From: Justin Erenkrantz <jerenkrantz@apache.org>
Date: Thu, 29 Jan 2004 19:21:13 +0000 (+0000)
Subject: Allow mod_auth_digest to work with sub-requests with different methods than
X-Git-Tag: pre_ajp_proxy~755
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=87bf129468960086bafc08d96c0c003b4c8ba063;p=apache

Allow mod_auth_digest to work with sub-requests with different methods than
the original request.

PR: 25040
Submitted by:	Josh Dady <jpd@indecisive.com>
Reviewed by:	Justin Erenkrantz, Sander Striker (concept)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102447 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 71468f0fb7..b2b31f361d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,10 @@ Changes with Apache 2.1.0-dev
 
   [Remove entries to the current 2.0 section below, when backported]
 
+  *) Allow mod_auth_digest to work with sub-requests with different
+     methods than the original request.  PR 25040.
+     [Josh Dady <jpd@indecisive.com>]
+
   *) Fixed file extensions for real media files and removed rpm extension
      from mime.types. PR 26079.  [Allan Sandfeld <kde carewolf.com>]
 
diff --git a/modules/aaa/mod_auth_digest.c b/modules/aaa/mod_auth_digest.c
index faf9af72d6..897f22501b 100644
--- a/modules/aaa/mod_auth_digest.c
+++ b/modules/aaa/mod_auth_digest.c
@@ -188,6 +188,7 @@ typedef struct digest_header_struct {
     const char           *username;
           char           *nonce;
     const char           *uri;
+    const char           *method;
     const char           *digest;
     const char           *algorithm;
     const char           *cnonce;
@@ -1045,6 +1046,7 @@ static int parse_hdr_and_update_nc(request_rec *r)
     resp->raw_request_uri = r->unparsed_uri;
     resp->psd_request_uri = &r->parsed_uri;
     resp->needed_auth = 0;
+    resp->method = r->method;
     ap_set_module_config(r->request_config, &auth_digest_module, resp);
 
     res = get_digest_rec(r, resp);
@@ -1529,7 +1531,7 @@ static const char *old_digest(const request_rec *r,
 {
     const char *ha2;
 
-    ha2 = ap_md5(r->pool, (unsigned char *)apr_pstrcat(r->pool, r->method, ":",
+    ha2 = ap_md5(r->pool, (unsigned char *)apr_pstrcat(r->pool, resp->method, ":",
                                                        resp->uri, NULL));
     return ap_md5(r->pool,
                   (unsigned char *)apr_pstrcat(r->pool, ha1, ":", resp->nonce,
@@ -1554,12 +1556,12 @@ static const char *new_digest(const request_rec *r,
     }
 
     if (resp->message_qop && !strcasecmp(resp->message_qop, "auth-int")) {
-        a2 = apr_pstrcat(r->pool, r->method, ":", resp->uri, ":",
+        a2 = apr_pstrcat(r->pool, resp->method, ":", resp->uri, ":",
                          ap_md5(r->pool, (const unsigned char*) ""), NULL);
                          /* TBD */
     }
     else {
-        a2 = apr_pstrcat(r->pool, r->method, ":", resp->uri, NULL);
+        a2 = apr_pstrcat(r->pool, resp->method, ":", resp->uri, NULL);
     }
     ha2 = ap_md5(r->pool, (const unsigned char *)a2);