You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by tr...@apache.org on 2005/03/06 01:13:31 UTC

svn commit: r156287 - in httpd/httpd/branches/1.3.x: STATUS src/CHANGES src/main/http_core.c

Author: trawick
Date: Sat Mar  5 16:13:30 2005
New Revision: 156287

URL: http://svn.apache.org/viewcvs?view=rev&rev=156287
Log:
mod_digest: Fix another nonce string calculation issue.

Submitted by:  Eric Covener
Reviewed by:   trawick, jorton, jim


Modified:
    httpd/httpd/branches/1.3.x/STATUS
    httpd/httpd/branches/1.3.x/src/CHANGES
    httpd/httpd/branches/1.3.x/src/main/http_core.c

Modified: httpd/httpd/branches/1.3.x/STATUS
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/1.3.x/STATUS?view=diff&r1=156286&r2=156287
==============================================================================
--- httpd/httpd/branches/1.3.x/STATUS (original)
+++ httpd/httpd/branches/1.3.x/STATUS Sat Mar  5 16:13:30 2005
@@ -53,11 +53,6 @@
 
 PROPOSED PATCHES FOR THIS RELEASE:
 
-   *) ap_auth_nonce misuse of ap_snprintf (Eric Covener patch)
-      [1.3 PATCH] mod_digest: ap_auth_nonce returns diff value between calls
-      (using the s/%pI/%pA/ proposal)
-      +1: trawick, jorton, jim
-
    *) mod_log_config: Cleanup log_header_out function to allow multiple headers
       like Set-Cookie to be logged properly. PR 27787 
         modules/loggers/mod_log_config.c: r1.116 (2.x patch - need 1.3 version)

Modified: httpd/httpd/branches/1.3.x/src/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/1.3.x/src/CHANGES?view=diff&r1=156286&r2=156287
==============================================================================
--- httpd/httpd/branches/1.3.x/src/CHANGES (original)
+++ httpd/httpd/branches/1.3.x/src/CHANGES Sat Mar  5 16:13:30 2005
@@ -1,5 +1,8 @@
 Changes with Apache 1.3.34
 
+  *) mod_digest: Fix another nonce string calculation issue.
+     [Eric Covener]
+
 Changes with Apache 1.3.33
 
   *) SECURITY: CAN-2004-0940 (cve.mitre.org)
@@ -11,7 +14,7 @@
   *) mod_rewrite: Fix query string handling for proxied URLs. PR 14518.
      [michael teitler <michael.teitler cetelem.fr>,
       Jan Kratochvil <rcpt-dev.AT.httpd.apache.org jankratochvil.net>]
-                                                                                
+
   *) mod_rewrite: Fix 0 bytes write into random memory position.
      PR 31036. [André Malo]
 

Modified: httpd/httpd/branches/1.3.x/src/main/http_core.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/1.3.x/src/main/http_core.c?view=diff&r1=156286&r2=156287
==============================================================================
--- httpd/httpd/branches/1.3.x/src/main/http_core.c (original)
+++ httpd/httpd/branches/1.3.x/src/main/http_core.c Sat Mar  5 16:13:30 2005
@@ -563,7 +563,7 @@
      * But then again - you should use AuthDigestRealmSeed in your config
      * file if you care. So the adhoc value should do.
      */
-    return ap_psprintf(r->pool,"%pI%pp%pp%pp%pp",
+    return ap_psprintf(r->pool,"%pA%pp%pp%pp%pp",
            &r->connection->local_addr.sin_addr,
            (void *)ap_user_name,
            (void *)ap_listeners,