diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2018-03-11 00:31:12 -0500 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2018-03-11 00:31:12 -0500 |
commit | 5a6e4df85c5a15ffc82d97c574b46a2235b54e96 (patch) | |
tree | fda9d956246502d72b8ac432d428867eefdff149 | |
parent | 81b7e8e2fb0c49eb2d913c8b2a39e06a767b051c (diff) | |
download | lighttpd-git-5a6e4df85c5a15ffc82d97c574b46a2235b54e96.tar.gz |
[mod_auth] check that digest realm matches config
-rw-r--r-- | src/mod_auth.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/mod_auth.c b/src/mod_auth.c index e1b8ed51..bb80ab2e 100644 --- a/src/mod_auth.c +++ b/src/mod_auth.c @@ -678,6 +678,13 @@ static handler_t mod_auth_check_digest(server *srv, connection *con, void *p_d, return mod_auth_send_400_bad_request(srv, con); } + if (!buffer_is_equal_string(require->realm, realm, strlen(realm))) { + log_error_write(srv, __FILE__, __LINE__, "s", + "digest: realm mismatch"); + buffer_free(b); + return mod_auth_send_401_unauthorized_digest(srv, con, require->realm, 0); + } + /** * protect the md5-sess against missing cnonce and nonce */ |