int kerb_authenticate_user(request_rec *r) {
+ const char *name; /* AuthName specified */
const char *type; /* AuthType specified */
int KerberosV5 = 0; /* Kerberos V5 check enabled */
int KerberosV4 = 0; /* Kerberos V4 check enabled */
const char *sent_pw; /* Password sent by browser */
int res; /* Response holder */
+ const char *t; /* Decoded auth_line */
const char *authtype; /* AuthType to send back to browser */
const char *auth_line = ap_table_get(r->headers_in,
(r->proxyreq == STD_PROXY)
return DECLINED;
}
- if (!ap_auth_name(r)) {
+ name = ap_auth_name(r);
+ if (!name) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
"need AuthName: %s", r->uri);
return HTTP_INTERNAL_SERVER_ERROR;
}
if (!auth_line) {
- ap_table_set(r->err_headers_out, "WWW-Authenticate", "Kerberos");
+ ap_table_set(r->err_headers_out, "WWW-Authenticate",
+ ap_pstrcat(r->pool, "Basic realm=\"", name, "\"", NULL));
return HTTP_UNAUTHORIZED;
}
type = ap_getword_white(r->pool, &auth_line);
- r->connection->user = ap_getword_nulls(r->pool, &auth_line, ':');
+ t = ap_pbase64decode(r->pool, auth_line);
+ r->connection->user = ap_getword_nulls(r->pool, &t, ':');
r->connection->ap_auth_type = "Kerberos";
- sent_pw = ap_getword_white(r->pool, &auth_line);
+ sent_pw = ap_getword_white(r->pool, &t);
#ifdef KRB5
if (KerberosV5) {
withval="$with_krb5"
if test -d $withval ; then
- CFLAGS="$CFLAGS -I$withval/include"
- CPPFLAGS="$CPPFLAGS -I$withval/include"
+ CFLAGS="$CFLAGS -I$withval/include -I$withval/include/kerberosIV"
+ CPPFLAGS="$CPPFLAGS -I$withval/include -I$withval/include/kerberosIV"
LDFLAGS="$LDFLAGS -L$withval/lib"
case "$host" in
withval="$with_krb5_include"
if test -d $withval ; then
- CFLAGS="$CFLAGS -I$withval"
- CPPFLAGS="$CPPFLAGS -I$withval"
+ CFLAGS="$CFLAGS -I$withval -I$withval/include/kerberosIV"
+ CPPFLAGS="$CPPFLAGS -I$withval -I$withval/include/kerberosIV"
else
{ echo "configure: error: Specified Kerberos 5 directory doesn't exist." 1>&2; exit 1; }
fi
[ --with-krb5=DIR path to Kerberos 5 install],
[
if test -d $withval ; then
- CFLAGS="$CFLAGS -I$withval/include"
- CPPFLAGS="$CPPFLAGS -I$withval/include"
+ CFLAGS="$CFLAGS -I$withval/include -I$withval/include/kerberosIV"
+ CPPFLAGS="$CPPFLAGS -I$withval/include -I$withval/include/kerberosIV"
LDFLAGS="$LDFLAGS -L$withval/lib"
case "$host" in
[ --with-krb5-include=DIR include path to Kerberos 5 install],
[
if test -d $withval ; then
- CFLAGS="$CFLAGS -I$withval"
- CPPFLAGS="$CPPFLAGS -I$withval"
+ CFLAGS="$CFLAGS -I$withval -I$withval/include/kerberosIV"
+ CPPFLAGS="$CPPFLAGS -I$withval -I$withval/include/kerberosIV"
else
AC_ERROR(Specified Kerberos 5 directory doesn't exist.)
fi
if (ret != KSUCCESS)
return !KRB4_OK;
- ret = krb_get_pw_in_tkt(user, "", realm, "krbtgt", realm,
+ ret = krb_get_pw_in_tkt((char *)user, "", realm, "krbtgt", realm,
DEFAULT_TKT_LIFE, (char *)pass);
switch (ret) {
case INTK_OK: