diff options
Diffstat (limited to 'rubbos/app/httpd-2.0.64/modules/aaa')
36 files changed, 0 insertions, 5151 deletions
diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/.deps b/rubbos/app/httpd-2.0.64/modules/aaa/.deps deleted file mode 100644 index e69de29b..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/.deps +++ /dev/null diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/.indent.pro b/rubbos/app/httpd-2.0.64/modules/aaa/.indent.pro deleted file mode 100644 index a9fbe9f9..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/.indent.pro +++ /dev/null @@ -1,54 +0,0 @@ --i4 -npsl -di0 -br -nce -d0 -cli0 -npcs -nfc1 --TBUFF --TFILE --TTRANS --TUINT4 --T_trans --Tallow_options_t --Tapache_sfio --Tarray_header --Tbool_int --Tbuf_area --Tbuff_struct --Tbuffy --Tcmd_how --Tcmd_parms --Tcommand_rec --Tcommand_struct --Tconn_rec --Tcore_dir_config --Tcore_server_config --Tdir_maker_func --Tevent --Tglobals_s --Thandler_func --Thandler_rec --Tjoblist_s --Tlisten_rec --Tmerger_func --Tmode_t --Tmodule --Tmodule_struct --Tmutex --Tn_long --Tother_child_rec --Toverrides_t --Tparent_score --Tpid_t --Tpiped_log --Tpool --Trequest_rec --Trequire_line --Trlim_t --Tscoreboard --Tsemaphore --Tserver_addr_rec --Tserver_rec --Tserver_rec_chain --Tshort_score --Ttable --Ttable_entry --Tthread --Tu_wide_int --Tvtime_t --Twide_int diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_access.a b/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_access.a Binary files differdeleted file mode 100644 index a27c9f74..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_access.a +++ /dev/null diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_access.la b/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_access.la deleted file mode 100644 index 5a1eaebf..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_access.la +++ /dev/null @@ -1,35 +0,0 @@ -# mod_access.la - a libtool library file -# Generated by ltmain.sh - GNU libtool 1.5.26 (1.1220.2.493 2008/02/01 16:58:18) -# -# Please DO NOT delete this file! -# It is necessary for linking the library. - -# The name that we can dlopen(3). -dlname='' - -# Names of this library. -library_names='' - -# The name of the static archive. -old_library='mod_access.a' - -# Libraries that this one depends upon. -dependency_libs=' -L/bottlenecks/rubbos/app/httpd-2.0.64/srclib/apr-util/xml/expat/lib' - -# Version information for mod_access. -current= -age= -revision= - -# Is this an already installed library? -installed=no - -# Should we warn about portability when linking against -modules? -shouldnotlink=yes - -# Files to dlopen/dlpreopen -dlopen='' -dlpreopen='' - -# Directory that this library needs to be installed in: -libdir='' diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_access.o b/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_access.o Binary files differdeleted file mode 100644 index 0ec5a0db..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_access.o +++ /dev/null diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_auth.a b/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_auth.a Binary files differdeleted file mode 100644 index 6f42abe3..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_auth.a +++ /dev/null diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_auth.la b/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_auth.la deleted file mode 100644 index 5ffae20b..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_auth.la +++ /dev/null @@ -1,35 +0,0 @@ -# mod_auth.la - a libtool library file -# Generated by ltmain.sh - GNU libtool 1.5.26 (1.1220.2.493 2008/02/01 16:58:18) -# -# Please DO NOT delete this file! -# It is necessary for linking the library. - -# The name that we can dlopen(3). -dlname='' - -# Names of this library. -library_names='' - -# The name of the static archive. -old_library='mod_auth.a' - -# Libraries that this one depends upon. -dependency_libs=' -L/bottlenecks/rubbos/app/httpd-2.0.64/srclib/apr-util/xml/expat/lib' - -# Version information for mod_auth. -current= -age= -revision= - -# Is this an already installed library? -installed=no - -# Should we warn about portability when linking against -modules? -shouldnotlink=yes - -# Files to dlopen/dlpreopen -dlopen='' -dlpreopen='' - -# Directory that this library needs to be installed in: -libdir='' diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_auth.o b/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_auth.o Binary files differdeleted file mode 100644 index 8a0feeac..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/.libs/mod_auth.o +++ /dev/null diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/Makefile b/rubbos/app/httpd-2.0.64/modules/aaa/Makefile deleted file mode 100644 index e6fa8f2f..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/Makefile +++ /dev/null @@ -1,8 +0,0 @@ -top_srcdir = /bottlenecks/rubbos/app/httpd-2.0.64 -top_builddir = /bottlenecks/rubbos/app/httpd-2.0.64 -srcdir = /bottlenecks/rubbos/app/httpd-2.0.64/modules/aaa -builddir = /bottlenecks/rubbos/app/httpd-2.0.64/modules/aaa -VPATH = /bottlenecks/rubbos/app/httpd-2.0.64/modules/aaa - -include $(top_srcdir)/build/special.mk - diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/Makefile.in b/rubbos/app/httpd-2.0.64/modules/aaa/Makefile.in deleted file mode 100644 index 167b343d..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/Makefile.in +++ /dev/null @@ -1,3 +0,0 @@ - -include $(top_srcdir)/build/special.mk - diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/NWGNUauthanon b/rubbos/app/httpd-2.0.64/modules/aaa/NWGNUauthanon deleted file mode 100644 index 6881d8a6..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/NWGNUauthanon +++ /dev/null @@ -1,248 +0,0 @@ -# -# Make sure all needed macro's are defined -# - -# -# Get the 'head' of the build environment if necessary. This includes default -# targets and paths to tools -# - -ifndef EnvironmentDefined -include $(AP_WORK)\build\NWGNUhead.inc -endif - -# -# These directories will be at the beginning of the include list, followed by -# INCDIRS -# -XINCDIRS += \ - $(APR)/include \ - $(APRUTIL)/include \ - $(AP_WORK)/include \ - $(NWOS) \ - $(EOLIST) - -# -# These flags will come after CFLAGS -# -XCFLAGS += \ - $(EOLIST) - -# -# These defines will come after DEFINES -# -XDEFINES += \ - $(EOLIST) - -# -# These flags will be added to the link.opt file -# -XLFLAGS += \ - $(EOLIST) - -# -# These values will be appended to the correct variables based on the value of -# RELEASE -# -ifeq "$(RELEASE)" "debug" -XINCDIRS += \ - $(EOLIST) - -XCFLAGS += \ - $(EOLIST) - -XDEFINES += \ - $(EOLIST) - -XLFLAGS += \ - $(EOLIST) -endif - -ifeq "$(RELEASE)" "noopt" -XINCDIRS += \ - $(EOLIST) - -XCFLAGS += \ - $(EOLIST) - -XDEFINES += \ - $(EOLIST) - -XLFLAGS += \ - $(EOLIST) -endif - -ifeq "$(RELEASE)" "release" -XINCDIRS += \ - $(EOLIST) - -XCFLAGS += \ - $(EOLIST) - -XDEFINES += \ - $(EOLIST) - -XLFLAGS += \ - $(EOLIST) -endif - -# -# These are used by the link target if an NLM is being generated -# This is used by the link 'name' directive to name the nlm. If left blank -# TARGET_nlm (see below) will be used. -# -NLM_NAME = authanon - -# -# This is used by the link '-desc ' directive. -# If left blank, NLM_NAME will be used. -# -NLM_DESCRIPTION = Authentication Anonymous Module - -# -# This is used by the '-threadname' directive. If left blank, -# NLM_NAME Thread will be used. -# -NLM_THREAD_NAME = AuthAnon Module - -# -# If this is specified, it will override VERSION value in -# $(AP_WORK)\build\NWGNUenvironment.inc -# -NLM_VERSION = - -# -# If this is specified, it will override the default of 64K -# -NLM_STACK_SIZE = 8192 - - -# -# If this is specified it will be used by the link '-entry' directive -# -NLM_ENTRY_SYM = _LibCPrelude - -# -# If this is specified it will be used by the link '-exit' directive -# -NLM_EXIT_SYM = _LibCPostlude - -# -# If this is specified it will be used by the link '-check' directive -# -NLM_CHECK_SYM = - -# -# If these are specified it will be used by the link '-flags' directive -# -NLM_FLAGS = AUTOUNLOAD, PSEUDOPREEMPTION - -# -# If this is specified it will be linked in with the XDCData option in the def -# file instead of the default of $(NWOS)/apache.xdc. XDCData can be disabled -# by setting APACHE_UNIPROC in the environment -# -XDCDATA = - -# -# If there is an NLM target, put it here -# -TARGET_nlm = \ - $(OBJDIR)/authanon.nlm \ - $(EOLIST) - -# -# If there is an LIB target, put it here -# -TARGET_lib = \ - $(EOLIST) - -# -# These are the OBJ files needed to create the NLM target above. -# Paths must all use the '/' character -# -FILES_nlm_objs = \ - $(OBJDIR)/mod_auth_anon.o \ - $(EOLIST) - -# -# These are the LIB files needed to create the NLM target above. -# These will be added as a library command in the link.opt file. -# -FILES_nlm_libs = \ - libcpre.o \ - $(EOLIST) - -# -# These are the modules that the above NLM target depends on to load. -# These will be added as a module command in the link.opt file. -# -FILES_nlm_modules = \ - aprlib \ - libc \ - $(EOLIST) - -# -# If the nlm has a msg file, put it's path here -# -FILE_nlm_msg = - -# -# If the nlm has a hlp file put it's path here -# -FILE_nlm_hlp = - -# -# If this is specified, it will override $(NWOS)\copyright.txt. -# -FILE_nlm_copyright = - -# -# Any additional imports go here -# -FILES_nlm_Ximports = \ - @$(APR)/aprlib.imp \ - @$(NWOS)/httpd.imp \ - @libc.imp \ - $(EOLIST) - -# -# Any symbols exported to here -# -FILES_nlm_exports = \ - auth_anon_module \ - $(EOLIST) - -# -# These are the OBJ files needed to create the LIB target above. -# Paths must all use the '/' character -# -FILES_lib_objs = \ - $(EOLIST) - -# -# implement targets and dependancies (leave this section alone) -# - -libs :: $(OBJDIR) $(TARGET_lib) - -nlms :: libs $(TARGET_nlm) - -# -# Updated this target to create necessary directories and copy files to the -# correct place. (See $(AP_WORK)\build\NWGNUhead.inc for examples) -# -install :: nlms FORCE - -# -# Any specialized rules here -# - -# -# Include the 'tail' makefile that has targets that depend on variables defined -# in this makefile -# - -include $(AP_WORK)\build\NWGNUtail.inc - - diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/NWGNUauthdbm b/rubbos/app/httpd-2.0.64/modules/aaa/NWGNUauthdbm deleted file mode 100644 index fe05c3d1..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/NWGNUauthdbm +++ /dev/null @@ -1,248 +0,0 @@ -# -# Make sure all needed macro's are defined -# - -# -# Get the 'head' of the build environment if necessary. This includes default -# targets and paths to tools -# - -ifndef EnvironmentDefined -include $(AP_WORK)\build\NWGNUhead.inc -endif - -# -# These directories will be at the beginning of the include list, followed by -# INCDIRS -# -XINCDIRS += \ - $(APR)/include \ - $(APRUTIL)/include \ - $(AP_WORK)/include \ - $(NWOS) \ - $(EOLIST) - -# -# These flags will come after CFLAGS -# -XCFLAGS += \ - $(EOLIST) - -# -# These defines will come after DEFINES -# -XDEFINES += \ - $(EOLIST) - -# -# These flags will be added to the link.opt file -# -XLFLAGS += \ - $(EOLIST) - -# -# These values will be appended to the correct variables based on the value of -# RELEASE -# -ifeq "$(RELEASE)" "debug" -XINCDIRS += \ - $(EOLIST) - -XCFLAGS += \ - $(EOLIST) - -XDEFINES += \ - $(EOLIST) - -XLFLAGS += \ - $(EOLIST) -endif - -ifeq "$(RELEASE)" "noopt" -XINCDIRS += \ - $(EOLIST) - -XCFLAGS += \ - $(EOLIST) - -XDEFINES += \ - $(EOLIST) - -XLFLAGS += \ - $(EOLIST) -endif - -ifeq "$(RELEASE)" "release" -XINCDIRS += \ - $(EOLIST) - -XCFLAGS += \ - $(EOLIST) - -XDEFINES += \ - $(EOLIST) - -XLFLAGS += \ - $(EOLIST) -endif - -# -# These are used by the link target if an NLM is being generated -# This is used by the link 'name' directive to name the nlm. If left blank -# TARGET_nlm (see below) will be used. -# -NLM_NAME = authdbm - -# -# This is used by the link '-desc ' directive. -# If left blank, NLM_NAME will be used. -# -NLM_DESCRIPTION = Database Authentication Module - -# -# This is used by the '-threadname' directive. If left blank, -# NLM_NAME Thread will be used. -# -NLM_THREAD_NAME = AuthDBM Module - -# -# If this is specified, it will override VERSION value in -# $(AP_WORK)\build\NWGNUenvironment.inc -# -NLM_VERSION = - -# -# If this is specified, it will override the default of 64K -# -NLM_STACK_SIZE = 8192 - - -# -# If this is specified it will be used by the link '-entry' directive -# -NLM_ENTRY_SYM = _LibCPrelude - -# -# If this is specified it will be used by the link '-exit' directive -# -NLM_EXIT_SYM = _LibCPostlude - -# -# If this is specified it will be used by the link '-check' directive -# -NLM_CHECK_SYM = - -# -# If these are specified it will be used by the link '-flags' directive -# -NLM_FLAGS = AUTOUNLOAD, PSEUDOPREEMPTION - -# -# If this is specified it will be linked in with the XDCData option in the def -# file instead of the default of $(NWOS)/apache.xdc. XDCData can be disabled -# by setting APACHE_UNIPROC in the environment -# -XDCDATA = - -# -# If there is an NLM target, put it here -# -TARGET_nlm = \ - $(OBJDIR)/authdbm.nlm \ - $(EOLIST) - -# -# If there is an LIB target, put it here -# -TARGET_lib = \ - $(EOLIST) - -# -# These are the OBJ files needed to create the NLM target above. -# Paths must all use the '/' character -# -FILES_nlm_objs = \ - $(OBJDIR)/mod_auth_dbm.o \ - $(EOLIST) - -# -# These are the LIB files needed to create the NLM target above. -# These will be added as a library command in the link.opt file. -# -FILES_nlm_libs = \ - libcpre.o \ - $(EOLIST) - -# -# These are the modules that the above NLM target depends on to load. -# These will be added as a module command in the link.opt file. -# -FILES_nlm_modules = \ - aprlib \ - libc \ - $(EOLIST) - -# -# If the nlm has a msg file, put it's path here -# -FILE_nlm_msg = - -# -# If the nlm has a hlp file put it's path here -# -FILE_nlm_hlp = - -# -# If this is specified, it will override $(NWOS)\copyright.txt. -# -FILE_nlm_copyright = - -# -# Any additional imports go here -# -FILES_nlm_Ximports = \ - @$(APR)/aprlib.imp \ - @$(NWOS)/httpd.imp \ - @libc.imp \ - $(EOLIST) - -# -# Any symbols exported to here -# -FILES_nlm_exports = \ - auth_dbm_module \ - $(EOLIST) - -# -# These are the OBJ files needed to create the LIB target above. -# Paths must all use the '/' character -# -FILES_lib_objs = \ - $(EOLIST) - -# -# implement targets and dependancies (leave this section alone) -# - -libs :: $(OBJDIR) $(TARGET_lib) - -nlms :: libs $(TARGET_nlm) - -# -# Updated this target to create necessary directories and copy files to the -# correct place. (See $(AP_WORK)\build\NWGNUhead.inc for examples) -# -install :: nlms FORCE - -# -# Any specialized rules here -# - -# -# Include the 'tail' makefile that has targets that depend on variables defined -# in this makefile -# - -include $(AP_WORK)\build\NWGNUtail.inc - - diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/NWGNUdigest b/rubbos/app/httpd-2.0.64/modules/aaa/NWGNUdigest deleted file mode 100644 index cf41db72..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/NWGNUdigest +++ /dev/null @@ -1,248 +0,0 @@ -# -# Make sure all needed macro's are defined -# - -# -# Get the 'head' of the build environment if necessary. This includes default -# targets and paths to tools -# - -ifndef EnvironmentDefined -include $(AP_WORK)\build\NWGNUhead.inc -endif - -# -# These directories will be at the beginning of the include list, followed by -# INCDIRS -# -XINCDIRS += \ - $(APR)/include \ - $(APRUTIL)/include \ - $(AP_WORK)/include \ - $(NWOS) \ - $(EOLIST) - -# -# These flags will come after CFLAGS -# -XCFLAGS += \ - $(EOLIST) - -# -# These defines will come after DEFINES -# -XDEFINES += \ - $(EOLIST) - -# -# These flags will be added to the link.opt file -# -XLFLAGS += \ - $(EOLIST) - -# -# These values will be appended to the correct variables based on the value of -# RELEASE -# -ifeq "$(RELEASE)" "debug" -XINCDIRS += \ - $(EOLIST) - -XCFLAGS += \ - $(EOLIST) - -XDEFINES += \ - $(EOLIST) - -XLFLAGS += \ - $(EOLIST) -endif - -ifeq "$(RELEASE)" "noopt" -XINCDIRS += \ - $(EOLIST) - -XCFLAGS += \ - $(EOLIST) - -XDEFINES += \ - $(EOLIST) - -XLFLAGS += \ - $(EOLIST) -endif - -ifeq "$(RELEASE)" "release" -XINCDIRS += \ - $(EOLIST) - -XCFLAGS += \ - $(EOLIST) - -XDEFINES += \ - $(EOLIST) - -XLFLAGS += \ - $(EOLIST) -endif - -# -# These are used by the link target if an NLM is being generated -# This is used by the link 'name' directive to name the nlm. If left blank -# TARGET_nlm (see below) will be used. -# -NLM_NAME = digest - -# -# This is used by the link '-desc ' directive. -# If left blank, NLM_NAME will be used. -# -NLM_DESCRIPTION = Digest Authentication Module - -# -# This is used by the '-threadname' directive. If left blank, -# NLM_NAME Thread will be used. -# -NLM_THREAD_NAME = Digest Module - -# -# If this is specified, it will override VERSION value in -# $(AP_WORK)\build\NWGNUenvironment.inc -# -NLM_VERSION = - -# -# If this is specified, it will override the default of 64K -# -NLM_STACK_SIZE = 8192 - - -# -# If this is specified it will be used by the link '-entry' directive -# -NLM_ENTRY_SYM = _LibCPrelude - -# -# If this is specified it will be used by the link '-exit' directive -# -NLM_EXIT_SYM = _LibCPostlude - -# -# If this is specified it will be used by the link '-check' directive -# -NLM_CHECK_SYM = - -# -# If these are specified it will be used by the link '-flags' directive -# -NLM_FLAGS = AUTOUNLOAD, PSEUDOPREEMPTION - -# -# If this is specified it will be linked in with the XDCData option in the def -# file instead of the default of $(NWOS)/apache.xdc. XDCData can be disabled -# by setting APACHE_UNIPROC in the environment -# -XDCDATA = - -# -# If there is an NLM target, put it here -# -TARGET_nlm = \ - $(OBJDIR)/digest.nlm \ - $(EOLIST) - -# -# If there is an LIB target, put it here -# -TARGET_lib = \ - $(EOLIST) - -# -# These are the OBJ files needed to create the NLM target above. -# Paths must all use the '/' character -# -FILES_nlm_objs = \ - $(OBJDIR)/mod_auth_digest.o \ - $(EOLIST) - -# -# These are the LIB files needed to create the NLM target above. -# These will be added as a library command in the link.opt file. -# -FILES_nlm_libs = \ - libcpre.o \ - $(EOLIST) - -# -# These are the modules that the above NLM target depends on to load. -# These will be added as a module command in the link.opt file. -# -FILES_nlm_modules = \ - aprlib \ - libc \ - $(EOLIST) - -# -# If the nlm has a msg file, put it's path here -# -FILE_nlm_msg = - -# -# If the nlm has a hlp file put it's path here -# -FILE_nlm_hlp = - -# -# If this is specified, it will override $(NWOS)\copyright.txt. -# -FILE_nlm_copyright = - -# -# Any additional imports go here -# -FILES_nlm_Ximports = \ - @$(APR)/aprlib.imp \ - @$(NWOS)/httpd.imp \ - @libc.imp \ - $(EOLIST) - -# -# Any symbols exported to here -# -FILES_nlm_exports = \ - auth_digest_module \ - $(EOLIST) - -# -# These are the OBJ files needed to create the LIB target above. -# Paths must all use the '/' character -# -FILES_lib_objs = \ - $(EOLIST) - -# -# implement targets and dependancies (leave this section alone) -# - -libs :: $(OBJDIR) $(TARGET_lib) - -nlms :: libs $(TARGET_nlm) - -# -# Updated this target to create necessary directories and copy files to the -# correct place. (See $(AP_WORK)\build\NWGNUhead.inc for examples) -# -install :: nlms FORCE - -# -# Any specialized rules here -# - -# -# Include the 'tail' makefile that has targets that depend on variables defined -# in this makefile -# - -include $(AP_WORK)\build\NWGNUtail.inc - - diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/NWGNUmakefile b/rubbos/app/httpd-2.0.64/modules/aaa/NWGNUmakefile deleted file mode 100644 index fc72c735..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/NWGNUmakefile +++ /dev/null @@ -1,246 +0,0 @@ -# -# Declare the sub-directories to be built here -# - -SUBDIRS = \ - $(EOLIST) - -# -# Get the 'head' of the build environment. This includes default targets and -# paths to tools -# - -include $(AP_WORK)\build\NWGNUhead.inc - -# -# build this level's files - -# -# Make sure all needed macro's are defined -# - -# -# These directories will be at the beginning of the include list, followed by -# INCDIRS -# -XINCDIRS += \ - $(EOLIST) - -# -# These flags will come after CFLAGS -# -XCFLAGS += \ - $(EOLIST) - -# -# These defines will come after DEFINES -# -XDEFINES += \ - $(EOLIST) - -# -# These flags will be added to the link.opt file -# -XLFLAGS += \ - $(EOLIST) - -# -# These values will be appended to the correct variables based on the value of -# RELEASE -# -ifeq "$(RELEASE)" "debug" -XINCDIRS += \ - $(EOLIST) - -XCFLAGS += \ - $(EOLIST) - -XDEFINES += \ - $(EOLIST) - -XLFLAGS += \ - $(EOLIST) -endif - -ifeq "$(RELEASE)" "noopt" -XINCDIRS += \ - $(EOLIST) - -XCFLAGS += \ - $(EOLIST) - -XDEFINES += \ - $(EOLIST) - -XLFLAGS += \ - $(EOLIST) -endif - -ifeq "$(RELEASE)" "release" -XINCDIRS += \ - $(EOLIST) - -XCFLAGS += \ - $(EOLIST) - -XDEFINES += \ - $(EOLIST) - -XLFLAGS += \ - $(EOLIST) -endif - -# -# These are used by the link target if an NLM is being generated -# This is used by the link 'name' directive to name the nlm. If left blank -# TARGET_nlm (see below) will be used. -# -NLM_NAME = - -# -# This is used by the link '-desc ' directive. -# If left blank, NLM_NAME will be used. -# -NLM_DESCRIPTION = - -# -# This is used by the '-threadname' directive. If left blank, -# NLM_NAME Thread will be used. -# -NLM_THREAD_NAME = - -# -# If this is specified, it will override VERSION value in -# $(AP_WORK)\build\NWGNUenvironment.inc -# -NLM_VERSION = - -# -# If this is specified, it will override the default of 64K -# -NLM_STACK_SIZE = - - -# -# If this is specified it will be used by the link '-entry' directive -# -NLM_ENTRY_SYM = - -# -# If this is specified it will be used by the link '-exit' directive -# -NLM_EXIT_SYM = - -# -# If this is specified it will be used by the link '-check' directive -# -NLM_CHECK_SYM = - -# -# If these are specified it will be used by the link '-flags' directive -# -NLM_FLAGS = - -# -# If this is specified it will be linked in with the XDCData option in the def -# file instead of the default of $(NWOS)/apache.xdc. XDCData can be disabled -# by setting APACHE_UNIPROC in the environment -# -XDCDATA = - -# -# If there is an NLM target, put it here -# -TARGET_nlm = \ - $(OBJDIR)/authanon.nlm \ - $(OBJDIR)/authdbm.nlm \ - $(OBJDIR)/digest.nlm \ - $(EOLIST) - -# -# If there is an LIB target, put it here -# -TARGET_lib = \ - $(EOLIST) - -# -# These are the OBJ files needed to create the NLM target above. -# Paths must all use the '/' character -# -FILES_nlm_objs = \ - $(EOLIST) - -# -# These are the LIB files needed to create the NLM target above. -# These will be added as a library command in the link.opt file. -# -FILES_nlm_libs = \ - $(EOLIST) - -# -# These are the modules that the above NLM target depends on to load. -# These will be added as a module command in the link.opt file. -# -FILES_nlm_modules = \ - $(EOLIST) - -# -# If the nlm has a msg file, put it's path here -# -FILE_nlm_msg = - -# -# If the nlm has a hlp file put it's path here -# -FILE_nlm_hlp = - -# -# If this is specified, it will override $(NWOS)\copyright.txt. -# -FILE_nlm_copyright = - -# -# Any additional imports go here -# -FILES_nlm_Ximports = \ - $(EOLIST) - -# -# Any symbols exported to here -# -FILES_nlm_exports = \ - $(EOLIST) - -# -# These are the OBJ files needed to create the LIB target above. -# Paths must all use the '/' character -# -FILES_lib_objs = \ - $(EOLIST) - -# -# implement targets and dependancies (leave this section alone) -# - -libs :: $(OBJDIR) $(TARGET_lib) - -nlms :: libs $(TARGET_nlm) - -# -# Updated this target to create necessary directories and copy files to the -# correct place. (See $(AP_WORK)\build\NWGNUhead.inc for examples) -# -install :: nlms FORCE - copy $(OBJDIR)\*.nlm $(INSTALL)\Apache2\modules\*.* - -# -# Any specialized rules here -# - -# -# Include the 'tail' makefile that has targets that depend on variables defined -# in this makefile -# - -include $(AP_WORK)\build\NWGNUtail.inc - diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/config.m4 b/rubbos/app/httpd-2.0.64/modules/aaa/config.m4 deleted file mode 100644 index 4440f67e..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/config.m4 +++ /dev/null @@ -1,23 +0,0 @@ -dnl modules enabled in this directory by default - -dnl APACHE_MODULE(name, helptext[, objects[, structname[, default[, config]]]]) - -APACHE_MODPATH_INIT(aaa) - -APACHE_MODULE(access, host-based access control, , , yes) -APACHE_MODULE(auth, user-based access control, , , yes) -APACHE_MODULE(auth_anon, anonymous user access, , , most) -APACHE_MODULE(auth_dbm, DBM-based access databases, , , most) - -APACHE_MODULE(auth_digest, RFC2617 Digest authentication, , , most, [ - APR_CHECK_APR_DEFINE(APR_HAS_RANDOM) - if test $ac_cv_define_APR_HAS_RANDOM = "no"; then - echo "You need APR random support to use mod_auth_digest." - echo "Look at APR configure options --with-egd and --with-devrandom." - enable_auth_digest="no" - fi -]) - -APR_ADDTO(LT_LDFLAGS,-export-dynamic) - -APACHE_MODPATH_FINISH diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.c b/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.c deleted file mode 100644 index 348289ab..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.c +++ /dev/null @@ -1,304 +0,0 @@ -/* Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* - * Security options etc. - * - * Module derived from code originally written by Rob McCool - * - */ - -#include "apr_strings.h" -#include "apr_network_io.h" -#include "apr_lib.h" - -#define APR_WANT_STRFUNC -#define APR_WANT_BYTEFUNC -#include "apr_want.h" - -#include "ap_config.h" -#include "httpd.h" -#include "http_core.h" -#include "http_config.h" -#include "http_log.h" -#include "http_request.h" - -#if APR_HAVE_NETINET_IN_H -#include <netinet/in.h> -#endif - -enum allowdeny_type { - T_ENV, - T_ALL, - T_IP, - T_HOST, - T_FAIL -}; - -typedef struct { - apr_int64_t limited; - union { - char *from; - apr_ipsubnet_t *ip; - } x; - enum allowdeny_type type; -} allowdeny; - -/* things in the 'order' array */ -#define DENY_THEN_ALLOW 0 -#define ALLOW_THEN_DENY 1 -#define MUTUAL_FAILURE 2 - -typedef struct { - int order[METHODS]; - apr_array_header_t *allows; - apr_array_header_t *denys; -} access_dir_conf; - -module AP_MODULE_DECLARE_DATA access_module; - -static void *create_access_dir_config(apr_pool_t *p, char *dummy) -{ - int i; - access_dir_conf *conf = - (access_dir_conf *)apr_pcalloc(p, sizeof(access_dir_conf)); - - for (i = 0; i < METHODS; ++i) { - conf->order[i] = DENY_THEN_ALLOW; - } - conf->allows = apr_array_make(p, 1, sizeof(allowdeny)); - conf->denys = apr_array_make(p, 1, sizeof(allowdeny)); - - return (void *)conf; -} - -static const char *order(cmd_parms *cmd, void *dv, const char *arg) -{ - access_dir_conf *d = (access_dir_conf *) dv; - int i, o; - - if (!strcasecmp(arg, "allow,deny")) - o = ALLOW_THEN_DENY; - else if (!strcasecmp(arg, "deny,allow")) - o = DENY_THEN_ALLOW; - else if (!strcasecmp(arg, "mutual-failure")) - o = MUTUAL_FAILURE; - else - return "unknown order"; - - for (i = 0; i < METHODS; ++i) - if (cmd->limited & (AP_METHOD_BIT << i)) - d->order[i] = o; - - return NULL; -} - -static const char *allow_cmd(cmd_parms *cmd, void *dv, const char *from, - const char *where_c) -{ - access_dir_conf *d = (access_dir_conf *) dv; - allowdeny *a; - char *where = apr_pstrdup(cmd->pool, where_c); - char *s; - char msgbuf[120]; - apr_status_t rv; - - if (strcasecmp(from, "from")) - return "allow and deny must be followed by 'from'"; - - a = (allowdeny *) apr_array_push(cmd->info ? d->allows : d->denys); - a->x.from = where; - a->limited = cmd->limited; - - if (!strncasecmp(where, "env=", 4)) { - a->type = T_ENV; - a->x.from += 4; - - } - else if (!strcasecmp(where, "all")) { - a->type = T_ALL; - } - else if ((s = strchr(where, '/'))) { - *s++ = '\0'; - rv = apr_ipsubnet_create(&a->x.ip, where, s, cmd->pool); - if(APR_STATUS_IS_EINVAL(rv)) { - /* looked nothing like an IP address */ - return "An IP address was expected"; - } - else if (rv != APR_SUCCESS) { - apr_strerror(rv, msgbuf, sizeof msgbuf); - return apr_pstrdup(cmd->pool, msgbuf); - } - a->type = T_IP; - } - else if (!APR_STATUS_IS_EINVAL(rv = apr_ipsubnet_create(&a->x.ip, where, NULL, cmd->pool))) { - if (rv != APR_SUCCESS) { - apr_strerror(rv, msgbuf, sizeof msgbuf); - return apr_pstrdup(cmd->pool, msgbuf); - } - a->type = T_IP; - } - else { /* no slash, didn't look like an IP address => must be a host */ - a->type = T_HOST; - } - - return NULL; -} - -static char its_an_allow; - -static const command_rec access_cmds[] = -{ - AP_INIT_TAKE1("order", order, NULL, OR_LIMIT, - "'allow,deny', 'deny,allow', or 'mutual-failure'"), - AP_INIT_ITERATE2("allow", allow_cmd, &its_an_allow, OR_LIMIT, - "'from' followed by hostnames or IP-address wildcards"), - AP_INIT_ITERATE2("deny", allow_cmd, NULL, OR_LIMIT, - "'from' followed by hostnames or IP-address wildcards"), - {NULL} -}; - -static int in_domain(const char *domain, const char *what) -{ - int dl = strlen(domain); - int wl = strlen(what); - - if ((wl - dl) >= 0) { - if (strcasecmp(domain, &what[wl - dl]) != 0) - return 0; - - /* Make sure we matched an *entire* subdomain --- if the user - * said 'allow from good.com', we don't want people from nogood.com - * to be able to get in. - */ - - if (wl == dl) - return 1; /* matched whole thing */ - else - return (domain[0] == '.' || what[wl - dl - 1] == '.'); - } - else - return 0; -} - -static int find_allowdeny(request_rec *r, apr_array_header_t *a, int method) -{ - - allowdeny *ap = (allowdeny *) a->elts; - apr_int64_t mmask = (AP_METHOD_BIT << method); - int i; - int gothost = 0; - const char *remotehost = NULL; - - for (i = 0; i < a->nelts; ++i) { - if (!(mmask & ap[i].limited)) - continue; - - switch (ap[i].type) { - case T_ENV: - if (apr_table_get(r->subprocess_env, ap[i].x.from)) { - return 1; - } - break; - - case T_ALL: - return 1; - - case T_IP: - if (apr_ipsubnet_test(ap[i].x.ip, r->connection->remote_addr)) { - return 1; - } - break; - - case T_HOST: - if (!gothost) { - int remotehost_is_ip; - - remotehost = ap_get_remote_host(r->connection, r->per_dir_config, - REMOTE_DOUBLE_REV, &remotehost_is_ip); - - if ((remotehost == NULL) || remotehost_is_ip) - gothost = 1; - else - gothost = 2; - } - - if ((gothost == 2) && in_domain(ap[i].x.from, remotehost)) - return 1; - break; - - case T_FAIL: - /* do nothing? */ - break; - } - } - - return 0; -} - -static int check_dir_access(request_rec *r) -{ - int method = r->method_number; - int ret = OK; - access_dir_conf *a = (access_dir_conf *) - ap_get_module_config(r->per_dir_config, &access_module); - - if (a->order[method] == ALLOW_THEN_DENY) { - ret = HTTP_FORBIDDEN; - if (find_allowdeny(r, a->allows, method)) - ret = OK; - if (find_allowdeny(r, a->denys, method)) - ret = HTTP_FORBIDDEN; - } - else if (a->order[method] == DENY_THEN_ALLOW) { - if (find_allowdeny(r, a->denys, method)) - ret = HTTP_FORBIDDEN; - if (find_allowdeny(r, a->allows, method)) - ret = OK; - } - else { - if (find_allowdeny(r, a->allows, method) - && !find_allowdeny(r, a->denys, method)) - ret = OK; - else - ret = HTTP_FORBIDDEN; - } - - if (ret == HTTP_FORBIDDEN - && (ap_satisfies(r) != SATISFY_ANY || !ap_some_auth_required(r))) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "client denied by server configuration: %s", - r->filename); - } - - return ret; -} - -static void register_hooks(apr_pool_t *p) -{ - ap_hook_access_checker(check_dir_access,NULL,NULL,APR_HOOK_MIDDLE); -} - -module AP_MODULE_DECLARE_DATA access_module = -{ - STANDARD20_MODULE_STUFF, - create_access_dir_config, /* dir config creater */ - NULL, /* dir merger --- default is to override */ - NULL, /* server config */ - NULL, /* merge server config */ - access_cmds, - register_hooks /* register hooks */ -}; diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.dsp b/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.dsp deleted file mode 100644 index eae26a6d..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.dsp +++ /dev/null @@ -1,128 +0,0 @@ -# Microsoft Developer Studio Project File - Name="mod_access" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 - -CFG=mod_access - Win32 Release -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "mod_access.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "mod_access.mak" CFG="mod_access - Win32 Release" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "mod_access - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE "mod_access - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF "$(CFG)" == "mod_access - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /FD /c -# ADD CPP /nologo /MD /W3 /Zi /O2 /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Release\mod_access_src" /FD /c -# ADD BASE MTL /nologo /D "NDEBUG" /win32 -# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib /nologo /subsystem:windows /dll /out:"Release/mod_access.so" /base:@..\..\os\win32\BaseAddr.ref,mod_access.so -# ADD LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Release/mod_access.so" /base:@..\..\os\win32\BaseAddr.ref,mod_access.so /opt:ref - -!ELSEIF "$(CFG)" == "mod_access - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /EHsc /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /FD /c -# ADD CPP /nologo /MDd /W3 /EHsc /Zi /Od /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Debug\mod_access_src" /FD /c -# ADD BASE MTL /nologo /D "_DEBUG" /win32 -# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Debug/mod_access.so" /base:@..\..\os\win32\BaseAddr.ref,mod_access.so -# ADD LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Debug/mod_access.so" /base:@..\..\os\win32\BaseAddr.ref,mod_access.so - -!ENDIF - -# Begin Target - -# Name "mod_access - Win32 Release" -# Name "mod_access - Win32 Debug" -# Begin Source File - -SOURCE=.\mod_access.c -# End Source File -# Begin Source File - -SOURCE=.\mod_access.rc -# End Source File -# Begin Source File - -SOURCE=..\..\build\win32\win32ver.awk - -!IF "$(CFG)" == "mod_access - Win32 Release" - -# PROP Ignore_Default_Tool 1 -# Begin Custom Build - Creating Version Resource -InputPath=..\..\build\win32\win32ver.awk - -".\mod_access.rc" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)" - awk -f ../../build/win32/win32ver.awk mod_access.so "access_module for Apache" ../../include/ap_release.h > .\mod_access.rc - -# End Custom Build - -!ELSEIF "$(CFG)" == "mod_access - Win32 Debug" - -# PROP Ignore_Default_Tool 1 -# Begin Custom Build - Creating Version Resource -InputPath=..\..\build\win32\win32ver.awk - -".\mod_access.rc" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)" - awk -f ../../build/win32/win32ver.awk mod_access.so "access_module for Apache" ../../include/ap_release.h > .\mod_access.rc - -# End Custom Build - -!ENDIF - -# End Source File -# End Target -# End Project diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.exp b/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.exp deleted file mode 100644 index f8aff339..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.exp +++ /dev/null @@ -1 +0,0 @@ -access_module diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.la b/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.la deleted file mode 100644 index 5a1eaebf..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.la +++ /dev/null @@ -1,35 +0,0 @@ -# mod_access.la - a libtool library file -# Generated by ltmain.sh - GNU libtool 1.5.26 (1.1220.2.493 2008/02/01 16:58:18) -# -# Please DO NOT delete this file! -# It is necessary for linking the library. - -# The name that we can dlopen(3). -dlname='' - -# Names of this library. -library_names='' - -# The name of the static archive. -old_library='mod_access.a' - -# Libraries that this one depends upon. -dependency_libs=' -L/bottlenecks/rubbos/app/httpd-2.0.64/srclib/apr-util/xml/expat/lib' - -# Version information for mod_access. -current= -age= -revision= - -# Is this an already installed library? -installed=no - -# Should we warn about portability when linking against -modules? -shouldnotlink=yes - -# Files to dlopen/dlpreopen -dlopen='' -dlpreopen='' - -# Directory that this library needs to be installed in: -libdir='' diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.lo b/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.lo deleted file mode 100644 index c09fcac0..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.lo +++ /dev/null @@ -1,12 +0,0 @@ -# mod_access.lo - a libtool object file -# Generated by ltmain.sh - GNU libtool 1.5.26 (1.1220.2.493 2008/02/01 16:58:18) -# -# Please DO NOT delete this file! -# It is necessary for linking the library. - -# Name of the PIC object. -pic_object='.libs/mod_access.o' - -# Name of the non-PIC object. -non_pic_object='mod_access.o' - diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.o b/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.o Binary files differdeleted file mode 100644 index 0ec5a0db..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_access.o +++ /dev/null diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.c b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.c deleted file mode 100644 index 43f65306..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.c +++ /dev/null @@ -1,315 +0,0 @@ -/* Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* - * http_auth: authentication - * - * Rob McCool - * - * Adapted to Apache by rst. - * - * dirkx - Added Authoritative control to allow passing on to lower - * modules if and only if the userid is not known to this - * module. A known user with a faulty or absent password still - * causes an AuthRequired. The default is 'Authoritative', i.e. - * no control is passed along. - */ - -#include "apr_strings.h" -#include "apr_md5.h" /* for apr_password_validate */ - -#include "ap_config.h" -#include "httpd.h" -#include "http_config.h" -#include "http_core.h" -#include "http_log.h" -#include "http_protocol.h" -#include "http_request.h" - - -typedef struct { - char *auth_pwfile; - char *auth_grpfile; - int auth_authoritative; -} auth_config_rec; - -static void *create_auth_dir_config(apr_pool_t *p, char *d) -{ - auth_config_rec *conf = apr_palloc(p, sizeof(*conf)); - - conf->auth_pwfile = NULL; /* just to illustrate the default really */ - conf->auth_grpfile = NULL; /* unless you have a broken HP cc */ - conf->auth_authoritative = 1; /* keep the fortress secure by default */ - return conf; -} - -static const char *set_auth_slot(cmd_parms *cmd, void *offset, const char *f, - const char *t) -{ - if (t && strcmp(t, "standard")) { - return apr_pstrcat(cmd->pool, "Invalid auth file type: ", t, NULL); - } - - return ap_set_file_slot(cmd, offset, f); -} - -static const command_rec auth_cmds[] = -{ - AP_INIT_TAKE12("AuthUserFile", set_auth_slot, - (void *)APR_OFFSETOF(auth_config_rec, auth_pwfile), - OR_AUTHCFG, "text file containing user IDs and passwords"), - AP_INIT_TAKE12("AuthGroupFile", set_auth_slot, - (void *)APR_OFFSETOF(auth_config_rec, auth_grpfile), - OR_AUTHCFG, - "text file containing group names and member user IDs"), - AP_INIT_FLAG("AuthAuthoritative", ap_set_flag_slot, - (void *)APR_OFFSETOF(auth_config_rec, auth_authoritative), - OR_AUTHCFG, - "Set to 'no' to allow access control to be passed along to " - "lower modules if the UserID is not known to this module"), - {NULL} -}; - -module AP_MODULE_DECLARE_DATA auth_module; - -static char *get_pw(request_rec *r, char *user, char *auth_pwfile) -{ - ap_configfile_t *f; - char l[MAX_STRING_LEN]; - const char *rpw, *w; - apr_status_t status; - - if ((status = ap_pcfg_openfile(&f, r->pool, auth_pwfile)) != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, - "Could not open password file: %s", auth_pwfile); - return NULL; - } - while (!(ap_cfg_getline(l, MAX_STRING_LEN, f))) { - if ((l[0] == '#') || (!l[0])) { - continue; - } - rpw = l; - w = ap_getword(r->pool, &rpw, ':'); - - if (!strcmp(user, w)) { - ap_cfg_closefile(f); - return ap_getword(r->pool, &rpw, ':'); - } - } - ap_cfg_closefile(f); - return NULL; -} - -static apr_table_t *groups_for_user(request_rec *r, char *user, char *grpfile) -{ - apr_pool_t *p = r->pool; - ap_configfile_t *f; - apr_table_t *grps = apr_table_make(p, 15); - apr_pool_t *sp; - char l[MAX_STRING_LEN]; - const char *group_name, *ll, *w; - apr_status_t status; - - if ((status = ap_pcfg_openfile(&f, p, grpfile)) != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, - "Could not open group file: %s", grpfile); - return NULL; - } - - apr_pool_create(&sp, p); - - while (!(ap_cfg_getline(l, MAX_STRING_LEN, f))) { - if ((l[0] == '#') || (!l[0])) { - continue; - } - ll = l; - apr_pool_clear(sp); - - group_name = ap_getword(sp, &ll, ':'); - - while (ll[0]) { - w = ap_getword_conf(sp, &ll); - if (!strcmp(w, user)) { - apr_table_setn(grps, apr_pstrdup(p, group_name), "in"); - break; - } - } - } - ap_cfg_closefile(f); - apr_pool_destroy(sp); - return grps; -} - -/* These functions return 0 if client is OK, and proper error status - * if not... either HTTP_UNAUTHORIZED, if we made a check, and it failed, or - * HTTP_INTERNAL_SERVER_ERROR, if things are so totally confused that we - * couldn't figure out how to tell if the client is authorized or not. - * - * If they return DECLINED, and all other modules also decline, that's - * treated by the server core as a configuration error, logged and - * reported as such. - */ - -/* Determine user ID, and check if it really is that user, for HTTP - * basic authentication... - */ - -static int authenticate_basic_user(request_rec *r) -{ - auth_config_rec *conf = ap_get_module_config(r->per_dir_config, - &auth_module); - const char *sent_pw; - char *real_pw; - apr_status_t invalid_pw; - int res; - - if ((res = ap_get_basic_auth_pw(r, &sent_pw))) { - return res; - } - - if (!conf->auth_pwfile) { - return DECLINED; - } - - if (!(real_pw = get_pw(r, r->user, conf->auth_pwfile))) { - if (!(conf->auth_authoritative)) { - return DECLINED; - } - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "user %s not found: %s", r->user, r->uri); - ap_note_basic_auth_failure(r); - return HTTP_UNAUTHORIZED; - } - invalid_pw = apr_password_validate(sent_pw, real_pw); - if (invalid_pw != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "user %s: authentication failure for \"%s\": " - "Password Mismatch", - r->user, r->uri); - ap_note_basic_auth_failure(r); - return HTTP_UNAUTHORIZED; - } - return OK; -} - -/* Checking ID */ - -static int check_user_access(request_rec *r) -{ - auth_config_rec *conf = ap_get_module_config(r->per_dir_config, - &auth_module); - char *user = r->user; - int m = r->method_number; - int method_restricted = 0; - register int x; - const char *t, *w; - apr_table_t *grpstatus; - const apr_array_header_t *reqs_arr = ap_requires(r); - require_line *reqs; - - /* BUG FIX: tadc, 11-Nov-1995. If there is no "requires" directive, - * then any user will do. - */ - if (!reqs_arr) { - return OK; - } - reqs = (require_line *)reqs_arr->elts; - - if (conf->auth_grpfile) { - grpstatus = groups_for_user(r, user, conf->auth_grpfile); - } - else { - grpstatus = NULL; - } - - for (x = 0; x < reqs_arr->nelts; x++) { - - if (!(reqs[x].method_mask & (AP_METHOD_BIT << m))) { - continue; - } - - method_restricted = 1; - - t = reqs[x].requirement; - w = ap_getword_white(r->pool, &t); - if (!strcmp(w, "valid-user")) { - return OK; - } - if (!strcmp(w, "user")) { - while (t[0]) { - w = ap_getword_conf(r->pool, &t); - if (!strcmp(user, w)) { - return OK; - } - } - } - else if (!strcmp(w, "group")) { - if (!grpstatus) { - return DECLINED; /* DBM group? Something else? */ - } - - while (t[0]) { - w = ap_getword_conf(r->pool, &t); - if (apr_table_get(grpstatus, w)) { - return OK; - } - } - } - else if (conf->auth_authoritative) { - /* if we aren't authoritative, any require directive could be - * valid even if we don't grok it. However, if we are - * authoritative, we can warn the user they did something wrong. - * That something could be a missing "AuthAuthoritative off", but - * more likely is a typo in the require directive. - */ - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "access to %s failed, reason: unknown require " - "directive:\"%s\"", r->uri, reqs[x].requirement); - } - } - - if (!method_restricted) { - return OK; - } - - if (!(conf->auth_authoritative)) { - return DECLINED; - } - - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "access to %s failed, reason: user %s not allowed access", - r->uri, user); - - ap_note_basic_auth_failure(r); - return HTTP_UNAUTHORIZED; -} - -static void register_hooks(apr_pool_t *p) -{ - ap_hook_check_user_id(authenticate_basic_user,NULL,NULL,APR_HOOK_MIDDLE); - ap_hook_auth_checker(check_user_access,NULL,NULL,APR_HOOK_MIDDLE); -} - -module AP_MODULE_DECLARE_DATA auth_module = -{ - STANDARD20_MODULE_STUFF, - create_auth_dir_config, /* dir config creater */ - NULL, /* dir merger --- default is to override */ - NULL, /* server config */ - NULL, /* merge server config */ - auth_cmds, /* command apr_table_t */ - register_hooks /* register hooks */ -}; diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.dsp b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.dsp deleted file mode 100644 index ce7d0c77..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.dsp +++ /dev/null @@ -1,128 +0,0 @@ -# Microsoft Developer Studio Project File - Name="mod_auth" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 - -CFG=mod_auth - Win32 Release -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "mod_auth.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "mod_auth.mak" CFG="mod_auth - Win32 Release" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "mod_auth - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE "mod_auth - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF "$(CFG)" == "mod_auth - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /FD /c -# ADD CPP /nologo /MD /W3 /Zi /O2 /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Release\mod_auth_src" /FD /c -# ADD BASE MTL /nologo /D "NDEBUG" /win32 -# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib /nologo /subsystem:windows /dll /out:"Release/mod_auth.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth.so -# ADD LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Release/mod_auth.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth.so /opt:ref - -!ELSEIF "$(CFG)" == "mod_auth - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /EHsc /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /FD /c -# ADD CPP /nologo /MDd /W3 /EHsc /Zi /Od /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Debug\mod_auth" /FD /c -# ADD BASE MTL /nologo /D "_DEBUG" /win32 -# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Debug/mod_auth.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth.so -# ADD LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Debug/mod_auth.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth.so - -!ENDIF - -# Begin Target - -# Name "mod_auth - Win32 Release" -# Name "mod_auth - Win32 Debug" -# Begin Source File - -SOURCE=.\mod_auth.c -# End Source File -# Begin Source File - -SOURCE=.\mod_auth.rc -# End Source File -# Begin Source File - -SOURCE=..\..\build\win32\win32ver.awk - -!IF "$(CFG)" == "mod_auth - Win32 Release" - -# PROP Ignore_Default_Tool 1 -# Begin Custom Build - Creating Version Resource -InputPath=..\..\build\win32\win32ver.awk - -".\mod_auth.rc" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)" - awk -f ../../build/win32/win32ver.awk mod_auth.so "auth_module for Apache" ../../include/ap_release.h > .\mod_auth.rc - -# End Custom Build - -!ELSEIF "$(CFG)" == "mod_auth - Win32 Debug" - -# PROP Ignore_Default_Tool 1 -# Begin Custom Build - Creating Version Resource -InputPath=..\..\build\win32\win32ver.awk - -".\mod_auth.rc" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)" - awk -f ../../build/win32/win32ver.awk mod_auth.so "auth_module for Apache" ../../include/ap_release.h > .\mod_auth.rc - -# End Custom Build - -!ENDIF - -# End Source File -# End Target -# End Project diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.exp b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.exp deleted file mode 100644 index 76adad0a..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.exp +++ /dev/null @@ -1 +0,0 @@ -auth_module diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.la b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.la deleted file mode 100644 index 5ffae20b..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.la +++ /dev/null @@ -1,35 +0,0 @@ -# mod_auth.la - a libtool library file -# Generated by ltmain.sh - GNU libtool 1.5.26 (1.1220.2.493 2008/02/01 16:58:18) -# -# Please DO NOT delete this file! -# It is necessary for linking the library. - -# The name that we can dlopen(3). -dlname='' - -# Names of this library. -library_names='' - -# The name of the static archive. -old_library='mod_auth.a' - -# Libraries that this one depends upon. -dependency_libs=' -L/bottlenecks/rubbos/app/httpd-2.0.64/srclib/apr-util/xml/expat/lib' - -# Version information for mod_auth. -current= -age= -revision= - -# Is this an already installed library? -installed=no - -# Should we warn about portability when linking against -modules? -shouldnotlink=yes - -# Files to dlopen/dlpreopen -dlopen='' -dlpreopen='' - -# Directory that this library needs to be installed in: -libdir='' diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.lo b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.lo deleted file mode 100644 index 907d0402..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.lo +++ /dev/null @@ -1,12 +0,0 @@ -# mod_auth.lo - a libtool object file -# Generated by ltmain.sh - GNU libtool 1.5.26 (1.1220.2.493 2008/02/01 16:58:18) -# -# Please DO NOT delete this file! -# It is necessary for linking the library. - -# Name of the PIC object. -pic_object='.libs/mod_auth.o' - -# Name of the non-PIC object. -non_pic_object='mod_auth.o' - diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.o b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.o Binary files differdeleted file mode 100644 index 8a0feeac..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth.o +++ /dev/null diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_anon.c b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_anon.c deleted file mode 100644 index b5137d5f..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_anon.c +++ /dev/null @@ -1,238 +0,0 @@ -/* Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* - * http_auth: authentication - * - * Rob McCool & Brian Behlendorf. - * - * Adapted to Apache by rst. - * - * Version 0.5 May 1996 - * - * Modified by Dirk.vanGulik@jrc.it to - * - * Adapted to allow anonymous logins, just like with Anon-FTP, when - * one gives the magic user name 'anonymous' and ones email address - * as the password. - * - * Just add the following tokes to your <directory> setup: - * - * Anonymous magic-userid [magic-userid]... - * - * Anonymous_MustGiveEmail [ on | off ] default = on - * Anonymous_LogEmail [ on | off ] default = on - * Anonymous_VerifyEmail [ on | off ] default = off - * Anonymous_NoUserId [ on | off ] default = off - * Anonymous_Authoritative [ on | off ] default = off - * - * The magic user id is something like 'anonymous', it is NOT case sensitive. - * - * The MustGiveEmail flag can be used to force users to enter something - * in the password field (like an email address). Default is on. - * - * Furthermore the 'NoUserID' flag can be set to allow completely empty - * usernames in as well; this can be is convenient as a single return - * in broken GUIs like W95 is often given by the user. The Default is off. - * - * Dirk.vanGulik@jrc.it; http://ewse.ceo.org; http://me-www.jrc.it/~dirkx - * - */ - -#include "apr_strings.h" - -#define APR_WANT_STRFUNC -#include "apr_want.h" - -#include "httpd.h" -#include "http_config.h" -#include "http_core.h" -#include "http_log.h" -#include "http_request.h" -#include "http_protocol.h" - -typedef struct anon_auth { - char *password; - struct anon_auth *next; -} anon_auth; - -typedef struct { - anon_auth *anon_auth_passwords; - int anon_auth_nouserid; - int anon_auth_logemail; - int anon_auth_verifyemail; - int anon_auth_mustemail; - int anon_auth_authoritative; -} anon_auth_config_rec; - -static void *create_anon_auth_dir_config(apr_pool_t *p, char *d) -{ - anon_auth_config_rec *conf = apr_palloc(p, sizeof(*conf)); - - /* just to illustrate the defaults really. */ - conf->anon_auth_passwords = NULL; - - conf->anon_auth_nouserid = 0; - conf->anon_auth_logemail = 1; - conf->anon_auth_verifyemail = 0; - conf->anon_auth_mustemail = 1; - conf->anon_auth_authoritative = 0; - return conf; -} - -static const char *anon_set_string_slots(cmd_parms *cmd, - void *my_config, const char *arg) -{ - anon_auth_config_rec *conf = my_config; - anon_auth *first; - - if (!(*arg)) - return "Anonymous string cannot be empty, use Anonymous_NoUserId instead"; - - /* squeeze in a record */ - first = conf->anon_auth_passwords; - - if (!(conf->anon_auth_passwords = apr_palloc(cmd->pool, sizeof(anon_auth))) || - !(conf->anon_auth_passwords->password = apr_pstrdup(cmd->pool, arg))) - return "Failed to claim memory for an anonymous password..."; - - /* and repair the next */ - conf->anon_auth_passwords->next = first; - - return NULL; -} - -static const command_rec anon_auth_cmds[] = -{ - AP_INIT_ITERATE("Anonymous", anon_set_string_slots, NULL, OR_AUTHCFG, - "a space-separated list of user IDs"), - AP_INIT_FLAG("Anonymous_MustGiveEmail", ap_set_flag_slot, - (void *)APR_OFFSETOF(anon_auth_config_rec, anon_auth_mustemail), - OR_AUTHCFG, "Limited to 'on' or 'off'"), - AP_INIT_FLAG("Anonymous_NoUserId", ap_set_flag_slot, - (void *)APR_OFFSETOF(anon_auth_config_rec, anon_auth_nouserid), - OR_AUTHCFG, "Limited to 'on' or 'off'"), - AP_INIT_FLAG("Anonymous_VerifyEmail", ap_set_flag_slot, - (void *)APR_OFFSETOF(anon_auth_config_rec, anon_auth_verifyemail), - OR_AUTHCFG, "Limited to 'on' or 'off'"), - AP_INIT_FLAG("Anonymous_LogEmail", ap_set_flag_slot, - (void *)APR_OFFSETOF(anon_auth_config_rec, anon_auth_logemail), - OR_AUTHCFG, "Limited to 'on' or 'off'"), - AP_INIT_FLAG("Anonymous_Authoritative", ap_set_flag_slot, - (void *)APR_OFFSETOF(anon_auth_config_rec, anon_auth_authoritative), - OR_AUTHCFG, "Limited to 'on' or 'off'"), - {NULL} -}; - -module AP_MODULE_DECLARE_DATA auth_anon_module; - -static int anon_authenticate_basic_user(request_rec *r) -{ - anon_auth_config_rec *conf = ap_get_module_config(r->per_dir_config, - &auth_anon_module); - const char *sent_pw; - int res = DECLINED; - - if ((res = ap_get_basic_auth_pw(r, &sent_pw))) { - return res; - } - - /* Ignore if we are not configured */ - if (!conf->anon_auth_passwords) { - return DECLINED; - } - - /* Do we allow an empty userID and/or is it the magic one - */ - - if ((!(r->user[0])) && (conf->anon_auth_nouserid)) { - res = OK; - } - else { - anon_auth *p = conf->anon_auth_passwords; - res = DECLINED; - while ((res == DECLINED) && (p != NULL)) { - if (!(strcasecmp(r->user, p->password))) { - res = OK; - } - p = p->next; - } - } - if ( - /* username is OK */ - (res == OK) - /* password been filled out ? */ - && ((!conf->anon_auth_mustemail) || strlen(sent_pw)) - /* does the password look like an email address ? */ - && ((!conf->anon_auth_verifyemail) - || ((strpbrk("@", sent_pw) != NULL) - && (strpbrk(".", sent_pw) != NULL)))) { - if (conf->anon_auth_logemail && ap_is_initial_req(r)) { - ap_log_rerror(APLOG_MARK, APLOG_INFO, APR_SUCCESS, r, - "Anonymous: Passwd <%s> Accepted", - sent_pw ? sent_pw : "\'none\'"); - } - return OK; - } - else { - if (conf->anon_auth_authoritative) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, APR_SUCCESS, r, - "Anonymous: Authoritative, Passwd <%s> not accepted", - sent_pw ? sent_pw : "\'none\'"); - return HTTP_UNAUTHORIZED; - } - /* Drop out the bottom to return DECLINED */ - } - - return DECLINED; -} - -static int check_anon_access(request_rec *r) -{ -#ifdef NOTYET - conn_rec *c = r->connection; - anon_auth_config_rec *conf = ap_get_module_config(r->per_dir_config, - &auth_anon_module); - - if (!conf->anon_auth) { - return DECLINED; - } - - if (strcasecmp(r->connection->user, conf->anon_auth)) { - return DECLINED; - } - - return OK; -#endif - return DECLINED; -} - -static void register_hooks(apr_pool_t *p) -{ - ap_hook_check_user_id(anon_authenticate_basic_user,NULL,NULL,APR_HOOK_MIDDLE); - ap_hook_auth_checker(check_anon_access,NULL,NULL,APR_HOOK_MIDDLE); -} - -module AP_MODULE_DECLARE_DATA auth_anon_module = -{ - STANDARD20_MODULE_STUFF, - create_anon_auth_dir_config, /* dir config creater */ - NULL, /* dir merger ensure strictness */ - NULL, /* server config */ - NULL, /* merge server config */ - anon_auth_cmds, /* command apr_table_t */ - register_hooks /* register hooks */ -}; diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_anon.dsp b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_anon.dsp deleted file mode 100644 index 9ac81797..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_anon.dsp +++ /dev/null @@ -1,128 +0,0 @@ -# Microsoft Developer Studio Project File - Name="mod_auth_anon" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 - -CFG=mod_auth_anon - Win32 Release -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "mod_auth_anon.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "mod_auth_anon.mak" CFG="mod_auth_anon - Win32 Release" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "mod_auth_anon - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE "mod_auth_anon - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF "$(CFG)" == "mod_auth_anon - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /FD /c -# ADD CPP /nologo /MD /W3 /Zi /O2 /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Release\mod_auth_anon_src" /FD /c -# ADD BASE MTL /nologo /D "NDEBUG" /win32 -# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib /nologo /subsystem:windows /dll /out:"Release/mod_auth_anon.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth_anon.so -# ADD LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Release/mod_auth_anon.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth_anon.so /opt:ref - -!ELSEIF "$(CFG)" == "mod_auth_anon - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /EHsc /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /FD /c -# ADD CPP /nologo /MDd /W3 /EHsc /Zi /Od /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Debug\mod_auth_anon_src" /FD /c -# ADD BASE MTL /nologo /D "_DEBUG" /win32 -# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Debug/mod_auth_anon.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth_anon.so -# ADD LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Debug/mod_auth_anon.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth_anon.so - -!ENDIF - -# Begin Target - -# Name "mod_auth_anon - Win32 Release" -# Name "mod_auth_anon - Win32 Debug" -# Begin Source File - -SOURCE=.\mod_auth_anon.c -# End Source File -# Begin Source File - -SOURCE=.\mod_auth_anon.rc -# End Source File -# Begin Source File - -SOURCE=..\..\build\win32\win32ver.awk - -!IF "$(CFG)" == "mod_auth_anon - Win32 Release" - -# PROP Ignore_Default_Tool 1 -# Begin Custom Build - Creating Version Resource -InputPath=..\..\build\win32\win32ver.awk - -".\mod_auth_anon.rc" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)" - awk -f ../../build/win32/win32ver.awk mod_auth_anon.so "auth_anon_module for Apache" ../../include/ap_release.h > .\mod_auth_anon.rc - -# End Custom Build - -!ELSEIF "$(CFG)" == "mod_auth_anon - Win32 Debug" - -# PROP Ignore_Default_Tool 1 -# Begin Custom Build - Creating Version Resource -InputPath=..\..\build\win32\win32ver.awk - -".\mod_auth_anon.rc" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)" - awk -f ../../build/win32/win32ver.awk mod_auth_anon.so "auth_anon_module for Apache" ../../include/ap_release.h > .\mod_auth_anon.rc - -# End Custom Build - -!ENDIF - -# End Source File -# End Target -# End Project diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_anon.exp b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_anon.exp deleted file mode 100644 index 63282532..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_anon.exp +++ /dev/null @@ -1 +0,0 @@ -auth_anon_module diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_dbm.c b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_dbm.c deleted file mode 100644 index e7c2cc9a..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_dbm.c +++ /dev/null @@ -1,293 +0,0 @@ -/* Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* - * http_auth: authentication - * - * Rob McCool & Brian Behlendorf. - * - * Adapted to Apache by rst. - * - * dirkx - Added Authoritative control to allow passing on to lower - * modules if and only if the userid is not known to this - * module. A known user with a faulty or absent password still - * causes an AuthRequired. The default is 'Authoritative', i.e. - * no control is passed along. - */ - -#define APR_WANT_STRFUNC -#include "apr_want.h" -#include "apr_strings.h" -#include "apr_dbm.h" -#include "apr_md5.h" /* for apr_password_validate */ - -#include "httpd.h" -#include "http_config.h" -#include "http_core.h" -#include "http_log.h" -#include "http_protocol.h" -#include "http_request.h" /* for ap_hook_(check_user_id | auth_checker)*/ - - -typedef struct { - char *auth_dbmpwfile; - char *auth_dbmgrpfile; - char *auth_dbmtype; - int auth_dbmauthoritative; -} dbm_auth_config_rec; - -static void *create_dbm_auth_dir_config(apr_pool_t *p, char *d) -{ - dbm_auth_config_rec *conf = apr_palloc(p, sizeof(*conf)); - - conf->auth_dbmpwfile = NULL; - conf->auth_dbmgrpfile = NULL; - conf->auth_dbmtype = "default"; - conf->auth_dbmauthoritative = 1; /* fortress is secure by default */ - - return conf; -} - -static const char *set_dbm_slot(cmd_parms *cmd, void *offset, - const char *f, const char *t) -{ - if (!t || strcmp(t, "dbm")) - return DECLINE_CMD; - - return ap_set_file_slot(cmd, offset, f); -} - -static const char *set_dbm_type(cmd_parms *cmd, - void *dir_config, - const char *arg) -{ - dbm_auth_config_rec *conf = dir_config; - - conf->auth_dbmtype = apr_pstrdup(cmd->pool, arg); - return NULL; -} - -static const command_rec dbm_auth_cmds[] = -{ - AP_INIT_TAKE1("AuthDBMUserFile", ap_set_file_slot, - (void *)APR_OFFSETOF(dbm_auth_config_rec, auth_dbmpwfile), - OR_AUTHCFG, "dbm database file containing user IDs and passwords"), - AP_INIT_TAKE1("AuthDBMGroupFile", ap_set_file_slot, - (void *)APR_OFFSETOF(dbm_auth_config_rec, auth_dbmgrpfile), - OR_AUTHCFG, "dbm database file containing group names and member user IDs"), - AP_INIT_TAKE12("AuthUserFile", set_dbm_slot, - (void *)APR_OFFSETOF(dbm_auth_config_rec, auth_dbmpwfile), - OR_AUTHCFG, NULL), - AP_INIT_TAKE12("AuthGroupFile", set_dbm_slot, - (void *)APR_OFFSETOF(dbm_auth_config_rec, auth_dbmgrpfile), - OR_AUTHCFG, NULL), - AP_INIT_TAKE1("AuthDBMType", set_dbm_type, - NULL, - OR_AUTHCFG, "what type of DBM file the user file is"), - AP_INIT_FLAG("AuthDBMAuthoritative", ap_set_flag_slot, - (void *)APR_OFFSETOF(dbm_auth_config_rec, auth_dbmauthoritative), - OR_AUTHCFG, "Set to 'no' to allow access control to be passed along to lower modules, if the UserID is not known in this module"), - {NULL} -}; - -module AP_MODULE_DECLARE_DATA auth_dbm_module; - -static char *get_dbm_pw(request_rec *r, - char *user, - char *auth_dbmpwfile, - char *dbtype) -{ - apr_dbm_t *f; - apr_datum_t d, q; - char *pw = NULL; - apr_status_t retval; - q.dptr = user; -#ifndef NETSCAPE_DBM_COMPAT - q.dsize = strlen(q.dptr); -#else - q.dsize = strlen(q.dptr) + 1; -#endif - - retval = apr_dbm_open_ex(&f, dbtype, auth_dbmpwfile, APR_DBM_READONLY, - APR_OS_DEFAULT, r->pool); - if (retval != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, retval, r, - "could not open dbm (type %s) auth file: %s", dbtype, - auth_dbmpwfile); - return NULL; - } - if (apr_dbm_fetch(f, q, &d) == APR_SUCCESS && d.dptr) { - pw = apr_palloc(r->pool, d.dsize + 1); - strncpy(pw, d.dptr, d.dsize); - pw[d.dsize] = '\0'; /* Terminate the string */ - } - - apr_dbm_close(f); - return pw; -} - -/* We do something strange with the group file. If the group file - * contains any : we assume the format is - * key=username value=":"groupname [":"anything here is ignored] - * otherwise we now (0.8.14+) assume that the format is - * key=username value=groupname - * The first allows the password and group files to be the same - * physical DBM file; key=username value=password":"groupname[":"anything] - * - * mark@telescope.org, 22Sep95 - */ - -static char *get_dbm_grp(request_rec *r, char *user, char *auth_dbmgrpfile, - char *dbtype) -{ - char *grp_data = get_dbm_pw(r, user, auth_dbmgrpfile,dbtype); - char *grp_colon; - char *grp_colon2; - - if (grp_data == NULL) - return NULL; - - if ((grp_colon = strchr(grp_data, ':')) != NULL) { - grp_colon2 = strchr(++grp_colon, ':'); - if (grp_colon2) - *grp_colon2 = '\0'; - return grp_colon; - } - return grp_data; -} - -static int dbm_authenticate_basic_user(request_rec *r) -{ - dbm_auth_config_rec *conf = ap_get_module_config(r->per_dir_config, - &auth_dbm_module); - const char *sent_pw; - char *real_pw, *colon_pw; - apr_status_t invalid_pw; - int res; - - if ((res = ap_get_basic_auth_pw(r, &sent_pw))) - return res; - - if (!conf->auth_dbmpwfile) - return DECLINED; - - if (!(real_pw = get_dbm_pw(r, r->user, conf->auth_dbmpwfile, - conf->auth_dbmtype))) { - if (!(conf->auth_dbmauthoritative)) - return DECLINED; - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "DBM user %s not found: %s", r->user, r->filename); - ap_note_basic_auth_failure(r); - return HTTP_UNAUTHORIZED; - } - /* Password is up to first : if exists */ - colon_pw = strchr(real_pw, ':'); - if (colon_pw) { - *colon_pw = '\0'; - } - invalid_pw = apr_password_validate(sent_pw, real_pw); - if (invalid_pw != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "DBM user %s: authentication failure for \"%s\": " - "Password Mismatch", - r->user, r->uri); - ap_note_basic_auth_failure(r); - return HTTP_UNAUTHORIZED; - } - return OK; -} - -/* Checking ID */ - -static int dbm_check_auth(request_rec *r) -{ - dbm_auth_config_rec *conf = ap_get_module_config(r->per_dir_config, - &auth_dbm_module); - char *user = r->user; - int m = r->method_number; - - const apr_array_header_t *reqs_arr = ap_requires(r); - require_line *reqs = reqs_arr ? (require_line *) reqs_arr->elts : NULL; - - register int x; - const char *t; - char *w; - - if (!conf->auth_dbmgrpfile) - return DECLINED; - if (!reqs_arr) - return DECLINED; - - for (x = 0; x < reqs_arr->nelts; x++) { - - if (!(reqs[x].method_mask & (AP_METHOD_BIT << m))) - continue; - - t = reqs[x].requirement; - w = ap_getword_white(r->pool, &t); - - if (!strcmp(w, "group") && conf->auth_dbmgrpfile) { - const char *orig_groups, *groups; - char *v; - - if (!(groups = get_dbm_grp(r, user, conf->auth_dbmgrpfile, - conf->auth_dbmtype))) { - if (!(conf->auth_dbmauthoritative)) - return DECLINED; - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "user %s not in DBM group file %s: %s", - user, conf->auth_dbmgrpfile, r->filename); - ap_note_basic_auth_failure(r); - return HTTP_UNAUTHORIZED; - } - orig_groups = groups; - while (t[0]) { - w = ap_getword_white(r->pool, &t); - groups = orig_groups; - while (groups[0]) { - v = ap_getword(r->pool, &groups, ','); - if (!strcmp(v, w)) - return OK; - } - } - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "user %s not in right group: %s", - user, r->filename); - ap_note_basic_auth_failure(r); - return HTTP_UNAUTHORIZED; - } - } - - return DECLINED; -} - -static void register_hooks(apr_pool_t *p) -{ - ap_hook_check_user_id(dbm_authenticate_basic_user, NULL, NULL, - APR_HOOK_MIDDLE); - ap_hook_auth_checker(dbm_check_auth, NULL, NULL, APR_HOOK_MIDDLE); -} - -module AP_MODULE_DECLARE_DATA auth_dbm_module = -{ - STANDARD20_MODULE_STUFF, - create_dbm_auth_dir_config, /* dir config creater */ - NULL, /* dir merger --- default is to override */ - NULL, /* server config */ - NULL, /* merge server config */ - dbm_auth_cmds, /* command apr_table_t */ - register_hooks /* register hooks */ -}; diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_dbm.dsp b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_dbm.dsp deleted file mode 100644 index d55e0c9b..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_dbm.dsp +++ /dev/null @@ -1,128 +0,0 @@ -# Microsoft Developer Studio Project File - Name="mod_auth_dbm" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 - -CFG=mod_auth_dbm - Win32 Release -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "mod_auth_dbm.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "mod_auth_dbm.mak" CFG="mod_auth_dbm - Win32 Release" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "mod_auth_dbm - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE "mod_auth_dbm - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF "$(CFG)" == "mod_auth_dbm - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /FD /c -# ADD CPP /nologo /MD /W3 /Zi /O2 /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "AP_AUTH_DBM_USE_APR" /Fd"Release\mod_auth_dbm_src" /FD /c -# ADD BASE MTL /nologo /D "NDEBUG" /win32 -# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib /nologo /subsystem:windows /dll /out:"Release/mod_auth_dbm.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth_dbm.so -# ADD LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Release/mod_auth_dbm.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth_dbm.so /opt:ref - -!ELSEIF "$(CFG)" == "mod_auth_dbm - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /EHsc /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /FD /c -# ADD CPP /nologo /MDd /W3 /EHsc /Zi /Od /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "AP_AUTH_DBM_USE_APR" /Fd"Debug\mod_auth_dbm_src" /FD /c -# ADD BASE MTL /nologo /D "_DEBUG" /win32 -# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Debug/mod_auth_dbm.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth_dbm.so -# ADD LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Debug/mod_auth_dbm.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth_dbm.so - -!ENDIF - -# Begin Target - -# Name "mod_auth_dbm - Win32 Release" -# Name "mod_auth_dbm - Win32 Debug" -# Begin Source File - -SOURCE=.\mod_auth_dbm.c -# End Source File -# Begin Source File - -SOURCE=.\mod_auth_dbm.rc -# End Source File -# Begin Source File - -SOURCE=..\..\build\win32\win32ver.awk - -!IF "$(CFG)" == "mod_auth_dbm - Win32 Release" - -# PROP Ignore_Default_Tool 1 -# Begin Custom Build - Creating Version Resource -InputPath=..\..\build\win32\win32ver.awk - -".\mod_auth_dbm.rc" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)" - awk -f ../../build/win32/win32ver.awk mod_auth_dbm.so "auth_dbm_module for Apache" ../../include/ap_release.h > .\mod_auth_dbm.rc - -# End Custom Build - -!ELSEIF "$(CFG)" == "mod_auth_dbm - Win32 Debug" - -# PROP Ignore_Default_Tool 1 -# Begin Custom Build - Creating Version Resource -InputPath=..\..\build\win32\win32ver.awk - -".\mod_auth_dbm.rc" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)" - awk -f ../../build/win32/win32ver.awk mod_auth_dbm.so "auth_dbm_module for Apache" ../../include/ap_release.h > .\mod_auth_dbm.rc - -# End Custom Build - -!ENDIF - -# End Source File -# End Target -# End Project diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_dbm.exp b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_dbm.exp deleted file mode 100644 index 7038e804..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_dbm.exp +++ /dev/null @@ -1 +0,0 @@ -auth_dbm_module diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_digest.c b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_digest.c deleted file mode 100644 index 9f4c655a..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_digest.c +++ /dev/null @@ -1,2108 +0,0 @@ -/* Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* - * mod_auth_digest: MD5 digest authentication - * - * Originally by Alexei Kosut <akosut@nueva.pvt.k12.ca.us> - * Updated to RFC-2617 by Ronald Tschalär <ronald@innovation.ch> - * based on mod_auth, by Rob McCool and Robert S. Thau - * - * This module an updated version of modules/standard/mod_digest.c - * It is still fairly new and problems may turn up - submit problem - * reports to the Apache bug-database, or send them directly to me - * at ronald@innovation.ch. - * - * Requires either /dev/random (or equivalent) or the truerand library, - * available for instance from - * ftp://research.att.com/dist/mab/librand.shar - * - * Open Issues: - * - qop=auth-int (when streams and trailer support available) - * - nonce-format configurability - * - Proxy-Authorization-Info header is set by this module, but is - * currently ignored by mod_proxy (needs patch to mod_proxy) - * - generating the secret takes a while (~ 8 seconds) if using the - * truerand library - * - The source of the secret should be run-time directive (with server - * scope: RSRC_CONF). However, that could be tricky when trying to - * choose truerand vs. file... - * - shared-mem not completely tested yet. Seems to work ok for me, - * but... (definitely won't work on Windoze) - * - Sharing a realm among multiple servers has following problems: - * o Server name and port can't be included in nonce-hash - * (we need two nonce formats, which must be configured explicitly) - * o Nonce-count check can't be for equal, or then nonce-count checking - * must be disabled. What we could do is the following: - * (expected < received) ? set expected = received : issue error - * The only problem is that it allows replay attacks when somebody - * captures a packet sent to one server and sends it to another - * one. Should we add "AuthDigestNcCheck Strict"? - * - expired nonces give amaya fits. - */ - -#include "apr_sha1.h" -#include "apr_base64.h" -#include "apr_lib.h" -#include "apr_time.h" -#include "apr_errno.h" -#include "apr_global_mutex.h" -#include "apr_strings.h" - -#define APR_WANT_STRFUNC -#include "apr_want.h" - -#include "ap_config.h" -#include "httpd.h" -#include "http_config.h" -#include "http_core.h" -#include "http_request.h" -#include "http_log.h" -#include "http_protocol.h" -#include "apr_uri.h" -#include "util_md5.h" -#include "apr_shm.h" -#include "apr_rmm.h" - -/* Disable shmem until pools/init gets sorted out - * remove following two lines when fixed - */ -#undef APR_HAS_SHARED_MEMORY -#define APR_HAS_SHARED_MEMORY 0 - -/* struct to hold the configuration info */ - -typedef struct digest_config_struct { - const char *dir_name; - const char *pwfile; - const char *grpfile; - const char *realm; - char **qop_list; - apr_sha1_ctx_t nonce_ctx; - apr_time_t nonce_lifetime; - const char *nonce_format; - int check_nc; - const char *algorithm; - char *uri_list; - const char *ha1; -} digest_config_rec; - - -#define DFLT_ALGORITHM "MD5" - -#define DFLT_NONCE_LIFE apr_time_from_sec(300) -#define NEXTNONCE_DELTA apr_time_from_sec(30) - - -#define NONCE_TIME_LEN (((sizeof(apr_time_t)+2)/3)*4) -#define NONCE_HASH_LEN (2*APR_SHA1_DIGESTSIZE) -#define NONCE_LEN (int )(NONCE_TIME_LEN + NONCE_HASH_LEN) - -#define SECRET_LEN 20 - - -/* client list definitions */ - -typedef struct hash_entry { - unsigned long key; /* the key for this entry */ - struct hash_entry *next; /* next entry in the bucket */ - unsigned long nonce_count; /* for nonce-count checking */ - char ha1[2*MD5_DIGESTSIZE+1]; /* for algorithm=MD5-sess */ - char last_nonce[NONCE_LEN+1]; /* for one-time nonce's */ -} client_entry; - -static struct hash_table { - client_entry **table; - unsigned long tbl_len; - unsigned long num_entries; - unsigned long num_created; - unsigned long num_removed; - unsigned long num_renewed; -} *client_list; - - -/* struct to hold a parsed Authorization header */ - -enum hdr_sts { NO_HEADER, NOT_DIGEST, INVALID, VALID }; - -typedef struct digest_header_struct { - const char *scheme; - const char *realm; - const char *username; - char *nonce; - const char *uri; - const char *method; - const char *digest; - const char *algorithm; - const char *cnonce; - const char *opaque; - unsigned long opaque_num; - const char *message_qop; - const char *nonce_count; - /* the following fields are not (directly) from the header */ - apr_time_t nonce_time; - enum hdr_sts auth_hdr_sts; - const char *raw_request_uri; - apr_uri_t *psd_request_uri; - int needed_auth; - client_entry *client; -} digest_header_rec; - - -/* (mostly) nonce stuff */ - -typedef union time_union { - apr_time_t time; - unsigned char arr[sizeof(apr_time_t)]; -} time_rec; - -static unsigned char secret[SECRET_LEN]; - -/* client-list, opaque, and one-time-nonce stuff */ - -static apr_shm_t *client_shm = NULL; -static apr_rmm_t *client_rmm = NULL; -static unsigned long *opaque_cntr; -static apr_time_t *otn_counter; /* one-time-nonce counter */ -static apr_global_mutex_t *client_lock = NULL; -static apr_global_mutex_t *opaque_lock = NULL; -static char client_lock_name[L_tmpnam]; -static char opaque_lock_name[L_tmpnam]; - -#define DEF_SHMEM_SIZE 1000L /* ~ 12 entries */ -#define DEF_NUM_BUCKETS 15L -#define HASH_DEPTH 5 - -static long shmem_size = DEF_SHMEM_SIZE; -static long num_buckets = DEF_NUM_BUCKETS; - - -module AP_MODULE_DECLARE_DATA auth_digest_module; - -/* - * initialization code - */ - -static apr_status_t cleanup_tables(void *not_used) -{ - ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL, - "Digest: cleaning up shared memory"); - fflush(stderr); - - if (client_shm) { - apr_shm_destroy(client_shm); - client_shm = NULL; - } - - if (client_lock) { - apr_global_mutex_destroy(client_lock); - client_lock = NULL; - } - - if (opaque_lock) { - apr_global_mutex_destroy(opaque_lock); - opaque_lock = NULL; - } - - return APR_SUCCESS; -} - -static apr_status_t initialize_secret(server_rec *s) -{ - apr_status_t status; - - ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, - "Digest: generating secret for digest authentication ..."); - -#if APR_HAS_RANDOM - status = apr_generate_random_bytes(secret, sizeof(secret)); -#else -#error APR random number support is missing; you probably need to install the truerand library. -#endif - - if (status != APR_SUCCESS) { - char buf[120]; - ap_log_error(APLOG_MARK, APLOG_CRIT, status, s, - "Digest: error generating secret: %s", - apr_strerror(status, buf, sizeof(buf))); - return status; - } - - ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, "Digest: done"); - - return APR_SUCCESS; -} - -static void log_error_and_cleanup(char *msg, apr_status_t sts, server_rec *s) -{ - ap_log_error(APLOG_MARK, APLOG_ERR, sts, s, - "Digest: %s - all nonce-count checking, one-time nonces, and " - "MD5-sess algorithm disabled", msg); - - cleanup_tables(NULL); -} - -#if APR_HAS_SHARED_MEMORY - -static void initialize_tables(server_rec *s, apr_pool_t *ctx) -{ - unsigned long idx; - apr_status_t sts; - - /* set up client list */ - - sts = apr_shm_create(&client_shm, shmem_size, tmpnam(NULL), ctx); - if (sts != APR_SUCCESS) { - log_error_and_cleanup("failed to create shared memory segments", sts, s); - return; - } - - client_list = apr_rmm_malloc(client_rmm, sizeof(*client_list) + - sizeof(client_entry*)*num_buckets); - if (!client_list) { - log_error_and_cleanup("failed to allocate shared memory", -1, s); - return; - } - client_list->table = (client_entry**) (client_list + 1); - for (idx = 0; idx < num_buckets; idx++) { - client_list->table[idx] = NULL; - } - client_list->tbl_len = num_buckets; - client_list->num_entries = 0; - - tmpnam(client_lock_name); - /* FIXME: get the client_lock_name from a directive so we're portable - * to non-process-inheriting operating systems, like Win32. */ - sts = apr_global_mutex_create(&client_lock, client_lock_name, - APR_LOCK_DEFAULT, ctx); - if (sts != APR_SUCCESS) { - log_error_and_cleanup("failed to create lock (client_lock)", sts, s); - return; - } - - - /* setup opaque */ - - opaque_cntr = apr_rmm_malloc(client_rmm, sizeof(*opaque_cntr)); - if (opaque_cntr == NULL) { - log_error_and_cleanup("failed to allocate shared memory", -1, s); - return; - } - *opaque_cntr = 1UL; - - tmpnam(opaque_lock_name); - /* FIXME: get the opaque_lock_name from a directive so we're portable - * to non-process-inheriting operating systems, like Win32. */ - sts = apr_global_mutex_create(&opaque_lock, opaque_lock_name, - APR_LOCK_DEFAULT, ctx); - if (sts != APR_SUCCESS) { - log_error_and_cleanup("failed to create lock (opaque_lock)", sts, s); - return; - } - - - /* setup one-time-nonce counter */ - - otn_counter = apr_rmm_malloc(client_rmm, sizeof(*otn_counter)); - if (otn_counter == NULL) { - log_error_and_cleanup("failed to allocate shared memory", -1, s); - return; - } - *otn_counter = 0; - /* no lock here */ - - - /* success */ - return; -} - -#endif /* APR_HAS_SHARED_MEMORY */ - - -static int initialize_module(apr_pool_t *p, apr_pool_t *plog, - apr_pool_t *ptemp, server_rec *s) -{ - void *data; - const char *userdata_key = "auth_digest_init"; - - /* initialize_module() will be called twice, and if it's a DSO - * then all static data from the first call will be lost. Only - * set up our static data on the second call. */ - apr_pool_userdata_get(&data, userdata_key, s->process->pool); - if (!data) { - apr_pool_userdata_set((const void *)1, userdata_key, - apr_pool_cleanup_null, s->process->pool); - return OK; - } - if (initialize_secret(s) != APR_SUCCESS) { - return !OK; - } - -#if APR_HAS_SHARED_MEMORY - /* Note: this stuff is currently fixed for the lifetime of the server, - * i.e. even across restarts. This means that A) any shmem-size - * configuration changes are ignored, and B) certain optimizations, - * such as only allocating the smallest necessary entry for each - * client, can't be done. However, the alternative is a nightmare: - * we can't call apr_shm_destroy on a graceful restart because there - * will be children using the tables, and we also don't know when the - * last child dies. Therefore we can never clean up the old stuff, - * creating a creeping memory leak. - */ - initialize_tables(s, p); - apr_pool_cleanup_register(p, NULL, cleanup_tables, apr_pool_cleanup_null); -#endif /* APR_HAS_SHARED_MEMORY */ - return OK; -} - -static void initialize_child(apr_pool_t *p, server_rec *s) -{ - apr_status_t sts; - - if (!client_shm) { - return; - } - - /* FIXME: get the client_lock_name from a directive so we're portable - * to non-process-inheriting operating systems, like Win32. */ - sts = apr_global_mutex_child_init(&client_lock, client_lock_name, p); - if (sts != APR_SUCCESS) { - log_error_and_cleanup("failed to create lock (client_lock)", sts, s); - return; - } - /* FIXME: get the opaque_lock_name from a directive so we're portable - * to non-process-inheriting operating systems, like Win32. */ - sts = apr_global_mutex_child_init(&opaque_lock, opaque_lock_name, p); - if (sts != APR_SUCCESS) { - log_error_and_cleanup("failed to create lock (opaque_lock)", sts, s); - return; - } -} - -/* - * configuration code - */ - -static void *create_digest_dir_config(apr_pool_t *p, char *dir) -{ - digest_config_rec *conf; - - if (dir == NULL) { - return NULL; - } - - conf = (digest_config_rec *) apr_pcalloc(p, sizeof(digest_config_rec)); - if (conf) { - conf->qop_list = apr_palloc(p, sizeof(char*)); - conf->qop_list[0] = NULL; - conf->nonce_lifetime = DFLT_NONCE_LIFE; - conf->dir_name = apr_pstrdup(p, dir); - conf->algorithm = DFLT_ALGORITHM; - } - - return conf; -} - -static const char *set_realm(cmd_parms *cmd, void *config, const char *realm) -{ - digest_config_rec *conf = (digest_config_rec *) config; - - /* The core already handles the realm, but it's just too convenient to - * grab it ourselves too and cache some setups. However, we need to - * let the core get at it too, which is why we decline at the end - - * this relies on the fact that http_core is last in the list. - */ - conf->realm = realm; - - /* we precompute the part of the nonce hash that is constant (well, - * the host:port would be too, but that varies for .htaccess files - * and directives outside a virtual host section) - */ - apr_sha1_init(&conf->nonce_ctx); - apr_sha1_update_binary(&conf->nonce_ctx, secret, sizeof(secret)); - apr_sha1_update_binary(&conf->nonce_ctx, (const unsigned char *) realm, - strlen(realm)); - - return DECLINE_CMD; -} - -static const char *set_digest_file(cmd_parms *cmd, void *config, - const char *file) -{ - ((digest_config_rec *) config)->pwfile = file; - return NULL; -} - -static const char *set_group_file(cmd_parms *cmd, void *config, - const char *file) -{ - ((digest_config_rec *) config)->grpfile = file; - return NULL; -} - -static const char *set_qop(cmd_parms *cmd, void *config, const char *op) -{ - digest_config_rec *conf = (digest_config_rec *) config; - char **tmp; - int cnt; - - if (!strcasecmp(op, "none")) { - if (conf->qop_list[0] == NULL) { - conf->qop_list = apr_palloc(cmd->pool, 2 * sizeof(char*)); - conf->qop_list[1] = NULL; - } - conf->qop_list[0] = "none"; - return NULL; - } - - if (!strcasecmp(op, "auth-int")) { - ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, - "Digest: WARNING: qop `auth-int' currently only works " - "correctly for responses with no entity"); - } - else if (strcasecmp(op, "auth")) { - return apr_pstrcat(cmd->pool, "Unrecognized qop: ", op, NULL); - } - - for (cnt = 0; conf->qop_list[cnt] != NULL; cnt++) - ; - - tmp = apr_palloc(cmd->pool, (cnt + 2) * sizeof(char*)); - memcpy(tmp, conf->qop_list, cnt*sizeof(char*)); - tmp[cnt] = apr_pstrdup(cmd->pool, op); - tmp[cnt+1] = NULL; - conf->qop_list = tmp; - - return NULL; -} - -static const char *set_nonce_lifetime(cmd_parms *cmd, void *config, - const char *t) -{ - char *endptr; - long lifetime; - - lifetime = strtol(t, &endptr, 10); - if (endptr < (t+strlen(t)) && !apr_isspace(*endptr)) { - return apr_pstrcat(cmd->pool, - "Invalid time in AuthDigestNonceLifetime: ", - t, NULL); - } - - ((digest_config_rec *) config)->nonce_lifetime = apr_time_from_sec(lifetime); - return NULL; -} - -static const char *set_nonce_format(cmd_parms *cmd, void *config, - const char *fmt) -{ - ((digest_config_rec *) config)->nonce_format = fmt; - return "AuthDigestNonceFormat is not implemented (yet)"; -} - -static const char *set_nc_check(cmd_parms *cmd, void *config, int flag) -{ - if (flag && !client_shm) - ap_log_error(APLOG_MARK, APLOG_WARNING, 0, - cmd->server, "Digest: WARNING: nonce-count checking " - "is not supported on platforms without shared-memory " - "support - disabling check"); - - ((digest_config_rec *) config)->check_nc = flag; - return NULL; -} - -static const char *set_algorithm(cmd_parms *cmd, void *config, const char *alg) -{ - if (!strcasecmp(alg, "MD5-sess")) { - if (!client_shm) { - ap_log_error(APLOG_MARK, APLOG_WARNING, 0, - cmd->server, "Digest: WARNING: algorithm `MD5-sess' " - "is not supported on platforms without shared-memory " - "support - reverting to MD5"); - alg = "MD5"; - } - } - else if (strcasecmp(alg, "MD5")) { - return apr_pstrcat(cmd->pool, "Invalid algorithm in AuthDigestAlgorithm: ", alg, NULL); - } - - ((digest_config_rec *) config)->algorithm = alg; - return NULL; -} - -static const char *set_uri_list(cmd_parms *cmd, void *config, const char *uri) -{ - digest_config_rec *c = (digest_config_rec *) config; - if (c->uri_list) { - c->uri_list[strlen(c->uri_list)-1] = '\0'; - c->uri_list = apr_pstrcat(cmd->pool, c->uri_list, " ", uri, "\"", NULL); - } - else { - c->uri_list = apr_pstrcat(cmd->pool, ", domain=\"", uri, "\"", NULL); - } - return NULL; -} - -static const char *set_shmem_size(cmd_parms *cmd, void *config, - const char *size_str) -{ - char *endptr; - long size, min; - - size = strtol(size_str, &endptr, 10); - while (apr_isspace(*endptr)) endptr++; - if (*endptr == '\0' || *endptr == 'b' || *endptr == 'B') { - ; - } - else if (*endptr == 'k' || *endptr == 'K') { - size *= 1024; - } - else if (*endptr == 'm' || *endptr == 'M') { - size *= 1048576; - } - else { - return apr_pstrcat(cmd->pool, "Invalid size in AuthDigestShmemSize: ", - size_str, NULL); - } - - min = sizeof(*client_list) + sizeof(client_entry*) + sizeof(client_entry); - if (size < min) { - return apr_psprintf(cmd->pool, "size in AuthDigestShmemSize too small: " - "%ld < %ld", size, min); - } - - shmem_size = size; - num_buckets = (size - sizeof(*client_list)) / - (sizeof(client_entry*) + HASH_DEPTH * sizeof(client_entry)); - if (num_buckets == 0) { - num_buckets = 1; - } - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server, - "Digest: Set shmem-size: %ld, num-buckets: %ld", shmem_size, - num_buckets); - - return NULL; -} - -static const command_rec digest_cmds[] = -{ - AP_INIT_TAKE1("AuthName", set_realm, NULL, OR_AUTHCFG, - "The authentication realm (e.g. \"Members Only\")"), - AP_INIT_TAKE1("AuthDigestFile", set_digest_file, NULL, OR_AUTHCFG, - "The name of the file containing the usernames and password hashes"), - AP_INIT_TAKE1("AuthDigestGroupFile", set_group_file, NULL, OR_AUTHCFG, - "The name of the file containing the group names and members"), - AP_INIT_ITERATE("AuthDigestQop", set_qop, NULL, OR_AUTHCFG, - "A list of quality-of-protection options"), - AP_INIT_TAKE1("AuthDigestNonceLifetime", set_nonce_lifetime, NULL, OR_AUTHCFG, - "Maximum lifetime of the server nonce (seconds)"), - AP_INIT_TAKE1("AuthDigestNonceFormat", set_nonce_format, NULL, OR_AUTHCFG, - "The format to use when generating the server nonce"), - AP_INIT_FLAG("AuthDigestNcCheck", set_nc_check, NULL, OR_AUTHCFG, - "Whether or not to check the nonce-count sent by the client"), - AP_INIT_TAKE1("AuthDigestAlgorithm", set_algorithm, NULL, OR_AUTHCFG, - "The algorithm used for the hash calculation"), - AP_INIT_ITERATE("AuthDigestDomain", set_uri_list, NULL, OR_AUTHCFG, - "A list of URI's which belong to the same protection space as the current URI"), - AP_INIT_TAKE1("AuthDigestShmemSize", set_shmem_size, NULL, RSRC_CONF, - "The amount of shared memory to allocate for keeping track of clients"), - {NULL} -}; - - -/* - * client list code - * - * Each client is assigned a number, which is transfered in the opaque - * field of the WWW-Authenticate and Authorization headers. The number - * is just a simple counter which is incremented for each new client. - * Clients can't forge this number because it is hashed up into the - * server nonce, and that is checked. - * - * The clients are kept in a simple hash table, which consists of an - * array of client_entry's, each with a linked list of entries hanging - * off it. The client's number modulo the size of the array gives the - * bucket number. - * - * The clients are garbage collected whenever a new client is allocated - * but there is not enough space left in the shared memory segment. A - * simple semi-LRU is used for this: whenever a client entry is accessed - * it is moved to the beginning of the linked list in its bucket (this - * also makes for faster lookups for current clients). The garbage - * collecter then just removes the oldest entry (i.e. the one at the - * end of the list) in each bucket. - * - * The main advantages of the above scheme are that it's easy to implement - * and it keeps the hash table evenly balanced (i.e. same number of entries - * in each bucket). The major disadvantage is that you may be throwing - * entries out which are in active use. This is not tragic, as these - * clients will just be sent a new client id (opaque field) and nonce - * with a stale=true (i.e. it will just look like the nonce expired, - * thereby forcing an extra round trip). If the shared memory segment - * has enough headroom over the current client set size then this should - * not occur too often. - * - * To help tune the size of the shared memory segment (and see if the - * above algorithm is really sufficient) a set of counters is kept - * indicating the number of clients held, the number of garbage collected - * clients, and the number of erroneously purged clients. These are printed - * out at each garbage collection run. Note that access to the counters is - * not synchronized because they are just indicaters, and whether they are - * off by a few doesn't matter; and for the same reason no attempt is made - * to guarantee the num_renewed is correct in the face of clients spoofing - * the opaque field. - */ - -/* - * Get the client given its client number (the key). Returns the entry, - * or NULL if it's not found. - * - * Access to the list itself is synchronized via locks. However, access - * to the entry returned by get_client() is NOT synchronized. This means - * that there are potentially problems if a client uses multiple, - * simultaneous connections to access url's within the same protection - * space. However, these problems are not new: when using multiple - * connections you have no guarantee of the order the requests are - * processed anyway, so you have problems with the nonce-count and - * one-time nonces anyway. - */ -static client_entry *get_client(unsigned long key, const request_rec *r) -{ - int bucket; - client_entry *entry, *prev = NULL; - - - if (!key || !client_shm) return NULL; - - bucket = key % client_list->tbl_len; - entry = client_list->table[bucket]; - - apr_global_mutex_lock(client_lock); - - while (entry && key != entry->key) { - prev = entry; - entry = entry->next; - } - - if (entry && prev) { /* move entry to front of list */ - prev->next = entry->next; - entry->next = client_list->table[bucket]; - client_list->table[bucket] = entry; - } - - apr_global_mutex_unlock(client_lock); - - if (entry) { - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, - "get_client(): client %lu found", key); - } - else { - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, - "get_client(): client %lu not found", key); - } - - return entry; -} - - -/* A simple garbage-collecter to remove unused clients. It removes the - * last entry in each bucket and updates the counters. Returns the - * number of removed entries. - */ -static long gc(void) -{ - client_entry *entry, *prev; - unsigned long num_removed = 0, idx; - - /* garbage collect all last entries */ - - for (idx = 0; idx < client_list->tbl_len; idx++) { - entry = client_list->table[idx]; - prev = NULL; - while (entry->next) { /* find last entry */ - prev = entry; - entry = entry->next; - } - if (prev) { - prev->next = NULL; /* cut list */ - } - else { - client_list->table[idx] = NULL; - } - if (entry) { /* remove entry */ - apr_rmm_free(client_rmm, (apr_rmm_off_t)entry); - num_removed++; - } - } - - /* update counters and log */ - - client_list->num_entries -= num_removed; - client_list->num_removed += num_removed; - - return num_removed; -} - - -/* - * Add a new client to the list. Returns the entry if successful, NULL - * otherwise. This triggers the garbage collection if memory is low. - */ -static client_entry *add_client(unsigned long key, client_entry *info, - server_rec *s) -{ - int bucket; - client_entry *entry; - - - if (!key || !client_shm) { - return NULL; - } - - bucket = key % client_list->tbl_len; - entry = client_list->table[bucket]; - - apr_global_mutex_lock(client_lock); - - /* try to allocate a new entry */ - - entry = (client_entry *)apr_rmm_malloc(client_rmm, sizeof(client_entry)); - if (!entry) { - long num_removed = gc(); - ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, - "Digest: gc'd %ld client entries. Total new clients: " - "%ld; Total removed clients: %ld; Total renewed clients: " - "%ld", num_removed, - client_list->num_created - client_list->num_renewed, - client_list->num_removed, client_list->num_renewed); - entry = (client_entry *)apr_rmm_malloc(client_rmm, sizeof(client_entry)); - if (!entry) { - return NULL; /* give up */ - } - } - - /* now add the entry */ - - memcpy(entry, info, sizeof(client_entry)); - entry->key = key; - entry->next = client_list->table[bucket]; - client_list->table[bucket] = entry; - client_list->num_created++; - client_list->num_entries++; - - apr_global_mutex_unlock(client_lock); - - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, - "allocated new client %lu", key); - - return entry; -} - - -/* - * Authorization header parser code - */ - -/* Parse the Authorization header, if it exists */ -static int get_digest_rec(request_rec *r, digest_header_rec *resp) -{ - const char *auth_line; - apr_size_t l; - int vk = 0, vv = 0; - char *key, *value; - - auth_line = apr_table_get(r->headers_in, - (PROXYREQ_PROXY == r->proxyreq) - ? "Proxy-Authorization" - : "Authorization"); - if (!auth_line) { - resp->auth_hdr_sts = NO_HEADER; - return !OK; - } - - resp->scheme = ap_getword_white(r->pool, &auth_line); - if (strcasecmp(resp->scheme, "Digest")) { - resp->auth_hdr_sts = NOT_DIGEST; - return !OK; - } - - l = strlen(auth_line); - - key = apr_palloc(r->pool, l+1); - value = apr_palloc(r->pool, l+1); - - while (auth_line[0] != '\0') { - - /* find key */ - - while (apr_isspace(auth_line[0])) { - auth_line++; - } - vk = 0; - while (auth_line[0] != '=' && auth_line[0] != ',' - && auth_line[0] != '\0' && !apr_isspace(auth_line[0])) { - key[vk++] = *auth_line++; - } - key[vk] = '\0'; - while (apr_isspace(auth_line[0])) { - auth_line++; - } - - /* find value */ - - if (auth_line[0] == '=') { - auth_line++; - while (apr_isspace(auth_line[0])) { - auth_line++; - } - - vv = 0; - if (auth_line[0] == '\"') { /* quoted string */ - auth_line++; - while (auth_line[0] != '\"' && auth_line[0] != '\0') { - if (auth_line[0] == '\\' && auth_line[1] != '\0') { - auth_line++; /* escaped char */ - } - value[vv++] = *auth_line++; - } - if (auth_line[0] != '\0') { - auth_line++; - } - } - else { /* token */ - while (auth_line[0] != ',' && auth_line[0] != '\0' - && !apr_isspace(auth_line[0])) { - value[vv++] = *auth_line++; - } - } - value[vv] = '\0'; - } - - while (auth_line[0] != ',' && auth_line[0] != '\0') { - auth_line++; - } - if (auth_line[0] != '\0') { - auth_line++; - } - - if (!strcasecmp(key, "username")) - resp->username = apr_pstrdup(r->pool, value); - else if (!strcasecmp(key, "realm")) - resp->realm = apr_pstrdup(r->pool, value); - else if (!strcasecmp(key, "nonce")) - resp->nonce = apr_pstrdup(r->pool, value); - else if (!strcasecmp(key, "uri")) - resp->uri = apr_pstrdup(r->pool, value); - else if (!strcasecmp(key, "response")) - resp->digest = apr_pstrdup(r->pool, value); - else if (!strcasecmp(key, "algorithm")) - resp->algorithm = apr_pstrdup(r->pool, value); - else if (!strcasecmp(key, "cnonce")) - resp->cnonce = apr_pstrdup(r->pool, value); - else if (!strcasecmp(key, "opaque")) - resp->opaque = apr_pstrdup(r->pool, value); - else if (!strcasecmp(key, "qop")) - resp->message_qop = apr_pstrdup(r->pool, value); - else if (!strcasecmp(key, "nc")) - resp->nonce_count = apr_pstrdup(r->pool, value); - } - - if (!resp->username || !resp->realm || !resp->nonce || !resp->uri - || !resp->digest - || (resp->message_qop && (!resp->cnonce || !resp->nonce_count))) { - resp->auth_hdr_sts = INVALID; - return !OK; - } - - if (resp->opaque) { - resp->opaque_num = (unsigned long) strtol(resp->opaque, NULL, 16); - } - - resp->auth_hdr_sts = VALID; - return OK; -} - - -/* Because the browser may preemptively send auth info, incrementing the - * nonce-count when it does, and because the client does not get notified - * if the URI didn't need authentication after all, we need to be sure to - * update the nonce-count each time we receive an Authorization header no - * matter what the final outcome of the request. Furthermore this is a - * convenient place to get the request-uri (before any subrequests etc - * are initiated) and to initialize the request_config. - * - * Note that this must be called after mod_proxy had its go so that - * r->proxyreq is set correctly. - */ -static int parse_hdr_and_update_nc(request_rec *r) -{ - digest_header_rec *resp; - int res; - - if (!ap_is_initial_req(r)) { - return DECLINED; - } - - resp = apr_pcalloc(r->pool, sizeof(digest_header_rec)); - resp->raw_request_uri = r->unparsed_uri; - resp->psd_request_uri = &r->parsed_uri; - resp->needed_auth = 0; - resp->method = r->method; - ap_set_module_config(r->request_config, &auth_digest_module, resp); - - res = get_digest_rec(r, resp); - resp->client = get_client(resp->opaque_num, r); - if (res == OK && resp->client) { - resp->client->nonce_count++; - } - - return DECLINED; -} - - -/* - * Nonce generation code - */ - -/* The hash part of the nonce is a SHA-1 hash of the time, realm, server host - * and port, opaque, and our secret. - */ -static void gen_nonce_hash(char *hash, const char *timestr, const char *opaque, - const server_rec *server, - const digest_config_rec *conf) -{ - const char *hex = "0123456789abcdef"; - unsigned char sha1[APR_SHA1_DIGESTSIZE]; - apr_sha1_ctx_t ctx; - int idx; - - memcpy(&ctx, &conf->nonce_ctx, sizeof(ctx)); - /* - apr_sha1_update_binary(&ctx, (const unsigned char *) server->server_hostname, - strlen(server->server_hostname)); - apr_sha1_update_binary(&ctx, (const unsigned char *) &server->port, - sizeof(server->port)); - */ - apr_sha1_update_binary(&ctx, (const unsigned char *) timestr, strlen(timestr)); - if (opaque) { - apr_sha1_update_binary(&ctx, (const unsigned char *) opaque, - strlen(opaque)); - } - apr_sha1_final(sha1, &ctx); - - for (idx=0; idx<APR_SHA1_DIGESTSIZE; idx++) { - *hash++ = hex[sha1[idx] >> 4]; - *hash++ = hex[sha1[idx] & 0xF]; - } - - *hash++ = '\0'; -} - - -/* The nonce has the format b64(time)+hash . - */ -static const char *gen_nonce(apr_pool_t *p, apr_time_t now, const char *opaque, - const server_rec *server, - const digest_config_rec *conf) -{ - char *nonce = apr_palloc(p, NONCE_LEN+1); - int len; - time_rec t; - - if (conf->nonce_lifetime != 0) { - t.time = now; - } - else if (otn_counter) { - /* this counter is not synch'd, because it doesn't really matter - * if it counts exactly. - */ - t.time = (*otn_counter)++; - } - else { - /* XXX: WHAT IS THIS CONSTANT? */ - t.time = 42; - } - len = apr_base64_encode_binary(nonce, t.arr, sizeof(t.arr)); - gen_nonce_hash(nonce+NONCE_TIME_LEN, nonce, opaque, server, conf); - - return nonce; -} - - -/* - * Opaque and hash-table management - */ - -/* - * Generate a new client entry, add it to the list, and return the - * entry. Returns NULL if failed. - */ -static client_entry *gen_client(const request_rec *r) -{ - unsigned long op; - client_entry new_entry = { 0, NULL, 0, "", "" }, *entry; - - if (!opaque_cntr) { - return NULL; - } - - apr_global_mutex_lock(opaque_lock); - op = (*opaque_cntr)++; - apr_global_mutex_lock(opaque_lock); - - if (!(entry = add_client(op, &new_entry, r->server))) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: failed to allocate client entry - ignoring " - "client"); - return NULL; - } - - return entry; -} - - -/* - * MD5-sess code. - * - * If you want to use algorithm=MD5-sess you must write get_userpw_hash() - * yourself (see below). The dummy provided here just uses the hash from - * the auth-file, i.e. it is only useful for testing client implementations - * of MD5-sess . - */ - -/* - * get_userpw_hash() will be called each time a new session needs to be - * generated and is expected to return the equivalent of - * - * h_urp = ap_md5(r->pool, - * apr_pstrcat(r->pool, username, ":", ap_auth_name(r), ":", passwd)) - * ap_md5(r->pool, - * (unsigned char *) apr_pstrcat(r->pool, h_urp, ":", resp->nonce, ":", - * resp->cnonce, NULL)); - * - * or put differently, it must return - * - * MD5(MD5(username ":" realm ":" password) ":" nonce ":" cnonce) - * - * If something goes wrong, the failure must be logged and NULL returned. - * - * You must implement this yourself, which will probably consist of code - * contacting the password server with the necessary information (typically - * the username, realm, nonce, and cnonce) and receiving the hash from it. - * - * TBD: This function should probably be in a seperate source file so that - * people need not modify mod_auth_digest.c each time they install a new - * version of apache. - */ -static const char *get_userpw_hash(const request_rec *r, - const digest_header_rec *resp, - const digest_config_rec *conf) -{ - return ap_md5(r->pool, - (unsigned char *) apr_pstrcat(r->pool, conf->ha1, ":", resp->nonce, - ":", resp->cnonce, NULL)); -} - - -/* Retrieve current session H(A1). If there is none and "generate" is - * true then a new session for MD5-sess is generated and stored in the - * client struct; if generate is false, or a new session could not be - * generated then NULL is returned (in case of failure to generate the - * failure reason will have been logged already). - */ -static const char *get_session_HA1(const request_rec *r, - digest_header_rec *resp, - const digest_config_rec *conf, - int generate) -{ - const char *ha1 = NULL; - - /* return the current sessions if there is one */ - if (resp->opaque && resp->client && resp->client->ha1[0]) { - return resp->client->ha1; - } - else if (!generate) { - return NULL; - } - - /* generate a new session */ - if (!resp->client) { - resp->client = gen_client(r); - } - if (resp->client) { - ha1 = get_userpw_hash(r, resp, conf); - if (ha1) { - memcpy(resp->client->ha1, ha1, sizeof(resp->client->ha1)); - } - } - - return ha1; -} - - -static void clear_session(const digest_header_rec *resp) -{ - if (resp->client) { - resp->client->ha1[0] = '\0'; - } -} - -/* - * Authorization challenge generation code (for WWW-Authenticate) - */ - -static const char *ltox(apr_pool_t *p, unsigned long num) -{ - if (num != 0) { - return apr_psprintf(p, "%lx", num); - } - else { - return ""; - } -} - -static void note_digest_auth_failure(request_rec *r, - const digest_config_rec *conf, - digest_header_rec *resp, int stale) -{ - const char *qop, *opaque, *opaque_param, *domain, *nonce; - int cnt; - - /* Setup qop */ - - if (conf->qop_list[0] == NULL) { - qop = ", qop=\"auth\""; - } - else if (!strcasecmp(conf->qop_list[0], "none")) { - qop = ""; - } - else { - qop = apr_pstrcat(r->pool, ", qop=\"", conf->qop_list[0], NULL); - for (cnt = 1; conf->qop_list[cnt] != NULL; cnt++) { - qop = apr_pstrcat(r->pool, qop, ",", conf->qop_list[cnt], NULL); - } - qop = apr_pstrcat(r->pool, qop, "\"", NULL); - } - - /* Setup opaque */ - - if (resp->opaque == NULL) { - /* new client */ - if ((conf->check_nc || conf->nonce_lifetime == 0 - || !strcasecmp(conf->algorithm, "MD5-sess")) - && (resp->client = gen_client(r)) != NULL) { - opaque = ltox(r->pool, resp->client->key); - } - else { - opaque = ""; /* opaque not needed */ - } - } - else if (resp->client == NULL) { - /* client info was gc'd */ - resp->client = gen_client(r); - if (resp->client != NULL) { - opaque = ltox(r->pool, resp->client->key); - stale = 1; - client_list->num_renewed++; - } - else { - opaque = ""; /* ??? */ - } - } - else { - opaque = resp->opaque; - /* we're generating a new nonce, so reset the nonce-count */ - resp->client->nonce_count = 0; - } - - if (opaque[0]) { - opaque_param = apr_pstrcat(r->pool, ", opaque=\"", opaque, "\"", NULL); - } - else { - opaque_param = NULL; - } - - /* Setup nonce */ - - nonce = gen_nonce(r->pool, r->request_time, opaque, r->server, conf); - if (resp->client && conf->nonce_lifetime == 0) { - memcpy(resp->client->last_nonce, nonce, NONCE_LEN+1); - } - - /* Setup MD5-sess stuff. Note that we just clear out the session - * info here, since we can't generate a new session until the request - * from the client comes in with the cnonce. - */ - - if (!strcasecmp(conf->algorithm, "MD5-sess")) { - clear_session(resp); - } - - /* setup domain attribute. We want to send this attribute wherever - * possible so that the client won't send the Authorization header - * unneccessarily (it's usually > 200 bytes!). - */ - - /* don't send domain - * - for proxy requests - * - if it's no specified - */ - if (r->proxyreq || !conf->uri_list) { - domain = NULL; - } - else { - domain = conf->uri_list; - } - - apr_table_mergen(r->err_headers_out, - (PROXYREQ_PROXY == r->proxyreq) - ? "Proxy-Authenticate" : "WWW-Authenticate", - apr_psprintf(r->pool, "Digest realm=\"%s\", " - "nonce=\"%s\", algorithm=%s%s%s%s%s", - ap_auth_name(r), nonce, conf->algorithm, - opaque_param ? opaque_param : "", - domain ? domain : "", - stale ? ", stale=true" : "", qop)); - -} - - -/* - * Authorization header verification code - */ - -static const char *get_hash(request_rec *r, const char *user, - const char *realm, const char *auth_pwfile) -{ - ap_configfile_t *f; - char l[MAX_STRING_LEN]; - const char *rpw; - char *w, *x; - apr_status_t sts; - - if ((sts = ap_pcfg_openfile(&f, r->pool, auth_pwfile)) != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, sts, r, - "Digest: Could not open password file: %s", auth_pwfile); - return NULL; - } - while (!(ap_cfg_getline(l, MAX_STRING_LEN, f))) { - if ((l[0] == '#') || (!l[0])) { - continue; - } - rpw = l; - w = ap_getword(r->pool, &rpw, ':'); - x = ap_getword(r->pool, &rpw, ':'); - - if (x && w && !strcmp(user, w) && !strcmp(realm, x)) { - ap_cfg_closefile(f); - return apr_pstrdup(r->pool, rpw); - } - } - ap_cfg_closefile(f); - return NULL; -} - -static int check_nc(const request_rec *r, const digest_header_rec *resp, - const digest_config_rec *conf) -{ - unsigned long nc; - const char *snc = resp->nonce_count; - char *endptr; - - if (!conf->check_nc || !client_shm) { - return OK; - } - - nc = strtol(snc, &endptr, 16); - if (endptr < (snc+strlen(snc)) && !apr_isspace(*endptr)) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: invalid nc %s received - not a number", snc); - return !OK; - } - - if (!resp->client) { - return !OK; - } - - if (nc != resp->client->nonce_count) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: Warning, possible replay attack: nonce-count " - "check failed: %lu != %lu", nc, - resp->client->nonce_count); - return !OK; - } - - return OK; -} - -static int check_nonce(request_rec *r, digest_header_rec *resp, - const digest_config_rec *conf) -{ - apr_time_t dt; - int len; - time_rec nonce_time; - char tmp, hash[NONCE_HASH_LEN+1]; - - if (strlen(resp->nonce) != NONCE_LEN) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: invalid nonce %s received - length is not %d", - resp->nonce, NONCE_LEN); - note_digest_auth_failure(r, conf, resp, 1); - return HTTP_UNAUTHORIZED; - } - - tmp = resp->nonce[NONCE_TIME_LEN]; - resp->nonce[NONCE_TIME_LEN] = '\0'; - len = apr_base64_decode_binary(nonce_time.arr, resp->nonce); - gen_nonce_hash(hash, resp->nonce, resp->opaque, r->server, conf); - resp->nonce[NONCE_TIME_LEN] = tmp; - resp->nonce_time = nonce_time.time; - - if (strcmp(hash, resp->nonce+NONCE_TIME_LEN)) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: invalid nonce %s received - hash is not %s", - resp->nonce, hash); - note_digest_auth_failure(r, conf, resp, 1); - return HTTP_UNAUTHORIZED; - } - - dt = r->request_time - nonce_time.time; - if (conf->nonce_lifetime > 0 && dt < 0) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: invalid nonce %s received - user attempted " - "time travel", resp->nonce); - note_digest_auth_failure(r, conf, resp, 1); - return HTTP_UNAUTHORIZED; - } - - if (conf->nonce_lifetime > 0) { - if (dt > conf->nonce_lifetime) { - ap_log_rerror(APLOG_MARK, APLOG_INFO, 0,r, - "Digest: user %s: nonce expired (%.2f seconds old " - "- max lifetime %.2f) - sending new nonce", - r->user, (double)apr_time_sec(dt), - (double)apr_time_sec(conf->nonce_lifetime)); - note_digest_auth_failure(r, conf, resp, 1); - return HTTP_UNAUTHORIZED; - } - } - else if (conf->nonce_lifetime == 0 && resp->client) { - if (memcmp(resp->client->last_nonce, resp->nonce, NONCE_LEN)) { - ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, - "Digest: user %s: one-time-nonce mismatch - sending " - "new nonce", r->user); - note_digest_auth_failure(r, conf, resp, 1); - return HTTP_UNAUTHORIZED; - } - } - /* else (lifetime < 0) => never expires */ - - return OK; -} - -/* The actual MD5 code... whee */ - -/* RFC-2069 */ -static const char *old_digest(const request_rec *r, - const digest_header_rec *resp, const char *ha1) -{ - const char *ha2; - - ha2 = ap_md5(r->pool, (unsigned char *)apr_pstrcat(r->pool, resp->method, ":", - resp->uri, NULL)); - return ap_md5(r->pool, - (unsigned char *)apr_pstrcat(r->pool, ha1, ":", resp->nonce, - ":", ha2, NULL)); -} - -/* RFC-2617 */ -static const char *new_digest(const request_rec *r, - digest_header_rec *resp, - const digest_config_rec *conf) -{ - const char *ha1, *ha2, *a2; - - if (resp->algorithm && !strcasecmp(resp->algorithm, "MD5-sess")) { - ha1 = get_session_HA1(r, resp, conf, 1); - if (!ha1) { - return NULL; - } - } - else { - ha1 = conf->ha1; - } - - if (resp->message_qop && !strcasecmp(resp->message_qop, "auth-int")) { - a2 = apr_pstrcat(r->pool, resp->method, ":", resp->uri, ":", - ap_md5(r->pool, (const unsigned char*) ""), NULL); - /* TBD */ - } - else { - a2 = apr_pstrcat(r->pool, resp->method, ":", resp->uri, NULL); - } - ha2 = ap_md5(r->pool, (const unsigned char *)a2); - - return ap_md5(r->pool, - (unsigned char *)apr_pstrcat(r->pool, ha1, ":", resp->nonce, - ":", resp->nonce_count, ":", - resp->cnonce, ":", - resp->message_qop, ":", ha2, - NULL)); -} - - -static void copy_uri_components(apr_uri_t *dst, - apr_uri_t *src, request_rec *r) { - if (src->scheme && src->scheme[0] != '\0') { - dst->scheme = src->scheme; - } - else { - dst->scheme = (char *) "http"; - } - - if (src->hostname && src->hostname[0] != '\0') { - dst->hostname = apr_pstrdup(r->pool, src->hostname); - ap_unescape_url(dst->hostname); - } - else { - dst->hostname = (char *) ap_get_server_name(r); - } - - if (src->port_str && src->port_str[0] != '\0') { - dst->port = src->port; - } - else { - dst->port = ap_get_server_port(r); - } - - if (src->path && src->path[0] != '\0') { - dst->path = apr_pstrdup(r->pool, src->path); - ap_unescape_url(dst->path); - } - else { - dst->path = src->path; - } - - if (src->query && src->query[0] != '\0') { - dst->query = apr_pstrdup(r->pool, src->query); - ap_unescape_url(dst->query); - } - else { - dst->query = src->query; - } - - dst->hostinfo = src->hostinfo; -} - -/* These functions return 0 if client is OK, and proper error status - * if not... either HTTP_UNAUTHORIZED, if we made a check, and it failed, or - * HTTP_INTERNAL_SERVER_ERROR, if things are so totally confused that we - * couldn't figure out how to tell if the client is authorized or not. - * - * If they return DECLINED, and all other modules also decline, that's - * treated by the server core as a configuration error, logged and - * reported as such. - */ - -/* Determine user ID, and check if the attributes are correct, if it - * really is that user, if the nonce is correct, etc. - */ - -static int authenticate_digest_user(request_rec *r) -{ - digest_config_rec *conf; - digest_header_rec *resp; - request_rec *mainreq; - const char *t; - int res; - - /* do we require Digest auth for this URI? */ - - if (!(t = ap_auth_type(r)) || strcasecmp(t, "Digest")) { - return DECLINED; - } - - if (!ap_auth_name(r)) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: need AuthName: %s", r->uri); - return HTTP_INTERNAL_SERVER_ERROR; - } - - - /* get the client response and mark */ - - mainreq = r; - while (mainreq->main != NULL) { - mainreq = mainreq->main; - } - while (mainreq->prev != NULL) { - mainreq = mainreq->prev; - } - resp = (digest_header_rec *) ap_get_module_config(mainreq->request_config, - &auth_digest_module); - resp->needed_auth = 1; - - - /* get our conf */ - - conf = (digest_config_rec *) ap_get_module_config(r->per_dir_config, - &auth_digest_module); - - - /* check for existence and syntax of Auth header */ - - if (resp->auth_hdr_sts != VALID) { - if (resp->auth_hdr_sts == NOT_DIGEST) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: client used wrong authentication scheme " - "`%s': %s", resp->scheme, r->uri); - } - else if (resp->auth_hdr_sts == INVALID) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: missing user, realm, nonce, uri, digest, " - "cnonce, or nonce_count in authorization header: %s", - r->uri); - } - /* else (resp->auth_hdr_sts == NO_HEADER) */ - note_digest_auth_failure(r, conf, resp, 0); - return HTTP_UNAUTHORIZED; - } - - r->user = (char *) resp->username; - r->ap_auth_type = (char *) "Digest"; - - /* check the auth attributes */ - - if (strcmp(resp->uri, resp->raw_request_uri)) { - /* Hmm, the simple match didn't work (probably a proxy modified the - * request-uri), so lets do a more sophisticated match - */ - apr_uri_t r_uri, d_uri; - - copy_uri_components(&r_uri, resp->psd_request_uri, r); - if (apr_uri_parse(r->pool, resp->uri, &d_uri) != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: invalid uri <%s> in Authorization header", - resp->uri); - return HTTP_BAD_REQUEST; - } - - if (d_uri.hostname) { - ap_unescape_url(d_uri.hostname); - } - if (d_uri.path) { - ap_unescape_url(d_uri.path); - } - if (d_uri.query) { - ap_unescape_url(d_uri.query); - } - else if (r_uri.query) { - /* MSIE compatibility hack. MSIE has some RFC issues - doesn't - * include the query string in the uri Authorization component - * or when computing the response component. the second part - * works out ok, since we can hash the header and get the same - * result. however, the uri from the request line won't match - * the uri Authorization component since the header lacks the - * query string, leaving us incompatable with a (broken) MSIE. - * - * the workaround is to fake a query string match if in the proper - * environment - BrowserMatch MSIE, for example. the cool thing - * is that if MSIE ever fixes itself the simple match ought to - * work and this code won't be reached anyway, even if the - * environment is set. - */ - - if (apr_table_get(r->subprocess_env, - "AuthDigestEnableQueryStringHack")) { - d_uri.query = r_uri.query; - } - } - - if (r->method_number == M_CONNECT) { - if (!r_uri.hostinfo || strcmp(resp->uri, r_uri.hostinfo)) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: uri mismatch - <%s> does not match " - "request-uri <%s>", resp->uri, r_uri.hostinfo); - return HTTP_BAD_REQUEST; - } - } - else if ( - /* check hostname matches, if present */ - (d_uri.hostname && d_uri.hostname[0] != '\0' - && strcasecmp(d_uri.hostname, r_uri.hostname)) - /* check port matches, if present */ - || (d_uri.port_str && d_uri.port != r_uri.port) - /* check that server-port is default port if no port present */ - || (d_uri.hostname && d_uri.hostname[0] != '\0' - && !d_uri.port_str && r_uri.port != ap_default_port(r)) - /* check that path matches */ - || (d_uri.path != r_uri.path - /* either exact match */ - && (!d_uri.path || !r_uri.path - || strcmp(d_uri.path, r_uri.path)) - /* or '*' matches empty path in scheme://host */ - && !(d_uri.path && !r_uri.path && resp->psd_request_uri->hostname - && d_uri.path[0] == '*' && d_uri.path[1] == '\0')) - /* check that query matches */ - || (d_uri.query != r_uri.query - && (!d_uri.query || !r_uri.query - || strcmp(d_uri.query, r_uri.query))) - ) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: uri mismatch - <%s> does not match " - "request-uri <%s>", resp->uri, resp->raw_request_uri); - return HTTP_BAD_REQUEST; - } - } - - if (resp->opaque && resp->opaque_num == 0) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: received invalid opaque - got `%s'", - resp->opaque); - note_digest_auth_failure(r, conf, resp, 0); - return HTTP_UNAUTHORIZED; - } - - if (strcmp(resp->realm, conf->realm)) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: realm mismatch - got `%s' but expected `%s'", - resp->realm, conf->realm); - note_digest_auth_failure(r, conf, resp, 0); - return HTTP_UNAUTHORIZED; - } - - if (resp->algorithm != NULL - && strcasecmp(resp->algorithm, "MD5") - && strcasecmp(resp->algorithm, "MD5-sess")) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: unknown algorithm `%s' received: %s", - resp->algorithm, r->uri); - note_digest_auth_failure(r, conf, resp, 0); - return HTTP_UNAUTHORIZED; - } - - if (!conf->pwfile) { - return DECLINED; - } - - if (!(conf->ha1 = get_hash(r, r->user, conf->realm, conf->pwfile))) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: user `%s' in realm `%s' not found: %s", - r->user, conf->realm, r->uri); - note_digest_auth_failure(r, conf, resp, 0); - return HTTP_UNAUTHORIZED; - } - - - if (resp->message_qop == NULL) { - /* old (rfc-2069) style digest */ - if (strcmp(resp->digest, old_digest(r, resp, conf->ha1))) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: user %s: password mismatch: %s", r->user, - r->uri); - note_digest_auth_failure(r, conf, resp, 0); - return HTTP_UNAUTHORIZED; - } - } - else { - const char *exp_digest; - int match = 0, idx; - for (idx = 0; conf->qop_list[idx] != NULL; idx++) { - if (!strcasecmp(conf->qop_list[idx], resp->message_qop)) { - match = 1; - break; - } - } - - if (!match - && !(conf->qop_list[0] == NULL - && !strcasecmp(resp->message_qop, "auth"))) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: invalid qop `%s' received: %s", - resp->message_qop, r->uri); - note_digest_auth_failure(r, conf, resp, 0); - return HTTP_UNAUTHORIZED; - } - - exp_digest = new_digest(r, resp, conf); - if (!exp_digest) { - /* we failed to allocate a client struct */ - return HTTP_INTERNAL_SERVER_ERROR; - } - if (strcmp(resp->digest, exp_digest)) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: user %s: password mismatch: %s", r->user, - r->uri); - note_digest_auth_failure(r, conf, resp, 0); - return HTTP_UNAUTHORIZED; - } - } - - if (check_nc(r, resp, conf) != OK) { - note_digest_auth_failure(r, conf, resp, 0); - return HTTP_UNAUTHORIZED; - } - - /* Note: this check is done last so that a "stale=true" can be - generated if the nonce is old */ - if ((res = check_nonce(r, resp, conf))) { - return res; - } - - return OK; -} - - -/* - * Checking ID - */ - -static apr_table_t *groups_for_user(request_rec *r, const char *user, - const char *grpfile) -{ - ap_configfile_t *f; - apr_table_t *grps = apr_table_make(r->pool, 15); - apr_pool_t *sp; - char l[MAX_STRING_LEN]; - const char *group_name, *ll, *w; - apr_status_t sts; - - if ((sts = ap_pcfg_openfile(&f, r->pool, grpfile)) != APR_SUCCESS) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, sts, r, - "Digest: Could not open group file: %s", grpfile); - return NULL; - } - - if (apr_pool_create(&sp, r->pool) != APR_SUCCESS) { - return NULL; - } - - while (!(ap_cfg_getline(l, MAX_STRING_LEN, f))) { - if ((l[0] == '#') || (!l[0])) { - continue; - } - ll = l; - apr_pool_clear(sp); - - group_name = ap_getword(sp, &ll, ':'); - - while (ll[0]) { - w = ap_getword_conf(sp, &ll); - if (!strcmp(w, user)) { - apr_table_setn(grps, apr_pstrdup(r->pool, group_name), "in"); - break; - } - } - } - - ap_cfg_closefile(f); - apr_pool_destroy(sp); - return grps; -} - - -static int digest_check_auth(request_rec *r) -{ - const digest_config_rec *conf = - (digest_config_rec *) ap_get_module_config(r->per_dir_config, - &auth_digest_module); - const char *user = r->user; - int m = r->method_number; - int method_restricted = 0; - register int x; - const char *t, *w; - apr_table_t *grpstatus; - const apr_array_header_t *reqs_arr; - require_line *reqs; - - if (!(t = ap_auth_type(r)) || strcasecmp(t, "Digest")) { - return DECLINED; - } - - reqs_arr = ap_requires(r); - /* If there is no "requires" directive, then any user will do. - */ - if (!reqs_arr) { - return OK; - } - reqs = (require_line *) reqs_arr->elts; - - if (conf->grpfile) { - grpstatus = groups_for_user(r, user, conf->grpfile); - } - else { - grpstatus = NULL; - } - - for (x = 0; x < reqs_arr->nelts; x++) { - - if (!(reqs[x].method_mask & (AP_METHOD_BIT << m))) { - continue; - } - - method_restricted = 1; - - t = reqs[x].requirement; - w = ap_getword_white(r->pool, &t); - if (!strcasecmp(w, "valid-user")) { - return OK; - } - else if (!strcasecmp(w, "user")) { - while (t[0]) { - w = ap_getword_conf(r->pool, &t); - if (!strcmp(user, w)) { - return OK; - } - } - } - else if (!strcasecmp(w, "group")) { - if (!grpstatus) { - return DECLINED; - } - - while (t[0]) { - w = ap_getword_conf(r->pool, &t); - if (apr_table_get(grpstatus, w)) { - return OK; - } - } - } - else { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: access to %s failed, reason: unknown " - "require directive \"%s\"", - r->uri, reqs[x].requirement); - return DECLINED; - } - } - - if (!method_restricted) { - return OK; - } - - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: access to %s failed, reason: user %s not " - "allowed access", r->uri, user); - - note_digest_auth_failure(r, conf, - (digest_header_rec *) ap_get_module_config(r->request_config, - &auth_digest_module), - 0); - return HTTP_UNAUTHORIZED; -} - - -/* - * Authorization-Info header code - */ - -#ifdef SEND_DIGEST -static const char *hdr(const apr_table_t *tbl, const char *name) -{ - const char *val = apr_table_get(tbl, name); - if (val) { - return val; - } - else { - return ""; - } -} -#endif - -static int add_auth_info(request_rec *r) -{ - const digest_config_rec *conf = - (digest_config_rec *) ap_get_module_config(r->per_dir_config, - &auth_digest_module); - digest_header_rec *resp = - (digest_header_rec *) ap_get_module_config(r->request_config, - &auth_digest_module); - const char *ai = NULL, *digest = NULL, *nextnonce = ""; - - if (resp == NULL || !resp->needed_auth || conf == NULL) { - return OK; - } - - - /* rfc-2069 digest - */ - if (resp->message_qop == NULL) { - /* old client, so calc rfc-2069 digest */ - -#ifdef SEND_DIGEST - /* most of this totally bogus because the handlers don't set the - * headers until the final handler phase (I wonder why this phase - * is called fixup when there's almost nothing you can fix up...) - * - * Because it's basically impossible to get this right (e.g. the - * Content-length is never set yet when we get here, and we can't - * calc the entity hash) it's best to just leave this #def'd out. - */ - char date[APR_RFC822_DATE_LEN]; - apr_rfc822_date(date, r->request_time); - char *entity_info = - ap_md5(r->pool, - (unsigned char *) apr_pstrcat(r->pool, resp->raw_request_uri, - ":", - r->content_type ? r->content_type : ap_default_type(r), ":", - hdr(r->headers_out, "Content-Length"), ":", - r->content_encoding ? r->content_encoding : "", ":", - hdr(r->headers_out, "Last-Modified"), ":", - r->no_cache && !apr_table_get(r->headers_out, "Expires") ? - date : - hdr(r->headers_out, "Expires"), - NULL)); - digest = - ap_md5(r->pool, - (unsigned char *)apr_pstrcat(r->pool, conf->ha1, ":", - resp->nonce, ":", - r->method, ":", - date, ":", - entity_info, ":", - ap_md5(r->pool, (unsigned char *) ""), /* H(entity) - TBD */ - NULL)); -#endif - } - - - /* setup nextnonce - */ - if (conf->nonce_lifetime > 0) { - /* send nextnonce if current nonce will expire in less than 30 secs */ - if ((r->request_time - resp->nonce_time) > (conf->nonce_lifetime-NEXTNONCE_DELTA)) { - nextnonce = apr_pstrcat(r->pool, ", nextnonce=\"", - gen_nonce(r->pool, r->request_time, - resp->opaque, r->server, conf), - "\"", NULL); - if (resp->client) - resp->client->nonce_count = 0; - } - } - else if (conf->nonce_lifetime == 0 && resp->client) { - const char *nonce = gen_nonce(r->pool, 0, resp->opaque, r->server, - conf); - nextnonce = apr_pstrcat(r->pool, ", nextnonce=\"", nonce, "\"", NULL); - memcpy(resp->client->last_nonce, nonce, NONCE_LEN+1); - } - /* else nonce never expires, hence no nextnonce */ - - - /* do rfc-2069 digest - */ - if (conf->qop_list[0] && !strcasecmp(conf->qop_list[0], "none") - && resp->message_qop == NULL) { - /* use only RFC-2069 format */ - if (digest) { - ai = apr_pstrcat(r->pool, "digest=\"", digest, "\"", nextnonce,NULL); - } - else { - ai = nextnonce; - } - } - else { - const char *resp_dig, *ha1, *a2, *ha2; - - /* calculate rspauth attribute - */ - if (resp->algorithm && !strcasecmp(resp->algorithm, "MD5-sess")) { - ha1 = get_session_HA1(r, resp, conf, 0); - if (!ha1) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "Digest: internal error: couldn't find session " - "info for user %s", resp->username); - return !OK; - } - } - else { - ha1 = conf->ha1; - } - - if (resp->message_qop && !strcasecmp(resp->message_qop, "auth-int")) { - a2 = apr_pstrcat(r->pool, ":", resp->uri, ":", - ap_md5(r->pool,(const unsigned char *) ""), NULL); - /* TBD */ - } - else { - a2 = apr_pstrcat(r->pool, ":", resp->uri, NULL); - } - ha2 = ap_md5(r->pool, (const unsigned char *)a2); - - resp_dig = ap_md5(r->pool, - (unsigned char *)apr_pstrcat(r->pool, ha1, ":", - resp->nonce, ":", - resp->nonce_count, ":", - resp->cnonce, ":", - resp->message_qop ? - resp->message_qop : "", - ":", ha2, NULL)); - - /* assemble Authentication-Info header - */ - ai = apr_pstrcat(r->pool, - "rspauth=\"", resp_dig, "\"", - nextnonce, - resp->cnonce ? ", cnonce=\"" : "", - resp->cnonce - ? ap_escape_quotes(r->pool, resp->cnonce) - : "", - resp->cnonce ? "\"" : "", - resp->nonce_count ? ", nc=" : "", - resp->nonce_count ? resp->nonce_count : "", - resp->message_qop ? ", qop=" : "", - resp->message_qop ? resp->message_qop : "", - digest ? "digest=\"" : "", - digest ? digest : "", - digest ? "\"" : "", - NULL); - } - - if (ai && ai[0]) { - apr_table_mergen(r->headers_out, - (PROXYREQ_PROXY == r->proxyreq) - ? "Proxy-Authentication-Info" - : "Authentication-Info", - ai); - } - - return OK; -} - - -static void register_hooks(apr_pool_t *p) -{ - static const char * const cfgPost[]={ "http_core.c", NULL }; - static const char * const parsePre[]={ "mod_proxy.c", NULL }; - - ap_hook_post_config(initialize_module, NULL, cfgPost, APR_HOOK_MIDDLE); - ap_hook_child_init(initialize_child, NULL, NULL, APR_HOOK_MIDDLE); - ap_hook_post_read_request(parse_hdr_and_update_nc, parsePre, NULL, APR_HOOK_MIDDLE); - ap_hook_check_user_id(authenticate_digest_user, NULL, NULL, APR_HOOK_MIDDLE); - ap_hook_auth_checker(digest_check_auth, NULL, NULL, APR_HOOK_MIDDLE); - ap_hook_fixups(add_auth_info, NULL, NULL, APR_HOOK_MIDDLE); -} - -module AP_MODULE_DECLARE_DATA auth_digest_module = -{ - STANDARD20_MODULE_STUFF, - create_digest_dir_config, /* dir config creater */ - NULL, /* dir merger --- default is to override */ - NULL, /* server config */ - NULL, /* merge server config */ - digest_cmds, /* command table */ - register_hooks /* register hooks */ -}; - diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_digest.dsp b/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_digest.dsp deleted file mode 100644 index 74daf60b..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/mod_auth_digest.dsp +++ /dev/null @@ -1,128 +0,0 @@ -# Microsoft Developer Studio Project File - Name="mod_auth_digest" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 - -CFG=mod_auth_digest - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "mod_auth_digest.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "mod_auth_digest.mak" CFG="mod_auth_digest - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "mod_auth_digest - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE "mod_auth_digest - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF "$(CFG)" == "mod_auth_digest - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MD /W3 /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /FD /c -# ADD CPP /nologo /MD /W3 /Zi /O2 /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Release\mod_auth_digest_src" /FD /c -# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL" -# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /o /win32 "NUL" -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib /nologo /subsystem:windows /dll /out:"Release/mod_auth_digest.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth_digest.so -# ADD LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Release/mod_auth_digest.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth_digest.so /opt:ref - -!ELSEIF "$(CFG)" == "mod_auth_digest - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MDd /W3 /EHsc /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /FD /c -# ADD CPP /nologo /MDd /W3 /EHsc /Zi /Od /I "../../include" /I "../../srclib/apr/include" /I "../../srclib/apr-util/include" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /Fd"Debug\mod_auth_digest_src" /FD /c -# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL" -# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /o /win32 "NUL" -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Debug/mod_auth_digest.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth_digest.so -# ADD LINK32 kernel32.lib /nologo /subsystem:windows /dll /incremental:no /debug /out:"Debug/mod_auth_digest.so" /base:@..\..\os\win32\BaseAddr.ref,mod_auth_digest.so - -!ENDIF - -# Begin Target - -# Name "mod_auth_digest - Win32 Release" -# Name "mod_auth_digest - Win32 Debug" -# Begin Source File - -SOURCE=.\mod_auth_digest.c -# End Source File -# Begin Source File - -SOURCE=.\mod_auth_digest.rc -# End Source File -# Begin Source File - -SOURCE=..\..\build\win32\win32ver.awk - -!IF "$(CFG)" == "mod_auth_digest - Win32 Release" - -# PROP Ignore_Default_Tool 1 -# Begin Custom Build - Creating Version Resource -InputPath=..\..\build\win32\win32ver.awk - -".\mod_auth_digest.rc" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)" - awk -f ../../build/win32/win32ver.awk mod_auth_digest.so "auth_digest_module for Apache" ../../include/ap_release.h > .\mod_auth_digest.rc - -# End Custom Build - -!ELSEIF "$(CFG)" == "mod_auth_digest - Win32 Debug" - -# PROP Ignore_Default_Tool 1 -# Begin Custom Build - Creating Version Resource -InputPath=..\..\build\win32\win32ver.awk - -".\mod_auth_digest.rc" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)" - awk -f ../../build/win32/win32ver.awk mod_auth_digest.so "auth_digest_module for Apache" ../../include/ap_release.h > .\mod_auth_digest.rc - -# End Custom Build - -!ENDIF - -# End Source File -# End Target -# End Project diff --git a/rubbos/app/httpd-2.0.64/modules/aaa/modules.mk b/rubbos/app/httpd-2.0.64/modules/aaa/modules.mk deleted file mode 100644 index 79900dea..00000000 --- a/rubbos/app/httpd-2.0.64/modules/aaa/modules.mk +++ /dev/null @@ -1,7 +0,0 @@ -mod_access.la: mod_access.lo - $(MOD_LINK) mod_access.lo $(MOD_ACCESS_LDADD) -mod_auth.la: mod_auth.lo - $(MOD_LINK) mod_auth.lo $(MOD_AUTH_LDADD) -DISTCLEAN_TARGETS = modules.mk -static = mod_access.la mod_auth.la -shared = |