Add the same r->user == NULL check in the Satisfy Any code path as r965709 did

for Satisfy all

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@986606 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/server/request.c b/server/request.c
index 92f989b6aa89fd87bb89b5ae0d13006e517a002e..a5fbcde9982a20ea274765b163cf20e5dbfe814d 100644 (file)
--- a/server/request.c
+++ b/server/request.c
@@ -260,7 +260,14 @@ AP_DECLARE(int) ap_process_request_internal(request_rec *r)
                 if ((access_status = ap_run_check_user_id(r)) != OK) {
                     return decl_die(access_status, "check user", r);
                 }
-
+                if (r->user == NULL) {
+                    /* don't let buggy authn module crash us in authz */
+                    ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+                                  "Buggy authn provider failed to set user for %s",
+                                  r->uri);
+                    access_status = HTTP_INTERNAL_SERVER_ERROR;
+                    return decl_die(access_status, "check user", r);
+                }
                 if ((access_status = ap_run_auth_checker(r)) != OK) {
                     return decl_die(access_status, "check authorization", r);
                 }