Bug 59039 (DynamicAuthName)

Summary: Digest AuthName not working as expected.
Product: Apache httpd-2 Reporter: Neil <bugs>
Component: CoreAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: RESOLVED FIXED    
Severity: normal Keywords: FixedInTrunk
Priority: P2    
Version: 2.5-HEAD   
Target Milestone: ---   
Hardware: PC   
OS: Linux   
Attachments: My Virtual host test configuration.

Description Neil 2016-02-21 19:29:09 UTC
Created attachment 33579 [details]
My Virtual host test configuration.

I am using the latest code checked out by svn on 22-feb-2016 

# apachectl -V
Server version: Apache/2.5.0-dev (Unix)
Server built:   Feb 22 2016 05:32:38
Server's Module Magic Number: 20150222:12
Server loaded:  APR 2.0.0-dev, PCRE 8.35 2014-04-04
Compiled using: APR 2.0.0-dev, PCRE 8.35 2014-04-04
Architecture:   64-bit
Server MPM:     event
  threaded:     yes (fixed thread count)
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/usr/local/apache2"
 -D SUEXEC_BIN="/usr/local/apache2/bin/suexec"
 -D DEFAULT_PIDLOG="httpd.pid"
 -D DEFAULT_SCOREBOARD="apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

When I try to access via the URL "http://joe.test/phpinfo.php" the browser login shows the name "joe.test" as expected.  

But I always get the error:
[auth_digest:error] [pid 23131:tid 140076818339584] [client 10.8.0.216:58058] AH01788: realm mismatch - got `joe.test' but expected `%{HTTP_HOST}'

But if I manually set 
AuthName "joe.test"
Everything works fine.

What I think is happening is that the "AuthName" is getting translated for the dialog, but this translation is not being used for the error checking for the reply from the login dialog.

It doesn't appear to be anything with the database as it errors before doing the database query.  And the manually set AuthName does work.
Comment 1 Eric Covener 2016-02-21 21:50:52 UTC
untested, but this tries to turn off the "caching" of the realm in mod_auth_digest:
http://people.apache.org/~covener/patches/digest.diff
Comment 2 Neil 2016-02-22 15:13:28 UTC
(In reply to Eric Covener from comment #1)
> untested, but this tries to turn off the "caching" of the realm in
> mod_auth_digest:
> http://people.apache.org/~covener/patches/digest.diff

This patch worked.  I can now authenticate with no problems.
Comment 3 Eric Covener 2016-02-22 15:33:01 UTC
Thanks for reporting and testing