comparison: src/server/daemon/acl.c
src/server/daemon/acl.c
- changeset 53
- 5ec9abba1027
- parent 52
- aced2245fb1c
- child 54
- 3a1d5a52adfc
equal
deleted
inserted
replaced
| 52:aced2245fb1c | 53:5ec9abba1027 |
|---|---|
| 119 ACLList *acl = elm->acl; | 119 ACLList *acl = elm->acl; |
| 120 if(!wsacl_check(acl, user, access_mask)) { | 120 if(!wsacl_check(acl, user, access_mask)) { |
| 121 // the acl denies access | 121 // the acl denies access |
| 122 | 122 |
| 123 if(!user) { | 123 if(!user) { |
| 124 pblock_nvinsert( | 124 char *value = NULL; |
| 125 "www-authenticate", | 125 if(acl->authprompt) { |
| 126 "Basic realm=\"Webserver\"", | 126 size_t realmlen = strlen(acl->authprompt); |
| 127 rq->srvhdrs); | 127 size_t len = realmlen + 16; |
| 128 value = pool_malloc(sn->pool, len); | |
| 129 if(value) { | |
| 130 snprintf( | |
| 131 value, | |
| 132 len, | |
| 133 "Basic realm=\"%s\"", | |
| 134 acl->authprompt); | |
| 135 } | |
| 136 } | |
| 137 if(!value) { | |
| 138 value = "Basic realm=\"login\""; | |
| 139 } | |
| 140 pblock_nvinsert("www-authenticate", value, rq->srvhdrs); | |
| 128 protocol_status(sn, rq, PROTOCOL_UNAUTHORIZED, NULL); | 141 protocol_status(sn, rq, PROTOCOL_UNAUTHORIZED, NULL); |
| 129 } | 142 } else { |
| 130 user->free(user); | 143 user->free(user); |
| 144 } | |
| 131 return REQ_ABORTED; | 145 return REQ_ABORTED; |
| 132 } | 146 } |
| 133 elm = elm->next; | 147 elm = elm->next; |
| 134 } | 148 } |
| 135 | 149 |
| 136 // ok - all acls allowed access | 150 // ok - all acls allowed access |
| 137 user->free(user); | 151 if(user) { |
| 152 user->free(user); | |
| 153 } | |
| 138 return REQ_PROCEED; | 154 return REQ_PROCEED; |
| 139 } | 155 } |
| 140 | 156 |
| 141 int wsacl_affects_user(ACLEntry *ace, User *user) { | 157 int wsacl_affects_user(ACLEntry *ace, User *user) { |
| 142 int check_access = 0; | 158 int check_access = 0; |
