 *

 * [email protected]; http://ewse.ceo.org; http://me-www.jrc.it/~dirkx

 *

 */


#include "apr_strings.h"


#define APR_WANT_STRFUNC

#include "apr_want.h"


#include "ap_provider.h"

#include "httpd.h"

#include "http_config.h"

#include "http_core.h"

#include "http_log.h"

#include "http_request.h"

#include "http_protocol.h"


#include "mod_auth.h"


typedef struct anon_auth_user {

    const char *user;

    struct anon_auth_user *next;

} anon_auth_user;


typedef struct {

    anon_auth_user *users;

    int nouserid;

    int logemail;

    int verifyemail;

    int mustemail;

    int anyuserid;

} authn_anon_config_rec;


static void *create_authn_anon_dir_config(apr_pool_t *p, char *d)

{

    authn_anon_config_rec *conf = apr_palloc(p, sizeof(*conf));


    /* just to illustrate the defaults really. */

    conf->users = NULL;


    conf->nouserid = 0;

    conf->anyuserid = 0;

    conf->logemail = 1;

    conf->verifyemail = 0;

    conf->mustemail = 1;

    return conf;

}


static const char *anon_set_string_slots(cmd_parms *cmd,

                                         void *my_config, const char *arg)

{

    authn_anon_config_rec *conf = my_config;

    anon_auth_user *first;


    if (!*arg) {

        return "Anonymous string cannot be empty, use Anonymous_NoUserId";

    }


    /* squeeze in a record */

    if (!conf->anyuserid) {

        if (!strcmp(arg, "*")) {

            conf->anyuserid = 1;

        }

        else {

            first = conf->users;

            conf->users = apr_palloc(cmd->pool, sizeof(*conf->users));

            conf->users->user = arg;

            conf->users->next = first;

        }

    }


    return NULL;

}


static const command_rec authn_anon_cmds[] =

{

    AP_INIT_ITERATE("Anonymous", anon_set_string_slots, NULL, OR_AUTHCFG,

     "a space-separated list of user IDs"),

    AP_INIT_FLAG("Anonymous_MustGiveEmail", ap_set_flag_slot,

     (void *)APR_OFFSETOF(authn_anon_config_rec, mustemail),

     OR_AUTHCFG, "Limited to 'on' or 'off'"),

    AP_INIT_FLAG("Anonymous_NoUserId", ap_set_flag_slot,

     (void *)APR_OFFSETOF(authn_anon_config_rec, nouserid),

     OR_AUTHCFG, "Limited to 'on' or 'off'"),

    AP_INIT_FLAG("Anonymous_VerifyEmail", ap_set_flag_slot,

     (void *)APR_OFFSETOF(authn_anon_config_rec, verifyemail),

     OR_AUTHCFG, "Limited to 'on' or 'off'"),

    AP_INIT_FLAG("Anonymous_LogEmail", ap_set_flag_slot,

     (void *)APR_OFFSETOF(authn_anon_config_rec, logemail),

     OR_AUTHCFG, "Limited to 'on' or 'off'"),

    {NULL}

};


module AP_MODULE_DECLARE_DATA authn_anon_module;


static authn_status check_anonymous(request_rec *r, const char *user,

                                    const char *sent_pw)

{

    authn_anon_config_rec *conf = ap_get_module_config(r->per_dir_config,

                                                      &authn_anon_module);

    authn_status res = AUTH_USER_NOT_FOUND;


    /* Ignore if we are not configured */

    if (!conf->users && !conf->anyuserid) {

        return AUTH_USER_NOT_FOUND;

    }


    /* Do we allow an empty userID and/or is it the magic one

     */

    if (!*user) {

        if (conf->nouserid) {

            res = AUTH_USER_FOUND;

        }

    }

    else if (conf->anyuserid) {

        res = AUTH_USER_FOUND;

    }

    else {

        anon_auth_user *p = conf->users;


        while (p) {

            if (!strcasecmp(user, p->user)) {

                res = AUTH_USER_FOUND;

                break;

            }

            p = p->next;

        }

    }


    /* Now if the supplied user-ID was ok, grant access if:

     * (a) no passwd was sent and no password and no verification

     *     were configured.

     * (b) password was sent and no verification was configured

     * (c) verification was configured and the password (sent or not)

     *     looks like an email address

     */

    if (   (res == AUTH_USER_FOUND)

        && (!conf->mustemail || *sent_pw)

        && (   !conf->verifyemail

            || (ap_strchr_c(sent_pw, '@') && ap_strchr_c(sent_pw, '.'))))

    {

        if (conf->logemail && ap_is_initial_req(r)) {

            ap_log_rerror(APLOG_MARK, APLOG_INFO, APR_SUCCESS, r, APLOGNO(01672)

                          "Anonymous: Passwd <%s> Accepted",

                          sent_pw ? sent_pw : "\'none\'");

        }


        return AUTH_GRANTED;

    }


    return (res == AUTH_USER_NOT_FOUND ? res : AUTH_DENIED);

}


static const authn_provider authn_anon_provider =

{

    &check_anonymous,

    NULL

};


static void register_hooks(apr_pool_t *p)

{

    ap_register_auth_provider(p, AUTHN_PROVIDER_GROUP, "anon",

                              AUTHN_PROVIDER_VERSION,

                              &authn_anon_provider, AP_AUTH_INTERNAL_PER_CONF);

}


AP_DECLARE_MODULE(authn_anon) =

{

    STANDARD20_MODULE_STUFF,

    create_authn_anon_dir_config, /* dir config creater */

    NULL,                         /* dir merger ensure strictness */

    NULL,                         /* server config */

    NULL,                         /* merge server config */

    authn_anon_cmds,              /* command apr_table_t */

    register_hooks                /* register hooks */

};

ap_provider.h
Apache Provider API.

d
apr_size_t const unsigned char unsigned int unsigned int d
Definition apr_siphash.h:72

apr_strings.h
APR Strings library.

apr_want.h
APR Standard Headers Support.

ap_get_module_config
#define ap_get_module_config(v, m)
Definition http_config.h:550

AP_DECLARE_MODULE
#define AP_DECLARE_MODULE(foo)
Definition http_config.h:464

AP_INIT_FLAG
#define AP_INIT_FLAG(directive, func, mconfig, where, help)
Definition http_config.h:194

AP_INIT_ITERATE
#define AP_INIT_ITERATE(directive, func, mconfig, where, help)
Definition http_config.h:178

ap_set_flag_slot
const char * ap_set_flag_slot(cmd_parms *cmd, void *struct_ptr, int arg)
Definition config.c:1512

r
request_rec * r
Definition http_config.h:1168

APLOGNO
#define APLOGNO(n)
Definition http_log.h:117

APLOG_INFO
#define APLOG_INFO
Definition http_log.h:70

ap_log_rerror
#define ap_log_rerror
Definition http_log.h:454

APLOG_MARK
#define APLOG_MARK
Definition http_log.h:283

ap_register_auth_provider
apr_status_t ap_register_auth_provider(apr_pool_t *pool, const char *provider_group, const char *provider_name, const char *provider_version, const void *provider, int type)
Definition request.c:2179

AP_AUTH_INTERNAL_PER_CONF
#define AP_AUTH_INTERNAL_PER_CONF
Definition http_request.h:204

ap_is_initial_req
int ap_is_initial_req(request_rec *r)
Definition request.c:2567

arg
void const char * arg
Definition http_vhost.h:63

res
apr_pool_t apr_dbd_t apr_dbd_results_t ** res
Definition apr_dbd.h:287

OR_AUTHCFG
#define OR_AUTHCFG
Definition http_config.h:235

STANDARD20_MODULE_STUFF
#define STANDARD20_MODULE_STUFF
Definition http_config.h:486

ap_strchr_c
#define ap_strchr_c(s, c)
Definition httpd.h:2353

size
apr_size_t size
Definition apr_allocator.h:115

APR_SUCCESS
#define APR_SUCCESS
Definition apr_errno.h:225

strcasecmp
int strcasecmp(const char *a, const char *b)
Definition apr_cpystrn.c:248

first
const apr_array_header_t * first
Definition apr_tables.h:207

cmd
apr_cmdtype_e cmd
Definition apr_thread_proc.h:495

http_config.h
Apache Configuration.

http_core.h
CORE HTTP Daemon.

http_log.h
Apache Logging library.

http_protocol.h
HTTP protocol handling.

http_request.h
Apache Request library.

httpd.h
HTTP Daemon routines.

p
apr_pool_t * p
Definition md_event.c:32

mod_auth.h
Authentication and Authorization Extension for Apache.

AUTHN_PROVIDER_VERSION
#define AUTHN_PROVIDER_VERSION
Definition mod_auth.h:41

AUTHN_PROVIDER_GROUP
#define AUTHN_PROVIDER_GROUP
Definition mod_auth.h:39

authn_status
authn_status
Definition mod_auth.h:64

AUTH_GRANTED
@ AUTH_GRANTED
Definition mod_auth.h:66

AUTH_DENIED
@ AUTH_DENIED
Definition mod_auth.h:65

AUTH_USER_FOUND
@ AUTH_USER_FOUND
Definition mod_auth.h:67

AUTH_USER_NOT_FOUND
@ AUTH_USER_NOT_FOUND
Definition mod_auth.h:68

create_authn_anon_dir_config
static void * create_authn_anon_dir_config(apr_pool_t *p, char *d)
Definition mod_authn_anon.c:73

authn_anon_provider
static const authn_provider authn_anon_provider
Definition mod_authn_anon.c:193

check_anonymous
static authn_status check_anonymous(request_rec *r, const char *user, const char *sent_pw)
Definition mod_authn_anon.c:135

anon_set_string_slots
static const char * anon_set_string_slots(cmd_parms *cmd, void *my_config, const char *arg)
Definition mod_authn_anon.c:88

register_hooks
static void register_hooks(apr_pool_t *p)
Definition mod_authn_anon.c:199

authn_anon_cmds
static const command_rec authn_anon_cmds[]
Definition mod_authn_anon.c:114

NULL
return NULL
Definition mod_so.c:359

anon_auth_user
Definition mod_authn_anon.c:59

anon_auth_user::user
const char * user
Definition mod_authn_anon.c:60

anon_auth_user::next
struct anon_auth_user * next
Definition mod_authn_anon.c:61

apr_pool_t
Definition apr_pools.c:562

authn_anon_config_rec
Definition mod_authn_anon.c:64

authn_anon_config_rec::users
anon_auth_user * users
Definition mod_authn_anon.c:65

authn_anon_config_rec::verifyemail
int verifyemail
Definition mod_authn_anon.c:68

authn_anon_config_rec::logemail
int logemail
Definition mod_authn_anon.c:67

authn_anon_config_rec::mustemail
int mustemail
Definition mod_authn_anon.c:69

authn_anon_config_rec::nouserid
int nouserid
Definition mod_authn_anon.c:66

authn_anon_config_rec::anyuserid
int anyuserid
Definition mod_authn_anon.c:70

authn_provider
Definition mod_auth.h:80

cmd_parms_struct
Definition http_config.h:288

command_struct
Definition http_config.h:204

request_rec
A structure that represents the current request.
Definition httpd.h:845

request_rec::per_dir_config
struct ap_conf_vector_t * per_dir_config
Definition httpd.h:1047