* Fix a problem with invalid auth error detection for LDAP client SDKs that don't
support the LDAP_SECURITY_ERROR macro.
PR: 39529
Submitted by: Ray Price <dohrayme yahoo.com>, Josh Fenlason <jfenlason ptc.com>
Reviewed by: bnicholes, wrowe, fielding
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@425731
13f79535-47bb-0310-9956-
ffa450edef68
-*- coding: utf-8 -*-
Changes with Apache 2.2.3
+ *) mod_authnz_ldap: Fix a problem with invalid auth error detection for LDAP
+ client SDKs that don't support the LDAP_SECURITY_ERROR macro. PR 39529.
+ [Ray Price <dohrayme yahoo.com>, Josh Fenlason <jfenlason ptc.com>]
+
*) mod_cache: Do not overwrite the Content-Type in the cache, for
successfully revalidated cached objects. PR 39647. [Ruediger Pluem]
http://issues.apache.org/bugzilla/attachment.cgi?id=18636
+1: bnicholes, rpluem, fielding
- * mod_authnz_ldap: Fix a problem with invalid auth error detection
- for LDAP client SDKs that don't support LDAP_SECURITY_ERROR
- macro. PR#39529
- http://svn.apache.org/viewvc?view=rev&revision=411306
- +1: bnicholes, wrowe, fielding
- wrowe observes; CONST==result is a horrid style convention
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
* Bundled PCRE: backport r381783 from trunk
return (LDAP_NO_SUCH_OBJECT == result) ? AUTH_USER_NOT_FOUND
#ifdef LDAP_SECURITY_ERROR
: (LDAP_SECURITY_ERROR(result)) ? AUTH_DENIED
+#else
+ : (LDAP_INAPPROPRIATE_AUTH == result) ? AUTH_DENIED
+ : (LDAP_INVALID_CREDENTIALS == result) ? AUTH_DENIED
+#ifdef LDAP_INSUFFICIENT_ACCESS
+ : (LDAP_INSUFFICIENT_ACCESS == result) ? AUTH_DENIED
+#endif
+#ifdef LDAP_INSUFFICIENT_RIGHTS
+ : (LDAP_INSUFFICIENT_RIGHTS == result) ? AUTH_DENIED
+#endif
#endif
: AUTH_GENERAL_ERROR;
}
projects / thirdparty / apache / httpd.git / commitdiff
