Fixed bug #23232 (safe_mode does not honor PHP_AUTH_* in apache2)

diff --git a/sapi/apache2filter/sapi_apache2.c b/sapi/apache2filter/sapi_apache2.c
index 86e3b687374251a02160559565393f09a198bf68..51885696407fe64ca3985e331728063aceb3637b 100644 (file)
--- a/sapi/apache2filter/sapi_apache2.c
+++ b/sapi/apache2filter/sapi_apache2.c
@@ -396,7 +396,7 @@ static void php_apache_request_ctor(ap_filter_t *f, php_struct *ctx TSRMLS_DC)
        apr_table_unset(f->r->headers_out, "Expires");
        apr_table_unset(f->r->headers_out, "ETag");
        apr_table_unset(f->r->headers_in, "Connection");
-       if (!PG(safe_mode)) {
+       if (!PG(safe_mode) || (PG(safe_mode) && !ap_auth_type(r))) {
                auth = apr_table_get(f->r->headers_in, "Authorization");
                php_handle_auth_data(auth TSRMLS_CC);
        } else {

diff --git a/sapi/apache2handler/sapi_apache2.c b/sapi/apache2handler/sapi_apache2.c
index f6697ba6ac5e5cd929843a32f6846680fcc1bd67..08f5a84d9db5353e43e5f8e387e5a49d38dd7790 100644 (file)
--- a/sapi/apache2handler/sapi_apache2.c
+++ b/sapi/apache2handler/sapi_apache2.c
@@ -424,7 +424,7 @@ static void php_apache_request_ctor(request_rec *r, php_struct *ctx TSRMLS_DC)
        apr_table_unset(r->headers_out, "Expires");
        apr_table_unset(r->headers_out, "ETag");
        apr_table_unset(r->headers_in, "Connection");
-       if (!PG(safe_mode)) {
+       if (!PG(safe_mode) || (PG(safe_mode) && !ap_auth_type(r))) {
                auth = apr_table_get(r->headers_in, "Authorization");
                php_handle_auth_data(auth TSRMLS_CC);
                ctx->r->user = apr_pstrdup(ctx->r->pool, SG(request_info).auth_user);