mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 23:58:49 -05:00
Moved the NTLM credentials to the connectdata struct instead, as NTLM
authenticates connections and not single requests. This should make it work better when we mix requests from multiple hosts. Problem pointed out by Cris Bailiff.
This commit is contained in:
parent
79749f8eb4
commit
06c86d1a8c
@ -92,8 +92,6 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn,
|
|||||||
char *header) /* rest of the www-authenticate:
|
char *header) /* rest of the www-authenticate:
|
||||||
header */
|
header */
|
||||||
{
|
{
|
||||||
struct SessionHandle *data=conn->data;
|
|
||||||
|
|
||||||
/* skip initial whitespaces */
|
/* skip initial whitespaces */
|
||||||
while(*header && isspace((int)*header))
|
while(*header && isspace((int)*header))
|
||||||
header++;
|
header++;
|
||||||
@ -122,20 +120,20 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn,
|
|||||||
|
|
||||||
int size = Curl_base64_decode(header, buffer);
|
int size = Curl_base64_decode(header, buffer);
|
||||||
|
|
||||||
data->state.ntlm.state = NTLMSTATE_TYPE2; /* we got a type-2 */
|
conn->ntlm.state = NTLMSTATE_TYPE2; /* we got a type-2 */
|
||||||
|
|
||||||
if(size >= 48)
|
if(size >= 48)
|
||||||
/* the nonce of interest is index [24 .. 31], 8 bytes */
|
/* the nonce of interest is index [24 .. 31], 8 bytes */
|
||||||
memcpy(data->state.ntlm.nonce, &buffer[24], 8);
|
memcpy(conn->ntlm.nonce, &buffer[24], 8);
|
||||||
|
|
||||||
/* at index decimal 20, there's a 32bit NTLM flag field */
|
/* at index decimal 20, there's a 32bit NTLM flag field */
|
||||||
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if(data->state.ntlm.state >= NTLMSTATE_TYPE1)
|
if(conn->ntlm.state >= NTLMSTATE_TYPE1)
|
||||||
return CURLNTLM_BAD;
|
return CURLNTLM_BAD;
|
||||||
|
|
||||||
data->state.ntlm.state = NTLMSTATE_TYPE1; /* we should sent away a
|
conn->ntlm.state = NTLMSTATE_TYPE1; /* we should sent away a
|
||||||
type-1 */
|
type-1 */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -284,7 +282,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
|
|||||||
char *base64=NULL;
|
char *base64=NULL;
|
||||||
|
|
||||||
unsigned char ntlm[256]; /* enough, unless the host/domain is very long */
|
unsigned char ntlm[256]; /* enough, unless the host/domain is very long */
|
||||||
switch(data->state.ntlm.state) {
|
switch(conn->ntlm.state) {
|
||||||
case NTLMSTATE_TYPE1:
|
case NTLMSTATE_TYPE1:
|
||||||
default: /* for the weird cases we (re)start here */
|
default: /* for the weird cases we (re)start here */
|
||||||
hostoff = 32;
|
hostoff = 32;
|
||||||
@ -392,7 +390,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
|
|||||||
user = data->state.user;
|
user = data->state.user;
|
||||||
userlen = strlen(user);
|
userlen = strlen(user);
|
||||||
|
|
||||||
mkhash(data->state.passwd, &data->state.ntlm.nonce[0], lmresp
|
mkhash(data->state.passwd, &conn->ntlm.nonce[0], lmresp
|
||||||
#ifdef USE_NTRESPONSES
|
#ifdef USE_NTRESPONSES
|
||||||
, ntresp
|
, ntresp
|
||||||
#endif
|
#endif
|
||||||
@ -519,7 +517,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
|
|||||||
else
|
else
|
||||||
return CURLE_OUT_OF_MEMORY; /* FIX TODO */
|
return CURLE_OUT_OF_MEMORY; /* FIX TODO */
|
||||||
|
|
||||||
data->state.ntlm.state = NTLMSTATE_TYPE3; /* we sent a type-3 */
|
conn->ntlm.state = NTLMSTATE_TYPE3; /* we sent a type-3 */
|
||||||
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
@ -528,6 +528,9 @@ struct connectdata {
|
|||||||
curl_read_callback fread; /* function that reads the input */
|
curl_read_callback fread; /* function that reads the input */
|
||||||
void *fread_in; /* pointer to pass to the fread() above */
|
void *fread_in; /* pointer to pass to the fread() above */
|
||||||
|
|
||||||
|
struct ntlmdata ntlm; /* NTLM differs from other authentication schemes
|
||||||
|
because it authenticates connections, not
|
||||||
|
single requests! */
|
||||||
};
|
};
|
||||||
|
|
||||||
/* The end of connectdata. */
|
/* The end of connectdata. */
|
||||||
@ -658,7 +661,6 @@ struct UrlState {
|
|||||||
is always set TRUE when curl_easy_perform() is called. */
|
is always set TRUE when curl_easy_perform() is called. */
|
||||||
|
|
||||||
struct digestdata digest;
|
struct digestdata digest;
|
||||||
struct ntlmdata ntlm;
|
|
||||||
|
|
||||||
#ifdef GSSAPI
|
#ifdef GSSAPI
|
||||||
struct negotiatedata negotiate;
|
struct negotiatedata negotiate;
|
||||||
|
Loading…
Reference in New Issue
Block a user