httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 42690] realm is not set for each configured directory when digest authentication is used
Date Mon, 02 Apr 2012 17:40:56 GMT

--- Comment #1 from Troy Stanger <> 2012-04-02 17:40:56 UTC ---
Ran into the same stack trace in a deployment I am currently working on.  This
setup involves mod_auth_digest, mod_authn_dbd and mod_vhost_alias.  The
abbreviated relevant portions of my config are:

    VirtualDocumentRoot /vhosts/%0

    <Directory /vhosts>
        AllowOverride AuthConfig

    <LocationMatch "^(/private/).*">
        AuthType Digest
        AuthDigestProvider dbd

        # core authorization configuration
        Require valid-user

        AuthDBDUserRealmQuery \
        "SELECT password FROM apache_users WHERE username = %s AND realm = %s"

In the Document Root for each virtual host is an .htaccess file that defines
the AuthName for that virtual host

    AuthName "some_realm"

I have a patch that fixes two issues this segfault exposes.

1) (Obviously) Apache shouldn't segfault when either the expected or provided
auth realm is null.  The if() statement that calls strcmp on those two values
should also ensure neither is null.  Additionally, this check should probably
be done on all calls to strcmp in the module.

2)  For some reason the realm mod_auth_digest and mod_authn_core are reporting
different realms for the same request.  This is due to different merge rules on
dir_config struct members ap_auth_name/realm in the mod_authn_core and
mod_auth_digest modules.  

The patch I've included performs NULL checks before calling strcmp and it adds
a dir_config merge function that matches the merge rules in mod_authn_core.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message