summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--src/html-error.c8
-rw-r--r--src/reqs.c14
2 files changed, 19 insertions, 3 deletions
diff --git a/src/html-error.c b/src/html-error.c
index 625a586..ee3c987 100644
--- a/src/html-error.c
+++ b/src/html-error.c
@@ -164,13 +164,17 @@ int send_http_headers (struct conn_s *connptr, int code, const char *message)
"%s"
"Connection: close\r\n" "\r\n";
- const char auth_str[] =
+ const char p_auth_str[] =
"Proxy-Authenticate: Basic realm=\""
PACKAGE_NAME "\"\r\n";
+ const char w_auth_str[] =
+ "WWW-Authenticate: Basic realm=\""
+ PACKAGE_NAME "\"\r\n";
+
/* according to rfc7235, the 407 error must be accompanied by
a Proxy-Authenticate header field. */
- const char *add = code == 407 ? auth_str : "";
+ const char *add = code == 407 ? p_auth_str : (code == 401 ? w_auth_str : "");
return (write_message (connptr->client_fd, headers,
code, message, PACKAGE, VERSION,
diff --git a/src/reqs.c b/src/reqs.c
index bbdcc74..8450cff 100644
--- a/src/reqs.c
+++ b/src/reqs.c
@@ -1611,11 +1611,22 @@ void handle_connection (int fd)
if (config.basicauth_list != NULL) {
ssize_t len;
char *authstring;
- int failure = 1;
+ int failure = 1, stathost_connect = 0;
len = hashmap_entry_by_key (hashofheaders, "proxy-authorization",
(void **) &authstring);
+ if (len == 0 && config.stathost) {
+ len = hashmap_entry_by_key (hashofheaders, "host",
+ (void **) &authstring);
+ if (len && !strncmp(authstring, config.stathost, strlen(config.stathost))) {
+ len = hashmap_entry_by_key (hashofheaders, "authorization",
+ (void **) &authstring);
+ stathost_connect = 1;
+ } else len = 0;
+ }
+
if (len == 0) {
+ if (stathost_connect) goto e401;
update_stats (STAT_DENIED);
indicate_http_error (connptr, 407, "Proxy Authentication Required",
"detail",
@@ -1629,6 +1640,7 @@ void handle_connection (int fd)
basicauth_check (config.basicauth_list, authstring + 6) == 1)
failure = 0;
if(failure) {
+e401:
update_stats (STAT_DENIED);
indicate_http_error (connptr, 401, "Unauthorized",
"detail",