summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStef Walter <stef@memberwebs.com>2004-05-05 22:28:57 +0000
committerStef Walter <stef@memberwebs.com>2004-05-05 22:28:57 +0000
commit845693df0604b5890db0eb36e7f7bf9c2e2813e8 (patch)
treeee16fdd986b6cf303c150345369f95682f13f69a
parent2c1dec428c6e1d1bb6675847a5046a4fabdfe4c4 (diff)
- Parse incoming headers properly for authtypes
- Handle sub-requests properly - Makefile fix
-rw-r--r--apache1x/Makefile2
-rw-r--r--apache1x/mod_httpauth.c44
2 files changed, 41 insertions, 5 deletions
diff --git a/apache1x/Makefile b/apache1x/Makefile
index 3ddc156..b398959 100644
--- a/apache1x/Makefile
+++ b/apache1x/Makefile
@@ -16,7 +16,7 @@ all: mod_httpauth.so
# compile the DSO file
mod_httpauth.so: mod_httpauth.c ../common/sock_any.c
- $(APXS) -c -Wc,-g -Wc,-O0 $(DEF) $(INC) $(LIB) mod_httpauth.c ../common/sock_any.c
+ $(APXS) -c -Wc,-g -Wc,-O0 $(DEF) $(INC) $(LIB) mod_httpauth.c
# install the DSO file into the Apache installation
# and activate it in the Apache configuration
diff --git a/apache1x/mod_httpauth.c b/apache1x/mod_httpauth.c
index b112120..fae668e 100644
--- a/apache1x/mod_httpauth.c
+++ b/apache1x/mod_httpauth.c
@@ -363,12 +363,32 @@ int read_copy_headers(httpauth_context_t* ctx, int ccode, request_rec* r)
line = trim_space(line);
- /* Fix up when we're a proxy */
- if(r->proxyreq == STD_PROXY)
+ if(strcasecmp(name, "WWW-Authenticate") == 0)
{
- if(strcasecmp(name, "WWW-Authenticate") == 0)
+ if(strncasecmp(line, AUTH_PREFIX_BASIC, strlen(AUTH_PREFIX_BASIC)) == 0 &&
+ !(ctx->types & AUTH_TYPE_BASIC))
+ continue;
+
+ else if(strncasecmp(line, AUTH_PREFIX_DIGEST, strlen(AUTH_PREFIX_DIGEST)) == 0 &&
+ !(ctx->types & AUTH_TYPE_DIGEST))
+ continue;
+
+ else if(strncasecmp(line, AUTH_PREFIX_NTLM, strlen(AUTH_PREFIX_NTLM)) == 0 &&
+ !(ctx->types & AUTH_TYPE_NTLM))
+ continue;
+
+ /* Only allow unknown if we don't have it */
+ else if(!(ctx->types & AUTH_TYPE_ANY))
+ continue;
+
+ /* Fix up when we're a proxy */
+ if(r->proxyreq == STD_PROXY)
name = "Proxy-Authenticate";
- else if(strcasecmp(name, "Authentication-Info") == 0)
+ }
+
+ else if(strcasecmp(name, "Authentication-Info") == 0)
+ {
+ if(r->proxyreq == STD_PROXY)
name = "Proxy-Authentication-Info";
}
@@ -618,6 +638,7 @@ static int httpauth_authenticate(request_rec* r)
int code = 0;
int ccode = 0;
char* details = NULL;
+ request_rec* mainreq;
/* Make sure it's for us */
if(!(authtype = ap_auth_type(r)) || strcasecmp(HTTPAUTH_AUTHTYPE, authtype) != 0)
@@ -629,6 +650,18 @@ static int httpauth_authenticate(request_rec* r)
if(!ctx->socketname || !ctx->method)
return DECLINED;
+ mainreq = r;
+
+ while(mainreq->main != NULL)
+ mainreq = mainreq->main;
+
+ while(mainreq->prev != NULL)
+ mainreq = mainreq->prev;
+
+ /* Check if we've already authenticated this request */
+ if(ap_get_module_config(mainreq->request_config, &httpauth_module))
+ return OK;
+
if(ctx->socket == -1)
{
if(connect_httpauth(ctx, r) == -1)
@@ -672,6 +705,9 @@ static int httpauth_authenticate(request_rec* r)
(char*)(r->connection->user) = ap_pstrdup(r->connection->pool, details);
r->connection->ap_auth_type = HTTPAUTH_AUTHTYPE;
+
+ /* Mark request as successfully authenticated */
+ ap_set_module_config(r->request_config, &httpauth_module, details);
return OK;
}