diff options
author | Joel Sherrill <joel.sherrill@OARcorp.com> | 2003-04-11 14:46:55 +0000 |
---|---|---|
committer | Joel Sherrill <joel.sherrill@OARcorp.com> | 2003-04-11 14:46:55 +0000 |
commit | ee3afa2e2ae017b22156164763a4099702ca472d (patch) | |
tree | d41c03f7bf2396e7e01147a9ffd75c7a0a71232c /cpukit/httpd/security.c | |
parent | 2003-04-10 Till Straumann <strauman@slac.stanford.edu> (diff) | |
download | rtems-ee3afa2e2ae017b22156164763a4099702ca472d.tar.bz2 |
2002-04-10 Mike Siers <mikes@poliac.com>
* rtems_webserver/NOTES, rtems_webserver/asp.c,
rtems_webserver/balloc.c, rtems_webserver/default.c,
rtems_webserver/ej.h, rtems_webserver/ejIntrn.h,
rtems_webserver/ejlex.c, rtems_webserver/ejparse.c,
rtems_webserver/emfdb.c, rtems_webserver/emfdb.h,
rtems_webserver/form.c, rtems_webserver/h.c,
rtems_webserver/handler.c, rtems_webserver/license.txt,
rtems_webserver/md5.h, rtems_webserver/md5c.c,
rtems_webserver/mime.c, rtems_webserver/misc.c,
rtems_webserver/ringq.c, rtems_webserver/rom.c,
rtems_webserver/security.c, rtems_webserver/sock.c,
rtems_webserver/sym.c, rtems_webserver/uemf.c,
rtems_webserver/uemf.h, rtems_webserver/um.c, rtems_webserver/um.h,
rtems_webserver/url.c, rtems_webserver/value.c,
rtems_webserver/wbase64.c, rtems_webserver/webcomp.c,
rtems_webserver/webpage.c, rtems_webserver/webrom.c,
rtems_webserver/webs.c, rtems_webserver/webs.h,
rtems_webserver/websuemf.c, rtems_webserver/wsIntrn.h:
Update to GoAhead Webserver 2.1.4. The following URL is
the release notes from GoAhead.
http://data.goahead.com/Software/Webserver/2.1.4/release.htm
I have only done a minimal amount of testing (i.e. the network
demo program works fine). Please try this out and let me know
if it works. The patch needs to be applied on the
c/src/libnetworking/rtems_webserver directory.
Diffstat (limited to 'cpukit/httpd/security.c')
-rw-r--r-- | cpukit/httpd/security.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/cpukit/httpd/security.c b/cpukit/httpd/security.c index f4579ad41e..e80e2aeae4 100644 --- a/cpukit/httpd/security.c +++ b/cpukit/httpd/security.c @@ -4,6 +4,8 @@ * Copyright (c) GoAhead Software Inc., 1995-2000. All Rights Reserved. * * See the file "license.txt" for usage and redistribution license requirements + * + * $Id$ */ /******************************** Description *********************************/ @@ -81,10 +83,14 @@ int websSecurityHandler(webs_t wp, char_t *urlPrefix, char_t *webDir, int arg, */ #ifdef WEBS_SSL_SUPPORT nRet = umGetAccessLimitSecure(accessLimit); - if (nRet && ((flags | WEBS_SECURE) == 0)) { + if (nRet && ((flags & WEBS_SECURE) == 0)) { websStats.access++; - websError(wp, 200, T("Access Denied\nSecure access is required.")); + websError(wp, 405, T("Access Denied\nSecure access is required.")); trace(3, T("SEC: Non-secure access attempted on <%s>\n"), path); + /* bugfix 5/24/02 -- we were leaking the memory pointed to by + * 'accessLimit'. Thanks to Simon Byholm. + */ + bfree(B_L, accessLimit); return 1; } #endif @@ -109,7 +115,7 @@ int websSecurityHandler(webs_t wp, char_t *urlPrefix, char_t *webDir, int arg, } else if (userid && *userid) { if (!umUserExists(userid)) { websStats.access++; - websError(wp, 200, T("Access Denied\nUnknown User")); + websError(wp, 401, T("Access Denied\nUnknown User")); trace(3, T("SEC: Unknown user <%s> attempted to access <%s>\n"), userid, path); nRet = 1; @@ -122,7 +128,7 @@ int websSecurityHandler(webs_t wp, char_t *urlPrefix, char_t *webDir, int arg, if (userpass) { if (gstrcmp(password, userpass) != 0) { websStats.access++; - websError(wp, 200, T("Access Denied\nWrong Password")); + websError(wp, 401, T("Access Denied\nWrong Password")); trace(3, T("SEC: Password fail for user <%s>") T("attempt to access <%s>\n"), userid, path); nRet = 1; @@ -153,7 +159,7 @@ int websSecurityHandler(webs_t wp, char_t *urlPrefix, char_t *webDir, int arg, if (gstrcmp(wp->digest, digestCalc) != 0) { websStats.access++; - websError(wp, 200, T("Access Denied\nWrong Password")); + websError(wp, 405, T("Access Denied\nWrong Password")); nRet = 1; } |