From owner-new-httpd@hyperreal.com  Mon Jul  1 13:50:57 1996
Received: by taz.hyperreal.com (8.6.12/8.6.5) id NAA17596; Mon, 1 Jul 1996 13:50:57 -0700
Received: from sierra.zyzzyva.com by taz.hyperreal.com (8.6.12/8.6.5) with ESMTP id NAA17575; Mon, 1 Jul 1996 13:50:52 -0700
Received: from zyzzyva.com (localhost [127.0.0.1]) by sierra.zyzzyva.com (8.7.5/8.6.11) with ESMTP id PAA19077 for <new-httpd@apache.org>; Mon, 1 Jul 1996 15:50:50 -0500 (CDT)
Message-Id: <199607012050.PAA19077@sierra.zyzzyva.com>
To: new-httpd@apache.org
Subject: Re: cvs commit: apache/src mod_auth_msql.c 
In-reply-to: brian's message of Mon, 01 Jul 1996 13:35:46 -0700.
         <Pine.BSI.3.93.960701133237.2677A-100000@taz.hyperreal.com> 
X-uri: http://www.zyzzyva.com/
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Mon, 01 Jul 1996 15:50:50 -0500
From: Randy Terbush <randy@zyzzyva.com>
Sender: owner-new-httpd@apache.org
Precedence: bulk
Reply-To: new-httpd@hyperreal.com


Can someone please make an argument for _why_ we do a general release
with known bugs? Let alone bugs in authorization code?


> You can't win.  Either you decide to release something this decade, or you
> ship something with known bugs.  We can always point people to the newer,
> though less thoroughly tested, versions of mod_auth_msql and
> mod_cern_meta.  
> 
> 	Brian, whose head cold is making him irascible
> 
> On Mon, 1 Jul 1996, Randy Terbush wrote:
> > I think it is a bad idea to reverse these changes since they
> > fix real bugs. Without these changes, it will likely break
> > all existing sites using this module.
> > 
> > 
> > > brian       96/07/01 12:04:11
> > > 
> > >   Modified:    src       mod_auth_msql.c
> > >   Log:
> > >   Reverse mod_auth_msql.c changes, back to version 1.0.
> > >   
> > >   Revision  Changes    Path
> > >   1.10      +19 -25    apache/src/mod_auth_msql.c
> > >   
> > >   Index: mod_auth_msql.c
> > >   ===================================================================
> > >   RCS file: /export/home/cvs/apache/src/mod_auth_msql.c,v
> > >   retrieving revision 1.9
> > >   retrieving revision 1.10
> > >   diff -C3 -r1.9 -r1.10
> > >   *** mod_auth_msql.c	1996/06/30 22:36:57	1.9
> > >   --- mod_auth_msql.c	1996/07/01 19:04:08	1.10
> > >   ***************
> > >   *** 284,295 ****
> > >      *		Replaced some MAX_STRING_LENGTH claims. 
> > >      *	   1.0  removed some error check as they where already done elsehwere
> > >      *	        NumFields -> NumRows (Thanks Vitek). More stack memory.
> > >   -  *	   1.1	no logging of empty password strings.
> > >   -  * 	   1.2  Problem with the Backward vitek which cause it to check
> > >   -  *		even if msql_auth was not configured; Also more carefull
> > >   -  *		with the authorative stuff; caught by thomas@marvin.calvacom.fr.
> > >   -  *	   1.3  Even more changes to get it right; that BACKWARD thing was a bad
> > >   -  *		idea. 
> > >      */
> > >     
> > >     
> > >   --- 284,289 ----
> > >   ***************
> > >   *** 398,404 ****
> > >   --- 392,400 ----
> > >     #include "http_log.h"
> > >     #include "http_protocol.h"
> > >     #include <msql.h>
> > >   + #ifdef HAVE_CRYPT_H
> > >     #include <crypt.h>
> > >   + #endif
> > >     
> > >     typedef struct  {
> > >     
> > >   ***************
> > >   *** 782,791 ****
> > >          * We do not check on dbase, group, userid or host name, as it is
> > >          * perfectly possible to only do group control with mSQL and leave
> > >          * user control to the next (dbm) guy in line.
> > >   -      * We no longer check on the user field name; to avoid problems
> > >   -      * with Backward VITEK.
> > >          */
> > >   !     if (!sec->auth_msql_pwd_table) return DECLINED;
> > >     
> > >         if(!(real_pw = get_msql_pw(r, c->user, sec,msql_errstr ))) {
> > >     	if ( msql_errstr[0] ) {
> > >   --- 778,788 ----
> > >          * We do not check on dbase, group, userid or host name, as it is
> > >          * perfectly possible to only do group control with mSQL and leave
> > >          * user control to the next (dbm) guy in line.
> > >          */
> > >   !     if (
> > >   !     	(!sec->auth_msql_pwd_table) &&
> > >   !     	(!sec->auth_msql_pwd_field)
> > >   ! 	 ) return DECLINED;
> > >     
> > >         if(!(real_pw = get_msql_pw(r, c->user, sec,msql_errstr ))) {
> > >     	if ( msql_errstr[0] ) {
> > >   ***************
> > >   *** 812,821 ****
> > >          */
> > >     
> > >         if ((sec->auth_msql_nopasswd) && (!strlen(real_pw))) {
> > >   - /*
> > >             sprintf(msql_errstr,"mSQL: user %s: Empty/'any' password accepted",c->user);
> > >     	log_reason (msql_errstr, r->uri, r);
> > >   -  */
> > >     	return OK;
> > >     	};
> > >     
> > >   --- 809,816 ----
> > >   ***************
> > >   *** 867,875 ****
> > >         char *t, *w;
> > >         msql_errstr[0]='\0';
> > >     
> > >   -     /* If we are not configured, ignore */
> > >   -     if (!sec->auth_msql_pwd_table) return DECLINED;
> > >   - 
> > >         if (!reqs_arr) {
> > >     	if (sec->auth_msql_authorative) {
> > >     	        sprintf(msql_errstr,"user %s denied, no access rules specified (MSQL-Authorative) ",user);
> > >   --- 862,867 ----
> > >   ***************
> > >   *** 937,959 ****
> > >     	    };
> > >             }
> > >     
> > >   !     /* Get serious if we are authorative, previous
> > >   !      * returns are only if msql yielded a correct result. 
> > >   !      * This really is not needed.
> > >          */
> > >   !     if (((group_result == AUTH_REQUIRED) || (user_result == AUTH_REQUIRED)) && (sec->auth_msql_authorative) ) {
> > >   !         sprintf(msql_errstr,"mSQL-Authorative: Access denied on %s %s rule(s) ", 
> > >   ! 		(group_result == AUTH_REQUIRED) ? "USER" : "", 
> > >   ! 		(user_result == AUTH_REQUIRED) ? "GROUP" : ""
> > >   ! 		);
> > >     	log_reason (msql_errstr, r->uri, r);
> > >     	return AUTH_REQUIRED;
> > >     	};
> > >     
> > >   -     if ( (user_result == OK) || (group_result == OK))
> > >   - 	return OK;
> > >     
> > >   !     return DECLINED;
> > >     }
> > >     
> > >     
> > >   --- 929,953 ----
> > >     	    };
> > >             }
> > >     
> > >   !     /* we do not have to check the valid-ness of the group result as
> > >   !      * have not (yet) a 'valid-group' token
> > >          */
> > >   !     if ( (user_result != OK) && (sec->auth_msql_authorative) ) {
> > >   !         sprintf(msql_errstr,"User %s denied, no access rules applied (MSQL-Authorative) ",user);
> > >     	log_reason (msql_errstr, r->uri, r);
> > >   +         note_basic_auth_failure(r);
> > >     	return AUTH_REQUIRED;
> > >     	};
> > >     
> > >     
> > >   !     /* if the user is DECLINED, it is up to the group_result to tip
> > >   !      * the balance. But if the group result is AUTH_REQUIRED it should
> > >   !      * always override. A SERVER_ERROR should not get here. 
> > >   !      */
> > >   !     if ( (user_result == DECLINED) || (group_result == AUTH_REQUIRED))
> > >   ! 	return group_result;
> > >   ! 
> > >   !     return user_result;
> > >     }
> > >     
> > >     
> > >   
> > >   
> > >   
> > 
> > 
> > 
> >