Author: brane
Date: Tue Jun 24 05:34:26 2025
New Revision: 1926674
URL: http://svn.apache.org/viewvc?rev=1926674&view=rev
Log:
On the user-defined-authn branch: Code cleanups, consistency fixes and
missing documentation.
* serf.h
(serf authentication group): Describe the interaction between parts of the
authentication system during a handshake.
(serf_authn_init_conn_func_t,
serf_authn_get_realm_func_t,
serf_authn_handle_func_t,
serf_authn_setup_request_func_t,
serf_authn_validate_response_func_t): Update docstrings and move all output
parameters to the beginning of the argument list.
(serf_authn_register_scheme): Move the 'type' output parameter to the
beginning of the argument list. Update the docstring.
(serf_authn_unregister_scheme): Declare prototype and update the docstring.
* auth/auth.h
(serf__authn__unregister_scheme) Remove unused prototype.
* auth/auth.c
(serf_authn_register_scheme): Update argument list, update docs,
introduce a local serf-context variable.
(serf_authn_unregister_scheme): Likewise; also rename from
serf__authn__unregister_scheme.
* auth/auth_user_defined.c
(serf__authn_user__init_conn) Update calls to user_init_conn_func and
user_get_realm_func due to changed argument lists.
(serf__authn_user__setup_request): Same for setup_request_func, the
'code' argument is no longer used.
(serf__authn_user__validate_response): And for validate_response_func, too.
* test/test_auth.c
(serf_authn_unregister_scheme): Remove the macro, it's now a real function.
(test_authn_register_one,
test_authn_register_two,
test_authn_register_twice,
test_authn_registered_pool_cleanup) Update callee's argument lists.
(user_authn_init_conn,
user_authn_get_realm,
user_authn_setup_request,
user_authn_validate_response): Update argument lists.
(user_authentication): And again, adjust to changes in the calees.
Modified:
serf/branches/user-defined-authn/auth/auth.c
serf/branches/user-defined-authn/auth/auth.h
serf/branches/user-defined-authn/auth/auth_user_defined.c
serf/branches/user-defined-authn/serf.h
serf/branches/user-defined-authn/test/test_auth.c
Modified: serf/branches/user-defined-authn/auth/auth.c
URL:
http://svn.apache.org/viewvc/serf/branches/user-defined-authn/auth/auth.c?rev=1926674&r1=1926673&r2=1926674&view=diff
==============================================================================
--- serf/branches/user-defined-authn/auth/auth.c (original)
+++ serf/branches/user-defined-authn/auth/auth.c Tue Jun 24 05:34:26 2025
@@ -657,15 +657,17 @@ static apr_status_t cleanup_user_scheme(
}
apr_status_t serf_authn_register_scheme(
- serf_context_t *ctx, const char *name, void *baton, int flags,
+ int *type,
+ serf_context_t *ctx,
+ const char *name, void *baton, int flags,
serf_authn_init_conn_func_t init_conn,
serf_authn_get_realm_func_t get_realm,
serf_authn_handle_func_t handle,
serf_authn_setup_request_func_t setup_request,
serf_authn_validate_response_func_t validate_response,
- apr_pool_t *result_pool,
- int *type)
+ apr_pool_t *result_pool)
{
+ serf_config_t *const config = ctx->config;
serf__authn_scheme_t *authn_scheme;
apr_status_t lock_status;
apr_status_t status;
@@ -674,7 +676,7 @@ apr_status_t serf_authn_register_scheme(
char *cp;
int index;
- serf__log(LOGLVL_INFO, LOGCOMP_AUTHN, __FILE__, ctx->config,
+ serf__log(LOGLVL_INFO, LOGCOMP_AUTHN, __FILE__, config,
"Registering user-defined scheme %s", name);
*type = SERF_AUTHN_NONE;
@@ -705,9 +707,9 @@ apr_status_t serf_authn_register_scheme(
authn_scheme->user_setup_request_func = setup_request;
authn_scheme->user_validate_response_func = validate_response;
- lock_status = lock_authn_schemes(ctx->config);
+ lock_status = lock_authn_schemes(config);
if (lock_status) {
- serf__log_nopref(LOGLVL_INFO, LOGCOMP_AUTHN, ctx->config,
+ serf__log_nopref(LOGLVL_INFO, LOGCOMP_AUTHN, config,
", lock failed %d\n", lock_status);
return lock_status;
}
@@ -735,7 +737,9 @@ apr_status_t serf_authn_register_scheme(
}
}
if (index >= AUTHN_SCHEMES_SIZE) {
- /* No more space in the table. Not very likely. */
+ /* No more space in the table. Shouldn't be possible; if we got this
+ far, we have a valid scheme type, and as long as we have a scheme
+ type, there should be space for the scheme in the table. */
status = APR_ENOSPC;
goto cleanup;
}
@@ -752,28 +756,25 @@ apr_status_t serf_authn_register_scheme(
user_authn_registered |= scheme_type;
cleanup:
- lock_status = unlock_authn_schemes(ctx->config);
+ lock_status = unlock_authn_schemes(config);
if (lock_status) {
- serf__log_nopref(LOGLVL_INFO, LOGCOMP_AUTHN, ctx->config,
+ serf__log_nopref(LOGLVL_INFO, LOGCOMP_AUTHN, config,
", unlock failed %d, status %d\n",
lock_status, status);
return lock_status;
}
- serf__log_nopref(LOGLVL_INFO, LOGCOMP_AUTHN, ctx->config,
+ serf__log_nopref(LOGLVL_INFO, LOGCOMP_AUTHN, config,
", status %d\n", status);
return status;
}
-/* apr_status_t serf_authn_unregister_scheme(serf_context_t *ctx, */
-/* int type, */
-/* const char *name, */
-/* apr_pool_t *scratch_pool); */
-apr_status_t serf__authn__unregister_scheme(serf_context_t *ctx,
- int type,
- const char *name,
- apr_pool_t *scratch_pool)
+apr_status_t serf_authn_unregister_scheme(serf_context_t *ctx,
+ int type,
+ const char *name,
+ apr_pool_t *scratch_pool)
{
+ serf_config_t *const config = ctx->config;
const serf__authn_scheme_t *authn_scheme = NULL;
const unsigned int scheme_type = type;
apr_status_t lock_status;
@@ -782,7 +783,7 @@ apr_status_t serf__authn__unregister_sch
char *cp;
int index;
- serf__log(LOGLVL_INFO, LOGCOMP_AUTHN, __FILE__, ctx->config,
+ serf__log(LOGLVL_INFO, LOGCOMP_AUTHN, __FILE__, config,
"Unregistering user-defined scheme %s", name);
/* Generate a lower-case key for the scheme. */
@@ -792,9 +793,9 @@ apr_status_t serf__authn__unregister_sch
++cp;
}
- lock_status = lock_authn_schemes(ctx->config);
+ lock_status = lock_authn_schemes(config);
if (lock_status) {
- serf__log_nopref(LOGLVL_INFO, LOGCOMP_AUTHN, ctx->config,
+ serf__log_nopref(LOGLVL_INFO, LOGCOMP_AUTHN, config,
", lock failed %d\n", lock_status);
return lock_status;
}
@@ -837,15 +838,15 @@ apr_status_t serf__authn__unregister_sch
user_authn_registered &= ~scheme_type;
cleanup:
- lock_status = unlock_authn_schemes(ctx->config);
+ lock_status = unlock_authn_schemes(config);
if (lock_status) {
- serf__log_nopref(LOGLVL_INFO, LOGCOMP_AUTHN, ctx->config,
+ serf__log_nopref(LOGLVL_INFO, LOGCOMP_AUTHN, config,
", unlock failed %d, status %d\n",
lock_status, status);
return lock_status;
}
- serf__log_nopref(LOGLVL_INFO, LOGCOMP_AUTHN, ctx->config,
+ serf__log_nopref(LOGLVL_INFO, LOGCOMP_AUTHN, config,
", status %d\n", status);
return status;
}
@@ -871,13 +872,17 @@ static apr_status_t do_init_authn_scheme
/* Create a self-contained root pool for the mutex. */
status = apr_allocator_create(&allocator);
- if (status || !allocator)
- goto error;
+ if (status || !allocator) {
+ status = status ? status : APR_ENOMEM;
+ goto finish;
+ }
status = apr_pool_create_ex(&authn_schemes_guard_pool,
NULL, NULL, allocator);
- if (status || !authn_schemes_guard_pool)
- goto error;
+ if (status || !authn_schemes_guard_pool) {
+ status = status ? status : APR_ENOMEM;
+ goto finish;
+ }
#if APR_POOL_DEBUG
apr_pool_tag(authn_schemes_guard_pool, "serf-authn-guard");
#endif
@@ -885,20 +890,16 @@ static apr_status_t do_init_authn_scheme
status = apr_thread_mutex_create(&authn_schemes_guard,
APR_THREAD_MUTEX_DEFAULT,
authn_schemes_guard_pool);
- if (status || !authn_schemes_guard)
- goto error;
+ if (status || !authn_schemes_guard) {
+ status = status ? status : APR_ENOMEM;
+ goto finish;
+ }
/* Adjust the mask of available user-defined schemes. */
builtin_types = 0;
for (index = 0; serf_authn_schemes[index]; ++index)
builtin_types |= serf_authn_schemes[index]->type;
user_authn_type_mask &= ~builtin_types;
- goto finish;
-
- error:
- /* We only reach here if something went wrong during initialization. */
- if (status == APR_SUCCESS) /* Not likely, but don't return "OK". */
- status = APR_ENOMEM; /* Probable failures are allocations. */
finish:
serf__log_nopref(LOGLVL_DEBUG, LOGCOMP_AUTHN, config,
Modified: serf/branches/user-defined-authn/auth/auth.h
URL:
http://svn.apache.org/viewvc/serf/branches/user-defined-authn/auth/auth.h?rev=1926674&r1=1926673&r2=1926674&view=diff
==============================================================================
--- serf/branches/user-defined-authn/auth/auth.h (original)
+++ serf/branches/user-defined-authn/auth/auth.h Tue Jun 24 05:34:26 2025
@@ -178,12 +178,6 @@ extern const serf__authn_scheme_t serf__
/** User-defined authentication scheme handlers */
-/* FIXME: Declare the prototype for the internal unregister implementation */
-apr_status_t serf__authn__unregister_scheme(serf_context_t *ctx,
- int type,
- const char *name,
- apr_pool_t *scratch_pool);
-
apr_status_t
serf__authn_user__init_conn(const serf__authn_scheme_t *scheme,
int code,
Modified: serf/branches/user-defined-authn/auth/auth_user_defined.c
URL:
http://svn.apache.org/viewvc/serf/branches/user-defined-authn/auth/auth_user_defined.c?rev=1926674&r1=1926673&r2=1926674&view=diff
==============================================================================
--- serf/branches/user-defined-authn/auth/auth_user_defined.c (original)
+++ serf/branches/user-defined-authn/auth/auth_user_defined.c Tue Jun 24
05:34:26 2025
@@ -119,9 +119,9 @@ serf__authn_user__init_conn(const serf__
apr_pool_create(&scratch_pool, pool);
authn_baton = apr_pcalloc(pool, sizeof(*authn_baton));
- status = scheme->user_init_conn_func(scheme->user_baton, code,
- pool, scratch_pool,
- &authn_baton->user_authn_baton);
+ status = scheme->user_init_conn_func(&authn_baton->user_authn_baton,
+ scheme->user_baton, code,
+ pool, scratch_pool);
apr_pool_destroy(scratch_pool);
if (status == APR_SUCCESS)
@@ -200,11 +200,11 @@ serf__authn_user__handle(const serf__aut
status = APR_SUCCESS;
if (scheme->user_flags & SERF_AUTHN_FLAG_CREDS) {
const char *realm_name;
- status = scheme->user_get_realm_func(scheme->user_baton,
+ status = scheme->user_get_realm_func(&realm_name,
+ scheme->user_baton,
authn_baton->user_authn_baton,
auth_hdr, auth_attr,
- scratch_pool, scratch_pool,
- &realm_name);
+ scratch_pool, scratch_pool);
if (!status) {
const char *const realm = serf__construct_realm(
SERF__PEER_FROM_CODE(code), conn, realm_name, scratch_pool);
@@ -237,7 +237,7 @@ serf__authn_user__handle(const serf__aut
apr_status_t
serf__authn_user__setup_request(const serf__authn_scheme_t *scheme,
peer_t peer,
- int code,
+ int code, /* Ignored, always 0. */
serf_connection_t *conn,
serf_request_t *request,
const char *method,
@@ -271,7 +271,7 @@ serf__authn_user__setup_request(const se
apr_pool_create(&scratch_pool, conn->pool);
status = scheme->user_setup_request_func(scheme->user_baton,
authn_baton->user_authn_baton,
- code, conn, request,
+ conn, request,
method, uri, hdrs_bkt,
scratch_pool);
apr_pool_destroy(scratch_pool);
@@ -315,11 +315,11 @@ serf__authn_user__validate_response(cons
authn_baton = authn_info->baton;
apr_pool_create(&scratch_pool, conn->pool);
- status = scheme->user_validate_response_func(scheme->user_baton,
+ status = scheme->user_validate_response_func(&reset_pipelining,
+ scheme->user_baton,
authn_baton->user_authn_baton,
code, conn, request, response,
- scratch_pool,
- &reset_pipelining);
+ scratch_pool);
/* Reset pipelining if the scheme requires it. */
if (status == APR_SUCCESS && reset_pipelining
Modified: serf/branches/user-defined-authn/serf.h
URL:
http://svn.apache.org/viewvc/serf/branches/user-defined-authn/serf.h?rev=1926674&r1=1926673&r2=1926674&view=diff
==============================================================================
--- serf/branches/user-defined-authn/serf.h (original)
+++ serf/branches/user-defined-authn/serf.h Tue Jun 24 05:34:26 2025
@@ -951,6 +951,31 @@ serf_bucket_t *serf_request_bucket_reque
* @defgroup serf authentication
* @ingroup serf
* @{
+ *
+ * Interaction during authentication hanshake for user-defined schemes:
+ * ```
+ * scheme serf peer
+ * | | |
+ * | +------> request ------->+
+ * | | |
+ * | +<---- authenticate <----+ (401 or 407)
+ * +<------ init-conn <------+ |
+ * | | |
+ * | (get credentials) <--+ (optional) |
+ * | | |
+ * +<-------- handle <-------+ |
+ * | | |
+ * | (pipelining off) <--+ (optional) |
+ * | | |
+ * +<---- setup-requiest <---+ |
+ * | +---> request + authn -->+
+ * | | |
+ * | +<------ response <------+
+ * +<-- validate-response <--+ |
+ * | | |
+ * | (pipelining on) <--+ (optional) |
+ * | | |
+ * ```
*/
/* Supported authentication types. */
@@ -971,24 +996,85 @@ serf_bucket_t *serf_request_bucket_reque
#define SERF_AUTHN_FLAG_PIPE 0x01 /**< Authn flags: Allow pipelining */
#define SERF_AUTHN_FLAG_CREDS 0x02 /**< Authn flags: Require credentials */
-/** TODO: */
+/**
+ * Callback for user-defined authentication scheme providers.
+ *
+ * Called to initialize the connection for this authentication scheme. Return
+ * the connection-specific @a authn_baton allocated from @a result_pool, that
+ * will be passed to the other callbacks when called for the same connection.
+ *
+ * @a baton is the user data pointer passed to serf_authn_register_scheme().
+ *
+ * @a code is the HTTP status code from the response that caused the call to
+ * this callback; either @c SERF_AUTHN_CODE_HOST when the peer is a server, or
+ * @c SERF_AUTHN_CODE_PROXY when proxy authentication is required.
+ *
+ * Use @a scratch_pool for temporary allocations.
+ *
+ * @since New in 1.4.
+ */
typedef apr_status_t
-(*serf_authn_init_conn_func_t)(void *baton, int code,
+(*serf_authn_init_conn_func_t)(void **authn_baton,
+ void *baton, int code,
apr_pool_t *result_pool,
- apr_pool_t *scratch_pool,
- void **authn_baton);
+ apr_pool_t *scratch_pool);
-/** TODO: */
+/**
+ * Callback for user-defined authentication scheme providers.
+ *
+ * Return a unique identifier of the server (or service) in @a realm_name,
+ * allocated from @a result_pool.
+ *
+ * @a baton is the user data pointer passed to serf_authn_register_scheme().
+ *
+ * @a authn_baton is the pointer returned from the init-connection callback.
+ *
+ * @a authn_header and @a authn_attributes contain the value of the
+ * authentication header (WWW-Authenticate or Proxy-Authenticate) recevied in
+ * a server response. @a authn_header contains the scheme name, i.e., "scheme
+ * <atributes>", whereas @a authn_attributes contains only the attributes
+ * without the scheme name.
+ *
+ * If the scheme flag @a SERF_AUTHN_FLAG_PIPE is *not* set, pipelining will be
+ * disabled on the connection after this callback succeeds.
+ *
+ * Use @a scratch_pool for temporary allocations.
+ *
+ * @since New in 1.4.
+ */
typedef apr_status_t
-(*serf_authn_get_realm_func_t)(void *baton,
+(*serf_authn_get_realm_func_t)(const char **realm_name,
+ void *baton,
void *authn_baton,
const char *authn_header,
const char *authn_attributes,
apr_pool_t *result_pool,
- apr_pool_t *scratch_pool,
- const char **realm_name);
+ apr_pool_t *scratch_pool);
-/** TODO: */
+/**
+ * Callback for user-defined authentication scheme providers.
+ *
+ * Called after the init-conn function has succeeded to prepare (cache) the
+ * credentials for this connection, usually in @a auth_baton.
+ *
+ * @a baton, @a authn_baton, @a authn_header and @a authn_attributers have the
+ * same meaning as in the get-realm function; @a code is the same as in the
+ * init-conn function.
+ *
+ * @a response_header is either "Authorization" or "Proxy-Authorization",
+ * depending on the type of the peer for the authentication handshake.
+ *
+ * @a username and @a password are optional (may ba null), provided by the
+ * credentials callback, which is called automatically if the scheme flag
+ * @c SERF_AUTHN_FLAG_CREDS is set.
+ *
+ * @a request is the pending request and @a response is the response that
+ * caused this callback to be called.
+ *
+ * Use @a scratch_pool for temporary allocations.
+ *
+ * @since New in 1.4.
+ */
typedef apr_status_t
(*serf_authn_handle_func_t)(void *baton,
void *authn_baton,
@@ -1003,11 +1089,24 @@ typedef apr_status_t
apr_pool_t *result_pool,
apr_pool_t *scratch_pool);
-/** TODO: */
+/**
+ * Callback for user-defined authentication scheme providers.
+ *
+ * Called every time a new authenticated @a request is being prepared for the
+ * connection @a conn, in order to add credentials etc. to the request.
+ *
+ * @a baton and @a authn_baton are the same as in the handle function.
+ *
+ * @a method and @a uri are the requests attributes and @a headers are the
+ * request headers where the credentials are usually set.
+ *
+ * Use @a scratch_pool for temporary allocations.
+ *
+ * @since New in 1.4.
+ */
typedef apr_status_t
(*serf_authn_setup_request_func_t)(void *baton,
void *authn_baton,
- int code,
serf_connection_t *conn,
serf_request_t *request,
const char *method,
@@ -1015,22 +1114,35 @@ typedef apr_status_t
serf_bucket_t *headers,
apr_pool_t *scratch_pool);
-/** TODO: */
+/**
+ * Callback for user-defined authentication scheme providers.
+ *
+ * Called every time a @a response with status @a code to the authenticated @a
+ * request is received from the connection @a conn.
+ *
+ * @a baton and @a authn_baton are the same as in the setup-request function
+ *
+ * If the scheme flag @c SERF_AUTHN_FLAG_PIPE is *not* set, return a boolean
+ * value in @a reset_pipelining to indicate whether pipelining on @a conn
should
+ * be restored to the value before the init-conn callback was invoked.
+ *
+ * Use @a scratch_pool for temporary allocations.
+ *
+ * @since New in 1.4.
+ */
typedef apr_status_t
-(*serf_authn_validate_response_func_t)(void *baton,
+(*serf_authn_validate_response_func_t)(int *reset_pipelining,
+ void *baton,
void *authn_baton,
int code,
serf_connection_t *conn,
serf_request_t *request,
serf_bucket_t *response,
- apr_pool_t *scratch_pool,
- int *reset_pipelining);
+ apr_pool_t *scratch_pool);
/**
* Register an autehtication scheme.
*
- * The context in @a ctx is used for logging.
- *
* The @a name is the name of the authentication scheme as it appears in the
* authorization headers. It must be a valid token as defined in RFC-9110
* (see reference, below).
@@ -1049,24 +1161,27 @@ typedef apr_status_t
* serf_config_authn_types(). If an error occurs during registration,
* @a type will be set to @c SERF_AUTHN_NONE.
*
- * Internal structures related to this provider will be allocated from
- * @a result_pool, so take care that it lives as long as the autehtication
- * scheme is registered.
+ * The @a ctx is used only for logging.
+ *
+ * Internal structures related to this provider will be allocated from @a
+ * result_pool, so take care that it lives as long as the autehtication scheme
+ * is registered. Ideally, this pool should have a longer lifetime than any of
+ * the pools used in calls to the serf_contex_create() family of functions.
*
* @see https://www.rfc-editor.org/rfc/rfc9110#section-11.1
* @since New in 1.4
*/
apr_status_t serf_authn_register_scheme(
- serf_context_t *ctx, const char *name, void *baton, int flags,
+ int *type,
+ serf_context_t *ctx,
+ const char *name, void *baton, int flags,
serf_authn_init_conn_func_t init_conn,
serf_authn_get_realm_func_t get_realm,
serf_authn_handle_func_t handle,
serf_authn_setup_request_func_t setup_request,
serf_authn_validate_response_func_t validate_response,
- apr_pool_t *result_pool,
- int *type);
+ apr_pool_t *result_pool);
-/* FIXME: Think some more about whether unregistering schemes makes sense. */
/**
* Unregister an uthentication scheme.
*
@@ -1076,19 +1191,20 @@ apr_status_t serf_authn_register_scheme(
* temporary allocations; this pool can be destroyed after the function
* has returned.
*
- * The context in @a ctx is used for logging.
- *
- * Unregistering a scheme should be avoided while requests that might
- * use the scheme are in flight.
+ * The @a ctx is used only for logging.
*
- * So in short, don't use this function at all...?
+ * NOTE: Unregistering a scheme should be avoided, unless you can be absolutely
+ * sure that there are no outstanding requests, responses, connections or
+ * contexts that refer to it. There is no internal reference counting or
+ * other mechanism to ensure that the scheme remains accessible while
it's
+ * in use. So in short: *do not* use this function at all.
*
* @since New in 1.4
*/
-/* apr_status_t serf_authn_unregister_scheme(serf_context_t *ctx, */
-/* int type, */
-/* const char *name, */
-/* apr_pool_t *scratch_pool); */
+apr_status_t serf_authn_unregister_scheme(serf_context_t *ctx,
+ int type,
+ const char *name,
+ apr_pool_t *scratch_pool);
/** @} */
Modified: serf/branches/user-defined-authn/test/test_auth.c
URL:
http://svn.apache.org/viewvc/serf/branches/user-defined-authn/test/test_auth.c?rev=1926674&r1=1926673&r2=1926674&view=diff
==============================================================================
--- serf/branches/user-defined-authn/test/test_auth.c (original)
+++ serf/branches/user-defined-authn/test/test_auth.c Tue Jun 24 05:34:26 2025
@@ -512,14 +512,6 @@ static void test_auth_on_HEAD(CuTest *tc
}
-/* FIXME: Temporary rename of the unregister function. */
-#define serf_authn_unregister_scheme(ctx, type, name, scratch_pool) \
- serf__authn__unregister_scheme((ctx), (type), (name), (scratch_pool))
-apr_status_t serf__authn__unregister_scheme(serf_context_t *ctx,
- int type,
- const char *name,
- apr_pool_t *scratch_pool);
-
static void test_authn_register_one(CuTest *tc)
{
test_baton_t *tb = tc->testBaton;
@@ -531,10 +523,11 @@ static void test_authn_register_one(CuTe
CuAssertIntEquals(tc, APR_SUCCESS, status);
/* Register an authentication scheme */
- status = serf_authn_register_scheme(tb->context, "Fizzle", baton,
+ status = serf_authn_register_scheme(&type, tb->context,
+ "Fizzle", baton,
SERF_AUTHN_FLAG_NONE,
NULL, NULL, NULL, NULL, NULL,
- tb->pool, &type);
+ tb->pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
CuAssertTrue(tc, type != SERF_AUTHN_NONE);
@@ -556,17 +549,19 @@ static void test_authn_register_two(CuTe
CuAssertIntEquals(tc, APR_SUCCESS, status);
/* Register the schemes */
- status = serf_authn_register_scheme(tb->context, "Tweedledee", baton1,
+ status = serf_authn_register_scheme(&type1, tb->context,
+ "Tweedledee", baton1,
SERF_AUTHN_FLAG_NONE,
NULL, NULL, NULL, NULL, NULL,
- tb->pool, &type1);
+ tb->pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
CuAssertTrue(tc, type1 != SERF_AUTHN_NONE);
- status = serf_authn_register_scheme(tb->context, "Tweedledum", baton2,
+ status = serf_authn_register_scheme(&type2, tb->context,
+ "Tweedledum", baton2,
SERF_AUTHN_FLAG_NONE,
NULL, NULL, NULL, NULL, NULL,
- tb->pool, &type2);
+ tb->pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
CuAssertTrue(tc, type2 != SERF_AUTHN_NONE);
CuAssertTrue(tc, type2 != type1);
@@ -591,17 +586,19 @@ static void test_authn_register_twice(Cu
CuAssertIntEquals(tc, APR_SUCCESS, status);
/* Register an authentication scheme */
- status = serf_authn_register_scheme(tb->context, "Tweens", baton,
+ status = serf_authn_register_scheme(&type, tb->context,
+ "Tweens", baton,
SERF_AUTHN_FLAG_NONE,
NULL, NULL, NULL, NULL, NULL,
- tb->pool, &type);
+ tb->pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
CuAssertTrue(tc, type != SERF_AUTHN_NONE);
- status = serf_authn_register_scheme(tb->context, "Tweens", baton,
+ status = serf_authn_register_scheme(&epyt, tb->context,
+ "Tweens", baton,
SERF_AUTHN_FLAG_NONE,
NULL, NULL, NULL, NULL, NULL,
- tb->pool, &epyt);
+ tb->pool);
CuAssertIntEquals(tc, APR_EEXIST, status);
CuAssertTrue(tc, epyt == SERF_AUTHN_NONE);
@@ -641,10 +638,11 @@ static void test_authn_registered_pool_c
CuAssertTrue(tc, scheme_pool != NULL);
/* Register an authentication scheme */
- status = serf_authn_register_scheme(tb->context, "Killed", baton,
+ status = serf_authn_register_scheme(&type, tb->context,
+ "Killed", baton,
SERF_AUTHN_FLAG_NONE,
NULL, NULL, NULL, NULL, NULL,
- scheme_pool, &type);
+ scheme_pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
CuAssertTrue(tc, type != SERF_AUTHN_NONE);
@@ -691,10 +689,10 @@ struct user_authn_cache {
static const char *const user_authn_prefix = "Tweedle";
-static apr_status_t user_authn_init_conn(void *baton, int code,
+static apr_status_t user_authn_init_conn(void **authn_baton,
+ void *baton, int code,
apr_pool_t *result_pool,
- apr_pool_t *scratch_pool,
- void **authn_baton)
+ apr_pool_t *scratch_pool)
{
USER_AUTHN_COUNT(baton, init_conn);
@@ -705,13 +703,13 @@ static apr_status_t user_authn_init_conn
return APR_SUCCESS;
}
-static apr_status_t user_authn_get_realm(void *baton,
+static apr_status_t user_authn_get_realm(const char **realm_name,
+ void *baton,
void *authn_baton,
const char *authn_header,
const char *authn_attributes,
apr_pool_t *result_pool,
- apr_pool_t *scratch_pool,
- const char **realm_name)
+ apr_pool_t *scratch_pool)
{
const char *end;
apr_size_t length;
@@ -766,7 +764,6 @@ static apr_status_t user_authn_handle(vo
static apr_status_t user_authn_setup_request(void *baton,
void *authn_baton,
- int code,
serf_connection_t *conn,
serf_request_t *request,
const char *method,
@@ -790,14 +787,14 @@ static apr_status_t user_authn_setup_req
return SERF_ERROR_AUTHN_FAILED;
}
-static apr_status_t user_authn_validate_response(void *baton,
+static apr_status_t user_authn_validate_response(int *reset_pipelining,
+ void *baton,
void *authn_baton,
int code,
serf_connection_t *conn,
serf_request_t *request,
serf_bucket_t *response,
- apr_pool_t *scratch_pool,
- int *reset_pipelining)
+ apr_pool_t *scratch_pool)
{
USER_AUTHN_COUNT(baton, validate_response);
*reset_pipelining = 1;
@@ -856,23 +853,25 @@ static void user_authentication(CuTest *
status = setup_test_context(tb, tb->pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
- status = serf_authn_register_scheme(tb->context, tdee->name, tdee, flags,
+ status = serf_authn_register_scheme(&typedee, tb->context,
+ tdee->name, tdee, flags,
user_authn_init_conn,
user_authn_get_realm,
user_authn_handle,
user_authn_setup_request,
user_authn_validate_response,
- tb->pool, &typedee);
+ tb->pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
CuAssertTrue(tc, typedee != SERF_AUTHN_NONE);
- status = serf_authn_register_scheme(tb->context, tdum->name, tdum, flags,
+ status = serf_authn_register_scheme(&typedum, tb->context,
+ tdum->name, tdum, flags,
user_authn_init_conn,
user_authn_get_realm,
user_authn_handle,
user_authn_setup_request,
user_authn_validate_response,
- tb->pool, &typedum);
+ tb->pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
CuAssertTrue(tc, typedum != SERF_AUTHN_NONE);
CuAssertTrue(tc, typedum != typedee);
