Return-Path: X-Original-To: apmail-httpd-cvs-archive@www.apache.org Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 56B35963D for ; Fri, 13 Jan 2012 19:18:28 +0000 (UTC) Received: (qmail 18641 invoked by uid 500); 13 Jan 2012 19:18:28 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 18575 invoked by uid 500); 13 Jan 2012 19:18:27 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 18562 invoked by uid 99); 13 Jan 2012 19:18:27 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 13 Jan 2012 19:18:27 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 13 Jan 2012 19:18:24 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 61C9123889E1; Fri, 13 Jan 2012 19:18:03 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1231257 - /httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c Date: Fri, 13 Jan 2012 19:18:03 -0000 To: cvs@httpd.apache.org From: covener@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20120113191803.61C9123889E1@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: covener Date: Fri Jan 13 19:18:03 2012 New Revision: 1231257 URL: http://svn.apache.org/viewvc?rev=1231257&view=rev Log: whitespace only: shift a block refactored in r1231255 over 8 spaces. Modified: httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c Modified: httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c?rev=1231257&r1=1231256&r2=1231257&view=diff ============================================================================== --- httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c (original) +++ httpd/httpd/trunk/modules/aaa/mod_authnz_ldap.c Fri Jan 13 19:18:03 2012 @@ -900,43 +900,43 @@ static authz_status ldapgroup_check_auth } for (i = 0; i < sec->groupattr->nelts; i++) { - /* nested groups need searches and compares, so grab a new handle */ - authnz_ldap_cleanup_connection_close(ldc); - apr_pool_cleanup_kill(r->pool, ldc,authnz_ldap_cleanup_connection_close); + /* nested groups need searches and compares, so grab a new handle */ + authnz_ldap_cleanup_connection_close(ldc); + apr_pool_cleanup_kill(r->pool, ldc,authnz_ldap_cleanup_connection_close); + + ldc = get_connection_for_authz(r, LDAP_COMPARE_AND_SEARCH); + apr_pool_cleanup_register(r->pool, ldc, + authnz_ldap_cleanup_connection_close, + apr_pool_cleanup_null); - ldc = get_connection_for_authz(r, LDAP_COMPARE_AND_SEARCH); - apr_pool_cleanup_register(r->pool, ldc, - authnz_ldap_cleanup_connection_close, - apr_pool_cleanup_null); - - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01716) - "auth_ldap authorise: require group \"%s\": " - "failed [%s][%d - %s], checking sub-groups", - t, ldc->reason, result, ldap_err2string(result)); - - result = util_ldap_cache_check_subgroups(r, ldc, sec->url, t, ent[i].name, - sec->group_attrib_is_dn ? req->dn : req->user, - sec->sgAttributes[0] ? sec->sgAttributes : default_attributes, - sec->subgroupclasses, - 0, sec->maxNestingDepth); - if (result == LDAP_COMPARE_TRUE) { - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01717) - "auth_ldap authorise: require group " - "(sub-group): authorisation successful " - "(attribute %s) [%s][%d - %s]", - ent[i].name, ldc->reason, result, - ldap_err2string(result)); - set_request_vars(r, LDAP_AUTHZ); - return AUTHZ_GRANTED; - } - else { - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01718) - "auth_ldap authorise: require group " - "(sub-group) \"%s\": didn't match with attr %s " - "[%s][%d - %s]", - t, ldc->reason, ent[i].name, result, - ldap_err2string(result)); - } + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01716) + "auth_ldap authorise: require group \"%s\": " + "failed [%s][%d - %s], checking sub-groups", + t, ldc->reason, result, ldap_err2string(result)); + + result = util_ldap_cache_check_subgroups(r, ldc, sec->url, t, ent[i].name, + sec->group_attrib_is_dn ? req->dn : req->user, + sec->sgAttributes[0] ? sec->sgAttributes : default_attributes, + sec->subgroupclasses, + 0, sec->maxNestingDepth); + if (result == LDAP_COMPARE_TRUE) { + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01717) + "auth_ldap authorise: require group " + "(sub-group): authorisation successful " + "(attribute %s) [%s][%d - %s]", + ent[i].name, ldc->reason, result, + ldap_err2string(result)); + set_request_vars(r, LDAP_AUTHZ); + return AUTHZ_GRANTED; + } + else { + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01718) + "auth_ldap authorise: require group " + "(sub-group) \"%s\": didn't match with attr %s " + "[%s][%d - %s]", + t, ldc->reason, ent[i].name, result, + ldap_err2string(result)); + } } ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01720)