rpms / mod_auth_mellon

Clone
Source Code
GIT

Blame enabled_in_check_uid.patch

f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 main rawhide
  1.   272e9842cb63cd765a07822d003e3641b6c3059b
  2.   enabled_in_check_uid.patch
Blob History Raw
272e984 
commit 912aa852ebd78577f59cf7958c709acea98ace4c
272e984 
Author: John Dennis <jdennis@redhat.com>
272e984 
Date:   Fri Apr 8 09:01:22 2016 -0400
272e984
272e984 
    am_check_uid() should be no-op if mellon not enabled
272e984
272e984 
    mod_auth_mellon was interferring with other Apache authentication
272e984 
    modules (e.g. mod_auth_kerb) because when the Apache check_user_id
272e984 
    hook ran the logic in am_check_uid would execute even if mellon was
272e984 
    not enabled for the location. This short circuited the hook execution
272e984 
    and never allowed the authentication enabled for the location to
272e984 
    execute. It resulted in HTTP_UNAUTHORIZED being returned with the
272e984 
    client then expecting a WWW-Authenticate header field causing the
272e984 
    client to attempt to authenticate again.
272e984
272e984 
    Signed-off-by: John Dennis <jdennis@redhat.com>
272e984
272e984 
diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c
272e984 
index a72e1ca..864396f 100644
272e984 
--- a/auth_mellon_handler.c
272e984 
+++ b/auth_mellon_handler.c
272e984 
@@ -3625,6 +3625,12 @@ int am_check_uid(request_rec *r)
272e984 
         return OK;
272e984 
     }
272e984
272e984 
+    /* Check that the user has enabled authentication for this directory. */
272e984 
+    if(dir->enable_mellon == am_enable_off
272e984 
+       || dir->enable_mellon == am_enable_default) {
272e984 
+	return DECLINED;
272e984 
+    }
272e984 
+
272e984 
 #ifdef HAVE_ECP
272e984 
     am_req_cfg_rec *req_cfg = am_get_req_cfg(r);
272e984 
     if (req_cfg->ecp_authn_req) {
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.