httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From minf...@apache.org
Subject svn commit: r1523239 - in /httpd/httpd/trunk: CHANGES docs/log-message-tags/next-number modules/aaa/mod_auth_digest.c
Date Sat, 14 Sep 2013 13:48:47 GMT
Author: minfrin
Date: Sat Sep 14 13:48:46 2013
New Revision: 1523239

URL: http://svn.apache.org/r1523239
Log:
mod_auth_digest: Be more specific when the realm mismatches because the
realm has not been specified.

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/docs/log-message-tags/next-number
    httpd/httpd/trunk/modules/aaa/mod_auth_digest.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1523239&r1=1523238&r2=1523239&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Sat Sep 14 13:48:46 2013
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) mod_auth_digest: Be more specific when the realm mismatches because the
+     realm has not been specified. [Graham Leggett]
+
   *) mod_cache: Avoid a crash with strcmp() when the hostname is not provided.
      [Graham Leggett]
 

Modified: httpd/httpd/trunk/docs/log-message-tags/next-number
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/log-message-tags/next-number?rev=1523239&r1=1523238&r2=1523239&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/log-message-tags/next-number (original)
+++ httpd/httpd/trunk/docs/log-message-tags/next-number Sat Sep 14 13:48:46 2013
@@ -1 +1 @@
-2533
+2534

Modified: httpd/httpd/trunk/modules/aaa/mod_auth_digest.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_auth_digest.c?rev=1523239&r1=1523238&r2=1523239&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_auth_digest.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_auth_digest.c Sat Sep 14 13:48:46 2013
@@ -1691,7 +1691,15 @@ static int authenticate_digest_user(requ
         return HTTP_UNAUTHORIZED;
     }
 
-    if (strcmp(resp->realm, conf->realm)) {
+    if (!conf->realm) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02533)
+                      "realm mismatch - got `%s' but no realm specified",
+                      resp->realm);
+        note_digest_auth_failure(r, conf, resp, 0);
+        return HTTP_UNAUTHORIZED;
+    }
+
+    if (!resp->realm || strcmp(resp->realm, conf->realm)) {
         ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01788)
                       "realm mismatch - got `%s' but expected `%s'",
                       resp->realm, conf->realm);



Mime
View raw message