MFH:- Fixed bug #45568 (ISAPI does not property clear auth_digest in header).

diff --git a/NEWS b/NEWS
index a9643eebcf7e3a09e08ea1bb24a1a90da3d55a16..8a863160afa9bbe074705a6857a3d5fe8b4a19f8 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -14,6 +14,8 @@ PHP                                                                        NEWS
 - Fixed a regression when using strip_tags() and < is within an attribute.
   (Scott)
 
+- Fixed bug #45568 (ISAPI doesn't property clear auth_digest in header).
+  (Patch by: navara at emclient dot com)
 - Fixed bug #45556 (Return value from callback isn't freed). (Felipe)
 - Fixed bug #45555 (Segfault with invalid non-string as 
   register_introspection_callback). (Christian Seiler)

diff --git a/sapi/isapi/php5isapi.c b/sapi/isapi/php5isapi.c
index e5f536deaa374d0c0b54fef657033ffb6a4195e7..1f5325f7e91607e789a1f03dfc9e10a77e6d5870 100644 (file)
--- a/sapi/isapi/php5isapi.c
+++ b/sapi/isapi/php5isapi.c
@@ -711,6 +711,7 @@ DWORD WINAPI HttpFilterProc(PHTTP_FILTER_CONTEXT pfc, DWORD notificationType, LP
                case SF_NOTIFY_PREPROC_HEADERS:
                        SG(request_info).auth_user = NULL;
                        SG(request_info).auth_password = NULL;
+                       SG(request_info).auth_digest = NULL;
                        break;
                case SF_NOTIFY_AUTHENTICATION: {
                                char *auth_user = ((HTTP_FILTER_AUTHENT *) pvNotification)->pszUser;
@@ -745,7 +746,7 @@ static void init_request_info(LPEXTENSION_CONTROL_BLOCK lpECB TSRMLS_DC)
        SG(request_info).content_length = lpECB->cbTotalBytes;
        SG(sapi_headers).http_response_code = 200;  /* I think dwHttpStatusCode is invalid at this stage -RL */
        if (!bFilterLoaded) { /* we don't have valid ISAPI Filter information */
-               SG(request_info).auth_user = SG(request_info).auth_password = NULL;
+               SG(request_info).auth_user = SG(request_info).auth_password = SG(request_info).auth_digest = NULL;
        }
 
 #ifdef WITH_ZEUS