Fold in approved, 2.1/2.2-like behavior which prevents core

dump when doing LDAP auth even if the check_user_id didn't
succeed.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@239641 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index a8c5e5aaf07672fba7970dd8f0e60f2936bc81be..1b9a1150202f3c8eec5201edc59f88d80a22b591 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,11 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.0.55
 
+  *) Fix core dump if mod_auth_ldap's mod_auth_ldap_auth_checker()
+     was called even if mod_auth_ldap_check_user_id() was not
+     (or if it didn't succeed) for non-authoritative cases.
+     [Jim Jagielski]
+
   *) Fix cases where the byterange filter would buffer responses
      into memory.  PR 29962.  [Joe Orton]
 

diff --git a/STATUS b/STATUS
index 38e4abcdc9b4236ea932f44834ee4407219579b0..e5390b280d2c307c2fc5772d740f44db3c85aaaa 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -201,13 +201,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
         2.0 version: http://people.apache.org/~trawick/179704-20.txt
         +1: trawick, jorton, wrowe
 
-    *) Prevent bad dereferencing of non-existent req struct in
-       mod_auth_ldap's mod_auth_ldap_auth_checker() if
-       mod_auth_ldap_check_user_id() was never (fully) called.
-       Similar behavior to that in 2.1/2.2.
-         http://people.apache.org/~jim/mod_auth_ldap-2.0.patch
-       +1: jim, minfrin, bnicholes
-
      *) Add httxt2dbm for creating RewriteMap DBM Files.
         http://svn.apache.org/viewcvs.cgi?rev=209539&view=rev
         +1: pquerna, jorton, trawick

diff --git a/modules/experimental/mod_auth_ldap.c b/modules/experimental/mod_auth_ldap.c
index 7f0c76e160105d981ca5d06e18f9c237f5cf1785..17b8d9659ab766714f1c33ef7b4880e29430c843 100644 (file)
--- a/modules/experimental/mod_auth_ldap.c
+++ b/modules/experimental/mod_auth_ldap.c
@@ -460,6 +460,26 @@ int mod_auth_ldap_auth_checker(request_rec *r)
         return DECLINED;
     }
 
+    /*
+     * It is possible that we've skipped mod_auth_ldap's
+     * check_user_id hook, but still get here. In that
+     * case, the req request_config struct hasn't been initialized
+     * causing problems when we try to use req->dn and/or req->name
+     * below. So we simply create one.
+     *
+     * Unlike 2.2, we don't try to search or populate it.
+     */
+    if (!req) {
+        ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r, 
+                      "[%d] auth_ldap authorise: "
+                      "no req struct - skipped mod_auth_ldap_check_user_id?",
+                      getpid());
+
+        req = (mod_auth_ldap_request_t *)apr_pcalloc(r->pool,
+                                                     sizeof(mod_auth_ldap_request_t));
+        ap_set_module_config(r->request_config, &auth_ldap_module, req);
+    }
+
     if (sec->host) {
         ldc = util_ldap_connection_find(r, sec->host, sec->port,
                                        sec->binddn, sec->bindpw, sec->deref,
@@ -657,6 +677,13 @@ int mod_auth_ldap_auth_checker(request_rec *r)
             }
         }
         else if (strcmp(w, "ldap-attribute") == 0) {
+            if (req->dn == NULL || strlen(req->dn) == 0) {
+               ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
+                              "[%d] auth_ldap authorise: "
+                              "require ldap-attribute: user's DN has not been defined; failing authorisation", 
+                              getpid());
+                return sec->auth_authoritative? HTTP_UNAUTHORIZED : DECLINED;
+            }
             while (t[0]) {
                 w = ap_getword(r->pool, &t, '=');
                 value = ap_getword_conf(r->pool, &t);