[mod_auth] send 401 for mismatch HTTP auth scheme (fixes #2906)

x-ref: "Lighttpd responds with 400 not 401" https://redmine.lighttpd.net/issues/2906
author: Glenn Strauss <gstrauss@gluelogic.com> 2018-09-16 05:00:32 -0400
committer: Glenn Strauss <gstrauss@gluelogic.com> 2018-09-23 18:01:58 -0400
commit: 6b887f35e34e3d18a70f4d45bc2500b811481141 (patch)
tree: 3b9aad9579ca421dc0c507b401ae511f3a995777
parent: 4992c4de10bf6bf8b38f2fc1c68e5fda8c697456 (diff)
download: lighttpd-git-6b887f35e34e3d18a70f4d45bc2500b811481141.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/src/mod_auth.c b/src/mod_auth.c
index d39677e8..8496cccc 100644
--- a/src/mod_auth.c
+++ b/src/mod_auth.c
@@ -483,7 +483,7 @@ static handler_t mod_auth_check_basic(server *srv, connection *con, void *p_d, c
 	}
 
 	if (0 != strncasecmp(b->ptr, "Basic ", sizeof("Basic ")-1)) {
-		return mod_auth_send_400_bad_request(srv, con);
+		return mod_auth_send_401_unauthorized_basic(srv, con, require->realm);
 	}
       #ifdef __COVERITY__
 	if (buffer_string_length(b) < sizeof("Basic ")-1) {
@@ -618,7 +618,7 @@ static handler_t mod_auth_check_digest(server *srv, connection *con, void *p_d,
 	}
 
 	if (0 != strncasecmp(vb->ptr, "Digest ", sizeof("Digest ")-1)) {
-		return mod_auth_send_400_bad_request(srv, con);
+		return mod_auth_send_401_unauthorized_digest(srv, con, require->realm, 0);
 	} else {
 		size_t n = buffer_string_length(vb);
 	      #ifdef __COVERITY__
author	Glenn Strauss <gstrauss@gluelogic.com>	2018-09-16 05:00:32 -0400
committer	Glenn Strauss <gstrauss@gluelogic.com>	2018-09-23 18:01:58 -0400
commit	6b887f35e34e3d18a70f4d45bc2500b811481141 (patch)
tree	3b9aad9579ca421dc0c507b401ae511f3a995777
parent	4992c4de10bf6bf8b38f2fc1c68e5fda8c697456 (diff)
download	lighttpd-git-6b887f35e34e3d18a70f4d45bc2500b811481141.tar.gz