#2 Config merge prob with TKTAuthCookie + proposed fix

[Anonymous]

Dear all,

I have noted two problems with 2.0.0rc3:

1) Merging of per-directory Apache configuration:
Setting TKTAuthCookieName to any other value than the default 'auth_tkt' applies *only* to the section where it is specified, any other section believes it to be the default, because merge_auth_tkt_config() finds a non-NULL value (the default) and does not merge from the parent.
This causes any TKTAuthToken directive to always fail for non-default cookie names, because the module does not find "its" cookie by the correct name.

A similar problem applies to TKTAuthBackArgName, but this is less likely to be customized.

The patch has initialization changed to always init with NULL and supply missing defaults in auth_tkt_check().

2) Our libc is quite unforgiving when supplied a NULL argument for %s, causing Apache to die in dump_config() when using TKTAuthDebug 3.

The patch has all string args for fprintf() in dump_config() protected to display as "(null)" if the are NULL.

dietmar.berg(at)thalesgroup.com

[Nobody/Anonymous]

proposed patch for mod_auth_tkt.c (2.0.0rc3 )