Patches item #1693132, was opened at 2007-04-02 13:57 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=743022&aid=1693132&group_id=139143
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: modules Group: ver 1.2.x Status: Open Resolution: None Priority: 5 Private: No Submitted By: Anatoly Pidruchny (apidruchny) Assigned to: Nobody/Anonymous (nobody) Summary: Added function is_stale_nonce() into auth module. Initial Comment: This patch is basically in implementation for Feature Request 1681265: differ between wrong password, stale nonce and invalid user (https://sourceforge.net/tracker/?func=detail&atid=743023&aid=1681265&group_id=139143). As far as I know, module functions can not return values, other then TRUE/SUCCESS (1), FALSE/FAILURE (-1) and ERROR(0). So, the solution is to add a new function is_stale_nonce() into the auth module that can be called after www_authorize or proxy_authorize returned FALSE. is_stale_nonce then will allow to differentiate between the case when the authorization failed because of the invalid user/wrong password and stale nonce. If is_stale_nonce returns TRUE, it means that authorization failed because of stale nonce. Example of usage: if (!proxy_authorize("my_domain", "subscriber")) { # Log a message only when user name or password is wrong, not when nonce is stale if (!is_stale_nonce()) { log(1, "Authorization failed\n"); } } The code changes are: 1. Add a new flag FL_STALE_NONCE in the parser/msg_parser.h. 2. In modules/auth/api.c, the functions pre_auth and post_auth set this flag in the message flags variable in the cases when nonce is stale. 3. In modules/auth/auth_db.c, the new function is_stale_nonce is added. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=743022&aid=1693132&group_id=139143 _______________________________________________ Devel mailing list [email protected] http://openser.org/cgi-bin/mailman/listinfo/devel
