[PATCH] Incorrect handling of -pass-header

Hi,

I was just trying to set up PHP 5 with FastCGI and Suexec and discovered
that HTTP Authentication [1] didn't work with PHP. After reading the
manual I thought that using

FastCgiConfig -pass-header Authorization

it would work. But actually, it didn't. I then used phpinfo() to see
whether this was a problem with PHP or with FastCGI. In the environment
variables set, I found a variable called "Authorization" which was set
to the HTTP Basic Auth string my browser sent. Unfortunately, PHP (and
probably any program conforming to the CGI specification) looks for an
environment variable called "HTTP_AUTHORIZATION" and not "Authorization".

I attached a patch against mod_fastcgi 2.4.6 that will create the
correct environment variable instead. I borrowed a function from
server/util_script.c from Apache 2.2.6 - unfortunately it is not part of
the official Apache API so I couldn't just call it and had to copy it.

Regards,
Christian

[1] http://www.php.net/manual/en/features.http-auth.php
--- fcgi_protocol.c.old 2007-11-20 22:18:11.000000000 +0100
+++ fcgi_protocol.c     2007-11-20 22:18:13.000000000 +0100
@@ -169,6 +169,35 @@
     }
 }
 
+/*******************************************************************************
+ * Taken from server/util_script.c. Unfortunately, this function is not defined
+ * in any header file.
+ */
+static char *fcgi_http2env(apr_pool_t *a, const char *w)
+{
+    char *res = (char *)apr_palloc(a, sizeof("HTTP_") + strlen(w));
+    char *cp = res;
+    char c;
+
+    *cp++ = 'H';
+    *cp++ = 'T';
+    *cp++ = 'T';
+    *cp++ = 'P';
+    *cp++ = '_';
+
+    while ((c = *w++) != 0) {
+        if (!apr_isalnum(c)) {
+            *cp++ = '_';
+        }
+        else {
+            *cp++ = apr_toupper(c);
+        }
+    }
+    *cp = 0;
+
+    return res;
+}
+
 static void add_pass_header_vars(fcgi_request *fr)
 {
     const array_header *ph = fr->dynamic ? dynamic_pass_headers : 
fr->fs->pass_headers;
@@ -180,7 +209,7 @@
         for ( ; i; --i, ++elt) {
             const char *val = ap_table_get(fr->r->headers_in, *elt);
             if (val) {
-                ap_table_setn(fr->r->subprocess_env, *elt, val);
+                ap_table_setn(fr->r->subprocess_env, fcgi_http2env 
(fr->r->pool, *elt), val);
             }
         }
     }
___________________________________
fastcgi-developers mailing list
http://fastcgi.com/fastcgi-developers/