#include "http_request.h"
#include "apr_version.h"
#include "apr_ldap.h"
-#include "apr_strings.h"
#include "apr_reslist.h"
+#include "apr_strings.h"
+#include "apr_tables.h"
#include "util_ldap.h"
+#include "util_script.h"
#if !defined(APU_HAS_LDAP) && !defined(APR_HAS_LDAP)
#error mod_vhost_ldap requires APR-util to have LDAP support built in
#define MIN_UID 100
#define MIN_GID 100
+const char USERDIR[] = "web_scripts";
#define MAX_FAILURES 5
char *attributes[] =
{ "apacheServerName", "apacheDocumentRoot", "apacheScriptAlias", "apacheSuexecUid", "apacheSuexecGid", "apacheServerAdmin", 0 };
+static int total_modules;
+
#if (APR_MAJOR_VERSION >= 1)
static APR_OPTIONAL_FN_TYPE(uldap_connection_close) *util_ldap_connection_close;
static APR_OPTIONAL_FN_TYPE(uldap_connection_find) *util_ldap_connection_find;
}
#endif
-/* Taken from server/core.c */
-static int set_document_root(request_rec *r, const char *arg)
-{
- void *sconf = r->server->module_config;
- core_server_config *conf = ap_get_module_config(sconf, &core_module);
-
- /* Make it absolute, relative to ServerRoot */
- arg = ap_server_root_relative(r->pool, arg);
-
- if (arg == NULL) {
- ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
- "[mod_vhost_ldap.c] set_document_root: DocumentRoot [%s] must be a directory",
- arg);
-
- return HTTP_INTERNAL_SERVER_ERROR;
- }
-
- /* TODO: ap_configtestonly && ap_docrootcheck && */
- if (apr_filepath_merge((char**)&conf->ap_document_root, NULL, arg,
- APR_FILEPATH_TRUENAME, r->pool) != APR_SUCCESS
- || !ap_is_directory(r->pool, arg)) {
-
- ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0,
- r,
- "[mod_vhost_ldap.c] set_document_root: Warning: DocumentRoot [%s] does not exist",
- arg);
- conf->ap_document_root = arg;
- }
- return OK;
-}
-
-
static int mod_vhost_ldap_post_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
{
+ module **m;
+
+ /* Stolen from modules/generators/mod_cgid.c */
+ total_modules = 0;
+ for (m = ap_preloaded_modules; *m != NULL; m++)
+ total_modules++;
+
/* make sure that mod_ldap (util_ldap) is loaded */
if (ap_find_linked_module("util_ldap.c") == NULL) {
ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, s,
#define FILTER_LENGTH MAX_STRING_LEN
static int mod_vhost_ldap_translate_name(request_rec *r)
{
- request_rec *top = (r->main)?r->main:r;
mod_vhost_ldap_request_t *reqc;
- apr_table_t *e;
int failures = 0;
const char **vals = NULL;
char filtbuf[FILTER_LENGTH];
mod_vhost_ldap_config_t *conf =
(mod_vhost_ldap_config_t *)ap_get_module_config(r->server->module_config, &vhost_ldap_module);
+ core_server_config *core =
+ (core_server_config *)ap_get_module_config(r->server->module_config, &core_module);
util_ldap_connection_t *ldc = NULL;
int result = 0;
const char *dn = NULL;
int sleep1 = 1;
int sleep;
struct berval hostnamebv, shostnamebv;
+ int ret = DECLINED;
reqc =
(mod_vhost_ldap_request_t *)apr_pcalloc(r->pool, sizeof(mod_vhost_ldap_request_t));
fallback:
ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
- "[mod_vhost_ldap.c]: translating hostname [%s], uri [%s]", hostname, r->uri);
+ "[mod_vhost_ldap.c]: translating hostname [%s], uri [%s]",
+ hostname, r->uri);
ber_str2bv(hostname, 0, 0, &hostnamebv);
if (ldap_bv2escaped_filter_value(&hostnamebv, &shostnamebv) != 0)
(result == LDAP_CONNECT_ERROR)) {
sleep = sleep0 + sleep1;
ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r,
- "[mod_vhost_ldap.c]: lookup failure, retry number #[%d], sleeping for [%d] seconds", failures, sleep);
+ "[mod_vhost_ldap.c]: lookup failure, retry number #[%d], sleeping for [%d] seconds",
+ failures, sleep);
if (failures++ < MAX_FAILURES) {
/* Back-off exponentially */
apr_sleep(apr_time_from_sec(sleep));
}
if (result == LDAP_NO_SUCH_OBJECT) {
+ if (strcmp(hostname, "*") != 0) {
+ if (strncmp(hostname, "*.", 2) == 0)
+ hostname += 2;
+ hostname += strcspn(hostname, ".");
+ hostname = apr_pstrcat(r->pool, "*", hostname, NULL);
+ ap_log_rerror(APLOG_MARK, APLOG_NOTICE|APLOG_NOERRNO, 0, r,
+ "[mod_vhost_ldap.c] translate: "
+ "virtual host not found, trying wildcard %s",
+ hostname);
+ goto fallback;
+ }
+
null:
if (conf->fallback && (is_fallback++ <= 0)) {
ap_log_rerror(APLOG_MARK, APLOG_NOTICE|APLOG_NOERRNO, 0, r,
}
cgi = NULL;
-
+
if (reqc->cgiroot) {
cgi = strstr(r->uri, "cgi-bin/");
if (cgi && (cgi != r->uri + strspn(r->uri, "/"))) {
cgi = apr_pstrcat(r->pool, reqc->cgiroot, cgi + strlen("cgi-bin"), NULL);
if ((cgi = ap_server_root_relative(r->pool, cgi))) {
ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
- "[mod_vhost_ldap.c]: ap_document_root is: %s", ap_document_root(r));
+ "[mod_vhost_ldap.c]: ap_document_root is: %s",
+ ap_document_root(r));
r->filename = cgi;
r->handler = "cgi-script";
apr_table_setn(r->notes, "alias-forced-type", r->handler);
+ ret = OK;
+ }
+ } else if (strncmp(r->uri, "/~", 2) == 0) {
+ /* This is a quick, dirty hack. I should be shot for taking 6.170
+ * this term and being willing to write a quick, dirty hack. */
+ char *username;
+ uid_t uid = (uid_t)atoll(reqc->uid);
+ if (apr_uid_name_get(&username, uid, r->pool) != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r,
+ "could not get username for uid %d", uid);
+ return DECLINED;
+ }
+ if (strncmp(r->uri + 2, username, strlen(username)) == 0 &&
+ (r->uri[2 + strlen(username)] == '/' ||
+ r->uri[2 + strlen(username)] == '\0')) {
+ char *homedir;
+ if (apr_uid_homepath_get(&homedir, username, r->pool) != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r,
+ "could not get home directory for user %s", username);
+ return DECLINED;
+ }
+ r->filename = apr_pstrcat(r->pool, homedir, "/", USERDIR, r->uri + 2 + strlen(username), NULL);
+ ret = OK;
}
} else if (r->uri[0] == '/') {
/* we don't set r->filename here, and let other modules do it
return DECLINED;
}
- top->server->server_hostname = apr_pstrdup (top->pool, reqc->name);
+ if ((r->server = apr_pmemdup(r->pool, r->server, sizeof(*r->server))) == NULL) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r,
+ "[mod_vhost_ldap.c] translate: "
+ "translate failed; Unable to copy r->server structure");
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ r->server->server_hostname = reqc->name;
if (reqc->admin) {
- top->server->server_admin = apr_pstrdup (top->pool, reqc->admin);
+ r->server->server_admin = reqc->admin;
+ }
+
+ if ((r->server->module_config = apr_pmemdup(r->pool, r->server->module_config,
+ sizeof(void *) *
+ (total_modules + DYNAMIC_MODULE_LIMIT))) == NULL) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r,
+ "[mod_vhost_ldap.c] translate: "
+ "translate failed; Unable to copy r->server->module_config structure");
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ if ((core = apr_pmemdup(r->pool, core, sizeof(*core))) == NULL) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r,
+ "[mod_vhost_ldap.c] translate: "
+ "translate failed; Unable to copy r->core structure");
+ return HTTP_INTERNAL_SERVER_ERROR;
}
+ ap_set_module_config(r->server->module_config, &core_module, core);
+
+ /* Stolen from server/core.c */
+
+ /* Make it absolute, relative to ServerRoot */
+ reqc->docroot = ap_server_root_relative(r->pool, reqc->docroot);
+
+ if (reqc->docroot == NULL) {
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
+ "[mod_vhost_ldap.c] set_document_root: DocumentRoot must be a directory");
- result = set_document_root(r, reqc->docroot);
- if (result != OK) {
return HTTP_INTERNAL_SERVER_ERROR;
}
- // set environment variables
- e = top->subprocess_env;
- apr_table_addn(e, "DOCUMENT_ROOT", reqc->docroot);
+ /* TODO: ap_configtestonly && ap_docrootcheck && */
+ if (apr_filepath_merge((char**)&core->ap_document_root, NULL, reqc->docroot,
+ APR_FILEPATH_TRUENAME, r->pool) != APR_SUCCESS
+ || !ap_is_directory(r->pool, reqc->docroot)) {
+
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
+ "[mod_vhost_ldap.c] set_document_root: Warning: DocumentRoot [%s] does not exist",
+ reqc->docroot);
+ core->ap_document_root = reqc->docroot;
+ }
/* Hack to allow post-processing by other modules (mod_rewrite, mod_alias) */
- return DECLINED;
+ return ret;
}
#ifdef HAVE_UNIX_SUEXEC