Date: Wed, 3 Aug 2016 14:57:50 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r419529 - in branches/2016Q3/www/lighttpd: . files Message-ID: <201608031457.u73Evoia030003@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Wed Aug 3 14:57:50 2016 New Revision: 419529 URL: https://svnweb.freebsd.org/changeset/ports/419529 Log: MFH: r418900 r419528 www/lighttpd: Update to 1.4.41 - Convert to USES=localbase - Update MAINTAINER address - Remove NODELAY option, it has been integrated upstream - Modernize Makefile PR: 211495 Approved by: ports-secteam (with hat) Added: branches/2016Q3/www/lighttpd/files/extra-patch-src_Makefile.am - copied unchanged from r418900, head/www/lighttpd/files/extra-patch-src_Makefile.am branches/2016Q3/www/lighttpd/files/extra-patch-src_Makefile.in - copied unchanged from r418900, head/www/lighttpd/files/extra-patch-src_Makefile.in branches/2016Q3/www/lighttpd/files/extra-patch-src_http__auth.c - copied unchanged from r418900, head/www/lighttpd/files/extra-patch-src_http__auth.c branches/2016Q3/www/lighttpd/files/extra-patch-src_http__auth.h - copied unchanged from r418900, head/www/lighttpd/files/extra-patch-src_http__auth.h branches/2016Q3/www/lighttpd/files/extra-patch-src_mod__auth.c - copied unchanged from r418900, head/www/lighttpd/files/extra-patch-src_mod__auth.c Deleted: branches/2016Q3/www/lighttpd/files/extra-patch-mysqlauth branches/2016Q3/www/lighttpd/files/extra-patch-nodelay branches/2016Q3/www/lighttpd/files/patch-configure.ac branches/2016Q3/www/lighttpd/files/patch-src-fdevent.h branches/2016Q3/www/lighttpd/files/patch-src_mod__cml__lua.c branches/2016Q3/www/lighttpd/files/patch-src_mod__magnet.c branches/2016Q3/www/lighttpd/files/patch-src_network.c Modified: branches/2016Q3/www/lighttpd/Makefile branches/2016Q3/www/lighttpd/distinfo Directory Properties: branches/2016Q3/ (props changed) Modified: branches/2016Q3/www/lighttpd/Makefile ============================================================================== --- branches/2016Q3/www/lighttpd/Makefile Wed Aug 3 14:56:02 2016 (r419528) +++ branches/2016Q3/www/lighttpd/Makefile Wed Aug 3 14:57:50 2016 (r419529) @@ -2,12 +2,11 @@ # $FreeBSD$ PORTNAME?= lighttpd -PORTVERSION= 1.4.39 -PORTREVISION= 1 +PORTVERSION= 1.4.41 CATEGORIES?= www MASTER_SITES?= http://download.lighttpd.net/lighttpd/releases-1.4.x/ -MAINTAINER= pkubaj@riseup.net +MAINTAINER= pkubaj@anongoth.pl COMMENT?= Secure, fast, compliant, and flexible Web Server .if !defined(_BUILDING_LIGHTTPD_MODULE) @@ -18,7 +17,7 @@ LICENSE_FILE= ${WRKSRC}/COPYING LIB_DEPENDS+= libpcre.so:devel/pcre GNU_CONFIGURE= yes -USES= autoreconf gmake libtool pkgconfig tar:xz +USES= autoreconf gmake libtool localbase pkgconfig tar:xz .if !defined(_BUILDING_LIGHTTPD_MODULE) USES+= cpe @@ -27,14 +26,11 @@ USES+= cpe CONFIGURE_ARGS+= --libdir=${PREFIX}/lib/lighttpd INSTALL_TARGET= install-strip -CPPFLAGS+= -I${LOCALBASE}/include -LDFLAGS+= -L${LOCALBASE}/lib - .if !defined(_BUILDING_LIGHTTPD_MODULE) USE_RC_SUBR= lighttpd -OPTIONS_DEFINE= ATTR BZIP2 DOCS FAM GDBM IPV6 LIBEV LUA MEMCACHE MYSQL MYSQLAUTH \ - NODELAY LDAP OPENSSL SPAWNFCGI VALGRIND WEBDAV +OPTIONS_DEFINE= ATTR BZIP2 DOCS FAM GDBM IPV6 LIBEV LUA MEMCACHED MYSQL MYSQLAUTH \ + LDAP OPENSSL SPAWNFCGI VALGRIND WEBDAV OPTIONS_DEFAULT= OPENSSL @@ -44,10 +40,9 @@ GDBM_DESC= gdbm storage (mod_trigger_b4_ LDAP_DESC= LDAP authentication LIBEV_DESC= Fast events support via libev (disables kqueue) LUA_DESC= lua support (mod_cml, mod_magnet) -MEMCACHE_DESC= memcached storage (mod_trigger_b4_dl) +MEMCACHED_DESC= memcached storage (mod_trigger_b4_dl) MYSQL_DESC= MySQL support (mod_mysql_vhost) -MYSQLAUTH_DESC= MySQL authentication (requires WITH_MYSQL) -NODELAY_DESC= Set TCP_NODELAY on listening sockets +MYSQLAUTH_DESC= MySQL authentication SPAWNFCGI_DESC= Depend on spawn-fcgi utility VALGRIND_DESC= valgrind support WEBDAV_DESC= WebDAV support @@ -62,12 +57,15 @@ GDBM_CONFIGURE_WITH= gdbm IPV6_CONFIGURE_OFF= --disable-ipv6 LIBEV_CONFIGURE_WITH= libev=${LOCALBASE} LIBEV_LIB_DEPENDS= libev.so:devel/libev -LUA_USES= lua:51+ +LUA_USES= lua LUA_CONFIGURE_WITH= lua LUA_CONFIGURE_ENV= LUA_CFLAGS="-I${LUA_INCDIR}" LUA_LIBS="-L${LUA_LIBDIR} -llua-${LUA_VER}" -MEMCACHE_LIB_DEPENDS= libmemcache.so:databases/libmemcache -MEMCACHE_CONFIGURE_WITH=memcache +MEMCACHED_LIB_DEPENDS= libmemcached.so:databases/libmemcached +MEMCACHED_CONFIGURE_WITH=memcached MYSQLAUTH_IMPLIES= MYSQL +OPENSSL_USES= ssl +OPENSSL_CONFIGURE_WITH= openssl +OPENSSL_CONFIGURE_ON= --with-openssl-includes=${OPENSSLINC} --with-openssl-libs=${OPENSSLLIB} SPAWNFCGI_RUN_DEPENDS= spawn-fcgi:www/spawn-fcgi VALGRIND_BUILD_DEPENDS= valgrind:devel/valgrind VALGRIND_RUN_DEPENDS= valgrind:devel/valgrind @@ -108,32 +106,21 @@ DOCS= AUTHORS COPYING INSTALL NEWS READ PORTDOCS= ${DOCS} .endif -.if ${PORT_OPTIONS:MOPENSSL} -USE_OPENSSL= yes -CONFIGURE_ARGS+= --with-openssl \ - --with-openssl-includes=${OPENSSLINC} \ - --with-openssl-libs=${OPENSSLLIB} -.endif - .if ${PORT_OPTIONS:MMYSQL} -USE_MYSQL= yes +USES+= mysql CONFIGURE_ARGS+= --with-mysql _REQUIRE+= mysql .endif -.if ${PORT_OPTIONS:MMYSQLAUTH} && empty(PORT_OPTIONS:MMYSQL) -IGNORE= option WITH_MYSQLAUTH requires WITH_MYSQL -.endif - .if ${PORT_OPTIONS:MMYSQLAUTH} -EXTRA_PATCHES+= ${FILESDIR}/extra-patch-mysqlauth +EXTRA_PATCHES+= ${FILESDIR}/extra-patch-src_Makefile.am \ + ${FILESDIR}/extra-patch-src_Makefile.in \ + ${FILESDIR}/extra-patch-src_http__auth.c \ + ${FILESDIR}/extra-patch-src_http__auth.h \ + ${FILESDIR}/extra-patch-src_mod__auth.c PORTDOCS+= README.mysqlauth mysql_auth.sql .endif -.if ${PORT_OPTIONS:MNODELAY} -EXTRA_PATCHES+= ${FILESDIR}/extra-patch-nodelay -.endif - .if ${PORT_OPTIONS:MLDAP} USE_OPENLDAP= yes CONFIGURE_ARGS+= --with-ldap @@ -186,19 +173,19 @@ post-install: .endfor ${INSTALL_DATA} ${WRKSRC}/doc/config/vhosts.d/vhosts.template \ ${STAGEDIR}${PREFIX}/etc/lighttpd/vhosts.d/vhosts.template + @${MKDIR} -m 0700 ${STAGEDIR}${LIGHTTPD_LOGROOT} -.if ${PORT_OPTIONS:MDOCS} +post-install-DOCS-on: @${MKDIR} ${STAGEDIR}${DOCSDIR} . for FILE in ${DOCS} ${INSTALL_DATA} ${WRKSRC}/${FILE} ${STAGEDIR}${DOCSDIR}/${FILE} . endfor -.endif -.if ${PORT_OPTIONS:MMYSQLAUTH} + +post-install-MYSQLAUTH-on: + @${MKDIR} ${STAGEDIR}${DOCSDIR} . for FILE in README.mysqlauth mysql_auth.sql ${INSTALL_DATA} ${FILESDIR}/${FILE} ${STAGEDIR}${DOCSDIR}/${FILE} . endfor -.endif - @${MKDIR} -m 0700 ${STAGEDIR}${LIGHTTPD_LOGROOT} test: build @cd ${WRKSRC}/tests && ${SETENV} ${MAKE_ENV} ${MAKE} \ Modified: branches/2016Q3/www/lighttpd/distinfo ============================================================================== --- branches/2016Q3/www/lighttpd/distinfo Wed Aug 3 14:56:02 2016 (r419528) +++ branches/2016Q3/www/lighttpd/distinfo Wed Aug 3 14:57:50 2016 (r419529) @@ -1,6 +1,7 @@ -SHA256 (lighttpd-1.4.39.tar.xz) = 7eb9a1853c3d6dd5851682b0733a729ba4158d6bdff80974d5ef5f1f6887365b -SIZE (lighttpd-1.4.39.tar.xz) = 579180 +TIMESTAMP = 1470040166 +SHA256 (lighttpd-1.4.41.tar.xz) = 4bcc383ef6d6dc7b284f68882d71a178e2986c83c4e85eeb3c8f3b882e346b6c +SIZE (lighttpd-1.4.41.tar.xz) = 623480 +SHA256 (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch) = 4e6768af32ce16033fcb0c70b12c55b40082ca105a36f258b0bbf30d64e9dad3 +SIZE (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch) = 242458 SHA256 (lighttpd-1.4.26_mod_geoip.patch) = 2858036310b778852d9f039a81629902edffc368658e13bf4779f3642ee1a5ba SIZE (lighttpd-1.4.26_mod_geoip.patch) = 15173 -SHA256 (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch) = bc0e1b97289a89b827ea84e64b614933cc14d67c64d6b727e4928aeec516489c -SIZE (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch) = 242421 Copied: branches/2016Q3/www/lighttpd/files/extra-patch-src_Makefile.am (from r418900, head/www/lighttpd/files/extra-patch-src_Makefile.am) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q3/www/lighttpd/files/extra-patch-src_Makefile.am Wed Aug 3 14:57:50 2016 (r419529, copy of r418900, head/www/lighttpd/files/extra-patch-src_Makefile.am) @@ -0,0 +1,11 @@ +--- src/Makefile.am.orig 2016-07-16 10:06:16 UTC ++++ src/Makefile.am +@@ -254,7 +254,7 @@ mod_compress_la_LIBADD = $(Z_LIB) $(BZ_L + lib_LTLIBRARIES += mod_auth.la + mod_auth_la_SOURCES = mod_auth.c http_auth.c + mod_auth_la_LDFLAGS = $(common_module_ldflags) +-mod_auth_la_LIBADD = $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) ++mod_auth_la_LIBADD = ${MYSQL_LIBS} $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) + + lib_LTLIBRARIES += mod_rewrite.la + mod_rewrite_la_SOURCES = mod_rewrite.c Copied: branches/2016Q3/www/lighttpd/files/extra-patch-src_Makefile.in (from r418900, head/www/lighttpd/files/extra-patch-src_Makefile.in) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q3/www/lighttpd/files/extra-patch-src_Makefile.in Wed Aug 3 14:57:50 2016 (r419529, copy of r418900, head/www/lighttpd/files/extra-patch-src_Makefile.in) @@ -0,0 +1,11 @@ +--- src/Makefile.in.orig 2016-07-16 10:10:53 UTC ++++ src/Makefile.in +@@ -1011,7 +1011,7 @@ mod_compress_la_LDFLAGS = $(common_modul + mod_compress_la_LIBADD = $(Z_LIB) $(BZ_LIB) $(common_libadd) + mod_auth_la_SOURCES = mod_auth.c http_auth.c + mod_auth_la_LDFLAGS = $(common_module_ldflags) +-mod_auth_la_LIBADD = $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) ++mod_auth_la_LIBADD = ${MYSQL_LIBS} $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) + mod_rewrite_la_SOURCES = mod_rewrite.c + mod_rewrite_la_LDFLAGS = $(common_module_ldflags) + mod_rewrite_la_LIBADD = $(PCRE_LIB) $(common_libadd) Copied: branches/2016Q3/www/lighttpd/files/extra-patch-src_http__auth.c (from r418900, head/www/lighttpd/files/extra-patch-src_http__auth.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q3/www/lighttpd/files/extra-patch-src_http__auth.c Wed Aug 3 14:57:50 2016 (r419529, copy of r418900, head/www/lighttpd/files/extra-patch-src_http__auth.c) @@ -0,0 +1,193 @@ +--- src/http_auth.c.orig 2016-07-16 10:06:16 UTC ++++ src/http_auth.c +@@ -30,6 +30,7 @@ + #include <errno.h> + #include <unistd.h> + #include <ctype.h> ++#include <mysql/mysql.h> + + #include "md5.h" + +@@ -194,9 +195,119 @@ static int http_auth_get_password(server + fclose(fp); + } else if (p->conf.auth_backend == AUTH_BACKEND_LDAP) { + return 0; +- } ++ } else if (p->conf.auth_backend == AUTH_BACKEND_MYSQL) { ++ MYSQL_RES *result; ++ MYSQL_ROW row; ++ int port = atoi(p->conf.auth_mysql_port->ptr); ++ char q[255]; + +- return -1; ++ if (p->conf.auth_mysql_socket->ptr != NULL) ++ if (0 == strcmp(p->conf.auth_mysql_socket->ptr, "")) p->conf.auth_mysql_socket->ptr = NULL; ++ ++ p->conf.mysql_conn = mysql_init(NULL); ++ ++ if (mysql_real_connect(p->conf.mysql_conn, p->conf.auth_mysql_host->ptr, p->conf.auth_mysql_user->ptr, p->conf.auth_mysql_pass->ptr, p->conf.auth_mysql_db->ptr, port, p->conf.auth_mysql_socket->ptr, 0)) ++ { ++//#define MY_HOSTING ++ ++#ifdef MY_HOSTING ++ char my_full_realm[255]; ++ char *my_realm = NULL; ++ char *my_domain = NULL; ++ ++ char *uname; ++ size_t unamelen; ++ ++ unamelen = strlen(username->ptr); ++ uname = malloc(unamelen*2+1); ++ ++ mysql_real_escape_string(p->conf.mysql_conn, ++ uname, username->ptr, ++ (unsigned long)unamelen); ++ ++ strcpy(my_full_realm, realm->ptr); ++ my_realm = strtok(my_full_realm, "@"); ++ ++ if (my_realm != NULL) ++ my_domain = strtok(NULL, "@"); ++ ++ sprintf(q, "SELECT %s FROM %s, %s WHERE %s='%s' AND %s='%s' AND %s='%s' AND %s=%s", ++ p->conf.auth_mysql_col_pass->ptr, ++ ++ p->conf.auth_mysql_users_table->ptr, ++ p->conf.auth_mysql_domains_table->ptr, ++ ++ p->conf.auth_mysql_col_user->ptr, ++ uname, ++ ++ p->conf.auth_mysql_col_realm->ptr, ++ my_realm, ++ ++ p->conf.auth_mysql_col_domain->ptr, ++ my_domain, ++ ++ p->conf.auth_mysql_domains_table_col_domain_id->ptr, ++ p->conf.auth_mysql_users_table_col_domain_id->ptr ++ ); ++ ++ free(uname); ++#else ++ // sanitize username & realm by taguchi@ff.iij4u.or.jp ++ char *uname, *urealm; ++ size_t unamelen, urealmlen; ++ ++ unamelen = strlen(username->ptr); ++ urealmlen = strlen(realm->ptr); ++ uname = malloc(unamelen*2+1); ++ urealm = malloc(urealmlen*2+1); ++ ++ mysql_real_escape_string(p->conf.mysql_conn, ++ uname, username->ptr, ++ (unsigned long)unamelen); ++ ++ mysql_real_escape_string(p->conf.mysql_conn, ++ urealm, realm->ptr, ++ (unsigned long)unamelen); ++ ++ mysql_real_escape_string(p->conf.mysql_conn, ++ urealm, realm->ptr, ++ (unsigned long)urealmlen); ++ ++ sprintf(q, "SELECT %s FROM %s WHERE %s='%s' AND %s='%s'", ++ p->conf.auth_mysql_col_pass->ptr, ++ p->conf.auth_mysql_users_table->ptr, ++ p->conf.auth_mysql_col_user->ptr, ++ uname, ++ p->conf.auth_mysql_col_realm->ptr, ++ urealm ++ ); ++ ++ free(uname); ++ free(urealm); ++#endif ++ ++ mysql_query(p->conf.mysql_conn, q); ++ result = mysql_store_result(p->conf.mysql_conn); ++ if (mysql_num_rows(result) == 1) ++ { ++ /* found */ ++ row = mysql_fetch_row(result); ++ buffer_copy_string_len(password, row[0], strlen(row[0])); ++ ++ return 0; ++ } else ++ { ++ /* not found */ ++ return -1; ++ } ++ ++ mysql_free_result(result); ++ mysql_close(p->conf.mysql_conn); ++ ++ p->conf.mysql_conn = NULL; ++ } else ++ return -1; ++ } + } + + int http_auth_match_rules(server *srv, array *req, const char *username, const char *group, const char *host) { +@@ -711,6 +822,60 @@ static int http_auth_basic_password_comp + + return 0; + #endif ++ } else if (p->conf.auth_backend == AUTH_BACKEND_MYSQL) { ++ /* ++ we check for md5 crypt() now ++ request by Nicola Tiling <nti@w4w.net> ++ */ ++ if (password->ptr[0] == '$' && password->ptr[2] == '$') ++ { ++ char salt[32]; ++ char *crypted; ++ size_t salt_len = 0; ++ char *dollar = NULL; ++ ++ if (NULL == (dollar = strchr(password->ptr + 3, '$'))) { ++ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__); ++ return -1; ++ } ++ ++ salt_len = dollar - password->ptr; ++ ++ if (salt_len > sizeof(salt) - 1) ++ { ++ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__); ++ return -1; ++ } ++ ++ strncpy(salt, password->ptr, salt_len); ++ ++ salt[salt_len] = '\0'; ++ ++ crypted = crypt(pw, salt); ++ ++ if (0 == strcmp(password->ptr, crypted)) ++ { ++ return 0; ++ } else { ++ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__); ++ } ++ } else ++ /* plain md5 check now */ ++ { ++ li_MD5_CTX Md5Ctx; ++ HASH HA1; ++ char a1[256]; ++ ++ li_MD5_Init(&Md5Ctx); ++ li_MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw)); ++ li_MD5_Final(HA1, &Md5Ctx); ++ ++ CvtHex(HA1, a1); ++ ++ if (0 == strcmp(password->ptr, a1)) { ++ return 0; ++ } ++ } + } + return -1; + } Copied: branches/2016Q3/www/lighttpd/files/extra-patch-src_http__auth.h (from r418900, head/www/lighttpd/files/extra-patch-src_http__auth.h) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q3/www/lighttpd/files/extra-patch-src_http__auth.h Wed Aug 3 14:57:50 2016 (r419529, copy of r418900, head/www/lighttpd/files/extra-patch-src_http__auth.h) @@ -0,0 +1,43 @@ +--- src/http_auth.h.orig 2016-07-16 10:06:16 UTC ++++ src/http_auth.h +@@ -9,13 +9,15 @@ + # define USE_LDAP + # include <ldap.h> + #endif ++#include <mysql/mysql.h> + + typedef enum { + AUTH_BACKEND_UNSET, + AUTH_BACKEND_PLAIN, + AUTH_BACKEND_LDAP, + AUTH_BACKEND_HTPASSWD, +- AUTH_BACKEND_HTDIGEST ++ AUTH_BACKEND_HTDIGEST, ++ AUTH_BACKEND_MYSQL + } auth_backend_t; + + typedef struct { +@@ -50,6 +52,23 @@ typedef struct { + buffer *ldap_filter_pre; + buffer *ldap_filter_post; + #endif ++ ++ MYSQL *mysql_conn; ++ buffer *auth_mysql_host; ++ buffer *auth_mysql_user; ++ buffer *auth_mysql_pass; ++ buffer *auth_mysql_db; ++ buffer *auth_mysql_port; ++ buffer *auth_mysql_socket; ++ buffer *auth_mysql_users_table; ++ buffer *auth_mysql_col_user; ++ buffer *auth_mysql_col_pass; ++ buffer *auth_mysql_col_realm; ++ buffer *auth_mysql_domains_table; ++ buffer *auth_mysql_col_domain; ++ buffer *auth_mysql_domains_table_col_domain_id; ++ buffer *auth_mysql_users_table_col_domain_id; ++ + } mod_auth_plugin_config; + + typedef struct { Copied: branches/2016Q3/www/lighttpd/files/extra-patch-src_mod__auth.c (from r418900, head/www/lighttpd/files/extra-patch-src_mod__auth.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q3/www/lighttpd/files/extra-patch-src_mod__auth.c Wed Aug 3 14:57:50 2016 (r419529, copy of r418900, head/www/lighttpd/files/extra-patch-src_mod__auth.c) @@ -0,0 +1,200 @@ +--- src/mod_auth.c.orig 2016-07-16 10:06:16 UTC ++++ src/mod_auth.c +@@ -13,6 +13,7 @@ + #include <errno.h> + #include <fcntl.h> + #include <unistd.h> ++#include <mysql/mysql.h> + + handler_t auth_ldap_init(server *srv, mod_auth_plugin_config *s); + +@@ -84,6 +85,19 @@ FREE_FUNC(mod_auth_free) { + + if (s->ldap) ldap_unbind_s(s->ldap); + #endif ++ buffer_free(s->auth_mysql_host); ++ buffer_free(s->auth_mysql_user); ++ buffer_free(s->auth_mysql_pass); ++ buffer_free(s->auth_mysql_db); ++ buffer_free(s->auth_mysql_socket); ++ buffer_free(s->auth_mysql_users_table); ++ buffer_free(s->auth_mysql_col_user); ++ buffer_free(s->auth_mysql_col_pass); ++ buffer_free(s->auth_mysql_col_realm); ++ buffer_free(s->auth_mysql_domains_table); ++ buffer_free(s->auth_mysql_col_domain); ++ buffer_free(s->auth_mysql_domains_table_col_domain_id); ++ buffer_free(s->auth_mysql_users_table_col_domain_id); + + free(s); + } +@@ -122,6 +136,21 @@ static int mod_auth_patch_connection(ser + PATCH(ldap_filter_post); + #endif + ++ PATCH(auth_mysql_host); ++ PATCH(auth_mysql_user); ++ PATCH(auth_mysql_pass); ++ PATCH(auth_mysql_db); ++ PATCH(auth_mysql_port); ++ PATCH(auth_mysql_socket); ++ PATCH(auth_mysql_users_table); ++ PATCH(auth_mysql_col_user); ++ PATCH(auth_mysql_col_pass); ++ PATCH(auth_mysql_col_realm); ++ PATCH(auth_mysql_domains_table); ++ PATCH(auth_mysql_col_domain); ++ PATCH(auth_mysql_domains_table_col_domain_id); ++ PATCH(auth_mysql_users_table_col_domain_id); ++ + /* skip the first, the global context */ + for (i = 1; i < srv->config_context->used; i++) { + data_config *dc = (data_config *)srv->config_context->data[i]; +@@ -171,6 +200,34 @@ static int mod_auth_patch_connection(ser + PATCH(auth_ldap_bindpw); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.allow-empty-pw"))) { + PATCH(auth_ldap_allow_empty_pw); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.host"))) { ++ PATCH(auth_mysql_host); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.user"))) { ++ PATCH(auth_mysql_user); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.pass"))) { ++ PATCH(auth_mysql_pass); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.db"))) { ++ PATCH(auth_mysql_db); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.port"))) { ++ PATCH(auth_mysql_port); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.socket"))) { ++ PATCH(auth_mysql_user); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.users_table"))) { ++ PATCH(auth_mysql_users_table); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_user"))) { ++ PATCH(auth_mysql_col_user); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_pass"))) { ++ PATCH(auth_mysql_col_pass); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_realm"))) { ++ PATCH(auth_mysql_col_realm); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.domains_table"))) { ++ PATCH(auth_mysql_domains_table); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_domain"))) { ++ PATCH(auth_mysql_col_domain); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.domains_table_col_domain_id"))) { ++ PATCH(auth_mysql_domains_table_col_domain_id); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.users_table_col_domain_id"))) { ++ PATCH(auth_mysql_users_table_col_domain_id); + } + } + } +@@ -362,10 +419,25 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) + { "auth.backend.ldap.starttls", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 8 */ + { "auth.backend.ldap.bind-dn", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 9 */ + { "auth.backend.ldap.bind-pw", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 10 */ +- { "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 11 */ ++ { "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, + { "auth.backend.htdigest.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 12 */ + { "auth.backend.htpasswd.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 13 */ + { "auth.debug", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 14 */ ++ { "auth.backend.mysql.host", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.user", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.pass", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.db", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.port", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.socket", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.users_table", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.col_user", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.col_pass", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.col_realm", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 23 */ ++ { "auth.backend.mysql.domains_table", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.col_domain", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.domains_table_col_domain_id", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.users_table_col_domain_id", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 27 */ ++ + { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } + }; + +@@ -394,6 +466,22 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) + s->auth_debug = 0; + + s->auth_require = array_init(); ++ s->mysql_conn = NULL; ++ s->auth_mysql_host = buffer_init(); ++ s->auth_mysql_user = buffer_init(); ++ s->auth_mysql_pass = buffer_init(); ++ s->auth_mysql_db = buffer_init(); ++ s->auth_mysql_port = buffer_init(); ++ s->auth_mysql_socket = buffer_init(); ++ s->auth_mysql_users_table = buffer_init(); ++ s->auth_mysql_col_user = buffer_init(); ++ s->auth_mysql_col_pass = buffer_init(); ++ s->auth_mysql_col_realm = buffer_init(); ++ s->auth_mysql_domains_table = buffer_init(); ++ s->auth_mysql_col_domain = buffer_init(); ++ s->auth_mysql_domains_table_col_domain_id = buffer_init(); ++ s->auth_mysql_users_table_col_domain_id = buffer_init(); ++ + + #ifdef USE_LDAP + s->ldap_filter_pre = buffer_init(); +@@ -416,7 +504,20 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) + cv[12].destination = s->auth_htdigest_userfile; + cv[13].destination = s->auth_htpasswd_userfile; + cv[14].destination = &(s->auth_debug); +- ++ cv[15].destination = s->auth_mysql_host; ++ cv[16].destination = s->auth_mysql_user; ++ cv[17].destination = s->auth_mysql_pass; ++ cv[18].destination = s->auth_mysql_db; ++ cv[19].destination = s->auth_mysql_port; ++ cv[20].destination = s->auth_mysql_socket; ++ cv[21].destination = s->auth_mysql_users_table; ++ cv[22].destination = s->auth_mysql_col_user; ++ cv[23].destination = s->auth_mysql_col_pass; ++ cv[24].destination = s->auth_mysql_col_realm; ++ cv[25].destination = s->auth_mysql_domains_table; ++ cv[26].destination = s->auth_mysql_col_domain; ++ cv[27].destination = s->auth_mysql_domains_table_col_domain_id; ++ cv[28].destination = s->auth_mysql_users_table_col_domain_id; + p->config_storage[i] = s; + + if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { +@@ -432,6 +533,8 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) + s->auth_backend = AUTH_BACKEND_PLAIN; + } else if (0 == strcmp(s->auth_backend_conf->ptr, "ldap")) { + s->auth_backend = AUTH_BACKEND_LDAP; ++ } else if (0 == strcmp(s->auth_backend_conf->ptr, "mysql")) { ++ s->auth_backend = AUTH_BACKEND_MYSQL; + } else { + log_error_write(srv, __FILE__, __LINE__, "sb", "auth.backend not supported:", s->auth_backend_conf); + +@@ -573,6 +676,31 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) + return (ret); + break; + } ++ case AUTH_BACKEND_MYSQL: { ++ int port = atoi(s->auth_mysql_port->ptr); ++ ++ /* ignore if auth_mysql_socket is invalid */ ++ if (p->conf.auth_mysql_socket == NULL) ++ return HANDLER_GO_ON; ++ if (p->conf.auth_mysql_socket->ptr != NULL) ++ if (0 == strcmp(s->auth_mysql_socket->ptr, "")) s->auth_mysql_socket->ptr = NULL; ++ ++ s->mysql_conn = mysql_init(NULL); ++ if (!mysql_real_connect(s->mysql_conn, s->auth_mysql_host->ptr, s->auth_mysql_user->ptr, s->auth_mysql_pass->ptr, s->auth_mysql_db->ptr, port, NULL, 0)) ++ { ++ log_error_write(srv, __FILE__, __LINE__, "sbsbsbsbss", ++ "opening connection to mysql:", s->auth_mysql_host, ++ "user:", s->auth_mysql_user, ++ "pass:", s->auth_mysql_pass, ++ "db:", s->auth_mysql_db, ++ "failed:", strerror(errno)); ++ ++ return HANDLER_ERROR; ++ } ++ mysql_close(s->mysql_conn); ++ ++ break; ++ } + default: + break; + }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608031457.u73Evoia030003>