httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From do...@apache.org
Subject cvs commit: httpd-2.0/server protocol.c
Date Wed, 21 Nov 2001 03:19:13 GMT
dougm       01/11/20 19:19:13

  Modified:    .        CHANGES
               server   protocol.c
  Log:
  Prevent segv in ap_note_basic_auth_failure() when no AuthName is configured
  Submitted by:	John Sterling <sterling@covalent.net>
  Reviewed by:	dougm
  
  Revision  Changes    Path
  1.448     +2 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.447
  retrieving revision 1.448
  diff -u -r1.447 -r1.448
  --- CHANGES	2001/11/20 20:14:58	1.447
  +++ CHANGES	2001/11/21 03:19:13	1.448
  @@ -1,4 +1,6 @@
   Changes with Apache 2.0.29-dev
  +  *) Prevent segv in ap_note_basic_auth_failure() when no AuthName is
  +     configured [John Sterling <sterling@covalent.net>]
   
     *) Fix apxs to use sbindir.  [Henri Gomez <hgomez@slib.fr>]
   
  
  
  
  1.53      +15 -5     httpd-2.0/server/protocol.c
  
  Index: protocol.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/protocol.c,v
  retrieving revision 1.52
  retrieving revision 1.53
  diff -u -r1.52 -r1.53
  --- protocol.c	2001/11/12 23:49:06	1.52
  +++ protocol.c	2001/11/21 03:19:13	1.53
  @@ -756,15 +756,25 @@
   
   AP_DECLARE(void) ap_note_auth_failure(request_rec *r)
   {
  -    if (!strcasecmp(ap_auth_type(r), "Basic"))
  -        ap_note_basic_auth_failure(r);
  -    else if (!strcasecmp(ap_auth_type(r), "Digest"))
  -        ap_note_digest_auth_failure(r);
  +    const char *type = ap_auth_type(r);
  +    if (type) {
  +        if (!strcasecmp(type, "Basic"))
  +            ap_note_basic_auth_failure(r);
  +        else if (!strcasecmp(type, "Digest"))
  +            ap_note_digest_auth_failure(r);
  +    }
  +    /* XXX: else there is no AuthType configured
  +     *      should we log an error or something ?
  +     */
   }
   
   AP_DECLARE(void) ap_note_basic_auth_failure(request_rec *r)
   {
  -    if (strcasecmp(ap_auth_type(r), "Basic"))
  +    const char *type = ap_auth_type(r);
  +    /* if there is no AuthType configure or it is something other than
  +     * Basic, let ap_note_auth_failure() deal with it
  +     */
  +    if (!type || strcasecmp(type, "Basic"))
           ap_note_auth_failure(r);
       else
           apr_table_setn(r->err_headers_out,
  
  
  

Mime
View raw message