projects / packages / apache1-mod_auth_yp.git / blame
| Commit | Line | Data |
|---|---|---|
| 620140ac SZ |
1 | --- mod_auth_yp.c Sun Nov 23 00:26:37 2003 |
| 2 | +++ mod_auth_yp.c.sz Sun Nov 23 00:24:18 2003 | |
| 3 | @@ -34,6 +34,7 @@ | |
| 4 | typedef struct auth_yp_config_struct { | |
| 5 | char *auth_yp_domain; | |
| 6 | char *auth_yp_pwtable; | |
| 7 | + char *auth_yp_shtable; | |
| 8 | char *auth_yp_grptable; | |
| 9 | int auth_yp_authoritative; | |
| 10 | int auth_yp; | |
| 11 | @@ -45,9 +46,10 @@ | |
| 12 | (auth_yp_config_rec *) ap_pcalloc(p, sizeof(auth_yp_config_rec)); | |
| 13 | sec->auth_yp_domain = NULL; | |
| 14 | sec->auth_yp_pwtable = NULL; /* just to illustrate the default really */ | |
| 15 | + sec->auth_yp_shtable = NULL; | |
| 16 | sec->auth_yp_grptable = NULL; /* unless you have a broken HP cc */ | |
| 17 | sec->auth_yp_authoritative = 1; /* keep the fortress secure by default */ | |
| 18 | - sec->auth_yp = NULL; | |
| 19 | + sec->auth_yp = 0; | |
| 20 | return sec; | |
| 21 | } | |
| 22 | ||
| 23 | @@ -64,7 +66,10 @@ | |
| 24 | "NIS domain name"}, | |
| 25 | {"AuthYPUserTable", set_auth_yp_slot, | |
| 26 | (void *) XtOffsetOf(auth_yp_config_rec, auth_yp_pwtable), OR_AUTHCFG, TAKE1, | |
| 27 | - "NIS table containing user IDs and passwords"}, | |
| 28 | + "NIS table containing user IDs, user groups and passwords"}, | |
| 29 | + {"AuthYPShadowTable", set_auth_yp_slot, | |
| 30 | + (void *) XtOffsetOf(auth_yp_config_rec, auth_yp_shtable), OR_AUTHCFG, TAKE1, | |
| 31 | + "NIS table containing usernames and passwords"}, | |
| 32 | {"AuthYPGroupTable", set_auth_yp_slot, | |
| 33 | (void *) XtOffsetOf(auth_yp_config_rec, auth_yp_grptable), OR_AUTHCFG, TAKE1, | |
| 34 | "NIS table containing group names and member user IDs"}, | |
| 35 | @@ -99,29 +104,41 @@ | |
| 36 | } | |
| 37 | } | |
| 38 | ||
| 39 | -static char *user_in_yp_group(request_rec *r, const char *group_to_check, char *auth_yp_grptable, char *auth_yp_domain) | |
| 40 | +static char *user_in_yp_group(request_rec *r, const char *group_to_check, char *auth_yp_pwtable, char *auth_yp_grptable, char *auth_yp_domain) | |
| 41 | { | |
| 42 | char *user=r->connection->user; | |
| 43 | -char *domainname, *value, *groups; | |
| 44 | -char groupline[MAX_STRING_LEN], uname[MAX_STRING_LEN]; | |
| 45 | +char *domainname, *value, *groups, *usergroup; | |
| 46 | +char groupline[MAX_STRING_LEN], userline[MAX_STRING_LEN], uname[MAX_STRING_LEN]; | |
| 47 | int err, valuelen, unameidx, colons; | |
| 48 | +int gid, ugid; | |
| 49 | +char *gididx, *ugididx; | |
| 50 | ||
| 51 | domainname=get_yp_domain(r, auth_yp_domain); | |
| 52 | if(!domainname) return NULL; | |
| 53 | ||
| 54 | if(!auth_yp_grptable) auth_yp_grptable="group.byname"; | |
| 55 | +if(!auth_yp_pwtable) auth_yp_pwtable="passwd.byname"; | |
| 56 | ||
| 57 | err=yp_match(domainname, auth_yp_grptable, group_to_check, strlen(group_to_check), &value, &valuelen); | |
| 58 | -if(err != 0) | |
| 59 | - { | |
| 60 | +if(err != 0) { | |
| 61 | ap_log_rerror(APLOG_MARK, APLOG_ERR, r, "%s", yperr_string(err) ); | |
| 62 | return NULL; | |
| 63 | - } | |
| 64 | +} | |
| 65 | ||
| 66 | strncpy(groupline, value, valuelen); | |
| 67 | groupline[valuelen]=(char)NULL; | |
| 68 | -for(colons=3, groups=groupline; colons; groups++) | |
| 69 | - if(*groups == ':') colons--; | |
| 70 | + | |
| 71 | +for(colons=2, groups=groupline; colons; groups++) | |
| 72 | + if(*groups == ':') colons--; | |
| 73 | + | |
| 74 | +gididx = groups; | |
| 75 | +while(isdigit((int)*groups)) { | |
| 76 | + groups++; | |
| 77 | +} | |
| 78 | +*groups = (char)NULL; | |
| 79 | +gid = atoi(gididx); | |
| 80 | + | |
| 81 | +groups++; | |
| 82 | ||
| 83 | while(isprint((int)*groups)) | |
| 84 | { | |
| 85 | @@ -137,10 +154,36 @@ | |
| 86 | if(!strcmp(user, uname)) | |
| 87 | { | |
| 88 | /* printf("Found %s\n", argv[2]); */ | |
| 89 | - return group_to_check; | |
| 90 | + return (char *)group_to_check; | |
| 91 | } | |
| 92 | } | |
| 93 | /* printf("Unable to find %s\n", argv[2]); */ | |
| 94 | +// return NULL; | |
| 95 |