[mod_auth] fix crash if auth.require misconfigured (fixes #3023)

(thx veyrdite)

x-ref:
  "Segfault with mod_auth & htpasswd (lighttpd.conf misconfig)"
  https://redmine.lighttpd.net/issues/3023

1 files changed, 18 insertions, 5 deletions

diff --git a/src/mod_auth.c b/src/mod_auth.c
index b76cf0f0..d009734d 100644
--- a/src/mod_auth.c
+++ b/src/mod_auth.c
@@ -738,8 +738,15 @@ static handler_t mod_auth_check_basic(request_st * const r, void *p_d, const str
 	char *pw;
 	handler_t rc = HANDLER_UNSET;
 
-	if (NULL == backend) {
-		log_error(r->conf.errh, __FILE__, __LINE__, "auth.backend not configured for %s", r->uri.path.ptr);
+	if (NULL == backend || NULL == backend->basic) {
+		if (NULL == backend)
+			log_error(r->conf.errh, __FILE__, __LINE__,
+			  "auth.backend not configured for %s", r->uri.path.ptr);
+		else
+			log_error(r->conf.errh, __FILE__, __LINE__,
+			  "auth.require \"method\" => \"basic\" invalid "
+			  "(try \"digest\"?) for %s",
+			  r->uri.path.ptr);
 		r->http_status = 500;
 		r->handler_module = NULL;
 		return HANDLER_FINISHED;
@@ -1208,9 +1215,15 @@ static handler_t mod_auth_check_digest(request_st * const r, void *p_d, const st
 	dkv[7].ptr = &nc;
 	dkv[8].ptr = &respons;
 
-	if (NULL == backend) {
-		log_error(r->conf.errh, __FILE__, __LINE__,
-		  "auth.backend not configured for %s", r->uri.path.ptr);
+	if (NULL == backend || NULL == backend->digest) {
+		if (NULL == backend)
+			log_error(r->conf.errh, __FILE__, __LINE__,
+			  "auth.backend not configured for %s", r->uri.path.ptr);
+		else
+			log_error(r->conf.errh, __FILE__, __LINE__,
+			  "auth.require \"method\" => \"digest\" invalid "
+			  "(try \"basic\"?) for %s",
+			  r->uri.path.ptr);
 		r->http_status = 500;
 		r->handler_module = NULL;
 		return HANDLER_FINISHED;