You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by Alexei Kosut <ak...@hyperreal.com> on 1996/06/17 22:28:21 UTC
cvs commit: apache/src CHANGES http_request.c
akosut 96/06/17 13:28:20
Modified: src CHANGES http_request.c
Log:
Broken authentication behavior regarding multiple methods fixed.
Submitted by: Robert S. Thau
Revision Changes Path
1.32 +2 -0 apache/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.31
retrieving revision 1.32
diff -C3 -r1.31 -r1.32
*** CHANGES 1996/06/17 20:25:12 1.31
--- CHANGES 1996/06/17 20:28:18 1.32
***************
*** 2,7 ****
--- 2,9 ----
*) r->bytes_sent variable restored
+ *) Previously broken multi-method <Limit> parsing fixed.
+
*) More possibly unsecure programs removed from the support directory.
*) More mod_auth_msql authentication improvements.
1.10 +20 -1 apache/src/http_request.c
Index: http_request.c
===================================================================
RCS file: /export/home/cvs/apache/src/http_request.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -C3 -r1.9 -r1.10
*** http_request.c 1996/06/13 03:09:22 1.9
--- http_request.c 1996/06/17 20:28:19 1.10
***************
*** 659,664 ****
--- 659,683 ----
else die (status, r);
}
+ static int some_auth_required (request_rec *r)
+ {
+ /* Is there a require line configured for the type of *this* req? */
+
+ array_header *reqs_arr = requires (r);
+ require_line *reqs;
+ int i;
+
+ if (!reqs_arr) return 0;
+
+ reqs = (require_line *)reqs_arr->elts;
+
+ for (i = 0; i < reqs_arr->nelts; ++i)
+ if (reqs[i].method_mask & (1 << r->method_number))
+ return 1;
+
+ return 0;
+ }
+
void process_request_internal (request_rec *r)
{
int access_status;
***************
*** 721,727 ****
return;
}
! if (auth_type (r)) {
if ((access_status = check_user_id (r)) != 0) {
decl_die (access_status, "check user. No user file?", r);
return;
--- 740,746 ----
return;
}
! if (some_auth_required (r)) {
if ((access_status = check_user_id (r)) != 0) {
decl_die (access_status, "check user. No user file?", r);
return;