Commit d4ead14a authored by Sander Striker's avatar Sander Striker
Browse files

Fix FakeBasicAuth for subrequests. This was reported via issue 

#1364 in Subversion:

  http://subversion.tigris.org/issues/show_bug.cgi?id=1364

The fix is to make mod_ssl's check_user_id hook stop tripping
over it's own checks in case of a subrequest.  That is, it
should DECLINE in case of a subrequest.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@100926 13f79535-47bb-0310-9956-ffa450edef68
parent 3c0f8c60

ssl_engine_kernel.c

+8 −0
Original line number Diff line number Diff line
@@ -855,6 +855,14 @@ int ssl_hook_UserCheck(request_rec *r) 
        return HTTP_FORBIDDEN;

    }



    /*

     * We decline when we are in a subrequest.  The Authorization header

     * would already be present if it was added in the main request.

     */

    if (!ap_is_initial_req(r)) {

        return DECLINED;

    }



    /*

     * Make sure the user is not able to fake the client certificate

     * based authentication by just entering an X.509 Subject DN