[mod_auth] inline arrays in http_auth_require_t
also, keep ptr to const buffer *realm rather than copypersonal/stbuehler/ci-build
parent
c193da3404
commit
a03afc9043
|
|
@ -113,22 +113,14 @@ http_auth_require_t * http_auth_require_init (void)
|
|||
{
|
||||
http_auth_require_t *require = calloc(1, sizeof(http_auth_require_t));
|
||||
force_assert(NULL != require);
|
||||
|
||||
require->realm = buffer_init();
|
||||
require->valid_user = 0;
|
||||
require->user = array_init();
|
||||
require->group = array_init();
|
||||
require->host = array_init();
|
||||
|
||||
return require;
|
||||
}
|
||||
|
||||
void http_auth_require_free (http_auth_require_t * const require)
|
||||
{
|
||||
buffer_free(require->realm);
|
||||
array_free(require->user);
|
||||
array_free(require->group);
|
||||
array_free(require->host);
|
||||
array_free_data(&require->user);
|
||||
array_free_data(&require->group);
|
||||
array_free_data(&require->host);
|
||||
free(require);
|
||||
}
|
||||
|
||||
|
|
@ -149,17 +141,17 @@ int http_auth_match_rules (const http_auth_require_t * const require, const char
|
|||
{
|
||||
if (NULL != user
|
||||
&& (require->valid_user
|
||||
|| http_auth_array_contains(require->user, user, strlen(user)))) {
|
||||
|| http_auth_array_contains(&require->user, user, strlen(user)))) {
|
||||
return 1; /* match */
|
||||
}
|
||||
|
||||
if (NULL != group
|
||||
&& http_auth_array_contains(require->group, group, strlen(group))) {
|
||||
&& http_auth_array_contains(&require->group, group, strlen(group))) {
|
||||
return 1; /* match */
|
||||
}
|
||||
|
||||
if (NULL != host
|
||||
&& http_auth_array_contains(require->host, host, strlen(host))) {
|
||||
&& http_auth_array_contains(&require->host, host, strlen(host))) {
|
||||
return 1; /* match */
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -28,12 +28,12 @@ struct http_auth_backend_t;
|
|||
|
||||
typedef struct http_auth_require_t {
|
||||
const struct http_auth_scheme_t *scheme;
|
||||
buffer *realm;
|
||||
const buffer *realm;
|
||||
int valid_user;
|
||||
int algorithm;
|
||||
array *user;
|
||||
array *group;
|
||||
array *host;
|
||||
array user;
|
||||
array group;
|
||||
array host;
|
||||
} http_auth_require_t;
|
||||
|
||||
http_auth_require_t * http_auth_require_init (void);
|
||||
|
|
|
|||
|
|
@ -206,12 +206,12 @@ static int mod_auth_require_parse (server *srv, http_auth_require_t * const requ
|
|||
case 4:
|
||||
if (0 == memcmp(str, CONST_STR_LEN("user"))) {
|
||||
/*("user=" is 5)*/
|
||||
array_set_key_value(require->user, str+5, len-5, CONST_STR_LEN(""));
|
||||
array_set_key_value(&require->user, str+5, len-5, CONST_STR_LEN(""));
|
||||
continue;
|
||||
}
|
||||
else if (0 == memcmp(str, CONST_STR_LEN("host"))) {
|
||||
/*("host=" is 5)*/
|
||||
array_set_key_value(require->host, str+5, len-5, CONST_STR_LEN(""));
|
||||
array_set_key_value(&require->host, str+5, len-5, CONST_STR_LEN(""));
|
||||
log_error_write(srv, __FILE__, __LINE__, "ssb",
|
||||
"warning parsing auth.require 'require' field: 'host' not implemented;",
|
||||
"field value:", b);
|
||||
|
|
@ -221,7 +221,7 @@ static int mod_auth_require_parse (server *srv, http_auth_require_t * const requ
|
|||
case 5:
|
||||
if (0 == memcmp(str, CONST_STR_LEN("group"))) {
|
||||
/*("group=" is 6)*/
|
||||
array_set_key_value(require->group, str+6, len-6, CONST_STR_LEN(""));
|
||||
array_set_key_value(&require->group, str+6, len-6, CONST_STR_LEN(""));
|
||||
#if 0/*(supported by mod_authn_ldap, but not all other backends)*/
|
||||
log_error_write(srv, __FILE__, __LINE__, "ssb",
|
||||
"warning parsing auth.require 'require' field: 'group' not implemented;",
|
||||
|
|
@ -346,7 +346,7 @@ static handler_t mod_auth_require_parse_array(server *srv, const array *value, a
|
|||
buffer_copy_buffer(&dauth->key, &da_file->key);
|
||||
dauth->require->scheme = auth_scheme;
|
||||
dauth->require->algorithm = algorithm;
|
||||
buffer_copy_buffer(dauth->require->realm, realm);
|
||||
dauth->require->realm = realm;
|
||||
if (!mod_auth_require_parse(srv, dauth->require, require)) {
|
||||
dauth->fn->free((data_unset *)dauth);
|
||||
return HANDLER_ERROR;
|
||||
|
|
@ -528,7 +528,7 @@ static handler_t mod_auth_send_400_bad_request(server *srv, connection *con) {
|
|||
return HANDLER_FINISHED;
|
||||
}
|
||||
|
||||
static handler_t mod_auth_send_401_unauthorized_basic(server *srv, connection *con, buffer *realm) {
|
||||
static handler_t mod_auth_send_401_unauthorized_basic(server *srv, connection *con, const buffer *realm) {
|
||||
con->http_status = 401;
|
||||
con->mode = DIRECT;
|
||||
|
||||
|
|
|
|||
|
|
@ -630,7 +630,7 @@ static char * mod_authn_ldap_get_dn(server *srv, plugin_config_ldap *s, const ch
|
|||
}
|
||||
|
||||
static handler_t mod_authn_ldap_memberOf(server *srv, plugin_config *s, const http_auth_require_t *require, const buffer *username, const char *userdn) {
|
||||
array *groups = require->group;
|
||||
const array *groups = &require->group;
|
||||
buffer *filter = buffer_init();
|
||||
handler_t rc = HANDLER_ERROR;
|
||||
|
||||
|
|
@ -752,7 +752,7 @@ static handler_t mod_authn_ldap_basic(server *srv, connection *con, void *p_d, c
|
|||
if (http_auth_match_rules(require, username->ptr, NULL, NULL)) {
|
||||
rc = HANDLER_GO_ON; /* access granted */
|
||||
}
|
||||
else if (require->group->used) {
|
||||
else if (require->group.used) {
|
||||
/*(must not re-use ldap_filter, since it might be used for dn)*/
|
||||
rc = mod_authn_ldap_memberOf(srv,&p->conf,require,username,dn);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue