MCPcopy Create free account
hub / github.com/apache/httpd / host_check_authorization

Function host_check_authorization

modules/aaa/mod_authz_host.c:163–225  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

161}
162
163static authz_status host_check_authorization(request_rec *r,
164 const char *require_line,
165 const void *parsed_require_line)
166{
167 const char *t, *w;
168 const char *remotehost = NULL;
169 int remotehost_is_ip;
170
171 remotehost = ap_get_useragent_host(r, REMOTE_DOUBLE_REV, &remotehost_is_ip);
172
173 if ((remotehost == NULL) || remotehost_is_ip) {
174 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01753)
175 "access check of '%s' to %s failed, reason: unable to get the "
176 "remote host name", require_line, r->uri);
177 }
178 else {
179 const char *err = NULL;
180 const ap_expr_info_t *expr = parsed_require_line;
181 const char *require;
182
183 require = ap_expr_str_exec(r, expr, &err);
184 if (err) {
185 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02593)
186 "authz_host authorize: require host: Can't "
187 "evaluate require expression: %s", err);
188 return AUTHZ_DENIED;
189 }
190
191 /* The 'host' provider will allow the configuration to specify a list of
192 host names to check rather than a single name. This is different
193 from the previous host based syntax. */
194 t = require;
195
196 /* '#' is not a valid hostname character and admin could
197 * specify 'Require host localhost# Add example.com later'. We
198 * should not grant access to 'example.com' in that case. */
199 w = ap_strchr_c(t, '#');
200 if (w) {
201 if (w == t) {
202 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10120)
203 "authz_host authorize: dubious empty "
204 "'Require host %s' with only comment", t);
205 return AUTHZ_DENIED;
206 }
207
208 ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(10121)
209 "authz_host authorize: ignoring comment in "
210 "'Require host %s'", t);
211
212 /* Truncate the string at the #. */
213 t = apr_pstrmemdup(r->pool, t, w - t);
214 }
215
216 while ((w = ap_getword_conf(r->pool, &t)) && w[0]) {
217 if (in_domain(w, remotehost)) {
218 return AUTHZ_GRANTED;
219 }
220 }

Callers

nothing calls this directly

Calls 5

ap_get_useragent_hostFunction · 0.85
ap_expr_str_execFunction · 0.85
ap_strchr_cFunction · 0.85
ap_getword_confFunction · 0.85
in_domainFunction · 0.70

Tested by

no test coverage detected