https://issues.apache.org/bugzilla/show_bug.cgi?id=56230
Bug ID: 56230
Summary: mod_access_compat can log a bogus client denied
message
Product: Apache httpd-2
Version: 2.4.7
Hardware: PC
OS: Mac OS X 10.4
Status: NEW
Severity: normal
Priority: P2
Component: mod_access_compat
Assignee: [email protected]
Reporter: [email protected]
If a "Satisfy Any" directive is used with mod_access_compat, it will always log
a client denied message based on the access directives ignoring the possibility
that the client was permitted via the other authentication methods.
Looking at the code that was split from mod_authz_hosts into mod_access_compat,
it seems that some of the checks to skip the log message in this case were lost
in the move:
Old code:
http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/aaa/mod_authz_host.c?revision=667776&view=markup#l309
New code:
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_access_compat.c?revision=1463056&view=markup#l348
I re-added the other two components of the if statement and the message went
away.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
