[mod_auth] inline arrays in http_auth_require_t

also, keep ptr to const buffer *realm rather than copy
2 years ago · a03afc9043
4 changed files with 17 additions and 25 deletions
--- a/src/http_auth.c
+++ b/src/http_auth.c
@ -113,22 +113,14 @@ http_auth_require_t * http_auth_require_init (void)
 {
    http_auth_require_t *require = calloc(1, sizeof(http_auth_require_t));
    force_assert(NULL != require);
-
-    require->realm = buffer_init();
-    require->valid_user = 0;
-    require->user = array_init();
-    require->group = array_init();
-    require->host = array_init();
-
    return require;
 }

 void http_auth_require_free (http_auth_require_t * const require)
 {
-    buffer_free(require->realm);
-    array_free(require->user);
-    array_free(require->group);
-    array_free(require->host);
+    array_free_data(&require->user);
+    array_free_data(&require->group);
+    array_free_data(&require->host);
    free(require);
 }

@ -149,17 +141,17 @@ int http_auth_match_rules (const http_auth_require_t * const require, const char
 {
    if (NULL != user
        && (require->valid_user
-            || http_auth_array_contains(require->user, user, strlen(user)))) {
+            || http_auth_array_contains(&require->user, user, strlen(user)))) {
        return 1; /* match */
    }

    if (NULL != group
-        && http_auth_array_contains(require->group, group, strlen(group))) {
+        && http_auth_array_contains(&require->group, group, strlen(group))) {
        return 1; /* match */
    }

    if (NULL != host
-        && http_auth_array_contains(require->host, host, strlen(host))) {
+        && http_auth_array_contains(&require->host, host, strlen(host))) {
        return 1; /* match */
    }

--- a/src/http_auth.h
+++ b/src/http_auth.h
@ -28,12 +28,12 @@ struct http_auth_backend_t;

 typedef struct http_auth_require_t {
    const struct http_auth_scheme_t *scheme;
-    buffer *realm;
+    const buffer *realm;
    int valid_user;
    int algorithm;
-    array *user;
-    array *group;
-    array *host;
+    array user;
+    array group;
+    array host;
 } http_auth_require_t;

 http_auth_require_t * http_auth_require_init (void);
--- a/src/mod_auth.c
+++ b/src/mod_auth.c
@ -206,12 +206,12 @@ static int mod_auth_require_parse (server *srv, http_auth_require_t * const requ
          case 4:
            if (0 == memcmp(str, CONST_STR_LEN("user"))) {
                /*("user=" is 5)*/
-                array_set_key_value(require->user, str+5, len-5, CONST_STR_LEN(""));
+                array_set_key_value(&require->user, str+5, len-5, CONST_STR_LEN(""));
                continue;
            }
            else if (0 == memcmp(str, CONST_STR_LEN("host"))) {
                /*("host=" is 5)*/
-                array_set_key_value(require->host, str+5, len-5, CONST_STR_LEN(""));
+                array_set_key_value(&require->host, str+5, len-5, CONST_STR_LEN(""));
                log_error_write(srv, __FILE__, __LINE__, "ssb",
                                "warning parsing auth.require 'require' field: 'host' not implemented;",
                                "field value:", b);
@ -221,7 +221,7 @@ static int mod_auth_require_parse (server *srv, http_auth_require_t * const requ
          case 5:
            if (0 == memcmp(str, CONST_STR_LEN("group"))) {
                /*("group=" is 6)*/
-                array_set_key_value(require->group, str+6, len-6, CONST_STR_LEN(""));
+                array_set_key_value(&require->group, str+6, len-6, CONST_STR_LEN(""));
              #if 0/*(supported by mod_authn_ldap, but not all other backends)*/
                log_error_write(srv, __FILE__, __LINE__, "ssb",
                                "warning parsing auth.require 'require' field: 'group' not implemented;",
@ -346,7 +346,7 @@ static handler_t mod_auth_require_parse_array(server *srv, const array *value, a
 				buffer_copy_buffer(&dauth->key, &da_file->key);
 				dauth->require->scheme = auth_scheme;
 				dauth->require->algorithm = algorithm;
-				buffer_copy_buffer(dauth->require->realm, realm);
+				dauth->require->realm = realm;
 				if (!mod_auth_require_parse(srv, dauth->require, require)) {
 					dauth->fn->free((data_unset *)dauth);
 					return HANDLER_ERROR;
@ -528,7 +528,7 @@ static handler_t mod_auth_send_400_bad_request(server *srv, connection *con) {
 	return HANDLER_FINISHED;
 }

-static handler_t mod_auth_send_401_unauthorized_basic(server *srv, connection *con, buffer *realm) {
+static handler_t mod_auth_send_401_unauthorized_basic(server *srv, connection *con, const buffer *realm) {
 	con->http_status = 401;
 	con->mode = DIRECT;

--- a/src/mod_authn_ldap.c
+++ b/src/mod_authn_ldap.c
@ -630,7 +630,7 @@ static char * mod_authn_ldap_get_dn(server *srv, plugin_config_ldap *s, const ch
 }

 static handler_t mod_authn_ldap_memberOf(server *srv, plugin_config *s, const http_auth_require_t *require, const buffer *username, const char *userdn) {
-    array *groups = require->group;
+    const array *groups = &require->group;
    buffer *filter = buffer_init();
    handler_t rc = HANDLER_ERROR;

@ -752,7 +752,7 @@ static handler_t mod_authn_ldap_basic(server *srv, connection *con, void *p_d, c
        if (http_auth_match_rules(require, username->ptr, NULL, NULL)) {
            rc = HANDLER_GO_ON; /* access granted */
        }
-        else if (require->group->used) {
+        else if (require->group.used) {
            /*(must not re-use ldap_filter, since it might be used for dn)*/
            rc = mod_authn_ldap_memberOf(srv,&p->conf,require,username,dn);
        }