added a server variable PHP_AUTH_DIGEST to support HTTP Digest Authentication.

2024-09-22 02:17:32 +00:00 · 2005-04-04 15:06:36 +00:00 · 2005-04-04 15:06:36 +00:00 · 8235a70ef9
commit 8235a70ef9
parent 4558cdade6
6 changed files with 50 additions and 33 deletions
--- a/main/SAPI.c
+++ b/main/SAPI.c
@ -424,6 +424,9 @@ SAPI_API void sapi_deactivate(TSRMLS_D)
 	if (SG(request_info).auth_password) {
 		efree(SG(request_info).auth_password);
 	}
+	if (SG(request_info).auth_digest) {
+		efree(SG(request_info).auth_digest);
+	}
 	if (SG(request_info).content_type_dup) {
 		efree(SG(request_info).content_type_dup);
 	}
--- a/main/SAPI.h
+++ b/main/SAPI.h
@ -98,6 +98,7 @@ typedef struct {
 	/* for HTTP authentication */
 	char *auth_user;
 	char *auth_password;
+	char *auth_digest;

 	/* this is necessary for the CGI SAPI module */
 	char *argv0;
--- a/main/main.c
+++ b/main/main.c
@ -1736,6 +1736,11 @@ PHPAPI int php_handle_auth_data(const char *auth TSRMLS_DC)
 		SG(request_info).auth_user = SG(request_info).auth_password = NULL;
 	}
 	
+	if (auth && auth[0] != '\0' && strncmp(auth, "Digest ", 7) == 0) {
+		SG(request_info).auth_digest = estrdup(auth);
+		ret = 0;
+	}
+
 	return ret;
 }
 /* }}} */
--- a/main/php_variables.c
+++ b/main/php_variables.c
@ -515,6 +515,9 @@ static inline void php_register_server_variables(TSRMLS_D)
 	if (SG(request_info).auth_password) {
 		php_register_variable("PHP_AUTH_PW", SG(request_info).auth_password, array_ptr TSRMLS_CC);
 	}
+	if (SG(request_info).auth_digest) {
+		php_register_variable("PHP_AUTH_DIGEST", SG(request_info).auth_digest, array_ptr TSRMLS_CC);
+	}
 	/* store request init time */
 	{
 		zval new_entry;
--- a/sapi/apache/mod_php5.c
+++ b/sapi/apache/mod_php5.c
@ -489,24 +489,27 @@ static void init_request_info(TSRMLS_D)
 	if (r->headers_in) {
 		authorization = table_get(r->headers_in, "Authorization");
 	}
+
+	SG(request_info).auth_user = NULL;
+	SG(request_info).auth_password = NULL;
+
 	if (authorization
-		&& (!PG(safe_mode) || (PG(safe_mode) && !auth_type(r)))
-		&& !strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) {
-		tmp = uudecode(r->pool, authorization);
-		SG(request_info).auth_user = NULL;
-		tmp_user = getword_nulls_nc(r->pool, &tmp, ':');
-		if (tmp_user) {
-			r->connection->user = pstrdup(r->connection->pool, tmp_user);
-			r->connection->ap_auth_type = "Basic";
-			SG(request_info).auth_user = estrdup(tmp_user);
+		&& (!PG(safe_mode) || (PG(safe_mode) && !auth_type(r)))) {
+		if (!strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) {
+			tmp = uudecode(r->pool, authorization);
+			tmp_user = getword_nulls_nc(r->pool, &tmp, ':');
+			if (tmp_user) {
+				r->connection->user = pstrdup(r->connection->pool, tmp_user);
+				r->connection->ap_auth_type = "Basic";
+				SG(request_info).auth_user = estrdup(tmp_user);
+			}
+			if (tmp) {
+				SG(request_info).auth_password = estrdup(tmp);
+			}
+		} else if  (!strcasecmp(getword(r->pool, &authorization, ' '), "Digest")) {
+            r->connection->ap_auth_type = "Digest";
+            SG(request_info).auth_digest = estrdup(authorization);
 		}
-		SG(request_info).auth_password = NULL;
-		if (tmp) {
-			SG(request_info).auth_password = estrdup(tmp);
-		}
-	} else {
-		SG(request_info).auth_user = NULL;
-		SG(request_info).auth_password = NULL;
 	}
 }
 /* }}} */
--- a/sapi/apache_hooks/mod_php5.c
+++ b/sapi/apache_hooks/mod_php5.c
@ -579,24 +579,26 @@ static void init_request_info(TSRMLS_D)
 	if (r->headers_in) {
 		authorization = table_get(r->headers_in, "Authorization");
 	}
-	if (authorization
-		&& !auth_type(r)
-		&& !strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) {
-		tmp = uudecode(r->pool, authorization);
-		SG(request_info).auth_user = NULL;
-		tmp_user = getword_nulls_nc(r->pool, &tmp, ':');
-		if (tmp_user) {
-			r->connection->user = pstrdup(r->connection->pool, tmp_user);
-			r->connection->ap_auth_type = "Basic";
-			SG(request_info).auth_user = estrdup(tmp_user);
+
+	SG(request_info).auth_user = NULL;
+	SG(request_info).auth_password = NULL;
+
+	if (authorization && !auth_type(r)) {
+        if (!strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) {
+            tmp = uudecode(r->pool, authorization);
+            tmp_user = getword_nulls_nc(r->pool, &tmp, ':');
+            if (tmp_user) {
+                r->connection->user = pstrdup(r->connection->pool, tmp_user);
+                r->connection->ap_auth_type = "Basic";
+                SG(request_info).auth_user = estrdup(tmp_user);
+            }
+            if (tmp) {
+                SG(request_info).auth_password = estrdup(tmp);
+            }
+		} else if  (!strcasecmp(getword(r->pool, &authorization, ' '), "Digest")) {
+            r->connection->ap_auth_type = "Digest";
+            SG(request_info).auth_digest = estrdup(authorization);
 		}
-		SG(request_info).auth_password = NULL;
-		if (tmp) {
-			SG(request_info).auth_password = estrdup(tmp);
-		}
-	} else {
-		SG(request_info).auth_user = NULL;
-		SG(request_info).auth_password = NULL;
 	}
 }
 /* }}} */