You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Michael Fuhr <mf...@dimensional.com> on 1997/03/16 01:00:02 UTC
config/234: REMOTE_IDENT not always available to mod_rewrite
>Number: 234
>Category: config
>Synopsis: REMOTE_IDENT not always available to mod_rewrite
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: apache (Apache HTTP Project)
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Sat Mar 15 16:00:01 1997
>Originator: mfuhr@dimensional.com
>Organization:
apache
>Release: 1.2b7
>Environment:
FreeBSD 2.1.7
gcc 2.6.3
>Description:
REMOTE_IDENT isn't available to a virtual host's rewrite rules under
the following conditions:
* IdentityCheck is "off" by default.
* IdentityCheck is turned "on" inside the <VirtualHost> directive.
REMOTE_IDENT is available later for SSI and CGI, but not for the
rewriting rules in a <VirtualHost> section.
>How-To-Repeat:
1. Set the default IdentityCheck to "off".
2. Add the following lines inside some <VirtualHost> section:
RewriteEngine on
RewriteLogLevel 4
RewriteLog logs/virt-rewrite_log
RewriteCond %{REMOTE_ADDR} 1.2.3.4 # IP of some host running IDENT
RewriteCond %{REMOTE_IDENT} someuser # name of some user on that host
RewriteRule ^/somefile.html /otherfile.html [R,L]
3. Try to retrieve /somefile.html from the specified host as the specified
user. The rewrite will fail; that REMOTE_IDENT is set later can be verified
by printing its value using SSI or CGI.
4. The rewrite log will show something like this for the RewriteCond in
question:
RewriteCond: input='' pattern='someuser' => not-matched
5. Set the default "IdentityCheck" to "on".
6. Try to retrieve /somefile.html again.
7. You should get /otherfile.html (a successful rewrite).
>Fix:
The problem shows itself in get_remote_login(), http_core.c, line 396:
if (dir_conf->do_rfc1413 & 1)
return rfc1413(r->connection, r->server);
else
return NULL;
When get_remote_login() is called from mod_rewrite.c, line 2532, it
always returns NULL. Apparently dir_conf->do_rfc1413 hasn't been set
from the virtual host's IdentityCheck directive yet
>Audit-Trail:
>Unformatted:
Re: config/234: REMOTE_IDENT not always available to mod_rewrite
Posted by Dean Gaudet <dg...@arctic.org>.
I can't reproduce this with 1.2b8-dev, do_rfc1413 is always set correctly.
Could you send your config file?
Thanks
Dean
On Sat, 15 Mar 1997, Michael Fuhr wrote:
>
> >Number: 234
> >Category: config
> >Synopsis: REMOTE_IDENT not always available to mod_rewrite
> >Confidential: no
> >Severity: non-critical
> >Priority: medium
> >Responsible: apache (Apache HTTP Project)
> >State: open
> >Class: sw-bug
> >Submitter-Id: apache
> >Arrival-Date: Sat Mar 15 16:00:01 1997
> >Originator: mfuhr@dimensional.com
> >Organization:
> apache
> >Release: 1.2b7
> >Environment:
> FreeBSD 2.1.7
> gcc 2.6.3
> >Description:
> REMOTE_IDENT isn't available to a virtual host's rewrite rules under
> the following conditions:
>
> * IdentityCheck is "off" by default.
> * IdentityCheck is turned "on" inside the <VirtualHost> directive.
>
> REMOTE_IDENT is available later for SSI and CGI, but not for the
> rewriting rules in a <VirtualHost> section.
> >How-To-Repeat:
> 1. Set the default IdentityCheck to "off".
> 2. Add the following lines inside some <VirtualHost> section:
>
> RewriteEngine on
> RewriteLogLevel 4
> RewriteLog logs/virt-rewrite_log
> RewriteCond %{REMOTE_ADDR} 1.2.3.4 # IP of some host running IDENT
> RewriteCond %{REMOTE_IDENT} someuser # name of some user on that host
> RewriteRule ^/somefile.html /otherfile.html [R,L]
>
> 3. Try to retrieve /somefile.html from the specified host as the specified
> user. The rewrite will fail; that REMOTE_IDENT is set later can be verified
> by printing its value using SSI or CGI.
>
> 4. The rewrite log will show something like this for the RewriteCond in
> question:
>
> RewriteCond: input='' pattern='someuser' => not-matched
>
> 5. Set the default "IdentityCheck" to "on".
> 6. Try to retrieve /somefile.html again.
> 7. You should get /otherfile.html (a successful rewrite).
>
> >Fix:
> The problem shows itself in get_remote_login(), http_core.c, line 396:
>
> if (dir_conf->do_rfc1413 & 1)
> return rfc1413(r->connection, r->server);
> else
> return NULL;
>
> When get_remote_login() is called from mod_rewrite.c, line 2532, it
> always returns NULL. Apparently dir_conf->do_rfc1413 hasn't been set
> from the virtual host's IdentityCheck directive yet
> >Audit-Trail:
> >Unformatted:
>
>
>