summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--main/SAPI.c3
-rw-r--r--main/SAPI.h1
-rw-r--r--main/main.c5
-rw-r--r--main/php_variables.c3
-rw-r--r--sapi/apache/mod_php5.c35
-rw-r--r--sapi/apache_hooks/mod_php5.c36
6 files changed, 50 insertions, 33 deletions
diff --git a/main/SAPI.c b/main/SAPI.c
index 5ff76c3..e6ce825 100644
--- a/main/SAPI.c
+++ b/main/SAPI.c
@@ -424,6 +424,9 @@ SAPI_API void sapi_deactivate(TSRMLS_D)
if (SG(request_info).auth_password) {
efree(SG(request_info).auth_password);
}
+ if (SG(request_info).auth_digest) {
+ efree(SG(request_info).auth_digest);
+ }
if (SG(request_info).content_type_dup) {
efree(SG(request_info).content_type_dup);
}
diff --git a/main/SAPI.h b/main/SAPI.h
index 9ef7eec..3b132b8 100644
--- a/main/SAPI.h
+++ b/main/SAPI.h
@@ -98,6 +98,7 @@ typedef struct {
/* for HTTP authentication */
char *auth_user;
char *auth_password;
+ char *auth_digest;
/* this is necessary for the CGI SAPI module */
char *argv0;
diff --git a/main/main.c b/main/main.c
index e310abd..e0ed5c3 100644
--- a/main/main.c
+++ b/main/main.c
@@ -1736,6 +1736,11 @@ PHPAPI int php_handle_auth_data(const char *auth TSRMLS_DC)
SG(request_info).auth_user = SG(request_info).auth_password = NULL;
}
+ if (auth && auth[0] != '\0' && strncmp(auth, "Digest ", 7) == 0) {
+ SG(request_info).auth_digest = estrdup(auth);
+ ret = 0;
+ }
+
return ret;
}
/* }}} */
diff --git a/main/php_variables.c b/main/php_variables.c
index 17a0d82..95995c2 100644
--- a/main/php_variables.c
+++ b/main/php_variables.c
@@ -515,6 +515,9 @@ static inline void php_register_server_variables(TSRMLS_D)
if (SG(request_info).auth_password) {
php_register_variable("PHP_AUTH_PW", SG(request_info).auth_password, array_ptr TSRMLS_CC);
}
+ if (SG(request_info).auth_digest) {
+ php_register_variable("PHP_AUTH_DIGEST", SG(request_info).auth_digest, array_ptr TSRMLS_CC);
+ }
/* store request init time */
{
zval new_entry;
diff --git a/sapi/apache/mod_php5.c b/sapi/apache/mod_php5.c
index 59be19d..6fc4016 100644
--- a/sapi/apache/mod_php5.c
+++ b/sapi/apache/mod_php5.c
@@ -489,24 +489,27 @@ static void init_request_info(TSRMLS_D)
if (r->headers_in) {
authorization = table_get(r->headers_in, "Authorization");
}
+
+ SG(request_info).auth_user = NULL;
+ SG(request_info).auth_password = NULL;
+
if (authorization
- && (!PG(safe_mode) || (PG(safe_mode) && !auth_type(r)))
- && !strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) {
- tmp = uudecode(r->pool, authorization);
- SG(request_info).auth_user = NULL;
- tmp_user = getword_nulls_nc(r->pool, &tmp, ':');
- if (tmp_user) {
- r->connection->user = pstrdup(r->connection->pool, tmp_user);
- r->connection->ap_auth_type = "Basic";
- SG(request_info).auth_user = estrdup(tmp_user);
- }
- SG(request_info).auth_password = NULL;
- if (tmp) {
- SG(request_info).auth_password = estrdup(tmp);
+ && (!PG(safe_mode) || (PG(safe_mode) && !auth_type(r)))) {
+ if (!strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) {
+ tmp = uudecode(r->pool, authorization);
+ tmp_user = getword_nulls_nc(r->pool, &tmp, ':');
+ if (tmp_user) {
+ r->connection->user = pstrdup(r->connection->pool, tmp_user);
+ r->connection->ap_auth_type = "Basic";
+ SG(request_info).auth_user = estrdup(tmp_user);
+ }
+ if (tmp) {
+ SG(request_info).auth_password = estrdup(tmp);
+ }
+ } else if (!strcasecmp(getword(r->pool, &authorization, ' '), "Digest")) {
+ r->connection->ap_auth_type = "Digest";
+ SG(request_info).auth_digest = estrdup(authorization);
}
- } else {
- SG(request_info).auth_user = NULL;
- SG(request_info).auth_password = NULL;
}
}
/* }}} */
diff --git a/sapi/apache_hooks/mod_php5.c b/sapi/apache_hooks/mod_php5.c
index aafed49..93334f6 100644
--- a/sapi/apache_hooks/mod_php5.c
+++ b/sapi/apache_hooks/mod_php5.c
@@ -579,24 +579,26 @@ static void init_request_info(TSRMLS_D)
if (r->headers_in) {
authorization = table_get(r->headers_in, "Authorization");
}
- if (authorization
- && !auth_type(r)
- && !strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) {
- tmp = uudecode(r->pool, authorization);
- SG(request_info).auth_user = NULL;
- tmp_user = getword_nulls_nc(r->pool, &tmp, ':');
- if (tmp_user) {
- r->connection->user = pstrdup(r->connection->pool, tmp_user);
- r->connection->ap_auth_type = "Basic";
- SG(request_info).auth_user = estrdup(tmp_user);
- }
- SG(request_info).auth_password = NULL;
- if (tmp) {
- SG(request_info).auth_password = estrdup(tmp);
+
+ SG(request_info).auth_user = NULL;
+ SG(request_info).auth_password = NULL;
+
+ if (authorization && !auth_type(r)) {
+ if (!strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) {
+ tmp = uudecode(r->pool, authorization);
+ tmp_user = getword_nulls_nc(r->pool, &tmp, ':');
+ if (tmp_user) {
+ r->connection->user = pstrdup(r->connection->pool, tmp_user);
+ r->connection->ap_auth_type = "Basic";
+ SG(request_info).auth_user = estrdup(tmp_user);
+ }
+ if (tmp) {
+ SG(request_info).auth_password = estrdup(tmp);
+ }
+ } else if (!strcasecmp(getword(r->pool, &authorization, ' '), "Digest")) {
+ r->connection->ap_auth_type = "Digest";
+ SG(request_info).auth_digest = estrdup(authorization);
}
- } else {
- SG(request_info).auth_user = NULL;
- SG(request_info).auth_password = NULL;
}
}
/* }}} */