1 --- mod_auth_yp.c Sun Nov 23 00:26:37 2003
2 +++ mod_auth_yp.c.sz Sun Nov 23 00:24:18 2003
4 typedef struct auth_yp_config_struct {
7 + char *auth_yp_shtable;
8 char *auth_yp_grptable;
9 int auth_yp_authoritative;
12 (auth_yp_config_rec *) ap_pcalloc(p, sizeof(auth_yp_config_rec));
13 sec->auth_yp_domain = NULL;
14 sec->auth_yp_pwtable = NULL; /* just to illustrate the default really */
15 + sec->auth_yp_shtable = NULL;
16 sec->auth_yp_grptable = NULL; /* unless you have a broken HP cc */
17 sec->auth_yp_authoritative = 1; /* keep the fortress secure by default */
18 - sec->auth_yp = NULL;
25 {"AuthYPUserTable", set_auth_yp_slot,
26 (void *) XtOffsetOf(auth_yp_config_rec, auth_yp_pwtable), OR_AUTHCFG, TAKE1,
27 - "NIS table containing user IDs and passwords"},
28 + "NIS table containing user IDs, user groups and passwords"},
29 + {"AuthYPShadowTable", set_auth_yp_slot,
30 + (void *) XtOffsetOf(auth_yp_config_rec, auth_yp_shtable), OR_AUTHCFG, TAKE1,
31 + "NIS table containing usernames and passwords"},
32 {"AuthYPGroupTable", set_auth_yp_slot,
33 (void *) XtOffsetOf(auth_yp_config_rec, auth_yp_grptable), OR_AUTHCFG, TAKE1,
34 "NIS table containing group names and member user IDs"},
39 -static char *user_in_yp_group(request_rec *r, const char *group_to_check, char *auth_yp_grptable, char *auth_yp_domain)
40 +static char *user_in_yp_group(request_rec *r, const char *group_to_check, char *auth_yp_pwtable, char *auth_yp_grptable, char *auth_yp_domain)
42 char *user=r->connection->user;
43 -char *domainname, *value, *groups;
44 -char groupline[MAX_STRING_LEN], uname[MAX_STRING_LEN];
45 +char *domainname, *value, *groups, *usergroup;
46 +char groupline[MAX_STRING_LEN], userline[MAX_STRING_LEN], uname[MAX_STRING_LEN];
47 int err, valuelen, unameidx, colons;
49 +char *gididx, *ugididx;
51 domainname=get_yp_domain(r, auth_yp_domain);
52 if(!domainname) return NULL;
54 if(!auth_yp_grptable) auth_yp_grptable="group.byname";
55 +if(!auth_yp_pwtable) auth_yp_pwtable="passwd.byname";
57 err=yp_match(domainname, auth_yp_grptable, group_to_check, strlen(group_to_check), &value, &valuelen);
61 ap_log_rerror(APLOG_MARK, APLOG_ERR, r, "%s", yperr_string(err) );
66 strncpy(groupline, value, valuelen);
67 groupline[valuelen]=(char)NULL;
68 -for(colons=3, groups=groupline; colons; groups++)
69 - if(*groups == ':') colons--;
71 +for(colons=2, groups=groupline; colons; groups++)
72 + if(*groups == ':') colons--;
75 +while(isdigit((int)*groups)) {
78 +*groups = (char)NULL;
83 while(isprint((int)*groups))
86 if(!strcmp(user, uname))
88 /* printf("Found %s\n", argv[2]); */
89 - return group_to_check;
90 + return (char *)group_to_check;
93 /* printf("Unable to find %s\n", argv[2]); */
95 +// jeĀ¶li nie ma w group.byname
97 +err=yp_match(domainname, auth_yp_pwtable, user, strlen(user), &value, &valuelen);
100 + ap_log_rerror(APLOG_MARK, APLOG_ERR, r, "%s", yperr_string(err) );
103 +strncpy(userline, value, valuelen);
104 +userline[valuelen]=(char)NULL;
106 +for(colons=3, usergroup=userline; colons; usergroup++)
107 + if(*usergroup == ':') colons--;
109 +ugididx = usergroup;
111 +while(isdigit((int)*usergroup)) {
114 +*usergroup = (char)NULL;
115 +ugid = atoi(ugididx);
118 + return (char*) group_to_check;
124 /* If YP is not enabled - IanP */
125 if(!sec->auth_yp) return DECLINED;
127 - if (!(real_pw = get_pw(r, c->user, sec->auth_yp_pwtable, sec->auth_yp_domain))) {
128 + if (!(real_pw = get_pw(r, c->user, (sec->auth_yp_shtable ? sec->auth_yp_shtable : sec->auth_yp_pwtable) , sec->auth_yp_domain))) {
129 if (!(sec->auth_yp_authoritative))
131 ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
134 w = ap_getword_conf(r->pool, &t); /* w=group name - IanP */
135 /* New Function - IanP */
136 - if(user_in_yp_group(r, w, sec->auth_yp_grptable, sec->auth_yp_domain))
137 + if(user_in_yp_group(r, w, sec->auth_yp_pwtable, sec->auth_yp_grptable, sec->auth_yp_domain))
140 } else if (sec->auth_yp_authoritative) {