From e0fa49f8651195a7c386d47fb02730be7dae140c Mon Sep 17 00:00:00 2001 From: Jim Jagielski Date: Tue, 10 Jul 2012 14:14:11 +0000 Subject: [PATCH] Merge r1311183 from trunk: Fix parsing of Require arguments in . Add some logging and an assert for a case that should not happen. PR: 53048 Submitted by: sf Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1359691 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 3 +++ STATUS | 6 ------ modules/aaa/mod_authz_core.c | 16 ++++++++++++++++ 3 files changed, 19 insertions(+), 6 deletions(-) diff --git a/CHANGES b/CHANGES index 718471340c..7ac818f790 100644 --- a/CHANGES +++ b/CHANGES @@ -8,6 +8,9 @@ Changes with Apache 2.4.3 possible XSS for a site where untrusted users can upload files to a location with MultiViews enabled. [Niels Heinen ] + *) mod_authz_core: Fix parsing of Require arguments in . + PR 53048. [Stefan Fritsch] + *) mod_log_config: Fix %{abc}C truncating cookie values at first "=". PR 53104. [Greg Ames] diff --git a/STATUS b/STATUS index bd5acd3e37..58629a06ef 100644 --- a/STATUS +++ b/STATUS @@ -88,12 +88,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - * mod_authz_core: Fix parsing of Require arguments in . - Add some logging and an assert for a case that should not happen. - PR: 53048 - Trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1311183 - 2.4 patch: Trunk patch works - +1: sf, covener, jim PATCHES PROPOSED TO BACKPORT FROM TRUNK: diff --git a/modules/aaa/mod_authz_core.c b/modules/aaa/mod_authz_core.c index fb286e20a2..dc116696ae 100644 --- a/modules/aaa/mod_authz_core.c +++ b/modules/aaa/mod_authz_core.c @@ -221,6 +221,14 @@ static authz_status authz_alias_check_authorization(request_rec *r, r->per_dir_config = orig_dir_config; } + else { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02305) + "no alias provider found for '%s' (BUG?)", + provider_name); + } + } + else { + ap_assert(provider_name != NULL); } return ret; @@ -305,6 +313,14 @@ static const char *authz_require_alias_section(cmd_parms *cmd, void *mconfig, "Unknown Authz provider: %s", provider_name); } + if (prvdraliasrec->provider->parse_require_line) { + const char *err = prvdraliasrec->provider->parse_require_line(cmd, + provider_args, &prvdraliasrec->provider_parsed_args); + if (err) + return apr_psprintf(cmd->pool, + "Can't parse 'Require %s %s': %s", + provider_name, provider_args, err); + } authcfg = ap_get_module_config(cmd->server->module_config, &authz_core_module); -- 2.40.0