the first (colon.diff) reintroduces a feature, that got lost somehow at the
auth rewrite: the possibility to add groups and/or other data behind the
password after a colon.
the second patch (dbmdigest.diff) uses the advantages of the auth rewrite
and adds support for digest authentication to the authn_dbm module. The
hash key is "$user:$realm" (perl speaking), the value is the hash,
optionally followed by a colon and other garbage, if you want.
Currently there's no official tool to create such databases. So for now
I've used a little perlscript, more or less stolen from the mod_rewrite
docs, to convert a htdigest-created flatfile to sdbm (df2dd.pl)
Sorry for harassing you so often... ;-)
nd
--
If God intended people to be naked, they would be born that way.
-- Oscar Wilde
Index: modules/aaa/mod_authn_dbm.c
===================================================================
RCS file: /home/cvspublic/httpd-2.0/modules/aaa/mod_authn_dbm.c,v
retrieving revision 1.8
diff -u -r1.8 mod_authn_dbm.c
--- modules/aaa/mod_authn_dbm.c 30 Nov 2002 18:48:41 -0000 1.8
+++ modules/aaa/mod_authn_dbm.c 9 Dec 2002 20:46:50 -0000
@@ -156,6 +156,7 @@
apr_datum_t dbm_pw;
apr_status_t rv;
char *dbm_password = NULL;
+ char *colon_pw;
rv = fetch_dbm(conf->dbmtype, conf->pwfile, user, &dbm_pw, r->pool);
@@ -172,6 +173,11 @@
if (!dbm_password) {
return AUTH_USER_NOT_FOUND;
+ }
+
+ colon_pw = strchr(dbm_password, ':');
+ if (colon_pw) {
+ *colon_pw = '\0';
}
rv = apr_password_validate(password, dbm_password);
Index: modules/aaa/mod_authn_dbm.c
===================================================================
RCS file: /home/cvspublic/httpd-2.0/modules/aaa/mod_authn_dbm.c,v
retrieving revision 1.8
diff -u -r1.8 mod_authn_dbm.c
--- modules/aaa/mod_authn_dbm.c 30 Nov 2002 18:48:41 -0000 1.8
+++ modules/aaa/mod_authn_dbm.c 9 Dec 2002 20:54:21 -0000
@@ -189,10 +195,49 @@
return AUTH_GRANTED;
}
+static authn_status get_dbm_realm_hash(request_rec *r, const char *user,
+ const char *realm, char **rethash)
+{
+ authn_dbm_config_rec *conf = ap_get_module_config(r->per_dir_config,
+ &authn_dbm_module);
+ apr_datum_t dbm_hd;
+ apr_status_t rv;
+ char *dbm_hash = NULL;
+ char *colon_hash;
+
+ rv = fetch_dbm(conf->dbmtype, conf->pwfile,
+ apr_pstrcat(r->pool, user, ":", realm, NULL),
+ &dbm_hd, r->pool);
+
+ if (rv != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+ "Could not open dbm (type %s) hash file: %s",
+ conf->dbmtype, conf->pwfile);
+ return AUTH_GENERAL_ERROR;
+ }
+
+ if (dbm_hd.dptr) {
+ dbm_hash = apr_pstrmemdup(r->pool, dbm_hd.dptr, dbm_hd.dsize);
+ }
+
+ if (!dbm_hash) {
+ return AUTH_USER_NOT_FOUND;
+ }
+
+ colon_hash = strchr(dbm_hash, ':');
+ if (colon_hash) {
+ *colon_hash = '\0';
+ }
+
+ *rethash = dbm_hash;
+
+ return AUTH_USER_FOUND;
+}
+
static const authn_provider authn_dbm_provider =
{
&check_dbm_pw,
- NULL, /* No realm support yet. */
+ &get_dbm_realm_hash
};
static void register_hooks(apr_pool_t *p)
#!/path/to/bin/perl
##
## df2dd.pl -- convert txt digest file to dbm format
##
use SDBM_File;
use Fcntl;
my ($txtmap, $dbmmap) = @ARGV;
use vars '%DB';
open(TXT, "<$txtmap") or die "Couldn't open $txtmap!\n";
tie (%DB, 'SDBM_File', $dbmmap,O_RDWR|O_TRUNC|O_CREAT, 0644)
or die "Couldn't create $dbmmap!\n";
while (<TXT>) {
next if (/^\s*#/ or /^\s*$/);
s/^\s+//; s/\s+\z//;
my ($user, $realm, $hash) = split /:/;
$DB{"$user:$realm"} = $hash
if (defined $user and defined $realm and defined $hash);
}
untie %DB;
close(TXT);
__END__
