Commit Graph

63 Commits (81b2d1f0200408be5fc3d5857f609948f42fb19e)

Author SHA1 Message Date
Glenn Strauss 81b2d1f020 [mod_auth] refactor out auth backend code 6 years ago
Glenn Strauss 31250a9af8 [mod_auth] refactor out auth backend code 6 years ago
Glenn Strauss cb24958c01 [mod_auth] Digest auth fails after rewrite (fixes #2745) 6 years ago
Glenn Strauss 00cc4d7c0e [mod_auth] fix Digest auth to be better than Basic (fixes #1844) 6 years ago
Glenn Strauss 72b133f595 fix errors detected by Coverity Scan 6 years ago
Glenn Strauss b47c393e26 [mod_auth] skip blank lines and comment lines (fixes #2327) 7 years ago
Glenn Strauss 8e3c6bf754 fallback to lseek()/read() if mmap() fails (#fixes 2666) 7 years ago
Glenn Strauss 47f3dbebe4 use li_[iu]tostrn() instead of li_[iu]tostr() 7 years ago
Glenn Strauss e5006d88eb pass buf size to li_tohex() 7 years ago
Glenn Strauss 733ce38203 [http_auth/mod_fastcgi] check get_http_*_name() for NULL return (#2583) 7 years ago
Glenn Strauss 8abd06a7ff consistent inclusion of config.h at top of files (fixes #2073) 7 years ago
Stefan Bühler b0a4421272 [core] refactor base64 functions into separate file 7 years ago
Loganaden Velvindron d7be04beb5 [mod_auth] implement and use safe_memclear, using memset_s or explicit_bzero if available 7 years ago
Stefan Bühler 52d72fe8fc [scons] fix crypt() detection, other improvements 7 years ago
Stefan Bühler c92496720d [mod_auth] use crypt_r instead of crypt if available 8 years ago
Stefan Bühler ad3e93ea96 Use buffer API to read and modify "used" member 8 years ago
Stefan Bühler 4365bdbebe Remove buffer_prepare_copy() and buffer_prepare_append() 8 years ago
Stefan Bühler 6afad87d2e fix buffer, chunk and http_chunk API 8 years ago
Stefan Bühler 6f208cfde1 fix/silence bugs reported by ccc-analyzer (clang) 9 years ago
Stefan Bühler 2bcf65c285 [mod_auth] some cleanup, only search for matching auth.require path once 9 years ago
Stefan Bühler c008fd7ec8 [mod_auth] fix invalid read in digest qop=auth-int handling (fixes #2478) 9 years ago
Stefan Bühler ce4bc0c0f7 [mod_auth] fix base64_decode (#2484) 9 years ago
Stefan Bühler c26b50d9ad [mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn't use any salt, md5 with salt is probably better. 10 years ago
Stefan Bühler 0342dfef1d [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes #2483) 10 years ago
Stefan Bühler bbaef6ab87 fix typo in debug output 11 years ago
Stefan Bühler 61047369c7 [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649, RFC 2617) (fixes #2410) 11 years ago
Stefan Bühler 6c9dff7cda [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362) 11 years ago
Stefan Bühler 90dd8af32b Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331) 11 years ago
Stefan Bühler 328043caf3 [ssl/md5] prefix our own md5 implementation with li_ so it doesn't conflict with the openssl one (fixes #2269) 12 years ago
Stefan Bühler 38f2d1ddd7 cleanup fdevent code, removed linux-rtsig handler, replaced some fprintf calls 12 years ago
Elan Ruusamäe a813273c2f - Include IP addresses on error log on password failures (fixes #2191) 13 years ago
Stefan Bühler 22e8b456a9 Fix header inclusion order, always include "config.h" before any system header 13 years ago
Stefan Bühler 4df22f2a32 Fix issues found with clang analyzer 13 years ago
Stefan Bühler 5204fd7e6c Adding support for additional chars in LDAP usernames (fixes #1941) 13 years ago
Stefan Bühler 7ad4792357 Add support for "real" entropy from /dev/[u]random (fixes #1977) 13 years ago
Stefan Bühler 7f103eab6c Fix error message if no auth backend was set 14 years ago
Stefan Bühler cfba07cb82 Now really fix mod auth ldap (#1066) 14 years ago
Stefan Bühler 8cfa29a7a2 Fix base64 decoding in mod_auth (#1757, thx guido) 14 years ago
Stefan Bühler 6d1d3fc203 workaround ldap connection leak if a ldap connection failed (restarting ldap) 14 years ago
Stefan Bühler 88750bb7be r2096@chromobil: stefan | 2008-02-26 17:12:09 +0100 15 years ago
Jan Kneschke 5c333340be free the buffers after the printed them in the error-msg 15 years ago
Jan Kneschke 51826fc05c renamed ltostr() to LI_ltostr() to fix compile on HP/UX (fixes #465) 15 years ago
Jan Kneschke 15e260c28b * fixed mem-leak in mod_auth (reported by Stefan Esser) 16 years ago
Jan Kneschke c3476ada45 fixed small mem-leak if auth failed 16 years ago
Marcus Rückert d471bcc9ca r1553@h2o: darix | 2007-01-14 10:37:14 +0100 16 years ago
Marcus Rückert 8cd1471cb3 - white space cleanup part 2 this time 1.4 ;) 16 years ago
Jan Kneschke 3a152b3b76 added $apr1$ support for htpasswd (fixes #870) 16 years ago
Marcus Rückert 27e3de6ca4 Remove unmaintained and not working pam code. 16 years ago
Jan Kneschke 4a81e17c6c qop is required nc and nonce (fixes #477) 17 years ago
Jan Kneschke 780bc91ffe improved the error-msgs 17 years ago