DO NOT REPLY [Bug 51991] New: Mod_authn_socache seg faults when configured from .htaccess

Fri, 07 Oct 2011 07:38:29 -0700 

https://issues.apache.org/bugzilla/show_bug.cgi?id=51991

             Bug #: 51991
           Summary: Mod_authn_socache seg faults when configured from
                    .htaccess
           Product: Apache httpd-2
           Version: 2.3.12-beta
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: major
          Priority: P2
         Component: mod_authn_socache
        AssignedTo: [email protected]
        ReportedBy: [email protected]
    Classification: Unclassified


First this is 2.3.14-beta, which wasn't an option on the Version select.

I was trying to modify an authentication module I maintain to work with
mod_authn_socache, and set up a test directory with a .htaccess file. Apache
seg faulted every time I hit the directory. Eventually, I took my module out
and tried mod_authn_file instead, using the .htaccess file below:

AuthType Basic
AuthName "This is a test"
AuthBasicProvider socache file
AuthUserFile /home/jan/apache2.3/htdocs/mae2/htpasswd
AuthnCacheProvideFor file
Require valid-user

Still crashed. So, huh, maybe not my module at fault? Looked at it under gdb.
It was crashing because mod_authn_socache's check_password() function was
calling

   rv = socache_provider->retrieve(socache_instance, r->server,
                                    (unsigned char*)key, strlen(key),
                                    val, &vallen, r->pool);

while socache_instance was NULL. This looks like it is supposed to be
initialized from the authn_cache_post_config() function which is called on the
"post_config" hook. Well, yeah, but I have the vague idea that that occurs only
after reading the server config, not after reading .htaccess. So since I had no
AuthnCacheProvideFor directives in the server config, it wouldn't initialize at
that time. It doesn't encounter the AuthnCacheProvideFor directives in my
.htaccess file until later.

So I took the configuration directives out of my .htaccess file, and stuck them
in a <Directory> block in httpd.conf.  No more segmentation fault.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to