www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2026-01-13 21:42:17 +03:00
Code Activity
26,790 Commits 62 Branches 306 Tags
25a2e41ea7e474100375986de0a0d792ff8094de
Commit Graph

704 Commits

Author SHA1 Message Date
Christophe Jaillet
ea86cb0cfa Fix cut and paste typo in error message + remove empty lines to be consistent 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1656549 13f79535-47bb-0310-9956-ffa450edef68
 2015-02-02 19:31:37 +00:00
Eric Covener
8dd6f463ed as in r1517366, drop the severity in authz_groupfile when a require 
didn't match but no real error was encountered. 

This individual 'require group' may not really dictate who gets in. PR55523 



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1654184 13f79535-47bb-0310-9956-ffa450edef68
 2015-01-23 12:21:34 +00:00
Rainer Jung
642b344069 Silence compiler warnings: 
- modules/aaa/mod_authnz_fcgi.c:705: warning:
  'orspbuflen' may be used uninitialized in this function

- modules/aaa/mod_authnz_fcgi.c:1235: warning:
  comparison is always false due to limited range of data type


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1652829 13f79535-47bb-0310-9956-ffa450edef68
 2015-01-18 18:57:53 +00:00
Yann Ylavic
7e2dd53161 mod_authnz_fcgi: we don't need to add the trailing '\0' to parse response headers since r1640036. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1640345 13f79535-47bb-0310-9956-ffa450edef68
 2014-11-18 13:53:24 +00:00
Yann Ylavic
f9520fec08 mod_proxy_fcgi, mod_authnz_fcgi: stop reading the response and issue an error 
when parsing or forwarding the response fails.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1640040 13f79535-47bb-0310-9956-ffa450edef68
 2014-11-16 22:25:32 +00:00
Yann Ylavic
54f0797498 mod_proxy_fcgi: SECURITY: CVE-2014-3583 (cve.mitre.org) 
Fix a potential crash with response headers' size above 8K.

The code changes to mod_authnz_fcgi keep the handle_headers()
function in sync between the two modules.  mod_authnz_fcgi
does not have this issue because it allocated a separate byte
for terminating '\0'.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1640036 13f79535-47bb-0310-9956-ffa450edef68
 2014-11-16 22:04:39 +00:00
Yann Ylavic
31e1a51f0f Revert r1638818, r1639812, r1639717 and r1639814 for new staging. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1640034 13f79535-47bb-0310-9956-ffa450edef68
 2014-11-16 21:52:40 +00:00
Yann Ylavic
adf6a11dd1 mod_authnz_fcgi: follow up to r1639717. 
Let ap_scan_script_header*() validate the headers.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1639814 13f79535-47bb-0310-9956-ffa450edef68
 2014-11-15 00:37:13 +00:00
Yann Ylavic
2e5c23a872 mod_authnz_fcgi: Fix a potential crash with response headers' size above 8K. 
(similar to r1638818 for mod_proxy_fcgi).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1639717 13f79535-47bb-0310-9956-ffa450edef68
 2014-11-14 18:18:15 +00:00
Jan Kaluža
20fd477118 mod_auth_basic: Fix comment mentioning 403 instead of 401. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1638072 13f79535-47bb-0310-9956-ffa450edef68
 2014-11-11 12:00:17 +00:00
Eric Covener
25c47738cf Resolve rashes with LDAP authz and non-LDAP authn since r1608202. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1637990 13f79535-47bb-0310-9956-ffa450edef68
 2014-11-10 22:43:53 +00:00
Christophe Jaillet
17fbce4077 More style 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1629441 13f79535-47bb-0310-9956-ffa450edef68
 2014-10-04 20:09:10 +00:00
Christophe Jaillet
5103a03d3b Style (mostly indent) 
remove a useless local variable initialization

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1629440 13f79535-47bb-0310-9956-ffa450edef68
 2014-10-04 20:03:06 +00:00
Eric Covener
d952a0912f PR56870: authzprovideralias-defined authz provier can't be used in a virtualhost 
apply the same workaround from mod_authn_core r1554995 so r->server has our hash.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1618851 13f79535-47bb-0310-9956-ffa450edef68
 2014-08-19 12:44:09 +00:00
Christophe Jaillet
cb675cd076 Add missing APLOGNO. 
Split lines longer than 80.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1611980 13f79535-47bb-0310-9956-ffa450edef68
 2014-07-19 22:05:10 +00:00
Christophe Jaillet
3a25c513f3 Add missing APLOGNO. 
Refactor to keep APLOGNO on the same line as ap_log_error, when applicable.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1611978 13f79535-47bb-0310-9956-ffa450edef68
 2014-07-19 22:02:53 +00:00
Rainer Jung
a0f1a905f7 Silence compiler warning: 
mod_authnz_fcgi.c:580:44: warning: 'orspbuflen'
may be used uninitialized in this function.

Not true but annoying.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1611600 13f79535-47bb-0310-9956-ffa450edef68
 2014-07-18 11:39:11 +00:00
Eric Covener
784d92f074 Consolidate common code that got duplicated by 2.3.x authz refactoring. 
Arrange for backend LDAP connections to be returned 
to the pool by a fixup hook rather than staying locked
until the end of (a potentially slow) request.

Add a little more trace4 to the authnz_ldap side of LDAP connection obtain/release.




git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1608202 13f79535-47bb-0310-9956-ffa450edef68
 2014-07-06 14:06:50 +00:00
Yann Ylavic
ff4ff27e69 Use unsigned bit flags (otherwise the non-zero value to be used is -1). 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1603863 13f79535-47bb-0310-9956-ffa450edef68
 2014-06-19 12:43:05 +00:00
Christophe Jaillet
2d01df12ea Fix duplicate APLOGNO 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1596108 13f79535-47bb-0310-9956-ffa450edef68
 2014-05-20 04:02:49 +00:00
Graham Leggett
9376a82bb2 mod_authnz_ldap: Fail explicitly when the filter is too long. Remove 
unnecessary apr_pstrdup() and strlen().


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1591012 13f79535-47bb-0310-9956-ffa450edef68
 2014-04-29 16:05:56 +00:00
Graham Leggett
84358db95c Add the ldap-search option to mod_authnz_ldap, allowing authorization 
to be based on arbitrary expressions that do not include the username.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1589993 13f79535-47bb-0310-9956-ffa450edef68
 2014-04-25 11:14:36 +00:00
Gregg Lewis Smith
8b5e1ad57d Add mod_authnz_fcgi to traditional Win build 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1588054 13f79535-47bb-0310-9956-ffa450edef68
 2014-04-16 20:11:40 +00:00
Ben Reser
cb78bad8d4 Allow Require expr to work when the expression is quoted. 
For example as appears in our documentation:
Require expr "%{TIME_HOUR} -ge 9 && %{TIME_HOUR} -le 17"

PR: 56235


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1585609 13f79535-47bb-0310-9956-ffa450edef68
 2014-04-07 22:38:53 +00:00
Yann Ylavic
08346fc972 mod_auth_form: update empty log tags. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1585435 13f79535-47bb-0310-9956-ffa450edef68
 2014-04-07 09:12:09 +00:00
Yann Ylavic
42e7a43e3c mod_auth_form: revert r1585431 (don't crash when no AuthFormProvider is configured). 
This cannot happen in trunk, 2.4.x needs authenticate_form_post_config() to be
merged (r1531672).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1585434 13f79535-47bb-0310-9956-ffa450edef68
 2014-04-07 09:10:51 +00:00
Yann Ylavic
c36332bfcb mod_auth_form: don't crash when no AuthFormProvider is configured. PR 56351 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1585431 13f79535-47bb-0310-9956-ffa450edef68
 2014-04-07 08:59:07 +00:00
Jeff Trawick
edbbc1acda move a temporary table from r->pool to a temporary 
pool we've already allocated in order to avoid a 
longer lifetime than necessary for the table memory

Suggested by: jailletc36


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1585072 13f79535-47bb-0310-9956-ffa450edef68
 2014-04-05 11:57:46 +00:00
Jeff Trawick
fa91c90ef4 axe unnecessary preparation for some other module using 
[ap_]connect_to_peer() and passing in its own module
identifier

Pointed out by: jailletc36


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1585054 13f79535-47bb-0310-9956-ffa450edef68
 2014-04-05 11:45:47 +00:00
Jeff Trawick
e19c8aabd4 don't log bogus rv 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1583007 13f79535-47bb-0310-9956-ffa450edef68
 2014-03-29 14:57:37 +00:00
Christophe Jaillet
6e69b3ceb0 Use 'apr_table_setn' instead of 'apr_table_set' when possible in order to save memory. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1578762 13f79535-47bb-0310-9956-ffa450edef68
 2014-03-18 06:54:03 +00:00
Jan Kaluža
7c077f5aff mod_authn_socache.c: fix creation of default socache_instance. 
In pre_config, default socache_provider is created, but socache_instance
initialization is missing. This leads to crash on startup if default
socache_provider is used (AuthnCacheSOCache is not called) and
AuthnCacheEnable or AuthnCacheProvideFor is used.

This problem has been introduced in r1531961.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1576233 13f79535-47bb-0310-9956-ffa450edef68
 2014-03-11 08:52:54 +00:00
Jeff Trawick
379c6db4f3 follow-up to r1554161, r1554168, r1554170, r1554175, r1554188, and r1554195: 
axe unnecessary initialization/pool allocation


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1558483 13f79535-47bb-0310-9956-ffa450edef68
 2014-01-15 17:42:39 +00:00
Eric Covener
eb7516d35a Providers defined in <AuthnProviderAlias have not been usable under 
in virtual hosts since migrating from mod_authn_alias to mod_authn_core.
PR 55622.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1554995 13f79535-47bb-0310-9956-ffa450edef68
 2014-01-03 01:59:12 +00:00
Graham Leggett
d377e1d3ac mod_authz_user: Support the expression parser within the require directives. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1554195 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-30 11:57:15 +00:00
Graham Leggett
be8ea07e55 mod_authnz_host: Support the expression parser within the require directives. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1554188 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-30 11:14:19 +00:00
Graham Leggett
a73870441f Pass the correct pointer that made it past the test suite. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1554184 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-30 10:56:05 +00:00
Graham Leggett
defc95ad91 Pass the correct pointer that made it past the test suite. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1554181 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-30 10:52:58 +00:00
Graham Leggett
d3a32a3a00 Pass the correct pointer that made it past the test suite. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1554176 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-30 10:21:07 +00:00
Graham Leggett
5e6723cbc9 mod_authnz_groupfile: Support the expression parser within the require directives. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1554175 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-30 09:59:58 +00:00
Graham Leggett
c8258c2ade mod_authnz_dbm: Support the expression parser within the require directives. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1554170 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-30 09:37:17 +00:00
Graham Leggett
133bf49fdf mod_authnz_dbd: Support the expression parser within the require directives. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1554168 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-30 08:54:09 +00:00
Graham Leggett
cd7dfa6c1c mod_authnz_ldap: Support the expression parser within the require 
directives.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1554161 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-30 07:48:18 +00:00
Eric Covener
66c5435a4d update comments for two r->user related directives. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1553485 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-26 13:57:49 +00:00
Eric Covener
9247116c87 Log a warning when the LDAP authn provider is configured but an AuthLDAPURL 
isn't -- IOW, avoid silently skipping a misconfigured [or buggy?] LDAP provider.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1551611 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-17 16:38:36 +00:00
Graham Leggett
dfd46c234e mod_auth_form: Make the trace logging consistent through the notes, session 
and form authentication steps.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1550307 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-11 23:08:42 +00:00
Graham Leggett
e8907b1678 mod_auth_form: Add a debug message when the fields on a form are not 
recognised.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1550302 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-11 22:59:53 +00:00
Christophe Jaillet
553054d0ba Fix missing spaces in messages 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1546860 13f79535-47bb-0310-9956-ffa450edef68
 2013-12-01 21:13:56 +00:00
Jeff Trawick
59d2f013e2 At least one authorizer that doesn't use libfcgi directly 
or indirectly does not like getting an empty FCGI_STDIN
block.  Don't send it.  (Other mods for httpd didn't send
it to authorizers either.)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1541181 13f79535-47bb-0310-9956-ffa450edef68
 2013-11-12 18:11:31 +00:00
Christophe Jaillet
534f207ddd Remove useless apr_pstrdup as done for other mod_auth modules in r1026660 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1538149 13f79535-47bb-0310-9956-ffa450edef68
 2013-11-02 08:22:25 +00:00