Ruediger Pluem wrote:
>> + /* pre-scan for ldap-* requirements so we can get out of the way early
>> */
>> + for(x=0; x < reqs_arr->nelts; x++) {
>
> Why do we know that reqs_arr != NULL always?
Wasn't that the FIXME comment that was included in the previous version
of this patch?
>> + if (! (reqs[x].method_mask & (AP_METHOD_BIT << m))) {
>> + continue;
>> + }
>> +
>> + t = reqs[x].requirement;
>> + w = ap_getword_white(r->pool, &t);
>> +
>> + if (strncmp(w, "ldap-",5) == 0) {
>> + required_ldap = 1;
>> + break;
>> + }
>> + }
>> +
>> + if (!required_ldap) {
>> + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
>> + "[%" APR_PID_T_FMT "] auth_ldap authorise: declining
>> to authorise (no ldap requirements)", getpid());
>> + return DECLINED;
>> + }
>> +
>> +
>> +
>> if (sec->host) {
>> ldc = util_ldap_connection_find(r, sec->host, sec->port,
>> sec->binddn, sec->bindpw, sec->deref,
>> @@ -559,12 +582,6 @@
>> #endif
>> }
>>
>> - if (!reqs_arr) {
>> - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
>> - "[%" APR_PID_T_FMT "] auth_ldap authorise: no
>> requirements array", getpid());
>> - return sec->auth_authoritative? HTTP_UNAUTHORIZED : DECLINED;
>> - }
>> -
>
> Why is this not needed any longer?
I read it that this:
>> - if (!reqs_arr) {
>> - ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
>> - "[%" APR_PID_T_FMT "] auth_ldap authorise: no
requirements array", getpid());
>> - return sec->auth_authoritative? HTTP_UNAUTHORIZED : DECLINED;
>> - }
>> -
was replaced by this:
>> + if (!required_ldap) {
>> + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
>> + "[%" APR_PID_T_FMT "] auth_ldap authorise:
declining to authorise (no ldap requirements)", getpid());
>> + return DECLINED;
>> + }
Regards,
Graham
--
smime.p7s
Description: S/MIME Cryptographic Signature
