* modules/mappers/mod_userdir.c (register_hooks): Move suexec_identity

hook to APR_HOOK_FIRST to ensure it runs before the mod_suexec hook.

PR: 18156
Submitted by: Joshua Slive

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@104699 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 6a7ee6ee79274a411022a11c22c5a379c9e834ef..c394379a26cb58b92b033cb44e6cc3ca1eef545b 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,10 @@ Changes with Apache 2.1.0-dev
 
   [Remove entries to the current 2.0 section below, when backported]
 
+  *) mod_userdir: Ensure that the userdir identity is used for
+     suexec userdir access in a virtual host which has suexec configured.  
+     PR 18156.  [Joshua Slive]
+
   *) SECURITY: CAN-2004-0751 (cve.mitre.org)
      mod_ssl: Fix a segfault in the SSL input filter which could be
      triggered if using "speculative" mode, for instance by a 

diff --git a/modules/mappers/mod_userdir.c b/modules/mappers/mod_userdir.c
index d916a95e1280af312f13ac18bfcccf75cd64ad4c..93d34ae0c6294e2acaf86efd54c86d0bab09ae5c 100644 (file)
--- a/modules/mappers/mod_userdir.c
+++ b/modules/mappers/mod_userdir.c
@@ -350,7 +350,7 @@ static void register_hooks(apr_pool_t *p)
 
     ap_hook_translate_name(translate_userdir,aszPre,aszSucc,APR_HOOK_MIDDLE);
 #ifdef HAVE_UNIX_SUEXEC
-    ap_hook_get_suexec_identity(get_suexec_id_doer,NULL,NULL,APR_HOOK_MIDDLE);
+    ap_hook_get_suexec_identity(get_suexec_id_doer,NULL,NULL,APR_HOOK_FIRST);
 #endif
 }