| 133 | module AP_MODULE_DECLARE_DATA authn_anon_module; |
| 134 | |
| 135 | static authn_status check_anonymous(request_rec *r, const char *user, |
| 136 | const char *sent_pw) |
| 137 | { |
| 138 | authn_anon_config_rec *conf = ap_get_module_config(r->per_dir_config, |
| 139 | &authn_anon_module); |
| 140 | authn_status res = AUTH_USER_NOT_FOUND; |
| 141 | |
| 142 | /* Ignore if we are not configured */ |
| 143 | if (!conf->users && !conf->anyuserid) { |
| 144 | return AUTH_USER_NOT_FOUND; |
| 145 | } |
| 146 | |
| 147 | /* Do we allow an empty userID and/or is it the magic one |
| 148 | */ |
| 149 | if (!*user) { |
| 150 | if (conf->nouserid) { |
| 151 | res = AUTH_USER_FOUND; |
| 152 | } |
| 153 | } |
| 154 | else if (conf->anyuserid) { |
| 155 | res = AUTH_USER_FOUND; |
| 156 | } |
| 157 | else { |
| 158 | anon_auth_user *p = conf->users; |
| 159 | |
| 160 | while (p) { |
| 161 | if (!strcasecmp(user, p->user)) { |
| 162 | res = AUTH_USER_FOUND; |
| 163 | break; |
| 164 | } |
| 165 | p = p->next; |
| 166 | } |
| 167 | } |
| 168 | |
| 169 | /* Now if the supplied user-ID was ok, grant access if: |
| 170 | * (a) no passwd was sent and no password and no verification |
| 171 | * were configured. |
| 172 | * (b) password was sent and no verification was configured |
| 173 | * (c) verification was configured and the password (sent or not) |
| 174 | * looks like an email address |
| 175 | */ |
| 176 | if ( (res == AUTH_USER_FOUND) |
| 177 | && (!conf->mustemail || *sent_pw) |
| 178 | && ( !conf->verifyemail |
| 179 | || (ap_strchr_c(sent_pw, '@') && ap_strchr_c(sent_pw, '.')))) |
| 180 | { |
| 181 | if (conf->logemail && ap_is_initial_req(r)) { |
| 182 | ap_log_rerror(APLOG_MARK, APLOG_INFO, APR_SUCCESS, r, APLOGNO(01672) |
| 183 | "Anonymous: Passwd <%s> Accepted", |
| 184 | sent_pw ? sent_pw : "\'none\'"); |
| 185 | } |
| 186 | |
| 187 | return AUTH_GRANTED; |
| 188 | } |
| 189 | |
| 190 | return (res == AUTH_USER_NOT_FOUND ? res : AUTH_DENIED); |
| 191 | } |
| 192 |
nothing calls this directly
no test coverage detected