diff options
Diffstat (limited to 'daemon/ldap.c')
-rw-r--r-- | daemon/ldap.c | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/daemon/ldap.c b/daemon/ldap.c index 78e048f..1e03c32 100644 --- a/daemon/ldap.c +++ b/daemon/ldap.c @@ -981,7 +981,7 @@ static int digest_ldap_challenge(ldap_context_t* ctx, ha_response_t* resp, if(ctx->opts->digest_debugnonce) { nonce_str = ctx->opts->digest_debugnonce; - ha_messagex(LOG_WARNING, "simple: using debug nonce. security non-existant."); + ha_messagex(LOG_WARNING, "ldap: using debug nonce. security non-existant."); } else #endif @@ -1036,7 +1036,6 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header, if(dg.nonce && strcmp(dg.nonce, ctx->opts->digest_debugnonce) != 0) { ret = HA_FALSE; - resp->code = HA_SERVER_BADREQ; ha_messagex(LOG_WARNING, "ldap: digest response contains invalid nonce"); goto finally; } @@ -1054,10 +1053,7 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header, if(r != HA_OK) { if(r == HA_FALSE) - { - resp->code = HA_SERVER_BADREQ; ha_messagex(LOG_WARNING, "ldap: digest response contains invalid nonce"); - } goto finally; } @@ -1099,11 +1095,13 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header, } } - /* Increment our nonce count */ - rec->nc++; + /* We had a record so ... */ + else + { + rec->nc++; + } - ret = digest_check(ctx->opts->realm, method, - ctx->opts->digest_ignoreuri ? NULL : uri, buf, &dg, rec); + ret = digest_check(&dg, rec, ctx->opts, buf, method, uri); if(ret == HA_BADREQ) { @@ -1391,7 +1389,7 @@ int ldap_process(ha_context_t* context, ha_request_t* req, header = ha_getheader(req, "Authorization", HA_PREFIX_DIGEST); if(header) { - ha_messagex(LOG_DEBUG, "ldap: processing basic auth header"); + ha_messagex(LOG_DEBUG, "ldap: processing digest auth header"); ret = digest_ldap_response(ctx, header, req->args[AUTH_ARG_METHOD], req->args[AUTH_ARG_URI], resp, buf); if(ret < 0) @@ -1405,7 +1403,7 @@ int ldap_process(ha_context_t* context, ha_request_t* req, header = ha_getheader(req, "Authorization", HA_PREFIX_BASIC); if(header) { - ha_messagex(LOG_DEBUG, "ldap: processing digest auth header"); + ha_messagex(LOG_DEBUG, "ldap: processing basic auth header"); ret = basic_ldap_response(ctx, header, resp, buf); if(ret < 0) return ret; |