httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dr...@apache.org
Subject svn commit: r151493 - httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
Date Sat, 05 Feb 2005 14:20:27 GMT
Author: dreid
Date: Sat Feb  5 06:20:26 2005
New Revision: 151493

URL: http://svn.apache.org/viewcvs?view=rev&rev=151493
Log:
Change where we set r->user if we're setting it from a 
client certificate.

Modified:
    httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?view=diff&r1=151492&r2=151493
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c Sat Feb  5 06:20:26 2005
@@ -799,6 +799,20 @@
         }
     }
 
+    /* If we're trying to have the user name set from a client
+     * certificate then we need to set it here. This should be safe as
+     * the user name probably isn't important from an auth checking point
+     * of view as the certificate supplied acts in that capacity.
+     * However, if FakeAuth is being used then this isn't the case so
+     * we need to postpone setting the username until later.
+     */
+    if ((dc->nOptions & SSL_OPT_FAKEBASICAUTH) == 0 && dc->szUserName)
{
+        char *val = ssl_var_lookup(r->pool, r->server, r->connection,
+                                   r, (char *)dc->szUserName);
+        if (val && val[0])
+            r->user = val;
+    } 
+
     /*
      * Else access is granted from our point of view (except vendor
      * handlers override). But we have to return DECLINED here instead
@@ -1040,17 +1054,6 @@
      */
     if (!(((sc->enabled == SSL_ENABLED_TRUE) || (sc->enabled == SSL_ENABLED_OPTIONAL))
&& sslconn && (ssl = sslconn->ssl))) {
         return DECLINED;
-    }
-
-    /*
-     * Set r->user if requested
-     */
-    if (dc->szUserName) {
-        val = ssl_var_lookup(r->pool, r->server, r->connection, 
-                             r, (char *)dc->szUserName);
-        if (val && val[0]) {
-            r->user = val;
-        }
     }
 
     /*



Mime
View raw message