RFC compliant CGI AUTH_TYPE usage

* Handle the content of the CGI AUTH_TYPE variable case-insensitively as defined
  by RFC 3875 Section 4.1.1.

ChangeLog

@@ -1,3 +1,7 @@
+2013-03-23  Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
+	* Handle the content of the CGI AUTH_TYPE variable case-insensitively as
+	  defined by RFC 3875 Section 4.1.1.
+
 2013-03-21  Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
 	* Changed the pathnames of the debug files to be a bit more FHS
 	  compliant.

debian/changelog

@@ -1,6 +1,6 @@
 davical (1.1.2-1) unstable; urgency=low
 
-  * New upstream release (closes:#702403, #703290, #703387)
+  * New upstream release (closes:#702403, #703290, #703383, #703387)
   * Updated the control file Vcs-* fields to the new addresses of the
     canonical git upstream repository.
 

inc/HTTPAuthSession.php

@@ -114,10 +114,10 @@ class HTTPAuthSession {
     else if ( isset($c->authenticate_hook['server_auth_type'])
               && isset($_SERVER['REMOTE_USER']) && !empty($_SERVER['REMOTE_USER'])) {
       if ( ( is_array($c->authenticate_hook['server_auth_type'])
-                    && in_array($_SERVER['AUTH_TYPE'], $c->authenticate_hook['server_auth_type']) )
+                    && in_array( strtolower($_SERVER['AUTH_TYPE']), array_map('strtolower', $c->authenticate_hook['server_auth_type'])) )
          ||
            ( !is_array($c->authenticate_hook['server_auth_type'])
-                    && $c->authenticate_hook['server_auth_type'] == $_SERVER['AUTH_TYPE'] )
+                    && strtolower($c->authenticate_hook['server_auth_type']) == strtolower($_SERVER['AUTH_TYPE']) )
          ) {
         /**
         * The authentication has happened in the server, and we should accept it.