MCPcopy Create free account
hub / github.com/apache/httpd / check_password

Function check_password

modules/aaa/mod_authn_file.c:58–111  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

56module AP_MODULE_DECLARE_DATA authn_file_module;
57
58static authn_status check_password(request_rec *r, const char *user,
59 const char *password)
60{
61 authn_file_config_rec *conf = ap_get_module_config(r->per_dir_config,
62 &authn_file_module);
63 ap_configfile_t *f;
64 char l[MAX_STRING_LEN];
65 apr_status_t status;
66 char *file_password = NULL;
67
68 if (!conf->pwfile) {
69 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01619)
70 "AuthUserFile not specified in the configuration");
71 return AUTH_GENERAL_ERROR;
72 }
73
74 status = ap_pcfg_openfile(&f, r->pool, conf->pwfile);
75
76 if (status != APR_SUCCESS) {
77 ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, APLOGNO(01620)
78 "Could not open password file: %s", conf->pwfile);
79 return AUTH_GENERAL_ERROR;
80 }
81
82 while (!(ap_cfg_getline(l, MAX_STRING_LEN, f))) {
83 const char *rpw, *w;
84
85 /* Skip # or blank lines. */
86 if ((l[0] == '#') || (!l[0])) {
87 continue;
88 }
89
90 rpw = l;
91 w = ap_getword(r->pool, &rpw, ':');
92
93 if (!strcmp(user, w)) {
94 file_password = ap_getword(r->pool, &rpw, ':');
95 break;
96 }
97 }
98 ap_cfg_closefile(f);
99
100 if (!file_password) {
101 return AUTH_USER_NOT_FOUND;
102 }
103 AUTHN_CACHE_STORE(r, user, NULL, file_password);
104
105 status = apr_password_validate(password, file_password);
106 if (status != APR_SUCCESS) {
107 return AUTH_DENIED;
108 }
109
110 return AUTH_GRANTED;
111}
112
113static authn_status get_realm_hash(request_rec *r, const char *user,
114 const char *realm, char **rethash)

Callers

nothing calls this directly

Calls 4

ap_get_module_configFunction · 0.85
ap_cfg_getlineFunction · 0.85
ap_getwordFunction · 0.85
ap_cfg_closefileFunction · 0.85

Tested by

no test coverage detected