From: Eric Covener Date: Mon, 23 Feb 2015 19:02:31 +0000 (+0000) Subject: Merge r1654184 from trunk: X-Git-Tag: 2.4.13~407 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b7e7b6c2c49ad96219ea60e08c8c2ebdf2475f92;p=thirdparty%2Fapache%2Fhttpd.git Merge r1654184 from trunk: as in r1517366, drop the severity in authz_groupfile when a require didn't match but no real error was encountered. This individual 'require group' may not really dictate who gets in. PR55523 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1661749 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 8a5371f3388..ebe1ef1e350 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,9 @@ Changes with Apache 2.4.13 *) mod_authn_dbd: Fix the error message logged in case of error while querying the database. This is associated to AH01656 and AH01661. [Christophe Jaillet] + + *) mod_authz_goupfile: Reduce the severity of AH01667 from ERROR to DEBUG, + because it may be evaluated inside . PR55523. [Eric Covener] Changes with Apache 2.4.12 diff --git a/STATUS b/STATUS index 1bff6703c61..3a7d445392c 100644 --- a/STATUS +++ b/STATUS @@ -119,12 +119,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: 2.4.x patch: trunks works (modulo CHANGES) +1: ylavic, rjung, jailletc36 - * mod_authz_groupfile: Don't log routine authz failure at ERROR because - it's just as likely to be OR'ed with other authz results. PR55523, try 2. - trunk patch: http://svn.apache.org/r1654184 - 2.4.x patch: trunk works + CHANGES - +1: covener, minfrin, ylavic - * Easy patches - synch with trunk - Add missing APLOGNO. - mod_deflate: don't require by using APR_INT32_MAX instead of INT_MAX. diff --git a/modules/aaa/mod_authz_groupfile.c b/modules/aaa/mod_authz_groupfile.c index 70e6815305d..cd7d3f0e0a0 100644 --- a/modules/aaa/mod_authz_groupfile.c +++ b/modules/aaa/mod_authz_groupfile.c @@ -195,7 +195,7 @@ static authz_status group_check_authorization(request_rec *r, } } - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01667) + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01667) "Authorization of user %s to access %s failed, reason: " "user is not part of the 'require'ed group(s).", r->user, r->uri);