You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2005/06/23 12:27:31 UTC
svn commit: r193127 - /httpd/httpd/trunk/modules/aaa/mod_auth_digest.c
Author: jorton
Date: Thu Jun 23 03:27:27 2005
New Revision: 193127
URL: http://svn.apache.org/viewcvs?rev=193127&view=rev
Log:
* modules/aaa/mod_auth_digest.c: Another gcc 4 "structure field may be
used uninitialized" warning; fix validation of digest-uri for CONNECT
requests:
(copy_uri_components): Copy the hostinfo field.
(authenticate_digest_user): Don't pass NULL (or, previously, a random
pointer) to strcmp if a digest-uri is provided which doesn't match the
request-uri in a CONNECT request.
Modified:
httpd/httpd/trunk/modules/aaa/mod_auth_digest.c
Modified: httpd/httpd/trunk/modules/aaa/mod_auth_digest.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/modules/aaa/mod_auth_digest.c?rev=193127&r1=193126&r2=193127&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_auth_digest.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_auth_digest.c Thu Jun 23 03:27:27 2005
@@ -1575,6 +1575,8 @@
else {
dst->query = src->query;
}
+
+ dst->hostinfo = src->hostinfo;
}
/* These functions return 0 if client is OK, and proper error status
@@ -1709,7 +1711,7 @@
}
if (r->method_number == M_CONNECT) {
- if (strcmp(resp->uri, r_uri.hostinfo)) {
+ if (!r_uri.hostinfo || strcmp(resp->uri, r_uri.hostinfo)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"Digest: uri mismatch - <%s> does not match "
"request-uri <%s>", resp->uri, r_uri.hostinfo);