diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2020-01-12 21:51:12 -0500 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2020-07-08 19:54:29 -0400 |
commit | 7c7f8c467c8b6af678faf10078d7a59c3856045a (patch) | |
tree | 491b6c04ef37043a51e230825aab4deb0a347c47 /src/mod_authn_pam.c | |
parent | cc2134c88badd541cfe1954c80e371db5f28ede3 (diff) | |
download | lighttpd-git-7c7f8c467c8b6af678faf10078d7a59c3856045a.tar.gz |
[multiple] split con, request (very large change)
NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access)
NB: request read and write chunkqueues currently point to connection
chunkqueues; per-request and per-connection chunkqueues are
not distinct from one another
con->read_queue == r->read_queue
con->write_queue == r->write_queue
NB: in the future, a separate connection config may be needed for
connection-level module hooks. Similarly, might need to have
per-request chunkqueues separate from per-connection chunkqueues.
Should probably also have a request_reset() which is distinct from
connection_reset().
Diffstat (limited to 'src/mod_authn_pam.c')
-rw-r--r-- | src/mod_authn_pam.c | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/src/mod_authn_pam.c b/src/mod_authn_pam.c index 317e7ff6..23594525 100644 --- a/src/mod_authn_pam.c +++ b/src/mod_authn_pam.c @@ -31,7 +31,7 @@ typedef struct { plugin_config conf; } plugin_data; -static handler_t mod_authn_pam_basic(connection *con, void *p_d, const http_auth_require_t *require, const buffer *username, const char *pw); +static handler_t mod_authn_pam_basic(request_st *r, void *p_d, const http_auth_require_t *require, const buffer *username, const char *pw); INIT_FUNC(mod_authn_pam_init) { static http_auth_backend_t http_auth_backend_pam = @@ -62,11 +62,11 @@ static void mod_authn_pam_merge_config(plugin_config * const pconf, const config } while ((++cpv)->k_id != -1); } -static void mod_authn_pam_patch_config(connection * const con, plugin_data * const p) { +static void mod_authn_pam_patch_config(request_st * const r, plugin_data * const p) { p->conf = p->defaults; /* copy small struct instead of memcpy() */ /*memcpy(&p->conf, &p->defaults, sizeof(plugin_config));*/ for (int i = 1, used = p->nconfig; i < used; ++i) { - if (config_check_cond(con, (uint32_t)p->cvlist[i].k_id)) + if (config_check_cond(r, (uint32_t)p->cvlist[i].k_id)) mod_authn_pam_merge_config(&p->conf, p->cvlist + p->cvlist[i].v.u2[0]); } @@ -132,7 +132,7 @@ static int mod_authn_pam_fn_conv(int num_msg, const struct pam_message **msg, st return PAM_SUCCESS; } -static handler_t mod_authn_pam_query(connection *con, void *p_d, const buffer *username, const char *realm, const char *pw) { +static handler_t mod_authn_pam_query(request_st * const r, void *p_d, const buffer * const username, const char * const realm, const char * const pw) { plugin_data *p = (plugin_data *)p_d; pam_handle_t *pamh = NULL; struct pam_conv conv = { mod_authn_pam_fn_conv, NULL }; @@ -141,22 +141,23 @@ static handler_t mod_authn_pam_query(connection *con, void *p_d, const buffer *u UNUSED(realm); *(const char **)&conv.appdata_ptr = pw; /*(cast away const)*/ - mod_authn_pam_patch_config(con, p); + mod_authn_pam_patch_config(r, p); + const char * const addrstr = r->con->dst_addr_buf->ptr; rc = pam_start(p->conf.service, username->ptr, &conv, &pamh); if (PAM_SUCCESS != rc - || PAM_SUCCESS !=(rc = pam_set_item(pamh,PAM_RHOST,con->dst_addr_buf->ptr)) + || PAM_SUCCESS !=(rc = pam_set_item(pamh, PAM_RHOST, addrstr)) || PAM_SUCCESS !=(rc = pam_authenticate(pamh, flags)) || PAM_SUCCESS !=(rc = pam_acct_mgmt(pamh, flags))) - log_error(con->conf.errh, __FILE__, __LINE__, + log_error(r->conf.errh, __FILE__, __LINE__, "pam: %s", pam_strerror(pamh, rc)); pam_end(pamh, rc); return (PAM_SUCCESS == rc) ? HANDLER_GO_ON : HANDLER_ERROR; } -static handler_t mod_authn_pam_basic(connection *con, void *p_d, const http_auth_require_t *require, const buffer *username, const char *pw) { +static handler_t mod_authn_pam_basic(request_st * const r, void *p_d, const http_auth_require_t * const require, const buffer * const username, const char * const pw) { char *realm = require->realm->ptr; - handler_t rc = mod_authn_pam_query(con, p_d, username, realm, pw); + handler_t rc = mod_authn_pam_query(r, p_d, username, realm, pw); if (HANDLER_GO_ON != rc) return rc; return http_auth_match_rules(require, username->ptr, NULL, NULL) ? HANDLER_GO_ON /* access granted */ |