From: Alexei Kosut Date: Mon, 8 Jul 1996 19:00:38 +0000 (+0000) Subject: Fix bug with Redirect X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7ecf34fce6bd3c0d9dd0a1eef0c377bb4d0a3485;p=thirdparty%2Fapache%2Fhttpd.git Fix bug with Redirect Fix MultiViews/handler interaction Update mod_auth_msql Fix mispelling in mod_auth_anon git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3@76634 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/RELEASE_1_1_X/src/CHANGES b/RELEASE_1_1_X/src/CHANGES index ced9c519a40..1b2e030195b 100644 --- a/RELEASE_1_1_X/src/CHANGES +++ b/RELEASE_1_1_X/src/CHANGES @@ -1,3 +1,16 @@ +Changes with Apache 1.1.1: + + *) Fixed bug where Redirect in .htaccess files would cause memory + leak. [Nathan Neulinger] + + *) MultiViews now works correctly with AddHandler [Alexei Kosut] + + *) Problems with mod_auth_msql fixed [Dirk vanGulik] + + *) Fix mispelling of "Anonymous_Authorative" directive in mod_auth_anon. + +Changes with Apache 1.1.0: + *) Bring NeXT support up to date. [Takaaki Matsumoto] *) Bring QNX support up to date. [Ben Laurie] diff --git a/RELEASE_1_1_X/src/main/http_main.c b/RELEASE_1_1_X/src/main/http_main.c index 9d566836283..76b12859c80 100644 --- a/RELEASE_1_1_X/src/main/http_main.c +++ b/RELEASE_1_1_X/src/main/http_main.c @@ -606,7 +606,12 @@ void reinit_scoreboard (pool *p) have_scoreboard_fname = 1; +#ifdef __EMX__ + /* OS/2 needs binary mode set. */ + scoreboard_fd = popenf(p, scoreboard_fname, O_CREAT|O_BINARY|O_RDWR, 0644); +#else scoreboard_fd = popenf(p, scoreboard_fname, O_CREAT|O_RDWR, 0644); +#endif if (scoreboard_fd == -1) { fprintf (stderr, "Cannot open scoreboard file:\n"); @@ -626,7 +631,12 @@ void reopen_scoreboard (pool *p) #if !defined(HAVE_MMAP) && !defined(HAVE_SHMGET) if (scoreboard_fd != -1) pclosef (p, scoreboard_fd); +#ifdef __EMX__ + /* OS/2 needs binary mode set. */ + scoreboard_fd = popenf(p, scoreboard_fname, O_CREAT|O_BINARY|O_RDWR, 0666); +#else scoreboard_fd = popenf(p, scoreboard_fname, O_CREAT|O_RDWR, 0666); +#endif if (scoreboard_fd == -1) { fprintf (stderr, "Cannot open scoreboard file:\n"); diff --git a/RELEASE_1_1_X/src/modules/standard/mod_alias.c b/RELEASE_1_1_X/src/modules/standard/mod_alias.c index 2e7b89f6c78..fa7988f6c63 100644 --- a/RELEASE_1_1_X/src/modules/standard/mod_alias.c +++ b/RELEASE_1_1_X/src/modules/standard/mod_alias.c @@ -74,6 +74,9 @@ typedef struct { array_header *redirects; } alias_server_conf; +typedef struct { + array_header *redirects; +} alias_dir_conf; module alias_module; void *create_alias_config (pool *p, server_rec *s) @@ -86,6 +89,13 @@ void *create_alias_config (pool *p, server_rec *s) return a; } +void *create_alias_dir_config (pool *p, char *d) +{ + alias_dir_conf *a = + (alias_dir_conf *)pcalloc (p, sizeof(alias_dir_conf)); + a->redirects = make_array (p, 2, sizeof(alias_entry)); + return a; +} void *merge_alias_config (pool *p, void *basev, void *overridesv) { alias_server_conf *a = @@ -98,6 +108,15 @@ void *merge_alias_config (pool *p, void *basev, void *overridesv) return a; } +void *merge_alias_dir_config (pool *p, void *basev, void *overridesv) +{ + alias_dir_conf *a = + (alias_dir_conf *)pcalloc (p, sizeof(alias_dir_conf)); + alias_dir_conf *base = (alias_dir_conf *)basev, + *overrides = (alias_dir_conf *)overridesv; + a->redirects = append_arrays (p, overrides->redirects, base->redirects); + return a; +} char *add_alias(cmd_parms *cmd, void *dummy, char *f, char *r) { server_rec *s = cmd->server; @@ -111,15 +130,22 @@ char *add_alias(cmd_parms *cmd, void *dummy, char *f, char *r) return NULL; } -char *add_redirect(cmd_parms *cmd, void *dummy, char *f, char *url) +char *add_redirect(cmd_parms *cmd, alias_dir_conf *dirconf, char *f, char *url) { + alias_entry *new; server_rec *s = cmd->server; - alias_server_conf *conf = + alias_server_conf *serverconf = (alias_server_conf *)get_module_config(s->module_config,&alias_module); - alias_entry *new = push_array (conf->redirects); if (!is_url (url)) return "Redirect to non-URL"; - + if ( cmd->path ) + { + new = push_array (dirconf->redirects); + } + else + { + new = push_array (serverconf->redirects); + } new->fake = f; new->real = url; return NULL; } @@ -198,7 +224,7 @@ char *try_alias_list (request_rec *r, array_header *aliases, int doesc) int translate_alias_redir(request_rec *r) { void *sconf = r->server->module_config; - alias_server_conf *conf = + alias_server_conf *serverconf = (alias_server_conf *)get_module_config(sconf, &alias_module); char *ret; @@ -210,12 +236,12 @@ int translate_alias_redir(request_rec *r) #endif return BAD_REQUEST; - if ((ret = try_alias_list (r, conf->redirects, 1)) != NULL) { + if ((ret = try_alias_list (r, serverconf->redirects, 1)) != NULL) { table_set (r->headers_out, "Location", ret); return REDIRECT; } - if ((ret = try_alias_list (r, conf->aliases, 0)) != NULL) { + if ((ret = try_alias_list (r, serverconf->aliases, 0)) != NULL) { r->filename = ret; return OK; } @@ -225,14 +251,14 @@ int translate_alias_redir(request_rec *r) int fixup_redir(request_rec *r) { - void *sconf = r->server->module_config; - alias_server_conf *conf = - (alias_server_conf *)get_module_config(sconf, &alias_module); + void *dconf = r->per_dir_config; + alias_dir_conf *dirconf = + (alias_dir_conf *)get_module_config(dconf, &alias_module); char *ret; /* It may have changed since last time, so try again */ - if ((ret = try_alias_list (r, conf->redirects, 1)) != NULL) { + if ((ret = try_alias_list (r, dirconf->redirects, 1)) != NULL) { table_set (r->headers_out, "Location", ret); return REDIRECT; } @@ -243,8 +269,8 @@ int fixup_redir(request_rec *r) module alias_module = { STANDARD_MODULE_STUFF, NULL, /* initializer */ - NULL, /* dir config creater */ - NULL, /* dir merger --- default is to override */ + create_alias_dir_config, /* dir config creater */ + merge_alias_dir_config, /* dir merger --- default is to override */ create_alias_config, /* server config */ merge_alias_config, /* merge server configs */ alias_cmds, /* command table */ diff --git a/RELEASE_1_1_X/src/modules/standard/mod_auth_anon.c b/RELEASE_1_1_X/src/modules/standard/mod_auth_anon.c index 49b736a8c51..cefe9486efe 100644 --- a/RELEASE_1_1_X/src/modules/standard/mod_auth_anon.c +++ b/RELEASE_1_1_X/src/modules/standard/mod_auth_anon.c @@ -75,7 +75,7 @@ * Anonymous_LogEmail [ on | off ] default = on * Anonymous_VerifyEmail [ on | off ] default = off * Anonymous_NoUserId [ on | off ] default = off - * Anonymous_Authorative [ on | off ] default = off + * Anonymous_Authoritative [ on | off ] default = off * * The magic user id is something like 'anonymous', it is NOT case sensitive. * diff --git a/RELEASE_1_1_X/src/modules/standard/mod_auth_msql.c b/RELEASE_1_1_X/src/modules/standard/mod_auth_msql.c index b8d0e21d2d9..111e7bafc4a 100644 --- a/RELEASE_1_1_X/src/modules/standard/mod_auth_msql.c +++ b/RELEASE_1_1_X/src/modules/standard/mod_auth_msql.c @@ -284,6 +284,12 @@ * Replaced some MAX_STRING_LENGTH claims. * 1.0 removed some error check as they where already done elsehwere * NumFields -> NumRows (Thanks Vitek). More stack memory. + * 1.1 no logging of empty password strings. + * 1.2 Problem with the Backward vitek which cause it to check + * even if msql_auth was not configured; Also more carefull + * with the authorative stuff; caught by thomas@marvin.calvacom.fr. + * 1.3 Even more changes to get it right; that BACKWARD thing was a bad + * idea. */ @@ -778,11 +784,10 @@ int msql_authenticate_basic_user (request_rec *r) * We do not check on dbase, group, userid or host name, as it is * perfectly possible to only do group control with mSQL and leave * user control to the next (dbm) guy in line. + * We no longer check on the user field name; to avoid problems + * with Backward VITEK. */ - if ( - (!sec->auth_msql_pwd_table) && - (!sec->auth_msql_pwd_field) - ) return DECLINED; + if (!sec->auth_msql_pwd_table) return DECLINED; if(!(real_pw = get_msql_pw(r, c->user, sec,msql_errstr ))) { if ( msql_errstr[0] ) { @@ -809,8 +814,10 @@ int msql_authenticate_basic_user (request_rec *r) */ if ((sec->auth_msql_nopasswd) && (!strlen(real_pw))) { +/* sprintf(msql_errstr,"mSQL: user %s: Empty/'any' password accepted",c->user); log_reason (msql_errstr, r->uri, r); + */ return OK; }; @@ -862,6 +869,9 @@ int msql_check_auth (request_rec *r) { char *t, *w; msql_errstr[0]='\0'; + /* If we are not configured, ignore */ + if (!sec->auth_msql_pwd_table) return DECLINED; + if (!reqs_arr) { if (sec->auth_msql_authorative) { sprintf(msql_errstr,"user %s denied, no access rules specified (MSQL-Authorative) ",user); @@ -929,25 +939,23 @@ int msql_check_auth (request_rec *r) { }; } - /* we do not have to check the valid-ness of the group result as - * have not (yet) a 'valid-group' token + /* Get serious if we are authorative, previous + * returns are only if msql yielded a correct result. + * This really is not needed. */ - if ( (user_result != OK) && (sec->auth_msql_authorative) ) { - sprintf(msql_errstr,"User %s denied, no access rules applied (MSQL-Authorative) ",user); + if (((group_result == AUTH_REQUIRED) || (user_result == AUTH_REQUIRED)) && (sec->auth_msql_authorative) ) { + sprintf(msql_errstr,"mSQL-Authorative: Access denied on %s %s rule(s) ", + (group_result == AUTH_REQUIRED) ? "USER" : "", + (user_result == AUTH_REQUIRED) ? "GROUP" : "" + ); log_reason (msql_errstr, r->uri, r); - note_basic_auth_failure(r); return AUTH_REQUIRED; }; + if ( (user_result == OK) || (group_result == OK)) + return OK; - /* if the user is DECLINED, it is up to the group_result to tip - * the balance. But if the group result is AUTH_REQUIRED it should - * always override. A SERVER_ERROR should not get here. - */ - if ( (user_result == DECLINED) || (group_result == AUTH_REQUIRED)) - return group_result; - - return user_result; + return DECLINED; } diff --git a/RELEASE_1_1_X/src/modules/standard/mod_negotiation.c b/RELEASE_1_1_X/src/modules/standard/mod_negotiation.c index 77f1cbd4961..eef5f320cc1 100644 --- a/RELEASE_1_1_X/src/modules/standard/mod_negotiation.c +++ b/RELEASE_1_1_X/src/modules/standard/mod_negotiation.c @@ -1089,6 +1089,7 @@ int handle_multi (request_rec *r) if (!do_cache_negotiated_docs(r->server)) r->no_cache = 1; r->filename = sub_req->filename; + r->handler = sub_req->handler; r->content_type = sub_req->content_type; r->content_encoding = sub_req->content_encoding; r->content_language = sub_req->content_language;