mod_ident.c revision 36ef8f77bffe75d1aa327882be1b5bdbe2ff567a
/* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* mod_ident: Handle RFC 1413 ident request
* obtained from rfc1413.c
*
* rfc1413() speaks a common subset of the RFC 1413, AUTH, TAP and IDENT
* protocols. The code queries an RFC 1413 etc. compatible daemon on a remote
* host to look up the owner of a connection. The information should not be
* used for authentication purposes. This routine intercepts alarm signals.
*
* Author: Wietse Venema, Eindhoven University of Technology,
* The Netherlands.
*/
/* Some small additions for Apache --- ditch the "sccsid" var if
* compiling with gcc (it *has* changed), include ap_config.h for the
* prototypes it defines on at least one system (SunlOSs) which has
* them missing from the standard header files, and one minor change
* below (extra parens around assign "if (foo = bar) ..." to shut up
* gcc -Wall).
*/
/* Rewritten by David Robinson */
#include "apr.h"
#include "apr_network_io.h"
#include "apr_strings.h"
#include "apr_optional.h"
#define APR_WANT_STDIO
#define APR_WANT_STRFUNC
#include "apr_want.h"
#include "httpd.h" /* for server_rec, conn_rec, etc. */
#include "http_config.h"
#include "http_core.h"
#include "http_log.h" /* for aplog_error */
#include "util_ebcdic.h"
/* Whether we should enable rfc1413 identity checking */
#ifndef DEFAULT_RFC1413
#define DEFAULT_RFC1413 0
#endif
#define RFC1413_UNSET 2
/* request timeout (sec) */
#ifndef RFC1413_TIMEOUT
#define RFC1413_TIMEOUT 30
#endif
/* Local stuff. */
/* Semi-well-known port */
#define RFC1413_PORT 113
/* maximum allowed length of userid */
#define RFC1413_USERLEN 512
/* rough limit on the amount of data we accept. */
#define RFC1413_MAXDATA 1000
/* default username, if it could not determined */
#define FROM_UNKNOWN "unknown"
typedef struct {
int do_rfc1413;
int timeout_unset;
{
0, /* ephemeral port */
/* This should not fail since we have a numeric address string
* as the host. */
"rfc1413: apr_sockaddr_info_get(%s) failed",
return rv;
}
/* This should not fail since we have a numeric address string
* as the host. */
"rfc1413: apr_sockaddr_info_get(%s) failed",
return rv;
}
"rfc1413: error creating query socket");
return rv;
}
"rfc1413: error setting query socket timeout");
return rv;
}
/*
* Bind the local and remote ends of the query socket to the same
* IP addresses as the connection under investigation. We go
* through all this trouble because the local or remote system
* might have more than one network address. The RFC1413 etc.
* client sends only port numbers; the server takes the IP
* addresses from the query socket.
*/
"rfc1413: Error binding query socket to local port");
return rv;
}
/*
* errors from connect usually imply the remote machine doesn't support
* the service; don't log such an error
*/
return rv;
}
return APR_SUCCESS;
}
{
apr_size_t i;
char *cp;
/* send the data */
/* send query to server. Handle short write. */
i = 0;
while (i < buflen) {
if (status != APR_SUCCESS) {
"write: rfc1413: error sending request");
return status;
}
else if (j > 0) {
i+=j;
}
}
/*
* Read response from server. - the response should be newline
* terminated according to rfc - make sure it doesn't stomp its
* way out of the buffer.
*/
i = 0;
/*
* Note that the strchr function below checks for \012 instead of '\n'
* this allows it to work on both ASCII and EBCDIC machines.
*/
if (status != APR_SUCCESS) {
"read: rfc1413: error reading response");
return status;
}
else if (j > 0) {
i+=j;
}
else if (status == APR_SUCCESS && j == 0) {
/* Oops... we ran out of data before finding newline */
return APR_EINVAL;
}
}
/* RFC1413_USERLEN = 512 */
|| sav_our_port != our_port)
return APR_EINVAL;
/*
* Strip trailing carriage return. It is part of the
* protocol, not part of the data.
*/
*cp = '\0';
return APR_SUCCESS;
}
{
ident_config_rec *d = d_;
return NULL;
}
{
ident_config_rec *d = d_;
d->timeout_unset = 0;
return NULL;
}
static void *create_ident_dir_config(apr_pool_t *p, char *d)
{
return (void *)conf;
}
{
? old->do_rfc1413
: new->do_rfc1413;
return (void *)conf;
}
static const command_rec ident_cmds[] =
{
"Enable identd (RFC 1413) user lookups - SLOW"),
"Identity check (RFC 1413) timeout duration (sec)"),
{NULL}
};
/*
* Optional function for the core to to the actual ident request
*/
static const char *ap_ident_lookup(request_rec *r)
{
/* return immediately if ident requests are disabled */
return NULL;
}
if (rv == APR_SUCCESS) {
}
if (rv != APR_SUCCESS) {
}
return (const char *)conn->remote_logname;
}
static void register_hooks(apr_pool_t *p)
{
}
AP_DECLARE_MODULE(ident) =
{
create_ident_dir_config, /* dir config creater */
merge_ident_dir_config, /* dir merger --- default is to override */
NULL, /* server config */
NULL, /* merge server config */
ident_cmds, /* command apr_table_t */
register_hooks /* register hooks */
};