Bug 21533 - Multiple levels of htacces files can cause mod_auth_digest to Crash
Summary: Multiple levels of htacces files can cause mod_auth_digest to Crash
Status: ASSIGNED
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_auth_digest (show other bugs)
Version: 2.0-HEAD
Hardware: PC All
: P3 critical with 3 votes (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-07-11 22:28 UTC by Björn Wiberg
Modified: 2008-10-19 23:39 UTC (History)
1 user (show)



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Björn Wiberg 2003-07-11 22:28:41 UTC
When using Digest authentication along with .htaccess files, where the
DocumentRoot contains an .htaccess file with "AuthDigestGroupFile" and "Require
valid-user" directives, and some subdirectories contain .htaccess files with a
"Require group testgroup" directive, Apache may crash when trying to access
those group-restricted directories or the index of a directory directly above
those IF the authenticated username does NOT appear among the usernames of that
group in the AuthDigestGroupFile file.

Example:

* User to log in as "foo".
* Group "testgroup" in AuthDigestGroupFile does NOT contain the user "foo".

DocumentRoot
     | .htaccess with "AuthDigestGroupFile", "Require valid-user"
     |
     +-Files
         |
         +-Unrestricted
         | 
         +-Restricted
               | .htaccess with "Require group testgroup"
               | Restricted files go here
               .
               .
               .

In this example, the user may log in as "foo" using digest authentication and
access the DocumentRoot. However, as soon as he/she accesses the "Files"
directory (mod_autoindex is on), Apache crashes.

Under normal circumstances, mod_autoindex should list the subdirectory
"Unrestricted" (only), since there is no .htaccess in that directory - and more
important - there is an .htaccess in the "Restricted" directory, requiring the
user to be part of the group "testgroup" (which "foo" is not).


I've spent quite some time experimenting with this, but still haven't figured
out why this happens. To make things worse, it doesn't happen for all "examples"
I've tried.

The only consistent behavior I managed to track was that if the user "foo" DOES
appear in the group file as a member of the "testgroup" group, everything works
just fine. As soon as "foo" is removed from the group, no matter if there are
other users left in the group or not, the problem appears.

The problem also appears if the required group does not exist in the
AuthDigestGroupFile file, no matter if other groups appear in the
AuthDigestGroupFile file or not.


My name-based virtual host configuration contains the following for the
DocumentRoot:

  AllowOverride AuthConfig Indexes Limit
  Options Indexes MultiViews


The DocumentRoot directory contains an .htaccess file with:

  AuthType Digest
  AuthName "myserver.dyndns.org"
  AuthDigestDomain /
  AuthDigestFile "custom/auth/.htdigest.pwd"
  AuthDigestGroupFile "custom/auth/.htdigest.group"
  Require valid-user

  Order Allow,Deny
  Allow from all

  Satisfy All


The "Restricted" directory in the example contains an .htaccess file with:

  # Require user to be part of group "testgroup"
  Require group testgroup


The Apache error log states that it denied the client access, just before Apache
crashed:

[Sat Jul 12 00:11:56 2003] [error] [client xx.xxx.xxx.xxx] Digest: access to
/Files/Restricted/ failed, reason: user foo not allowed access, referer:
http://myserver.dyndns.org/

On the client side, the connection of course hangs since Apache crashes.


The crash information given by Dr. Watson on my Swedish Windows XP Professional
SP-1 v5.1.2600 is (sorry for the long listing):

szAppName : Apache.exe     szAppVer : 2.0.47.0     
szModName : mod_auth_digest.so     szModVer : 2.0.47.0     offset : 0000259d

[appcompat.txt]
<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="Apache.exe" FILTER="GRABMI_FILTER_PRIVACY">
    <MATCHING_FILE NAME="ab.exe" SIZE="65601" CHECKSUM="0xF5F7BB53"
BIN_FILE_VERSION="2.0.47.0" BIN_PRODUCT_VERSION="2.0.47.0"
PRODUCT_VERSION="2.0.47" FILE_DESCRIPTION="ApacheBench Utility"
COMPANY_NAME="Apache Software Foundation" PRODUCT_NAME="Apache HTTP Server"
FILE_VERSION="2.0.47" ORIGINAL_FILENAME="ab.exe.exe" INTERNAL_NAME="ab.exe"
LEGAL_COPYRIGHT="Copyright © 2000-2002 The Apache Software Foundation."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1"
MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0"
UPTO_BIN_FILE_VERSION="2.0.47.0" UPTO_BIN_PRODUCT_VERSION="2.0.47.0"
LINK_DATE="07/09/2003 04:57:39" UPTO_LINK_DATE="07/09/2003 04:57:39"
VER_LANGUAGE="Engelska (USA) [0x409]" />
    <MATCHING_FILE NAME="Apache.exe" SIZE="20541" CHECKSUM="0xBD1E49DF"
BIN_FILE_VERSION="2.0.47.0" BIN_PRODUCT_VERSION="2.0.47.0"
PRODUCT_VERSION="2.0.47" FILE_DESCRIPTION="Apache HTTP Server"
COMPANY_NAME="Apache Software Foundation" PRODUCT_NAME="Apache HTTP Server"
FILE_VERSION="2.0.47" ORIGINAL_FILENAME="Apache.exe.exe"
INTERNAL_NAME="Apache.exe" LEGAL_COPYRIGHT="Copyright © 2000-2002 The Apache
Software Foundation." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0"
LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.47.0"
UPTO_BIN_PRODUCT_VERSION="2.0.47.0" LINK_DATE="07/09/2003 05:02:14"
UPTO_LINK_DATE="07/09/2003 05:02:14" VER_LANGUAGE="Engelska (USA) [0x409]" />
    <MATCHING_FILE NAME="ApacheMonitor.exe" SIZE="41042" CHECKSUM="0xC8BD35DD"
BIN_FILE_VERSION="2.0.47.0" BIN_PRODUCT_VERSION="2.0.47.0"
PRODUCT_VERSION="2.0.47" FILE_DESCRIPTION="Apache HTTP Server Monitor"
COMPANY_NAME="Apache Software Foundation" PRODUCT_NAME="Apache HTTP Server"
FILE_VERSION="2.0.47" ORIGINAL_FILENAME="ApacheMonitor.exe.exe"
INTERNAL_NAME="ApacheMonitor.exe" LEGAL_COPYRIGHT="Copyright © 2000-2002 The
Apache Software Foundation." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0"
LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.47.0"
UPTO_BIN_PRODUCT_VERSION="2.0.47.0" LINK_DATE="07/09/2003 04:57:46"
UPTO_LINK_DATE="07/09/2003 04:57:46" VER_LANGUAGE="Engelska (USA) [0x409]" />
    <MATCHING_FILE NAME="htdbm.exe" SIZE="77892" CHECKSUM="0x8BBD3D38"
BIN_FILE_VERSION="2.0.47.0" BIN_PRODUCT_VERSION="2.0.47.0"
PRODUCT_VERSION="2.0.47" FILE_DESCRIPTION="htdbm Utility" COMPANY_NAME="Apache
Software Foundation" PRODUCT_NAME="Apache HTTP Server" FILE_VERSION="2.0.47"
ORIGINAL_FILENAME="htdbm.exe.exe" INTERNAL_NAME="htdbm.exe"
LEGAL_COPYRIGHT="Copyright © 2000-2002 The Apache Software Foundation."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1"
MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0"
UPTO_BIN_FILE_VERSION="2.0.47.0" UPTO_BIN_PRODUCT_VERSION="2.0.47.0"
LINK_DATE="07/09/2003 04:57:40" UPTO_LINK_DATE="07/09/2003 04:57:40"
VER_LANGUAGE="Engelska (USA) [0x409]" />
    <MATCHING_FILE NAME="htdigest.exe" SIZE="65607" CHECKSUM="0x2D18206F"
BIN_FILE_VERSION="2.0.47.0" BIN_PRODUCT_VERSION="2.0.47.0"
PRODUCT_VERSION="2.0.47" FILE_DESCRIPTION="htdigest Utility"
COMPANY_NAME="Apache Software Foundation" PRODUCT_NAME="Apache HTTP Server"
FILE_VERSION="2.0.47" ORIGINAL_FILENAME="htdigest.exe.exe"
INTERNAL_NAME="htdigest.exe" LEGAL_COPYRIGHT="Copyright © 2000-2002 The Apache
Software Foundation." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0"
LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.47.0"
UPTO_BIN_PRODUCT_VERSION="2.0.47.0" LINK_DATE="07/09/2003 04:57:40"
UPTO_LINK_DATE="07/09/2003 04:57:40" VER_LANGUAGE="Engelska (USA) [0x409]" />
    <MATCHING_FILE NAME="htpasswd.exe" SIZE="73799" CHECKSUM="0xF2B639AE"
BIN_FILE_VERSION="2.0.47.0" BIN_PRODUCT_VERSION="2.0.47.0"
PRODUCT_VERSION="2.0.47" FILE_DESCRIPTION="htpasswd Utility"
COMPANY_NAME="Apache Software Foundation" PRODUCT_NAME="Apache HTTP Server"
FILE_VERSION="2.0.47" ORIGINAL_FILENAME="htpasswd.exe.exe"
INTERNAL_NAME="htpasswd.exe" LEGAL_COPYRIGHT="Copyright © 2000-2002 The Apache
Software Foundation." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0"
LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.47.0"
UPTO_BIN_PRODUCT_VERSION="2.0.47.0" LINK_DATE="07/09/2003 04:57:41"
UPTO_LINK_DATE="07/09/2003 04:57:41" VER_LANGUAGE="Engelska (USA) [0x409]" />
    <MATCHING_FILE NAME="libapr.dll" SIZE="122952" CHECKSUM="0x9971AC84"
BIN_FILE_VERSION="0.0.0.0" BIN_PRODUCT_VERSION="0.0.0.0"
PRODUCT_VERSION="0.0.0.0" FILE_DESCRIPTION="Apache Portability Runtime Library"
COMPANY_NAME="Apache Software Foundation" PRODUCT_NAME="Apache Portable Runtime"
FILE_VERSION="0.0.0.0" ORIGINAL_FILENAME="libapr.dll" INTERNAL_NAME="libapr"
LEGAL_COPYRIGHT="Copyright © 2000-2003 The Apache Software Foundation."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1"
MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0"
UPTO_BIN_FILE_VERSION="0.0.0.0" UPTO_BIN_PRODUCT_VERSION="0.0.0.0"
LINK_DATE="07/09/2003 04:53:02" UPTO_LINK_DATE="07/09/2003 04:53:02"
VER_LANGUAGE="Engelska (USA) [0x409]" />
    <MATCHING_FILE NAME="libapriconv.dll" SIZE="36947" CHECKSUM="0x9E006DC2"
BIN_FILE_VERSION="0.0.0.0" BIN_PRODUCT_VERSION="0.0.0.0"
PRODUCT_VERSION="0.0.0.0" FILE_DESCRIPTION="Apache APR I18N Conversion Library"
COMPANY_NAME="Apache Software Foundation" PRODUCT_NAME="Apache Portable Runtime"
FILE_VERSION="0.0.0.0" ORIGINAL_FILENAME="libapriconv.dll"
INTERNAL_NAME="libapriconv" LEGAL_COPYRIGHT="Copyright © 2000-2003 The Apache
Software Foundation." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0"
LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="0.0.0.0"
UPTO_BIN_PRODUCT_VERSION="0.0.0.0" LINK_DATE="07/09/2003 04:53:08"
UPTO_LINK_DATE="07/09/2003 04:53:08" VER_LANGUAGE="Engelska (USA) [0x409]" />
    <MATCHING_FILE NAME="libaprutil.dll" SIZE="168017" CHECKSUM="0x16072260"
BIN_FILE_VERSION="0.0.0.0" BIN_PRODUCT_VERSION="0.0.0.0"
PRODUCT_VERSION="0.0.0.0" FILE_DESCRIPTION="Apache APR Utility Library"
COMPANY_NAME="Apache Software Foundation" PRODUCT_NAME="Apache Portable Runtime"
FILE_VERSION="0.0.0.0" ORIGINAL_FILENAME="libaprutil.dll"
INTERNAL_NAME="libaprutil" LEGAL_COPYRIGHT="Copyright © 2000-2003 The Apache
Software Foundation." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0"
LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="0.0.0.0"
UPTO_BIN_PRODUCT_VERSION="0.0.0.0" LINK_DATE="07/09/2003 04:55:48"
UPTO_LINK_DATE="07/09/2003 04:55:48" VER_LANGUAGE="Engelska (USA) [0x409]" />
    <MATCHING_FILE NAME="libhttpd.dll" SIZE="249919" CHECKSUM="0x1C2F6C94"
BIN_FILE_VERSION="2.0.47.0" BIN_PRODUCT_VERSION="2.0.47.0"
PRODUCT_VERSION="2.0.47" FILE_DESCRIPTION="Apache HTTP Server Core"
COMPANY_NAME="Apache Software Foundation" PRODUCT_NAME="Apache HTTP Server"
FILE_VERSION="2.0.47" ORIGINAL_FILENAME="libhttpd.dll.exe"
INTERNAL_NAME="libhttpd.dll" LEGAL_COPYRIGHT="Copyright © 2000-2002 The Apache
Software Foundation." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0"
LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.47.0"
UPTO_BIN_PRODUCT_VERSION="2.0.47.0" LINK_DATE="07/09/2003 05:02:13"
UPTO_LINK_DATE="07/09/2003 05:02:13" VER_LANGUAGE="Engelska (USA) [0x409]" />
    <MATCHING_FILE NAME="logresolve.exe" SIZE="20553" CHECKSUM="0x5B12A316"
BIN_FILE_VERSION="2.0.47.0" BIN_PRODUCT_VERSION="2.0.47.0"
PRODUCT_VERSION="2.0.47" FILE_DESCRIPTION="logresolve Utility"
COMPANY_NAME="Apache Software Foundation" PRODUCT_NAME="Apache HTTP Server"
FILE_VERSION="2.0.47" ORIGINAL_FILENAME="logresolve.exe.exe"
INTERNAL_NAME="logresolve.exe" LEGAL_COPYRIGHT="Copyright © 2000-2002 The Apache
Software Foundation." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0"
LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.47.0"
UPTO_BIN_PRODUCT_VERSION="2.0.47.0" LINK_DATE="07/09/2003 04:57:42"
UPTO_LINK_DATE="07/09/2003 04:57:42" VER_LANGUAGE="Engelska (USA) [0x409]" />
    <MATCHING_FILE NAME="rotatelogs.exe" SIZE="41033" CHECKSUM="0x943B360E"
BIN_FILE_VERSION="2.0.47.0" BIN_PRODUCT_VERSION="2.0.47.0"
PRODUCT_VERSION="2.0.47" FILE_DESCRIPTION="rotatelogs Utility"
COMPANY_NAME="Apache Software Foundation" PRODUCT_NAME="Apache HTTP Server"
FILE_VERSION="2.0.47" ORIGINAL_FILENAME="rotatelogs.exe.exe"
INTERNAL_NAME="rotatelogs.exe" LEGAL_COPYRIGHT="Copyright © 2000-2002 The Apache
Software Foundation." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0"
LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.47.0"
UPTO_BIN_PRODUCT_VERSION="2.0.47.0" LINK_DATE="07/09/2003 04:57:42"
UPTO_LINK_DATE="07/09/2003 04:57:42" VER_LANGUAGE="Engelska (USA) [0x409]" />
    <MATCHING_FILE NAME="wintty.exe" SIZE="20555" CHECKSUM="0xCB14B75A"
BIN_FILE_VERSION="2.0.47.0" BIN_PRODUCT_VERSION="2.0.47.0"
PRODUCT_VERSION="2.0.47" FILE_DESCRIPTION="wintty Console Utility"
COMPANY_NAME="Apache Software Foundation" PRODUCT_NAME="Apache HTTP Server"
FILE_VERSION="2.0.47" ORIGINAL_FILENAME="wintty.exe.exe"
INTERNAL_NAME="wintty.exe" LEGAL_COPYRIGHT="Copyright © 2000-2002 The Apache
Software Foundation." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0"
LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.47.0"
UPTO_BIN_PRODUCT_VERSION="2.0.47.0" LINK_DATE="07/09/2003 04:57:46"
UPTO_LINK_DATE="07/09/2003 04:57:46" VER_LANGUAGE="Engelska (USA) [0x409]" />
</EXE>
<EXE NAME="kernel32.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
    <MATCHING_FILE NAME="kernel32.dll" SIZE="944128" CHECKSUM="0xE974D2BD"
BIN_FILE_VERSION="5.1.2600.1106" BIN_PRODUCT_VERSION="5.1.2600.1106"
PRODUCT_VERSION="5.1.2600.1106" FILE_DESCRIPTION="Klient-DLL för Windows NT BASE
API" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Operativsystemet
Microsoft® Windows® " FILE_VERSION="5.1.2600.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="©
Microsoft Corporation. Med ensamrätt." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xE818D"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1106"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1106" LINK_DATE="09/09/2002 21:06:43"
UPTO_LINK_DATE="09/09/2002 21:06:43" VER_LANGUAGE="Svenska [0x41d]" />
</EXE>
</DATABASE>

Please let me know if I can be of any further assistance. The temporary solution
for me is not to use the group feature of digest authentication... :-/

Best regards,
Björn
Comment 1 Kurt Miller 2003-08-08 19:00:44 UTC
This bug also exists in 1.3.28. I've encounterd it without using groups, just 
requre user in the sub-DocumentRoot will cause apache to crash. It occurs if 
the sub-DocumentRoot is restricted using .htaccess or via httpd.conf.

I've debugged this somewhat and found that it is related to FancyIndexing 
combined with auth digest. Here's a stack trace:

note_digest_auth_failure(request_rec * 0x00860dc0, const digest_config_struct * 
0x007c5e30, digest_header_struct * 0x00000000, int 0) line 1210 + 3 bytes
digest_check_auth(request_rec * 0x00860dc0) line 1861 + 33 bytes
run_method(request_rec * 0x00860dc0, int 7, int 0) line 370 + 7 bytes
ap_check_auth(request_rec * 0x00860dc0) line 427 + 17 bytes
ap_sub_req_lookup_file(const char * 0x00864f9e, const request_rec * 0x0085dad8) 
line 1027 + 186 bytes
make_autoindex_entry(char * 0x00864f9e, int 1, autoindex_config_struct * 
0x007b7478, request_rec * 0x0085dad8, char 78, char 65) line 1281 + 13 bytes
index_directory(request_rec * 0x0085dad8, autoindex_config_struct * 0x007b7478) 
line 1762 + 32 bytes
handle_autoindex(request_rec * 0x0085dad8) line 1822 + 13 bytes
ap_invoke_handler(request_rec * 0x0085dad8) line 518 + 10 bytes
process_request_internal(request_rec * 0x0085dad8) line 1324 + 9 bytes
ap_process_request(request_rec * 0x0085dad8) line 1340 + 9 bytes
child_sub_main(int 0) line 5992
child_main(int 0) line 6062 + 9 bytes
_threadstartex(void * 0x007f3a48) line 212 + 13 bytes
KERNEL32! 77e8b2d8()

note_digest_auth_failure bombs because the third parameter (digest_header_rec 
*resp) is null. Here's the call to note_digest_auth_failure from 
digest_check_auth:

    note_digest_auth_failure(r, conf,
	(digest_header_rec *) ap_get_module_config(r->request_config,
						   &digest_auth_module),
	0);

The third parameter is passed via ap_get_module_config which returns 0.

This is as far as I got. I don't know enough about  
apache/mod_autoindex/mod_auth_digest to suggest a patch. I do have some 
questions though. Why is FancyIndexing checking auth for sub directories while 
building the index for the parrent? If this this valid, why would 
mod_auth_digest log an error in this case? The user hasn't even selected the 
sub directory, but the log file records it like they did:

Digest: access to /webfolder/Kurt failed, reason: user kurt not allowed access

Hope this helps somewhat. I will help testing any proposed patches.

-Kurt
Comment 2 Björn Wiberg 2003-08-09 07:48:56 UTC
Hello Kurt!

Glad that someone else has encountered the same thing. Well, sort of. :-)

The reason for mod_autoindex to look for .htaccess files in subdirectories is to exclude those subdirectories from the directory listing if the user isn't allowed access to them; a pretty nice feature.

I have also noticed the "access failed" error messages in the error log, and they are somewhat annoying, although perhaps necessary to make things simple.
    
Basic authentication (instead of digest authentication) seems to work fine, though, without any crashes and with the intended functionality. That's my temporary solution until this bug gets fixed.

Best regards,
Björn
Comment 3 Kurt Miller 2003-08-11 03:49:39 UTC
I reviewed the 1.3.28 code some more and have a proposed patch (should I have 
opened a separate bug report for 1.3.28?). If I understand things correctly the 
following is happening... request_req.request_config is being intialized in 
update_nonce_count. update_nonce_count appears to be called when the client 
sends authorization records. Since the call to digest_check_auth is comming 
from mod_autoindex's call to ap_sub_req_lookup_file and not from a browser 
request with authorization records, update_nonce_count is not being called and 
thus request_config is not being initialized. 

The following patch assumes that if request_config is NULL then the call to 
digest_check_auth must be coming from a non user request. If this is not true 
then maybe another solution may be better. However, if the assumption is 
correct then we know when a call to digest_check_auth has been initiated not by 
a user, so we don't need to log and note the failure. 

--- mod_auth_digest.c.orig	Sat Feb 15 22:42:24 2003
+++ mod_auth_digest.c	Sun Aug 10 23:03:16 2003
@@ -1788,6 +1788,7 @@
     const digest_config_rec *conf =
 		(digest_config_rec *) ap_get_module_config(r->per_dir_config,
 							   &digest_auth_module);
+    digest_header_rec *resp;
     const char *user = r->connection->user;
     int m = r->method_number;
     int method_restricted = 0;
@@ -1851,15 +1852,21 @@
     if (!method_restricted)
 	return OK;
 
-    ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
-	"Digest: access to %s failed, reason: user %s not allowed access",
-	r->uri, user);
+	resp = (digest_header_rec *) ap_get_module_config(r->request_config,
+								  
&digest_auth_module);
 
-    note_digest_auth_failure(r, conf,
-	(digest_header_rec *) ap_get_module_config(r->request_config,
-						   &digest_auth_module),
-	0);
-    return AUTH_REQUIRED;
+	/* if there isn't a resp initalized then this check auth
+	didn't come from a user request (i.e. FancyIndexing) 
+	so don't log it */
+	if (resp != NULL) {
+		ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
+		"Digest: access to %s failed, reason: user %s not allowed 
access",
+		r->uri, user);
+
+		note_digest_auth_failure(r, conf, resp,	0);
+	}
+
+	return AUTH_REQUIRED;
 }

Please excuse any white space style errors, I wasn't sure what the style was 
from the existing code and didn't take the time to see if there was a published 
style for apache.

-Kurt
Comment 4 Björn Wiberg 2003-08-12 12:11:42 UTC
Changed severity according to classification recommendations ("crashes, loss of data, severe memory leak").