moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-12-21 23:58:49 -05:00
Code Issues Releases Wiki Activity

http: Added calls to Curl_auth_is_<mechansism>_supported()

Browse Source 
Hooked up the HTTP authentication layer to query the new 'is mechanism
supported' functions when deciding what mechanism to use.

As per commit 00417fd66c existing functionality is maintained for now.
This commit is contained in:
Steve Holme 2016-03-20 12:18:23 +00:00
parent d1bfb1cf54
commit 2708d4259b
1 changed files with 58 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
lib/http.c
View File

@ -784,23 +784,27 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
while(*auth) { while(*auth) {
#ifdef USE_SPNEGO #ifdef USE_SPNEGO
if(checkprefix("Negotiate", auth)) { if(checkprefix("Negotiate", auth)) {
*availp |= CURLAUTH_NEGOTIATE; if((authp->avail & CURLAUTH_NEGOTIATE) ||
authp->avail |= CURLAUTH_NEGOTIATE; Curl_auth_is_spnego_supported()) {
*availp |= CURLAUTH_NEGOTIATE;
authp->avail |= CURLAUTH_NEGOTIATE;
if(authp->picked == CURLAUTH_NEGOTIATE) { if(authp->picked == CURLAUTH_NEGOTIATE) {
if(negdata->state == GSS_AUTHSENT || negdata->state == GSS_AUTHNONE) { if(negdata->state == GSS_AUTHSENT ||
CURLcode result = Curl_input_negotiate(conn, proxy, auth); negdata->state == GSS_AUTHNONE) {
if(!result) { CURLcode result = Curl_input_negotiate(conn, proxy, auth);
DEBUGASSERT(!data->req.newurl); if(!result) {
data->req.newurl = strdup(data->change.url); DEBUGASSERT(!data->req.newurl);
if(!data->req.newurl) data->req.newurl = strdup(data->change.url);
return CURLE_OUT_OF_MEMORY; if(!data->req.newurl)
data->state.authproblem = FALSE; return CURLE_OUT_OF_MEMORY;
/* we received a GSS auth token and we dealt with it fine */ data->state.authproblem = FALSE;
negdata->state = GSS_AUTHRECV; /* we received a GSS auth token and we dealt with it fine */
negdata->state = GSS_AUTHRECV;
}
else
data->state.authproblem = TRUE;
} }
else
data->state.authproblem = TRUE;
} }
} }
} }
@ -809,39 +813,44 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
#ifdef USE_NTLM #ifdef USE_NTLM
/* NTLM support requires the SSL crypto libs */ /* NTLM support requires the SSL crypto libs */
if(checkprefix("NTLM", auth)) { if(checkprefix("NTLM", auth)) {
*availp |= CURLAUTH_NTLM; if((authp->avail & CURLAUTH_NTLM) ||
authp->avail |= CURLAUTH_NTLM; (authp->avail & CURLAUTH_NTLM_WB) ||
if(authp->picked == CURLAUTH_NTLM || Curl_auth_is_ntlm_supported()) {
authp->picked == CURLAUTH_NTLM_WB) { *availp |= CURLAUTH_NTLM;
/* NTLM authentication is picked and activated */ authp->avail |= CURLAUTH_NTLM;
CURLcode result = Curl_input_ntlm(conn, proxy, auth);
if(!result) {
data->state.authproblem = FALSE;
#ifdef NTLM_WB_ENABLED
if(authp->picked == CURLAUTH_NTLM_WB) {
*availp &= ~CURLAUTH_NTLM;
authp->avail &= ~CURLAUTH_NTLM;
*availp |= CURLAUTH_NTLM_WB;
authp->avail |= CURLAUTH_NTLM_WB;
/* Get the challenge-message which will be passed to if(authp->picked == CURLAUTH_NTLM ||
* ntlm_auth for generating the type 3 message later */ authp->picked == CURLAUTH_NTLM_WB) {
while(*auth && ISSPACE(*auth)) /* NTLM authentication is picked and activated */
auth++; CURLcode result = Curl_input_ntlm(conn, proxy, auth);
if(checkprefix("NTLM", auth)) { if(!result) {
auth += strlen("NTLM"); data->state.authproblem = FALSE;
#ifdef NTLM_WB_ENABLED
if(authp->picked == CURLAUTH_NTLM_WB) {
*availp &= ~CURLAUTH_NTLM;
authp->avail &= ~CURLAUTH_NTLM;
*availp |= CURLAUTH_NTLM_WB;
authp->avail |= CURLAUTH_NTLM_WB;
/* Get the challenge-message which will be passed to
* ntlm_auth for generating the type 3 message later */
while(*auth && ISSPACE(*auth)) while(*auth && ISSPACE(*auth))
auth++; auth++;
if(*auth) if(checkprefix("NTLM", auth)) {
if((conn->challenge_header = strdup(auth)) == NULL) auth += strlen("NTLM");
return CURLE_OUT_OF_MEMORY; while(*auth && ISSPACE(*auth))
auth++;
if(*auth)
if((conn->challenge_header = strdup(auth)) == NULL)
return CURLE_OUT_OF_MEMORY;
}
} }
}
#endif #endif
} }
else { else {
infof(data, "Authentication problem. Ignoring this.\n"); infof(data, "Authentication problem. Ignoring this.\n");
data->state.authproblem = TRUE; data->state.authproblem = TRUE;
}
} }
} }
} }
@ -852,15 +861,17 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
if((authp->avail & CURLAUTH_DIGEST) != 0) { if((authp->avail & CURLAUTH_DIGEST) != 0) {
infof(data, "Ignoring duplicate digest auth header.\n"); infof(data, "Ignoring duplicate digest auth header.\n");
} }
else { else if((authp->avail & CURLAUTH_DIGEST) ||
Curl_auth_is_digest_supported()) {
CURLcode result; CURLcode result;
*availp |= CURLAUTH_DIGEST; *availp |= CURLAUTH_DIGEST;
authp->avail |= CURLAUTH_DIGEST; authp->avail |= CURLAUTH_DIGEST;
/* We call this function on input Digest headers even if Digest /* We call this function on input Digest headers even if Digest
* authentication isn't activated yet, as we need to store the * authentication isn't activated yet, as we need to store the
* incoming data from this header in case we are gonna use * incoming data from this header in case we are going to use
* Digest. */ * Digest */
result = Curl_input_digest(conn, proxy, auth); result = Curl_input_digest(conn, proxy, auth);
if(result) { if(result) {
infof(data, "Authentication problem. Ignoring this.\n"); infof(data, "Authentication problem. Ignoring this.\n");