httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cliff Skolnick <cl...@organic.com>
Subject WWW Form Bug Report: "access to index.html broken under certain circumstances" on Solaris 2.x (fwd)
Date Mon, 01 Jul 1996 11:02:04 GMT

no ack was sent, can someone evaluate this?


--
Cliff Skolnick, CIO      http://www.organic.com/     cliff@organic.com
Organic Online, Inc.       ** we're hiring **           (415) 278-5650
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." -- Benjamin Franklin, 1759

---------- Forwarded message ----------
Date: Mon Jul  1  3:16:19 1996
From: jk@tools.de
To: cliff@organic.com
Subject: WWW Form Bug Report: "access to index.html broken under certain circumstances" on
Solaris 2.x

Submitter: jk@tools.de
Operating system: Solaris 2.x, version: 
Version of Apache Used: 1.1b4
Extra Modules used: 
URL exhibiting problem: 

Symptoms:
--
I have something like the following in access.conf

<Directory /usr/local/etc/httpd/htdocs/xyz>
 AuthName       Auth-Name
 AuthType       Basic
 AuthUserFile   /usr/local/etc/httpd/etc/passwd
 <Limit PUT DELETE>
 require user jk
 </Limit>
</Directory>

A 'GET' access to URI /xyz/ fails with status 403
'Forbidden', while a direct access to /xyz/index.html
is ok!

Reason seems to be the auth_type calls in 
sub_req_lookup_uri and sub_req_lookup_file.  The
'same' code in process_request_internal was
changed from auth_type() -> some_auth_required();
the same change should probably applied to the
sub_req_lookup_* routines, too.

Looking at the code in the two sub_req_lookup_*
functions, I also noticed that location_walk isn't
called, which could be a separate problem.

*** apache-1.1b4-orig/src/http_request.c        Mon Jun 17 22:28:19 1996
--- apache-1.1b4/src/http_request.c     Mon Jul  1 11:45:37 1996
***************
*** 464,469 ****
--- 464,472 ----
      return rnew;
  }
  
+ 
+ static int some_auth_required (request_rec *r);
+ 
  request_rec *sub_req_lookup_uri (char *new_file, request_rec *r)
  {
      request_rec *rnew;
***************
*** 510,516 ****
       */
      
      if ((res = directory_walk (rnew))
!       || (!auth_type (rnew) ? 0 :
             ((res = check_user_id (rnew)) || (res = check_auth (rnew))))
        || (res = check_access (rnew))
        || (res = find_types (rnew))
--- 513,519 ----
       */
      
      if ((res = directory_walk (rnew))
!       || (!some_auth_required (rnew) ? 0 :
             ((res = check_user_id (rnew)) || (res = check_auth (rnew))))
        || (res = check_access (rnew))
        || (res = find_types (rnew))
***************
*** 553,559 ****
         
      if ((res = directory_walk (rnew))
        || (res = check_access (rnew))
!       || (!auth_type (rnew) ? 0 :
             ((res = check_user_id (rnew)) && (res = check_auth (rnew))))
        || (res = find_types (rnew))
        || (res = run_fixups (rnew))
--- 556,562 ----
         
      if ((res = directory_walk (rnew))
        || (res = check_access (rnew))
!       || (!some_auth_required (rnew) ? 0 :
             ((res = check_user_id (rnew)) && (res = check_auth (rnew))))
        || (res = find_types (rnew))
        || (res = run_fixups (rnew))

--

Backtrace:
--

--


Mime
View raw message