Package: libapache2-mod-vhost-ldap
Version: 0.2.1-1
Severity: important
I noticed that if the apacheScriptAlias attribute is not present in the
LDAP directory, the module will return NULL as filename, resulting in
the vhost to break.
I quickly cooked up a patch, which is probably completely wrong. It
makes the module decline if ScriptAlias is not defined. It also fixes a
comment typo.
In addition to this, the apacheConfig objectclass should have MUST (
apacheServerName & apacheDocumentRoot & apacheScriptAlias ) so that it
reflects the behavior of the code.
On the other hand, I think the correct fix would be to not require this
attribute and instead have the code behave correctly without it. I made
some simple changes and the second attached patch is an attempt to fix
this, although I suspect my lack of sleep means it's no good... ;-)
--- mod_vhost_ldap.c.orig 2005-08-11 13:17:00.000000000 +0300
+++ mod_vhost_ldap.c 2005-08-14 01:52:02.662014320 +0300
@@ -79,7 +79,7 @@
char *name; /* ServerName */
char *admin; /* ServerAdmin */
char *docroot; /* DocumentRoot */
- char *cgiroot; /* ScripAlias */
+ char *cgiroot; /* ScriptAlias */
char *uid; /* Suexec Uid */
char *gid; /* Suexec Gid */
} mod_vhost_ldap_request_t;
@@ -413,10 +413,10 @@
}
}
- if ((req->name == NULL)||(req->docroot == NULL)) {
+ if ((req->name == NULL)||(req->docroot == NULL)||(req->cgiroot == NULL)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r,
"[mod_vhost_ldap.c] translate: "
- "translate failed; ServerName or DocumentRoot not defined");
+ "translate failed; ServerName or DocumentRoot or ScriptAlias not defined");
return DECLINED;
}
--- mod_vhost_ldap.c.orig 2005-08-11 13:17:00.000000000 +0300
+++ mod_vhost_ldap.c 2005-08-14 02:05:03.819260368 +0300
@@ -79,7 +79,7 @@
char *name; /* ServerName */
char *admin; /* ServerAdmin */
char *docroot; /* DocumentRoot */
- char *cgiroot; /* ScripAlias */
+ char *cgiroot; /* ScriptAlias */
char *uid; /* Suexec Uid */
char *gid; /* Suexec Gid */
} mod_vhost_ldap_request_t;
@@ -290,7 +290,7 @@
command_rec mod_vhost_ldap_cmds[] = {
AP_INIT_TAKE1("VhostLDAPURL", mod_vhost_ldap_parse_url, NULL, RSRC_CONF,
- "URL to define LDAP connection. This should be an RFC 2255 complaint\n"
+ "URL to define LDAP connection. This should be an RFC 2255 compliant\n"
"URL of the form ldap://host[:port]/basedn[?attrib[?scope[?filter]]].\n";
"<ul>\n"
"<li>Host is the name of the LDAP server. Use a space separated list of hosts \n"
@@ -309,7 +309,7 @@
"Set to off to disable vhost_ldap, even if it's been enabled in a higher tree"),
AP_INIT_TAKE1("VhostLDAPDereferenceAliases", mod_vhost_ldap_set_deref, NULL, RSRC_CONF,
- "Determines how aliases are handled during a search. Can bo one of the"
+ "Determines how aliases are handled during a search. Can be one of the"
"values \"never\", \"searching\", \"finding\", or \"always\". "
"Defaults to always."),
@@ -427,17 +427,16 @@
if (cgi && (cgi != r->uri + strspn(r->parsed_uri.path, "/"))) {
cgi = NULL;
}
+ }
- if (cgi) {
- r->filename =
- apr_pstrcat (r->pool, req->cgiroot, cgi + strlen("cgi-bin"), NULL);
- r->handler = "cgi-script";
- apr_table_setn(r->notes, "alias-forced-type", r->handler);
- } else {
-
- r->filename =
- apr_pstrcat (r->pool, req->docroot, r->parsed_uri.path, NULL);
- }
+ if (cgi) {
+ r->filename =
+ apr_pstrcat (r->pool, req->cgiroot, cgi + strlen("cgi-bin"), NULL);
+ r->handler = "cgi-script";
+ apr_table_setn(r->notes, "alias-forced-type", r->handler);
+ } else {
+ r->filename =
+ apr_pstrcat (r->pool, req->docroot, r->parsed_uri.path, NULL);
}
r->server->server_hostname = apr_pstrdup (r->pool, req->name);
