httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bnicho...@apache.org
Subject cvs commit: httpd-2.0/modules/experimental util_ldap.c
Date Thu, 26 Aug 2004 22:21:33 GMT 
bnicholes    2004/08/26 15:21:33

  Modified:    .        Tag: APACHE_2_0_BRANCH STATUS
               modules/experimental Tag: APACHE_2_0_BRANCH util_ldap.c
  Log:
  Validate the file path of the trusted certificate file at the time the LDAPTrushedCA directive
is handled. PR#30782
  
  Reviewed by: bnicholes, trawick, clar
  
  Revision  Changes    Path
  No                   revision
  No                   revision
  1.751.2.1023 +1 -6      httpd-2.0/STATUS
  
  Index: STATUS
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/STATUS,v
  retrieving revision 1.751.2.1022
  retrieving revision 1.751.2.1023
  diff -u -r1.751.2.1022 -r1.751.2.1023
  --- STATUS	26 Aug 2004 22:16:52 -0000	1.751.2.1022
  +++ STATUS	26 Aug 2004 22:21:33 -0000	1.751.2.1023
  @@ -83,11 +83,6 @@
          +1: stoddard, trawick
          nd: I'd like to add 1.169
   
  -    *) util_ldap: Validate the file path of the trusted certificate file 
  -       at the time the LDAPTrushedCA directive is handled. PR#30782
  -         modules/ldap/util_ldap.c: 1.9, 1.11
  -       +1: bnicholes, trawick, clar
  -       
       *) [SECURITY] mod_ssl: Fix potential input filter segfaults in SPECULATIVE mode.
          http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.125&r2=1.126
          PR: 30134
  
  
  
  No                   revision
  No                   revision
  1.6.2.22  +12 -0     httpd-2.0/modules/experimental/Attic/util_ldap.c
  
  Index: util_ldap.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/experimental/Attic/util_ldap.c,v
  retrieving revision 1.6.2.21
  retrieving revision 1.6.2.22
  diff -u -r1.6.2.21 -r1.6.2.22
  --- util_ldap.c	4 Aug 2004 21:04:16 -0000	1.6.2.21
  +++ util_ldap.c	26 Aug 2004 22:21:33 -0000	1.6.2.22
  @@ -1084,6 +1084,9 @@
           (util_ldap_state_t *)ap_get_module_config(cmd->server->module_config, 
   						  &ldap_module);
       const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
  +    apr_finfo_t finfo;
  +    apr_status_t rv;
  +
       if (err != NULL) {
           return err;
       }
  @@ -1093,6 +1096,15 @@
                          file);
   
       st->cert_auth_file = ap_server_root_relative(cmd->pool, file);
  +
  +    if (st->cert_auth_file && 
  +        ((rv = apr_stat (&finfo, st->cert_auth_file, APR_FINFO_MIN, cmd->pool))
!= APR_SUCCESS))
  +    {
  +        ap_log_error(APLOG_MARK, APLOG_ERR, rv, cmd->server, 
  +                     "LDAP: Could not open SSL trusted certificate authority file - %s",

  +                     st->cert_auth_file == NULL ? file : st->cert_auth_file);
  +        return "Invalid file path";
  +    }
   
       return(NULL);
   }
Mime
View raw message