You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by nd...@apache.org on 2003/01/05 10:58:31 UTC

cvs commit: httpd-2.0/modules/aaa mod_authn_default.c

nd          2003/01/05 01:58:31

  Modified:    modules/aaa mod_authn_default.c
  Log:
  well, it's a backstopper. So stop also misconfigured Digest
  authentication requests.
  
  e.g.:
    AuthType Digest
    AuthName foo
    require user nd
  
  with no mod_auth_digest present; or consider a TP digest module
  with Authoritative funcionality etc.
  
  It's still a question whether we should throw a 500 instead of 401
  in that case...
  
  Revision  Changes    Path
  1.3       +18 -9     httpd-2.0/modules/aaa/mod_authn_default.c
  
  Index: mod_authn_default.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/aaa/mod_authn_default.c,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- mod_authn_default.c	8 Dec 2002 21:16:05 -0000	1.2
  +++ mod_authn_default.c	5 Jan 2003 09:58:30 -0000	1.3
  @@ -71,7 +71,6 @@
    */
   
   #include "apr_strings.h"
  -#include "apr_md5.h"            /* for apr_password_validate */
   
   #include "ap_config.h"
   #include "httpd.h"
  @@ -107,19 +106,29 @@
   
   module AP_MODULE_DECLARE_DATA authn_default_module;
   
  -static int authenticate_basic_user(request_rec *r)
  +static int authenticate_no_user(request_rec *r)
   {
       authn_default_config_rec *conf = ap_get_module_config(r->per_dir_config,
                                                         &authn_default_module);
  -    const char *sent_pw;
  -    int res;
   
  -    if ((res = ap_get_basic_auth_pw(r, &sent_pw))) {
  -       	return res;
  +    const char *type;
  +
  +    if (!(type = ap_auth_type(r))) {
  +	return DECLINED;
  +    }
  +
  +    /* fill in the r->user field */
  +    if (!strcasecmp(type, "Basic")) {
  +        char *sent_pw;
  +        int res;
  +
  +        if ((res = ap_get_basic_auth_pw(r, &sent_pw)) != OK) {
  +            return res;
  +        }
       }
   
       if (conf->authoritative == 0) {
  -	    return DECLINED;
  +	return DECLINED;
       }
   
       ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
  @@ -127,13 +136,13 @@
                     "not configured",
                     r->uri, r->user ? r->user : "<null>");
   
  -    ap_note_basic_auth_failure(r);
  +    ap_note_auth_failure(r);
       return HTTP_UNAUTHORIZED;
   }
   
   static void register_hooks(apr_pool_t *p)
   {
  -    ap_hook_check_user_id(authenticate_basic_user,NULL,NULL,APR_HOOK_LAST);
  +    ap_hook_check_user_id(authenticate_no_user,NULL,NULL,APR_HOOK_LAST);
   }
   
   module AP_MODULE_DECLARE_DATA authn_default_module =