mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 15:48:49 -05:00
digest_sspi: Don't reuse context if the user/passwd has changed
Bug: https://github.com/curl/curl/issues/1685 Reported-by: paulharris@users.noreply.github.com Assisted-by: Isaac Boukris Closes https://github.com/curl/curl/pull/1742
This commit is contained in:
parent
7e949de1d2
commit
0b5665c98a
@ -417,6 +417,10 @@ struct digestdata {
|
||||
BYTE *input_token;
|
||||
size_t input_token_len;
|
||||
CtxtHandle *http_context;
|
||||
/* copy of user/passwd used to make the identity for http_context.
|
||||
either may be NULL. */
|
||||
char *user;
|
||||
char *passwd;
|
||||
#else
|
||||
char *nonce;
|
||||
char *cnonce;
|
||||
|
@ -438,6 +438,20 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
/* If the user/passwd that was used to make the identity for http_context
|
||||
has changed then delete that context. */
|
||||
if((userp && !digest->user) || (!userp && digest->user) ||
|
||||
(passwdp && !digest->passwd) || (!passwdp && digest->passwd) ||
|
||||
(userp && digest->user && strcmp(userp, digest->user)) ||
|
||||
(passwdp && digest->passwd && strcmp(passwdp, digest->passwd))) {
|
||||
if(digest->http_context) {
|
||||
s_pSecFn->DeleteSecurityContext(digest->http_context);
|
||||
Curl_safefree(digest->http_context);
|
||||
}
|
||||
Curl_safefree(digest->user);
|
||||
Curl_safefree(digest->passwd);
|
||||
}
|
||||
|
||||
if(digest->http_context) {
|
||||
chlg_desc.ulVersion = SECBUFFER_VERSION;
|
||||
chlg_desc.cBuffers = 5;
|
||||
@ -479,6 +493,10 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
||||
TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */
|
||||
TCHAR *spn;
|
||||
|
||||
/* free the copy of user/passwd used to make the previous identity */
|
||||
Curl_safefree(digest->user);
|
||||
Curl_safefree(digest->passwd);
|
||||
|
||||
if(userp && *userp) {
|
||||
/* Populate our identity structure */
|
||||
if(Curl_create_sspi_identity(userp, passwdp, &identity)) {
|
||||
@ -500,6 +518,25 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
||||
/* Use the current Windows user */
|
||||
p_identity = NULL;
|
||||
|
||||
if(userp) {
|
||||
digest->user = strdup(userp);
|
||||
|
||||
if(!digest->user) {
|
||||
free(output_token);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
}
|
||||
|
||||
if(passwdp) {
|
||||
digest->passwd = strdup(passwdp);
|
||||
|
||||
if(!digest->passwd) {
|
||||
free(output_token);
|
||||
Curl_safefree(digest->user);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
}
|
||||
|
||||
/* Acquire our credentials handle */
|
||||
status = s_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
(TCHAR *) TEXT(SP_NAME_DIGEST),
|
||||
@ -623,6 +660,10 @@ void Curl_auth_digest_cleanup(struct digestdata *digest)
|
||||
s_pSecFn->DeleteSecurityContext(digest->http_context);
|
||||
Curl_safefree(digest->http_context);
|
||||
}
|
||||
|
||||
/* Free the copy of user/passwd used to make the identity for http_context */
|
||||
Curl_safefree(digest->user);
|
||||
Curl_safefree(digest->passwd);
|
||||
}
|
||||
|
||||
#endif /* USE_WINDOWS_SSPI && !CURL_DISABLE_CRYPTO_AUTH */
|
||||
|
Loading…
Reference in New Issue
Block a user