You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mi...@apache.org on 2012/12/16 13:38:46 UTC
svn commit: r1422570 - in /httpd/httpd/branches/2.4.x: ./ CHANGES
modules/aaa/mod_auth_form.c
Author: minfrin
Date: Sun Dec 16 12:38:45 2012
New Revision: 1422570
URL: http://svn.apache.org/viewvc?rev=1422570&view=rev
Log:
mod_auth_form: Make sure that get_notes_auth() sets the user as does
get_form_auth() and get_session_auth(). Makes sure that REMOTE_USER
does not vanish during mod_include driven subrequests.
trunk patch: http://svn.apache.org/viewvc?rev=1393152&view=rev
Submitted by: minfrin
Reviewed by: minfrin, jim, gsmith
Modified:
httpd/httpd/branches/2.4.x/ (props changed)
httpd/httpd/branches/2.4.x/CHANGES
httpd/httpd/branches/2.4.x/modules/aaa/mod_auth_form.c
Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1393152
Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1422570&r1=1422569&r2=1422570&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Sun Dec 16 12:38:45 2012
@@ -2,6 +2,11 @@
Changes with Apache 2.4.4
+ *) mod_auth_form: Make sure that get_notes_auth() sets the user as does
+ get_form_auth() and get_session_auth(). Makes sure that REMOTE_USER
+ does not vanish during mod_include driven subrequests. [Graham
+ Leggett]
+
*) mod_cache_disk: Resolve errors while revalidating disk-cached files on
Windows ("...rename tempfile to datafile failed..."). PR 38827
[Eric Covener]
Modified: httpd/httpd/branches/2.4.x/modules/aaa/mod_auth_form.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/aaa/mod_auth_form.c?rev=1422570&r1=1422569&r2=1422570&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/aaa/mod_auth_form.c (original)
+++ httpd/httpd/branches/2.4.x/modules/aaa/mod_auth_form.c Sun Dec 16 12:38:45 2012
@@ -489,34 +489,40 @@ static void set_notes_auth(request_rec *
* Get the auth username and password from the main request
* notes table, if present.
*/
-static void get_notes_auth(request_rec * r,
+static void get_notes_auth(request_rec *r,
const char **user, const char **pw,
const char **method, const char **mimetype)
{
const char *authname;
+ request_rec *m = r;
/* find the main request */
- while (r->main) {
- r = r->main;
+ while (m->main) {
+ m = m->main;
}
/* find the first redirect */
- while (r->prev) {
- r = r->prev;
+ while (m->prev) {
+ m = m->prev;
}
/* have we isolated the user and pw before? */
- authname = ap_auth_name(r);
+ authname = ap_auth_name(m);
if (user) {
- *user = (char *) apr_table_get(r->notes, apr_pstrcat(r->pool, authname, "-user", NULL));
+ *user = (char *) apr_table_get(m->notes, apr_pstrcat(m->pool, authname, "-user", NULL));
}
if (pw) {
- *pw = (char *) apr_table_get(r->notes, apr_pstrcat(r->pool, authname, "-pw", NULL));
+ *pw = (char *) apr_table_get(m->notes, apr_pstrcat(m->pool, authname, "-pw", NULL));
}
if (method) {
- *method = (char *) apr_table_get(r->notes, apr_pstrcat(r->pool, authname, "-method", NULL));
+ *method = (char *) apr_table_get(m->notes, apr_pstrcat(m->pool, authname, "-method", NULL));
}
if (mimetype) {
- *mimetype = (char *) apr_table_get(r->notes, apr_pstrcat(r->pool, authname, "-mimetype", NULL));
+ *mimetype = (char *) apr_table_get(m->notes, apr_pstrcat(m->pool, authname, "-mimetype", NULL));
+ }
+
+ /* set the user, even though the user is unauthenticated at this point */
+ if (user && *user) {
+ r->user = (char *) *user;
}
ap_log_rerror(APLOG_MARK, APLOG_TRACE6, 0, r,