fruit... hanging low

author Jim Jagielski <jim@apache.org>

Tue, 13 Nov 2007 15:06:33 +0000 (15:06 +0000)

committer Jim Jagielski <jim@apache.org>

Tue, 13 Nov 2007 15:06:33 +0000 (15:06 +0000)
author Jim Jagielski <jim@apache.org>
Tue, 13 Nov 2007 15:06:33 +0000 (15:06 +0000)
committer Jim Jagielski <jim@apache.org>
Tue, 13 Nov 2007 15:06:33 +0000 (15:06 +0000)
diff --git a/STATUS b/STATUS

index c6a93318c03a17f508f24be5bdd982f034b9f051..dccc9894fb963c60c2e8c8bba970d23f96b6e2d0 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -79,12 +79,6 @@ RELEASE SHOWSTOPPERS:
  PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
    [ start all new proposals below, under PATCHES PROPOSED. ]
  
-   * mod_authz_groupfile: don't risk crash if r->user isn't set.
-     PR 42995
-     Trunk: n/a
-     2.2.x patch: http://people.apache.org/~niq/42995.patch
-     +1: niq, covener, trawick
-
     * mod_authn_dbd: Export any additional columns queried in the SQL select
       into the environment with the name AUTHENTICATE_<COLUMN>. This brings
       mod_authn_dbd behaviour in line with mod_authnz_ldap.
diff --git a/modules/aaa/mod_authz_groupfile.c b/modules/aaa/mod_authz_groupfile.c

index 0d52c8de410094afdae6bce50591df1769cc326a..4c7105076160cddd7ffdbd7285631365dfc8e060 100644 (file)
--- a/modules/aaa/mod_authz_groupfile.c
+++ b/modules/aaa/mod_authz_groupfile.c
@@ -173,6 +173,11 @@ static int check_user_access(request_rec *r)
          return DECLINED; /* XXX change from legacy */
      }
  
+    /* If there's no user, it's a misconfiguration */
+    if (!user) {
+        return HTTP_INTERNAL_SERVER_ERROR;
+    }
+
      reqs = (require_line *)reqs_arr->elts;
  
      for (x = 0; x < reqs_arr->nelts; x++) {
author	Jim Jagielski <jim@apache.org>
	Tue, 13 Nov 2007 15:06:33 +0000 (15:06 +0000)
committer	Jim Jagielski <jim@apache.org>
	Tue, 13 Nov 2007 15:06:33 +0000 (15:06 +0000)
STATUS		patch \| blob \| blame \| history
modules/aaa/mod_authz_groupfile.c		patch \| blob \| blame \| history