diff options
author | Denis Vlasenko | 2008-06-13 13:20:38 +0000 |
---|---|---|
committer | Denis Vlasenko | 2008-06-13 13:20:38 +0000 |
commit | 7504f2f5d23c6ea1c9991c2e80a5b352a8693a5f (patch) | |
tree | 666bcfaa84d5202938d13c5a1c589f11a602a5d8 | |
parent | e773be0428f5e26ed126d4f666d3124610cfbc6b (diff) | |
download | busybox-7504f2f5d23c6ea1c9991c2e80a5b352a8693a5f.zip busybox-7504f2f5d23c6ea1c9991c2e80a5b352a8693a5f.tar.gz |
httpd: fix authentication
-rw-r--r-- | networking/httpd.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/networking/httpd.c b/networking/httpd.c index 382893b..9b4b717 100644 --- a/networking/httpd.c +++ b/networking/httpd.c @@ -2045,9 +2045,10 @@ static void handle_incoming_and_exit(const len_and_sockaddr *fromAddr) #if ENABLE_FEATURE_HTTPD_BASIC_AUTH /* Case: no "Authorization:" was seen, but page does require passwd. * Check that with dummy user:pass */ - if ((authorized < 0) && check_user_passwd(urlcopy, ":") == 0) { + if (authorized < 0) + authorized = check_user_passwd(urlcopy, ":"); + if (!authorized) send_headers_and_exit(HTTP_UNAUTHORIZED); - } #endif if (found_moved_temporarily) { |