aboutsummaryrefslogtreecommitdiff
path: root/networking/httpd.c
diff options
context:
space:
mode:
authorAlexander Vickberg <wickbergster@gmail.com>2019-04-18 10:05:53 +0200
committerDenys Vlasenko <vda.linux@googlemail.com>2019-04-18 10:06:39 +0200
commit049670fbbe8022e0e38909aa3de189c06e34ad7d (patch)
treef594a93686a905572a89404e53484ca29186dd55 /networking/httpd.c
parent210b52476c86fb8411f6b0fd12d4e76875c474e5 (diff)
downloadbusybox-w32-049670fbbe8022e0e38909aa3de189c06e34ad7d.tar.gz
busybox-w32-049670fbbe8022e0e38909aa3de189c06e34ad7d.tar.bz2
busybox-w32-049670fbbe8022e0e38909aa3de189c06e34ad7d.zip
httpd: pass authorization header to CGI if not Basic
Pass the Authorization header to CGI if not of type Basic. This will make it possible for CGI to verify authorization headers of type Bearer <token>. function old new delta handle_incoming_and_exit 2370 2379 +9 Signed-off-by: Alexander Vickberg <wickbergster@gmail.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to '')
-rw-r--r--networking/httpd.c14
1 files changed, 7 insertions, 7 deletions
diff --git a/networking/httpd.c b/networking/httpd.c
index 0f4f22669..0b5d2b481 100644
--- a/networking/httpd.c
+++ b/networking/httpd.c
@@ -2384,7 +2384,7 @@ static void handle_incoming_and_exit(const len_and_sockaddr *fromAddr)
2384 bb_error_msg("header: '%s'", iobuf); 2384 bb_error_msg("header: '%s'", iobuf);
2385#if ENABLE_FEATURE_HTTPD_CGI || ENABLE_FEATURE_HTTPD_PROXY 2385#if ENABLE_FEATURE_HTTPD_CGI || ENABLE_FEATURE_HTTPD_PROXY
2386 /* Try and do our best to parse more lines */ 2386 /* Try and do our best to parse more lines */
2387 if ((STRNCASECMP(iobuf, "Content-Length:") == 0)) { 2387 if (STRNCASECMP(iobuf, "Content-Length:") == 0) {
2388 /* extra read only for POST */ 2388 /* extra read only for POST */
2389 if (prequest != request_GET 2389 if (prequest != request_GET
2390# if ENABLE_FEATURE_HTTPD_CGI 2390# if ENABLE_FEATURE_HTTPD_CGI
@@ -2410,13 +2410,13 @@ static void handle_incoming_and_exit(const len_and_sockaddr *fromAddr)
2410 * "<user>:<passwd>" is base64 encoded. 2410 * "<user>:<passwd>" is base64 encoded.
2411 */ 2411 */
2412 tptr = skip_whitespace(iobuf + sizeof("Authorization:")-1); 2412 tptr = skip_whitespace(iobuf + sizeof("Authorization:")-1);
2413 if (STRNCASECMP(tptr, "Basic") != 0) 2413 if (STRNCASECMP(tptr, "Basic") == 0) {
2414 tptr += sizeof("Basic")-1;
2415 /* decodeBase64() skips whitespace itself */
2416 decodeBase64(tptr);
2417 authorized = check_user_passwd(urlcopy, tptr);
2414 continue; 2418 continue;
2415 tptr += sizeof("Basic")-1; 2419 }
2416 /* decodeBase64() skips whitespace itself */
2417 decodeBase64(tptr);
2418 authorized = check_user_passwd(urlcopy, tptr);
2419 continue;
2420 } 2420 }
2421#endif 2421#endif
2422#if ENABLE_FEATURE_HTTPD_RANGES 2422#if ENABLE_FEATURE_HTTPD_RANGES