sec->secure);
}
else {
- ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
"[%d] auth_ldap authenticate: no sec->host - weird...?", getpid());
return AUTH_GENERAL_ERROR;
}
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authenticate: using URL %s", getpid(), sec->url);
/* Get the password that the client sent */
if (password == NULL) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authenticate: no password specified", getpid());
util_ldap_connection_close(ldc);
return AUTH_GENERAL_ERROR;
}
if (user == NULL) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authenticate: no user specified", getpid());
util_ldap_connection_close(ldc);
return AUTH_GENERAL_ERROR;
/* handle bind failure */
if (result != LDAP_SUCCESS) {
- ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
"[%d] auth_ldap authenticate: "
"user %s authentication failed; URI %s [%s][%s]",
getpid(), user, r->uri, ldc->reason, ldap_err2string(result));
}
}
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authenticate: accepting %s", getpid(), user);
return AUTH_GRANTED;
apr_pool_cleanup_null);
}
else {
- ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
"[%d] auth_ldap authorise: no sec->host - weird...?", getpid());
return sec->auth_authoritative? HTTP_UNAUTHORIZED : DECLINED;
}
}
if (!reqs_arr) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: no requirements array", getpid());
return sec->auth_authoritative? HTTP_UNAUTHORIZED : DECLINED;
}
/* Check that we have a userid to start with */
if ((!r->user) || (strlen(r->user) == 0)) {
- ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
"ldap authorize: Userid is blank, AuthType=%s",
r->ap_auth_type);
}
if(!req) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"ldap authorize: Creating LDAP req structure");
/* Build the username filter */
/* Search failed, log error and return failure */
if(result != LDAP_SUCCESS) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"auth_ldap authorise: User DN not found, %s", ldc->reason);
return sec->auth_authoritative? HTTP_UNAUTHORIZED : DECLINED;
}
if (strcmp(w, "ldap-user") == 0) {
if (req->dn == NULL || strlen(req->dn) == 0) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: "
"require user: user's DN has not been defined; failing authorisation",
getpid());
result = util_ldap_cache_compare(r, ldc, sec->url, req->dn, sec->attribute, t);
switch(result) {
case LDAP_COMPARE_TRUE: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: "
"require user: authorisation successful", getpid());
return OK;
}
default: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: require user: "
"authorisation failed [%s][%s]", getpid(),
ldc->reason, ldap_err2string(result));
result = util_ldap_cache_compare(r, ldc, sec->url, req->dn, sec->attribute, w);
switch(result) {
case LDAP_COMPARE_TRUE: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: "
"require user: authorisation successful", getpid());
return OK;
}
default: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: "
"require user: authorisation failed [%s][%s]",
getpid(), ldc->reason, ldap_err2string(result));
}
else if (strcmp(w, "ldap-dn") == 0) {
if (req->dn == NULL || strlen(req->dn) == 0) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: "
"require dn: user's DN has not been defined; failing authorisation",
getpid());
result = util_ldap_cache_comparedn(r, ldc, sec->url, req->dn, t, sec->compare_dn_on_server);
switch(result) {
case LDAP_COMPARE_TRUE: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: "
"require dn: authorisation successful", getpid());
return OK;
}
default: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: "
"require dn \"%s\": LDAP error [%s][%s]",
getpid(), t, ldc->reason, ldap_err2string(result));
if (sec->group_attrib_is_dn) {
if (req->dn == NULL || strlen(req->dn) == 0) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: require group: user's DN has not been defined; failing authorisation",
getpid());
return sec->auth_authoritative? HTTP_UNAUTHORIZED : DECLINED;
}
}
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: require group: testing for group membership in \"%s\"",
getpid(), t);
for (i = 0; i < sec->groupattr->nelts; i++) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: require group: testing for %s: %s (%s)", getpid(),
ent[i].name, sec->group_attrib_is_dn ? req->dn : req->user, t);
sec->group_attrib_is_dn ? req->dn : req->user);
switch(result) {
case LDAP_COMPARE_TRUE: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: require group: "
"authorisation successful (attribute %s) [%s][%s]",
getpid(), ent[i].name, ldc->reason, ldap_err2string(result));
return OK;
}
default: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: require group \"%s\": "
"authorisation failed [%s][%s]",
getpid(), t, ldc->reason, ldap_err2string(result));
w = ap_getword(r->pool, &t, '=');
value = ap_getword_conf(r->pool, &t);
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: checking attribute"
" %s has value %s", getpid(), w, value);
result = util_ldap_cache_compare(r, ldc, sec->url, req->dn,
w, value);
switch(result) {
case LDAP_COMPARE_TRUE: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG,
0, r, "[%d] auth_ldap authorise: "
"require attribute: authorisation "
"successful", getpid());
return OK;
}
default: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG,
0, r, "[%d] auth_ldap authorise: "
"require attribute: authorisation "
"failed [%s][%s]", getpid(),
}
else if (strcmp(w, "ldap-filter") == 0) {
if (t[0]) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: checking filter %s",
getpid(), t);
/* Make sure that the filtered search returned the correct user dn */
if (result == LDAP_SUCCESS) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: checking dn match %s",
getpid(), dn);
result = util_ldap_cache_comparedn(r, ldc, sec->url, req->dn, dn,
switch(result) {
case LDAP_COMPARE_TRUE: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG,
0, r, "[%d] auth_ldap authorise: "
"require ldap-filter: authorisation "
"successful", getpid());
return OK;
}
case LDAP_FILTER_ERROR: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG,
0, r, "[%d] auth_ldap authorise: "
"require ldap-filter: %s authorisation "
"failed [%s][%s]", getpid(),
break;
}
default: {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG,
0, r, "[%d] auth_ldap authorise: "
"require ldap-filter: authorisation "
"failed [%s][%s]", getpid(),
}
if (!method_restricted) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: agreeing because non-restricted",
getpid());
return OK;
}
if (!sec->auth_authoritative) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: declining to authorise", getpid());
return DECLINED;
}
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"[%d] auth_ldap authorise: authorisation denied", getpid());
ap_note_basic_auth_failure (r);
authn_ldap_config_t *sec = config;
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0,
cmd->server, "[%d] auth_ldap url parse: `%s'", getpid(), url);
rc = apr_ldap_url_parse(cmd->pool, url, &(urld), &(result));
}
sec->url = apr_pstrdup(cmd->pool, url);
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0,
cmd->server, "[%d] auth_ldap url parse: Host: %s", getpid(), urld->lud_host);
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0,
cmd->server, "[%d] auth_ldap url parse: Port: %d", getpid(), urld->lud_port);
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0,
cmd->server, "[%d] auth_ldap url parse: DN: %s", getpid(), urld->lud_dn);
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0,
cmd->server, "[%d] auth_ldap url parse: attrib: %s", getpid(), urld->lud_attrs? urld->lud_attrs[0] : "(null)");
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0,
cmd->server, "[%d] auth_ldap url parse: scope: %s", getpid(),
(urld->lud_scope == LDAP_SCOPE_SUBTREE? "subtree" :
urld->lud_scope == LDAP_SCOPE_BASE? "base" :
urld->lud_scope == LDAP_SCOPE_ONELEVEL? "onelevel" : "unknown"));
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0,
cmd->server, "[%d] auth_ldap url parse: filter: %s", getpid(), urld->lud_filter);
/* Set all the values, or at least some sane defaults */
{
sec->secure = APR_LDAP_SSL;
sec->port = urld->lud_port? urld->lud_port : LDAPS_PORT;
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
"LDAP: auth_ldap using SSL connections");
}
else
/* make sure that mod_ldap (util_ldap) is loaded */
if (ap_find_linked_module("util_ldap.c") == NULL) {
- ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, s,
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
"Module mod_ldap missing. Mod_ldap (aka. util_ldap) "
"must be loaded in order for mod_auth_ldap to function properly");
return HTTP_INTERNAL_SERVER_ERROR;
}
if (newstr) {
- *str = calloc(1, strlen(newstr)+1);
- strcpy (*str, newstr);
+ *str = strdup(newstr);
}
}
st->cache_bytes = atol(bytes);
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
"[%" APR_PID_T_FMT "] ldap cache: Setting shared memory "
" cache size to %" APR_SIZE_T_FMT " bytes.",
getpid(), st->cache_bytes);
st->cache_file = NULL;
}
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
"LDAP cache: Setting shared memory cache file to %s bytes.",
st->cache_file);
st->search_cache_ttl = atol(ttl) * 1000000;
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
"[%d] ldap cache: Setting cache TTL to %ld microseconds.",
getpid(), st->search_cache_ttl);
st->search_cache_size = 0;
}
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
"[%d] ldap cache: Setting search cache size to %ld entries.",
getpid(), st->search_cache_size);
st->compare_cache_ttl = atol(ttl) * 1000000;
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
"[%d] ldap cache: Setting operation cache TTL to %ld microseconds.",
getpid(), st->compare_cache_ttl);
st->compare_cache_size = 0;
}
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
"[%d] ldap cache: Setting operation cache size to %ld "
"entries.", getpid(), st->compare_cache_size);
return "Certificate type was not specified.";
}
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
"LDAP: SSL trusted global cert - %s (type %s)",
file, type);
return "Certificate type was not specified.";
}
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
"LDAP: SSL trusted client cert - %s (type %s)",
file, type);
(util_ldap_state_t *)ap_get_module_config(cmd->server->module_config,
&ldap_module);
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
"LDAP: SSL trusted mode - %s",
mode);
(util_ldap_state_t *)ap_get_module_config(cmd->server->module_config,
&ldap_module);
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
"LDAP: SSL verify server certificate - %s",
mode?"TRUE":"FALSE");
#ifdef LDAP_OPT_NETWORK_TIMEOUT
st->connectionTimeout = atol(ttl);
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, cmd->server,
"[%d] ldap connection: Setting connection timeout to "
"%ld seconds.", getpid(), st->connectionTimeout);
#else
st_vhost->cache_shm = st->cache_shm;
st_vhost->cache_rmm = st->cache_rmm;
st_vhost->cache_file = st->cache_file;
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, result, s,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, result, s,
"LDAP merging Shared Cache conf: shm=0x%pp rmm=0x%pp "
"for VHOST: %s", st->cache_shm, st->cache_rmm,
s_vhost->server_hostname);
return;
}
else {
- ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, s,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
"Initialisation of global mutex %s in child process %"
APR_PID_T_FMT
" successful.",