From 559c6ae0189ae365e4cd68a24948c1c58bc2457a Mon Sep 17 00:00:00 2001 From: Joe Orton Date: Mon, 27 Jun 2011 09:27:04 +0000 Subject: [PATCH] Fix load order dependencies in LDAP code by switching to use of APR optional functions for the inter-module API: * modules/ldap/ldap_private.h: New file, containing "real" function declarations, copied from... * include/ap_ldap.h.in, include/ap_ldap_url.h, include/ap_ldap_option.h, include/ap_ldap_init.h, include/ap_ldap_rebind.h: ... here. All declarations changed to APR optional function declarations. * modules/ldap/util_ldap.c (util_ldap_register_hooks): Register all the new optional functions. * modules/aaa/mod_authnz_ldap.c (ImportULDAPOptFn): Pick up optional function stub for ap_ldap_url_parse. (mod_auth_ldap_parse_url): Use it here. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1140069 13f79535-47bb-0310-9956-ffa450edef68 --- include/ap_ldap.h.in | 21 +--------- include/ap_ldap.hw | 21 +--------- include/ap_ldap_init.h | 28 +++++++------ include/ap_ldap_option.h | 20 +++++----- include/ap_ldap_rebind.h | 12 +++--- include/ap_ldap_url.h | 24 ++++++------ modules/aaa/mod_authnz_ldap.c | 4 +- modules/ldap/ldap_private.h | 74 +++++++++++++++++++++++++++++++++++ modules/ldap/util_ldap.c | 17 ++++++++ 9 files changed, 140 insertions(+), 81 deletions(-) create mode 100644 modules/ldap/ldap_private.h diff --git a/include/ap_ldap.h.in b/include/ap_ldap.h.in index 130c6dd016..409d4c67a5 100644 --- a/include/ap_ldap.h.in +++ b/include/ap_ldap.h.in @@ -30,26 +30,7 @@ * @{ */ -/* Create a set of LDAP_DECLARE macros with appropriate export - * and import tags for the platform - */ -#if !defined(WIN32) -#define LDAP_DECLARE(type) type -#define LDAP_DECLARE_NONSTD(type) type -#define LDAP_DECLARE_DATA -#elif defined(LDAP_DECLARE_STATIC) -#define LDAP_DECLARE(type) type __stdcall -#define LDAP_DECLARE_NONSTD(type) type -#define LDAP_DECLARE_DATA -#elif defined(LDAP_DECLARE_EXPORT) -#define LDAP_DECLARE(type) __declspec(dllexport) type __stdcall -#define LDAP_DECLARE_NONSTD(type) __declspec(dllexport) type -#define LDAP_DECLARE_DATA __declspec(dllexport) -#else -#define LDAP_DECLARE(type) __declspec(dllimport) type __stdcall -#define LDAP_DECLARE_NONSTD(type) __declspec(dllimport) type -#define LDAP_DECLARE_DATA __declspec(dllimport) -#endif +#include "apr_optional.h" /* identify the LDAP toolkit used */ #define AP_HAS_NETSCAPE_LDAPSDK @ap_has_ldap_netscape@ diff --git a/include/ap_ldap.hw b/include/ap_ldap.hw index 36e21abd86..b64b4f4ae4 100644 --- a/include/ap_ldap.hw +++ b/include/ap_ldap.hw @@ -30,26 +30,7 @@ * @{ */ -/* Create a set of LDAP_DECLARE macros with appropriate export - * and import tags for the platform - */ -#if !defined(WIN32) -#define LDAP_DECLARE(type) type -#define LDAP_DECLARE_NONSTD(type) type -#define LDAP_DECLARE_DATA -#elif defined(LDAP_DECLARE_STATIC) -#define LDAP_DECLARE(type) type __stdcall -#define LDAP_DECLARE_NONSTD(type) type -#define LDAP_DECLARE_DATA -#elif defined(LDAP_DECLARE_EXPORT) -#define LDAP_DECLARE(type) __declspec(dllexport) type __stdcall -#define LDAP_DECLARE_NONSTD(type) __declspec(dllexport) type -#define LDAP_DECLARE_DATA __declspec(dllexport) -#else -#define LDAP_DECLARE(type) __declspec(dllimport) type __stdcall -#define LDAP_DECLARE_NONSTD(type) __declspec(dllimport) type -#define LDAP_DECLARE_DATA __declspec(dllimport) -#endif +#include "apr_optional.h" /* this will be defined if LDAP support was compiled into apr-util */ #define AP_HAS_LDAP 1 diff --git a/include/ap_ldap_init.h b/include/ap_ldap_init.h index 0fe0bcc6c1..440f318350 100644 --- a/include/ap_ldap_init.h +++ b/include/ap_ldap_init.h @@ -86,10 +86,12 @@ extern "C" { * ap_ldap_set_option() AP_LDAP_OPT_TLS_CERT option for details. * @param result_err The returned result */ -LDAP_DECLARE(int) ap_ldap_ssl_init(apr_pool_t *pool, - const char *cert_auth_file, - int cert_file_type, - ap_ldap_err_t **result_err); +APR_DECLARE_OPTIONAL_FN(int, ap_ldap_ssl_init, + (apr_pool_t *pool, + const char *cert_auth_file, + int cert_file_type, + ap_ldap_err_t **result_err)); + /** * LDAP SSL De-Initialise function @@ -100,7 +102,7 @@ LDAP_DECLARE(int) ap_ldap_ssl_init(apr_pool_t *pool, * @todo currently we do not check whether ap_ldap_ssl_init() * has been called first - we probably should. */ -LDAP_DECLARE(int) ap_ldap_ssl_deinit(void); +APR_DECLARE_OPTIONAL_FN(int, ap_ldap_ssl_deinit, (void)); /** * LDAP initialise function @@ -136,12 +138,12 @@ LDAP_DECLARE(int) ap_ldap_ssl_deinit(void); * @param secure The security mode to set * @param result_err The returned result */ -LDAP_DECLARE(int) ap_ldap_init(apr_pool_t *pool, - LDAP **ldap, - const char *hostname, - int portno, - int secure, - ap_ldap_err_t **result_err); +APR_DECLARE_OPTIONAL_FN(int, ap_ldap_init, (apr_pool_t *pool, + LDAP **ldap, + const char *hostname, + int portno, + int secure, + ap_ldap_err_t **result_err)); /** * LDAP info function @@ -151,8 +153,8 @@ LDAP_DECLARE(int) ap_ldap_init(apr_pool_t *pool, * @param pool The pool to use * @param result_err The returned result */ -LDAP_DECLARE(int) ap_ldap_info(apr_pool_t *pool, - ap_ldap_err_t **result_err); +APR_DECLARE_OPTIONAL_FN(int, ap_ldap_info, (apr_pool_t *pool, + ap_ldap_err_t **result_err)); #ifdef __cplusplus } diff --git a/include/ap_ldap_option.h b/include/ap_ldap_option.h index 6e73e5044f..b0c30af23e 100644 --- a/include/ap_ldap_option.h +++ b/include/ap_ldap_option.h @@ -214,11 +214,11 @@ struct ap_ldap_opt_tls_cert_t { * @param result_err The ap_ldap_err_t structure contained detailed results * of the operation. */ -LDAP_DECLARE(int) ap_ldap_get_option(apr_pool_t *pool, - LDAP *ldap, - int option, - void *outvalue, - ap_ldap_err_t **result_err); +APR_DECLARE_OPTIONAL_FN(int, ap_ldap_get_option, (apr_pool_t *pool, + LDAP *ldap, + int option, + void *outvalue, + ap_ldap_err_t **result_err)); /** * LDAP set option function @@ -236,11 +236,11 @@ LDAP_DECLARE(int) ap_ldap_get_option(apr_pool_t *pool, * @param result_err The ap_ldap_err_t structure contained detailed results * of the operation. */ -LDAP_DECLARE(int) ap_ldap_set_option(apr_pool_t *pool, - LDAP *ldap, - int option, - const void *invalue, - ap_ldap_err_t **result_err); +APR_DECLARE_OPTIONAL_FN(int, ap_ldap_set_option, (apr_pool_t *pool, + LDAP *ldap, + int option, + const void *invalue, + ap_ldap_err_t **result_err)); #ifdef __cplusplus } diff --git a/include/ap_ldap_rebind.h b/include/ap_ldap_rebind.h index 7bc5a5cda9..f0090d30e9 100644 --- a/include/ap_ldap_rebind.h +++ b/include/ap_ldap_rebind.h @@ -48,7 +48,7 @@ * This function creates the lock for controlling access to the xref list.. * @param pool Pool to use when creating the xref_lock. */ -LDAP_DECLARE(apr_status_t) ap_ldap_rebind_init(apr_pool_t *pool); +APR_DECLARE_OPTIONAL_FN(apr_status_t, ap_ldap_rebind_init, (apr_pool_t *pool)); /** @@ -72,10 +72,10 @@ LDAP_DECLARE(apr_status_t) ap_ldap_rebind_init(apr_pool_t *pool); * @param bindPW The bind Password to be used for any binds while * chasing referrals on this ldap connection. */ -LDAP_DECLARE(apr_status_t) ap_ldap_rebind_add(apr_pool_t *pool, - LDAP *ld, - const char *bindDN, - const char *bindPW); +APR_DECLARE_OPTIONAL_FN(apr_status_t, ap_ldap_rebind_add, (apr_pool_t *pool, + LDAP *ld, + const char *bindDN, + const char *bindPW)); /** * LDAP rebind_remove function @@ -88,7 +88,7 @@ LDAP_DECLARE(apr_status_t) ap_ldap_rebind_add(apr_pool_t *pool, * * @param ld The LDAP connectionhandle */ -LDAP_DECLARE(apr_status_t) ap_ldap_rebind_remove(LDAP *ld); +APR_DECLARE_OPTIONAL_FN(apr_status_t, ap_ldap_rebind_remove, (LDAP *ld)); #endif /* AP_HAS_LDAP */ diff --git a/include/ap_ldap_url.h b/include/ap_ldap_url.h index 996b4b5a9a..2c441dd847 100644 --- a/include/ap_ldap_url.h +++ b/include/ap_ldap_url.h @@ -31,6 +31,8 @@ #include "apu.h" #include "apr_pools.h" +#include "apr_optional.h" + #if defined(DOXYGEN) #include "ap_ldap.h" #endif @@ -71,19 +73,19 @@ typedef struct ap_ldap_url_desc_t { * Is this URL an ldap url? ldap:// * @param url The url to test */ -LDAP_DECLARE(int) ap_ldap_is_ldap_url(const char *url); +APR_DECLARE_OPTIONAL_FN(int, ap_ldap_is_ldap_url, (const char *url)); /** * Is this URL an SSL ldap url? ldaps:// * @param url The url to test */ -LDAP_DECLARE(int) ap_ldap_is_ldaps_url(const char *url); +APR_DECLARE_OPTIONAL_FN(int, ap_ldap_is_ldaps_url, (const char *url)); /** * Is this URL an ldap socket url? ldapi:// * @param url The url to test */ -LDAP_DECLARE(int) ap_ldap_is_ldapi_url(const char *url); +APR_DECLARE_OPTIONAL_FN(int, ap_ldap_is_ldapi_url, (const char *url)); /** * Parse an LDAP URL. @@ -92,10 +94,10 @@ LDAP_DECLARE(int) ap_ldap_is_ldapi_url(const char *url); * @param ludpp The structure to return the exploded URL * @param result_err The result structure of the operation */ -LDAP_DECLARE(int) ap_ldap_url_parse_ext(apr_pool_t *pool, - const char *url_in, - ap_ldap_url_desc_t **ludpp, - ap_ldap_err_t **result_err); +APR_DECLARE_OPTIONAL_FN(int, ap_ldap_url_parse_ext, (apr_pool_t *pool, + const char *url_in, + ap_ldap_url_desc_t **ludpp, + ap_ldap_err_t **result_err)); /** * Parse an LDAP URL. @@ -104,10 +106,10 @@ LDAP_DECLARE(int) ap_ldap_url_parse_ext(apr_pool_t *pool, * @param ludpp The structure to return the exploded URL * @param result_err The result structure of the operation */ -LDAP_DECLARE(int) ap_ldap_url_parse(apr_pool_t *pool, - const char *url_in, - ap_ldap_url_desc_t **ludpp, - ap_ldap_err_t **result_err); +APR_DECLARE_OPTIONAL_FN(int, ap_ldap_url_parse, (apr_pool_t *pool, + const char *url_in, + ap_ldap_url_desc_t **ludpp, + ap_ldap_err_t **result_err)); #ifdef __cplusplus } diff --git a/modules/aaa/mod_authnz_ldap.c b/modules/aaa/mod_authnz_ldap.c index 95bec065e4..426f3f60ad 100644 --- a/modules/aaa/mod_authnz_ldap.c +++ b/modules/aaa/mod_authnz_ldap.c @@ -111,6 +111,7 @@ static APR_OPTIONAL_FN_TYPE(uldap_cache_check_subgroups) *util_ldap_cache_check_ static APR_OPTIONAL_FN_TYPE(uldap_cache_checkuserid) *util_ldap_cache_checkuserid; static APR_OPTIONAL_FN_TYPE(uldap_cache_getuserdn) *util_ldap_cache_getuserdn; static APR_OPTIONAL_FN_TYPE(uldap_ssl_supported) *util_ldap_ssl_supported; +static APR_OPTIONAL_FN_TYPE(ap_ldap_url_parse) *util_ldap_url_parse; static apr_hash_t *charset_conversions = NULL; static char *to_charset = NULL; /* UTF-8 identifier derived from the charset.conv file */ @@ -1338,7 +1339,7 @@ static const char *mod_auth_ldap_parse_url(cmd_parms *cmd, authn_ldap_config_t *sec = config; - rc = ap_ldap_url_parse(cmd->pool, url, &(urld), &(result)); + rc = util_ldap_url_parse(cmd->pool, url, &(urld), &(result)); if (rc != APR_SUCCESS) { return result->reason; } @@ -1780,6 +1781,7 @@ static void ImportULDAPOptFn(void) util_ldap_cache_getuserdn = APR_RETRIEVE_OPTIONAL_FN(uldap_cache_getuserdn); util_ldap_ssl_supported = APR_RETRIEVE_OPTIONAL_FN(uldap_ssl_supported); util_ldap_cache_check_subgroups = APR_RETRIEVE_OPTIONAL_FN(uldap_cache_check_subgroups); + util_ldap_url_parse = APR_RETRIEVE_OPTIONAL_FN(ap_ldap_url_parse); } static void register_hooks(apr_pool_t *p) diff --git a/modules/ldap/ldap_private.h b/modules/ldap/ldap_private.h new file mode 100644 index 0000000000..ad6263ba98 --- /dev/null +++ b/modules/ldap/ldap_private.h @@ -0,0 +1,74 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef AP_LDAP_PRIVATE_H +#define AP_LDAP_PRIVATE_H + +#define LDAP_DECLARE(x) x + +#include "ap_ldap.h" + +/* Private declarations of API functions accessible only internally by + * mod_ldap; these are all exported and the corresponding API docs are + * in ap_ldap_*.h. */ + +LDAP_DECLARE(int) ap_ldap_get_option(apr_pool_t *pool, + LDAP *ldap, + int option, + void *outvalue, + ap_ldap_err_t **result_err); + +LDAP_DECLARE(int) ap_ldap_set_option(apr_pool_t *pool, + LDAP *ldap, + int option, + const void *invalue, + ap_ldap_err_t **result_err); + +LDAP_DECLARE(int) ap_ldap_ssl_init(apr_pool_t *pool, + const char *cert_auth_file, + int cert_file_type, + ap_ldap_err_t **result_err); +LDAP_DECLARE(int) ap_ldap_ssl_deinit(void); +LDAP_DECLARE(int) ap_ldap_init(apr_pool_t *pool, + LDAP **ldap, + const char *hostname, + int portno, + int secure, + ap_ldap_err_t **result_err); + +LDAP_DECLARE(int) ap_ldap_info(apr_pool_t *pool, + ap_ldap_err_t **result_err); + +LDAP_DECLARE(int) ap_ldap_is_ldap_url(const char *url); +LDAP_DECLARE(int) ap_ldap_is_ldaps_url(const char *url); +LDAP_DECLARE(int) ap_ldap_is_ldapi_url(const char *url); +LDAP_DECLARE(int) ap_ldap_url_parse_ext(apr_pool_t *pool, + const char *url_in, + ap_ldap_url_desc_t **ludpp, + ap_ldap_err_t **result_err); +LDAP_DECLARE(int) ap_ldap_url_parse(apr_pool_t *pool, + const char *url_in, + ap_ldap_url_desc_t **ludpp, + ap_ldap_err_t **result_err); + +LDAP_DECLARE(apr_status_t) ap_ldap_rebind_init(apr_pool_t *pool); +LDAP_DECLARE(apr_status_t) ap_ldap_rebind_add(apr_pool_t *pool, + LDAP *ld, + const char *bindDN, + const char *bindPW); +LDAP_DECLARE(apr_status_t) ap_ldap_rebind_remove(LDAP *ld); + +#endif /* AP_LDAP_PRIVATE_H */ diff --git a/modules/ldap/util_ldap.c b/modules/ldap/util_ldap.c index a833342afe..6b76a64576 100644 --- a/modules/ldap/util_ldap.c +++ b/modules/ldap/util_ldap.c @@ -42,6 +42,8 @@ #error mod_ldap requires httpd to detect LDAP support #endif +#include "ldap_private.h" + #ifdef LDAP_OPT_DEBUG_LEVEL #define AP_LDAP_OPT_DEBUG LDAP_OPT_DEBUG_LEVEL #else @@ -2943,6 +2945,21 @@ static void util_ldap_register_hooks(apr_pool_t *p) APR_REGISTER_OPTIONAL_FN(uldap_ssl_supported); APR_REGISTER_OPTIONAL_FN(uldap_cache_check_subgroups); + APR_REGISTER_OPTIONAL_FN(ap_ldap_get_option); + APR_REGISTER_OPTIONAL_FN(ap_ldap_info); + APR_REGISTER_OPTIONAL_FN(ap_ldap_init); + APR_REGISTER_OPTIONAL_FN(ap_ldap_is_ldap_url); + APR_REGISTER_OPTIONAL_FN(ap_ldap_is_ldapi_url); + APR_REGISTER_OPTIONAL_FN(ap_ldap_is_ldaps_url); + APR_REGISTER_OPTIONAL_FN(ap_ldap_rebind_add); + APR_REGISTER_OPTIONAL_FN(ap_ldap_rebind_init); + APR_REGISTER_OPTIONAL_FN(ap_ldap_rebind_remove); + APR_REGISTER_OPTIONAL_FN(ap_ldap_set_option); + APR_REGISTER_OPTIONAL_FN(ap_ldap_ssl_deinit); + APR_REGISTER_OPTIONAL_FN(ap_ldap_ssl_init); + APR_REGISTER_OPTIONAL_FN(ap_ldap_url_parse); + APR_REGISTER_OPTIONAL_FN(ap_ldap_url_parse_ext); + ap_hook_pre_config(util_ldap_pre_config, NULL, NULL, APR_HOOK_MIDDLE); ap_hook_post_config(util_ldap_post_config,NULL,NULL,APR_HOOK_MIDDLE); ap_hook_handler(util_ldap_handler, NULL, NULL, APR_HOOK_MIDDLE); -- 2.40.0