From 5a6e4df85c5a15ffc82d97c574b46a2235b54e96 Mon Sep 17 00:00:00 2001 From: Glenn Strauss Date: Sun, 11 Mar 2018 00:31:12 -0500 Subject: [PATCH] [mod_auth] check that digest realm matches config --- src/mod_auth.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/mod_auth.c b/src/mod_auth.c index e1b8ed51..bb80ab2e 100644 --- a/src/mod_auth.c +++ b/src/mod_auth.c @@ -678,6 +678,13 @@ static handler_t mod_auth_check_digest(server *srv, connection *con, void *p_d, return mod_auth_send_400_bad_request(srv, con); } + if (!buffer_is_equal_string(require->realm, realm, strlen(realm))) { + log_error_write(srv, __FILE__, __LINE__, "s", + "digest: realm mismatch"); + buffer_free(b); + return mod_auth_send_401_unauthorized_digest(srv, con, require->realm, 0); + } + /** * protect the md5-sess against missing cnonce and nonce */