Project

General

Profile

Bug #889 ยป lighttpd-1.4.13-fcgi-auth-type.diff

tkruthoff, 2006-10-18 07:57

View differences:

lighttpd-1.4.13.patch/src/mod_fastcgi.c 2006-10-18 00:57:19.000000000 -0700
1875 1875
	fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_ADDR"), s, strlen(s));
1876 1876

  
1877 1877
	if (!buffer_is_empty(con->authed_user)) {
1878
		fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_USER"),
1879
			     CONST_BUF_LEN(con->authed_user));
1878
		fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_USER"), CONST_BUF_LEN(con->authed_user));
1879
	
1880
		/* AUTH_TYPE fix by Troy Kruthoff (tkruthoff@gmail.com)
1881
		 * section 4.1.1 of RFC 3875 (cgi spec) requires the server to set a AUTH_TYPE env
1882
		 * declaring the type of authentication used.	 (see http://tools.ietf.org/html/rfc3875#page-11)
1883
		 *
1884
		 * I copied this code from mod_auth.c where it extracts auth info from the "Authorization" 
1885
		 * header to authenticate the user before allowing the request to proceed.  I'm guessing it makes
1886
		 * sense to re-parse the header here, as mod_auth is unaware if the request is headed for cgi/fcgi.
1887
		 * Someone more familiar with the lighty internals should be able to quickly determine if we are 
1888
		 * better storing AUTH_TYPE on the initial parse in mod_auth.
1889
		 */
1890
		char *http_authorization = NULL;
1891
		data_string *ds;
1892
	  	
1893
		if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Authorization"))) {
1894
			http_authorization = ds->value->ptr;
1895
		}
1896
	
1897
		if (ds && ds->value && ds->value->used) {
1898
			char *auth_realm;
1899
		  if (NULL != (auth_realm = strchr(http_authorization, ' '))) {
1900
				int auth_type_len = auth_realm - http_authorization;
1901
				if ((auth_type_len == 5) && (0 == strncmp(http_authorization, "Basic", auth_type_len))) {
1902
					  fcgi_env_add(p->fcgi_env, CONST_STR_LEN("AUTH_TYPE"), CONST_STR_LEN("Basic"));
1903
				} else if ((auth_type_len == 6) && (0 == strncmp(http_authorization, "Digest", auth_type_len))) {
1904
					  fcgi_env_add(p->fcgi_env, CONST_STR_LEN("AUTH_TYPE"), CONST_STR_LEN("Digest"));
1905
				}
1906
			}
1907
		}
1880 1908
	}
1881 1909

  
1882 1910
	if (con->request.content_length > 0 && host->mode != FCGI_AUTHORIZER) {
    (1-1/1)