www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

Implement the exported function from mod_ldap(util_ldap) as optional functions so that we can eliminate the load ordering of mod_ldap and mod_authnz_ldap.

Browse Source 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@159619 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Bradley Nicholes
2005-03-31 18:44:16 +00:00
parent aad2e44aae
commit 38e8b5da89
4 changed files with 83 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
include/util_ldap.h
View File

@@ -41,6 +41,7 @@
#include "http_log.h"
#include "http_protocol.h"
#include "http_request.h"
#include "apr_optional.h"
/* Create a set of LDAP_DECLARE macros with appropriate export
* and import tags for the platform
@@ -146,8 +147,8 @@ typedef struct util_ldap_state_t {
* @deffunc int util_ldap_connection_open(request_rec *r,
* util_ldap_connection_t *ldc)
*/
LDAP_DECLARE(int) util_ldap_connection_open(request_rec *r,
util_ldap_connection_t *ldc);
APR_DECLARE_OPTIONAL_FN(int,uldap_connection_open,(request_rec *r,
util_ldap_connection_t *ldc));
/**
* Close a connection to an LDAP server
@@ -158,7 +159,7 @@ LDAP_DECLARE(int) util_ldap_connection_open(request_rec *r,
* structure, using apr_ldap_open_connection().
* @deffunc util_ldap_close_connection(util_ldap_connection_t *ldc)
*/
LDAP_DECLARE(void) util_ldap_connection_close(util_ldap_connection_t *ldc);
APR_DECLARE_OPTIONAL_FN(void,uldap_connection_close,(util_ldap_connection_t *ldc));
/**
* Unbind a connection to an LDAP server
@@ -169,7 +170,7 @@ LDAP_DECLARE(void) util_ldap_connection_close(util_ldap_connection_t *ldc);
* connection back to a known state.
* @deffunc apr_status_t util_ldap_connection_unbind(util_ldap_connection_t *ldc)
*/
LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_unbind(void *param);
APR_DECLARE_OPTIONAL_FN(apr_status_t,uldap_connection_unbind,(void *param));
/**
* Cleanup a connection to an LDAP server
@@ -179,7 +180,7 @@ LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_unbind(void *param);
* LDAP connections when the server is finished with them.
* @deffunc apr_status_t util_ldap_connection_cleanup(util_ldap_connection_t *ldc)
*/
LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_cleanup(void *param);
APR_DECLARE_OPTIONAL_FN(apr_status_t,uldap_connection_cleanup,(void *param));
/**
* Find a connection in a list of connections
@@ -198,10 +199,9 @@ LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_cleanup(void *param);
* const char *binddn, const char *bindpw, deref_options deref,
* int netscapessl, int starttls)
*/
LDAP_DECLARE(util_ldap_connection_t *) util_ldap_connection_find(request_rec *r, const char *host, int port,
APR_DECLARE_OPTIONAL_FN(util_ldap_connection_t *,uldap_connection_find,(request_rec *r, const char *host, int port,
const char *binddn, const char *bindpw, deref_options deref,
int secure);
int secure));
/**
* Compare two DNs for sameness
@@ -221,9 +221,9 @@ LDAP_DECLARE(util_ldap_connection_t *) util_ldap_connection_find(request_rec *r,
* const char *url, const char *dn, const char *reqdn,
* int compare_dn_on_server)
*/
LDAP_DECLARE(int) util_ldap_cache_comparedn(request_rec *r, util_ldap_connection_t *ldc,
APR_DECLARE_OPTIONAL_FN(int,uldap_cache_comparedn,(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *dn, const char *reqdn,
int compare_dn_on_server);
int compare_dn_on_server));
/**
* A generic LDAP compare function
@@ -238,8 +238,8 @@ LDAP_DECLARE(int) util_ldap_cache_comparedn(request_rec *r, util_ldap_connection
* @deffunc int util_ldap_cache_compare(request_rec *r, util_ldap_connection_t *ldc,
* const char *url, const char *dn, const char *attrib, const char *value)
*/
LDAP_DECLARE(int) util_ldap_cache_compare(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *dn, const char *attrib, const char *value);
APR_DECLARE_OPTIONAL_FN(int,uldap_cache_compare,(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *dn, const char *attrib, const char *value));
/**
* Checks a username/password combination by binding to the LDAP server
@@ -260,9 +260,9 @@ LDAP_DECLARE(int) util_ldap_cache_compare(request_rec *r, util_ldap_connection_t
* char *url, const char *basedn, int scope, char **attrs,
* char *filter, char *bindpw, char **binddn, char ***retvals)
*/
LDAP_DECLARE(int) util_ldap_cache_checkuserid(request_rec *r, util_ldap_connection_t *ldc,
APR_DECLARE_OPTIONAL_FN(int,uldap_cache_checkuserid,(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *basedn, int scope, char **attrs,
const char *filter, const char *bindpw, const char **binddn, const char ***retvals);
const char *filter, const char *bindpw, const char **binddn, const char ***retvals));
/**
* Searches for a specified user object in an LDAP directory
@@ -282,15 +282,15 @@ LDAP_DECLARE(int) util_ldap_cache_checkuserid(request_rec *r, util_ldap_connecti
* char *url, const char *basedn, int scope, char **attrs,
* char *filter, char **binddn, char ***retvals)
*/
LDAP_DECLARE(int) util_ldap_cache_getuserdn(request_rec *r, util_ldap_connection_t *ldc,
APR_DECLARE_OPTIONAL_FN(int,uldap_cache_getuserdn,(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *basedn, int scope, char **attrs,
const char *filter, const char **binddn, const char ***retvals);
const char *filter, const char **binddn, const char ***retvals));
/**
* Checks if SSL support is available in mod_ldap
* @deffunc int util_ldap_ssl_supported(request_rec *r)
*/
LDAP_DECLARE(int) util_ldap_ssl_supported(request_rec *r);
APR_DECLARE_OPTIONAL_FN(int,uldap_ssl_supported,(request_rec *r));
/* from apr_ldap_cache.c */

20
modules/aaa/mod_authnz_ldap.c
View File

@@ -89,6 +89,14 @@ struct mod_auth_ldap_groupattr_entry_t {
module AP_MODULE_DECLARE_DATA authnz_ldap_module;
static APR_OPTIONAL_FN_TYPE(uldap_connection_close) *util_ldap_connection_close;
static APR_OPTIONAL_FN_TYPE(uldap_connection_find) *util_ldap_connection_find;
static APR_OPTIONAL_FN_TYPE(uldap_cache_comparedn) *util_ldap_cache_comparedn;
static APR_OPTIONAL_FN_TYPE(uldap_cache_compare) *util_ldap_cache_compare;
static APR_OPTIONAL_FN_TYPE(uldap_cache_checkuserid) *util_ldap_cache_checkuserid;
static APR_OPTIONAL_FN_TYPE(uldap_cache_getuserdn) *util_ldap_cache_getuserdn;
static APR_OPTIONAL_FN_TYPE(uldap_ssl_supported) *util_ldap_ssl_supported;
static apr_hash_t *charset_conversions = NULL;
static char *to_charset = NULL; /* UTF-8 identifier derived from the charset.conv file */
@@ -1136,6 +1144,17 @@ static const authn_provider authn_ldap_provider =
&authn_ldap_check_password,
};
static void ImportULDAPOptFn(void)
{
util_ldap_connection_close = APR_RETRIEVE_OPTIONAL_FN(uldap_connection_close);
util_ldap_connection_find = APR_RETRIEVE_OPTIONAL_FN(uldap_connection_find);
util_ldap_cache_comparedn = APR_RETRIEVE_OPTIONAL_FN(uldap_cache_comparedn);
util_ldap_cache_compare = APR_RETRIEVE_OPTIONAL_FN(uldap_cache_compare);
util_ldap_cache_checkuserid = APR_RETRIEVE_OPTIONAL_FN(uldap_cache_checkuserid);
util_ldap_cache_getuserdn = APR_RETRIEVE_OPTIONAL_FN(uldap_cache_getuserdn);
util_ldap_ssl_supported = APR_RETRIEVE_OPTIONAL_FN(uldap_ssl_supported);
}
static void register_hooks(apr_pool_t *p)
{
static const char * const aszPost[]={ "mod_authz_user.c", NULL };
@@ -1145,6 +1164,7 @@ static void register_hooks(apr_pool_t *p)
ap_hook_post_config(authnz_ldap_post_config,NULL,NULL,APR_HOOK_MIDDLE);
ap_hook_auth_checker(authz_ldap_check_user_access, NULL, aszPost, APR_HOOK_MIDDLE);
ap_hook_optional_fn_retrieve(ImportULDAPOptFn,NULL,NULL,APR_HOOK_MIDDLE);
}
module AP_MODULE_DECLARE_DATA authnz_ldap_module =

19
modules/ldap/NWGNUmakefile
View File

@@ -221,15 +221,16 @@ FILES_nlm_Ximports = \
#
FILES_nlm_exports = \
ldap_module \
util_ldap_connection_find \
util_ldap_connection_close \
util_ldap_connection_unbind \
util_ldap_connection_cleanup \
util_ldap_cache_checkuserid \
util_ldap_cache_getuserdn \
util_ldap_cache_compare \
util_ldap_cache_comparedn \
util_ldap_ssl_supported \
uldap_connection_open \
uldap_connection_find \
uldap_connection_close \
uldap_connection_unbind \
uldap_connection_cleanup \
uldap_cache_checkuserid \
uldap_cache_getuserdn \
uldap_cache_compare \
uldap_cache_comparedn \
uldap_ssl_supported \
$(EOLIST)
#

61
modules/ldap/util_ldap.c
View File

@@ -154,10 +154,10 @@ int util_ldap_handler(request_rec *r)
/*
* Closes an LDAP connection by unlocking it. The next time
* util_ldap_connection_find() is called this connection will be
* uldap_connection_find() is called this connection will be
* available for reuse.
*/
LDAP_DECLARE(void) util_ldap_connection_close(util_ldap_connection_t *ldc)
LDAP_DECLARE(void) uldap_connection_close(util_ldap_connection_t *ldc)
{
/*
@@ -184,7 +184,7 @@ LDAP_DECLARE(void) util_ldap_connection_close(util_ldap_connection_t *ldc)
* the LDAP server. It is used to bring the connection back to a known
* state after an error, and during pool cleanup.
*/
LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_unbind(void *param)
LDAP_DECLARE_NONSTD(apr_status_t) uldap_connection_unbind(void *param)
{
util_ldap_connection_t *ldc = param;
@@ -205,14 +205,14 @@ LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_unbind(void *param)
* This function is registered with the pool cleanup function - causing
* the LDAP connections to be shut down cleanly on graceful restart.
*/
LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_cleanup(void *param)
LDAP_DECLARE_NONSTD(apr_status_t) uldap_connection_cleanup(void *param)
{
util_ldap_connection_t *ldc = param;
if (ldc) {
/* unbind and disconnect from the LDAP server */
util_ldap_connection_unbind(ldc);
uldap_connection_unbind(ldc);
/* free the username and password */
if (ldc->bindpw) {
@@ -223,7 +223,7 @@ LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_cleanup(void *param)
}
/* unlock this entry */
util_ldap_connection_close(ldc);
uldap_connection_close(ldc);
}
@@ -237,7 +237,7 @@ LDAP_DECLARE_NONSTD(apr_status_t) util_ldap_connection_cleanup(void *param)
*
* Returns LDAP_SUCCESS on success; and an error code on failure
*/
LDAP_DECLARE(int) util_ldap_connection_open(request_rec *r,
LDAP_DECLARE(int) uldap_connection_open(request_rec *r,
util_ldap_connection_t *ldc)
{
int rc = 0;
@@ -408,7 +408,7 @@ static int compare_client_certs(apr_array_header_t *srcs, apr_array_header_t *de
* ldc structure will be returned.
*/
LDAP_DECLARE(util_ldap_connection_t *)
util_ldap_connection_find(request_rec *r,
uldap_connection_find(request_rec *r,
const char *host, int port,
const char *binddn, const char *bindpw,
deref_options deref, int secure) {
@@ -526,7 +526,7 @@ LDAP_DECLARE(util_ldap_connection_t *)
/* add the cleanup to the pool */
apr_pool_cleanup_register(l->pool, l,
util_ldap_connection_cleanup,
uldap_connection_cleanup,
apr_pool_cleanup_null);
if (p) {
@@ -554,7 +554,7 @@ LDAP_DECLARE(util_ldap_connection_t *)
*
* The lock for the ldap cache should already be acquired.
*/
LDAP_DECLARE(int) util_ldap_cache_comparedn(request_rec *r, util_ldap_connection_t *ldc,
LDAP_DECLARE(int) uldap_cache_comparedn(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *dn, const char *reqdn,
int compare_dn_on_server)
{
@@ -618,7 +618,7 @@ start_over:
}
/* make a server connection */
if (LDAP_SUCCESS != (result = util_ldap_connection_open(r, ldc))) {
if (LDAP_SUCCESS != (result = uldap_connection_open(r, ldc))) {
/* connect to server failed */
return result;
}
@@ -628,7 +628,7 @@ start_over:
"(objectclass=*)", NULL, 1,
NULL, NULL, NULL, -1, &res)) == LDAP_SERVER_DOWN) {
ldc->reason = "DN Comparison ldap_search_ext_s() failed with server down";
util_ldap_connection_unbind(ldc);
uldap_connection_unbind(ldc);
goto start_over;
}
if (result != LDAP_SUCCESS) {
@@ -677,7 +677,7 @@ start_over:
* require user cache is owned by the
*
*/
LDAP_DECLARE(int) util_ldap_cache_compare(request_rec *r, util_ldap_connection_t *ldc,
LDAP_DECLARE(int) uldap_cache_compare(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *dn,
const char *attrib, const char *value)
{
@@ -751,7 +751,7 @@ start_over:
/* too many failures */
return result;
}
if (LDAP_SUCCESS != (result = util_ldap_connection_open(r, ldc))) {
if (LDAP_SUCCESS != (result = uldap_connection_open(r, ldc))) {
/* connect failed */
return result;
}
@@ -763,7 +763,7 @@ start_over:
== LDAP_SERVER_DOWN) {
/* connection failed - try again */
ldc->reason = "ldap_compare_s() failed with server down";
util_ldap_connection_unbind(ldc);
uldap_connection_unbind(ldc);
goto start_over;
}
@@ -809,7 +809,7 @@ start_over:
return result;
}
LDAP_DECLARE(int) util_ldap_cache_checkuserid(request_rec *r, util_ldap_connection_t *ldc,
LDAP_DECLARE(int) uldap_cache_checkuserid(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *basedn, int scope, char **attrs,
const char *filter, const char *bindpw, const char **binddn,
const char ***retvals)
@@ -883,7 +883,7 @@ start_over:
if (failures++ > 10) {
return result;
}
if (LDAP_SUCCESS != (result = util_ldap_connection_open(r, ldc))) {
if (LDAP_SUCCESS != (result = uldap_connection_open(r, ldc))) {
return result;
}
@@ -893,7 +893,7 @@ start_over:
(char *)filter, attrs, 0,
NULL, NULL, NULL, -1, &res)) == LDAP_SERVER_DOWN) {
ldc->reason = "ldap_search_ext_s() for user failed with server down";
util_ldap_connection_unbind(ldc);
uldap_connection_unbind(ldc);
goto start_over;
}
@@ -949,7 +949,7 @@ start_over:
ldc->reason = "ldap_simple_bind_s() to check user credentials "
"failed with server down";
ldap_msgfree(res);
util_ldap_connection_unbind(ldc);
uldap_connection_unbind(ldc);
goto start_over;
}
@@ -957,7 +957,7 @@ start_over:
if (result != LDAP_SUCCESS) {
ldc->reason = "ldap_simple_bind_s() to check user credentials failed";
ldap_msgfree(res);
util_ldap_connection_unbind(ldc);
uldap_connection_unbind(ldc);
return result;
}
else {
@@ -1040,10 +1040,10 @@ start_over:
* This function will return the DN of the entry matching userid.
* It is used to get the DN in case some other module than mod_auth_ldap
* has authenticated the user.
* The function is basically a copy of util_ldap_cache_checkuserid
* The function is basically a copy of uldap_cache_checkuserid
* with password checking removed.
*/
LDAP_DECLARE(int) util_ldap_cache_getuserdn(request_rec *r, util_ldap_connection_t *ldc,
LDAP_DECLARE(int) uldap_cache_getuserdn(request_rec *r, util_ldap_connection_t *ldc,
const char *url, const char *basedn, int scope, char **attrs,
const char *filter, const char **binddn,
const char ***retvals)
@@ -1114,7 +1114,7 @@ start_over:
if (failures++ > 10) {
return result;
}
if (LDAP_SUCCESS != (result = util_ldap_connection_open(r, ldc))) {
if (LDAP_SUCCESS != (result = uldap_connection_open(r, ldc))) {
return result;
}
@@ -1124,7 +1124,7 @@ start_over:
(char *)filter, attrs, 0,
NULL, NULL, NULL, -1, &res)) == LDAP_SERVER_DOWN) {
ldc->reason = "ldap_search_ext_s() for user failed with server down";
util_ldap_connection_unbind(ldc);
uldap_connection_unbind(ldc);
goto start_over;
}
@@ -1226,7 +1226,7 @@ start_over:
*
* 1 = enabled, 0 = not enabled
*/
LDAP_DECLARE(int) util_ldap_ssl_supported(request_rec *r)
LDAP_DECLARE(int) uldap_ssl_supported(request_rec *r)
{
util_ldap_state_t *st = (util_ldap_state_t *)ap_get_module_config(
r->server->module_config, &ldap_module);
@@ -1945,6 +1945,17 @@ command_rec util_ldap_cmds[] = {
static void util_ldap_register_hooks(apr_pool_t *p)
{
APR_REGISTER_OPTIONAL_FN(uldap_connection_open);
APR_REGISTER_OPTIONAL_FN(uldap_connection_close);
APR_REGISTER_OPTIONAL_FN(uldap_connection_unbind);
APR_REGISTER_OPTIONAL_FN(uldap_connection_cleanup);
APR_REGISTER_OPTIONAL_FN(uldap_connection_find);
APR_REGISTER_OPTIONAL_FN(uldap_cache_comparedn);
APR_REGISTER_OPTIONAL_FN(uldap_cache_compare);
APR_REGISTER_OPTIONAL_FN(uldap_cache_checkuserid);
APR_REGISTER_OPTIONAL_FN(uldap_cache_getuserdn);
APR_REGISTER_OPTIONAL_FN(uldap_ssl_supported);
ap_hook_post_config(util_ldap_post_config,NULL,NULL,APR_HOOK_MIDDLE);
ap_hook_handler(util_ldap_handler, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_child_init(util_ldap_child_init, NULL, NULL, APR_HOOK_MIDDLE);