nd          2003/02/10 18:08:02

  Modified:    .        CHANGES
               modules/aaa mod_auth_digest.c
  Log:
  Do not use local paths for the domain parameter on non-unix systems.
  
  PR: 16937
  
  Revision  Changes    Path
  1.1059    +3 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.1058
  retrieving revision 1.1059
  diff -u -r1.1058 -r1.1059
  --- CHANGES	10 Feb 2003 16:27:27 -0000	1.1058
  +++ CHANGES	11 Feb 2003 02:08:01 -0000	1.1059
  @@ -2,6 +2,9 @@
   
     [Remove entries to the current 2.0 section below, when backported]
   
  +  *) Fix mod_auth_digest not to use local paths for the domain parameter
  +     on non-unix systems. PR 16937.  [André Malo]
  +
     *) Let suexec send a message to stderr, if it failed or its policy
        was violated. This message appears in the error log and allows
        for easier debugging. PR 5381, 7638, 8255, 10773.  [André Malo]
  
  
  
  1.78      +1 -1      httpd-2.0/modules/aaa/mod_auth_digest.c
  
  Index: mod_auth_digest.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/aaa/mod_auth_digest.c,v
  retrieving revision 1.77
  retrieving revision 1.78
  diff -u -r1.77 -r1.78
  --- mod_auth_digest.c	3 Feb 2003 17:52:55 -0000	1.77
  +++ mod_auth_digest.c	11 Feb 2003 02:08:01 -0000	1.78
  @@ -1274,7 +1274,7 @@
        * dummy uri - this is the only way to specify that the protection
        * space only covers a single uri.
        */
  -    if (dir[0] != '/') {
  +    if (!ap_os_is_path_absolute(p, dir)) {
           /* This doesn't work for Amaya (ok, it's of arguable validity in
            * the first place), so just return the file name instead
           return "http://0.0.0.0/";