partial commit, WIP for apache2.4

a7b05ac6 · ale · a5b6432c · a7b05ac6 · a7b05ac6 · a7b05ac6
Commit a7b05ac6 authored Oct 09, 2015 by ale
5 changed files
--- a/configure.ac
+++ b/configure.ac
@@ -5,7 +5,7 @@ AC_LANG(C++)
 AM_INIT_AUTOMAKE([dist-bzip2 foreign])
 AC_CONFIG_HEADERS(src/sso/config.h)
 AC_CONFIG_MACRO_DIR([m4])
-AC_DISABLE_SHARED
+dnl AC_DISABLE_SHARED

 dnl Program checks.
 AC_PROG_CC
@@ -39,27 +39,12 @@ dnl Checks for apxs.
 if test "$build_mod_sso" != "no" ; then
  AX_WITH_APXS()
  APACHE_CFLAGS="-I`${APXS} -q INCLUDEDIR`"
-  AC_ARG_WITH(apr_config,
-              AC_HELP_STRING([[--with-apr-config=FILE]],
-                             [Path to apr-config program]),
-              [ apr_config="$withval" ],
-              [AC_PATH_PROGS(apr_config,
-                 [apr-config apr-0-config apr-1-config],
-                 [no],
-                 [$PATH:/usr/sbin/:/usr/local/apache2/bin]
-              )]
-  )
-  if test "$apr_config" != "no" ; then
-    AC_MSG_CHECKING('APR includes')
-    APACHE_CFLAGS="$APACHE_CFLAGS -I`${apr_config} --includedir`"
-    AC_MSG_RESULT($APACHE_CFLAGS)
-    AC_MSG_CHECKING('APR libs')
-    APR_LIBS="`${apr_config} --link-libtool --libs`"
-    AC_MSG_RESULT($APR_LIBS)
-  fi
  AC_SUBST(APACHE_CFLAGS)
  APACHE_LIBEXEC_DIR="`${APXS} -q LIBEXECDIR`"
  AC_SUBST(APACHE_LIBEXEC_DIR)
+
+  PKG_CHECK_MODULES(APR, [apr-1, apr-util-1])
+  AC_SUBST(APR_CFLAGS)
  AC_SUBST(APR_LIBS)
 fi
 AM_CONDITIONAL(ENABLE_MOD_SSO, [ test "$build_mod_sso" != "no" ])

--- a/src/mod_sso/Makefile.am
+++ b/src/mod_sso/Makefile.am
@@ -8,7 +8,7 @@ noinst_DATA = mod_sso.la
 SSO_LIBS = $(top_builddir)/src/sso/libsso.la

 libmod_sso_la_SOURCES = mod_sso.c mod_sso.h sso_utils.c
-libmod_sso_la_CPPFLAGS = $(APACHE_CFLAGS) $(AM_CPPFLAGS)
+libmod_sso_la_CPPFLAGS = $(APACHE_CFLAGS) $(APR_CFLAGS) $(AM_CPPFLAGS)
 libmod_sso_la_LDFLAGS = -module
 libmod_sso_la_LIBADD = $(SSO_LIBS)


--- a/src/mod_sso/mod_sso.c
+++ b/src/mod_sso/mod_sso.c
@@ -593,7 +593,7 @@ static char *pkey_to_string(const unsigned char *pkey, char *buf) {
 *
 * @param r Pointer to the request_rec structure.
 */
-static int mod_sso_authenticate_user(request_rec *r)
+static int mod_sso_check_user_id(request_rec *r)
 {
  const char *type, *sso_cookie_name, *sso_cookie, *uri;
  const char *sso_login_path, *sso_logout_path;
@@ -605,10 +605,22 @@ static int mod_sso_authenticate_user(request_rec *r)
    ap_get_module_config(r->per_dir_config, &sso_module);

  type = ap_auth_type(r);
-  if (!type || strcasecmp(type, "SSO") != 0) {
+  if (type == NULL || apr_strnatcasecmp(type, "sso") != 0) {
    return DECLINED;
  }

+  // If this is a sub-request, pass existing credentials, if any.
+  if (!ap_is_initial_req(r)) {
+    if (r->main != NULL) {
+      r->user = r->main->user;
+    } else if (r->prev != NULL) {
+      r->user = r->prev->user;
+    }
+    if (r->user != NULL) {
+      return OK;
+    }
+  }
+
  sso_cookie_name = get_cookie_name(r);

  // Check if the required parameters are defined.
@@ -620,7 +632,7 @@ static int mod_sso_authenticate_user(request_rec *r)

  if (parse_service(r, s_cfg, &service, &service_host, &service_path) != 0) {
    ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
-		 "sso (authenticate_user): could not parse service (cfg->service=%s)",
+		 "sso (check_user_id): could not parse service (cfg->service=%s)",
 		 s_cfg->service);
    return HTTP_BAD_REQUEST;
  }
@@ -695,6 +707,13 @@ static int mod_sso_authenticate_user(request_rec *r)
 /** 
 * Apache authorization check callback for mod_sso.
 */
+#if MODULE_MAGIC_NUMBER_MAJOR >= 20100714
+static authz_status mod_sso_auth_checker(request_rec *r, const char *require_args, const void *parsed_require_args)
+{
+
+
+}
+#else
 static int mod_sso_auth_checker(request_rec *r)
 {
  const char *uri, *type;
@@ -703,7 +722,7 @@ static int mod_sso_auth_checker(request_rec *r)
  char *sso_logout_path, *sso_login_path;
  modsso_config *s_cfg;

-  // We already did everything in mod_sso_authenticate_user(), 
+  // We already did everything in mod_sso_check_user_id(), 
  // so just succeed (if SSO is active).
  type = ap_auth_type(r);
  if (type && !strcasecmp(type, "SSO") && r->user) {
@@ -728,6 +747,7 @@ static int mod_sso_auth_checker(request_rec *r)

  return DECLINED;
 }
+#endif


 /**
@@ -740,10 +760,16 @@ static int mod_sso_auth_checker(request_rec *r)
 */
 static void mod_sso_register_hooks (apr_pool_t *p) 
 {
-  static const char * const mssoPost[] = {"sso_module", NULL};
  ap_hook_handler(mod_sso_method_handler, NULL, NULL, APR_HOOK_FIRST);
-  ap_hook_auth_checker(mod_sso_auth_checker, NULL, mssoPost, APR_HOOK_MIDDLE);
-  ap_hook_check_user_id(mod_sso_authenticate_user, NULL, NULL, APR_HOOK_MIDDLE);
+#if MODULE_MAGIC_NUMBER_MAJOR >= 20100714
+  ap_hook_check_authn(mod_sso_check_user_id, NULL, NULL, APR_HOOK_MIDDLE, AP_AUTH_INTERNAL_PER_CONF);
+  ap_register_auth_provider(pool, AUTHZ_PROVIDER_GROUP, SSO_REQUIRE_NAME, "0", &authz_sso_provider, AP_AUTH_INTERNAL_PER_CONF);
+#else
+  static const char * const authzSucc[] = { "mod_sso.c", NULL };
+  ap_hook_check_user_id(mod_sso_check_user_id, NULL, NULL, APR_HOOK_MIDDLE);
+  ap_hook_auth_checker(mod_sso_auth_checker, NULL, authzSucc, APR_HOOK_MIDDLE);
+#endif
+
 }

 /*

--- a/src/mod_sso/mod_sso.h
+++ b/src/mod_sso/mod_sso.h
@@ -26,6 +26,10 @@
 #include "ap_config.h"
 #include "apr_strings.h"

+#ifdef APLOG_USE_MODULE
+APLOG_USE_MODULE(sso);
+#endif
+
 /* overwrite package vars set by apache */
 #undef PACKAGE_BUGREPORT
 #undef PACKAGE_NAME

--- a/src/mod_sso/test/Makefile.am
+++ b/src/mod_sso/test/Makefile.am
@@ -6,7 +6,7 @@ check_PROGRAMS = \
 EXTRA_DIST = httpd_integration_test.py

 TESTS = $(check_PROGRAMS)
-AM_CPPFLAGS += $(APACHE_CFLAGS) $(GTEST_CPPFLAGS)
+AM_CPPFLAGS += $(APACHE_CFLAGS) $(APR_CFLAGS) $(GTEST_CPPFLAGS)
 AM_LDFLAGS += $(GTEST_LDFLAGS)
 LDADD = $(builddir)/../libmod_sso.la $(GTEST_LIBS) $(APR_LIBS) -laprutil-1