From: Jim Jagielski Date: Tue, 17 Sep 2013 18:47:19 +0000 (+0000) Subject: Merge r1523239 from trunk: X-Git-Tag: 2.4.7~200 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=00e791c64ae77da1bc6c636dbf44c1ad7dfe8688;p=apache Merge r1523239 from trunk: mod_auth_digest: Be more specific when the realm mismatches because the realm has not been specified. Submitted by: minfrin Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1524172 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index fa54294e12..2f600505b9 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,9 @@ Changes with Apache 2.4.7 + *) mod_auth_digest: Be more specific when the realm mismatches because the + realm has not been specified. [Graham Leggett] + *) mod_proxy: Add a note in the balancer manager stating whether changes will or will not be persisted. [Daniel Ruggeri] diff --git a/STATUS b/STATUS index 586ad3a230..62dc9c5171 100644 --- a/STATUS +++ b/STATUS @@ -97,12 +97,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - * mod_auth_digest: Be more specific when the realm mismatches because the - realm has not been specified. - trunk: http://svn.apache.org/viewvc?view=revision&revision=1523239 - 2.4.x patch: trunk patch works, modulo CHANGES and next-number - +1: minfrin, druggeri, chrisd - * mod_cache: Correct LOGNO which has not been updated when r1481396 was backported trunk: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/mod_cache.c?r1=1481396&r2=1481395&pathrev=1481396 2.4.x: http://people.apache.org/~jailletc36/1481396.patch diff --git a/modules/aaa/mod_auth_digest.c b/modules/aaa/mod_auth_digest.c index 987e5b5b04..dcf1e15ba1 100644 --- a/modules/aaa/mod_auth_digest.c +++ b/modules/aaa/mod_auth_digest.c @@ -1811,7 +1811,15 @@ static int authenticate_digest_user(request_rec *r) return HTTP_UNAUTHORIZED; } - if (strcmp(resp->realm, conf->realm)) { + if (!conf->realm) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02533) + "realm mismatch - got `%s' but no realm specified", + resp->realm); + note_digest_auth_failure(r, conf, resp, 0); + return HTTP_UNAUTHORIZED; + } + + if (!resp->realm || strcmp(resp->realm, conf->realm)) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01788) "realm mismatch - got `%s' but expected `%s'", resp->realm, conf->realm);