summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenis Vlasenko2008-06-13 13:20:38 +0000
committerDenis Vlasenko2008-06-13 13:20:38 +0000
commit7504f2f5d23c6ea1c9991c2e80a5b352a8693a5f (patch)
tree666bcfaa84d5202938d13c5a1c589f11a602a5d8
parente773be0428f5e26ed126d4f666d3124610cfbc6b (diff)
downloadbusybox-7504f2f5d23c6ea1c9991c2e80a5b352a8693a5f.zip
busybox-7504f2f5d23c6ea1c9991c2e80a5b352a8693a5f.tar.gz
httpd: fix authentication
-rw-r--r--networking/httpd.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/networking/httpd.c b/networking/httpd.c
index 382893b..9b4b717 100644
--- a/networking/httpd.c
+++ b/networking/httpd.c
@@ -2045,9 +2045,10 @@ static void handle_incoming_and_exit(const len_and_sockaddr *fromAddr)
#if ENABLE_FEATURE_HTTPD_BASIC_AUTH
/* Case: no "Authorization:" was seen, but page does require passwd.
* Check that with dummy user:pass */
- if ((authorized < 0) && check_user_passwd(urlcopy, ":") == 0) {
+ if (authorized < 0)
+ authorized = check_user_passwd(urlcopy, ":");
+ if (!authorized)
send_headers_and_exit(HTTP_UNAUTHORIZED);
- }
#endif
if (found_moved_temporarily) {