From da2d17a2787aa938d4e1512fec62caa566dd29df Mon Sep 17 00:00:00 2001 From: Eric Covener Date: Wed, 17 Sep 2008 16:37:07 +0000 Subject: [PATCH] backport r678949 from trunk: propogate a NULL get_realm_hash() implementation from AuthnProviderAlias back to mod_auth_digest. PR 45196 Submitted by: covener Reviewed by: rpluem, jerenkrantz git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@696364 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 4 ++++ STATUS | 10 ---------- modules/aaa/mod_authn_alias.c | 10 +++++++++- 3 files changed, 13 insertions(+), 11 deletions(-) diff --git a/CHANGES b/CHANGES index 1889ae0402b..2eb5195496e 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,10 @@ Changes with Apache 2.2.10 mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of the FTP URL. Discovered by Marc Bevand of Rapid7. [Ruediger Pluem] + *) mod_authn_alias: Detect during startup when AuthDigestProvider + is configured to use an incompatible provider via AuthnProviderAlias. + PR 45196 [Eric Covener] + *) mod_proxy: Add 'scolonpathdelim' parameter to allow for ';' to also be used as a session path separator/delim PR 45158. [Jim Jagielski] diff --git a/STATUS b/STATUS index 1ba1fc4cf5d..48bd22d7f7c 100644 --- a/STATUS +++ b/STATUS @@ -92,16 +92,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: http://svn.apache.org/viewvc?rev=639010&view=rev (mmn) +1: niq, rpluem, mturk - * mod_authn_alias: Propogate a NULL get_realm_hash() implementation - from AuthnProviderAlias back to mod_auth_digest. This moves detection - of an incompatible-with-digest provider to a startup error. - PR 45196 - Trunk version of patch: - http://svn.apache.org/viewvc?rev=678949&view=rev - Backport version for 2.2.x of patch: - http://people.apache.org/~covener/2.2.x-auth_alias_digest.diff - +1: covener, rpluem, jerenkrantz - * mod_proxy_balancer: Add in new bybusyness LB method. Trunk version of patch: http://svn.apache.org/viewvc?rev=686805&view=rev diff --git a/modules/aaa/mod_authn_alias.c b/modules/aaa/mod_authn_alias.c index d306f67af58..a3a35948b2f 100644 --- a/modules/aaa/mod_authn_alias.c +++ b/modules/aaa/mod_authn_alias.c @@ -122,6 +122,12 @@ static const authn_provider authn_alias_provider = &authn_alias_get_realm_hash, }; +static const authn_provider authn_alias_provider_nodigest = +{ + &authn_alias_check_password, + NULL, +}; + static const char *authaliassection(cmd_parms *cmd, void *mconfig, const char *arg) { int old_overrides = cmd->override; @@ -194,7 +200,9 @@ static const char *authaliassection(cmd_parms *cmd, void *mconfig, const char *a /* Register the fake provider so that we get called first */ ap_register_provider(cmd->pool, AUTHN_PROVIDER_GROUP, provider_alias, "0", - &authn_alias_provider); + provider->get_realm_hash ? + &authn_alias_provider : + &authn_alias_provider_nodigest); } cmd->override = old_overrides; -- 2.47.2