From 7c986ef4df3432d5ae1c92cba5cb07062ff2a6c8 Mon Sep 17 00:00:00 2001 From: Wilfredo Sanchez Date: Sun, 8 Dec 2002 21:13:07 +0000 Subject: [PATCH] outch. there are some possible NULL pointer references. Have you ever tried AuthDigestProvider dbm? This results in a great kaboom. The patch makes apache throw an error, if someone tries a provider, that doesn't support the particular auth scheme. Submitted by: Andre Malo git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97802 13f79535-47bb-0310-9956-ffa450edef68 --- modules/aaa/mod_auth_basic.c | 14 ++++++++++++++ modules/aaa/mod_auth_digest.c | 14 ++++++++++++++ 2 files changed, 28 insertions(+) diff --git a/modules/aaa/mod_auth_basic.c b/modules/aaa/mod_auth_basic.c index 0ac5cf9b1d..62251cddce 100644 --- a/modules/aaa/mod_auth_basic.c +++ b/modules/aaa/mod_auth_basic.c @@ -125,6 +125,13 @@ static const char *add_authn_provider(cmd_parms *cmd, void *config, newp->provider_name); } + if (!newp->provider->check_password) { + /* if it doesn't provide the appropriate function, reject it */ + return apr_psprintf(cmd->pool, + "The '%s' Authn provider doesn't support " + "Basic Authentication", provider_name); + } + /* Add it to the list now. */ if (!conf->providers) { conf->providers = newp; @@ -257,6 +264,13 @@ static int authenticate_basic_user(request_rec *r) if (!current_provider) { provider = ap_lookup_provider(AUTHN_PROVIDER_GROUP, AUTHN_DEFAULT_PROVIDER, "0"); + + if (!provider || !provider->check_password) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "No Authn provider configured"); + auth_result = AUTH_GENERAL_ERROR; + break; + } } else { provider = current_provider->provider; diff --git a/modules/aaa/mod_auth_digest.c b/modules/aaa/mod_auth_digest.c index 2669fafa1b..9186bfb290 100644 --- a/modules/aaa/mod_auth_digest.c +++ b/modules/aaa/mod_auth_digest.c @@ -516,6 +516,13 @@ static const char *add_authn_provider(cmd_parms *cmd, void *config, newp->provider_name); } + if (!newp->provider->get_realm_hash) { + /* if it doesn't provide the appropriate function, reject it */ + return apr_psprintf(cmd->pool, + "The '%s' Authn provider doesn't support " + "Digest Authentication", provider_name); + } + /* Add it to the list now. */ if (!conf->providers) { conf->providers = newp; @@ -1477,6 +1484,13 @@ static const char *get_hash(request_rec *r, const char *user, if (!current_provider) { provider = ap_lookup_provider(AUTHN_PROVIDER_GROUP, AUTHN_DEFAULT_PROVIDER, "0"); + + if (!provider || !provider->get_realm_hash) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "No Authn provider configured"); + auth_result = AUTH_GENERAL_ERROR; + break; + } } else { provider = current_provider->provider; -- 2.40.0