From d99d7e64f1c8adc778b9e6839b609e83c5b89782 Mon Sep 17 00:00:00 2001
From: Wichert Akkerman <wichert@wiggy.net>
Date: Tue, 29 Apr 2008 10:09:20 +0200
Subject: [PATCH] Secure the callback request
---
src/http.c | 9 +++++++++
1 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/src/http.c b/src/http.c
index 9851dd9..f5391ed 100644
|
a
|
b
|
|
| 289 | 289 | void |
| 290 | 290 | http_callback_disconnect(httpd *webserver, request *r) |
| 291 | 291 | { |
| | 292 | const s_config *config = config_get_config(); |
| 292 | 293 | /* XXX How do you change the status code for the response?? */ |
| 293 | 294 | httpVar *token = httpdGetVariableByName(r, "token"); |
| 294 | 295 | httpVar *mac = httpdGetVariableByName(r, "mac"); |
| 295 | 296 | |
| | 297 | if (config->httpdusername && |
| | 298 | (strcmp(config->httpdusername, r->request.authUser) || |
| | 299 | strcmp(config->httpdpassword, r->request.authPassword))) { |
| | 300 | debug(LOG_INFO, "Disconnect requested, forcing authentication"); |
| | 301 | httpdForceAuthenticate(r, config->httpdrealm); |
| | 302 | return; |
| | 303 | } |
| | 304 | |
| 296 | 305 | if (token && mac) { |
| 297 | 306 | t_client *client; |
| 298 | 307 | |
