Looks nice. Should be complete.
/Henrik
Duane Wessels wrote:
>
> hno@hem.passagen.se writes:
>
> >I think this needs some more thought. The login in the authentication
> >should be compared with the login i URL, and the authentication header
> >should be ignored if not identical.
>
> /*
> * ftpCheckAuth
> *
> * Return 1 if we have everything needed to complete this request.
> * Return 0 if something is missing.
> */
> static int
> ftpCheckAuth(ftpStateData * ftpState, char *req_hdr)
> {
> char *orig_user;
> ftp_login_parser(ftpState->request->login, ftpState);
> if (ftpState->user[0] && ftpState->password[0])
> return 1; /* name and passwd both in URL */
> if (!ftpState->user[0] && !ftpState->password[0])
> return 1; /* no name or passwd */
> if (ftpState->password[0])
> return 1; /* passwd with no name? */
> /* URL has name, but no passwd */
> if ((auth = ftpGetBasicAuth(req_hdr)) == NULL)
> return 0; /* need auth header */
> orig_user = xstrdup(ftpState->user);
> ftp_login_parser(auth, ftpState);
> if (!strcmp(orig_user, ftpState->user)) {
> xfree(orig_user);
> return 1; /* same username */
> }
> strcpy(ftpState->user, orig_user);
> xfree(orig_user);
> return 0; /* different username */
> }
>
> Duane W.
Received on Tue Jul 29 2003 - 13:15:40 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:11:14 MST