diff options
Diffstat (limited to 'include/http_protocol.h')
-rw-r--r-- | include/http_protocol.h | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/include/http_protocol.h b/include/http_protocol.h index 1fed3b58d4..3fed9b2566 100644 --- a/include/http_protocol.h +++ b/include/http_protocol.h @@ -486,7 +486,11 @@ AP_DECLARE(void) ap_note_basic_auth_failure(request_rec *r); AP_DECLARE(void) ap_note_digest_auth_failure(request_rec *r); /** - * Get the password from the request headers + * Get the password from the request headers. This function has multiple side + * effects due to its prior use in the old authentication framework. + * ap_get_basic_auth_components() should be preferred. + * + * @deprecated @see ap_get_basic_auth_components * @param r The current request * @param pw The password as set in the headers * @return 0 (OK) if it set the 'pw' argument (and assured @@ -499,6 +503,25 @@ AP_DECLARE(void) ap_note_digest_auth_failure(request_rec *r); */ AP_DECLARE(int) ap_get_basic_auth_pw(request_rec *r, const char **pw); +#define AP_GET_BASIC_AUTH_PW_NOTE "AP_GET_BASIC_AUTH_PW_NOTE" + +/** + * Get the username and/or password from the request's Basic authentication + * headers. Unlike ap_get_basic_auth_pw(), calling this function has no side + * effects on the passed request_rec. + * + * @param r The current request + * @param username If not NULL, set to the username sent by the client + * @param password If not NULL, set to the password sent by the client + * @return APR_SUCCESS if the credentials were successfully parsed and returned; + * APR_EINVAL if there was no authentication header sent or if the + * client was not using the Basic authentication scheme. username and + * password are unchanged on failure. + */ +AP_DECLARE(apr_status_t) ap_get_basic_auth_components(const request_rec *r, + const char **username, + const char **password); + /** * parse_uri: break apart the uri * @warning Side Effects: |