subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From svn-r...@apache.org
Subject svn commit: r1713076 - in /subversion/branches/1.9.x: ./ STATUS subversion/mod_authz_svn/mod_authz_svn.c
Date Sat, 07 Nov 2015 04:00:50 GMT
Author: svn-role
Date: Sat Nov  7 04:00:50 2015
New Revision: 1713076

URL: http://svn.apache.org/viewvc?rev=1713076&view=rev
Log:
Merge r1708699 from trunk:

 * r1708699
   Fix authz with mandatory authn provided by mod_auth_kerb/mod_auth_ntlm.
   Justification:
     Regression introduced in 1.9.2.
   Votes:
     +1: philip, rhuijben, stefan2

Modified:
    subversion/branches/1.9.x/   (props changed)
    subversion/branches/1.9.x/STATUS
    subversion/branches/1.9.x/subversion/mod_authz_svn/mod_authz_svn.c

Propchange: subversion/branches/1.9.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sat Nov  7 04:00:50 2015
@@ -95,4 +95,4 @@
 /subversion/branches/verify-at-commit:1462039-1462408
 /subversion/branches/verify-keep-going:1439280-1546110
 /subversion/branches/wc-collate-path:1402685-1480384
-/subversion/trunk:1660545-1660547,1660549-1662901,1663003,1663183-1663184,1663338,1663347,1663355,1663374,1663450,1663530,1663671,1663697,1663706,1663738,1663749,1663791,1663991,1664035,1664078,1664080,1664084-1664085,1664187,1664191,1664193,1664200,1664344,1664476,1664480-1664481,1664483,1664489-1664490,1664507,1664520-1664521,1664523,1664526-1664527,1664531-1664532,1664588,1664593-1664594,1664596,1664653,1664664,1664672,1664674,1664684,1664927,1664938-1664940,1664978,1664984,1664997,1665164,1665195,1665213,1665259,1665318,1665437-1665438,1665609,1665611-1665612,1665845,1665850,1665852,1665886,1665894,1665896,1666096,1666258,1666270,1666272,1666379,1666449,1666690,1666832,1666851,1666965,1667101,1667106-1667107,1667120,1667228,1667233-1667235,1667249-1667250,1667258,1667290,1667301,1667471,1667691-1667693,1667699-1667700,1667715,1667941,1667976,1668320,1668598-1668600,1668602-1668603,1668607-1668608,1668618,1669743,1669746,1669749,1669945,1670139,1670149,1670152,1670329,1670337,167
 0347,1670353,1671164,1671388,1672295,1672311,1672372,1672404,1672511-1672512,1672578,1672728,1673044,1673062-1673063,1673065,1673153,1673170,1673172,1673197,1673202,1673204,1673228,1673282,1673445,1673691-1673692,1673746,1673785,1673803,1674015,1674032,1674170,1674301,1674305,1674308,1674339-1674340,1674406,1674415,1674455-1674456,1674475,1674487,1674522,1674580,1674626-1674627,1674785,1674891,1675771,1675774,1676526,1676535,1676538,1676555,1676564,1676570,1676665,1676667,1676769,1677003,1677191,1677267,1677440,1678147,1678149,1678494,1678571,1678734,1678742,1678745-1678746,1678755,1678839,1678846,1678894,1678950,1678963,1679166,1679169,1679228,1679230,1679240,1679287,1679864,1679866,1679909,1680242,1680264,1680495,1680705,1680819,1681317,1682714,1682854,1683071,1683126,1683135,1683290,1683303,1683311,1683378,1683387,1684034,1684077,1684322,1684325,1684344,1684412,1684940,1685034,1685085,1686175,1686239,1686478,1686541,1686543,1686554,1686557,1686802,1686888,1686984,1687029,1687304,
 1687389,1687769,1687776,1688258,1688273,1688395,1689214,1689216,1689721,1689729,1691712-1691713,1691924,1691928,1692091,1692093,1692098,1692448,1692469-1692470,1692798-1692799,1693135,1693138,1693159,1693886,1694023,1694194,1694481,1694929,1695022,1695600,1695606,1695681,1696222,1696225,1696387,1696695,1697381,1697384,1697387,1697664,1697824,1697835,1697845,1697914,1697967,1698106,1698312,1700215,1700219-1700220,1700740,1700951,1701064,1701206,1701270,1701298,1701598,1701603,1701611,1701633,1701638,1701646,1701736,1701792,1701797,1701838,1701997,1702198,1702200,1702203,1702218,1702231,1702237-1702239,1702247,1702288,1702299-1702300,1702310,1702397,1702407,1702467,1702472,1702474,1702478,1702533,1702549,1702553,1702565,1702891,1702974,1702991,1703581,1703675,1703740,1705060,1705062,1705064,1705088,1705328,1705843,1706241,1706323-1706324,1706783,1706983,1706999,1709389,1709562,1710104,1710215,1710290,1710558
+/subversion/trunk:1660545-1660547,1660549-1662901,1663003,1663183-1663184,1663338,1663347,1663355,1663374,1663450,1663530,1663671,1663697,1663706,1663738,1663749,1663791,1663991,1664035,1664078,1664080,1664084-1664085,1664187,1664191,1664193,1664200,1664344,1664476,1664480-1664481,1664483,1664489-1664490,1664507,1664520-1664521,1664523,1664526-1664527,1664531-1664532,1664588,1664593-1664594,1664596,1664653,1664664,1664672,1664674,1664684,1664927,1664938-1664940,1664978,1664984,1664997,1665164,1665195,1665213,1665259,1665318,1665437-1665438,1665609,1665611-1665612,1665845,1665850,1665852,1665886,1665894,1665896,1666096,1666258,1666270,1666272,1666379,1666449,1666690,1666832,1666851,1666965,1667101,1667106-1667107,1667120,1667228,1667233-1667235,1667249-1667250,1667258,1667290,1667301,1667471,1667691-1667693,1667699-1667700,1667715,1667941,1667976,1668320,1668598-1668600,1668602-1668603,1668607-1668608,1668618,1669743,1669746,1669749,1669945,1670139,1670149,1670152,1670329,1670337,167
 0347,1670353,1671164,1671388,1672295,1672311,1672372,1672404,1672511-1672512,1672578,1672728,1673044,1673062-1673063,1673065,1673153,1673170,1673172,1673197,1673202,1673204,1673228,1673282,1673445,1673691-1673692,1673746,1673785,1673803,1674015,1674032,1674170,1674301,1674305,1674308,1674339-1674340,1674406,1674415,1674455-1674456,1674475,1674487,1674522,1674580,1674626-1674627,1674785,1674891,1675771,1675774,1676526,1676535,1676538,1676555,1676564,1676570,1676665,1676667,1676769,1677003,1677191,1677267,1677440,1678147,1678149,1678494,1678571,1678734,1678742,1678745-1678746,1678755,1678839,1678846,1678894,1678950,1678963,1679166,1679169,1679228,1679230,1679240,1679287,1679864,1679866,1679909,1680242,1680264,1680495,1680705,1680819,1681317,1682714,1682854,1683071,1683126,1683135,1683290,1683303,1683311,1683378,1683387,1684034,1684077,1684322,1684325,1684344,1684412,1684940,1685034,1685085,1686175,1686239,1686478,1686541,1686543,1686554,1686557,1686802,1686888,1686984,1687029,1687304,
 1687389,1687769,1687776,1688258,1688273,1688395,1689214,1689216,1689721,1689729,1691712-1691713,1691924,1691928,1692091,1692093,1692098,1692448,1692469-1692470,1692798-1692799,1693135,1693138,1693159,1693886,1694023,1694194,1694481,1694929,1695022,1695600,1695606,1695681,1696222,1696225,1696387,1696695,1697381,1697384,1697387,1697664,1697824,1697835,1697845,1697914,1697967,1698106,1698312,1700215,1700219-1700220,1700740,1700951,1701064,1701206,1701270,1701298,1701598,1701603,1701611,1701633,1701638,1701646,1701736,1701792,1701797,1701838,1701997,1702198,1702200,1702203,1702218,1702231,1702237-1702239,1702247,1702288,1702299-1702300,1702310,1702397,1702407,1702467,1702472,1702474,1702478,1702533,1702549,1702553,1702565,1702891,1702974,1702991,1703581,1703675,1703740,1705060,1705062,1705064,1705088,1705328,1705843,1706241,1706323-1706324,1706783,1706983,1706999,1708699,1709389,1709562,1710104,1710215,1710290,1710558

Modified: subversion/branches/1.9.x/STATUS
URL: http://svn.apache.org/viewvc/subversion/branches/1.9.x/STATUS?rev=1713076&r1=1713075&r2=1713076&view=diff
==============================================================================
--- subversion/branches/1.9.x/STATUS (original)
+++ subversion/branches/1.9.x/STATUS Sat Nov  7 04:00:50 2015
@@ -127,13 +127,6 @@ Veto-blocked changes:
 Approved changes:
 =================
 
- * r1708699
-   Fix authz with mandatory authn provided by mod_auth_kerb/mod_auth_ntlm.
-   Justification:
-     Regression introduced in 1.9.2.
-   Votes:
-     +1: philip, rhuijben, stefan2
-
  * r1709553
    Fix display of process ID in mod_dav_svn cache statistics.
    Justification:

Modified: subversion/branches/1.9.x/subversion/mod_authz_svn/mod_authz_svn.c
URL: http://svn.apache.org/viewvc/subversion/branches/1.9.x/subversion/mod_authz_svn/mod_authz_svn.c?rev=1713076&r1=1713075&r2=1713076&view=diff
==============================================================================
--- subversion/branches/1.9.x/subversion/mod_authz_svn/mod_authz_svn.c (original)
+++ subversion/branches/1.9.x/subversion/mod_authz_svn/mod_authz_svn.c Sat Nov  7 04:00:50
2015
@@ -954,19 +954,21 @@ access_checker(request_rec *r)
 #if USE_FORCE_AUTHN
       if (authn_configured) {
           /* We have to check to see if authn is required because if so we must
-           * return UNAUTHORIZED (401) rather than FORBIDDEN (403) since returning
+           * return DECLINED rather than FORBIDDEN (403) since returning
            * the 403 leaks information about what paths may exist to
-           * unauthenticated users.  We must set a note here in order
-           * to use ap_some_authn_rquired() without triggering an infinite
-           * loop since the call will trigger this function to be called again. */
+           * unauthenticated users.  Returning DECLINED means apache's request
+           * handling will continue until the authn module itself generates
+           * UNAUTHORIZED (401).
+
+           * We must set a note here in order to use
+           * ap_some_authn_rquired() without triggering an infinite
+           * loop since the call will trigger this function to be
+           * called again. */
           apr_table_setn(r->notes, IN_SOME_AUTHN_NOTE, (const char*)1);
           authn_required = ap_some_authn_required(r);
           apr_table_unset(r->notes, IN_SOME_AUTHN_NOTE);
           if (authn_required)
-            {
-              ap_note_auth_failure(r);
-              return HTTP_UNAUTHORIZED;
-            }
+            return DECLINED;
       }
 #else
       if (!authn_required)



Mime
View raw message