www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Fuhr <mf...@dimensional.com>
Subject config/234: REMOTE_IDENT not always available to mod_rewrite
Date Sun, 16 Mar 1997 00:00:02 GMT

>Number:         234
>Category:       config
>Synopsis:       REMOTE_IDENT not always available to mod_rewrite
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache (Apache HTTP Project)
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Sat Mar 15 16:00:01 1997
>Originator:     mfuhr@dimensional.com
>Organization:
apache
>Release:        1.2b7
>Environment:
FreeBSD 2.1.7
gcc 2.6.3
>Description:
REMOTE_IDENT isn't available to a virtual host's rewrite rules under
the following conditions:

    * IdentityCheck is "off" by default.
    * IdentityCheck is turned "on" inside the <VirtualHost> directive.

REMOTE_IDENT is available later for SSI and CGI, but not for the
rewriting rules in a <VirtualHost> section.
>How-To-Repeat:
1. Set the default IdentityCheck to "off".
2. Add the following lines inside some <VirtualHost> section:

    RewriteEngine on
    RewriteLogLevel 4
    RewriteLog logs/virt-rewrite_log
    RewriteCond %{REMOTE_ADDR} 1.2.3.4    # IP of some host running IDENT
    RewriteCond %{REMOTE_IDENT} someuser  # name of some user on that host
    RewriteRule ^/somefile.html /otherfile.html [R,L]

3. Try to retrieve /somefile.html from the specified host as the specified
user.  The rewrite will fail; that REMOTE_IDENT is set later can be verified
by printing its value using SSI or CGI.

4.  The rewrite log will show something like this for the RewriteCond in
question:

    RewriteCond: input='' pattern='someuser' => not-matched

5. Set the default "IdentityCheck" to "on".
6. Try to retrieve /somefile.html again.
7. You should get /otherfile.html (a successful rewrite).
    
>Fix:
The problem shows itself in get_remote_login(), http_core.c, line 396:

    if (dir_conf->do_rfc1413 & 1)
        return rfc1413(r->connection, r->server);
    else
        return NULL;

When get_remote_login() is called from mod_rewrite.c, line 2532, it
always returns NULL.  Apparently dir_conf->do_rfc1413 hasn't been set
from the virtual host's IdentityCheck directive yet
>Audit-Trail:
>Unformatted:



Mime
View raw message