svn commit: lorikeet r73 - in trunk/mod_ntlm_winbind: .
abartlet at samba.org
abartlet at samba.org
Sat Sep 25 02:18:43 GMT 2004
Author: abartlet
Date: 2004-09-25 02:18:43 +0000 (Sat, 25 Sep 2004)
New Revision: 73
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=lorikeet&path=/trunk/mod_ntlm_winbind&rev=73&nolog=1
Log:
Maintain seperate states between the Negotiate and NTLM helpers.
Andrew Bartlett
Modified:
trunk/mod_ntlm_winbind/mod_ntlm_winbind.c
Changeset:
Modified: trunk/mod_ntlm_winbind/mod_ntlm_winbind.c
===================================================================
--- trunk/mod_ntlm_winbind/mod_ntlm_winbind.c 2004-09-25 01:58:26 UTC (rev 72)
+++ trunk/mod_ntlm_winbind/mod_ntlm_winbind.c 2004-09-25 02:18:43 UTC (rev 73)
@@ -101,7 +101,7 @@
/* A structure to hold per-connection information about authentications
that are in progress. */
-struct ntlm_auth_helper_connection {
+struct ntlm_auth_helper {
int sent_challenge;
int helper_pid;
BUFF *out_to_helper, *in_from_helper;
@@ -133,22 +133,33 @@
because we are only ever processing one authentication request per
apache daemon. */
-static struct ntlm_auth_helper_connection *ntlm_auth_helper_connection;
+static struct ntlm_auth_helper *ntlm_auth_helper;
+static struct ntlm_auth_helper *negotiate_ntlm_auth_helper;
static struct connected_user_authenticated *connected_user_authenticated;
/* Dispose of a connection */
static void
-cleanup_ntlm_auth_helper_connection(void *ntlm_conn_v)
+cleanup_ntlm_auth_helper(void *ntlm_conn_v)
{
- struct ntlm_auth_helper_connection *ntlm_conn = ntlm_conn_v;
+ struct ntlm_auth_helper *ntlm_conn = ntlm_conn_v;
ap_bclose(ntlm_conn->out_to_helper);
ap_bclose(ntlm_conn->in_from_helper);
- ntlm_auth_helper_connection = NULL;
+ ntlm_auth_helper = NULL;
}
+static void
+cleanup_negotiate_ntlm_auth_helper(void *ntlm_conn_v)
+{
+ struct ntlm_auth_helper *ntlm_conn = ntlm_conn_v;
+ ap_bclose(ntlm_conn->out_to_helper);
+ ap_bclose(ntlm_conn->in_from_helper);
+
+ negotiate_ntlm_auth_helper = NULL;
+}
+
/* Dispose of a connected user */
static void
@@ -350,36 +361,56 @@
int bytes_written;
int bytes_read;
+
+ struct ntlm_auth_helper *auth_helper;
+
/* If this is the first request with this connection, then create
- * a ntlm_auth_helper_connection entry for it. It will be cleaned up when the
+ * a ntlm_auth_helper entry for it. It will be cleaned up when the
* connection is dropped */
- if (ntlm_auth_helper_connection == NULL) {
+ if (strcmp(auth_type, NEGOTIATE_AUTH_NAME) == 0) {
+ auth_helper = negotiate_ntlm_auth_helper;
+
+ } else if (strcmp(auth_type, NTLM_AUTH_NAME) == 0) {
+ auth_helper = ntlm_auth_helper;
+ } else {
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ if (auth_helper == NULL) {
struct ntlm_child_stuff cld;
ap_pool *pool = ap_make_sub_pool(NULL);
-
- ntlm_auth_helper_connection = ap_pcalloc(pool,
- sizeof(struct ntlm_auth_helper_connection));
- ntlm_auth_helper_connection->pool = pool;
- ntlm_auth_helper_connection->helper_pid = 0;
+
+ auth_helper = ap_pcalloc(pool,
+ sizeof(struct ntlm_auth_helper));
+ auth_helper->pool = pool;
+ auth_helper->helper_pid = 0;
- ap_register_cleanup(pool, ntlm_auth_helper_connection, cleanup_ntlm_auth_helper_connection,
- ap_null_cleanup);
+ if (strcmp(auth_type, NEGOTIATE_AUTH_NAME) == 0) {
+ ap_register_cleanup(pool, auth_helper, cleanup_negotiate_ntlm_auth_helper,
+ ap_null_cleanup);
- if (strcmp(auth_type, NTLM_AUTH_NAME) == 0) {
+ cld.argv0 = crec->negotiate_ntlm_auth_helper;
+ negotiate_ntlm_auth_helper = auth_helper;
+
+ } else if (strcmp(auth_type, NTLM_AUTH_NAME) == 0) {
+ ap_register_cleanup(pool, auth_helper, cleanup_ntlm_auth_helper,
+ ap_null_cleanup);
+
cld.argv0 = crec->ntlm_auth_helper;
- } else if (strcmp(auth_type, NEGOTIATE_AUTH_NAME) == 0) {
- cld.argv0 = crec->negotiate_ntlm_auth_helper;
+ ntlm_auth_helper = auth_helper;
} else {
return HTTP_INTERNAL_SERVER_ERROR;
}
cld.r = r;
- ntlm_auth_helper_connection->helper_pid = ap_bspawn_child(pool, helper_child,
- (void *) &cld, just_wait,
- &ntlm_auth_helper_connection->out_to_helper, &ntlm_auth_helper_connection->in_from_helper, NULL);
+ auth_helper->helper_pid = ap_bspawn_child(pool, helper_child,
+ (void *) &cld, just_wait,
+ &auth_helper->out_to_helper,
+ &auth_helper->in_from_helper,
+ NULL);
- if (ntlm_auth_helper_connection->helper_pid == -1) {
+ if (auth_helper->helper_pid == -1) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, r,
"couldn't spawn child ntlm helper process: %s", cld.argv0);
@@ -415,34 +446,34 @@
/* Pipe to helper */
snprintf(argsbuffer, HUGE_STRING_LEN, "%s %s\n", message_type, client_msg);
- bytes_written = ap_bwrite(ntlm_auth_helper_connection->out_to_helper, argsbuffer, strlen(argsbuffer));
+ bytes_written = ap_bwrite(ntlm_auth_helper->out_to_helper, argsbuffer, strlen(argsbuffer));
if (bytes_written < strlen(argsbuffer)) {
ap_log_rerror(APLOG_MARK, NTLM_DEBUG, r,
"failed to write NTLMSSP string to helper - wrote %d bytes", bytes_written);
- ap_destroy_pool(ntlm_auth_helper_connection->pool);
+ ap_destroy_pool(ntlm_auth_helper->pool);
ap_destroy_pool(connected_user_authenticated->pool);
return HTTP_INTERNAL_SERVER_ERROR;
}
- ap_bflush(ntlm_auth_helper_connection->out_to_helper);
+ ap_bflush(ntlm_auth_helper->out_to_helper);
- bytes_read = ap_bgets(argsbuffer, HUGE_STRING_LEN, ntlm_auth_helper_connection->in_from_helper);
+ bytes_read = ap_bgets(argsbuffer, HUGE_STRING_LEN, ntlm_auth_helper->in_from_helper);
if (bytes_read == 0) {
ap_log_rerror(APLOG_MARK, NTLM_DEBUG, r,
"early EOF from helper");
- ap_destroy_pool(ntlm_auth_helper_connection->pool);
+ ap_destroy_pool(ntlm_auth_helper->pool);
ap_destroy_pool(connected_user_authenticated->pool);
return HTTP_INTERNAL_SERVER_ERROR;
} else if (bytes_read == -1) {
ap_log_rerror(APLOG_MARK, NTLM_DEBUG, r,
"helper dies!");
- ap_destroy_pool(ntlm_auth_helper_connection->pool);
+ ap_destroy_pool(ntlm_auth_helper->pool);
ap_destroy_pool(connected_user_authenticated->pool);
return HTTP_INTERNAL_SERVER_ERROR;
} else if (bytes_read < 2) {
ap_log_rerror(APLOG_MARK, NTLM_DEBUG, r,
"failed to read NTLMSSP string from helper - only got %d bytes", bytes_read);
- ap_destroy_pool(ntlm_auth_helper_connection->pool);
+ ap_destroy_pool(ntlm_auth_helper->pool);
ap_destroy_pool(connected_user_authenticated->pool);
return HTTP_INTERNAL_SERVER_ERROR;
}
@@ -459,7 +490,7 @@
if (childarg == NULL) {
ap_log_rerror(APLOG_MARK, NTLM_DEBUG, r,
"failed to parse response from helper");
- ap_destroy_pool(ntlm_auth_helper_connection->pool);
+ ap_destroy_pool(ntlm_auth_helper->pool);
ap_destroy_pool(connected_user_authenticated->pool);
return HTTP_UNAUTHORIZED;
}
@@ -503,7 +534,7 @@
if (childarg3 == NULL) {
ap_log_rerror(APLOG_MARK, NTLM_DEBUG, r,
"failed to parse response from helper");
- ap_destroy_pool(ntlm_auth_helper_connection->pool);
+ ap_destroy_pool(ntlm_auth_helper->pool);
ap_destroy_pool(connected_user_authenticated->pool);
return HTTP_UNAUTHORIZED;
}
@@ -544,7 +575,7 @@
ap_log_rerror(APLOG_MARK, NTLM_DEBUG, r,
"could not parse NTLM helper callback: %s", argsbuffer);
- ap_destroy_pool(ntlm_auth_helper_connection->pool);
+ ap_destroy_pool(ntlm_auth_helper->pool);
ap_destroy_pool(connected_user_authenticated->pool);
return HTTP_INTERNAL_SERVER_ERROR;
}
More information about the samba-cvs
mailing list