fix authentication check bug with new split hosts

gbaz · web-flow · commit 2b8e5f611141 · 2025-04-08T23:27:26.000-04:00
diff --git a/src/Distribution/Server/Framework/Auth.hs b/src/Distribution/Server/Framework/Auth.hs
@@ -113,19 +113,17 @@ checkAuthenticated realm users ServerEnv { serverRequiredBaseHostHeader } = do
               { actualHost=Just hostHeaderValue
               , oughtToBeHost=serverRequiredBaseHostHeader
               }
-            else pure $ Left BadHost
-              { actualHost=Nothing
-              , oughtToBeHost=serverRequiredBaseHostHeader
-              }
-       Nothing -> do
+            else goCheck
+       Nothing -> goCheck
+  where
+    goCheck = do
          req <- askRq
          return $ case getHeaderAuth req of
            Just (DigestAuth, ahdr) -> checkDigestAuth users       ahdr req
            Just _ | plainHttp req  -> Left InsecureAuthError
            Just (BasicAuth,  ahdr) -> checkBasicAuth  users realm ahdr
            Just (AuthToken,  ahdr) -> checkTokenAuth  users       ahdr
            Nothing                 -> Left NoAuthError
-  where
     getHeaderAuth :: Request -> Maybe (AuthType, BS.ByteString)
     getHeaderAuth req =
         case getHeader "authorization" req of
