You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2008/09/17 18:37:07 UTC

svn commit: r696364 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS modules/aaa/mod_authn_alias.c

Author: covener
Date: Wed Sep 17 09:37:07 2008
New Revision: 696364

URL: http://svn.apache.org/viewvc?rev=696364&view=rev
Log:
backport r678949 from trunk:

propogate a NULL get_realm_hash() implementation from AuthnProviderAlias back
to mod_auth_digest.  PR 45196

Submitted by: covener
Reviewed by: rpluem, jerenkrantz


Modified:
    httpd/httpd/branches/2.2.x/CHANGES
    httpd/httpd/branches/2.2.x/STATUS
    httpd/httpd/branches/2.2.x/modules/aaa/mod_authn_alias.c

Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=696364&r1=696363&r2=696364&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Wed Sep 17 09:37:07 2008
@@ -5,6 +5,10 @@
      mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of
      the FTP URL. Discovered by Marc Bevand of Rapid7. [Ruediger Pluem]
 
+  *) mod_authn_alias: Detect during startup when AuthDigestProvider
+     is configured to use an incompatible provider via AuthnProviderAlias.
+     PR 45196 [Eric Covener]
+
   *) mod_proxy: Add 'scolonpathdelim' parameter to allow for ';' to also be
      used as a session path separator/delim  PR 45158. [Jim Jagielski]
 

Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=696364&r1=696363&r2=696364&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Wed Sep 17 09:37:07 2008
@@ -92,16 +92,6 @@
    http://svn.apache.org/viewvc?rev=639010&view=rev (mmn)
    +1: niq, rpluem, mturk
 
- * mod_authn_alias: Propogate a NULL get_realm_hash() implementation 
-   from AuthnProviderAlias back to mod_auth_digest. This moves detection
-   of an incompatible-with-digest provider to a startup error.
-   PR 45196
-    Trunk version of patch:
-       http://svn.apache.org/viewvc?rev=678949&view=rev
-    Backport version for 2.2.x of patch:
-       http://people.apache.org/~covener/2.2.x-auth_alias_digest.diff 
-   +1: covener, rpluem, jerenkrantz
-
  * mod_proxy_balancer: Add in new bybusyness LB method.
     Trunk version of patch:
        http://svn.apache.org/viewvc?rev=686805&view=rev

Modified: httpd/httpd/branches/2.2.x/modules/aaa/mod_authn_alias.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/aaa/mod_authn_alias.c?rev=696364&r1=696363&r2=696364&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/aaa/mod_authn_alias.c (original)
+++ httpd/httpd/branches/2.2.x/modules/aaa/mod_authn_alias.c Wed Sep 17 09:37:07 2008
@@ -122,6 +122,12 @@
     &authn_alias_get_realm_hash,
 };
 
+static const authn_provider authn_alias_provider_nodigest =
+{
+    &authn_alias_check_password,
+    NULL,
+};
+
 static const char *authaliassection(cmd_parms *cmd, void *mconfig, const char *arg)
 {
     int old_overrides = cmd->override;
@@ -194,7 +200,9 @@
 
         /* Register the fake provider so that we get called first */
         ap_register_provider(cmd->pool, AUTHN_PROVIDER_GROUP, provider_alias, "0",
-                             &authn_alias_provider);
+                             provider->get_realm_hash ?
+                                 &authn_alias_provider : 
+                                 &authn_alias_provider_nodigest);
     }
 
     cmd->override = old_overrides;