diff options
| author | Igor Sysoev <igor@sysoev.ru> | 2005-09-06 16:09:32 +0000 |
|---|---|---|
| committer | Igor Sysoev <igor@sysoev.ru> | 2005-09-06 16:09:32 +0000 |
| commit | ceb992921cee6f76d1752af2d388ee6a1d71e078 (patch) | |
| tree | 2b4916a12d02210134939b7fb388a270e76002fa /src/http/modules/ngx_http_auth_basic_module.c | |
| parent | 5650106a09de8e8d876ed38fbff57b2161d910c4 (diff) | |
| download | nginx-ceb992921cee6f76d1752af2d388ee6a1d71e078.tar.gz nginx-ceb992921cee6f76d1752af2d388ee6a1d71e078.zip | |
nginx-0.1.44-RELEASE importrelease-0.1.44
*) Feature: the IMAP/POP3 proxy supports SSL.
*) Feature: the "proxy_timeout" directive of the ngx_imap_proxy_module.
*) Feature: the "userid_mark" directive.
*) Feature: the $remote_user variable value is determined independently
of authorization use.
Diffstat (limited to 'src/http/modules/ngx_http_auth_basic_module.c')
| -rw-r--r-- | src/http/modules/ngx_http_auth_basic_module.c | 56 |
1 files changed, 8 insertions, 48 deletions
diff --git a/src/http/modules/ngx_http_auth_basic_module.c b/src/http/modules/ngx_http_auth_basic_module.c index 98c47bd64..06d0df54e 100644 --- a/src/http/modules/ngx_http_auth_basic_module.c +++ b/src/http/modules/ngx_http_auth_basic_module.c @@ -90,8 +90,9 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r) off_t offset; ssize_t n; ngx_fd_t fd; - ngx_str_t auth, encoded, pwd; - ngx_uint_t i, login, len, left, passwd; + ngx_int_t rc; + ngx_str_t pwd; + ngx_uint_t i, login, left, passwd; ngx_file_t file; ngx_http_auth_basic_ctx_t *ctx; ngx_http_auth_basic_loc_conf_t *alcf; @@ -115,57 +116,16 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r) &alcf->realm); } - if (r->headers_in.authorization == NULL) { - return ngx_http_auth_basic_set_realm(r, &alcf->realm); - } - - encoded = r->headers_in.authorization->value; + rc = ngx_http_auth_basic_user(r); - if (encoded.len < sizeof("Basic ") - 1 - || ngx_strncasecmp(encoded.data, "Basic ", sizeof("Basic ") - 1) != 0) - { + if (rc == NGX_DECLINED) { return ngx_http_auth_basic_set_realm(r, &alcf->realm); } - encoded.len -= sizeof("Basic ") - 1; - encoded.data += sizeof("Basic ") - 1; - - while (encoded.len && encoded.data[0] == ' ') { - encoded.len--; - encoded.data++; - } - - if (encoded.len == 0) { - return ngx_http_auth_basic_set_realm(r, &alcf->realm); - } - - auth.len = ngx_base64_decoded_length(encoded.len); - auth.data = ngx_palloc(r->pool, auth.len + 1); - if (auth.data == NULL) { + if (rc == NGX_ERROR) { return NGX_HTTP_INTERNAL_SERVER_ERROR; } - if (ngx_decode_base64(&auth, &encoded) != NGX_OK) { - return ngx_http_auth_basic_set_realm(r, &alcf->realm); - } - - auth.data[auth.len] = '\0'; - - for (len = 0; len < auth.len; len++) { - if (auth.data[len] == ':') { - break; - } - } - - if (len == auth.len) { - return ngx_http_auth_basic_set_realm(r, &alcf->realm); - } - - r->headers_in.user.len = len; - r->headers_in.user.data = auth.data; - r->headers_in.passwd.len = auth.len - len - 1; - r->headers_in.passwd.data = &auth.data[len + 1]; - fd = ngx_open_file(alcf->user_file.data, NGX_FILE_RDONLY, NGX_FILE_OPEN); if (fd == NGX_INVALID_FILE) { @@ -208,12 +168,12 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r) break; } - if (buf[i] != auth.data[login]) { + if (buf[i] != r->headers_in.user.data[login]) { state = sw_skip; break; } - if (login == len) { + if (login == r->headers_in.user.len) { state = sw_passwd; passwd = i + 1; } |