You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by st...@apache.org on 2004/02/24 10:17:00 UTC
cvs commit: httpd-2.0/modules/aaa mod_auth_digest.c
striker 2004/02/24 01:17:00
Modified: . Tag: APACHE_2_0_BRANCH CHANGES STATUS
modules/aaa Tag: APACHE_2_0_BRANCH mod_auth_digest.c
Log:
Backport from HEAD.
mod_auth_digest: Allow sub-requests with different methods than the original
request. PR 25040.
Submitted by: Josh Dady <jp...@indecicise.com>
Reviewed by: Justin Erenkrantz, Andre Malo, Jeff Trawick, Sander Striker
Revision Changes Path
No revision
No revision
1.988.2.242 +4 -0 httpd-2.0/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/httpd-2.0/CHANGES,v
retrieving revision 1.988.2.241
retrieving revision 1.988.2.242
diff -u -r1.988.2.241 -r1.988.2.242
--- CHANGES 18 Feb 2004 22:24:10 -0000 1.988.2.241
+++ CHANGES 24 Feb 2004 09:16:58 -0000 1.988.2.242
@@ -1,5 +1,9 @@
Changes with Apache 2.0.49
+ *) Allow mod_auth_digest to work with sub-requests with different
+ methods than the original request. PR 25040.
+ [Josh Dady <jpd indecisive.com>]
+
*) fix "Expected </Foo>> but saw </Foo>" errors in nested,
argumentless containers.
["Philippe M. Chiasson" <gozer cpan.org>]
1.751.2.701 +1 -6 httpd-2.0/STATUS
Index: STATUS
===================================================================
RCS file: /home/cvs/httpd-2.0/STATUS,v
retrieving revision 1.751.2.700
retrieving revision 1.751.2.701
diff -u -r1.751.2.700 -r1.751.2.701
--- STATUS 21 Feb 2004 18:30:11 -0000 1.751.2.700
+++ STATUS 24 Feb 2004 09:16:59 -0000 1.751.2.701
@@ -242,11 +242,6 @@
nd replies: But if it can't be 0 the alternatives thereafter make no
sense anymore, right?
- * mod_auth_digest: Allow sub-requests with different methods than the
- original request. PR 25040.
- modules/aaa/mod_auth_digest.c: r1.82
- +1: jerenkrantz, nd, trawick, striker
-
* Fix corruption of buffered logs with threaded MPMs. PR 25520.
http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/loggers/mod_log_config.c?r1=1.108&r2=1.109
http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/loggers/mod_log_config.c?r1=1.109&r2=1.110
No revision
No revision
1.72.2.7 +5 -3 httpd-2.0/modules/aaa/mod_auth_digest.c
Index: mod_auth_digest.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/aaa/mod_auth_digest.c,v
retrieving revision 1.72.2.6
retrieving revision 1.72.2.7
diff -u -r1.72.2.6 -r1.72.2.7
--- mod_auth_digest.c 9 Feb 2004 20:53:14 -0000 1.72.2.6
+++ mod_auth_digest.c 24 Feb 2004 09:17:00 -0000 1.72.2.7
@@ -143,6 +143,7 @@
const char *username;
char *nonce;
const char *uri;
+ const char *method;
const char *digest;
const char *algorithm;
const char *cnonce;
@@ -959,6 +960,7 @@
resp->raw_request_uri = r->unparsed_uri;
resp->psd_request_uri = &r->parsed_uri;
resp->needed_auth = 0;
+ resp->method = r->method;
ap_set_module_config(r->request_config, &auth_digest_module, resp);
res = get_digest_rec(r, resp);
@@ -1419,7 +1421,7 @@
{
const char *ha2;
- ha2 = ap_md5(r->pool, (unsigned char *)apr_pstrcat(r->pool, r->method, ":",
+ ha2 = ap_md5(r->pool, (unsigned char *)apr_pstrcat(r->pool, resp->method, ":",
resp->uri, NULL));
return ap_md5(r->pool,
(unsigned char *)apr_pstrcat(r->pool, ha1, ":", resp->nonce,
@@ -1444,12 +1446,12 @@
}
if (resp->message_qop && !strcasecmp(resp->message_qop, "auth-int")) {
- a2 = apr_pstrcat(r->pool, r->method, ":", resp->uri, ":",
+ a2 = apr_pstrcat(r->pool, resp->method, ":", resp->uri, ":",
ap_md5(r->pool, (const unsigned char*) ""), NULL);
/* TBD */
}
else {
- a2 = apr_pstrcat(r->pool, r->method, ":", resp->uri, NULL);
+ a2 = apr_pstrcat(r->pool, resp->method, ":", resp->uri, NULL);
}
ha2 = ap_md5(r->pool, (const unsigned char *)a2);