diff options
author | André Malo <nd@apache.org> | 2003-01-05 10:58:30 +0100 |
---|---|---|
committer | André Malo <nd@apache.org> | 2003-01-05 10:58:30 +0100 |
commit | 7e38c68850f19d5e73efe4cf16780463e6b9e9fd (patch) | |
tree | b9c8e9f6cc2c5d96ef2f4a9c5e8a553f85961341 /modules/aaa | |
parent | Our standard distribution should not promote broken behavior. We can (diff) | |
download | apache2-7e38c68850f19d5e73efe4cf16780463e6b9e9fd.tar.xz apache2-7e38c68850f19d5e73efe4cf16780463e6b9e9fd.zip |
well, it's a backstopper. So stop also misconfigured Digest
authentication requests.
e.g.:
AuthType Digest
AuthName foo
require user nd
with no mod_auth_digest present; or consider a TP digest module
with Authoritative funcionality etc.
It's still a question whether we should throw a 500 instead of 401
in that case...
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98167 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'modules/aaa')
-rw-r--r-- | modules/aaa/mod_authn_default.c | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/modules/aaa/mod_authn_default.c b/modules/aaa/mod_authn_default.c index 2fbc0a7175..8dbed1d3a4 100644 --- a/modules/aaa/mod_authn_default.c +++ b/modules/aaa/mod_authn_default.c @@ -71,7 +71,6 @@ */ #include "apr_strings.h" -#include "apr_md5.h" /* for apr_password_validate */ #include "ap_config.h" #include "httpd.h" @@ -107,19 +106,29 @@ static const command_rec authn_default_cmds[] = module AP_MODULE_DECLARE_DATA authn_default_module; -static int authenticate_basic_user(request_rec *r) +static int authenticate_no_user(request_rec *r) { authn_default_config_rec *conf = ap_get_module_config(r->per_dir_config, &authn_default_module); - const char *sent_pw; - int res; - if ((res = ap_get_basic_auth_pw(r, &sent_pw))) { - return res; + const char *type; + + if (!(type = ap_auth_type(r))) { + return DECLINED; + } + + /* fill in the r->user field */ + if (!strcasecmp(type, "Basic")) { + char *sent_pw; + int res; + + if ((res = ap_get_basic_auth_pw(r, &sent_pw)) != OK) { + return res; + } } if (conf->authoritative == 0) { - return DECLINED; + return DECLINED; } ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, @@ -127,13 +136,13 @@ static int authenticate_basic_user(request_rec *r) "not configured", r->uri, r->user ? r->user : "<null>"); - ap_note_basic_auth_failure(r); + ap_note_auth_failure(r); return HTTP_UNAUTHORIZED; } static void register_hooks(apr_pool_t *p) { - ap_hook_check_user_id(authenticate_basic_user,NULL,NULL,APR_HOOK_LAST); + ap_hook_check_user_id(authenticate_no_user,NULL,NULL,APR_HOOK_LAST); } module AP_MODULE_DECLARE_DATA authn_default_module = |