mod_auth_digest: Be more specific when the realm mismatches because the

realm has not been specified. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1523239 13f79535-47bb-0310-9956-ffa450edef68
author: Graham Leggett <minfrin@apache.org> 2013-09-14 15:48:46 +0200
committer: Graham Leggett <minfrin@apache.org> 2013-09-14 15:48:46 +0200
commit: 4b7e438b314757d72373e0cd8f9573c2f166e277 (patch)
tree: d96bc151463ba21e3433543c1c20a13cbb3f28a2 /modules/aaa/mod_auth_digest.c
parent: Updates. (diff)
download: apache2-4b7e438b314757d72373e0cd8f9573c2f166e277.tar.xz
apache2-4b7e438b314757d72373e0cd8f9573c2f166e277.zip
1 files changed, 9 insertions, 1 deletions
diff --git a/modules/aaa/mod_auth_digest.c b/modules/aaa/mod_auth_digest.c
index da80b7d265..7561d8f063 100644
--- a/modules/aaa/mod_auth_digest.c
+++ b/modules/aaa/mod_auth_digest.c
@@ -1691,7 +1691,15 @@ static int authenticate_digest_user(request_rec *r)
         return HTTP_UNAUTHORIZED;
     }
 
-    if (strcmp(resp->realm, conf->realm)) {
+    if (!conf->realm) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02533)
+                      "realm mismatch - got `%s' but no realm specified",
+                      resp->realm);
+        note_digest_auth_failure(r, conf, resp, 0);
+        return HTTP_UNAUTHORIZED;
+    }
+
+    if (!resp->realm || strcmp(resp->realm, conf->realm)) {
         ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01788)
                       "realm mismatch - got `%s' but expected `%s'",
                       resp->realm, conf->realm);
author	Graham Leggett <minfrin@apache.org>	2013-09-14 15:48:46 +0200
committer	Graham Leggett <minfrin@apache.org>	2013-09-14 15:48:46 +0200
commit	4b7e438b314757d72373e0cd8f9573c2f166e277 (patch)
tree	d96bc151463ba21e3433543c1c20a13cbb3f28a2 /modules/aaa/mod_auth_digest.c
parent	Updates. (diff)
download	apache2-4b7e438b314757d72373e0cd8f9573c2f166e277.tar.xz apache2-4b7e438b314757d72373e0cd8f9573c2f166e277.zip