You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2015/02/23 20:02:31 UTC

svn commit: r1661749 - in /httpd/httpd/branches/2.4.x: CHANGES STATUS modules/aaa/mod_authz_groupfile.c

Author: covener
Date: Mon Feb 23 19:02:31 2015
New Revision: 1661749

URL: http://svn.apache.org/r1661749
Log:
Merge r1654184 from trunk:

as in r1517366, drop the severity in authz_groupfile when a require
didn't match but no real error was encountered. 

This individual 'require group' may not really dictate who gets in. PR55523 



Modified:
    httpd/httpd/branches/2.4.x/CHANGES
    httpd/httpd/branches/2.4.x/STATUS
    httpd/httpd/branches/2.4.x/modules/aaa/mod_authz_groupfile.c

Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1661749&r1=1661748&r2=1661749&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Mon Feb 23 19:02:31 2015
@@ -4,6 +4,9 @@ Changes with Apache 2.4.13
 
   *) mod_authn_dbd: Fix the error message logged in case of error while querying
      the database. This is associated to AH01656 and AH01661. [Christophe Jaillet]
+
+  *) mod_authz_goupfile: Reduce the severity of AH01667 from ERROR to DEBUG,
+     because it may be evaluated inside <RequireAny>. PR55523. [Eric Covener] 
   
 Changes with Apache 2.4.12
 

Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1661749&r1=1661748&r2=1661749&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Mon Feb 23 19:02:31 2015
@@ -119,12 +119,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
      2.4.x patch: trunks works (modulo CHANGES)
      +1: ylavic, rjung, jailletc36
 
-   * mod_authz_groupfile: Don't log routine authz failure at ERROR because
-     it's just as likely to be OR'ed with other authz results. PR55523, try 2.
-     trunk patch:  http://svn.apache.org/r1654184
-     2.4.x patch: trunk works + CHANGES
-     +1: covener, minfrin, ylavic
-
    * Easy patches - synch with trunk
         - Add missing APLOGNO.
         - mod_deflate: don't require <limits.h> by using APR_INT32_MAX instead of INT_MAX.

Modified: httpd/httpd/branches/2.4.x/modules/aaa/mod_authz_groupfile.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/aaa/mod_authz_groupfile.c?rev=1661749&r1=1661748&r2=1661749&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/aaa/mod_authz_groupfile.c (original)
+++ httpd/httpd/branches/2.4.x/modules/aaa/mod_authz_groupfile.c Mon Feb 23 19:02:31 2015
@@ -195,7 +195,7 @@ static authz_status group_check_authoriz
         }
     }
 
-    ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01667)
+    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01667)
                     "Authorization of user %s to access %s failed, reason: "
                     "user is not part of the 'require'ed group(s).",
                     r->user, r->uri);