httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dgau...@hyperreal.org
Subject cvs commit: apachen/src/modules/standard mod_digest.c
Date Fri, 02 Jan 1998 23:58:29 GMT
dgaudet     98/01/02 15:58:29

  Modified:    .        STATUS
               src      CHANGES
               src/modules/standard mod_digest.c
  Log:
  Using the digest Authentication scheme for proxy authentication, authorization
  never succeeds because mod_digest always looks at the Authorization header,
  never at the Proxy-Authorization header.
  
  Also, the scheme in the auth header is compared to "Digest" using a case-
  sensitive comparison, instead of a case-insensitive comparison.
  
  PR:		1599
  Submitted by:	Ronald Tschalaer <Ronald.Tschalaer@psi.ch>
  Reviewed by:	Dean Gaudet, Jim Jagielski
  
  Revision  Changes    Path
  1.47      +1 -5      apachen/STATUS
  
  Index: STATUS
  ===================================================================
  RCS file: /export/home/cvs/apachen/STATUS,v
  retrieving revision 1.46
  retrieving revision 1.47
  diff -u -r1.46 -r1.47
  --- STATUS	1998/01/02 23:46:06	1.46
  +++ STATUS	1998/01/02 23:58:24	1.47
  @@ -65,6 +65,7 @@
       * Paul/Ben's [PATCH] 1.3: spaces in NT spawn* arguments
       * Dean's [PATCH] mod_info minor cleanups (take 2)
       * Dean's [PATCH] mod_status cleanups
  +    * [PATCH] mod_digest/1599: proxy authentication using the digest auth scheme never
succeeds (fwd)
   
   Available Patches:
   
  @@ -72,11 +73,6 @@
   	<34AA4B95.36726117@Golux.Com>
   	Status: Ken +1, Jim +1
   	Gregory Lundberg says it's legally invalid
  -
  -    * [PATCH] mod_digest/1599: proxy authentication using the digest auth
  -      scheme never succeeds (fwd)
  -	<Pine.LNX.3.95dg3.971225184830.17380C-100000@twinlark.arctic.org>
  -	Status: Dean +1, Jim +1
   
       * Martin's [PATCH] 36kB: Make apache compile & run on an EBCDIC mainframe
   	<19971217184646.62136@deejai.mch.sni.de>
  
  
  
  1.556     +4 -0      apachen/src/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /export/home/cvs/apachen/src/CHANGES,v
  retrieving revision 1.555
  retrieving revision 1.556
  diff -u -r1.555 -r1.556
  --- CHANGES	1998/01/02 23:46:07	1.555
  +++ CHANGES	1998/01/02 23:58:26	1.556
  @@ -1,5 +1,9 @@
   Changes with Apache 1.3b4
   
  +  *) mod_digest didn't properly deal with proxy authentication.  It
  +     also lacked a case-insensitive comparision of the "Digest"
  +     token.  [Ronald Tschalaer <Ronald.Tschalaer@psi.ch>] PR#1599
  +
     *) A few cleanups in mod_status for efficiency.  [Dean Gaudet]
   
     *) A few cleanups in mod_info to make it thread-safe, and remove an
  
  
  
  1.28      +4 -2      apachen/src/modules/standard/mod_digest.c
  
  Index: mod_digest.c
  ===================================================================
  RCS file: /export/home/cvs/apachen/src/modules/standard/mod_digest.c,v
  retrieving revision 1.27
  retrieving revision 1.28
  diff -u -r1.27 -r1.28
  --- mod_digest.c	1997/12/18 20:39:18	1.27
  +++ mod_digest.c	1998/01/02 23:58:28	1.28
  @@ -132,7 +132,9 @@
   
   int get_digest_rec(request_rec *r, digest_header_rec * response)
   {
  -    const char *auth_line = table_get(r->headers_in, "Authorization");
  +    const char *auth_line = table_get(r->headers_in,
  +                                    r->proxyreq ? "Proxy-Authorization"
  +                                    : "Authorization");
       int l;
       int s = 0, vk = 0, vv = 0;
       char *t, *key, *value;
  @@ -151,7 +153,7 @@
   	return AUTH_REQUIRED;
       }
   
  -    if (strcmp(getword(r->pool, &auth_line, ' '), "Digest")) {
  +    if (strcasecmp(getword(r->pool, &auth_line, ' '), "Digest")) {
   	/* Client tried to authenticate using wrong auth scheme */
   	aplog_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server,
   		    "client used wrong authentication scheme: %s", r->uri);
  
  
  

Mime
View raw message