Overview
| SHA1 Hash: | 3da8a12f488b343706c868b45f395100074cedd9 |
|---|---|
| Date: | 2009-01-13 18:06:04 |
| User: | drh |
| Comment: | Do not do the login-bypass if the HTTPS env var is ON. This might indicate that a remote HTTPS connection is being converted to HTTP locally using stunnel (or the equivalent). |
| Timelines: | ancestors | descendants | both | trunk |
| Other Links: | files | ZIP archive | manifest |
Tags And Properties
- branch=trunk inherited from [a28c83647d]
- sym-trunk inherited from [a28c83647d]
Changes
[hide diffs]Modified src/login.c from [fe758dc0b5] to [cfdc7a0c2e].
@@ -258,15 +258,19 @@
/* Only run this check once. */
if( g.userUid!=0 ) return;
/* If the HTTP connection is coming over 127.0.0.1 and if
- ** local login is disabled, then there is no need to check
- ** user credentials.
+ ** local login is disabled and if we are using HTTP and not HTTPS,
+ ** then there is no need to check user credentials.
+ **
*/
zRemoteAddr = PD("REMOTE_ADDR","nil");
- if( strcmp(zRemoteAddr, "127.0.0.1")==0 && db_get_int("localauth",0)==0 ){
+ if( strcmp(zRemoteAddr, "127.0.0.1")==0
+ && db_get_int("localauth",0)==0
+ && P("HTTPS")==0
+ ){
uid = db_int(0, "SELECT uid FROM user WHERE cap LIKE '%%s%%'");
g.zLogin = db_text("?", "SELECT login FROM user WHERE uid=%d", uid);
zCap = "s";
g.noPswd = 1;
strcpy(g.zCsrfToken, "localhost");