Richard Barrett wrote:
> struct conn_rec {
> char *remote_logname;
> char *user;
> char *ap_auth_type;
These are indeed questionable.. but it depends on how Apache reacts when
there is a conflicting request on the same connection.
Searching.. found. The current Apache API conn_rec reference
<http://httpd.apache.org/dev/apidoc/apidoc_conn_rec.html> says:
An unfortunate assumption was made during the early days of Apache that only
one set of authentication credentials would be in use for any connexion, even
persistent ones. That is why this structure includes the credential
information instead of the request_rec, which is where it actually belongs.
This has been corrected for Apache 2.0.
So it would seem the Apache team is already aware of the issue and have dealt
with it.. so there should be no reason to worry unless you are running a very
very old Apache.. (in which case there probably is more pressing reasons to
worry than this..)
Regards
Henrik
Received on Thu May 02 2002 - 10:14:23 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:52 MST