httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cliff Skolnick <cl...@organic.com>
Subject WWW Form Bug Report: "if no 'requires' in limit with auth in affect, get bad server response" on Solaris 2.x (fwd)
Date Sat, 14 Oct 1995 05:06:31 GMT

Can someone respond to this guy?

---------- Forwarded message ----------
Date: Fri Oct 13 17:50:27 1995
From: chris@nrdev.com
To: cliff@organic.com
Subject: WWW Form Bug Report: "if no 'requires' in limit with auth in affect, get bad server
response" on Solaris 2.x

Submitter: chris@nrdev.com
Operating system: Solaris 2.x, version: 
Extra Modules used: 
URL exhibiting problem: 

Symptoms:
--
this may simply highlight a need for stronger access.conf parsing, or it's a bug - i don't
know what 'the spec' states...  if i have (note that the 'require' statement is commented
out):  <Directory /opt/apache/httpd/htdocs/special> Options Indexes FollowSymLinks MultiViews
 <Limit GET> order allow,deny allow from all #require valid-user </Limit>  AuthName
NetRunner Special Stuff AuthType Basic AuthUserFile /opt/apache/httpd/conf/htpasswd AuthGroupFile
/opt/apache/httpd/conf/htgroup  AllowOverride All </Directory>  the server returns a
document with no data (with netscape) or it crashes (with a client that i am writing).  the
crash is in mod_auth.c:check_user_access().  variable reqs_arr is NULL, but is ref'd in a
subsequent statement.  seems like one of two things should happen in this case:  1) during
parsing of access.conf, fail because 'require'   is missing 2) assume 'require valid_user'
if require is missing   but Auth* is there.
--

Backtrace:
--

--


Mime
View raw message