1 diff -Nur mod_fastcgi-2.4.6.orig/mod_fastcgi.c mod_fastcgi-2.4.6.apache22/mod_fastcgi.c
2 --- mod_fastcgi-2.4.6.orig/mod_fastcgi.c 2007-12-28 21:00:46.000000000 -0700
3 +++ mod_fastcgi-2.4.6.apache22/mod_fastcgi.c 2007-12-28 21:00:58.000000000 -0700
17 hasContentType = TRUE;
19 - apr_set_content_type(r, value);
20 + ap_set_content_type(r, value);
22 r->content_type = apr_pstrdup(r->pool, value);
24 @@ -2697,10 +2701,15 @@
25 r->status_line = NULL;
29 +static authn_status check_user_authentication(request_rec *r, const char *user, const char *password)
31 +#else /* !APACHE22 */
32 static int check_user_authentication(request_rec *r)
34 - int res, authenticated = 0;
37 + int res, authenticated = 0;
39 const fcgi_dir_config * const dir_config =
40 (const fcgi_dir_config *)ap_get_module_config(r->per_dir_config, &fastcgi_module);
41 @@ -2708,9 +2717,11 @@
42 if (dir_config->authenticator == NULL)
45 - /* Get the user password */
47 + /* Get the user password */
48 if ((res = ap_get_basic_auth_pw(r, &password)) != OK)
50 +#endif /* APACHE22 */
52 res = create_fcgi_request(r, dir_config->authenticator, &fr);
54 @@ -2744,6 +2755,20 @@
55 goto AuthenticationFailed;
60 + return AUTH_GRANTED;
62 +AuthenticationFailed:
63 + /* @@@ Probably should support custom_responses */
64 + ap_note_basic_auth_failure(r);
65 + ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
66 + "FastCGI: authentication failed for user \"%s\": %s",
69 + return (res == OK) ? AUTH_DENIED : AUTH_GRANTED;
71 +#else /* !APACHE22 */
78 return (res == OK) ? HTTP_UNAUTHORIZED : res;
79 +#endif /* !APACHE22 */
82 static int check_user_authorization(request_rec *r)
83 @@ -2955,16 +2981,31 @@
88 +static const authn_provider authn_fastcgi_provider =
90 + &check_user_authentication,
93 +#endif /* APACHE22 */
96 static void register_hooks(apr_pool_t * p)
98 /* ap_hook_pre_config(x_pre_config, NULL, NULL, APR_HOOK_MIDDLE); */
99 ap_hook_post_config(init_module, NULL, NULL, APR_HOOK_MIDDLE);
100 ap_hook_child_init(fcgi_child_init, NULL, NULL, APR_HOOK_MIDDLE);
101 ap_hook_handler(content_handler, NULL, NULL, APR_HOOK_MIDDLE);
102 - ap_hook_check_user_id(check_user_authentication, NULL, NULL, APR_HOOK_MIDDLE);
103 ap_hook_access_checker(check_access, NULL, NULL, APR_HOOK_MIDDLE);
104 ap_hook_auth_checker(check_user_authorization, NULL, NULL, APR_HOOK_MIDDLE);
105 ap_hook_fixups(fixups, NULL, NULL, APR_HOOK_MIDDLE);
107 + ap_register_provider(p, AUTHN_PROVIDER_GROUP, "fastcgi", "0",
108 + &authn_fastcgi_provider);
110 + ap_hook_check_user_id(check_user_authentication, NULL, NULL, APR_HOOK_MIDDLE);
115 module AP_MODULE_DECLARE_DATA fastcgi_module =
116 diff -Nur mod_fastcgi-2.4.6.orig/mod_fastcgi.c.orig mod_fastcgi-2.4.6.apache22/mod_fastcgi.c.orig
117 --- mod_fastcgi-2.4.6.orig/mod_fastcgi.c.orig 2007-11-12 16:00:10.000000000 -0700
118 +++ mod_fastcgi-2.4.6.apache22/mod_fastcgi.c.orig 2007-12-28 21:00:46.000000000 -0700
121 /* Register to reset to default values when the config pool is cleaned */
123 - ap_register_cleanup(p, NULL, fcgi_config_reset_globals, ap_null_cleanup);
124 + apr_pool_cleanup_register(p, NULL, fcgi_config_reset_globals, apr_pool_cleanup_null);
130 if (fcgi_socket_dir == NULL)
131 fcgi_socket_dir = DEFAULT_SOCK_DIR;
132 - fcgi_dynamic_dir = ap_pstrcat(p, fcgi_socket_dir, "dynamic", NULL);
133 + fcgi_dynamic_dir = apr_pstrcat(p, fcgi_socket_dir, "dynamic", NULL);
136 if (fcgi_socket_dir == NULL)
137 @@ -723,11 +723,11 @@
139 if (statusValue < 0) {
140 fr->parseHeader = SCAN_CGI_BAD_HEADER;
141 - return ap_psprintf(r->pool, "invalid Status '%s'", value);
142 + return apr_psprintf(r->pool, "invalid Status '%s'", value);
145 r->status = statusValue;
146 - r->status_line = ap_pstrdup(r->pool, value);
147 + r->status_line = apr_pstrdup(r->pool, value);
153 hasContentType = TRUE;
155 - ap_set_content_type(r, value);
156 + apr_set_content_type(r, value);
158 - r->content_type = ap_pstrdup(r->pool, value);
159 + r->content_type = apr_pstrdup(r->pool, value);
163 @@ -750,16 +750,16 @@
164 goto DuplicateNotAllowed;
167 - ap_table_set(r->headers_out, "Location", value);
168 + apr_table_set(r->headers_out, "Location", value);
172 /* If the script wants them merged, it can do it */
173 - ap_table_add(r->err_headers_out, name, value);
174 + apr_table_add(r->err_headers_out, name, value);
178 - ap_table_add(fr->authHeaders, name, value);
179 + apr_table_add(fr->authHeaders, name, value);
184 * Who responds, this handler or Apache?
187 - const char *location = ap_table_get(r->headers_out, "Location");
188 + const char *location = apr_table_get(r->headers_out, "Location");
190 * Based on internal redirect handling in mod_cgi.c...
192 @@ -840,11 +840,11 @@
193 if ((p = strpbrk(name, "\r\n")) != NULL)
195 fr->parseHeader = SCAN_CGI_BAD_HEADER;
196 - return ap_psprintf(r->pool, "malformed header '%s'", name);
197 + return apr_psprintf(r->pool, "malformed header '%s'", name);
200 fr->parseHeader = SCAN_CGI_BAD_HEADER;
201 - return ap_psprintf(r->pool, "duplicate header '%s'", name);
202 + return apr_psprintf(r->pool, "duplicate header '%s'", name);
206 @@ -1023,9 +1023,9 @@
207 char *end = strchr(r->uri + 2, '/');
210 - *user = memcpy(ap_pcalloc(r->pool, end - r->uri), r->uri + 1, end - r->uri - 1);
211 + *user = memcpy(apr_pcalloc(r->pool, end - r->uri), r->uri + 1, end - r->uri - 1);
213 - *user = ap_pstrdup(r->pool, r->uri + 1);
214 + *user = apr_pstrdup(r->pool, r->uri + 1);
218 @@ -1034,8 +1034,8 @@
220 get_request_identity(r, &uid, &gid);
222 - *user = ap_psprintf(r->pool, "%ld", (long) uid);
223 - *group = ap_psprintf(r->pool, "%ld", (long) gid);
224 + *user = apr_psprintf(r->pool, "%ld", (long) uid);
225 + *group = apr_psprintf(r->pool, "%ld", (long) gid);
229 @@ -1235,7 +1235,7 @@
231 /* xxx this handle should live somewhere (see CloseHandle()s below too) */
232 char * wait_npipe_mutex_name, * cp;
233 - wait_npipe_mutex_name = cp = ap_pstrdup(rp, socket_path);
234 + wait_npipe_mutex_name = cp = apr_pstrdup(rp, socket_path);
235 while ((cp = strchr(cp, '\\'))) *cp = '/';
237 wait_npipe_mutex = CreateMutex(NULL, FALSE, wait_npipe_mutex_name);
238 @@ -2333,7 +2333,7 @@
242 - ap_register_cleanup(rp, (void *)fr, cleanup, ap_null_cleanup);
243 + apr_pool_cleanup_register(rp, (void *)fr, cleanup, apr_pool_cleanup_null);
247 @@ -2437,7 +2437,7 @@
249 pool * const p = r->pool;
251 - fcgi_request * const fr = (fcgi_request *)ap_pcalloc(p, sizeof(fcgi_request));
252 + fcgi_request * const fr = (fcgi_request *)apr_pcalloc(p, sizeof(fcgi_request));
256 @@ -2465,7 +2465,7 @@
260 - my_finfo = (struct stat *) ap_palloc(p, sizeof(struct stat));
261 + my_finfo = (struct stat *) apr_palloc(p, sizeof(struct stat));
263 if (stat(fs_path, my_finfo) < 0)
265 @@ -2494,7 +2494,7 @@
266 fr->erBufPtr = fcgi_buf_new(p, sizeof(FCGI_EndRequestBody) + 1);
267 fr->gotHeader = FALSE;
268 fr->parseHeader = SCAN_CGI_READING_HEADERS;
269 - fr->header = ap_make_array(p, 1, 1);
270 + fr->header = apr_array_make(p, 1, 1);
271 fr->fs_stderr = NULL;
273 fr->readingEndRequestBody = FALSE;
274 @@ -2507,7 +2507,7 @@
275 fr->keepReadingFromFcgiApp = TRUE;
277 fr->fs_path = fs_path;
278 - fr->authHeaders = ap_make_table(p, 10);
279 + fr->authHeaders = apr_table_make(p, 10);
281 fr->fd = INVALID_SOCKET;
282 fr->dynamic = ((fs == NULL) || (fs->directive == APP_CLASS_DYNAMIC)) ? TRUE : FALSE;
283 @@ -2571,7 +2571,7 @@
285 static int apache_is_scriptaliased(request_rec *r)
287 - const char *t = ap_table_get(r->notes, "alias-forced-type");
288 + const char *t = apr_table_get(r->notes, "alias-forced-type");
289 return t && (!strcasecmp(t, "cgi-script"));
292 @@ -2594,9 +2594,9 @@
295 r->method_number = M_GET;
296 - ap_table_unset(r->headers_in, "Content-length");
297 + apr_table_unset(r->headers_in, "Content-length");
299 - ap_internal_redirect_handler(ap_table_get(r->headers_out, "Location"), r);
300 + ap_internal_redirect_handler(apr_table_get(r->headers_out, "Location"), r);
303 case SCAN_CGI_SRV_REDIRECT:
304 @@ -2652,21 +2652,21 @@
305 if (strncasecmp(key, "Variable-", 9) == 0)
308 - ap_table_setn(t, key, val);
309 + apr_table_setn(t, key, val);
313 static int post_process_auth_passed_compat_header(table *t, const char *key, const char * const val)
315 if (strncasecmp(key, "Variable-", 9) == 0)
316 - ap_table_setn(t, key + 9, val);
317 + apr_table_setn(t, key + 9, val);
322 static int post_process_auth_failed_header(table * const t, const char * const key, const char * const val)
324 - ap_table_setn(t, key, val);
325 + apr_table_setn(t, key, val);
329 @@ -2679,16 +2679,16 @@
332 if (fr->auth_compat) {
333 - ap_table_do((int (*)(void *, const char *, const char *))post_process_auth_passed_compat_header,
334 + apr_table_do((int (*)(void *, const char *, const char *))post_process_auth_passed_compat_header,
335 (void *)r->subprocess_env, fr->authHeaders, NULL);
338 - ap_table_do((int (*)(void *, const char *, const char *))post_process_auth_passed_header,
339 + apr_table_do((int (*)(void *, const char *, const char *))post_process_auth_passed_header,
340 (void *)r->subprocess_env, fr->authHeaders, NULL);
344 - ap_table_do((int (*)(void *, const char *, const char *))post_process_auth_failed_header,
345 + apr_table_do((int (*)(void *, const char *, const char *))post_process_auth_failed_header,
346 (void *)r->err_headers_out, fr->authHeaders, NULL);
349 @@ -2719,10 +2719,10 @@
352 /* Save the existing subprocess_env, because we're gonna muddy it up */
353 - fr->saved_subprocess_env = ap_copy_table(r->pool, r->subprocess_env);
354 + fr->saved_subprocess_env = apr_table_copy(r->pool, r->subprocess_env);
356 - ap_table_setn(r->subprocess_env, "REMOTE_PASSWD", password);
357 - ap_table_setn(r->subprocess_env, "FCGI_APACHE_ROLE", "AUTHENTICATOR");
358 + apr_table_setn(r->subprocess_env, "REMOTE_PASSWD", password);
359 + apr_table_setn(r->subprocess_env, "FCGI_APACHE_ROLE", "AUTHENTICATOR");
361 /* The FastCGI Protocol doesn't differentiate authentication */
362 fr->role = FCGI_AUTHORIZER;
363 @@ -2737,7 +2737,7 @@
364 post_process_auth(fr, authenticated);
366 /* A redirect shouldn't be allowed during the authentication phase */
367 - if (ap_table_get(r->headers_out, "Location") != NULL) {
368 + if (apr_table_get(r->headers_out, "Location") != NULL) {
369 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
370 "FastCGI: FastCgiAuthenticator \"%s\" redirected (not allowed)",
371 dir_config->authenticator);
372 @@ -2786,9 +2786,9 @@
375 /* Save the existing subprocess_env, because we're gonna muddy it up */
376 - fr->saved_subprocess_env = ap_copy_table(r->pool, r->subprocess_env);
377 + fr->saved_subprocess_env = apr_table_copy(r->pool, r->subprocess_env);
379 - ap_table_setn(r->subprocess_env, "FCGI_APACHE_ROLE", "AUTHORIZER");
380 + apr_table_setn(r->subprocess_env, "FCGI_APACHE_ROLE", "AUTHORIZER");
382 fr->role = FCGI_AUTHORIZER;
384 @@ -2802,7 +2802,7 @@
385 post_process_auth(fr, authorized);
387 /* A redirect shouldn't be allowed during the authorization phase */
388 - if (ap_table_get(r->headers_out, "Location") != NULL) {
389 + if (apr_table_get(r->headers_out, "Location") != NULL) {
390 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
391 "FastCGI: FastCgiAuthorizer \"%s\" redirected (not allowed)",
392 dir_config->authorizer);
393 @@ -2846,9 +2846,9 @@
396 /* Save the existing subprocess_env, because we're gonna muddy it up */
397 - fr->saved_subprocess_env = ap_copy_table(r->pool, r->subprocess_env);
398 + fr->saved_subprocess_env = apr_table_copy(r->pool, r->subprocess_env);
400 - ap_table_setn(r->subprocess_env, "FCGI_APACHE_ROLE", "ACCESS_CHECKER");
401 + apr_table_setn(r->subprocess_env, "FCGI_APACHE_ROLE", "ACCESS_CHECKER");
403 /* The FastCGI Protocol doesn't differentiate access control */
404 fr->role = FCGI_AUTHORIZER;
405 @@ -2863,7 +2863,7 @@
406 post_process_auth(fr, access_allowed);
408 /* A redirect shouldn't be allowed during the access check phase */
409 - if (ap_table_get(r->headers_out, "Location") != NULL) {
410 + if (apr_table_get(r->headers_out, "Location") != NULL) {
411 ap_log_rerror(FCGI_LOG_ERR_NOERRNO, r,
412 "FastCGI: FastCgiAccessChecker \"%s\" redirected (not allowed)",
413 dir_config->access_checker);