Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:7454 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 71693 invoked by uid 1010); 1 Feb 2004 14:30:40 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 71663 invoked by uid 1007); 1 Feb 2004 14:30:39 -0000 Message-ID: <20040201143039.71640.qmail@pb1.pair.com> To: internals@lists.php.net Date: Sun, 01 Feb 2004 23:30:40 +0900 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6b) Gecko/20031205 Thunderbird/0.4 X-Accept-Language: en-us, en MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="------------000008030407090703060605" X-Posted-By: 219.180.130.25 Subject: adding http digest authentication to php5 From: rui_hirokawa@ybb.ne.jp (Rui Hirokawa) --------------000008030407090703060605 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Hi, I just made a patch to add http digest authentication for php5 based on RFC2617. It is not tested well yet, the attached sample script 'digest-auth.php' works with Mozilla Firebird 0.7. It is useful or not ? Rui --------------000008030407090703060605 Content-Type: text/plain; name="digest-auth.patch" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="digest-auth.patch" Index: main/SAPI.h =================================================================== RCS file: /repository/php-src/main/SAPI.h,v retrieving revision 1.108 diff -c -r1.108 SAPI.h *** main/SAPI.h 8 Jan 2004 17:33:04 -0000 1.108 --- main/SAPI.h 1 Feb 2004 14:14:33 -0000 *************** *** 95,100 **** --- 95,101 ---- /* for HTTP authentication */ char *auth_user; char *auth_password; + char *auth_nonce; /* this is necessary for the CGI SAPI module */ char *argv0; Index: main/main.c =================================================================== RCS file: /repository/php-src/main/main.c,v retrieving revision 1.587 diff -c -r1.587 main.c *** main/main.c 29 Jan 2004 00:08:21 -0000 1.587 --- main/main.c 1 Feb 2004 14:14:34 -0000 *************** *** 1732,1737 **** --- 1732,1778 ---- efree(user); } } + } else if (auth && auth[0] != '\0' && strncmp(auth, "Digest ", 7) == 0) { + char *pass = NULL, *user = NULL, *nonce = NULL, *ends = NULL; + + auth = strstr(auth, "username="); + if (auth) { + user = strchr(auth, '"'); + } + if (user++) { + pass = strchr(user, '"'); + } + if (pass) { + *pass++ = '\0'; + SG(request_info).auth_user = estrdup(user); + + nonce = strstr(pass, "nonce="); + if (nonce) { + nonce = strchr(nonce, '"'); + if (nonce++) { + pass = strchr(nonce, '"'); + if (pass) { + *pass++ = '\0'; + SG(request_info).auth_nonce = estrdup(nonce); + } + } + } + + pass = strstr(pass, "response="); + if (pass) { + pass = strchr(pass, '"'); + if (pass++) { + ends = strchr(pass, '"'); + if(ends) { + *ends = '\0'; + SG(request_info).auth_password = estrdup(pass); + ret = 0; + } + } else { + efree(user); + } + } + } } if (ret == -1) { Index: main/php_variables.c =================================================================== RCS file: /repository/php-src/main/php_variables.c,v retrieving revision 1.76 diff -c -r1.76 php_variables.c *** main/php_variables.c 26 Jan 2004 04:15:08 -0000 1.76 --- main/php_variables.c 1 Feb 2004 14:14:35 -0000 *************** *** 499,504 **** --- 499,507 ---- if (SG(request_info).auth_password) { php_register_variable("PHP_AUTH_PW", SG(request_info).auth_password, array_ptr TSRMLS_CC); } + if (SG(request_info).auth_nonce) { + php_register_variable("PHP_AUTH_NONCE", SG(request_info).auth_nonce, array_ptr TSRMLS_CC); + } PG(magic_quotes_gpc) = magic_quotes_gpc; } /* }}} */ --------------000008030407090703060605--