Two fixes in one:

- No longer calls exit() when the secret fails to initialize, instead
  post_config just returns !OK and lets the server bail out.

- No longer fails on DSOs -- since we load-unload-reload DSOs we lose
  any static memory that was initialized during the first load.
  This patch allows us to simply pass on the first call to post_config,
  and then do the initialization in the second call.

Tested to work on Linux from an IE5.0 client.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92630 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 4c9b548f2b0de4d45114d2530a552c1cc3ccc9b5..9f7b793878897cb7197b42eda88ccb4ac89d1e06 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,12 @@
 Changes with Apache 2.0.30-dev
 
+  *) Remove the call to exit() from within mod_auth_digest's post_config
+     phase.  [Aaron Bannert]
+
+  *) Fix a problem in mod_auth_digest that could potentially cause
+     problems with initialized static data on a system that uses DSOs.
+     [Aaron Bannert]
+
   *) Fix a segfault in the worker MPM that could happen during
      child process exits.  [Brian Pane, Aaron Bannert]
 

diff --git a/modules/aaa/mod_auth_digest.c b/modules/aaa/mod_auth_digest.c
index a489573735d1cb0bcf87e25f27d43ef95900d0a4..3c847c9888f310221eda9b73b997c3d464e4d208 100644 (file)
--- a/modules/aaa/mod_auth_digest.c
+++ b/modules/aaa/mod_auth_digest.c
@@ -249,10 +249,7 @@ typedef union time_union {
     unsigned char arr[sizeof(apr_time_t)];
 } time_rec;
 
-
 static unsigned char secret[SECRET_LEN];
-static int call_cnt = 0;
-
 
 /* client-list, opaque, and one-time-nonce stuff */
 
@@ -302,7 +299,7 @@ static apr_status_t cleanup_tables(void *not_used)
     return APR_SUCCESS;
 }
 
-static void initialize_secret(server_rec *s)
+static apr_status_t initialize_secret(server_rec *s)
 {
     apr_status_t status;
 
@@ -315,15 +312,17 @@ static void initialize_secret(server_rec *s)
 #error APR random number support is missing; you probably need to install the truerand library.
 #endif
 
-    if (!(status == APR_SUCCESS)) {
+    if (status != APR_SUCCESS) {
         char buf[120];
         ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_CRIT, 0, s,
                      "Digest: error generating secret: %s", 
                      apr_strerror(status, buf, sizeof(buf)));
-        exit(1);
+        return status;
     }
 
     ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0, s, "Digest: done");
+
+    return APR_SUCCESS;
 }
 
 static void log_error_and_cleanup(char *msg, apr_status_t sts, server_rec *s)
@@ -409,18 +408,22 @@ static void initialize_tables(server_rec *s, apr_pool_t *ctx)
 
 
 static int initialize_module(apr_pool_t *p, apr_pool_t *plog,
-                              apr_pool_t *ptemp, server_rec *s)
+                             apr_pool_t *ptemp, server_rec *s)
 {
-    /* keep from doing the init more than once at startup, and delay
-     * the init until the second round
-     */
-    if (++call_cnt < 2) {
+    void *data;
+    const char *userdata_key = "auth_digest_init";
+
+    /* initialize_module() will be called twice, and if it's a DSO
+     * then all static data from the first call will be lost. Only
+     * set up our static data on the second call. */
+    apr_pool_userdata_get(&data, userdata_key, s->process->pool);
+    if (!data) {
+        apr_pool_userdata_setn((const void *)1, userdata_key,
+                               apr_pool_cleanup_null, s->process->pool);
         return OK;
     }
-
-    /* only initialize the secret on startup, not on restarts */
-    if (call_cnt == 2) {
-        initialize_secret(s);
+    if (initialize_secret(s) != APR_SUCCESS) {
+        return !OK;
     }
 
 #if APR_HAS_SHARED_MEMORY