int have_ldap_url; /* Set if we have found an LDAP url */
int secure; /* True if SSL connections are requested */
+
+ char *fallback; /* Fallback virtual host */
+
} mod_vhost_ldap_config_t;
typedef struct mod_vhost_ldap_request_t {
conf->binddn = NULL;
conf->bindpw = NULL;
conf->deref = always;
+ conf->fallback = NULL;
return conf;
}
conf->binddn = (child->binddn ? child->binddn : parent->binddn);
conf->bindpw = (child->bindpw ? child->bindpw : parent->bindpw);
+ conf->fallback = (child->fallback ? child->fallback : parent->fallback);
+
return conf;
}
{
mod_vhost_ldap_config_t *conf =
(mod_vhost_ldap_config_t *)ap_get_module_config(cmd->server->module_config,
- &vhost_ldap_module);
+ &vhost_ldap_module);
conf->enabled = (enabled) ? MVL_ENABLED : MVL_DISABLED;
{
mod_vhost_ldap_config_t *conf =
(mod_vhost_ldap_config_t *)ap_get_module_config(cmd->server->module_config,
- &vhost_ldap_module);
+ &vhost_ldap_module);
conf->binddn = apr_pstrdup(cmd->pool, binddn);
return NULL;
{
mod_vhost_ldap_config_t *conf =
(mod_vhost_ldap_config_t *)ap_get_module_config(cmd->server->module_config,
- &vhost_ldap_module);
+ &vhost_ldap_module);
conf->bindpw = apr_pstrdup(cmd->pool, bindpw);
return NULL;
return NULL;
}
+static const char *mod_vhost_ldap_set_fallback(cmd_parms *cmd, void *dummy, const char *fallback)
+{
+ mod_vhost_ldap_config_t *conf =
+ (mod_vhost_ldap_config_t *)ap_get_module_config(cmd->server->module_config,
+ &vhost_ldap_module);
+
+ conf->fallback = apr_pstrdup(cmd->pool, fallback);
+ return NULL;
+}
+
command_rec mod_vhost_ldap_cmds[] = {
AP_INIT_TAKE1("VhostLDAPURL", mod_vhost_ldap_parse_url, NULL, RSRC_CONF,
"URL to define LDAP connection. This should be an RFC 2255 compliant\n"
"values \"never\", \"searching\", \"finding\", or \"always\". "
"Defaults to always."),
+ AP_INIT_TAKE1("VhostLDAPFallback", mod_vhost_ldap_set_fallback, NULL, RSRC_CONF,
+ "Set default virtual host which will be used when requested hostname"
+ "is not found in LDAP database. This option can be used to display"
+ "\"virtual host not found\" type of page."),
+
{NULL}
};
#define FILTER_LENGTH MAX_STRING_LEN
-static int
-mod_vhost_ldap_translate_name (request_rec * r)
+static int mod_vhost_ldap_translate_name(request_rec *r)
{
+ request_rec *top = (r->main)?r->main:r;
+ mod_vhost_ldap_request_t *reqc;
apr_table_t *e;
int failures = 0;
const char **vals = NULL;
int result = 0;
const char *dn = NULL;
char *cgi;
+ const char *hostname = NULL;
+ int is_fallback = 0;
- mod_vhost_ldap_request_t *req =
+ reqc =
(mod_vhost_ldap_request_t *)apr_pcalloc(r->pool, sizeof(mod_vhost_ldap_request_t));
- ap_set_module_config(r->request_config, &vhost_ldap_module, req);
+
+ ap_set_module_config(r->request_config, &vhost_ldap_module, reqc);
// mod_vhost_ldap is disabled or we don't have LDAP Url
if ((conf->enabled != MVL_ENABLED)||(!conf->have_ldap_url)) {
return DECLINED;
}
+ hostname = r->hostname;
+
+fallback:
+
ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
"[mod_vhost_ldap.c]: translating %s", r->uri);
- apr_snprintf(filtbuf, FILTER_LENGTH, "(&(%s)(|(apacheServerName=%s)(apacheServerAlias=%s)))", conf->filter, r->hostname, r->hostname);
+ apr_snprintf(filtbuf, FILTER_LENGTH, "(&(%s)(|(apacheServerName=%s)(apacheServerAlias=%s)))", conf->filter, hostname, hostname);
result = util_ldap_cache_getuserdn(r, ldc, conf->url, conf->basedn, conf->scope,
attributes, filtbuf, &dn, &vals);
}
}
+ if ((result == LDAP_NO_SUCH_OBJECT)) {
+ if (conf->fallback && (is_fallback++ <= 0)) {
+ ap_log_rerror(APLOG_MARK, APLOG_NOTICE|APLOG_NOERRNO, 0, r,
+ "[mod_vhost_ldap.c] translate: "
+ "virtual host %s not found, trying fallback %s",
+ hostname, conf->fallback);
+ hostname = conf->fallback;
+ goto fallback;
+ }
+
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r,
+ "[mod_vhost_ldap.c] translate: "
+ "virtual host %s not found",
+ hostname);
+
+ return DECLINED;
+ }
+
/* handle bind failure */
if (result != LDAP_SUCCESS) {
- ap_log_rerror(APLOG_MARK, APLOG_WARN|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r,
"[mod_vhost_ldap.c] translate: "
- "translate failed; VHost %s; URI %s[%s]",
- r->hostname, r->uri, ldap_err2string(result));
+ "translate failed; virtual host %s; URI %s [%s]",
+ hostname, r->uri, ldap_err2string(result));
return DECLINED;
}
/* mark the user and DN */
- req->dn = apr_pstrdup(r->pool, dn);
+ reqc->dn = apr_pstrdup(r->pool, dn);
/* Optimize */
if (vals) {
while (attributes[i]) {
if (strcasecmp (attributes[i], "apacheServerName") == 0) {
- req->name = apr_pstrdup (r->pool, vals[i]);
+ reqc->name = apr_pstrdup (r->pool, vals[i]);
}
else if (strcasecmp (attributes[i], "apacheServerAdmin") == 0) {
- req->admin = apr_pstrdup (r->pool, vals[i]);
+ reqc->admin = apr_pstrdup (r->pool, vals[i]);
}
else if (strcasecmp (attributes[i], "apacheDocumentRoot") == 0) {
- req->docroot = apr_pstrdup (r->pool, vals[i]);
+ reqc->docroot = apr_pstrdup (r->pool, vals[i]);
}
else if (strcasecmp (attributes[i], "apacheScriptAlias") == 0) {
- req->cgiroot = apr_pstrdup (r->pool, vals[i]);
+ reqc->cgiroot = apr_pstrdup (r->pool, vals[i]);
}
else if (strcasecmp (attributes[i], "apacheSuexecUid") == 0) {
- req->uid = apr_pstrdup(r->pool, vals[i]);
+ reqc->uid = apr_pstrdup(r->pool, vals[i]);
}
else if (strcasecmp (attributes[i], "apacheSuexecGid") == 0) {
- req->gid = apr_pstrdup(r->pool, vals[i]);
+ reqc->gid = apr_pstrdup(r->pool, vals[i]);
}
i++;
}
"apacheDocumentRoot: %s, "
"apacheScriptAlias: %s, "
"apacheSuexecUid: %s, "
- "apacheSuexecGid: %s"
- , req->name, req->admin, req->docroot, req->cgiroot, req->uid, req->gid);
+ "apacheSuexecGid: %s",
+ reqc->name, reqc->admin, reqc->docroot, reqc->cgiroot, reqc->uid, reqc->gid);
- if ((req->name == NULL)||(req->docroot == NULL)) {
+ if ((reqc->name == NULL)||(reqc->docroot == NULL)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r,
"[mod_vhost_ldap.c] translate: "
"translate failed; ServerName or DocumentRoot not defined");
cgi = NULL;
- if (req->cgiroot) {
+ if (reqc->cgiroot) {
cgi = strstr(r->uri, "cgi-bin/");
if (cgi && (cgi != r->uri + strspn(r->uri, "/"))) {
cgi = NULL;
}
}
if (cgi) {
- r->filename = apr_pstrcat (r->pool, req->cgiroot, cgi + strlen("cgi-bin"), NULL);
+ r->filename = apr_pstrcat (r->pool, reqc->cgiroot, cgi + strlen("cgi-bin"), NULL);
r->handler = "cgi-script";
apr_table_setn(r->notes, "alias-forced-type", r->handler);
} else if (r->uri[0] == '/') {
- r->filename = apr_pstrcat (r->pool, req->docroot, r->uri, NULL);
+ r->filename = apr_pstrcat (r->pool, reqc->docroot, r->uri, NULL);
} else {
return DECLINED;
}
- r->server->server_hostname = apr_pstrdup (r->pool, req->name);
+ r->server->server_hostname = apr_pstrdup (top->pool, reqc->name);
- if (req->admin) {
- r->server->server_admin = apr_pstrdup (r->pool, req->admin);
+ if (reqc->admin) {
+ r->server->server_admin = apr_pstrdup (top->pool, reqc->admin);
}
// set environment variables
- e = r->subprocess_env;
- apr_table_addn (e, "SERVER_ROOT", req->docroot);
+ e = top->subprocess_env;
+ apr_table_addn (e, "SERVER_ROOT", reqc->docroot);
- core->ap_document_root = apr_pstrdup(r->pool, req->docroot);
+ core->ap_document_root = apr_pstrdup(top->pool, reqc->docroot);
ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
"[mod_vhost_ldap.c]: translated to %s", r->filename);