From: Sander Striker <striker@apache.org>
Date: Thu, 7 Aug 2003 23:57:11 +0000 (+0000)
Subject: Add an error msg when encountering a spoofed identity.  If this would
X-Git-Tag: pre_ajp_proxy~1282
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=8fc6144ca2f49d5e8225bfd82ab5621e59248f67;p=apache

Add an error msg when encountering a spoofed identity.  If this would
have been here in the first place.  Makes issues like these be found
easier in the future.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100937 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index 9e46c81ad4..8548a59b66 100644
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -880,6 +880,8 @@ int ssl_hook_UserCheck(request_rec *r)
             password = auth_line;
 
             if ((username[0] == '/') && strEQ(password, "password")) {
+                ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
+                 "Encountered FakeBasicAuth spoof: %s", username);
                 return HTTP_FORBIDDEN;
             }
         }