summaryrefslogtreecommitdiff
path: root/src/mod_auth.c
AgeCommit message (Expand)AuthorFilesLines
2020-01-26[mod_auth] close connection after bad passwordGlenn Strauss1-0/+3
2019-09-08[mod_auth] http_auth_const_time_memeq() (#2975, #2976)Glenn Strauss1-1/+1
2019-09-08[mod_auth] Authentication-Info: nextnonce=...Glenn Strauss1-1/+33
2019-09-08[mod_auth] require digest uri= match original URIGlenn Strauss1-3/+1
2019-09-08[mod_auth] do not use quoted-string for algorithmGlenn Strauss1-2/+2
2019-06-06[core] use buffer_eq_icase_ssn funcGlenn Strauss1-2/+2
2019-06-06[multiple] replace strcasecmp() on short stringsGlenn Strauss1-4/+4
2019-04-20[multiple] cleaner calloc use in SETDEFAULTS_FUNCMohammed Sadiq1-1/+1
2019-03-07[mod_auth] HTTP Auth Digest algorithm=SHA-256Glenn Strauss1-107/+384
2019-03-07[mod_auth] pass http_auth_require_t for 401 UnauthGlenn Strauss1-10/+10
2019-03-07[mod_auth] http_auth_info_t digest abstractionGlenn Strauss1-4/+12
2019-02-10[mod_auth] minor: adjust config validationGlenn Strauss1-1/+1
2018-09-23[core] prefer buffer_append_string_len()Glenn Strauss1-1/+1
2018-09-23[core] more memory-efficient fn table for data_*Glenn Strauss1-6/+9
2018-09-23[multiple] code reuse: using array_*() funcsGlenn Strauss1-9/+6
2018-09-23[multiple] code reuse: employ array_match_*()Glenn Strauss1-15/+7
2018-09-23[mod_auth] send 401 for mismatch HTTP auth scheme (fixes #2906)Glenn Strauss1-2/+2
2018-09-23[core] abstraction layer for HTTP header manipGlenn Strauss1-20/+19
2018-04-08[core] some header cleanupGlenn Strauss1-0/+1
2018-03-11[mod_auth] check that digest realm matches configGlenn Strauss1-0/+7
2017-09-20[core] adjust li_rand_pseudo* interfacesGlenn Strauss1-1/+1
2017-08-12[core] attempt to quiet coverity false positivesGlenn Strauss1-9/+10
2017-08-12[core] attempt to quiet coverity false positivesGlenn Strauss1-0/+10
2017-03-13[mod_auth] Digest nonce on system with time <=1978Glenn Strauss1-1/+1
2017-03-08[config] more specific checks for array listsGlenn Strauss1-4/+10
2017-01-31[mod_auth] support LDAP groups for HTTP auth (fixes #1817)Glenn Strauss1-0/+2
2017-01-31[mod_auth] enable optional authz if extern authn (fixes #2481)Glenn Strauss1-0/+12
2016-12-09[core] remove srv->entropy[]Glenn Strauss1-7/+0
2016-12-05[core] rename li_rand() to li_rand_pseudo_bytes()Glenn Strauss1-1/+1
2016-10-16silence warnings from clang ccc-analyzerGlenn Strauss1-1/+1
2016-10-15[core] rand.[ch] to use better RNGs when availableGlenn Strauss1-2/+3
2016-10-04[mod_auth] fix printing of IP in error traceGlenn Strauss1-3/+3
2016-09-28[mod_auth] HTTP Basic auth backends also do authz (#1817)Glenn Strauss1-6/+2
2016-09-23fix errors detected by Coverity ScanGlenn Strauss1-0/+2
2016-09-22[mod_auth] structured data, register auth schemesGlenn Strauss1-550/+418
2016-08-20[mod_auth] extensible interface for auth backendsGlenn Strauss1-288/+186
2016-08-18[mod_auth] refactor out auth backend codeGlenn Strauss1-87/+31
2016-08-18[mod_auth] refactor out auth backend codeGlenn Strauss1-4/+487
2016-07-16[mod_auth] fix Digest auth to be better than Basic (fixes #1844)Glenn Strauss1-1/+6
2016-06-23fix errors detected by Coverity ScanGlenn Strauss1-0/+3
2016-04-12[mod_auth] send charset="UTF-8" in WWW-Authenticate (fixes #1468)Glenn Strauss1-2/+2
2016-04-01pass buf size to li_tohex()Glenn Strauss1-1/+1
2016-03-19consistent inclusion of config.h at top of files (fixes #2073)Glenn Strauss1-0/+2
2015-11-07[config] check config option scope; warn if server option is given in conditi...Stefan Bühler1-4/+3
2015-06-21minor spelling fixesStefan Bühler1-1/+1
2015-05-14fix segfaults in many plugins if they failed configurationStefan Bühler1-1/+1
2015-02-08Use buffer API to read and modify "used" memberStefan Bühler1-10/+10
2015-02-08fix buffer, chunk and http_chunk APIStefan Bühler1-3/+3
2013-11-13fix/silence bugs reported by ccc-analyzer (clang)Stefan Bühler1-1/+1
2013-08-30[auth] new method "extern" to use already present REMOTE_USER (from magnet, s...Stefan Bühler1-11/+25