Don't restore r->user after authn/authz failure. Any authn module that sets

r->user even if authentication failed is broken, anyway.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@956395 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/server/request.c b/server/request.c
index d371113b5fcae6aec43fea093564925ade0be333..880f0efc96ba73441c97c761ae228c13548452b5 100644 (file)
--- a/server/request.c
+++ b/server/request.c
@@ -201,7 +201,6 @@ AP_DECLARE(int) ap_process_request_internal(request_rec *r)
         r->ap_auth_type = r->main->ap_auth_type;
     }
     else {
-        char *failed_user = NULL;
         switch (ap_satisfies(r)) {
         case SATISFY_ALL:
         case SATISFY_NOSPEC:
@@ -211,7 +210,6 @@ AP_DECLARE(int) ap_process_request_internal(request_rec *r)
 
             if ((access_status = ap_run_check_user_id(r)) != OK) {
                 if (access_status == HTTP_UNAUTHORIZED) {
-                    failed_user = r->user;
                     r->user = NULL;
                     ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
                                   "authn failed with HTTP_UNAUTHORIZED, "
@@ -223,8 +221,6 @@ AP_DECLARE(int) ap_process_request_internal(request_rec *r)
             }
 
             if ((access_status = ap_run_auth_checker(r)) != OK) {
-                if (failed_user)
-                    r->user = failed_user;
                 return decl_die(access_status, "check authorization", r);
             }
             break;
@@ -233,7 +229,6 @@ AP_DECLARE(int) ap_process_request_internal(request_rec *r)
 
                 if ((access_status = ap_run_check_user_id(r)) != OK) {
                     if (access_status == HTTP_UNAUTHORIZED) {
-                        failed_user = r->user;
                         r->user = NULL;
                         ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
                                       "authn failed with HTTP_UNAUTHORIZED, "
@@ -245,8 +240,6 @@ AP_DECLARE(int) ap_process_request_internal(request_rec *r)
                 }
 
                 if ((access_status = ap_run_auth_checker(r)) != OK) {
-                    if (failed_user)
-                        r->user = failed_user;
                     return decl_die(access_status, "check authorization", r);
                 }
             }