X-Git-Url: http://www.project-moonshot.org/gitweb/?p=mod_auth_gssapi.git;a=blobdiff_plain;f=src%2Fmod_auth_gssapi.c;h=8687568e5734258b7bcae74b6ef7c72a48d0ba5f;hp=79d62cd9a1af977749c13d89e7173ac8ebf4f52b;hb=c4aa3d46e334461988acf17596fd34a6baa82aa3;hpb=0de0d0789d32b3517a75e77e5358303f73d84ad4 diff --git a/src/mod_auth_gssapi.c b/src/mod_auth_gssapi.c index 79d62cd..8687568 100644 --- a/src/mod_auth_gssapi.c +++ b/src/mod_auth_gssapi.c @@ -422,8 +422,12 @@ static int mag_auth(request_rec *req) mag_set_KRB5CCANME(req, ccname); } } - ret = OK; - goto done; + if (mc->auth_type != AUTH_TYPE_BASIC) { + /* In case we have basic auth, we need to check if the session + * matches the credentials that have been sent */ + ret = OK; + goto done; + } } pctx = &mc->ctx; } else { @@ -467,6 +471,12 @@ static int mag_auth(request_rec *req) } ba_user.length = strlen(ba_user.value); ba_pwd.length = strlen(ba_pwd.value); + + if (mc && mag_basic_check(cfg, mc, ba_user, ba_pwd)) { + ret = OK; + goto done; + } + maj = gss_import_name(&min, &ba_user, GSS_C_NT_USER_NAME, &client); if (GSS_ERROR(maj)) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, req, @@ -609,10 +619,6 @@ static int mag_auth(request_rec *req) goto done; } if (auth_type == AUTH_TYPE_BASIC) { - if (mc) { - apr_pool_cleanup_run(mc->parent, mc, mag_conn_destroy); - mc = NULL; - } while (maj == GSS_S_CONTINUE_NEEDED) { gss_release_buffer(&min, &input); /* output and input are inverted here, this is intentional */ @@ -707,6 +713,9 @@ static int mag_auth(request_rec *req) mag_attempt_session(req, cfg, mc); } mc->auth_type = auth_type; + if (auth_type == AUTH_TYPE_BASIC) { + mag_basic_cache(cfg, mc, ba_user, ba_pwd); + } } if (cfg->send_persist)