From 4ddf5d92f24121f4fdc3af48cca17724f6f4aea6 Mon Sep 17 00:00:00 2001
From: josh4trunks <joshruehlig@gmail.com>
Date: Sun, 23 Mar 2014 19:29:03 -0700
Subject: [PATCH 1/6] Fixes login / logout when HTTP Basic Headers are
 avilable.

---
 config/config.sample.php |  6 +++---
 lib/base.php             | 28 +++++++++++++++-------------
 2 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/config/config.sample.php b/config/config.sample.php
index adcc175e2fae..8430b8d6539d 100755
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -178,12 +178,12 @@
 /* Enable or disable the logging of IP addresses in case of webform auth failures */
 "log_authfailip" => false,
 
+<<<<<<< HEAD
 /* Whether ownCloud should log the last successfull cron exec */
 "cron_log" => true,
 
-/* Whether http-basic username must equal username to login */
-"basic_auth" => true,
-
+=======
+>>>>>>> Fixes login / logout when HTTP Basic Headers are avilable.
 /*
  * Configure the size in bytes log rotation should happen, 0 or false disables the rotation.
  * This rotates the current owncloud logfile to a new name, this way the total log usage
diff --git a/lib/base.php b/lib/base.php
index 15a3ec8bc8ac..2141695a93d6 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -538,17 +538,6 @@ public static function init() {
 		OC_User::useBackend(new OC_User_Database());
 		OC_Group::useBackend(new OC_Group_Database());
 
-		$basic_auth = OC_Config::getValue('basic_auth', true);
-		if ($basic_auth && isset($_SERVER['PHP_AUTH_USER']) && self::$session->exists('loginname')
-			&& $_SERVER['PHP_AUTH_USER'] !== self::$session->get('loginname')) {
-			$sessionUser = self::$session->get('loginname');
-			$serverUser = $_SERVER['PHP_AUTH_USER'];
-			OC_Log::write('core',
-				"Session loginname ($sessionUser) doesn't match SERVER[PHP_AUTH_USER] ($serverUser).",
-				OC_Log::WARN);
-			OC_User::logout();
-		}
-
 		// Load minimum set of apps - which is filesystem, authentication and logging
 		if (!self::checkUpgrade(false)) {
 			OC_App::loadApps(array('authentication'));
@@ -697,8 +686,10 @@ public static function handleRequest() {
 			self::checkUpgrade();
 		}
 
-		// Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
-		OC::tryBasicAuthLogin();
+		if (!OC_User::isLoggedIn()) {
+			// Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
+			OC::tryBasicAuthLogin();
+		}
 
 		if (!self::$CLI and (!isset($_GET["logout"]) or ($_GET["logout"] !== 'true'))) {
 			try {
@@ -749,6 +740,16 @@ public static function handleRequest() {
 				if (isset($_COOKIE['oc_token'])) {
 					OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
 				}
+				if (isset($_SERVER['PHP_AUTH_USER'])) {
+					$cookie_path = OC::$WEBROOT ? : '/';
+					if (isset($_COOKIE['oc_ignore_php_auth_user'])) {
+						// Ignore HTTP Authentication for 5 more mintues.
+						setcookie('oc_ignore_php_auth_user', '', time() + 300, $cookie_path);
+					} else {
+						// Ignore HTTP Aunthentication to allow a different user to log in.
+						setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], 0, $cookie_path);
+					}
+				}
 				OC_User::logout();
 				// redirect to webroot and add slash if webroot is empty
 				header("Location: " . OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : ''));
@@ -914,6 +915,7 @@ protected static function tryFormLogin() {
 	protected static function tryBasicAuthLogin() {
 		if (!isset($_SERVER["PHP_AUTH_USER"])
 			|| !isset($_SERVER["PHP_AUTH_PW"])
+			|| (isset($_COOKIE['oc_ignore_php_auth_user']) && $_COOKIE['oc_ignore_php_auth_user'] === $_SERVER['PHP_AUTH_USER'])
 		) {
 			return false;
 		}

From 63df8354da7da5b7edc47432e84a9cb25de3f351 Mon Sep 17 00:00:00 2001
From: josh4trunks <joshruehlig@gmail.com>
Date: Sun, 23 Mar 2014 20:05:06 -0700
Subject: [PATCH 2/6] Don't to set the cookie it wasn't needed.

---
 lib/base.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/base.php b/lib/base.php
index 2141695a93d6..28cc24f9287b 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -745,7 +745,7 @@ public static function handleRequest() {
 					if (isset($_COOKIE['oc_ignore_php_auth_user'])) {
 						// Ignore HTTP Authentication for 5 more mintues.
 						setcookie('oc_ignore_php_auth_user', '', time() + 300, $cookie_path);
-					} else {
+					} elseif ($_SERVER['PHP_AUTH_USER'] === self::$session->get('loginname')) {
 						// Ignore HTTP Aunthentication to allow a different user to log in.
 						setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], 0, $cookie_path);
 					}

From d1106f17491e3a0da623f9b325e2eaf3aa4af491 Mon Sep 17 00:00:00 2001
From: josh4trunks <joshruehlig@gmail.com>
Date: Sun, 23 Mar 2014 21:39:29 -0700
Subject: [PATCH 3/6] cookie would be useless if value is not set

---
 lib/base.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/base.php b/lib/base.php
index 28cc24f9287b..e86894ef2905 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -744,7 +744,7 @@ public static function handleRequest() {
 					$cookie_path = OC::$WEBROOT ? : '/';
 					if (isset($_COOKIE['oc_ignore_php_auth_user'])) {
 						// Ignore HTTP Authentication for 5 more mintues.
-						setcookie('oc_ignore_php_auth_user', '', time() + 300, $cookie_path);
+						setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], time() + 300, $cookie_path);
 					} elseif ($_SERVER['PHP_AUTH_USER'] === self::$session->get('loginname')) {
 						// Ignore HTTP Aunthentication to allow a different user to log in.
 						setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], 0, $cookie_path);

From a2661447504cbbf00d9f0b32159fa7311dcbc479 Mon Sep 17 00:00:00 2001
From: josh4trunks <joshruehlig@gmail.com>
Date: Mon, 24 Mar 2014 18:46:42 -0700
Subject: [PATCH 4/6] Don't always $cookie_path, only set it when needed

---
 lib/base.php | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/lib/base.php b/lib/base.php
index e86894ef2905..819e22d96fe1 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -741,13 +741,12 @@ public static function handleRequest() {
 					OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
 				}
 				if (isset($_SERVER['PHP_AUTH_USER'])) {
-					$cookie_path = OC::$WEBROOT ? : '/';
 					if (isset($_COOKIE['oc_ignore_php_auth_user'])) {
 						// Ignore HTTP Authentication for 5 more mintues.
-						setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], time() + 300, $cookie_path);
+						setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], time() + 300, OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : ''));
 					} elseif ($_SERVER['PHP_AUTH_USER'] === self::$session->get('loginname')) {
 						// Ignore HTTP Aunthentication to allow a different user to log in.
-						setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], 0, $cookie_path);
+						setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], 0, OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : ''));
 					}
 				}
 				OC_User::logout();

From 5b402aa846a5894bc7e290e193ab6160deec4133 Mon Sep 17 00:00:00 2001
From: josh4trunks <joshruehlig@gmail.com>
Date: Thu, 3 Apr 2014 07:32:48 -0700
Subject: [PATCH 5/6] Fixed Typo

---
 lib/base.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/base.php b/lib/base.php
index 819e22d96fe1..b06cd3e986f8 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -745,7 +745,7 @@ public static function handleRequest() {
 						// Ignore HTTP Authentication for 5 more mintues.
 						setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], time() + 300, OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : ''));
 					} elseif ($_SERVER['PHP_AUTH_USER'] === self::$session->get('loginname')) {
-						// Ignore HTTP Aunthentication to allow a different user to log in.
+						// Ignore HTTP Authentication to allow a different user to log in.
 						setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], 0, OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : ''));
 					}
 				}

From 2d9b46e3b9dc2ceb8e21c23a905891aa9c33151e Mon Sep 17 00:00:00 2001
From: josh4trunks <joshruehlig@gmail.com>
Date: Thu, 3 Apr 2014 22:17:31 -0700
Subject: [PATCH 6/6] Remove missed stuff from merge

---
 config/config.sample.php | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/config/config.sample.php b/config/config.sample.php
index 8430b8d6539d..92b534d43de3 100755
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -178,12 +178,9 @@
 /* Enable or disable the logging of IP addresses in case of webform auth failures */
 "log_authfailip" => false,
 
-<<<<<<< HEAD
 /* Whether ownCloud should log the last successfull cron exec */
 "cron_log" => true,
 
-=======
->>>>>>> Fixes login / logout when HTTP Basic Headers are avilable.
 /*
  * Configure the size in bytes log rotation should happen, 0 or false disables the rotation.
  * This rotates the current owncloud logfile to a new name, this way the total log usage