Merged mochiweb branch back into trunk.

git-svn-id: https://svn.apache.org/repos/asf/incubator/couchdb/trunk@648222 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 0 insertions, 294 deletions

diff --git a/src/couch_inets/mod_security.erl b/src/couch_inets/mod_security.erl
deleted file mode 100644
index dac6d70e..00000000
--- a/src/couch_inets/mod_security.erl
+++ /dev/null
@@ -1,294 +0,0 @@
-%% ``The contents of this file are subject to the Erlang Public License,
-%% Version 1.1, (the "License"); you may not use this file except in
-%% compliance with the License. You should have received a copy of the
-%% Erlang Public License along with this software. If not, it can be
-%% retrieved via the world wide web at http://www.erlang.org/.
-%% 
-%% Software distributed under the License is distributed on an "AS IS"
-%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-%% the License for the specific language governing rights and limitations
-%% under the License.
-%% 
-%% The Initial Developer of the Original Code is Ericsson Utvecklings AB.
-%% Portions created by Ericsson are Copyright 1999, Ericsson Utvecklings
-%% AB. All Rights Reserved.''
-%% 
-%%     $Id$
-%%
--module(mod_security).
-
-%% Security Audit Functionality
-
-%% User API exports
--export([list_blocked_users/1, list_blocked_users/2, list_blocked_users/3, 
-	 block_user/4, block_user/5, 
-	 unblock_user/2, unblock_user/3, unblock_user/4,
-	 list_auth_users/1, list_auth_users/2, list_auth_users/3]).
-
-%% module API exports
--export([do/1, load/2, store/2, remove/1]).
-
--include("httpd.hrl").
-
-%% We will not make the change to use base64 in stdlib in inets just yet.
-%% it will be included in the next major release of inets. 
--compile({nowarn_deprecated_function, {http_base_64, encode, 1}}).
-
--define(VMODULE,"SEC").
-
-
-%% do/1
-do(Info) ->
-    %% Check and see if any user has been authorized.
-    case httpd_util:key1search(Info#mod.data,remote_user,not_defined_user) of
-	not_defined_user ->
-	    %% No user has been authorized.
-	    case httpd_util:key1search(Info#mod.data, response) of
-		%% A status code has been generated!
-		{401, _Response} ->
-		    case httpd_util:key1search(Info#mod.parsed_header,
-					       "authorization") of
-			undefined ->
-			    %% Not an authorization attempt (server just replied to
-			    %% challenge for authentication)
-			    {proceed, Info#mod.data};
-			[$B,$a,$s,$i,$c,$ |EncodedString] ->
-			    %% Someone tried to authenticate, and obviously failed!
-			    DecodedString =  
-				case (catch 
-					  http_base_64:decode(
-					    EncodedString)) of
-				    %% Decode failed 
-				    {'EXIT',{function_clause, _}} ->
-					EncodedString;
-				    String ->
-					String
-				end,
-				 
-			    report_failed(Info, DecodedString,"Failed authentication"),
-			    take_failed_action(Info, DecodedString),
-			    {proceed, Info#mod.data}
-		    end;
-		_ ->
-		    {proceed, Info#mod.data}
-	    end;
-	User ->
-	    %% A user has been authenticated, now is he blocked ?
-	    Path = mod_alias:path(Info#mod.data,
-				  Info#mod.config_db,
-				  Info#mod.request_uri),
-	    {_Dir, SDirData} = secretp(Path, Info#mod.config_db),
-	    Addr = httpd_util:lookup(Info#mod.config_db, bind_address),
-	    Port = httpd_util:lookup(Info#mod.config_db, port),
-	    case mod_security_server:check_blocked_user(Info, User, 
-							SDirData, 
-							Addr, Port) of
-		true ->
-		    report_failed(Info, User ,"User Blocked"),
-		    {proceed, [{status, {403, Info#mod.request_uri, ""}}|Info#mod.data]};
-		false ->
-		    report_failed(Info, User,"Authentication Succedded"),
-		    mod_security_server:store_successful_auth(Addr, Port, 
-							      User, SDirData),
-		    {proceed, Info#mod.data}
-	    end
-    end.
-
-report_failed(Info, Auth, Event) ->
-    Request = Info#mod.request_line,
-    {_PortNumber,RemoteHost}=(Info#mod.init_data)#init_data.peername,
-    String = RemoteHost ++ " : " ++ Event ++ " : " ++ Request ++ " : " ++ Auth,
-    mod_disk_log:security_log(Info,String),
-    mod_log:security_log(Info, String).
-
-take_failed_action(Info, Auth) ->
-    Path = mod_alias:path(Info#mod.data, Info#mod.config_db, 
-			  Info#mod.request_uri),
-    {_Dir, SDirData} = secretp(Path, Info#mod.config_db),
-    Addr = httpd_util:lookup(Info#mod.config_db, bind_address),
-    Port = httpd_util:lookup(Info#mod.config_db, port),
-    mod_security_server:store_failed_auth(Info, Addr, Port, 
-					  Auth, SDirData).
-
-secretp(Path, ConfigDB) ->
-    Directories = ets:match(ConfigDB,{directory,'$1','_'}),
-    case secret_path(Path, Directories) of
-	{yes, Directory} ->
-	    SDirs0 = httpd_util:multi_lookup(ConfigDB, security_directory),
-	    SDir = lists:filter(fun(X) ->
-					lists:member({path, Directory}, X)
-				end, SDirs0),
-	    {Directory, lists:flatten(SDir)};
-	no ->
-	    {[], []}
-    end.
-
-secret_path(Path,Directories) ->
-    secret_path(Path, httpd_util:uniq(lists:sort(Directories)), to_be_found).
-
-secret_path(_Path, [], to_be_found) ->
-    no;
-secret_path(_Path, [], Directory) ->
-    {yes, Directory};
-secret_path(Path, [[NewDirectory]|Rest], Directory) ->
-    case regexp:match(Path, NewDirectory) of
-	{match, _, _} when Directory == to_be_found ->
-	    secret_path(Path, Rest, NewDirectory);
-	{match, _, Length} when Length > length(Directory)->
-	    secret_path(Path, Rest, NewDirectory);
-	{match, _, _} ->
-	    secret_path(Path, Rest, Directory);
-	nomatch ->
-	    secret_path(Path, Rest, Directory)
-    end.
-
-
-load("<Directory " ++ Directory,[]) ->
-    Dir = httpd_conf:custom_clean(Directory,"",">"),
-    {ok, [{security_directory, Dir, [{path, Dir}]}]};
-load(eof,[{security_directory,Directory, _DirData}|_]) ->
-    {error, ?NICE("Premature end-of-file in "++Directory)};
-load("SecurityDataFile " ++ FileName,
-     [{security_directory, Dir, DirData}]) ->
-    File = httpd_conf:clean(FileName),
-    {ok, [{security_directory, Dir, [{data_file, File}|DirData]}]};
-load("SecurityCallbackModule " ++ ModuleName,
-     [{security_directory, Dir, DirData}]) ->
-    Mod = list_to_atom(httpd_conf:clean(ModuleName)),
-    {ok, [{security_directory, Dir, [{callback_module, Mod}|DirData]}]};
-load("SecurityMaxRetries " ++ Retries,
-     [{security_directory, Dir, DirData}]) ->
-    load_return_int_tag("SecurityMaxRetries", max_retries, 
-			httpd_conf:clean(Retries), Dir, DirData);
-load("SecurityBlockTime " ++ Time,
-      [{security_directory, Dir, DirData}]) ->
-	    load_return_int_tag("SecurityBlockTime", block_time,
-				httpd_conf:clean(Time), Dir, DirData);
-load("SecurityFailExpireTime " ++ Time,
-     [{security_directory, Dir, DirData}]) ->
-    load_return_int_tag("SecurityFailExpireTime", fail_expire_time,
-			httpd_conf:clean(Time), Dir, DirData);
-load("SecurityAuthTimeout " ++ Time0,
-     [{security_directory, Dir, DirData}]) ->
-    Time = httpd_conf:clean(Time0),
-    load_return_int_tag("SecurityAuthTimeout", auth_timeout,
-			httpd_conf:clean(Time), Dir, DirData);
-load("AuthName " ++ Name0,
-     [{security_directory, Dir, DirData}]) ->
-    Name = httpd_conf:clean(Name0),
-    {ok, [{security_directory, Dir, [{auth_name, Name}|DirData]}]};
-load("</Directory>",[{security_directory,Directory, DirData}]) ->
-    {ok, [], {security_directory, Directory, DirData}}.
-
-load_return_int_tag(Name, Atom, Time, Dir, DirData) ->
-    case Time of
-	"infinity" ->
-	    {ok, [{security_directory, Dir, [{Atom, 99999999999999999999999999999}|DirData]}]};
-	_Int ->
-	    case catch list_to_integer(Time) of
-		{'EXIT', _} ->
-		    {error, Time++" is an invalid "++Name};
-		Val ->
-		    {ok, [{security_directory, Dir, [{Atom, Val}|DirData]}]}
-	    end
-    end.
-
-store({security_directory, _Dir0, DirData}, ConfigList) ->
-    Addr = httpd_util:key1search(ConfigList, bind_address),
-    Port = httpd_util:key1search(ConfigList, port),
-    mod_security_server:start(Addr, Port),
-    SR = httpd_util:key1search(ConfigList, server_root),
-    
-    case httpd_util:key1search(DirData, data_file, no_data_file) of
-	no_data_file ->
-	    {error, no_security_data_file};
-	DataFile0 ->
-	    DataFile = 
-		case filename:pathtype(DataFile0) of
-		    relative ->
-			filename:join(SR, DataFile0);
-		    _ ->
-			DataFile0
-		end,
-	    case mod_security_server:new_table(Addr, Port, DataFile) of
-		{ok, TwoTables} ->
-		    NewDirData0 = lists:keyreplace(data_file, 1, DirData, 
-						   {data_file, TwoTables}),
-		    NewDirData1 = case Addr of
-				      undefined ->
-					  [{port,Port}|NewDirData0];
-				      _ ->
-					  [{port,Port},{bind_address,Addr}|
-					   NewDirData0]
-				  end,
-		    {ok, {security_directory,NewDirData1}};
-		{error, Err} ->
-		    {error, {{open_data_file, DataFile}, Err}}
-	    end
-    end.
-
-
-remove(ConfigDB) ->
-    Addr = case ets:lookup(ConfigDB, bind_address) of
-	       [] -> 
-		   undefined;
-	       [{bind_address, Address}] ->
-		   Address
-	   end,
-    [{port, Port}] = ets:lookup(ConfigDB, port),
-    mod_security_server:delete_tables(Addr, Port),
-    mod_security_server:stop(Addr, Port).
-    
-
-%%
-%% User API
-%%
-
-%% list_blocked_users
-
-list_blocked_users(Port) ->
-    list_blocked_users(undefined, Port).
-
-list_blocked_users(Port, Dir) when integer(Port) ->
-    list_blocked_users(undefined,Port,Dir);
-list_blocked_users(Addr, Port) when integer(Port) ->
-    mod_security_server:list_blocked_users(Addr, Port).
-
-list_blocked_users(Addr, Port, Dir) ->
-    mod_security_server:list_blocked_users(Addr, Port, Dir).
-
-
-%% block_user
-
-block_user(User, Port, Dir, Time) ->
-    block_user(User, undefined, Port, Dir, Time).
-block_user(User, Addr, Port, Dir, Time) ->
-    mod_security_server:block_user(User, Addr, Port, Dir, Time).
-
-
-%% unblock_user
-
-unblock_user(User, Port) ->
-    unblock_user(User, undefined, Port).
-
-unblock_user(User, Port, Dir) when integer(Port) ->
-    unblock_user(User, undefined, Port, Dir);
-unblock_user(User, Addr, Port) when integer(Port) ->
-    mod_security_server:unblock_user(User, Addr, Port).
-
-unblock_user(User, Addr, Port, Dir) ->
-    mod_security_server:unblock_user(User, Addr, Port, Dir).
-
-
-%% list_auth_users
-
-list_auth_users(Port) ->
-    list_auth_users(undefined,Port).
-
-list_auth_users(Port, Dir) when integer(Port) ->
-    list_auth_users(undefined, Port, Dir);
-list_auth_users(Addr, Port) when integer(Port) ->
-    mod_security_server:list_auth_users(Addr, Port).
-
-list_auth_users(Addr, Port, Dir) ->
-    mod_security_server:list_auth_users(Addr, Port, Dir).