2 #include "http_config.h"
3 #include "http_protocol.h"
7 #include <sys/ioccom.h>
9 #include <kerberosIV/krb.h>
10 #include <kerberosIV/des.h>
11 #include <afs/venus.h>
17 char HandShakeKey
[ 8 ];
30 waklog_create_dir_config( pool
*p
, char *path
)
32 waklog_host_config
*cfg
;
34 cfg
= (waklog_host_config
*)ap_pcalloc( p
, sizeof( waklog_host_config
));
43 waklog_create_server_config( pool
*p
, server_rec
*s
)
45 waklog_host_config
*cfg
;
47 cfg
= (waklog_host_config
*)ap_pcalloc( p
, sizeof( waklog_host_config
));
56 waklog_init( server_rec
*s
, pool
*p
)
60 ap_log_error( APLOG_MARK
, APLOG_INFO
|APLOG_NOERRNO
, s
,
61 "mod_waklog: version %s initialized.", version
);
67 set_waklog_protect( cmd_parms
*params
, void *mconfig
, int flag
)
69 waklog_host_config
*cfg
;
71 if ( params
->path
== NULL
) {
72 cfg
= (waklog_host_config
*) ap_get_module_config(
73 params
->server
->module_config
, &waklog_module
);
75 cfg
= (waklog_host_config
*)mconfig
;
85 waklog_child_init( server_rec
*s
, pool
*p
)
92 command_rec waklog_cmds
[ ] =
94 { "WaklogProtected", set_waklog_protect
,
95 NULL
, RSRC_CONF
| ACCESS_CONF
, FLAG
,
96 "enable waklog on a location or directory basis" },
103 pioctl_cleanup( void *data
)
105 request_rec
*r
= (request_rec
*)data
;
113 if ( pioctl( 0, VIOCUNPAG
, &vi
, 0 ) < 0 ) {
114 ap_log_error( APLOG_MARK
, APLOG_ERR
, r
->server
,
115 "mod_waklog: unlog pioctl failed" );
118 ap_log_error( APLOG_MARK
, APLOG_ERR
, r
->server
,
119 "mod_waklog: unlog pioctl succeeded" );
125 waklog_get_tokens( request_rec
*r
)
129 struct ClearToken ct
;
131 char buf
[ 1024 ], *s
;
132 char *urealm
= "UMICH.EDU";
133 char *lrealm
= "umich.edu";
134 waklog_host_config
*cfg
;
136 /* directory config? */
137 cfg
= (waklog_host_config
*)ap_get_module_config(
138 r
->per_dir_config
, &waklog_module
);
141 if ( !cfg
->configured
) {
142 cfg
= (waklog_host_config
*)ap_get_module_config(
143 r
->server
->module_config
, &waklog_module
);
146 if ( !cfg
->protect
) {
150 if (( rc
= get_ad_tkt( "afs", "", urealm
, 255 )) != KSUCCESS
) {
151 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_INFO
, r
->server
,
152 "mod_waklog: get_ad_tkt: %s", krb_err_txt
[ rc
] );
154 /* user doesn't have tickets: use server's srvtab */
159 if (( rc
= krb_get_cred( "afs", "", urealm
, &cr
)) != KSUCCESS
) {
160 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_ERR
, r
->server
,
161 "mod_waklog: krb_get_cred: %s", krb_err_txt
[ rc
] );
165 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_DEBUG
, r
->server
,
166 "mod_waklog: %s.%s@%s", cr
.service
, cr
.instance
, cr
.realm
);
167 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_DEBUG
, r
->server
,
168 "mod_waklog: %d %d %d", cr
.lifetime
, cr
.kvno
, cr
.issue_date
);
169 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_DEBUG
, r
->server
,
170 "mod_waklog: %s %s", cr
.pname
, cr
.pinst
);
171 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_DEBUG
, r
->server
,
172 "mod_waklog: %d", cr
.ticket_st
.length
);
175 memmove( s
, &cr
.ticket_st
.length
, sizeof( int ));
177 memmove( s
, cr
.ticket_st
.dat
, cr
.ticket_st
.length
);
178 s
+= cr
.ticket_st
.length
;
180 ct
.AuthHandle
= cr
.kvno
;
181 memmove( ct
.HandShakeKey
, cr
.session
, sizeof( cr
.session
));
183 ct
.BeginTimestamp
= cr
.issue_date
;
184 ct
.EndTimestamp
= krb_life_to_time( cr
.issue_date
, cr
.lifetime
);
186 i
= sizeof( struct ClearToken
);
187 memmove( s
, &i
, sizeof( int ));
189 memmove( s
, &ct
, sizeof( struct ClearToken
));
190 s
+= sizeof( struct ClearToken
);
193 memmove( s
, &i
, sizeof( int ));
197 s
+= strlen( lrealm
) + 1;
200 vi
.in_size
= s
- buf
;
202 vi
.out_size
= sizeof( buf
);
204 if ( pioctl( 0, VIOCSETTOK
, &vi
, 0 ) < 0 ) {
205 ap_log_error( APLOG_MARK
, APLOG_ERR
, r
->server
,
206 "mod_waklog: pioctl failed" );
209 /* we'll need to unlog when this connection is done. */
210 ap_register_cleanup( r
->pool
, (void *)r
, pioctl_cleanup
, ap_null_cleanup
);
212 ap_log_error( APLOG_MARK
, APLOG_INFO
|APLOG_NOERRNO
, r
->server
,
213 "mod_waklog: done with token stuff" );
219 module MODULE_VAR_EXPORT waklog_module
= {
220 STANDARD_MODULE_STUFF
,
221 waklog_init
, /* module initializer */
222 waklog_create_dir_config
, /* create per-dir config structures */
223 NULL
, /* merge per-dir config structures */
224 waklog_create_server_config
, /* create per-server config structures */
225 NULL
, /* merge per-server config structures */
226 waklog_cmds
, /* table of config file commands */
227 NULL
, /* [#8] MIME-typed-dispatched handlers */
228 NULL
, /* [#1] URI to filename translation */
229 NULL
, /* [#4] validate user id from request */
230 NULL
, /* [#5] check if the user is ok _here_ */
231 NULL
, /* [#3] check access by host address */
232 NULL
, /* [#6] determine MIME type */
233 waklog_get_tokens
, /* [#7] pre-run fixups */
234 NULL
, /* [#9] log a transaction */
235 NULL
, /* [#2] header parser */
236 waklog_child_init
, /* child_init */
237 NULL
, /* child_exit */
238 NULL
/* [#0] post read-request */
240 ,NULL
, /* EAPI: add_module */
241 NULL
, /* EAPI: remove_module */
242 NULL
, /* EAPI: rewrite_command */
243 NULL
/* EAPI: new_connection */