diff options
author | dinoex <dinoex@FreeBSD.org> | 2010-04-12 12:21:15 +0800 |
---|---|---|
committer | dinoex <dinoex@FreeBSD.org> | 2010-04-12 12:21:15 +0800 |
commit | 678a7b586e73a140ef51e3e9bdbeef34fde7bb22 (patch) | |
tree | 85e18d600e41594f0867d1ef71c9f1114db8ac94 /www | |
parent | 3be1ecee1379a26e8c4953afde28d9d196c9be74 (diff) | |
download | freebsd-ports-gnome-678a7b586e73a140ef51e3e9bdbeef34fde7bb22.tar.gz freebsd-ports-gnome-678a7b586e73a140ef51e3e9bdbeef34fde7bb22.tar.zst freebsd-ports-gnome-678a7b586e73a140ef51e3e9bdbeef34fde7bb22.zip |
lighttpd a secure, fast, compliant and very flexible web-server which
has been optimized for high-performance environments. It has a very
low memory footprint compared to other webservers and takes care of
cpu-load. Its advanced feature-set (FastCGI, CGI, Auth, Output-Compression,
URL-Rewriting and many more) make lighttpd the perfect webserver-software
for every server that is suffering load problems.
This version is patched to support:
auth.backend = "mysql"
WWW: http://www.lighttpd.net/
WWW: http://redmine.lighttpd.net/issues/752
Diffstat (limited to 'www')
-rw-r--r-- | www/Makefile | 1 | ||||
-rw-r--r-- | www/lighttpd-mysqlauth/Makefile | 22 | ||||
-rw-r--r-- | www/lighttpd-mysqlauth/files/README | 48 | ||||
-rw-r--r-- | www/lighttpd-mysqlauth/files/mysql_auth.sql | 10 | ||||
-rw-r--r-- | www/lighttpd-mysqlauth/files/patch-src_http_auth.c | 455 | ||||
-rw-r--r-- | www/lighttpd-mysqlauth/pkg-descr | 12 |
6 files changed, 548 insertions, 0 deletions
diff --git a/www/Makefile b/www/Makefile index 55ddb1e03e84..e65b1de36041 100644 --- a/www/Makefile +++ b/www/Makefile @@ -365,6 +365,7 @@ SUBDIR += lifetype SUBDIR += lightsquid SUBDIR += lighttpd + SUBDIR += lighttpd-mysqlauth SUBDIR += lilurl SUBDIR += limesurvey SUBDIR += linkcheck diff --git a/www/lighttpd-mysqlauth/Makefile b/www/lighttpd-mysqlauth/Makefile new file mode 100644 index 000000000000..2b3941ede1e5 --- /dev/null +++ b/www/lighttpd-mysqlauth/Makefile @@ -0,0 +1,22 @@ +# New ports collection makefile for: lighttpd-mysql +# Date created: 11.Apr 2010 +# Whom: dirk.meyer@dinoex.sub.org +# +# $FreeBSD$ + +CATEGORIES= www +PKGNAMESUFFIX= -mysqlauth + +MAINTAINER= dinoex@FreeBSD.org + +MASTERDIR?= ${.CURDIR}/../lighttpd + +WITH_MYSQL= yes + +EXTRA_PATCHES+= ${.CURDIR}/files/patch-src_http_auth.c + +.if exists(${.CURDIR}/Makefile.local) +.include "${.CURDIR}/Makefile.local" +.endif + +.include "${MASTERDIR}/Makefile" diff --git a/www/lighttpd-mysqlauth/files/README b/www/lighttpd-mysqlauth/files/README new file mode 100644 index 000000000000..f63660e5b5ed --- /dev/null +++ b/www/lighttpd-mysqlauth/files/README @@ -0,0 +1,48 @@ + +References: +http://redmine.lighttpd.net/issues/752 +http://redmine.lighttpd.net/attachments/1012/03_all_lighttpd-1.4.23-mysql_auth.diff +http://redmine.lighttpd.net/attachments/download/1012/03_all_lighttpd-1.4.23-mysql_auth.diff + +This patch allows lighttpd to authenticate users against mySQL DBbr +NOTE: Only basic auth is implemented. Passwords are stored as MD5 hash in DB + +make mysql db and user (read mySQL doc's if you don't know how) +import lighttpd-1.4.11-mysql_auth.sql + +open lighttpd.conf and add +(be sure that you comment out any other auth - according to lighttpd docs) + +auth.backend = "mysql" +auth.backend.mysql.host = "localhost" +auth.backend.mysql.user = "db_user" +auth.backend.mysql.pass = "db_pass" +auth.backend.mysql.db = "db_name" +auth.backend.mysql.port = "0" # (for default port 0, always needed) +auth.backend.mysql.socket = "" # (for default leave blank, always needed) +auth.backend.mysql.users_table = "users_table" +auth.backend.mysql.col_user = "col_name_username" +auth.backend.mysql.col_pass = "col_name_password" # (md5 hash of password) +auth.backend.mysql.col_realm = "col_realm_name" + +configure lighttpd to use it (same as every other auth) + +auth.require = ( "/some_path" => + ( + "method" => "basic", + "realm" => "some_realm", + "require" => "some_user", + ) +) + +start lighttpd + +P.S. patch include more complicated setup with separate table for domains. +If you are interested please contact with me to obtain more information. + +Bugs, Patches and Suggestions +Send me E-Mail: drJeckyll@Jeckyll.net + +-- drJeckyll + + diff --git a/www/lighttpd-mysqlauth/files/mysql_auth.sql b/www/lighttpd-mysqlauth/files/mysql_auth.sql new file mode 100644 index 000000000000..5b1a25572225 --- /dev/null +++ b/www/lighttpd-mysqlauth/files/mysql_auth.sql @@ -0,0 +1,10 @@ +CREATE TABLE `vhosts_secure`( + vhost_secure_id bigint(20) NOT NULL AUTO_INCREMENT, + vhost_secure_username varchar(255) NOT NULL, + vhost_secure_password varchar(255) NOT NULL, + vhost_secure_realm varchar(255) NOT NULL + PRIMARY KEY (vhost_secure_id), + INDEX i_username (vhost_secure_username), + INDEX i_password (vhost_secure_password), + INDEX i_realm (vhost_secure_realm) +); diff --git a/www/lighttpd-mysqlauth/files/patch-src_http_auth.c b/www/lighttpd-mysqlauth/files/patch-src_http_auth.c new file mode 100644 index 000000000000..672457f195a1 --- /dev/null +++ b/www/lighttpd-mysqlauth/files/patch-src_http_auth.c @@ -0,0 +1,455 @@ +diff -Naur new/lighttpd-1.4.23/src/http_auth.c old/lighttpd-1.4.23/src/http_auth.c +--- src/http_auth.c 2009-06-11 14:05:06.000000000 +0400 ++++ src/http_auth.c 2009-10-08 10:10:15.000000000 +0400 +@@ -24,6 +24,7 @@ + #include <errno.h> + #include <unistd.h> + #include <ctype.h> ++#include <mysql/mysql.h> + + #include "server.h" + #include "log.h" +@@ -291,6 +292,117 @@ + stream_close(&f); + } else if (p->conf.auth_backend == AUTH_BACKEND_LDAP) { + ret = 0; ++ } else if (p->conf.auth_backend == AUTH_BACKEND_MYSQL) { ++ MYSQL_RES *result; ++ MYSQL_ROW row; ++ int port = atoi(p->conf.auth_mysql_port->ptr); ++ char q[255]; ++ ++ if (p->conf.auth_mysql_socket->ptr != NULL) ++ if (0 == strcmp(p->conf.auth_mysql_socket->ptr, "")) p->conf.auth_mysql_socket->ptr = NULL; ++ ++ p->conf.mysql_conn = mysql_init(NULL); ++ ++ if (mysql_real_connect(p->conf.mysql_conn, p->conf.auth_mysql_host->ptr, p->conf.auth_mysql_user->ptr, p->conf.auth_mysql_pass->ptr, p->conf.auth_mysql_db->ptr, port, p->conf.auth_mysql_socket->ptr, 0)) ++ { ++//#define MY_HOSTING ++ ++#ifdef MY_HOSTING ++ char my_full_realm[255]; ++ char *my_realm = NULL; ++ char *my_domain = NULL; ++ ++ char *uname; ++ size_t unamelen; ++ ++ unamelen = strlen(username->ptr); ++ uname = malloc(unamelen*2+1); ++ ++ mysql_real_escape_string(p->conf.mysql_conn, ++ uname, username->ptr, ++ (unsigned long)unamelen); ++ ++ strcpy(my_full_realm, realm->ptr); ++ my_realm = strtok(my_full_realm, "@"); ++ ++ if (my_realm != NULL) ++ my_domain = strtok(NULL, "@"); ++ ++ sprintf(q, "SELECT %s FROM %s, %s WHERE %s='%s' AND %s='%s' AND %s='%s' AND %s=%s", ++ p->conf.auth_mysql_col_pass->ptr, ++ ++ p->conf.auth_mysql_users_table->ptr, ++ p->conf.auth_mysql_domains_table->ptr, ++ ++ p->conf.auth_mysql_col_user->ptr, ++ uname, ++ ++ p->conf.auth_mysql_col_realm->ptr, ++ my_realm, ++ ++ p->conf.auth_mysql_col_domain->ptr, ++ my_domain, ++ ++ p->conf.auth_mysql_domains_table_col_domain_id->ptr, ++ p->conf.auth_mysql_users_table_col_domain_id->ptr ++ ); ++ ++ free(uname); ++#else ++ // sanitize username & realm by taguchi@ff.iij4u.or.jp ++ char *uname, *urealm; ++ size_t unamelen, urealmlen; ++ ++ unamelen = strlen(username->ptr); ++ urealmlen = strlen(realm->ptr); ++ uname = malloc(unamelen*2+1); ++ urealm = malloc(urealmlen*2+1); ++ ++ mysql_real_escape_string(p->conf.mysql_conn, ++ uname, username->ptr, ++ (unsigned long)unamelen); ++ ++ mysql_real_escape_string(p->conf.mysql_conn, ++ urealm, realm->ptr, ++ (unsigned long)unamelen); ++ ++ mysql_real_escape_string(p->conf.mysql_conn, ++ urealm, realm->ptr, ++ (unsigned long)urealmlen); ++ ++ sprintf(q, "SELECT %s FROM %s WHERE %s='%s' AND %s='%s'", ++ p->conf.auth_mysql_col_pass->ptr, ++ p->conf.auth_mysql_users_table->ptr, ++ p->conf.auth_mysql_col_user->ptr, ++ uname, ++ p->conf.auth_mysql_col_realm->ptr, ++ urealm ++ ); ++ ++ free(uname); ++ free(urealm); ++#endif ++ ++ mysql_query(p->conf.mysql_conn, q); ++ result = mysql_store_result(p->conf.mysql_conn); ++ if (mysql_num_rows(result) == 1) ++ { ++ /* found */ ++ row = mysql_fetch_row(result); ++ buffer_copy_string_len(password, row[0], strlen(row[0])); ++ ++ ret = 0; ++ } else ++ { ++ /* not found */ ++ ret = -1; ++ } ++ ++ mysql_free_result(result); ++ mysql_close(p->conf.mysql_conn); ++ ++ p->conf.mysql_conn = NULL; ++ } + } else { + return -1; + } +@@ -831,6 +943,60 @@ + + return 0; + #endif ++ } else if (p->conf.auth_backend == AUTH_BACKEND_MYSQL) { ++ /* ++ we check for md5 crypt() now ++ request by Nicola Tiling <nti@w4w.net> ++ */ ++ if (password->ptr[0] == '$' && password->ptr[2] == '$') ++ { ++ char salt[32]; ++ char *crypted; ++ size_t salt_len = 0; ++ char *dollar = NULL; ++ ++ if (NULL == (dollar = strchr(password->ptr + 3, '$'))) { ++ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__); ++ return -1; ++ } ++ ++ salt_len = dollar - password->ptr; ++ ++ if (salt_len > sizeof(salt) - 1) ++ { ++ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__); ++ return -1; ++ } ++ ++ strncpy(salt, password->ptr, salt_len); ++ ++ salt[salt_len] = '\0'; ++ ++ crypted = crypt(pw, salt); ++ ++ if (0 == strcmp(password->ptr, crypted)) ++ { ++ return 0; ++ } else { ++ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__); ++ } ++ } else ++ /* plain md5 check now */ ++ { ++ MD5_CTX Md5Ctx; ++ HASH HA1; ++ char a1[256]; ++ ++ MD5_Init(&Md5Ctx); ++ MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw)); ++ MD5_Final(HA1, &Md5Ctx); ++ ++ CvtHex(HA1, a1); ++ ++ if (0 == strcmp(password->ptr, a1)) { ++ return 0; ++ } ++ } + } + return -1; + } +diff -Naur new/lighttpd-1.4.23/src/http_auth.h old/lighttpd-1.4.23/src/http_auth.h +--- src/http_auth.h 2009-03-31 02:16:59.000000000 +0400 ++++ src/http_auth.h 2009-10-08 10:13:56.000000000 +0400 +@@ -8,13 +8,15 @@ + # define USE_LDAP + # include <ldap.h> + #endif ++#include <mysql/mysql.h> + + typedef enum { + AUTH_BACKEND_UNSET, + AUTH_BACKEND_PLAIN, + AUTH_BACKEND_LDAP, + AUTH_BACKEND_HTPASSWD, +- AUTH_BACKEND_HTDIGEST ++ AUTH_BACKEND_HTDIGEST, ++ AUTH_BACKEND_MYSQL + } auth_backend_t; + + typedef struct { +@@ -49,6 +51,22 @@ + buffer *ldap_filter_pre; + buffer *ldap_filter_post; + #endif ++ ++ MYSQL *mysql_conn; ++ buffer *auth_mysql_host; ++ buffer *auth_mysql_user; ++ buffer *auth_mysql_pass; ++ buffer *auth_mysql_db; ++ buffer *auth_mysql_port; ++ buffer *auth_mysql_socket; ++ buffer *auth_mysql_users_table; ++ buffer *auth_mysql_col_user; ++ buffer *auth_mysql_col_pass; ++ buffer *auth_mysql_col_realm; ++ buffer *auth_mysql_domains_table; ++ buffer *auth_mysql_col_domain; ++ buffer *auth_mysql_domains_table_col_domain_id; ++ buffer *auth_mysql_users_table_col_domain_id; + } mod_auth_plugin_config; + + typedef struct { +diff -Naur new/lighttpd-1.4.23/src/Makefile.am old/lighttpd-1.4.23/src/Makefile.am +--- src/Makefile.am 2009-06-16 17:45:42.000000000 +0400 ++++ src/Makefile.am 2009-10-08 10:26:56.000000000 +0400 +@@ -242,7 +242,7 @@ + lib_LTLIBRARIES += mod_auth.la + mod_auth_la_SOURCES = mod_auth.c http_auth_digest.c http_auth.c + mod_auth_la_LDFLAGS = -module -export-dynamic -avoid-version -no-undefined +-mod_auth_la_LIBADD = $(CRYPT_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) ++mod_auth_la_LIBADD = $(MYSQL_LIBS) $(CRYPT_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) + + lib_LTLIBRARIES += mod_rewrite.la + mod_rewrite_la_SOURCES = mod_rewrite.c +diff -Naur lighttpd-1.4.23/src/Makefile.in old/lighttpd-1.4.23/src/Makefile.in +--- src/Makefile.in 2009-06-19 23:19:22.000000000 +0400 ++++ src/Makefile.in 2009-10-08 10:26:25.000000000 +0400 +@@ -706,7 +706,7 @@ + mod_compress_la_LIBADD = $(Z_LIB) $(BZ_LIB) $(common_libadd) + mod_auth_la_SOURCES = mod_auth.c http_auth_digest.c http_auth.c + mod_auth_la_LDFLAGS = -module -export-dynamic -avoid-version -no-undefined +-mod_auth_la_LIBADD = $(CRYPT_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) ++mod_auth_la_LIBADD = $(MYSQL_LIBS) $(CRYPT_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) + mod_rewrite_la_SOURCES = mod_rewrite.c + mod_rewrite_la_LDFLAGS = -module -export-dynamic -avoid-version -no-undefined + mod_rewrite_la_LIBADD = $(PCRE_LIB) $(common_libadd) +diff -Naur new/lighttpd-1.4.23/src/mod_auth.c old/lighttpd-1.4.23/src/mod_auth.c +--- src/mod_auth.c 2009-04-11 16:08:19.000000000 +0400 ++++ src/mod_auth.c 2009-10-08 10:24:13.000000000 +0400 +@@ -6,6 +6,7 @@ + #include <errno.h> + #include <fcntl.h> + #include <unistd.h> ++#include <mysql/mysql.h> + + #include "plugin.h" + #include "http_auth.h" +@@ -83,6 +84,20 @@ + if (s->ldap) ldap_unbind_s(s->ldap); + #endif + ++ buffer_free(s->auth_mysql_host); ++ buffer_free(s->auth_mysql_user); ++ buffer_free(s->auth_mysql_pass); ++ buffer_free(s->auth_mysql_db); ++ buffer_free(s->auth_mysql_socket); ++ buffer_free(s->auth_mysql_users_table); ++ buffer_free(s->auth_mysql_col_user); ++ buffer_free(s->auth_mysql_col_pass); ++ buffer_free(s->auth_mysql_col_realm); ++ buffer_free(s->auth_mysql_domains_table); ++ buffer_free(s->auth_mysql_col_domain); ++ buffer_free(s->auth_mysql_domains_table_col_domain_id); ++ buffer_free(s->auth_mysql_users_table_col_domain_id); ++ + free(s); + } + free(p->config_storage); +@@ -120,6 +135,21 @@ + PATCH(ldap_filter_post); + #endif + ++ PATCH(auth_mysql_host); ++ PATCH(auth_mysql_user); ++ PATCH(auth_mysql_pass); ++ PATCH(auth_mysql_db); ++ PATCH(auth_mysql_port); ++ PATCH(auth_mysql_socket); ++ PATCH(auth_mysql_users_table); ++ PATCH(auth_mysql_col_user); ++ PATCH(auth_mysql_col_pass); ++ PATCH(auth_mysql_col_realm); ++ PATCH(auth_mysql_domains_table); ++ PATCH(auth_mysql_col_domain); ++ PATCH(auth_mysql_domains_table_col_domain_id); ++ PATCH(auth_mysql_users_table_col_domain_id); ++ + /* skip the first, the global context */ + for (i = 1; i < srv->config_context->used; i++) { + data_config *dc = (data_config *)srv->config_context->data[i]; +@@ -169,6 +199,34 @@ + PATCH(auth_ldap_bindpw); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.allow-empty-pw"))) { + PATCH(auth_ldap_allow_empty_pw); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.host"))) { ++ PATCH(auth_mysql_host); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.user"))) { ++ PATCH(auth_mysql_user); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.pass"))) { ++ PATCH(auth_mysql_pass); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.db"))) { ++ PATCH(auth_mysql_db); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.port"))) { ++ PATCH(auth_mysql_port); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.socket"))) { ++ PATCH(auth_mysql_user); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.users_table"))) { ++ PATCH(auth_mysql_users_table); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_user"))) { ++ PATCH(auth_mysql_col_user); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_pass"))) { ++ PATCH(auth_mysql_col_pass); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_realm"))) { ++ PATCH(auth_mysql_col_realm); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.domains_table"))) { ++ PATCH(auth_mysql_domains_table); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_domain"))) { ++ PATCH(auth_mysql_col_domain); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.domains_table_col_domain_id"))) { ++ PATCH(auth_mysql_domains_table_col_domain_id); ++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.users_table_col_domain_id"))) { ++ PATCH(auth_mysql_users_table_col_domain_id); + } + } + } +@@ -323,10 +381,24 @@ + { "auth.backend.ldap.starttls", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 8 */ + { "auth.backend.ldap.bind-dn", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 9 */ + { "auth.backend.ldap.bind-pw", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 10 */ +- { "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 11 */ ++ { "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, + { "auth.backend.htdigest.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 12 */ + { "auth.backend.htpasswd.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 13 */ + { "auth.debug", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 14 */ ++ { "auth.backend.mysql.host", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.user", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.pass", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.db", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.port", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.socket", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.users_table", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.col_user", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.col_pass", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.col_realm", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 23 */ ++ { "auth.backend.mysql.domains_table", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.col_domain", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.domains_table_col_domain_id", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, ++ { "auth.backend.mysql.users_table_col_domain_id", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 27 */ + { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } + }; + +@@ -355,6 +427,22 @@ + s->auth_debug = 0; + + s->auth_require = array_init(); ++ s->mysql_conn = NULL; ++ s->auth_mysql_host = buffer_init(); ++ s->auth_mysql_user = buffer_init(); ++ s->auth_mysql_pass = buffer_init(); ++ s->auth_mysql_db = buffer_init(); ++ s->auth_mysql_port = buffer_init(); ++ s->auth_mysql_socket = buffer_init(); ++ s->auth_mysql_users_table = buffer_init(); ++ s->auth_mysql_col_user = buffer_init(); ++ s->auth_mysql_col_pass = buffer_init(); ++ s->auth_mysql_col_realm = buffer_init(); ++ s->auth_mysql_domains_table = buffer_init(); ++ s->auth_mysql_col_domain = buffer_init(); ++ s->auth_mysql_domains_table_col_domain_id = buffer_init(); ++ s->auth_mysql_users_table_col_domain_id = buffer_init(); ++ + + #ifdef USE_LDAP + s->ldap_filter_pre = buffer_init(); +@@ -377,7 +465,20 @@ + cv[12].destination = s->auth_htdigest_userfile; + cv[13].destination = s->auth_htpasswd_userfile; + cv[14].destination = &(s->auth_debug); +- ++ cv[15].destination = s->auth_mysql_host; ++ cv[16].destination = s->auth_mysql_user; ++ cv[17].destination = s->auth_mysql_pass; ++ cv[18].destination = s->auth_mysql_db; ++ cv[19].destination = s->auth_mysql_port; ++ cv[20].destination = s->auth_mysql_socket; ++ cv[21].destination = s->auth_mysql_users_table; ++ cv[22].destination = s->auth_mysql_col_user; ++ cv[23].destination = s->auth_mysql_col_pass; ++ cv[24].destination = s->auth_mysql_col_realm; ++ cv[25].destination = s->auth_mysql_domains_table; ++ cv[26].destination = s->auth_mysql_col_domain; ++ cv[27].destination = s->auth_mysql_domains_table_col_domain_id; ++ cv[28].destination = s->auth_mysql_users_table_col_domain_id; + p->config_storage[i] = s; + ca = ((data_config *)srv->config_context->data[i])->value; + +@@ -394,6 +495,8 @@ + s->auth_backend = AUTH_BACKEND_PLAIN; + } else if (0 == strcmp(s->auth_backend_conf->ptr, "ldap")) { + s->auth_backend = AUTH_BACKEND_LDAP; ++ } else if (0 == strcmp(s->auth_backend_conf->ptr, "mysql")) { ++ s->auth_backend = AUTH_BACKEND_MYSQL; + } else { + log_error_write(srv, __FILE__, __LINE__, "sb", "auth.backend not supported:", s->auth_backend_conf); + +@@ -534,6 +637,28 @@ + return (ret); + break; + } ++ case AUTH_BACKEND_MYSQL: { ++ int port = atoi(s->auth_mysql_port->ptr); ++ ++ if (p->conf.auth_mysql_socket->ptr != NULL) ++ if (0 == strcmp(s->auth_mysql_socket->ptr, "")) s->auth_mysql_socket->ptr = NULL; ++ ++ s->mysql_conn = mysql_init(NULL); ++ if (!mysql_real_connect(s->mysql_conn, s->auth_mysql_host->ptr, s->auth_mysql_user->ptr, s->auth_mysql_pass->ptr, s->auth_mysql_db->ptr, port, NULL, 0)) ++ { ++ log_error_write(srv, __FILE__, __LINE__, "sbsbsbsbss", ++ "opening connection to mysql:", s->auth_mysql_host, ++ "user:", s->auth_mysql_user, ++ "pass:", s->auth_mysql_pass, ++ "db:", s->auth_mysql_db, ++ "failed:", strerror(errno)); ++ ++ return HANDLER_ERROR; ++ } ++ mysql_close(s->mysql_conn); ++ ++ break; ++ } + default: + break; + } diff --git a/www/lighttpd-mysqlauth/pkg-descr b/www/lighttpd-mysqlauth/pkg-descr new file mode 100644 index 000000000000..c40e11de4997 --- /dev/null +++ b/www/lighttpd-mysqlauth/pkg-descr @@ -0,0 +1,12 @@ +lighttpd a secure, fast, compliant and very flexible web-server which +has been optimized for high-performance environments. It has a very +low memory footprint compared to other webservers and takes care of +cpu-load. Its advanced feature-set (FastCGI, CGI, Auth, Output-Compression, +URL-Rewriting and many more) make lighttpd the perfect webserver-software +for every server that is suffering load problems. + +This version is patched to support: + auth.backend = "mysql" + +WWW: http://www.lighttpd.net/ +WWW: http://redmine.lighttpd.net/issues/752 |