libapache2-mod-auth-plain-2.0.52/0000755000000000000000000000000012166772224013306 5ustar libapache2-mod-auth-plain-2.0.52/debian/0000755000000000000000000000000012166772733014535 5ustar libapache2-mod-auth-plain-2.0.52/debian/apache20000644000000000000000000000007412166574226015761 0ustar mod .libs/mod_auth_plain.so mod debian/conf/auth_plain.load libapache2-mod-auth-plain-2.0.52/debian/rules0000755000000000000000000000114612166574240015610 0ustar #!/usr/bin/make -f EXAMPLES = example.htaccess example.htpasswd override_dh_auto_build: make mod_auth_plain.la APXS="apxs2" LIBS="" override_dh_auto_install: # Don't install using the upstream Makefile. Use apache2 and # examples files instead. override_dh_installexamples: # Examples were renamed, let's follow the scheme: for example in $(EXAMPLES); do cp $$example $${example##example}; done dh_installexamples override_dh_clean: # Clean built files: rm -rf .libs # Clean renamed examples: for example in $(EXAMPLES); do rm -f $${example##example}; done dh_clean %: dh $@ --with quilt,apache2 libapache2-mod-auth-plain-2.0.52/debian/bugs/0000755000000000000000000000000011717452312015462 5ustar libapache2-mod-auth-plain-2.0.52/debian/bugs/libapache2-mod-auth-plain0000644000000000000000000000000011717452312022202 0ustar libapache2-mod-auth-plain-2.0.52/debian/conf/0000755000000000000000000000000012166770634015460 5ustar libapache2-mod-auth-plain-2.0.52/debian/conf/auth_plain.load0000644000000000000000000000015112166770634020442 0ustar # Depends: authn_core authz_core LoadModule auth_plain_module /usr/lib/apache2/modules/mod_auth_plain.so libapache2-mod-auth-plain-2.0.52/debian/README.Debian0000644000000000000000000000133012166770132016562 0ustar libapache2-mod-auth-plain for Debian ------------------------------------ USAGE An example .htaccess file: -----BEGIN----- Deny from all AuthType basic AuthName "Plain htpasswd" AuthBasicProvider plain AuthPlainUserFile .htpasswd Require valid-user Satisfy any -----END----- Note that AuthPlainUserFile can be relative to the directory which contains .htaccess file. SECURITY The .htpasswd file shouldn't be readable by WWW. Be sure you use something like: Order allow,deny Deny from all The passwords are sent by net as clear text. You should use SSL to protect them. -- Piotr Roszatycki Thu, 30 Oct 2003 14:49:47 +0100 libapache2-mod-auth-plain-2.0.52/debian/examples0000644000000000000000000000002411717460710016260 0ustar .htaccess .htpasswd libapache2-mod-auth-plain-2.0.52/debian/copyright0000644000000000000000000000523311717456664016476 0ustar Homepage: http://mod-auth-plain.alioth.debian.org/ Based on http_auth Adapted by Piotr Roszatycki The Apache Software License, Version 1.1 Copyright (c) 2000 The Apache Software Foundation. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The end-user documentation included with the redistribution, if any, must include the following acknowledgment: "This product includes software developed by the Apache Software Foundation (http://www.apache.org/)." Alternately, this acknowledgment may appear in the software itself, if and wherever such third-party acknowledgments normally appear. 4. The names "Apache" and "Apache Software Foundation" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact apache@apache.org. 5. Products derived from this software may not be called "Apache", nor may "Apache" appear in their name, without prior written permission of the Apache Software Foundation. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ==================================================================== This software consists of voluntary contributions made by many individuals on behalf of the Apache Software Foundation. For more information on the Apache Software Foundation, please see . Portions of this software are based upon public domain software originally written at the National Center for Supercomputing Applications, University of Illinois, Urbana-Champaign. libapache2-mod-auth-plain-2.0.52/debian/docs0000644000000000000000000000000711717461544015401 0ustar README libapache2-mod-auth-plain-2.0.52/debian/NEWS0000644000000000000000000000073712166772452015241 0ustar libapache2-mod-auth-plain (2.0.52) unstable; urgency=low * mod_auth_plain is now structured as an authentication and authorization provider; this is for improved compatibility with Apache 2.4, and to allow combining this with other providers and controlling their ordering. You will need to add "AuthBasicProvider plain" to your configuration files alongside any AuthPlain* directives. -- Colin Watson Tue, 09 Jul 2013 12:33:57 +0100 libapache2-mod-auth-plain-2.0.52/debian/patches/0000755000000000000000000000000012166574152016157 5ustar libapache2-mod-auth-plain-2.0.52/debian/patches/mod_auth.c.patch0000644000000000000000000001466611717461770021240 0ustar diff -u -2 -r1.1.1.1 -r1.4 --- mod_auth_plain.c 30 Oct 2003 11:29:24 -0000 1.1.1.1 +++ mod_auth_plain.c 21 Dec 2003 21:13:10 -0000 1.4 @@ -58,5 +58,10 @@ /* - * http_auth: authentication + * http_auth_plain: plaintext authentication + * + * Based on http_auth + * Adapted by Piotr Roszatycki + * + * Original code: * * Rob McCool @@ -81,4 +86,5 @@ #include "http_protocol.h" #include "http_request.h" +#include "http_main.h" @@ -87,9 +93,9 @@ char *auth_grpfile; int auth_authoritative; -} auth_config_rec; +} auth_plain_config_rec; -static void *create_auth_dir_config(apr_pool_t *p, char *d) +static void *create_auth_plain_dir_config(apr_pool_t *p, char *d) { - auth_config_rec *conf = apr_palloc(p, sizeof(*conf)); + auth_plain_config_rec *conf = apr_palloc(p, sizeof(*conf)); conf->auth_pwfile = NULL; /* just to illustrate the default really */ @@ -99,25 +105,37 @@ } -static const char *set_auth_slot(cmd_parms *cmd, void *offset, const char *f, - const char *t) +static const char *ap_set_file_slot_curdir(cmd_parms *cmd, char *struct_ptr, const char *arg) { - if (t && strcmp(t, "standard")) { - return apr_pstrcat(cmd->pool, "Invalid auth file type: ", t, NULL); + /* Prepend current directory to relative arg. */ + const char *path; + int offset = (int)(long)cmd->info; + + if (ap_os_is_path_absolute(cmd->pool, arg)) { + path = arg; + } else { + path = ap_make_full_path(cmd->pool, cmd->path ? cmd->path : ap_server_root, arg); } - return ap_set_file_slot(cmd, offset, f); + if (!path) { + return apr_pstrcat(cmd->pool, "Invalid file path ", + arg, NULL); + } + + *(const char **) ((char*)struct_ptr + offset) = path; + + return NULL; } -static const command_rec auth_cmds[] = +static const command_rec auth_plain_cmds[] = { - AP_INIT_TAKE12("AuthUserFile", set_auth_slot, - (void *)APR_OFFSETOF(auth_config_rec, auth_pwfile), + AP_INIT_TAKE12("AuthPlainUserFile", ap_set_file_slot_curdir, + (void *)APR_OFFSETOF(auth_plain_config_rec, auth_pwfile), OR_AUTHCFG, "text file containing user IDs and passwords"), - AP_INIT_TAKE12("AuthGroupFile", set_auth_slot, - (void *)APR_OFFSETOF(auth_config_rec, auth_grpfile), + AP_INIT_TAKE12("AuthPlainGroupFile", ap_set_file_slot_curdir, + (void *)APR_OFFSETOF(auth_plain_config_rec, auth_grpfile), OR_AUTHCFG, "text file containing group names and member user IDs"), - AP_INIT_FLAG("AuthAuthoritative", ap_set_flag_slot, - (void *)APR_OFFSETOF(auth_config_rec, auth_authoritative), + AP_INIT_FLAG("AuthPlainAuthoritative", ap_set_flag_slot, + (void *)APR_OFFSETOF(auth_plain_config_rec, auth_authoritative), OR_AUTHCFG, "Set to 'no' to allow access control to be passed along to " @@ -126,7 +144,7 @@ }; -module AP_MODULE_DECLARE_DATA auth_module; +module AP_MODULE_DECLARE_DATA auth_plain_module; -static char *get_pw(request_rec *r, char *user, char *auth_pwfile) +static char *get_plain_pw(request_rec *r, char *user, char *auth_pwfile) { ap_configfile_t *f; @@ -156,5 +174,5 @@ } -static apr_table_t *groups_for_user(apr_pool_t *p, char *user, char *grpfile) +static apr_table_t *plain_groups_for_user(apr_pool_t *p, char *user, char *grpfile) { ap_configfile_t *f; @@ -209,11 +227,11 @@ */ -static int authenticate_basic_user(request_rec *r) +static int auth_plainenticate_basic_user(request_rec *r) { - auth_config_rec *conf = ap_get_module_config(r->per_dir_config, - &auth_module); + auth_plain_config_rec *conf = ap_get_module_config(r->per_dir_config, + &auth_plain_module); const char *sent_pw; char *real_pw; - apr_status_t invalid_pw; + char *invalid_pw; int res; @@ -226,5 +244,5 @@ } - if (!(real_pw = get_pw(r, r->user, conf->auth_pwfile))) { + if (!(real_pw = get_plain_pw(r, r->user, conf->auth_pwfile))) { if (!(conf->auth_authoritative)) { return DECLINED; @@ -235,9 +253,9 @@ return HTTP_UNAUTHORIZED; } - invalid_pw = apr_password_validate(sent_pw, real_pw); + invalid_pw = (strcmp(sent_pw, real_pw) == 0) ? NULL : "password mismatch"; if (invalid_pw != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "user %s: authentication failure for \"%s\": " - "Password Mismatch", + "Plain Password Mismatch", r->user, r->uri); ap_note_basic_auth_failure(r); @@ -249,8 +267,8 @@ /* Checking ID */ -static int check_user_access(request_rec *r) +static int plain_check_user_access(request_rec *r) { - auth_config_rec *conf = ap_get_module_config(r->per_dir_config, - &auth_module); + auth_plain_config_rec *conf = ap_get_module_config(r->per_dir_config, + &auth_plain_module); char *user = r->user; int m = r->method_number; @@ -271,5 +289,5 @@ if (conf->auth_grpfile) { - grpstatus = groups_for_user(r->pool, user, conf->auth_grpfile); + grpstatus = plain_groups_for_user(r->pool, user, conf->auth_grpfile); } else { @@ -341,16 +359,16 @@ static void register_hooks(apr_pool_t *p) { - ap_hook_check_user_id(authenticate_basic_user,NULL,NULL,APR_HOOK_MIDDLE); - ap_hook_auth_checker(check_user_access,NULL,NULL,APR_HOOK_MIDDLE); + ap_hook_check_user_id(auth_plainenticate_basic_user,NULL,NULL,APR_HOOK_MIDDLE); + ap_hook_auth_checker(plain_check_user_access,NULL,NULL,APR_HOOK_MIDDLE); } -module AP_MODULE_DECLARE_DATA auth_module = +module AP_MODULE_DECLARE_DATA auth_plain_module = { STANDARD20_MODULE_STUFF, - create_auth_dir_config, /* dir config creater */ + create_auth_plain_dir_config, /* dir config creater */ NULL, /* dir merger --- default is to override */ NULL, /* server config */ NULL, /* merge server config */ - auth_cmds, /* command apr_table_t */ + auth_plain_cmds, /* command apr_table_t */ register_hooks /* register hooks */ }; libapache2-mod-auth-plain-2.0.52/debian/patches/mod_auth.c-2.0.48.patch0000644000000000000000000001466611717461770021767 0ustar diff -u -2 -r1.1.1.1 -r1.4 --- mod_auth_plain.c 30 Oct 2003 11:29:24 -0000 1.1.1.1 +++ mod_auth_plain.c 21 Dec 2003 21:13:10 -0000 1.4 @@ -58,5 +58,10 @@ /* - * http_auth: authentication + * http_auth_plain: plaintext authentication + * + * Based on http_auth + * Adapted by Piotr Roszatycki + * + * Original code: * * Rob McCool @@ -81,4 +86,5 @@ #include "http_protocol.h" #include "http_request.h" +#include "http_main.h" @@ -87,9 +93,9 @@ char *auth_grpfile; int auth_authoritative; -} auth_config_rec; +} auth_plain_config_rec; -static void *create_auth_dir_config(apr_pool_t *p, char *d) +static void *create_auth_plain_dir_config(apr_pool_t *p, char *d) { - auth_config_rec *conf = apr_palloc(p, sizeof(*conf)); + auth_plain_config_rec *conf = apr_palloc(p, sizeof(*conf)); conf->auth_pwfile = NULL; /* just to illustrate the default really */ @@ -99,25 +105,37 @@ } -static const char *set_auth_slot(cmd_parms *cmd, void *offset, const char *f, - const char *t) +static const char *ap_set_file_slot_curdir(cmd_parms *cmd, char *struct_ptr, const char *arg) { - if (t && strcmp(t, "standard")) { - return apr_pstrcat(cmd->pool, "Invalid auth file type: ", t, NULL); + /* Prepend current directory to relative arg. */ + const char *path; + int offset = (int)(long)cmd->info; + + if (ap_os_is_path_absolute(cmd->pool, arg)) { + path = arg; + } else { + path = ap_make_full_path(cmd->pool, cmd->path ? cmd->path : ap_server_root, arg); } - return ap_set_file_slot(cmd, offset, f); + if (!path) { + return apr_pstrcat(cmd->pool, "Invalid file path ", + arg, NULL); + } + + *(const char **) ((char*)struct_ptr + offset) = path; + + return NULL; } -static const command_rec auth_cmds[] = +static const command_rec auth_plain_cmds[] = { - AP_INIT_TAKE12("AuthUserFile", set_auth_slot, - (void *)APR_OFFSETOF(auth_config_rec, auth_pwfile), + AP_INIT_TAKE12("AuthPlainUserFile", ap_set_file_slot_curdir, + (void *)APR_OFFSETOF(auth_plain_config_rec, auth_pwfile), OR_AUTHCFG, "text file containing user IDs and passwords"), - AP_INIT_TAKE12("AuthGroupFile", set_auth_slot, - (void *)APR_OFFSETOF(auth_config_rec, auth_grpfile), + AP_INIT_TAKE12("AuthPlainGroupFile", ap_set_file_slot_curdir, + (void *)APR_OFFSETOF(auth_plain_config_rec, auth_grpfile), OR_AUTHCFG, "text file containing group names and member user IDs"), - AP_INIT_FLAG("AuthAuthoritative", ap_set_flag_slot, - (void *)APR_OFFSETOF(auth_config_rec, auth_authoritative), + AP_INIT_FLAG("AuthPlainAuthoritative", ap_set_flag_slot, + (void *)APR_OFFSETOF(auth_plain_config_rec, auth_authoritative), OR_AUTHCFG, "Set to 'no' to allow access control to be passed along to " @@ -126,7 +144,7 @@ }; -module AP_MODULE_DECLARE_DATA auth_module; +module AP_MODULE_DECLARE_DATA auth_plain_module; -static char *get_pw(request_rec *r, char *user, char *auth_pwfile) +static char *get_plain_pw(request_rec *r, char *user, char *auth_pwfile) { ap_configfile_t *f; @@ -156,5 +174,5 @@ } -static apr_table_t *groups_for_user(apr_pool_t *p, char *user, char *grpfile) +static apr_table_t *plain_groups_for_user(apr_pool_t *p, char *user, char *grpfile) { ap_configfile_t *f; @@ -209,11 +227,11 @@ */ -static int authenticate_basic_user(request_rec *r) +static int auth_plainenticate_basic_user(request_rec *r) { - auth_config_rec *conf = ap_get_module_config(r->per_dir_config, - &auth_module); + auth_plain_config_rec *conf = ap_get_module_config(r->per_dir_config, + &auth_plain_module); const char *sent_pw; char *real_pw; - apr_status_t invalid_pw; + char *invalid_pw; int res; @@ -226,5 +244,5 @@ } - if (!(real_pw = get_pw(r, r->user, conf->auth_pwfile))) { + if (!(real_pw = get_plain_pw(r, r->user, conf->auth_pwfile))) { if (!(conf->auth_authoritative)) { return DECLINED; @@ -235,9 +253,9 @@ return HTTP_UNAUTHORIZED; } - invalid_pw = apr_password_validate(sent_pw, real_pw); + invalid_pw = (strcmp(sent_pw, real_pw) == 0) ? NULL : "password mismatch"; if (invalid_pw != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "user %s: authentication failure for \"%s\": " - "Password Mismatch", + "Plain Password Mismatch", r->user, r->uri); ap_note_basic_auth_failure(r); @@ -249,8 +267,8 @@ /* Checking ID */ -static int check_user_access(request_rec *r) +static int plain_check_user_access(request_rec *r) { - auth_config_rec *conf = ap_get_module_config(r->per_dir_config, - &auth_module); + auth_plain_config_rec *conf = ap_get_module_config(r->per_dir_config, + &auth_plain_module); char *user = r->user; int m = r->method_number; @@ -271,5 +289,5 @@ if (conf->auth_grpfile) { - grpstatus = groups_for_user(r->pool, user, conf->auth_grpfile); + grpstatus = plain_groups_for_user(r->pool, user, conf->auth_grpfile); } else { @@ -341,16 +359,16 @@ static void register_hooks(apr_pool_t *p) { - ap_hook_check_user_id(authenticate_basic_user,NULL,NULL,APR_HOOK_MIDDLE); - ap_hook_auth_checker(check_user_access,NULL,NULL,APR_HOOK_MIDDLE); + ap_hook_check_user_id(auth_plainenticate_basic_user,NULL,NULL,APR_HOOK_MIDDLE); + ap_hook_auth_checker(plain_check_user_access,NULL,NULL,APR_HOOK_MIDDLE); } -module AP_MODULE_DECLARE_DATA auth_module = +module AP_MODULE_DECLARE_DATA auth_plain_module = { STANDARD20_MODULE_STUFF, - create_auth_dir_config, /* dir config creater */ + create_auth_plain_dir_config, /* dir config creater */ NULL, /* dir merger --- default is to override */ NULL, /* server config */ NULL, /* merge server config */ - auth_cmds, /* command apr_table_t */ + auth_plain_cmds, /* command apr_table_t */ register_hooks /* register hooks */ }; libapache2-mod-auth-plain-2.0.52/debian/patches/series0000644000000000000000000000020311717460337017367 0ustar # WARNING: no patches were actually applied in the original package, # so patches were moved here, but still not applied. libapache2-mod-auth-plain-2.0.52/debian/compat0000644000000000000000000000000211717456314015726 0ustar 8 libapache2-mod-auth-plain-2.0.52/debian/control0000644000000000000000000000106312166576063016136 0ustar Source: libapache2-mod-auth-plain Maintainer: Debian QA Group Section: web Priority: extra Standards-Version: 3.8.1 Build-Depends: dh-apache2, apache2-dev (>= 2.4), debhelper (>= 8), quilt Package: libapache2-mod-auth-plain Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Description: Module for Apache2 which provides plaintext authentication mod_auth_plain implements authentication routines using plain text files for Apache's authentication protocol. . This package provides the module for Apache 2.0 server. libapache2-mod-auth-plain-2.0.52/debian/changelog0000644000000000000000000000611612166772605016411 0ustar libapache2-mod-auth-plain (2.0.52) unstable; urgency=low * QA upload. * Port to the Apache 2.2 authentication provider interface (closes: #619408). * Port to Apache 2.4 (closes: #666838). -- Colin Watson Mon, 08 Jul 2013 18:36:49 +0100 libapache2-mod-auth-plain (2.0.51) unstable; urgency=low * QA upload. * Orphan the package since there's been no activity for a while. * Rework the packaging to use dh instead of yada, which is a (bad) running joke (Closes: #636889). Notable change: since I'm not sure automatically depending on latest apache is a good idea, I used the version generated during 2.0.50's build. To restore automatic updates, pass a variable through dh_gencontrol. * Thanks to IRILL for sponsoring this BSP in Paris. -- Cyril Brulebois Fri, 17 Feb 2012 14:10:19 +0000 libapache2-mod-auth-plain (2.0.50) unstable; urgency=low * Adopted the package. (closes: #447064) -- LENART Janos Tue, 14 Apr 2009 08:53:43 +0200 libapache2-mod-auth-plain (2.0.49) unstable; urgency=low * QA upload. + Set maintainter to Debian QA Group * Acknowledge NMUs. (Closes: #393343). * Use proper versioning for native package. * Bump Standards Version to 3.8.0. -- Barry deFreese Wed, 04 Feb 2009 12:16:18 -0500 libapache2-mod-auth-plain (2.0.48-4-2.2) unstable; urgency=medium * Non-maintainer upload. * Replace dependency on obsolete apache2-common with apache2.2-common (Closes: #391767) -- Michael Ablassmeier Mon, 16 Oct 2006 10:02:01 +0200 libapache2-mod-auth-plain (2.0.48-4-2.1) unstable; urgency=high * NMU: Back out the ill-fated apache2 LFS transition. (closes: #267348) * Bump the apache2-threaded-dev build-dep to (>= 2.0.50-10) -- Adam Conrad Sun, 22 Aug 2004 22:55:12 -0700 libapache2-mod-auth-plain (2.0.48-4-2) unstable; urgency=medium * Recompiled for new Apache2. Closes: #266181. -- Piotr Roszatycki Tue, 17 Aug 2004 16:57:25 +0200 libapache2-mod-auth-plain (2.0.48-4-1) unstable; urgency=low * Renamed config option "AuthAuthoritative" to "AuthPlainAuthoritative". * Build-Depends on apache2-threaded-dev, closes: #224693. -- Piotr Roszatycki Sun, 21 Dec 2003 21:45:51 +0100 libapache2-mod-auth-plain (2.0.47-1-4) unstable; urgency=low * Fix for configuration with an absolute path for the user/group file. -- Piotr Roszatycki Tue, 4 Nov 2003 14:45:39 +0100 libapache2-mod-auth-plain (2.0.47-1-3) unstable; urgency=low * Mark in debian/packages that package is now native. * Standards-Version: 3.6.1 -- Piotr Roszatycki Fri, 31 Oct 2003 14:02:49 +0100 libapache2-mod-auth-plain (2.0.47-1-2) unstable; urgency=low * Converted to Debian native package. -- Piotr Roszatycki Fri, 31 Oct 2003 12:16:43 +0100 libapache2-mod-auth-plain (2.0.47-1-1) unstable; urgency=low * Initial release. -- Piotr Roszatycki Thu, 30 Oct 2003 16:24:35 +0100 libapache2-mod-auth-plain-2.0.52/example.htpasswd0000644000000000000000000000001611717452312016507 0ustar user:password libapache2-mod-auth-plain-2.0.52/Makefile0000644000000000000000000000067711717452312014752 0ustar LIBS= APXS=apxs # try this, if you're not root and apxs is in the standard place #APXS=/usr/sbin/apxs SOURCES=mod_auth_plain.c # Apache 2.0 uses GNU libtool, hence the libtool suffix TARGETS=$(SOURCES:.c=.la) all: $(TARGETS) # general rule to build %.la: %.c $(APXS) -c $< $(LIBS) install: $(TARGETS) $(APXS) -i $(TARGETS) clean: -rm -f $(TARGETS) *~ $(SOURCES:.c=.slo) $(SOURCES:.c=.lo) $(SOURCES:.c=.so) $(SOURCES:.c=.o) -rm -rf .libs libapache2-mod-auth-plain-2.0.52/mod_auth_plain.c0000644000000000000000000003167712166770105016447 0ustar /* ==================================================================== * The Apache Software License, Version 1.1 * * Copyright (c) 2000-2003 The Apache Software Foundation. All rights * reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The end-user documentation included with the redistribution, * if any, must include the following acknowledgment: * "This product includes software developed by the * Apache Software Foundation (http://www.apache.org/)." * Alternately, this acknowledgment may appear in the software itself, * if and wherever such third-party acknowledgments normally appear. * * 4. The names "Apache" and "Apache Software Foundation" must * not be used to endorse or promote products derived from this * software without prior written permission. For written * permission, please contact apache@apache.org. * * 5. Products derived from this software may not be called "Apache", * nor may "Apache" appear in their name, without prior written * permission of the Apache Software Foundation. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * . * * Portions of this software are based upon public domain software * originally written at the National Center for Supercomputing Applications, * University of Illinois, Urbana-Champaign. */ /* * http_auth_plain: plaintext authentication * * Based on http_auth * Adapted by Piotr Roszatycki * * Original code: * * Rob McCool * * Adapted to Apache by rst. * * dirkx - Added Authoritative control to allow passing on to lower * modules if and only if the userid is not known to this * module. A known user with a faulty or absent password still * causes an AuthRequired. The default is 'Authoritative', i.e. * no control is passed along. */ #include "apr_strings.h" #include "apr_md5.h" /* for apr_password_validate */ #include "ap_config.h" #include "httpd.h" #include "http_config.h" #include "http_core.h" #include "http_log.h" #include "http_protocol.h" #include "http_request.h" #include "http_main.h" #include "mod_auth.h" #ifdef APLOG_USE_MODULE APLOG_USE_MODULE(auth_plain); #endif typedef struct { char *auth_pwfile; char *auth_grpfile; int auth_authoritative; } auth_plain_config_rec; static void *create_auth_plain_dir_config(apr_pool_t *p, char *d) { auth_plain_config_rec *conf = apr_palloc(p, sizeof(*conf)); conf->auth_pwfile = NULL; /* just to illustrate the default really */ conf->auth_grpfile = NULL; /* unless you have a broken HP cc */ conf->auth_authoritative = 1; /* keep the fortress secure by default */ return conf; } static const char *ap_set_file_slot_curdir(cmd_parms *cmd, void *struct_ptr, const char *arg, /* for compatibility */ const char *unused_arg2) { /* Prepend current directory to relative arg. */ const char *path; int offset = (int)(long)cmd->info; if (ap_os_is_path_absolute(cmd->pool, arg)) { path = arg; } else { path = ap_make_full_path(cmd->pool, cmd->path ? cmd->path : ap_server_root, arg); } if (!path) { return apr_pstrcat(cmd->pool, "Invalid file path ", arg, NULL); } *(const char **) ((char*)struct_ptr + offset) = path; return NULL; } static const command_rec auth_plain_cmds[] = { AP_INIT_TAKE12("AuthPlainUserFile", ap_set_file_slot_curdir, (void *)APR_OFFSETOF(auth_plain_config_rec, auth_pwfile), OR_AUTHCFG, "text file containing user IDs and passwords"), AP_INIT_TAKE12("AuthPlainGroupFile", ap_set_file_slot_curdir, (void *)APR_OFFSETOF(auth_plain_config_rec, auth_grpfile), OR_AUTHCFG, "text file containing group names and member user IDs"), AP_INIT_FLAG("AuthPlainAuthoritative", ap_set_flag_slot, (void *)APR_OFFSETOF(auth_plain_config_rec, auth_authoritative), OR_AUTHCFG, "Set to 'no' to allow access control to be passed along to " "lower modules if the UserID is not known to this module"), {NULL} }; module AP_MODULE_DECLARE_DATA auth_plain_module; static char *get_plain_pw(request_rec *r, char *user, char *auth_pwfile) { ap_configfile_t *f; char l[MAX_STRING_LEN]; const char *rpw, *w; apr_status_t status; if ((status = ap_pcfg_openfile(&f, r->pool, auth_pwfile)) != APR_SUCCESS) { ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, "Could not open password file: %s", auth_pwfile); return NULL; } while (!(ap_cfg_getline(l, MAX_STRING_LEN, f))) { if ((l[0] == '#') || (!l[0])) { continue; } rpw = l; w = ap_getword(r->pool, &rpw, ':'); if (!strcmp(user, w)) { ap_cfg_closefile(f); return ap_getword(r->pool, &rpw, ':'); } } ap_cfg_closefile(f); return NULL; } static apr_table_t *plain_groups_for_user(apr_pool_t *p, char *user, char *grpfile) { ap_configfile_t *f; apr_table_t *grps = apr_table_make(p, 15); apr_pool_t *sp; char l[MAX_STRING_LEN]; const char *group_name, *ll, *w; apr_status_t status; if ((status = ap_pcfg_openfile(&f, p, grpfile)) != APR_SUCCESS) { /*add? aplog_error(APLOG_MARK, APLOG_ERR, NULL, "Could not open group file: %s", grpfile);*/ return NULL; } apr_pool_create(&sp, p); while (!(ap_cfg_getline(l, MAX_STRING_LEN, f))) { if ((l[0] == '#') || (!l[0])) { continue; } ll = l; apr_pool_clear(sp); group_name = ap_getword(sp, &ll, ':'); while (ll[0]) { w = ap_getword_conf(sp, &ll); if (!strcmp(w, user)) { apr_table_setn(grps, apr_pstrdup(p, group_name), "in"); break; } } } ap_cfg_closefile(f); apr_pool_destroy(sp); return grps; } /* These functions return AUTH_GRANTED if client is OK, and proper error * status if not... either AUTH_DENIED, if we made a check, and it failed, * or AUTH_GENERAL_ERROR, if things are so totally confused that we couldn't * figure out how to tell if the client is authorized or not. * * If they return DECLINED, and all other modules also decline, that's * treated by the server core as a configuration error, logged and * reported as such. */ /* Determine user ID, and check if it really is that user, for HTTP * basic authentication... */ static authn_status check_plain_pw(request_rec *r, const char *user, const char *password) { auth_plain_config_rec *conf = ap_get_module_config(r->per_dir_config, &auth_plain_module); char *real_pw; if (!conf->auth_pwfile) { return DECLINED; } if (!(real_pw = get_plain_pw(r, r->user, conf->auth_pwfile))) { if (!(conf->auth_authoritative)) { return DECLINED; } ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "user %s not found: %s", r->user, r->uri); ap_note_basic_auth_failure(r); return AUTH_DENIED; } if (strcmp(password, real_pw) != 0) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "user %s: authentication failure for \"%s\": " "Plain Password Mismatch", r->user, r->uri); ap_note_basic_auth_failure(r); return AUTH_DENIED; } return AUTH_GRANTED; } /* Checking ID */ static authz_status user_check_authorization(request_rec *r, const char *require_args, const void *parsed_require_args) { const char *t, *w; if (!r->user) { return AUTHZ_DENIED_NO_USER; } t = require_args; while ((w = ap_getword_conf(r->pool, &t)) && w[0]) { if (!strcmp(r->user, w)) { return AUTHZ_GRANTED; } } ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "access to %s failed, reason: user %s not allowed access", r->uri, r->user); return AUTHZ_DENIED; } static authz_status validuser_check_authorization(request_rec *r, const char *require_args, const void *parsed_require_args) { if (!r->user) { return AUTHZ_DENIED_NO_USER; } return AUTHZ_GRANTED; } static authz_status group_check_authorization(request_rec *r, const char *require_args, const void *parsed_require_args) { auth_plain_config_rec *conf = ap_get_module_config(r->per_dir_config, &auth_plain_module); const char *t, *w; apr_table_t *grpstatus; if (!r->user) { return AUTHZ_DENIED_NO_USER; } if (!(conf->auth_grpfile)) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "No AuthPlainGroupFile was specified in the " "configuration"); return AUTHZ_DENIED; } grpstatus = plain_groups_for_user(r->pool, r->user, conf->auth_grpfile); t = require_args; while ((w = ap_getword_conf(r->pool, &t)) && w[0]) { if (apr_table_get(grpstatus, w)) { return AUTHZ_GRANTED; } } ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "access to %s failed, reason: user %s not allowed access", r->uri, r->user); return AUTHZ_DENIED; } static const authn_provider authn_plain_provider = { &check_plain_pw, NULL, }; static const authz_provider authz_user_provider = { &user_check_authorization, NULL, }; static const authz_provider authz_validuser_provider = { &validuser_check_authorization, NULL, }; static const authz_provider authz_group_provider = { &group_check_authorization, NULL, }; static void register_hooks(apr_pool_t *p) { ap_register_auth_provider(p, AUTHN_PROVIDER_GROUP, "plain", AUTHN_PROVIDER_VERSION, &authn_plain_provider, AP_AUTH_INTERNAL_PER_CONF); ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "user", AUTHZ_PROVIDER_VERSION, &authz_user_provider, AP_AUTH_INTERNAL_PER_CONF); ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "valid-user", AUTHZ_PROVIDER_VERSION, &authz_validuser_provider, AP_AUTH_INTERNAL_PER_CONF); ap_register_auth_provider(p, AUTHZ_PROVIDER_GROUP, "group", AUTHZ_PROVIDER_VERSION, &authz_group_provider, AP_AUTH_INTERNAL_PER_CONF); } module AP_MODULE_DECLARE_DATA auth_plain_module = { STANDARD20_MODULE_STUFF, create_auth_plain_dir_config, /* dir config creater */ NULL, /* dir merger --- default is to override */ NULL, /* server config */ NULL, /* merge server config */ auth_plain_cmds, /* command apr_table_t */ register_hooks /* register hooks */ }; libapache2-mod-auth-plain-2.0.52/example.htaccess0000644000000000000000000000024411717452312016452 0ustar Deny from all AuthType basic AuthName "Plain htpasswd" AuthPlainUserFile /usr/share/doc/libapache2-mod-auth-plain/examples/.htpasswd Require valid-user Satisfy any libapache2-mod-auth-plain-2.0.52/README0000644000000000000000000000052211717452312014157 0ustar mod_auth_plain - Module for Apache which provides plaintext authentication Version for Apache 2.0 mod_auth_plain implements authentication routines using plain text files for Apache's authentication protocol. For more informations and binary packages see http://mod-auth-plain.alioth.debian.org/ Piotr Roszatycki libapache2-mod-auth-plain-2.0.52/update/0000755000000000000000000000000012166574162014571 5ustar libapache2-mod-auth-plain-2.0.52/update/get0000755000000000000000000000067711717452312015301 0ustar #!/bin/sh # (c) 2001-2003 Piotr Roszatycki GPL # This utility fetch original source set -e if [ -f ../debian/changelog ]; then cd .. elif [ ! -f debian/changelog ]; then echo "can't find changelog file" exit 1 fi SRCNAME=apache2 srcversion=`head -n 1 debian/changelog | sed -e 's/.*(//' -e 's/-[^-]*).*//'` cd .. echo "N: Fetching source package..." apt-get source -d $SRCNAME=$srcversion echo "N: Done." libapache2-mod-auth-plain-2.0.52/update/orig0000755000000000000000000000227411717452312015455 0ustar #!/bin/sh # (c) 2003 Piotr Roszatycki , GPL # This utility converts original tgz archive into Debian source package # into *.orig.tar.gz set -e if [ -f ../debian/changelog ]; then cd .. elif [ ! -f debian/changelog ]; then echo "can't find changelog file" exit 1 fi srcname=`head -n 1 debian/changelog | sed 's/ .*//'` srcversion=`head -n 1 debian/changelog | sed -e 's/.*(//' -e 's/-[^-]*).*//'` srcdir=${srcname}-`echo $srcversion | sed -e 's/.*://'` srcorig=${srcname}_`echo $srcversion | sed -e 's/.*://'`.orig.tar.gz upsrcversion=`echo $srcversion | sed 's/-.*//'` upsrcdir=apache2-$upsrcversion tmpdir=debsource-$srcname pkgdir=$(pwd) cd .. mkdir $tmpdir cd $tmpdir echo "N: Unpacking upstream..." dpkg-source -x ../apache2_$srcversion.dsc ( cd $upsrcdir/upstream/tarballs; tar zxf httpd-*.tar.gz ) mkdir $srcdir cp -a \ $upsrcdir/upstream/tarballs/httpd-*/modules/aaa/mod_auth.c \ $srcdir/mod_auth_plain.c ( cd $srcdir; patch mod_auth_plain.c $pkgdir/patches/mod_auth.c.patch find -name '*.orig' | xargs rm -f ) echo "N: Copying new files to package directory..." cp -a $srcdir/mod_auth_plain.c $pkgdir cd .. rm -rf $tmpdir echo "N: Done."