ap_hook_auth_checker(check_user_access, aszPre, NULL, APR_HOOK_MIDDLE);
0x004a40da in strcmp () from /lib/tls/libc.so.6(gdb) back #0 0x004a40da in strcmp () from /lib/tls/libc.so.6 #1 0x08081386 in check_user_access (r=0x9bc7820) at mod_authz_groupfile.c:134 #2 0x0807405a in ap_run_auth_checker (r=0x9bc7820) at request.c:78 #3 0x08075cb8 in ap_process_request_internal (r=0x9bc7820) at request.c:226 #4 0x080b1609 in ap_process_request (r=0x9bc7820) at http_request.c:256 #5 0x080af2b1 in ap_process_http_connection (c=0x9bbd678) at http_core.c:184 #6 0x0807d6be in ap_run_process_connection (c=0x9bbd678) at connection.c:43 #7 0x080c8b63 in child_main (child_num_arg=Variable "child_num_arg" is not available.) at prefork.c:640 #8 0x080c8d9a in make_child (s=Variable "s" is not available.) at prefork.c:736 #9 0x080c8e28 in startup_children (number_to_start=2) at prefork.c:754 #10 0x080c9673 in ap_mpm_run (_pconf=0x99c00a8, plog=0x9a0c1d8, s=0x99c7ce8) at prefork.c:975 #11 0x080683d4 in main (argc=2, argv=0xbfe31674) at main.c:717(gdb)
Should this be a ap_hook_check_user_id instead of ap_hook_auth_checker.. Based on the comment on line 309 on mod_authz_host.c I'd say it does but I'm really not sure when it comes to apache guts: /* This can be access checker since we don't require r->user to be set. */
(In reply to comment #2) > Should this be a ap_hook_check_user_id instead of ap_hook_auth_checker.. No. The check_user_id hook is for authentication. mod_authz_groupfile performs authorization. Therefore it needs to be in the auth_checker hook. Furthermore it can only do its job in a meaningful manner if r->user is set (that does not mean that it should crash if r->user is NULL). Could you please provide the configuration that causes this crash? This could be helpful for reproducing the crash.
Created attachment 20567 [details] Sample .htaccess file
Created attachment 20568 [details] sample module that make condition apparent.
The module has been stripped down the the bare minimum needed to make the condition happen. To reproduce /usr/local/apache/bin/apxs -c mod_bug.c /usr/local/apache/bin/apxs -i -a -n bug mod_bug.la Visit site with .htaccess (attached) installed ... make sure you have a group file with anything it in. [Mon Jul 30 15:08:35 2007] [error] [client 198.66.78.2] wait for it [Mon Jul 30 15:08:35 2007] [notice] child pid 18505 exit signal Segmentation fault (11)
Please provide a configuration that makes this problem reproducible with a vanilla apache. If this only occurs with third party modules it is a bug in the third party module even if mod_authz_group should not seg fault. An authentication module should set r->user.
Its pretty easy to work around by setting r->user but in this case I'm just making up a value to keep it from crashing. (r->user = "********") It really would be nice to not have this hack though.
I've just added an extra check in trunk - if your authn returns OK without setting r->user it'll log an error and return 500. Won't propose this for backport to 2.2.