On Tue, 7 Oct 2003, Dirk-Willem van Gulik wrote: > Actualy I'd be happier if the strcmp() would becomce > > if (user && !strcmp(r->user,user)
Well here is a patch then. I tested it on 2.0.47 (mod_auth.c hasn't changed since (at least)). This patch prevents a segfault in cases where a module handles the check_user_id, returns OK but neglects to set r->user, AND there exists a "require user ..." directive. --- modules/aaa/mod_auth.c Wed Oct 8 13:36:49 2003 +++ modules/aaa/mod_auth.c Wed Oct 8 13:30:19 2003 @@ -292,7 +292,7 @@ if (!strcmp(w, "user")) { while (t[0]) { w = ap_getword_conf(r->pool, &t); - if (!strcmp(user, w)) { + if (user && !strcmp(user, w)) { return OK; } }