httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From c...@hyperreal.org
Subject cvs commit: apachen/src/main http_core.c
Date Sun, 28 Dec 1997 04:51:03 GMT
coar        97/12/27 20:51:03

  Modified:    .        STATUS
               src      CHANGES
               src/ap   Makefile.tmpl
               src/main http_core.c
  Added:       src/ap   ap_strings.c
  Log:
  	Correct handling of quotation marks in AuthName realm names.
  
  PR:		1195
  Reviewed by:	Dean Gaudet, Jim Jagielski
  
  Revision  Changes    Path
  1.38      +5 -6      apachen/STATUS
  
  Index: STATUS
  ===================================================================
  RCS file: /export/home/cvs/apachen/STATUS,v
  retrieving revision 1.37
  retrieving revision 1.38
  diff -u -r1.37 -r1.38
  --- STATUS	1997/12/27 23:08:20	1.37
  +++ STATUS	1997/12/28 04:50:57	1.38
  @@ -57,7 +57,9 @@
       * Dean's [PATCH] fix Rasmus' chunking error
       * [PATCH] PR#1366: fix result of send_fd_length
       * Ben Hyde's [PATCH] Finish suite of mutex ops for non-threaded platforms
  -    * Ben Hyde's [PATCH] Serialize the update to pool.sub_* in destroy_pool (take 2)
  +    * Ben Hyde's [PATCH] Serialize the update to pool.sub_* in destroy_pool
  +      (take 2)
  +    * Ken's [PATCH] for PR#1195 (" in realm names)
   
   Available Patches:
   
  @@ -65,13 +67,10 @@
   	<199712262015.PAA10624@devsys.jaguNET.com>
   	Status: Jim +1, Dirk +1, Marc wants to think about the name, Dean +1
   
  -    * [PATCH] mod_digest/1599: proxy authentication using the digest auth scheme never
succeeds (fwd)
  +    * [PATCH] mod_digest/1599: proxy authentication using the digest auth
  +      scheme never succeeds (fwd)
   	<Pine.LNX.3.95dg3.971225184830.17380C-100000@twinlark.arctic.org>
   	Status: Dean +1, Jim +1
  -
  -    * Ken's [PATCH] for PR#1195 (" in realm names)
  -	<34A13B2C.EAD80C05@Golux.Com>
  -	Status: Ken +1, Dean +1, Jim +1
   
       * Dean's [PATCH] mod_status cleanups
   	<Pine.LNX.3.95dg3.971220023128.4924E-100000@twinlark.arctic.org>
  
  
  
  1.550     +3 -0      apachen/src/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /export/home/cvs/apachen/src/CHANGES,v
  retrieving revision 1.549
  retrieving revision 1.550
  diff -u -r1.549 -r1.550
  --- CHANGES	1997/12/28 04:23:41	1.549
  +++ CHANGES	1997/12/28 04:50:59	1.550
  @@ -1,5 +1,8 @@
   Changes with Apache 1.3b4
   
  +  *) Correct handling of quotation marks in AuthName realm names; as a
  +     byproduct, a new function: ap_escape_quotes().  [Ken Coar] PR#1195
  +
     *) WIN32: Work around optimiser bug that killed ISAPI in release
        versions. [Ben Laurie] PR#1533
   
  
  
  
  1.5       +2 -1      apachen/src/ap/Makefile.tmpl
  
  Index: Makefile.tmpl
  ===================================================================
  RCS file: /export/home/cvs/apachen/src/ap/Makefile.tmpl,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- Makefile.tmpl	1997/12/24 04:36:15	1.4
  +++ Makefile.tmpl	1997/12/28 04:51:01	1.5
  @@ -6,7 +6,7 @@
   
   LIB=libap.a
   
  -OBJS=ap_signal.o ap_slack.o ap_snprintf.o
  +OBJS=ap_signal.o ap_slack.o ap_snprintf.o ap_strings.o
   
   .c.o:
   	$(CC) -c $(INCLUDES) $(CFLAGS) $(SPACER) $<
  @@ -27,3 +27,4 @@
   ap_signal.o: $(INCDIR)/httpd.h
   ap_slack.o: $(INCDIR)/httpd.h $(INCDIR)/http_log.h
   ap_snprintf.o: $(INCDIR)/conf.h
  +ap_strings.o: $(INCDIR)/httpd.h
  
  
  
  1.1                  apachen/src/ap/ap_strings.c
  
  Index: ap_strings.c
  ===================================================================
  /* ====================================================================
   * Copyright (c) 1995-1997 The Apache Group.  All rights reserved.
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
   *
   * 1. Redistributions of source code must retain the above copyright
   *    notice, this list of conditions and the following disclaimer. 
   *
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in
   *    the documentation and/or other materials provided with the
   *    distribution.
   *
   * 3. All advertising materials mentioning features or use of this
   *    software must display the following acknowledgment:
   *    "This product includes software developed by the Apache Group
   *    for use in the Apache HTTP server project (http://www.apache.org/)."
   *
   * 4. The names "Apache Server" and "Apache Group" must not be used to
   *    endorse or promote products derived from this software without
   *    prior written permission. For written permission, please contact
   *    apache@apache.org.
   *
   * 5. Redistributions of any form whatsoever must retain the following
   *    acknowledgment:
   *    "This product includes software developed by the Apache Group
   *    for use in the Apache HTTP server project (http://www.apache.org/)."
   *
   * THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
   * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
   * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE APACHE GROUP OR
   * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
   * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
   * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
   * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
   * OF THE POSSIBILITY OF SUCH DAMAGE.
   * ====================================================================
   *
   * This software consists of voluntary contributions made by many
   * individuals on behalf of the Apache Group and was originally based
   * on public domain software written at the National Center for
   * Supercomputing Applications, University of Illinois, Urbana-Champaign.
   * For more information on the Apache Group and the Apache HTTP server
   * project, please see <http://www.apache.org/>.
   *
   */
  
  #include "httpd.h"
  
  /*
   * Given a string, replace any bare " with \" .
   */
  char *ap_escape_quotes (pool *p, char *instring)
  {
      int newlen = 0;
      char *inchr = instring;
      char *outchr, *outstring;
  
      /*
       * Look through the input string, jogging the length of the output
       * string up by an extra byte each time we find an unescaped ".
       */
      while (*inchr != '\0') {
  	newlen++;
          if (*inchr == '"') {
  	    newlen++;
  	}
  	/*
  	 * If we find a slosh, and it's not the last byte in the string,
  	 * it's escaping something - advance past both bytes.
  	 */
  	if ((*inchr == '\\') && (inchr[1] != '\0')) {
  	    inchr++;
  	}
  	inchr++;
      }
      outstring = palloc(p, newlen + 1);
      inchr = instring;
      outchr = outstring;
      /*
       * Now copy the input string to the output string, inserting a slosh
       * in front of every " that doesn't already have one.
       */
      while (*inchr != '\0') {
  	if ((*inchr == '\\') && (inchr[1] != '\0')) {
  	    *outchr++ = *inchr++;
  	    *outchr++ = *inchr++;
  	}
  	if (*inchr == '"') {
  	    *outchr++ = '\\';
  	}
  	if (*inchr != '\0') {
  	    *outchr++ = *inchr++;
  	}
      }
      *outchr = '\0';
      return outstring;
  }
  
  
  
  1.143     +14 -2     apachen/src/main/http_core.c
  
  Index: http_core.c
  ===================================================================
  RCS file: /export/home/cvs/apachen/src/main/http_core.c,v
  retrieving revision 1.142
  retrieving revision 1.143
  diff -u -r1.142 -r1.143
  --- http_core.c	1997/11/30 19:18:46	1.142
  +++ http_core.c	1997/12/28 04:51:02	1.143
  @@ -1618,6 +1618,18 @@
      return NULL;
   }
   
  +/*
  + * Load an authorisation realm into our location configuration, applying the
  + * usual rules that apply to realms.
  + */
  +static const char *set_authname(cmd_parms *cmd, void *mconfig, char *word1)
  +{
  +    core_dir_config *aconfig = (core_dir_config *)mconfig;
  +
  +    aconfig->auth_name = ap_escape_quotes(cmd->pool, word1);
  +    return NULL;
  +}
  +
   /* Note --- ErrorDocument will now work from .htaccess files.  
    * The AllowOverride of Fileinfo allows webmasters to turn it off
    */
  @@ -1646,8 +1658,8 @@
   { "</FilesMatch>", end_filesection, NULL, OR_ALL, NO_ARGS, "Marks end of <FilesMatch>"
},
   { "AuthType", set_string_slot, (void*)XtOffsetOf(core_dir_config, auth_type),
       OR_AUTHCFG, TAKE1, "An HTTP authorization type (e.g., \"Basic\")" },
  -{ "AuthName", set_string_slot, (void*)XtOffsetOf(core_dir_config, auth_name),
  -    OR_AUTHCFG, RAW_ARGS, "The authentication realm (e.g. \"Members Only\")" },
  +{ "AuthName", set_authname, NULL, OR_AUTHCFG, TAKE1,
  +    "The authentication realm (e.g. \"Members Only\")" },
   { "Require", require, NULL, OR_AUTHCFG, RAW_ARGS, "Selects which authenticated users or
groups may access a protected space" },
   { "Satisfy", satisfy, NULL, OR_AUTHCFG, TAKE1,
       "access policy if both allow and require used ('all' or 'any')" },    
  
  
  

Mime
View raw message