rpms / mod_auth_mellon

Clone
Source Code
GIT

Blame enabled_in_check_uid.patch

f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 main rawhide
  1.   39008712badb35adaac7fad18c612bf05b3cc086
  2.   enabled_in_check_uid.patch
Blob History Raw
12b3161 
commit 912aa852ebd78577f59cf7958c709acea98ace4c
12b3161 
Author: John Dennis <jdennis@redhat.com>
12b3161 
Date:   Fri Apr 8 09:01:22 2016 -0400
12b3161
12b3161 
    am_check_uid() should be no-op if mellon not enabled
12b3161
12b3161 
    mod_auth_mellon was interferring with other Apache authentication
12b3161 
    modules (e.g. mod_auth_kerb) because when the Apache check_user_id
12b3161 
    hook ran the logic in am_check_uid would execute even if mellon was
12b3161 
    not enabled for the location. This short circuited the hook execution
12b3161 
    and never allowed the authentication enabled for the location to
12b3161 
    execute. It resulted in HTTP_UNAUTHORIZED being returned with the
12b3161 
    client then expecting a WWW-Authenticate header field causing the
12b3161 
    client to attempt to authenticate again.
12b3161
12b3161 
    Signed-off-by: John Dennis <jdennis@redhat.com>
12b3161
12b3161 
diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c
12b3161 
index a72e1ca..864396f 100644
12b3161 
--- a/auth_mellon_handler.c
12b3161 
+++ b/auth_mellon_handler.c
12b3161 
@@ -3625,6 +3625,12 @@ int am_check_uid(request_rec *r)
12b3161 
         return OK;
12b3161 
     }
12b3161
12b3161 
+    /* Check that the user has enabled authentication for this directory. */
12b3161 
+    if(dir->enable_mellon == am_enable_off
12b3161 
+       || dir->enable_mellon == am_enable_default) {
12b3161 
+	return DECLINED;
12b3161 
+    }
12b3161 
+
12b3161 
 #ifdef HAVE_ECP
12b3161 
     am_req_cfg_rec *req_cfg = am_get_req_cfg(r);
12b3161 
     if (req_cfg->ecp_authn_req) {
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.