Commit 05c20873 authored by Sander Striker's avatar Sander Striker
Browse files

Trivial change to reporting an error when an identity spoof is 

encountered with respect to FakeBasicAuth.

Submitted by: Greg Stein


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100941 13f79535-47bb-0310-9956-ffa450edef68
parent 0cb6ee67

ssl_engine_kernel.c

+2 −2
Original line number Diff line number Diff line
@@ -880,7 +880,7 @@ int ssl_hook_UserCheck(request_rec *r) 
            password = auth_line;



            if ((username[0] == '/') && strEQ(password, "password")) {

                ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,

                ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,

                    "Encountered FakeBasicAuth spoof: %s", username);

                return HTTP_FORBIDDEN;

            }