add support for digest authentication to the authn_dbm module. The

key is "$user:$realm" (perl speaking), the value is the MD5-hash,
optionally followed by a colon and other garbage.

Note that currently there's no tool to create such databases.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98144 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 40 insertions, 1 deletions

diff --git a/modules/aaa/mod_authn_dbm.c b/modules/aaa/mod_authn_dbm.c
index 38d562a0c0..cf704a376a 100644
--- a/modules/aaa/mod_authn_dbm.c
+++ b/modules/aaa/mod_authn_dbm.c
@@ -189,10 +189,49 @@ static authn_status check_dbm_pw(request_rec *r, const char *user,
     return AUTH_GRANTED;
 }
 
+static authn_status get_dbm_realm_hash(request_rec *r, const char *user,
+                                       const char *realm, char **rethash)
+{
+    authn_dbm_config_rec *conf = ap_get_module_config(r->per_dir_config,
+                                                      &authn_dbm_module);
+    apr_datum_t dbm_hd;
+    apr_status_t rv;
+    char *dbm_hash = NULL;
+    char *colon_hash;
+
+    rv = fetch_dbm(conf->dbmtype, conf->pwfile,
+                   apr_pstrcat(r->pool, user, ":", realm, NULL),
+                   &dbm_hd, r->pool);
+
+    if (rv != APR_SUCCESS) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+                      "Could not open dbm (type %s) hash file: %s",
+                      conf->dbmtype, conf->pwfile);
+        return AUTH_GENERAL_ERROR;
+    }
+
+    if (dbm_hd.dptr) {
+        dbm_hash = apr_pstrmemdup(r->pool, dbm_hd.dptr, dbm_hd.dsize);
+    }
+
+    if (!dbm_hash) {
+        return AUTH_USER_NOT_FOUND;
+    }
+
+    colon_hash = strchr(dbm_hash, ':');
+    if (colon_hash) {
+        *colon_hash = '\0';
+    }
+
+    *rethash = dbm_hash;
+
+    return AUTH_USER_FOUND;
+}
+
 static const authn_provider authn_dbm_provider =
 {
     &check_dbm_pw,
-    NULL,               /* No realm support yet. */
+    &get_dbm_realm_hash
 };
 
 static void register_hooks(apr_pool_t *p)