diff options
Diffstat (limited to 'sapi/apache/mod_php5.c')
-rw-r--r-- | sapi/apache/mod_php5.c | 35 |
1 files changed, 19 insertions, 16 deletions
diff --git a/sapi/apache/mod_php5.c b/sapi/apache/mod_php5.c index 59be19d..6fc4016 100644 --- a/sapi/apache/mod_php5.c +++ b/sapi/apache/mod_php5.c @@ -489,24 +489,27 @@ static void init_request_info(TSRMLS_D) if (r->headers_in) { authorization = table_get(r->headers_in, "Authorization"); } + + SG(request_info).auth_user = NULL; + SG(request_info).auth_password = NULL; + if (authorization - && (!PG(safe_mode) || (PG(safe_mode) && !auth_type(r))) - && !strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) { - tmp = uudecode(r->pool, authorization); - SG(request_info).auth_user = NULL; - tmp_user = getword_nulls_nc(r->pool, &tmp, ':'); - if (tmp_user) { - r->connection->user = pstrdup(r->connection->pool, tmp_user); - r->connection->ap_auth_type = "Basic"; - SG(request_info).auth_user = estrdup(tmp_user); - } - SG(request_info).auth_password = NULL; - if (tmp) { - SG(request_info).auth_password = estrdup(tmp); + && (!PG(safe_mode) || (PG(safe_mode) && !auth_type(r)))) { + if (!strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) { + tmp = uudecode(r->pool, authorization); + tmp_user = getword_nulls_nc(r->pool, &tmp, ':'); + if (tmp_user) { + r->connection->user = pstrdup(r->connection->pool, tmp_user); + r->connection->ap_auth_type = "Basic"; + SG(request_info).auth_user = estrdup(tmp_user); + } + if (tmp) { + SG(request_info).auth_password = estrdup(tmp); + } + } else if (!strcasecmp(getword(r->pool, &authorization, ' '), "Digest")) { + r->connection->ap_auth_type = "Digest"; + SG(request_info).auth_digest = estrdup(authorization); } - } else { - SG(request_info).auth_user = NULL; - SG(request_info).auth_password = NULL; } } /* }}} */ |