You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by tr...@apache.org on 2005/03/06 01:13:31 UTC
svn commit: r156287 - in httpd/httpd/branches/1.3.x: STATUS src/CHANGES
src/main/http_core.c
Author: trawick
Date: Sat Mar 5 16:13:30 2005
New Revision: 156287
URL: http://svn.apache.org/viewcvs?view=rev&rev=156287
Log:
mod_digest: Fix another nonce string calculation issue.
Submitted by: Eric Covener
Reviewed by: trawick, jorton, jim
Modified:
httpd/httpd/branches/1.3.x/STATUS
httpd/httpd/branches/1.3.x/src/CHANGES
httpd/httpd/branches/1.3.x/src/main/http_core.c
Modified: httpd/httpd/branches/1.3.x/STATUS
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/1.3.x/STATUS?view=diff&r1=156286&r2=156287
==============================================================================
--- httpd/httpd/branches/1.3.x/STATUS (original)
+++ httpd/httpd/branches/1.3.x/STATUS Sat Mar 5 16:13:30 2005
@@ -53,11 +53,6 @@
PROPOSED PATCHES FOR THIS RELEASE:
- *) ap_auth_nonce misuse of ap_snprintf (Eric Covener patch)
- [1.3 PATCH] mod_digest: ap_auth_nonce returns diff value between calls
- (using the s/%pI/%pA/ proposal)
- +1: trawick, jorton, jim
-
*) mod_log_config: Cleanup log_header_out function to allow multiple headers
like Set-Cookie to be logged properly. PR 27787
modules/loggers/mod_log_config.c: r1.116 (2.x patch - need 1.3 version)
Modified: httpd/httpd/branches/1.3.x/src/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/1.3.x/src/CHANGES?view=diff&r1=156286&r2=156287
==============================================================================
--- httpd/httpd/branches/1.3.x/src/CHANGES (original)
+++ httpd/httpd/branches/1.3.x/src/CHANGES Sat Mar 5 16:13:30 2005
@@ -1,5 +1,8 @@
Changes with Apache 1.3.34
+ *) mod_digest: Fix another nonce string calculation issue.
+ [Eric Covener]
+
Changes with Apache 1.3.33
*) SECURITY: CAN-2004-0940 (cve.mitre.org)
@@ -11,7 +14,7 @@
*) mod_rewrite: Fix query string handling for proxied URLs. PR 14518.
[michael teitler <michael.teitler cetelem.fr>,
Jan Kratochvil <rcpt-dev.AT.httpd.apache.org jankratochvil.net>]
-
+
*) mod_rewrite: Fix 0 bytes write into random memory position.
PR 31036. [André Malo]
Modified: httpd/httpd/branches/1.3.x/src/main/http_core.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/1.3.x/src/main/http_core.c?view=diff&r1=156286&r2=156287
==============================================================================
--- httpd/httpd/branches/1.3.x/src/main/http_core.c (original)
+++ httpd/httpd/branches/1.3.x/src/main/http_core.c Sat Mar 5 16:13:30 2005
@@ -563,7 +563,7 @@
* But then again - you should use AuthDigestRealmSeed in your config
* file if you care. So the adhoc value should do.
*/
- return ap_psprintf(r->pool,"%pI%pp%pp%pp%pp",
+ return ap_psprintf(r->pool,"%pA%pp%pp%pp%pp",
&r->connection->local_addr.sin_addr,
(void *)ap_user_name,
(void *)ap_listeners,