diff options
| author | Igor Sysoev <igor@sysoev.ru> | 2005-11-26 10:11:11 +0000 |
|---|---|---|
| committer | Igor Sysoev <igor@sysoev.ru> | 2005-11-26 10:11:11 +0000 |
| commit | c31a9bb5e336b15f48c875e1f448f71d68f3feb9 (patch) | |
| tree | 31ae2b332d1b263c858bab6ee4c21778403f181d /src/http/modules/ngx_http_auth_basic_module.c | |
| parent | 99d9a4b4c547800d582a96871416797fb446b02b (diff) | |
| download | nginx-release-0.3.12.tar.gz nginx-release-0.3.12.zip | |
nginx-0.3.12-RELEASE importrelease-0.3.12
*) Security: if nginx was built with the ngx_http_realip_module and the
"satisfy_any on" directive was used, then access and authorization
directives did not work. The ngx_http_realip_module was not built
and is not built by default.
*) Change: the "$time_gmt" variable name was changed to "$time_local".
*) Change: the "proxy_header_buffer_size" and
"fastcgi_header_buffer_size" directives was renamed to the
"proxy_buffer_size" and "fastcgi_buffer_size" directives.
*) Feature: the ngx_http_memcached_module.
*) Feature: the "proxy_buffering" directive.
*) Bugfix: the changes in accept mutex handling when the "rtsig" method
was used; the bug had appeared in 0.3.0.
*) Bugfix: if the client sent the "Transfer-Encoding: chunked" header
line, then nginx returns the 411 error.
*) Bugfix: if the "auth_basic" directive was inherited from the http
level, then the realm in the "WWW-Authenticate" header line was
without the "Basic realm" text.
*) Bugfix: if the "combined" format was explicitly specified in the
"access_log" directive, then the empty lines was written to the log;
the bug had appeared in 0.3.8.
*) Bugfix: nginx did not run on the sparc platform under any OS except
Solaris.
*) Bugfix: now it is not necessary to place space between the quoted
string and closing bracket in the "if" directive.
Diffstat (limited to 'src/http/modules/ngx_http_auth_basic_module.c')
| -rw-r--r-- | src/http/modules/ngx_http_auth_basic_module.c | 41 |
1 files changed, 18 insertions, 23 deletions
diff --git a/src/http/modules/ngx_http_auth_basic_module.c b/src/http/modules/ngx_http_auth_basic_module.c index b129a9874..cf855575c 100644 --- a/src/http/modules/ngx_http_auth_basic_module.c +++ b/src/http/modules/ngx_http_auth_basic_module.c @@ -332,32 +332,10 @@ ngx_http_auth_basic_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child) ngx_http_auth_basic_loc_conf_t *prev = parent; ngx_http_auth_basic_loc_conf_t *conf = child; - size_t len; - u_char *realm, *p; - - if (conf->realm.data) { - if (conf->realm.len) { - len = sizeof("Basic realm=\"") - 1 + conf->realm.len + 1; - - realm = ngx_palloc(cf->pool, len); - if (realm == NULL) { - return NGX_CONF_ERROR; - } - - p = ngx_cpymem(realm, "Basic realm=\"", - sizeof("Basic realm=\"") - 1); - p = ngx_cpymem(p, conf->realm.data, conf->realm.len); - *p = '"'; - - conf->realm.len = len; - conf->realm.data = realm; - } - - } else { + if (conf->realm.data == NULL) { conf->realm = prev->realm; } - if (conf->user_file.data) { if (ngx_conf_full_name(cf->cycle, &conf->user_file) != NGX_OK) { return NGX_CONF_ERROR; @@ -395,10 +373,27 @@ ngx_http_auth_basic(ngx_conf_t *cf, void *post, void *data) { ngx_str_t *realm = data; + size_t len; + u_char *basic, *p; + if (ngx_strcmp(realm->data, "off") == 0) { realm->len = 0; realm->data = (u_char *) ""; } + len = sizeof("Basic realm=\"") - 1 + realm->len + 1; + + basic = ngx_palloc(cf->pool, len); + if (basic == NULL) { + return NGX_CONF_ERROR; + } + + p = ngx_cpymem(basic, "Basic realm=\"", sizeof("Basic realm=\"") - 1); + p = ngx_cpymem(p, realm->data, realm->len); + *p = '"'; + + realm->len = len; + realm->data = basic; + return NGX_CONF_OK; } |