Lines Matching refs:sec
209 authn_ldap_config_t *sec)
220 filter = sec->filter;
244 len = apr_snprintf(filtbuf, FILTER_LENGTH, "(%s=", sec->attribute);
247 len = apr_snprintf(filtbuf, FILTER_LENGTH, "(&(%s)(%s=", filter, sec->attribute);
325 authn_ldap_config_t *sec =
328 sec->pool = p;
330 apr_thread_mutex_create(&sec->lock, APR_THREAD_MUTEX_DEFAULT, p);
333 sec->authz_enabled = 1;
335 sec->groupattr = apr_array_make(p, GROUPATTR_MAX_ELTS,
337 sec->subgroupclasses = apr_array_make(p, GROUPATTR_MAX_ELTS,
340 sec->have_ldap_url = 0;
341 sec->url = "";
342 sec->host = NULL;
343 sec->binddn = NULL;
344 sec->bindpw = NULL;
345 sec->bind_authoritative = 1;
346 sec->deref = always;
347 sec->group_attrib_is_dn = 1;
348 sec->secure = -1; /*Initialize to unset*/
349 sec->maxNestingDepth = 0;
350 sec->sgAttributes = apr_pcalloc(p, sizeof (char *) * GROUPATTR_MAX_ELTS + 1);
352 sec->user_is_dn = 0;
353 sec->remote_user_attribute = NULL;
354 sec->compare_dn_on_server = 0;
356 sec->authz_prefix = AUTHZ_PREFIX;
358 return sec;
373 authn_ldap_config_t *sec =
376 prefix = (phase == LDAP_AUTHN) ? AUTHN_PREFIX : sec->authz_prefix;
379 if (sec->attributes && vals) {
382 while (sec->attributes[i]) {
383 char *str = apr_pstrcat(r->pool, prefix, sec->attributes[i], NULL);
393 sec->remote_user_attribute &&
394 !strcmp(sec->remote_user_attribute, sec->attributes[i])) {
405 authn_ldap_config_t *sec =
410 if (NULL == user || NULL == sec || !sec->bind_regex || !sec->bind_subst) {
414 if (!ap_regexec(sec->bind_regex, user, AP_MAX_REG_MATCH, regm, 0)) {
415 char *substituted = ap_pregsub(r->pool, sec->bind_subst, user, AP_MAX_REG_MATCH, regm);
436 authn_ldap_config_t *sec =
440 char *binddn = sec->binddn;
441 char *bindpw = sec->bindpw;
453 ((type == LDAP_SEARCH && sec->search_as_user) ||
454 (type == LDAP_COMPARE && sec->compare_as_user) ||
455 (type == LDAP_COMPARE_AND_SEARCH && sec->compare_as_user && sec->search_as_user))){
460 ldc = util_ldap_connection_find(r, sec->host, sec->port,
462 sec->deref, sec->secure);
507 authn_ldap_config_t *sec =
519 if (!sec->enabled) {
527 if (!sec->have_ldap_url) {
535 if (sec->host) {
536 const char *binddn = sec->binddn;
537 const char *bindpw = sec->bindpw;
538 if (sec->initial_bind_as_user) {
544 ldc = util_ldap_connection_find(r, sec->host, sec->port,
546 sec->deref, sec->secure);
550 "auth_ldap authenticate: no sec->host - weird...?");
555 "auth_ldap authenticate: using URL %s", sec->url);
573 if (APR_SUCCESS != authn_ldap_build_filter(filtbuf, r, user, NULL, sec)) {
588 result = util_ldap_cache_checkuserid(r, ldc, sec->url, sec->basedn, sec->scope,
589 sec->attributes, filtbuf, utfpassword,
595 if (!sec->bind_authoritative) {
609 if (!strcasecmp(sec->filter, "none") && LDAP_OTHER == result) {
639 if (sec->user_is_dn) {
647 if (sec->remote_user_attribute && !remote_user_attribute_set) {
654 sec->remote_user_attribute);
669 authn_ldap_config_t *sec =
674 if (APR_SUCCESS != authn_ldap_build_filter(filtbuf, r, r->user, NULL, sec)) {
682 result = util_ldap_cache_getuserdn(r, ldc, sec->url, sec->basedn,
683 sec->scope, sec->attributes, filtbuf, &dn, &(req->vals));
704 authn_ldap_config_t *sec =
721 if (!sec->have_ldap_url) {
725 if (!sec->host) {
727 "auth_ldap authorize: no sec->host - weird...?");
776 result = util_ldap_cache_compare(r, ldc, sec->url, req->dn, sec->attribute, require);
798 result = util_ldap_cache_compare(r, ldc, sec->url, req->dn, sec->attribute, w);
831 authn_ldap_config_t *sec =
849 if (!sec->have_ldap_url) {
853 if (!sec->host) {
855 "auth_ldap authorize: no sec->host - weird...?");
875 if (sec->groupattr->nelts == 0) {
878 apr_thread_mutex_lock(sec->lock);
880 grp = apr_array_push(sec->groupattr);
882 grp = apr_array_push(sec->groupattr);
885 apr_thread_mutex_unlock(sec->lock);
893 if (sec->subgroupclasses->nelts == 0) {
896 apr_thread_mutex_lock(sec->lock);
898 grp = apr_array_push(sec->subgroupclasses);
900 grp = apr_array_push(sec->subgroupclasses);
903 apr_thread_mutex_unlock(sec->lock);
920 ent = (struct mod_auth_ldap_groupattr_entry_t *) sec->groupattr->elts;
922 if (sec->group_attrib_is_dn) {
955 for (i = 0; i < sec->groupattr->nelts; i++) {
960 sec->group_attrib_is_dn ? req->dn : req->user, t);
962 result = util_ldap_cache_compare(r, ldc, sec->url, t, ent[i].name,
963 sec->group_attrib_is_dn ? req->dn : req->user);
984 if (sec->groupattr->nelts > 0) {
994 for (i = 0; i < sec->groupattr->nelts; i++) {
995 result = util_ldap_cache_check_subgroups(r, ldc, sec->url, t, ent[i].name,
996 sec->group_attrib_is_dn ? req->dn : req->user,
997 sec->sgAttributes[0] ? sec->sgAttributes : default_attributes,
998 sec->subgroupclasses,
999 0, sec->maxNestingDepth);
1035 authn_ldap_config_t *sec =
1050 if (!sec->have_ldap_url) {
1054 if (!sec->host) {
1056 "auth_ldap authorize: no sec->host - weird...?");
1101 result = util_ldap_cache_comparedn(r, ldc, sec->url, req->dn, t, sec->compare_dn_on_server);
1134 authn_ldap_config_t *sec =
1150 if (!sec->have_ldap_url) {
1154 if (!sec->host) {
1156 "auth_ldap authorize: no sec->host - weird...?");
1208 result = util_ldap_cache_compare(r, ldc, sec->url, req->dn, w, value);
1241 authn_ldap_config_t *sec =
1259 if (!sec->have_ldap_url) {
1263 if (!sec->host) {
1265 "auth_ldap authorize: no sec->host - weird...?");
1315 if (APR_SUCCESS != authn_ldap_build_filter(filtbuf, r, req->user, t, sec)) {
1323 result = util_ldap_cache_getuserdn(r, ldc, sec->url, sec->basedn,
1324 sec->scope, sec->attributes, filtbuf, &dn, &(req->vals));
1330 if (sec->compare_as_user) {
1335 result = util_ldap_cache_comparedn(r, ldc, sec->url, req->dn, dn,
1336 sec->compare_dn_on_server);
1376 authn_ldap_config_t *sec =
1387 if (!sec->have_ldap_url) {
1391 if (sec->host) {
1396 "auth_ldap authorize: no sec->host - weird...?");
1417 result = util_ldap_cache_getuserdn(r, ldc, sec->url, sec->basedn,
1418 sec->scope, sec->attributes, t, &dn, &vals);
1475 authn_ldap_config_t *sec = config;
1481 sec->url = apr_pstrdup(cmd->pool, url);
1484 if (sec->host) {
1485 sec->host = apr_pstrcat(cmd->pool, urld->lud_host, " ", sec->host, NULL);
1488 sec->host = urld->lud_host? apr_pstrdup(cmd->pool, urld->lud_host) : "localhost";
1490 sec->basedn = urld->lud_dn? apr_pstrdup(cmd->pool, urld->lud_dn) : "";
1496 sec->attributes = apr_pcalloc(cmd->pool, sizeof(char *) * (i+1));
1499 sec->attributes[i] = apr_pstrdup(cmd->pool, urld->lud_attrs[i]);
1502 sec->attribute = sec->attributes[0];
1505 sec->attribute = "uid";
1508 sec->scope = urld->lud_scope == LDAP_SCOPE_ONELEVEL ?
1517 sec->filter = apr_pstrmemdup(cmd->pool, urld->lud_filter+1,
1521 sec->filter = apr_pstrdup(cmd->pool, urld->lud_filter);
1525 sec->filter = "objectclass=*";
1530 sec->secure = APR_LDAP_NONE;
1533 sec->secure = APR_LDAP_SSL;
1536 sec->secure = APR_LDAP_STARTTLS;
1548 sec->secure = APR_LDAP_SSL;
1549 sec->port = urld->lud_port? urld->lud_port : LDAPS_PORT;
1553 sec->port = urld->lud_port? urld->lud_port : LDAP_PORT;
1556 sec->have_ldap_url = 1;
1570 sec->secure == APR_LDAP_SSL ? "using SSL": "not using SSL"
1578 authn_ldap_config_t *sec = config;
1581 sec->deref = never;
1584 sec->deref = searching;
1587 sec->deref = finding;
1590 sec->deref = always;
1602 authn_ldap_config_t *sec = config;
1604 for (i = 0; sec->sgAttributes[i]; i++) {
1610 sec->sgAttributes[i] = apr_pstrdup(cmd->pool, arg);
1619 authn_ldap_config_t *sec = config;
1621 if (sec->subgroupclasses->nelts > GROUPATTR_MAX_ELTS)
1624 new = apr_array_push(sec->subgroupclasses);
1634 authn_ldap_config_t *sec = config;
1636 sec->maxNestingDepth = atol(max_depth);
1645 authn_ldap_config_t *sec = config;
1647 if (sec->groupattr->nelts > GROUPATTR_MAX_ELTS)
1650 new = apr_array_push(sec->groupattr);
1665 authn_ldap_config_t *sec = _cfg;
1675 sec->bind_regex = regexp;
1676 sec->bind_subst = apr_pstrdup(cmd->pool, subst);
1683 authn_ldap_config_t *sec = _cfg;
1709 sec->bindpw = result;
1712 sec->bindpw = (char *)arg;
1837 authn_ldap_config_t *sec = (authn_ldap_config_t *)
1841 if (sec->secure)