if ((rv = check_mysql_auth_require(user, t, r)) != HTTP_UNAUTHORIZED) { return rv; }
If I apply the included patch to 4.3.8-1, everything seems to work fine. All the changes after this are what breaks the "require group" function. I hope that helps a little. This patch should apply cleanly to 4.3.8-1 and includes all the changes added by 4.3.9-2 (except the "check_mysql_auth_require" change).
Best Regards,
--- libapache-mod-auth-mysql-4.3.8-orig/mod_auth_mysql.c 2005-03-11 06:14:49.000000000 -0800 +++ libapache-mod-auth-mysql-4.3.8/mod_auth_mysql.c 2005-03-11 06:09:53.000000000 -0800 @@ -21,7 +21,7 @@ * SHA1 hash support */ -#define AUTH_MYSQL_VERSION "4.3.8-1" +#define AUTH_MYSQL_VERSION "4.3.9-2" #include "config.h" @@ -149,23 +149,21 @@ static char *md5_hex_hash(const char *pass) { -#ifdef APACHE2 - apr_md5_ctx_t ct; -#else - AP_MD5_CTX ct; -#endif unsigned char hash[16]; /* This makes this function *very* specialised. Change this to * use dynamic memory if you want to reuse it somewhere else */ static char real_hash[33]; int i; #ifdef APACHE2 + apr_md5_ctx_t ct; + apr_md5_init(&ct); apr_md5_update(&ct, pass, strlen(pass)); apr_md5_final(hash, &ct); -#else +#else + AP_MD5_CTX ct; + ap_MD5Init(&ct); - ap_MD5Update(&ct, pass, strlen(pass)); ap_MD5Final(hash, &ct); #endif @@ -190,29 +188,26 @@ static char *sha1_hex_hash(const char *passwd) { -#ifdef APACHE2 - apr_sha1_ctx_t ct; - char hash[APR_SHA1_DIGESTSIZE]; - static char real_hash[APR_SHA1_DIGESTSIZE * 2 + 1]; -#else - AP_SHA1_CTX ct; - char hash[SHA_DIGESTSIZE]; - static char real_hash[SHA_DIGESTSIZE * 2 + 1]; -#endif - + int i; #ifdef APACHE2 - apr_sha1_init(&ct); - apr_sha1_update(&ct, passwd, strlen(passwd)); - apr_sha1_final(hash, &ct); -#else - ap_SHA1Init(&ct); - ap_SHA1Update(&ct, passwd, strlen(passwd)); - ap_SHA1Final(hash, &ct); + apr_sha1_ctx_t ct; + char hash[APR_SHA1_DIGESTSIZE]; + static char real_hash[APR_SHA1_DIGESTSIZE * 2 + 1]; + + apr_sha1_init(&ct); + apr_sha1_update(&ct, passwd, strlen(passwd)); + apr_sha1_final(hash, &ct); +#else + AP_SHA1_CTX ct; + char hash[SHA_DIGESTSIZE]; + static char real_hash[SHA_DIGESTSIZE * 2 + 1]; + + ap_SHA1Init(&ct); + ap_SHA1Update(&ct, passwd, strlen(passwd)); + ap_SHA1Final(hash, &ct); #endif - int i; - /* Now we convert the 20 octet hash to a 40 byte hex string */ for (i = 0; i < sizeof(hash); i++) { real_hash[2*i+1] = hash[i] & 0xF; @@ -1079,9 +1074,9 @@ #endif { #ifdef APACHE2 - apr_pool_cleanup_register(p, (void *) result, auth_mysql_result_cleanup, auth_mysql_result_cleanup); + apr_pool_cleanup_register(p, (void *) result, auth_mysql_result_cleanup, auth_mysql_result_cleanup); #else - ap_register_cleanup(p, (void *) result, auth_mysql_result_cleanup, auth_mysql_result_cleanup); + ap_register_cleanup(p, (void *) result, auth_mysql_result_cleanup, auth_mysql_result_cleanup); #endif } @@ -1540,11 +1535,7 @@ #endif case 0: ap_note_basic_auth_failure(r); -#ifdef APACHE2 return HTTP_UNAUTHORIZED; -#else - return AUTH_REQUIRED; -#endif break; case 1: return OK; @@ -1553,11 +1544,7 @@ default: APACHELOG(APLOG_DEBUG, r, "mysql_check_user_password returned error"); -#ifdef APACHE2 return HTTP_INTERNAL_SERVER_ERROR; -#else - return SERVER_ERROR; -#endif break; } } @@ -1573,7 +1560,7 @@ { mysql_auth_config_rec *sec = (mysql_auth_config_rec *) ap_get_module_config(r->per_dir_config, &auth_mysql_module); #ifdef APACHE2 - char *user = r->user; + char *user = r->user; #else char *user = r->connection->user; #endif @@ -1583,7 +1570,7 @@ register int x; const char *t, *w; #ifdef APACHE2 - const apr_array_header_t *reqs_arr = ap_requires(r); + const apr_array_header_t *reqs_arr = ap_requires(r); #else const array_header *reqs_arr = ap_requires(r); #endif @@ -1599,11 +1586,8 @@ */ if (!reqs_arr) { if (sec->authoritative) { -#ifdef APACHE2 - return HTTP_UNAUTHORIZED; -#else - return AUTH_REQUIRED; -#endif + APACHELOG(APLOG_ERR, r, "No requires line available"); + return HTTP_UNAUTHORIZED; } else { return DECLINED; } @@ -1658,11 +1642,7 @@ } else if (rv == -1) { -#ifdef APACHE2 return HTTP_INTERNAL_SERVER_ERROR; -#else - return SERVER_ERROR; -#endif } } } @@ -1670,11 +1650,7 @@ /* The user is not part of any listed groups or users, and * the valid-user check wasn't used. */ -#ifdef APACHE2 return HTTP_UNAUTHORIZED; -#else - return AUTH_REQUIRED; -#endif } /* If there were no requires lines, we assume we're good to go */ @@ -1688,11 +1664,7 @@ } ap_note_basic_auth_failure(r); -#ifdef APACHE2 return HTTP_UNAUTHORIZED; -#else - return AUTH_REQUIRED; -#endif }