diff options
| -rw-r--r-- | CHANGES | 4 | ||||
| -rw-r--r-- | modules/aaa/mod_authn_core.c | 10 |
2 files changed, 13 insertions, 1 deletions
@@ -2,6 +2,10 @@ Changes with Apache 2.3.0 [ When backported to 2.2.x, remove entry from this file ] + *) mod_auth_core: Detect during startup when AuthDigestProvider + is configured to use an incompatible provider via AuthnProviderAlias. + PR 45196 [Eric Covener] + *) mod_session: Prevent a segfault when a CGI script sets a cookie with a null value. [David Shane Holden <dpejesh apache.org>] diff --git a/modules/aaa/mod_authn_core.c b/modules/aaa/mod_authn_core.c index 649f6c6f08..22dfeccbb9 100644 --- a/modules/aaa/mod_authn_core.c +++ b/modules/aaa/mod_authn_core.c @@ -181,6 +181,12 @@ static const authn_provider authn_alias_provider = &authn_alias_get_realm_hash, }; +static const authn_provider authn_alias_provider_nodigest = +{ + &authn_alias_check_password, + NULL, +}; + static const char *authaliassection(cmd_parms *cmd, void *mconfig, const char *arg) { int old_overrides = cmd->override; @@ -256,7 +262,9 @@ static const char *authaliassection(cmd_parms *cmd, void *mconfig, const char *a /* Register the fake provider so that we get called first */ ap_register_auth_provider(cmd->pool, AUTHN_PROVIDER_GROUP, provider_alias, AUTHN_PROVIDER_VERSION, - &authn_alias_provider, + provider->get_realm_hash ? + &authn_alias_provider : + &authn_alias_provider_nodigest, AP_AUTH_INTERNAL_PER_CONF); } |