Implement checks for NULL r->user as per r705361.

NOTE: If someone with an LDAP setup can ensure this compiles and works,
that would be great.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@707183 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/aaa/mod_authnz_ldap.c b/modules/aaa/mod_authnz_ldap.c
index 25229bb0cf872b594b6ff5e69aaeba570398ff2a..eedc2084e47c67c2df173458d7c4b51526768cca 100644 (file)
--- a/modules/aaa/mod_authnz_ldap.c
+++ b/modules/aaa/mod_authnz_ldap.c
@@ -518,7 +518,13 @@ static authz_status ldapuser_check_authorization(request_rec *r,
      */
 
     /* Check that we have a userid to start with */
-    if ((!r->user) || (strlen(r->user) == 0)) {
+    if (!r->user) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+            "access to %s failed, reason: no authenticated user", r->uri);
+        return AUTHZ_DENIED;
+    }
+
+    if (!strlen(r->user)) {
         ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
             "ldap authorize: Userid is blank, AuthType=%s",
             r->ap_auth_type);
@@ -686,7 +692,13 @@ static authz_status ldapgroup_check_authorization(request_rec *r,
      */
 
     /* Check that we have a userid to start with */
-    if ((!r->user) || (strlen(r->user) == 0)) {
+    if (!r->user) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+            "access to %s failed, reason: no authenticated user", r->uri);
+        return AUTHZ_DENIED;
+    }
+
+    if (!strlen(r->user)) {
         ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
             "ldap authorize: Userid is blank, AuthType=%s",
             r->ap_auth_type);
@@ -843,7 +855,13 @@ static authz_status ldapdn_check_authorization(request_rec *r,
      */
 
     /* Check that we have a userid to start with */
-    if ((!r->user) || (strlen(r->user) == 0)) {
+    if (!r->user) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+            "access to %s failed, reason: no authenticated user", r->uri);
+        return AUTHZ_DENIED;
+    }
+
+    if (!strlen(r->user)) {
         ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
             "ldap authorize: Userid is blank, AuthType=%s",
             r->ap_auth_type);
@@ -951,7 +969,13 @@ static authz_status ldapattribute_check_authorization(request_rec *r,
      */
 
     /* Check that we have a userid to start with */
-    if ((!r->user) || (strlen(r->user) == 0)) {
+    if (!r->user) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+            "access to %s failed, reason: no authenticated user", r->uri);
+        return AUTHZ_DENIED;
+    }
+
+    if (!strlen(r->user)) {
         ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
             "ldap authorize: Userid is blank, AuthType=%s",
             r->ap_auth_type);
@@ -1064,7 +1088,13 @@ static authz_status ldapfilter_check_authorization(request_rec *r,
      */
 
     /* Check that we have a userid to start with */
-    if ((!r->user) || (strlen(r->user) == 0)) {
+    if (!r->user) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+            "access to %s failed, reason: no authenticated user", r->uri);
+        return AUTHZ_DENIED;
+    }
+
+    if (!strlen(r->user)) {
         ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
             "ldap authorize: Userid is blank, AuthType=%s",
             r->ap_auth_type);