You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2008/09/17 18:37:07 UTC
svn commit: r696364 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS
modules/aaa/mod_authn_alias.c
Author: covener
Date: Wed Sep 17 09:37:07 2008
New Revision: 696364
URL: http://svn.apache.org/viewvc?rev=696364&view=rev
Log:
backport r678949 from trunk:
propogate a NULL get_realm_hash() implementation from AuthnProviderAlias back
to mod_auth_digest. PR 45196
Submitted by: covener
Reviewed by: rpluem, jerenkrantz
Modified:
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/STATUS
httpd/httpd/branches/2.2.x/modules/aaa/mod_authn_alias.c
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=696364&r1=696363&r2=696364&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Wed Sep 17 09:37:07 2008
@@ -5,6 +5,10 @@
mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of
the FTP URL. Discovered by Marc Bevand of Rapid7. [Ruediger Pluem]
+ *) mod_authn_alias: Detect during startup when AuthDigestProvider
+ is configured to use an incompatible provider via AuthnProviderAlias.
+ PR 45196 [Eric Covener]
+
*) mod_proxy: Add 'scolonpathdelim' parameter to allow for ';' to also be
used as a session path separator/delim PR 45158. [Jim Jagielski]
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=696364&r1=696363&r2=696364&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Wed Sep 17 09:37:07 2008
@@ -92,16 +92,6 @@
http://svn.apache.org/viewvc?rev=639010&view=rev (mmn)
+1: niq, rpluem, mturk
- * mod_authn_alias: Propogate a NULL get_realm_hash() implementation
- from AuthnProviderAlias back to mod_auth_digest. This moves detection
- of an incompatible-with-digest provider to a startup error.
- PR 45196
- Trunk version of patch:
- http://svn.apache.org/viewvc?rev=678949&view=rev
- Backport version for 2.2.x of patch:
- http://people.apache.org/~covener/2.2.x-auth_alias_digest.diff
- +1: covener, rpluem, jerenkrantz
-
* mod_proxy_balancer: Add in new bybusyness LB method.
Trunk version of patch:
http://svn.apache.org/viewvc?rev=686805&view=rev
Modified: httpd/httpd/branches/2.2.x/modules/aaa/mod_authn_alias.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/aaa/mod_authn_alias.c?rev=696364&r1=696363&r2=696364&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/aaa/mod_authn_alias.c (original)
+++ httpd/httpd/branches/2.2.x/modules/aaa/mod_authn_alias.c Wed Sep 17 09:37:07 2008
@@ -122,6 +122,12 @@
&authn_alias_get_realm_hash,
};
+static const authn_provider authn_alias_provider_nodigest =
+{
+ &authn_alias_check_password,
+ NULL,
+};
+
static const char *authaliassection(cmd_parms *cmd, void *mconfig, const char *arg)
{
int old_overrides = cmd->override;
@@ -194,7 +200,9 @@
/* Register the fake provider so that we get called first */
ap_register_provider(cmd->pool, AUTHN_PROVIDER_GROUP, provider_alias, "0",
- &authn_alias_provider);
+ provider->get_realm_hash ?
+ &authn_alias_provider :
+ &authn_alias_provider_nodigest);
}
cmd->override = old_overrides;