summaryrefslogtreecommitdiffstats
path: root/modules/aaa
diff options
context:
space:
mode:
authorAndré Malo <nd@apache.org>2003-01-05 10:58:30 +0100
committerAndré Malo <nd@apache.org>2003-01-05 10:58:30 +0100
commit7e38c68850f19d5e73efe4cf16780463e6b9e9fd (patch)
treeb9c8e9f6cc2c5d96ef2f4a9c5e8a553f85961341 /modules/aaa
parentOur standard distribution should not promote broken behavior. We can (diff)
downloadapache2-7e38c68850f19d5e73efe4cf16780463e6b9e9fd.tar.xz
apache2-7e38c68850f19d5e73efe4cf16780463e6b9e9fd.zip
well, it's a backstopper. So stop also misconfigured Digest
authentication requests. e.g.: AuthType Digest AuthName foo require user nd with no mod_auth_digest present; or consider a TP digest module with Authoritative funcionality etc. It's still a question whether we should throw a 500 instead of 401 in that case... git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98167 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'modules/aaa')
-rw-r--r--modules/aaa/mod_authn_default.c27
1 files changed, 18 insertions, 9 deletions
diff --git a/modules/aaa/mod_authn_default.c b/modules/aaa/mod_authn_default.c
index 2fbc0a7175..8dbed1d3a4 100644
--- a/modules/aaa/mod_authn_default.c
+++ b/modules/aaa/mod_authn_default.c
@@ -71,7 +71,6 @@
*/
#include "apr_strings.h"
-#include "apr_md5.h" /* for apr_password_validate */
#include "ap_config.h"
#include "httpd.h"
@@ -107,19 +106,29 @@ static const command_rec authn_default_cmds[] =
module AP_MODULE_DECLARE_DATA authn_default_module;
-static int authenticate_basic_user(request_rec *r)
+static int authenticate_no_user(request_rec *r)
{
authn_default_config_rec *conf = ap_get_module_config(r->per_dir_config,
&authn_default_module);
- const char *sent_pw;
- int res;
- if ((res = ap_get_basic_auth_pw(r, &sent_pw))) {
- return res;
+ const char *type;
+
+ if (!(type = ap_auth_type(r))) {
+ return DECLINED;
+ }
+
+ /* fill in the r->user field */
+ if (!strcasecmp(type, "Basic")) {
+ char *sent_pw;
+ int res;
+
+ if ((res = ap_get_basic_auth_pw(r, &sent_pw)) != OK) {
+ return res;
+ }
}
if (conf->authoritative == 0) {
- return DECLINED;
+ return DECLINED;
}
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
@@ -127,13 +136,13 @@ static int authenticate_basic_user(request_rec *r)
"not configured",
r->uri, r->user ? r->user : "<null>");
- ap_note_basic_auth_failure(r);
+ ap_note_auth_failure(r);
return HTTP_UNAUTHORIZED;
}
static void register_hooks(apr_pool_t *p)
{
- ap_hook_check_user_id(authenticate_basic_user,NULL,NULL,APR_HOOK_LAST);
+ ap_hook_check_user_id(authenticate_no_user,NULL,NULL,APR_HOOK_LAST);
}
module AP_MODULE_DECLARE_DATA authn_default_module =