Ruediger Pluem wrote: >> + /* pre-scan for ldap-* requirements so we can get out of the way early >> */ >> + for(x=0; x < reqs_arr->nelts; x++) { > > Why do we know that reqs_arr != NULL always?
Wasn't that the FIXME comment that was included in the previous version of this patch? >> + if (! (reqs[x].method_mask & (AP_METHOD_BIT << m))) { >> + continue; >> + } >> + >> + t = reqs[x].requirement; >> + w = ap_getword_white(r->pool, &t); >> + >> + if (strncmp(w, "ldap-",5) == 0) { >> + required_ldap = 1; >> + break; >> + } >> + } >> + >> + if (!required_ldap) { >> + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, >> + "[%" APR_PID_T_FMT "] auth_ldap authorise: declining >> to authorise (no ldap requirements)", getpid()); >> + return DECLINED; >> + } >> + >> + >> + >> if (sec->host) { >> ldc = util_ldap_connection_find(r, sec->host, sec->port, >> sec->binddn, sec->bindpw, sec->deref, >> @@ -559,12 +582,6 @@ >> #endif >> } >> >> - if (!reqs_arr) { >> - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, >> - "[%" APR_PID_T_FMT "] auth_ldap authorise: no >> requirements array", getpid()); >> - return sec->auth_authoritative? HTTP_UNAUTHORIZED : DECLINED; >> - } >> - > > Why is this not needed any longer? I read it that this: >> - if (!reqs_arr) { >> - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, >> - "[%" APR_PID_T_FMT "] auth_ldap authorise: no requirements array", getpid()); >> - return sec->auth_authoritative? HTTP_UNAUTHORIZED : DECLINED; >> - } >> - was replaced by this: >> + if (!required_ldap) { >> + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, >> + "[%" APR_PID_T_FMT "] auth_ldap authorise: declining to authorise (no ldap requirements)", getpid()); >> + return DECLINED; >> + } Regards, Graham --
smime.p7s
Description: S/MIME Cryptographic Signature