Can someone respond to this guy?
---------- Forwarded message ----------
Date: Fri Oct 13 17:50:27 1995
From: chris@nrdev.com
To: cliff@organic.com
Subject: WWW Form Bug Report: "if no 'requires' in limit with auth in affect, get bad server response" on Solaris 2.x
Submitter: chris@nrdev.com
Operating system: Solaris 2.x, version:
Extra Modules used:
URL exhibiting problem:
Symptoms:
--
this may simply highlight a need for stronger access.conf parsing, or it's a bug - i don't know what 'the spec' states... if i have (note that the 'require' statement is commented out): <Directory /opt/apache/httpd/htdocs/special> Options Indexes FollowSymLinks MultiViews <Limit GET> order allow,deny allow from all #require valid-user </Limit> AuthName NetRunner Special Stuff AuthType Basic AuthUserFile /opt/apache/httpd/conf/htpasswd AuthGroupFile /opt/apache/httpd/conf/htgroup AllowOverride All </Directory> the server returns a document with no data (with netscape) or it crashes (with a client that i am writing). the crash is in mod_auth.c:check_user_access(). variable reqs_arr is NULL, but is ref'd in a subsequent statement. seems like one of two things should happen in this case: 1) during parsing of access.conf, fail because 'require' is missing 2) assume 'require valid_user' if require is missing but Auth* is there.
--
Backtrace:
--
--
---------- Forwarded message ----------
Date: Fri Oct 13 17:50:27 1995
From: chris@nrdev.com
To: cliff@organic.com
Subject: WWW Form Bug Report: "if no 'requires' in limit with auth in affect, get bad server response" on Solaris 2.x
Submitter: chris@nrdev.com
Operating system: Solaris 2.x, version:
Extra Modules used:
URL exhibiting problem:
Symptoms:
--
this may simply highlight a need for stronger access.conf parsing, or it's a bug - i don't know what 'the spec' states... if i have (note that the 'require' statement is commented out): <Directory /opt/apache/httpd/htdocs/special> Options Indexes FollowSymLinks MultiViews <Limit GET> order allow,deny allow from all #require valid-user </Limit> AuthName NetRunner Special Stuff AuthType Basic AuthUserFile /opt/apache/httpd/conf/htpasswd AuthGroupFile /opt/apache/httpd/conf/htgroup AllowOverride All </Directory> the server returns a document with no data (with netscape) or it crashes (with a client that i am writing). the crash is in mod_auth.c:check_user_access(). variable reqs_arr is NULL, but is ref'd in a subsequent statement. seems like one of two things should happen in this case: 1) during parsing of access.conf, fail because 'require' is missing 2) assume 'require valid_user' if require is missing but Auth* is there.
--
Backtrace:
--
--