Return-Path: 
 <cvs-return-22538-apmail-httpd-cvs-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-cvs-archive@www.apache.org
Received: (qmail 9951 invoked from network); 9 Aug 2005 13:18:52 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 9 Aug 2005 13:18:52 -0000
Received: (qmail 3812 invoked by uid 500); 9 Aug 2005 13:18:52 -0000
Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org
Received: (qmail 3627 invoked by uid 500); 9 Aug 2005 13:18:51 -0000
Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:cvs-help@httpd.apache.org>
list-unsubscribe: <mailto:cvs-unsubscribe@httpd.apache.org>
List-Post: <mailto:cvs@httpd.apache.org>
List-Id: <cvs.httpd.apache.org>
Delivered-To: mailing list cvs@httpd.apache.org
Received: (qmail 3607 invoked by uid 99); 9 Aug 2005 13:18:51 -0000
X-ASF-Spam-Status: No, hits=-9.8 required=10.0
	tests=ALL_TRUSTED,NO_REAL_NAME
X-Spam-Check-By: apache.org
Received: from [209.237.227.194] (HELO minotaur.apache.org) (209.237.227.194)
    by apache.org (qpsmtpd/0.29) with SMTP; Tue, 09 Aug 2005 06:18:51 -0700
Received: (qmail 9920 invoked by uid 65534); 9 Aug 2005 13:18:50 -0000
Message-ID: <20050809131850.9919.qmail@minotaur.apache.org>
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r231033 - /httpd/httpd/branches/2.0.x/STATUS
Date: Tue, 09 Aug 2005 13:18:50 -0000
To: cvs@httpd.apache.org
From: jim@apache.org
X-Mailer: svnmailer-1.0.3
X-Virus-Checked: Checked by ClamAV on apache.org
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

Author: jim
Date: Tue Aug  9 06:18:47 2005
New Revision: 231033

URL: http://svn.apache.org/viewcvs?rev=231033&view=rev
Log:
Note patch http://people.apache.org/~jim/mod_auth_ldap-2.0.patch
which protects against bad stuff when mod_auth_ldap's check_user_id
hook doesn't complete or isn't called, but auth_checker is.

Modified:
    httpd/httpd/branches/2.0.x/STATUS

Modified: httpd/httpd/branches/2.0.x/STATUS
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/STATUS?rev=231033&r1=231032&r2=231033&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/STATUS (original)
+++ httpd/httpd/branches/2.0.x/STATUS Tue Aug  9 06:18:47 2005
@@ -205,6 +205,13 @@
   [ please place SVN revisions from trunk here, so it is easy to
     identify exactly what the proposed changes are! ]
 
+    *) Prevent bad dereferencing of non-existent req struct in
+       mod_auth_ldap's mod_auth_ldap_auth_checker() if
+       mod_auth_ldap_check_user_id() was never (fully) called.
+       Similar behavior to that in 2.1/2.2.
+         http://people.apache.org/~jim/mod_auth_ldap-2.0.patch
+       +1: jim
+
     *) Correct RFC 2616 non-compliance by refusing to proxy a request body 
        in a TRACE request, unless TraceEnable extended is configured.
        Introduces TraceEnable [on|off|extended] to give the administrator