From da9f328380ab06655a76f829b9e2f1342f999e4f Mon Sep 17 00:00:00 2001 From: =?utf8?q?Andr=C3=A9=20Malo?= Date: Tue, 11 Feb 2003 02:08:01 +0000 Subject: [PATCH] Do not use local paths for the domain parameter on non-unix systems. PR: 16937 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98610 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 3 +++ modules/aaa/mod_auth_digest.c | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 199031e6b1..56e6751c8b 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,9 @@ Changes with Apache 2.1.0-dev [Remove entries to the current 2.0 section below, when backported] + *) Fix mod_auth_digest not to use local paths for the domain parameter + on non-unix systems. PR 16937. [André Malo] + *) Let suexec send a message to stderr, if it failed or its policy was violated. This message appears in the error log and allows for easier debugging. PR 5381, 7638, 8255, 10773. [André Malo] diff --git a/modules/aaa/mod_auth_digest.c b/modules/aaa/mod_auth_digest.c index 50d0ac182d..9ca16f8244 100644 --- a/modules/aaa/mod_auth_digest.c +++ b/modules/aaa/mod_auth_digest.c @@ -1274,7 +1274,7 @@ static const char *guess_domain(apr_pool_t *p, const char *uri, * dummy uri - this is the only way to specify that the protection * space only covers a single uri. */ - if (dir[0] != '/') { + if (!ap_os_is_path_absolute(p, dir)) { /* This doesn't work for Amaya (ok, it's of arguable validity in * the first place), so just return the file name instead return "http://0.0.0.0/"; -- 2.50.1