"Fossies" - the Fresh Open Source Software Archive

Member "mod_auth_dce-3.4/README.PATCHES" (10 Aug 2006, 2557 Bytes) of package /linux/www/apache_httpd_modules/old/mod_auth_dce-3.4.tar.gz:

As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. 
    1 
    2 Installing Patches
    3 ------------------
    4 
    5 This module currently requires a few minor patches to the Apache source
    6 code for correct operation. In the patches subdirectory, you'll find a 
    7 patch file:
    8 
    9 
   10      apache_1.3.28+.diff    -- For Apache 1.3.28 and later
   11 
   12 
   13 This patch should apply (with possible offset complaints) to Apache 1.3.28
   14 and later, including SSL variants thereof.  To apply the patch, run
   15 the command:
   16 
   17 
   18      patch -p1 -d /path/to/apache_1.3.x < \
   19           /path/to/mod_auth_dce-3.4/patches/apache-1.3.28+.diff
   20 
   21 
   22 Technical Details
   23 -----------------
   24 
   25 The following is a list of files modified by the patch and the reasons
   26 the modifications needed to be made.
   27 
   28   mod_cgi.c
   29 
   30        The call to can_exec(), which checks execute permissions by
   31        comparing the server's UID and GID to owner/group permissions
   32        on the file, does not work correctly when a CGI might not be
   33        executable by the server user/group. This call is replaced with
   34        a call to the access() system routine instead, which will take
   35        ACLs into account when deciding whether execute permission
   36        exists.
   37 
   38 
   39   http_request.c
   40 
   41        In the get_path_info() function in this file, the server tries to
   42        separate the request into a system path and the extra PATH_INFO
   43        environment variable. This is accomplished by repeated calls to
   44        stat(), and the removal of the rightmost component of the
   45        request on each stat() failure. This function is called before
   46        any credentials are obtained, and the stat() might fail with a
   47        permission error if the any_other entry does not have access.
   48        This makes the PATH_INFO incorrect. The function is modified to
   49        check for a permission error (EACCES) when stat() fails, and if
   50        it finds one, to immediately return OK with no further processing.
   51        mod_auth_dce will call this function again after credentials
   52        have been obtained, if needed, to correctly separate the PATH_INFO.
   53        This function is also changed to no longer be static, so it may be
   54        called from mod_auth_dce.
   55 
   56        Also in get_path_info(), if a DFS server is down, the stat() call
   57        could return ETIMEDOUT. Stock Apache will return HTTP_FORBIDDEN in
   58        this case, which seems wrong. Instead, the function is modified
   59        to return HTTP_SERVICE_UNAVAILABLE.
   60 
   61   mod_userdir.c
   62 
   63        Similar to the get_path_info() function, a stat() call in
   64        mod_userdir could return ETIMEDOUT. In this case, the function
   65        is modified to return HTTP_SERVICE_UNAVAILABLE.