Mercurial > hg > nginx
diff src/http/modules/ngx_http_auth_basic_module.c @ 539:371c1cee100d release-0.1.44
nginx-0.1.44-RELEASE import
*) Feature: the IMAP/POP3 proxy supports SSL.
*) Feature: the "proxy_timeout" directive of the ngx_imap_proxy_module.
*) Feature: the "userid_mark" directive.
*) Feature: the $remote_user variable value is determined independently
of authorization use.
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Tue, 06 Sep 2005 16:09:32 +0000 |
parents | 9b8c906f6e63 |
children | b09ee85d0ac8 |
line wrap: on
line diff
--- a/src/http/modules/ngx_http_auth_basic_module.c +++ b/src/http/modules/ngx_http_auth_basic_module.c @@ -90,8 +90,9 @@ ngx_http_auth_basic_handler(ngx_http_req off_t offset; ssize_t n; ngx_fd_t fd; - ngx_str_t auth, encoded, pwd; - ngx_uint_t i, login, len, left, passwd; + ngx_int_t rc; + ngx_str_t pwd; + ngx_uint_t i, login, left, passwd; ngx_file_t file; ngx_http_auth_basic_ctx_t *ctx; ngx_http_auth_basic_loc_conf_t *alcf; @@ -115,57 +116,16 @@ ngx_http_auth_basic_handler(ngx_http_req &alcf->realm); } - if (r->headers_in.authorization == NULL) { - return ngx_http_auth_basic_set_realm(r, &alcf->realm); - } - - encoded = r->headers_in.authorization->value; + rc = ngx_http_auth_basic_user(r); - if (encoded.len < sizeof("Basic ") - 1 - || ngx_strncasecmp(encoded.data, "Basic ", sizeof("Basic ") - 1) != 0) - { - return ngx_http_auth_basic_set_realm(r, &alcf->realm); - } - - encoded.len -= sizeof("Basic ") - 1; - encoded.data += sizeof("Basic ") - 1; - - while (encoded.len && encoded.data[0] == ' ') { - encoded.len--; - encoded.data++; - } - - if (encoded.len == 0) { + if (rc == NGX_DECLINED) { return ngx_http_auth_basic_set_realm(r, &alcf->realm); } - auth.len = ngx_base64_decoded_length(encoded.len); - auth.data = ngx_palloc(r->pool, auth.len + 1); - if (auth.data == NULL) { + if (rc == NGX_ERROR) { return NGX_HTTP_INTERNAL_SERVER_ERROR; } - if (ngx_decode_base64(&auth, &encoded) != NGX_OK) { - return ngx_http_auth_basic_set_realm(r, &alcf->realm); - } - - auth.data[auth.len] = '\0'; - - for (len = 0; len < auth.len; len++) { - if (auth.data[len] == ':') { - break; - } - } - - if (len == auth.len) { - return ngx_http_auth_basic_set_realm(r, &alcf->realm); - } - - r->headers_in.user.len = len; - r->headers_in.user.data = auth.data; - r->headers_in.passwd.len = auth.len - len - 1; - r->headers_in.passwd.data = &auth.data[len + 1]; - fd = ngx_open_file(alcf->user_file.data, NGX_FILE_RDONLY, NGX_FILE_OPEN); if (fd == NGX_INVALID_FILE) { @@ -208,12 +168,12 @@ ngx_http_auth_basic_handler(ngx_http_req break; } - if (buf[i] != auth.data[login]) { + if (buf[i] != r->headers_in.user.data[login]) { state = sw_skip; break; } - if (login == len) { + if (login == r->headers_in.user.len) { state = sw_passwd; passwd = i + 1; }