]> andersk Git - mod-vhost-ldap.git/blame_incremental - mod_vhost_ldap.c
andersk / mod-vhost-ldap.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
mod_vhost_ldap.c: add support for fallback host
[mod-vhost-ldap.git] / mod_vhost_ldap.c
... / ...
CommitLineData
1/* ============================================================
2 * Copyright (c) 2003-2004, Ondrej Sury
3 * All rights reserved.
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 */
18
19/*
20 * mod_vhost_ldap.c --- read virtual host config from LDAP directory
21 */
22
23#define CORE_PRIVATE
24
25#include <unistd.h>
26
27#include "httpd.h"
28#include "http_config.h"
29#include "http_core.h"
30#include "http_log.h"
31#include "http_request.h"
32#include "apr_ldap.h"
33#include "apr_strings.h"
34#include "apr_reslist.h"
35#include "util_ldap.h"
36
37#ifndef APU_HAS_LDAP
38#error mod_vhost_ldap requires APR-util to have LDAP support built in
39#endif
40
41#if !defined(WIN32) && !defined(OS2) && !defined(BEOS) && !defined(NETWARE)
42#define HAVE_UNIX_SUEXEC
43#endif
44
45#ifdef HAVE_UNIX_SUEXEC
46#include "unixd.h" /* Contains the suexec_identity hook used on Unix */
47#endif
48
49#define MIN_UID 100
50#define MIN_GID 100
51
52module AP_MODULE_DECLARE_DATA vhost_ldap_module;
53
54typedef enum {
55 MVL_UNSET, MVL_DISABLED, MVL_ENABLED
56} mod_vhost_ldap_status_e;
57
58typedef struct mod_vhost_ldap_config_t {
59 mod_vhost_ldap_status_e enabled; /* Is vhost_ldap enabled? */
60
61 /* These parameters are all derived from the VhostLDAPURL directive */
62 char *url; /* String representation of LDAP URL */
63
64 char *host; /* Name of the LDAP server (or space separated list) */
65 int port; /* Port of the LDAP server */
66 char *basedn; /* Base DN to do all searches from */
67 int scope; /* Scope of the search */
68 char *filter; /* Filter to further limit the search */
69 deref_options deref; /* how to handle alias dereferening */
70
71 char *binddn; /* DN to bind to server (can be NULL) */
72 char *bindpw; /* Password to bind to server (can be NULL) */
73
74 int have_deref; /* Set if we have found an Deref option */
75 int have_ldap_url; /* Set if we have found an LDAP url */
76
77 int secure; /* True if SSL connections are requested */
78
79 char *fallback; /* Fallback virtual host */
80
81} mod_vhost_ldap_config_t;
82
83typedef struct mod_vhost_ldap_request_t {
84 char *dn; /* The saved dn from a successful search */
85 char *name; /* ServerName */
86 char *admin; /* ServerAdmin */
87 char *docroot; /* DocumentRoot */
88 char *cgiroot; /* ScriptAlias */
89 char *uid; /* Suexec Uid */
90 char *gid; /* Suexec Gid */
91} mod_vhost_ldap_request_t;
92
93char *attributes[] =
94 { "apacheServerName", "apacheDocumentRoot", "apacheScriptAlias", "apacheSuexecUid", "apacheSuexecGid", "apacheServerAdmin", 0 };
95
96static int mod_vhost_ldap_post_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
97{
98 /* make sure that mod_ldap (util_ldap) is loaded */
99 if (ap_find_linked_module("util_ldap.c") == NULL) {
100 ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, s,
101 "Module mod_ldap missing. Mod_ldap (aka. util_ldap) "
102 "must be loaded in order for mod_vhost_ldap to function properly");
103 return HTTP_INTERNAL_SERVER_ERROR;
104
105 }
106
107 ap_add_version_component(p, MOD_VHOST_LDAP_VERSION);
108
109 return OK;
110}
111
112static void *
113mod_vhost_ldap_create_server_config (apr_pool_t *p, server_rec *s)
114{
115 mod_vhost_ldap_config_t *conf =
116 (mod_vhost_ldap_config_t *)apr_pcalloc(p, sizeof (mod_vhost_ldap_config_t));
117
118 conf->enabled = MVL_UNSET;
119 conf->have_ldap_url = 0;
120 conf->have_deref = 0;
121 conf->binddn = NULL;
122 conf->bindpw = NULL;
123 conf->deref = always;
124 conf->fallback = NULL;
125
126 return conf;
127}
128
129static void *
130mod_vhost_ldap_merge_server_config(apr_pool_t *p, void *parentv, void *childv)
131{
132 mod_vhost_ldap_config_t *parent = (mod_vhost_ldap_config_t *) parentv;
133 mod_vhost_ldap_config_t *child = (mod_vhost_ldap_config_t *) childv;
134 mod_vhost_ldap_config_t *conf =
135 (mod_vhost_ldap_config_t *)apr_pcalloc(p, sizeof(mod_vhost_ldap_config_t));
136
137 if (child->enabled == MVL_UNSET) {
138 conf->enabled = parent->enabled;
139 } else {
140 conf->enabled = child->enabled;
141 }
142
143 if (child->have_ldap_url) {
144 conf->have_ldap_url = child->have_ldap_url;
145 conf->url = child->url;
146 conf->host = child->host;
147 conf->port = child->port;
148 conf->basedn = child->basedn;
149 conf->scope = child->scope;
150 conf->filter = child->filter;
151 conf->secure = child->secure;
152 } else {
153 conf->have_ldap_url = parent->have_ldap_url;
154 conf->url = parent->url;
155 conf->host = parent->host;
156 conf->port = parent->port;
157 conf->basedn = parent->basedn;
158 conf->scope = parent->scope;
159 conf->filter = parent->filter;
160 conf->secure = parent->secure;
161 }
162 if (child->have_deref) {
163 conf->have_deref = child->have_deref;
164 conf->deref = child->deref;
165 } else {
166 conf->have_deref = parent->have_deref;
167 conf->deref = parent->deref;
168 }
169
170 conf->binddn = (child->binddn ? child->binddn : parent->binddn);
171 conf->bindpw = (child->bindpw ? child->bindpw : parent->bindpw);
172
173 conf->fallback = (child->fallback ? child->fallback : parent->fallback);
174
175 return conf;
176}
177
178/*
179 * Use the ldap url parsing routines to break up the ldap url into
180 * host and port.
181 */
182static const char *mod_vhost_ldap_parse_url(cmd_parms *cmd,
183 void *dummy,
184 const char *url)
185{
186 int result;
187 apr_ldap_url_desc_t *urld;
188
189 mod_vhost_ldap_config_t *conf =
190 (mod_vhost_ldap_config_t *)ap_get_module_config(cmd->server->module_config,
191 &vhost_ldap_module);
192
193 ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
194 cmd->server, "[mod_vhost_ldap.c] url parse: `%s'",
195 url);
196
197 result = apr_ldap_url_parse(url, &(urld));
198 if (result != LDAP_SUCCESS) {
199 switch (result) {
200 case LDAP_URL_ERR_NOTLDAP:
201 return "LDAP URL does not begin with ldap://";
202 case LDAP_URL_ERR_NODN:
203 return "LDAP URL does not have a DN";
204 case LDAP_URL_ERR_BADSCOPE:
205 return "LDAP URL has an invalid scope";
206 case LDAP_URL_ERR_MEM:
207 return "Out of memory parsing LDAP URL";
208 default:
209 return "Could not parse LDAP URL";
210 }
211 }
212 conf->url = apr_pstrdup(cmd->pool, url);
213
214 ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
215 cmd->server, "[mod_vhost_ldap.c] url parse: Host: %s", urld->lud_host);
216 ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
217 cmd->server, "[mod_vhost_ldap.c] url parse: Port: %d", urld->lud_port);
218 ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
219 cmd->server, "[mod_vhost_ldap.c] url parse: DN: %s", urld->lud_dn);
220 ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
221 cmd->server, "[mod_vhost_ldap.c] url parse: attrib: %s", urld->lud_attrs? urld->lud_attrs[0] : "(null)");
222 ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
223 cmd->server, "[mod_vhost_ldap.c] url parse: scope: %s",
224 (urld->lud_scope == LDAP_SCOPE_SUBTREE? "subtree" :
225 urld->lud_scope == LDAP_SCOPE_BASE? "base" :
226 urld->lud_scope == LDAP_SCOPE_ONELEVEL? "onelevel" : "unknown"));
227 ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
228 cmd->server, "[mod_vhost_ldap.c] url parse: filter: %s", urld->lud_filter);
229
230 /* Set all the values, or at least some sane defaults */
231 if (conf->host) {
232 char *p = apr_palloc(cmd->pool, strlen(conf->host) + strlen(urld->lud_host) + 2);
233 strcpy(p, urld->lud_host);
234 strcat(p, " ");
235 strcat(p, conf->host);
236 conf->host = p;
237 }
238 else {
239 conf->host = urld->lud_host? apr_pstrdup(cmd->pool, urld->lud_host) : "localhost";
240 }
241 conf->basedn = urld->lud_dn? apr_pstrdup(cmd->pool, urld->lud_dn) : "";
242
243 conf->scope = urld->lud_scope == LDAP_SCOPE_ONELEVEL ?
244 LDAP_SCOPE_ONELEVEL : LDAP_SCOPE_SUBTREE;
245
246 if (urld->lud_filter) {
247 if (urld->lud_filter[0] == '(') {
248 /*
249 * Get rid of the surrounding parens; later on when generating the
250 * filter, they'll be put back.
251 */
252 conf->filter = apr_pstrdup(cmd->pool, urld->lud_filter+1);
253 conf->filter[strlen(conf->filter)-1] = '\0';
254 }
255 else {
256 conf->filter = apr_pstrdup(cmd->pool, urld->lud_filter);
257 }
258 }
259 else {
260 conf->filter = "objectClass=apacheConfig";
261 }
262
263 /* "ldaps" indicates secure ldap connections desired
264 */
265 if (strncasecmp(url, "ldaps", 5) == 0)
266 {
267 conf->secure = 1;
268 conf->port = urld->lud_port? urld->lud_port : LDAPS_PORT;
269 ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
270 "LDAP: vhost_ldap using SSL connections");
271 }
272 else
273 {
274 conf->secure = 0;
275 conf->port = urld->lud_port? urld->lud_port : LDAP_PORT;
276 ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
277 "LDAP: vhost_ldap not using SSL connections");
278 }
279
280 conf->have_ldap_url = 1;
281 apr_ldap_free_urldesc(urld);
282 return NULL;
283}
284
285static const char *mod_vhost_ldap_set_enabled(cmd_parms *cmd, void *dummy, int enabled)
286{
287 mod_vhost_ldap_config_t *conf =
288 (mod_vhost_ldap_config_t *)ap_get_module_config(cmd->server->module_config,
289 &vhost_ldap_module);
290
291 conf->enabled = (enabled) ? MVL_ENABLED : MVL_DISABLED;
292
293 return NULL;
294}
295
296static const char *mod_vhost_ldap_set_binddn(cmd_parms *cmd, void *dummy, const char *binddn)
297{
298 mod_vhost_ldap_config_t *conf =
299 (mod_vhost_ldap_config_t *)ap_get_module_config(cmd->server->module_config,
300 &vhost_ldap_module);
301
302 conf->binddn = apr_pstrdup(cmd->pool, binddn);
303 return NULL;
304}
305
306static const char *mod_vhost_ldap_set_bindpw(cmd_parms *cmd, void *dummy, const char *bindpw)
307{
308 mod_vhost_ldap_config_t *conf =
309 (mod_vhost_ldap_config_t *)ap_get_module_config(cmd->server->module_config,
310 &vhost_ldap_module);
311
312 conf->bindpw = apr_pstrdup(cmd->pool, bindpw);
313 return NULL;
314}
315
316static const char *mod_vhost_ldap_set_deref(cmd_parms *cmd, void *dummy, const char *deref)
317{
318 mod_vhost_ldap_config_t *conf =
319 (mod_vhost_ldap_config_t *)ap_get_module_config (cmd->server->module_config,
320 &vhost_ldap_module);
321
322 if (strcmp(deref, "never") == 0 || strcasecmp(deref, "off") == 0) {
323 conf->deref = never;
324 conf->have_deref = 1;
325 }
326 else if (strcmp(deref, "searching") == 0) {
327 conf->deref = searching;
328 conf->have_deref = 1;
329 }
330 else if (strcmp(deref, "finding") == 0) {
331 conf->deref = finding;
332 conf->have_deref = 1;
333 }
334 else if (strcmp(deref, "always") == 0 || strcasecmp(deref, "on") == 0) {
335 conf->deref = always;
336 conf->have_deref = 1;
337 }
338 else {
339 return "Unrecognized value for VhostLDAPAliasDereference directive";
340 }
341 return NULL;
342}
343
344static const char *mod_vhost_ldap_set_fallback(cmd_parms *cmd, void *dummy, const char *fallback)
345{
346 mod_vhost_ldap_config_t *conf =
347 (mod_vhost_ldap_config_t *)ap_get_module_config(cmd->server->module_config,
348 &vhost_ldap_module);
349
350 conf->fallback = apr_pstrdup(cmd->pool, fallback);
351 return NULL;
352}
353
354command_rec mod_vhost_ldap_cmds[] = {
355 AP_INIT_TAKE1("VhostLDAPURL", mod_vhost_ldap_parse_url, NULL, RSRC_CONF,
356 "URL to define LDAP connection. This should be an RFC 2255 compliant\n"
357 "URL of the form ldap://host[:port]/basedn[?attrib[?scope[?filter]]].\n"
358 "<ul>\n"
359 "<li>Host is the name of the LDAP server. Use a space separated list of hosts \n"
360 "to specify redundant servers.\n"
361 "<li>Port is optional, and specifies the port to connect to.\n"
362 "<li>basedn specifies the base DN to start searches from\n"
363 "</ul>\n"),
364
365 AP_INIT_TAKE1 ("VhostLDAPBindDN", mod_vhost_ldap_set_binddn, NULL, RSRC_CONF,
366 "DN to use to bind to LDAP server. If not provided, will do an anonymous bind."),
367
368 AP_INIT_TAKE1("VhostLDAPBindPassword", mod_vhost_ldap_set_bindpw, NULL, RSRC_CONF,
369 "Password to use to bind to LDAP server. If not provided, will do an anonymous bind."),
370
371 AP_INIT_FLAG("VhostLDAPEnabled", mod_vhost_ldap_set_enabled, NULL, RSRC_CONF,
372 "Set to off to disable vhost_ldap, even if it's been enabled in a higher tree"),
373
374 AP_INIT_TAKE1("VhostLDAPDereferenceAliases", mod_vhost_ldap_set_deref, NULL, RSRC_CONF,
375 "Determines how aliases are handled during a search. Can be one of the"
376 "values \"never\", \"searching\", \"finding\", or \"always\". "
377 "Defaults to always."),
378
379 AP_INIT_TAKE1("VhostLDAPFallback", mod_vhost_ldap_set_fallback, NULL, RSRC_CONF,
380 "Set default virtual host which will be used when requested hostname"
381 "is not found in LDAP database. This option can be used to display"
382 "\"virtual host not found\" type of page."),
383
384 {NULL}
385};
386
387#define FILTER_LENGTH MAX_STRING_LEN
388static int
389mod_vhost_ldap_translate_name (request_rec * r)
390{
391 apr_table_t *e;
392 int failures = 0;
393 const char **vals = NULL;
394 char filtbuf[FILTER_LENGTH];
395 mod_vhost_ldap_config_t *conf =
396 (mod_vhost_ldap_config_t *)ap_get_module_config(r->server->module_config, &vhost_ldap_module);
397 core_server_config * core =
398 (core_server_config *) ap_get_module_config(r->server->module_config, &core_module);
399 util_ldap_connection_t *ldc = NULL;
400 int result = 0;
401 const char *dn = NULL;
402 char *cgi;
403 const char *hostname = NULL;
404 int is_fallback = 0;
405
406 mod_vhost_ldap_request_t *req =
407 (mod_vhost_ldap_request_t *)apr_pcalloc(r->pool, sizeof(mod_vhost_ldap_request_t));
408 ap_set_module_config(r->request_config, &vhost_ldap_module, req);
409
410 // mod_vhost_ldap is disabled or we don't have LDAP Url
411 if ((conf->enabled != MVL_ENABLED)||(!conf->have_ldap_url)) {
412 return DECLINED;
413 }
414
415start_over:
416
417 if (conf->host) {
418 ldc = util_ldap_connection_find(r, conf->host, conf->port,
419 conf->binddn, conf->bindpw, conf->deref,
420 conf->secure);
421 }
422 else {
423 ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r,
424 "[mod_vhost_ldap.c] translate: no conf->host - weird...?");
425 return DECLINED;
426 }
427
428 hostname = r->hostname;
429
430fallback:
431
432 ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
433 "[mod_vhost_ldap.c]: translating %s", r->uri);
434
435 apr_snprintf(filtbuf, FILTER_LENGTH, "(&(%s)(|(apacheServerName=%s)(apacheServerAlias=%s)))", conf->filter, hostname, hostname);
436
437 result = util_ldap_cache_getuserdn(r, ldc, conf->url, conf->basedn, conf->scope,
438 attributes, filtbuf, &dn, &vals);
439
440 util_ldap_connection_close(ldc);
441
442 /* sanity check - if server is down, retry it up to 5 times */
443 if (result == LDAP_SERVER_DOWN) {
444 if (failures++ <= 5) {
445 goto start_over;
446 }
447 }
448
449 if ((result == LDAP_NO_SUCH_OBJECT)) {
450 if (conf->fallback && (is_fallback++ <= 0)) {
451 ap_log_rerror(APLOG_MARK, APLOG_NOTICE|APLOG_NOERRNO, 0, r,
452 "[mod_vhost_ldap.c] translate: "
453 "virtual host %s not found, trying fallback %s",
454 hostname, conf->fallback);
455 hostname = conf->fallback;
456 goto fallback;
457 }
458
459 ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r,
460 "[mod_vhost_ldap.c] translate: "
461 "virtual host %s not found",
462 hostname);
463
464 return DECLINED;
465 }
466
467 /* handle bind failure */
468 if (result != LDAP_SUCCESS) {
469 ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r,
470 "[mod_vhost_ldap.c] translate: "
471 "translate failed; virtual host %s; URI %s [%s]",
472 hostname, r->uri, ldap_err2string(result));
473 return DECLINED;
474 }
475
476 /* mark the user and DN */
477 req->dn = apr_pstrdup(r->pool, dn);
478
479 /* Optimize */
480 if (vals) {
481 int i = 0;
482 while (attributes[i]) {
483
484 if (strcasecmp (attributes[i], "apacheServerName") == 0) {
485 req->name = apr_pstrdup (r->pool, vals[i]);
486 }
487 else if (strcasecmp (attributes[i], "apacheServerAdmin") == 0) {
488 req->admin = apr_pstrdup (r->pool, vals[i]);
489 }
490 else if (strcasecmp (attributes[i], "apacheDocumentRoot") == 0) {
491 req->docroot = apr_pstrdup (r->pool, vals[i]);
492 }
493 else if (strcasecmp (attributes[i], "apacheScriptAlias") == 0) {
494 req->cgiroot = apr_pstrdup (r->pool, vals[i]);
495 }
496 else if (strcasecmp (attributes[i], "apacheSuexecUid") == 0) {
497 req->uid = apr_pstrdup(r->pool, vals[i]);
498 }
499 else if (strcasecmp (attributes[i], "apacheSuexecGid") == 0) {
500 req->gid = apr_pstrdup(r->pool, vals[i]);
501 }
502 i++;
503 }
504 }
505
506 ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
507 "[mod_vhost_ldap.c]: loaded from ldap: "
508 "apacheServerName: %s, "
509 "apacheServerAdmin: %s, "
510 "apacheDocumentRoot: %s, "
511 "apacheScriptAlias: %s, "
512 "apacheSuexecUid: %s, "
513 "apacheSuexecGid: %s"
514 , req->name, req->admin, req->docroot, req->cgiroot, req->uid, req->gid);
515
516 if ((req->name == NULL)||(req->docroot == NULL)) {
517 ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r,
518 "[mod_vhost_ldap.c] translate: "
519 "translate failed; ServerName or DocumentRoot not defined");
520 return DECLINED;
521 }
522
523 cgi = NULL;
524
525 if (req->cgiroot) {
526 cgi = strstr(r->uri, "cgi-bin/");
527 if (cgi && (cgi != r->uri + strspn(r->uri, "/"))) {
528 cgi = NULL;
529 }
530 }
531 if (cgi) {
532 r->filename = apr_pstrcat (r->pool, req->cgiroot, cgi + strlen("cgi-bin"), NULL);
533 r->handler = "cgi-script";
534 apr_table_setn(r->notes, "alias-forced-type", r->handler);
535 } else if (r->uri[0] == '/') {
536 r->filename = apr_pstrcat (r->pool, req->docroot, r->uri, NULL);
537 } else {
538 return DECLINED;
539 }
540
541 r->server->server_hostname = apr_pstrdup (r->pool, req->name);
542
543 if (req->admin) {
544 r->server->server_admin = apr_pstrdup (r->pool, req->admin);
545 }
546
547 // set environment variables
548 e = r->subprocess_env;
549 apr_table_addn (e, "SERVER_ROOT", req->docroot);
550
551 core->ap_document_root = apr_pstrdup(r->pool, req->docroot);
552
553 ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
554 "[mod_vhost_ldap.c]: translated to %s", r->filename);
555
556 return OK;
557}
558
559#ifdef HAVE_UNIX_SUEXEC
560static ap_unix_identity_t *mod_vhost_ldap_get_suexec_id_doer(const request_rec * r)
561{
562 ap_unix_identity_t *ugid = NULL;
563 mod_vhost_ldap_config_t *conf =
564 (mod_vhost_ldap_config_t *)ap_get_module_config(r->server->module_config,
565 &vhost_ldap_module);
566 mod_vhost_ldap_request_t *req =
567 (mod_vhost_ldap_request_t *)ap_get_module_config(r->request_config,
568 &vhost_ldap_module);
569
570 uid_t uid = -1;
571 gid_t gid = -1;
572
573 // mod_vhost_ldap is disabled or we don't have LDAP Url
574 if ((conf->enabled != MVL_ENABLED)||(!conf->have_ldap_url)) {
575 return NULL;
576 }
577
578 if ((req == NULL)||(req->uid == NULL)||(req->gid == NULL)) {
579 return NULL;
580 }
581
582 if ((ugid = apr_palloc(r->pool, sizeof(ap_unix_identity_t))) == NULL) {
583 return NULL;
584 }
585
586 uid = (uid_t)atoll(req->uid);
587 gid = (gid_t)atoll(req->gid);
588
589 if ((uid < MIN_UID)||(gid < MIN_GID)) {
590 return NULL;
591 }
592
593 ugid->uid = uid;
594 ugid->gid = gid;
595 ugid->userdir = 0;
596
597 return ugid;
598}
599#endif
600
601static void
602mod_vhost_ldap_register_hooks (apr_pool_t * p)
603{
604 ap_hook_post_config(mod_vhost_ldap_post_config, NULL, NULL, APR_HOOK_MIDDLE);
605 ap_hook_translate_name(mod_vhost_ldap_translate_name, NULL, NULL, APR_HOOK_MIDDLE);
606#ifdef HAVE_UNIX_SUEXEC
607 ap_hook_get_suexec_identity(mod_vhost_ldap_get_suexec_id_doer, NULL, NULL, APR_HOOK_MIDDLE);
608#endif
609}
610
611module AP_MODULE_DECLARE_DATA vhost_ldap_module = {
612 STANDARD20_MODULE_STUFF,
613 NULL,
614 NULL,
615 mod_vhost_ldap_create_server_config,
616 mod_vhost_ldap_merge_server_config,
617 mod_vhost_ldap_cmds,
618 mod_vhost_ldap_register_hooks,
619};
Apache 2 module for virtual hosting from LDAP
This page took 1.072199 seconds and 5 git commands to generate.