mod_authn_socache: fix it to enable initialisation to work if configured (ab9d5d15) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

CHANGES

+4 −0

Original line number	Diff line number	Diff line
		@@ -137,6 +137,10 @@ Changes with Apache 2.3.15
		*) mod_deflate: Fix endless loop if first bucket is metadata. PR 51590.
		[Torsten Foertsch <torsten foertsch gmx net>]

		*) mod_authn_socache: Fix to work in .htaccess if not configured anywhere
		in httpd.conf, and introduce an AuthnCacheEnable directive.
		PR 51991 [Nick Kew]

		Changes with Apache 2.3.14

		*) mod_proxy_ajp: Improve trace logging. [Rainer Jung]

docs/manual/mod/mod_authn_socache.xml

+17 −0

Original line number	Diff line number	Diff line
		@@ -93,6 +93,23 @@ the load on backends</description>
		>r957072</a>, in which three authn providers are enabled for cacheing.</p>
		</section>

		<directivesynopsis>
		<name>AuthnCacheEnable</name>
		<description>Enable Authn caching configured anywhere</description>
		<syntax>AuthnCacheEnable</syntax>
		<contextlist><context>server config</context></contextlist>
		<override>None</override>

		<usage>
		<p>This directive is not normally necessary: it is implied if
		authentication cacheing is enabled anywhere in <var>httpd.conf</var>.
		However, if it is not enabled anywhere in <var>httpd.conf</var>
		it will by default not be initialised, and is therefore not
		available in a <var>.htaccess</var> context. This directive
		ensures it is initialised so it can be used in <var>.htaccess</var>.</p>
		</usage>
		</directivesynopsis>

		<directivesynopsis>
		<name>AuthnCacheSOCache</name>
		<description>Select socache backend provider to use</description>

modules/aaa/mod_authn_socache.c

+12 −3

Original line number	Diff line number	Diff line
		@@ -151,6 +151,13 @@ static const char authn_cache_socache(cmd_parms cmd, void *CFG,
		return errmsg;
		}

		static const char authn_cache_enable(cmd_parms cmd, void *CFG)
		{
		const char *errmsg = ap_check_cmd_context(cmd, GLOBAL_ONLY);
		configured = 1;
		return errmsg;
		}

		static const char *const directory = "directory";
		static void* authn_cache_dircfg_create(apr_pool_t pool, char s)
		{
		@@ -205,6 +212,8 @@ static const command_rec authn_cache_cmds[] =
		/* global stuff: cache and mutex */
		AP_INIT_TAKE1("AuthnCacheSOCache", authn_cache_socache, NULL, RSRC_CONF,
		"socache provider for authn cache"),
		AP_INIT_NO_ARGS("AuthnCacheEnable", authn_cache_enable, NULL, RSRC_CONF,
		"enable socache configuration in htaccess even if not enabled anywhere else"),
		/* per-dir stuff */
		AP_INIT_ITERATE("AuthnCacheProvideFor", authn_cache_setprovider, NULL,
		OR_AUTHCFG, "Determine what authn providers to cache for"),
		@@ -250,7 +259,7 @@ static void ap_authn_cache_store(request_rec r, const char module,

		/* first check whether we're cacheing for this module */
		dcfg = ap_get_module_config(r->per_dir_config, &authn_socache_module);
		if (!dcfg->providers) {
		if (!configured \|\| !dcfg->providers) {
		return;
		}
		for (i = 0; i < dcfg->providers->nelts; ++i) {
		@@ -327,7 +336,7 @@ static authn_status check_password(request_rec r, const char user,
		unsigned char val[MAX_VAL_LEN];
		unsigned int vallen = MAX_VAL_LEN - 1;
		dcfg = ap_get_module_config(r->per_dir_config, &authn_socache_module);
		if (!dcfg->providers) {
		if (!configured \|\| !dcfg->providers) {
		return AUTH_USER_NOT_FOUND;
		}
		key = construct_key(r, dcfg->context, user, NULL);
		@@ -372,7 +381,7 @@ static authn_status get_realm_hash(request_rec r, const char user,
		unsigned char val[MAX_VAL_LEN];
		unsigned int vallen = MAX_VAL_LEN - 1;
		dcfg = ap_get_module_config(r->per_dir_config, &authn_socache_module);
		if (!dcfg->providers) {
		if (!configured \|\| !dcfg->providers) {
		return AUTH_USER_NOT_FOUND;
		}
		key = construct_key(r, dcfg->context, user, realm);