You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by nd...@apache.org on 2003/01/05 10:58:31 UTC
cvs commit: httpd-2.0/modules/aaa mod_authn_default.c
nd 2003/01/05 01:58:31
Modified: modules/aaa mod_authn_default.c
Log:
well, it's a backstopper. So stop also misconfigured Digest
authentication requests.
e.g.:
AuthType Digest
AuthName foo
require user nd
with no mod_auth_digest present; or consider a TP digest module
with Authoritative funcionality etc.
It's still a question whether we should throw a 500 instead of 401
in that case...
Revision Changes Path
1.3 +18 -9 httpd-2.0/modules/aaa/mod_authn_default.c
Index: mod_authn_default.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/aaa/mod_authn_default.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- mod_authn_default.c 8 Dec 2002 21:16:05 -0000 1.2
+++ mod_authn_default.c 5 Jan 2003 09:58:30 -0000 1.3
@@ -71,7 +71,6 @@
*/
#include "apr_strings.h"
-#include "apr_md5.h" /* for apr_password_validate */
#include "ap_config.h"
#include "httpd.h"
@@ -107,19 +106,29 @@
module AP_MODULE_DECLARE_DATA authn_default_module;
-static int authenticate_basic_user(request_rec *r)
+static int authenticate_no_user(request_rec *r)
{
authn_default_config_rec *conf = ap_get_module_config(r->per_dir_config,
&authn_default_module);
- const char *sent_pw;
- int res;
- if ((res = ap_get_basic_auth_pw(r, &sent_pw))) {
- return res;
+ const char *type;
+
+ if (!(type = ap_auth_type(r))) {
+ return DECLINED;
+ }
+
+ /* fill in the r->user field */
+ if (!strcasecmp(type, "Basic")) {
+ char *sent_pw;
+ int res;
+
+ if ((res = ap_get_basic_auth_pw(r, &sent_pw)) != OK) {
+ return res;
+ }
}
if (conf->authoritative == 0) {
- return DECLINED;
+ return DECLINED;
}
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
@@ -127,13 +136,13 @@
"not configured",
r->uri, r->user ? r->user : "<null>");
- ap_note_basic_auth_failure(r);
+ ap_note_auth_failure(r);
return HTTP_UNAUTHORIZED;
}
static void register_hooks(apr_pool_t *p)
{
- ap_hook_check_user_id(authenticate_basic_user,NULL,NULL,APR_HOOK_LAST);
+ ap_hook_check_user_id(authenticate_no_user,NULL,NULL,APR_HOOK_LAST);
}
module AP_MODULE_DECLARE_DATA authn_default_module =