Source Jam - httpd-2.2.8

00001 /* Licensed to the Apache Software Foundation (ASF) under one or more
00002  * contributor license agreements.  See the NOTICE file distributed with
00003  * this work for additional information regarding copyright ownership.
00004  * The ASF licenses this file to You under the Apache License, Version 2.0
00005  * (the "License"); you may not use this file except in compliance with
00006  * the License.  You may obtain a copy of the License at
00007  *
00008  *     http://www.apache.org/licenses/LICENSE-2.0
00009  *
00010  * Unless required by applicable law or agreed to in writing, software
00011  * distributed under the License is distributed on an "AS IS" BASIS,
00012  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00013  * See the License for the specific language governing permissions and
00014  * limitations under the License.
00015  */
00016 
00017 /*
00018  * Adapted to allow anonymous logins, just like with Anon-FTP, when
00019  * one gives the magic user name 'anonymous' and ones email address
00020  * as the password.
00021  *
00022  * Just add the following tokes to your <directory> setup:
00023  *
00024  * Anonymous                    magic-userid [magic-userid]...
00025  *
00026  * Anonymous_MustGiveEmail      [ on | off ] default = on
00027  * Anonymous_LogEmail           [ on | off ] default = on
00028  * Anonymous_VerifyEmail        [ on | off ] default = off
00029  * Anonymous_NoUserId           [ on | off ] default = off
00030  *
00031  * The magic user id is something like 'anonymous', it is NOT case sensitive.
00032  *
00033  * The MustGiveEmail flag can be used to force users to enter something
00034  * in the password field (like an email address). Default is on.
00035  *
00036  * Furthermore the 'NoUserID' flag can be set to allow completely empty
00037  * usernames in as well; this can be is convenient as a single return
00038  * in broken GUIs like W95 is often given by the user. The Default is off.
00039  *
00040  * Dirk.vanGulik@jrc.it; http://ewse.ceo.org; http://me-www.jrc.it/~dirkx
00041  *
00042  */
00043 
00044 #include "apr_strings.h"
00045 
00046 #define APR_WANT_STRFUNC
00047 #include "apr_want.h"
00048 
00049 #include "ap_provider.h"
00050 #include "httpd.h"
00051 #include "http_config.h"
00052 #include "http_core.h"
00053 #include "http_log.h"
00054 #include "http_request.h"
00055 #include "http_protocol.h"
00056 
00057 #include "mod_auth.h"
00058 
00059 typedef struct anon_auth_user {
00060     char *user;
00061     struct anon_auth_user *next;
00062 } anon_auth_user;
00063 
00064 typedef struct {
00065     anon_auth_user *users;
00066     int nouserid;
00067     int logemail;
00068     int verifyemail;
00069     int mustemail;
00070     int anyuserid;
00071 } authn_anon_config_rec;
00072 
00073 static void *create_authn_anon_dir_config(apr_pool_t *p, char *d)
00074 {
00075     authn_anon_config_rec *conf = apr_palloc(p, sizeof(*conf));
00076 
00077     /* just to illustrate the defaults really. */
00078     conf->users = NULL;
00079 
00080     conf->nouserid = 0;
00081     conf->anyuserid = 0;
00082     conf->logemail = 1;
00083     conf->verifyemail = 0;
00084     conf->mustemail = 1;
00085     return conf;
00086 }
00087 
00088 static const char *anon_set_string_slots(cmd_parms *cmd,
00089                                          void *my_config, const char *arg)
00090 {
00091     authn_anon_config_rec *conf = my_config;
00092     anon_auth_user *first;
00093 
00094     if (!*arg) {
00095         return "Anonymous string cannot be empty, use Anonymous_NoUserId";
00096     }
00097 
00098     /* squeeze in a record */
00099     if (!conf->anyuserid) {
00100         if (!strcmp(arg, "*")) {
00101             conf->anyuserid = 1;
00102         }
00103         else {
00104             first = conf->users;
00105             conf->users = apr_palloc(cmd->pool, sizeof(*conf->users));
00106             conf->users->user = apr_pstrdup(cmd->pool, arg);
00107             conf->users->next = first;
00108         }
00109     }
00110 
00111     return NULL;
00112 }
00113 
00114 static const command_rec authn_anon_cmds[] =
00115 {
00116     AP_INIT_ITERATE("Anonymous", anon_set_string_slots, NULL, OR_AUTHCFG,
00117      "a space-separated list of user IDs"),
00118     AP_INIT_FLAG("Anonymous_MustGiveEmail", ap_set_flag_slot,
00119      (void *)APR_OFFSETOF(authn_anon_config_rec, mustemail),
00120      OR_AUTHCFG, "Limited to 'on' or 'off'"),
00121     AP_INIT_FLAG("Anonymous_NoUserId", ap_set_flag_slot,
00122      (void *)APR_OFFSETOF(authn_anon_config_rec, nouserid),
00123      OR_AUTHCFG, "Limited to 'on' or 'off'"),
00124     AP_INIT_FLAG("Anonymous_VerifyEmail", ap_set_flag_slot,
00125      (void *)APR_OFFSETOF(authn_anon_config_rec, verifyemail),
00126      OR_AUTHCFG, "Limited to 'on' or 'off'"),
00127     AP_INIT_FLAG("Anonymous_LogEmail", ap_set_flag_slot,
00128      (void *)APR_OFFSETOF(authn_anon_config_rec, logemail),
00129      OR_AUTHCFG, "Limited to 'on' or 'off'"),
00130     {NULL}
00131 };
00132 
00133 module AP_MODULE_DECLARE_DATA authn_anon_module;
00134 
00135 static authn_status check_anonymous(request_rec *r, const char *user,
00136                                     const char *sent_pw)
00137 {
00138     authn_anon_config_rec *conf = ap_get_module_config(r->per_dir_config,
00139                                                       &authn_anon_module);
00140     authn_status res = AUTH_USER_NOT_FOUND;
00141 
00142     /* Ignore if we are not configured */
00143     if (!conf->users && !conf->anyuserid) {
00144         return AUTH_USER_NOT_FOUND;
00145     }
00146 
00147     /* Do we allow an empty userID and/or is it the magic one
00148      */
00149     if (!*user) {
00150         if (conf->nouserid) {
00151             res = AUTH_USER_FOUND;
00152         }
00153     }
00154     else if (conf->anyuserid) {
00155         res = AUTH_USER_FOUND;
00156     }
00157     else {
00158         anon_auth_user *p = conf->users;
00159 
00160         while (p) {
00161             if (!strcasecmp(user, p->user)) {
00162                 res = AUTH_USER_FOUND;
00163                 break;
00164             }
00165             p = p->next;
00166         }
00167     }
00168 
00169     /* Now if the supplied user-ID was ok, grant access if:
00170      * (a) no passwd was sent and no password and no verification
00171      *     were configured.
00172      * (b) password was sent and no verification was configured
00173      * (c) verification was configured and the password (sent or not)
00174      *     looks like an email address
00175      */
00176     if (   (res == AUTH_USER_FOUND)
00177         && (!conf->mustemail || *sent_pw)
00178         && (   !conf->verifyemail
00179             || (ap_strchr_c(sent_pw, '@') && ap_strchr_c(sent_pw, '.'))))
00180     {
00181         if (conf->logemail && ap_is_initial_req(r)) {
00182             ap_log_rerror(APLOG_MARK, APLOG_INFO, APR_SUCCESS, r,
00183                           "Anonymous: Passwd <%s> Accepted",
00184                           sent_pw ? sent_pw : "\'none\'");
00185         }
00186 
00187         return AUTH_GRANTED;
00188     }
00189 
00190     return (res == AUTH_USER_NOT_FOUND ? res : AUTH_DENIED);
00191 }
00192 
00193 static const authn_provider authn_anon_provider =
00194 {
00195     &check_anonymous,
00196     NULL
00197 };
00198 
00199 static void register_hooks(apr_pool_t *p)
00200 {
00201     ap_register_provider(p, AUTHN_PROVIDER_GROUP, "anon", "0",
00202                          &authn_anon_provider);
00203 }
00204 
00205 module AP_MODULE_DECLARE_DATA authn_anon_module =
00206 {
00207     STANDARD20_MODULE_STUFF,
00208     create_authn_anon_dir_config, /* dir config creater */
00209     NULL,                         /* dir merger ensure strictness */
00210     NULL,                         /* server config */
00211     NULL,                         /* merge server config */
00212     authn_anon_cmds,              /* command apr_table_t */
00213     register_hooks                /* register hooks */
00214 };
mod_authn_anon.c
