ASF Bugzilla – Attachment 14836 Details for
Bug 31418
SSLUserName is not usable by other modules
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch against 2.0.54 to implement a working SSLUserName feature.
ssl.patch (text/plain), 3.54 KB, created by
Henning Schmiedehausen
on 2005-04-26 01:26:45 UTC
(
hide
)
Description:
Patch against 2.0.54 to implement a working SSLUserName feature.
Filename:
MIME Type:
Creator:
Henning Schmiedehausen
Created:
2005-04-26 01:26:45 UTC
Size:
3.54 KB
patch
obsolete
>diff -urb httpd-2.0.54/modules/ssl/mod_ssl.c httpd-2.0.54.p/modules/ssl/mod_ssl.c >--- httpd-2.0.54/modules/ssl/mod_ssl.c 2005-02-04 21:21:18.000000000 +0100 >+++ httpd-2.0.54.p/modules/ssl/mod_ssl.c 2005-04-26 01:14:14.000000000 +0200 >@@ -402,6 +402,7 @@ > ap_hook_translate_name(ssl_hook_Translate, NULL,NULL, APR_HOOK_MIDDLE); > ap_hook_check_user_id (ssl_hook_UserCheck, NULL,NULL, APR_HOOK_FIRST); > ap_hook_fixups (ssl_hook_Fixup, NULL,NULL, APR_HOOK_MIDDLE); >+ ap_hook_access_checker(ssl_hook_Username, NULL,NULL, APR_HOOK_FIRST); > ap_hook_access_checker(ssl_hook_Access, NULL,NULL, APR_HOOK_MIDDLE); > ap_hook_auth_checker (ssl_hook_Auth, NULL,NULL, APR_HOOK_MIDDLE); > ap_hook_post_read_request(ssl_hook_ReadReq, NULL,NULL, APR_HOOK_MIDDLE); >diff -urb httpd-2.0.54/modules/ssl/mod_ssl.h httpd-2.0.54.p/modules/ssl/mod_ssl.h >--- httpd-2.0.54/modules/ssl/mod_ssl.h 2005-02-04 21:21:18.000000000 +0100 >+++ httpd-2.0.54.p/modules/ssl/mod_ssl.h 2005-04-26 01:14:14.000000000 +0200 >@@ -573,6 +573,7 @@ > int ssl_hook_Translate(request_rec *); > int ssl_hook_Auth(request_rec *); > int ssl_hook_UserCheck(request_rec *); >+int ssl_hook_Username(request_rec *); > int ssl_hook_Access(request_rec *); > int ssl_hook_Fixup(request_rec *); > int ssl_hook_ReadReq(request_rec *); >diff -urb httpd-2.0.54/modules/ssl/ssl_engine_kernel.c httpd-2.0.54.p/modules/ssl/ssl_engine_kernel.c >--- httpd-2.0.54/modules/ssl/ssl_engine_kernel.c 2005-03-29 10:44:31.000000000 +0200 >+++ httpd-2.0.54.p/modules/ssl/ssl_engine_kernel.c 2005-04-26 01:14:14.000000000 +0200 >@@ -160,6 +160,32 @@ > return DECLINED; > } > >+int ssl_hook_Username(request_rec *r) >+{ >+ SSLDirConfigRec *dc = myDirConfig(r); >+ >+ /* If we're trying to have the user name set from a client >+ * certificate then we need to set it here. This should be safe as >+ * the user name probably isn't important from an auth checking point >+ * of view as the certificate supplied acts in that capacity. >+ * However, if FakeAuth is being used then this isn't the case so >+ * we need to postpone setting the username until later. >+ */ >+ if ((dc->nOptions & SSL_OPT_FAKEBASICAUTH) == 0 && dc->szUserName) { >+ char *val = ssl_var_lookup(r->pool, r->server, r->connection, >+ r, (char *)dc->szUserName); >+ if (val && val[0]) { >+ r->user = val; >+ >+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, >+ "Setting Username to -%s- from SSLUserName directive using %s", r->user, dc->szUserName); >+ } >+ } >+ >+ // We never actually do anything, we just set the username field. >+ return DECLINED; >+} >+ > /* > * Access Handler > */ >@@ -737,20 +763,6 @@ > } > } > >- /* If we're trying to have the user name set from a client >- * certificate then we need to set it here. This should be safe as >- * the user name probably isn't important from an auth checking point >- * of view as the certificate supplied acts in that capacity. >- * However, if FakeAuth is being used then this isn't the case so >- * we need to postpone setting the username until later. >- */ >- if ((dc->nOptions & SSL_OPT_FAKEBASICAUTH) == 0 && dc->szUserName) { >- char *val = ssl_var_lookup(r->pool, r->server, r->connection, >- r, (char *)dc->szUserName); >- if (val && val[0]) >- r->user = val; >- } >- > /* > * Check SSLRequire boolean expressions > */
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 31418
: 14836 |
17052