+++ /dev/null
---- mod_auth_yp.c Sun Nov 23 00:26:37 2003
-+++ mod_auth_yp.c.sz Sun Nov 23 00:24:18 2003
-@@ -34,6 +34,7 @@
- typedef struct auth_yp_config_struct {
- char *auth_yp_domain;
- char *auth_yp_pwtable;
-+ char *auth_yp_shtable;
- char *auth_yp_grptable;
- int auth_yp_authoritative;
- int auth_yp;
-@@ -45,9 +46,10 @@
- (auth_yp_config_rec *) ap_pcalloc(p, sizeof(auth_yp_config_rec));
- sec->auth_yp_domain = NULL;
- sec->auth_yp_pwtable = NULL; /* just to illustrate the default really */
-+ sec->auth_yp_shtable = NULL;
- sec->auth_yp_grptable = NULL; /* unless you have a broken HP cc */
- sec->auth_yp_authoritative = 1; /* keep the fortress secure by default */
-- sec->auth_yp = NULL;
-+ sec->auth_yp = 0;
- return sec;
- }
-
-@@ -64,7 +66,10 @@
- "NIS domain name"},
- {"AuthYPUserTable", set_auth_yp_slot,
- (void *) XtOffsetOf(auth_yp_config_rec, auth_yp_pwtable), OR_AUTHCFG, TAKE1,
-- "NIS table containing user IDs and passwords"},
-+ "NIS table containing user IDs, user groups and passwords"},
-+ {"AuthYPShadowTable", set_auth_yp_slot,
-+ (void *) XtOffsetOf(auth_yp_config_rec, auth_yp_shtable), OR_AUTHCFG, TAKE1,
-+ "NIS table containing usernames and passwords"},
- {"AuthYPGroupTable", set_auth_yp_slot,
- (void *) XtOffsetOf(auth_yp_config_rec, auth_yp_grptable), OR_AUTHCFG, TAKE1,
- "NIS table containing group names and member user IDs"},
-@@ -99,29 +104,41 @@
- }
- }
-
--static char *user_in_yp_group(request_rec *r, const char *group_to_check, char *auth_yp_grptable, char *auth_yp_domain)
-+static char *user_in_yp_group(request_rec *r, const char *group_to_check, char *auth_yp_pwtable, char *auth_yp_grptable, char *auth_yp_domain)
- {
- char *user=r->connection->user;
--char *domainname, *value, *groups;
--char groupline[MAX_STRING_LEN], uname[MAX_STRING_LEN];
-+char *domainname, *value, *groups, *usergroup;
-+char groupline[MAX_STRING_LEN], userline[MAX_STRING_LEN], uname[MAX_STRING_LEN];
- int err, valuelen, unameidx, colons;
-+int gid, ugid;
-+char *gididx, *ugididx;
-
- domainname=get_yp_domain(r, auth_yp_domain);
- if(!domainname) return NULL;
-
- if(!auth_yp_grptable) auth_yp_grptable="group.byname";
-+if(!auth_yp_pwtable) auth_yp_pwtable="passwd.byname";
-
- err=yp_match(domainname, auth_yp_grptable, group_to_check, strlen(group_to_check), &value, &valuelen);
--if(err != 0)
-- {
-+if(err != 0) {
- ap_log_rerror(APLOG_MARK, APLOG_ERR, r, "%s", yperr_string(err) );
- return NULL;
-- }
-+}
-
- strncpy(groupline, value, valuelen);
- groupline[valuelen]=(char)NULL;
--for(colons=3, groups=groupline; colons; groups++)
-- if(*groups == ':') colons--;
-+
-+for(colons=2, groups=groupline; colons; groups++)
-+ if(*groups == ':') colons--;
-+
-+gididx = groups;
-+while(isdigit((int)*groups)) {
-+ groups++;
-+}
-+*groups = (char)NULL;
-+gid = atoi(gididx);
-+
-+groups++;
-
- while(isprint((int)*groups))
- {
-@@ -137,10 +154,36 @@
- if(!strcmp(user, uname))
- {
- /* printf("Found %s\n", argv[2]); */
-- return group_to_check;
-+ return (char *)group_to_check;
- }
- }
- /* printf("Unable to find %s\n", argv[2]); */
-+// return NULL;
-+// jeĀ¶li nie ma w group.byname
-+
-+err=yp_match(domainname, auth_yp_pwtable, user, strlen(user), &value, &valuelen);
-+if(err != 0)
-+ {
-+ ap_log_rerror(APLOG_MARK, APLOG_ERR, r, "%s", yperr_string(err) );
-+ return NULL;
-+ }
-+strncpy(userline, value, valuelen);
-+userline[valuelen]=(char)NULL;
-+
-+for(colons=3, usergroup=userline; colons; usergroup++)
-+ if(*usergroup == ':') colons--;
-+
-+ugididx = usergroup;
-+
-+while(isdigit((int)*usergroup)) {
-+ usergroup++;
-+}
-+*usergroup = (char)NULL;
-+ugid = atoi(ugididx);
-+
-+if (ugid == gid) {
-+ return (char*) group_to_check;
-+}
- return NULL;
- }
-
-@@ -202,7 +245,7 @@
- /* If YP is not enabled - IanP */
- if(!sec->auth_yp) return DECLINED;
-
-- if (!(real_pw = get_pw(r, c->user, sec->auth_yp_pwtable, sec->auth_yp_domain))) {
-+ if (!(real_pw = get_pw(r, c->user, (sec->auth_yp_shtable ? sec->auth_yp_shtable : sec->auth_yp_pwtable) , sec->auth_yp_domain))) {
- if (!(sec->auth_yp_authoritative))
- return DECLINED;
- ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
-@@ -271,7 +314,7 @@
- while (t[0]) {
- w = ap_getword_conf(r->pool, &t); /* w=group name - IanP */
- /* New Function - IanP */
-- if(user_in_yp_group(r, w, sec->auth_yp_grptable, sec->auth_yp_domain))
-+ if(user_in_yp_group(r, w, sec->auth_yp_pwtable, sec->auth_yp_grptable, sec->auth_yp_domain))
- return OK;
- }
- } else if (sec->auth_yp_authoritative) {