Merge branch '1.6.x'

2026-06-27 21:41:25 +02:00 · 2015-04-16 20:32:58 +01:00
parent 0b205db494 7c64eba693
commit 7719213ea6
2 changed files with 22 additions and 17 deletions
@@ -182,24 +182,21 @@ void CHTTPSock::ReadLine(const CString& sData) {
 		sLine.Token(1, true).Split(",", ssEncodings, false, "", "", false, true);
 		m_bAcceptGzip = (ssEncodings.find("gzip") != ssEncodings.end());
 	} else if (sLine.empty()) {
-		m_bGotHeader = true;
-
-		if (!m_sUser.empty()) {
+		if (!m_sUser.empty() && !m_bLoggedIn) {
 			m_bLoggedIn = OnLogin(m_sUser, m_sPass, true);
-			if (!m_bLoggedIn) {
-				// Error message already was sent
-				return;
-			}
-		}
-
-		if (m_bPost) {
-			m_sPostData = GetInternalReadBuffer();
-			CheckPost();
+			// After successful login ReadLine("") will be called again to trigger "else" block
 		} else {
-			GetPage();
-		}
+			m_bGotHeader = true;

-		DisableReadLine();
+			if (m_bPost) {
+				m_sPostData = GetInternalReadBuffer();
+				CheckPost();
+			} else {
+				GetPage();
+			}
+
+			DisableReadLine();
+		}
 	}
 }

@@ -161,7 +161,9 @@ void CWebAuth::AcceptedLogin(CUser& User) {

 		m_pWebSock->SetLoggedIn(true);
 		m_pWebSock->UnPauseRead();
-		if (!m_bBasic) {
+		if (m_bBasic) {
+			m_pWebSock->ReadLine("");
+		} else {
 			m_pWebSock->Redirect("/?cookie_check=true");
 		}

@@ -178,7 +180,13 @@ void CWebAuth::RefusedLogin(const CString& sReason) {

 		m_pWebSock->SetLoggedIn(false);
 		m_pWebSock->UnPauseRead();
-		m_pWebSock->Redirect("/?cookie_check=true");
+		if (m_bBasic) {
+			m_pWebSock->AddHeader("WWW-Authenticate", "Basic realm=\"ZNC\"");
+			m_pWebSock->CHTTPSock::PrintErrorPage(401, "Unauthorized", "HTTP Basic authentication attemped with invalid credentials");
+			// Why CWebSock makes this function protected?..
+		} else {
+			m_pWebSock->Redirect("/?cookie_check=true");
+		}

 		DEBUG("UNSUCCESSFUL login attempt ==> REASON [" + sReason + "] ==> SESSION [" + spSession->GetId() + "]");
 	}