Fail server startup when mod_auth_digest is unable to

provide the security checks configured.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@813396 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index ad0f248730f86f17c1f1f1fd7bc4dd476d42c09e..ca96923d40a1e334e5db8cfcbe31ef8dcc42f634 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,10 @@
 
 Changes with Apache 2.3.3
 
+  *) mod_auth_digest: Fail server start when nonce count checking
+     is configured without shared memory, or md5-sess algorithm is
+     configured. [Dan Poirier]
+
   *) mod_proxy_connect: The connect method doesn't work if the client is
      connecting to the apache proxy through an ssl socket. Fixed.
      PR29744. [Brad Boyer, Mark Cave-Ayland, Julian Gilbey, Fabrice Durand,

diff --git a/docs/manual/mod/mod_auth_digest.xml b/docs/manual/mod/mod_auth_digest.xml
index 53b32740414e1104a21b39ba6f6b0054174e574b..b2f704701ba0d7f3f643acf1e25212f7ff1e820e 100644 (file)
--- a/docs/manual/mod/mod_auth_digest.xml
+++ b/docs/manual/mod/mod_auth_digest.xml
@@ -88,6 +88,8 @@
     support digest authentication. Since digest authentication is not as
     widely implemented as basic authentication, you should use it only
     in environments where all users will have supporting browsers.</p>
+    <p><module>mod_auth_digest</module> only works properly on platforms
+      where APR supports shared memory.</p>
     </note>
 </section>
 
@@ -329,7 +331,7 @@ of clients</description>
     server.</p>
 
     <p>The <var>size</var> is normally expressed in Bytes, but you
-    may let the number follow a <code>K</code> or an <code>M</code> to
+    may follow the number with a <code>K</code> or an <code>M</code> to
     express your value as KBytes or MBytes. For example, the following
     directives are all equivalent:</p>
 

diff --git a/modules/aaa/mod_auth_digest.c b/modules/aaa/mod_auth_digest.c
index 34dfea6c7f9454f2cdc4a0a3e9695b381358b9af..8bc2934ac258b3f452b844d2ec28335d4bcea239 100644 (file)
--- a/modules/aaa/mod_auth_digest.c
+++ b/modules/aaa/mod_auth_digest.c
@@ -592,13 +592,13 @@ static const char *set_nonce_format(cmd_parms *cmd, void *config,
 
 static const char *set_nc_check(cmd_parms *cmd, void *config, int flag)
 {
-    if (flag && !client_shm) {
-        ap_log_error(APLOG_MARK, APLOG_WARNING, 0,
-                     cmd->server, "Digest: WARNING: nonce-count checking "
+#if !APR_HAS_SHARED_MEMORY
+    if (flag) {
+        return "AuthDigestNcCheck: ERROR: nonce-count checking "
                      "is not supported on platforms without shared-memory "
-                     "support - disabling check");
-        flag = 0;
+                     "support";
     }
+#endif
 
     ((digest_config_rec *) config)->check_nc = flag;
     return NULL;
@@ -607,13 +607,8 @@ static const char *set_nc_check(cmd_parms *cmd, void *config, int flag)
 static const char *set_algorithm(cmd_parms *cmd, void *config, const char *alg)
 {
     if (!strcasecmp(alg, "MD5-sess")) {
-        if (!client_shm) {
-            ap_log_error(APLOG_MARK, APLOG_WARNING, 0,
-                         cmd->server, "Digest: WARNING: algorithm `MD5-sess' "
-                         "is not supported on platforms without shared-memory "
-                         "support - reverting to MD5");
-            alg = "MD5";
-        }
+        return "AuthDigestAlgorithm: ERROR: algorithm `MD5-sess' "
+                "is not fully implemented";
     }
     else if (strcasecmp(alg, "MD5")) {
         return apr_pstrcat(cmd->pool, "Invalid algorithm in AuthDigestAlgorithm: ", alg, NULL);
@@ -1432,6 +1427,13 @@ static int check_nc(const request_rec *r, const digest_header_rec *resp,
     const char *snc = resp->nonce_count;
     char *endptr;
 
+    if (conf->check_nc && !client_shm) {
+        /* Shouldn't happen, but just in case... */
+        ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
+                      "Digest: cannot check nonce count without shared memory");
+        return OK;
+    }
+
     if (!conf->check_nc || !client_shm) {
         return OK;
     }