Changes with Apache 2.0.54
+ *) mod_ssl: If SSLUsername is used, set r->user earlier. PR 31418.
+ [David Reid]
+
*) htdigest: Fix permissions of created files. PR 33765. [Joe Orton]
*) core_input_filter: Move buckets to a persistent brigade instead of
identify exactly what the proposed changes are! ]
[ please append new backports at the end of this list not the top. ]
- *) mod_ssl: Set r->user from SSLUsername earlier so that it's
- actually useful.
- http://svn.apache.org/viewcvs.cgi?rev=153280&view=rev
- http://svn.apache.org/viewcvs.cgi?rev=151493&view=rev
- a.k.a. http://www.apache.org/~jorton/ap_ssluser.diff
- PR: 31418
- jerenkrantz comments: 151493 deletes a chunk and adds a chunk,
- with 153280 moving that added hunk elsewhere. My brain hurts.
- +1: jorton, jerenkrantz, pquerna, striker
-
*) Add a build script to create a solaris package.
svn rev 124104
+1: minfrin, trawick
}
}
+ /* If we're trying to have the user name set from a client
+ * certificate then we need to set it here. This should be safe as
+ * the user name probably isn't important from an auth checking point
+ * of view as the certificate supplied acts in that capacity.
+ * However, if FakeAuth is being used then this isn't the case so
+ * we need to postpone setting the username until later.
+ */
+ if ((dc->nOptions & SSL_OPT_FAKEBASICAUTH) == 0 && dc->szUserName) {
+ char *val = ssl_var_lookup(r->pool, r->server, r->connection,
+ r, (char *)dc->szUserName);
+ if (val && val[0])
+ r->user = val;
+ }
+
/*
* Check SSLRequire boolean expressions
*/
return DECLINED;
}
- /*
- * Set r->user if requested
- */
- if (dc->szUserName) {
- val = ssl_var_lookup(r->pool, r->server, r->connection,
- r, (char *)dc->szUserName);
- if (val && val[0]) {
- r->user = val;
- }
- }
-
/*
* Annotate the SSI/CGI environment with standard SSL information
*/
projects / thirdparty / apache / httpd.git / commitdiff
