You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2010/02/23 13:07:03 UTC
svn commit: r915295 - in /httpd/httpd/trunk: CHANGES modules/ldap/util_ldap.c
Author: covener
Date: Tue Feb 23 12:07:03 2010
New Revision: 915295
URL: http://svn.apache.org/viewvc?rev=915295&view=rev
Log:
mod_ldap: Eliminate a potential crash with multiple LDAPTrustedClientCert when
some are not password-protected.
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/ldap/util_ldap.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=915295&r1=915294&r2=915295&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Tue Feb 23 12:07:03 2010
@@ -2,6 +2,9 @@
Changes with Apache 2.3.7
+ *) mod_ldap: Eliminate a potential crash with multiple LDAPTrustedClientCert
+ when some are not password-protected. [Eric Covener]
+
*) Fix startup segfault when the Mutex directive is used but no loaded
modules use httpd mutexes. PR 48787. [Jeff Trawick]
Modified: httpd/httpd/trunk/modules/ldap/util_ldap.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ldap/util_ldap.c?rev=915295&r1=915294&r2=915295&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ldap/util_ldap.c (original)
+++ httpd/httpd/trunk/modules/ldap/util_ldap.c Tue Feb 23 12:07:03 2010
@@ -625,9 +625,12 @@
src = (struct apr_ldap_opt_tls_cert_t *)srcs->elts;
dest = (struct apr_ldap_opt_tls_cert_t *)dests->elts;
for (i = 0; i < srcs->nelts; i++) {
- if (strcmp(src[i].path, dest[i].path) ||
- strcmp(src[i].password, dest[i].password) ||
- src[i].type != dest[i].type) {
+ if ((strcmp(src[i].path, dest[i].path)) ||
+ (src[i].type != dest[i].type) ||
+ /* One is passwordless? If so, then not equal */
+ ((src[i].password == NULL) ^ (dest[i].password == NULL)) ||
+ (src[i].password != NULL && dest[i].password != NULL &&
+ strcmp(src[i].password, dest[i].password))) {
return 1;
}
}